1/*
2 * ng_ubt.c
3 */
4
5/*-
6 * Copyright (c) 2001-2009 Maksim Yevmenkin <m_evmenkin@yahoo.com>
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGE.
29 *
30 * $Id: ng_ubt.c,v 1.16 2003/10/10 19:15:06 max Exp $
31 * $FreeBSD: head/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c 249178 2013-04-05 23:41:38Z adrian $
32 */
33
34/*
35 * NOTE: ng_ubt2 driver has a split personality. On one side it is
36 * a USB device driver and on the other it is a Netgraph node. This
37 * driver will *NOT* create traditional /dev/ enties, only Netgraph
38 * node.
39 *
40 * NOTE ON LOCKS USED: ng_ubt2 drives uses 2 locks (mutexes)
41 *
42 * 1) sc_if_mtx - lock for device's interface #0 and #1. This lock is used
43 * by USB for any USB request going over device's interface #0 and #1,
44 * i.e. interrupt, control, bulk and isoc. transfers.
45 *
46 * 2) sc_ng_mtx - this lock is used to protect shared (between USB, Netgraph
47 * and Taskqueue) data, such as outgoing mbuf queues, task flags and hook
48 * pointer. This lock *SHOULD NOT* be grabbed for a long time. In fact,
49 * think of it as a spin lock.
50 *
51 * NOTE ON LOCKING STRATEGY: ng_ubt2 driver operates in 3 different contexts.
52 *
53 * 1) USB context. This is where all the USB related stuff happens. All
54 * callbacks run in this context. All callbacks are called (by USB) with
55 * appropriate interface lock held. It is (generally) allowed to grab
56 * any additional locks.
57 *
58 * 2) Netgraph context. This is where all the Netgraph related stuff happens.
59 * Since we mark node as WRITER, the Netgraph node will be "locked" (from
60 * Netgraph point of view). Any variable that is only modified from the
61 * Netgraph context does not require any additonal locking. It is generally
62 * *NOT* allowed to grab *ANY* additional locks. Whatever you do, *DO NOT*
63 * grab any lock in the Netgraph context that could cause de-scheduling of
64 * the Netgraph thread for significant amount of time. In fact, the only
65 * lock that is allowed in the Netgraph context is the sc_ng_mtx lock.
66 * Also make sure that any code that is called from the Netgraph context
67 * follows the rule above.
68 *
69 * 3) Taskqueue context. This is where ubt_task runs. Since we are generally
70 * NOT allowed to grab any lock that could cause de-scheduling in the
71 * Netgraph context, and, USB requires us to grab interface lock before
72 * doing things with transfers, it is safer to transition from the Netgraph
73 * context to the Taskqueue context before we can call into USB subsystem.
74 *
75 * So, to put everything together, the rules are as follows.
76 * It is OK to call from the USB context or the Taskqueue context into
77 * the Netgraph context (i.e. call NG_SEND_xxx functions). In other words
78 * it is allowed to call into the Netgraph context with locks held.
79 * Is it *NOT* OK to call from the Netgraph context into the USB context,
80 * because USB requires us to grab interface locks, and, it is safer to
81 * avoid it. So, to make things safer we set task flags to indicate which
82 * actions we want to perform and schedule ubt_task which would run in the
83 * Taskqueue context.
84 * Is is OK to call from the Taskqueue context into the USB context,
85 * and, ubt_task does just that (i.e. grabs appropriate interface locks
86 * before calling into USB).
87 * Access to the outgoing queues, task flags and hook pointer is
88 * controlled by the sc_ng_mtx lock. It is an unavoidable evil. Again,
89 * sc_ng_mtx should really be a spin lock (and it is very likely to an
90 * equivalent of spin lock due to adaptive nature of FreeBSD mutexes).
91 * All USB callbacks accept softc pointer as a private data. USB ensures
92 * that this pointer is valid.
93 */
94
95#include <sys/stdint.h>
96#include <sys/stddef.h>
97#include <sys/param.h>
98#include <sys/queue.h>
99#include <sys/types.h>
100#include <sys/systm.h>
101#include <sys/kernel.h>
102#include <sys/bus.h>
103#include <sys/module.h>
104#include <sys/lock.h>
105#include <sys/mutex.h>
106#include <sys/condvar.h>
107#include <sys/sysctl.h>
108#include <sys/sx.h>
109#include <sys/unistd.h>
110#include <sys/callout.h>
111#include <sys/malloc.h>
112#include <sys/priv.h>
113
114#include "usbdevs.h"
115#include <dev/usb/usb.h>
116#include <dev/usb/usbdi.h>
117#include <dev/usb/usbdi_util.h>
118
119#define USB_DEBUG_VAR usb_debug
120#include <dev/usb/usb_debug.h>
121#include <dev/usb/usb_busdma.h>
122
123#include <sys/mbuf.h>
124#include <sys/taskqueue.h>
125
126#include <netgraph/ng_message.h>
127#include <netgraph/netgraph.h>
128#include <netgraph/ng_parse.h>
129#include <netgraph/bluetooth/include/ng_bluetooth.h>
130#include <netgraph/bluetooth/include/ng_hci.h>
131#include <netgraph/bluetooth/include/ng_ubt.h>
132#include <netgraph/bluetooth/drivers/ubt/ng_ubt_var.h>
133
134static int ubt_modevent(module_t, int, void *);
135static device_probe_t ubt_probe;
136static device_attach_t ubt_attach;
137static device_detach_t ubt_detach;
138
139static void ubt_task_schedule(ubt_softc_p, int);
140static task_fn_t ubt_task;
141
142#define ubt_xfer_start(sc, i) usbd_transfer_start((sc)->sc_xfer[(i)])
143
144/* Netgraph methods */
145static ng_constructor_t ng_ubt_constructor;
146static ng_shutdown_t ng_ubt_shutdown;
147static ng_newhook_t ng_ubt_newhook;
148static ng_connect_t ng_ubt_connect;
149static ng_disconnect_t ng_ubt_disconnect;
150static ng_rcvmsg_t ng_ubt_rcvmsg;
151static ng_rcvdata_t ng_ubt_rcvdata;
152
153/* Queue length */
154static const struct ng_parse_struct_field ng_ubt_node_qlen_type_fields[] =
155{
156 { "queue", &ng_parse_int32_type, },
157 { "qlen", &ng_parse_int32_type, },
158 { NULL, }
159};
160static const struct ng_parse_type ng_ubt_node_qlen_type =
161{
162 &ng_parse_struct_type,
163 &ng_ubt_node_qlen_type_fields
164};
165
166/* Stat info */
167static const struct ng_parse_struct_field ng_ubt_node_stat_type_fields[] =
168{
169 { "pckts_recv", &ng_parse_uint32_type, },
170 { "bytes_recv", &ng_parse_uint32_type, },
171 { "pckts_sent", &ng_parse_uint32_type, },
172 { "bytes_sent", &ng_parse_uint32_type, },
173 { "oerrors", &ng_parse_uint32_type, },
174 { "ierrors", &ng_parse_uint32_type, },
175 { NULL, }
176};
177static const struct ng_parse_type ng_ubt_node_stat_type =
178{
179 &ng_parse_struct_type,
180 &ng_ubt_node_stat_type_fields
181};
182
183/* Netgraph node command list */
184static const struct ng_cmdlist ng_ubt_cmdlist[] =
185{
186 {
187 NGM_UBT_COOKIE,
188 NGM_UBT_NODE_SET_DEBUG,
189 "set_debug",
190 &ng_parse_uint16_type,
191 NULL
192 },
193 {
194 NGM_UBT_COOKIE,
195 NGM_UBT_NODE_GET_DEBUG,
196 "get_debug",
197 NULL,
198 &ng_parse_uint16_type
199 },
200 {
201 NGM_UBT_COOKIE,
202 NGM_UBT_NODE_SET_QLEN,
203 "set_qlen",
204 &ng_ubt_node_qlen_type,
205 NULL
206 },
207 {
208 NGM_UBT_COOKIE,
209 NGM_UBT_NODE_GET_QLEN,
210 "get_qlen",
211 &ng_ubt_node_qlen_type,
212 &ng_ubt_node_qlen_type
213 },
214 {
215 NGM_UBT_COOKIE,
216 NGM_UBT_NODE_GET_STAT,
217 "get_stat",
218 NULL,
219 &ng_ubt_node_stat_type
220 },
221 {
222 NGM_UBT_COOKIE,
223 NGM_UBT_NODE_RESET_STAT,
224 "reset_stat",
225 NULL,
226 NULL
227 },
228 { 0, }
229};
230
231/* Netgraph node type */
232static struct ng_type typestruct =
233{
234 .version = NG_ABI_VERSION,
235 .name = NG_UBT_NODE_TYPE,
236 .constructor = ng_ubt_constructor,
237 .rcvmsg = ng_ubt_rcvmsg,
238 .shutdown = ng_ubt_shutdown,
239 .newhook = ng_ubt_newhook,
240 .connect = ng_ubt_connect,
241 .rcvdata = ng_ubt_rcvdata,
242 .disconnect = ng_ubt_disconnect,
243 .cmdlist = ng_ubt_cmdlist
244};
245
246/****************************************************************************
247 ****************************************************************************
248 ** USB specific
249 ****************************************************************************
250 ****************************************************************************/
251
252/* USB methods */
253static usb_callback_t ubt_ctrl_write_callback;
254static usb_callback_t ubt_intr_read_callback;
255static usb_callback_t ubt_bulk_read_callback;
256static usb_callback_t ubt_bulk_write_callback;
257static usb_callback_t ubt_isoc_read_callback;
258static usb_callback_t ubt_isoc_write_callback;
259
260static int ubt_fwd_mbuf_up(ubt_softc_p, struct mbuf **);
261static int ubt_isoc_read_one_frame(struct usb_xfer *, int);
262
263/*
264 * USB config
265 *
266 * The following desribes usb transfers that could be submitted on USB device.
