Merge branch 'sii-m15w' into upstream
[linux-2.6] / drivers / bluetooth / hci_usb.c
1 /* 
2    HCI USB driver for Linux Bluetooth protocol stack (BlueZ)
3    Copyright (C) 2000-2001 Qualcomm Incorporated
4    Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
5
6    Copyright (C) 2003 Maxim Krasnyansky <maxk@qualcomm.com>
7
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License version 2 as
10    published by the Free Software Foundation;
11
12    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
13    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
14    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
15    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
16    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 
17    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 
18    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 
19    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20
21    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 
22    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 
23    SOFTWARE IS DISCLAIMED.
24 */
25
26 /*
27  * Bluetooth HCI USB driver.
28  * Based on original USB Bluetooth driver for Linux kernel
29  *    Copyright (c) 2000 Greg Kroah-Hartman        <greg@kroah.com>
30  *    Copyright (c) 2000 Mark Douglas Corner       <mcorner@umich.edu>
31  *
32  */
33
34 #include <linux/module.h>
35
36 #include <linux/kernel.h>
37 #include <linux/init.h>
38 #include <linux/sched.h>
39 #include <linux/unistd.h>
40 #include <linux/types.h>
41 #include <linux/interrupt.h>
42 #include <linux/moduleparam.h>
43
44 #include <linux/slab.h>
45 #include <linux/errno.h>
46 #include <linux/string.h>
47 #include <linux/skbuff.h>
48
49 #include <linux/usb.h>
50
51 #include <net/bluetooth/bluetooth.h>
52 #include <net/bluetooth/hci_core.h>
53
54 #include "hci_usb.h"
55
56 #ifndef CONFIG_BT_HCIUSB_DEBUG
57 #undef  BT_DBG
58 #define BT_DBG(D...)
59 #endif
60
61 #ifndef CONFIG_BT_HCIUSB_ZERO_PACKET
62 #undef  URB_ZERO_PACKET
63 #define URB_ZERO_PACKET 0
64 #endif
65
66 static int ignore = 0;
67 static int ignore_dga = 0;
68 static int ignore_csr = 0;
69 static int ignore_sniffer = 0;
70 static int disable_scofix = 0;
71 static int force_scofix = 0;
72 static int reset = 0;
73
74 #ifdef CONFIG_BT_HCIUSB_SCO
75 static int isoc = 2;
76 #endif
77
78 #define VERSION "2.9"
79
80 static struct usb_driver hci_usb_driver; 
81
82 static struct usb_device_id bluetooth_ids[] = {
83         /* Generic Bluetooth USB device */
84         { USB_DEVICE_INFO(HCI_DEV_CLASS, HCI_DEV_SUBCLASS, HCI_DEV_PROTOCOL) },
85
86         /* AVM BlueFRITZ! USB v2.0 */
87         { USB_DEVICE(0x057c, 0x3800) },
88
89         /* Bluetooth Ultraport Module from IBM */
90         { USB_DEVICE(0x04bf, 0x030a) },
91
92         /* ALPS Modules with non-standard id */
93         { USB_DEVICE(0x044e, 0x3001) },
94         { USB_DEVICE(0x044e, 0x3002) },
95
96         /* Ericsson with non-standard id */
97         { USB_DEVICE(0x0bdb, 0x1002) },
98
99         { }     /* Terminating entry */
100 };
101
102 MODULE_DEVICE_TABLE (usb, bluetooth_ids);
103
104 static struct usb_device_id blacklist_ids[] = {
105         /* CSR BlueCore devices */
106         { USB_DEVICE(0x0a12, 0x0001), .driver_info = HCI_CSR },
107
108         /* Broadcom BCM2033 without firmware */
109         { USB_DEVICE(0x0a5c, 0x2033), .driver_info = HCI_IGNORE },
110
111         /* Broadcom BCM2035 */
112         { USB_DEVICE(0x0a5c, 0x200a), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
113         { USB_DEVICE(0x0a5c, 0x2009), .driver_info = HCI_BCM92035 },
114
115         /* IBM/Lenovo ThinkPad with Broadcom chip */
116         { USB_DEVICE(0x0a5c, 0x201e), .driver_info = HCI_WRONG_SCO_MTU },
117
118         /* Microsoft Wireless Transceiver for Bluetooth 2.0 */
119         { USB_DEVICE(0x045e, 0x009c), .driver_info = HCI_RESET },
120
121         /* Kensington Bluetooth USB adapter */
122         { USB_DEVICE(0x047d, 0x105d), .driver_info = HCI_RESET },
123
124         /* ISSC Bluetooth Adapter v3.1 */
125         { USB_DEVICE(0x1131, 0x1001), .driver_info = HCI_RESET },
126
127         /* RTX Telecom based adapters with buggy SCO support */
128         { USB_DEVICE(0x0400, 0x0807), .driver_info = HCI_BROKEN_ISOC },
129         { USB_DEVICE(0x0400, 0x080a), .driver_info = HCI_BROKEN_ISOC },
130
131         /* Belkin F8T012 and F8T013 devices */
132         { USB_DEVICE(0x050d, 0x0012), .driver_info = HCI_WRONG_SCO_MTU },
133         { USB_DEVICE(0x050d, 0x0013), .driver_info = HCI_WRONG_SCO_MTU },
134
135         /* Digianswer devices */
136         { USB_DEVICE(0x08fd, 0x0001), .driver_info = HCI_DIGIANSWER },
137         { USB_DEVICE(0x08fd, 0x0002), .driver_info = HCI_IGNORE },
138
139         /* CSR BlueCore Bluetooth Sniffer */
140         { USB_DEVICE(0x0a12, 0x0002), .driver_info = HCI_SNIFFER },
141
142         /* Frontline ComProbe Bluetooth Sniffer */
143         { USB_DEVICE(0x16d3, 0x0002), .driver_info = HCI_SNIFFER },
144
145         { }     /* Terminating entry */
146 };
147
148 static struct _urb *_urb_alloc(int isoc, gfp_t gfp)
149 {
150         struct _urb *_urb = kmalloc(sizeof(struct _urb) +
151                                 sizeof(struct usb_iso_packet_descriptor) * isoc, gfp);
152         if (_urb) {
153                 memset(_urb, 0, sizeof(*_urb));
154                 usb_init_urb(&_urb->urb);
