search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
[PATCH] mm: fix mm_struct reference counting bugs in mm/oom_kill.c
[linux-2.6/kvm.git] / drivers / bluetooth / hci_usb.c
blob92382e8232855188a1f588a739c5c98a03b055ef
1 /*
2 HCI USB driver for Linux Bluetooth protocol stack (BlueZ)
3 Copyright (C) 2000-2001 Qualcomm Incorporated
4 Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
5
6 Copyright (C) 2003 Maxim Krasnyansky <maxk@qualcomm.com>
7
8 This program is free software; you can redistribute it and/or modify
9 it under the terms of the GNU General Public License version 2 as
10 published by the Free Software Foundation;
11
12 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
13 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
14 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
15 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
16 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
17 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
18 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
19 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
20
21 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
22 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
23 SOFTWARE IS DISCLAIMED.
24 */
25
26 /*
27 * Bluetooth HCI USB driver.
28 * Based on original USB Bluetooth driver for Linux kernel
29 * Copyright (c) 2000 Greg Kroah-Hartman <greg@kroah.com>
30 * Copyright (c) 2000 Mark Douglas Corner <mcorner@umich.edu>
31 *
32 */
33
34 #include <linux/config.h>
35 #include <linux/module.h>
36
37 #include <linux/kernel.h>
38 #include <linux/init.h>
39 #include <linux/sched.h>
40 #include <linux/unistd.h>
41 #include <linux/types.h>
42 #include <linux/interrupt.h>
43 #include <linux/moduleparam.h>
44
45 #include <linux/slab.h>
46 #include <linux/errno.h>
47 #include <linux/string.h>
48 #include <linux/skbuff.h>
49
50 #include <linux/usb.h>
51
52 #include <net/bluetooth/bluetooth.h>
53 #include <net/bluetooth/hci_core.h>
54
55 #include "hci_usb.h"
56
57 #ifndef CONFIG_BT_HCIUSB_DEBUG
58 #undef BT_DBG
59 #define BT_DBG(D...)
60 #endif
61
62 #ifndef CONFIG_BT_HCIUSB_ZERO_PACKET
63 #undef URB_ZERO_PACKET
64 #define URB_ZERO_PACKET 0
65 #endif
66
67 static int ignore = 0;
68 static int ignore_dga = 0;
69 static int ignore_csr = 0;
70 static int ignore_sniffer = 0;
71 static int reset = 0;
72
73 #ifdef CONFIG_BT_HCIUSB_SCO
74 static int isoc = 2;
75 #endif
76
77 #define VERSION "2.9"
78
79 static struct usb_driver hci_usb_driver;
80
81 static struct usb_device_id bluetooth_ids[] = {
82 /* Generic Bluetooth USB device */
83 { USB_DEVICE_INFO(HCI_DEV_CLASS, HCI_DEV_SUBCLASS, HCI_DEV_PROTOCOL) },
84
85 /* AVM BlueFRITZ! USB v2.0 */
86 { USB_DEVICE(0x057c, 0x3800) },
87
88 /* Bluetooth Ultraport Module from IBM */
89 { USB_DEVICE(0x04bf, 0x030a) },
90
91 /* ALPS Modules with non-standard id */
92 { USB_DEVICE(0x044e, 0x3001) },
93 { USB_DEVICE(0x044e, 0x3002) },
94
95 /* Ericsson with non-standard id */
96 { USB_DEVICE(0x0bdb, 0x1002) },
97
98 { } /* Terminating entry */
99 };
100
101 MODULE_DEVICE_TABLE (usb, bluetooth_ids);
102
103 static struct usb_device_id blacklist_ids[] = {
104 /* CSR BlueCore devices */
105 { USB_DEVICE(0x0a12, 0x0001), .driver_info = HCI_CSR },
106
107 /* Broadcom BCM2033 without firmware */
108 { USB_DEVICE(0x0a5c, 0x2033), .driver_info = HCI_IGNORE },
109
110 /* Broadcom BCM2035 */
111 { USB_DEVICE(0x0a5c, 0x200a), .driver_info = HCI_RESET | HCI_BROKEN_ISOC },
112 { USB_DEVICE(0x0a5c, 0x2009), .driver_info = HCI_BCM92035 },
113
114 /* Microsoft Wireless Transceiver for Bluetooth 2.0 */
115 { USB_DEVICE(0x045e, 0x009c), .driver_info = HCI_RESET },
116
117 /* Kensington Bluetooth USB adapter */
118 { USB_DEVICE(0x047d, 0x105d), .driver_info = HCI_RESET },
119
