projects / deliverable / linux.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
[SCSI] hptiop: fix sense_buffer access bug
[deliverable/linux.git] / drivers / bluetooth / hci_usb.c
CommitLineData
1da177e4
LT		 1/*
2 HCI USB driver for Linux Bluetooth protocol stack (BlueZ)
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
5
6 Copyright (C) 2003 Maxim Krasnyansky <maxk@qualcomm.com>
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License version 2 as
10 published by the Free Software Foundation;
11
12 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
13 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
14 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
15 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
16 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
17 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20
21 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
22 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
23 SOFTWARE IS DISCLAIMED.
24*/
25
26/*
27 * Bluetooth HCI USB driver.
28 * Based on original USB Bluetooth driver for Linux kernel
29 * Copyright (c) 2000 Greg Kroah-Hartman <greg@kroah.com>
30 * Copyright (c) 2000 Mark Douglas Corner <mcorner@umich.edu>
31 *
32 */
33
1da177e4
LT		 34#include <linux/module.h>
35
36#include <linux/kernel.h>
37#include <linux/init.h>
1da177e4
LT		 38#include <linux/unistd.h>
39#include <linux/types.h>
40#include <linux/interrupt.h>
41#include <linux/moduleparam.h>
42
43#include <linux/slab.h>
44#include <linux/errno.h>
45#include <linux/string.h>
46#include <linux/skbuff.h>
47
48#include <linux/usb.h>
49
50#include <net/bluetooth/bluetooth.h>
51#include <net/bluetooth/hci_core.h>
52
53#include "hci_usb.h"
54
55#ifndef CONFIG_BT_HCIUSB_DEBUG
56#undef BT_DBG
57#define BT_DBG(D...)
1da177e4
LT		 58#endif
59
60#ifndef CONFIG_BT_HCIUSB_ZERO_PACKET
61#undef URB_ZERO_PACKET
62#define URB_ZERO_PACKET 0
63#endif
64
65static int ignore = 0;
7ef934b3 66static int ignore_dga = 0;
0915e886
MH		 67static int ignore_csr = 0;
68static int ignore_sniffer = 0;
520ca78a
MH		 69static int disable_scofix = 0;
70static int force_scofix = 0;
1da177e4
LT		 71static int reset = 0;
72
73#ifdef CONFIG_BT_HCIUSB_SCO
74static int isoc = 2;
75#endif
76
0915e886 77#define VERSION "2.9"
1da177e4
LT		 78
79static struct usb_driver hci_usb_driver;
80
81static struct usb_device_id bluetooth_ids[] = {
82 /* Generic Bluetooth USB device */
83 { USB_DEVICE_INFO(HCI_DEV_CLASS, HCI_DEV_SUBCLASS, HCI_DEV_PROTOCOL) },
84
85 /* AVM BlueFRITZ! USB v2.0 */
86 { USB_DEVICE(0x057c, 0x3800) },
87
88 /* Bluetooth Ultraport Module from IBM */
89 { USB_DEVICE(0x04bf, 0x030a) },
90
91 /* ALPS Modules with non-standard id */
92 { USB_DEVICE(0x044e, 0x3001) },
93 { USB_DEVICE(0x044e, 0x3002) },
94
95 /* Ericsson with non-standard id */
96 { USB_DEVICE(0x0bdb, 0x1002) },
97
62ae1591
MH		 98 /* Canyon CN-BTU1 with HID interfaces */
99 { USB_DEVICE(0x0c10, 0x0000), .driver_info = HCI_RESET },
100
1da177e4
LT		 101 { } /* Terminating entry */
102};
103
104MODULE_DEVICE_TABLE (usb, bluetooth_ids);
105
106static struct usb_device_id blacklist_ids[] = {
0915e886
MH		 107 /* CSR BlueCore devices */
108 { USB_DEVICE(0x0a12, 0x0001), .driver_info = HCI_CSR },
109
1da177e4
LT		 110 /* Broadcom BCM2033 without firmware */
111 { USB_DEVICE(0x0a5c, 0x2033), .driver_info = HCI_IGNORE },
112
113 /* Broadcom BCM2035 */
e9e9290f 114 { USB_DEVICE(0x0a5c, 0x200a), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
1da177e4
LT		 115 { USB_DEVICE(0x0a5c, 0x2009), .driver_info = HCI_BCM92035 },
116
7bb078cb 117 /* Broadcom BCM2045 */
fd184ab4 118 { USB_DEVICE(0x0a5c, 0x2101), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
7bb078cb 119
520ca78a 120 /* IBM/Lenovo ThinkPad with Broadcom chip */
fd184ab4
MH		 121 { USB_DEVICE(0x0a5c, 0x201e), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
122 { USB_DEVICE(0x0a5c, 0x2110), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
520ca78a 123
c51bd3d3
MH		 124 /* Targus ACB10US */
125 { USB_DEVICE(0x0a5c, 0x2100), .driver_info = HCI_RESET },
