diff options
Diffstat (limited to 'drivers/bluetooth/hci_h5.c')
-rw-r--r-- | drivers/bluetooth/hci_h5.c | 765 |
1 files changed, 765 insertions, 0 deletions
diff --git a/drivers/bluetooth/hci_h5.c b/drivers/bluetooth/hci_h5.c new file mode 100644 index 000000000..3455cecc9 --- /dev/null +++ b/drivers/bluetooth/hci_h5.c @@ -0,0 +1,765 @@ +/* + * + * Bluetooth HCI Three-wire UART driver + * + * Copyright (C) 2012 Intel Corporation + * + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA + * + */ + +#include <linux/kernel.h> +#include <linux/errno.h> +#include <linux/skbuff.h> + +#include <net/bluetooth/bluetooth.h> +#include <net/bluetooth/hci_core.h> + +#include "hci_uart.h" + +#define HCI_3WIRE_ACK_PKT 0 +#define HCI_3WIRE_LINK_PKT 15 + +/* Sliding window size */ +#define H5_TX_WIN_MAX 4 + +#define H5_ACK_TIMEOUT msecs_to_jiffies(250) +#define H5_SYNC_TIMEOUT msecs_to_jiffies(100) + +/* + * Maximum Three-wire packet: + * 4 byte header + max value for 12-bit length + 2 bytes for CRC + */ +#define H5_MAX_LEN (4 + 0xfff + 2) + +/* Convenience macros for reading Three-wire header values */ +#define H5_HDR_SEQ(hdr) ((hdr)[0] & 0x07) +#define H5_HDR_ACK(hdr) (((hdr)[0] >> 3) & 0x07) +#define H5_HDR_CRC(hdr) (((hdr)[0] >> 6) & 0x01) +#define H5_HDR_RELIABLE(hdr) (((hdr)[0] >> 7) & 0x01) +#define H5_HDR_PKT_TYPE(hdr) ((hdr)[1] & 0x0f) +#define H5_HDR_LEN(hdr) ((((hdr)[1] >> 4) & 0xff) + ((hdr)[2] << 4)) + +#define SLIP_DELIMITER 0xc0 +#define SLIP_ESC 0xdb +#define SLIP_ESC_DELIM 0xdc +#define SLIP_ESC_ESC 0xdd + +/* H5 state flags */ +enum { + H5_RX_ESC, /* SLIP escape mode */ + H5_TX_ACK_REQ, /* Pending ack to send */ +}; + +struct h5 { + struct sk_buff_head unack; /* Unack'ed packets queue */ + struct sk_buff_head rel; /* Reliable packets queue */ + struct sk_buff_head unrel; /* Unreliable packets queue */ + + unsigned long flags; + + struct sk_buff *rx_skb; /* Receive buffer */ + size_t rx_pending; /* Expecting more bytes */ + u8 rx_ack; /* Last ack number received */ + + int (*rx_func) (struct hci_uart *hu, u8 c); + + struct timer_list timer; /* Retransmission timer */ + + u8 tx_seq; /* Next seq number to send */ + u8 tx_ack; /* Next ack number to send */ + u8 tx_win; /* Sliding window size */ + + enum { + H5_UNINITIALIZED, + H5_INITIALIZED, + H5_ACTIVE, + } state; + + enum { + H5_AWAKE, + H5_SLEEPING, + H5_WAKING_UP, + } sleep; +}; + +static void h5_reset_rx(struct h5 *h5); + +static void h5_link_control(struct hci_uart *hu, const void *data, size_t len) +{ + struct h5 *h5 = hu->priv; + struct sk_buff *nskb; + + nskb = alloc_skb(3, GFP_ATOMIC); + if (!nskb) + return; + + bt_cb(nskb)->pkt_type = HCI_3WIRE_LINK_PKT; + + memcpy(skb_put(nskb, len), data, len); + + skb_queue_tail(&h5->unrel, nskb); +} + +static u8 h5_cfg_field(struct