Merge master.kernel.org:/pub/scm/linux/kernel/git/lethal/sh-2.6
[linux-2.6] / drivers / bluetooth / hci_usb.c
1 /* 
2    HCI USB driver for Linux Bluetooth protocol stack (BlueZ)
3    Copyright (C) 2000-2001 Qualcomm Incorporated
4    Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
5
6    Copyright (C) 2003 Maxim Krasnyansky <maxk@qualcomm.com>
7
8    This program is free software; you can redistribute it and/or modify
9    it under the terms of the GNU General Public License version 2 as
10    published by the Free Software Foundation;
11
12    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
13    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
14    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
15    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
16    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES 
17    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 
18    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 
19    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20
21    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS, 
22    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS 
23    SOFTWARE IS DISCLAIMED.
24 */
25
26 /*
27  * Bluetooth HCI USB driver.
28  * Based on original USB Bluetooth driver for Linux kernel
29  *    Copyright (c) 2000 Greg Kroah-Hartman        <greg@kroah.com>
30  *    Copyright (c) 2000 Mark Douglas Corner       <mcorner@umich.edu>
31  *
32  */
33
34 #include <linux/module.h>
35
36 #include <linux/kernel.h>
37 #include <linux/init.h>
38 #include <linux/sched.h>
39 #include <linux/unistd.h>
40 #include <linux/types.h>
41 #include <linux/interrupt.h>
42 #include <linux/moduleparam.h>
43
44 #include <linux/slab.h>
45 #include <linux/errno.h>
46 #include <linux/string.h>
47 #include <linux/skbuff.h>
48
49 #include <linux/usb.h>
50
51 #include <net/bluetooth/bluetooth.h>
52 #include <net/bluetooth/hci_core.h>
53
54 #include "hci_usb.h"
55
56 #ifndef CONFIG_BT_HCIUSB_DEBUG
57 #undef  BT_DBG
58 #define BT_DBG(D...)
59 #endif
60
61 #ifndef CONFIG_BT_HCIUSB_ZERO_PACKET
62 #undef  URB_ZERO_PACKET
63 #define URB_ZERO_PACKET 0
64 #endif
65
66 static int ignore = 0;
67 static int ignore_dga = 0;
68 static int ignore_csr = 0;
69 static int ignore_sniffer = 0;
70 static int disable_scofix = 0;
71 static int force_scofix = 0;
72 static int reset = 0;
73
74 #ifdef CONFIG_BT_HCIUSB_SCO
75 static int isoc = 2;
76 #endif
77
78 #define VERSION "2.9"
79
80 static struct usb_driver hci_usb_driver; 
81
82 static struct usb_device_id bluetooth_ids[] = {
83         /* Generic Bluetooth USB device */
84         { USB_DEVICE_INFO(HCI_DEV_CLASS, HCI_DEV_SUBCLASS, HCI_DEV_PROTOCOL) },
85
86         /* AVM BlueFRITZ! USB v2.0 */
87         { USB_DEVICE(0x057c, 0x3800) },
88
89         /* Bluetooth Ultraport Module from IBM */
90         { USB_DEVICE(0x04bf, 0x030a) },
91
92         /* ALPS Modules with non-standard id */
93         { USB_DEVICE(0x044e, 0x3001) },
94         { USB_DEVICE(0x044e, 0x3002) },
95
96         /* Ericsson with non-standard id */
97         { USB_DEVICE(0x0bdb, 0x1002) },
98
99         /* Canyon CN-BTU1 with HID interfaces */
100         { USB_DEVICE(0x0c10, 0x0000), .driver_info = HCI_RESET },
101
102         { }     /* Terminating entry */
103 };
104
105 MODULE_DEVICE_TABLE (usb, bluetooth_ids);
106
107 static struct usb_device_id blacklist_ids[] = {
108         /* CSR BlueCore devices */
109         { USB_DEVICE(0x0a12, 0x0001), .driver_info = HCI_CSR },
110
111         /* Broadcom BCM2033 without firmware */
112         { USB_DEVICE(0x0a5c, 0x2033), .driver_info = HCI_IGNORE },
113
114         /* Broadcom BCM2035 */
115         { USB_DEVICE(0x0a5c, 0x200a), .driver_info = HCI_RESET | HCI_WRONG_SCO_MTU },
116         { USB_DEVICE(0x0a5c, 0x2009), .driver_info = HCI_BCM92035 },
117
118         /* IBM/Lenovo ThinkPad with Broadcom chip */
119         { USB_DEVICE(0x0a5c, 0x201e), .driver_info = HCI_WRONG_SCO_MTU },
120
121         /* ANYCOM Bluetooth USB-200 and USB-250 */
122         { USB_DEVICE(0x0a5c, 0x2111), .driver_info = HCI_RESET },
123
124         /* Microsoft Wireless Transceiver for Bluetooth 2.0 */
125         { USB_DEVICE(0x045e, 0x009c), .driver_info = HCI_RESET },
126
127         /* Kensington Bluetooth USB adapter */
128         { USB_DEVICE(0x047d, 0x105d), .driver_info = HCI_RESET },
129
130         /* ISSC Bluetooth Adapter v3.1 */
131         { USB_DEVICE(0x1131, 0x1001), .driver_info = HCI_RESET },
132
133         /* RTX Telecom based adapters with buggy SCO support */
134         { USB_DEVICE(0x0400, 0x0807), .driver_info = HCI_BROKEN_ISOC },
135         { USB_DEVICE(0x0400, 0x080a), .driver_info = HCI_BROKEN_ISOC },
136
137         /* Belkin F8T012 and F8T013 devices */
138         { USB_DEVICE(0x050d, 0x0012), .driver_info = HCI_WRONG_SCO_MTU },
139         { USB_DEVICE(0x050d, 0x0013), .driver_info = HCI_WRONG_SCO_MTU },
140
141         /* Digianswer devices */
142         { USB_DEVICE(0x08fd, 0x0001), .driver_info = HCI_DIGIANSWER },
143         { USB_DEVICE(0x08fd, 0x0002), .driver_info = HCI_IGNORE },
144
145         /* CSR BlueCore Bluetooth Sniffer */
146         { USB_DEVICE(0x0a12, 0x0002), .driver_info = HCI_SNIFFER },
147
148         /* Frontline ComProbe Bluetooth Sniffer */
149         { USB_DEVICE(0x16d3, 0x0002), .driver_info = HCI_SNIFFER },
150
151         { }     /* Terminating entry */
152 };
153