126
0eab934f
MH		 127 /* ANYCOM Bluetooth USB-200 and USB-250 */
128 { USB_DEVICE(0x0a5c, 0x2111), .driver_info = HCI_RESET },
129
da942704 130 /* HP laptop with Broadcom chip */
fd184ab4 131 { USB_DEVICE(0x03f0, 0x171d), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
da942704 132
86112ffd 133 /* Dell laptop with Broadcom chip */
fd184ab4 134 { USB_DEVICE(0x413c, 0x8126), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
86112ffd 135
1da177e4
LT		 136 /* Microsoft Wireless Transceiver for Bluetooth 2.0 */
137 { USB_DEVICE(0x045e, 0x009c), .driver_info = HCI_RESET },
138
cad0f627
MH		 139 /* Kensington Bluetooth USB adapter */
140 { USB_DEVICE(0x047d, 0x105d), .driver_info = HCI_RESET },
fd184ab4 141 { USB_DEVICE(0x047d, 0x105e), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
cad0f627 142
1da177e4
LT		 143 /* ISSC Bluetooth Adapter v3.1 */
144 { USB_DEVICE(0x1131, 0x1001), .driver_info = HCI_RESET },
145
8e4f7230 146 /* RTX Telecom based adapters with buggy SCO support */
1da177e4 147 { USB_DEVICE(0x0400, 0x0807), .driver_info = HCI_BROKEN_ISOC },
8e4f7230 148 { USB_DEVICE(0x0400, 0x080a), .driver_info = HCI_BROKEN_ISOC },
1da177e4 149
ea9727f6 150 /* Belkin F8T012 and F8T013 devices */
fd184ab4
MH		 151 { USB_DEVICE(0x050d, 0x0012), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
152 { USB_DEVICE(0x050d, 0x0013), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
da1f5198 153
1da177e4
LT		 154 /* Digianswer devices */
155 { USB_DEVICE(0x08fd, 0x0001), .driver_info = HCI_DIGIANSWER },
156 { USB_DEVICE(0x08fd, 0x0002), .driver_info = HCI_IGNORE },
157
158 /* CSR BlueCore Bluetooth Sniffer */
159 { USB_DEVICE(0x0a12, 0x0002), .driver_info = HCI_SNIFFER },
160
2b86ad21
MH		 161 /* Frontline ComProbe Bluetooth Sniffer */
162 { USB_DEVICE(0x16d3, 0x0002), .driver_info = HCI_SNIFFER },
163
1da177e4
LT		 164 { } /* Terminating entry */
165};
166
dd0fc66f 167static struct _urb *_urb_alloc(int isoc, gfp_t gfp)
1da177e4
LT		 168{
169 struct _urb *_urb = kmalloc(sizeof(struct _urb) +
170 sizeof(struct usb_iso_packet_descriptor) * isoc, gfp);
171 if (_urb) {
172 memset(_urb, 0, sizeof(*_urb));
173 usb_init_urb(&_urb->urb);
174 }
175 return _urb;
176}
177
178static struct _urb *_urb_dequeue(struct _urb_queue *q)
179{
180 struct _urb *_urb = NULL;
181 unsigned long flags;
182 spin_lock_irqsave(&q->lock, flags);
183 {
184 struct list_head *head = &q->head;
185 struct list_head *next = head->next;
186 if (next != head) {
187 _urb = list_entry(next, struct _urb, list);
188 list_del(next); _urb->queue = NULL;
189 }
190 }
191 spin_unlock_irqrestore(&q->lock, flags);
192 return _urb;
193}
194
7d12e780
DH		 195static void hci_usb_rx_complete(struct urb *urb);
196static void hci_usb_tx_complete(struct urb *urb);
1da177e4
LT		 197
198#define __pending_tx(husb, type) (&husb->pending_tx[type-1])
199#define __pending_q(husb, type) (&husb->pending_q[type-1])
200#define __completed_q(husb, type) (&husb->completed_q[type-1])
201#define __transmit_q(husb, type) (&husb->transmit_q[type-1])
1da177e4
LT		 202
203static inline struct _urb *__get_completed(struct hci_usb *husb, int type)
204{
205 return _urb_dequeue(__completed_q(husb, type));
206}
207
208#ifdef CONFIG_BT_HCIUSB_SCO
209static void __fill_isoc_desc(struct urb *urb, int len, int mtu)
210{
211 int offset = 0, i;
212
213 BT_DBG("len %d mtu %d", len, mtu);
214
215 for (i=0; i < HCI_MAX_ISOC_FRAMES && len >= mtu; i++, offset += mtu, len -= mtu) {
216 urb->iso_frame_desc[i].offset = offset;
217 urb->iso_frame_desc[i].length = mtu;
218 BT_DBG("desc %d offset %d len %d", i, offset, mtu);
219 }
220 if (len && i < HCI_MAX_ISOC_FRAMES) {
221 urb->iso_frame_desc[i].offset = offset;
222 urb->iso_frame_desc[i].length = len;
223 BT_DBG("desc %d offset %d len %d", i, offset, len);
224 i++;
225 }
226 urb->number_of_packets = i;
227}
228#endif
229
230static int hci_usb_intr_rx_submit(struct hci_usb *husb)
231{
232 struct _urb *_urb;
233 struct urb *urb;
234 int err, pipe, interval, size;
235 void *buf;
236
237 BT_DBG("%s", husb->hdev->name);
