1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24#include <linux/kernel.h>
25#include <linux/module.h>
26#include <linux/init.h>
27#include <linux/slab.h>
28#include <linux/types.h>
29#include <linux/sched.h>
30#include <linux/errno.h>
31#include <linux/skbuff.h>
32#include <linux/completion.h>
33#include <linux/firmware.h>
34#include <linux/usb.h>
35#include <net/bluetooth/bluetooth.h>
36#include <net/bluetooth/hci_core.h>
37
38#include "btmtk_usb.h"
39
40#define VERSION "1.0.4"
41#define MT7650_FIRMWARE "mt7650.bin"
42#define MT7662_FIRMWARE "mt7662.bin"
43
44static struct usb_driver btmtk_usb_driver;
45
46
47static int btmtk_usb_load_rom_patch(struct btmtk_usb_data *);
48static int btmtk_usb_load_fw(struct btmtk_usb_data *);
49
50static void hex_dump(char *str, u8 *src_buf, u32 src_buf_len)
51{
52 unsigned char *pt;
53 int x;
54
55 pt = src_buf;
56
57 BT_DBG("%s: %p, len = %d\n", str, src_buf, src_buf_len);
58
59 for (x = 0; x < src_buf_len; x++) {
60 if (x % 16 == 0)
61 BT_DBG("0x%04x : ", x);
62 BT_DBG("%02x ", ((unsigned char)pt[x]));
63 if (x % 16 == 15)
64 BT_DBG("\n");
65 }
66
67 BT_DBG("\n");
68}
69
70static int btmtk_usb_reset(struct usb_device *udev)
71{
72 int ret;
73
74 BT_DBG("%s\n", __func__);
75
76 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x01,
77 DEVICE_VENDOR_REQUEST_OUT, 0x01, 0x00,
78 NULL, 0x00, CONTROL_TIMEOUT_JIFFIES);
79
80 if (ret < 0) {
81 BT_ERR("%s error(%d)\n", __func__, ret);
82 return ret;
83 }
84
85 if (ret > 0)
86 ret = 0;
87
88 return ret;
89}
90
91static int btmtk_usb_io_read32(struct btmtk_usb_data *data, u32 reg, u32 *val)
92{
93 u8 request = data->r_request;
94 struct usb_device *udev = data->udev;
95 int ret;
96 __le32 val_le;
97
98 ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0), request,
99 DEVICE_VENDOR_REQUEST_IN, 0x0, reg, data->io_buf,
100 4, CONTROL_TIMEOUT_JIFFIES);
101
102 if (ret < 0) {
103 *val = 0xffffffff;
104 BT_ERR("%s error(%d), reg=%x, value=%x\n",
105 __func__, ret, reg, *val);
106 return ret;
107 }
108
109 memmove(&val_le, data->io_buf, 4);
110
111 *val = le32_to_cpu(val_le);
112
113 if (ret > 0)
114 ret = 0;
115
116 return ret;
117}
118
119static int btmtk_usb_io_write32(struct btmtk_usb_data *data, u32 reg, u32 val)
120{
121 u16 value, index;
122 u8 request = data->w_request;
123 struct usb_device *udev = data->udev;
124 int ret;
125
126 index = (u16)reg;
127 value = val & 0x0000ffff;
128
129 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), request,
130 DEVICE_VENDOR_REQUEST_OUT, value, index,
131 NULL, 0, CONTROL_TIMEOUT_JIFFIES);
132
133 if (ret < 0) {
134 BT_ERR("%s error(%d), reg=%x, value=%x\n",
135 __func__, ret, reg, val);
136 return ret;
137 }
138
139 index = (u16)(reg + 2);
140 value = (val & 0xffff0000) >> 16;
141
142 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0),
143 request, DEVICE_VENDOR_REQUEST_OUT,
144 value, index, NULL, 0, CONTROL_TIMEOUT_JIFFIES);
145
146 if (ret < 0) {
147 BT_ERR("%s error(%d), reg=%x, value=%x\n",
148 __func__, ret, reg, val);
149 return ret;
150 }
151
152 if (ret > 0)
153 ret = 0;
154
155 return ret;
156}
157
158static int btmtk_usb_switch_iobase(struct btmtk_usb_data *data, int base)
159{
160 int ret = 0;
161
162 switch (base) {
163 case SYSCTL:
164 data->w_request = 0x42;
165 data->r_request = 0x47;
166 break;
167 case WLAN:
168 data->w_request = 0x02;
169 data->r_request = 0x07;
170 break;
171
172 default:
173 return -EINVAL;
174 }
175
176 return ret;
177}
178
179static void btmtk_usb_cap_init(struct btmtk_usb_data *data)
180{
181 const struct firmware *firmware;
182 struct usb_device *udev = data->udev;
183 int ret;
184
185 btmtk_usb_io_read32(data, 0x00, &data->chip_id);
186
187 BT_DBG("chip id = %x\n", data->chip_id);
188
189 if (is_mt7630(data) || is_mt7650(data)) {
190 data->need_load_fw = 1;
191 data->need_load_rom_patch = 0;
192 ret = request_firmware(&firmware, MT7650_FIRMWARE, &udev->dev);
193 if (ret < 0) {
194 if (ret == -ENOENT) {
195 BT_ERR("Firmware file \"%s\" not found\n",
196 MT7650_FIRMWARE);
197 } else {
198 BT_ERR("Firmware file \"%s\" request failed (err=%d)\n",
199 MT7650_FIRMWARE, ret);
200 }
201 } else {
202 BT_DBG("Firmware file \"%s\" Found\n",
203 MT7650_FIRMWARE);
204
205 data->firmware = firmware;
206 btmtk_usb_load_fw(data);
207 }
208 release_firmware(firmware);
209 } else if (is_mt7632(data) || is_mt7662(data)) {
210 data->need_load_fw = 0;
211 data->need_load_rom_patch = 1;
212 data->rom_patch_offset = 0x90000;
213 ret = request_firmware(&firmware, MT7662_FIRMWARE, &udev->dev);
214 if (ret < 0) {
215 if (ret == -ENOENT) {
216 BT_ERR("Firmware file \"%s\" not found\n",
217 MT7662_FIRMWARE);
218 } else {
219 BT_ERR("Firmware file \"%s\" request failed (err=%d)\n",
220 MT7662_FIRMWARE, ret);
221 }
222 } else {
223 BT_DBG("Firmware file \"%s\" Found\n", MT7662_FIRMWARE);
224
225 data->firmware = firmware;
226 data->rom_patch_len = firmware->size;
227 btmtk_usb_load_rom_patch(data);
228 }
229 release_firmware(firmware);
230 } else {
231 BT_ERR("unknow chip(%x)\n", data->chip_id);
232 }
233}
234
235static u16 checksume16(u8 *pData, int len)
236{
237 int sum = 0;
238
239 while (len > 1) {
240 sum += *((u16 *)pData);
241
242 pData = pData + 2;
243
244 if (sum & 0x80000000)
245 sum = (sum & 0xFFFF) + (sum >> 16);
246
247 len -= 2;
248 }
249
250 if (len)
