diff options
Diffstat (limited to 'drivers/bluetooth')
27 files changed, 2212 insertions, 214 deletions
diff --git a/drivers/bluetooth/Kconfig b/drivers/bluetooth/Kconfig index bc211c324206..0b5f218ac505 100644 --- a/drivers/bluetooth/Kconfig +++ b/drivers/bluetooth/Kconfig @@ -478,5 +478,16 @@ config BT_NXPUART Say Y here to compile support for NXP Bluetooth UART device into the kernel, or say M here to compile as a module (btnxpuart). +config BT_INTEL_PCIE + tristate "Intel HCI PCIe driver" + depends on PCI + select BT_INTEL + select FW_LOADER + help + Intel Bluetooth transport driver for PCIe. + This driver is required if you want to use Intel Bluetooth device + with PCIe interface. + Say Y here to compiler support for Intel Bluetooth PCIe device into + the kernel or say M to compile it as module (btintel_pcie) endmenu diff --git a/drivers/bluetooth/Makefile b/drivers/bluetooth/Makefile index 7a5967e9ac48..0730d6684d1a 100644 --- a/drivers/bluetooth/Makefile +++ b/drivers/bluetooth/Makefile @@ -17,6 +17,7 @@ obj-$(CONFIG_BT_HCIBTUSB) += btusb.o obj-$(CONFIG_BT_HCIBTSDIO) += btsdio.o obj-$(CONFIG_BT_INTEL) += btintel.o +obj-$(CONFIG_BT_INTEL_PCIE) += btintel_pcie.o btintel.o obj-$(CONFIG_BT_ATH3K) += ath3k.o obj-$(CONFIG_BT_MRVL) += btmrvl.o obj-$(CONFIG_BT_MRVL_SDIO) += btmrvl_sdio.o diff --git a/drivers/bluetooth/ath3k.c b/drivers/bluetooth/ath3k.c index 88262d3a9392..ce97b336fbfb 100644 --- a/drivers/bluetooth/ath3k.c +++ b/drivers/bluetooth/ath3k.c @@ -3,7 +3,6 @@ * Copyright (c) 2008-2009 Atheros Communications Inc. */ - #include <linux/module.h> #include <linux/kernel.h> #include <linux/init.h> @@ -128,7 +127,6 @@ MODULE_DEVICE_TABLE(usb, ath3k_table); * for AR3012 */ static const struct usb_device_id ath3k_blist_tbl[] = { - /* Atheros AR3012 with sflash firmware*/ { USB_DEVICE(0x0489, 0xe04e), .driver_info = BTUSB_ATH3012 }, { USB_DEVICE(0x0489, 0xe04d), .driver_info = BTUSB_ATH3012 }, @@ -202,7 +200,7 @@ static inline void ath3k_log_failed_loading(int err, int len, int size, #define TIMEGAP_USEC_MAX 100 static int ath3k_load_firmware(struct usb_device *udev, - const struct firmware *firmware) + const struct firmware *firmware) { u8 *send_buf; int len = 0; @@ -237,9 +235,9 @@ static int ath3k_load_firmware(struct usb_device *udev, memcpy(send_buf, firmware->data + sent, size); err = usb_bulk_msg(udev, pipe, send_buf, size, - &len, 3000); + &len, 3000); - if (err || (len != size)) { + if (err || len != size) { ath3k_log_failed_loading(err, len, size, count); goto error; } @@ -262,7 +260,7 @@ static int ath3k_get_state(struct usb_device *udev, unsigned char *state) } static int ath3k_get_version(struct usb_device *udev, - struct ath3k_version *version) + struct ath3k_version *version) { return usb_control_msg_recv(udev, 0, ATH3K_GETVERSION, USB_TYPE_VENDOR | USB_DIR_IN, 0, 0, @@ -271,7 +269,7 @@ static int ath3k_get_version(struct usb_device *udev, } static int ath3k_load_fwfile(struct usb_device *udev, - const struct firmware *firmware) + const struct firmware *firmware) { u8 *send_buf; int len = 0; @@ -310,8 +308,8 @@ static int ath3k_load_fwfile(struct usb_device *udev, memcpy(send_buf, firmware->data + sent, size); err = usb_bulk_msg(udev, pipe, send_buf, size, - &len, 3000); - if (err || (len != size)) { + &len, 3000); + if (err || len != size) { ath3k_log_failed_loading(err, len, size, count); kfree(send_buf); return err; @@ -425,7 +423,6 @@ static int ath3k_load_syscfg(struct usb_device *udev) } switch (fw_version.ref_clock) { - case ATH3K_XTAL_FREQ_26M: clk_value = 26; break; @@ -441,7 +438,7 @@ static int ath3k_load_syscfg(struct usb_device *udev) } snprintf(filename, ATH3K_NAME_LEN, "ar3k/ramps_0x%08x_%d%s", - le32_to_cpu(fw_version.rom_version), clk_value, ".dfu"); + le32_to_cpu(fw_version.rom_version), clk_value, ".dfu"); ret = request_firmware(&firmware, filename, &udev->dev); if (ret < 0) { @@ -456,7 +453,7 @@ static int ath3k_load_syscfg(struct usb_device *udev) } static int ath3k_probe(struct usb_interface *intf, - const struct usb_device_id *id) + const struct usb_device_id *id) { const struct firmware *firmware; struct usb_device *udev = interface_to_usbdev(intf); @@ -505,10 +502,10 @@ static int ath3k_probe(struct usb_interface *intf, if (ret < 0) { if (ret == -ENOENT) BT_ERR("Firmware file \"%s\" not found", - ATH3K_FIRMWARE); + ATH3K_FIRMWARE); else BT_ERR("Firmware file \"%s\" request failed (err=%d)", - ATH3K_FIRMWARE, ret); + ATH3K_FIRMWARE, ret); return ret; } diff --git a/drivers/bluetooth/btintel.c b/drivers/bluetooth/btintel.c index 6ba7f5d1b837..0c855c3ee1c1 100644 --- a/drivers/bluetooth/btintel.c +++ b/drivers/bluetooth/btintel.c @@ -245,7 +245,7 @@ static int btintel_set_diag_combined(struct hci_dev *hdev, bool enable) return ret; } -static void btintel_hw_error(struct hci_dev *hdev, u8 code) +void btintel_hw_error(struct hci_dev *hdev, u8 code) { struct sk_buff *skb; u8 type = 0x00; @@ -277,6 +277,7 @@ static void btintel_hw_error(struct hci_dev *hdev, u8 code) kfree_skb(skb); } +EXPORT_SYMBOL_GPL(btintel_hw_error); int btintel_version_info(struct hci_dev *hdev, struct intel_version *ver) { @@ -455,8 +456,8 @@ int btintel_read_version(struct hci_dev *hdev, struct intel_version *ver) } EXPORT_SYMBOL_GPL(btintel_read_version); -static int btintel_version_info_tlv(struct hci_dev *hdev, - struct intel_version_tlv *version) +int btintel_version_info_tlv(struct hci_dev *hdev, + struct intel_version_tlv *version) { const char *variant; @@ -481,6 +482,7 @@ static int btintel_version_info_tlv(struct hci_dev *hdev, case 0x19: /* Slr-F */ case 0x1b: /* Mgr */ case 0x1c: /* Gale Peak (GaP) */ + case 0x1e: /* BlazarI (Bzr) */ break; default: bt_dev_err(hdev, "Unsupported Intel hardware variant (0x%x)", @@ -489,7 +491,7 @@ static int btintel_version_info_tlv(struct hci_dev *hdev, } switch (version->img_type) { - case 0x01: + case BTINTEL_IMG_BOOTLOADER: variant = "Bootloader"; /* It is required that every single firmware fragment is acknowledged * with a command complete event. If the boot parameters indicate @@ -521,7 +523,10 @@ static int btintel_version_info_tlv(struct hci_dev *hdev, version->min_fw_build_nn, version->min_fw_build_cw, 2000 + version->min_fw_build_yy); break; - case 0x03: + case BTINTEL_IMG_IML: + variant = "Intermediate loader"; + break; + case BTINTEL_IMG_OP: variant = "Firmware"; break; default: @@ -535,15 +540,16 @@ static int btintel_version_info_tlv(struct hci_dev *hdev, bt_dev_info(hdev, "%s timestamp %u.%u buildtype %u build %u", variant, 2000 + (version->timestamp >> 8), version->timestamp & 0xff, version->build_type, version->build_num); - if (version->img_type == 0x03) + if (version->img_type == BTINTEL_IMG_OP) bt_dev_info(hdev, "Firmware SHA1: 0x%8.8x", version->git_sha1); return 0; } +EXPORT_SYMBOL_GPL(btintel_version_info_tlv); -static int btintel_parse_version_tlv(struct hci_dev *hdev, - struct intel_version_tlv *version, - struct sk_buff *skb) +int btintel_parse_version_tlv(struct hci_dev *hdev, + struct intel_version_tlv *version, + struct sk_buff *skb) { /* Consume Command Complete Status field */ skb_pull(skb, 1); @@ -645,6 +651,7 @@ static int btintel_parse_version_tlv(struct hci_dev *hdev, return 0; } +EXPORT_SYMBOL_GPL(btintel_parse_version_tlv); static int btintel_read_version_tlv(struct hci_dev *hdev, struct intel_version_tlv *version) @@ -1172,7 +1179,7 @@ static int btintel_download_fw_tlv(struct hci_dev *hdev, * If the firmware version has changed that means it needs to be reset * to bootloader when operational so the new firmware can be loaded. */ - if (ver->img_type == 0x03) + if (ver->img_type == BTINTEL_IMG_OP) return -EINVAL; /* iBT hardware variants 0x0b, 0x0c, 0x11, 0x12, 0x13, 0x14 support @@ -2194,10 +2201,26 @@ static void btintel_get_fw_name_tlv(const struct intel_version_tlv *ver, char *fw_name, size_t len, const char *suffix) { + const char *format; /* The firmware file name for new generation controllers will be * ibt-<cnvi_top type+cnvi_top step>-<cnvr_top type+cnvr_top step> */ - snprintf(fw_name, len, "intel/ibt-%04x-%04x.%s", + switch (ver->cnvi_top & 0xfff) { + /* Only Blazar product supports downloading of intermediate loader + * image + */ + case BTINTEL_CNVI_BLAZARI: + if (ver->img_type == BTINTEL_IMG_BOOTLOADER) + format = "intel/ibt-%04x-%04x-iml.%s"; + else + format = "intel/ibt-%04x-%04x.%s"; + break; + default: + format = "intel/ibt-%04x-%04x.%s"; + break; + } + + snprintf(fw_name, len, format, INTEL_CNVX_TOP_PACK_SWAB(INTEL_CNVX_TOP_TYPE(ver->cnvi_top), INTEL_CNVX_TOP_STEP(ver->cnvi_top)), INTEL_CNVX_TOP_PACK_SWAB(INTEL_CNVX_TOP_TYPE(ver->cnvr_top), @@ -2230,7 +2253,7 @@ static int btintel_prepare_fw_download_tlv(struct hci_dev *hdev, * It is not possible to use the Secure Boot Parameters in this * case since that command is only available in bootloader mode. */ - if (ver->img_type == 0x03) { + if (ver->img_type == BTINTEL_IMG_OP) { btintel_clear_flag(hdev, INTEL_BOOTLOADER); btintel_check_bdaddr(hdev); } else { @@ -2577,8 +2600,8 @@ static void btintel_set_dsm_reset_method(struct hci_dev *hdev, data->acpi_reset_method = btintel_acpi_reset_method; } -static int btintel_bootloader_setup_tlv(struct hci_dev *hdev, - struct intel_version_tlv *ver) +int btintel_bootloader_setup_tlv(struct hci_dev *hdev, + struct intel_version_tlv *ver) { u32 boot_param; char ddcname[64]; @@ -2600,13 +2623,30 @@ static int btintel_bootloader_setup_tlv(struct hci_dev *hdev, return err; /* check if controller is already having an operational firmware */ - if (ver->img_type == 0x03) + if (ver->img_type == BTINTEL_IMG_OP) goto finish; err = btintel_boot(hdev, boot_param); if (err) return err; + err = btintel_read_version_tlv(hdev, ver); + if (err) + return err; + + /* If image type returned is BTINTEL_IMG_IML, then controller supports + * intermediae loader image + */ + if (ver->img_type == BTINTEL_IMG_IML) { + err = btintel_prepare_fw_download_tlv(hdev, ver, &boot_param); + if (err) + return err; + + err = btintel_boot(hdev, boot_param); + if (err) + return err; + } + btintel_clear_flag(hdev, INTEL_BOOTLOADER); btintel_get_fw_name_tlv(ver, ddcname, sizeof(ddcname), "ddc"); @@ -2645,8 +2685,9 @@ finish: return 0; } +EXPORT_SYMBOL_GPL(btintel_bootloader_setup_tlv); -static void btintel_set_msft_opcode(struct hci_dev *hdev, u8 hw_variant) +void btintel_set_msft_opcode(struct hci_dev *hdev, u8 hw_variant) { switch (hw_variant) { /* Legacy bootloader devices that supports MSFT Extension */ @@ -2662,6 +2703,7 @@ static void btintel_set_msft_opcode(struct hci_dev *hdev, u8 hw_variant) case 0x19: case 0x1b: case 0x1c: + case 0x1e: hci_set_msft_opcode(hdev, 0xFC1E); break; default: @@ -2669,6 +2711,7 @@ static void btintel_set_msft_opcode(struct hci_dev *hdev, u8 hw_variant) break; } } +EXPORT_SYMBOL_GPL(btintel_set_msft_opcode); static void btintel_print_fseq_info(struct hci_dev *hdev) { @@ -2920,6 +2963,11 @@ static int btintel_setup_combined(struct hci_dev *hdev) err = -EINVAL; } + hci_set_hw_info(hdev, + "INTEL platform=%u variant=%u revision=%u", + ver.hw_platform, ver.hw_variant, + ver.hw_revision); + goto exit_error; } @@ -2996,6 +3044,7 @@ static int btintel_setup_combined(struct hci_dev *hdev) case 0x19: case 0x1b: case 0x1c: + case 0x1e: /* Display version information of TLV type */ btintel_version_info_tlv(hdev, &ver_tlv); @@ -3024,13 +3073,17 @@ static int btintel_setup_combined(struct hci_dev *hdev) break; } + hci_set_hw_info(hdev, "INTEL platform=%u variant=%u", + INTEL_HW_PLATFORM(ver_tlv.cnvi_bt), + INTEL_HW_VARIANT(ver_tlv.cnvi_bt)); + exit_error: kfree_skb(skb); return err; } -static int btintel_shutdown_combined(struct hci_dev *hdev) +int btintel_shutdown_combined(struct hci_dev *hdev) { struct sk_buff *skb; int ret; @@ -3064,6 +3117,7 @@ static int btintel_shutdown_combined(struct hci_dev *hdev) return 0; } +EXPORT_SYMBOL_GPL(btintel_shutdown_combined); int btintel_configure_setup(struct hci_dev *hdev, const char *driver_name) { diff --git a/drivers/bluetooth/btintel.h b/drivers/bluetooth/btintel.h index d19fcdb9ff0b..b5fea735e260 100644 --- a/drivers/bluetooth/btintel.h +++ b/drivers/bluetooth/btintel.h @@ -51,6 +51,12 @@ struct intel_tlv { u8 val[]; } __packed; +#define BTINTEL_CNVI_BLAZARI 0x900 + +#define BTINTEL_IMG_BOOTLOADER 0x01 /* Bootloader image */ +#define BTINTEL_IMG_IML 0x02 /* Intermediate image */ +#define BTINTEL_IMG_OP 0x03 /* Operational image */ + struct intel_version_tlv { u32 cnvi_top; u32 cnvr_top; @@ -203,7 +209,7 @@ struct btintel_data { #define btintel_wait_on_flag_timeout(hdev, nr, m, to) \ wait_on_bit_timeout(btintel_get_flag(hdev), (nr), m, to) -#if