155         }
156         return _urb;
157 }
158
159 static struct _urb *_urb_dequeue(struct _urb_queue *q)
160 {
161         struct _urb *_urb = NULL;
162         unsigned long flags;
163         spin_lock_irqsave(&q->lock, flags);
164         {
165                 struct list_head *head = &q->head;
166                 struct list_head *next = head->next;
167                 if (next != head) {
168                         _urb = list_entry(next, struct _urb, list);
169                         list_del(next); _urb->queue = NULL;
170                 }
171         }
172         spin_unlock_irqrestore(&q->lock, flags);
173         return _urb;
174 }
175
176 static void hci_usb_rx_complete(struct urb *urb, struct pt_regs *regs);
177 static void hci_usb_tx_complete(struct urb *urb, struct pt_regs *regs);
178
179 #define __pending_tx(husb, type)  (&husb->pending_tx[type-1])
180 #define __pending_q(husb, type)   (&husb->pending_q[type-1])
181 #define __completed_q(husb, type) (&husb->completed_q[type-1])
182 #define __transmit_q(husb, type)  (&husb->transmit_q[type-1])
183 #define __reassembly(husb, type)  (husb->reassembly[type-1])
184
185 static inline struct _urb *__get_completed(struct hci_usb *husb, int type)
186 {
187         return _urb_dequeue(__completed_q(husb, type)); 
188 }
189
190 #ifdef CONFIG_BT_HCIUSB_SCO
191 static void __fill_isoc_desc(struct urb *urb, int len, int mtu)
192 {
193         int offset = 0, i;
194
195         BT_DBG("len %d mtu %d", len, mtu);
196
197         for (i=0; i < HCI_MAX_ISOC_FRAMES && len >= mtu; i++, offset += mtu, len -= mtu) {
198                 urb->iso_frame_desc[i].offset = offset;
199                 urb->iso_frame_desc[i].length = mtu;
200                 BT_DBG("desc %d offset %d len %d", i, offset, mtu);
201         }
202         if (len && i < HCI_MAX_ISOC_FRAMES) {
203                 urb->iso_frame_desc[i].offset = offset;
204                 urb->iso_frame_desc[i].length = len;
205                 BT_DBG("desc %d offset %d len %d", i, offset, len);
206                 i++;
207         }
208         urb->number_of_packets = i;
209 }
210 #endif
211
212 static int hci_usb_intr_rx_submit(struct hci_usb *husb)
213 {
214         struct _urb *_urb;
215         struct urb *urb;
216         int err, pipe, interval, size;
217         void *buf;
218
219         BT_DBG("%s", husb->hdev->name);
220
221         size = le16_to_cpu(husb->intr_in_ep->desc.wMaxPacketSize);
222
223         buf = kmalloc(size, GFP_ATOMIC);
224         if (!buf)
225                 return -ENOMEM;
226
227         _urb = _urb_alloc(0, GFP_ATOMIC);
228         if (!_urb) {
229                 kfree(buf);
230                 return -ENOMEM;
231         }
232         _urb->type = HCI_EVENT_PKT;
233         _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
234
235         urb = &_urb->urb;
236         pipe     = usb_rcvintpipe(husb->udev, husb->intr_in_ep->desc.bEndpointAddress);
237         interval = husb->intr_in_ep->desc.bInterval;
238         usb_fill_int_urb(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb, interval);
239         
240         err = usb_submit_urb(urb, GFP_ATOMIC);
241         if (err) {
242                 BT_ERR("%s intr rx submit failed urb %p err %d",
243                                 husb->hdev->name, urb, err);
244                 _urb_unlink(_urb);
245                 _urb_free(_urb);
246                 kfree(buf);
247         }
248         return err;
249 }
250
251 static int hci_usb_bulk_rx_submit(struct hci_usb *husb)
252 {
253         struct _urb *_urb;
254         struct urb *urb;
255         int err, pipe, size = HCI_MAX_FRAME_SIZE;
256         void *buf;
257
258         buf = kmalloc(size, GFP_ATOMIC);
259         if (!buf)
260                 return -ENOMEM;
261
262         _urb = _urb_alloc(0, GFP_ATOMIC);
263         if (!_urb) {
264                 kfree(buf);
265                 return -ENOMEM;
266         }
267         _urb->type = HCI_ACLDATA_PKT;
268         _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
269
270         urb  = &_urb->urb;
271         pipe = usb_rcvbulkpipe(husb->udev, husb->bulk_in_ep->desc.bEndpointAddress);
272         usb_fill_bulk_urb(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb);
273         urb->transfer_flags = 0;
274
275         BT_DBG("%s urb %p", husb->hdev->name, urb);
276
277         err = usb_submit_urb(urb, GFP_ATOMIC);
278         if (err) {
279                 BT_ERR("%s bulk rx submit failed urb %p err %d",
280                                 husb->hdev->name, urb, err);
281                 _urb_unlink(_urb);
282                 _urb_free(_urb);
283                 kfree(buf);
284         }
285         return err;
286 }
287
288 #ifdef CONFIG_BT_HCIUSB_SCO
289 static int hci_usb_isoc_rx_submit(struct hci_usb *husb)
290 {
291         struct _urb *_urb;
292         struct urb *urb;
293         int err, mtu, size;
294         void *buf;
295
296         mtu  = le16_to_cpu(husb->isoc_in_ep->desc.wMaxPacketSize);
297         size = mtu * HCI_MAX_ISOC_FRAMES;
298
299         buf = kmalloc(size, GFP_ATOMIC);
300         if (!buf)
301                 return -ENOMEM;
302
303         _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
304         if (!_urb) {
305                 kfree(buf);
306                 return -ENOMEM;
307         }
308         _urb->type = HCI_SCODATA_PKT;
