2 BlueCore Serial Protocol (BCSP) for Linux Bluetooth stack (BlueZ).
3 Copyright 2002 by Fabrizio Gennari <fabrizio.gennari@philips.com>
6 hci_h4.c by Maxim Krasnyansky <maxk@qualcomm.com>
7 ABCSP by Carl Orsborn <cjo@csr.com>
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License version 2 as
11 published by the Free Software Foundation;
13 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
16 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
17 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
18 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
23 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
24 SOFTWARE IS DISCLAIMED.
28 * $Id: hci_bcsp.c,v 1.2 2002/09/26 05:05:14 maxk Exp $
33 #include <linux/config.h>
34 #include <linux/module.h>
36 #include <linux/kernel.h>
37 #include <linux/init.h>
38 #include <linux/sched.h>
39 #include <linux/types.h>
40 #include <linux/fcntl.h>
41 #include <linux/interrupt.h>
42 #include <linux/ptrace.h>
43 #include <linux/poll.h>
45 #include <linux/slab.h>
46 #include <linux/tty.h>
47 #include <linux/errno.h>
48 #include <linux/string.h>
49 #include <linux/signal.h>
50 #include <linux/ioctl.h>
51 #include <linux/skbuff.h>
53 #include <net/bluetooth/bluetooth.h>
54 #include <net/bluetooth/hci_core.h>
58 #ifndef CONFIG_BT_HCIUART_DEBUG
60 #define BT_DBG( A... )
62 #define BT_DMP( A... )
65 static int hciextn = 1;
67 /* ---- BCSP CRC calculation ---- */
69 /* Table for calculating CRC for polynomial 0x1021, LSB processed first,
70 initial value 0xffff, bits shifted in reverse order. */
72 static const u16 crc_table[] = {
73 0x0000, 0x1081, 0x2102, 0x3183,
74 0x4204, 0x5285, 0x6306, 0x7387,
75 0x8408, 0x9489, 0xa50a, 0xb58b,
76 0xc60c, 0xd68d, 0xe70e, 0xf78f
79 /* Initialise the crc calculator */
80 #define BCSP_CRC_INIT(x) x = 0xffff
83 Update crc with next data byte
86 The data byte is treated as two nibbles. The crc is generated
87 in reverse, i.e., bits are fed into the register from the top.
89 static void bcsp_crc_update(u16 *crc, u8 d)
93 reg = (reg >> 4) ^ crc_table[(reg ^ d) & 0x000f];
94 reg = (reg >> 4) ^ crc_table[(reg ^ (d >> 4)) & 0x000f];
100 Get reverse of generated crc
103 The crc generator (bcsp_crc_init() and bcsp_crc_update())
104 creates a reversed crc, so it needs to be swapped back before
107 static u16 bcsp_crc_reverse(u16 crc)
111 for (b = 0, rev = 0; b < 16; b++) {
119 /* ---- BCSP core ---- */
121 static void bcsp_slip_msgdelim(struct sk_buff *skb)
123 const char pkt_delim = 0xc0;
124 memcpy(skb_put(skb, 1), &pkt_delim, 1);
127 static void bcsp_slip_one_byte(struct sk_buff *skb, u8 c)
129 const char esc_c0[2] = { 0xdb, 0xdc };
130 const char esc_db[2] = { 0xdb, 0xdd };
134 memcpy(skb_put(skb, 2), &esc_c0, 2);
137 memcpy(skb_put(skb, 2), &esc_db, 2);
140 memcpy(skb_put(skb, 1), &c, 1);
144 static int bcsp_enqueue(struct hci_uart *hu, struct sk_buff *skb)
146 struct bcsp_struct *bcsp = hu->priv;
148 if (skb->len > 0xFFF) {
149 BT_ERR("Packet too long");
154 switch (skb->pkt_type) {
155 case HCI_ACLDATA_PKT:
156 case HCI_COMMAND_PKT:
157 skb_queue_tail(&bcsp->rel, skb);
160 case HCI_SCODATA_PKT:
161 skb_queue_tail(&bcsp->unrel, skb);
165 BT_ERR("Unknown packet type");
