1
2
3
4
5
6
7
8#include <linux/module.h>
9#include <linux/firmware.h>
10#include <asm/unaligned.h>
11#include <linux/usb.h>
12
13#include <net/bluetooth/bluetooth.h>
14#include <net/bluetooth/hci_core.h>
15
16#include "btrtl.h"
17
18#define VERSION "0.1"
19
20#define RTL_EPATCH_SIGNATURE "Realtech"
21#define RTL_ROM_LMP_8723A 0x1200
22#define RTL_ROM_LMP_8723B 0x8723
23#define RTL_ROM_LMP_8821A 0x8821
24#define RTL_ROM_LMP_8761A 0x8761
25#define RTL_ROM_LMP_8822B 0x8822
26#define RTL_ROM_LMP_8852A 0x8852
27#define RTL_CONFIG_MAGIC 0x8723ab55
28
29#define IC_MATCH_FL_LMPSUBV (1 << 0)
30#define IC_MATCH_FL_HCIREV (1 << 1)
31#define IC_MATCH_FL_HCIVER (1 << 2)
32#define IC_MATCH_FL_HCIBUS (1 << 3)
33#define IC_INFO(lmps, hcir, hciv, bus) \
34 .match_flags = IC_MATCH_FL_LMPSUBV | IC_MATCH_FL_HCIREV | \
35 IC_MATCH_FL_HCIVER | IC_MATCH_FL_HCIBUS, \
36 .lmp_subver = (lmps), \
37 .hci_rev = (hcir), \
38 .hci_ver = (hciv), \
39 .hci_bus = (bus)
40
41enum btrtl_chip_id {
42 CHIP_ID_8723A,
43 CHIP_ID_8723B,
44 CHIP_ID_8821A,
45 CHIP_ID_8761A,
46 CHIP_ID_8822B = 8,
47 CHIP_ID_8723D,
48 CHIP_ID_8821C,
49 CHIP_ID_8822C = 13,
50 CHIP_ID_8761B,
51 CHIP_ID_8852A = 18,
52};
53
54struct id_table {
55 __u16 match_flags;
56 __u16 lmp_subver;
57 __u16 hci_rev;
58 __u8 hci_ver;
59 __u8 hci_bus;
60 bool config_needed;
61 bool has_rom_version;
62 char *fw_name;
63 char *cfg_name;
64};
65
66struct btrtl_device_info {
67 const struct id_table *ic_info;
68 u8 rom_version;
69 u8 *fw_data;
70 int fw_len;
71 u8 *cfg_data;
72 int cfg_len;
73 bool drop_fw;
74 int project_id;
75};
76
77static const struct id_table ic_id_table[] = {
78
79 { IC_INFO(RTL_ROM_LMP_8723A, 0xb, 0x6, HCI_USB),
80 .config_needed = false,
81 .has_rom_version = false,
82 .fw_name = "rtl_bt/rtl8723a_fw.bin",
83 .cfg_name = NULL },
84
85
86 { IC_INFO(RTL_ROM_LMP_8723B, 0xb, 0x6, HCI_UART),
87 .config_needed = true,
88 .has_rom_version = true,
89 .fw_name = "rtl_bt/rtl8723bs_fw.bin",
90 .cfg_name = "rtl_bt/rtl8723bs_config" },
91
92
93 { IC_INFO(RTL_ROM_LMP_8723B, 0xb, 0x6, HCI_USB),
94 .config_needed = false,
95 .has_rom_version = true,
96 .fw_name = "rtl_bt/rtl8723b_fw.bin",
97 .cfg_name = "rtl_bt/rtl8723b_config" },
98
99
100 { IC_INFO(RTL_ROM_LMP_8723B, 0xd, 0x8, HCI_USB),
101 .config_needed = true,
102 .has_rom_version = true,
103 .fw_name = "rtl_bt/rtl8723d_fw.bin",
104 .cfg_name = "rtl_bt/rtl8723d_config" },
105
106
107 { IC_INFO(RTL_ROM_LMP_8723B, 0xd, 0x8, HCI_UART),
108 .config_needed = true,
109 .has_rom_version = true,
110 .fw_name = "rtl_bt/rtl8723ds_fw.bin",
111 .cfg_name = "rtl_bt/rtl8723ds_config" },
112
113
114 { IC_INFO(RTL_ROM_LMP_8821A, 0xa, 0x6, HCI_USB),
115 .config_needed = false,
116 .has_rom_version = true,
117 .fw_name = "rtl_bt/rtl8821a_fw.bin",
118 .cfg_name = "rtl_bt/rtl8821a_config" },
119
120
121 { IC_INFO(RTL_ROM_LMP_8821A, 0xc, 0x8, HCI_USB),
122 .config_needed = false,
123 .has_rom_version = true,
