2 * MediaTek Bluetooth USB Driver
4 * Copyright (C) 2013, MediaTek co.
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 2 of the License, or
9 * (at your option) any later version.
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
16 * You should have received a copy of the GNU General Public License
17 * along with this program; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
19 * or on the worldwide web at http://www.gnu.org/licenses/old-licenses/gpl-2.0.txt.
23 #include <linux/kernel.h>
24 #include <linux/module.h>
25 #include <linux/init.h>
26 #include <linux/slab.h>
27 #include <linux/types.h>
28 #include <linux/sched.h>
29 #include <linux/errno.h>
30 #include <linux/skbuff.h>
31 #include <linux/completion.h>
32 #include <linux/firmware.h>
33 #include <linux/usb.h>
34 #include <net/bluetooth/bluetooth.h>
35 #include <net/bluetooth/hci_core.h>
37 #include "btmtk_usb.h"
39 #define VERSION "1.0.4"
40 #define MT7650_FIRMWARE "mt7650.bin"
41 #define MT7662_FIRMWARE "mt7662.bin"
43 static struct usb_driver btmtk_usb_driver;
46 static int btmtk_usb_load_rom_patch(struct btmtk_usb_data *);
47 static int btmtk_usb_load_fw(struct btmtk_usb_data *);
49 static void hex_dump(char *str, u8 *src_buf, u32 src_buf_len)
56 BT_DBG("%s: %p, len = %d\n", str, src_buf, src_buf_len);
58 for (x = 0; x < src_buf_len; x++) {
60 BT_DBG("0x%04x : ", x);
61 BT_DBG("%02x ", ((unsigned char)pt[x]));
69 static int btmtk_usb_reset(struct usb_device *udev)
73 BT_DBG("%s\n", __func__);
75 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x01, DEVICE_VENDOR_REQUEST_OUT,
76 0x01, 0x00, NULL, 0x00, CONTROL_TIMEOUT_JIFFIES);
79 BT_ERR("%s error(%d)\n", __func__, ret);
89 static int btmtk_usb_io_read32(struct btmtk_usb_data *data, u32 reg, u32 *val)
91 u8 request = data->r_request;
92 struct usb_device *udev = data->udev;
95 ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), request, DEVICE_VENDOR_REQUEST_IN,
96 0x0, reg, data->io_buf, 4,
97 CONTROL_TIMEOUT_JIFFIES);
101 BT_ERR("%s error(%d), reg=%x, value=%x\n", __func__, ret, reg, *val);
105 memmove(val, data->io_buf, 4);
107 *val = le32_to_cpu(*val);
115 static int btmtk_usb_io_write32(struct btmtk_usb_data *data, u32 reg, u32 val)
118 u8 request = data->w_request;
119 struct usb_device *udev = data->udev;
123 value = val & 0x0000ffff;
125 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), request, DEVICE_VENDOR_REQUEST_OUT,
126 value, index, NULL, 0,
127 CONTROL_TIMEOUT_JIFFIES);
130 BT_ERR("%s error(%d), reg=%x, value=%x\n", __func__, ret, reg, val);
134 index = (u16)(reg + 2);
135 value = (val & 0xffff0000) >> 16;
137 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0),
138 request, DEVICE_VENDOR_REQUEST_OUT,
139 value, index, NULL, 0, CONTROL_TIMEOUT_JIFFIES);
142 BT_ERR("%s error(%d), reg=%x, value=%x\n", __func__, ret, reg, val);
152 static int btmtk_usb_switch_iobase(struct btmtk_usb_data *data, int base)
158 data->w_request = 0x42;
159 data->r_request = 0x47;
162 data->w_request = 0x02;
163 data->r_request = 0x07;
173 static void btmtk_usb_cap_init(struct btmtk_usb_data *data)
175 const struct firmware *firmware;
176 struct usb_device *udev = data->udev;
179 btmtk_usb_io_read32(data, 0x00, &data->chip_id);
181 BT_DBG("chip id = %x\n", data->chip_id);
183 if (is_mt7630(data) || is_mt7650(data)) {
184 data->need_load_fw = 1;
185 data->need_load_rom_patch = 0;
186 ret = request_firmware(&firmware, MT7650_FIRMWARE, &udev->dev);
188 if (ret == -ENOENT) {
189 BT_ERR("Firmware file \"%s\" not found \n", MT7650_FIRMWARE);
191 BT_ERR("Firmware file \"%s\" request failed (err=%d) \n",
192 MT7650_FIRMWARE, ret);
195 BT_DBG("Firmware file \"%s\" Found \n", MT7650_FIRMWARE);
196 /* load firmware here */
197 data->firmware = firmware;
198 btmtk_usb_load_fw(data);
200 release_firmware(firmware);
201 } else if (is_mt7632(data) || is_mt7662(data)) {
202 data->need_load_fw = 0;
203 data->need_load_rom_patch = 1;
204 data->rom_patch_offset = 0x90000;
205 ret = request_firmware(&firmware, MT7662_FIRMWARE, &udev->dev);
207 if (ret == -ENOENT) {
208 BT_ERR("Firmware file \"%s\" not found\n", MT7662_FIRMWARE);
210 BT_ERR("Firmware file \"%s\" request failed (err=%d)\n",
211 MT7662_FIRMWARE, ret);