120 /* ISSC Bluetooth Adapter v3.1 */
121 { USB_DEVICE(0x1131, 0x1001), .driver_info = HCI_RESET },
122
123 /* RTX Telecom based adapter with buggy SCO support */
124 { USB_DEVICE(0x0400, 0x0807), .driver_info = HCI_BROKEN_ISOC },
125
126 /* Digianswer devices */
127 { USB_DEVICE(0x08fd, 0x0001), .driver_info = HCI_DIGIANSWER },
128 { USB_DEVICE(0x08fd, 0x0002), .driver_info = HCI_IGNORE },
129
130 /* CSR BlueCore Bluetooth Sniffer */
131 { USB_DEVICE(0x0a12, 0x0002), .driver_info = HCI_SNIFFER },
132
133 { } /* Terminating entry */
134 };
135
136 static struct _urb *_urb_alloc(int isoc, gfp_t gfp)
137 {
138 struct _urb *_urb = kmalloc(sizeof(struct _urb) +
139 sizeof(struct usb_iso_packet_descriptor) * isoc, gfp);
140 if (_urb) {
141 memset(_urb, 0, sizeof(*_urb));
142 usb_init_urb(&_urb->urb);
143 }
144 return _urb;
145 }
146
147 static struct _urb *_urb_dequeue(struct _urb_queue *q)
148 {
149 struct _urb *_urb = NULL;
150 unsigned long flags;
151 spin_lock_irqsave(&q->lock, flags);
152 {
153 struct list_head *head = &q->head;
154 struct list_head *next = head->next;
155 if (next != head) {
156 _urb = list_entry(next, struct _urb, list);
157 list_del(next); _urb->queue = NULL;
158 }
159 }
160 spin_unlock_irqrestore(&q->lock, flags);
161 return _urb;
162 }
163
164 static void hci_usb_rx_complete(struct urb *urb, struct pt_regs *regs);
165 static void hci_usb_tx_complete(struct urb *urb, struct pt_regs *regs);
166
167 #define __pending_tx(husb, type) (&husb->pending_tx[type-1])
168 #define __pending_q(husb, type) (&husb->pending_q[type-1])
169 #define __completed_q(husb, type) (&husb->completed_q[type-1])
170 #define __transmit_q(husb, type) (&husb->transmit_q[type-1])
171 #define __reassembly(husb, type) (husb->reassembly[type-1])
172
173 static inline struct _urb *__get_completed(struct hci_usb *husb, int type)
174 {
175 return _urb_dequeue(__completed_q(husb, type));
176 }
177
178 #ifdef CONFIG_BT_HCIUSB_SCO
179 static void __fill_isoc_desc(struct urb *urb, int len, int mtu)
180 {
181 int offset = 0, i;
182
183 BT_DBG("len %d mtu %d", len, mtu);
184
185 for (i=0; i < HCI_MAX_ISOC_FRAMES && len >= mtu; i++, offset += mtu, len -= mtu) {
186 urb->iso_frame_desc[i].offset = offset;
187 urb->iso_frame_desc[i].length = mtu;
188 BT_DBG("desc %d offset %d len %d", i, offset, mtu);
189 }
190 if (len && i < HCI_MAX_ISOC_FRAMES) {
191 urb->iso_frame_desc[i].offset = offset;
192 urb->iso_frame_desc[i].length = len;
193 BT_DBG("desc %d offset %d len %d", i, offset, len);
194 i++;
195 }
196 urb->number_of_packets = i;
197 }
198 #endif
199
200 static int hci_usb_intr_rx_submit(struct hci_usb *husb)
201 {
202 struct _urb *_urb;
203 struct urb *urb;
204 int err, pipe, interval, size;
205 void *buf;
206
207 BT_DBG("%s", husb->hdev->name);
208
209 size = le16_to_cpu(husb->intr_in_ep->desc.wMaxPacketSize);
210
211 buf = kmalloc(size, GFP_ATOMIC);
212 if (!buf)
213 return -ENOMEM;
214
215 _urb = _urb_alloc(0, GFP_ATOMIC);
216 if (!_urb) {
217 kfree(buf);
218 return -ENOMEM;
219 }
220 _urb->type = HCI_EVENT_PKT;
221 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
222
223 urb = &_urb->urb;
224 pipe = usb_rcvintpipe(husb->udev, husb->intr_in_ep->desc.bEndpointAddress);
225 interval = husb->intr_in_ep->desc.bInterval;
226 usb_fill_int_urb(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb, interval);
227
228 err = usb_submit_urb(urb, GFP_ATOMIC);
229 if (err) {
230 BT_ERR("%s intr rx submit failed urb %p err %d",
231 husb->hdev->name, urb, err);
232 _urb_unlink(_urb);
233 _urb_free(_urb);
234 kfree(buf);
235 }
236 return err;
237 }
238
239 static int hci_usb_bulk_rx_submit(struct hci_usb *husb)
240 {
241 struct _urb *_urb;
242 struct urb *urb;
243 int err, pipe, size = HCI_MAX_FRAME_SIZE;
244 void *buf;
245