267 *
268 * Interface 0 on the USB device must present the following endpoints
269 * 1) Interrupt endpoint to receive HCI events
270 * 2) Bulk IN endpoint to receive ACL data
271 * 3) Bulk OUT endpoint to send ACL data
272 *
273 * Interface 1 on the USB device must present the following endpoints
274 * 1) Isochronous IN endpoint to receive SCO data
275 * 2) Isochronous OUT endpoint to send SCO data
276 */
277
278static const struct usb_config ubt_config[UBT_N_TRANSFER] =
279{
280 /*
281 * Interface #0
282 */
283
284 /* Outgoing bulk transfer - ACL packets */
285 [UBT_IF_0_BULK_DT_WR] = {
286 .type = UE_BULK,
287 .endpoint = UE_ADDR_ANY,
288 .direction = UE_DIR_OUT,
289 .if_index = 0,
290 .bufsize = UBT_BULK_WRITE_BUFFER_SIZE,
291 .flags = { .pipe_bof = 1, .force_short_xfer = 1, },
292 .callback = &ubt_bulk_write_callback,
293 },
294 /* Incoming bulk transfer - ACL packets */
295 [UBT_IF_0_BULK_DT_RD] = {
296 .type = UE_BULK,
297 .endpoint = UE_ADDR_ANY,
298 .direction = UE_DIR_IN,
299 .if_index = 0,
300 .bufsize = UBT_BULK_READ_BUFFER_SIZE,
301 .flags = { .pipe_bof = 1, .short_xfer_ok = 1, },
302 .callback = &ubt_bulk_read_callback,
303 },
304 /* Incoming interrupt transfer - HCI events */
305 [UBT_IF_0_INTR_DT_RD] = {
306 .type = UE_INTERRUPT,
307 .endpoint = UE_ADDR_ANY,
308 .direction = UE_DIR_IN,
309 .if_index = 0,
310 .flags = { .pipe_bof = 1, .short_xfer_ok = 1, },
311 .bufsize = UBT_INTR_BUFFER_SIZE,
312 .callback = &ubt_intr_read_callback,
313 },
314 /* Outgoing control transfer - HCI commands */
315 [UBT_IF_0_CTRL_DT_WR] = {
316 .type = UE_CONTROL,
317 .endpoint = 0x00, /* control pipe */
318 .direction = UE_DIR_ANY,
319 .if_index = 0,
320 .bufsize = UBT_CTRL_BUFFER_SIZE,
321 .callback = &ubt_ctrl_write_callback,
322 .timeout = 5000, /* 5 seconds */
323 },
324
325 /*
326 * Interface #1
327 */
328
329 /* Incoming isochronous transfer #1 - SCO packets */
330 [UBT_IF_1_ISOC_DT_RD1] = {
331 .type = UE_ISOCHRONOUS,
332 .endpoint = UE_ADDR_ANY,
333 .direction = UE_DIR_IN,
334 .if_index = 1,
335 .bufsize = 0, /* use "wMaxPacketSize * frames" */
336 .frames = UBT_ISOC_NFRAMES,
337 .flags = { .short_xfer_ok = 1, },
338 .callback = &ubt_isoc_read_callback,
339 },
340 /* Incoming isochronous transfer #2 - SCO packets */
341 [UBT_IF_1_ISOC_DT_RD2] = {
342 .type = UE_ISOCHRONOUS,
343 .endpoint = UE_ADDR_ANY,
344 .direction = UE_DIR_IN,
345 .if_index = 1,
346 .bufsize = 0, /* use "wMaxPacketSize * frames" */
347 .frames = UBT_ISOC_NFRAMES,
348 .flags = { .short_xfer_ok = 1, },
349 .callback = &ubt_isoc_read_callback,
350 },
351 /* Outgoing isochronous transfer #1 - SCO packets */
352 [UBT_IF_1_ISOC_DT_WR1] = {
353 .type = UE_ISOCHRONOUS,
354 .endpoint = UE_ADDR_ANY,
355 .direction = UE_DIR_OUT,
356 .if_index = 1,
357 .bufsize = 0, /* use "wMaxPacketSize * frames" */
358 .frames = UBT_ISOC_NFRAMES,
359 .flags = { .short_xfer_ok = 1, },
360 .callback = &ubt_isoc_write_callback,
361 },
362 /* Outgoing isochronous transfer #2 - SCO packets */
363 [UBT_IF_1_ISOC_DT_WR2] = {
364 .type = UE_ISOCHRONOUS,
365 .endpoint = UE_ADDR_ANY,
366 .direction = UE_DIR_OUT,
367 .if_index = 1,
368 .bufsize = 0, /* use "wMaxPacketSize * frames" */
369 .frames = UBT_ISOC_NFRAMES,
370 .flags = { .short_xfer_ok = 1, },
371 .callback = &ubt_isoc_write_callback,
372 },
373};
374
375/*
376 * If for some reason device should not be attached then put
377 * VendorID/ProductID pair into the list below. The format is
378 * as follows:
379 *
380 * { USB_VPI(VENDOR_ID, PRODUCT_ID, 0) },
381 *
382 * where VENDOR_ID and PRODUCT_ID are hex numbers.
383 */
384
385static const STRUCT_USB_HOST_ID ubt_ignore_devs[] =
386{
387 /* AVM USB Bluetooth-Adapter BlueFritz! v1.0 */
388 { USB_VPI(USB_VENDOR_AVM, 0x2200, 0) },
389
390 /* Atheros 3011 with sflash firmware */
391 { USB_VPI(0x0cf3, 0x3002, 0) },
392 { USB_VPI(0x0cf3, 0xe019, 0) },
393 { USB_VPI(0x13d3, 0x3304, 0) },
394 { USB_VPI(0x0930, 0x0215, 0) },
395 { USB_VPI(0x0489, 0xe03d, 0) },
396 { USB_VPI(0x0489, 0xe027, 0) },
397
398 /* Atheros AR9285 Malbec with sflash firmware */
399 { USB_VPI(0x03f0, 0x311d, 0) },
400
401 /* Atheros 3012 with sflash firmware */
402 { USB_VPI(0x0cf3, 0x3004, 0) },
403 { USB_VPI(0x0cf3, 0x311d, 0) },
404 { USB_VPI(0x13d3, 0x3375, 0) },
405 { USB_VPI(0x04ca, 0x3005, 0) },
406 { USB_VPI(0x04ca, 0x3006, 0) },
407 { USB_VPI(0x04ca, 0x3008, 0) },
408 { USB_VPI(0x13d3, 0x3362, 0) },
409 { USB_VPI(0x0cf3, 0xe004, 0) },
410 { USB_VPI(0x0930, 0x0219, 0) },
411 { USB_VPI(0x0489, 0xe057, 0) },
412 { USB_VPI(0x13d3, 0x3393, 0) },
413 { USB_VPI(0x0489, 0xe04e, 0) },
414 { USB_VPI(0x0489, 0xe056, 0) },
415
416 /* Atheros AR5BBU12 with sflash firmware */
417 { USB_VPI(0x0489, 0xe02c, 0) },
418
419 /* Atheros AR5BBU12 with sflash firmware */
420 { USB_VPI(0x0489, 0xe03c, 0) },
421 { USB_VPI(0x0489, 0xe036, 0) },
422};
423
424/* List of supported bluetooth devices */
425static const STRUCT_USB_HOST_ID ubt_devs[] =
426{
427 /* Generic Bluetooth class devices */
428 { USB_IFACE_CLASS(UDCLASS_WIRELESS),
429 USB_IFACE_SUBCLASS(UDSUBCLASS_RF),
430 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) },
431
432 /* AVM USB Bluetooth-Adapter BlueFritz! v2.0 */
433 { USB_VPI(USB_VENDOR_AVM, 0x3800, 0) },
434
435 /* Broadcom USB dongles, mostly BCM20702 and BCM20702A0 */
436 { USB_VENDOR(USB_VENDOR_BROADCOM),
437 USB_IFACE_CLASS(UICLASS_VENDOR),
438 USB_IFACE_SUBCLASS(UDSUBCLASS_RF),
439 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) },
440};
441
442/*
443 * Probe for a USB Bluetooth device.
444 * USB context.
445 */
446
447static int
448ubt_probe(device_t dev)
449{
450 struct usb_attach_arg *uaa = device_get_ivars(dev);
451 int error;
452
453 if (uaa->usb_mode != USB_MODE_HOST)
454 return (ENXIO);
455
456 if (uaa->info.bIfaceIndex != 0)
457 return (ENXIO);
458
459 if (usbd_lookup_id_by_uaa(ubt_ignore_devs,
460 sizeof(ubt_ignore_devs), uaa) == 0)
461 return (ENXIO);
462
463 error = usbd_lookup_id_by_uaa(ubt_devs, sizeof(ubt_devs), uaa);
464 if (error == 0)
465 return (BUS_PROBE_GENERIC);
466 return (error);
467} /* ubt_probe */
468
469/*
470 * Attach the device.
471 * USB context.
472 */
473
474static int
475ubt_attach(device_t dev)
476{
477 struct usb_attach_arg *uaa = device_get_ivars(dev);
478 struct ubt_softc *sc = device_get_softc(dev);
479 struct usb_endpoint_descriptor *ed;
480 struct usb_interface_descriptor *id;
481 struct usb_interface *iface;
482 uint16_t wMaxPacketSize;
483 uint8_t alt_index, i, j;
484 uint8_t iface_index[2] = { 0, 1 };
485
486 device_set_usb_desc(dev);
487
488 sc->sc_dev = dev;
489 sc->sc_debug = NG_UBT_WARN_LEVEL;
490
491 /*
492 * Create Netgraph node
493 */
494
495 if (ng_make_node_common(&typestruct, &sc->sc_node) != 0) {
496 UBT_ALERT(sc, "could not create Netgraph node\n");
497 return (ENXIO);
498 }
499
500 /* Name Netgraph node */
501 if (ng_name_node(sc->sc_node, device_get_nameunit(dev)) != 0) {
502 UBT_ALERT(sc, "could not name Netgraph node\n");
503 NG_NODE_UNREF(sc->sc_node);
504 return (ENXIO);
505 }
506 NG_NODE_SET_PRIVATE(sc->sc_node, sc);
507 NG_NODE_FORCE_WRITER(sc->sc_node);
508
509 /*
510 * Initialize device softc structure
511 */
512
513 /* initialize locks */
514 mtx_init(&sc->sc_ng_mtx, "ubt ng", NULL, MTX_DEF);
515 mtx_init(&sc->sc_if_mtx, "ubt if", NULL, MTX_DEF | MTX_RECURSE);
516
517 /* initialize packet queues */
518 NG_BT_MBUFQ_INIT(&sc->sc_cmdq, UBT_DEFAULT_QLEN);
519 NG_BT_MBUFQ_INIT(&sc->sc_aclq, UBT_DEFAULT_QLEN);
520 NG_BT_MBUFQ_INIT(&sc->sc_scoq, UBT_DEFAULT_QLEN);
521
522 /* initialize glue task */
523 TASK_INIT(&sc->sc_task, 0, ubt_task, sc);
524
525 /*
526 * Configure Bluetooth USB device. Discover all required USB
527 * interfaces and endpoints.
528 *
529 * USB device must present two interfaces:
530 * 1) Interface 0 that has 3 endpoints
531 * 1) Interrupt endpoint to receive HCI events
532 * 2) Bulk IN endpoint to receive ACL data
533 * 3) Bulk OUT endpoint to send ACL data
534 *
535 * 2) Interface 1 then has 2 endpoints
536 * 1) Isochronous IN endpoint to receive SCO data
537 * 2) Isochronous OUT endpoint to send SCO data
538 *
539 * Interface 1 (with isochronous endpoints) has several alternate
540 * configurations with different packet size.