173 static struct sk_buff *bcsp_prepare_pkt(struct bcsp_struct *bcsp, u8 *data,
174 int len, int pkt_type)
176 struct sk_buff *nskb;
180 #ifdef CONFIG_BT_HCIUART_BCSP_TXCRC
181 u16 BCSP_CRC_INIT(bcsp_txmsg_crc);
185 case HCI_ACLDATA_PKT:
186 chan = 6; /* BCSP ACL channel */
187 rel = 1; /* reliable channel */
189 case HCI_COMMAND_PKT:
190 chan = 5; /* BCSP cmd/evt channel */
191 rel = 1; /* reliable channel */
193 case HCI_SCODATA_PKT:
194 chan = 7; /* BCSP SCO channel */
195 rel = 0; /* unreliable channel */
198 chan = 1; /* BCSP LE channel */
199 rel = 0; /* unreliable channel */
202 chan = 0; /* BCSP internal channel */
203 rel = 0; /* unreliable channel */
206 BT_ERR("Unknown packet type");
210 if (hciextn && chan == 5) {
211 struct hci_command_hdr *hdr = (struct hci_command_hdr *) data;
213 if (hci_opcode_ogf(__le16_to_cpu(hdr->opcode)) == OGF_VENDOR_CMD) {
214 u8 desc = *(data + HCI_COMMAND_HDR_SIZE);
215 if ((desc & 0xf0) == 0xc0) {
216 data += HCI_COMMAND_HDR_SIZE + 1;
217 len -= HCI_COMMAND_HDR_SIZE + 1;
223 /* Max len of packet: (original len +4(bcsp hdr) +2(crc))*2
224 (because bytes 0xc0 and 0xdb are escaped, worst case is
225 when the packet is all made of 0xc0 and 0xdb :) )
226 + 2 (0xc0 delimiters at start and end). */
228 nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC);
232 nskb->pkt_type = pkt_type;
234 bcsp_slip_msgdelim(nskb);
236 hdr[0] = bcsp->rxseq_txack << 3;
238 BT_DBG("We request packet no %u to card", bcsp->rxseq_txack);
241 hdr[0] |= 0x80 + bcsp->msgq_txseq;
242 BT_DBG("Sending packet with seqno %u", bcsp->msgq_txseq);
243 bcsp->msgq_txseq = ++(bcsp->msgq_txseq) & 0x07;
245 #ifdef CONFIG_BT_HCIUART_BCSP_TXCRC
249 hdr[1] = ((len << 4) & 0xff) | chan;
251 hdr[3] = ~(hdr[0] + hdr[1] + hdr[2]);
253 /* Put BCSP header */
254 for (i = 0; i < 4; i++) {
255 bcsp_slip_one_byte(nskb, hdr[i]);
256 #ifdef CONFIG_BT_HCIUART_BCSP_TXCRC
257 bcsp_crc_update(&bcsp_txmsg_crc, hdr[i]);
262 for (i = 0; i < len; i++) {
263 bcsp_slip_one_byte(nskb, data[i]);
264 #ifdef CONFIG_BT_HCIUART_BCSP_TXCRC
265 bcsp_crc_update(&bcsp_txmsg_crc, data[i]);
269 #ifdef CONFIG_BT_HCIUART_BCSP_TXCRC
271 bcsp_txmsg_crc = bcsp_crc_reverse(bcsp_txmsg_crc);
272 bcsp_slip_one_byte(nskb, (u8) ((bcsp_txmsg_crc >> 8) & 0x00ff));
273 bcsp_slip_one_byte(nskb, (u8) (bcsp_txmsg_crc & 0x00ff));
276 bcsp_slip_msgdelim(nskb);
280 /* This is a rewrite of pkt_avail in ABCSP */
281 static struct sk_buff *bcsp_dequeue(struct hci_uart *hu)
283 struct bcsp_struct *bcsp = hu->priv;
287 /* First of all, check for unreliable messages in the queue,
288 since they have priority */
290 if ((skb = skb_dequeue(&bcsp->unrel)) != NULL) {
291 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, skb->pkt_type);
296 skb_queue_head(&bcsp->unrel, skb);
297 BT_ERR("Could not dequeue pkt because alloc_skb failed");
301 /* Now, try to send a reliable pkt. We can only send a
302 reliable packet if the number of packets sent but not yet ack'ed
303 is < than the winsize */
305 spin_lock_irqsave(&bcsp->unack.lock, flags);
307 if (bcsp->unack.qlen < BCSP_TXWINSIZE && (skb = skb_dequeue(&bcsp->rel)) != NULL) {
308 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, skb->pkt_type);
310 __skb_queue_tail(&bcsp->unack, skb);