238
239 size = le16_to_cpu(husb->intr_in_ep->desc.wMaxPacketSize);
240
241 buf = kmalloc(size, GFP_ATOMIC);
242 if (!buf)
243 return -ENOMEM;
244
245 _urb = _urb_alloc(0, GFP_ATOMIC);
246 if (!_urb) {
247 kfree(buf);
248 return -ENOMEM;
249 }
250 _urb->type = HCI_EVENT_PKT;
251 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
252
253 urb = &_urb->urb;
254 pipe = usb_rcvintpipe(husb->udev, husb->intr_in_ep->desc.bEndpointAddress);
255 interval = husb->intr_in_ep->desc.bInterval;
256 usb_fill_int_urb(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb, interval);
257
258 err = usb_submit_urb(urb, GFP_ATOMIC);
259 if (err) {
260 BT_ERR("%s intr rx submit failed urb %p err %d",
261 husb->hdev->name, urb, err);
262 _urb_unlink(_urb);
263 _urb_free(_urb);
264 kfree(buf);
265 }
266 return err;
267}
268
269static int hci_usb_bulk_rx_submit(struct hci_usb *husb)
270{
271 struct _urb *_urb;
272 struct urb *urb;
273 int err, pipe, size = HCI_MAX_FRAME_SIZE;
274 void *buf;
275
276 buf = kmalloc(size, GFP_ATOMIC);
277 if (!buf)
278 return -ENOMEM;
279
280 _urb = _urb_alloc(0, GFP_ATOMIC);
281 if (!_urb) {
282 kfree(buf);
283 return -ENOMEM;
284 }
285 _urb->type = HCI_ACLDATA_PKT;
286 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
287
288 urb = &_urb->urb;
289 pipe = usb_rcvbulkpipe(husb->udev, husb->bulk_in_ep->desc.bEndpointAddress);
290 usb_fill_bulk_urb(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb);
291 urb->transfer_flags = 0;
292
293 BT_DBG("%s urb %p", husb->hdev->name, urb);
294
295 err = usb_submit_urb(urb, GFP_ATOMIC);
296 if (err) {
297 BT_ERR("%s bulk rx submit failed urb %p err %d",
298 husb->hdev->name, urb, err);
299 _urb_unlink(_urb);
300 _urb_free(_urb);
301 kfree(buf);
302 }
303 return err;
304}
305
306#ifdef CONFIG_BT_HCIUSB_SCO
307static int hci_usb_isoc_rx_submit(struct hci_usb *husb)
308{
309 struct _urb *_urb;
310 struct urb *urb;
311 int err, mtu, size;
312 void *buf;
313
314 mtu = le16_to_cpu(husb->isoc_in_ep->desc.wMaxPacketSize);
315 size = mtu * HCI_MAX_ISOC_FRAMES;
316
317 buf = kmalloc(size, GFP_ATOMIC);
318 if (!buf)
319 return -ENOMEM;
320
321 _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
322 if (!_urb) {
323 kfree(buf);
324 return -ENOMEM;
325 }
326 _urb->type = HCI_SCODATA_PKT;
327 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
328
329 urb = &_urb->urb;
330
331 urb->context = husb;
332 urb->dev = husb->udev;
333 urb->pipe = usb_rcvisocpipe(husb->udev, husb->isoc_in_ep->desc.bEndpointAddress);
334 urb->complete = hci_usb_rx_complete;
335
336 urb->interval = husb->isoc_in_ep->desc.bInterval;
337
338 urb->transfer_buffer_length = size;
339 urb->transfer_buffer = buf;
340 urb->transfer_flags = URB_ISO_ASAP;
341
342 __fill_isoc_desc(urb, size, mtu);
343
344 BT_DBG("%s urb %p", husb->hdev->name, urb);
345
346 err = usb_submit_urb(urb, GFP_ATOMIC);
347 if (err) {
348 BT_ERR("%s isoc rx submit failed urb %p err %d",
349 husb->hdev->name, urb, err);
350 _urb_unlink(_urb);
351 _urb_free(_urb);
352 kfree(buf);
353 }
354 return err;
355}
356#endif
357
358/* Initialize device */
359static int hci_usb_open(struct hci_dev *hdev)
360{
361 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
362 int i, err;
363 unsigned long flags;
364
365 BT_DBG("%s", hdev->name);
366
367 if (test_and_set_bit(HCI_RUNNING, &hdev->flags))
368 return 0;
369
370 write_lock_irqsave(&husb->completion_lock, flags);
371
372 err = hci_usb_intr_rx_submit(husb);
373 if (!err) {
374 for (i = 0; i < HCI_MAX_BULK_RX; i++)
375 hci_usb_bulk_rx_submit(husb);
376
377#ifdef CONFIG_BT_HCIUSB_SCO
378 if (husb->isoc_iface)
379 for (i = 0; i < HCI_MAX_ISOC_RX; i++)
380 hci_usb_isoc_rx_submit(husb);
381#endif
382 } else {
383 clear_bit(HCI_RUNNING, &hdev->flags);
384 }
385
386 write_unlock_irqrestore(&husb->completion_lock, flags);
387 return err;
388}
389
390/* Reset device */
391static int hci_usb_flush(struct hci_dev *hdev)
392{
393 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
394 int i;
395
396 BT_DBG("%s", hdev->name);
397
398 for (i = 0; i < 4; i++)