214 BT_DBG("Firmware file \"%s\" Found\n", MT7662_FIRMWARE);
215 /* load rom patch here */
216 data->firmware = firmware;
217 data->rom_patch_len = firmware->size;
218 btmtk_usb_load_rom_patch(data);
220 release_firmware(firmware);
222 BT_ERR("unknow chip(%x)\n", data->chip_id);
226 static u16 checksume16(u8 *pData, int len)
231 sum += *((u16 *)pData);
235 if (sum & 0x80000000)
236 sum = (sum & 0xFFFF) + (sum >> 16);
242 sum += *((u8 *)pData);
245 sum = (sum & 0xFFFF) + (sum >> 16);
251 static int btmtk_usb_chk_crc(struct btmtk_usb_data *data, u32 checksum_len)
254 struct usb_device *udev = data->udev;
256 BT_DBG("%s\n", __func__);
258 memmove(data->io_buf, &data->rom_patch_offset, 4);
259 memmove(&data->io_buf[4], &checksum_len, 4);
261 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x1, DEVICE_VENDOR_REQUEST_IN,
262 0x20, 0x00, data->io_buf, 8,
263 CONTROL_TIMEOUT_JIFFIES);
266 BT_ERR("%s error(%d)\n", __func__, ret);
272 static u16 btmtk_usb_get_crc(struct btmtk_usb_data *data)
275 struct usb_device *udev = data->udev;
278 BT_DBG("%s\n", __func__);
281 ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0),
282 0x01, DEVICE_VENDOR_REQUEST_IN,
283 0x21, 0x00, data->io_buf, 2,
284 CONTROL_TIMEOUT_JIFFIES);
288 BT_ERR("%s error(%d)\n", __func__, ret);
291 memmove(&crc, data->io_buf, 2);
293 crc = le16_to_cpu(crc);
301 BT_ERR("Query CRC over %d times\n", count);
309 static int btmtk_usb_reset_wmt(struct btmtk_usb_data *data)
314 u8 cmd[8] = {0x6F, 0xFC, 0x05, 0x01, 0x07, 0x01, 0x00, 0x04};
316 memmove(data->io_buf, cmd, 8);
318 BT_DBG("%s\n", __func__);
320 ret = usb_control_msg(data->udev, usb_sndctrlpipe(data->udev, 0), 0x01,
321 DEVICE_CLASS_REQUEST_OUT, 0x12, 0x00, data->io_buf,
322 8, CONTROL_TIMEOUT_JIFFIES);
325 BT_ERR("%s:(%d)\n", __func__, ret);
330 static void load_rom_patch_complete(struct urb *urb)
333 struct completion *sent_to_mcu_done = (struct completion *)urb->context;
335 complete(sent_to_mcu_done);
338 static int btmtk_usb_load_rom_patch(struct btmtk_usb_data *data)
343 int ret = 0, total_checksum = 0;
348 struct completion sent_to_mcu_done;
353 unsigned int pipe = usb_sndbulkpipe(data->udev, data->bulk_tx_ep->bEndpointAddress);
355 if (!data->firmware) {
356 BT_ERR("%s:please assign a rom patch\n", __func__);
361 btmtk_usb_switch_iobase(data, WLAN);
362 btmtk_usb_io_read32(data, SEMAPHORE_03, &value);
365 if (((value & 0x01) == 0x00) && (loop < 600)) {
367 goto load_patch_protect;
370 btmtk_usb_io_write32(data, 0x1004, 0x2c);
372 btmtk_usb_switch_iobase(data, SYSCTL);
374 btmtk_usb_io_write32(data, 0x1c, 0x30);
376 /* Enable USB_DMA_CFG */
377 btmtk_usb_io_write32(data, 0x9018, 0x00c00020);
379 btmtk_usb_switch_iobase(data, WLAN);
381 /* check ROM patch if upgrade */
382 btmtk_usb_io_read32(data, COM_REG0, &value);
384 if ((value & 0x02) == 0x02)
387 urb = usb_alloc_urb(0, GFP_ATOMIC);
394 buf = usb_alloc_coherent(data->udev, UPLOAD_PATCH_UNIT, GFP_ATOMIC, &data_dma);
402 BT_DBG("loading rom patch");
404 init_completion(&sent_to_mcu_done);
407 patch_len = data->rom_patch_len - PATCH_INFO_SIZE;
409 /* loading rom patch */
411 s32 sent_len_max = UPLOAD_PATCH_UNIT - PATCH_HEADER_SIZE;
412 sent_len = (patch_len - cur_len) >= sent_len_max ? sent_len_max : (patch_len - cur_len);
414 BT_DBG("patch_len = %d\n", patch_len);
415 BT_DBG("cur_len = %d\n", cur_len);
416 BT_DBG("sent_len = %d\n", sent_len);
419 if (first_block == 1) {
420 if (sent_len < sent_len_max)
421 phase = PATCH_PHASE3;
423 phase = PATCH_PHASE1;
425 } else if (sent_len == sent_len_max) {
426 phase = PATCH_PHASE2;
428 phase = PATCH_PHASE3;
431 /* prepare HCI header */
434 pos[2] = (sent_len + 5) & 0xFF;
435 pos[3] = ((sent_len + 5) >> 8) & 0xFF;
437 /* prepare WMT header */
440 pos[6] = (sent_len + 1) & 0xFF;
441 pos[7] = ((sent_len + 1) >> 8) & 0xFF;
445 memcpy(&pos[9], data->firmware->data + PATCH_INFO_SIZE + cur_len, sent_len);
447 BT_DBG("sent_len + PATCH_HEADER_SIZE = %d, phase = %d\n",
448 sent_len + PATCH_HEADER_SIZE, phase);
450 usb_fill_bulk_urb(urb,
454 sent_len + PATCH_HEADER_SIZE,
455 load_rom_patch_complete,
458 urb->transfer_dma = data_dma;
459 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
461 ret = usb_submit_urb(urb, GFP_ATOMIC);
466 if (!wait_for_completion_timeout(&sent_to_mcu_done, msecs_to_jiffies(1000))) {