246 buf = kmalloc(size, GFP_ATOMIC);
247 if (!buf)
248 return -ENOMEM;
249
250 _urb = _urb_alloc(0, GFP_ATOMIC);
251 if (!_urb) {
252 kfree(buf);
253 return -ENOMEM;
254 }
255 _urb->type = HCI_ACLDATA_PKT;
256 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
257
258 urb = &_urb->urb;
259 pipe = usb_rcvbulkpipe(husb->udev, husb->bulk_in_ep->desc.bEndpointAddress);
260 usb_fill_bulk_urb(urb, husb->udev, pipe, buf, size, hci_usb_rx_complete, husb);
261 urb->transfer_flags = 0;
262
263 BT_DBG("%s urb %p", husb->hdev->name, urb);
264
265 err = usb_submit_urb(urb, GFP_ATOMIC);
266 if (err) {
267 BT_ERR("%s bulk rx submit failed urb %p err %d",
268 husb->hdev->name, urb, err);
269 _urb_unlink(_urb);
270 _urb_free(_urb);
271 kfree(buf);
272 }
273 return err;
274 }
275
276 #ifdef CONFIG_BT_HCIUSB_SCO
277 static int hci_usb_isoc_rx_submit(struct hci_usb *husb)
278 {
279 struct _urb *_urb;
280 struct urb *urb;
281 int err, mtu, size;
282 void *buf;
283
284 mtu = le16_to_cpu(husb->isoc_in_ep->desc.wMaxPacketSize);
285 size = mtu * HCI_MAX_ISOC_FRAMES;
286
287 buf = kmalloc(size, GFP_ATOMIC);
288 if (!buf)
289 return -ENOMEM;
290
291 _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
292 if (!_urb) {
293 kfree(buf);
294 return -ENOMEM;
295 }
296 _urb->type = HCI_SCODATA_PKT;
297 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
298
299 urb = &_urb->urb;
300
301 urb->context = husb;
302 urb->dev = husb->udev;
303 urb->pipe = usb_rcvisocpipe(husb->udev, husb->isoc_in_ep->desc.bEndpointAddress);
304 urb->complete = hci_usb_rx_complete;
305
306 urb->interval = husb->isoc_in_ep->desc.bInterval;
307
308 urb->transfer_buffer_length = size;
309 urb->transfer_buffer = buf;
310 urb->transfer_flags = URB_ISO_ASAP;
311
312 __fill_isoc_desc(urb, size, mtu);
313
314 BT_DBG("%s urb %p", husb->hdev->name, urb);
315
316 err = usb_submit_urb(urb, GFP_ATOMIC);
317 if (err) {
318 BT_ERR("%s isoc rx submit failed urb %p err %d",
319 husb->hdev->name, urb, err);
320 _urb_unlink(_urb);
321 _urb_free(_urb);
322 kfree(buf);
323 }
324 return err;
325 }
326 #endif
327
328 /* Initialize device */
329 static int hci_usb_open(struct hci_dev *hdev)
330 {
331 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
332 int i, err;
333 unsigned long flags;
334
335 BT_DBG("%s", hdev->name);
336
337 if (test_and_set_bit(HCI_RUNNING, &hdev->flags))
338 return 0;
339
340 write_lock_irqsave(&husb->completion_lock, flags);
341
342 err = hci_usb_intr_rx_submit(husb);
343 if (!err) {
344 for (i = 0; i < HCI_MAX_BULK_RX; i++)
345 hci_usb_bulk_rx_submit(husb);
346
347 #ifdef CONFIG_BT_HCIUSB_SCO
348 if (husb->isoc_iface)
349 for (i = 0; i < HCI_MAX_ISOC_RX; i++)
350 hci_usb_isoc_rx_submit(husb);
351 #endif
352 } else {
353 clear_bit(HCI_RUNNING, &hdev->flags);
354 }
355
356 write_unlock_irqrestore(&husb->completion_lock, flags);
357 return err;
358 }
359
360 /* Reset device */
361 static int hci_usb_flush(struct hci_dev *hdev)
362 {
363 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
364 int i;
365
366 BT_DBG("%s", hdev->name);
367
368 for (i = 0; i < 4; i++)
369 skb_queue_purge(&husb->transmit_q[i]);
370 return 0;
371 }
372
373 static void hci_usb_unlink_urbs(struct hci_usb *husb)
374 {
375 int i;
376
377 BT_DBG("%s", husb->hdev->name);
378
379 for (i = 0; i < 4; i++) {
380 struct _urb *_urb;
381 struct urb *urb;
382
383 /* Kill pending requests */
384 while ((_urb = _urb_dequeue(&husb->pending_q[i]))) {
385 urb = &_urb->urb;
386 BT_DBG("%s unlinking _urb %p type %d urb %p",
387 husb->hdev->name, _urb, _urb->type, urb);
388 usb_kill_urb(urb);
389 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
390 }
391
392 /* Release completed requests */
393 while ((_urb = _urb_dequeue(&husb->completed_q[i]))) {
394 urb = &_urb->urb;
395 BT_DBG("%s freeing _urb %p type %d urb %p",