399 skb_queue_purge(&husb->transmit_q[i]);
400 return 0;
401}
402
403static void hci_usb_unlink_urbs(struct hci_usb *husb)
404{
405 int i;
406
407 BT_DBG("%s", husb->hdev->name);
408
409 for (i = 0; i < 4; i++) {
410 struct _urb *_urb;
411 struct urb *urb;
412
413 /* Kill pending requests */
414 while ((_urb = _urb_dequeue(&husb->pending_q[i]))) {
415 urb = &_urb->urb;
416 BT_DBG("%s unlinking _urb %p type %d urb %p",
417 husb->hdev->name, _urb, _urb->type, urb);
418 usb_kill_urb(urb);
419 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
420 }
421
422 /* Release completed requests */
423 while ((_urb = _urb_dequeue(&husb->completed_q[i]))) {
424 urb = &_urb->urb;
425 BT_DBG("%s freeing _urb %p type %d urb %p",
426 husb->hdev->name, _urb, _urb->type, urb);
e9a3e671
MH		 427 kfree(urb->setup_packet);
428 kfree(urb->transfer_buffer);
1da177e4
LT		 429 _urb_free(_urb);
430 }
1da177e4
LT		 431 }
432}
433
434/* Close device */
435static int hci_usb_close(struct hci_dev *hdev)
436{
437 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
438 unsigned long flags;
439
440 if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
441 return 0;
442
443 BT_DBG("%s", hdev->name);
444
445 /* Synchronize with completion handlers */
446 write_lock_irqsave(&husb->completion_lock, flags);
447 write_unlock_irqrestore(&husb->completion_lock, flags);
448
449 hci_usb_unlink_urbs(husb);
450 hci_usb_flush(hdev);
451 return 0;
452}
453
454static int __tx_submit(struct hci_usb *husb, struct _urb *_urb)
455{
456 struct urb *urb = &_urb->urb;
457 int err;
458
459 BT_DBG("%s urb %p type %d", husb->hdev->name, urb, _urb->type);
460
461 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
462 err = usb_submit_urb(urb, GFP_ATOMIC);
463 if (err) {
464 BT_ERR("%s tx submit failed urb %p type %d err %d",
465 husb->hdev->name, urb, _urb->type, err);
466 _urb_unlink(_urb);
467 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
468 } else
469 atomic_inc(__pending_tx(husb, _urb->type));
470
471 return err;
472}
473
474static inline int hci_usb_send_ctrl(struct hci_usb *husb, struct sk_buff *skb)
475{
0d48d939 476 struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
1da177e4
LT		 477 struct usb_ctrlrequest *dr;
478 struct urb *urb;
479
480 if (!_urb) {
481 _urb = _urb_alloc(0, GFP_ATOMIC);
482 if (!_urb)
483 return -ENOMEM;
0d48d939 484 _urb->type = bt_cb(skb)->pkt_type;
1da177e4
LT		 485
486 dr = kmalloc(sizeof(*dr), GFP_ATOMIC);
487 if (!dr) {
488 _urb_free(_urb);
489 return -ENOMEM;
490 }
491 } else
492 dr = (void *) _urb->urb.setup_packet;
493
494 dr->bRequestType = husb->ctrl_req;
495 dr->bRequest = 0;
496 dr->wIndex = 0;
497 dr->wValue = 0;
498 dr->wLength = __cpu_to_le16(skb->len);
499
500 urb = &_urb->urb;
501 usb_fill_control_urb(urb, husb->udev, usb_sndctrlpipe(husb->udev, 0),
502 (void *) dr, skb->data, skb->len, hci_usb_tx_complete, husb);
503
504 BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
505
506 _urb->priv = skb;
507 return __tx_submit(husb, _urb);
508}
509
510static inline int hci_usb_send_bulk(struct hci_usb *husb, struct sk_buff *skb)
511{
0d48d939 512 struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
1da177e4
LT		 513 struct urb *urb;
514 int pipe;
515
516 if (!_urb) {
517 _urb = _urb_alloc(0, GFP_ATOMIC);
518 if (!_urb)
519 return -ENOMEM;
0d48d939 520 _urb->type = bt_cb(skb)->pkt_type;
1da177e4
LT		 521 }
522
523 urb = &_urb->urb;
524 pipe = usb_sndbulkpipe(husb->udev, husb->bulk_out_ep->desc.bEndpointAddress);
525 usb_fill_bulk_urb(urb, husb->udev, pipe, skb->data, skb->len,
526 hci_usb_tx_complete, husb);
527 urb->transfer_flags = URB_ZERO_PACKET;
528
529 BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
530
531 _urb->priv = skb;
532 return __tx_submit(husb, _urb);
533}
534
535#ifdef CONFIG_BT_HCIUSB_SCO
536static inline int hci_usb_send_isoc(struct hci_usb *husb, struct sk_buff *skb)
537{
0d48d939 538 struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
1da177e4
LT		 539 struct urb *urb;
540
541 if (!_urb) {
542 _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
543 if (!_urb)