251 sum += *((u8 *)pData);
252
253 while (sum >> 16)
254 sum = (sum & 0xFFFF) + (sum >> 16);
255
256 return ~sum;
257}
258
259static int btmtk_usb_chk_crc(struct btmtk_usb_data *data, u32 checksum_len)
260{
261 int ret = 0;
262 struct usb_device *udev = data->udev;
263
264 BT_DBG("%s\n", __func__);
265
266 memmove(data->io_buf, &data->rom_patch_offset, 4);
267 memmove(&data->io_buf[4], &checksum_len, 4);
268
269 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x1,
270 DEVICE_VENDOR_REQUEST_IN, 0x20, 0x00, data->io_buf,
271 8, CONTROL_TIMEOUT_JIFFIES);
272
273 if (ret < 0)
274 BT_ERR("%s error(%d)\n", __func__, ret);
275
276 return ret;
277}
278
279static u16 btmtk_usb_get_crc(struct btmtk_usb_data *data)
280{
281 int ret = 0;
282 struct usb_device *udev = data->udev;
283 u16 crc, count = 0;
284 __le16 crc_le;
285
286 BT_DBG("%s\n", __func__);
287
288 while (1) {
289 ret = usb_control_msg(udev, usb_rcvctrlpipe(udev, 0),
290 0x01, DEVICE_VENDOR_REQUEST_IN,
291 0x21, 0x00, data->io_buf, 2,
292 CONTROL_TIMEOUT_JIFFIES);
293
294 if (ret < 0) {
295 crc = 0xFFFF;
296 BT_ERR("%s error(%d)\n", __func__, ret);
297 }
298
299 memmove(&crc_le, data->io_buf, 2);
300
301 crc = le16_to_cpu(crc_le);
302
303 if (crc != 0xFFFF)
304 break;
305
306 mdelay(100);
307
308 if (count++ > 100) {
309 BT_ERR("Query CRC over %d times\n", count);
310 break;
311 }
312 }
313
314 return crc;
315}
316
317static int btmtk_usb_reset_wmt(struct btmtk_usb_data *data)
318{
319 int ret = 0;
320
321
322 u8 cmd[8] = {0x6F, 0xFC, 0x05, 0x01, 0x07, 0x01, 0x00, 0x04};
323
324 memmove(data->io_buf, cmd, 8);
325
326 BT_DBG("%s\n", __func__);
327
328 ret = usb_control_msg(data->udev, usb_sndctrlpipe(data->udev, 0), 0x01,
329 DEVICE_CLASS_REQUEST_OUT, 0x12, 0x00,
330 data->io_buf, 8, CONTROL_TIMEOUT_JIFFIES);
331
332 if (ret)
333 BT_ERR("%s:(%d)\n", __func__, ret);
334
335 return ret;
336}
337
338static void load_rom_patch_complete(struct urb *urb)
339{
340
341 struct completion *sent_to_mcu_done = (struct completion *)urb->context;
342
343 complete(sent_to_mcu_done);
344}
345
346static int btmtk_usb_load_rom_patch(struct btmtk_usb_data *data)
347{
348 u32 loop = 0;
349 u32 value;
350 s32 sent_len;
351 int ret = 0, total_checksum = 0;
352 struct urb *urb;
353 u32 patch_len = 0;
354 u32 cur_len = 0;
355 dma_addr_t data_dma;
356 struct completion sent_to_mcu_done;
357 int first_block = 1;
358 unsigned char phase;
359 void *buf;
360 char *pos;
361 unsigned int pipe;
362 pipe = usb_sndbulkpipe(data->udev, data->bulk_tx_ep->bEndpointAddress);
363
364 if (!data->firmware) {
365 BT_ERR("%s:please assign a rom patch\n", __func__);
366 return -1;
367 }
368
369load_patch_protect:
370 btmtk_usb_switch_iobase(data, WLAN);
371 btmtk_usb_io_read32(data, SEMAPHORE_03, &value);
372 loop++;
373
374 if (((value & 0x01) == 0x00) && (loop < 600)) {
375 mdelay(1);
376 goto load_patch_protect;
377 }
378
379 btmtk_usb_io_write32(data, 0x1004, 0x2c);
380
381 btmtk_usb_switch_iobase(data, SYSCTL);
382
383 btmtk_usb_io_write32(data, 0x1c, 0x30);
384
385
386 btmtk_usb_io_write32(data, 0x9018, 0x00c00020);
387
388 btmtk_usb_switch_iobase(data, WLAN);
389
390
391 btmtk_usb_io_read32(data, COM_REG0, &value);
392
393 if ((value & 0x02) == 0x02)
394 goto error0;
395
396 urb = usb_alloc_urb(0, GFP_ATOMIC);
397
398 if (!urb) {
399 ret = -ENOMEM;
400 goto error0;
401 }
402
403 buf = usb_alloc_coherent(data->udev, UPLOAD_PATCH_UNIT,
404 GFP_ATOMIC, &data_dma);
405
406 if (!buf) {
407 ret = -ENOMEM;
408 goto error1;
409 }
410
411 pos = buf;
412 BT_DBG("loading rom patch");
413
414 init_completion(&sent_to_mcu_done);
415
416 cur_len = 0x00;
417 patch_len = data->rom_patch_len - PATCH_INFO_SIZE;
418
419
420 while (1) {
421 s32 sent_len_max = UPLOAD_PATCH_UNIT - PATCH_HEADER_SIZE;
422 sent_len = min_t(s32, (patch_len - cur_len), sent_len_max);
423
424 BT_DBG("patch_len = %d\n", patch_len);
425 BT_DBG("cur_len = %d\n", cur_len);
426 BT_DBG("sent_len = %d\n", sent_len);
427
428 if (sent_len <= 0)
429 break;
430
431 if (first_block == 1) {
432 if (sent_len < sent_len_max)
433 phase = PATCH_PHASE3;
434 else
435 phase = PATCH_PHASE1;
436 first_block = 0;
437 } else if (sent_len == sent_len_max) {
438 phase = PATCH_PHASE2;
439 } else {
440 phase = PATCH_PHASE3;
441 }
442
443
444 pos[0] = 0x6F;
445 pos[1] = 0xFC;
446 pos[2] = (sent_len + 5) & 0xFF;
447 pos[3] = ((sent_len + 5) >> 8) & 0xFF;
448
449
450 pos[4] = 0x01;
451 pos[5] = 0x01;
452 pos[6] = (sent_len + 1) & 0xFF;
453 pos[7] = ((sent_len + 1) >> 8) & 0xFF;
454
455 pos[8] = phase;
456
457 memcpy(&pos[9],
458 data->firmware->data + PATCH_INFO_SIZE + cur_len,
459 sent_len);
460
461 BT_DBG("sent_len + PATCH_HEADER_SIZE = %d, phase = %d\n",
462 sent_len + PATCH_HEADER_SIZE, phase);
463
464 usb_fill_bulk_urb(urb,
465 data->udev,
466 pipe,
467 buf,
468 sent_len + PATCH_HEADER_SIZE,
469 load_rom_patch_complete,
470 &sent_to_mcu_done);
471
472 urb->transfer_dma = data_dma;
473 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
474
475 ret = usb_submit_urb(urb, GFP_ATOMIC);
476
477 if (ret)
478 goto error2;
479
480 if (!wait_for_completion_timeout(&sent_to_mcu_done,
481 msecs_to_jiffies(1000))) {
482 usb_kill_urb(urb);
483 BT_ERR("upload rom_patch timeout\n");
484 goto error2;
485 }
486
487 BT_DBG(".");
488
489 mdelay(200);
490
491 cur_len += sent_len;
492
493 }
494