468 BT_ERR("upload rom_patch timeout\n");
483 total_checksum = checksume16((u8 *)data->firmware->data + PATCH_INFO_SIZE, patch_len);
485 BT_DBG("Send checksum req..\n");
487 btmtk_usb_chk_crc(data, patch_len);
491 if (total_checksum != btmtk_usb_get_crc(data)) {
492 BT_ERR("checksum fail!, local(0x%x) <> fw(0x%x)\n",
493 total_checksum, btmtk_usb_get_crc(data));
500 ret = btmtk_usb_reset_wmt(data);
505 usb_free_coherent(data->udev, UPLOAD_PATCH_UNIT, buf, data_dma);
509 btmtk_usb_io_write32(data, SEMAPHORE_03, 0x1);
514 static int load_fw_iv(struct btmtk_usb_data *data)
517 struct usb_device *udev = data->udev;
518 char *buf = kmalloc(64, GFP_ATOMIC);
520 memmove(buf, data->firmware->data + 32, 64);
522 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x01,
523 DEVICE_VENDOR_REQUEST_OUT, 0x12, 0x0, buf, 64,
524 CONTROL_TIMEOUT_JIFFIES);
527 BT_ERR("%s error(%d) step4\n", __func__, ret);
540 static void load_fw_complete(struct urb *urb)
543 struct completion *sent_to_mcu_done = (struct completion *)urb->context;
545 complete(sent_to_mcu_done);
548 static int btmtk_usb_load_fw(struct btmtk_usb_data *data)
550 struct usb_device *udev = data->udev;
554 u32 packet_header = 0;
556 u32 ilm_len = 0, dlm_len = 0;
557 u16 fw_ver, build_ver;
560 int ret = 0, sent_len;
561 struct completion sent_to_mcu_done;
562 unsigned int pipe = usb_sndbulkpipe(data->udev, data->bulk_tx_ep->bEndpointAddress);
564 if (!data->firmware) {
565 BT_ERR("%s:please assign a fw\n", __func__);
569 BT_DBG("bulk_tx_ep = %x\n", data->bulk_tx_ep->bEndpointAddress);
572 btmtk_usb_switch_iobase(data, WLAN);
573 btmtk_usb_io_read32(data, SEMAPHORE_00, &value);
576 if (((value & 0x1) == 0) && (loop < 10000))
579 /* check MCU if ready */
580 btmtk_usb_io_read32(data, COM_REG0, &value);
582 if ((value & 0x01) == 0x01)
585 /* Enable MPDMA TX and EP2 load FW mode */
586 btmtk_usb_io_write32(data, 0x238, 0x1c000000);
588 btmtk_usb_reset(udev);
591 ilm_len = (*(data->firmware->data + 3) << 24)
592 | (*(data->firmware->data + 2) << 16)
593 | (*(data->firmware->data + 1) << 8)
594 | (*data->firmware->data);
596 dlm_len = (*(data->firmware->data + 7) << 24)
597 | (*(data->firmware->data + 6) << 16)
598 | (*(data->firmware->data + 5) << 8)
599 | (*(data->firmware->data + 4));
601 fw_ver = (*(data->firmware->data + 11) << 8) | (*(data->firmware->data + 10));
603 build_ver = (*(data->firmware->data + 9) << 8) | (*(data->firmware->data + 8));
605 BT_DBG("fw version:%d.%d.%02d ",
606 (fw_ver & 0xf000) >> 8,
607 (fw_ver & 0x0f00) >> 8,
610 BT_DBG("build:%x\n", build_ver);
612 BT_DBG("build Time =");
614 for (loop = 0; loop < 16; loop++)
615 BT_DBG("%c", *(data->firmware->data + 16 + loop));
619 BT_DBG("ILM length = %d(bytes)\n", ilm_len);
620 BT_DBG("DLM length = %d(bytes)\n", dlm_len);
622 btmtk_usb_switch_iobase(data, SYSCTL);
624 /* U2M_PDMA rx_ring_base_ptr */
625 btmtk_usb_io_write32(data, 0x790, 0x400230);
627 /* U2M_PDMA rx_ring_max_cnt */
628 btmtk_usb_io_write32(data, 0x794, 0x1);
630 /* U2M_PDMA cpu_idx */
631 btmtk_usb_io_write32(data, 0x798, 0x1);
633 /* U2M_PDMA enable */
634 btmtk_usb_io_write32(data, 0x704, 0x44);
636 urb = usb_alloc_urb(0, GFP_ATOMIC);
643 buf = usb_alloc_coherent(udev, 14592, GFP_ATOMIC, &data_dma);
650 BT_DBG("loading fw");
652 init_completion(&sent_to_mcu_done);
654 btmtk_usb_switch_iobase(data, SYSCTL);
660 sent_len = (ilm_len - cur_len) >= 14336 ? 14336 : (ilm_len - cur_len);
663 packet_header &= ~(0xffffffff);
664 packet_header |= (sent_len << 16);
665 packet_header = cpu_to_le32(packet_header);
667 memmove(buf, &packet_header, 4);
668 memmove(buf + 4, data->firmware->data + 32 + cur_len, sent_len);
670 /* U2M_PDMA descriptor */
671 btmtk_usb_io_write32(data, 0x230, cur_len);
673 while ((sent_len % 4) != 0) {
677 /* U2M_PDMA length */
678 btmtk_usb_io_write32(data, 0x234, sent_len << 16);
680 usb_fill_bulk_urb(urb,
688 urb->transfer_dma = data_dma;
689 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
691 ret = usb_submit_urb(urb, GFP_ATOMIC);
696 if (!wait_for_completion_timeout(&sent_to_mcu_done, msecs_to_jiffies(1000))) {
698 BT_ERR("upload ilm fw timeout\n");
712 init_completion(&sent_to_mcu_done);