544 return -ENOMEM;
0d48d939 545 _urb->type = bt_cb(skb)->pkt_type;
1da177e4
LT		 546 }
547
548 BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
549
550 urb = &_urb->urb;
551
552 urb->context = husb;
553 urb->dev = husb->udev;
554 urb->pipe = usb_sndisocpipe(husb->udev, husb->isoc_out_ep->desc.bEndpointAddress);
555 urb->complete = hci_usb_tx_complete;
556 urb->transfer_flags = URB_ISO_ASAP;
557
558 urb->interval = husb->isoc_out_ep->desc.bInterval;
559
560 urb->transfer_buffer = skb->data;
561 urb->transfer_buffer_length = skb->len;
562
563 __fill_isoc_desc(urb, skb->len, le16_to_cpu(husb->isoc_out_ep->desc.wMaxPacketSize));
564
565 _urb->priv = skb;
566 return __tx_submit(husb, _urb);
567}
568#endif
569
570static void hci_usb_tx_process(struct hci_usb *husb)
571{
572 struct sk_buff_head *q;
573 struct sk_buff *skb;
574
575 BT_DBG("%s", husb->hdev->name);
576
577 do {
578 clear_bit(HCI_USB_TX_WAKEUP, &husb->state);
579
580 /* Process command queue */
581 q = __transmit_q(husb, HCI_COMMAND_PKT);
582 if (!atomic_read(__pending_tx(husb, HCI_COMMAND_PKT)) &&
583 (skb = skb_dequeue(q))) {
584 if (hci_usb_send_ctrl(husb, skb) < 0)
585 skb_queue_head(q, skb);
586 }
587
588#ifdef CONFIG_BT_HCIUSB_SCO
589 /* Process SCO queue */
590 q = __transmit_q(husb, HCI_SCODATA_PKT);
591 if (atomic_read(__pending_tx(husb, HCI_SCODATA_PKT)) < HCI_MAX_ISOC_TX &&
592 (skb = skb_dequeue(q))) {
593 if (hci_usb_send_isoc(husb, skb) < 0)
594 skb_queue_head(q, skb);
595 }
596#endif
597
598 /* Process ACL queue */
599 q = __transmit_q(husb, HCI_ACLDATA_PKT);
600 while (atomic_read(__pending_tx(husb, HCI_ACLDATA_PKT)) < HCI_MAX_BULK_TX &&
601 (skb = skb_dequeue(q))) {
602 if (hci_usb_send_bulk(husb, skb) < 0) {
603 skb_queue_head(q, skb);
604 break;
605 }
606 }
607 } while(test_bit(HCI_USB_TX_WAKEUP, &husb->state));
608}
609
610static inline void hci_usb_tx_wakeup(struct hci_usb *husb)
611{
612 /* Serialize TX queue processing to avoid data reordering */
613 if (!test_and_set_bit(HCI_USB_TX_PROCESS, &husb->state)) {
614 hci_usb_tx_process(husb);
615 clear_bit(HCI_USB_TX_PROCESS, &husb->state);
616 } else
617 set_bit(HCI_USB_TX_WAKEUP, &husb->state);
618}
619
620/* Send frames from HCI layer */
621static int hci_usb_send_frame(struct sk_buff *skb)
622{
623 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
624 struct hci_usb *husb;
625
626 if (!hdev) {
627 BT_ERR("frame for uknown device (hdev=NULL)");
628 return -ENODEV;
629 }
630
631 if (!test_bit(HCI_RUNNING, &hdev->flags))
632 return -EBUSY;
633
0d48d939 634 BT_DBG("%s type %d len %d", hdev->name, bt_cb(skb)->pkt_type, skb->len);
1da177e4
LT		 635
636 husb = (struct hci_usb *) hdev->driver_data;
637
0d48d939 638 switch (bt_cb(skb)->pkt_type) {
1da177e4
LT		 639 case HCI_COMMAND_PKT:
640 hdev->stat.cmd_tx++;
641 break;
642
643 case HCI_ACLDATA_PKT:
644 hdev->stat.acl_tx++;
645 break;
646
647#ifdef CONFIG_BT_HCIUSB_SCO
648 case HCI_SCODATA_PKT:
649 hdev->stat.sco_tx++;
650 break;
651#endif
652
653 default:
654 kfree_skb(skb);
655 return 0;
656 }
657
658 read_lock(&husb->completion_lock);
659
0d48d939 660 skb_queue_tail(__transmit_q(husb, bt_cb(skb)->pkt_type), skb);
1da177e4
LT		 661 hci_usb_tx_wakeup(husb);
662
663 read_unlock(&husb->completion_lock);
664 return 0;
665}
666
7d12e780 667static void hci_usb_rx_complete(struct urb *urb)
1da177e4
LT		 668{
669 struct _urb *_urb = container_of(urb, struct _urb, urb);
670 struct hci_usb *husb = (void *) urb->context;
671 struct hci_dev *hdev = husb->hdev;
672 int err, count = urb->actual_length;
673
674 BT_DBG("%s urb %p type %d status %d count %d flags %x", hdev->name, urb,
675 _urb->type, urb->status, count, urb->transfer_flags);
676
677 read_lock(&husb->completion_lock);
678
679 if (!test_bit(HCI_RUNNING, &hdev->flags))
680 goto unlock;
681
682 if (urb->status || !count)
683 goto resubmit;
684
685 if (_urb->type == HCI_SCODATA_PKT) {
686#ifdef CONFIG_BT_HCIUSB_SCO
687 int i;
688 for (i=0; i < urb->number_of_packets; i++) {
689 BT_DBG("desc %d status %d offset %d len %d", i,
690 urb->iso_frame_desc[i].status,