124 .fw_name = "rtl_bt/rtl8821c_fw.bin",
125 .cfg_name = "rtl_bt/rtl8821c_config" },
126
127
128 { IC_INFO(RTL_ROM_LMP_8761A, 0xa, 0x6, HCI_USB),
129 .config_needed = false,
130 .has_rom_version = true,
131 .fw_name = "rtl_bt/rtl8761a_fw.bin",
132 .cfg_name = "rtl_bt/rtl8761a_config" },
133
134
135 { IC_INFO(RTL_ROM_LMP_8761A, 0xb, 0xa, HCI_UART),
136 .config_needed = false,
137 .has_rom_version = true,
138 .fw_name = "rtl_bt/rtl8761b_fw.bin",
139 .cfg_name = "rtl_bt/rtl8761b_config" },
140
141
142 { IC_INFO(RTL_ROM_LMP_8761A, 0xb, 0xa, HCI_USB),
143 .config_needed = false,
144 .has_rom_version = true,
145 .fw_name = "rtl_bt/rtl8761bu_fw.bin",
146 .cfg_name = "rtl_bt/rtl8761bu_config" },
147
148
149 { IC_INFO(RTL_ROM_LMP_8822B, 0xc, 0xa, HCI_UART),
150 .config_needed = true,
151 .has_rom_version = true,
152 .fw_name = "rtl_bt/rtl8822cs_fw.bin",
153 .cfg_name = "rtl_bt/rtl8822cs_config" },
154
155
156 { IC_INFO(RTL_ROM_LMP_8822B, 0xc, 0xa, HCI_USB),
157 .config_needed = false,
158 .has_rom_version = true,
159 .fw_name = "rtl_bt/rtl8822cu_fw.bin",
160 .cfg_name = "rtl_bt/rtl8822cu_config" },
161
162
163 { IC_INFO(RTL_ROM_LMP_8822B, 0xb, 0x7, HCI_USB),
164 .config_needed = true,
165 .has_rom_version = true,
166 .fw_name = "rtl_bt/rtl8822b_fw.bin",
167 .cfg_name = "rtl_bt/rtl8822b_config" },
168
169
170 { IC_INFO(RTL_ROM_LMP_8852A, 0xa, 0xb, HCI_USB),
171 .config_needed = false,
172 .has_rom_version = true,
173 .fw_name = "rtl_bt/rtl8852au_fw.bin",
174 .cfg_name = "rtl_bt/rtl8852au_config" },
175 };
176
177static const struct id_table *btrtl_match_ic(u16 lmp_subver, u16 hci_rev,
178 u8 hci_ver, u8 hci_bus)
179{
180 int i;
181
182 for (i = 0; i < ARRAY_SIZE(ic_id_table); i++) {
183 if ((ic_id_table[i].match_flags & IC_MATCH_FL_LMPSUBV) &&
184 (ic_id_table[i].lmp_subver != lmp_subver))
185 continue;
186 if ((ic_id_table[i].match_flags & IC_MATCH_FL_HCIREV) &&
187 (ic_id_table[i].hci_rev != hci_rev))
188 continue;
189 if ((ic_id_table[i].match_flags & IC_MATCH_FL_HCIVER) &&
190 (ic_id_table[i].hci_ver != hci_ver))
191 continue;
192 if ((ic_id_table[i].match_flags & IC_MATCH_FL_HCIBUS) &&
193 (ic_id_table[i].hci_bus != hci_bus))
194 continue;
195
196 break;
197 }
198 if (i >= ARRAY_SIZE(ic_id_table))
199 return NULL;
200
201 return &ic_id_table[i];
202}
203
204static struct sk_buff *btrtl_read_local_version(struct hci_dev *hdev)
205{
206 struct sk_buff *skb;
207
208 skb = __hci_cmd_sync(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL,
209 HCI_INIT_TIMEOUT);
210 if (IS_ERR(skb)) {
211 rtl_dev_err(hdev, "HCI_OP_READ_LOCAL_VERSION failed (%ld)",
212 PTR_ERR(skb));
213 return skb;
214 }
215
216 if (skb->len != sizeof(struct hci_rp_read_local_version)) {
217 rtl_dev_err(hdev, "HCI_OP_READ_LOCAL_VERSION event length mismatch");
218 kfree_skb(skb);
219 return ERR_PTR(-EIO);
220 }
221
222 return skb;
223}
224
225static int rtl_read_rom_version(struct hci_dev *hdev, u8 *version)
226{
