projects / linux-2.6-block.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
Merge tag 'upstream-4.7-rc1' of git://git.infradead.org/linux-ubifs
[linux-2.6-block.git] / drivers / bluetooth / hci_bcsp.c
CommitLineData
1da177e4 1/*
0372a662
MH		 2 *
3 * Bluetooth HCI UART driver
4 *
5 * Copyright (C) 2002-2003 Fabrizio Gennari <fabrizio.gennari@philips.com>
6 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org>
7 *
8 *
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
13 *
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
18 *
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
22 *
1da177e4
LT		 23 */
24
1da177e4
LT		 25#include <linux/module.h>
26
27#include <linux/kernel.h>
28#include <linux/init.h>
1da177e4
LT		 29#include <linux/types.h>
30#include <linux/fcntl.h>
31#include <linux/interrupt.h>
32#include <linux/ptrace.h>
33#include <linux/poll.h>
34
35#include <linux/slab.h>
36#include <linux/tty.h>
37#include <linux/errno.h>
38#include <linux/string.h>
39#include <linux/signal.h>
40#include <linux/ioctl.h>
41#include <linux/skbuff.h>
c5ec5140
HH		 42#include <linux/bitrev.h>
43#include <asm/unaligned.h>
1da177e4
LT		 44
45#include <net/bluetooth/bluetooth.h>
46#include <net/bluetooth/hci_core.h>
0372a662 47
1da177e4 48#include "hci_uart.h"
1da177e4 49
bff6b89f
SV		 50static bool txcrc = true;
51static bool hciextn = true;
1da177e4 52
0372a662
MH		 53#define BCSP_TXWINSIZE 4
54
55#define BCSP_ACK_PKT 0x05
56#define BCSP_LE_PKT 0x06
57
58struct bcsp_struct {
59 struct sk_buff_head unack; /* Unack'ed packets queue */
60 struct sk_buff_head rel; /* Reliable packets queue */
61 struct sk_buff_head unrel; /* Unreliable packets queue */
62
63 unsigned long rx_count;
64 struct sk_buff *rx_skb;
65 u8 rxseq_txack; /* rxseq == txack. */
66 u8 rxack; /* Last packet sent by us that the peer ack'ed */
67 struct timer_list tbcsp;
68
69 enum {
70 BCSP_W4_PKT_DELIMITER,
71 BCSP_W4_PKT_START,
72 BCSP_W4_BCSP_HDR,
73 BCSP_W4_DATA,
74 BCSP_W4_CRC
75 } rx_state;
76
77 enum {
78 BCSP_ESCSTATE_NOESC,
79 BCSP_ESCSTATE_ESC
80 } rx_esc_state;
81
82 u8 use_crc;
83 u16 message_crc;
84 u8 txack_req; /* Do we need to send ack's to the peer? */
85
86 /* Reliable packet sequence number - used to assign seq to each rel pkt. */
87 u8 msgq_txseq;
88};
89
1da177e4
LT		 90/* ---- BCSP CRC calculation ---- */
91
92/* Table for calculating CRC for polynomial 0x1021, LSB processed first,
93initial value 0xffff, bits shifted in reverse order. */
94
95static const u16 crc_table[] = {
96 0x0000, 0x1081, 0x2102, 0x3183,
97 0x4204, 0x5285, 0x6306, 0x7387,
98 0x8408, 0x9489, 0xa50a, 0xb58b,
99 0xc60c, 0xd68d, 0xe70e, 0xf78f
100};
101
102/* Initialise the crc calculator */
103#define BCSP_CRC_INIT(x) x = 0xffff
104
8805eea2
MZ		 105/* Update crc with next data byte
106 *
107 * Implementation note
108 * The data byte is treated as two nibbles. The crc is generated
109 * in reverse, i.e., bits are fed into the register from the top.