154 static struct _urb *_urb_alloc(int isoc, gfp_t gfp)
155 {
156         struct _urb *_urb = kmalloc(sizeof(struct _urb) +
157                                 sizeof(struct usb_iso_packet_descriptor) * isoc, gfp);
158         if (_urb) {
159                 memset(_urb, 0, sizeof(*_urb));
160                 usb_init_urb(&_urb->urb);
161         }
162         return _urb;
163 }
164
165 static struct _urb *_urb_dequeue(struct _urb_queue *q)
166 {
167         struct _urb *_urb = NULL;
168         unsigned long flags;
169         spin_lock_irqsave(&q->lock, flags);
170         {
171                 struct list_head *head = &q->head;
172                 struct list_head *next = head->next;
173                 if (next != head) {
174                         _urb = list_entry(next, struct _urb, list);
175                         list_del(next); _urb->queue = NULL;
176                 }
177         }
178         spin_unlock_irqrestore(&q->lock, flags);
179         return _urb;
180 }
181
182 static void hci_usb_rx_complete(struct urb *urb);
183 static void hci_usb_tx_complete(struct urb *urb);
184
185 #define __pending_tx(husb, type)  (&husb->pending_tx[type-1])
186 #define __pending_q(husb, type)   (&husb->pending_q[type-1])
187 #define __completed_q(husb, type) (&husb->completed_q[type-1])
188 #define __transmit_q(husb, type)  (&husb->transmit_q[type-1])
189 #define __reassembly(husb, type)  (husb->reassembly[type-1])
190
191 static inline struct _urb *__get_completed(struct hci_usb *husb, int type)
192 {
193         return _urb_dequeue(__completed_q(husb, type)); 
194 }
195
196 #ifdef CONFIG_BT_HCIUSB_SCO
197 static void __fill_isoc_desc(struct urb *urb, int len, int mtu)
198 {
199         int offset = 0, i;
200
201         BT_DBG("len %d mtu %d", len, mtu);
202
203         for (i=0; i < HCI_MAX_ISOC_FRAMES && len >= mtu; i++, offset += mtu, len -= mtu) {
204                 urb->iso_frame_desc[i].offset = offset;
205                 urb->iso_frame_desc[i].length = mtu;
206                 BT_DBG("desc %d offset %d len %d", i, offset, mtu);
207         }
208         if (len && i < HCI_MAX_ISOC_FRAMES) {
209                 urb->iso_frame_desc[i].offset = offset;
210                 urb->iso_frame_desc[i].length = len;
211                 BT_DBG("desc %d offset %d len %d", i, offset, len);
212                 i++;
213         }
214         urb->number_of_packets = i;
215 }
216 #endif
217
218 static int hci_usb_intr_rx_submit(struct hci_usb *husb)
219 {
220         struct _urb *_urb;
221         struct urb *urb;
222         int err, pipe, interval, size;
223         void *buf;
224
225         BT_DBG("%s", husb->hdev->name);
226
227         size = le16_to_cpu(husb->intr_in_ep->desc.wMaxPacketSize);
228
229         buf = kmalloc(size, GFP_ATOMIC);
230         if (!buf)
231                 return -ENOMEM;
232
233         _urb = _urb_alloc(0, GFP_ATOMIC);
234         if (!_urb) {
235                 kfree(buf);
236                 return -ENOMEM;
237         }
238         _urb->type = HCI_EVENT_PKT;
239         _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
240
241         urb = &_urb->urb;
242         pipe     = usb_rcvintpipe(husb->udev, husb->intr_in_ep->desc.bEndpointAddress);
243         interval = husb->intr_in_ep->desc.bInterval;
244         usb_fill_int_urb(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb, interval);
245         
246         err = usb_submit_urb(urb, GFP_ATOMIC);
247         if (err) {
248                 BT_ERR("%s intr rx submit failed urb %p err %d",
249                                 husb->hdev->name, urb, err);
250                 _urb_unlink(_urb);
251                 _urb_free(_urb);
252                 kfree(buf);
253         }
254         return err;
255 }
256
257 static int hci_usb_bulk_rx_submit(struct hci_usb *husb)
258 {
259         struct _urb *_urb;
260         struct urb *urb;
261         int err, pipe, size = HCI_MAX_FRAME_SIZE;
262         void *buf;
263
264         buf = kmalloc(size, GFP_ATOMIC);
265         if (!buf)
266                 return -ENOMEM;
267
268         _urb = _urb_alloc(0, GFP_ATOMIC);
269         if (!_urb) {
270                 kfree(buf);
271                 return -ENOMEM;
272         }
273         _urb->type = HCI_ACLDATA_PKT;
274         _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
275
276         urb  = &_urb->urb;
277         pipe = usb_rcvbulkpipe(husb->udev, husb->bulk_in_ep->desc.bEndpointAddress);
278         usb_fill_bulk_urb(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb);
279         urb->transfer_flags = 0;
280
281         BT_DBG("%s urb %p", husb->hdev->name, urb);
282
283         err = usb_submit_urb(urb, GFP_ATOMIC);
284         if (err) {
285                 BT_ERR("%s bulk rx submit failed urb %p err %d",
286                                 husb->hdev->name, urb, err);
287                 _urb_unlink(_urb);
288                 _urb_free(_urb);
289                 kfree(buf);
290         }
291         return err;
292 }
293
294 #ifdef CONFIG_BT_HCIUSB_SCO
295 static int hci_usb_isoc_rx_submit(struct hci_usb *husb)
296 {
297         struct _urb *_urb;
298         struct urb *urb;
299         int err, mtu, size;
300         void *buf;
301
302         mtu  = le16_to_cpu(husb->isoc_in_ep->desc.wMaxPacketSize);
303         size = mtu * HCI_MAX_ISOC_FRAMES;
304
305         buf = kmalloc(size, GFP_ATOMIC);
306         if (!buf)
307                 return -ENOMEM;
308