691 urb->iso_frame_desc[i].offset,
692 urb->iso_frame_desc[i].actual_length);
693
26a4a06e
MH		 694 if (!urb->iso_frame_desc[i].status) {
695 husb->hdev->stat.byte_rx += urb->iso_frame_desc[i].actual_length;
babf4d42 696 hci_recv_fragment(husb->hdev, _urb->type,
1da177e4
LT		 697 urb->transfer_buffer + urb->iso_frame_desc[i].offset,
698 urb->iso_frame_desc[i].actual_length);
26a4a06e 699 }
1da177e4
LT		 700 }
701#else
702 ;
703#endif
704 } else {
26a4a06e 705 husb->hdev->stat.byte_rx += count;
babf4d42 706 err = hci_recv_fragment(husb->hdev, _urb->type, urb->transfer_buffer, count);
1da177e4
LT		 707 if (err < 0) {
708 BT_ERR("%s corrupted packet: type %d count %d",
709 husb->hdev->name, _urb->type, count);
710 hdev->stat.err_rx++;
711 }
712 }
713
714resubmit:
715 urb->dev = husb->udev;
716 err = usb_submit_urb(urb, GFP_ATOMIC);
717 BT_DBG("%s urb %p type %d resubmit status %d", hdev->name, urb,
718 _urb->type, err);
719
720unlock:
721 read_unlock(&husb->completion_lock);
722}
723
7d12e780 724static void hci_usb_tx_complete(struct urb *urb)
1da177e4
LT		 725{
726 struct _urb *_urb = container_of(urb, struct _urb, urb);
727 struct hci_usb *husb = (void *) urb->context;
728 struct hci_dev *hdev = husb->hdev;
729
730 BT_DBG("%s urb %p status %d flags %x", hdev->name, urb,
731 urb->status, urb->transfer_flags);
732
733 atomic_dec(__pending_tx(husb, _urb->type));
734
735 urb->transfer_buffer = NULL;
736 kfree_skb((struct sk_buff *) _urb->priv);
737
738 if (!test_bit(HCI_RUNNING, &hdev->flags))
739 return;
740
741 if (!urb->status)
742 hdev->stat.byte_tx += urb->transfer_buffer_length;
743 else
744 hdev->stat.err_tx++;
745
746 read_lock(&husb->completion_lock);
747
748 _urb_unlink(_urb);
749 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
750
751 hci_usb_tx_wakeup(husb);
752
753 read_unlock(&husb->completion_lock);
754}
755
756static void hci_usb_destruct(struct hci_dev *hdev)
757{
758 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
759
760 BT_DBG("%s", hdev->name);
761
762 kfree(husb);
763}
764
765static void hci_usb_notify(struct hci_dev *hdev, unsigned int evt)
766{
767 BT_DBG("%s evt %d", hdev->name, evt);
768}
769
770static int hci_usb_probe(struct usb_interface *intf, const struct usb_device_id *id)
771{
772 struct usb_device *udev = interface_to_usbdev(intf);
773 struct usb_host_endpoint *bulk_out_ep = NULL;
774 struct usb_host_endpoint *bulk_in_ep = NULL;
775 struct usb_host_endpoint *intr_in_ep = NULL;
776 struct usb_host_endpoint *ep;
777 struct usb_host_interface *uif;
778 struct usb_interface *isoc_iface;
779 struct hci_usb *husb;
780 struct hci_dev *hdev;
781 int i, e, size, isoc_ifnum, isoc_alts;
782
783 BT_DBG("udev %p intf %p", udev, intf);
784
785 if (!id->driver_info) {
786 const struct usb_device_id *match;
787 match = usb_match_id(intf, blacklist_ids);
788 if (match)
789 id = match;
790 }
791
792 if (ignore || id->driver_info & HCI_IGNORE)
793 return -ENODEV;
794
7ef934b3
MH		 795 if (ignore_dga && id->driver_info & HCI_DIGIANSWER)
796 return -ENODEV;
797
0915e886
MH		 798 if (ignore_csr && id->driver_info & HCI_CSR)
799 return -ENODEV;
800
801 if (ignore_sniffer && id->driver_info & HCI_SNIFFER)
802 return -ENODEV;
803
1da177e4
LT		 804 if (intf->cur_altsetting->desc.bInterfaceNumber > 0)
805 return -ENODEV;
806
807 /* Find endpoints that we need */
808 uif = intf->cur_altsetting;
809 for (e = 0; e < uif->desc.bNumEndpoints; e++) {
810 ep = &uif->endpoint[e];
811
812 switch (ep->desc.bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) {
813 case USB_ENDPOINT_XFER_INT:
814 if (ep->desc.bEndpointAddress & USB_DIR_IN)
815 intr_in_ep = ep;
816 break;
817
818 case USB_ENDPOINT_XFER_BULK:
819 if (ep->desc.bEndpointAddress & USB_DIR_IN)
820 bulk_in_ep = ep;
821 else
822 bulk_out_ep = ep;
823 break;
824 }
825 }
826
827 if (!bulk_in_ep || !bulk_out_ep || !intr_in_ep) {
828 BT_DBG("Bulk endpoints not found");
829 goto done;
830 }
831
089b1dbb 832 if (!(husb = kzalloc(sizeof(struct hci_usb), GFP_KERNEL))) {
1da177e4
LT		 833 BT_ERR("Can't allocate: control structure");
834 goto done;