396 husb->hdev->name, _urb, _urb->type, urb);
397 kfree(urb->setup_packet);
398 kfree(urb->transfer_buffer);
399 _urb_free(_urb);
400 }
401
402 /* Release reassembly buffers */
403 if (husb->reassembly[i]) {
404 kfree_skb(husb->reassembly[i]);
405 husb->reassembly[i] = NULL;
406 }
407 }
408 }
409
410 /* Close device */
411 static int hci_usb_close(struct hci_dev *hdev)
412 {
413 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
414 unsigned long flags;
415
416 if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags))
417 return 0;
418
419 BT_DBG("%s", hdev->name);
420
421 /* Synchronize with completion handlers */
422 write_lock_irqsave(&husb->completion_lock, flags);
423 write_unlock_irqrestore(&husb->completion_lock, flags);
424
425 hci_usb_unlink_urbs(husb);
426 hci_usb_flush(hdev);
427 return 0;
428 }
429
430 static int __tx_submit(struct hci_usb *husb, struct _urb *_urb)
431 {
432 struct urb *urb = &_urb->urb;
433 int err;
434
435 BT_DBG("%s urb %p type %d", husb->hdev->name, urb, _urb->type);
436
437 _urb_queue_tail(__pending_q(husb, _urb->type), _urb);
438 err = usb_submit_urb(urb, GFP_ATOMIC);
439 if (err) {
440 BT_ERR("%s tx submit failed urb %p type %d err %d",
441 husb->hdev->name, urb, _urb->type, err);
442 _urb_unlink(_urb);
443 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
444 } else
445 atomic_inc(__pending_tx(husb, _urb->type));
446
447 return err;
448 }
449
450 static inline int hci_usb_send_ctrl(struct hci_usb *husb, struct sk_buff *skb)
451 {
452 struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
453 struct usb_ctrlrequest *dr;
454 struct urb *urb;
455
456 if (!_urb) {
457 _urb = _urb_alloc(0, GFP_ATOMIC);
458 if (!_urb)
459 return -ENOMEM;
460 _urb->type = bt_cb(skb)->pkt_type;
461
462 dr = kmalloc(sizeof(*dr), GFP_ATOMIC);
463 if (!dr) {
464 _urb_free(_urb);
465 return -ENOMEM;
466 }
467 } else
468 dr = (void *) _urb->urb.setup_packet;
469
470 dr->bRequestType = husb->ctrl_req;
471 dr->bRequest = 0;
472 dr->wIndex = 0;
473 dr->wValue = 0;
474 dr->wLength = __cpu_to_le16(skb->len);
475
476 urb = &_urb->urb;
477 usb_fill_control_urb(urb, husb->udev, usb_sndctrlpipe(husb->udev, 0),
478 (void *) dr, skb->data, skb->len, hci_usb_tx_complete, husb);
479
480 BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
481
482 _urb->priv = skb;
483 return __tx_submit(husb, _urb);
484 }
485
486 static inline int hci_usb_send_bulk(struct hci_usb *husb, struct sk_buff *skb)
487 {
488 struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
489 struct urb *urb;
490 int pipe;
491
492 if (!_urb) {
493 _urb = _urb_alloc(0, GFP_ATOMIC);
494 if (!_urb)
495 return -ENOMEM;
496 _urb->type = bt_cb(skb)->pkt_type;
497 }
498
499 urb = &_urb->urb;
500 pipe = usb_sndbulkpipe(husb->udev, husb->bulk_out_ep->desc.bEndpointAddress);
501 usb_fill_bulk_urb(urb, husb->udev, pipe, skb->data, skb->len,
502 hci_usb_tx_complete, husb);
503 urb->transfer_flags = URB_ZERO_PACKET;
504
505 BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
506
507 _urb->priv = skb;
508 return __tx_submit(husb, _urb);
509 }
510
511 #ifdef CONFIG_BT_HCIUSB_SCO
512 static inline int hci_usb_send_isoc(struct hci_usb *husb, struct sk_buff *skb)
513 {
514 struct _urb *_urb = __get_completed(husb, bt_cb(skb)->pkt_type);
515 struct urb *urb;
516
517 if (!_urb) {
518 _urb = _urb_alloc(HCI_MAX_ISOC_FRAMES, GFP_ATOMIC);
519 if (!_urb)
520 return -ENOMEM;
521 _urb->type = bt_cb(skb)->pkt_type;
522 }
523
524 BT_DBG("%s skb %p len %d", husb->hdev->name, skb, skb->len);
525
526 urb = &_urb->urb;
527
528 urb->context = husb;
529 urb->dev = husb->udev;
530 urb->pipe = usb_sndisocpipe(husb->udev, husb->isoc_out_ep->desc.bEndpointAddress);
531 urb->complete = hci_usb_tx_complete;
532 urb->transfer_flags = URB_ISO_ASAP;
533