309         _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
310         if (!_urb) {
311                 kfree(buf);
312                 return -ENOMEM;
313         }
314         _urb->type = HCI_SCODATA_PKT;
315         _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
316
317         urb = &_urb->urb;
318
319         urb->context  = husb;
320         urb->dev      = husb->udev;
321         urb->pipe     = usb_rcvisocpipe(husb->udev, husb->isoc_in_ep->desc.bEndpointAddress);
322         urb->complete = hci_usb_rx_complete;
323
324         urb->interval = husb->isoc_in_ep->desc.bInterval;
325
326         urb->transfer_buffer_length = size;
327         urb->transfer_buffer = buf;
328         urb->transfer_flags  = URB_ISO_ASAP;
329
330         __fill_isoc_desc(urb, size, mtu);
331
332         BT_DBG("%s urb %p", husb->hdev->name, urb);
333
334         err = usb_submit_urb(urb, GFP_ATOMIC);
335         if (err) {
336                 BT_ERR("%s isoc rx submit failed urb %p err %d",
337                                 husb->hdev->name, urb, err);
338                 _urb_unlink(_urb);
339                 _urb_free(_urb);
340                 kfree(buf);
341         }
342         return err;
343 }
344 #endif
345
346 /* Initialize device */
347 static int hci_usb_open(struct hci_dev *hdev)
348 {
349         struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
350         int i, err;
351         unsigned long flags;
352
353         BT_DBG("%s", hdev->name);
354
355         if (test_and_set_bit(HCI_RUNNING, &hdev->flags))
356                 return 0;
357
358         write_lock_irqsave(&husb->completion_lock, flags);
359
360         err = hci_usb_intr_rx_submit(husb);
361         if (!err) {
362                 for (i = 0; i < HCI_MAX_BULK_RX; i++)
363                         hci_usb_bulk_rx_submit(husb);
364
365 #ifdef CONFIG_BT_HCIUSB_SCO
366                 if (husb->isoc_iface)
367                         for (i = 0; i < HCI_MAX_ISOC_RX; i++)
368                                 hci_usb_isoc_rx_submit(husb);
369 #endif
370         } else {
371                 clear_bit(HCI_RUNNING, &hdev->flags);
372         }
373
374         write_unlock_irqrestore(&husb->completion_lock, flags);
375         return err;
376 }
377
378 /* Reset device */
379 static int hci_usb_flush(struct hci_dev *hdev)
380 {
381         struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
382         int i;
383
384         BT_DBG("%s", hdev->name);
385
386         for (i = 0; i < 4; i++)
387                 skb_queue_purge(&husb->transmit_q[i]);
388         return 0;
389 }
390
391 static void hci_usb_unlink_urbs(struct hci_usb *husb)
392 {
393         int i;
394
395         BT_DBG("%s", husb->hdev->name);
396
397         for (i = 0; i < 4; i++) {
398                 struct _urb *_urb;
399                 struct urb *urb;
400
401                 /* Kill pending requests */
402                 while ((_urb = _urb_dequeue(&husb->pending_q[i]))) {
403                         urb = &_urb->urb;
404                         BT_DBG("%s unlinking _urb %p type %d urb %p", 
405                                         husb->hdev->name, _urb, _urb->type, urb);
406                         usb_kill_urb(urb);
407                         _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
408                 }
409
410                 /* Release completed requests */
411                 while ((_urb = _urb_dequeue(&husb->completed_q[i]))) {
412                         urb = &_urb->urb;
413                         BT_DBG("%s freeing _urb %p type %d urb %p",
414                                         husb->hdev->name, _urb, _urb->type, urb);
415                         kfree(urb->setup_packet);
416                         kfree(urb->transfer_buffer);
417                         _urb_free(_urb);
418                 }
419
420                 /* Release reassembly buffers */
421                 if (husb->reassembly[i]) {
422                         kfree_skb(husb->reassembly[i]);
423                         husb->reassembly[i] = NULL;
424                 }
425         }
426 }
427
428 /* Close device */
429 static int hci_usb_close(struct hci_dev *hdev)
430 {
431         struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
432         unsigned long flags;
433
434         if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
435                 return 0;
436
437         BT_DBG("%s", hdev->name);
438
439         /* Synchronize with completion handlers */
440         write_lock_irqsave(&husb->completion_lock, flags);
441         write_unlock_irqrestore(&husb->completion_lock, flags);
442
443         hci_usb_unlink_urbs(husb);
444         hci_usb_flush(hdev);
445         return 0;
446 }
447
448 static int __tx_submit(struct hci_usb *husb, struct _urb *_urb)
449 {
450         struct urb *urb = &_urb->urb;
451         int err;
452
453         BT_DBG("%s urb %p type %d", husb->hdev->name, urb, _urb->type);
454
455         _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
456         err = usb_submit_urb(urb, GFP_ATOMIC);
457         if (err) {
458                 BT_ERR("%s tx submit failed urb %p type %d err %d",
459                                 husb->hdev->name, urb, _urb->type, err);
460                 _urb_unlink(_urb);
461                 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
462         } else
463                 atomic_inc(__pending_tx(husb, _urb->type));
464