309         _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
310
311         urb = &_urb->urb;
312
313         urb->context  = husb;
314         urb->dev      = husb->udev;
315         urb->pipe     = usb_rcvisocpipe(husb->udev, husb->isoc_in_ep->desc.bEndpointAddress);
316         urb->complete = hci_usb_rx_complete;
317
318         urb->interval = husb->isoc_in_ep->desc.bInterval;
319
320         urb->transfer_buffer_length = size;
321         urb->transfer_buffer = buf;
322         urb->transfer_flags  = URB_ISO_ASAP;
323
324         __fill_isoc_desc(urb, size, mtu);
325
326         BT_DBG("%s urb %p", husb->hdev->name, urb);
327
328         err = usb_submit_urb(urb, GFP_ATOMIC);
329         if (err) {
330                 BT_ERR("%s isoc rx submit failed urb %p err %d",
331                                 husb->hdev->name, urb, err);
332                 _urb_unlink(_urb);
333                 _urb_free(_urb);
334                 kfree(buf);
335         }
336         return err;
337 }
338 #endif
339
340 /* Initialize device */
341 static int hci_usb_open(struct hci_dev *hdev)
342 {
343         struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
344         int i, err;
345         unsigned long flags;
346
347         BT_DBG("%s", hdev->name);
348
349         if (test_and_set_bit(HCI_RUNNING, &hdev->flags))
350                 return 0;
351
352         write_lock_irqsave(&husb->completion_lock, flags);
353
354         err = hci_usb_intr_rx_submit(husb);
355         if (!err) {
356                 for (i = 0; i < HCI_MAX_BULK_RX; i++)
357                         hci_usb_bulk_rx_submit(husb);
358
359 #ifdef CONFIG_BT_HCIUSB_SCO
360                 if (husb->isoc_iface)
361                         for (i = 0; i < HCI_MAX_ISOC_RX; i++)
362                                 hci_usb_isoc_rx_submit(husb);
363 #endif
364         } else {
365                 clear_bit(HCI_RUNNING, &hdev->flags);
366         }
367
368         write_unlock_irqrestore(&husb->completion_lock, flags);
369         return err;
370 }
371
372 /* Reset device */
373 static int hci_usb_flush(struct hci_dev *hdev)
374 {
375         struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
376         int i;
377
378         BT_DBG("%s", hdev->name);
379
380         for (i = 0; i < 4; i++)
381                 skb_queue_purge(&husb->transmit_q[i]);
382         return 0;
383 }
384
385 static void hci_usb_unlink_urbs(struct hci_usb *husb)
386 {
387         int i;
388
389         BT_DBG("%s", husb->hdev->name);
390
391         for (i = 0; i < 4; i++) {
392                 struct _urb *_urb;
393                 struct urb *urb;
394
395                 /* Kill pending requests */
396                 while ((_urb = _urb_dequeue(&husb->pending_q[i]))) {
397                         urb = &_urb->urb;
398                         BT_DBG("%s unlinking _urb %p type %d urb %p", 
399                                         husb->hdev->name, _urb, _urb->type, urb);
400                         usb_kill_urb(urb);
401                         _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
402                 }
403
404                 /* Release completed requests */
405                 while ((_urb = _urb_dequeue(&husb->completed_q[i]))) {
406                         urb = &_urb->urb;
407                         BT_DBG("%s freeing _urb %p type %d urb %p",
408                                         husb->hdev->name, _urb, _urb->type, urb);
409                         kfree(urb->setup_packet);
410                         kfree(urb->transfer_buffer);
411                         _urb_free(_urb);
412                 }
413
414                 /* Release reassembly buffers */
415                 if (husb->reassembly[i]) {
416                         kfree_skb(husb->reassembly[i]);
417                         husb->reassembly[i] = NULL;
418                 }
419         }
420 }
421
422 /* Close device */
423 static int hci_usb_close(struct hci_dev *hdev)
424 {
425         struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
426         unsigned long flags;
427
428         if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
429                 return 0;
430
431         BT_DBG("%s", hdev->name);
432
433         /* Synchronize with completion handlers */
434         write_lock_irqsave(&husb->completion_lock, flags);
435         write_unlock_irqrestore(&husb->completion_lock, flags);
436
437         hci_usb_unlink_urbs(husb);
438         hci_usb_flush(hdev);
439         return 0;
440 }
441
442 static int __tx_submit(struct hci_usb *husb, struct _urb *_urb)
443 {
444         struct urb *urb = &_urb->urb;
445         int err;
446
447         BT_DBG("%s urb %p type %d", husb->hdev->name, urb, _urb->type);
448
449         _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
450         err = usb_submit_urb(urb, GFP_ATOMIC);
451         if (err) {
452                 BT_ERR("%s tx submit failed urb %p type %d err %d",
453                                 husb->hdev->name, urb, _urb->type, err);
454                 _urb_unlink(_urb);
455                 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
456         } else
457                 atomic_inc(__pending_tx(husb, _urb->type));
458
459         return err;
460 }
461
462 static inline int hci_usb_send_ctrl(struct hci_usb *husb, struct sk_buff *skb)
463 {
464         struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