534 urb->interval = husb->isoc_out_ep->desc.bInterval;
535
536 urb->transfer_buffer = skb->data;
537 urb->transfer_buffer_length = skb->len;
538
539 __fill_isoc_desc(urb, skb->len, le16_to_cpu(husb->isoc_out_ep->desc.wMaxPacketSize));
540
541 _urb->priv = skb;
542 return __tx_submit(husb, _urb);
543 }
544 #endif
545
546 static void hci_usb_tx_process(struct hci_usb *husb)
547 {
548 struct sk_buff_head *q;
549 struct sk_buff *skb;
550
551 BT_DBG("%s", husb->hdev->name);
552
553 do {
554 clear_bit(HCI_USB_TX_WAKEUP, &husb->state);
555
556 /* Process command queue */
557 q = __transmit_q(husb, HCI_COMMAND_PKT);
558 if (!atomic_read(__pending_tx(husb, HCI_COMMAND_PKT)) &&
559 (skb = skb_dequeue(q))) {
560 if (hci_usb_send_ctrl(husb, skb) < 0)
561 skb_queue_head(q, skb);
562 }
563
564 #ifdef CONFIG_BT_HCIUSB_SCO
565 /* Process SCO queue */
566 q = __transmit_q(husb, HCI_SCODATA_PKT);
567 if (atomic_read(__pending_tx(husb, HCI_SCODATA_PKT)) < HCI_MAX_ISOC_TX &&
568 (skb = skb_dequeue(q))) {
569 if (hci_usb_send_isoc(husb, skb) < 0)
570 skb_queue_head(q, skb);
571 }
572 #endif
573
574 /* Process ACL queue */
575 q = __transmit_q(husb, HCI_ACLDATA_PKT);
576 while (atomic_read(__pending_tx(husb, HCI_ACLDATA_PKT)) < HCI_MAX_BULK_TX &&
577 (skb = skb_dequeue(q))) {
578 if (hci_usb_send_bulk(husb, skb) < 0) {
579 skb_queue_head(q, skb);
580 break;
581 }
582 }
583 } while(test_bit(HCI_USB_TX_WAKEUP, &husb->state));
584 }
585
586 static inline void hci_usb_tx_wakeup(struct hci_usb *husb)
587 {
588 /* Serialize TX queue processing to avoid data reordering */
589 if (!test_and_set_bit(HCI_USB_TX_PROCESS, &husb->state)) {
590 hci_usb_tx_process(husb);
591 clear_bit(HCI_USB_TX_PROCESS, &husb->state);
592 } else
593 set_bit(HCI_USB_TX_WAKEUP, &husb->state);
594 }
595
596 /* Send frames from HCI layer */
597 static int hci_usb_send_frame(struct sk_buff *skb)
598 {
599 struct hci_dev *hdev = (struct hci_dev *) skb->dev;
600 struct hci_usb *husb;
601
602 if (!hdev) {
603 BT_ERR("frame for uknown device (hdev=NULL)");
604 return -ENODEV;
605 }
606
607 if (!test_bit(HCI_RUNNING, &hdev->flags))
608 return -EBUSY;
609
610 BT_DBG("%s type %d len %d", hdev->name, bt_cb(skb)->pkt_type, skb->len);
611
612 husb = (struct hci_usb *) hdev->driver_data;
613
614 switch (bt_cb(skb)->pkt_type) {
615 case HCI_COMMAND_PKT:
616 hdev->stat.cmd_tx++;
617 break;
618
619 case HCI_ACLDATA_PKT:
620 hdev->stat.acl_tx++;
621 break;
622
623 #ifdef CONFIG_BT_HCIUSB_SCO
624 case HCI_SCODATA_PKT:
625 hdev->stat.sco_tx++;
626 break;
627 #endif
628
629 default:
630 kfree_skb(skb);
631 return 0;
632 }
633
634 read_lock(&husb->completion_lock);
635
636 skb_queue_tail(__transmit_q(husb, bt_cb(skb)->pkt_type), skb);
637 hci_usb_tx_wakeup(husb);
638
639 read_unlock(&husb->completion_lock);
640 return 0;
641 }
642
643 static inline int __recv_frame(struct hci_usb *husb, int type, void *data, int count)
644 {
645 BT_DBG("%s type %d data %p count %d", husb->hdev->name, type, data, count);
646
647 husb->hdev->stat.byte_rx += count;
648
649 while (count) {
650 struct sk_buff *skb = __reassembly(husb, type);
651 struct { int expect; } *scb;
652 int len = 0;
653
654 if (!skb) {
655 /* Start of the frame */
656
657 switch (type) {
658 case HCI_EVENT_PKT:
659 if (count >= HCI_EVENT_HDR_SIZE) {
660 struct hci_event_hdr *h = data;
661 len = HCI_EVENT_HDR_SIZE + h->plen;
662 } else
663 return -EILSEQ;
664 break;
665
666 case HCI_ACLDATA_PKT:
667 if (count >= HCI_ACL_HDR_SIZE) {
668 struct hci_acl_hdr *h = data;
669 len = HCI_ACL_HDR_SIZE + __le16_to_cpu(h->dlen);
670 } else
671 return -EILSEQ;
672 break;
673 #ifdef CONFIG_BT_HCIUSB_SCO
674 case HCI_SCODATA_PKT:
675 if (count >= HCI_SCO_HDR_SIZE) {
676 struct hci_sco_hdr *h = data;
677 len = HCI_SCO_HDR_SIZE + h->dlen;
678 } else