227 struct rtl_rom_version_evt *rom_version;
228 struct sk_buff *skb;
229
230
231 skb = __hci_cmd_sync(hdev, 0xfc6d, 0, NULL, HCI_INIT_TIMEOUT);
232 if (IS_ERR(skb)) {
233 rtl_dev_err(hdev, "Read ROM version failed (%ld)",
234 PTR_ERR(skb));
235 return PTR_ERR(skb);
236 }
237
238 if (skb->len != sizeof(*rom_version)) {
239 rtl_dev_err(hdev, "version event length mismatch");
240 kfree_skb(skb);
241 return -EIO;
242 }
243
244 rom_version = (struct rtl_rom_version_evt *)skb->data;
245 rtl_dev_info(hdev, "rom_version status=%x version=%x",
246 rom_version->status, rom_version->version);
247
248 *version = rom_version->version;
249
250 kfree_skb(skb);
251 return 0;
252}
253
254static int rtlbt_parse_firmware(struct hci_dev *hdev,
255 struct btrtl_device_info *btrtl_dev,
256 unsigned char **_buf)
257{
258 static const u8 extension_sig[] = { 0x51, 0x04, 0xfd, 0x77 };
259 struct rtl_epatch_header *epatch_info;
260 unsigned char *buf;
261 int i, len;
262 size_t min_size;
263 u8 opcode, length, data;
264 int project_id = -1;
265 const unsigned char *fwptr, *chip_id_base;
266 const unsigned char *patch_length_base, *patch_offset_base;
267 u32 patch_offset = 0;
268 u16 patch_length, num_patches;
269 static const struct {
270 __u16 lmp_subver;
271 __u8 id;
272 } project_id_to_lmp_subver[] = {
273 { RTL_ROM_LMP_8723A, 0 },
274 { RTL_ROM_LMP_8723B, 1 },
275 { RTL_ROM_LMP_8821A, 2 },
276 { RTL_ROM_LMP_8761A, 3 },
277 { RTL_ROM_LMP_8822B, 8 },
278 { RTL_ROM_LMP_8723B, 9 },
279 { RTL_ROM_LMP_8821A, 10 },
280 { RTL_ROM_LMP_8822B, 13 },
281 { RTL_ROM_LMP_8761A, 14 },
282 { RTL_ROM_LMP_8852A, 18 },
283 };
284
285 min_size = sizeof(struct rtl_epatch_header) + sizeof(extension_sig) + 3;
286 if (btrtl_dev->fw_len < min_size)
287 return -EINVAL;
288
289 fwptr = btrtl_dev->fw_data + btrtl_dev->fw_len - sizeof(extension_sig);
290 if (memcmp(fwptr, extension_sig, sizeof(extension_sig)) != 0) {
291 rtl_dev_err(hdev, "extension section signature mismatch");
292 return -EINVAL;
293 }
294
295
296
297
298
299
300
301 while (fwptr >= btrtl_dev->fw_data + (sizeof(*epatch_info) + 3)) {
302 opcode = *--fwptr;
303 length = *--fwptr;
304 data = *--fwptr;
305
306 BT_DBG("check op=%x len=%x data=%x", opcode, length, data);
307
308 if (opcode == 0xff)
309 break;
310
311 if (length == 0) {
312 rtl_dev_err(hdev, "found instruction with length 0");
313 return -EINVAL;
314 }
315
316 if (opcode == 0 && length == 1) {
317 project_id = data;
318 break;
319 }
320
321 fwptr -= length;
322 }
323
324 if (project_id < 0) {
325 rtl_dev_err(hdev, "failed to find version instruction");
326 return -EINVAL;
327 }
328
329
330 for (i = 0; i < ARRAY_SIZE(project_id_to_lmp_subver); i++) {
331 if (project_id == project_id_to_lmp_subver[i].id) {
332 btrtl_dev->project_id = project_id;
333 break;
334 }
335 }
336
337 if (i >= ARRAY_SIZE(project_id_to_lmp_subver)) {
338 rtl_dev_err(hdev, "unknown project id %d", project_id);
339 return -EINVAL;
340 }