541 */
542
543 /*
544 * For interface #1 search alternate settings, and find
545 * the descriptor with the largest wMaxPacketSize
546 */
547
548 wMaxPacketSize = 0;
549 alt_index = 0;
550 i = 0;
551 j = 0;
552 ed = NULL;
553
554 /*
555 * Search through all the descriptors looking for the largest
556 * packet size:
557 */
558 while ((ed = (struct usb_endpoint_descriptor *)usb_desc_foreach(
559 usbd_get_config_descriptor(uaa->device),
560 (struct usb_descriptor *)ed))) {
561
562 if ((ed->bDescriptorType == UDESC_INTERFACE) &&
563 (ed->bLength >= sizeof(*id))) {
564 id = (struct usb_interface_descriptor *)ed;
565 i = id->bInterfaceNumber;
566 j = id->bAlternateSetting;
567 }
568
569 if ((ed->bDescriptorType == UDESC_ENDPOINT) &&
570 (ed->bLength >= sizeof(*ed)) &&
571 (i == 1)) {
572 uint16_t temp;
573
574 temp = UGETW(ed->wMaxPacketSize);
575 if (temp > wMaxPacketSize) {
576 wMaxPacketSize = temp;
577 alt_index = j;
578 }
579 }
580 }
581
582 /* Set alt configuration on interface #1 only if we found it */
583 if (wMaxPacketSize > 0 &&
584 usbd_set_alt_interface_index(uaa->device, 1, alt_index)) {
585 UBT_ALERT(sc, "could not set alternate setting %d " \
586 "for interface 1!\n", alt_index);
587 goto detach;
588 }
589
590 /* Setup transfers for both interfaces */
591 if (usbd_transfer_setup(uaa->device, iface_index, sc->sc_xfer,
592 ubt_config, UBT_N_TRANSFER, sc, &sc->sc_if_mtx)) {
593 UBT_ALERT(sc, "could not allocate transfers\n");
594 goto detach;
595 }
596
597 /* Claim all interfaces belonging to the Bluetooth part */
598 for (i = 1;; i++) {
599 iface = usbd_get_iface(uaa->device, i);
600 if (iface == NULL)
601 break;
602 id = usbd_get_interface_descriptor(iface);
603
604 if ((id != NULL) &&
605 (id->bInterfaceClass == UICLASS_WIRELESS) &&
606 (id->bInterfaceSubClass == UISUBCLASS_RF) &&
607 (id->bInterfaceProtocol == UIPROTO_BLUETOOTH)) {
608 usbd_set_parent_iface(uaa->device, i,
609 uaa->info.bIfaceIndex);
610 }
611 }
612 return (0); /* success */
613
614detach:
615 ubt_detach(dev);
616
617 return (ENXIO);
618} /* ubt_attach */
619
620/*
621 * Detach the device.
622 * USB context.
623 */
624
625int
626ubt_detach(device_t dev)
627{
628 struct ubt_softc *sc = device_get_softc(dev);
629 node_p node = sc->sc_node;
630
631 /* Destroy Netgraph node */
632 if (node != NULL) {
633 sc->sc_node = NULL;
634 NG_NODE_REALLY_DIE(node);
635 ng_rmnode_self(node);
636 }
637
638 /* Make sure ubt_task in gone */
639 taskqueue_drain(taskqueue_swi, &sc->sc_task);
640
641 /* Free USB transfers, if any */
642 usbd_transfer_unsetup(sc->sc_xfer, UBT_N_TRANSFER);
643
644 /* Destroy queues */
645 UBT_NG_LOCK(sc);
646 NG_BT_MBUFQ_DESTROY(&sc->sc_cmdq);
647 NG_BT_MBUFQ_DESTROY(&sc->sc_aclq);
648 NG_BT_MBUFQ_DESTROY(&sc->sc_scoq);
649 UBT_NG_UNLOCK(sc);
650
651 mtx_destroy(&sc->sc_if_mtx);
652 mtx_destroy(&sc->sc_ng_mtx);
653
654 return (0);
655} /* ubt_detach */
656
657/*
658 * Called when outgoing control request (HCI command) has completed, i.e.
659 * HCI command was sent to the device.
660 * USB context.
661 */
662
663static void
664ubt_ctrl_write_callback(struct usb_xfer *xfer, usb_error_t error)
665{
666 struct ubt_softc *sc = usbd_xfer_softc(xfer);
667 struct usb_device_request req;
668 struct mbuf *m;
669 struct usb_page_cache *pc;
670 int actlen;
671
672 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
673
674 switch (USB_GET_STATE(xfer)) {
675 case USB_ST_TRANSFERRED:
676 UBT_INFO(sc, "sent %d bytes to control pipe\n", actlen);
677 UBT_STAT_BYTES_SENT(sc, actlen);
678 UBT_STAT_PCKTS_SENT(sc);
679 /* FALLTHROUGH */
680
681 case USB_ST_SETUP:
682send_next:
683 /* Get next command mbuf, if any */
684 UBT_NG_LOCK(sc);
685 NG_BT_MBUFQ_DEQUEUE(&sc->sc_cmdq, m);
686 UBT_NG_UNLOCK(sc);
687
688 if (m == NULL) {
689 UBT_INFO(sc, "HCI command queue is empty\n");
690 break; /* transfer complete */
691 }
692
693 /* Initialize a USB control request and then schedule it */
694 bzero(&req, sizeof(req));
695 req.bmRequestType = UBT_HCI_REQUEST;
696 USETW(req.wLength, m->m_pkthdr.len);
697
698 UBT_INFO(sc, "Sending control request, " \
699 "bmRequestType=0x%02x, wLength=%d\n",
700 req.bmRequestType, UGETW(req.wLength));
701
702 pc = usbd_xfer_get_frame(xfer, 0);
703 usbd_copy_in(pc, 0, &req, sizeof(req));
704 pc = usbd_xfer_get_frame(xfer, 1);
705 usbd_m_copy_in(pc, 0, m, 0, m->m_pkthdr.len);
706
707 usbd_xfer_set_frame_len(xfer, 0, sizeof(req));
708 usbd_xfer_set_frame_len(xfer, 1, m->m_pkthdr.len);
709 usbd_xfer_set_frames(xfer, 2);
710
711 NG_FREE_M(m);
712
713 usbd_transfer_submit(xfer);
714 break;
715
716 default: /* Error */
717 if (error != USB_ERR_CANCELLED) {
718 UBT_WARN(sc, "control transfer failed: %s\n",
719 usbd_errstr(error));
720
721 UBT_STAT_OERROR(sc);
722 goto send_next;
723 }
724
725 /* transfer cancelled */
726 break;
727 }
728} /* ubt_ctrl_write_callback */
729
730/*
731 * Called when incoming interrupt transfer (HCI event) has completed, i.e.
732 * HCI event was received from the device.
733 * USB context.
734 */
735
736static void
737ubt_intr_read_callback(struct usb_xfer *xfer, usb_error_t error)
738{
739 struct ubt_softc *sc = usbd_xfer_softc(xfer);
740 struct mbuf *m;
741 ng_hci_event_pkt_t *hdr;
742 struct usb_page_cache *pc;
743 int actlen;
744
745 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
746
747 m = NULL;
748
749 switch (USB_GET_STATE(xfer)) {
750 case USB_ST_TRANSFERRED:
751 /* Allocate a new mbuf */
752 MGETHDR(m, M_NOWAIT, MT_DATA);
753 if (m == NULL) {
754 UBT_STAT_IERROR(sc);
755 goto submit_next;
756 }
757
758 MCLGET(m, M_NOWAIT);
759 if (!(m->m_flags & M_EXT)) {
760 UBT_STAT_IERROR(sc);
761 goto submit_next;
762 }
763
764 /* Add HCI packet type */
765 *mtod(m, uint8_t *)= NG_HCI_EVENT_PKT;
766 m->m_pkthdr.len = m->m_len = 1;
767
768 if (actlen > MCLBYTES - 1)
769 actlen = MCLBYTES - 1;
770
771 pc = usbd_xfer_get_frame(xfer, 0);
772 usbd_copy_out(pc, 0, mtod(m, uint8_t *) + 1, actlen);
773 m->m_pkthdr.len += actlen;
774 m->m_len += actlen;
775
776 UBT_INFO(sc, "got %d bytes from interrupt pipe\n",
777 actlen);
778
779 /* Validate packet and send it up the stack */
780 if (m->m_pkthdr.len < (int)sizeof(*hdr)) {
781 UBT_INFO(sc, "HCI event packet is too short\n");
782
783 UBT_STAT_IERROR(sc);
784 goto submit_next;
785 }
786
787 hdr = mtod(m, ng_hci_event_pkt_t *);
788 if (hdr->length != (m->m_pkthdr.len - sizeof(*hdr))) {
789 UBT_ERR(sc, "Invalid HCI event packet size, " \
790 "length=%d, pktlen=%d\n",
791 hdr->length, m->m_pkthdr.len);
792
793 UBT_STAT_IERROR(sc);
794 goto submit_next;
795 }
796
797 UBT_INFO(sc, "got complete HCI event frame, pktlen=%d, " \
798 "length=%d\n", m->m_pkthdr.len, hdr->length);
799
800 UBT_STAT_PCKTS_RECV(sc);
801 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len);
802
803 ubt_fwd_mbuf_up(sc, &m);
804 /* m == NULL at this point */
805 /* FALLTHROUGH */
806
807 case USB_ST_SETUP:
808submit_next:
809 NG_FREE_M(m); /* checks for m != NULL */
810
811 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer));
812 usbd_transfer_submit(xfer);
813 break;
814
815 default: /* Error */
816 if (error != USB_ERR_CANCELLED) {
817 UBT_WARN(sc, "interrupt transfer failed: %s\n",
818 usbd_errstr(error));
819
820 /* Try to clear stall first */
821 usbd_xfer_set_stall(xfer);
822 goto submit_next;
823 }
824 /* transfer cancelled */
825 break;
826 }
827} /* ubt_intr_read_callback */
828
829/*
830 * Called when incoming bulk transfer (ACL packet) has completed, i.e.
831 * ACL packet was received from the device.
832 * USB context.