h5 *h5) +{ + u8 field = 0; + + /* Sliding window size (first 3 bits) */ + field |= (h5->tx_win & 7); + + return field; +} + +static void h5_timed_event(unsigned long arg) +{ + const unsigned char sync_req[] = { 0x01, 0x7e }; + unsigned char conf_req[] = { 0x03, 0xfc, 0x01 }; + struct hci_uart *hu = (struct hci_uart *) arg; + struct h5 *h5 = hu->priv; + struct sk_buff *skb; + unsigned long flags; + + BT_DBG("%s", hu->hdev->name); + + if (h5->state == H5_UNINITIALIZED) + h5_link_control(hu, sync_req, sizeof(sync_req)); + + if (h5->state == H5_INITIALIZED) { + conf_req[2] = h5_cfg_field(h5); + h5_link_control(hu, conf_req, sizeof(conf_req)); + } + + if (h5->state != H5_ACTIVE) { + mod_timer(&h5->timer, jiffies + H5_SYNC_TIMEOUT); + goto wakeup; + } + + if (h5->sleep != H5_AWAKE) { + h5->sleep = H5_SLEEPING; + goto wakeup; + } + + BT_DBG("hu %p retransmitting %u pkts", hu, h5->unack.qlen); + + spin_lock_irqsave_nested(&h5->unack.lock, flags, SINGLE_DEPTH_NESTING); + + while ((skb = __skb_dequeue_tail(&h5->unack)) != NULL) { + h5->tx_seq = (h5->tx_seq - 1) & 0x07; + skb_queue_head(&h5->rel, skb); + } + + spin_unlock_irqrestore(&h5->unack.lock, flags); + +wakeup: + hci_uart_tx_wakeup(hu); +} + +static void h5_peer_reset(struct hci_uart *hu) +{ + struct h5 *h5 = hu->priv; + + BT_ERR("Peer device has reset"); + + h5->state = H5_UNINITIALIZED; + + del_timer(&h5->timer); + + skb_queue_purge(&h5->rel); + skb_queue_purge(&h5->unrel); + skb_queue_purge(&h5->unack); + + h5->tx_seq = 0; + h5->tx_ack = 0; + + /* Send reset request to upper stack */ + hci_reset_dev(hu->hdev); +} + +static int h5_open(struct hci_uart *hu) +{ + struct h5 *h5; + const unsigned char sync[] = { 0x01, 0x7e }; + + BT_DBG("hu %p", hu); + + h5 = kzalloc(sizeof(*h5), GFP_KERNEL); + if (!h5) + return -ENOMEM; + + hu->priv = h5; + + skb_queue_head_init(&h5->unack); + skb_queue_head_init(&h5->rel); + skb_queue_head_init(&h5->unrel); + + h5_reset_rx(h5); + + init_timer(&h5->timer); + h5->timer.function = h5_timed_event; + h5->timer.data = (unsigned long) hu; + + h5->tx_win = H5_TX_WIN_MAX; + + set_bit(HCI_UART_INIT_PENDING, &hu->hdev_flags); + + /* Send initial sync request */ + h5_link_control(hu, sync, sizeof(sync)); + mod_timer(&h5->timer, jiffies + H5_SYNC_TIMEOUT); + + return 0; +} + +static int h5_close(struct hci_uart *hu) +{ + struct h5 *h5 = hu->priv; + + del_timer_sync(&h5->timer); + + skb_queue_purge(&h5->unack); + skb_queue_purge(&h5->rel); + skb_queue_purge(&h5->unrel); + + kfree(h5); + + return 0; +} + +static void h5_pkt_cull(struct h5 *h5) +{ + struct sk_buff *skb, *tmp; + unsigned long flags; + int i, to_remove; + u8 seq; + + spin_lock_irqsave(&h5->unack.lock, flags); + + to_remove = skb_queue_len(&h5->unack); + if (to_remove == 0) + goto unlock; + + seq = h5->tx_seq; + + while (to_remove > 0) { + if (h5->rx_ack == seq) + break; + + to_remove--; + seq = (seq - 1) & 0x07; + } + + if (seq != h5->rx_ack) + BT_ERR("Controller acked invalid packet"); + + i = 0; + skb_queue_walk_safe(&h5->unack, skb, tmp) { + if (i++ >= to_remove) + break; + + __skb_unlink(skb, &h5->unack); + kfree_skb(skb); + } + + if (skb_queue_empty(&h5->unack)) + del_timer(&h5->timer); + +unlock: + spin_unlock_irqrestore(&h5->unack.lock, flags); +} + +static void h5_handle_internal_rx(struct hci_uart *hu) +{ + struct h5 *h5 = hu->priv; + const unsigned char sync_req[] = { 0x01, 0x7e }; + const unsigned char sync_rsp[] = { 0x02, 0x7d }; + unsigned char conf_req[] = { 0x03, 0xfc, 0x01 }; + const unsigned char conf_rsp[] = { 0x04, 0x7b }; + const unsigned char wakeup_req[] = { 0x05, 0xfa }; + const unsigned char woken_req[] = { 0x06, 0xf9 }; + const unsigned char sleep_req[] = { 0x07, 0x78 }; + const unsigned char *hdr = h5->rx_skb->data; + const unsigned char *data = &h5->rx_skb->data[4]; + + BT_DBG("%s", hu->hdev->name); + + if (H5_HDR_PKT_TYPE(hdr) != HCI_3WIRE_LINK_PKT) + return; + + if (H5_HDR_LEN(hdr) < 2) + return; + + conf_req[2] = h5_cfg_field(h5); + + if (memcmp(data, sync_req, 2) == 0) { + if (h5->state == H5_ACTIVE) + h5_peer_reset(hu); + h5_link_control(hu, sync_rsp, 2); + } else if (memcmp(data, sync_rsp, 2) == 0) { + if (h5->state == H5_ACTIVE) + h5_peer_reset(hu); + h5->state = H5_INITIALIZED; + h5_link_control(hu, conf_req, 3); + } else if (memcmp(data, conf_req, 2) == 0) { + h5_link_control(hu, conf_rsp, 2); + h5_link_control(hu, conf_req, 3); + } else if (memcmp(data, conf_rsp, 2) == 0) { + if (H5_HDR_LEN(hdr) > 2) + h5->tx_win = (data[2] & 7); + BT_DBG("Three-wire init complete. tx_win %u", h5->tx_win); + h5->state = H5_ACTIVE; + hci_uart_init_ready(hu); + return; + } else if (memcmp(data, sleep_req, 2) == 0) { + BT_DBG("Peer went to sleep"); + h5->sleep = H5_SLEEPING; + return; + } else if (memcmp(data, woken_req, 2) == 0) { + BT_DBG("Peer woke up"); + h5->sleep = H5_AWAKE; + } else if (memcmp(data, wakeup_req, 2) == 0) { + BT_DBG("Peer requested wakeup"); + h5_link_control(hu, woken_req, 2); + h5->sleep = H5_AWAKE; + } else { + BT_DBG("Link Control: 0x%02hhx 0x%02hhx", data[0], data[1]); + return; + } + + hci_uart_tx_wakeup(hu); +} + +static void h5_complete_rx_pkt(struct hci_uart *hu) +{ + struct h5 *h5 = hu->priv; + const unsigned char *hdr = h5->rx_skb->data; + + if (H5_HDR_RELIABLE(hdr)) { + h5->tx_ack = (h5->tx_ack + 1) % 8; + set_bit(H5_TX_ACK_REQ, &h5->flags); + hci_uart_tx_wakeup(hu); + } + + h5->rx_ack = H5_HDR_ACK(hdr); + + h5_pkt_cull(h5); + + switch (H5_HDR_PKT_TYPE(hdr)) { + case HCI_EVENT_PKT: + case HCI_ACLDATA_PKT: + case HCI_SCODATA_PKT: + bt_cb(h5->rx_skb)->pkt_type = H5_HDR_PKT_TYPE(hdr); + + /* Remove Three-wire header */ + skb_pull(h5->rx_skb, 4); + + hci_recv_frame(hu->hdev, h5->rx_skb); + h5->rx_skb = NULL; + + break; + + default: + h5_handle_internal_rx(hu); + break; + } + + h5_reset_rx(h5); +} + +static int h5_rx_crc(struct hci_uart *hu, unsigned char c) +{ + h5_complete_rx_pkt(hu); + + return 0; +} + +static int h5_rx_payload(struct hci_uart *hu, unsigned char c) +{ + struct h5 *h5 = hu->priv; + const unsigned char *hdr = h5->rx_skb->data; + + if (H5_HDR_CRC(hdr)) { + h5->rx_func = h5_rx_crc; + h5->rx_pending = 2; + } else { + h5_complete_rx_pkt(hu); + } + + return 0; +} + +static int h5_rx_3wire_hdr(struct hci_uart *hu, unsigned char c) +{ + struct h5 *h5 = hu->priv; + const unsigned char *hdr = h5->rx_skb->data; + + BT_DBG("%s rx: seq %u ack %u crc %u rel %u type %u len %u", + hu->hdev->name, H5_HDR_SEQ(hdr), H5_HDR_ACK(hdr), + H5_HDR_CRC(hdr), H5_HDR_RELIABLE(hdr), H5_HDR_PKT_TYPE(hdr), + H5_HDR_LEN(hdr)); + + if (((hdr[0] + hdr[1] + hdr[2] + hdr[3]) & 0xff) != 0xff) { + BT_ERR("Invalid header checksum"); + h5_reset_rx(h5); + return 0; + } + + if (H5_HDR_RELIABLE(hdr) && H5_HDR_SEQ(hdr) != h5->tx_ack) { + BT_ERR("Out-of-order packet arrived (%u != %u)", + H5_HDR_SEQ(hdr), h5->tx_ack); + h5_reset_rx(h5); + return 0; + } + + if (h5->state != H5_ACTIVE && + H5_HDR_PKT_TYPE(hdr) != HCI_3WIRE_LINK_PKT) { + BT_ERR("Non-link packet received in non-active state"); + h5_reset_rx(h5); + return 0; + } + + h5->rx_func = h5_rx_payload; + h5->rx_pending = H5_HDR_LEN(hdr); + + return 0; +} + +static int h5_rx_pkt_start(struct hci_uart *hu, unsigned char c) +{ + struct h5 *h5 = hu->priv; + + if (c == SLIP_DELIMITER) + return 1; + + h5->rx_func = h5_rx_3wire_hdr; + h5->rx_pending = 4; + + h5->rx_skb = bt_skb_alloc(H5_MAX_LEN, GFP_ATOMIC); + if (!h5->rx_skb) { + BT_ERR("Can't allocate mem for new packet"); + h5_reset_rx(h5); + return -ENOMEM; + } + + h5->rx_skb->dev = (void *) hu->hdev; + + return 0; +} + +static int h5_rx_delimiter(struct hci_uart *hu, unsigned char c) +{ + struct h5 *h5 = hu->priv; + + if (c == SLIP_DELIMITER) + h5->rx_func = h5_rx_pkt_start; + + return 1; +} + +static void h5_unslip_one_byte(struct h5 *h5, unsigned char c) +{ + const u8 delim = SLIP_DELIMITER, esc = SLIP_ESC; + const u8 *byte = &c; + + if (!test_bit(H5_RX_ESC, &h5->flags) && c == SLIP_ESC) { + set_bit(H5_RX_ESC, &h5->flags); + return; + } + + if (test_and_clear_bit(H5_RX_ESC, &h5->flags)) { + switch (c) { + case SLIP_ESC_DELIM: + byte = &delim; + break; + case SLIP_ESC_ESC: + byte = &esc; + break; + default: + BT_ERR("Invalid esc byte 0x%02hhx", c); + h5_reset_rx(h5); + return; + } + } + + memcpy(skb_put(h5->rx_skb, 1), byte, 1); + h5->rx_pending--; + + BT_DBG("unsliped 0x%02hhx, rx_pending %zu", *byte, h5->rx_pending); +} + +static