341
342 if (btrtl_dev->ic_info->lmp_subver !=
343 project_id_to_lmp_subver[i].lmp_subver) {
344 rtl_dev_err(hdev, "firmware is for %x but this is a %x",
345 project_id_to_lmp_subver[i].lmp_subver,
346 btrtl_dev->ic_info->lmp_subver);
347 return -EINVAL;
348 }
349
350 epatch_info = (struct rtl_epatch_header *)btrtl_dev->fw_data;
351 if (memcmp(epatch_info->signature, RTL_EPATCH_SIGNATURE, 8) != 0) {
352 rtl_dev_err(hdev, "bad EPATCH signature");
353 return -EINVAL;
354 }
355
356 num_patches = le16_to_cpu(epatch_info->num_patches);
357 BT_DBG("fw_version=%x, num_patches=%d",
358 le32_to_cpu(epatch_info->fw_version), num_patches);
359
360
361
362
363
364
365
366 min_size += 8 * num_patches;
367 if (btrtl_dev->fw_len < min_size)
368 return -EINVAL;
369
370 chip_id_base = btrtl_dev->fw_data + sizeof(struct rtl_epatch_header);
371 patch_length_base = chip_id_base + (sizeof(u16) * num_patches);
372 patch_offset_base = patch_length_base + (sizeof(u16) * num_patches);
373 for (i = 0; i < num_patches; i++) {
374 u16 chip_id = get_unaligned_le16(chip_id_base +
375 (i * sizeof(u16)));
376 if (chip_id == btrtl_dev->rom_version + 1) {
377 patch_length = get_unaligned_le16(patch_length_base +
378 (i * sizeof(u16)));
379 patch_offset = get_unaligned_le32(patch_offset_base +
380 (i * sizeof(u32)));
381 break;
382 }
383 }
384
385 if (!patch_offset) {
386 rtl_dev_err(hdev, "didn't find patch for chip id %d",
387 btrtl_dev->rom_version);
388 return -EINVAL;
389 }
390
391 BT_DBG("length=%x offset=%x index %d", patch_length, patch_offset, i);
392 min_size = patch_offset + patch_length;
393 if (btrtl_dev->fw_len < min_size)
394 return -EINVAL;
395
396
397
398
399 len = patch_length;
400 buf = kvmalloc(patch_length, GFP_KERNEL);
401 if (!buf)
402 return -ENOMEM;
403
404 memcpy(buf, btrtl_dev->fw_data + patch_offset, patch_length - 4);
405 memcpy(buf + patch_length - 4, &epatch_info->fw_version, 4);
406
407 *_buf = buf;
408 return len;
409}
410
411static int rtl_download_firmware(struct hci_dev *hdev,
412 const unsigned char *data, int fw_len)
413{
414 struct rtl_download_cmd *dl_cmd;
415 int frag_num = fw_len / RTL_FRAG_LEN + 1;
416 int frag_len = RTL_FRAG_LEN;
417 int ret = 0;
418 int i;
419 struct sk_buff *skb;
420 struct hci_rp_read_local_version *rp;
421
422 dl_cmd = kmalloc(sizeof(struct rtl_download_cmd), GFP_KERNEL);
423 if (!dl_cmd)
424 return -ENOMEM;
425
426 for (i = 0; i < frag_num; i++) {
427 struct sk_buff *skb;
428
429 BT_DBG("download fw (%d/%d)", i, frag_num);
430
431 if (i > 0x7f)
432 dl_cmd->index = (i & 0x7f) + 1;
433 else
434 dl_cmd->index = i;
435
436 if (i == (frag_num - 1)) {
437 dl_cmd->index |= 0x80;
438 frag_len = fw_len % RTL_FRAG_LEN;
439 }
440 memcpy(dl_cmd->data, data, frag_len);
441
442
443 skb = __hci_cmd_sync(hdev, 0xfc20, frag_len + 1, dl_cmd,
444 HCI_INIT_TIMEOUT);
445 if (IS_ERR(skb)) {
446 rtl_dev_err(hdev, "download fw command failed (%ld)",
447 PTR_ERR(skb));