717 sent_len = (dlm_len - cur_len) >= 14336 ? 14336 : (dlm_len - cur_len);
720 packet_header &= ~(0xffffffff);
721 packet_header |= (sent_len << 16);
722 packet_header = cpu_to_le32(packet_header);
724 memmove(buf, &packet_header, 4);
725 memmove(buf + 4, data->firmware->data + 32 + ilm_len + cur_len, sent_len);
727 /* U2M_PDMA descriptor */
728 btmtk_usb_io_write32(data, 0x230, 0x80000 + cur_len);
730 while ((sent_len % 4) != 0) {
731 BT_DBG("sent_len is not divided by 4\n");
735 /* U2M_PDMA length */
736 btmtk_usb_io_write32(data, 0x234, sent_len << 16);
738 usb_fill_bulk_urb(urb,
746 urb->transfer_dma = data_dma;
747 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
749 ret = usb_submit_urb(urb, GFP_ATOMIC);
754 if (!wait_for_completion_timeout(&sent_to_mcu_done, msecs_to_jiffies(1000))) {
756 BT_ERR("upload dlm fw timeout\n");
771 /* upload 64bytes interrupt vector */
772 ret = load_fw_iv(data);
775 btmtk_usb_switch_iobase(data, WLAN);
777 /* check MCU if ready */
781 btmtk_usb_io_read32(data, COM_REG0, &value);
788 } while (loop <= 100);
791 BT_ERR("wait for 100 times\n");
796 usb_free_coherent(udev, 14592, buf, data_dma);
800 /* Disbale load fw mode */
801 btmtk_usb_io_read32(data, 0x238, &value);
802 value = value & ~(0x10000000);
803 btmtk_usb_io_write32(data, 0x238, value);
805 btmtk_usb_io_write32(data, SEMAPHORE_00, 0x1);
809 static int inc_tx(struct btmtk_usb_data *data)
814 spin_lock_irqsave(&data->txlock, flags);
815 rv = test_bit(BTUSB_SUSPENDING, &data->flags);
817 data->tx_in_flight++;
818 spin_unlock_irqrestore(&data->txlock, flags);
823 static void btmtk_usb_intr_complete(struct urb *urb)
825 struct hci_dev *hdev = urb->context;
826 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
829 BT_DBG("%s: %s urb %p status %d count %d\n", __func__, hdev->name,
830 urb, urb->status, urb->actual_length);
832 if (!test_bit(HCI_RUNNING, &hdev->flags))
835 if (urb->status == 0) {
836 hdev->stat.byte_rx += urb->actual_length;
838 hex_dump("hci event", urb->transfer_buffer, urb->actual_length);
840 if (hci_recv_fragment(hdev, HCI_EVENT_PKT,
841 urb->transfer_buffer,
842 urb->actual_length) < 0) {
843 BT_ERR("%s corrupted event packet", hdev->name);
848 if (!test_bit(BTUSB_INTR_RUNNING, &data->flags))
851 usb_mark_last_busy(data->udev);
852 usb_anchor_urb(urb, &data->intr_anchor);
854 err = usb_submit_urb(urb, GFP_ATOMIC);
857 /* -EPERM: urb is being killed;
858 * -ENODEV: device got disconnected */
859 if (err != -EPERM && err != -ENODEV)
860 BT_ERR("%s urb %p failed to resubmit (%d)",
861 hdev->name, urb, -err);
862 usb_unanchor_urb(urb);
866 static int btmtk_usb_submit_intr_urb(struct hci_dev *hdev, gfp_t mem_flags)
868 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
874 BT_DBG("%s\n", __func__);
879 urb = usb_alloc_urb(0, mem_flags);
883 size = le16_to_cpu(data->intr_ep->wMaxPacketSize);
885 buf = kmalloc(size, mem_flags);
891 pipe = usb_rcvintpipe(data->udev, data->intr_ep->bEndpointAddress);
893 usb_fill_int_urb(urb, data->udev, pipe, buf, size,
894 btmtk_usb_intr_complete, hdev,
895 data->intr_ep->bInterval);
897 urb->transfer_flags |= URB_FREE_BUFFER;
899 usb_anchor_urb(urb, &data->intr_anchor);
901 err = usb_submit_urb(urb, mem_flags);
903 if (err != -EPERM && err != -ENODEV)
904 BT_ERR("%s urb %p submission failed (%d)",
905 hdev->name, urb, -err);
906 usb_unanchor_urb(urb);
915 static void btmtk_usb_bulk_in_complete(struct urb *urb)
917 struct hci_dev *hdev = urb->context;
918 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
921 BT_DBG("%s:%s urb %p status %d count %d", __func__, hdev->name,
922 urb, urb->status, urb->actual_length);
924 if (!test_bit(HCI_RUNNING, &hdev->flags)) {
928 if (urb->status == 0) {
929 hdev->stat.byte_rx += urb->actual_length;
931 if (hci_recv_fragment(hdev, HCI_ACLDATA_PKT,
932 urb->transfer_buffer,
933 urb->actual_length) < 0) {
934 BT_ERR("%s corrupted ACL packet", hdev->name);
939 if (!test_bit(BTUSB_BULK_RUNNING, &data->flags))
942 usb_anchor_urb(urb, &data->bulk_anchor);
943 usb_mark_last_busy(data->udev);
945 err = usb_submit_urb(urb, GFP_ATOMIC);
947 /* -EPERM: urb is being killed;
948 * -ENODEV: device got disconnected */
949 if (err != -EPERM && err != -ENODEV)
950 BT_ERR("%s urb %p failed to resubmit (%d)",