IS_ENABLED(CONFIG_BT_INTEL) +#if IS_ENABLED(CONFIG_BT_INTEL) || IS_ENABLED(CONFIG_BT_INTEL_PCIE) int btintel_check_bdaddr(struct hci_dev *hdev); int btintel_enter_mfg(struct hci_dev *hdev); @@ -228,6 +234,16 @@ void btintel_bootup(struct hci_dev *hdev, const void *ptr, unsigned int len); void btintel_secure_send_result(struct hci_dev *hdev, const void *ptr, unsigned int len); int btintel_set_quality_report(struct hci_dev *hdev, bool enable); +int btintel_version_info_tlv(struct hci_dev *hdev, + struct intel_version_tlv *version); +int btintel_parse_version_tlv(struct hci_dev *hdev, + struct intel_version_tlv *version, + struct sk_buff *skb); +void btintel_set_msft_opcode(struct hci_dev *hdev, u8 hw_variant); +int btintel_bootloader_setup_tlv(struct hci_dev *hdev, + struct intel_version_tlv *ver); +int btintel_shutdown_combined(struct hci_dev *hdev); +void btintel_hw_error(struct hci_dev *hdev, u8 code); #else static inline int btintel_check_bdaddr(struct hci_dev *hdev) @@ -324,4 +340,37 @@ static inline int btintel_set_quality_report(struct hci_dev *hdev, bool enable) { return -ENODEV; } + +static inline int btintel_version_info_tlv(struct hci_dev *hdev, + struct intel_version_tlv *version) +{ + return -EOPNOTSUPP; +} + +static inline int btintel_parse_version_tlv(struct hci_dev *hdev, + struct intel_version_tlv *version, + struct sk_buff *skb) +{ + return -EOPNOTSUPP; +} + +static inline void btintel_set_msft_opcode(struct hci_dev *hdev, u8 hw_variant) + +{ +} + +static inline int btintel_bootloader_setup_tlv(struct hci_dev *hdev, + struct intel_version_tlv *ver) +{ + return -ENODEV; +} + +static inline int btintel_shutdown_combined(struct hci_dev *hdev) +{ + return -ENODEV; +} + +static inline void btintel_hw_error(struct hci_dev *hdev, u8 code) +{ +} #endif diff --git a/drivers/bluetooth/btintel_pcie.c b/drivers/bluetooth/btintel_pcie.c new file mode 100644 index 000000000000..5b6805d87fcf --- /dev/null +++ b/drivers/bluetooth/btintel_pcie.c @@ -0,0 +1,1357 @@ +// SPDX-License-Identifier: GPL-2.0-or-later +/* + * + * Bluetooth support for Intel PCIe devices + * + * Copyright (C) 2024 Intel Corporation + */ + +#include <linux/kernel.h> +#include <linux/module.h> +#include <linux/firmware.h> +#include <linux/pci.h> +#include <linux/wait.h> +#include <linux/delay.h> +#include <linux/interrupt.h> + +#include <asm/unaligned.h> + +#include <net/bluetooth/bluetooth.h> +#include <net/bluetooth/hci_core.h> + +#include "btintel.h" +#include "btintel_pcie.h" + +#define VERSION "0.1" + +#define BTINTEL_PCI_DEVICE(dev, subdev) \ + .vendor = PCI_VENDOR_ID_INTEL, \ + .device = (dev), \ + .subvendor = PCI_ANY_ID, \ + .subdevice = (subdev), \ + .driver_data = 0 + +#define POLL_INTERVAL_US 10 + +/* Intel Bluetooth PCIe device id table */ +static const struct pci_device_id btintel_pcie_table[] = { + { BTINTEL_PCI_DEVICE(0xA876, PCI_ANY_ID) }, + { 0 } +}; +MODULE_DEVICE_TABLE(pci, btintel_pcie_table); + +/* Intel PCIe uses 4 bytes of HCI type instead of 1 byte BT SIG HCI type */ +#define BTINTEL_PCIE_HCI_TYPE_LEN 4 +#define BTINTEL_PCIE_HCI_CMD_PKT 0x00000001 +#define BTINTEL_PCIE_HCI_ACL_PKT 0x00000002 +#define BTINTEL_PCIE_HCI_SCO_PKT 0x00000003 +#define BTINTEL_PCIE_HCI_EVT_PKT 0x00000004 + +static inline void ipc_print_ia_ring(struct hci_dev *hdev, struct ia *ia, + u16 queue_num) +{ + bt_dev_dbg(hdev, "IA: %s: tr-h:%02u tr-t:%02u cr-h:%02u cr-t:%02u", + queue_num == BTINTEL_PCIE_TXQ_NUM ? "TXQ" : "RXQ", + ia->tr_hia[queue_num], ia->tr_tia[queue_num], + ia->cr_hia[queue_num], ia->cr_tia[queue_num]); +} + +static inline void ipc_print_urbd1(struct hci_dev *hdev, struct urbd1 *urbd1, + u16 index) +{ + bt_dev_dbg(hdev, "RXQ:urbd1(%u) frbd_tag:%u status: 0x%x fixed:0x%x", + index, urbd1->frbd_tag, urbd1->status, urbd1->fixed); +} + +static int btintel_pcie_poll_bit(struct btintel_pcie_data *data, u32 offset, + u32 bits, u32 mask, int timeout_us) +{ + int t = 0; + u32 reg; + + do { + reg = btintel_pcie_rd_reg32(data, offset); + + if ((reg & mask) == (bits & mask)) + return t; + udelay(POLL_INTERVAL_US); + t += POLL_INTERVAL_US; + } while (t < timeout_us); + + return -ETIMEDOUT; +} + +static struct btintel_pcie_data *btintel_pcie_get_data(struct msix_entry *entry) +{ + u8 queue = entry->entry; + struct msix_entry *entries = entry - queue; + + return container_of(entries, struct btintel_pcie_data, msix_entries[0]); +} + +/* Set the doorbell for TXQ to notify the device that @index (actually index-1) + * of the TFD is updated and ready to transmit. + */ +static void btintel_pcie_set_tx_db(struct btintel_pcie_data *data, u16 index) +{ + u32 val; + + val = index; + val |= (BTINTEL_PCIE_TX_DB_VEC << 16); + + btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_HBUS_TARG_WRPTR, val); +} + +/* Copy the data to next(@tfd_index) data buffer and update the TFD(transfer + * descriptor) with the data length and the DMA address of the data buffer. + */ +static void btintel_pcie_prepare_tx(struct txq *txq, u16 tfd_index, + struct sk_buff *skb) +{ + struct data_buf *buf; + struct tfd *tfd; + + tfd = &txq->tfds[tfd_index]; + memset(tfd, 0, sizeof(*tfd)); + + buf = &txq->bufs[tfd_index]; + + tfd->size = skb->len; + tfd->addr = buf->data_p_addr; + + /* Copy the outgoing data to DMA buffer */ + memcpy(buf->data, skb->data, tfd->size); +} + +static int btintel_pcie_send_sync(struct btintel_pcie_data *data, + struct sk_buff *skb) +{ + int ret; + u16 tfd_index; + struct txq *txq = &data->txq; + + tfd_index = data->ia.tr_hia[BTINTEL_PCIE_TXQ_NUM]; + + if (tfd_index > txq->count) + return -ERANGE; + + /* Prepare for TX. It updates the TFD with the length of data and + * address of the DMA buffer, and copy the data to the DMA buffer + */ + btintel_pcie_prepare_tx(txq, tfd_index, skb); + + tfd_index = (tfd_index + 1) % txq->count; + data->ia.tr_hia[BTINTEL_PCIE_TXQ_NUM] = tfd_index; + + /* Arm wait event condition */ + data->tx_wait_done = false; + + /* Set the doorbell to notify the device */ + btintel_pcie_set_tx_db(data, tfd_index); + + /* Wait for the complete interrupt - URBD0 */ + ret = wait_event_timeout(data->tx_wait_q, data->tx_wait_done, + msecs_to_jiffies(BTINTEL_PCIE_TX_WAIT_TIMEOUT_MS)); + if (!ret) + return -ETIME; + + return 0; +} + +/* Set the doorbell for RXQ to notify the device that @index (actually index-1) + * is available to receive the data + */ +static void btintel_pcie_set_rx_db(struct btintel_pcie_data *data, u16 index) +{ + u32 val; + + val = index; + val |= (BTINTEL_PCIE_RX_DB_VEC << 16); + + btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_HBUS_TARG_WRPTR, val); +} + +/* Update the FRBD (free buffer descriptor) with the @frbd_index and the + * DMA address of the free buffer. + */ +static void btintel_pcie_prepare_rx(struct rxq *rxq, u16 frbd_index) +{ + struct data_buf *buf; + struct frbd *frbd; + + /* Get the buffer of the FRBD for DMA */ + buf = &rxq->bufs[frbd_index]; + + frbd = &rxq->frbds[frbd_index]; + memset(frbd, 0, sizeof(*frbd)); + + /* Update FRBD */ + frbd->tag = frbd_index; + frbd->addr = buf->data_p_addr; +} + +static int btintel_pcie_submit_rx(struct btintel_pcie_data *data) +{ + u16 frbd_index; + struct rxq *rxq = &data->rxq; + + frbd_index = data->ia.tr_hia[BTINTEL_PCIE_RXQ_NUM]; + + if (frbd_index > rxq->count) + return -ERANGE; + + /* Prepare for RX submit. It updates the FRBD with the address of DMA + * buffer + */ + btintel_pcie_prepare_rx(rxq, frbd_index); + + frbd_index = (frbd_index + 1) % rxq->count; + data->ia.tr_hia[BTINTEL_PCIE_RXQ_NUM] = frbd_index; + ipc_print_ia_ring(data->hdev, &data->ia, BTINTEL_PCIE_RXQ_NUM); + + /* Set the doorbell to notify the device */ + btintel_pcie_set_rx_db(data, frbd_index); + + return 0; +} + +static int btintel_pcie_start_rx(struct btintel_pcie_data *data) +{ + int i, ret; + + for (i = 0; i < BTINTEL_PCIE_RX_MAX_QUEUE; i++) { + ret = btintel_pcie_submit_rx(data); + if (ret) + return ret; + } + + return 0; +} + +static void btintel_pcie_reset_ia(struct btintel_pcie_data *data) +{ + memset(data->ia.tr_hia, 0, sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES); + memset(data->ia.tr_tia, 0, sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES); + memset(data->ia.cr_hia, 0, sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES); + memset(data->ia.cr_tia, 0, sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES); +} + +static void btintel_pcie_reset_bt(struct btintel_pcie_data *data) +{ + btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, + BTINTEL_PCIE_CSR_FUNC_CTRL_SW_RESET); +} + +/* This function enables BT function by setting BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_INIT bit in + * BTINTEL_PCIE_CSR_FUNC_CTRL_REG register and wait for MSI-X with + * BTINTEL_PCIE_MSIX_HW_INT_CAUSES_GP0. + * Then the host reads firmware version from BTINTEL_CSR_F2D_MBX and the boot stage + * from BTINTEL_PCIE_CSR_BOOT_STAGE_REG. + */ +static int btintel_pcie_enable_bt(struct btintel_pcie_data *data) +{ + int err; + + data->gp0_received = false; + + /* Update the DMA address of CI struct to CSR */ + btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_CI_ADDR_LSB_REG, + data->ci_p_addr & 0xffffffff); + btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_CI_ADDR_MSB_REG, + (u64)data->ci_p_addr >> 32); + + /* Reset the cached value of boot stage. it is updated by the MSI-X + * gp0 interrupt handler. + */ + data->boot_stage_cache = 0x0; + + /* Set MAC_INIT bit to start primary bootloader */ + btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); + + btintel_pcie_set_reg_bits(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, + BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_INIT); + + /* Wait until MAC_ACCESS is granted */ + err = btintel_pcie_poll_bit(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, + BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_ACCESS_STS, + BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_ACCESS_STS, + BTINTEL_DEFAULT_MAC_ACCESS_TIMEOUT_US); + if (err < 0) + return -ENODEV; + + /* MAC is ready. Enable BT FUNC */ + btintel_pcie_set_reg_bits(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, + BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_ENA | + BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_INIT); + + btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); + + /* wait for interrupt from the device after booting up to primary + * bootloader. + */ + err = wait_event_timeout(data->gp0_wait_q, data->gp0_received, + msecs_to_jiffies(BTINTEL_DEFAULT_INTR_TIMEOUT)); + if (!err) + return -ETIME; + + /* Check cached boot stage is BTINTEL_PCIE_CSR_BOOT_STAGE_ROM(BIT(0)) */ + if (~data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_ROM) + return -ENODEV; + + return 0; +} + +/* This function handles the MSI-X interrupt for gp0 cause (bit 0 in + * BTINTEL_PCIE_CSR_MSIX_HW_INT_CAUSES) which is sent for boot stage and image response. + */ +static void btintel_pcie_msix_gp0_handler(struct btintel_pcie_data *data) +{ + u32 reg; + + /* This interrupt is for three different causes and it is not easy to + * know what causes the interrupt. So, it compares each register value + * with cached value and update it before it wake up the queue. + */ + reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_BOOT_STAGE_REG); + if (reg != data->boot_stage_cache) + data->boot_stage_cache = reg; + + reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_IMG_RESPONSE_REG); + if (reg != data->img_resp_cache) + data->img_resp_cache = reg; + + data->gp0_received = true; + + /* If the boot stage is OP or IML, reset IA and start RX again */ + if (data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_OPFW || + data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_IML) { + btintel_pcie_reset_ia(data); + btintel_pcie_start_rx(data); + } + + wake_up(&data->gp0_wait_q); +} + +/* This function handles the MSX-X interrupt for rx queue 0 which is for TX + */ +static void btintel_pcie_msix_tx_handle(struct btintel_pcie_data *data) +{ + u16 cr_tia, cr_hia; + struct txq *txq; + struct urbd0 *urbd0; + + cr_tia = data->ia.cr_tia[BTINTEL_PCIE_TXQ_NUM]; + cr_hia = data->ia.cr_hia[BTINTEL_PCIE_TXQ_NUM]; + + if (cr_tia == cr_hia) + return; + + txq = &data->txq; + + while (cr_tia != cr_hia) { + data->tx_wait_done = true; + wake_up(&data->tx_wait_q); + + urbd0 = &txq->urbd0s[cr_tia]; + + if (urbd0->tfd_index > txq->count) + return; + + cr_tia = (cr_tia + 1) % txq->count; + data->ia.cr_tia[BTINTEL_PCIE_TXQ_NUM] = cr_tia; + ipc_print_ia_ring(data->hdev, &data->ia, BTINTEL_PCIE_TXQ_NUM); + } +} + +/* Process the received rx data + * It check