448 ret = PTR_ERR(skb);
449 goto out;
450 }
451
452 if (skb->len != sizeof(struct rtl_download_response)) {
453 rtl_dev_err(hdev, "download fw event length mismatch");
454 kfree_skb(skb);
455 ret = -EIO;
456 goto out;
457 }
458
459 kfree_skb(skb);
460 data += RTL_FRAG_LEN;
461 }
462
463 skb = btrtl_read_local_version(hdev);
464 if (IS_ERR(skb)) {
465 ret = PTR_ERR(skb);
466 rtl_dev_err(hdev, "read local version failed");
467 goto out;
468 }
469
470 rp = (struct hci_rp_read_local_version *)skb->data;
471 rtl_dev_info(hdev, "fw version 0x%04x%04x",
472 __le16_to_cpu(rp->hci_rev), __le16_to_cpu(rp->lmp_subver));
473 kfree_skb(skb);
474
475out:
476 kfree(dl_cmd);
477 return ret;
478}
479
480static int rtl_load_file(struct hci_dev *hdev, const char *name, u8 **buff)
481{
482 const struct firmware *fw;
483 int ret;
484
485 rtl_dev_info(hdev, "loading %s", name);
486 ret = request_firmware(&fw, name, &hdev->dev);
487 if (ret < 0)
488 return ret;
489 ret = fw->size;
490 *buff = kvmalloc(fw->size, GFP_KERNEL);
491 if (*buff)
492 memcpy(*buff, fw->data, ret);
493 else
494 ret = -ENOMEM;
495
496 release_firmware(fw);
497
498 return ret;
499}
500
501static int btrtl_setup_rtl8723a(struct hci_dev *hdev,
502 struct btrtl_device_info *btrtl_dev)
503{
504 if (btrtl_dev->fw_len < 8)
505 return -EINVAL;
506
507
508
509
510 if (!memcmp(btrtl_dev->fw_data, RTL_EPATCH_SIGNATURE, 8)) {
511 rtl_dev_err(hdev, "unexpected EPATCH signature!");
512 return -EINVAL;
513 }
514
515 return rtl_download_firmware(hdev, btrtl_dev->fw_data,
516 btrtl_dev->fw_len);
517}
518
519static int btrtl_setup_rtl8723b(struct hci_dev *hdev,
520 struct btrtl_device_info *btrtl_dev)
521{
522 unsigned char *fw_data = NULL;
523 int ret;
524 u8 *tbuff;
525
526 ret = rtlbt_parse_firmware(hdev, btrtl_dev, &fw_data);
527 if (ret < 0)
528 goto out;
529
530 if (btrtl_dev->cfg_len > 0) {
531 tbuff = kvzalloc(ret + btrtl_dev->cfg_len, GFP_KERNEL);
532 if (!tbuff) {
533 ret = -ENOMEM;
534 goto out;
535 }
536
537 memcpy(tbuff, fw_data, ret);
538 kvfree(fw_data);
539
540 memcpy(tbuff + ret, btrtl_dev->cfg_data, btrtl_dev->cfg_len);
541 ret += btrtl_dev->cfg_len;
542
543 fw_data = tbuff;
544 }
545
546 rtl_dev_info(hdev, "cfg_sz %d, total sz %d", btrtl_dev->cfg_len, ret);
547
548 ret = rtl_download_firmware(hdev, fw_data, ret);
549
550out:
551 kvfree(fw_data);
552 return ret;
553}
554
555void btrtl_free(struct btrtl_device_info *btrtl_dev)
556{
557 kvfree(btrtl_dev->fw_data);
558 kvfree(btrtl_dev->cfg_data);
559 kfree(btrtl_dev);
560}
561EXPORT_SYMBOL_GPL(btrtl_free);
562
563struct btrtl_device_info *btrtl_initialize(struct hci_dev *hdev,
564 const char *postfix)
565{
566 struct btrtl_device_info *btrtl_dev;
567 struct sk_buff *skb;
568 struct hci_rp_read_local_version *resp;
569 char cfg_name[40];
570 u16 hci_rev, lmp_subver;
571 u8 hci_ver;
572 int ret;
573 u16 opcode;
574 u8 cmd[2];
575
576 btrtl_dev = kzalloc(sizeof(*btrtl_dev), GFP_KERNEL);