679 return -EILSEQ;
680 break;
681 #endif
682 }
683 BT_DBG("new packet len %d", len);
684
685 skb = bt_skb_alloc(len, GFP_ATOMIC);
686 if (!skb) {
687 BT_ERR("%s no memory for the packet", husb->hdev->name);
688 return -ENOMEM;
689 }
690 skb->dev = (void *) husb->hdev;
691 bt_cb(skb)->pkt_type = type;
692
693 __reassembly(husb, type) = skb;
694
695 scb = (void *) skb->cb;
696 scb->expect = len;
697 } else {
698 /* Continuation */
699 scb = (void *) skb->cb;
700 len = scb->expect;
701 }
702
703 len = min(len, count);
704
705 memcpy(skb_put(skb, len), data, len);
706
707 scb->expect -= len;
708 if (!scb->expect) {
709 /* Complete frame */
710 __reassembly(husb, type) = NULL;
711 bt_cb(skb)->pkt_type = type;
712 hci_recv_frame(skb);
713 }
714
715 count -= len; data += len;
716 }
717 return 0;
718 }
719
720 static void hci_usb_rx_complete(struct urb *urb, struct pt_regs *regs)
721 {
722 struct _urb *_urb = container_of(urb, struct _urb, urb);
723 struct hci_usb *husb = (void *) urb->context;
724 struct hci_dev *hdev = husb->hdev;
725 int err, count = urb->actual_length;
726
727 BT_DBG("%s urb %p type %d status %d count %d flags %x", hdev->name, urb,
728 _urb->type, urb->status, count, urb->transfer_flags);
729
730 read_lock(&husb->completion_lock);
731
732 if (!test_bit(HCI_RUNNING, &hdev->flags))
733 goto unlock;
734
735 if (urb->status || !count)
736 goto resubmit;
737
738 if (_urb->type == HCI_SCODATA_PKT) {
739 #ifdef CONFIG_BT_HCIUSB_SCO
740 int i;
741 for (i=0; i < urb->number_of_packets; i++) {
742 BT_DBG("desc %d status %d offset %d len %d", i,
743 urb->iso_frame_desc[i].status,
744 urb->iso_frame_desc[i].offset,
745 urb->iso_frame_desc[i].actual_length);
746
747 if (!urb->iso_frame_desc[i].status)
748 __recv_frame(husb, _urb->type,
749 urb->transfer_buffer + urb->iso_frame_desc[i].offset,
750 urb->iso_frame_desc[i].actual_length);
751 }
752 #else
753 ;
754 #endif
755 } else {
756 err = __recv_frame(husb, _urb->type, urb->transfer_buffer, count);
757 if (err < 0) {
758 BT_ERR("%s corrupted packet: type %d count %d",
759 husb->hdev->name, _urb->type, count);
760 hdev->stat.err_rx++;
761 }
762 }
763
764 resubmit:
765 urb->dev = husb->udev;
766 err = usb_submit_urb(urb, GFP_ATOMIC);
767 BT_DBG("%s urb %p type %d resubmit status %d", hdev->name, urb,
768 _urb->type, err);
769
770 unlock:
771 read_unlock(&husb->completion_lock);
772 }
773
774 static void hci_usb_tx_complete(struct urb *urb, struct pt_regs *regs)
775 {
776 struct _urb *_urb = container_of(urb, struct _urb, urb);
777 struct hci_usb *husb = (void *) urb->context;
778 struct hci_dev *hdev = husb->hdev;
779
780 BT_DBG("%s urb %p status %d flags %x", hdev->name, urb,
781 urb->status, urb->transfer_flags);
782
783 atomic_dec(__pending_tx(husb, _urb->type));
784
785 urb->transfer_buffer = NULL;
786 kfree_skb((struct sk_buff *) _urb->priv);
787
788 if (!test_bit(HCI_RUNNING, &hdev->flags))
789 return;
790
791 if (!urb->status)
792 hdev->stat.byte_tx += urb->transfer_buffer_length;
793 else
794 hdev->stat.err_tx++;
795
796 read_lock(&husb->completion_lock);
797
798 _urb_unlink(_urb);
799 _urb_queue_tail(__completed_q(husb, _urb->type), _urb);
800
801 hci_usb_tx_wakeup(husb);
802
803 read_unlock(&husb->completion_lock);
804 }
805
806 static void hci_usb_destruct(struct hci_dev *hdev)
807 {
808 struct hci_usb *husb = (struct hci_usb *) hdev->driver_data;
809
810 BT_DBG("%s", hdev->name);
811
812 kfree(husb);
813 }
814
815 static void hci_usb_notify(struct hci_dev *hdev, unsigned int evt)
816 {
817 BT_DBG("%s evt %d", hdev->name, evt);
818 }
819
820 static int hci_usb_probe(struct usb_interface *intf, const struct usb_device_id *id)
821 {
822 struct usb_device *udev = interface_to_usbdev(intf);
823 struct usb_host_endpoint *bulk_out_ep = NULL;