311 mod_timer(&bcsp->tbcsp, jiffies + HZ / 4);
312 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
315 skb_queue_head(&bcsp->rel, skb);
316 BT_ERR("Could not dequeue pkt because alloc_skb failed");
320 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
323 /* We could not send a reliable packet, either because there are
324 none or because there are too many unack'ed pkts. Did we receive
325 any packets we have not acknowledged yet ? */
327 if (bcsp->txack_req) {
328 /* if so, craft an empty ACK pkt and send it on BCSP unreliable
330 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, NULL, 0, BCSP_ACK_PKT);
334 /* We have nothing to send */
338 static int bcsp_flush(struct hci_uart *hu)
344 /* Remove ack'ed packets */
345 static void bcsp_pkt_cull(struct bcsp_struct *bcsp)
349 int i, pkts_to_be_removed;
352 spin_lock_irqsave(&bcsp->unack.lock, flags);
354 pkts_to_be_removed = bcsp->unack.qlen;
355 seqno = bcsp->msgq_txseq;
357 while (pkts_to_be_removed) {
358 if (bcsp->rxack == seqno)
360 pkts_to_be_removed--;
361 seqno = (seqno - 1) & 0x07;
364 if (bcsp->rxack != seqno)
365 BT_ERR("Peer acked invalid packet");
367 BT_DBG("Removing %u pkts out of %u, up to seqno %u",
368 pkts_to_be_removed, bcsp->unack.qlen, (seqno - 1) & 0x07);
370 for (i = 0, skb = ((struct sk_buff *) &bcsp->unack)->next; i < pkts_to_be_removed
371 && skb != (struct sk_buff *) &bcsp->unack; i++) {
372 struct sk_buff *nskb;
375 __skb_unlink(skb, &bcsp->unack);
379 if (bcsp->unack.qlen == 0)
380 del_timer(&bcsp->tbcsp);
381 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
383 if (i != pkts_to_be_removed)
384 BT_ERR("Removed only %u out of %u pkts", i, pkts_to_be_removed);
387 /* Handle BCSP link-establishment packets. When we
388 detect a "sync" packet, symptom that the BT module has reset,
389 we do nothing :) (yet) */
390 static void bcsp_handle_le_pkt(struct hci_uart *hu)
392 struct bcsp_struct *bcsp = hu->priv;
393 u8 conf_pkt[4] = { 0xad, 0xef, 0xac, 0xed };
394 u8 conf_rsp_pkt[4] = { 0xde, 0xad, 0xd0, 0xd0 };
395 u8 sync_pkt[4] = { 0xda, 0xdc, 0xed, 0xed };
397 /* spot "conf" pkts and reply with a "conf rsp" pkt */
398 if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 &&
399 !memcmp(&bcsp->rx_skb->data[4], conf_pkt, 4)) {
400 struct sk_buff *nskb = alloc_skb(4, GFP_ATOMIC);
402 BT_DBG("Found a LE conf pkt");
405 memcpy(skb_put(nskb, 4), conf_rsp_pkt, 4);
406 nskb->pkt_type = BCSP_LE_PKT;
408 skb_queue_head(&bcsp->unrel, nskb);
409 hci_uart_tx_wakeup(hu);
411 /* Spot "sync" pkts. If we find one...disaster! */
412 else if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 &&
413 !memcmp(&bcsp->rx_skb->data[4], sync_pkt, 4)) {
414 BT_ERR("Found a LE sync pkt, card has reset");
418 static inline void bcsp_unslip_one_byte(struct bcsp_struct *bcsp, unsigned char byte)
420 const u8 c0 = 0xc0, db = 0xdb;
422 switch (bcsp->rx_esc_state) {
423 case BCSP_ESCSTATE_NOESC:
426 bcsp->rx_esc_state = BCSP_ESCSTATE_ESC;
429 memcpy(skb_put(bcsp->rx_skb, 1), &byte, 1);
430 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
431 bcsp->rx_state != BCSP_W4_CRC)
432 bcsp_crc_update(&bcsp->message_crc, byte);
437 case BCSP_ESCSTATE_ESC:
440 memcpy(skb_put(bcsp->rx_skb, 1), &c0, 1);