465         struct usb_ctrlrequest *dr;
466         struct urb *urb;
467
468         if (!_urb) {
469                 _urb = _urb_alloc(0, GFP_ATOMIC);
470                 if (!_urb)
471                         return -ENOMEM;
472                 _urb->type = bt_cb(skb)->pkt_type;
473
474                 dr = kmalloc(sizeof(*dr), GFP_ATOMIC);
475                 if (!dr) {
476                         _urb_free(_urb);
477                         return -ENOMEM;
478                 }
479         } else
480                 dr = (void *) _urb->urb.setup_packet;
481
482         dr->bRequestType = husb->ctrl_req;
483         dr->bRequest = 0;
484         dr->wIndex   = 0;
485         dr->wValue   = 0;
486         dr->wLength  = __cpu_to_le16(skb->len);
487
488         urb = &_urb->urb;
489         usb_fill_control_urb(urb, husb->udev, usb_sndctrlpipe(husb->udev, 0),
490                 (void *) dr, skb->data, skb->len, hci_usb_tx_complete, husb);
491
492         BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
493         
494         _urb->priv = skb;
495         return __tx_submit(husb, _urb);
496 }
497
498 static inline int hci_usb_send_bulk(struct hci_usb *husb, struct sk_buff *skb)
499 {
500         struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
501         struct urb *urb;
502         int pipe;
503
504         if (!_urb) {
505                 _urb = _urb_alloc(0, GFP_ATOMIC);
506                 if (!_urb)
507                         return -ENOMEM;
508                 _urb->type = bt_cb(skb)->pkt_type;
509         }
510
511         urb  = &_urb->urb;
512         pipe = usb_sndbulkpipe(husb->udev, husb->bulk_out_ep->desc.bEndpointAddress);
513         usb_fill_bulk_urb(urb, husb->udev, pipe, skb->data, skb->len, 
514                         hci_usb_tx_complete, husb);
515         urb->transfer_flags = URB_ZERO_PACKET;
516
517         BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
518
519         _urb->priv = skb;
520         return __tx_submit(husb, _urb);
521 }
522
523 #ifdef CONFIG_BT_HCIUSB_SCO
524 static inline int hci_usb_send_isoc(struct hci_usb *husb, struct sk_buff *skb)
525 {
526         struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
527         struct urb *urb;
528
529         if (!_urb) {
530                 _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
531                 if (!_urb)
532                         return -ENOMEM;
533                 _urb->type = bt_cb(skb)->pkt_type;
534         }
535
536         BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
537
538         urb = &_urb->urb;
539
540         urb->context  = husb;
541         urb->dev      = husb->udev;
542         urb->pipe     = usb_sndisocpipe(husb->udev, husb->isoc_out_ep->desc.bEndpointAddress);
543         urb->complete = hci_usb_tx_complete;
544         urb->transfer_flags = URB_ISO_ASAP;
545
546         urb->interval = husb->isoc_out_ep->desc.bInterval;
547
548         urb->transfer_buffer = skb->data;
549         urb->transfer_buffer_length = skb->len;
550
551         __fill_isoc_desc(urb, skb->len, le16_to_cpu(husb->isoc_out_ep->desc.wMaxPacketSize));
552
553         _urb->priv = skb;
554         return __tx_submit(husb, _urb);
555 }
556 #endif
557
558 static void hci_usb_tx_process(struct hci_usb *husb)
559 {
560         struct sk_buff_head *q;
561         struct sk_buff *skb;
562
563         BT_DBG("%s", husb->hdev->name);
564
565         do {
566                 clear_bit(HCI_USB_TX_WAKEUP, &husb->state);
567
568                 /* Process command queue */
569                 q = __transmit_q(husb, HCI_COMMAND_PKT);
570                 if (!atomic_read(__pending_tx(husb, HCI_COMMAND_PKT)) &&
571                                 (skb = skb_dequeue(q))) {
572                         if (hci_usb_send_ctrl(husb, skb) < 0)
573                                 skb_queue_head(q, skb);
574                 }
575
576 #ifdef CONFIG_BT_HCIUSB_SCO
577                 /* Process SCO queue */
578                 q = __transmit_q(husb, HCI_SCODATA_PKT);
579                 if (atomic_read(__pending_tx(husb, HCI_SCODATA_PKT)) < HCI_MAX_ISOC_TX &&
580                                 (skb = skb_dequeue(q))) {
581                         if (hci_usb_send_isoc(husb, skb) < 0)
582                                 skb_queue_head(q, skb);
583                 }
584 #endif
585
586                 /* Process ACL queue */
587                 q = __transmit_q(husb, HCI_ACLDATA_PKT);
588                 while (atomic_read(__pending_tx(husb, HCI_ACLDATA_PKT)) < HCI_MAX_BULK_TX &&
589                                 (skb = skb_dequeue(q))) {
590                         if (hci_usb_send_bulk(husb, skb) < 0) {
591                                 skb_queue_head(q, skb);
592                                 break;
593                         }
594                 }
595         } while(test_bit(HCI_USB_TX_WAKEUP, &husb->state));
596 }
597
598 static inline void hci_usb_tx_wakeup(struct hci_usb *husb)
599 {
600         /* Serialize TX queue processing to avoid data reordering */
601         if (!test_and_set_bit(HCI_USB_TX_PROCESS, &husb->state)) {
602                 hci_usb_tx_process(husb);
603                 clear_bit(HCI_USB_TX_PROCESS, &husb->state);
604         } else
605                 set_bit(HCI_USB_TX_WAKEUP, &husb->state);
606 }
607
608 /* Send frames from HCI layer */
609 static int hci_usb_send_frame(struct sk_buff *skb)
