appletalk: fix atalk_getname() leak
[linux-2.6/verdex.git] / drivers / bluetooth / hci_bcsp.c
blob894b2cb11ea6caf808ff55b6c3135d42e9ad33b5
1 /*
3 * Bluetooth HCI UART driver
5 * Copyright (C) 2002-2003 Fabrizio Gennari <fabrizio.gennari@philips.com>
6 * Copyright (C) 2004-2005 Marcel Holtmann <marcel@holtmann.org>
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 2 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, write to the Free Software
21 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
25 #include <linux/module.h>
27 #include <linux/kernel.h>
28 #include <linux/init.h>
29 #include <linux/types.h>
30 #include <linux/fcntl.h>
31 #include <linux/interrupt.h>
32 #include <linux/ptrace.h>
33 #include <linux/poll.h>
35 #include <linux/slab.h>
36 #include <linux/tty.h>
37 #include <linux/errno.h>
38 #include <linux/string.h>
39 #include <linux/signal.h>
40 #include <linux/ioctl.h>
41 #include <linux/skbuff.h>
42 #include <linux/bitrev.h>
43 #include <asm/unaligned.h>
45 #include <net/bluetooth/bluetooth.h>
46 #include <net/bluetooth/hci_core.h>
48 #include "hci_uart.h"
50 #define VERSION "0.3"
52 static int txcrc = 1;
53 static int hciextn = 1;
55 #define BCSP_TXWINSIZE 4
57 #define BCSP_ACK_PKT 0x05
58 #define BCSP_LE_PKT 0x06
60 struct bcsp_struct {
61 struct sk_buff_head unack; /* Unack'ed packets queue */
62 struct sk_buff_head rel; /* Reliable packets queue */
63 struct sk_buff_head unrel; /* Unreliable packets queue */
65 unsigned long rx_count;
66 struct sk_buff *rx_skb;
67 u8 rxseq_txack; /* rxseq == txack. */
68 u8 rxack; /* Last packet sent by us that the peer ack'ed */
69 struct timer_list tbcsp;
71 enum {
72 BCSP_W4_PKT_DELIMITER,
73 BCSP_W4_PKT_START,
74 BCSP_W4_BCSP_HDR,
75 BCSP_W4_DATA,
76 BCSP_W4_CRC
77 } rx_state;
79 enum {
80 BCSP_ESCSTATE_NOESC,
81 BCSP_ESCSTATE_ESC
82 } rx_esc_state;
84 u8 use_crc;
85 u16 message_crc;
86 u8 txack_req; /* Do we need to send ack's to the peer? */
88 /* Reliable packet sequence number - used to assign seq to each rel pkt. */
89 u8 msgq_txseq;
92 /* ---- BCSP CRC calculation ---- */
94 /* Table for calculating CRC for polynomial 0x1021, LSB processed first,
95 initial value 0xffff, bits shifted in reverse order. */
97 static const u16 crc_table[] = {
98 0x0000, 0x1081, 0x2102, 0x3183,
99 0x4204, 0x5285, 0x6306, 0x7387,
100 0x8408, 0x9489, 0xa50a, 0xb58b,
101 0xc60c, 0xd68d, 0xe70e, 0xf78f
104 /* Initialise the crc calculator */
105 #define BCSP_CRC_INIT(x) x = 0xffff
108 Update crc with next data byte
110 Implementation note
111 The data byte is treated as two nibbles. The crc is generated
112 in reverse, i.e., bits are fed into the register from the top.