495 total_checksum = checksume16(
496 (u8 *)data->firmware->data + PATCH_INFO_SIZE,
497 patch_len);
498
499 BT_DBG("Send checksum req..\n");
500
501 btmtk_usb_chk_crc(data, patch_len);
502
503 mdelay(20);
504
505 if (total_checksum != btmtk_usb_get_crc(data)) {
506 BT_ERR("checksum fail!, local(0x%x) <> fw(0x%x)\n",
507 total_checksum, btmtk_usb_get_crc(data));
508 ret = -1;
509 goto error2;
510 }
511
512 mdelay(20);
513
514 ret = btmtk_usb_reset_wmt(data);
515
516 mdelay(20);
517
518error2:
519 usb_free_coherent(data->udev, UPLOAD_PATCH_UNIT, buf, data_dma);
520error1:
521 usb_free_urb(urb);
522error0:
523 btmtk_usb_io_write32(data, SEMAPHORE_03, 0x1);
524 return ret;
525}
526
527
528static int load_fw_iv(struct btmtk_usb_data *data)
529{
530 int ret;
531 struct usb_device *udev = data->udev;
532 char *buf = kmalloc(64, GFP_ATOMIC);
533
534 memmove(buf, data->firmware->data + 32, 64);
535
536 ret = usb_control_msg(udev, usb_sndctrlpipe(udev, 0), 0x01,
537 DEVICE_VENDOR_REQUEST_OUT, 0x12, 0x0, buf, 64,
538 CONTROL_TIMEOUT_JIFFIES);
539
540 if (ret < 0) {
541 BT_ERR("%s error(%d) step4\n", __func__, ret);
542 kfree(buf);
543 return ret;
544 }
545
546 if (ret > 0)
547 ret = 0;
548
549 kfree(buf);
550
551 return ret;
552}
553
554static void load_fw_complete(struct urb *urb)
555{
556
557 struct completion *sent_to_mcu_done = (struct completion *)urb->context;
558
559 complete(sent_to_mcu_done);
560}
561
562static int btmtk_usb_load_fw(struct btmtk_usb_data *data)
563{
564 struct usb_device *udev = data->udev;
565 struct urb *urb;
566 void *buf;
567 u32 cur_len = 0;
568 u32 packet_header = 0;
569 __le32 packet_header_le;
570 u32 value;
571 u32 ilm_len = 0, dlm_len = 0;
572 u16 fw_ver, build_ver;
573 u32 loop = 0;
574 dma_addr_t data_dma;
575 int ret = 0, sent_len;
576 struct completion sent_to_mcu_done;
577 unsigned int pipe;
578 pipe = usb_sndbulkpipe(data->udev, data->bulk_tx_ep->bEndpointAddress);
579
580 if (!data->firmware) {
581 BT_ERR("%s:please assign a fw\n", __func__);
582 return -1;
583 }
584
585 BT_DBG("bulk_tx_ep = %x\n", data->bulk_tx_ep->bEndpointAddress);
586
587loadfw_protect:
588 btmtk_usb_switch_iobase(data, WLAN);
589 btmtk_usb_io_read32(data, SEMAPHORE_00, &value);
590 loop++;
591
592 if (((value & 0x1) == 0) && (loop < 10000))
593 goto loadfw_protect;
594
595
596 btmtk_usb_io_read32(data, COM_REG0, &value);
597
598 if ((value & 0x01) == 0x01)
599 goto error0;
600
601
602 btmtk_usb_io_write32(data, 0x238, 0x1c000000);
603
604 btmtk_usb_reset(udev);
605 mdelay(100);
606
607 ilm_len = (*(data->firmware->data + 3) << 24)
608 | (*(data->firmware->data + 2) << 16)
609 | (*(data->firmware->data + 1) << 8)
610 | (*data->firmware->data);
611
612 dlm_len = (*(data->firmware->data + 7) << 24)
613 | (*(data->firmware->data + 6) << 16)
614 | (*(data->firmware->data + 5) << 8)
615 | (*(data->firmware->data + 4));
616
617 fw_ver = (*(data->firmware->data + 11) << 8) |
618 (*(data->firmware->data + 10));
619
620 build_ver = (*(data->firmware->data + 9) << 8) |
621 (*(data->firmware->data + 8));
622
623 BT_DBG("fw version:%d.%d.%02d ",
624 (fw_ver & 0xf000) >> 8,
625 (fw_ver & 0x0f00) >> 8,
626 (fw_ver & 0x00ff));
627
628 BT_DBG("build:%x\n", build_ver);
629
630 BT_DBG("build Time =");
631
632 for (loop = 0; loop < 16; loop++)
633 BT_DBG("%c", *(data->firmware->data + 16 + loop));
634
635 BT_DBG("\n");
636
637 BT_DBG("ILM length = %d(bytes)\n", ilm_len);
638 BT_DBG("DLM length = %d(bytes)\n", dlm_len);
639
640 btmtk_usb_switch_iobase(data, SYSCTL);
641
642
643 btmtk_usb_io_write32(data, 0x790, 0x400230);
644
645
646 btmtk_usb_io_write32(data, 0x794, 0x1);
647
648
649 btmtk_usb_io_write32(data, 0x798, 0x1);
650
651
652 btmtk_usb_io_write32(data, 0x704, 0x44);
653
654 urb = usb_alloc_urb(0, GFP_ATOMIC);
655
656 if (!urb) {
657 ret = -ENOMEM;
658 goto error1;
659 }
660
661 buf = usb_alloc_coherent(udev, 14592, GFP_ATOMIC, &data_dma);
662
663 if (!buf) {
664 ret = -ENOMEM;
665 goto error2;
666 }
667
668 BT_DBG("loading fw");
669
670 init_completion(&sent_to_mcu_done);
671
672 btmtk_usb_switch_iobase(data, SYSCTL);
673
674 cur_len = 0x40;
675
676
677 while (1) {
678 sent_len = min_t(s32, (ilm_len - cur_len), 14336);
679
680 if (sent_len > 0) {
681 packet_header &= ~(0xffffffff);
682 packet_header |= (sent_len << 16);
683 packet_header_le = cpu_to_le32(packet_header);
684
685 memmove(buf, &packet_header_le, 4);
686 memmove(buf + 4, data->firmware->data + 32 + cur_len,
687 sent_len);
688
689
690 btmtk_usb_io_write32(data, 0x230, cur_len);
691
692 while ((sent_len % 4) != 0)
693 sent_len++;
694
695
696 btmtk_usb_io_write32(data, 0x234, sent_len << 16);
697
698 usb_fill_bulk_urb(urb,
699 udev,
700 pipe,
701 buf,
702 sent_len + 4,
703 load_fw_complete,
704 &sent_to_mcu_done);
705
706 urb->transfer_dma = data_dma;
707 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
708
709 ret = usb_submit_urb(urb, GFP_ATOMIC);
710
711 if (ret)
712 goto error3;
713
714 if (!wait_for_completion_timeout(&sent_to_mcu_done,
715 msecs_to_jiffies(1000))) {
716 usb_kill_urb(urb);
717 BT_ERR("upload ilm fw timeout\n");
718 goto error3;
719 }
720
721 BT_DBG(".");
722
723 mdelay(200);
724
725 cur_len += sent_len;
726 } else {
727 break;
728 }
729 }
730
731 init_completion(&sent_to_mcu_done);
732 cur_len = 0x00;
733
734
735 while (1) {
736 sent_len = min_t(s32, (dlm_len - cur_len), 14336);