610 {
611         struct hci_dev *hdev = (struct hci_dev *) skb->dev;
612         struct hci_usb *husb;
613
614         if (!hdev) {
615                 BT_ERR("frame for uknown device (hdev=NULL)");
616                 return -ENODEV;
617         }
618
619         if (!test_bit(HCI_RUNNING, &hdev->flags))
620                 return -EBUSY;
621
622         BT_DBG("%s type %d len %d", hdev->name, bt_cb(skb)->pkt_type, skb->len);
623
624         husb = (struct hci_usb *) hdev->driver_data;
625
626         switch (bt_cb(skb)->pkt_type) {
627         case HCI_COMMAND_PKT:
628                 hdev->stat.cmd_tx++;
629                 break;
630
631         case HCI_ACLDATA_PKT:
632                 hdev->stat.acl_tx++;
633                 break;
634
635 #ifdef CONFIG_BT_HCIUSB_SCO
636         case HCI_SCODATA_PKT:
637                 hdev->stat.sco_tx++;
638                 break;
639 #endif
640
641         default:
642                 kfree_skb(skb);
643                 return 0;
644         }
645
646         read_lock(&husb->completion_lock);
647
648         skb_queue_tail(__transmit_q(husb, bt_cb(skb)->pkt_type), skb);
649         hci_usb_tx_wakeup(husb);
650
651         read_unlock(&husb->completion_lock);
652         return 0;
653 }
654
655 static inline int __recv_frame(struct hci_usb *husb, int type, void *data, int count)
656 {
657         BT_DBG("%s type %d data %p count %d", husb->hdev->name, type, data, count);
658
659         husb->hdev->stat.byte_rx += count;
660
661         while (count) {
662                 struct sk_buff *skb = __reassembly(husb, type);
663                 struct { int expect; } *scb;
664                 int len = 0;
665         
666                 if (!skb) {
667                         /* Start of the frame */
668
669                         switch (type) {
670                         case HCI_EVENT_PKT:
671                                 if (count >= HCI_EVENT_HDR_SIZE) {
672                                         struct hci_event_hdr *h = data;
673                                         len = HCI_EVENT_HDR_SIZE + h->plen;
674                                 } else
675                                         return -EILSEQ;
676                                 break;
677
678                         case HCI_ACLDATA_PKT:
679                                 if (count >= HCI_ACL_HDR_SIZE) {
680                                         struct hci_acl_hdr *h = data;
681                                         len = HCI_ACL_HDR_SIZE + __le16_to_cpu(h->dlen);
682                                 } else
683                                         return -EILSEQ;
684                                 break;
685 #ifdef CONFIG_BT_HCIUSB_SCO
686                         case HCI_SCODATA_PKT:
687                                 if (count >= HCI_SCO_HDR_SIZE) {
688                                         struct hci_sco_hdr *h = data;
689                                         len = HCI_SCO_HDR_SIZE + h->dlen;
690                                 } else
691                                         return -EILSEQ;
692                                 break;
693 #endif
694                         }
695                         BT_DBG("new packet len %d", len);
696
697                         skb = bt_skb_alloc(len, GFP_ATOMIC);
698                         if (!skb) {
699                                 BT_ERR("%s no memory for the packet", husb->hdev->name);
700                                 return -ENOMEM;
701                         }
702                         skb->dev = (void *) husb->hdev;
703                         bt_cb(skb)->pkt_type = type;
704         
705                         __reassembly(husb, type) = skb;
706
707                         scb = (void *) skb->cb;
708                         scb->expect = len;
709                 } else {
710                         /* Continuation */
711                         scb = (void *) skb->cb;
712                         len = scb->expect;
713                 }
714
715                 len = min(len, count);
716                 
717                 memcpy(skb_put(skb, len), data, len);
718
719                 scb->expect -= len;
720                 if (!scb->expect) {
721                         /* Complete frame */
722                         __reassembly(husb, type) = NULL;
723                         bt_cb(skb)->pkt_type = type;
724                         hci_recv_frame(skb);
725                 }
726
727                 count -= len; data += len;
728         }
729         return 0;
730 }
731
732 static void hci_usb_rx_complete(struct urb *urb, struct pt_regs *regs)
733 {
734         struct _urb *_urb = container_of(urb, struct _urb, urb);
735         struct hci_usb *husb = (void *) urb->context;
736         struct hci_dev *hdev = husb->hdev;
737         int err, count = urb->actual_length;
738
739         BT_DBG("%s urb %p type %d status %d count %d flags %x", hdev->name, urb,
740                         _urb->type, urb->status, count, urb->transfer_flags);
741
742         read_lock(&husb->completion_lock);
743
744         if (!test_bit(HCI_RUNNING, &hdev->flags))
745                 goto unlock;
746
747         if (urb->status || !count)
748                 goto resubmit;
749
750         if (_urb->type == HCI_SCODATA_PKT) {
751 #ifdef CONFIG_BT_HCIUSB_SCO
752                 int i;
753                 for (i=0; i < urb->number_of_packets; i++) {