110 */
1da177e4
LT		 111static void bcsp_crc_update(u16 *crc, u8 d)
112{
113 u16 reg = *crc;
114
115 reg = (reg >> 4) ^ crc_table[(reg ^ d) & 0x000f];
116 reg = (reg >> 4) ^ crc_table[(reg ^ (d >> 4)) & 0x000f];
117
118 *crc = reg;
119}
120
1da177e4
LT		 121/* ---- BCSP core ---- */
122
123static void bcsp_slip_msgdelim(struct sk_buff *skb)
124{
125 const char pkt_delim = 0xc0;
0372a662 126
1da177e4
LT		 127 memcpy(skb_put(skb, 1), &pkt_delim, 1);
128}
129
130static void bcsp_slip_one_byte(struct sk_buff *skb, u8 c)
131{
132 const char esc_c0[2] = { 0xdb, 0xdc };
133 const char esc_db[2] = { 0xdb, 0xdd };
134
135 switch (c) {
136 case 0xc0:
137 memcpy(skb_put(skb, 2), &esc_c0, 2);
138 break;
139 case 0xdb:
140 memcpy(skb_put(skb, 2), &esc_db, 2);
141 break;
142 default:
143 memcpy(skb_put(skb, 1), &c, 1);
144 }
145}
146
147static int bcsp_enqueue(struct hci_uart *hu, struct sk_buff *skb)
148{
149 struct bcsp_struct *bcsp = hu->priv;
150
151 if (skb->len > 0xFFF) {
152 BT_ERR("Packet too long");
153 kfree_skb(skb);
154 return 0;
155 }
156
618e8bc2 157 switch (hci_skb_pkt_type(skb)) {
1da177e4
LT		 158 case HCI_ACLDATA_PKT:
159 case HCI_COMMAND_PKT:
160 skb_queue_tail(&bcsp->rel, skb);
161 break;
162
163 case HCI_SCODATA_PKT:
164 skb_queue_tail(&bcsp->unrel, skb);
165 break;
166
167 default:
168 BT_ERR("Unknown packet type");
169 kfree_skb(skb);
170 break;
171 }
172
173 return 0;
174}
175
176static struct sk_buff *bcsp_prepare_pkt(struct bcsp_struct *bcsp, u8 *data,
177 int len, int pkt_type)
178{
179 struct sk_buff *nskb;
180 u8 hdr[4], chan;
1da177e4 181 u16 BCSP_CRC_INIT(bcsp_txmsg_crc);
20dd6f59 182 int rel, i;
1da177e4
LT		 183
184 switch (pkt_type) {
185 case HCI_ACLDATA_PKT:
186 chan = 6; /* BCSP ACL channel */
187 rel = 1; /* reliable channel */
188 break;
189 case HCI_COMMAND_PKT:
190 chan = 5; /* BCSP cmd/evt channel */
191 rel = 1; /* reliable channel */
192 break;
193 case HCI_SCODATA_PKT:
194 chan = 7; /* BCSP SCO channel */
195 rel = 0; /* unreliable channel */
196 break;
197 case BCSP_LE_PKT:
198 chan = 1; /* BCSP LE channel */
199 rel = 0; /* unreliable channel */
200 break;
201 case BCSP_ACK_PKT:
202 chan = 0; /* BCSP internal channel */
203 rel = 0; /* unreliable channel */
204 break;
205 default:
206 BT_ERR("Unknown packet type");
207 return NULL;
208 }
209
210 if (hciextn && chan == 5) {
c5ec5140 211 __le16 opcode = ((struct hci_command_hdr *)data)->opcode;
1da177e4 212
a9de9248 213 /* Vendor specific commands */
c5ec5140 214 if (hci_opcode_ogf(__le16_to_cpu(opcode)) == 0x3f) {
1da177e4
LT		 215 u8 desc = *(data + HCI_COMMAND_HDR_SIZE);
216 if ((desc & 0xf0) == 0xc0) {
217 data += HCI_COMMAND_HDR_SIZE + 1;
218 len -= HCI_COMMAND_HDR_SIZE + 1;
219 chan = desc & 0x0f;
220 }
221 }
222 }
223
224 /* Max len of packet: (original len +4(bcsp hdr) +2(crc))*2
8805eea2
MZ		 225 * (because bytes 0xc0 and 0xdb are escaped, worst case is
226 * when the packet is all made of 0xc0 and 0xdb :) )
227 * + 2 (0xc0 delimiters at start and end).