737
738 if (sent_len <= 0)
739 break;
740
741 packet_header &= ~(0xffffffff);
742 packet_header |= (sent_len << 16);
743 packet_header_le = cpu_to_le32(packet_header);
744
745 memmove(buf, &packet_header_le, 4);
746 memmove(buf + 4,
747 data->firmware->data + 32 + ilm_len + cur_len,
748 sent_len);
749
750
751 btmtk_usb_io_write32(data, 0x230, 0x80000 + cur_len);
752
753 while ((sent_len % 4) != 0) {
754 BT_DBG("sent_len is not divided by 4\n");
755 sent_len++;
756 }
757
758
759 btmtk_usb_io_write32(data, 0x234, sent_len << 16);
760
761 usb_fill_bulk_urb(urb,
762 udev,
763 pipe,
764 buf,
765 sent_len + 4,
766 load_fw_complete,
767 &sent_to_mcu_done);
768
769 urb->transfer_dma = data_dma;
770 urb->transfer_flags |= URB_NO_TRANSFER_DMA_MAP;
771
772 ret = usb_submit_urb(urb, GFP_ATOMIC);
773
774 if (ret)
775 goto error3;
776
777 if (!wait_for_completion_timeout(&sent_to_mcu_done,
778 msecs_to_jiffies(1000))) {
779 usb_kill_urb(urb);
780 BT_ERR("upload dlm fw timeout\n");
781 goto error3;
782 }
783
784 BT_DBG(".");
785
786 mdelay(500);
787
788 cur_len += sent_len;
789
790 }
791
792
793 ret = load_fw_iv(data);
794 mdelay(100);
795
796 btmtk_usb_switch_iobase(data, WLAN);
797
798
799 loop = 0;
800
801 do {
802 btmtk_usb_io_read32(data, COM_REG0, &value);
803
804 if (value == 0x01)
805 break;
806
807 mdelay(10);
808 loop++;
809 } while (loop <= 100);
810
811 if (loop > 1000) {
812 BT_ERR("wait for 100 times\n");
813 ret = -ENODEV;
814 }
815
816error3:
817 usb_free_coherent(udev, 14592, buf, data_dma);
818error2:
819 usb_free_urb(urb);
820error1:
821
822 btmtk_usb_io_read32(data, 0x238, &value);
823 value = value & ~(0x10000000);
824 btmtk_usb_io_write32(data, 0x238, value);
825error0:
826 btmtk_usb_io_write32(data, SEMAPHORE_00, 0x1);
827 return ret;
828}
829
830static int inc_tx(struct btmtk_usb_data *data)
831{
832 unsigned long flags;
833 int rv;
834
835 spin_lock_irqsave(&data->txlock, flags);
836 rv = test_bit(BTUSB_SUSPENDING, &data->flags);
837 if (!rv)
838 data->tx_in_flight++;
839 spin_unlock_irqrestore(&data->txlock, flags);
840
841 return rv;
842}
843
844static void btmtk_usb_intr_complete(struct urb *urb)
845{
846 struct hci_dev *hdev = urb->context;
847 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
848 int err;
849
850 BT_DBG("%s: %s urb %p status %d count %d\n", __func__, hdev->name,
851 urb, urb->status, urb->actual_length);
852
853 if (!test_bit(HCI_RUNNING, &hdev->flags))
854 return;
855
856 if (urb->status == 0) {
857 hdev->stat.byte_rx += urb->actual_length;
858
859 hex_dump("hci event", urb->transfer_buffer, urb->actual_length);
860
861 if (hci_recv_fragment(hdev, HCI_EVENT_PKT,
862 urb->transfer_buffer,
863 urb->actual_length) < 0) {
864 BT_ERR("%s corrupted event packet", hdev->name);
865 hdev->stat.err_rx++;
866 }
867 }
868
869 if (!test_bit(BTUSB_INTR_RUNNING, &data->flags))
870 return;
871
872 usb_mark_last_busy(data->udev);
873 usb_anchor_urb(urb, &data->intr_anchor);
874
875 err = usb_submit_urb(urb, GFP_ATOMIC);
876
877 if (err < 0) {
878
879
880 if (err != -EPERM && err != -ENODEV)
881 BT_ERR("%s urb %p failed to resubmit (%d)",
882 hdev->name, urb, -err);
883 usb_unanchor_urb(urb);
884 }
885}
886
887static int btmtk_usb_submit_intr_urb(struct hci_dev *hdev, gfp_t mem_flags)
888{
889 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
890 struct urb *urb;
891 unsigned char *buf;
892 unsigned int pipe;
893 int err, size;
894
895 BT_DBG("%s\n", __func__);
896
897 if (!data->intr_ep)
898 return -ENODEV;
899
900 urb = usb_alloc_urb(0, mem_flags);
901 if (!urb)
902 return -ENOMEM;
903
904 size = le16_to_cpu(data->intr_ep->wMaxPacketSize);
905
906 buf = kmalloc(size, mem_flags);
907 if (!buf) {
908 usb_free_urb(urb);
909 return -ENOMEM;
910 }
911
912 pipe = usb_rcvintpipe(data->udev, data->intr_ep->bEndpointAddress);
913
914 usb_fill_int_urb(urb, data->udev, pipe, buf, size,
915 btmtk_usb_intr_complete, hdev,
916 data->intr_ep->bInterval);
917
918 urb->transfer_flags |= URB_FREE_BUFFER;
919
920 usb_anchor_urb(urb, &data->intr_anchor);
921
922 err = usb_submit_urb(urb, mem_flags);
923 if (err < 0) {
924 if (err != -EPERM && err != -ENODEV)
925 BT_ERR("%s urb %p submission failed (%d)",
926 hdev->name, urb, -err);
927 usb_unanchor_urb(urb);
928 }
929
930 usb_free_urb(urb);
931
932 return err;
933
934}
935
936static void btmtk_usb_bulk_in_complete(struct urb *urb)
937{
938 struct hci_dev *hdev = urb->context;
939 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
940 int err;
941
942 BT_DBG("%s:%s urb %p status %d count %d", __func__, hdev->name,
943 urb, urb->status, urb->actual_length);
944
945 if (!test_bit(HCI_RUNNING, &hdev->flags))
946 return;
947
948 if (urb->status == 0) {
949 hdev->stat.byte_rx += urb->actual_length;
950
951 if (hci_recv_fragment(hdev, HCI_ACLDATA_PKT,
952 urb->transfer_buffer,
953 urb->actual_length) < 0) {
954 BT_ERR("%s corrupted ACL packet", hdev->name);
955 hdev->stat.err_rx++;
956 }
957 }
958
959 if (!test_bit(BTUSB_BULK_RUNNING, &data->flags))
960 return;
961
962 usb_anchor_urb(urb, &data->bulk_anchor);
963 usb_mark_last_busy(data->udev);
964
965 err = usb_submit_urb(urb, GFP_ATOMIC);
966 if (err < 0) {
967
968
969 if (err != -EPERM && err != -ENODEV)
970 BT_ERR("%s urb %p failed to resubmit (%d)",
971 hdev->name, urb, -err);
972 usb_unanchor_urb(urb);
973 }