833 */
834
835static void
836ubt_bulk_read_callback(struct usb_xfer *xfer, usb_error_t error)
837{
838 struct ubt_softc *sc = usbd_xfer_softc(xfer);
839 struct mbuf *m;
840 ng_hci_acldata_pkt_t *hdr;
841 struct usb_page_cache *pc;
842 int len;
843 int actlen;
844
845 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
846
847 m = NULL;
848
849 switch (USB_GET_STATE(xfer)) {
850 case USB_ST_TRANSFERRED:
851 /* Allocate new mbuf */
852 MGETHDR(m, M_NOWAIT, MT_DATA);
853 if (m == NULL) {
854 UBT_STAT_IERROR(sc);
855 goto submit_next;
856 }
857
858 MCLGET(m, M_NOWAIT);
859 if (!(m->m_flags & M_EXT)) {
860 UBT_STAT_IERROR(sc);
861 goto submit_next;
862 }
863
864 /* Add HCI packet type */
865 *mtod(m, uint8_t *)= NG_HCI_ACL_DATA_PKT;
866 m->m_pkthdr.len = m->m_len = 1;
867
868 if (actlen > MCLBYTES - 1)
869 actlen = MCLBYTES - 1;
870
871 pc = usbd_xfer_get_frame(xfer, 0);
872 usbd_copy_out(pc, 0, mtod(m, uint8_t *) + 1, actlen);
873 m->m_pkthdr.len += actlen;
874 m->m_len += actlen;
875
876 UBT_INFO(sc, "got %d bytes from bulk-in pipe\n",
877 actlen);
878
879 /* Validate packet and send it up the stack */
880 if (m->m_pkthdr.len < (int)sizeof(*hdr)) {
881 UBT_INFO(sc, "HCI ACL packet is too short\n");
882
883 UBT_STAT_IERROR(sc);
884 goto submit_next;
885 }
886
887 hdr = mtod(m, ng_hci_acldata_pkt_t *);
888 len = le16toh(hdr->length);
889 if (len != (int)(m->m_pkthdr.len - sizeof(*hdr))) {
890 UBT_ERR(sc, "Invalid ACL packet size, length=%d, " \
891 "pktlen=%d\n", len, m->m_pkthdr.len);
892
893 UBT_STAT_IERROR(sc);
894 goto submit_next;
895 }
896
897 UBT_INFO(sc, "got complete ACL data packet, pktlen=%d, " \
898 "length=%d\n", m->m_pkthdr.len, len);
899
900 UBT_STAT_PCKTS_RECV(sc);
901 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len);
902
903 ubt_fwd_mbuf_up(sc, &m);
904 /* m == NULL at this point */
905 /* FALLTHOUGH */
906
907 case USB_ST_SETUP:
908submit_next:
909 NG_FREE_M(m); /* checks for m != NULL */
910
911 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer));
912 usbd_transfer_submit(xfer);
913 break;
914
915 default: /* Error */
916 if (error != USB_ERR_CANCELLED) {
917 UBT_WARN(sc, "bulk-in transfer failed: %s\n",
918 usbd_errstr(error));
919
920 /* Try to clear stall first */
921 usbd_xfer_set_stall(xfer);
922 goto submit_next;
923 }
924 /* transfer cancelled */
925 break;
926 }
927} /* ubt_bulk_read_callback */
928
929/*
930 * Called when outgoing bulk transfer (ACL packet) has completed, i.e.
931 * ACL packet was sent to the device.
932 * USB context.
933 */
934
935static void
936ubt_bulk_write_callback(struct usb_xfer *xfer, usb_error_t error)
937{
938 struct ubt_softc *sc = usbd_xfer_softc(xfer);
939 struct mbuf *m;
940 struct usb_page_cache *pc;
941 int actlen;
942
943 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
944
945 switch (USB_GET_STATE(xfer)) {
946 case USB_ST_TRANSFERRED:
947 UBT_INFO(sc, "sent %d bytes to bulk-out pipe\n", actlen);
948 UBT_STAT_BYTES_SENT(sc, actlen);
949 UBT_STAT_PCKTS_SENT(sc);
950 /* FALLTHROUGH */
951
952 case USB_ST_SETUP:
953send_next:
954 /* Get next mbuf, if any */
955 UBT_NG_LOCK(sc);
956 NG_BT_MBUFQ_DEQUEUE(&sc->sc_aclq, m);
957 UBT_NG_UNLOCK(sc);
958
959 if (m == NULL) {
960 UBT_INFO(sc, "ACL data queue is empty\n");
961 break; /* transfer completed */
962 }
963
964 /*
965 * Copy ACL data frame back to a linear USB transfer buffer
966 * and schedule transfer
967 */
968
969 pc = usbd_xfer_get_frame(xfer, 0);
970 usbd_m_copy_in(pc, 0, m, 0, m->m_pkthdr.len);
971 usbd_xfer_set_frame_len(xfer, 0, m->m_pkthdr.len);
972
973 UBT_INFO(sc, "bulk-out transfer has been started, len=%d\n",
974 m->m_pkthdr.len);
975
976 NG_FREE_M(m);
977
978 usbd_transfer_submit(xfer);
979 break;
980
981 default: /* Error */
982 if (error != USB_ERR_CANCELLED) {
983 UBT_WARN(sc, "bulk-out transfer failed: %s\n",
984 usbd_errstr(error));
985
986 UBT_STAT_OERROR(sc);
987
988 /* try to clear stall first */
989 usbd_xfer_set_stall(xfer);
990 goto send_next;
991 }
992 /* transfer cancelled */
993 break;
994 }
995} /* ubt_bulk_write_callback */
996
997/*
998 * Called when incoming isoc transfer (SCO packet) has completed, i.e.
999 * SCO packet was received from the device.
1000 * USB context.
1001 */
1002
1003static void
1004ubt_isoc_read_callback(struct usb_xfer *xfer, usb_error_t error)
1005{
1006 struct ubt_softc *sc = usbd_xfer_softc(xfer);
1007 int n;
1008 int actlen, nframes;
1009
1010 usbd_xfer_status(xfer, &actlen, NULL, NULL, &nframes);
1011
1012 switch (USB_GET_STATE(xfer)) {
1013 case USB_ST_TRANSFERRED:
1014 for (n = 0; n < nframes; n ++)
1015 if (ubt_isoc_read_one_frame(xfer, n) < 0)
1016 break;
1017 /* FALLTHROUGH */
1018
1019 case USB_ST_SETUP:
1020read_next:
1021 for (n = 0; n < nframes; n ++)
1022 usbd_xfer_set_frame_len(xfer, n,
1023 usbd_xfer_max_framelen(xfer));
1024
1025 usbd_transfer_submit(xfer);
1026 break;
1027
1028 default: /* Error */
1029 if (error != USB_ERR_CANCELLED) {
1030 UBT_STAT_IERROR(sc);
1031 goto read_next;
1032 }
1033
1034 /* transfer cancelled */
1035 break;
1036 }
1037} /* ubt_isoc_read_callback */
1038
1039/*
1040 * Helper function. Called from ubt_isoc_read_callback() to read
1041 * SCO data from one frame.
1042 * USB context.
1043 */
1044
1045static int
1046ubt_isoc_read_one_frame(struct usb_xfer *xfer, int frame_no)
1047{
1048 struct ubt_softc *sc = usbd_xfer_softc(xfer);
1049 struct usb_page_cache *pc;
1050 struct mbuf *m;
1051 int len, want, got, total;
1052
1053 /* Get existing SCO reassembly buffer */
1054 pc = usbd_xfer_get_frame(xfer, 0);
1055 m = sc->sc_isoc_in_buffer;
1056 total = usbd_xfer_frame_len(xfer, frame_no);
1057
1058 /* While we have data in the frame */
1059 while (total > 0) {
1060 if (m == NULL) {
1061 /* Start new reassembly buffer */
1062 MGETHDR(m, M_NOWAIT, MT_DATA);
1063 if (m == NULL) {
1064 UBT_STAT_IERROR(sc);
1065 return (-1); /* XXX out of sync! */
1066 }
1067
1068 MCLGET(m, M_NOWAIT);
1069 if (!(m->m_flags & M_EXT)) {
1070 UBT_STAT_IERROR(sc);
1071 NG_FREE_M(m);
1072 return (-1); /* XXX out of sync! */
1073 }
1074
1075 /* Expect SCO header */
1076 *mtod(m, uint8_t *) = NG_HCI_SCO_DATA_PKT;
1077 m->m_pkthdr.len = m->m_len = got = 1;
1078 want = sizeof(ng_hci_scodata_pkt_t);
1079 } else {
1080 /*
1081 * Check if we have SCO header and if so
1082 * adjust amount of data we want
1083 */
1084 got = m->m_pkthdr.len;
1085 want = sizeof(ng_hci_scodata_pkt_t);
1086
1087 if (got >= want)
1088 want += mtod(m, ng_hci_scodata_pkt_t *)->length;
1089 }
1090
1091 /* Append frame data to the SCO reassembly buffer */
1092 len = total;
1093 if (got + len > want)
1094 len = want - got;
1095
1096 usbd_copy_out(pc, frame_no * usbd_xfer_max_framelen(xfer),
1097 mtod(m, uint8_t *) + m->m_pkthdr.len, len);
1098
1099 m->m_pkthdr.len += len;
1100 m->m_len += len;
1101 total -= len;
1102
1103 /* Check if we got everything we wanted, if not - continue */
1104 if (got != want)
1105 continue;
1106
1107 /* If we got here then we got complete SCO frame */
1108 UBT_INFO(sc, "got complete SCO data frame, pktlen=%d, " \
1109 "length=%d\n", m->m_pkthdr.len,
1110 mtod(m, ng_hci_scodata_pkt_t *)->length);
1111
1112 UBT_STAT_PCKTS_RECV(sc);
1113 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len);
1114
1115 ubt_fwd_mbuf_up(sc, &m);
1116 /* m == NULL at this point */
1117 }
1118
1119 /* Put SCO reassembly buffer back */
1120 sc->sc_isoc_in_buffer = m;
1121
1122 return (0);
1123} /* ubt_isoc_read_one_frame */
1124
1125/*
1126 * Called when outgoing isoc transfer (SCO packet) has completed, i.e.
1127 * SCO packet was sent to the device.
1128 * USB context.
1129 */
1130
1131static void
1132ubt_isoc_write_callback(struct usb_xfer *xfer, usb_error_t error)
1133{
1134 struct ubt_softc *sc = usbd_xfer_softc(xfer);
1135 struct usb_page_cache *pc;
1136 struct mbuf *m;
1137 int n, space, offset;
1138 int actlen, nframes;
1139
1140 usbd_xfer_status(xfer, &actlen, NULL, NULL, &nframes);
1141 pc = usbd_xfer_get_frame(xfer, 0);
1142
1143 switch (USB_GET_STATE(xfer)) {
1144 case USB_ST_TRANSFERRED:
1145 UBT_INFO(sc, "sent %d bytes to isoc-out pipe\n", actlen);
1146 UBT_STAT_BYTES_SENT(sc, actlen);
1147 UBT_STAT_PCKTS_SENT(sc);
1148 /* FALLTHROUGH */
1149
1150 case USB_ST_SETUP:
1151send_next:
1152 offset = 0;
1153 space = usbd_xfer_max_framelen(xfer) * nframes;
1154 m = NULL;
1155
1156 while (space > 0) {
1157 if (m == NULL) {
1158 UBT_NG_LOCK(sc);
1159 NG_BT_MBUFQ_DEQUEUE(&sc->sc_scoq, m);
1160 UBT_NG_UNLOCK(sc);
1161
1162 if (m == NULL)
1163 break;
1164 }
1165
1166 n = min(space, m->m_pkthdr.len);
1167 if (n > 0) {
1168 usbd_m_copy_in(pc, offset, m,0, n);
1169 m_adj(m, n);
1170
1171 offset += n;
1172 space -= n;
1173 }
1174
1175 if (m->m_pkthdr.len == 0)
1176 NG_FREE_M(m); /* sets m = NULL */
1177 }
1178
1179 /* Put whatever is left from mbuf back on queue */
1180 if (m != NULL) {
1181 UBT_NG_LOCK(sc);
1182 NG_BT_MBUFQ_PREPEND(&sc->sc_scoq, m);
1183 UBT_NG_UNLOCK(sc);
1184 }
1185
1186 /*
1187 * Calculate sizes for isoc frames.