114 static void bcsp_crc_update(u16 *crc, u8 d)
116 u16 reg = *crc;
118 reg = (reg >> 4) ^ crc_table[(reg ^ d) & 0x000f];
119 reg = (reg >> 4) ^ crc_table[(reg ^ (d >> 4)) & 0x000f];
121 *crc = reg;
124 /* ---- BCSP core ---- */
126 static void bcsp_slip_msgdelim(struct sk_buff *skb)
128 const char pkt_delim = 0xc0;
130 memcpy(skb_put(skb, 1), &pkt_delim, 1);
133 static void bcsp_slip_one_byte(struct sk_buff *skb, u8 c)
135 const char esc_c0[2] = { 0xdb, 0xdc };
136 const char esc_db[2] = { 0xdb, 0xdd };
138 switch (c) {
139 case 0xc0:
140 memcpy(skb_put(skb, 2), &esc_c0, 2);
141 break;
142 case 0xdb:
143 memcpy(skb_put(skb, 2), &esc_db, 2);
144 break;
145 default:
146 memcpy(skb_put(skb, 1), &c, 1);
150 static int bcsp_enqueue(struct hci_uart *hu, struct sk_buff *skb)
152 struct bcsp_struct *bcsp = hu->priv;
154 if (skb->len > 0xFFF) {
155 BT_ERR("Packet too long");
156 kfree_skb(skb);
157 return 0;
160 switch (bt_cb(skb)->pkt_type) {
161 case HCI_ACLDATA_PKT:
162 case HCI_COMMAND_PKT:
163 skb_queue_tail(&bcsp->rel, skb);
164 break;
166 case HCI_SCODATA_PKT:
167 skb_queue_tail(&bcsp->unrel, skb);
168 break;
170 default:
171 BT_ERR("Unknown packet type");
172 kfree_skb(skb);
173 break;
176 return 0;
179 static struct sk_buff *bcsp_prepare_pkt(struct bcsp_struct *bcsp, u8 *data,
180 int len, int pkt_type)
182 struct sk_buff *nskb;
183 u8 hdr[4], chan;
184 u16 BCSP_CRC_INIT(bcsp_txmsg_crc);
185 int rel, i;
187 switch (pkt_type) {
188 case HCI_ACLDATA_PKT:
189 chan = 6; /* BCSP ACL channel */
190 rel = 1; /* reliable channel */
191 break;
192 case HCI_COMMAND_PKT:
193 chan = 5; /* BCSP cmd/evt channel */
194 rel = 1; /* reliable channel */
195 break;
196 case HCI_SCODATA_PKT:
197 chan = 7; /* BCSP SCO channel */
198 rel = 0; /* unreliable channel */
199 break;
200 case BCSP_LE_PKT:
201 chan = 1; /* BCSP LE channel */
202 rel = 0; /* unreliable channel */
203 break;
204 case BCSP_ACK_PKT:
205 chan = 0; /* BCSP internal channel */
206 rel = 0; /* unreliable channel */
207 break;
208 default:
209 BT_ERR("Unknown packet type");
210 return NULL;
213 if (hciextn && chan == 5) {
214 __le16 opcode = ((struct hci_command_hdr *)data)->opcode;
216 /* Vendor specific commands */
217 if (hci_opcode_ogf(__le16_to_cpu(opcode)) == 0x3f) {
218 u8 desc = *(data + HCI_COMMAND_HDR_SIZE);
219 if ((desc & 0xf0) == 0xc0) {
220 data += HCI_COMMAND_HDR_SIZE + 1;
221 len -= HCI_COMMAND_HDR_SIZE + 1;
222 chan = desc & 0x0f;
227 /* Max len of packet: (original len +4(bcsp hdr) +2(crc))*2
228 (because bytes 0xc0 and 0xdb are escaped, worst case is
229 when the packet is all made of 0xc0 and 0xdb :) )
230 + 2 (0xc0 delimiters at start and end). */
232 nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC);
233 if (!nskb)
234 return NULL;
236 bt_cb(nskb)->pkt_type = pkt_type;
238 bcsp_slip_msgdelim(nskb);
240 hdr[0] = bcsp->rxseq_txack << 3;
241 bcsp->txack_req = 0;
242 BT_DBG("We request packet no %u to card", bcsp->rxseq_txack);
244 if (rel) {
245 hdr[0] |= 0x80 + bcsp->msgq_txseq;
246 BT_DBG("Sending packet with seqno %u", bcsp->msgq_txseq);
247 bcsp->msgq_txseq = ++(bcsp->msgq_txseq) & 0x07;
250 if (bcsp->use_crc)
251 hdr[0] |= 0x40;
253 hdr[1] = ((len << 4) & 0xff) | chan;
254 hdr[2] = len >> 4;
255 hdr[3] = ~(hdr[0] + hdr[1] + hdr[2]);
257 /* Put BCSP header */
258 for (i = 0; i < 4; i++) {
259 bcsp_slip_one_byte(nskb, hdr[i]);
261 if (bcsp->use_crc)
262 bcsp_crc_update(&bcsp_txmsg_crc, hdr[i]);
265 /* Put payload */
266 for (i = 0; i < len; i++) {
267 bcsp_slip_one_byte(nskb, data[i]);
269 if (bcsp->use_crc)
270 bcsp_crc_update(&bcsp_txmsg_crc, data[i]);
273 /* Put CRC */
274 if (bcsp->use_crc) {