974}
975
976static int btmtk_usb_submit_bulk_in_urb(struct hci_dev *hdev, gfp_t mem_flags)
977{
978 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
979 struct urb *urb;
980 unsigned char *buf;
981 unsigned int pipe;
982 int err, size = HCI_MAX_FRAME_SIZE;
983
984 BT_DBG("%s:%s\n", __func__, hdev->name);
985
986 if (!data->bulk_rx_ep)
987 return -ENODEV;
988
989 urb = usb_alloc_urb(0, mem_flags);
990 if (!urb)
991 return -ENOMEM;
992
993 buf = kmalloc(size, mem_flags);
994 if (!buf) {
995 usb_free_urb(urb);
996 return -ENOMEM;
997 }
998
999 pipe = usb_rcvbulkpipe(data->udev, data->bulk_rx_ep->bEndpointAddress);
1000
1001 usb_fill_bulk_urb(urb, data->udev, pipe, buf, size,
1002 btmtk_usb_bulk_in_complete, hdev);
1003
1004 urb->transfer_flags |= URB_FREE_BUFFER;
1005
1006 usb_mark_last_busy(data->udev);
1007 usb_anchor_urb(urb, &data->bulk_anchor);
1008
1009 err = usb_submit_urb(urb, mem_flags);
1010 if (err < 0) {
1011 if (err != -EPERM && err != -ENODEV)
1012 BT_ERR("%s urb %p submission failed (%d)",
1013 hdev->name, urb, -err);
1014 usb_unanchor_urb(urb);
1015 }
1016
1017 usb_free_urb(urb);
1018
1019 return err;
1020}
1021
1022static void btmtk_usb_isoc_in_complete(struct urb *urb)
1023
1024{
1025 struct hci_dev *hdev = urb->context;
1026 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1027 int i, err;
1028
1029 BT_DBG("%s: %s urb %p status %d count %d", __func__, hdev->name,
1030 urb, urb->status, urb->actual_length);
1031
1032 if (!test_bit(HCI_RUNNING, &hdev->flags))
1033 return;
1034
1035 if (urb->status == 0) {
1036 for (i = 0; i < urb->number_of_packets; i++) {
1037 unsigned int offset = urb->iso_frame_desc[i].offset;
1038 unsigned int length;
1039 length = urb->iso_frame_desc[i].actual_length;
1040
1041 if (urb->iso_frame_desc[i].status)
1042 continue;
1043
1044 hdev->stat.byte_rx += length;
1045
1046 if (hci_recv_fragment(hdev, HCI_SCODATA_PKT,
1047 urb->transfer_buffer + offset,
1048 length) < 0) {
1049 BT_ERR("%s corrupted SCO packet", hdev->name);
1050 hdev->stat.err_rx++;
1051 }
1052 }
1053 }
1054
1055 if (!test_bit(BTUSB_ISOC_RUNNING, &data->flags))
1056 return;
1057
1058 usb_anchor_urb(urb, &data->isoc_anchor);
1059
1060 err = usb_submit_urb(urb, GFP_ATOMIC);
1061 if (err < 0) {
1062
1063
1064 if (err != -EPERM && err != -ENODEV)
1065 BT_ERR("%s urb %p failed to resubmit (%d)",
1066 hdev->name, urb, -err);
1067 usb_unanchor_urb(urb);
1068 }
1069}
1070
1071static inline void __fill_isoc_descriptor(struct urb *urb, int len, int mtu)
1072{
1073 int i, offset = 0;
1074
1075 BT_DBG("len %d mtu %d", len, mtu);
1076
1077 for (i = 0; i < BTUSB_MAX_ISOC_FRAMES && len >= mtu;
1078 i++, offset += mtu, len -= mtu) {
1079 urb->iso_frame_desc[i].offset = offset;
1080 urb->iso_frame_desc[i].length = mtu;
1081 }
1082
1083 if (len && i < BTUSB_MAX_ISOC_FRAMES) {
1084 urb->iso_frame_desc[i].offset = offset;
1085 urb->iso_frame_desc[i].length = len;
1086 i++;
1087 }
1088
1089 urb->number_of_packets = i;
1090}
1091
1092static int btmtk_usb_submit_isoc_in_urb(struct hci_dev *hdev, gfp_t mem_flags)
1093{
1094 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1095 struct urb *urb;
1096 unsigned char *buf;
1097 unsigned int pipe;
1098 int err, size;
1099
1100 BT_DBG("%s\n", __func__);
1101
1102 if (!data->isoc_rx_ep)
1103 return -ENODEV;
1104
1105 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, mem_flags);
1106 if (!urb)
1107 return -ENOMEM;
1108
1109 size = le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize) *
1110 BTUSB_MAX_ISOC_FRAMES;
1111
1112 buf = kmalloc(size, mem_flags);
1113 if (!buf) {
1114 usb_free_urb(urb);
1115 return -ENOMEM;
1116 }
1117
1118 pipe = usb_rcvisocpipe(data->udev, data->isoc_rx_ep->bEndpointAddress);
1119
1120 usb_fill_int_urb(urb, data->udev, pipe, buf, size,
1121 btmtk_usb_isoc_in_complete, hdev,
1122 data->isoc_rx_ep->bInterval);
1123
1124 urb->transfer_flags = URB_FREE_BUFFER | URB_ISO_ASAP;
1125
1126 __fill_isoc_descriptor(urb, size,
1127 le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize));
1128
1129 usb_anchor_urb(urb, &data->isoc_anchor);
1130
1131 err = usb_submit_urb(urb, mem_flags);
1132 if (err < 0) {
1133 if (err != -EPERM && err != -ENODEV)
1134 BT_ERR("%s urb %p submission failed (%d)",
1135 hdev->name, urb, -err);
1136 usb_unanchor_urb(urb);
1137 }
1138
1139 usb_free_urb(urb);
1140
1141 return err;
1142}
1143
1144static int btmtk_usb_open(struct hci_dev *hdev)
1145{
1146 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1147 int err;
1148
1149 BT_DBG("%s\n", __func__);
1150
1151 err = usb_autopm_get_interface(data->intf);
1152 if (err < 0)
1153 return err;
1154
1155 data->intf->needs_remote_wakeup = 1;
1156
1157 if (test_and_set_bit(HCI_RUNNING, &hdev->flags))
1158 goto done;
1159
1160 if (test_and_set_bit(BTUSB_INTR_RUNNING, &data->flags))
1161 goto done;
1162
1163 err = btmtk_usb_submit_intr_urb(hdev, GFP_KERNEL);
1164 if (err < 0)
1165 goto failed;
1166
1167 err = btmtk_usb_submit_bulk_in_urb(hdev, GFP_KERNEL);
1168 if (err < 0) {
1169 usb_kill_anchored_urbs(&data->intr_anchor);
1170 goto failed;
1171 }
1172
1173 set_bit(BTUSB_BULK_RUNNING, &data->flags);
1174 btmtk_usb_submit_bulk_in_urb(hdev, GFP_KERNEL);
1175
1176done:
1177 usb_autopm_put_interface(data->intf);
1178 return 0;
1179
1180failed:
1181 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