1188 * Note that offset could be 0 at this point (i.e. we have
1189 * nothing to send). That is fine, as we have isoc. transfers
1190 * going in both directions all the time. In this case it
1191 * would be just empty isoc. transfer.
1192 */
1193
1194 for (n = 0; n < nframes; n ++) {
1195 usbd_xfer_set_frame_len(xfer, n,
1196 min(offset, usbd_xfer_max_framelen(xfer)));
1197 offset -= usbd_xfer_frame_len(xfer, n);
1198 }
1199
1200 usbd_transfer_submit(xfer);
1201 break;
1202
1203 default: /* Error */
1204 if (error != USB_ERR_CANCELLED) {
1205 UBT_STAT_OERROR(sc);
1206 goto send_next;
1207 }
1208
1209 /* transfer cancelled */
1210 break;
1211 }
1212}
1213
1214/*
1215 * Utility function to forward provided mbuf upstream (i.e. up the stack).
1216 * Modifies value of the mbuf pointer (sets it to NULL).
1217 * Save to call from any context.
1218 */
1219
1220static int
1221ubt_fwd_mbuf_up(ubt_softc_p sc, struct mbuf **m)
1222{
1223 hook_p hook;
1224 int error;
1225
1226 /*
1227 * Close the race with Netgraph hook newhook/disconnect methods.
1228 * Save the hook pointer atomically. Two cases are possible:
1229 *
1230 * 1) The hook pointer is NULL. It means disconnect method got
1231 * there first. In this case we are done.
1232 *
1233 * 2) The hook pointer is not NULL. It means that hook pointer
1234 * could be either in valid or invalid (i.e. in the process
1235 * of disconnect) state. In any case grab an extra reference
1236 * to protect the hook pointer.
1237 *
1238 * It is ok to pass hook in invalid state to NG_SEND_DATA_ONLY() as
1239 * it checks for it. Drop extra reference after NG_SEND_DATA_ONLY().
1240 */
1241
1242 UBT_NG_LOCK(sc);
1243 if ((hook = sc->sc_hook) != NULL)
1244 NG_HOOK_REF(hook);
1245 UBT_NG_UNLOCK(sc);
1246
1247 if (hook == NULL) {
1248 NG_FREE_M(*m);
1249 return (ENETDOWN);
1250 }
1251
1252 NG_SEND_DATA_ONLY(error, hook, *m);
1253 NG_HOOK_UNREF(hook);
1254
1255 if (error != 0)
1256 UBT_STAT_IERROR(sc);
1257
1258 return (error);
1259} /* ubt_fwd_mbuf_up */
1260
1261/****************************************************************************
1262 ****************************************************************************
1263 ** Glue
1264 ****************************************************************************
1265 ****************************************************************************/
1266
1267/*
1268 * Schedule glue task. Should be called with sc_ng_mtx held.
1269 * Netgraph context.
1270 */
1271
1272static void
1273ubt_task_schedule(ubt_softc_p sc, int action)
1274{
1275 mtx_assert(&sc->sc_ng_mtx, MA_OWNED);
1276
1277 /*
1278 * Try to handle corner case when "start all" and "stop all"
1279 * actions can both be set before task is executed.
1280 *
1281 * The rules are
1282 *
1283 * sc_task_flags action new sc_task_flags
1284 * ------------------------------------------------------
1285 * 0 start start
1286 * 0 stop stop
1287 * start start start
1288 * start stop stop
1289 * stop start stop|start
1290 * stop stop stop
1291 * stop|start start stop|start
1292 * stop|start stop stop
1293 */
1294
1295 if (action != 0) {
1296 if ((action & UBT_FLAG_T_STOP_ALL) != 0)
1297 sc->sc_task_flags &= ~UBT_FLAG_T_START_ALL;
1298
1299 sc->sc_task_flags |= action;
1300 }
1301
1302 if (sc->sc_task_flags & UBT_FLAG_T_PENDING)
1303 return;
1304
1305 if (taskqueue_enqueue(taskqueue_swi, &sc->sc_task) == 0) {
1306 sc->sc_task_flags |= UBT_FLAG_T_PENDING;
1307 return;
1308 }
1309
1310 /* XXX: i think this should never happen */
1311} /* ubt_task_schedule */
1312
1313/*
1314 * Glue task. Examines sc_task_flags and does things depending on it.
1315 * Taskqueue context.
1316 */
1317
1318static void
1319ubt_task(void *context, int pending)
1320{
1321 ubt_softc_p sc = context;
1322 int task_flags, i;
1323
1324 UBT_NG_LOCK(sc);
1325 task_flags = sc->sc_task_flags;
1326 sc->sc_task_flags = 0;
1327 UBT_NG_UNLOCK(sc);
1328
1329 /*
1330 * Stop all USB transfers synchronously.
1331 * Stop interface #0 and #1 transfers at the same time and in the
1332 * same loop. usbd_transfer_drain() will do appropriate locking.
1333 */
1334
1335 if (task_flags & UBT_FLAG_T_STOP_ALL)
1336 for (i = 0; i < UBT_N_TRANSFER; i ++)
1337 usbd_transfer_drain(sc->sc_xfer[i]);
1338
1339 /* Start incoming interrupt and bulk, and all isoc. USB transfers */
1340 if (task_flags & UBT_FLAG_T_START_ALL) {
1341 /*
1342 * Interface #0
1343 */
1344
1345 mtx_lock(&sc->sc_if_mtx);
1346
1347 ubt_xfer_start(sc, UBT_IF_0_INTR_DT_RD);
1348 ubt_xfer_start(sc, UBT_IF_0_BULK_DT_RD);
1349
1350 /*
1351 * Interface #1
1352 * Start both read and write isoc. transfers by default.
1353 * Get them going all the time even if we have nothing
1354 * to send to avoid any delays.
1355 */
1356
1357 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_RD1);
1358 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_RD2);
1359 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_WR1);
1360 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_WR2);
1361
1362 mtx_unlock(&sc->sc_if_mtx);
1363 }
1364
1365 /* Start outgoing control transfer */
1366 if (task_flags & UBT_FLAG_T_START_CTRL) {
1367 mtx_lock(&sc->sc_if_mtx);
1368 ubt_xfer_start(sc, UBT_IF_0_CTRL_DT_WR);
1369 mtx_unlock(&sc->sc_if_mtx);
1370 }
1371
1372 /* Start outgoing bulk transfer */
1373 if (task_flags & UBT_FLAG_T_START_BULK) {
1374 mtx_lock(&sc->sc_if_mtx);
1375 ubt_xfer_start(sc, UBT_IF_0_BULK_DT_WR);
1376 mtx_unlock(&sc->sc_if_mtx);
1377 }
1378} /* ubt_task */
1379
1380/****************************************************************************
1381 ****************************************************************************
1382 ** Netgraph specific
1383 ****************************************************************************
1384 ****************************************************************************/
1385
1386/*
1387 * Netgraph node constructor. Do not allow to create node of this type.
1388 * Netgraph context.
1389 */
1390
1391static int
1392ng_ubt_constructor(node_p node)
1393{
1394 return (EINVAL);
1395} /* ng_ubt_constructor */
1396
1397/*
1398 * Netgraph node destructor. Destroy node only when device has been detached.
1399 * Netgraph context.
1400 */
1401
1402static int
1403ng_ubt_shutdown(node_p node)
1404{
1405 if (node->nd_flags & NGF_REALLY_DIE) {
1406 /*
1407 * We came here because the USB device is being
1408 * detached, so stop being persistant.
1409 */
1410 NG_NODE_SET_PRIVATE(node, NULL);
1411 NG_NODE_UNREF(node);
1412 } else
1413 NG_NODE_REVIVE(node); /* tell ng_rmnode we are persisant */
1414
1415 return (0);
1416} /* ng_ubt_shutdown */
1417
1418/*
1419 * Create new hook. There can only be one.
1420 * Netgraph context.
1421 */
1422
1423static int
1424ng_ubt_newhook(node_p node, hook_p hook, char const *name)
1425{
1426 struct ubt_softc *sc = NG_NODE_PRIVATE(node);
1427
1428 if (strcmp(name, NG_UBT_HOOK) != 0)
1429 return (EINVAL);
1430
1431 UBT_NG_LOCK(sc);
1432 if (sc->sc_hook != NULL) {
1433 UBT_NG_UNLOCK(sc);
1434
1435 return (EISCONN);
1436 }
1437
1438 sc->sc_hook = hook;
1439 UBT_NG_UNLOCK(sc);
1440
1441 return (0);
1442} /* ng_ubt_newhook */
1443
1444/*
1445 * Connect hook. Start incoming USB transfers.
1446 * Netgraph context.
1447 */
1448
1449static int
1450ng_ubt_connect(hook_p hook)
1451{
1452 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1453
1454 NG_HOOK_FORCE_QUEUE(NG_HOOK_PEER(hook));
1455
1456 UBT_NG_LOCK(sc);
1457 ubt_task_schedule(sc, UBT_FLAG_T_START_ALL);
1458 UBT_NG_UNLOCK(sc);
1459
1460 return (0);
1461} /* ng_ubt_connect */
1462
1463/*
1464 * Disconnect hook.
1465 * Netgraph context.
1466 */
1467
1468static int
1469ng_ubt_disconnect(hook_p hook)
1470{
1471 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1472
1473 UBT_NG_LOCK(sc);
1474
1475 if (hook != sc->sc_hook) {
1476 UBT_NG_UNLOCK(sc);
1477
1478 return (EINVAL);
1479 }
1480
1481 sc->sc_hook = NULL;
1482
1483 /* Kick off task to stop all USB xfers */
1484 ubt_task_schedule(sc, UBT_FLAG_T_STOP_ALL);
1485
1486 /* Drain queues */
1487 NG_BT_MBUFQ_DRAIN(&sc->sc_cmdq);
1488 NG_BT_MBUFQ_DRAIN(&sc->sc_aclq);
1489 NG_BT_MBUFQ_DRAIN(&sc->sc_scoq);
1490
1491 UBT_NG_UNLOCK(sc);
1492
1493 return (0);
1494} /* ng_ubt_disconnect */
1495
1496/*
1497 * Process control message.
1498 * Netgraph context.