void h5_reset_rx(struct h5 *h5) +{ + if (h5->rx_skb) { + kfree_skb(h5->rx_skb); + h5->rx_skb = NULL; + } + + h5->rx_func = h5_rx_delimiter; + h5->rx_pending = 0; + clear_bit(H5_RX_ESC, &h5->flags); +} + +static int h5_recv(struct hci_uart *hu, const void *data, int count) +{ + struct h5 *h5 = hu->priv; + const unsigned char *ptr = data; + + BT_DBG("%s pending %zu count %d", hu->hdev->name, h5->rx_pending, + count); + + while (count > 0) { + int processed; + + if (h5->rx_pending > 0) { + if (*ptr == SLIP_DELIMITER) { + BT_ERR("Too short H5 packet"); + h5_reset_rx(h5); + continue; + } + + h5_unslip_one_byte(h5, *ptr); + + ptr++; count--; + continue; + } + + processed = h5->rx_func(hu, *ptr); + if (processed < 0) + return processed; + + ptr += processed; + count -= processed; + } + + return 0; +} + +static int h5_enqueue(struct hci_uart *hu, struct sk_buff *skb) +{ + struct h5 *h5 = hu->priv; + + if (skb->len > 0xfff) { + BT_ERR("Packet too long (%u bytes)", skb->len); + kfree_skb(skb); + return 0; + } + + if (h5->state != H5_ACTIVE) { + BT_ERR("Ignoring HCI data in non-active state"); + kfree_skb(skb); + return 0; + } + + switch (bt_cb(skb)->pkt_type) { + case HCI_ACLDATA_PKT: + case HCI_COMMAND_PKT: + skb_queue_tail(&h5->rel, skb); + break; + + case HCI_SCODATA_PKT: + skb_queue_tail(&h5->unrel, skb); + break; + + default: + BT_ERR("Unknown packet type %u", bt_cb(skb)->pkt_type); + kfree_skb(skb); + break; + } + + return 0; +} + +static void h5_slip_delim(struct sk_buff *skb) +{ + const char delim = SLIP_DELIMITER; + + memcpy(skb_put(skb, 1), &delim, 1); +} + +static void h5_slip_one_byte(struct sk_buff *skb, u8 c) +{ + const char esc_delim[2] = { SLIP_ESC, SLIP_ESC_DELIM }; + const char esc_esc[2] = { SLIP_ESC, SLIP_ESC_ESC }; + + switch (c) { + case SLIP_DELIMITER: + memcpy(skb_put(skb, 2), &esc_delim, 2); + break; + case SLIP_ESC: + memcpy(skb_put(skb, 2), &esc_esc, 2); + break; + default: + memcpy(skb_put(skb, 1), &c, 1); + } +} + +static bool valid_packet_type(u8 type) +{ + switch (type) { + case HCI_ACLDATA_PKT: + case HCI_COMMAND_PKT: + case HCI_SCODATA_PKT: + case HCI_3WIRE_LINK_PKT: + case HCI_3WIRE_ACK_PKT: + return true; + default: + return false; + } +} + +static struct sk_buff *h5_prepare_pkt(struct hci_uart *hu, u8 pkt_type, + const u8 *data, size_t len) +{ + struct h5 *h5 = hu->priv; + struct sk_buff *nskb; + u8 hdr[4]; + int i; + + if (!valid_packet_type(pkt_type)) { + BT_ERR("Unknown packet type %u", pkt_type); + return NULL; + } + + /* + * Max len of packet: (original len + 4 (H5 hdr) + 2 (crc)) * 2 + * (because bytes 0xc0 and 0xdb are escaped, worst case is when + * the packet is all made of 0xc0 and 0xdb) + 2 (0xc0 + * delimiters at start and end). + */ + nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC); + if (!nskb) + return NULL; + + bt_cb(nskb)->pkt_type = pkt_type; + + h5_slip_delim(nskb); + + hdr[0] = h5->tx_ack << 3; + clear_bit(H5_TX_ACK_REQ, &h5->flags); + + /* Reliable packet? */ + if (pkt_type == HCI_ACLDATA_PKT || pkt_type == HCI_COMMAND_PKT) { + hdr[0] |= 1 << 7; + hdr[0] |= h5->tx_seq; + h5->tx_seq = (h5->tx_seq + 1) % 8; + } + + hdr[1] = pkt_type | ((len & 0x0f) << 4); + hdr[2] = len >> 4; + hdr[3] = ~((hdr[0] + hdr[1] + hdr[2]) & 0xff); + + BT_DBG("%s tx: seq %u ack %u crc %u rel %u type %u len %u", + hu->hdev->name, H5_HDR_SEQ(hdr), H5_HDR_ACK(hdr), + H5_HDR_CRC(hdr), H5_HDR_RELIABLE(hdr), H5_HDR_PKT_TYPE(hdr), + H5_HDR_LEN(hdr)); + + for (i = 0; i < 4; i++) + h5_slip_one_byte(nskb, hdr[i]); + + for (i = 0; i < len; i++) + h5_slip_one_byte(nskb, data[i]); + + h5_slip_delim(nskb); + + return nskb; +} + +static struct sk_buff *h5_dequeue(struct hci_uart *hu) +{ + struct h5 *h5 = hu->priv; + unsigned long flags; + struct sk_buff *skb, *nskb; + + if (h5->sleep != H5_AWAKE) { + const unsigned char wakeup_req[] = { 0x05, 0xfa }; + + if (h5->sleep == H5_WAKING_UP) + return NULL; + + h5->sleep = H5_WAKING_UP; + BT_DBG("Sending wakeup request"); + + mod_timer(&h5->timer, jiffies + HZ / 100); + return h5_prepare_pkt(hu, HCI_3WIRE_LINK_PKT, wakeup_req, 2); + } + + skb = skb_dequeue(&h5->unrel); + if (skb != NULL) { + nskb = h5_prepare_pkt(hu, bt_cb(skb)->pkt_type, + skb->data, skb->len); + if (nskb) { + kfree_skb(skb); + return nskb; + } + + skb_queue_head(&h5->unrel, skb); + BT_ERR("Could not dequeue pkt because alloc_skb failed"); + } + + spin_lock_irqsave_nested(&h5->unack.lock, flags, SINGLE_DEPTH_NESTING); + + if (h5->unack.qlen >= h5->tx_win) + goto unlock; + + skb = skb_dequeue(&h5->rel); + if (skb != NULL) { + nskb = h5_prepare_pkt(hu, bt_cb(skb)->pkt_type, + skb->data, skb->len); + if (nskb) { + __skb_queue_tail(&h5->unack, skb); + mod_timer(&h5->timer, jiffies + H5_ACK_TIMEOUT); + spin_unlock_irqrestore(&h5->unack.lock, flags); + return nskb; + } + + skb_queue_head(&h5->rel, skb); + BT_ERR("Could not dequeue pkt because alloc_skb failed"); + } + +unlock: + spin_unlock_irqrestore(&h5->unack.lock, flags); + + if (test_bit(H5_TX_ACK_REQ, &h5->flags)) + return h5_prepare_pkt(hu, HCI_3WIRE_ACK_PKT, NULL, 0); + + return NULL; +} + +static int h5_flush(struct hci_uart *hu) +{ + BT_DBG("hu %p", hu); + return 0; +} + +static const struct hci_uart_proto h5p = { + .id = HCI_UART_3WIRE, + .name = "Three-wire (H5)", + .open = h5_open, + .close = h5_close, + .recv = h5_recv, + .enqueue = h5_enqueue, + .dequeue = h5_dequeue, + .flush = h5_flush, +}; + +int __init h5_init(void) +{ + return hci_uart_register_proto(&h5p); +} + +int __exit h5_deinit(void) +{ + return hci_uart_unregister_proto(&h5p); +} |