1182 clear_bit(HCI_RUNNING, &hdev->flags);
1183 usb_autopm_put_interface(data->intf);
1184 return err;
1185}
1186
1187static void btmtk_usb_stop_traffic(struct btmtk_usb_data *data)
1188{
1189 BT_DBG("%s\n", __func__);
1190
1191 usb_kill_anchored_urbs(&data->intr_anchor);
1192 usb_kill_anchored_urbs(&data->bulk_anchor);
1193 usb_kill_anchored_urbs(&data->isoc_anchor);
1194}
1195
1196static int btmtk_usb_close(struct hci_dev *hdev)
1197{
1198 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1199 int err;
1200
1201 BT_DBG("%s\n", __func__);
1202
1203 if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
1204 return 0;
1205
1206 cancel_work_sync(&data->work);
1207 cancel_work_sync(&data->waker);
1208
1209 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1210 clear_bit(BTUSB_BULK_RUNNING, &data->flags);
1211 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
1212
1213 btmtk_usb_stop_traffic(data);
1214
1215 err = usb_autopm_get_interface(data->intf);
1216 if (err < 0)
1217 goto failed;
1218
1219 data->intf->needs_remote_wakeup = 0;
1220 usb_autopm_put_interface(data->intf);
1221
1222failed:
1223 usb_scuttle_anchored_urbs(&data->deferred);
1224 return 0;
1225}
1226
1227static int btmtk_usb_flush(struct hci_dev *hdev)
1228{
1229 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1230
1231 BT_DBG("%s\n", __func__);
1232
1233 usb_kill_anchored_urbs(&data->tx_anchor);
1234
1235 return 0;
1236}
1237
1238static void btmtk_usb_tx_complete(struct urb *urb)
1239{
1240 struct sk_buff *skb = urb->context;
1241 struct hci_dev *hdev = (struct hci_dev *)skb->dev;
1242 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1243
1244 BT_DBG("%s: %s urb %p status %d count %d\n", __func__, hdev->name,
1245 urb, urb->status, urb->actual_length);
1246
1247 if (!test_bit(HCI_RUNNING, &hdev->flags))
1248 goto done;
1249
1250 if (!urb->status)
1251 hdev->stat.byte_tx += urb->transfer_buffer_length;
1252 else
1253 hdev->stat.err_tx++;
1254
1255done:
1256 spin_lock(&data->txlock);
1257 data->tx_in_flight--;
1258 spin_unlock(&data->txlock);
1259
1260 kfree(urb->setup_packet);
1261
1262 kfree_skb(skb);
1263}
1264
1265static void btmtk_usb_isoc_tx_complete(struct urb *urb)
1266{
1267 struct sk_buff *skb = urb->context;
1268 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
1269
1270 BT_DBG("%s: %s urb %p status %d count %d", __func__, hdev->name,
1271 urb, urb->status, urb->actual_length);
1272
1273 if (!test_bit(HCI_RUNNING, &hdev->flags))
1274 goto done;
1275
1276 if (!urb->status)
1277 hdev->stat.byte_tx += urb->transfer_buffer_length;
1278 else
1279 hdev->stat.err_tx++;
1280
1281done:
1282 kfree(urb->setup_packet);
1283
1284 kfree_skb(skb);
1285}
1286
1287static int btmtk_usb_send_frame(struct hci_dev *hdev, struct sk_buff *skb)
1288{
1289 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1290 struct usb_ctrlrequest *dr;
1291 struct urb *urb;
1292 unsigned int pipe;
1293 int err;
1294
1295 BT_DBG("%s\n", __func__);
1296
1297 if (!test_bit(HCI_RUNNING, &hdev->flags))
1298 return -EBUSY;
1299
1300 switch (bt_cb(skb)->pkt_type) {
1301 case HCI_COMMAND_PKT:
1302 urb = usb_alloc_urb(0, GFP_ATOMIC);
1303 if (!urb)
1304 return -ENOMEM;
1305
1306 dr = kmalloc(sizeof(*dr), GFP_ATOMIC);
1307 if (!dr) {
1308 usb_free_urb(urb);
1309 return -ENOMEM;
1310 }
1311
1312 dr->bRequestType = data->cmdreq_type;
1313 dr->bRequest = 0;
1314 dr->wIndex = 0;
1315 dr->wValue = 0;
1316 dr->wLength = __cpu_to_le16(skb->len);
1317
1318 pipe = usb_sndctrlpipe(data->udev, 0x00);
1319
1320 if (test_bit(HCI_RUNNING, &hdev->flags)) {
1321 u16 op_code;
1322 memcpy(&op_code, skb->data, 2);
1323 BT_DBG("ogf = %x\n", (op_code & 0xfc00) >> 10);
1324 BT_DBG("ocf = %x\n", op_code & 0x03ff);
1325 hex_dump("hci command", skb->data, skb->len);
1326
1327 }
1328
1329 usb_fill_control_urb(urb, data->udev, pipe, (void *) dr,
1330 skb->data, skb->len,
1331 btmtk_usb_tx_complete, skb);
1332
1333 hdev->stat.cmd_tx++;
1334 break;
1335
1336 case HCI_ACLDATA_PKT:
1337 if (!data->bulk_tx_ep)
1338 return -ENODEV;
1339
1340 urb = usb_alloc_urb(0, GFP_ATOMIC);
1341 if (!urb)
1342 return -ENOMEM;
1343
1344 pipe = usb_sndbulkpipe(data->udev,
1345 data->bulk_tx_ep->bEndpointAddress);
1346
1347 usb_fill_bulk_urb(urb, data->udev, pipe, skb->data,
1348 skb->len, btmtk_usb_tx_complete, skb);
1349
1350 hdev->stat.acl_tx++;
1351 BT_DBG("HCI_ACLDATA_PKT:\n");
1352 break;
1353
1354 case HCI_SCODATA_PKT:
1355 if (!data->isoc_tx_ep || hdev->conn_hash.sco_num < 1)
1356 return -ENODEV;
1357
1358 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, GFP_ATOMIC);
1359 if (!urb)
1360 return -ENOMEM;
1361
1362 pipe = usb_sndisocpipe(data->udev,
1363 data->isoc_tx_ep->bEndpointAddress);
1364
1365 usb_fill_int_urb(urb, data->udev, pipe,
1366 skb->data, skb->len, btmtk_usb_isoc_tx_complete,
1367 skb, data->isoc_tx_ep->bInterval);
1368
1369 urb->transfer_flags = URB_ISO_ASAP;
1370
1371 __fill_isoc_descriptor(urb, skb->len,
1372 le16_to_cpu(data->isoc_tx_ep->wMaxPacketSize));
1373
1374 hdev->stat.sco_tx++;
1375 BT_DBG("HCI_SCODATA_PKT:\n");
1376 goto skip_waking;
1377
1378 default:
1379 return -EILSEQ;
1380 }
1381
1382 err = inc_tx(data);
1383
1384 if (err) {
1385 usb_anchor_urb(urb, &data->deferred);
1386 schedule_work(&data->waker);
1387 err = 0;
1388 goto done;
1389 }
1390
1391skip_waking:
1392 usb_anchor_urb(urb, &data->tx_anchor);