228 */
1da177e4
LT		 229
230 nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC);
231 if (!nskb)
232 return NULL;
233
618e8bc2 234 hci_skb_pkt_type(nskb) = pkt_type;
1da177e4
LT		 235
236 bcsp_slip_msgdelim(nskb);
237
238 hdr[0] = bcsp->rxseq_txack << 3;
239 bcsp->txack_req = 0;
240 BT_DBG("We request packet no %u to card", bcsp->rxseq_txack);
241
242 if (rel) {
243 hdr[0] |= 0x80 + bcsp->msgq_txseq;
244 BT_DBG("Sending packet with seqno %u", bcsp->msgq_txseq);
dd1589a4 245 bcsp->msgq_txseq = (bcsp->msgq_txseq + 1) & 0x07;
1da177e4 246 }
20dd6f59
MH		 247
248 if (bcsp->use_crc)
249 hdr[0] |= 0x40;
1da177e4
LT		 250
251 hdr[1] = ((len << 4) & 0xff) | chan;
252 hdr[2] = len >> 4;
253 hdr[3] = ~(hdr[0] + hdr[1] + hdr[2]);
254
255 /* Put BCSP header */
256 for (i = 0; i < 4; i++) {
257 bcsp_slip_one_byte(nskb, hdr[i]);
20dd6f59
MH		 258
259 if (bcsp->use_crc)
260 bcsp_crc_update(&bcsp_txmsg_crc, hdr[i]);
1da177e4
LT		 261 }
262
263 /* Put payload */
264 for (i = 0; i < len; i++) {
265 bcsp_slip_one_byte(nskb, data[i]);
20dd6f59
MH		 266
267 if (bcsp->use_crc)
268 bcsp_crc_update(&bcsp_txmsg_crc, data[i]);
1da177e4
LT		 269 }
270
1da177e4 271 /* Put CRC */
20dd6f59 272 if (bcsp->use_crc) {
c5ec5140 273 bcsp_txmsg_crc = bitrev16(bcsp_txmsg_crc);
20dd6f59
MH		 274 bcsp_slip_one_byte(nskb, (u8) ((bcsp_txmsg_crc >> 8) & 0x00ff));
275 bcsp_slip_one_byte(nskb, (u8) (bcsp_txmsg_crc & 0x00ff));
276 }
1da177e4
LT		 277
278 bcsp_slip_msgdelim(nskb);
279 return nskb;
280}
281
282/* This is a rewrite of pkt_avail in ABCSP */
283static struct sk_buff *bcsp_dequeue(struct hci_uart *hu)
284{
285 struct bcsp_struct *bcsp = hu->priv;
286 unsigned long flags;
287 struct sk_buff *skb;
8805eea2 288
1da177e4
LT		 289 /* First of all, check for unreliable messages in the queue,
290 since they have priority */
291
a08b15e6
VI		 292 skb = skb_dequeue(&bcsp->unrel);
293 if (skb != NULL) {
618e8bc2
MH		 294 struct sk_buff *nskb;
295
296 nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len,
297 hci_skb_pkt_type(skb));
1da177e4
LT		 298 if (nskb) {
299 kfree_skb(skb);
300 return nskb;
301 } else {
302 skb_queue_head(&bcsp->unrel, skb);
303 BT_ERR("Could not dequeue pkt because alloc_skb failed");
304 }
305 }
306
307 /* Now, try to send a reliable pkt. We can only send a
8805eea2
MZ		 308 * reliable packet if the number of packets sent but not yet ack'ed
309 * is < than the winsize
310 */
1da177e4 311
f89d75f2 312 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING);
1da177e4 313
a08b15e6
VI		 314 if (bcsp->unack.qlen < BCSP_TXWINSIZE) {
315 skb = skb_dequeue(&bcsp->rel);
316 if (skb != NULL) {
618e8bc2
MH		 317 struct sk_buff *nskb;
318
319 nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len,
320 hci_skb_pkt_type(skb));
a08b15e6
VI		 321 if (nskb) {
322 __skb_queue_tail(&bcsp->unack, skb);
323 mod_timer(&bcsp->tbcsp, jiffies + HZ / 4);
324 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
325 return nskb;
326 } else {
327 skb_queue_head(&bcsp->rel, skb);
328 BT_ERR("Could not dequeue pkt because alloc_skb failed");
329 }
1da177e4
LT		 330 }
331 }
332
333 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
334
1da177e4 335 /* We could not send a reliable packet, either because there are
8805eea2
MZ		 336 * none or because there are too many unack'ed pkts. Did we receive
337 * any packets we have not acknowledged yet ?