754                         BT_DBG("desc %d status %d offset %d len %d", i,
755                                         urb->iso_frame_desc[i].status,
756                                         urb->iso_frame_desc[i].offset,
757                                         urb->iso_frame_desc[i].actual_length);
758         
759                         if (!urb->iso_frame_desc[i].status)
760                                 __recv_frame(husb, _urb->type, 
761                                         urb->transfer_buffer + urb->iso_frame_desc[i].offset,
762                                         urb->iso_frame_desc[i].actual_length);
763                 }
764 #else
765                 ;
766 #endif
767         } else {
768                 err = __recv_frame(husb, _urb->type, urb->transfer_buffer, count);
769                 if (err < 0) { 
770                         BT_ERR("%s corrupted packet: type %d count %d",
771                                         husb->hdev->name, _urb->type, count);
772                         hdev->stat.err_rx++;
773                 }
774         }
775
776 resubmit:
777         urb->dev = husb->udev;
778         err = usb_submit_urb(urb, GFP_ATOMIC);
779         BT_DBG("%s urb %p type %d resubmit status %d", hdev->name, urb,
780                         _urb->type, err);
781
782 unlock:
783         read_unlock(&husb->completion_lock);
784 }
785
786 static void hci_usb_tx_complete(struct urb *urb, struct pt_regs *regs)
787 {
788         struct _urb *_urb = container_of(urb, struct _urb, urb);
789         struct hci_usb *husb = (void *) urb->context;
790         struct hci_dev *hdev = husb->hdev;
791
792         BT_DBG("%s urb %p status %d flags %x", hdev->name, urb,
793                         urb->status, urb->transfer_flags);
794
795         atomic_dec(__pending_tx(husb, _urb->type));
796
797         urb->transfer_buffer = NULL;
798         kfree_skb((struct sk_buff *) _urb->priv);
799
800         if (!test_bit(HCI_RUNNING, &hdev->flags))
801                 return;
802
803         if (!urb->status)
804                 hdev->stat.byte_tx += urb->transfer_buffer_length;
805         else
806                 hdev->stat.err_tx++;
807
808         read_lock(&husb->completion_lock);
809
810         _urb_unlink(_urb);
811         _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
812
813         hci_usb_tx_wakeup(husb);
814
815         read_unlock(&husb->completion_lock);
816 }
817
818 static void hci_usb_destruct(struct hci_dev *hdev)
819 {
820         struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
821
822         BT_DBG("%s", hdev->name);
823
824         kfree(husb);
825 }
826
827 static void hci_usb_notify(struct hci_dev *hdev, unsigned int evt)
828 {
829         BT_DBG("%s evt %d", hdev->name, evt);
830 }
831
832 static int hci_usb_probe(struct usb_interface *intf, const struct usb_device_id *id)
833 {
834         struct usb_device *udev = interface_to_usbdev(intf);
835         struct usb_host_endpoint *bulk_out_ep = NULL;
836         struct usb_host_endpoint *bulk_in_ep = NULL;
837         struct usb_host_endpoint *intr_in_ep = NULL;
838         struct usb_host_endpoint  *ep;
839         struct usb_host_interface *uif;
840         struct usb_interface *isoc_iface;
841         struct hci_usb *husb;
842         struct hci_dev *hdev;
843         int i, e, size, isoc_ifnum, isoc_alts;
844
845         BT_DBG("udev %p intf %p", udev, intf);
846
847         if (!id->driver_info) {
848                 const struct usb_device_id *match;
849                 match = usb_match_id(intf, blacklist_ids);
850                 if (match)
851                         id = match;
852         }
853
854         if (ignore || id->driver_info & HCI_IGNORE)
855                 return -ENODEV;
856
857         if (ignore_dga && id->driver_info & HCI_DIGIANSWER)
858                 return -ENODEV;
859
860         if (ignore_csr && id->driver_info & HCI_CSR)
861                 return -ENODEV;
862
863         if (ignore_sniffer && id->driver_info & HCI_SNIFFER)
864                 return -ENODEV;
865
866         if (intf->cur_altsetting->desc.bInterfaceNumber > 0)
867                 return -ENODEV;
868
869         /* Find endpoints that we need */
870         uif = intf->cur_altsetting;
871         for (e = 0; e < uif->desc.bNumEndpoints; e++) {
872                 ep = &uif->endpoint[e];
873
874                 switch (ep->desc.bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) {
875                 case USB_ENDPOINT_XFER_INT:
876                         if (ep->desc.bEndpointAddress & USB_DIR_IN)
877                                 intr_in_ep = ep;
878                         break;
879
880                 case USB_ENDPOINT_XFER_BULK:
881                         if (ep->desc.bEndpointAddress & USB_DIR_IN)
882                                 bulk_in_ep  = ep;
883                         else
884                                 bulk_out_ep = ep;
885                         break;
886                 }
887         }
888
889         if (!bulk_in_ep || !bulk_out_ep || !intr_in_ep) {
890                 BT_DBG("Bulk endpoints not found");
891                 goto done;
892         }
893
894         if (!(husb = kzalloc(sizeof(struct hci_usb), GFP_KERNEL))) {
895                 BT_ERR("Can't allocate: control structure");
896                 goto done;
897         }
898
899         husb->udev = udev;