441 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
442 bcsp->rx_state != BCSP_W4_CRC)
443 bcsp_crc_update(&bcsp-> message_crc, 0xc0);
444 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
449 memcpy(skb_put(bcsp->rx_skb, 1), &db, 1);
450 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
451 bcsp->rx_state != BCSP_W4_CRC)
452 bcsp_crc_update(&bcsp-> message_crc, 0xdb);
453 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
458 BT_ERR ("Invalid byte %02x after esc byte", byte);
459 kfree_skb(bcsp->rx_skb);
461 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
467 static inline void bcsp_complete_rx_pkt(struct hci_uart *hu)
469 struct bcsp_struct *bcsp = hu->priv;
472 if (bcsp->rx_skb->data[0] & 0x80) { /* reliable pkt */
473 BT_DBG("Received seqno %u from card", bcsp->rxseq_txack);
475 bcsp->rxseq_txack %= 0x8;
478 /* If needed, transmit an ack pkt */
479 hci_uart_tx_wakeup(hu);
482 bcsp->rxack = (bcsp->rx_skb->data[0] >> 3) & 0x07;
483 BT_DBG("Request for pkt %u from card", bcsp->rxack);
486 if ((bcsp->rx_skb->data[1] & 0x0f) == 6 &&
487 bcsp->rx_skb->data[0] & 0x80) {
488 bcsp->rx_skb->pkt_type = HCI_ACLDATA_PKT;
490 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 5 &&
491 bcsp->rx_skb->data[0] & 0x80) {
492 bcsp->rx_skb->pkt_type = HCI_EVENT_PKT;
494 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 7) {
495 bcsp->rx_skb->pkt_type = HCI_SCODATA_PKT;
497 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 1 &&
498 !(bcsp->rx_skb->data[0] & 0x80)) {
499 bcsp_handle_le_pkt(hu);
505 struct hci_event_hdr hdr;
506 u8 desc = (bcsp->rx_skb->data[1] & 0x0f);
508 if (desc != 0 && desc != 1) {
511 skb_pull(bcsp->rx_skb, 4);
512 memcpy(skb_push(bcsp->rx_skb, 1), &desc, 1);
515 hdr.plen = bcsp->rx_skb->len;
516 memcpy(skb_push(bcsp->rx_skb, HCI_EVENT_HDR_SIZE), &hdr, HCI_EVENT_HDR_SIZE);
517 bcsp->rx_skb->pkt_type = HCI_EVENT_PKT;
519 hci_recv_frame(bcsp->rx_skb);
521 BT_ERR ("Packet for unknown channel (%u %s)",
522 bcsp->rx_skb->data[1] & 0x0f,
523 bcsp->rx_skb->data[0] & 0x80 ?
524 "reliable" : "unreliable");
525 kfree_skb(bcsp->rx_skb);
528 kfree_skb(bcsp->rx_skb);
530 /* Pull out BCSP hdr */
531 skb_pull(bcsp->rx_skb, 4);
533 hci_recv_frame(bcsp->rx_skb);
535 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
540 static int bcsp_recv(struct hci_uart *hu, void *data, int count)
542 struct bcsp_struct *bcsp = hu->priv;
543 register unsigned char *ptr;
545 BT_DBG("hu %p count %d rx_state %d rx_count %ld",
546 hu, count, bcsp->rx_state, bcsp->rx_count);
550 if (bcsp->rx_count) {
552 BT_ERR("Short BCSP packet");
553 kfree_skb(bcsp->rx_skb);
554 bcsp->rx_state = BCSP_W4_PKT_START;
557 bcsp_unslip_one_byte(bcsp, *ptr);
563 switch (bcsp->rx_state) {
564 case BCSP_W4_BCSP_HDR:
565 if ((0xff & (u8) ~ (bcsp->rx_skb->data[0] + bcsp->rx_skb->data[1] +
566 bcsp->rx_skb->data[2])) != bcsp->rx_skb->data[3]) {
567 BT_ERR("Error in BCSP hdr checksum");
568 kfree_skb(bcsp->rx_skb);
569 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
573 if (bcsp->rx_skb->data[0] & 0x80 /* reliable pkt */
574 && (bcsp->rx_skb->data[0] & 0x07) != bcsp->rxseq_txack) {
575 BT_ERR ("Out-of-order packet arrived, got %u expected %u",