1499 */
1500
1501static int
1502ng_ubt_rcvmsg(node_p node, item_p item, hook_p lasthook)
1503{
1504 struct ubt_softc *sc = NG_NODE_PRIVATE(node);
1505 struct ng_mesg *msg, *rsp = NULL;
1506 struct ng_bt_mbufq *q;
1507 int error = 0, queue, qlen;
1508
1509 NGI_GET_MSG(item, msg);
1510
1511 switch (msg->header.typecookie) {
1512 case NGM_GENERIC_COOKIE:
1513 switch (msg->header.cmd) {
1514 case NGM_TEXT_STATUS:
1515 NG_MKRESPONSE(rsp, msg, NG_TEXTRESPONSE, M_NOWAIT);
1516 if (rsp == NULL) {
1517 error = ENOMEM;
1518 break;
1519 }
1520
1521 snprintf(rsp->data, NG_TEXTRESPONSE,
1522 "Hook: %s\n" \
1523 "Task flags: %#x\n" \
1524 "Debug: %d\n" \
1525 "CMD queue: [have:%d,max:%d]\n" \
1526 "ACL queue: [have:%d,max:%d]\n" \
1527 "SCO queue: [have:%d,max:%d]",
1528 (sc->sc_hook != NULL) ? NG_UBT_HOOK : "",
1529 sc->sc_task_flags,
1530 sc->sc_debug,
1531 sc->sc_cmdq.len,
1532 sc->sc_cmdq.maxlen,
1533 sc->sc_aclq.len,
1534 sc->sc_aclq.maxlen,
1535 sc->sc_scoq.len,
1536 sc->sc_scoq.maxlen);
1537 break;
1538
1539 default:
1540 error = EINVAL;
1541 break;
1542 }
1543 break;
1544
1545 case NGM_UBT_COOKIE:
1546 switch (msg->header.cmd) {
1547 case NGM_UBT_NODE_SET_DEBUG:
1548 if (msg->header.arglen != sizeof(ng_ubt_node_debug_ep)){
1549 error = EMSGSIZE;
1550 break;
1551 }
1552
1553 sc->sc_debug = *((ng_ubt_node_debug_ep *) (msg->data));
1554 break;
1555
1556 case NGM_UBT_NODE_GET_DEBUG:
1557 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_debug_ep),
1558 M_NOWAIT);
1559 if (rsp == NULL) {
1560 error = ENOMEM;
1561 break;
1562 }
1563
1564 *((ng_ubt_node_debug_ep *) (rsp->data)) = sc->sc_debug;
1565 break;
1566
1567 case NGM_UBT_NODE_SET_QLEN:
1568 if (msg->header.arglen != sizeof(ng_ubt_node_qlen_ep)) {
1569 error = EMSGSIZE;
1570 break;
1571 }
1572
1573 queue = ((ng_ubt_node_qlen_ep *) (msg->data))->queue;
1574 qlen = ((ng_ubt_node_qlen_ep *) (msg->data))->qlen;
1575
1576 switch (queue) {
1577 case NGM_UBT_NODE_QUEUE_CMD:
1578 q = &sc->sc_cmdq;
1579 break;
1580
1581 case NGM_UBT_NODE_QUEUE_ACL:
1582 q = &sc->sc_aclq;
1583 break;
1584
1585 case NGM_UBT_NODE_QUEUE_SCO:
1586 q = &sc->sc_scoq;
1587 break;
1588
1589 default:
1590 error = EINVAL;
1591 goto done;
1592 /* NOT REACHED */
1593 }
1594
1595 q->maxlen = qlen;
1596 break;
1597
1598 case NGM_UBT_NODE_GET_QLEN:
1599 if (msg->header.arglen != sizeof(ng_ubt_node_qlen_ep)) {
1600 error = EMSGSIZE;
1601 break;
1602 }
1603
1604 queue = ((ng_ubt_node_qlen_ep *) (msg->data))->queue;
1605
1606 switch (queue) {
1607 case NGM_UBT_NODE_QUEUE_CMD:
1608 q = &sc->sc_cmdq;
1609 break;
1610
1611 case NGM_UBT_NODE_QUEUE_ACL:
1612 q = &sc->sc_aclq;
1613 break;
1614
1615 case NGM_UBT_NODE_QUEUE_SCO:
1616 q = &sc->sc_scoq;
1617 break;
1618
1619 default:
1620 error = EINVAL;
1621 goto done;
1622 /* NOT REACHED */
1623 }
1624
1625 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_qlen_ep),
1626 M_NOWAIT);
1627 if (rsp == NULL) {
1628 error = ENOMEM;
1629 break;
1630 }
1631
1632 ((ng_ubt_node_qlen_ep *) (rsp->data))->queue = queue;
1633 ((ng_ubt_node_qlen_ep *) (rsp->data))->qlen = q->maxlen;
1634 break;
1635
1636 case NGM_UBT_NODE_GET_STAT:
1637 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_stat_ep),
1638 M_NOWAIT);
1639 if (rsp == NULL) {
1640 error = ENOMEM;
1641 break;
1642 }
1643
1644 bcopy(&sc->sc_stat, rsp->data,
1645 sizeof(ng_ubt_node_stat_ep));
1646 break;
1647
1648 case NGM_UBT_NODE_RESET_STAT:
1649 UBT_STAT_RESET(sc);
1650 break;
1651
1652 default:
1653 error = EINVAL;
1654 break;
1655 }
1656 break;
1657
1658 default:
1659 error = EINVAL;
1660 break;
1661 }
1662done:
1663 NG_RESPOND_MSG(error, node, item, rsp);
1664 NG_FREE_MSG(msg);
1665
1666 return (error);
1667} /* ng_ubt_rcvmsg */
1668
1669/*
1670 * Process data.
1671 * Netgraph context.
1672 */
1673
1674static int
1675ng_ubt_rcvdata(hook_p hook, item_p item)
1676{
1677 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1678 struct mbuf *m;
1679 struct ng_bt_mbufq *q;
1680 int action, error = 0;
1681
1682 if (hook != sc->sc_hook) {
1683 error = EINVAL;
1684 goto done;
1685 }
1686
1687 /* Deatch mbuf and get HCI frame type */
1688 NGI_GET_M(item, m);
1689
1690 /*
1691 * Minimal size of the HCI frame is 4 bytes: 1 byte frame type,
1692 * 2 bytes connection handle and at least 1 byte of length.
1693 * Panic on data frame that has size smaller than 4 bytes (it
1694 * should not happen)
1695 */
1696
1697 if (m->m_pkthdr.len < 4)
1698 panic("HCI frame size is too small! pktlen=%d\n",
1699 m->m_pkthdr.len);
1700
1701 /* Process HCI frame */
1702 switch (*mtod(m, uint8_t *)) { /* XXX call m_pullup ? */
1703 case NG_HCI_CMD_PKT:
1704 if (m->m_pkthdr.len - 1 > (int)UBT_CTRL_BUFFER_SIZE)
1705 panic("HCI command frame size is too big! " \
1706 "buffer size=%zd, packet len=%d\n",
1707 UBT_CTRL_BUFFER_SIZE, m->m_pkthdr.len);
1708
1709 q = &sc->sc_cmdq;
1710 action = UBT_FLAG_T_START_CTRL;
1711 break;
1712
1713 case NG_HCI_ACL_DATA_PKT:
1714 if (m->m_pkthdr.len - 1 > UBT_BULK_WRITE_BUFFER_SIZE)
1715 panic("ACL data frame size is too big! " \
1716 "buffer size=%d, packet len=%d\n",
1717 UBT_BULK_WRITE_BUFFER_SIZE, m->m_pkthdr.len);
1718
1719 q = &sc->sc_aclq;
1720 action = UBT_FLAG_T_START_BULK;
1721 break;
1722
1723 case NG_HCI_SCO_DATA_PKT:
1724 q = &sc->sc_scoq;
1725 action = 0;
1726 break;
1727
1728 default:
1729 UBT_ERR(sc, "Dropping unsupported HCI frame, type=0x%02x, " \
1730 "pktlen=%d\n", *mtod(m, uint8_t *), m->m_pkthdr.len);
1731
1732 NG_FREE_M(m);
1733 error = EINVAL;
1734 goto done;
1735 /* NOT REACHED */
1736 }
1737
1738 UBT_NG_LOCK(sc);
1739 if (NG_BT_MBUFQ_FULL(q)) {
1740 NG_BT_MBUFQ_DROP(q);
1741 UBT_NG_UNLOCK(sc);
1742
1743 UBT_ERR(sc, "Dropping HCI frame 0x%02x, len=%d. Queue full\n",
1744 *mtod(m, uint8_t *), m->m_pkthdr.len);
1745
1746 NG_FREE_M(m);
1747 } else {
1748 /* Loose HCI packet type, enqueue mbuf and kick off task */
1749 m_adj(m, sizeof(uint8_t));
1750 NG_BT_MBUFQ_ENQUEUE(q, m);
1751 ubt_task_schedule(sc, action);
1752 UBT_NG_UNLOCK(sc);
1753 }
1754done:
1755 NG_FREE_ITEM(item);
1756
1757 return (error);
1758} /* ng_ubt_rcvdata */
1759
1760/****************************************************************************
1761 ****************************************************************************
1762 ** Module
1763 ****************************************************************************
1764 ****************************************************************************/
1765
1766/*
1767 * Load/Unload the driver module
1768 */
1769
1770static int
1771ubt_modevent(module_t mod, int event, void *data)
1772{
1773 int error;
1774
1775 switch (event) {
1776 case MOD_LOAD:
1777 error = ng_newtype(&typestruct);
1778 if (error != 0)
1779 printf("%s: Could not register Netgraph node type, " \
1780 "error=%d\n", NG_UBT_NODE_TYPE, error);
1781 break;
1782
1783 case MOD_UNLOAD:
1784 error = ng_rmtype(&typestruct);
1785 break;
1786
1787 default:
1788 error = EOPNOTSUPP;
1789 break;
1790 }
1791
1792 return (error);
1793} /* ubt_modevent */
1794
1795static devclass_t ubt_devclass;
1796
1797static device_method_t ubt_methods[] =
1798{
1799 DEVMETHOD(device_probe, ubt_probe),
1800 DEVMETHOD(device_attach, ubt_attach),
1801 DEVMETHOD(device_detach, ubt_detach),
1802 DEVMETHOD_END
1803};
1804
1805static driver_t ubt_driver =
1806{
1807 .name = "ubt",
1808 .methods = ubt_methods,
1809 .size = sizeof(struct ubt_softc),
1810};
1811
1812DRIVER_MODULE(ng_ubt, uhub, ubt_driver, ubt_devclass, ubt_modevent, 0);
1813MODULE_VERSION(ng_ubt, NG_BLUETOOTH_VERSION);
1814MODULE_DEPEND(ng_ubt, netgraph, NG_ABI_VERSION, NG_ABI_VERSION, NG_ABI_VERSION);
1815MODULE_DEPEND(ng_ubt, ng_hci, NG_BLUETOOTH_VERSION, NG_BLUETOOTH_VERSION, NG_BLUETOOTH_VERSION);
1816MODULE_DEPEND(ng_ubt, usb, 1, 1, 1);
1817
2 * ng_ubt.c
3 */
4
5/*-
6 * Copyright (c) 2001-2009 Maksim Yevmenkin <m_evmenkin@yahoo.com>
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGE.
29 *
30 * $Id: ng_ubt.c,v 1.16 2003/10/10 19:15:06 max Exp $
31 * $FreeBSD: head/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c 249178 2013-04-05 23:41:38Z adrian $
32 */
33
34/*
35 * NOTE: ng_ubt2 driver has a split personality. On one side it is
36 * a USB device driver and on the other it is a Netgraph node. This
37 * driver will *NOT* create traditional /dev/ enties, only Netgraph
38 * node.