900         husb->bulk_out_ep = bulk_out_ep;
901         husb->bulk_in_ep  = bulk_in_ep;
902         husb->intr_in_ep  = intr_in_ep;
903
904         if (id->driver_info & HCI_DIGIANSWER)
905                 husb->ctrl_req = USB_TYPE_VENDOR;
906         else
907                 husb->ctrl_req = USB_TYPE_CLASS;
908
909         /* Find isochronous endpoints that we can use */
910         size = 0; 
911         isoc_iface = NULL;
912         isoc_alts  = 0;
913         isoc_ifnum = 1;
914
915 #ifdef CONFIG_BT_HCIUSB_SCO
916         if (isoc && !(id->driver_info & (HCI_BROKEN_ISOC | HCI_SNIFFER)))
917                 isoc_iface = usb_ifnum_to_if(udev, isoc_ifnum);
918
919         if (isoc_iface) {
920                 int a;
921                 struct usb_host_endpoint *isoc_out_ep = NULL;
922                 struct usb_host_endpoint *isoc_in_ep = NULL;
923
924                 for (a = 0; a < isoc_iface->num_altsetting; a++) {
925                         uif = &isoc_iface->altsetting[a];
926                         for (e = 0; e < uif->desc.bNumEndpoints; e++) {
927                                 ep = &uif->endpoint[e];
928
929                                 switch (ep->desc.bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) {
930                                 case USB_ENDPOINT_XFER_ISOC:
931                                         if (le16_to_cpu(ep->desc.wMaxPacketSize) < size ||
932                                                         uif->desc.bAlternateSetting != isoc)
933                                                 break;
934                                         size = le16_to_cpu(ep->desc.wMaxPacketSize);
935
936                                         isoc_alts = uif->desc.bAlternateSetting;
937
938                                         if (ep->desc.bEndpointAddress & USB_DIR_IN)
939                                                 isoc_in_ep  = ep;
940                                         else
941                                                 isoc_out_ep = ep;
942                                         break;
943                                 }
944                         }
945                 }
946
947                 if (!isoc_in_ep || !isoc_out_ep)
948                         BT_DBG("Isoc endpoints not found");
949                 else {
950                         BT_DBG("isoc ifnum %d alts %d", isoc_ifnum, isoc_alts);
951                         if (usb_driver_claim_interface(&hci_usb_driver, isoc_iface, husb) != 0)
952                                 BT_ERR("Can't claim isoc interface");
953                         else if (usb_set_interface(udev, isoc_ifnum, isoc_alts)) {
954                                 BT_ERR("Can't set isoc interface settings");
955                                 husb->isoc_iface = isoc_iface;
956                                 usb_driver_release_interface(&hci_usb_driver, isoc_iface);
957                                 husb->isoc_iface = NULL;
958                         } else {
959                                 husb->isoc_iface  = isoc_iface;
960                                 husb->isoc_in_ep  = isoc_in_ep;
961                                 husb->isoc_out_ep = isoc_out_ep;
962                         }
963                 }
964         }
965 #endif
966
967         rwlock_init(&husb->completion_lock);
968
969         for (i = 0; i < 4; i++) {
970                 skb_queue_head_init(&husb->transmit_q[i]);
971                 _urb_queue_init(&husb->pending_q[i]);
972                 _urb_queue_init(&husb->completed_q[i]);
973         }
974
975         /* Initialize and register HCI device */
976         hdev = hci_alloc_dev();
977         if (!hdev) {
978                 BT_ERR("Can't allocate HCI device");
979                 goto probe_error;
980         }
981
982         husb->hdev = hdev;
983
984         hdev->type = HCI_USB;
985         hdev->driver_data = husb;
986         SET_HCIDEV_DEV(hdev, &intf->dev);
987
988         hdev->open     = hci_usb_open;
989         hdev->close    = hci_usb_close;
990         hdev->flush    = hci_usb_flush;
991         hdev->send     = hci_usb_send_frame;
992         hdev->destruct = hci_usb_destruct;
993         hdev->notify   = hci_usb_notify;
994
995         hdev->owner = THIS_MODULE;
996
997         if (reset || id->driver_info & HCI_RESET)
998                 set_bit(HCI_QUIRK_RESET_ON_INIT, &hdev->quirks);
999
1000         if (force_scofix || id->driver_info & HCI_WRONG_SCO_MTU) {
1001                 if (!disable_scofix)
1002                         set_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks);
1003         }
1004
1005         if (id->driver_info & HCI_SNIFFER) {
1006                 if (le16_to_cpu(udev->descriptor.bcdDevice) > 0x997)
1007                         set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
1008         }
1009
1010         if (id->driver_info & HCI_BCM92035) {
1011                 unsigned char cmd[] = { 0x3b, 0xfc, 0x01, 0x00 };
1012                 struct sk_buff *skb;
1013
1014                 skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL);
1015                 if (skb) {
1016                         memcpy(skb_put(skb, sizeof(cmd)), cmd, sizeof(cmd));
1017                         skb_queue_tail(&hdev->driver_init, skb);
1018                 }
1019         }
1020
1021         if (hci_register_dev(hdev) < 0) {
1022                 BT_ERR("Can't register HCI device");