465         return err;
466 }
467
468 static inline int hci_usb_send_ctrl(struct hci_usb *husb, struct sk_buff *skb)
469 {
470         struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
471         struct usb_ctrlrequest *dr;
472         struct urb *urb;
473
474         if (!_urb) {
475                 _urb = _urb_alloc(0, GFP_ATOMIC);
476                 if (!_urb)
477                         return -ENOMEM;
478                 _urb->type = bt_cb(skb)->pkt_type;
479
480                 dr = kmalloc(sizeof(*dr), GFP_ATOMIC);
481                 if (!dr) {
482                         _urb_free(_urb);
483                         return -ENOMEM;
484                 }
485         } else
486                 dr = (void *) _urb->urb.setup_packet;
487
488         dr->bRequestType = husb->ctrl_req;
489         dr->bRequest = 0;
490         dr->wIndex   = 0;
491         dr->wValue   = 0;
492         dr->wLength  = __cpu_to_le16(skb->len);
493
494         urb = &_urb->urb;
495         usb_fill_control_urb(urb, husb->udev, usb_sndctrlpipe(husb->udev, 0),
496                 (void *) dr, skb->data, skb->len, hci_usb_tx_complete, husb);
497
498         BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
499         
500         _urb->priv = skb;
501         return __tx_submit(husb, _urb);
502 }
503
504 static inline int hci_usb_send_bulk(struct hci_usb *husb, struct sk_buff *skb)
505 {
506         struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
507         struct urb *urb;
508         int pipe;
509
510         if (!_urb) {
511                 _urb = _urb_alloc(0, GFP_ATOMIC);
512                 if (!_urb)
513                         return -ENOMEM;
514                 _urb->type = bt_cb(skb)->pkt_type;
515         }
516
517         urb  = &_urb->urb;
518         pipe = usb_sndbulkpipe(husb->udev, husb->bulk_out_ep->desc.bEndpointAddress);
519         usb_fill_bulk_urb(urb, husb->udev, pipe, skb->data, skb->len, 
520                         hci_usb_tx_complete, husb);
521         urb->transfer_flags = URB_ZERO_PACKET;
522
523         BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
524
525         _urb->priv = skb;
526         return __tx_submit(husb, _urb);
527 }
528
529 #ifdef CONFIG_BT_HCIUSB_SCO
530 static inline int hci_usb_send_isoc(struct hci_usb *husb, struct sk_buff *skb)
531 {
532         struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
533         struct urb *urb;
534
535         if (!_urb) {
536                 _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
537                 if (!_urb)
538                         return -ENOMEM;
539                 _urb->type = bt_cb(skb)->pkt_type;
540         }
541
542         BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
543
544         urb = &_urb->urb;
545
546         urb->context  = husb;
547         urb->dev      = husb->udev;
548         urb->pipe     = usb_sndisocpipe(husb->udev, husb->isoc_out_ep->desc.bEndpointAddress);
549         urb->complete = hci_usb_tx_complete;
550         urb->transfer_flags = URB_ISO_ASAP;
551
552         urb->interval = husb->isoc_out_ep->desc.bInterval;
553
554         urb->transfer_buffer = skb->data;
555         urb->transfer_buffer_length = skb->len;
556
557         __fill_isoc_desc(urb, skb->len, le16_to_cpu(husb->isoc_out_ep->desc.wMaxPacketSize));
558
559         _urb->priv = skb;
560         return __tx_submit(husb, _urb);
561 }
562 #endif
563
564 static void hci_usb_tx_process(struct hci_usb *husb)
565 {
566         struct sk_buff_head *q;
567         struct sk_buff *skb;
568
569         BT_DBG("%s", husb->hdev->name);
570
571         do {
572                 clear_bit(HCI_USB_TX_WAKEUP, &husb->state);
573
574                 /* Process command queue */
575                 q = __transmit_q(husb, HCI_COMMAND_PKT);
576                 if (!atomic_read(__pending_tx(husb, HCI_COMMAND_PKT)) &&
577                                 (skb = skb_dequeue(q))) {
578                         if (hci_usb_send_ctrl(husb, skb) < 0)
579                                 skb_queue_head(q, skb);
580                 }
581
582 #ifdef CONFIG_BT_HCIUSB_SCO
583                 /* Process SCO queue */
584                 q = __transmit_q(husb, HCI_SCODATA_PKT);
585                 if (atomic_read(__pending_tx(husb, HCI_SCODATA_PKT)) < HCI_MAX_ISOC_TX &&
586                                 (skb = skb_dequeue(q))) {
587                         if (hci_usb_send_isoc(husb, skb) < 0)
588                                 skb_queue_head(q, skb);
589                 }
590 #endif
591
592                 /* Process ACL queue */
593                 q = __transmit_q(husb, HCI_ACLDATA_PKT);
594                 while (atomic_read(__pending_tx(husb, HCI_ACLDATA_PKT)) < HCI_MAX_BULK_TX &&
595                                 (skb = skb_dequeue(q))) {
596                         if (hci_usb_send_bulk(husb, skb) < 0) {
597                                 skb_queue_head(q, skb);
598                                 break;
599                         }
600                 }
601         } while(test_bit(HCI_USB_TX_WAKEUP, &husb->state));
602 }
603
604 static inline void hci_usb_tx_wakeup(struct hci_usb *husb)
605 {
606         /* Serialize TX queue processing to avoid data reordering */
607         if (!test_and_set_bit(HCI_USB_TX_PROCESS, &husb->state)) {
608                 hci_usb_tx_process(husb);
609                 clear_bit(HCI_USB_TX_PROCESS, &husb->state);