275 bcsp_txmsg_crc = bitrev16(bcsp_txmsg_crc);
276 bcsp_slip_one_byte(nskb, (u8) ((bcsp_txmsg_crc >> 8) & 0x00ff));
277 bcsp_slip_one_byte(nskb, (u8) (bcsp_txmsg_crc & 0x00ff));
280 bcsp_slip_msgdelim(nskb);
281 return nskb;
284 /* This is a rewrite of pkt_avail in ABCSP */
285 static struct sk_buff *bcsp_dequeue(struct hci_uart *hu)
287 struct bcsp_struct *bcsp = hu->priv;
288 unsigned long flags;
289 struct sk_buff *skb;
291 /* First of all, check for unreliable messages in the queue,
292 since they have priority */
294 if ((skb = skb_dequeue(&bcsp->unrel)) != NULL) {
295 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, bt_cb(skb)->pkt_type);
296 if (nskb) {
297 kfree_skb(skb);
298 return nskb;
299 } else {
300 skb_queue_head(&bcsp->unrel, skb);
301 BT_ERR("Could not dequeue pkt because alloc_skb failed");
305 /* Now, try to send a reliable pkt. We can only send a
306 reliable packet if the number of packets sent but not yet ack'ed
307 is < than the winsize */
309 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING);
311 if (bcsp->unack.qlen < BCSP_TXWINSIZE && (skb = skb_dequeue(&bcsp->rel)) != NULL) {
312 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, bt_cb(skb)->pkt_type);
313 if (nskb) {
314 __skb_queue_tail(&bcsp->unack, skb);
315 mod_timer(&bcsp->tbcsp, jiffies + HZ / 4);
316 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
317 return nskb;
318 } else {
319 skb_queue_head(&bcsp->rel, skb);
320 BT_ERR("Could not dequeue pkt because alloc_skb failed");
324 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
326 /* We could not send a reliable packet, either because there are
327 none or because there are too many unack'ed pkts. Did we receive
328 any packets we have not acknowledged yet ? */
330 if (bcsp->txack_req) {
331 /* if so, craft an empty ACK pkt and send it on BCSP unreliable
332 channel 0 */
333 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, NULL, 0, BCSP_ACK_PKT);
334 return nskb;
337 /* We have nothing to send */
338 return NULL;
341 static int bcsp_flush(struct hci_uart *hu)
343 BT_DBG("hu %p", hu);
344 return 0;
347 /* Remove ack'ed packets */
348 static void bcsp_pkt_cull(struct bcsp_struct *bcsp)
350 struct sk_buff *skb, *tmp;
351 unsigned long flags;
352 int i, pkts_to_be_removed;
353 u8 seqno;
355 spin_lock_irqsave(&bcsp->unack.lock, flags);
357 pkts_to_be_removed = skb_queue_len(&bcsp->unack);
358 seqno = bcsp->msgq_txseq;
360 while (pkts_to_be_removed) {
361 if (bcsp->rxack == seqno)
362 break;
363 pkts_to_be_removed--;
364 seqno = (seqno - 1) & 0x07;
367 if (bcsp->rxack != seqno)
368 BT_ERR("Peer acked invalid packet");
370 BT_DBG("Removing %u pkts out of %u, up to seqno %u",
371 pkts_to_be_removed, skb_queue_len(&bcsp->unack),
372 (seqno - 1) & 0x07);
374 i = 0;
375 skb_queue_walk_safe(&bcsp->unack, skb, tmp) {
376 if (i++ >= pkts_to_be_removed)
377 break;
379 __skb_unlink(skb, &bcsp->unack);
380 kfree_skb(skb);
383 if (skb_queue_empty(&bcsp->unack))
384 del_timer(&bcsp->tbcsp);
386 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
388 if (i != pkts_to_be_removed)
389 BT_ERR("Removed only %u out of %u pkts", i, pkts_to_be_removed);
392 /* Handle BCSP link-establishment packets. When we
393 detect a "sync" packet, symptom that the BT module has reset,
394 we do nothing :) (yet) */
395 static void bcsp_handle_le_pkt(struct hci_uart *hu)
397 struct bcsp_struct *bcsp = hu->priv;
398 u8 conf_pkt[4] = { 0xad, 0xef, 0xac, 0xed };
399 u8 conf_rsp_pkt[4] = { 0xde, 0xad, 0xd0, 0xd0 };
400 u8 sync_pkt[4] = { 0xda, 0xdc, 0xed, 0xed };
402 /* spot "conf" pkts and reply with a "conf rsp" pkt */
403 if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 &&