1023                 hci_free_dev(hdev);
1024                 goto probe_error;
1025         }
1026
1027         usb_set_intfdata(intf, husb);
1028         return 0;
1029
1030 probe_error:
1031         if (husb->isoc_iface)
1032                 usb_driver_release_interface(&hci_usb_driver, husb->isoc_iface);
1033         kfree(husb);
1034
1035 done:
1036         return -EIO;
1037 }
1038
1039 static void hci_usb_disconnect(struct usb_interface *intf)
1040 {
1041         struct hci_usb *husb = usb_get_intfdata(intf);
1042         struct hci_dev *hdev;
1043
1044         if (!husb || intf == husb->isoc_iface)
1045                 return;
1046
1047         usb_set_intfdata(intf, NULL);
1048         hdev = husb->hdev;
1049
1050         BT_DBG("%s", hdev->name);
1051
1052         hci_usb_close(hdev);
1053
1054         if (husb->isoc_iface)
1055                 usb_driver_release_interface(&hci_usb_driver, husb->isoc_iface);
1056
1057         if (hci_unregister_dev(hdev) < 0)
1058                 BT_ERR("Can't unregister HCI device %s", hdev->name);
1059
1060         hci_free_dev(hdev);
1061 }
1062
1063 static int hci_usb_suspend(struct usb_interface *intf, pm_message_t message)
1064 {
1065         struct hci_usb *husb = usb_get_intfdata(intf);
1066         struct list_head killed;
1067         unsigned long flags;
1068         int i;
1069
1070         if (!husb || intf == husb->isoc_iface)
1071                 return 0;
1072
1073         hci_suspend_dev(husb->hdev);
1074
1075         INIT_LIST_HEAD(&killed);
1076
1077         for (i = 0; i < 4; i++) {
1078                 struct _urb_queue *q = &husb->pending_q[i];
1079                 struct _urb *_urb, *_tmp;
1080
1081                 while ((_urb = _urb_dequeue(q))) {
1082                         /* reset queue since _urb_dequeue sets it to NULL */
1083                         _urb->queue = q;
1084                         usb_kill_urb(&_urb->urb);
1085                         list_add(&_urb->list, &killed);
1086                 }
1087
1088                 spin_lock_irqsave(&q->lock, flags);
1089
1090                 list_for_each_entry_safe(_urb, _tmp, &killed, list) {
1091                         list_move_tail(&_urb->list, &q->head);
1092                 }
1093
1094                 spin_unlock_irqrestore(&q->lock, flags);
1095         }
1096
1097         return 0;
1098 }
1099
1100 static int hci_usb_resume(struct usb_interface *intf)
1101 {
1102         struct hci_usb *husb = usb_get_intfdata(intf);
1103         unsigned long flags;
1104         int i, err = 0;
1105
1106         if (!husb || intf == husb->isoc_iface)
1107                 return 0;
1108         
1109         for (i = 0; i < 4; i++) {
1110                 struct _urb_queue *q = &husb->pending_q[i];
1111                 struct _urb *_urb;
1112
1113                 spin_lock_irqsave(&q->lock, flags);
1114
1115                 list_for_each_entry(_urb, &q->head, list) {
1116                         err = usb_submit_urb(&_urb->urb, GFP_ATOMIC);
1117                         if (err)
1118                                 break;
1119                 }
1120
1121                 spin_unlock_irqrestore(&q->lock, flags);
1122
1123                 if (err)
1124                         return -EIO;
1125         }
1126
1127         hci_resume_dev(husb->hdev);
1128
1129         return 0;
1130 }
1131
1132 static struct usb_driver hci_usb_driver = {
1133         .name           = "hci_usb",
1134         .probe          = hci_usb_probe,
1135         .disconnect     = hci_usb_disconnect,
1136         .suspend        = hci_usb_suspend,
1137         .resume         = hci_usb_resume,
1138         .id_table       = bluetooth_ids,
1139 };
1140
1141 static int __init hci_usb_init(void)
1142 {
1143         int err;
1144
1145         BT_INFO("HCI USB driver ver %s", VERSION);
1146
1147         if ((err = usb_register(&hci_usb_driver)) < 0)
1148                 BT_ERR("Failed to register HCI USB driver");
1149
1150         return err;
1151 }
1152
1153 static void __exit hci_usb_exit(void)
1154 {
1155         usb_deregister(&hci_usb_driver);
1156 }
1157
1158 module_init(hci_usb_init);
1159 module_exit(hci_usb_exit);
1160
1161 module_param(ignore, bool, 0644);
1162 MODULE_PARM_DESC(ignore, "Ignore devices from the matching table");
1163
1164 module_param(ignore_dga, bool, 0644);
1165 MODULE_PARM_DESC(ignore_dga, "Ignore devices with id 08fd:0001");
1166
1167 module_param(ignore_csr, bool, 0644);
1168 MODULE_PARM_DESC(ignore_csr, "Ignore devices with id 0a12:0001");
1169
1170 module_param(ignore_sniffer, bool, 0644);
1171 MODULE_PARM_DESC(ignore_sniffer, "Ignore devices with id 0a12:0002");
1172
1173 module_param(disable_scofix, bool, 0644);
1174 MODULE_PARM_DESC(disable_scofix, "Disable fixup of wrong SCO buffer size");
1175
1176 module_param(force_scofix, bool, 0644);
1177 MODULE_PARM_DESC(force_scofix, "Force fixup of wrong SCO buffers size");
1178
1179 module_param(reset, bool, 0644);
1180 MODULE_PARM_DESC(reset, "Send HCI reset command on initialization");
1181
1182 #ifdef CONFIG_BT_HCIUSB_SCO
1183 module_param(isoc, int, 0644);
1184 MODULE_PARM_DESC(isoc, "Set isochronous transfers for SCO over HCI support");
1185 #endif
1186
1187 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
1188 MODULE_DESCRIPTION("Bluetooth HCI USB driver ver " VERSION);
1189 MODULE_VERSION(VERSION);
1190 MODULE_LICENSE("GPL");