the frame header to identify the data type and create skb + * and calling HCI API + */ +static int btintel_pcie_recv_frame(struct btintel_pcie_data *data, + struct sk_buff *skb) +{ + int ret; + u8 pkt_type; + u16 plen; + u32 pcie_pkt_type; + struct sk_buff *new_skb; + void *pdata; + struct hci_dev *hdev = data->hdev; + + spin_lock(&data->hci_rx_lock); + + /* The first 4 bytes indicates the Intel PCIe specific packet type */ + pdata = skb_pull_data(skb, BTINTEL_PCIE_HCI_TYPE_LEN); + if (!data) { + bt_dev_err(hdev, "Corrupted packet received"); + ret = -EILSEQ; + goto exit_error; + } + + pcie_pkt_type = get_unaligned_le32(pdata); + + switch (pcie_pkt_type) { + case BTINTEL_PCIE_HCI_ACL_PKT: + if (skb->len >= HCI_ACL_HDR_SIZE) { + plen = HCI_ACL_HDR_SIZE + __le16_to_cpu(hci_acl_hdr(skb)->dlen); + pkt_type = HCI_ACLDATA_PKT; + } else { + bt_dev_err(hdev, "ACL packet is too short"); + ret = -EILSEQ; + goto exit_error; + } + break; + + case BTINTEL_PCIE_HCI_SCO_PKT: + if (skb->len >= HCI_SCO_HDR_SIZE) { + plen = HCI_SCO_HDR_SIZE + hci_sco_hdr(skb)->dlen; + pkt_type = HCI_SCODATA_PKT; + } else { + bt_dev_err(hdev, "SCO packet is too short"); + ret = -EILSEQ; + goto exit_error; + } + break; + + case BTINTEL_PCIE_HCI_EVT_PKT: + if (skb->len >= HCI_EVENT_HDR_SIZE) { + plen = HCI_EVENT_HDR_SIZE + hci_event_hdr(skb)->plen; + pkt_type = HCI_EVENT_PKT; + } else { + bt_dev_err(hdev, "Event packet is too short"); + ret = -EILSEQ; + goto exit_error; + } + break; + default: + bt_dev_err(hdev, "Invalid packet type received: 0x%4.4x", + pcie_pkt_type); + ret = -EINVAL; + goto exit_error; + } + + if (skb->len < plen) { + bt_dev_err(hdev, "Received corrupted packet. type: 0x%2.2x", + pkt_type); + ret = -EILSEQ; + goto exit_error; + } + + bt_dev_dbg(hdev, "pkt_type: 0x%2.2x len: %u", pkt_type, plen); + + new_skb = bt_skb_alloc(plen, GFP_ATOMIC); + if (!new_skb) { + bt_dev_err(hdev, "Failed to allocate memory for skb of len: %u", + skb->len); + ret = -ENOMEM; + goto exit_error; + } + + hci_skb_pkt_type(new_skb) = pkt_type; + skb_put_data(new_skb, skb->data, plen); + hdev->stat.byte_rx += plen; + + if (pcie_pkt_type == BTINTEL_PCIE_HCI_EVT_PKT) + ret = btintel_recv_event(hdev, new_skb); + else + ret = hci_recv_frame(hdev, new_skb); + +exit_error: + if (ret) + hdev->stat.err_rx++; + + spin_unlock(&data->hci_rx_lock); + + return ret; +} + +static void btintel_pcie_rx_work(struct work_struct *work) +{ + struct btintel_pcie_data *data = container_of(work, + struct btintel_pcie_data, rx_work); + struct sk_buff *skb; + int err; + struct hci_dev *hdev = data->hdev; + + /* Process the sk_buf in queue and send to the HCI layer */ + while ((skb = skb_dequeue(&data->rx_skb_q))) { + err = btintel_pcie_recv_frame(data, skb); + if (err) + bt_dev_err(hdev, "Failed to send received frame: %d", + err); + kfree_skb(skb); + } +} + +/* create sk_buff with data and save it to queue and start RX work */ +static int btintel_pcie_submit_rx_work(struct btintel_pcie_data *data, u8 status, + void *buf) +{ + int ret, len; + struct rfh_hdr *rfh_hdr; + struct sk_buff *skb; + + rfh_hdr = buf; + + len = rfh_hdr->packet_len; + if (len <= 0) { + ret = -EINVAL; + goto resubmit; + } + + /* Remove RFH header */ + buf += sizeof(*rfh_hdr); + + skb = alloc_skb(len, GFP_ATOMIC); + if (!skb) { + ret = -ENOMEM; + goto resubmit; + } + + skb_put_data(skb, buf, len); + skb_queue_tail(&data->rx_skb_q, skb); + queue_work(data->workqueue, &data->rx_work); + +resubmit: + ret = btintel_pcie_submit_rx(data); + + return ret; +} + +/* Handles the MSI-X interrupt for rx queue 1 which is for RX */ +static void btintel_pcie_msix_rx_handle(struct btintel_pcie_data *data) +{ + u16 cr_hia, cr_tia; + struct rxq *rxq; + struct urbd1 *urbd1; + struct data_buf *buf; + int ret; + struct hci_dev *hdev = data->hdev; + + cr_hia = data->ia.cr_hia[BTINTEL_PCIE_RXQ_NUM]; + cr_tia = data->ia.cr_tia[BTINTEL_PCIE_RXQ_NUM]; + + bt_dev_dbg(hdev, "RXQ: cr_hia: %u cr_tia: %u", cr_hia, cr_tia); + + /* Check CR_TIA and CR_HIA for change */ + if (cr_tia == cr_hia) { + bt_dev_warn(hdev, "RXQ: no new CD found"); + return; + } + + rxq = &data->rxq; + + /* The firmware sends multiple CD in a single MSI-X and it needs to + * process all received CDs in this interrupt. + */ + while (cr_tia != cr_hia) { + urbd1 = &rxq->urbd1s[cr_tia]; + ipc_print_urbd1(data->hdev, urbd1, cr_tia); + + buf = &rxq->bufs[urbd1->frbd_tag]; + if (!buf) { + bt_dev_err(hdev, "RXQ: failed to get the DMA buffer for %d", + urbd1->frbd_tag); + return; + } + + ret = btintel_pcie_submit_rx_work(data, urbd1->status, + buf->data); + if (ret) { + bt_dev_err(hdev, "RXQ: failed to submit rx request"); + return; + } + + cr_tia = (cr_tia + 1) % rxq->count; + data->ia.cr_tia[BTINTEL_PCIE_RXQ_NUM] = cr_tia; + ipc_print_ia_ring(data->hdev, &data->ia, BTINTEL_PCIE_RXQ_NUM); + } +} + +static irqreturn_t btintel_pcie_msix_isr(int irq, void *data) +{ + return IRQ_WAKE_THREAD; +} + +static irqreturn_t btintel_pcie_irq_msix_handler(int irq, void *dev_id) +{ + struct msix_entry *entry = dev_id; + struct btintel_pcie_data *data = btintel_pcie_get_data(entry); + u32 intr_fh, intr_hw; + + spin_lock(&data->irq_lock); + intr_fh = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_MSIX_FH_INT_CAUSES); + intr_hw = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_MSIX_HW_INT_CAUSES); + + /* Clear causes registers to avoid being handling the same cause */ + btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_MSIX_FH_INT_CAUSES, intr_fh); + btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_MSIX_HW_INT_CAUSES, intr_hw); + spin_unlock(&data->irq_lock); + + if (unlikely(!(intr_fh | intr_hw))) { + /* Ignore interrupt, inta == 0 */ + return IRQ_NONE; + } + + /* This interrupt is triggered by the firmware after updating + * boot_stage register and image_response register + */ + if (intr_hw & BTINTEL_PCIE_MSIX_HW_INT_CAUSES_GP0) + btintel_pcie_msix_gp0_handler(data); + + /* For TX */ + if (intr_fh & BTINTEL_PCIE_MSIX_FH_INT_CAUSES_0) + btintel_pcie_msix_tx_handle(data); + + /* For RX */ + if (intr_fh & BTINTEL_PCIE_MSIX_FH_INT_CAUSES_1) + btintel_pcie_msix_rx_handle(data); + + /* + * Before sending the interrupt the HW disables it to prevent a nested + * interrupt. This is done by writing 1 to the corresponding bit in + * the mask register. After handling the interrupt, it should be + * re-enabled by clearing this bit. This register is defined as write 1 + * clear (W1C) register, meaning that it's cleared by writing 1 + * to the bit. + */ + btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_MSIX_AUTOMASK_ST, + BIT(entry->entry)); + + return IRQ_HANDLED; +} + +/* This function requests the irq for MSI-X and registers the handlers per irq. + * Currently, it requests only 1 irq for all interrupt causes. + */ +static int btintel_pcie_setup_irq(struct btintel_pcie_data *data) +{ + int err; + int num_irqs, i; + + for (i = 0; i < BTINTEL_PCIE_MSIX_VEC_MAX; i++) + data->msix_entries[i].entry = i; + + num_irqs = pci_alloc_irq_vectors(data->pdev, BTINTEL_PCIE_MSIX_VEC_MIN, + BTINTEL_PCIE_MSIX_VEC_MAX, PCI_IRQ_MSIX); + if (num_irqs < 0) + return num_irqs; + + data->alloc_vecs = num_irqs; + data->msix_enabled = 1; + data->def_irq = 0; + + /* setup irq handler */ + for (i = 0; i < data->alloc_vecs; i++) { + struct msix_entry *msix_entry; + + msix_entry = &data->msix_entries[i]; + msix_entry->vector = pci_irq_vector(data->pdev, i); + + err = devm_request_threaded_irq(&data->pdev->dev, + msix_entry->vector, + btintel_pcie_msix_isr, + btintel_pcie_irq_msix_handler, + IRQF_SHARED, + KBUILD_MODNAME, + msix_entry); + if (err) { + pci_free_irq_vectors(data->pdev); + data->alloc_vecs = 0; + return err; + } + } + return 0; +} + +struct btintel_pcie_causes_list { + u32 cause; + u32 mask_reg; + u8 cause_num; +}; + +static struct btintel_pcie_causes_list causes_list[] = { + { BTINTEL_PCIE_MSIX_FH_INT_CAUSES_0, BTINTEL_PCIE_CSR_MSIX_FH_INT_MASK, 0x00 }, + { BTINTEL_PCIE_MSIX_FH_INT_CAUSES_1, BTINTEL_PCIE_CSR_MSIX_FH_INT_MASK, 0x01 }, + { BTINTEL_PCIE_MSIX_HW_INT_CAUSES_GP0, BTINTEL_PCIE_CSR_MSIX_HW_INT_MASK, 0x20 }, +}; + +/* This function configures the interrupt masks for both HW_INT_CAUSES and + * FH_INT_CAUSES which are meaningful to us. + * + * After resetting BT function via PCIE FLR or FUNC_CTRL reset, the driver + * need to call this function again to configure since the masks + * are reset to 0xFFFFFFFF after reset. + */ +static void btintel_pcie_config_msix(struct btintel_pcie_data *data) +{ + int i; + int val = data->def_irq | BTINTEL_PCIE_MSIX_NON_AUTO_CLEAR_CAUSE; + + /* Set Non Auto Clear Cause */ + for (i = 0; i < ARRAY_SIZE(causes_list); i++) { + btintel_pcie_wr_reg8(data, + BTINTEL_PCIE_CSR_MSIX_IVAR(causes_list[i].cause_num), + val); + btintel_pcie_clr_reg_bits(data, + causes_list[i].mask_reg, + causes_list[i].cause); + } + + /* Save the initial interrupt mask */ + data->fh_init_mask = ~btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_MSIX_FH_INT_MASK); + data->hw_init_mask = ~btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_MSIX_HW_INT_MASK); +} + +static int btintel_pcie_config_pcie(struct pci_dev *pdev, + struct btintel_pcie_data *data) +{ + int err; + + err = pcim_enable_device(pdev); + if (err) + return err; + + pci_set_master(pdev); + + err = dma_set_mask_and_coherent(&pdev->dev, DMA_BIT_MASK(64)); + if (err) { + err = dma_set_mask_and_coherent(&pdev->dev, DMA_BIT_MASK(32)); + if (err) + return err; + } + + err = pcim_iomap_regions(pdev, BIT(0), KBUILD_MODNAME); + if (err) + return err; + + data->base_addr = pcim_iomap_table(pdev)[0]; + if (!data->base_addr) + return -ENODEV; + + err = btintel_pcie_setup_irq(data); + if (err) + return err; + + /* Configure MSI-X with causes list */ + btintel_pcie_config_msix(data); + + return 0; +} + +static void btintel_pcie_init_ci(struct btintel_pcie_data *data, + struct ctx_info *ci) +{ + ci->version = 0x1; + ci->size = sizeof(*ci); + ci->config = 0x0000; + ci->addr_cr_hia = data->ia.cr_hia_p_addr; + ci->addr_tr_tia = data->ia.tr_tia_p_addr; + ci->addr_cr_tia = data->ia.cr_tia_p_addr; + ci->addr_tr_hia = data->ia.tr_hia_p_addr; + ci->num_cr_ia = BTINTEL_PCIE_NUM_QUEUES; + ci->num_tr_ia = BTINTEL_PCIE_NUM_QUEUES; + ci->addr_urbdq0 = data->txq.urbd0s_p_addr; + ci->addr_tfdq = data->txq.tfds_p_addr; + ci->num_tfdq = data->txq.count; + ci->num_urbdq0 = data->txq.count; + ci->tfdq_db_vec = BTINTEL_PCIE_TXQ_NUM; + ci->urbdq0_db_vec = BTINTEL_PCIE_TXQ_NUM; + ci->rbd_size = BTINTEL_PCIE_RBD_SIZE_4K; + ci->addr_frbdq = data->rxq.frbds_p_addr; + ci->num_frbdq = data->rxq.count; + ci->frbdq_db_vec = BTINTEL_PCIE_RXQ_NUM; + ci->addr_urbdq1 = data->rxq.urbd1s_p_addr; + ci->num_urbdq1 = data->rxq.count; + ci->urbdq_db_vec = BTINTEL_PCIE_RXQ_NUM; +} + +static void btintel_pcie_free_txq_bufs(struct btintel_pcie_data *data, + struct txq *txq) +{ + /* Free data buffers first */ + dma_free_coherent(&data->pdev->dev, txq->count * BTINTEL_PCIE_BUFFER_SIZE, + txq->buf_v_addr, txq->buf_p_addr); + kfree(txq->bufs); +} + +static int btintel_pcie_setup_txq_bufs(struct btintel_pcie_data *data, + struct txq *txq) +{ + int i; + struct data_buf *buf; + + /* Allocate the same number of buffers as the descriptor */ + txq->bufs = kmalloc_array(txq->count, sizeof(*buf), GFP_KERNEL); + if (!txq->bufs) + return -ENOMEM; + + /* Allocate full chunk of data buffer for DMA first and do indexing and + * initialization next, so it can be freed easily + */ + txq->buf_v_addr = dma_alloc_coherent(&data->pdev->dev, + txq->count * BTINTEL_PCIE_BUFFER_SIZE, + &txq->buf_p_addr, + GFP_KERNEL | __GFP_NOWARN); + if (!txq->buf_v_addr) { + kfree(txq->bufs); + return -ENOMEM; + } + memset(txq->buf_v_addr, 0, txq->count * BTINTEL_PCIE_BUFFER_SIZE); + + /* Setup the allocated DMA buffer to bufs. Each data_buf should + * have virtual address and physical address + */ + for (i = 0; i < txq->count; i++) { + buf = &txq->bufs[i]; + buf->data_p_addr = txq->buf_p_addr + (i * BTINTEL_PCIE_BUFFER_SIZE); + buf->data = txq->buf_v_addr + (i * BTINTEL_PCIE_BUFFER_SIZE); + } + + return 0; +} + +static void btintel_pcie_free_rxq_bufs(struct btintel_pcie_data *data, + struct rxq *rxq) +{ + /* Free data buffers first */ + dma_free_coherent(&data->pdev->dev, rxq->count * BTINTEL_PCIE_BUFFER_SIZE, + rxq->buf_v_addr, rxq->buf_p_addr); + kfree(rxq->bufs); +} + +static int btintel_pcie_setup_rxq_bufs(struct btintel_pcie_data *data, + struct rxq *rxq) +{ + int i; + struct data_buf *buf; + + /* Allocate the same number of buffers as the descriptor */ + rxq->bufs = kmalloc_array(rxq->count, sizeof(*buf), GFP_KERNEL); + if (!rxq->bufs) + return -ENOMEM; + + /* Allocate full chunk of data buffer for DMA first and do indexing and + * initialization next, so it can be freed easily + */ + rxq->buf_v_addr = dma_alloc_coherent(&data->pdev->dev, + rxq->count * BTINTEL_PCIE_BUFFER_SIZE, + &rxq->buf_p_addr, + GFP_KERNEL | __GFP_NOWARN); + if (!rxq->buf_v_addr) { + kfree(rxq->bufs); + return -ENOMEM; + } + memset(rxq->buf_v_addr, 0, rxq->count * BTINTEL_PCIE_BUFFER_SIZE); + + /* Setup the allocated DMA buffer to bufs. Each data_buf should + * have virtual address and physical address + */ + for (i = 0; i < rxq->count; i++) { + buf = &rxq->bufs[i]; + buf->data_p_addr = rxq->buf_p_addr + (i * BTINTEL_PCIE_BUFFER_SIZE); + buf->data = rxq->buf_v_addr + (i * BTINTEL_PCIE_BUFFER_SIZE); + } + + return 0; +} + +static void btintel_pcie_setup_ia(struct btintel_pcie_data *data, + dma_addr_t p_addr, void *v_addr, + struct ia *ia) +{ + /* TR Head Index Array */ + ia->tr_hia_p_addr = p_addr; + ia->tr_hia = v_addr; + + /* TR Tail Index Array */ + ia->tr_tia_p_addr = p_addr + sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES; + ia->tr_tia = v_addr + sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES; + + /* CR Head index Array */ + ia->cr_hia_p_addr = p_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 2); + ia->cr_hia = v_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 2); + + /* CR Tail Index Array */ + ia->cr_tia_p_addr = p_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 3); + ia->cr_tia = v_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 3); +} + +static void btintel_pcie_free(struct btintel_pcie_data *data) +{ + btintel_pcie_free_rxq_bufs(data, &data->rxq); + btintel_pcie_free_txq_bufs(data, &data->txq); + + dma_pool_free(data->dma_pool, data->dma_v_addr, data->dma_p_addr); + dma_pool_destroy(data->dma_pool); +} + +/* Allocate tx and rx queues, any related data structures and buffers. + */ +static int btintel_pcie_alloc(struct btintel_pcie_data *data) +{ + int err = 0; + size_t total; + dma_addr_t p_addr; + void *v_addr; + + /* Allocate the chunk of DMA memory for descriptors, index array, and + * context information, instead of allocating individually. + * The DMA memory for data buffer is allocated while setting up the + * each queue. + * + * Total size is sum of the following + * + size of TFD * Number of descriptors in queue + * + size of URBD0 * Number of descriptors in queue + * + size of FRBD * Number of descriptors in queue + * + size of URBD1 * Number of descriptors in queue + * + size of index * Number of queues(2) * type of index array(4) + * + size of context information + */ + total = (sizeof(struct tfd) + sizeof(struct urbd0) + sizeof(struct frbd) + + sizeof(struct urbd1)) * BTINTEL_DESCS_COUNT; + + /* Add the sum of size of index array and size of ci struct */ + total += (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 4) + sizeof(struct ctx_info); + + /* Allocate DMA Pool */ + data->dma_pool = dma_pool_create(KBUILD_MODNAME, &data->pdev->dev, + total, BTINTEL_PCIE_DMA_POOL_ALIGNMENT, 0); + if (!data->dma_pool) { + err = -ENOMEM; + goto exit_error; + } + + v_addr = dma_pool_zalloc(data->dma_pool, GFP_KERNEL | __GFP_NOWARN, + &p_addr); + if (!v_addr) { + dma_pool_destroy(data->dma_pool); + err = -ENOMEM; + goto exit_error; + } + + data->dma_p_addr = p_addr; + data->dma_v_addr = v_addr; + + /* Setup descriptor count */ + data->txq.count = BTINTEL_DESCS_COUNT; + data->rxq.count = BTINTEL_DESCS_COUNT; + + /* Setup tfds */ + data->txq.tfds_p_addr = p_addr; + data->txq.tfds = v_addr; + + p_addr += (sizeof(struct tfd) * BTINTEL_DESCS_COUNT); + v_addr += (sizeof(struct tfd) * BTINTEL_DESCS_COUNT); + + /* Setup urbd0 */ + data->txq.urbd0s_p_addr = p_addr; + data->txq.urbd0s = v_addr; + + p_addr += (sizeof(struct urbd0) * BTINTEL_DESCS_COUNT); + v_addr += (sizeof(struct urbd0) * BTINTEL_DESCS_COUNT); + + /* Setup FRBD*/ + data->rxq.frbds_p_addr = p_addr; + data->rxq.frbds = v_addr; + + p_addr += (sizeof(struct frbd) * BTINTEL_DESCS_COUNT); + v_addr += (sizeof(struct frbd) * BTINTEL_DESCS_COUNT); + + /* Setup urbd1 */ + data->rxq.urbd1s_p_addr = p_addr; + data->rxq.urbd1s = v_addr; + + p_addr += (sizeof(struct urbd1) * BTINTEL_DESCS_COUNT); + v_addr += (sizeof(struct urbd1) * BTINTEL_DESCS_COUNT); + + /* Setup data buffers for txq */ + err = btintel_pcie_setup_txq_bufs(data, &data->txq); + if (err) + goto exit_error_pool; + + /* Setup data buffers for rxq */ + err = btintel_pcie_setup_rxq_bufs(data, &data->rxq); + if (err) + goto exit_error_txq; + + /* Setup Index Array */ + btintel_pcie_setup_ia(data, p_addr, v_addr, &data->ia); + + /* Setup Context Information */ + p_addr += sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 4; + v_addr += sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 4; + + data->ci = v_addr; + data->ci_p_addr = p_addr; + + /* Initialize the CI */ + btintel_pcie_init_ci(data, data->ci); + + return 0; + +exit_error_txq: + btintel_pcie_free_txq_bufs(data, &data->txq); +exit_error_pool: + dma_pool_free(data->dma_pool, data->dma_v_addr, data->dma_p_addr); + dma_pool_destroy(data->dma_pool); +exit_error: + return err; +} + +static int btintel_pcie_open(struct hci_dev *hdev) +{ + bt_dev_dbg(hdev, ""); + + return 0; +} + +static int btintel_pcie_close(struct hci_dev *hdev) +{ + bt_dev_dbg(hdev, ""); + + return 0; +} + +static int btintel_pcie_inject_cmd_complete(struct hci_dev *hdev, __u16 opcode) +{ + struct sk_buff *skb; + struct hci_event_hdr *hdr; + struct hci_ev_cmd_complete *evt; + + skb = bt_skb_alloc(sizeof(*hdr) + sizeof(*evt) + 1, GFP_KERNEL); + if (!skb) + return -ENOMEM; + + hdr = (struct hci_event_hdr *)skb_put(skb, sizeof(*hdr)); + hdr->evt = HCI_EV_CMD_COMPLETE; + hdr->plen = sizeof(*evt) + 1; + + evt = (struct hci_ev_cmd_complete *)skb_put(skb, sizeof(*evt)); + evt->ncmd = 0x01; + evt->opcode = cpu_to_le16(opcode); + + *(u8 *)skb_put(skb, 1) = 0x00; + + hci_skb_pkt_type(skb) = HCI_EVENT_PKT; + + return hci_recv_frame(hdev, skb); +} + +static int btintel_pcie_send_frame(struct hci_dev *hdev, + struct sk_buff *skb) +{ + struct btintel_pcie_data *data = hci_get_drvdata(hdev); + int ret; + u32 type; + + /* Due to the fw limitation, the type header of the packet should be + * 4 bytes unlike 1 byte for UART. In UART, the firmware can read + * the first byte to get the packet type and redirect the rest of data + * packet to the right handler. + * + * But for PCIe, THF(Transfer Flow Handler) fetches the 4 bytes of data + * from DMA memory and by the time it reads the first 4 bytes, it has + * already consumed some part of packet. Thus the packet type indicator + * for iBT PCIe is 4 bytes. + * + * Luckily, when HCI core creates the skb, it allocates 8 bytes of + * head room for profile and driver use, and before sending the data + * to the device, append the iBT PCIe packet type in the front. + */ + switch (hci_skb_pkt_type(skb)) { + case HCI_COMMAND_PKT: + type = BTINTEL_PCIE_HCI_CMD_PKT; + if (btintel_test_flag(hdev, INTEL_BOOTLOADER)) { + struct hci_command_hdr *cmd = (void *)skb->data; + __u16 opcode = le16_to_cpu(cmd->opcode); + + /* When the 0xfc01 command is issued to boot into + * the operational firmware, it will actually not + * send a command complete event. To keep the flow + * control working inject that event here. + */ + if (opcode == 0xfc01) + btintel_pcie_inject_cmd_complete(hdev, opcode); + } + hdev->stat.cmd_tx++; + break; + case HCI_ACLDATA_PKT: + type = BTINTEL_PCIE_HCI_ACL_PKT; + hdev->stat.acl_tx++; + break; + case HCI_SCODATA_PKT: + type = BTINTEL_PCIE_HCI_SCO_PKT; + hdev->stat.sco_tx++; + break; + default: + bt_dev_err(hdev, "Unknown HCI packet type"); + return -EILSEQ; + } + memcpy(skb_push(skb, BTINTEL_PCIE_HCI_TYPE_LEN), &type, + BTINTEL_PCIE_HCI_TYPE_LEN); + + ret = btintel_pcie_send_sync(data, skb); + if (ret) { + hdev->stat.err_tx++; + bt_dev_err(hdev, "Failed to send frame (%d)", ret); + goto exit_error; + } + hdev->stat.byte_tx += skb->len; + kfree_skb(skb); + +exit_error: + return ret; +} + +static void btintel_pcie_release_hdev(struct btintel_pcie_data *data) +{ + struct hci_dev *hdev; + + hdev = data->hdev; + hci_unregister_dev(hdev); + hci_free_dev(hdev); + data->hdev = NULL; +} + +static int btintel_pcie_setup(struct hci_dev *hdev) +{ + const u8 param[1] = { 0xFF }; + struct intel_version_tlv ver_tlv; + struct sk_buff *skb; + int err; + + BT_DBG("%s", hdev->name); + + skb = __hci_cmd_sync(hdev, 0xfc05, 1, param, HCI_CMD_TIMEOUT); + if (IS_ERR(skb)) { + bt_dev_err(hdev, "Reading Intel version command failed (%ld)", + PTR_ERR(skb)); + return PTR_ERR(skb); + } + + /* Check the status */ + if (skb->data[0]) { + bt_dev_err(hdev, "Intel Read Version command failed (%02x)", + skb->data[0]); + err = -EIO; + goto exit_error; + } + + /* Apply the common HCI quirks for Intel device */ + set_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks); + set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks); + set_bit(HCI_QUIRK_NON_PERSISTENT_DIAG, &hdev->quirks); + + /* Set up the quality report callback for Intel devices */ + hdev->set_quality_report = btintel_set_quality_report; + + memset(&ver_tlv, 0, sizeof(ver_tlv)); + /* For TLV type device, parse the tlv data */ + err = btintel_parse_version_tlv(hdev, &ver_tlv, skb); + if (err) { + bt_dev_err(hdev, "Failed to parse TLV version information"); + goto exit_error; + } + + switch (INTEL_HW_PLATFORM(ver_tlv.cnvi_bt)) { + case 0x37: + break; + default: + bt_dev_err(hdev, "Unsupported Intel hardware platform (0x%2x)", + INTEL_HW_PLATFORM(ver_tlv.cnvi_bt)); + err = -EINVAL; + goto exit_error; + } + + /* Check for supported iBT hardware variants of this firmware + * loading method. + * + * This check has been put in place to ensure correct forward + * compatibility options when newer hardware variants come + * along. + */ + switch (INTEL_HW_VARIANT(ver_tlv.cnvi_bt)) { + case 0x1e: /* BzrI */ + /* Display version information of TLV type */ + btintel_version_info_tlv(hdev, &ver_tlv); + + /* Apply the device specific HCI quirks for TLV based devices + * + * All TLV based devices support WBS + */ + set_bit(HCI_QUIRK_WIDEBAND_SPEECH_SUPPORTED, &hdev->quirks); + + /* Apply LE States quirk from solar onwards */ + set_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks); + + /* Setup MSFT Extension support */ + btintel_set_msft_opcode(hdev, + INTEL_HW_VARIANT(ver_tlv.cnvi_bt)); + + err = btintel_bootloader_setup_tlv(hdev, &ver_tlv); + if (err) + goto exit_error; + break; + default: + bt_dev_err(hdev, "Unsupported Intel hw variant (%u)", + INTEL_HW_VARIANT(ver_tlv.cnvi_bt)); + err = -EINVAL; + break; + } + +exit_error: + kfree_skb(skb); + + return err; +} + +static int btintel_pcie_setup_hdev(struct btintel_pcie_data *data) +{ + int err; + struct hci_dev *hdev; + + hdev = hci_alloc_dev(); + if (!hdev) + return -ENOMEM; + + hdev->bus = HCI_PCI; + hci_set_drvdata(hdev, data); + + data->hdev = hdev; + SET_HCIDEV_DEV(hdev, &data->pdev->dev); + + hdev->manufacturer = 2; + hdev->open = btintel_pcie_open; + hdev->close = btintel_pcie_close; + hdev->send = btintel_pcie_send_frame; + hdev->setup = btintel_pcie_setup; + hdev->shutdown = btintel_shutdown_combined; + hdev->hw_error = btintel_hw_error; + hdev->set_diag = btintel_set_diag; + hdev->set_bdaddr = btintel_set_bdaddr; + + err = hci_register_dev(hdev); + if (err < 0) { + BT_ERR("Failed to register to hdev (%d)", err); + goto exit_error; + } + + return 0; + +exit_error: + hci_free_dev(hdev); + return err; +} + +static int btintel_pcie_probe(struct pci_dev *pdev, + const struct pci_device_id *ent) +{ + int err; + struct btintel_pcie_data *data; + + if (!pdev) + return -ENODEV; + + data = devm_kzalloc(&pdev->dev, sizeof(*data), GFP_KERNEL); + if (!data) + return -ENOMEM; + + data->pdev = pdev; + + spin_lock_init(&data->irq_lock); + spin_lock_init(&data->hci_rx_lock); + + init_waitqueue_head(&data->gp0_wait_q); + data->gp0_received = false; + + init_waitqueue_head(&data->tx_wait_q); + data->tx_wait_done = false; + + data->workqueue = alloc_ordered_workqueue(KBUILD_MODNAME, WQ_HIGHPRI); + if (!data->workqueue) + return -ENOMEM; + + skb_queue_head_init(&data->rx_skb_q); + INIT_WORK(&data->rx_work, btintel_pcie_rx_work); + + data->boot_stage_cache = 0x00; + data->img_resp_cache = 0x00; + + err = btintel_pcie_config_pcie(pdev, data); + if (err) + goto exit_error; + + pci_set_drvdata(pdev, data); + + err = btintel_pcie_alloc(data); + if (err) + goto exit_error; + + err = btintel_pcie_enable_bt(data); + if (err) + goto exit_error; + + /* CNV information (CNVi and CNVr) is in CSR */ + data->cnvi = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_HW_REV_REG); + + data->cnvr = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_RF_ID_REG); + + err = btintel_pcie_start_rx(data); + if (err) + goto exit_error; + + err = btintel_pcie_setup_hdev(data); + if (err) + goto exit_error; + + bt_dev_dbg(data->hdev, "cnvi: 0x%8.8x cnvr: 0x%8.8x", data->cnvi, + data->cnvr); + return 0; + +exit_error: + /* reset device before exit */ + btintel_pcie_reset_bt(data); + + pci_clear_master(pdev); + + pci_set_drvdata(pdev, NULL); + + return err; +} + +static void btintel_pcie_remove(struct pci_dev *pdev) +{ + struct btintel_pcie_data *data; + + data = pci_get_drvdata(pdev); + + btintel_pcie_reset_bt(data); + + pci_free_irq_vectors(pdev); + + btintel_pcie_release_hdev(data); + + flush_work(&data->rx_work); + + destroy_workqueue(data->workqueue); + + btintel_pcie_free(data); + + pci_clear_master(pdev); + + pci_set_drvdata(pdev, NULL); +} + +static struct pci_driver btintel_pcie_driver = { + .name = KBUILD_MODNAME, + .id_table = btintel_pcie_table, + .probe = btintel_pcie_probe, + .remove = btintel_pcie_remove, +}; +module_pci_driver(btintel_pcie_driver); + +MODULE_AUTHOR("Tedd Ho-Jeong An <tedd.an@intel.com>"); +MODULE_DESCRIPTION("Intel Bluetooth PCIe transport driver ver " VERSION); +MODULE_VERSION(VERSION); +MODULE_LICENSE("GPL"); diff --git a/drivers/bluetooth/btintel_pcie.h b/drivers/bluetooth/btintel_pcie.h new file mode 100644 index 000000000000..baaff70420f5 --- /dev/null +++ b/drivers/bluetooth/btintel_pcie.h @@ -0,0 +1,430 @@ +/* SPDX-License-Identifier: GPL-2.0-or-later */ +/* + * + * Bluetooth support for Intel PCIe devices + * + * Copyright (C) 2024 Intel Corporation + */ + +/* Control and Status Register(BTINTEL_PCIE_CSR) */ +#define BTINTEL_PCIE_CSR_BASE (0x000) +#define BTINTEL_PCIE_CSR_FUNC_CTRL_REG (BTINTEL_PCIE_CSR_BASE + 0x024) +#define BTINTEL_PCIE_CSR_HW_REV_REG (BTINTEL_PCIE_CSR_BASE + 0x028) +#define BTINTEL_PCIE_CSR_RF_ID_REG (BTINTEL_PCIE_CSR_BASE + 0x09C) +#define BTINTEL_PCIE_CSR_BOOT_STAGE_REG (BTINTEL_PCIE_CSR_BASE + 0x108) +#define BTINTEL_PCIE_CSR_CI_ADDR_LSB_REG (BTINTEL_PCIE_CSR_BASE + 0x118) +#define BTINTEL_PCIE_CSR_CI_ADDR_MSB_REG (BTINTEL_PCIE_CSR_BASE + 0x11C) +#define BTINTEL_PCIE_CSR_IMG_RESPONSE_REG (BTINTEL_PCIE_CSR_BASE + 0x12C) +#define BTINTEL_PCIE_CSR_HBUS_TARG_WRPTR (BTINTEL_PCIE_CSR_BASE + 0x460) + +/* BTINTEL_PCIE_CSR Function Control Register */ +#define BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_ENA (BIT(0)) +#define BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_INIT (BIT(6)) +#define BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_INIT (BIT(7)) +#define BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_ACCESS_STS (BIT(20)) +#define BTINTEL_PCIE_CSR_FUNC_CTRL_SW_RESET (BIT(31)) + +/* Value for BTINTEL_PCIE_CSR_BOOT_STAGE register */ +#define BTINTEL_PCIE_CSR_BOOT_STAGE_ROM (BIT(0)) +#define BTINTEL_PCIE_CSR_BOOT_STAGE_IML (BIT(1)) +#define BTINTEL_PCIE_CSR_BOOT_STAGE_OPFW (BIT(2)) +#define BTINTEL_PCIE_CSR_BOOT_STAGE_ROM_LOCKDOWN (BIT(10)) +#define BTINTEL_PCIE_CSR_BOOT_STAGE_IML_LOCKDOWN (BIT(11)) +#define BTINTEL_PCIE_CSR_BOOT_STAGE_MAC_ACCESS_ON (BIT(16)) +#define BTINTEL_PCIE_CSR_BOOT_STAGE_ALIVE (BIT(23)) + +/* Registers for MSI-X */ +#define BTINTEL_PCIE_CSR_MSIX_BASE (0x2000) +#define BTINTEL_PCIE_CSR_MSIX_FH_INT_CAUSES (BTINTEL_PCIE_CSR_MSIX_BASE + 0x0800) +#define BTINTEL_PCIE_CSR_MSIX_FH_INT_MASK (BTINTEL_PCIE_CSR_MSIX_BASE + 0x0804) +#define BTINTEL_PCIE_CSR_MSIX_HW_INT_CAUSES (BTINTEL_PCIE_CSR_MSIX_BASE + 0x0808) +#define BTINTEL_PCIE_CSR_MSIX_HW_INT_MASK (BTINTEL_PCIE_CSR_MSIX_BASE + 0x080C) +#define BTINTEL_PCIE_CSR_MSIX_AUTOMASK_ST (BTINTEL_PCIE_CSR_MSIX_BASE + 0x0810) +#define BTINTEL_PCIE_CSR_MSIX_AUTOMASK_EN (BTINTEL_PCIE_CSR_MSIX_BASE + 0x0814) +#define BTINTEL_PCIE_CSR_MSIX_IVAR_BASE (BTINTEL_PCIE_CSR_MSIX_BASE + 0x0880) +#define BTINTEL_PCIE_CSR_MSIX_IVAR(cause) (BTINTEL_PCIE_CSR_MSIX_IVAR_BASE + (cause)) + +/* Causes for the FH register interrupts */ +enum msix_fh_int_causes { + BTINTEL_PCIE_MSIX_FH_INT_CAUSES_0 = BIT(0), /* cause 0 */ + BTINTEL_PCIE_MSIX_FH_INT_CAUSES_1 = BIT(1), /* cause 1 */ +}; + +/* Causes for the HW register interrupts */ +enum msix_hw_int_causes { + BTINTEL_PCIE_MSIX_HW_INT_CAUSES_GP0 = BIT(0), /* cause 32 */ +}; + +#define BTINTEL_PCIE_MSIX_NON_AUTO_CLEAR_CAUSE BIT(7) + +/* Minimum and Maximum number of MSI-X Vector + * Intel Bluetooth PCIe support only 1 vector + */ +#define BTINTEL_PCIE_MSIX_VEC_MAX 1 +#define BTINTEL_PCIE_MSIX_VEC_MIN 1 + +/* Default poll time for MAC access during init */ +#define BTINTEL_DEFAULT_MAC_ACCESS_TIMEOUT_US 200000 + +/* Default interrupt timeout in msec */ +#define BTINTEL_DEFAULT_INTR_TIMEOUT 3000 + +/* The number of descriptors in TX/RX queues */ +#define BTINTEL_DESCS_COUNT 16 + +/* Number of Queue for TX and RX + * It indicates the index of the IA(Index Array) + */ +enum { + BTINTEL_PCIE_TXQ_NUM = 0, + BTINTEL_PCIE_RXQ_NUM = 1, + BTINTEL_PCIE_NUM_QUEUES = 2, +}; + +/* The size of DMA buffer for TX and RX in bytes */ +#define BTINTEL_PCIE_BUFFER_SIZE 4096 + +/* DMA allocation alignment */ +#define BTINTEL_PCIE_DMA_POOL_ALIGNMENT 256 + +#define BTINTEL_PCIE_TX_WAIT_TIMEOUT_MS 500 + +/* Doorbell vector for TFD */ +#define BTINTEL_PCIE_TX_DB_VEC 0 + +/* Number of pending RX requests for downlink */ +#define BTINTEL_PCIE_RX_MAX_QUEUE 6 + +/* Doorbell vector for FRBD */ +#define BTINTEL_PCIE_RX_DB_VEC 513 + +/* RBD buffer size mapping */ +#define BTINTEL_PCIE_RBD_SIZE_4K 0x04 + +/* + * Struct for Context Information (v2) + * + * All members are write-only for host and read-only for device. + * + * @version: Version of context information + * @size: Size of context information + * @config: Config with which host wants peripheral to execute + * Subset of capability register published by device + * @addr_tr_hia: Address of TR Head Index Array + * @addr_tr_tia: Address of TR Tail Index Array + * @addr_cr_hia: Address of CR Head Index Array + * @addr_cr_tia: Address of CR Tail Index Array + * @num_tr_ia: Number of entries in TR Index Arrays + * @num_cr_ia: Number of entries in CR Index Arrays + * @rbd_siz: RBD Size { 0x4=4K } + * @addr_tfdq: Address of TFD Queue(tx) + * @addr_urbdq0: Address of URBD Queue(tx) + * @num_tfdq: Number of TFD in TFD Queue(tx) + * @num_urbdq0: Number of URBD in URBD Queue(tx) + * @tfdq_db_vec: Queue number of TFD + * @urbdq0_db_vec: Queue number of URBD + * @addr_frbdq: Address of FRBD Queue(rx) + * @addr_urbdq1: Address of URBD Queue(rx) + * @num_frbdq: Number of FRBD in FRBD Queue(rx) + * @frbdq_db_vec: Queue number of FRBD + * @num_urbdq1: Number of URBD in URBD Queue(rx) + * @urbdq_db_vec: Queue number of URBDQ1 + * @tr_msi_vec: Transfer Ring MSI-X Vector + * @cr_msi_vec: Completion Ring MSI-X Vector + * @dbgc_addr: DBGC first fragment address + * @dbgc_size: DBGC buffer size + * @early_enable: Enarly debug enable + * @dbg_output_mode: Debug output mode + * Bit[4] DBGC O/P { 0=SRAM, 1=DRAM(not relevant for NPK) } + * Bit[5] DBGC I/P { 0=BDBG, 1=DBGI } + * Bits[6:7] DBGI O/P(relevant if bit[5] = 1) + * 0=BT DBGC, 1=WiFi DBGC, 2=NPK } + * @dbg_preset: Debug preset + * @ext_addr: Address of context information extension + * @ext_size: Size of context information part + * + * Total 38 DWords + */ +struct ctx_info { + u16 version; + u16 size; + u32 config; + u32 reserved_dw02; + u32 reserved_dw03; + u64 addr_tr_hia; + u64 addr_tr_tia; + u64 addr_cr_hia; + u64 addr_cr_tia; + u16 num_tr_ia; + u16 num_cr_ia; + u32 rbd_size:4, + reserved_dw13:28; + u64 addr_tfdq; + u64 addr_urbdq0; + u16 num_tfdq; + u16 num_urbdq0; + u16 tfdq_db_vec; + u16 urbdq0_db_vec; + u64 addr_frbdq; + u64 addr_urbdq1; + u16 num_frbdq; + u16 frbdq_db_vec; + u16 num_urbdq1; + u16 urbdq_db_vec; + u16 tr_msi_vec; + u16 cr_msi_vec; + u32 reserved_dw27; + u64 dbgc_addr; + u32 dbgc_size; + u32 early_enable:1, + reserved_dw31:3, + dbg_output_mode:4, + dbg_preset:8, + reserved2_dw31:16; + u64 ext_addr; + u32 ext_size; + u32 test_param; + u32 reserved_dw36; + u32 reserved_dw37; +} __packed; + +/* Transfer Descriptor for TX + * @type: Not in use. Set to 0x0 + * @size: Size of data in the buffer + * @addr: DMA Address of buffer + */ +struct tfd { + u8 type; + u16 size; + u8 reserved; + u64 addr; + u32 reserved1; +} __packed; + +/* URB Descriptor for TX + * @tfd_index: Index of TFD in TFDQ + 1 + * @num_txq: Queue index of TFD Queue + * @cmpl_count: Completion count. Always 0x01 + * @immediate_cmpl: Immediate completion flag: Always 0x01 + */ +struct urbd0 { + u32 tfd_index:16, + num_txq:8, + cmpl_count:4, + reserved:3, + immediate_cmpl:1; +} __packed; + +/* FRB Descriptor for RX + * @tag: RX buffer tag (index of RX buffer queue) + * @addr: Address of buffer + */ +struct frbd { + u32 tag:16, + reserved:16; + u32 reserved2; + u64 addr; +} __packed; + +/* URB Descriptor for RX + * @frbd_tag: Tag from FRBD + * @status: Status + */ +struct urbd1 { + u32 frbd_tag:16, + status:1, + reserved:14, + fixed:1; +} __packed; + +/* RFH header in RX packet + * @packet_len: Length of the data in the buffer + * @rxq: RX Queue number + * @cmd_id: Command ID. Not in Use + */ +struct rfh_hdr { + u64 packet_len:16, + rxq:6, + reserved:10, + cmd_id:16, + reserved1:16; +} __packed; + +/* Internal data buffer + * @data: pointer to the data buffer + * @p_addr: physical address of data buffer + */ +struct data_buf { + u8 *data; + dma_addr_t data_p_addr; +}; + +/* Index Array */ +struct ia { + dma_addr_t tr_hia_p_addr; + u16 *tr_hia; + dma_addr_t tr_tia_p_addr; + u16 *tr_tia; + dma_addr_t cr_hia_p_addr; + u16 *cr_hia; + dma_addr_t cr_tia_p_addr; + u16 *cr_tia; +}; + +/* Structure for TX Queue + * @count: Number of descriptors + * @tfds: Array of TFD + * @urbd0s: Array of URBD0 + * @buf: Array of data_buf structure + */ +struct txq { + u16 count; + + dma_addr_t tfds_p_addr; + struct tfd *tfds; + + dma_addr_t urbd0s_p_addr; + struct urbd0 *urbd0s; + + dma_addr_t buf_p_addr; + void *buf_v_addr; + struct data_buf *bufs; +}; + +/* Structure for RX Queue + * @count: Number of descriptors + * @frbds: Array of FRBD + * @urbd1s: Array of URBD1 + * @buf: Array of data_buf structure + */ +struct rxq { + u16 count; + + dma_addr_t frbds_p_addr; + struct frbd *frbds; + + dma_addr_t urbd1s_p_addr; + struct urbd1 *urbd1s; + + dma_addr_t buf_p_addr; + void *buf_v_addr; + struct data_buf *bufs; +}; + +/* struct btintel_pcie_data + * @pdev: pci device + * @hdev: hdev device + * @flags: driver state + * @irq_lock: spinlock for MSI-X + * @hci_rx_lock: spinlock for HCI RX flow + * @base_addr: pci base address (from BAR) + * @msix_entries: array of MSI-X entries + * @msix_enabled: true if MSI-X is enabled; + * @alloc_vecs: number of interrupt vectors allocated + * @def_irq: default irq for all causes + * @fh_init_mask: initial unmasked rxq causes + * @hw_init_mask: initial unmaksed hw causes + * @boot_stage_cache: cached value of boot stage register + * @img_resp_cache: cached value of image response register + * @cnvi: CNVi register value + * @cnvr: CNVr register value + * @gp0_received: condition for gp0 interrupt + * @gp0_wait_q: wait_q for gp0 interrupt + * @tx_wait_done: condition for tx interrupt + * @tx_wait_q: wait_q for tx interrupt + * @workqueue: workqueue for RX work + * @rx_skb_q: SKB queue for RX packet + * @rx_work: RX work struct to process the RX packet in @rx_skb_q + * @dma_pool: DMA pool for descriptors, index array and ci + * @dma_p_addr: DMA address for pool + * @dma_v_addr: address of pool + * @ci_p_addr: DMA address for CI struct + * @ci: CI struct + * @ia: Index Array struct + * @txq: TX Queue struct + * @rxq: RX Queue struct + */ +struct btintel_pcie_data { + struct pci_dev *pdev; + struct hci_dev *hdev; + + unsigned long flags; + /* lock used in MSI-X interrupt */ + spinlock_t irq_lock; + /* lock to serialize rx events */ + spinlock_t hci_rx_lock; + + void __iomem *base_addr; + + struct msix_entry msix_entries[BTINTEL_PCIE_MSIX_VEC_MAX]; + bool msix_enabled; + u32 alloc_vecs; + u32 def_irq; + + u32 fh_init_mask; + u32 hw_init_mask; + + u32 boot_stage_cache; + u32 img_resp_cache; + + u32 cnvi; + u32 cnvr; + + bool gp0_received; + wait_queue_head_t gp0_wait_q; + + bool tx_wait_done; + wait_queue_head_t tx_wait_q; + + struct workqueue_struct *workqueue; + struct sk_buff_head rx_skb_q; + struct work_struct rx_work; + + struct dma_pool *dma_pool; + dma_addr_t dma_p_addr; + void *dma_v_addr; + + dma_addr_t ci_p_addr; + struct ctx_info *ci; + struct ia ia; + struct txq txq; + struct rxq rxq; +}; + +static inline u32 btintel_pcie_rd_reg32(struct btintel_pcie_data *data, + u32 offset) +{ + return ioread32(data->base_addr + offset); +} + +static inline void btintel_pcie_wr_reg8(struct btintel_pcie_data *data, + u32 offset, u8 val) +{ + iowrite8(val, data->base_addr + offset); +} + +static inline void btintel_pcie_wr_reg32(struct btintel_pcie_data *data, + u32 offset, u32 val) +{ + iowrite32(val, data->base_addr + offset); +} + +static inline void btintel_pcie_set_reg_bits(struct btintel_pcie_data *data, + u32 offset, u32 bits) +{ + u32 r; + + r = ioread32(data->base_addr + offset); + r |= bits; + iowrite32(r, data->base_addr + offset); +} + +static inline void btintel_pcie_clr_reg_bits(struct btintel_pcie_data *data, + u32 offset, u32 bits) +{ + u32 r; + + r = ioread32(data->base_addr + offset); + r &= ~bits; + iowrite32(r, data->base_addr + offset); +} diff --git a/drivers/bluetooth/btmrvl_main.c b/drivers/bluetooth/btmrvl_main.c index 9658b33c824a..18f34998a120 100644 --- a/drivers/bluetooth/btmrvl_main.c +++ b/drivers/bluetooth/btmrvl_main.c @@ -121,13 +121,6 @@ int btmrvl_process_event(struct btmrvl_private *priv, struct sk_buff *skb) ((event->data[2] == MODULE_BROUGHT_UP) || (event->data[2] == MODULE_ALREADY_UP)) ? "Bring-up succeed" : "Bring-up failed"); - - if (event->length > 3 && event->data[3]) - priv->btmrvl_dev.dev_type = HCI_AMP; - else - priv->btmrvl_dev.dev_type = HCI_PRIMARY; - - BT_DBG("dev_type: %d", priv->btmrvl_dev.dev_type); } else if (priv->btmrvl_dev.sendcmdflag && event->data[1] == MODULE_SHUTDOWN_REQ) { BT_DBG("EVENT:%s", (event->data[2]) ? @@ -686,8 +679,6 @@ int btmrvl_register_hdev(struct btmrvl_private *priv) hdev->wakeup = btmrvl_wakeup; SET_HCIDEV_DEV(hdev, &card->func->dev); - hdev->dev_type = priv->btmrvl_dev.dev_type; - ret = hci_register_dev(hdev); if (ret < 0) { BT_ERR("Can not register HCI device"); diff --git a/drivers/bluetooth/btmrvl_sdio.c b/drivers/bluetooth/btmrvl_sdio.c index d76c799553aa..85b7f2bb4259 100644 --- a/drivers/bluetooth/btmrvl_sdio.c +++ b/drivers/bluetooth/btmrvl_sdio.c @@ -1736,7 +1736,6 @@ static struct sdio_driver bt_mrvl_sdio = { .probe = btmrvl_sdio_probe, .remove = btmrvl_sdio_remove, .drv = { - .owner = THIS_MODULE, .coredump = btmrvl_sdio_coredump, .pm = &btmrvl_sdio_pm_ops, } diff --git a/drivers/bluetooth/btmtk.c b/drivers/bluetooth/btmtk.c index ac8ebccd3507..812fd2a8f853 100644 --- a/drivers/bluetooth/btmtk.c +++ b/drivers/bluetooth/btmtk.c @@ -380,8 +380,10 @@ int btmtk_process_coredump(struct hci_dev *hdev, struct sk_buff *skb) switch (data->cd_info.state) { case HCI_DEVCOREDUMP_IDLE: err = hci_devcd_init(hdev, MTK_COREDUMP_SIZE); - if (err < 0) + if (err < 0) { + kfree_skb(skb); break; + } data->cd_info.cnt = 0; /* It is supposed coredump can be done within 5 seconds */ @@ -407,9 +409,6 @@ int btmtk_process_coredump(struct hci_dev *hdev, struct sk_buff *skb) break; } - if (err < 0) - kfree_skb(skb); - return err; } EXPORT_SYMBOL_GPL(btmtk_process_coredump); diff --git a/drivers/bluetooth/btmtksdio.c b/drivers/bluetooth/btmtksdio.c index ff4868c83cd8..8ded9ef8089a 100644 --- a/drivers/bluetooth/btmtksdio.c +++ b/drivers/bluetooth/btmtksdio.c @@ -1519,7 +1519,6 @@ static struct sdio_driver btmtksdio_driver = { .remove = btmtksdio_remove, .id_table = btmtksdio_table, .drv = { - .owner = THIS_MODULE, .pm = BTMTKSDIO_PM_OPS, } }; diff --git a/drivers/bluetooth/btqca.c b/drivers/bluetooth/btqca.c index b40b32fa7f1c..dfbbac92242a 100644 --- a/drivers/bluetooth/btqca.c +++ b/drivers/bluetooth/btqca.c @@ -13,8 +13,6 @@ #include "btqca.h" -#define VERSION "0.1" - int qca_read_soc_version(struct hci_dev *hdev, struct qca_btsoc_version *ver, enum qca_btsoc_type soc_type) { @@ -55,11 +53,6 @@ int qca_read_soc_version(struct hci_dev *hdev, struct qca_btsoc_version *ver, } edl = (struct edl_event_hdr *)(skb->data); - if (!edl) { - bt_dev_err(hdev, "QCA TLV with no header"); - err = -EILSEQ; - goto out; - } if (edl->cresp != EDL_CMD_REQ_RES_EVT || edl->rtype != rtype) { @@ -99,7 +92,8 @@ static int qca_read_fw_build_info(struct hci_dev *hdev) { struct sk_buff *skb; struct edl_event_hdr *edl; - char cmd, build_label[QCA_FW_BUILD_VER_LEN]; + char *build_label; + char cmd; int build_lbl_len, err = 0; bt_dev_dbg(hdev, "QCA read fw build info"); @@ -114,13 +108,13 @@ static int qca_read_fw_build_info(struct hci_dev *hdev) return err; } - edl = (struct edl_event_hdr *)(skb->data); - if (!edl) { - bt_dev_err(hdev, "QCA read fw build info with no header"); + if (skb->len < sizeof(*edl)) { err = -EILSEQ; goto out; } + edl = (struct edl_event_hdr *)(skb->data); + if (edl->cresp != EDL_CMD_REQ_RES_EVT || edl->rtype != EDL_GET_BUILD_INFO_CMD) { bt_dev_err(hdev, "QCA Wrong packet received %d %d", edl->cresp, @@ -129,14 +123,27 @@ static int qca_read_fw_build_info(struct hci_dev *hdev) goto out; } + if (skb->len < sizeof(*edl) + 1) { + err = -EILSEQ; + goto out; + } + build_lbl_len = edl->data[0]; - if (build_lbl_len <= QCA_FW_BUILD_VER_LEN - 1) { - memcpy(build_label, edl->data + 1, build_lbl_len); - *(build_label + build_lbl_len) = '\0'; + + if (skb->len < sizeof(*edl) + 1 + build_lbl_len) { + err = -EILSEQ; + goto out; + } + + build_label = kstrndup(&edl->data[1], build_lbl_len, GFP_KERNEL); + if (!build_label) { + err = -ENOMEM; + goto out; } hci_set_fw_info(hdev, "%s", build_label); + kfree(build_label); out: kfree_skb(skb); return err; @@ -166,11 +173,6 @@ static int qca_send_patch_config_cmd(struct hci_dev *hdev) } edl = (struct edl_event_hdr *)(skb->data); - if (!edl) { - bt_dev_err(hdev, "QCA Patch config with no header"); - err = -EILSEQ; - goto out; - } if (edl->cresp != EDL_PATCH_CONFIG_RES_EVT || edl->rtype != EDL_PATCH_CONFIG_CMD) { bt_dev_err(hdev, "QCA Wrong packet received %d %d", edl->cresp, @@ -235,6 +237,11 @@ static int qca_read_fw_board_id(struct hci_dev *hdev, u16 *bid) goto out; } + if (skb->len < 3) { + err = -EILSEQ; + goto out; + } + *bid = (edl->data[1] << 8) + edl->data[2]; bt_dev_dbg(hdev, "%s: bid = %x", __func__, *bid); @@ -265,9 +272,10 @@ int qca_send_pre_shutdown_cmd(struct hci_dev *hdev) } EXPORT_SYMBOL_GPL(qca_send_pre_shutdown_cmd); -static void qca_tlv_check_data(struct hci_dev *hdev, +static int qca_tlv_check_data(struct hci_dev *hdev, struct qca_fw_config *config, - u8 *fw_data, enum qca_btsoc_type soc_type) + u8 *fw_data, size_t fw_size, + enum qca_btsoc_type soc_type) { const u8 *data; u32 type_len; @@ -277,12 +285,16 @@ static void qca_tlv_check_data(struct hci_dev *hdev, struct tlv_type_patch *tlv_patch; struct tlv_type_nvm *tlv_nvm; uint8_t nvm_baud_rate = config->user_baud_rate; + u8 type; config->dnld_mode = QCA_SKIP_EVT_NONE; config->dnld_type = QCA_SKIP_EVT_NONE; switch (config->type) { case ELF_TYPE_PATCH: + if (fw_size < 7) + return -EINVAL; + config->dnld_mode = QCA_SKIP_EVT_VSE_CC; config->dnld_type = QCA_SKIP_EVT_VSE_CC; @@ -291,6 +303,9 @@ static void qca_tlv_check_data(struct hci_dev *hdev, bt_dev_dbg(hdev, "File version : 0x%x", fw_data[6]); break; case TLV_TYPE_PATCH: + if (fw_size < sizeof(struct tlv_type_hdr) + sizeof(struct tlv_type_patch)) + return -EINVAL; + tlv = (struct tlv_type_hdr *)fw_data; type_len = le32_to_cpu(tlv->type_len); tlv_patch = (struct tlv_type_patch *)tlv->data; @@ -330,25 +345,64 @@ static void qca_tlv_check_data(struct hci_dev *hdev, break; case TLV_TYPE_NVM: + if (fw_size < sizeof(struct tlv_type_hdr)) + return -EINVAL; + tlv = (struct tlv_type_hdr *)fw_data; type_len = le32_to_cpu(tlv->type_len); - length = (type_len >> 8) & 0x00ffffff; + length = type_len >> 8; + type = type_len & 0xff; - BT_DBG("TLV Type\t\t : 0x%x", type_len & 0x000000ff); + /* Some NVM files have more than one set of tags, only parse + * the first set when it has type 2 for now. When there is + * more than one set there is an enclosing header of type 4. + */ + if (type == 4) { + if (fw_size < 2 * sizeof(struct tlv_type_hdr)) + return -EINVAL; + + tlv++; + + type_len = le32_to_cpu(tlv->type_len); + length = type_len >> 8; + type = type_len & 0xff; + } + + BT_DBG("TLV Type\t\t : 0x%x", type); BT_DBG("Length\t\t : %d bytes", length); + if (type != 2) + break; + + if (fw_size < length + (tlv->data - fw_data)) + return -EINVAL; + idx = 0; data = tlv->data; - while (idx < length) { + while (idx < length - sizeof(struct tlv_type_nvm)) { tlv_nvm = (struct tlv_type_nvm *)(data + idx); tag_id = le16_to_cpu(tlv_nvm->tag_id); tag_len = le16_to_cpu(tlv_nvm->tag_len); + if (length < idx + sizeof(struct tlv_type_nvm) + tag_len) + return -EINVAL; + /* Update NVM tags as needed */ switch (tag_id) { + case EDL_TAG_ID_BD_ADDR: + if (tag_len != sizeof(bdaddr_t)) + return -EINVAL; + + memcpy(&config->bdaddr, tlv_nvm->data, sizeof(bdaddr_t)); + + break; + case EDL_TAG_ID_HCI: + if (tag_len < 3) + return -EINVAL; + /* HCI transport layer parameters * enabling software inband sleep * onto controller side. @@ -364,6 +418,9 @@ static void qca_tlv_check_data(struct hci_dev *hdev, break; case EDL_TAG_ID_DEEP_SLEEP: + if (tag_len < 1) + return -EINVAL; + /* Sleep enable mask * enabling deep sleep feature on controller. */ @@ -372,14 +429,16 @@ static void qca_tlv_check_data(struct hci_dev *hdev, break; } - idx += (sizeof(u16) + sizeof(u16) + 8 + tag_len); + idx += sizeof(struct tlv_type_nvm) + tag_len; } break; default: BT_ERR("Unknown TLV type %d", config->type); - break; + return -EINVAL; } + + return 0; } static int qca_tlv_send_segment(struct hci_dev *hdev, int seg_size, @@ -428,11 +487,6 @@ static int qca_tlv_send_segment(struct hci_dev *hdev, int seg_size, } edl = (struct edl_event_hdr *)(skb->data); - if (!edl) { - bt_dev_err(hdev, "TLV with no header"); - err = -EILSEQ; - goto out; - } if (edl->cresp != EDL_CMD_REQ_RES_EVT || edl->rtype != rtype) { bt_dev_err(hdev, "QCA TLV with error stat 0x%x rtype 0x%x", @@ -529,7 +583,9 @@ static int qca_download_firmware(struct hci_dev *hdev, memcpy(data, fw->data, size); release_firmware(fw); - qca_tlv_check_data(hdev, config, data, soc_type); + ret = qca_tlv_check_data(hdev, config, data, size, soc_type); + if (ret) + goto out; segment = data; remain = size; @@ -612,6 +668,38 @@ int qca_set_bdaddr_rome(struct hci_dev *hdev, const bdaddr_t *bdaddr) } EXPORT_SYMBOL_GPL(qca_set_bdaddr_rome); +static int qca_check_bdaddr(struct hci_dev *hdev, const struct qca_fw_config *config) +{ + struct hci_rp_read_bd_addr *bda; + struct sk_buff *skb; + int err; + + if (bacmp(&hdev->public_addr, BDADDR_ANY)) + return 0; + + skb = __hci_cmd_sync(hdev, HCI_OP_READ_BD_ADDR, 0, NULL, + HCI_INIT_TIMEOUT); + if (IS_ERR(skb)) { + err = PTR_ERR(skb); + bt_dev_err(hdev, "Failed to read device address (%d)", err); + return err; + } + + if (skb->len != sizeof(*bda)) { + bt_dev_err(hdev, "Device address length mismatch"); + kfree_skb(skb); + return -EIO; + } + + bda = (struct hci_rp_read_bd_addr *)skb->data; + if (!bacmp(&bda->bdaddr, &config->bdaddr)) + set_bit(HCI_QUIRK_USE_BDADDR_PROPERTY, &hdev->quirks); + + kfree_skb(skb); + + return 0; +} + static void qca_generate_hsp_nvm_name(char *fwname, size_t max_size, struct qca_btsoc_version ver, u8 rom_ver, u16 bid) { @@ -629,11 +717,24 @@ static void qca_generate_hsp_nvm_name(char *fwname, size_t max_size, snprintf(fwname, max_size, "qca/hpnv%02x%s.