1393
1394 err = usb_submit_urb(urb, GFP_ATOMIC);
1395 if (err < 0) {
1396 if (err != -EPERM && err != -ENODEV)
1397 BT_ERR("%s urb %p submission failed (%d)",
1398 hdev->name, urb, -err);
1399 kfree(urb->setup_packet);
1400 usb_unanchor_urb(urb);
1401 } else {
1402 usb_mark_last_busy(data->udev);
1403 }
1404
1405done:
1406 usb_free_urb(urb);
1407 return err;
1408}
1409
1410static void btmtk_usb_notify(struct hci_dev *hdev, unsigned int evt)
1411{
1412 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1413
1414 BT_DBG("%s evt %d", hdev->name, evt);
1415
1416 if (hdev->conn_hash.sco_num != data->sco_num) {
1417 data->sco_num = hdev->conn_hash.sco_num;
1418 schedule_work(&data->work);
1419 }
1420}
1421
1422static inline int __set_isoc_interface(struct hci_dev *hdev, int altsetting)
1423{
1424 struct btmtk_usb_data *data = hci_get_drvdata(hdev);
1425 struct usb_interface *intf = data->isoc;
1426 struct usb_endpoint_descriptor *ep_desc;
1427 int i, err;
1428
1429 if (!data->isoc)
1430 return -ENODEV;
1431
1432 err = usb_set_interface(data->udev, 1, altsetting);
1433 if (err < 0) {
1434 BT_ERR("%s setting interface failed (%d)", hdev->name, -err);
1435 return err;
1436 }
1437
1438 data->isoc_altsetting = altsetting;
1439
1440 data->isoc_tx_ep = NULL;
1441 data->isoc_rx_ep = NULL;
1442
1443 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
1444 ep_desc = &intf->cur_altsetting->endpoint[i].desc;
1445
1446 if (!data->isoc_tx_ep && usb_endpoint_is_isoc_out(ep_desc)) {
1447 data->isoc_tx_ep = ep_desc;
1448 continue;
1449 }
1450
1451 if (!data->isoc_rx_ep && usb_endpoint_is_isoc_in(ep_desc)) {
1452 data->isoc_rx_ep = ep_desc;
1453 continue;
1454 }
1455 }
1456
1457 if (!data->isoc_tx_ep || !data->isoc_rx_ep) {
1458 BT_ERR("%s invalid SCO descriptors", hdev->name);
1459 return -ENODEV;
1460 }
1461
1462 return 0;
1463}
1464
1465static void btmtk_usb_work(struct work_struct *work)
1466{
1467 struct btmtk_usb_data *data = container_of(work, struct btmtk_usb_data,
1468 work);
1469 struct hci_dev *hdev = data->hdev;
1470 int new_alts;
1471 int err;
1472
1473 BT_DBG("%s\n", __func__);
1474
1475 if (hdev->conn_hash.sco_num > 0) {
1476 if (!test_bit(BTUSB_DID_ISO_RESUME, &data->flags)) {
1477 err = usb_autopm_get_interface(data->isoc ?
1478 data->isoc : data->intf);
1479 if (err < 0) {
1480 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1481 usb_kill_anchored_urbs(&data->isoc_anchor);
1482 return;
1483 }
1484
1485 set_bit(BTUSB_DID_ISO_RESUME, &data->flags);
1486 }
1487
1488 if (hdev->voice_setting & 0x0020) {
1489 static const int alts[3] = { 2, 4, 5 };
1490 new_alts = alts[hdev->conn_hash.sco_num - 1];
1491 } else {
1492 new_alts = hdev->conn_hash.sco_num;
1493 }
1494
1495 if (data->isoc_altsetting != new_alts) {
1496 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1497 usb_kill_anchored_urbs(&data->isoc_anchor);
1498
1499 if (__set_isoc_interface(hdev, new_alts) < 0)
1500 return;
1501 }
1502
1503 if (!test_and_set_bit(BTUSB_ISOC_RUNNING, &data->flags)) {
1504 if (btmtk_usb_submit_isoc_in_urb(hdev, GFP_KERNEL) < 0)
1505 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1506 else
1507 btmtk_usb_submit_isoc_in_urb(hdev, GFP_KERNEL);
1508 }
1509 } else {
1510 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1511 usb_kill_anchored_urbs(&data->isoc_anchor);
1512
1513 __set_isoc_interface(hdev, 0);
1514
1515 if (test_and_clear_bit(BTUSB_DID_ISO_RESUME, &data->flags))
1516 usb_autopm_put_interface(data->isoc ?
1517 data->isoc : data->intf);
1518 }
1519}
1520
1521static void btmtk_usb_waker(struct work_struct *work)
1522{
1523 struct btmtk_usb_data *data = container_of(work, struct btmtk_usb_data,
1524 waker);
1525 int err;
1526
1527 err = usb_autopm_get_interface(data->intf);
1528
1529 if (err < 0)
1530 return;
1531
1532 usb_autopm_put_interface(data->intf);
1533}
1534
1535static int btmtk_usb_probe(struct usb_interface *intf,
1536 const struct usb_device_id *id)
1537{
1538 struct btmtk_usb_data *data;
1539 struct usb_endpoint_descriptor *ep_desc;
1540 int i, err;
1541 struct hci_dev *hdev;
1542
1543
1544 if (intf->cur_altsetting->desc.bInterfaceNumber != 0)
1545 return -ENODEV;
1546
1547 data = kzalloc(sizeof(*data), GFP_KERNEL);
1548
1549 if (!data)
1550 return -ENOMEM;
1551
1552 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
1553 ep_desc = &intf->cur_altsetting->endpoint[i].desc;
1554
1555 if (!data->intr_ep && usb_endpoint_is_int_in(ep_desc)) {
1556 data->intr_ep = ep_desc;
1557 continue;
1558 }
1559
1560 if (!data->bulk_tx_ep && usb_endpoint_is_bulk_out(ep_desc)) {
1561 data->bulk_tx_ep = ep_desc;
1562 continue;
1563 }
1564
1565 if (!data->bulk_rx_ep && usb_endpoint_is_bulk_in(ep_desc)) {
1566 data->bulk_rx_ep = ep_desc;
1567 continue;
1568 }
1569 }
1570
1571 if (!data->intr_ep || !data->bulk_tx_ep || !data->bulk_rx_ep) {
1572 kfree(data);
1573 return -ENODEV;
1574 }
1575
1576 data->cmdreq_type = USB_TYPE_CLASS;
1577
1578 data->udev = interface_to_usbdev(intf);
1579 data->intf = intf;
1580
1581 spin_lock_init(&data->lock);
1582 INIT_WORK(&data->work, btmtk_usb_work);
1583 INIT_WORK(&data->waker, btmtk_usb_waker);
1584 spin_lock_init(&data->txlock);
1585
1586 init_usb_anchor(&data->tx_anchor);
1587 init_usb_anchor(&data->intr_anchor);
1588 init_usb_anchor(&data->bulk_anchor);
1589 init_usb_anchor(&data->isoc_anchor);