577 if (!btrtl_dev) {
578 ret = -ENOMEM;
579 goto err_alloc;
580 }
581
582 skb = btrtl_read_local_version(hdev);
583 if (IS_ERR(skb)) {
584 ret = PTR_ERR(skb);
585 goto err_free;
586 }
587
588 resp = (struct hci_rp_read_local_version *)skb->data;
589 rtl_dev_info(hdev, "examining hci_ver=%02x hci_rev=%04x lmp_ver=%02x lmp_subver=%04x",
590 resp->hci_ver, resp->hci_rev,
591 resp->lmp_ver, resp->lmp_subver);
592
593 hci_ver = resp->hci_ver;
594 hci_rev = le16_to_cpu(resp->hci_rev);
595 lmp_subver = le16_to_cpu(resp->lmp_subver);
596
597 if (resp->hci_ver == 0x8 && le16_to_cpu(resp->hci_rev) == 0x826c &&
598 resp->lmp_ver == 0x8 && le16_to_cpu(resp->lmp_subver) == 0xa99e)
599 btrtl_dev->drop_fw = true;
600
601 if (btrtl_dev->drop_fw) {
602 opcode = hci_opcode_pack(0x3f, 0x66);
603 cmd[0] = opcode & 0xff;
604 cmd[1] = opcode >> 8;
605
606 skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL);
607 if (!skb)
608 goto out_free;
609
610 skb_put_data(skb, cmd, sizeof(cmd));
611 hci_skb_pkt_type(skb) = HCI_COMMAND_PKT;
612
613 hdev->send(hdev, skb);
614
615
616
617
618 msleep(200);
619
620
621
622
623 skb = btrtl_read_local_version(hdev);
624 if (IS_ERR(skb)) {
625 ret = PTR_ERR(skb);
626 goto err_free;
627 }
628
629 resp = (struct hci_rp_read_local_version *)skb->data;
630 rtl_dev_info(hdev, "examining hci_ver=%02x hci_rev=%04x lmp_ver=%02x lmp_subver=%04x",
631 resp->hci_ver, resp->hci_rev,
632 resp->lmp_ver, resp->lmp_subver);
633
634 hci_ver = resp->hci_ver;
635 hci_rev = le16_to_cpu(resp->hci_rev);
636 lmp_subver = le16_to_cpu(resp->lmp_subver);
637 }
638out_free:
639 kfree_skb(skb);
640
641 btrtl_dev->ic_info = btrtl_match_ic(lmp_subver, hci_rev, hci_ver,
642 hdev->bus);
643
644 if (!btrtl_dev->ic_info) {
645 rtl_dev_info(hdev, "unknown IC info, lmp subver %04x, hci rev %04x, hci ver %04x",
646 lmp_subver, hci_rev, hci_ver);
647 return btrtl_dev;
648 }
649
650 if (btrtl_dev->ic_info->has_rom_version) {
651 ret = rtl_read_rom_version(hdev, &btrtl_dev->rom_version);
652 if (ret)
653 goto err_free;
654 }
655
656 btrtl_dev->fw_len = rtl_load_file(hdev, btrtl_dev->ic_info->fw_name,
657 &btrtl_dev->fw_data);
658 if (btrtl_dev->fw_len < 0) {
659 rtl_dev_err(hdev, "firmware file %s not found",
660 btrtl_dev->ic_info->fw_name);
661 ret = btrtl_dev->fw_len;
662 goto err_free;
663 }
664
665 if (btrtl_dev->ic_info->cfg_name) {
666 if (postfix) {
667 snprintf(cfg_name, sizeof(cfg_name), "%s-%s.bin",
668 btrtl_dev->ic_info->cfg_name, postfix);
669 } else {
670 snprintf(cfg_name, sizeof(cfg_name), "%s.bin",
671 btrtl_dev->ic_info->cfg_name);
672 }
673 btrtl_dev->cfg_len = rtl_load_file(hdev, cfg_name,
674 &btrtl_dev->cfg_data);
675 if (btrtl_dev->ic_info->config_needed &&
676 btrtl_dev->cfg_len <= 0) {
677 rtl_dev_err(hdev, "mandatory config file %s not found",
678 btrtl_dev->ic_info->cfg_name);
679 ret = btrtl_dev->cfg_len;
680 goto err_free;
681 }
682 }
683
684
685
686
687 switch (lmp_subver) {