338 */
1da177e4
LT		 339
340 if (bcsp->txack_req) {
341 /* if so, craft an empty ACK pkt and send it on BCSP unreliable
8805eea2
MZ		 342 * channel 0
343 */
1da177e4
LT		 344 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, NULL, 0, BCSP_ACK_PKT);
345 return nskb;
346 }
347
348 /* We have nothing to send */
349 return NULL;
350}
351
352static int bcsp_flush(struct hci_uart *hu)
353{
354 BT_DBG("hu %p", hu);
355 return 0;
356}
357
358/* Remove ack'ed packets */
359static void bcsp_pkt_cull(struct bcsp_struct *bcsp)
360{
8fc5387c 361 struct sk_buff *skb, *tmp;
1da177e4 362 unsigned long flags;
1da177e4
LT		 363 int i, pkts_to_be_removed;
364 u8 seqno;
365
366 spin_lock_irqsave(&bcsp->unack.lock, flags);
367
8fc5387c 368 pkts_to_be_removed = skb_queue_len(&bcsp->unack);
1da177e4
LT		 369 seqno = bcsp->msgq_txseq;
370
371 while (pkts_to_be_removed) {
372 if (bcsp->rxack == seqno)
373 break;
374 pkts_to_be_removed--;
375 seqno = (seqno - 1) & 0x07;
376 }
377
378 if (bcsp->rxack != seqno)
379 BT_ERR("Peer acked invalid packet");
380
381 BT_DBG("Removing %u pkts out of %u, up to seqno %u",
8fc5387c
DM		 382 pkts_to_be_removed, skb_queue_len(&bcsp->unack),
383 (seqno - 1) & 0x07);
1da177e4 384
8fc5387c
DM		 385 i = 0;
386 skb_queue_walk_safe(&bcsp->unack, skb, tmp) {
d2e353f7 387 if (i >= pkts_to_be_removed)
8fc5387c 388 break;
d2e353f7 389 i++;
1da177e4 390
1da177e4
LT		 391 __skb_unlink(skb, &bcsp->unack);
392 kfree_skb(skb);
1da177e4 393 }
0372a662 394
8fc5387c 395 if (skb_queue_empty(&bcsp->unack))
1da177e4 396 del_timer(&bcsp->tbcsp);
0372a662 397
1da177e4
LT		 398 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
399
400 if (i != pkts_to_be_removed)
401 BT_ERR("Removed only %u out of %u pkts", i, pkts_to_be_removed);
402}
403
404/* Handle BCSP link-establishment packets. When we
8805eea2
MZ		 405 * detect a "sync" packet, symptom that the BT module has reset,
406 * we do nothing :) (yet)
407 */
1da177e4
LT		 408static void bcsp_handle_le_pkt(struct hci_uart *hu)
409{
410 struct bcsp_struct *bcsp = hu->priv;
411 u8 conf_pkt[4] = { 0xad, 0xef, 0xac, 0xed };
412 u8 conf_rsp_pkt[4] = { 0xde, 0xad, 0xd0, 0xd0 };
413 u8 sync_pkt[4] = { 0xda, 0xdc, 0xed, 0xed };
414
415 /* spot "conf" pkts and reply with a "conf rsp" pkt */
416 if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 &&
417 !memcmp(&bcsp->rx_skb->data[4], conf_pkt, 4)) {
418 struct sk_buff *nskb = alloc_skb(4, GFP_ATOMIC);
419
420 BT_DBG("Found a LE conf pkt");
421 if (!nskb)
422 return;
423 memcpy(skb_put(nskb, 4), conf_rsp_pkt, 4);