404 !memcmp(&bcsp->rx_skb->data[4], conf_pkt, 4)) {
405 struct sk_buff *nskb = alloc_skb(4, GFP_ATOMIC);
407 BT_DBG("Found a LE conf pkt");
408 if (!nskb)
409 return;
410 memcpy(skb_put(nskb, 4), conf_rsp_pkt, 4);
411 bt_cb(nskb)->pkt_type = BCSP_LE_PKT;
413 skb_queue_head(&bcsp->unrel, nskb);
414 hci_uart_tx_wakeup(hu);
416 /* Spot "sync" pkts. If we find one...disaster! */
417 else if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 &&
418 !memcmp(&bcsp->rx_skb->data[4], sync_pkt, 4)) {
419 BT_ERR("Found a LE sync pkt, card has reset");
423 static inline void bcsp_unslip_one_byte(struct bcsp_struct *bcsp, unsigned char byte)
425 const u8 c0 = 0xc0, db = 0xdb;
427 switch (bcsp->rx_esc_state) {
428 case BCSP_ESCSTATE_NOESC:
429 switch (byte) {
430 case 0xdb:
431 bcsp->rx_esc_state = BCSP_ESCSTATE_ESC;
432 break;
433 default:
434 memcpy(skb_put(bcsp->rx_skb, 1), &byte, 1);
435 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
436 bcsp->rx_state != BCSP_W4_CRC)
437 bcsp_crc_update(&bcsp->message_crc, byte);
438 bcsp->rx_count--;
440 break;
442 case BCSP_ESCSTATE_ESC:
443 switch (byte) {
444 case 0xdc:
445 memcpy(skb_put(bcsp->rx_skb, 1), &c0, 1);
446 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
447 bcsp->rx_state != BCSP_W4_CRC)
448 bcsp_crc_update(&bcsp-> message_crc, 0xc0);
449 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
450 bcsp->rx_count--;
451 break;
453 case 0xdd:
454 memcpy(skb_put(bcsp->rx_skb, 1), &db, 1);
455 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
456 bcsp->rx_state != BCSP_W4_CRC)
457 bcsp_crc_update(&bcsp-> message_crc, 0xdb);
458 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
459 bcsp->rx_count--;
460 break;
462 default:
463 BT_ERR ("Invalid byte %02x after esc byte", byte);
464 kfree_skb(bcsp->rx_skb);
465 bcsp->rx_skb = NULL;
466 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
467 bcsp->rx_count = 0;
472 static void bcsp_complete_rx_pkt(struct hci_uart *hu)
474 struct bcsp_struct *bcsp = hu->priv;
475 int pass_up;
477 if (bcsp->rx_skb->data[0] & 0x80) { /* reliable pkt */
478 BT_DBG("Received seqno %u from card", bcsp->rxseq_txack);
479 bcsp->rxseq_txack++;
480 bcsp->rxseq_txack %= 0x8;
481 bcsp->txack_req = 1;
483 /* If needed, transmit an ack pkt */
484 hci_uart_tx_wakeup(hu);
487 bcsp->rxack = (bcsp->rx_skb->data[0] >> 3) & 0x07;
488 BT_DBG("Request for pkt %u from card", bcsp->rxack);
490 bcsp_pkt_cull(bcsp);
491 if ((bcsp->rx_skb->data[1] & 0x0f) == 6 &&
492 bcsp->rx_skb->data[0] & 0x80) {
493 bt_cb(bcsp->rx_skb)->pkt_type = HCI_ACLDATA_PKT;
494 pass_up = 1;
495 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 5 &&
496 bcsp->rx_skb->data[0] & 0x80) {
497 bt_cb(bcsp->rx_skb)->pkt_type = HCI_EVENT_PKT;
498 pass_up = 1;
499 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 7) {
500 bt_cb(bcsp->rx_skb)->pkt_type = HCI_SCODATA_PKT;
501 pass_up = 1;
502 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 1 &&
503 !(bcsp->rx_skb->data[0] & 0x80)) {
504 bcsp_handle_le_pkt(hu);
505 pass_up = 0;
506 } else
507 pass_up = 0;
509 if (!pass_up) {
510 struct hci_event_hdr hdr;
511 u8 desc = (bcsp->rx_skb->data[1] & 0x0f);
513 if (desc != 0 && desc != 1) {
514 if (hciextn) {
515 desc |= 0xc0;
516 skb_pull(bcsp->rx_skb, 4);
517 memcpy(skb_push(bcsp->rx_skb, 1), &desc, 1);
519 hdr.evt = 0xff;
520 hdr.plen = bcsp->rx_skb->len;
521 memcpy(skb_push(bcsp->rx_skb, HCI_EVENT_HDR_SIZE), &hdr, HCI_EVENT_HDR_SIZE);
522 bt_cb(bcsp->rx_skb)->pkt_type = HCI_EVENT_PKT;
524 hci_recv_frame(bcsp->rx_skb);
525 } else {
526 BT_ERR ("Packet for unknown channel (%u %s)",
527 bcsp->rx_skb->data[1] & 0x0f,
528 bcsp->rx_skb->data[0] & 0x80 ?