688 case RTL_ROM_LMP_8822B:
689 case RTL_ROM_LMP_8852A:
690 hci_set_msft_opcode(hdev, 0xFCF0);
691 break;
692 }
693
694 return btrtl_dev;
695
696err_free:
697 btrtl_free(btrtl_dev);
698err_alloc:
699 return ERR_PTR(ret);
700}
701EXPORT_SYMBOL_GPL(btrtl_initialize);
702
703int btrtl_download_firmware(struct hci_dev *hdev,
704 struct btrtl_device_info *btrtl_dev)
705{
706
707
708
709
710
711
712 if (!btrtl_dev->ic_info) {
713 rtl_dev_info(hdev, "assuming no firmware upload needed");
714 return 0;
715 }
716
717 switch (btrtl_dev->ic_info->lmp_subver) {
718 case RTL_ROM_LMP_8723A:
719 return btrtl_setup_rtl8723a(hdev, btrtl_dev);
720 case RTL_ROM_LMP_8723B:
721 case RTL_ROM_LMP_8821A:
722 case RTL_ROM_LMP_8761A:
723 case RTL_ROM_LMP_8822B:
724 case RTL_ROM_LMP_8852A:
725 return btrtl_setup_rtl8723b(hdev, btrtl_dev);
726 default:
727 rtl_dev_info(hdev, "assuming no firmware upload needed");
728 return 0;
729 }
730}
731EXPORT_SYMBOL_GPL(btrtl_download_firmware);
732
733void btrtl_set_quirks(struct hci_dev *hdev, struct btrtl_device_info *btrtl_dev)
734{
735
736
737
738 set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks);
739
740
741
742
743
744 switch (btrtl_dev->project_id) {
745 case CHIP_ID_8822C:
746 case CHIP_ID_8852A:
747 set_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks);
748 set_bit(HCI_QUIRK_WIDEBAND_SPEECH_SUPPORTED, &hdev->quirks);
749 break;
750 default:
751 rtl_dev_dbg(hdev, "Central-peripheral role not enabled.");
752 rtl_dev_dbg(hdev, "WBS supported not enabled.");
753 break;
754 }
755}
756EXPORT_SYMBOL_GPL(btrtl_set_quirks);
757
758int btrtl_setup_realtek(struct hci_dev *hdev)
759{
760 struct btrtl_device_info *btrtl_dev;
761 int ret;
762
763 btrtl_dev = btrtl_initialize(hdev, NULL);
764 if (IS_ERR(btrtl_dev))
765 return PTR_ERR(btrtl_dev);
766
767 ret = btrtl_download_firmware(hdev, btrtl_dev);
768
769 btrtl_set_quirks(hdev, btrtl_dev);
770
771 btrtl_free(btrtl_dev);
772 return ret;
773}
774EXPORT_SYMBOL_GPL(btrtl_setup_realtek);
775
776int btrtl_shutdown_realtek(struct hci_dev *hdev)
777{
778 struct sk_buff *skb;
779 int ret;
780
781
782
783
784 skb = __hci_cmd_sync(hdev, HCI_OP_RESET, 0, NULL, HCI_INIT_TIMEOUT);
785 if (IS_ERR(skb)) {
786 ret = PTR_ERR(skb);
787 bt_dev_err(hdev, "HCI reset during shutdown failed");
788 return ret;
789 }
790 kfree_skb(skb);
791
792 return 0;
793}
794EXPORT_SYMBOL_GPL(btrtl_shutdown_realtek);
795
796static unsigned int btrtl_convert_baudrate(u32 device_baudrate)
797{
798 switch (device_baudrate) {
799 case 0x0252a00a:
800 return 230400;
801
802 case 0x05f75004:
803 return 921600;
804
805 case 0x00005004:
806 return 1000000;
807
808 case 0x04928002:
809 case 0x01128002:
810 return 1500000;
811
812 case 0x00005002:
813 return 2000000;
814
815 case 0x0000b001:
816 return 2500000;
817
818 case 0x04928001:
819 return 3000000;
820
821 case 0x052a6001:
822 return 3500000;
823
824 case 0x00005001:
825 return 4000000;