%x", rom_ver, variant, bid); } +static inline void qca_get_nvm_name_generic(struct qca_fw_config *cfg, + const char *stem, u8 rom_ver, u16 bid) +{ + if (bid == 0x0) + snprintf(cfg->fwname, sizeof(cfg->fwname), "qca/%snv%02x.bin", stem, rom_ver); + else if (bid & 0xff00) + snprintf(cfg->fwname, sizeof(cfg->fwname), + "qca/%snv%02x.b%x", stem, rom_ver, bid); + else + snprintf(cfg->fwname, sizeof(cfg->fwname), + "qca/%snv%02x.b%02x", stem, rom_ver, bid); +} + int qca_uart_setup(struct hci_dev *hdev, uint8_t baudrate, enum qca_btsoc_type soc_type, struct qca_btsoc_version ver, const char *firmware_name) { - struct qca_fw_config config; + struct qca_fw_config config = {}; int err; u8 rom_ver = 0; u32 soc_ver; @@ -709,7 +810,7 @@ int qca_uart_setup(struct hci_dev *hdev, uint8_t baudrate, /* Give the controller some time to get ready to receive the NVM */ msleep(10); - if (soc_type == QCA_QCA2066) + if (soc_type == QCA_QCA2066 || soc_type == QCA_WCN7850) qca_read_fw_board_id(hdev, &boardid); /* Download NVM configuration */ @@ -751,8 +852,7 @@ int qca_uart_setup(struct hci_dev *hdev, uint8_t baudrate, "qca/hpnv%02x.bin", rom_ver); break; case QCA_WCN7850: - snprintf(config.fwname, sizeof(config.fwname), - "qca/hmtnv%02x.bin", rom_ver); + qca_get_nvm_name_generic(&config, "hmt", rom_ver, boardid); break; default: @@ -818,6 +918,10 @@ int qca_uart_setup(struct hci_dev *hdev, uint8_t baudrate, break; } + err = qca_check_bdaddr(hdev, &config); + if (err) + return err; + bt_dev_info(hdev, "QCA setup on UART is completed"); return 0; @@ -826,11 +930,15 @@ EXPORT_SYMBOL_GPL(qca_uart_setup); int qca_set_bdaddr(struct hci_dev *hdev, const bdaddr_t *bdaddr) { + bdaddr_t bdaddr_swapped; struct sk_buff *skb; int err; - skb = __hci_cmd_sync_ev(hdev, EDL_WRITE_BD_ADDR_OPCODE, 6, bdaddr, - HCI_EV_VENDOR, HCI_INIT_TIMEOUT); + baswap(&bdaddr_swapped, bdaddr); + + skb = __hci_cmd_sync_ev(hdev, EDL_WRITE_BD_ADDR_OPCODE, 6, + &bdaddr_swapped, HCI_EV_VENDOR, + HCI_INIT_TIMEOUT); if (IS_ERR(skb)) { err = PTR_ERR(skb); bt_dev_err(hdev, "QCA Change address cmd failed (%d)", err); @@ -845,6 +953,5 @@ EXPORT_SYMBOL_GPL(qca_set_bdaddr); MODULE_AUTHOR("Ben Young Tae Kim <ytkim@qca.qualcomm.com>"); -MODULE_DESCRIPTION("Bluetooth support for Qualcomm Atheros family ver " VERSION); -MODULE_VERSION(VERSION); +MODULE_DESCRIPTION("Bluetooth support for Qualcomm Atheros family"); MODULE_LICENSE("GPL"); diff --git a/drivers/bluetooth/btqca.h b/drivers/bluetooth/btqca.h index dc31984f71dc..bb5207d7a8c7 100644 --- a/drivers/bluetooth/btqca.h +++ b/drivers/bluetooth/btqca.h @@ -5,32 +5,33 @@ * Copyright (c) 2015 The Linux Foundation. All rights reserved. */ -#define EDL_PATCH_CMD_OPCODE (0xFC00) -#define EDL_NVM_ACCESS_OPCODE (0xFC0B) -#define EDL_WRITE_BD_ADDR_OPCODE (0xFC14) -#define EDL_PATCH_CMD_LEN (1) -#define EDL_PATCH_VER_REQ_CMD (0x19) -#define EDL_PATCH_TLV_REQ_CMD (0x1E) -#define EDL_GET_BUILD_INFO_CMD (0x20) -#define EDL_GET_BID_REQ_CMD (0x23) -#define EDL_NVM_ACCESS_SET_REQ_CMD (0x01) -#define EDL_PATCH_CONFIG_CMD (0x28) -#define MAX_SIZE_PER_TLV_SEGMENT (243) -#define QCA_PRE_SHUTDOWN_CMD (0xFC08) -#define QCA_DISABLE_LOGGING (0xFC17) - -#define EDL_CMD_REQ_RES_EVT (0x00) -#define EDL_PATCH_VER_RES_EVT (0x19) -#define EDL_APP_VER_RES_EVT (0x02) -#define EDL_TVL_DNLD_RES_EVT (0x04) -#define EDL_CMD_EXE_STATUS_EVT (0x00) -#define EDL_SET_BAUDRATE_RSP_EVT (0x92) -#define EDL_NVM_ACCESS_CODE_EVT (0x0B) -#define EDL_PATCH_CONFIG_RES_EVT (0x00) -#define QCA_DISABLE_LOGGING_SUB_OP (0x14) - -#define EDL_TAG_ID_HCI (17) -#define EDL_TAG_ID_DEEP_SLEEP (27) +#define EDL_PATCH_CMD_OPCODE 0xFC00 +#define EDL_NVM_ACCESS_OPCODE 0xFC0B +#define EDL_WRITE_BD_ADDR_OPCODE 0xFC14 +#define EDL_PATCH_CMD_LEN 1 +#define EDL_PATCH_VER_REQ_CMD 0x19 +#define EDL_PATCH_TLV_REQ_CMD 0x1E +#define EDL_GET_BUILD_INFO_CMD 0x20 +#define EDL_GET_BID_REQ_CMD 0x23 +#define EDL_NVM_ACCESS_SET_REQ_CMD 0x01 +#define EDL_PATCH_CONFIG_CMD 0x28 +#define MAX_SIZE_PER_TLV_SEGMENT 243 +#define QCA_PRE_SHUTDOWN_CMD 0xFC08 +#define QCA_DISABLE_LOGGING 0xFC17 + +#define EDL_CMD_REQ_RES_EVT 0x00 +#define EDL_PATCH_VER_RES_EVT 0x19 +#define EDL_APP_VER_RES_EVT 0x02 +#define EDL_TVL_DNLD_RES_EVT 0x04 +#define EDL_CMD_EXE_STATUS_EVT 0x00 +#define EDL_SET_BAUDRATE_RSP_EVT 0x92 +#define EDL_NVM_ACCESS_CODE_EVT 0x0B +#define EDL_PATCH_CONFIG_RES_EVT 0x00 +#define QCA_DISABLE_LOGGING_SUB_OP 0x14 + +#define EDL_TAG_ID_BD_ADDR 2 +#define EDL_TAG_ID_HCI 17 +#define EDL_TAG_ID_DEEP_SLEEP 27 #define QCA_WCN3990_POWERON_PULSE 0xFC #define QCA_WCN3990_POWEROFF_PULSE 0xC0 @@ -38,7 +39,7 @@ #define QCA_HCI_CC_OPCODE 0xFC00 #define QCA_HCI_CC_SUCCESS 0x00 -#define QCA_WCN3991_SOC_ID (0x40014320) +#define QCA_WCN3991_SOC_ID 0x40014320 /* QCA chipset version can be decided by patch and SoC * version, combination with upper 2 bytes from SoC @@ -47,12 +48,11 @@ #define get_soc_ver(soc_id, rom_ver) \ ((le32_to_cpu(soc_id) << 16) | (le16_to_cpu(rom_ver))) -#define QCA_FW_BUILD_VER_LEN 255 -#define QCA_HSP_GF_SOC_ID 0x1200 -#define QCA_HSP_GF_SOC_MASK 0x0000ff00 +#define QCA_HSP_GF_SOC_ID 0x1200 +#define QCA_HSP_GF_SOC_MASK 0x0000ff00 enum qca_baudrate { - QCA_BAUDRATE_115200 = 0, + QCA_BAUDRATE_115200 = 0, QCA_BAUDRATE_57600, QCA_BAUDRATE_38400, QCA_BAUDRATE_19200, @@ -71,7 +71,7 @@ enum qca_baudrate { QCA_BAUDRATE_1600000, QCA_BAUDRATE_3200000, QCA_BAUDRATE_3500000, - QCA_BAUDRATE_AUTO = 0xFE, + QCA_BAUDRATE_AUTO = 0xFE, QCA_BAUDRATE_RESERVED }; @@ -94,6 +94,7 @@ struct qca_fw_config { uint8_t user_baud_rate; enum qca_tlv_dnld_mode dnld_mode; enum qca_tlv_dnld_mode dnld_type; + bdaddr_t bdaddr; }; struct edl_event_hdr { diff --git a/drivers/bluetooth/btqcomsmd.c b/drivers/bluetooth/btqcomsmd.c index 11c7e04bf394..88dbb2f3fabf 100644 --- a/drivers/bluetooth/btqcomsmd.c +++ b/drivers/bluetooth/btqcomsmd.c @@ -197,7 +197,7 @@ destroy_acl_channel: return ret; } -static int btqcomsmd_remove(struct platform_device *pdev) +static void btqcomsmd_remove(struct platform_device *pdev) { struct btqcomsmd *btq = platform_get_drvdata(pdev); @@ -206,8 +206,6 @@ static int btqcomsmd_remove(struct platform_device *pdev) rpmsg_destroy_ept(btq->cmd_channel); rpmsg_destroy_ept(btq->acl_channel); - - return 0; } static const struct of_device_id btqcomsmd_of_match[] = { @@ -218,7 +216,7 @@ MODULE_DEVICE_TABLE(of, btqcomsmd_of_match); static struct platform_driver btqcomsmd_driver = { .probe = btqcomsmd_probe, - .remove = btqcomsmd_remove, + .remove_new = btqcomsmd_remove, .driver = { .name = "btqcomsmd", .of_match_table = btqcomsmd_of_match, diff --git a/drivers/bluetooth/btrsi.c b/drivers/bluetooth/btrsi.c index 634cf8f5ed2d..0c91d7635ac3 100644 --- a/drivers/bluetooth/btrsi.c +++ b/drivers/bluetooth/btrsi.c @@ -134,7 +134,6 @@ static int rsi_hci_attach(void *priv, struct rsi_proto_ops *ops) hdev->bus = HCI_USB; hci_set_drvdata(hdev, h_adapter); - hdev->dev_type = HCI_PRIMARY; hdev->open = rsi_hci_open; hdev->close = rsi_hci_close; hdev->flush = rsi_hci_flush; diff --git a/drivers/bluetooth/btrtl.c b/drivers/bluetooth/btrtl.c index cc50de69e8dc..4f1e37b4f780 100644 --- a/drivers/bluetooth/btrtl.c +++ b/drivers/bluetooth/btrtl.c @@ -1339,6 +1339,13 @@ int btrtl_setup_realtek(struct hci_dev *hdev) btrtl_set_quirks(hdev, btrtl_dev); + hci_set_hw_info(hdev, + "RTL lmp_subver=%u hci_rev=%u hci_ver=%u hci_bus=%u", + btrtl_dev->ic_info->lmp_subver, + btrtl_dev->ic_info->hci_rev, + btrtl_dev->ic_info->hci_ver, + btrtl_dev->ic_info->hci_bus); + btrtl_free(btrtl_dev); return ret; } diff --git a/drivers/bluetooth/btsdio.c b/drivers/bluetooth/btsdio.c index f19d31ee37ea..fdcfe9c50313 100644 --- a/drivers/bluetooth/btsdio.c +++ b/drivers/bluetooth/btsdio.c @@ -32,9 +32,6 @@ static const struct sdio_device_id btsdio_table[] = { /* Generic Bluetooth Type-B SDIO device */ { SDIO_DEVICE_CLASS(SDIO_CLASS_BT_B) }, - /* Generic Bluetooth AMP controller */ - { SDIO_DEVICE_CLASS(SDIO_CLASS_BT_AMP) }, - { } /* Terminating entry */ }; @@ -319,11 +316,6 @@ static int btsdio_probe(struct sdio_func *func, hdev->bus = HCI_SDIO; hci_set_drvdata(hdev, data); - if (id->class == SDIO_CLASS_BT_AMP) - hdev->dev_type = HCI_AMP; - else - hdev->dev_type = HCI_PRIMARY; - data->hdev = hdev; SET_HCIDEV_DEV(hdev, &func->dev); diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c index 06e915b57283..e384ef6ff050 100644 --- a/drivers/bluetooth/btusb.c +++ b/drivers/bluetooth/btusb.c @@ -477,6 +477,7 @@ static const struct usb_device_id quirks_table[] = { { USB_DEVICE(0x8087, 0x0033), .driver_info = BTUSB_INTEL_COMBINED }, { USB_DEVICE(0x8087, 0x0035), .driver_info = BTUSB_INTEL_COMBINED }, { USB_DEVICE(0x8087, 0x0036), .driver_info = BTUSB_INTEL_COMBINED }, + { USB_DEVICE(0x8087, 0x0037), .driver_info = BTUSB_INTEL_COMBINED }, { USB_DEVICE(0x8087, 0x0038), .driver_info = BTUSB_INTEL_COMBINED }, { USB_DEVICE(0x8087, 0x07da), .driver_info = BTUSB_CSR }, { USB_DEVICE(0x8087, 0x07dc), .driver_info = BTUSB_INTEL_COMBINED | @@ -542,6 +543,8 @@ static const struct usb_device_id quirks_table[] = { /* Realtek 8852BE Bluetooth devices */ { USB_DEVICE(0x0cb8, 0xc559), .driver_info = BTUSB_REALTEK | BTUSB_WIDEBAND_SPEECH }, + { USB_DEVICE(0x0bda, 0x4853), .driver_info = BTUSB_REALTEK | + BTUSB_WIDEBAND_SPEECH }, { USB_DEVICE(0x0bda, 0x887b), .driver_info = BTUSB_REALTEK | BTUSB_WIDEBAND_SPEECH }, { USB_DEVICE(0x0bda, 0xb85b), .driver_info = BTUSB_REALTEK | @@ -586,6 +589,9 @@ static const struct usb_device_id quirks_table[] = { { USB_DEVICE(0x0489, 0xe0c8), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, + { USB_DEVICE(0x0489, 0xe0cd), .driver_info = BTUSB_MEDIATEK | + BTUSB_WIDEBAND_SPEECH | + BTUSB_VALID_LE_STATES }, { USB_DEVICE(0x0489, 0xe0e0), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, @@ -595,6 +601,9 @@ static const struct usb_device_id quirks_table[] = { { USB_DEVICE(0x04ca, 0x3802), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, + { USB_DEVICE(0x0e8d, 0x0608), .driver_info = BTUSB_MEDIATEK | + BTUSB_WIDEBAND_SPEECH | + BTUSB_VALID_LE_STATES }, { USB_DEVICE(0x13d3, 0x3563), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, @@ -610,10 +619,12 @@ static const struct usb_device_id quirks_table[] = { { USB_DEVICE(0x13d3, 0x3583), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, - { USB_DEVICE(0x0489, 0xe0cd), .driver_info = BTUSB_MEDIATEK | + { USB_DEVICE(0x13d3, 0x3606), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, - { USB_DEVICE(0x0e8d, 0x0608), .driver_info = BTUSB_MEDIATEK | + + /* MediaTek MT7922 Bluetooth devices */ + { USB_DEVICE(0x13d3, 0x3585), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, @@ -624,12 +635,6 @@ static const struct usb_device_id quirks_table[] = { { USB_DEVICE(0x0489, 0xe0d9), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, - { USB_DEVICE(0x0489, 0xe0f5), .driver_info = BTUSB_MEDIATEK | - BTUSB_WIDEBAND_SPEECH | - BTUSB_VALID_LE_STATES }, - { USB_DEVICE(0x13d3, 0x3568), .driver_info = BTUSB_MEDIATEK | - BTUSB_WIDEBAND_SPEECH | - BTUSB_VALID_LE_STATES }, { USB_DEVICE(0x0489, 0xe0e2), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, @@ -654,14 +659,38 @@ static const struct usb_device_id quirks_table[] = { { USB_DEVICE(0x04ca, 0x3804), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, + { USB_DEVICE(0x04ca, 0x38e4), .driver_info = BTUSB_MEDIATEK | + BTUSB_WIDEBAND_SPEECH | + BTUSB_VALID_LE_STATES }, + { USB_DEVICE(0x13d3, 0x3568), .driver_info = BTUSB_MEDIATEK | + BTUSB_WIDEBAND_SPEECH | + BTUSB_VALID_LE_STATES }, + { USB_DEVICE(0x13d3, 0x3605), .driver_info = BTUSB_MEDIATEK | + BTUSB_WIDEBAND_SPEECH | + BTUSB_VALID_LE_STATES }, + { USB_DEVICE(0x13d3, 0x3607), .driver_info = BTUSB_MEDIATEK | + BTUSB_WIDEBAND_SPEECH | + BTUSB_VALID_LE_STATES }, + { USB_DEVICE(0x13d3, 0x3614), .driver_info = BTUSB_MEDIATEK | + BTUSB_WIDEBAND_SPEECH | + BTUSB_VALID_LE_STATES }, + { USB_DEVICE(0x13d3, 0x3615), .driver_info = BTUSB_MEDIATEK | + BTUSB_WIDEBAND_SPEECH | + BTUSB_VALID_LE_STATES }, { USB_DEVICE(0x35f5, 0x7922), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, /* Additional MediaTek MT7925 Bluetooth devices */ + { USB_DEVICE(0x0489, 0xe113), .driver_info = BTUSB_MEDIATEK | + BTUSB_WIDEBAND_SPEECH | + BTUSB_VALID_LE_STATES }, { USB_DEVICE(0x13d3, 0x3602), .driver_info = BTUSB_MEDIATEK | BTUSB_WIDEBAND_SPEECH | BTUSB_VALID_LE_STATES }, + { USB_DEVICE(0x13d3, 0x3603), .driver_info = BTUSB_MEDIATEK | + BTUSB_WIDEBAND_SPEECH | + BTUSB_VALID_LE_STATES }, /* Additional Realtek 8723AE Bluetooth devices */ { USB_DEVICE(0x0930, 0x021d), .driver_info = BTUSB_REALTEK }, @@ -2949,7 +2978,7 @@ static int btusb_mtk_uhw_reg_read(struct btusb_data *data, u32 reg, u32 *val) err = usb_control_msg(data->udev, pipe, 0x01, 0xDE, reg >> 16, reg & 0xffff, - buf, 4, USB_CTRL_SET_TIMEOUT); + buf, 4, USB_CTRL_GET_TIMEOUT); if (err < 0) { bt_dev_err(hdev, "Failed to read uhw reg(%d)", err); goto err_free_buf; @@ -2977,7 +3006,7 @@ static int btusb_mtk_reg_read(struct btusb_data *data, u32 reg, u32 *val) err = usb_control_msg(data->udev, pipe, 0x63, USB_TYPE_VENDOR | USB_DIR_IN, reg >> 16, reg & 0xffff, - buf, size, USB_CTRL_SET_TIMEOUT); + buf, size, USB_CTRL_GET_TIMEOUT); if (err < 0) goto err_free_buf; @@ -3116,6 +3145,7 @@ static int btusb_mtk_setup(struct hci_dev *hdev) bt_dev_err(hdev, "Failed to get fw flavor (%d)", err); return err; } + fw_flavor = (fw_flavor & 0x00000080) >> 7; } mediatek = hci_get_priv(hdev); @@ -3480,13 +3510,12 @@ static void btusb_dump_hdr_qca(struct hci_dev *hdev, struct sk_buff *skb) static void btusb_coredump_qca(struct hci_dev *hdev) { + int err; static const u8 param[] = { 0x26 }; - struct sk_buff *skb; - skb = __hci_cmd_sync(hdev, 0xfc0c, 1, param, HCI_CMD_TIMEOUT); - if (IS_ERR(skb)) - bt_dev_err(hdev, "%s: triggle crash failed (%ld)", __func__, PTR_ERR(skb)); - kfree_skb(skb); + err = __hci_cmd_send(hdev, 0xfc0c, 1, param); + if (err < 0) + bt_dev_err(hdev, "%s: triggle crash failed (%d)", __func__, err); } /* @@ -3692,7 +3721,7 @@ static int btusb_qca_send_vendor_req(struct usb_device *udev, u8 request, */ pipe = usb_rcvctrlpipe(udev, 0); err = usb_control_msg(udev, pipe, request, USB_TYPE_VENDOR | USB_DIR_IN, - 0, 0, buf, size, USB_CTRL_SET_TIMEOUT); + 0, 0, buf, size, USB_CTRL_GET_TIMEOUT); if (err < 0) { dev_err(&udev->dev, "Failed to access otp area (%d)", err); goto done; @@ -4330,11 +4359,6 @@ static int btusb_probe(struct usb_interface *intf, hdev->bus = HCI_USB; hci_set_drvdata(hdev, data); - if (id->driver_info & BTUSB_AMP) - hdev->dev_type = HCI_AMP; - else - hdev->dev_type = HCI_PRIMARY; - data->hdev = hdev; SET_HCIDEV_DEV(hdev, &intf->dev); diff --git a/drivers/bluetooth/hci_bcm.c b/drivers/bluetooth/hci_bcm.c index 874d23089b39..89d4c2224546 100644 --- a/drivers/bluetooth/hci_bcm.c +++ b/drivers/bluetooth/hci_bcm.c @@ -1293,7 +1293,7 @@ static int bcm_probe(struct platform_device *pdev) return 0; } -static int bcm_remove(struct platform_device *pdev) +static void bcm_remove(struct platform_device *pdev) { struct bcm_device *dev = platform_get_drvdata(pdev); @@ -1302,8 +1302,6 @@ static int bcm_remove(struct platform_device *pdev) mutex_unlock(&bcm_device_lock); dev_info(&pdev->dev, "%s device unregistered.