824 struct usb_host_endpoint *bulk_in_ep = NULL;
825 struct usb_host_endpoint *intr_in_ep = NULL;
826 struct usb_host_endpoint *ep;
827 struct usb_host_interface *uif;
828 struct usb_interface *isoc_iface;
829 struct hci_usb *husb;
830 struct hci_dev *hdev;
831 int i, e, size, isoc_ifnum, isoc_alts;
832
833 BT_DBG("udev %p intf %p", udev, intf);
834
835 if (!id->driver_info) {
836 const struct usb_device_id *match;
837 match = usb_match_id(intf, blacklist_ids);
838 if (match)
839 id = match;
840 }
841
842 if (ignore || id->driver_info & HCI_IGNORE)
843 return -ENODEV;
844
845 if (ignore_dga && id->driver_info & HCI_DIGIANSWER)
846 return -ENODEV;
847
848 if (ignore_csr && id->driver_info & HCI_CSR)
849 return -ENODEV;
850
851 if (ignore_sniffer && id->driver_info & HCI_SNIFFER)
852 return -ENODEV;
853
854 if (intf->cur_altsetting->desc.bInterfaceNumber > 0)
855 return -ENODEV;
856
857 /* Find endpoints that we need */
858 uif = intf->cur_altsetting;
859 for (e = 0; e < uif->desc.bNumEndpoints; e++) {
860 ep = &uif->endpoint[e];
861
862 switch (ep->desc.bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) {
863 case USB_ENDPOINT_XFER_INT:
864 if (ep->desc.bEndpointAddress & USB_DIR_IN)
865 intr_in_ep = ep;
866 break;
867
868 case USB_ENDPOINT_XFER_BULK:
869 if (ep->desc.bEndpointAddress & USB_DIR_IN)
870 bulk_in_ep = ep;
871 else
872 bulk_out_ep = ep;
873 break;
874 }
875 }
876
877 if (!bulk_in_ep || !bulk_out_ep || !intr_in_ep) {
878 BT_DBG("Bulk endpoints not found");
879 goto done;
880 }
881
882 if (!(husb = kzalloc(sizeof(struct hci_usb), GFP_KERNEL))) {
883 BT_ERR("Can't allocate: control structure");
884 goto done;
885 }
886
887 husb->udev = udev;
888 husb->bulk_out_ep = bulk_out_ep;
889 husb->bulk_in_ep = bulk_in_ep;
890 husb->intr_in_ep = intr_in_ep;
891
892 if (id->driver_info & HCI_DIGIANSWER)
893 husb->ctrl_req = USB_TYPE_VENDOR;
894 else
895 husb->ctrl_req = USB_TYPE_CLASS;
896
897 /* Find isochronous endpoints that we can use */
898 size = 0;
899 isoc_iface = NULL;
900 isoc_alts = 0;
901 isoc_ifnum = 1;
902
903 #ifdef CONFIG_BT_HCIUSB_SCO
904 if (isoc && !(id->driver_info & (HCI_BROKEN_ISOC | HCI_SNIFFER)))
905 isoc_iface = usb_ifnum_to_if(udev, isoc_ifnum);
906
907 if (isoc_iface) {
908 int a;
909 struct usb_host_endpoint *isoc_out_ep = NULL;
910 struct usb_host_endpoint *isoc_in_ep = NULL;
911
912 for (a = 0; a < isoc_iface->num_altsetting; a++) {
913 uif = &isoc_iface->altsetting[a];
914 for (e = 0; e < uif->desc.bNumEndpoints; e++) {
915 ep = &uif->endpoint[e];
916
917 switch (ep->desc.bmAttributes & USB_ENDPOINT_XFERTYPE_MASK) {
918 case USB_ENDPOINT_XFER_ISOC:
919 if (le16_to_cpu(ep->desc.wMaxPacketSize) < size ||
920 uif->desc.bAlternateSetting != isoc)
921 break;
922 size = le16_to_cpu(ep->desc.wMaxPacketSize);
923
924 isoc_alts = uif->desc.bAlternateSetting;
925
926 if (ep->desc.bEndpointAddress & USB_DIR_IN)
927 isoc_in_ep = ep;
928 else
929 isoc_out_ep = ep;
930 break;
931 }
932 }
933 }
934
935 if (!isoc_in_ep || !isoc_out_ep)
936 BT_DBG("Isoc endpoints not found");
937 else {
938 BT_DBG("isoc ifnum %d alts %d", isoc_ifnum, isoc_alts);
939 if (usb_driver_claim_interface(&hci_usb_driver, isoc_iface, husb) != 0)
940 BT_ERR("Can't claim isoc interface");
941 else if (usb_set_interface(udev, isoc_ifnum, isoc_alts)) {
942 BT_ERR("Can't set isoc interface settings");
943 husb->isoc_iface = isoc_iface;
944 usb_driver_release_interface(&hci_usb_driver, isoc_iface);
945 husb->isoc_iface = NULL;
946 } else {
947 husb->isoc_iface = isoc_iface;
948 husb->isoc_in_ep = isoc_in_ep;
949 husb->isoc_out_ep = isoc_out_ep;
950 }
951 }
952 }
953 #endif
954
955 rwlock_init(&husb->completion_lock);
956
957 for (i = 0; i < 4; i++) {
958 skb_queue_head_init(&husb->transmit_q[i]);
959 _urb_queue_init(&husb->pending_q[i]);