39 *
40 * NOTE ON LOCKS USED: ng_ubt2 drives uses 2 locks (mutexes)
41 *
42 * 1) sc_if_mtx - lock for device's interface #0 and #1. This lock is used
43 * by USB for any USB request going over device's interface #0 and #1,
44 * i.e. interrupt, control, bulk and isoc. transfers.
45 *
46 * 2) sc_ng_mtx - this lock is used to protect shared (between USB, Netgraph
47 * and Taskqueue) data, such as outgoing mbuf queues, task flags and hook
48 * pointer. This lock *SHOULD NOT* be grabbed for a long time. In fact,
49 * think of it as a spin lock.
50 *
51 * NOTE ON LOCKING STRATEGY: ng_ubt2 driver operates in 3 different contexts.
52 *
53 * 1) USB context. This is where all the USB related stuff happens. All
54 * callbacks run in this context. All callbacks are called (by USB) with
55 * appropriate interface lock held. It is (generally) allowed to grab
56 * any additional locks.
57 *
58 * 2) Netgraph context. This is where all the Netgraph related stuff happens.
59 * Since we mark node as WRITER, the Netgraph node will be "locked" (from
60 * Netgraph point of view). Any variable that is only modified from the
61 * Netgraph context does not require any additonal locking. It is generally
62 * *NOT* allowed to grab *ANY* additional locks. Whatever you do, *DO NOT*
63 * grab any lock in the Netgraph context that could cause de-scheduling of
64 * the Netgraph thread for significant amount of time. In fact, the only
65 * lock that is allowed in the Netgraph context is the sc_ng_mtx lock.
66 * Also make sure that any code that is called from the Netgraph context
67 * follows the rule above.
68 *
69 * 3) Taskqueue context. This is where ubt_task runs. Since we are generally
70 * NOT allowed to grab any lock that could cause de-scheduling in the
71 * Netgraph context, and, USB requires us to grab interface lock before
72 * doing things with transfers, it is safer to transition from the Netgraph
73 * context to the Taskqueue context before we can call into USB subsystem.
74 *
75 * So, to put everything together, the rules are as follows.
76 * It is OK to call from the USB context or the Taskqueue context into
77 * the Netgraph context (i.e. call NG_SEND_xxx functions). In other words
78 * it is allowed to call into the Netgraph context with locks held.
79 * Is it *NOT* OK to call from the Netgraph context into the USB context,
80 * because USB requires us to grab interface locks, and, it is safer to
81 * avoid it. So, to make things safer we set task flags to indicate which
82 * actions we want to perform and schedule ubt_task which would run in the
83 * Taskqueue context.
84 * Is is OK to call from the Taskqueue context into the USB context,
85 * and, ubt_task does just that (i.e. grabs appropriate interface locks
86 * before calling into USB).
87 * Access to the outgoing queues, task flags and hook pointer is
88 * controlled by the sc_ng_mtx lock. It is an unavoidable evil. Again,
89 * sc_ng_mtx should really be a spin lock (and it is very likely to an
90 * equivalent of spin lock due to adaptive nature of FreeBSD mutexes).
91 * All USB callbacks accept softc pointer as a private data. USB ensures
92 * that this pointer is valid.
93 */
94
95#include <sys/stdint.h>
96#include <sys/stddef.h>
97#include <sys/param.h>
98#include <sys/queue.h>
99#include <sys/types.h>
100#include <sys/systm.h>
101#include <sys/kernel.h>
102#include <sys/bus.h>
103#include <sys/module.h>
104#include <sys/lock.h>
105#include <sys/mutex.h>
106#include <sys/condvar.h>
107#include <sys/sysctl.h>
108#include <sys/sx.h>
109#include <sys/unistd.h>
110#include <sys/callout.h>
111#include <sys/malloc.h>
112#include <sys/priv.h>
113
114#include "usbdevs.h"
115#include <dev/usb/usb.h>
116#include <dev/usb/usbdi.h>
117#include <dev/usb/usbdi_util.h>
118
119#define USB_DEBUG_VAR usb_debug
120#include <dev/usb/usb_debug.h>
121#include <dev/usb/usb_busdma.h>
122
123#include <sys/mbuf.h>
124#include <sys/taskqueue.h>
125
126#include <netgraph/ng_message.h>
127#include <netgraph/netgraph.h>
128#include <netgraph/ng_parse.h>
129#include <netgraph/bluetooth/include/ng_bluetooth.h>
130#include <netgraph/bluetooth/include/ng_hci.h>
131#include <netgraph/bluetooth/include/ng_ubt.h>
132#include <netgraph/bluetooth/drivers/ubt/ng_ubt_var.h>
133
134static int ubt_modevent(module_t, int, void *);
135static device_probe_t ubt_probe;
136static device_attach_t ubt_attach;
137static device_detach_t ubt_detach;
138
139static void ubt_task_schedule(ubt_softc_p, int);
140static task_fn_t ubt_task;
141
142#define ubt_xfer_start(sc, i) usbd_transfer_start((sc)->sc_xfer[(i)])
143
144/* Netgraph methods */
145static ng_constructor_t ng_ubt_constructor;
146static ng_shutdown_t ng_ubt_shutdown;
147static ng_newhook_t ng_ubt_newhook;
148static ng_connect_t ng_ubt_connect;
149static ng_disconnect_t ng_ubt_disconnect;
150static ng_rcvmsg_t ng_ubt_rcvmsg;
151static ng_rcvdata_t ng_ubt_rcvdata;
152
153/* Queue length */
154static const struct ng_parse_struct_field ng_ubt_node_qlen_type_fields[] =
155{
156 { "queue", &ng_parse_int32_type, },
157 { "qlen", &ng_parse_int32_type, },
158 { NULL, }
159};
160static const struct ng_parse_type ng_ubt_node_qlen_type =
161{
162 &ng_parse_struct_type,
163 &ng_ubt_node_qlen_type_fields
164};
165
166/* Stat info */
167static const struct ng_parse_struct_field ng_ubt_node_stat_type_fields[] =
168{
169 { "pckts_recv", &ng_parse_uint32_type, },
170 { "bytes_recv", &ng_parse_uint32_type, },
171 { "pckts_sent", &ng_parse_uint32_type, },
172 { "bytes_sent", &ng_parse_uint32_type, },
173 { "oerrors", &ng_parse_uint32_type, },
174 { "ierrors", &ng_parse_uint32_type, },
175 { NULL, }
176};
177static const struct ng_parse_type ng_ubt_node_stat_type =
178{
179 &ng_parse_struct_type,
180 &ng_ubt_node_stat_type_fields
181};
182
183/* Netgraph node command list */
184static const struct ng_cmdlist ng_ubt_cmdlist[] =
185{
186 {
187 NGM_UBT_COOKIE,
188 NGM_UBT_NODE_SET_DEBUG,
189 "set_debug",
190 &ng_parse_uint16_type,
191 NULL
192 },
193 {
194 NGM_UBT_COOKIE,
195 NGM_UBT_NODE_GET_DEBUG,
196 "get_debug",
197 NULL,
198 &ng_parse_uint16_type
199 },
200 {
201 NGM_UBT_COOKIE,
202 NGM_UBT_NODE_SET_QLEN,
203 "set_qlen",
204 &ng_ubt_node_qlen_type,
205 NULL
206 },
207 {
208 NGM_UBT_COOKIE,
209 NGM_UBT_NODE_GET_QLEN,
210 "get_qlen",
211 &ng_ubt_node_qlen_type,
212 &ng_ubt_node_qlen_type
213 },
214 {
215 NGM_UBT_COOKIE,
216 NGM_UBT_NODE_GET_STAT,
217 "get_stat",
218 NULL,
219 &ng_ubt_node_stat_type
220 },
221 {
222 NGM_UBT_COOKIE,
223 NGM_UBT_NODE_RESET_STAT,
224 "reset_stat",
225 NULL,
226 NULL
227 },
228 { 0, }
229};
230
231/* Netgraph node type */
232static struct ng_type typestruct =
233{
234 .version = NG_ABI_VERSION,
235 .name = NG_UBT_NODE_TYPE,
236 .constructor = ng_ubt_constructor,
237 .rcvmsg = ng_ubt_rcvmsg,
238 .shutdown = ng_ubt_shutdown,
239 .newhook = ng_ubt_newhook,
240 .connect = ng_ubt_connect,
241 .rcvdata = ng_ubt_rcvdata,
242 .disconnect = ng_ubt_disconnect,
243 .cmdlist = ng_ubt_cmdlist
244};
245
246/****************************************************************************
247 ****************************************************************************
248 ** USB specific
249 ****************************************************************************
250 ****************************************************************************/
251
252/* USB methods */
253static usb_callback_t ubt_ctrl_write_callback;
254static usb_callback_t ubt_intr_read_callback;
255static usb_callback_t ubt_bulk_read_callback;
256static usb_callback_t ubt_bulk_write_callback;
257static usb_callback_t ubt_isoc_read_callback;
258static usb_callback_t ubt_isoc_write_callback;
259
260static int ubt_fwd_mbuf_up(ubt_softc_p, struct mbuf **);
261static int ubt_isoc_read_one_frame(struct usb_xfer *, int);
262
263/*
264 * USB config
265 *
266 * The following desribes usb transfers that could be submitted on USB device.