576 bcsp->rx_skb->data[0] & 0x07, bcsp->rxseq_txack);
578 kfree_skb(bcsp->rx_skb);
579 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
583 bcsp->rx_state = BCSP_W4_DATA;
584 bcsp->rx_count = (bcsp->rx_skb->data[1] >> 4) +
585 (bcsp->rx_skb->data[2] << 4); /* May be 0 */
589 if (bcsp->rx_skb->data[0] & 0x40) { /* pkt with crc */
590 bcsp->rx_state = BCSP_W4_CRC;
593 bcsp_complete_rx_pkt(hu);
597 if (bcsp_crc_reverse(bcsp->message_crc) !=
598 (bcsp->rx_skb->data[bcsp->rx_skb->len - 2] << 8) +
599 bcsp->rx_skb->data[bcsp->rx_skb->len - 1]) {
601 BT_ERR ("Checksum failed: computed %04x received %04x",
602 bcsp_crc_reverse(bcsp->message_crc),
603 (bcsp->rx_skb-> data[bcsp->rx_skb->len - 2] << 8) +
604 bcsp->rx_skb->data[bcsp->rx_skb->len - 1]);
606 kfree_skb(bcsp->rx_skb);
607 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
611 skb_trim(bcsp->rx_skb, bcsp->rx_skb->len - 2);
612 bcsp_complete_rx_pkt(hu);
615 case BCSP_W4_PKT_DELIMITER:
618 bcsp->rx_state = BCSP_W4_PKT_START;
621 /*BT_ERR("Ignoring byte %02x", *ptr);*/
627 case BCSP_W4_PKT_START:
634 bcsp->rx_state = BCSP_W4_BCSP_HDR;
636 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
637 BCSP_CRC_INIT(bcsp->message_crc);
639 /* Do not increment ptr or decrement count
640 * Allocate packet. Max len of a BCSP pkt=
641 * 0xFFF (payload) +4 (header) +2 (crc) */
643 bcsp->rx_skb = bt_skb_alloc(0x1005, GFP_ATOMIC);
645 BT_ERR("Can't allocate mem for new packet");
646 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
650 bcsp->rx_skb->dev = (void *) hu->hdev;
659 /* Arrange to retransmit all messages in the relq. */
660 static void bcsp_timed_event(unsigned long arg)
662 struct hci_uart *hu = (struct hci_uart *) arg;
663 struct bcsp_struct *bcsp = hu->priv;
667 BT_DBG("hu %p retransmitting %u pkts", hu, bcsp->unack.qlen);
669 spin_lock_irqsave(&bcsp->unack.lock, flags);
671 while ((skb = __skb_dequeue_tail(&bcsp->unack)) != NULL) {
672 bcsp->msgq_txseq = (bcsp->msgq_txseq - 1) & 0x07;
673 skb_queue_head(&bcsp->rel, skb);
676 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
678 hci_uart_tx_wakeup(hu);
681 static int bcsp_open(struct hci_uart *hu)
683 struct bcsp_struct *bcsp;
687 bcsp = kmalloc(sizeof(*bcsp), GFP_ATOMIC);
690 memset(bcsp, 0, sizeof(*bcsp));
693 skb_queue_head_init(&bcsp->unack);
694 skb_queue_head_init(&bcsp->rel);
695 skb_queue_head_init(&bcsp->unrel);
697 init_timer(&bcsp->tbcsp);
698 bcsp->tbcsp.function = bcsp_timed_event;
699 bcsp->tbcsp.data = (u_long) hu;
701 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
706 static int bcsp_close(struct hci_uart *hu)
708 struct bcsp_struct *bcsp = hu->priv;
713 skb_queue_purge(&bcsp->unack);
714 skb_queue_purge(&bcsp->rel);
715 skb_queue_purge(&bcsp->unrel);
716 del_timer(&bcsp->tbcsp);
722 static struct hci_uart_proto bcsp = {
726 .enqueue = bcsp_enqueue,
727 .dequeue = bcsp_dequeue,
734 int err = hci_uart_register_proto(&bcsp);
736 BT_INFO("HCI BCSP protocol initialized");
738 BT_ERR("HCI BCSP protocol registration failed");
743 int bcsp_deinit(void)
745 return hci_uart_unregister_proto(&bcsp);
748 module_param(hciextn, bool, 0644);
749 MODULE_PARM_DESC(hciextn, "Convert HCI Extensions into BCSP packets");
projects / linux-2.6 / blob