529 "reliable" : "unreliable");
530 kfree_skb(bcsp->rx_skb);
532 } else
533 kfree_skb(bcsp->rx_skb);
534 } else {
535 /* Pull out BCSP hdr */
536 skb_pull(bcsp->rx_skb, 4);
538 hci_recv_frame(bcsp->rx_skb);
541 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
542 bcsp->rx_skb = NULL;
545 static u16 bscp_get_crc(struct bcsp_struct *bcsp)
547 return get_unaligned_be16(&bcsp->rx_skb->data[bcsp->rx_skb->len - 2]);
550 /* Recv data */
551 static int bcsp_recv(struct hci_uart *hu, void *data, int count)
553 struct bcsp_struct *bcsp = hu->priv;
554 register unsigned char *ptr;
556 BT_DBG("hu %p count %d rx_state %d rx_count %ld",
557 hu, count, bcsp->rx_state, bcsp->rx_count);
559 ptr = data;
560 while (count) {
561 if (bcsp->rx_count) {
562 if (*ptr == 0xc0) {
563 BT_ERR("Short BCSP packet");
564 kfree_skb(bcsp->rx_skb);
565 bcsp->rx_state = BCSP_W4_PKT_START;
566 bcsp->rx_count = 0;
567 } else
568 bcsp_unslip_one_byte(bcsp, *ptr);
570 ptr++; count--;
571 continue;
574 switch (bcsp->rx_state) {
575 case BCSP_W4_BCSP_HDR:
576 if ((0xff & (u8) ~ (bcsp->rx_skb->data[0] + bcsp->rx_skb->data[1] +
577 bcsp->rx_skb->data[2])) != bcsp->rx_skb->data[3]) {
578 BT_ERR("Error in BCSP hdr checksum");
579 kfree_skb(bcsp->rx_skb);
580 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
581 bcsp->rx_count = 0;
582 continue;
584 if (bcsp->rx_skb->data[0] & 0x80 /* reliable pkt */
585 && (bcsp->rx_skb->data[0] & 0x07) != bcsp->rxseq_txack) {
586 BT_ERR ("Out-of-order packet arrived, got %u expected %u",
587 bcsp->rx_skb->data[0] & 0x07, bcsp->rxseq_txack);
589 kfree_skb(bcsp->rx_skb);
590 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
591 bcsp->rx_count = 0;
592 continue;
594 bcsp->rx_state = BCSP_W4_DATA;
595 bcsp->rx_count = (bcsp->rx_skb->data[1] >> 4) +
596 (bcsp->rx_skb->data[2] << 4); /* May be 0 */
597 continue;
599 case BCSP_W4_DATA:
600 if (bcsp->rx_skb->data[0] & 0x40) { /* pkt with crc */
601 bcsp->rx_state = BCSP_W4_CRC;
602 bcsp->rx_count = 2;
603 } else
604 bcsp_complete_rx_pkt(hu);
605 continue;
607 case BCSP_W4_CRC:
608 if (bitrev16(bcsp->message_crc) != bscp_get_crc(bcsp)) {
609 BT_ERR ("Checksum failed: computed %04x received %04x",
610 bitrev16(bcsp->message_crc),
611 bscp_get_crc(bcsp));
613 kfree_skb(bcsp->rx_skb);
614 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
615 bcsp->rx_count = 0;
616 continue;
618 skb_trim(bcsp->rx_skb, bcsp->rx_skb->len - 2);
619 bcsp_complete_rx_pkt(hu);
620 continue;
622 case BCSP_W4_PKT_DELIMITER:
623 switch (*ptr) {
624 case 0xc0:
625 bcsp->rx_state = BCSP_W4_PKT_START;
626 break;
627 default:
628 /*BT_ERR("Ignoring byte %02x", *ptr);*/
629 break;
631 ptr++; count--;
632 break;
634 case BCSP_W4_PKT_START:
635 switch (*ptr) {
636 case 0xc0:
637 ptr++; count--;
638 break;
640 default:
641 bcsp->rx_state = BCSP_W4_BCSP_HDR;
642 bcsp->rx_count = 4;
643 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
644 BCSP_CRC_INIT(bcsp->message_crc);
646 /* Do not increment ptr or decrement count
647 * Allocate packet. Max len of a BCSP pkt=
648 * 0xFFF (payload) +4 (header) +2 (crc) */
650 bcsp->rx_skb = bt_skb_alloc(0x1005, GFP_ATOMIC);
651 if (!bcsp->rx_skb) {
652 BT_ERR("Can't allocate mem for new packet");
653 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
654 bcsp->rx_count = 0;
655 return 0;
657 bcsp->rx_skb->dev = (void *) hu->hdev;
658 break;
660 break;
663 return count;
666 /* Arrange to retransmit all messages in the relq. */
667 static void bcsp_timed_event(unsigned long arg)
669 struct hci_uart *hu = (struct hci_uart *) arg;
670 struct bcsp_struct *bcsp = hu->priv;
671 struct sk_buff *skb;
672 unsigned long flags;
674 BT_DBG("hu %p retransmitting %u pkts", hu, bcsp->unack.qlen);
676 spin_lock_irqsave_nested(&bcsp->unack.lock, flags, SINGLE_DEPTH_NESTING);
678 while ((skb = __skb_dequeue_tail(&bcsp->unack)) != NULL) {
679 bcsp->msgq_txseq = (bcsp->msgq_txseq - 1) & 0x07;
680 skb_queue_head(&bcsp->rel, skb);
683 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
685 hci_uart_tx_wakeup(hu);
688 static int bcsp_open(struct hci_uart *hu)
690 struct bcsp_struct *bcsp;
692 BT_DBG("hu %p", hu);
694 bcsp = kzalloc(sizeof(*bcsp), GFP_ATOMIC);
695 if (!bcsp)
696 return -ENOMEM;
698 hu->priv = bcsp;
699 skb_queue_head_init(&bcsp->unack);
700 skb_queue_head_init(&bcsp->rel);
701 skb_queue_head_init(&bcsp->unrel);
703 init_timer(&bcsp->tbcsp);
704 bcsp->tbcsp.function = bcsp_timed_event;
705 bcsp->tbcsp.data = (u_long) hu;
707 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
709 if (txcrc)
710 bcsp->use_crc = 1;
712 return 0;
715 static int bcsp_close(struct hci_uart *hu)
717 struct bcsp_struct *bcsp = hu->priv;
718 hu->priv = NULL;
720 BT_DBG("hu %p", hu);
722 skb_queue_purge(&bcsp->unack);
723 skb_queue_purge(&bcsp->rel);
724 skb_queue_purge(&bcsp->unrel);
725 del_timer(&bcsp->tbcsp);
727 kfree(bcsp);
728 return 0;
731 static struct hci_uart_proto bcsp = {
732 .id = HCI_UART_BCSP,
733 .open = bcsp_open,
734 .close = bcsp_close,
735 .enqueue = bcsp_enqueue,
736 .dequeue = bcsp_dequeue,
737 .recv = bcsp_recv,
738 .flush = bcsp_flush
741 int bcsp_init(void)
743 int err = hci_uart_register_proto(&bcsp);
745 if (!err)
746 BT_INFO("HCI BCSP protocol initialized");
747 else
748 BT_ERR("HCI BCSP protocol registration failed");
750 return err;
753 int bcsp_deinit(void)
755 return hci_uart_unregister_proto(&bcsp);
758 module_param(txcrc, bool, 0644);
759 MODULE_PARM_DESC(txcrc, "Transmit CRC with every BCSP packet");
761 module_param(hciextn, bool, 0644);
762 MODULE_PARM_DESC(hciextn, "Convert HCI Extensions into BCSP packets");