610         } else
611                 set_bit(HCI_USB_TX_WAKEUP, &husb->state);
612 }
613
614 /* Send frames from HCI layer */
615 static int hci_usb_send_frame(struct sk_buff *skb)
616 {
617         struct hci_dev *hdev = (struct hci_dev *) skb->dev;
618         struct hci_usb *husb;
619
620         if (!hdev) {
621                 BT_ERR("frame for uknown device (hdev=NULL)");
622                 return -ENODEV;
623         }
624
625         if (!test_bit(HCI_RUNNING, &hdev->flags))
626                 return -EBUSY;
627
628         BT_DBG("%s type %d len %d", hdev->name, bt_cb(skb)->pkt_type, skb->len);
629
630         husb = (struct hci_usb *) hdev->driver_data;
631
632         switch (bt_cb(skb)->pkt_type) {
633         case HCI_COMMAND_PKT:
634                 hdev->stat.cmd_tx++;
635                 break;
636
637         case HCI_ACLDATA_PKT:
638                 hdev->stat.acl_tx++;
639                 break;
640
641 #ifdef CONFIG_BT_HCIUSB_SCO
642         case HCI_SCODATA_PKT:
643                 hdev->stat.sco_tx++;
644                 break;
645 #endif
646
647         default:
648                 kfree_skb(skb);
649                 return 0;
650         }
651
652         read_lock(&husb->completion_lock);
653
654         skb_queue_tail(__transmit_q(husb, bt_cb(skb)->pkt_type), skb);
655         hci_usb_tx_wakeup(husb);
656
657         read_unlock(&husb->completion_lock);
658         return 0;
659 }
660
661 static inline int __recv_frame(struct hci_usb *husb, int type, void *data, int count)
662 {
663         BT_DBG("%s type %d data %p count %d", husb->hdev->name, type, data, count);
664
665         husb->hdev->stat.byte_rx += count;
666
667         while (count) {
668                 struct sk_buff *skb = __reassembly(husb, type);
669                 struct { int expect; } *scb;
670                 int len = 0;
671         
672                 if (!skb) {
673                         /* Start of the frame */
674
675                         switch (type) {
676                         case HCI_EVENT_PKT:
677                                 if (count >= HCI_EVENT_HDR_SIZE) {
678                                         struct hci_event_hdr *h = data;
679                                         len = HCI_EVENT_HDR_SIZE + h->plen;
680                                 } else
681                                         return -EILSEQ;
682                                 break;
683
684                         case HCI_ACLDATA_PKT:
685                                 if (count >= HCI_ACL_HDR_SIZE) {
686                                         struct hci_acl_hdr *h = data;
687                                         len = HCI_ACL_HDR_SIZE + __le16_to_cpu(h->dlen);
688                                 } else
689                                         return -EILSEQ;
690                                 break;
691 #ifdef CONFIG_BT_HCIUSB_SCO
692                         case HCI_SCODATA_PKT:
693                                 if (count >= HCI_SCO_HDR_SIZE) {
694                                         struct hci_sco_hdr *h = data;
695                                         len = HCI_SCO_HDR_SIZE + h->dlen;
696                                 } else
697                                         return -EILSEQ;
698                                 break;
699 #endif
700                         }
701                         BT_DBG("new packet len %d", len);
702
703                         skb = bt_skb_alloc(len, GFP_ATOMIC);
704                         if (!skb) {
705                                 BT_ERR("%s no memory for the packet", husb->hdev->name);
706                                 return -ENOMEM;
707                         }
708                         skb->dev = (void *) husb->hdev;
709                         bt_cb(skb)->pkt_type = type;
710         
711                         __reassembly(husb, type) = skb;
712
713                         scb = (void *) skb->cb;
714                         scb->expect = len;
715                 } else {
716                         /* Continuation */
717                         scb = (void *) skb->cb;
718                         len = scb->expect;
719                 }
720
721                 len = min(len, count);
722                 
723                 memcpy(skb_put(skb, len), data, len);
724
725                 scb->expect -= len;
726                 if (!scb->expect) {
727                         /* Complete frame */
728                         __reassembly(husb, type) = NULL;
729                         bt_cb(skb)->pkt_type = type;
730                         hci_recv_frame(skb);
731                 }
732
733                 count -= len; data += len;
734         }
735         return 0;
736 }
737
738 static void hci_usb_rx_complete(struct urb *urb)
739 {
740         struct _urb *_urb = container_of(urb, struct _urb, urb);
741         struct hci_usb *husb = (void *) urb->context;
742         struct hci_dev *hdev = husb->hdev;
743         int err, count = urb->actual_length;
744
745         BT_DBG("%s urb %p type %d status %d count %d flags %x", hdev->name, urb,
746                         _urb->type, urb->status, count, urb->transfer_flags);
747
748         read_lock(&husb->completion_lock);
749
750         if (!test_bit(HCI_RUNNING, &hdev->flags))
751                 goto unlock;
752
753         if (urb->status || !count)
754                 goto resubmit;
755
756         if (_urb->type == HCI_SCODATA_PKT) {