960 _urb_queue_init(&husb->completed_q[i]);
961 }
962
963 /* Initialize and register HCI device */
964 hdev = hci_alloc_dev();
965 if (!hdev) {
966 BT_ERR("Can't allocate HCI device");
967 goto probe_error;
968 }
969
970 husb->hdev = hdev;
971
972 hdev->type = HCI_USB;
973 hdev->driver_data = husb;
974 SET_HCIDEV_DEV(hdev, &intf->dev);
975
976 hdev->open = hci_usb_open;
977 hdev->close = hci_usb_close;
978 hdev->flush = hci_usb_flush;
979 hdev->send = hci_usb_send_frame;
980 hdev->destruct = hci_usb_destruct;
981 hdev->notify = hci_usb_notify;
982
983 hdev->owner = THIS_MODULE;
984
985 if (reset || id->driver_info & HCI_RESET)
986 set_bit(HCI_QUIRK_RESET_ON_INIT, &hdev->quirks);
987
988 if (id->driver_info & HCI_SNIFFER) {
989 if (le16_to_cpu(udev->descriptor.bcdDevice) > 0x997)
990 set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
991 }
992
993 if (id->driver_info & HCI_BCM92035) {
994 unsigned char cmd[] = { 0x3b, 0xfc, 0x01, 0x00 };
995 struct sk_buff *skb;
996
997 skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL);
998 if (skb) {
999 memcpy(skb_put(skb, sizeof(cmd)), cmd, sizeof(cmd));
1000 skb_queue_tail(&hdev->driver_init, skb);
1001 }
1002 }
1003
1004 if (hci_register_dev(hdev) < 0) {
1005 BT_ERR("Can't register HCI device");
1006 hci_free_dev(hdev);
1007 goto probe_error;
1008 }
1009
1010 usb_set_intfdata(intf, husb);
1011 return 0;
1012
1013 probe_error:
1014 if (husb->isoc_iface)
1015 usb_driver_release_interface(&hci_usb_driver, husb->isoc_iface);
1016 kfree(husb);
1017
1018 done:
1019 return -EIO;
1020 }
1021
1022 static void hci_usb_disconnect(struct usb_interface *intf)
1023 {
1024 struct hci_usb *husb = usb_get_intfdata(intf);
1025 struct hci_dev *hdev;
1026
1027 if (!husb || intf == husb->isoc_iface)
1028 return;
1029
1030 usb_set_intfdata(intf, NULL);
1031 hdev = husb->hdev;
1032
1033 BT_DBG("%s", hdev->name);
1034
1035 hci_usb_close(hdev);
1036
1037 if (husb->isoc_iface)
1038 usb_driver_release_interface(&hci_usb_driver, husb->isoc_iface);
1039
1040 if (hci_unregister_dev(hdev) < 0)
1041 BT_ERR("Can't unregister HCI device %s", hdev->name);
1042
1043 hci_free_dev(hdev);
1044 }
1045
1046 static struct usb_driver hci_usb_driver = {
1047 .name = "hci_usb",
1048 .probe = hci_usb_probe,
1049 .disconnect = hci_usb_disconnect,
1050 .id_table = bluetooth_ids,
1051 };
1052
1053 static int __init hci_usb_init(void)
1054 {
1055 int err;
1056
1057 BT_INFO("HCI USB driver ver %s", VERSION);
1058
1059 if ((err = usb_register(&hci_usb_driver)) < 0)
1060 BT_ERR("Failed to register HCI USB driver");
1061
1062 return err;
1063 }
1064
1065 static void __exit hci_usb_exit(void)
1066 {
1067 usb_deregister(&hci_usb_driver);
1068 }
1069
1070 module_init(hci_usb_init);
1071 module_exit(hci_usb_exit);
1072
1073 module_param(ignore, bool, 0644);
1074 MODULE_PARM_DESC(ignore, "Ignore devices from the matching table");
1075
1076 module_param(ignore_dga, bool, 0644);
1077 MODULE_PARM_DESC(ignore_dga, "Ignore devices with id 08fd:0001");
1078
1079 module_param(ignore_csr, bool, 0644);
1080 MODULE_PARM_DESC(ignore_csr, "Ignore devices with id 0a12:0001");
1081
1082 module_param(ignore_sniffer, bool, 0644);
1083 MODULE_PARM_DESC(ignore_sniffer, "Ignore devices with id 0a12:0002");
1084
1085 module_param(reset, bool, 0644);
1086 MODULE_PARM_DESC(reset, "Send HCI reset command on initialization");
1087
1088 #ifdef CONFIG_BT_HCIUSB_SCO
1089 module_param(isoc, int, 0644);
1090 MODULE_PARM_DESC(isoc, "Set isochronous transfers for SCO over HCI support");
1091 #endif
1092
1093 MODULE_AUTHOR("Maxim Krasnyansky <maxk@qualcomm.com>, Marcel Holtmann <marcel@holtmann.org>");
1094 MODULE_DESCRIPTION("Bluetooth HCI USB driver ver " VERSION);
1095 MODULE_VERSION(VERSION);
1096 MODULE_LICENSE("GPL");
kernel-based virtual machine