\n", dev->name); - - return 0; } static const struct hci_uart_proto bcm_proto = { @@ -1487,7 +1485,7 @@ static const struct acpi_device_id bcm_acpi_match[] = { { "BCM2EA1" }, { "BCM2EA2", (long)&bcm43430_device_data }, { "BCM2EA3", (long)&bcm43430_device_data }, - { "BCM2EA4" }, + { "BCM2EA4", (long)&bcm43430_device_data }, /* bcm43455 */ { "BCM2EA5" }, { "BCM2EA6" }, { "BCM2EA7" }, @@ -1509,7 +1507,7 @@ static const struct dev_pm_ops bcm_pm_ops = { static struct platform_driver bcm_driver = { .probe = bcm_probe, - .remove = bcm_remove, + .remove_new = bcm_remove, .driver = { .name = "hci_bcm", .acpi_match_table = ACPI_PTR(bcm_acpi_match), diff --git a/drivers/bluetooth/hci_bcm4377.c b/drivers/bluetooth/hci_bcm4377.c index 9a7243d5db71..0c2f15235b4c 100644 --- a/drivers/bluetooth/hci_bcm4377.c +++ b/drivers/bluetooth/hci_bcm4377.c @@ -2361,7 +2361,6 @@ static int bcm4377_probe(struct pci_dev *pdev, const struct pci_device_id *id) bcm4377->hdev = hdev; hdev->bus = HCI_PCI; - hdev->dev_type = HCI_PRIMARY; hdev->open = bcm4377_hci_open; hdev->close = bcm4377_hci_close; hdev->send = bcm4377_hci_send_frame; diff --git a/drivers/bluetooth/hci_intel.c b/drivers/bluetooth/hci_intel.c index 78afb9a348e7..999ccd5bb4f2 100644 --- a/drivers/bluetooth/hci_intel.c +++ b/drivers/bluetooth/hci_intel.c @@ -537,7 +537,7 @@ static int intel_setup(struct hci_uart *hu) int speed_change = 0; int err; - bt_dev_dbg(hdev, "start intel_setup"); + bt_dev_dbg(hdev, ""); hu->hdev->set_diag = btintel_set_diag; hu->hdev->set_bdaddr = btintel_set_bdaddr; @@ -591,12 +591,12 @@ static int intel_setup(struct hci_uart *hu) return -EINVAL; } - /* Check for supported iBT hardware variants of this firmware - * loading method. - * - * This check has been put in place to ensure correct forward - * compatibility options when newer hardware variants come along. - */ + /* Check for supported iBT hardware variants of this firmware + * loading method. + * + * This check has been put in place to ensure correct forward + * compatibility options when newer hardware variants come along. + */ switch (ver.hw_variant) { case 0x0b: /* LnP */ case 0x0c: /* WsP */ @@ -777,7 +777,7 @@ static int intel_setup(struct hci_uart *hu) rettime = ktime_get(); delta = ktime_sub(rettime, calltime); - duration = (unsigned long long) ktime_to_ns(delta) >> 10; + duration = (unsigned long long)ktime_to_ns(delta) >> 10; bt_dev_info(hdev, "Firmware loaded in %llu usecs", duration); @@ -822,7 +822,7 @@ done: rettime = ktime_get(); delta = ktime_sub(rettime, calltime); - duration = (unsigned long long) ktime_to_ns(delta) >> 10; + duration = (unsigned long long)ktime_to_ns(delta) >> 10; bt_dev_info(hdev, "Device booted in %llu usecs", duration); @@ -977,6 +977,7 @@ static int intel_recv(struct hci_uart *hu, const void *data, int count) ARRAY_SIZE(intel_recv_pkts)); if (IS_ERR(intel->rx_skb)) { int err = PTR_ERR(intel->rx_skb); + bt_dev_err(hu->hdev, "Frame reassembly failed (%d)", err); intel->rx_skb = NULL; return err; @@ -1190,7 +1191,7 @@ no_irq: return 0; } -static int intel_remove(struct platform_device *pdev) +static void intel_remove(struct platform_device *pdev) { struct intel_device *idev = platform_get_drvdata(pdev); @@ -1201,13 +1202,11 @@ static int intel_remove(struct platform_device *pdev) mutex_unlock(&intel_device_list_lock); dev_info(&pdev->dev, "unregistered.\n"); - - return 0; } static struct platform_driver intel_driver = { .probe = intel_probe, - .remove = intel_remove, + .remove_new = intel_remove, .driver = { .name = "hci_intel", .acpi_match_table = ACPI_PTR(intel_acpi_match), diff --git a/drivers/bluetooth/hci_ldisc.c b/drivers/bluetooth/hci_ldisc.c index a26367e9fb19..17a2f158a0df 100644 --- a/drivers/bluetooth/hci_ldisc.c +++ b/drivers/bluetooth/hci_ldisc.c @@ -667,11 +667,6 @@ static int hci_uart_register_dev(struct hci_uart *hu) if (!test_bit(HCI_UART_RESET_ON_INIT, &hu->hdev_flags)) set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks); - if (test_bit(HCI_UART_CREATE_AMP, &hu->hdev_flags)) - hdev->dev_type = HCI_AMP; - else - hdev->dev_type = HCI_PRIMARY; - /* Only call open() for the protocol after hdev is fully initialized as * open() (or a timer/workqueue it starts) may attempt to reference it. */ @@ -722,7 +717,6 @@ static int hci_uart_set_flags(struct hci_uart *hu, unsigned long flags) { unsigned long valid_flags = BIT(HCI_UART_RAW_DEVICE) | BIT(HCI_UART_RESET_ON_INIT) | - BIT(HCI_UART_CREATE_AMP) | BIT(HCI_UART_INIT_PENDING) | BIT(HCI_UART_EXT_CONFIG) | BIT(HCI_UART_VND_DETECT); diff --git a/drivers/bluetooth/hci_qca.c b/drivers/bluetooth/hci_qca.c index 8a60ad7acd70..0c9c9ee56592 100644 --- a/drivers/bluetooth/hci_qca.c +++ b/drivers/bluetooth/hci_qca.c @@ -7,7 +7,6 @@ * * Copyright (C) 2007 Texas Instruments, Inc. * Copyright (c) 2010, 2012, 2018 The Linux Foundation. All rights reserved. - * Copyright (c) 2023 Qualcomm Innovation Center, Inc. All rights reserved. * * Acknowledgements: * This file is based on hci_ll.c, which was... @@ -226,6 +225,7 @@ struct qca_serdev { struct qca_power *bt_power; u32 init_speed; u32 oper_speed; + bool bdaddr_property_broken; const char *firmware_name; }; @@ -1672,6 +1672,9 @@ static bool qca_wakeup(struct hci_dev *hdev) struct hci_uart *hu = hci_get_drvdata(hdev); bool wakeup; + if (!hu->serdev) + return true; + /* BT SoC attached through the serial bus is handled by the serdev driver. * So we need to use the device handle of the serdev driver to get the * status of device may wakeup. @@ -1843,6 +1846,7 @@ static int qca_setup(struct hci_uart *hu) const char *firmware_name = qca_get_firmware_name(hu); int ret; struct qca_btsoc_version ver; + struct qca_serdev *qcadev; const char *soc_name; ret = qca_check_speeds(hu); @@ -1904,16 +1908,9 @@ retry: case QCA_WCN6750: case QCA_WCN6855: case QCA_WCN7850: - - /* Set BDA quirk bit for reading BDA value from fwnode property - * only if that property exist in DT. - */ - if (fwnode_property_present(dev_fwnode(hdev->dev.parent), "local-bd-address")) { - set_bit(HCI_QUIRK_USE_BDADDR_PROPERTY, &hdev->quirks); - bt_dev_info(hdev, "setting quirk bit to read BDA from fwnode later"); - } else { - bt_dev_dbg(hdev, "local-bd-address` is not present in the devicetree so not setting quirk bit for BDA"); - } + qcadev = serdev_device_get_drvdata(hu->serdev); + if (qcadev->bdaddr_property_broken) + set_bit(HCI_QUIRK_BDADDR_PROPERTY_BROKEN, &hdev->quirks); hci_set_aosp_capable(hdev); @@ -1961,8 +1958,10 @@ retry: qca_debugfs_init(hdev); hu->hdev->hw_error = qca_hw_error; hu->hdev->cmd_timeout = qca_cmd_timeout; - if (device_can_wakeup(hu->serdev->ctrl->dev.parent)) - hu->hdev->wakeup = qca_wakeup; + if (hu->serdev) { + if (device_can_wakeup(hu->serdev->ctrl->dev.parent)) + hu->hdev->wakeup = qca_wakeup; + } } else if (ret == -ENOENT) { /* No patch/nvm-config found, run with original fw/config */ set_bit(QCA_ROM_FW, &qca->flags); @@ -2295,6 +2294,9 @@ static int qca_serdev_probe(struct serdev_device *serdev) if (!qcadev->oper_speed) BT_DBG("UART will pick default operating speed"); + qcadev->bdaddr_property_broken = device_property_read_bool(&serdev->dev, + "qcom,local-bd-address-broken"); + if (data) qcadev->btsoc_type = data->soc_type; else @@ -2330,16 +2332,21 @@ static int qca_serdev_probe(struct serdev_device *serdev) (data->soc_type == QCA_WCN6750 || data->soc_type == QCA_WCN6855)) { dev_err(&serdev->dev, "failed to acquire BT_EN gpio\n"); - power_ctrl_enabled = false; + return PTR_ERR(qcadev->bt_en); } + if (!qcadev->bt_en) + power_ctrl_enabled = false; + qcadev->sw_ctrl = devm_gpiod_get_optional(&serdev->dev, "swctrl", GPIOD_IN); if (IS_ERR(qcadev->sw_ctrl) && (data->soc_type == QCA_WCN6750 || data->soc_type == QCA_WCN6855 || - data->soc_type == QCA_WCN7850)) - dev_warn(&serdev->dev, "failed to acquire SW_CTRL gpio\n"); + data->soc_type == QCA_WCN7850)) { + dev_err(&serdev->dev, "failed to acquire SW_CTRL gpio\n"); + return PTR_ERR(qcadev->sw_ctrl); + } qcadev->susclk = devm_clk_get_optional(&serdev->dev, NULL); if (IS_ERR(qcadev->susclk)) { @@ -2358,10 +2365,13 @@ static int qca_serdev_probe(struct serdev_device *serdev) qcadev->bt_en = devm_gpiod_get_optional(&serdev->dev, "enable", GPIOD_OUT_LOW); if (IS_ERR(qcadev->bt_en)) { - dev_warn(&serdev->dev, "failed to acquire enable gpio\n"); - power_ctrl_enabled = false; + dev_err(&serdev->dev, "failed to acquire enable gpio\n"); + return PTR_ERR(qcadev->bt_en); } + if (!qcadev->bt_en) + power_ctrl_enabled = false; + qcadev->susclk = devm_clk_get_optional(&serdev->dev, NULL); if (IS_ERR(qcadev->susclk)) { dev_warn(&serdev->dev, "failed to acquire clk\n"); diff --git a/drivers/bluetooth/hci_serdev.c b/drivers/bluetooth/hci_serdev.c index 85c0d9b68f5f..89a22e9b3253 100644 --- a/drivers/bluetooth/hci_serdev.c +++ b/drivers/bluetooth/hci_serdev.c @@ -366,11 +366,6 @@ int hci_uart_register_device_priv(struct hci_uart *hu, if (test_bit(HCI_UART_EXT_CONFIG, &hu->hdev_flags)) set_bit(HCI_QUIRK_EXTERNAL_CONFIG, &hdev->quirks); - if (test_bit(HCI_UART_CREATE_AMP, &hu->hdev_flags)) - hdev->dev_type = HCI_AMP; - else - hdev->dev_type = HCI_PRIMARY; - if (test_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags)) return 0; diff --git a/drivers/bluetooth/hci_uart.h b/drivers/bluetooth/hci_uart.h index 68c8c7e95d64..00bf7ae82c5b 100644 --- a/drivers/bluetooth/hci_uart.h +++ b/drivers/bluetooth/hci_uart.h @@ -37,7 +37,6 @@ #define HCI_UART_RAW_DEVICE 0 #define HCI_UART_RESET_ON_INIT 1 -#define HCI_UART_CREATE_AMP 2 #define HCI_UART_INIT_PENDING 3 #define HCI_UART_EXT_CONFIG 4 #define HCI_UART_VND_DETECT 5 diff --git a/drivers/bluetooth/hci_vhci.c b/drivers/bluetooth/hci_vhci.c index 572d68d52965..28750a40f0ed 100644 --- a/drivers/bluetooth/hci_vhci.c +++ b/drivers/bluetooth/hci_vhci.c @@ -384,17 +384,10 @@ static int __vhci_create_device(struct vhci_data *data, __u8 opcode) { struct hci_dev *hdev; struct sk_buff *skb; - __u8 dev_type; if (data->hdev) return -EBADFD; - /* bits 0-1 are dev_type (Primary or AMP) */ - dev_type = opcode & 0x03; - - if (dev_type != HCI_PRIMARY && dev_type != HCI_AMP) - return -EINVAL; - /* bits 2-5 are reserved (must be zero) */ if (opcode & 0x3c) return -EINVAL; @@ -412,7 +405,6 @@ static int __vhci_create_device(struct vhci_data *data, __u8 opcode) data->hdev = hdev; hdev->bus = HCI_VIRTUAL; - hdev->dev_type = dev_type; hci_set_drvdata(hdev, data); hdev->open = vhci_open_dev; @@ -634,7 +626,7 @@ static void vhci_open_timeout(struct work_struct *work) struct vhci_data *data = container_of(work, struct vhci_data, open_timeout.work); - vhci_create_device(data, amp ? HCI_AMP : HCI_PRIMARY); + vhci_create_device(data, 0x00); } static int vhci_open(struct inode *inode, struct file *file) diff --git a/drivers/bluetooth/virtio_bt.c b/drivers/bluetooth/virtio_bt.c index 2ac70b560c46..40bd83825c29 100644 --- a/drivers/bluetooth/virtio_bt.c +++ b/drivers/bluetooth/virtio_bt.c @@ -274,7 +274,6 @@ static int virtbt_probe(struct virtio_device *vdev) switch (type) { case VIRTIO_BT_CONFIG_TYPE_PRIMARY: - case VIRTIO_BT_CONFIG_TYPE_AMP: break; default: return -EINVAL; @@ -303,7 +302,6 @@ static int virtbt_probe(struct virtio_device *vdev) vbt->hdev = hdev; hdev->bus = HCI_VIRTIO; - hdev->dev_type = type; hci_set_drvdata(hdev, vbt); hdev->open = virtbt_open; @@ -417,7 +415,6 @@ static const unsigned int virtbt_features[] = { static struct virtio_driver virtbt_driver = { .driver.name = KBUILD_MODNAME, - .driver.owner = THIS_MODULE, .feature_table = virtbt_features, .feature_table_size = ARRAY_SIZE(virtbt_features), .id_table = virtbt_table, |