757 #ifdef CONFIG_BT_HCIUSB_SCO
758                 int i;
759                 for (i=0; i < urb->number_of_packets; i++) {
760                         BT_DBG("desc %d status %d offset %d len %d", i,
761                                         urb->iso_frame_desc[i].status,
762                                         urb->iso_frame_desc[i].offset,
763                                         urb->iso_frame_desc[i].actual_length);
764         
765                         if (!urb->iso_frame_desc[i].status)
766                                 __recv_frame(husb, _urb->type, 
767                                         urb->transfer_buffer + urb->iso_frame_desc[i].offset,
768                                         urb->iso_frame_desc[i].actual_length);
769                 }
770 #else
771                 ;
772 #endif
773         } else {
774                 err = __recv_frame(husb, _urb->type, urb->transfer_buffer, count);
775                 if (err < 0) { 
776                         BT_ERR("%s corrupted packet: type %d count %d",
777                                         husb->hdev->name, _urb->type, count);
778                         hdev->stat.err_rx++;
779                 }
780         }
781
782 resubmit:
783         urb->dev = husb->udev;
784         err = usb_submit_urb(urb, GFP_ATOMIC);
785         BT_DBG("%s urb %p type %d resubmit status %d", hdev->name, urb,
786                         _urb->type, err);
787
788 unlock:
789         read_unlock(&husb->completion_lock);
790 }
791
792 static void hci_usb_tx_complete(struct urb *urb)
793 {
794         struct _urb *_urb = container_of(urb, struct _urb, urb);
795         struct hci_usb *husb = (void *) urb->context;
796         struct hci_dev *hdev = husb->hdev;
797
798         BT_DBG("%s urb %p status %d flags %x", hdev->name, urb,
799                         urb->status, urb->transfer_flags);
800
801         atomic_dec(__pending_tx(husb, _urb->type));
802
803         urb->transfer_buffer = NULL;
804         kfree_skb((struct sk_buff *) _urb->priv);
805
806         if (!test_bit(HCI_RUNNING, &hdev->flags))
807                 return;
808
809         if (!urb->status)
810                 hdev->stat.byte_tx += urb->transfer_buffer_length;
811         else
812                 hdev->stat.err_tx++;
813
814         read_lock(&husb->completion_lock);
815
816         _urb_unlink(_urb);
817         _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
818
819         hci_usb_tx_wakeup(husb);
820
821         read_unlock(&husb->completion_lock);
822 }
823
824 static void hci_usb_destruct(struct hci_dev *hdev)
825 {
826         struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
827
828         BT_DBG("%s", hdev->name);
829
830         kfree(husb);
831 }
832
833 static void hci_usb_notify(struct hci_dev *hdev, unsigned int evt)
834 {
835         BT_DBG("%s evt %d", hdev->name, evt);
836 }
837
838 static int hci_usb_probe(struct usb_interface *intf, const struct usb_device_id *id)
839 {
840         struct usb_device *udev = interface_to_usbdev(intf);
841         struct usb_host_endpoint *bulk_out_ep = NULL;
842         struct usb_host_endpoint *bulk_in_ep = NULL;
843         struct usb_host_endpoint *intr_in_ep = NULL;
844         struct usb_host_endpoint  *ep;
845         struct usb_host_interface *uif;
846         struct usb_interface *isoc_iface;
847         struct hci_usb *husb;
848         struct hci_dev *hdev;
849         int i, e, size, isoc_ifnum, isoc_alts;
850
851         BT_DBG("udev %p intf %p", udev, intf);
852
853         if (!id->driver_info) {
854                 const struct usb_device_id *match;
855                 match = usb_match_id(intf, blacklist_ids);
856                 if (match)
857                         id = match;
858         }
859
860         if (ignore || id->driver_info & HCI_IGNORE)
861                 return -ENODEV;
862
863         if (ignore_dga && id->driver_info & HCI_DIGIANSWER)
864                 return -ENODEV;
865
866         if (ignore_csr && id->driver_info & HCI_CSR)
867                 return -ENODEV;
868
869         if (ignore_sniffer && id->driver_info & HCI_SNIFFER)
870                 return -ENODEV;
871
872         if (intf->cur_altsetting->desc.bInterfaceNumber > 0)
873                 return -ENODEV;
874
875         /* Find endpoints that we need */
876         uif = intf->cur_altsetting;
877         for (e = 0; e < uif->desc.bNumEndpoints; e++) {
878                 ep = &uif->endpoint[e];
879
880                 switch (ep->desc.bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) {
881                 case USB_ENDPOINT_XFER_INT:
882                         if (ep->desc.bEndpointAddress & USB_DIR_IN)
883                                 intr_in_ep = ep;
884                         break;
885
886                 case USB_ENDPOINT_XFER_BULK:
887                         if (ep->desc.bEndpointAddress & USB_DIR_IN)
888                                 bulk_in_ep  = ep;
889                         else
890                                 bulk_out_ep = ep;
891                         break;
892                 }
893         }
894
895         if (!bulk_in_ep || !bulk_out_ep || !intr_in_ep) {
896                 BT_DBG("Bulk endpoints not found");
897                 goto done;
898         }
899
900         if (!(husb = kzalloc(sizeof(struct hci_usb), GFP_KERNEL))) {
901                 BT_ERR("Can't allocate: control structure");
902                 goto done;