835 }
836
1da177e4
LT		 837 husb->udev = udev;
838 husb->bulk_out_ep = bulk_out_ep;
839 husb->bulk_in_ep = bulk_in_ep;
840 husb->intr_in_ep = intr_in_ep;
841
842 if (id->driver_info & HCI_DIGIANSWER)
843 husb->ctrl_req = USB_TYPE_VENDOR;
844 else
845 husb->ctrl_req = USB_TYPE_CLASS;
846
847 /* Find isochronous endpoints that we can use */
848 size = 0;
849 isoc_iface = NULL;
850 isoc_alts = 0;
851 isoc_ifnum = 1;
852
853#ifdef CONFIG_BT_HCIUSB_SCO
854 if (isoc && !(id->driver_info & (HCI_BROKEN_ISOC | HCI_SNIFFER)))
855 isoc_iface = usb_ifnum_to_if(udev, isoc_ifnum);
856
857 if (isoc_iface) {
858 int a;
859 struct usb_host_endpoint *isoc_out_ep = NULL;
860 struct usb_host_endpoint *isoc_in_ep = NULL;
861
862 for (a = 0; a < isoc_iface->num_altsetting; a++) {
863 uif = &isoc_iface->altsetting[a];
864 for (e = 0; e < uif->desc.bNumEndpoints; e++) {
865 ep = &uif->endpoint[e];
866
867 switch (ep->desc.bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) {
868 case USB_ENDPOINT_XFER_ISOC:
869 if (le16_to_cpu(ep->desc.wMaxPacketSize) < size ||
870 uif->desc.bAlternateSetting != isoc)
871 break;
872 size = le16_to_cpu(ep->desc.wMaxPacketSize);
873
874 isoc_alts = uif->desc.bAlternateSetting;
875
876 if (ep->desc.bEndpointAddress & USB_DIR_IN)
877 isoc_in_ep = ep;
878 else
879 isoc_out_ep = ep;
880 break;
881 }
882 }
883 }
884
885 if (!isoc_in_ep || !isoc_out_ep)
886 BT_DBG("Isoc endpoints not found");
887 else {
888 BT_DBG("isoc ifnum %d alts %d", isoc_ifnum, isoc_alts);
889 if (usb_driver_claim_interface(&hci_usb_driver, isoc_iface, husb) != 0)
890 BT_ERR("Can't claim isoc interface");
891 else if (usb_set_interface(udev, isoc_ifnum, isoc_alts)) {
892 BT_ERR("Can't set isoc interface settings");
893 husb->isoc_iface = isoc_iface;
894 usb_driver_release_interface(&hci_usb_driver, isoc_iface);
895 husb->isoc_iface = NULL;
896 } else {
897 husb->isoc_iface = isoc_iface;
898 husb->isoc_in_ep = isoc_in_ep;
899 husb->isoc_out_ep = isoc_out_ep;
900 }
901 }
902 }
903#endif
904
905 rwlock_init(&husb->completion_lock);
906
907 for (i = 0; i < 4; i++) {
908 skb_queue_head_init(&husb->transmit_q[i]);
909 _urb_queue_init(&husb->pending_q[i]);
910 _urb_queue_init(&husb->completed_q[i]);
911 }
912
913 /* Initialize and register HCI device */
914 hdev = hci_alloc_dev();
915 if (!hdev) {
916 BT_ERR("Can't allocate HCI device");
917 goto probe_error;
918 }
919
920 husb->hdev = hdev;
921
922 hdev->type = HCI_USB;
923 hdev->driver_data = husb;
924 SET_HCIDEV_DEV(hdev, &intf->dev);
925
926 hdev->open = hci_usb_open;
927 hdev->close = hci_usb_close;
928 hdev->flush = hci_usb_flush;
929 hdev->send = hci_usb_send_frame;
930 hdev->destruct = hci_usb_destruct;
931 hdev->notify = hci_usb_notify;
932
933 hdev->owner = THIS_MODULE;
934
935 if (reset || id->driver_info & HCI_RESET)
936 set_bit(HCI_QUIRK_RESET_ON_INIT, &hdev->quirks);
937
520ca78a
MH		 938 if (force_scofix || id->driver_info & HCI_WRONG_SCO_MTU) {
939 if (!disable_scofix)
940 set_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks);
941 }
da1f5198 942
1da177e4
LT		 943 if (id->driver_info & HCI_SNIFFER) {
944 if (le16_to_cpu(udev->descriptor.bcdDevice) > 0x997)
945 set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
946 }
947
948 if (id->driver_info & HCI_BCM92035) {
949 unsigned char cmd[] = { 0x3b, 0xfc, 0x01, 0x00 };
950 struct sk_buff *skb;
951
952 skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL);
953 if (skb) {
954 memcpy(skb_put(skb, sizeof(cmd)), cmd, sizeof(cmd));
955 skb_queue_tail(&hdev->driver_init, skb);
956 }
957 }
958
959 if (hci_register_dev(hdev) < 0) {
960 BT_ERR("Can't register HCI device");
961 hci_free_dev(hdev);
962 goto probe_error;
963 }
964
965 usb_set_intfdata(intf, husb);
966 return 0;
967
968probe_error:
969 if (husb->isoc_iface)
970 usb_driver_release_interface(&hci_usb_driver, husb->isoc_iface);
971 kfree(husb);
972
973done:
974 return -EIO;
975}
976
977static void hci_usb_disconnect(struct usb_interface *intf)
978{
979 struct hci_usb *husb = usb_get_intfdata(intf);
980 struct hci_dev *hdev;
981