951 hdev->name, urb, -err);
952 usb_unanchor_urb(urb);
956 static int btmtk_usb_submit_bulk_in_urb(struct hci_dev *hdev, gfp_t mem_flags)
958 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
962 int err, size = HCI_MAX_FRAME_SIZE;
964 BT_DBG("%s:%s\n", __func__, hdev->name);
966 if (!data->bulk_rx_ep)
969 urb = usb_alloc_urb(0, mem_flags);
973 buf = kmalloc(size, mem_flags);
979 pipe = usb_rcvbulkpipe(data->udev, data->bulk_rx_ep->bEndpointAddress);
981 usb_fill_bulk_urb(urb, data->udev, pipe,
982 buf, size, btmtk_usb_bulk_in_complete, hdev);
984 urb->transfer_flags |= URB_FREE_BUFFER;
986 usb_mark_last_busy(data->udev);
987 usb_anchor_urb(urb, &data->bulk_anchor);
989 err = usb_submit_urb(urb, mem_flags);
991 if (err != -EPERM && err != -ENODEV)
992 BT_ERR("%s urb %p submission failed (%d)",
993 hdev->name, urb, -err);
994 usb_unanchor_urb(urb);
1002 static void btmtk_usb_isoc_in_complete(struct urb *urb)
1005 struct hci_dev *hdev = urb->context;
1006 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1009 BT_DBG("%s: %s urb %p status %d count %d", __func__, hdev->name,
1010 urb, urb->status, urb->actual_length);
1012 if (!test_bit(HCI_RUNNING, &hdev->flags))
1015 if (urb->status == 0) {
1016 for (i = 0; i < urb->number_of_packets; i++) {
1017 unsigned int offset = urb->iso_frame_desc[i].offset;
1018 unsigned int length = urb->iso_frame_desc[i].actual_length;
1020 if (urb->iso_frame_desc[i].status)
1023 hdev->stat.byte_rx += length;
1025 if (hci_recv_fragment(hdev, HCI_SCODATA_PKT,
1026 urb->transfer_buffer + offset,
1028 BT_ERR("%s corrupted SCO packet", hdev->name);
1029 hdev->stat.err_rx++;
1034 if (!test_bit(BTUSB_ISOC_RUNNING, &data->flags))
1037 usb_anchor_urb(urb, &data->isoc_anchor);
1039 err = usb_submit_urb(urb, GFP_ATOMIC);
1041 /* -EPERM: urb is being killed;
1042 * -ENODEV: device got disconnected */
1043 if (err != -EPERM && err != -ENODEV)
1044 BT_ERR("%s urb %p failed to resubmit (%d)",
1045 hdev->name, urb, -err);
1046 usb_unanchor_urb(urb);
1050 static inline void __fill_isoc_descriptor(struct urb *urb, int len, int mtu)
1054 BT_DBG("len %d mtu %d", len, mtu);
1056 for (i = 0; i < BTUSB_MAX_ISOC_FRAMES && len >= mtu;
1057 i++, offset += mtu, len -= mtu) {
1058 urb->iso_frame_desc[i].offset = offset;
1059 urb->iso_frame_desc[i].length = mtu;
1062 if (len && i < BTUSB_MAX_ISOC_FRAMES) {
1063 urb->iso_frame_desc[i].offset = offset;
1064 urb->iso_frame_desc[i].length = len;
1068 urb->number_of_packets = i;
1071 static int btmtk_usb_submit_isoc_in_urb(struct hci_dev *hdev, gfp_t mem_flags)
1073 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1079 BT_DBG("%s\n", __func__);
1081 if (!data->isoc_rx_ep)
1084 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, mem_flags);
1088 size = le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize) *
1089 BTUSB_MAX_ISOC_FRAMES;
1091 buf = kmalloc(size, mem_flags);
1097 pipe = usb_rcvisocpipe(data->udev, data->isoc_rx_ep->bEndpointAddress);
1099 usb_fill_int_urb(urb, data->udev, pipe, buf, size, btmtk_usb_isoc_in_complete,
1100 hdev, data->isoc_rx_ep->bInterval);
1102 urb->transfer_flags = URB_FREE_BUFFER | URB_ISO_ASAP;
1104 __fill_isoc_descriptor(urb, size,
1105 le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize));
1107 usb_anchor_urb(urb, &data->isoc_anchor);
1109 err = usb_submit_urb(urb, mem_flags);
1111 if (err != -EPERM && err != -ENODEV)
1112 BT_ERR("%s urb %p submission failed (%d)",
1113 hdev->name, urb, -err);
1114 usb_unanchor_urb(urb);
1122 static int btmtk_usb_open(struct hci_dev *hdev)
1124 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1127 BT_DBG("%s\n", __func__);
1129 err = usb_autopm_get_interface(data->intf);
1133 data->intf->needs_remote_wakeup = 1;
1135 if (test_and_set_bit(HCI_RUNNING, &hdev->flags))
1138 if (test_and_set_bit(BTUSB_INTR_RUNNING, &data->flags))
1141 err = btmtk_usb_submit_intr_urb(hdev, GFP_KERNEL);
1145 err = btmtk_usb_submit_bulk_in_urb(hdev, GFP_KERNEL);
1147 usb_kill_anchored_urbs(&data->intr_anchor);
1151 set_bit(BTUSB_BULK_RUNNING, &data->flags);
1152 btmtk_usb_submit_bulk_in_urb(hdev, GFP_KERNEL);
1155 usb_autopm_put_interface(data->intf);
1159 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
1160 clear_bit(HCI_RUNNING, &hdev->flags);