903         }
904
905         husb->udev = udev;
906         husb->bulk_out_ep = bulk_out_ep;
907         husb->bulk_in_ep  = bulk_in_ep;
908         husb->intr_in_ep  = intr_in_ep;
909
910         if (id->driver_info & HCI_DIGIANSWER)
911                 husb->ctrl_req = USB_TYPE_VENDOR;
912         else
913                 husb->ctrl_req = USB_TYPE_CLASS;
914
915         /* Find isochronous endpoints that we can use */
916         size = 0; 
917         isoc_iface = NULL;
918         isoc_alts  = 0;
919         isoc_ifnum = 1;
920
921 #ifdef CONFIG_BT_HCIUSB_SCO
922         if (isoc && !(id->driver_info & (HCI_BROKEN_ISOC | HCI_SNIFFER)))
923                 isoc_iface = usb_ifnum_to_if(udev, isoc_ifnum);
924
925         if (isoc_iface) {
926                 int a;
927                 struct usb_host_endpoint *isoc_out_ep = NULL;
928                 struct usb_host_endpoint *isoc_in_ep = NULL;
929
930                 for (a = 0; a < isoc_iface->num_altsetting; a++) {
931                         uif = &isoc_iface->altsetting[a];
932                         for (e = 0; e < uif->desc.bNumEndpoints; e++) {
933                                 ep = &uif->endpoint[e];
934
935                                 switch (ep->desc.bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) {
936                                 case USB_ENDPOINT_XFER_ISOC:
937                                         if (le16_to_cpu(ep->desc.wMaxPacketSize) < size ||
938                                                         uif->desc.bAlternateSetting != isoc)
939                                                 break;
940                                         size = le16_to_cpu(ep->desc.wMaxPacketSize);
941
942                                         isoc_alts = uif->desc.bAlternateSetting;
943
944                                         if (ep->desc.bEndpointAddress & USB_DIR_IN)
945                                                 isoc_in_ep  = ep;
946                                         else
947                                                 isoc_out_ep = ep;
948                                         break;
949                                 }
950                         }
951                 }
952
953                 if (!isoc_in_ep || !isoc_out_ep)
954                         BT_DBG("Isoc endpoints not found");
955                 else {
956                         BT_DBG("isoc ifnum %d alts %d", isoc_ifnum, isoc_alts);
957                         if (usb_driver_claim_interface(&hci_usb_driver, isoc_iface, husb) != 0)
958                                 BT_ERR("Can't claim isoc interface");
959                         else if (usb_set_interface(udev, isoc_ifnum, isoc_alts)) {
960                                 BT_ERR("Can't set isoc interface settings");
961                                 husb->isoc_iface = isoc_iface;
962                                 usb_driver_release_interface(&hci_usb_driver, isoc_iface);
963                                 husb->isoc_iface = NULL;
964                         } else {
965                                 husb->isoc_iface  = isoc_iface;
966                                 husb->isoc_in_ep  = isoc_in_ep;
967                                 husb->isoc_out_ep = isoc_out_ep;
968                         }
969                 }
970         }
971 #endif
972
973         rwlock_init(&husb->completion_lock);
974
975         for (i = 0; i < 4; i++) {
976                 skb_queue_head_init(&husb->transmit_q[i]);
977                 _urb_queue_init(&husb->pending_q[i]);
978                 _urb_queue_init(&husb->completed_q[i]);
979         }
980
981         /* Initialize and register HCI device */
982         hdev = hci_alloc_dev();
983         if (!hdev) {
984                 BT_ERR("Can't allocate HCI device");
985                 goto probe_error;
986         }
987
988         husb->hdev = hdev;
989
990         hdev->type = HCI_USB;
991         hdev->driver_data = husb;
992         SET_HCIDEV_DEV(hdev, &intf->dev);
993
994         hdev->open     = hci_usb_open;
995         hdev->close    = hci_usb_close;
996         hdev->flush    = hci_usb_flush;
997         hdev->send     = hci_usb_send_frame;
998         hdev->destruct = hci_usb_destruct;
999         hdev->notify   = hci_usb_notify;
1000
1001         hdev->owner = THIS_MODULE;
1002
1003         if (reset || id->driver_info & HCI_RESET)
1004                 set_bit(HCI_QUIRK_RESET_ON_INIT, &hdev->quirks);
1005
1006         if (force_scofix || id->driver_info & HCI_WRONG_SCO_MTU) {
1007                 if (!disable_scofix)
1008                         set_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks);
1009         }
1010
1011         if (id->driver_info & HCI_SNIFFER) {
1012                 if (le16_to_cpu(udev->descriptor.bcdDevice) > 0x997)
1013                         set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
1014         }
1015
1016         if (id->driver_info & HCI_BCM92035) {
1017                 unsigned char cmd[] = { 0x3b, 0xfc, 0x01, 0x00 };
1018                 struct sk_buff *skb;
1019
1020                 skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL);
1021                 if (skb) {
1022                         memcpy(skb_put(skb, sizeof(cmd)), cmd, sizeof(cmd));
1023                         skb_queue_tail(&hdev->driver_init, skb);
1024                 }
1025         }
1026
1027         if (hci_register_dev(hdev) < 0) {