618e8bc2 424 hci_skb_pkt_type(nskb) = BCSP_LE_PKT;
1da177e4
LT		 425
426 skb_queue_head(&bcsp->unrel, nskb);
427 hci_uart_tx_wakeup(hu);
428 }
429 /* Spot "sync" pkts. If we find one...disaster! */
430 else if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 &&
431 !memcmp(&bcsp->rx_skb->data[4], sync_pkt, 4)) {
432 BT_ERR("Found a LE sync pkt, card has reset");
433 }
434}
435
436static inline void bcsp_unslip_one_byte(struct bcsp_struct *bcsp, unsigned char byte)
437{
438 const u8 c0 = 0xc0, db = 0xdb;
439
440 switch (bcsp->rx_esc_state) {
441 case BCSP_ESCSTATE_NOESC:
442 switch (byte) {
443 case 0xdb:
444 bcsp->rx_esc_state = BCSP_ESCSTATE_ESC;
445 break;
446 default:
447 memcpy(skb_put(bcsp->rx_skb, 1), &byte, 1);
fe8de008 448 if ((bcsp->rx_skb->data[0] & 0x40) != 0 &&
1da177e4
LT		 449 bcsp->rx_state != BCSP_W4_CRC)
450 bcsp_crc_update(&bcsp->message_crc, byte);
451 bcsp->rx_count--;
452 }
453 break;
454
455 case BCSP_ESCSTATE_ESC:
456 switch (byte) {
457 case 0xdc:
458 memcpy(skb_put(bcsp->rx_skb, 1), &c0, 1);
fe8de008 459 if ((bcsp->rx_skb->data[0] & 0x40) != 0 &&
1da177e4 460 bcsp->rx_state != BCSP_W4_CRC)
fe8de008 461 bcsp_crc_update(&bcsp->message_crc, 0xc0);
1da177e4
LT		 462 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
463 bcsp->rx_count--;
464 break;
465
466 case 0xdd:
467 memcpy(skb_put(bcsp->rx_skb, 1), &db, 1);
fe8de008 468 if ((bcsp->rx_skb->data[0] & 0x40) != 0 &&
8805eea2 469 bcsp->rx_state != BCSP_W4_CRC)
fe8de008 470 bcsp_crc_update(&bcsp->message_crc, 0xdb);
1da177e4
LT		 471 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
472 bcsp->rx_count--;
473 break;
474
475 default:
fe8de008 476 BT_ERR("Invalid byte %02x after esc byte", byte);
1da177e4
LT		 477 kfree_skb(bcsp->rx_skb);
478 bcsp->rx_skb = NULL;
479 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
480 bcsp->rx_count = 0;
481 }
482 }
483}
484
858119e1 485static void bcsp_complete_rx_pkt(struct hci_uart *hu)
1da177e4
LT		 486{
487 struct bcsp_struct *bcsp = hu->priv;
488 int pass_up;
489
490 if (bcsp->rx_skb->data[0] & 0x80) { /* reliable pkt */
491 BT_DBG("Received seqno %u from card", bcsp->rxseq_txack);
492 bcsp->rxseq_txack++;
493 bcsp->rxseq_txack %= 0x8;
494 bcsp->txack_req = 1;
495
496 /* If needed, transmit an ack pkt */
497 hci_uart_tx_wakeup(hu);
498 }
499
500 bcsp->rxack = (bcsp->rx_skb->data[0] >> 3) & 0x07;
501 BT_DBG("Request for pkt %u from card", bcsp->rxack);
502
503 bcsp_pkt_cull(bcsp);
504 if ((bcsp->rx_skb->data[1] & 0x0f) == 6 &&
505 bcsp->rx_skb->data[0] & 0x80) {