1161 usb_autopm_put_interface(data->intf);
1165 static void btmtk_usb_stop_traffic(struct btmtk_usb_data *data)
1167 BT_DBG("%s\n", __func__);
1169 usb_kill_anchored_urbs(&data->intr_anchor);
1170 usb_kill_anchored_urbs(&data->bulk_anchor);
1171 usb_kill_anchored_urbs(&data->isoc_anchor);
1174 static int btmtk_usb_close(struct hci_dev *hdev)
1176 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1179 BT_DBG("%s\n", __func__);
1181 if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
1184 cancel_work_sync(&data->work);
1185 cancel_work_sync(&data->waker);
1187 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1188 clear_bit(BTUSB_BULK_RUNNING, &data->flags);
1189 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
1191 btmtk_usb_stop_traffic(data);
1193 err = usb_autopm_get_interface(data->intf);
1197 data->intf->needs_remote_wakeup = 0;
1198 usb_autopm_put_interface(data->intf);
1201 usb_scuttle_anchored_urbs(&data->deferred);
1205 static int btmtk_usb_flush(struct hci_dev *hdev)
1207 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1209 BT_DBG("%s\n", __func__);
1211 usb_kill_anchored_urbs(&data->tx_anchor);
1216 static void btmtk_usb_tx_complete(struct urb *urb)
1218 struct sk_buff *skb = urb->context;
1219 struct hci_dev *hdev = (struct hci_dev *)skb->dev;
1220 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1222 BT_DBG("%s: %s urb %p status %d count %d\n", __func__, hdev->name,
1223 urb, urb->status, urb->actual_length);
1225 if (!test_bit(HCI_RUNNING, &hdev->flags))
1229 hdev->stat.byte_tx += urb->transfer_buffer_length;
1231 hdev->stat.err_tx++;
1234 spin_lock(&data->txlock);
1235 data->tx_in_flight--;
1236 spin_unlock(&data->txlock);
1238 kfree(urb->setup_packet);
1243 static void btmtk_usb_isoc_tx_complete(struct urb *urb)
1245 struct sk_buff *skb = urb->context;
1246 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
1248 BT_DBG("%s: %s urb %p status %d count %d", __func__, hdev->name,
1249 urb, urb->status, urb->actual_length);
1251 if (!test_bit(HCI_RUNNING, &hdev->flags))
1255 hdev->stat.byte_tx += urb->transfer_buffer_length;
1257 hdev->stat.err_tx++;
1260 kfree(urb->setup_packet);
1265 static int btmtk_usb_send_frame(struct sk_buff *skb)
1267 struct hci_dev *hdev = (struct hci_dev *)skb->dev;
1268 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1269 struct usb_ctrlrequest *dr;
1274 BT_DBG("%s\n", __func__);
1276 if (!test_bit(HCI_RUNNING, &hdev->flags))
1279 switch (bt_cb(skb)->pkt_type) {
1280 case HCI_COMMAND_PKT:
1281 urb = usb_alloc_urb(0, GFP_ATOMIC);
1285 dr = kmalloc(sizeof(*dr), GFP_ATOMIC);
1291 dr->bRequestType = data->cmdreq_type;
1295 dr->wLength = __cpu_to_le16(skb->len);
1297 pipe = usb_sndctrlpipe(data->udev, 0x00);
1299 if (test_bit(HCI_RUNNING, &hdev->flags)) {
1301 memcpy(&op_code, skb->data, 2);
1302 BT_DBG("ogf = %x\n", (op_code & 0xfc00) >> 10);
1303 BT_DBG("ocf = %x\n", op_code & 0x03ff);
1304 hex_dump("hci command", skb->data, skb->len);
1308 usb_fill_control_urb(urb, data->udev, pipe, (void *) dr,
1309 skb->data, skb->len, btmtk_usb_tx_complete, skb);
1311 hdev->stat.cmd_tx++;
1314 case HCI_ACLDATA_PKT:
1315 if (!data->bulk_tx_ep)
1318 urb = usb_alloc_urb(0, GFP_ATOMIC);
1322 pipe = usb_sndbulkpipe(data->udev,
1323 data->bulk_tx_ep->bEndpointAddress);
1325 usb_fill_bulk_urb(urb, data->udev, pipe,
1326 skb->data, skb->len, btmtk_usb_tx_complete, skb);
1328 hdev->stat.acl_tx++;
1329 BT_DBG("HCI_ACLDATA_PKT:\n");
1332 case HCI_SCODATA_PKT:
1333 if (!data->isoc_tx_ep || hdev->conn_hash.sco_num < 1)
1336 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, GFP_ATOMIC);
1340 pipe = usb_sndisocpipe(data->udev,
1341 data->isoc_tx_ep->bEndpointAddress);
1343 usb_fill_int_urb(urb, data->udev, pipe,
1344 skb->data, skb->len, btmtk_usb_isoc_tx_complete,
1345 skb, data->isoc_tx_ep->bInterval);
1347 urb->transfer_flags = URB_ISO_ASAP;
1349 __fill_isoc_descriptor(urb, skb->len,
1350 le16_to_cpu(data->isoc_tx_ep->wMaxPacketSize));
1352 hdev->stat.sco_tx++;
1353 BT_DBG("HCI_SCODATA_PKT:\n");
1363 usb_anchor_urb(urb, &data->deferred);
1364 schedule_work(&data->waker);
1370 usb_anchor_urb(urb, &data->tx_anchor);
1372 err = usb_submit_urb(urb, GFP_ATOMIC);
1374 if (err != -EPERM && err != -ENODEV)