982 if (!husb || intf == husb->isoc_iface)
983 return;
984
985 usb_set_intfdata(intf, NULL);
986 hdev = husb->hdev;
987
988 BT_DBG("%s", hdev->name);
989
990 hci_usb_close(hdev);
991
992 if (husb->isoc_iface)
993 usb_driver_release_interface(&hci_usb_driver, husb->isoc_iface);
994
995 if (hci_unregister_dev(hdev) < 0)
996 BT_ERR("Can't unregister HCI device %s", hdev->name);
997
998 hci_free_dev(hdev);
999}
1000
dcdcf63e
MH		 1001static int hci_usb_suspend(struct usb_interface *intf, pm_message_t message)
1002{
1003 struct hci_usb *husb = usb_get_intfdata(intf);
1004 struct list_head killed;
1005 unsigned long flags;
1006 int i;
1007
1008 if (!husb || intf == husb->isoc_iface)
1009 return 0;
1010
1011 hci_suspend_dev(husb->hdev);
1012
1013 INIT_LIST_HEAD(&killed);
1014
1015 for (i = 0; i < 4; i++) {
1016 struct _urb_queue *q = &husb->pending_q[i];
1017 struct _urb *_urb, *_tmp;
1018
1019 while ((_urb = _urb_dequeue(q))) {
1020 /* reset queue since _urb_dequeue sets it to NULL */
1021 _urb->queue = q;
1022 usb_kill_urb(&_urb->urb);
1023 list_add(&_urb->list, &killed);
1024 }
1025
1026 spin_lock_irqsave(&q->lock, flags);
1027
1028 list_for_each_entry_safe(_urb, _tmp, &killed, list) {
1029 list_move_tail(&_urb->list, &q->head);
1030 }
1031
1032 spin_unlock_irqrestore(&q->lock, flags);
1033 }
1034
1035 return 0;
1036}
1037
1038static int hci_usb_resume(struct usb_interface *intf)
1039{
1040 struct hci_usb *husb = usb_get_intfdata(intf);
1041 unsigned long flags;
1042 int i, err = 0;
1043
1044 if (!husb || intf == husb->isoc_iface)
1045 return 0;
1046
1047 for (i = 0; i < 4; i++) {
1048 struct _urb_queue *q = &husb->pending_q[i];
1049 struct _urb *_urb;
1050
1051 spin_lock_irqsave(&q->lock, flags);
1052
1053 list_for_each_entry(_urb, &q->head, list) {
1054 err = usb_submit_urb(&_urb->urb, GFP_ATOMIC);
1055 if (err)
1056 break;
1057 }
1058
1059 spin_unlock_irqrestore(&q->lock, flags);
1060
1061 if (err)
1062 return -EIO;
1063 }
1064
1065 hci_resume_dev(husb->hdev);
1066
1067 return 0;
1068}
1069
1da177e4 1070static struct usb_driver hci_usb_driver = {
1da177e4
LT		 1071 .name = "hci_usb",
1072 .probe = hci_usb_probe,
1073 .disconnect = hci_usb_disconnect,
dcdcf63e
MH		 1074 .suspend = hci_usb_suspend,
1075 .resume = hci_usb_resume,
1da177e4
LT		 1076 .id_table = bluetooth_ids,
1077};
1078
1079static int __init hci_usb_init(void)
1080{
1081 int err;
1082
1083 BT_INFO("HCI USB driver ver %s", VERSION);
1084
1085 if ((err = usb_register(&hci_usb_driver)) < 0)
1086 BT_ERR("Failed to register HCI USB driver");
1087
1088 return err;
1089}
1090
1091static void __exit hci_usb_exit(void)
1092{
1093 usb_deregister(&hci_usb_driver);
1094}
1095
1096module_init(hci_usb_init);
1097module_exit(hci_usb_exit);
1098
1099module_param(ignore, bool, 0644);
1100MODULE_PARM_DESC(ignore, "Ignore devices from the matching table");
1101
7ef934b3
MH		 1102module_param(ignore_dga, bool, 0644);
1103MODULE_PARM_DESC(ignore_dga, "Ignore devices with id 08fd:0001");
1104
0915e886
MH		 1105module_param(ignore_csr, bool, 0644);
1106MODULE_PARM_DESC(ignore_csr, "Ignore devices with id 0a12:0001");
1107
1108module_param(ignore_sniffer, bool, 0644);
1109MODULE_PARM_DESC(ignore_sniffer, "Ignore devices with id 0a12:0002");
1110
520ca78a
MH		 1111module_param(disable_scofix, bool, 0644);
1112MODULE_PARM_DESC(disable_scofix, "Disable fixup of wrong SCO buffer size");
1113
1114module_param(force_scofix, bool, 0644);
1115MODULE_PARM_DESC(force_scofix, "Force fixup of wrong SCO buffers size");
1116
1da177e4
LT		 1117module_param(reset, bool, 0644);
1118MODULE_PARM_DESC(reset, "Send HCI reset command on initialization");
1119
1120#ifdef CONFIG_BT_HCIUSB_SCO
1121module_param(isoc, int, 0644);
1122MODULE_PARM_DESC(isoc, "Set isochronous transfers for SCO over HCI support");
1123#endif
1124
1125MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
1126MODULE_DESCRIPTION("Bluetooth HCI USB driver ver " VERSION);
1127MODULE_VERSION(VERSION);
1128MODULE_LICENSE("GPL");
Linux kernel - Deliverables
This page took 0.391297 seconds and 5 git commands to generate.