618e8bc2 506 hci_skb_pkt_type(bcsp->rx_skb) = HCI_ACLDATA_PKT;
1da177e4
LT		 507 pass_up = 1;
508 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 5 &&
509 bcsp->rx_skb->data[0] & 0x80) {
618e8bc2 510 hci_skb_pkt_type(bcsp->rx_skb) = HCI_EVENT_PKT;
1da177e4
LT		 511 pass_up = 1;
512 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 7) {
618e8bc2 513 hci_skb_pkt_type(bcsp->rx_skb) = HCI_SCODATA_PKT;
1da177e4
LT		 514 pass_up = 1;
515 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 1 &&
516 !(bcsp->rx_skb->data[0] & 0x80)) {
517 bcsp_handle_le_pkt(hu);
518 pass_up = 0;
519 } else
520 pass_up = 0;
521
522 if (!pass_up) {
523 struct hci_event_hdr hdr;
524 u8 desc = (bcsp->rx_skb->data[1] & 0x0f);
525
526 if (desc != 0 && desc != 1) {
527 if (hciextn) {
528 desc |= 0xc0;
529 skb_pull(bcsp->rx_skb, 4);
530 memcpy(skb_push(bcsp->rx_skb, 1), &desc, 1);
531
532 hdr.evt = 0xff;
533 hdr.plen = bcsp->rx_skb->len;
534 memcpy(skb_push(bcsp->rx_skb, HCI_EVENT_HDR_SIZE), &hdr, HCI_EVENT_HDR_SIZE);
618e8bc2 535 hci_skb_pkt_type(bcsp->rx_skb) = HCI_EVENT_PKT;
1da177e4 536
e1a26170 537 hci_recv_frame(hu->hdev, bcsp->rx_skb);
1da177e4 538 } else {
fe8de008 539 BT_ERR("Packet for unknown channel (%u %s)",
1da177e4 540 bcsp->rx_skb->data[1] & 0x0f,
8805eea2 541 bcsp->rx_skb->data[0] & 0x80 ?
1da177e4
LT		 542 "reliable" : "unreliable");
543 kfree_skb(bcsp->rx_skb);
544 }
545 } else
546 kfree_skb(bcsp->rx_skb);
547 } else {
548 /* Pull out BCSP hdr */
549 skb_pull(bcsp->rx_skb, 4);
550
e1a26170 551 hci_recv_frame(hu->hdev, bcsp->rx_skb);
1da177e4 552 }
0372a662 553
1da177e4
LT		 554 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
555 bcsp->rx_skb = NULL;
556}
557
c5ec5140
HH		 558static u16 bscp_get_crc(struct bcsp_struct *bcsp)
559{
560 return get_unaligned_be16(&bcsp->rx_skb->data[bcsp->rx_skb->len - 2]);
561}
562
1da177e4 563/* Recv data */
9d1c40eb 564static int bcsp_recv(struct hci_uart *hu, const void *data, int count)
1da177e4
LT		 565{
566 struct bcsp_struct *bcsp = hu->priv;
9d1c40eb 567 const unsigned char *ptr;
1da177e4 568
8805eea2 569 BT_DBG("hu %p count %d rx_state %d rx_count %ld",
1da177e4
LT		 570 hu, count, bcsp->rx_state, bcsp->rx_count);
571
572 ptr = data;
573 while (count) {
574 if (bcsp->rx_count) {
575 if (*ptr == 0xc0) {
576 BT_ERR("Short BCSP packet");
577 kfree_skb(bcsp->rx_skb);
578 bcsp->rx_state = BCSP_W4_PKT_START;
579 bcsp->rx_count = 0;
580 } else
581 bcsp_unslip_one_byte(bcsp, *ptr);
582
583 ptr++; count--;
584 continue;
585 }
586
587 switch (bcsp->rx_state) {
588 case BCSP_W4_BCSP_HDR:
589 if ((0xff & (u8) ~ (bcsp->rx_skb->data[0] + bcsp->rx_skb->data[1] +
590 bcsp->rx_skb->data[2])) != bcsp->rx_skb->data[3]) {
591 BT_ERR("Error in BCSP hdr checksum");
592 kfree_skb(bcsp->rx_skb);
593 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
594 bcsp->rx_count = 0;
595 continue;
596 }
597 if (bcsp->rx_skb->data[0] & 0x80 /* reliable pkt */
8805eea2 598 && (bcsp->rx_skb->data[0] & 0x07) != bcsp->rxseq_txack) {
fe8de008 599 BT_ERR("Out-of-order packet arrived, got %u expected %u",
1da177e4
LT		 600 bcsp->rx_skb->data[0] & 0x07, bcsp->rxseq_txack);
601
602 kfree_skb(bcsp->rx_skb);
603 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
604 bcsp->rx_count = 0;
605 continue;
606 }
607 bcsp->rx_state = BCSP_W4_DATA;
8805eea2 608 bcsp->rx_count = (bcsp->rx_skb->data[1] >> 4) +
1da177e4
LT		 609 (bcsp->rx_skb->data[2] << 4); /* May be 0 */
610 continue;
611
612 case BCSP_W4_DATA:
613 if (bcsp->rx_skb->data[0] & 0x40) { /* pkt with crc */
614 bcsp->rx_state = BCSP_W4_CRC;
615 bcsp->rx_count = 2;
616 } else
617 bcsp_complete_rx_pkt(hu);
618 continue;
619
620 case BCSP_W4_CRC:
c5ec5140 621 if (bitrev16(bcsp->message_crc) != bscp_get_crc(bcsp)) {
8805eea2 622 BT_ERR("Checksum failed: computed %04x received %04x",
c5ec5140
HH		 623 bitrev16(bcsp->message_crc),
624 bscp_get_crc(bcsp));
1da177e4
LT		 625
626 kfree_skb(bcsp->rx_skb);
627 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
628 bcsp->rx_count = 0;
629 continue;
630 }
631 skb_trim(bcsp->rx_skb, bcsp->rx_skb->len - 2);
632 bcsp_complete_rx_pkt(hu);
633 continue;
634
635 case BCSP_W4_PKT_DELIMITER:
636 switch (*ptr) {
637 case 0xc0:
638 bcsp->rx_state = BCSP_W4_PKT_START;
639 break;
640 default:
641 /*BT_ERR("Ignoring byte %02x", *ptr);*/
642 break;
643 }
644 ptr++; count--;
645 break;
646
647 case BCSP_W4_PKT_START:
648 switch (*ptr) {
649 case 0xc0:
650 ptr++; count--;
651 break;
652
653 default:
654 bcsp->rx_state = BCSP_W4_BCSP_HDR;
655 bcsp->rx_count = 4;
656 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
657 BCSP_CRC_INIT(bcsp->message_crc);
0372a662 658
1da177e4 659 /* Do not increment ptr or decrement count
8805eea2
MZ		 660 * Allocate packet. Max len of a BCSP pkt=
661 * 0xFFF (payload) +4 (header) +2 (crc)
662 */
1da177e4
LT		 663
664 bcsp->rx_skb = bt_skb_alloc(0x1005, GFP_ATOMIC);
665 if (!bcsp->rx_skb) {
666 BT_ERR("Can't allocate mem for new packet");
667 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
668 bcsp->rx_count = 0;
669 return 0;
670 }
1da177e4
LT		 671 break;
672 }
673 break;
674 }
675 }
676 return count;
677}