1028                 BT_ERR("Can't register HCI device");
1029                 hci_free_dev(hdev);
1030                 goto probe_error;
1031         }
1032
1033         usb_set_intfdata(intf, husb);
1034         return 0;
1035
1036 probe_error:
1037         if (husb->isoc_iface)
1038                 usb_driver_release_interface(&hci_usb_driver, husb->isoc_iface);
1039         kfree(husb);
1040
1041 done:
1042         return -EIO;
1043 }
1044
1045 static void hci_usb_disconnect(struct usb_interface *intf)
1046 {
1047         struct hci_usb *husb = usb_get_intfdata(intf);
1048         struct hci_dev *hdev;
1049
1050         if (!husb || intf == husb->isoc_iface)
1051                 return;
1052
1053         usb_set_intfdata(intf, NULL);
1054         hdev = husb->hdev;
1055
1056         BT_DBG("%s", hdev->name);
1057
1058         hci_usb_close(hdev);
1059
1060         if (husb->isoc_iface)
1061                 usb_driver_release_interface(&hci_usb_driver, husb->isoc_iface);
1062
1063         if (hci_unregister_dev(hdev) < 0)
1064                 BT_ERR("Can't unregister HCI device %s", hdev->name);
1065
1066         hci_free_dev(hdev);
1067 }
1068
1069 static int hci_usb_suspend(struct usb_interface *intf, pm_message_t message)
1070 {
1071         struct hci_usb *husb = usb_get_intfdata(intf);
1072         struct list_head killed;
1073         unsigned long flags;
1074         int i;
1075
1076         if (!husb || intf == husb->isoc_iface)
1077                 return 0;
1078
1079         hci_suspend_dev(husb->hdev);
1080
1081         INIT_LIST_HEAD(&killed);
1082
1083         for (i = 0; i < 4; i++) {
1084                 struct _urb_queue *q = &husb->pending_q[i];
1085                 struct _urb *_urb, *_tmp;
1086
1087                 while ((_urb = _urb_dequeue(q))) {
1088                         /* reset queue since _urb_dequeue sets it to NULL */
1089                         _urb->queue = q;
1090                         usb_kill_urb(&_urb->urb);
1091                         list_add(&_urb->list, &killed);
1092                 }
1093
1094                 spin_lock_irqsave(&q->lock, flags);
1095
1096                 list_for_each_entry_safe(_urb, _tmp, &killed, list) {
1097                         list_move_tail(&_urb->list, &q->head);
1098                 }
1099
1100                 spin_unlock_irqrestore(&q->lock, flags);
1101         }
1102
1103         return 0;
1104 }
1105
1106 static int hci_usb_resume(struct usb_interface *intf)
1107 {
1108         struct hci_usb *husb = usb_get_intfdata(intf);
1109         unsigned long flags;
1110         int i, err = 0;
1111
1112         if (!husb || intf == husb->isoc_iface)
1113                 return 0;
1114         
1115         for (i = 0; i < 4; i++) {
1116                 struct _urb_queue *q = &husb->pending_q[i];
1117                 struct _urb *_urb;
1118
1119                 spin_lock_irqsave(&q->lock, flags);
1120
1121                 list_for_each_entry(_urb, &q->head, list) {
1122                         err = usb_submit_urb(&_urb->urb, GFP_ATOMIC);
1123                         if (err)
1124                                 break;
1125                 }
1126
1127                 spin_unlock_irqrestore(&q->lock, flags);
1128
1129                 if (err)
1130                         return -EIO;
1131         }
1132
1133         hci_resume_dev(husb->hdev);
1134
1135         return 0;
1136 }
1137
1138 static struct usb_driver hci_usb_driver = {
1139         .name           = "hci_usb",
1140         .probe          = hci_usb_probe,
1141         .disconnect     = hci_usb_disconnect,
1142         .suspend        = hci_usb_suspend,
1143         .resume         = hci_usb_resume,
1144         .id_table       = bluetooth_ids,
1145 };
1146
1147 static int __init hci_usb_init(void)
1148 {
1149         int err;
1150
1151         BT_INFO("HCI USB driver ver %s", VERSION);
1152
1153         if ((err = usb_register(&hci_usb_driver)) < 0)
1154                 BT_ERR("Failed to register HCI USB driver");
1155
1156         return err;
1157 }
1158
1159 static void __exit hci_usb_exit(void)
1160 {
1161         usb_deregister(&hci_usb_driver);
1162 }
1163
1164 module_init(hci_usb_init);
1165 module_exit(hci_usb_exit);
1166
1167 module_param(ignore, bool, 0644);
1168 MODULE_PARM_DESC(ignore, "Ignore devices from the matching table");
1169
1170 module_param(ignore_dga, bool, 0644);
1171 MODULE_PARM_DESC(ignore_dga, "Ignore devices with id 08fd:0001");
1172
1173 module_param(ignore_csr, bool, 0644);
1174 MODULE_PARM_DESC(ignore_csr, "Ignore devices with id 0a12:0001");
1175
1176 module_param(ignore_sniffer, bool, 0644);
1177 MODULE_PARM_DESC(ignore_sniffer, "Ignore devices with id 0a12:0002");
1178
1179 module_param(disable_scofix, bool, 0644);
1180 MODULE_PARM_DESC(disable_scofix, "Disable fixup of wrong SCO buffer size");
1181
1182 module_param(force_scofix, bool, 0644);
1183 MODULE_PARM_DESC(force_scofix, "Force fixup of wrong SCO buffers size");
1184
1185 module_param(reset, bool, 0644);
1186 MODULE_PARM_DESC(reset, "Send HCI reset command on initialization");
1187
1188 #ifdef CONFIG_BT_HCIUSB_SCO
1189 module_param(isoc, int, 0644);
1190 MODULE_PARM_DESC(isoc, "Set isochronous transfers for SCO over HCI support");
1191 #endif
1192
1193 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
1194 MODULE_DESCRIPTION("Bluetooth HCI USB driver ver " VERSION);
1195 MODULE_VERSION(VERSION);
1196 MODULE_LICENSE("GPL");