826
827 case 0x0252c014:
828 default:
829 return 115200;
830 }
831}
832
833int btrtl_get_uart_settings(struct hci_dev *hdev,
834 struct btrtl_device_info *btrtl_dev,
835 unsigned int *controller_baudrate,
836 u32 *device_baudrate, bool *flow_control)
837{
838 struct rtl_vendor_config *config;
839 struct rtl_vendor_config_entry *entry;
840 int i, total_data_len;
841 bool found = false;
842
843 total_data_len = btrtl_dev->cfg_len - sizeof(*config);
844 if (total_data_len <= 0) {
845 rtl_dev_warn(hdev, "no config loaded");
846 return -EINVAL;
847 }
848
849 config = (struct rtl_vendor_config *)btrtl_dev->cfg_data;
850 if (le32_to_cpu(config->signature) != RTL_CONFIG_MAGIC) {
851 rtl_dev_err(hdev, "invalid config magic");
852 return -EINVAL;
853 }
854
855 if (total_data_len < le16_to_cpu(config->total_len)) {
856 rtl_dev_err(hdev, "config is too short");
857 return -EINVAL;
858 }
859
860 for (i = 0; i < total_data_len; ) {
861 entry = ((void *)config->entry) + i;
862
863 switch (le16_to_cpu(entry->offset)) {
864 case 0xc:
865 if (entry->len < sizeof(*device_baudrate)) {
866 rtl_dev_err(hdev, "invalid UART config entry");
867 return -EINVAL;
868 }
869
870 *device_baudrate = get_unaligned_le32(entry->data);
871 *controller_baudrate = btrtl_convert_baudrate(
872 *device_baudrate);
873
874 if (entry->len >= 13)
875 *flow_control = !!(entry->data[12] & BIT(2));
876 else
877 *flow_control = false;
878
879 found = true;
880 break;
881
882 default:
883 rtl_dev_dbg(hdev, "skipping config entry 0x%x (len %u)",
884 le16_to_cpu(entry->offset), entry->len);
885 break;
886 }
887
888 i += sizeof(*entry) + entry->len;
889 }
890
891 if (!found) {
892 rtl_dev_err(hdev, "no UART config entry found");
893 return -ENOENT;
894 }
895
896 rtl_dev_dbg(hdev, "device baudrate = 0x%08x", *device_baudrate);
897 rtl_dev_dbg(hdev, "controller baudrate = %u", *controller_baudrate);
898 rtl_dev_dbg(hdev, "flow control %d", *flow_control);
899
900 return 0;
901}
902EXPORT_SYMBOL_GPL(btrtl_get_uart_settings);
903
904MODULE_AUTHOR("Daniel Drake <drake@endlessm.com>");
905MODULE_DESCRIPTION("Bluetooth support for Realtek devices ver " VERSION);
906MODULE_VERSION(VERSION);
907MODULE_LICENSE("GPL");
908MODULE_FIRMWARE("rtl_bt/rtl8723a_fw.bin");
909MODULE_FIRMWARE("rtl_bt/rtl8723b_fw.bin");
910MODULE_FIRMWARE("rtl_bt/rtl8723b_config.bin");
911MODULE_FIRMWARE("rtl_bt/rtl8723bs_fw.bin");
912MODULE_FIRMWARE("rtl_bt/rtl8723bs_config.bin");
913MODULE_FIRMWARE("rtl_bt/rtl8723ds_fw.bin");
914MODULE_FIRMWARE("rtl_bt/rtl8723ds_config.bin");
915MODULE_FIRMWARE("rtl_bt/rtl8761a_fw.bin");
916MODULE_FIRMWARE("rtl_bt/rtl8761a_config.bin");
917MODULE_FIRMWARE("rtl_bt/rtl8821a_fw.bin");
918MODULE_FIRMWARE("rtl_bt/rtl8821a_config.bin");
919MODULE_FIRMWARE("rtl_bt/rtl8822b_fw.bin");
920MODULE_FIRMWARE("rtl_bt/rtl8822b_config.bin");
921MODULE_FIRMWARE("rtl_bt/rtl8852au_fw.bin");
922MODULE_FIRMWARE("rtl_bt/rtl8852au_config.bin");
923