678
679 /* Arrange to retransmit all messages in the relq. */
680static void bcsp_timed_event(unsigned long arg)
681{
682 struct hci_uart *hu = (struct hci_uart *) arg;
683 struct bcsp_struct *bcsp = hu->priv;
684 struct sk_buff *skb;
685 unsigned long flags;
686
687 BT_DBG("hu %p retransmitting %u pkts", hu, bcsp->unack.qlen);
688
f89d75f2 689 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING);
1da177e4
LT		 690
691 while ((skb = __skb_dequeue_tail(&bcsp->unack)) != NULL) {
692 bcsp->msgq_txseq = (bcsp->msgq_txseq - 1) & 0x07;
693 skb_queue_head(&bcsp->rel, skb);
694 }
695
696 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
697
698 hci_uart_tx_wakeup(hu);
699}
700
701static int bcsp_open(struct hci_uart *hu)
702{
703 struct bcsp_struct *bcsp;
704
705 BT_DBG("hu %p", hu);
706
c063af34 707 bcsp = kzalloc(sizeof(*bcsp), GFP_KERNEL);
1da177e4
LT		 708 if (!bcsp)
709 return -ENOMEM;
1da177e4
LT		 710
711 hu->priv = bcsp;
712 skb_queue_head_init(&bcsp->unack);
713 skb_queue_head_init(&bcsp->rel);
714 skb_queue_head_init(&bcsp->unrel);
715
716 init_timer(&bcsp->tbcsp);
717 bcsp->tbcsp.function = bcsp_timed_event;
718 bcsp->tbcsp.data = (u_long) hu;
719
720 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
721
20dd6f59
MH		 722 if (txcrc)
723 bcsp->use_crc = 1;
724
1da177e4
LT		 725 return 0;
726}
727
728static int bcsp_close(struct hci_uart *hu)
729{
730 struct bcsp_struct *bcsp = hu->priv;
c327cddd
MK		 731
732 del_timer_sync(&bcsp->tbcsp);
733
1da177e4
LT		 734 hu->priv = NULL;
735
736 BT_DBG("hu %p", hu);
737
738 skb_queue_purge(&bcsp->unack);
739 skb_queue_purge(&bcsp->rel);
740 skb_queue_purge(&bcsp->unrel);
1da177e4
LT		 741
742 kfree(bcsp);
743 return 0;
744}
745
4ee7ef19 746static const struct hci_uart_proto bcsp = {
0372a662 747 .id = HCI_UART_BCSP,
7c40fb8d 748 .name = "BCSP",
0372a662
MH		 749 .open = bcsp_open,
750 .close = bcsp_close,
751 .enqueue = bcsp_enqueue,
752 .dequeue = bcsp_dequeue,
753 .recv = bcsp_recv,
754 .flush = bcsp_flush
1da177e4
LT		 755};
756
f2b94bb9 757int __init bcsp_init(void)
1da177e4 758{
01009eec 759 return hci_uart_register_proto(&bcsp);
1da177e4
LT		 760}
761
f2b94bb9 762int __exit bcsp_deinit(void)
1da177e4
LT		 763{
764 return hci_uart_unregister_proto(&bcsp);
765}
766
20dd6f59
MH		 767module_param(txcrc, bool, 0644);
768MODULE_PARM_DESC(txcrc, "Transmit CRC with every BCSP packet");
769
1da177e4
LT		 770module_param(hciextn, bool, 0644);
771MODULE_PARM_DESC(hciextn, "Convert HCI Extensions into BCSP packets");
Linux 6.x block layer and io_uring tree(s)