1375 BT_ERR("%s urb %p submission failed (%d)",
1376 hdev->name, urb, -err);
1377 kfree(urb->setup_packet);
1378 usb_unanchor_urb(urb);
1380 usb_mark_last_busy(data->udev);
1388 static void btmtk_usb_notify(struct hci_dev *hdev, unsigned int evt)
1390 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1392 BT_DBG("%s evt %d", hdev->name, evt);
1394 if (hdev->conn_hash.sco_num != data->sco_num) {
1395 data->sco_num = hdev->conn_hash.sco_num;
1396 schedule_work(&data->work);
1400 static inline int __set_isoc_interface(struct hci_dev *hdev, int altsetting)
1402 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1403 struct usb_interface *intf = data->isoc;
1404 struct usb_endpoint_descriptor *ep_desc;
1410 err = usb_set_interface(data->udev, 1, altsetting);
1412 BT_ERR("%s setting interface failed (%d)", hdev->name, -err);
1416 data->isoc_altsetting = altsetting;
1418 data->isoc_tx_ep = NULL;
1419 data->isoc_rx_ep = NULL;
1421 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
1422 ep_desc = &intf->cur_altsetting->endpoint[i].desc;
1424 if (!data->isoc_tx_ep && usb_endpoint_is_isoc_out(ep_desc)) {
1425 data->isoc_tx_ep = ep_desc;
1429 if (!data->isoc_rx_ep && usb_endpoint_is_isoc_in(ep_desc)) {
1430 data->isoc_rx_ep = ep_desc;
1435 if (!data->isoc_tx_ep || !data->isoc_rx_ep) {
1436 BT_ERR("%s invalid SCO descriptors", hdev->name);
1443 static void btmtk_usb_work(struct work_struct *work)
1445 struct btmtk_usb_data *data = container_of(work, struct btmtk_usb_data, work);
1446 struct hci_dev *hdev = data->hdev;
1450 BT_DBG("%s\n", __func__);
1452 if (hdev->conn_hash.sco_num > 0) {
1453 if (!test_bit(BTUSB_DID_ISO_RESUME, &data->flags)) {
1454 err = usb_autopm_get_interface(data->isoc ? data->isoc : data->intf);
1456 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1457 usb_kill_anchored_urbs(&data->isoc_anchor);
1461 set_bit(BTUSB_DID_ISO_RESUME, &data->flags);
1464 if (hdev->voice_setting & 0x0020) {
1465 static const int alts[3] = { 2, 4, 5 };
1466 new_alts = alts[hdev->conn_hash.sco_num - 1];
1468 new_alts = hdev->conn_hash.sco_num;
1471 if (data->isoc_altsetting != new_alts) {
1472 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1473 usb_kill_anchored_urbs(&data->isoc_anchor);
1475 if (__set_isoc_interface(hdev, new_alts) < 0)
1479 if (!test_and_set_bit(BTUSB_ISOC_RUNNING, &data->flags)) {
1480 if (btmtk_usb_submit_isoc_in_urb(hdev, GFP_KERNEL) < 0)
1481 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1483 btmtk_usb_submit_isoc_in_urb(hdev, GFP_KERNEL);
1486 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1487 usb_kill_anchored_urbs(&data->isoc_anchor);
1489 __set_isoc_interface(hdev, 0);
1491 if (test_and_clear_bit(BTUSB_DID_ISO_RESUME, &data->flags))
1492 usb_autopm_put_interface(data->isoc ? data->isoc : data->intf);
1496 static void btmtk_usb_waker(struct work_struct *work)
1498 struct btmtk_usb_data *data = container_of(work, struct btmtk_usb_data, waker);
1501 err = usb_autopm_get_interface(data->intf);
1506 usb_autopm_put_interface(data->intf);
1509 static int btmtk_usb_probe(struct usb_interface *intf,
1510 const struct usb_device_id *id)
1512 struct btmtk_usb_data *data;
1513 struct usb_endpoint_descriptor *ep_desc;
1515 struct hci_dev *hdev;
1517 /* interface numbers are hardcoded in the spec */
1518 if (intf->cur_altsetting->desc.bInterfaceNumber != 0)
1521 data = kzalloc(sizeof(*data), GFP_KERNEL);
1526 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
1527 ep_desc = &intf->cur_altsetting->endpoint[i].desc;
1529 if (!data->intr_ep && usb_endpoint_is_int_in(ep_desc)) {
1530 data->intr_ep = ep_desc;
1534 if (!data->bulk_tx_ep && usb_endpoint_is_bulk_out(ep_desc)) {
1535 data->bulk_tx_ep = ep_desc;
1539 if (!data->bulk_rx_ep && usb_endpoint_is_bulk_in(ep_desc)) {
1540 data->bulk_rx_ep = ep_desc;
1545 if (!data->intr_ep || !data->bulk_tx_ep || !data->bulk_rx_ep) {
1550 data->cmdreq_type = USB_TYPE_CLASS;
1552 data->udev = interface_to_usbdev(intf);
1555 spin_lock_init(&data->lock);
1556 INIT_WORK(&data->work, btmtk_usb_work);
1557 INIT_WORK(&data->waker, btmtk_usb_waker);
1558 spin_lock_init(&data->txlock);
1560 init_usb_anchor(&data->tx_anchor);
1561 init_usb_anchor(&data->intr_anchor);
1562 init_usb_anchor(&data->bulk_anchor);