1590 init_usb_anchor(&data->deferred);
1591
1592 hdev = hci_alloc_dev();
1593 if (!hdev) {
1594 kfree(data);
1595 return -ENOMEM;
1596 }
1597
1598 hdev->bus = HCI_USB;
1599
1600 hci_set_drvdata(hdev, data);
1601
1602 data->hdev = hdev;
1603
1604 SET_HCIDEV_DEV(hdev, &intf->dev);
1605
1606 hdev->open = btmtk_usb_open;
1607 hdev->close = btmtk_usb_close;
1608 hdev->flush = btmtk_usb_flush;
1609 hdev->send = btmtk_usb_send_frame;
1610 hdev->notify = btmtk_usb_notify;
1611
1612
1613 data->isoc = usb_ifnum_to_if(data->udev, 1);
1614
1615 if (data->isoc) {
1616 err = usb_driver_claim_interface(&btmtk_usb_driver,
1617 data->isoc, data);
1618 if (err < 0) {
1619 hci_free_dev(hdev);
1620 kfree(data);
1621 return err;
1622 }
1623 }
1624
1625 data->io_buf = kmalloc(256, GFP_KERNEL);
1626 if (!data->io_buf) {
1627 hci_free_dev(hdev);
1628 kfree(data);
1629 return -ENOMEM;
1630 }
1631
1632 btmtk_usb_switch_iobase(data, WLAN);
1633
1634 btmtk_usb_cap_init(data);
1635
1636 err = hci_register_dev(hdev);
1637 if (err < 0) {
1638 hci_free_dev(hdev);
1639 kfree(data);
1640 return err;
1641 }
1642
1643 usb_set_intfdata(intf, data);
1644
1645 return 0;
1646}
1647
1648static void btmtk_usb_disconnect(struct usb_interface *intf)
1649{
1650 struct btmtk_usb_data *data = usb_get_intfdata(intf);
1651 struct hci_dev *hdev;
1652
1653 BT_DBG("%s\n", __func__);
1654
1655 if (!data)
1656 return;
1657
1658 hdev = data->hdev;
1659 usb_set_intfdata(data->intf, NULL);
1660
1661 if (data->isoc)
1662 usb_set_intfdata(data->isoc, NULL);
1663
1664 hci_unregister_dev(hdev);
1665
1666 if (intf == data->isoc)
1667 usb_driver_release_interface(&btmtk_usb_driver, data->intf);
1668 else if (data->isoc)
1669 usb_driver_release_interface(&btmtk_usb_driver, data->isoc);
1670
1671 hci_free_dev(hdev);
1672
1673 kfree(data->io_buf);
1674
1675 kfree(data);
1676}
1677
1678#ifdef CONFIG_PM
1679static int btmtk_usb_suspend(struct usb_interface *intf, pm_message_t message)
1680{
1681 struct btmtk_usb_data *data = usb_get_intfdata(intf);
1682
1683 BT_DBG("%s\n", __func__);
1684
1685 if (data->suspend_count++)
1686 return 0;
1687
1688 spin_lock_irq(&data->txlock);
1689 if (!(PMSG_IS_AUTO(message) && data->tx_in_flight)) {
1690 set_bit(BTUSB_SUSPENDING, &data->flags);
1691 spin_unlock_irq(&data->txlock);
1692 } else {
1693 spin_unlock_irq(&data->txlock);
1694 data->suspend_count--;
1695 return -EBUSY;
1696 }
1697
1698 cancel_work_sync(&data->work);
1699
1700 btmtk_usb_stop_traffic(data);
1701 usb_kill_anchored_urbs(&data->tx_anchor);
1702
1703 return 0;
1704}
1705
1706static void play_deferred(struct btmtk_usb_data *data)
1707{
1708 struct urb *urb;
1709 int err;
1710
1711 while ((urb = usb_get_from_anchor(&data->deferred))) {
1712 err = usb_submit_urb(urb, GFP_ATOMIC);
1713 if (err < 0)
1714 break;
1715
1716 data->tx_in_flight++;
1717 }
1718
1719 usb_scuttle_anchored_urbs(&data->deferred);
1720}
1721
1722static int btmtk_usb_resume(struct usb_interface *intf)
1723{
1724 struct btmtk_usb_data *data = usb_get_intfdata(intf);
1725 struct hci_dev *hdev = data->hdev;
1726 int err = 0;
1727
1728 BT_DBG("%s\n", __func__);
1729
1730 if (--data->suspend_count)
1731 return 0;
1732
1733 if (!test_bit(HCI_RUNNING, &hdev->flags))
1734 goto done;
1735
1736 if (test_bit(BTUSB_INTR_RUNNING, &data->flags)) {
1737 err = btmtk_usb_submit_intr_urb(hdev, GFP_NOIO);
1738 if (err < 0) {
1739 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
1740 goto failed;
1741 }
1742 }
1743
1744 if (test_bit(BTUSB_BULK_RUNNING, &data->flags)) {
1745 err = btmtk_usb_submit_bulk_in_urb(hdev, GFP_NOIO);
1746 if (err < 0) {
1747 clear_bit(BTUSB_BULK_RUNNING, &data->flags);
1748 goto failed;
1749 }
1750
1751 btmtk_usb_submit_bulk_in_urb(hdev, GFP_NOIO);
1752 }
1753
1754 if (test_bit(BTUSB_ISOC_RUNNING, &data->flags)) {
1755 if (btmtk_usb_submit_isoc_in_urb(hdev, GFP_NOIO) < 0)
1756 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1757 else
1758 btmtk_usb_submit_isoc_in_urb(hdev, GFP_NOIO);
1759 }
1760
1761 spin_lock_irq(&data->txlock);
1762 play_deferred(data);
1763 clear_bit(BTUSB_SUSPENDING, &data->flags);
1764 spin_unlock_irq(&data->txlock);
1765 schedule_work(&data->work);
1766
1767 return 0;
1768
1769failed:
1770 usb_scuttle_anchored_urbs(&data->deferred);
1771done:
1772 spin_lock_irq(&data->txlock);
1773 clear_bit(BTUSB_SUSPENDING, &data->flags);
1774 spin_unlock_irq(&data->txlock);
1775
1776 return err;
1777}
1778#endif
1779
1780static struct usb_device_id btmtk_usb_table[] = {
1781
1782 { USB_DEVICE(0x0e8d, 0x7650) },
1783 { USB_DEVICE(0x0e8d, 0x7630) },
1784 { USB_DEVICE(0x0e8d, 0x763e) },
1785
1786 { USB_DEVICE(0x0e8d, 0x7662) },
1787 { USB_DEVICE(0x0e8d, 0x7632) },
1788 { }
1789};
1790
1791static struct usb_driver btmtk_usb_driver = {
1792 .name = "btmtk_usb",
1793 .probe = btmtk_usb_probe,
1794 .disconnect = btmtk_usb_disconnect,
1795#ifdef CONFIG_PM
1796 .suspend = btmtk_usb_suspend,
1797 .resume = btmtk_usb_resume,
1798#endif
1799 .id_table = btmtk_usb_table,
1800 .supports_autosuspend = 1,
1801 .disable_hub_initiated_lpm = 1,
1802};
1803
1804module_usb_driver(btmtk_usb_driver);
1805
1806MODULE_DESCRIPTION("Mediatek Bluetooth USB driver ver " VERSION);
1807MODULE_VERSION(VERSION);
1808MODULE_LICENSE("GPL");
1809MODULE_FIRMWARE(MT7650_FIRMWARE);
1810MODULE_FIRMWARE(MT7662_FIRMWARE);
1811