1563 init_usb_anchor(&data->isoc_anchor);
1564 init_usb_anchor(&data->deferred);
1566 hdev = hci_alloc_dev();
1572 hdev->bus = HCI_USB;
1574 hci_set_drvdata(hdev, data);
1578 SET_HCIDEV_DEV(hdev, &intf->dev);
1580 hdev->open = btmtk_usb_open;
1581 hdev->close = btmtk_usb_close;
1582 hdev->flush = btmtk_usb_flush;
1583 hdev->send = btmtk_usb_send_frame;
1584 hdev->notify = btmtk_usb_notify;
1586 /* Interface numbers are hardcoded in the specification */
1587 data->isoc = usb_ifnum_to_if(data->udev, 1);
1590 err = usb_driver_claim_interface(&btmtk_usb_driver,
1599 data->io_buf = kmalloc(256, GFP_KERNEL);
1600 if (!data->io_buf) {
1606 btmtk_usb_switch_iobase(data, WLAN);
1608 btmtk_usb_cap_init(data);
1610 err = hci_register_dev(hdev);
1617 usb_set_intfdata(intf, data);
1622 static void btmtk_usb_disconnect(struct usb_interface *intf)
1624 struct btmtk_usb_data *data = usb_get_intfdata(intf);
1625 struct hci_dev *hdev;
1627 BT_DBG("%s\n", __func__);
1633 usb_set_intfdata(data->intf, NULL);
1636 usb_set_intfdata(data->isoc, NULL);
1638 hci_unregister_dev(hdev);
1640 if (intf == data->isoc)
1641 usb_driver_release_interface(&btmtk_usb_driver, data->intf);
1642 else if (data->isoc)
1643 usb_driver_release_interface(&btmtk_usb_driver, data->isoc);
1647 kfree(data->io_buf);
1653 static int btmtk_usb_suspend(struct usb_interface *intf, pm_message_t message)
1655 struct btmtk_usb_data *data = usb_get_intfdata(intf);
1657 BT_DBG("%s\n", __func__);
1659 if (data->suspend_count++)
1662 spin_lock_irq(&data->txlock);
1663 if (!(PMSG_IS_AUTO(message) && data->tx_in_flight)) {
1664 set_bit(BTUSB_SUSPENDING, &data->flags);
1665 spin_unlock_irq(&data->txlock);
1667 spin_unlock_irq(&data->txlock);
1668 data->suspend_count--;
1672 cancel_work_sync(&data->work);
1674 btmtk_usb_stop_traffic(data);
1675 usb_kill_anchored_urbs(&data->tx_anchor);
1680 static void play_deferred(struct btmtk_usb_data *data)
1685 while ((urb = usb_get_from_anchor(&data->deferred))) {
1686 err = usb_submit_urb(urb, GFP_ATOMIC);
1690 data->tx_in_flight++;
1693 usb_scuttle_anchored_urbs(&data->deferred);
1696 static int btmtk_usb_resume(struct usb_interface *intf)
1698 struct btmtk_usb_data *data = usb_get_intfdata(intf);
1699 struct hci_dev *hdev = data->hdev;
1702 BT_DBG("%s\n", __func__);
1704 if (--data->suspend_count)
1707 if (!test_bit(HCI_RUNNING, &hdev->flags))
1710 if (test_bit(BTUSB_INTR_RUNNING, &data->flags)) {
1711 err = btmtk_usb_submit_intr_urb(hdev, GFP_NOIO);
1713 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
1718 if (test_bit(BTUSB_BULK_RUNNING, &data->flags)) {
1719 err = btmtk_usb_submit_bulk_in_urb(hdev, GFP_NOIO);
1721 clear_bit(BTUSB_BULK_RUNNING, &data->flags);
1725 btmtk_usb_submit_bulk_in_urb(hdev, GFP_NOIO);
1728 if (test_bit(BTUSB_ISOC_RUNNING, &data->flags)) {
1729 if (btmtk_usb_submit_isoc_in_urb(hdev, GFP_NOIO) < 0)
1730 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1732 btmtk_usb_submit_isoc_in_urb(hdev, GFP_NOIO);
1735 spin_lock_irq(&data->txlock);
1736 play_deferred(data);
1737 clear_bit(BTUSB_SUSPENDING, &data->flags);
1738 spin_unlock_irq(&data->txlock);
1739 schedule_work(&data->work);
1744 usb_scuttle_anchored_urbs(&data->deferred);
1746 spin_lock_irq(&data->txlock);
1747 clear_bit(BTUSB_SUSPENDING, &data->flags);
1748 spin_unlock_irq(&data->txlock);
1754 static struct usb_device_id btmtk_usb_table[] = {
1755 /* Mediatek MT7650 */
1756 { USB_DEVICE(0x0e8d, 0x7650) },
1757 { USB_DEVICE(0x0e8d, 0x7630) },
1758 { USB_DEVICE(0x0e8d, 0x763e) },
1759 /* Mediatek MT662 */
1760 { USB_DEVICE(0x0e8d, 0x7662) },
1761 { USB_DEVICE(0x0e8d, 0x7632) },
1762 { } /* Terminating entry */
1765 static struct usb_driver btmtk_usb_driver = {
1766 .name = "btmtk_usb",
1767 .probe = btmtk_usb_probe,
1768 .disconnect = btmtk_usb_disconnect,
1770 .suspend = btmtk_usb_suspend,
1771 .resume = btmtk_usb_resume,
1773 .id_table = btmtk_usb_table,
1774 .supports_autosuspend = 1,
1775 .disable_hub_initiated_lpm = 1,
1778 module_usb_driver(btmtk_usb_driver);
1780 MODULE_DESCRIPTION("Mediatek Bluetooth USB driver ver " VERSION);
1781 MODULE_VERSION(VERSION);
1782 MODULE_LICENSE("GPL");
1783 MODULE_FIRMWARE(MT7650_FIRMWARE);
1784 MODULE_FIRMWARE(MT7662_FIRMWARE);
projects / ~andy / linux / blob