267 *
268 * Interface 0 on the USB device must present the following endpoints
269 * 1) Interrupt endpoint to receive HCI events
270 * 2) Bulk IN endpoint to receive ACL data
271 * 3) Bulk OUT endpoint to send ACL data
272 *
273 * Interface 1 on the USB device must present the following endpoints
274 * 1) Isochronous IN endpoint to receive SCO data
275 * 2) Isochronous OUT endpoint to send SCO data
276 */
277
278static const struct usb_config ubt_config[UBT_N_TRANSFER] =
279{
280 /*
281 * Interface #0
282 */
283
284 /* Outgoing bulk transfer - ACL packets */
285 [UBT_IF_0_BULK_DT_WR] = {
286 .type = UE_BULK,
287 .endpoint = UE_ADDR_ANY,
288 .direction = UE_DIR_OUT,
289 .if_index = 0,
290 .bufsize = UBT_BULK_WRITE_BUFFER_SIZE,
291 .flags = { .pipe_bof = 1, .force_short_xfer = 1, },
292 .callback = &ubt_bulk_write_callback,
293 },
294 /* Incoming bulk transfer - ACL packets */
295 [UBT_IF_0_BULK_DT_RD] = {
296 .type = UE_BULK,
297 .endpoint = UE_ADDR_ANY,
298 .direction = UE_DIR_IN,
299 .if_index = 0,
300 .bufsize = UBT_BULK_READ_BUFFER_SIZE,
301 .flags = { .pipe_bof = 1, .short_xfer_ok = 1, },
302 .callback = &ubt_bulk_read_callback,
303 },
304 /* Incoming interrupt transfer - HCI events */
305 [UBT_IF_0_INTR_DT_RD] = {
306 .type = UE_INTERRUPT,
307 .endpoint = UE_ADDR_ANY,
308 .direction = UE_DIR_IN,
309 .if_index = 0,
310 .flags = { .pipe_bof = 1, .short_xfer_ok = 1, },
311 .bufsize = UBT_INTR_BUFFER_SIZE,
312 .callback = &ubt_intr_read_callback,
313 },
314 /* Outgoing control transfer - HCI commands */
315 [UBT_IF_0_CTRL_DT_WR] = {
316 .type = UE_CONTROL,
317 .endpoint = 0x00, /* control pipe */
318 .direction = UE_DIR_ANY,
319 .if_index = 0,
320 .bufsize = UBT_CTRL_BUFFER_SIZE,
321 .callback = &ubt_ctrl_write_callback,
322 .timeout = 5000, /* 5 seconds */
323 },
324
325 /*
326 * Interface #1
327 */
328
329 /* Incoming isochronous transfer #1 - SCO packets */
330 [UBT_IF_1_ISOC_DT_RD1] = {
331 .type = UE_ISOCHRONOUS,
332 .endpoint = UE_ADDR_ANY,
333 .direction = UE_DIR_IN,
334 .if_index = 1,
335 .bufsize = 0, /* use "wMaxPacketSize * frames" */
336 .frames = UBT_ISOC_NFRAMES,
337 .flags = { .short_xfer_ok = 1, },
338 .callback = &ubt_isoc_read_callback,
339 },
340 /* Incoming isochronous transfer #2 - SCO packets */
341 [UBT_IF_1_ISOC_DT_RD2] = {
342 .type = UE_ISOCHRONOUS,
343 .endpoint = UE_ADDR_ANY,
344 .direction = UE_DIR_IN,
345 .if_index = 1,
346 .bufsize = 0, /* use "wMaxPacketSize * frames" */
347 .frames = UBT_ISOC_NFRAMES,
348 .flags = { .short_xfer_ok = 1, },
349 .callback = &ubt_isoc_read_callback,
350 },
351 /* Outgoing isochronous transfer #1 - SCO packets */
352 [UBT_IF_1_ISOC_DT_WR1] = {
353 .type = UE_ISOCHRONOUS,
354 .endpoint = UE_ADDR_ANY,
355 .direction = UE_DIR_OUT,
356 .if_index = 1,
357 .bufsize = 0, /* use "wMaxPacketSize * frames" */
358 .frames = UBT_ISOC_NFRAMES,
359 .flags = { .short_xfer_ok = 1, },
360 .callback = &ubt_isoc_write_callback,
361 },
362 /* Outgoing isochronous transfer #2 - SCO packets */
363 [UBT_IF_1_ISOC_DT_WR2] = {
364 .type = UE_ISOCHRONOUS,
365 .endpoint = UE_ADDR_ANY,
366 .direction = UE_DIR_OUT,
367 .if_index = 1,
368 .bufsize = 0, /* use "wMaxPacketSize * frames" */
369 .frames = UBT_ISOC_NFRAMES,
370 .flags = { .short_xfer_ok = 1, },
371 .callback = &ubt_isoc_write_callback,
372 },
373};
374
375/*
376 * If for some reason device should not be attached then put
377 * VendorID/ProductID pair into the list below. The format is
378 * as follows:
379 *
380 * { USB_VPI(VENDOR_ID, PRODUCT_ID, 0) },
381 *
382 * where VENDOR_ID and PRODUCT_ID are hex numbers.
383 */
384
385static const STRUCT_USB_HOST_ID ubt_ignore_devs[] =
386{
387 /* AVM USB Bluetooth-Adapter BlueFritz! v1.0 */
388 { USB_VPI(USB_VENDOR_AVM, 0x2200, 0) },
389
390 /* Atheros 3011 with sflash firmware */
391 { USB_VPI(0x0cf3, 0x3002, 0) },
392 { USB_VPI(0x0cf3, 0xe019, 0) },
393 { USB_VPI(0x13d3, 0x3304, 0) },
394 { USB_VPI(0x0930, 0x0215, 0) },
395 { USB_VPI(0x0489, 0xe03d, 0) },
396 { USB_VPI(0x0489, 0xe027, 0) },
397
398 /* Atheros AR9285 Malbec with sflash firmware */
399 { USB_VPI(0x03f0, 0x311d, 0) },
400
401 /* Atheros 3012 with sflash firmware */
402 { USB_VPI(0x0cf3, 0x3004, 0) },
403 { USB_VPI(0x0cf3, 0x311d, 0) },
404 { USB_VPI(0x13d3, 0x3375, 0) },
405 { USB_VPI(0x04ca, 0x3005, 0) },
406 { USB_VPI(0x04ca, 0x3006, 0) },
407 { USB_VPI(0x04ca, 0x3008, 0) },
408 { USB_VPI(0x13d3, 0x3362, 0) },
409 { USB_VPI(0x0cf3, 0xe004, 0) },
410 { USB_VPI(0x0930, 0x0219, 0) },
411 { USB_VPI(0x0489, 0xe057, 0) },
412 { USB_VPI(0x13d3, 0x3393, 0) },
413 { USB_VPI(0x0489, 0xe04e, 0) },
414 { USB_VPI(0x0489, 0xe056, 0) },
415
416 /* Atheros AR5BBU12 with sflash firmware */
417 { USB_VPI(0x0489, 0xe02c, 0) },
418
419 /* Atheros AR5BBU12 with sflash firmware */
420 { USB_VPI(0x0489, 0xe03c, 0) },
421 { USB_VPI(0x0489, 0xe036, 0) },
422};
423
424/* List of supported bluetooth devices */
425static const STRUCT_USB_HOST_ID ubt_devs[] =
426{
427 /* Generic Bluetooth class devices */
428 { USB_IFACE_CLASS(UDCLASS_WIRELESS),
429 USB_IFACE_SUBCLASS(UDSUBCLASS_RF),
430 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) },
431
432 /* AVM USB Bluetooth-Adapter BlueFritz! v2.0 */
433 { USB_VPI(USB_VENDOR_AVM, 0x3800, 0) },
434
435 /* Broadcom USB dongles, mostly BCM20702 and BCM20702A0 */
436 { USB_VENDOR(USB_VENDOR_BROADCOM),
437 USB_IFACE_CLASS(UICLASS_VENDOR),
438 USB_IFACE_SUBCLASS(UDSUBCLASS_RF),
439 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) },
440};
441
442/*
443 * Probe for a USB Bluetooth device.
444 * USB context.
445 */
446
447static int
448ubt_probe(device_t dev)
449{
450 struct usb_attach_arg *uaa = device_get_ivars(dev);
451 int error;
452
453 if (uaa->usb_mode != USB_MODE_HOST)
454 return (ENXIO);
455
456 if (uaa->info.bIfaceIndex != 0)
457 return (ENXIO);
458
459 if (usbd_lookup_id_by_uaa(ubt_ignore_devs,
460 sizeof(ubt_ignore_devs), uaa) == 0)
461 return (ENXIO);
462
463 error = usbd_lookup_id_by_uaa(ubt_devs, sizeof(ubt_devs), uaa);
464 if (error == 0)
465 return (BUS_PROBE_GENERIC);
466 return (error);
467} /* ubt_probe */
468
469/*
470 * Attach the device.
471 * USB context.
472 */
473
474static int
475ubt_attach(device_t dev)
476{
477 struct usb_attach_arg *uaa = device_get_ivars(dev);
478 struct ubt_softc *sc = device_get_softc(dev);
479 struct usb_endpoint_descriptor *ed;
480 struct usb_interface_descriptor *id;
481 struct usb_interface *iface;
482 uint16_t wMaxPacketSize;
483 uint8_t alt_index, i, j;
484 uint8_t iface_index[2] = { 0, 1 };
485
486 device_set_usb_desc(dev);
487
488 sc->sc_dev = dev;
489 sc->sc_debug = NG_UBT_WARN_LEVEL;
490
491 /*
492 * Create Netgraph node
493 */
494
495 if (ng_make_node_common(&typestruct, &sc->sc_node) != 0) {
496 UBT_ALERT(sc, "could not create Netgraph node\n");
497 return (ENXIO);
498 }
499
500 /* Name Netgraph node */
501 if (ng_name_node(sc->sc_node, device_get_nameunit(dev)) != 0) {
502 UBT_ALERT(sc, "could not name Netgraph node\n");
503 NG_NODE_UNREF(sc->sc_node);
504 return (ENXIO);
505 }
506 NG_NODE_SET_PRIVATE(sc->sc_node, sc);
507 NG_NODE_FORCE_WRITER(sc->sc_node);
508
509 /*
510 * Initialize device softc structure
511 */
512
513 /* initialize locks */
514 mtx_init(&sc->sc_ng_mtx, "ubt ng", NULL, MTX_DEF);
515 mtx_init(&sc->sc_if_mtx, "ubt if", NULL, MTX_DEF | MTX_RECURSE);
516
517 /* initialize packet queues */
518 NG_BT_MBUFQ_INIT(&sc->sc_cmdq, UBT_DEFAULT_QLEN);
519 NG_BT_MBUFQ_INIT(&sc->sc_aclq, UBT_DEFAULT_QLEN);
520 NG_BT_MBUFQ_INIT(&sc->sc_scoq, UBT_DEFAULT_QLEN);
521
522 /* initialize glue task */
523 TASK_INIT(&sc->sc_task, 0, ubt_task, sc);
524
525 /*
526 * Configure Bluetooth USB device. Discover all required USB
527 * interfaces and endpoints.
528 *
529 * USB device must present two interfaces:
530 * 1) Interface 0 that has 3 endpoints
531 * 1) Interrupt endpoint to receive HCI events
532 * 2) Bulk IN endpoint to receive ACL data
533 * 3) Bulk OUT endpoint to send ACL data
534 *
535 * 2) Interface 1 then has 2 endpoints
536 * 1) Isochronous IN endpoint to receive SCO data
537 * 2) Isochronous OUT endpoint to send SCO data
538 *
539 * Interface 1 (with isochronous endpoints) has several alternate
540 * configurations with different packet size.
541 */
542
543 /*
544 * For interface #1 search alternate settings, and find
545 * the descriptor with the largest wMaxPacketSize
546 */
547
548 wMaxPacketSize = 0;
549 alt_index = 0;
550 i = 0;
551 j = 0;
552 ed = NULL;
553
554 /*
555 * Search through all the descriptors looking for the largest
556 * packet size:
557 */
558 while ((ed = (struct usb_endpoint_descriptor *)usb_desc_foreach(
559 usbd_get_config_descriptor(uaa->device),
560 (struct usb_descriptor *)ed))) {
561
562 if ((ed->bDescriptorType == UDESC_INTERFACE) &&
563 (ed->bLength >= sizeof(*id))) {
564 id = (struct usb_interface_descriptor *)ed;
565 i = id->bInterfaceNumber;
566 j = id->bAlternateSetting;
567 }
568
569 if ((ed->bDescriptorType == UDESC_ENDPOINT) &&
570 (ed->bLength >= sizeof(*ed)) &&
571 (i == 1)) {
572 uint16_t temp;
573
574 temp = UGETW(ed->wMaxPacketSize);
575 if (temp > wMaxPacketSize) {
576 wMaxPacketSize = temp;
577 alt_index = j;
578 }
579 }
580 }
581
582 /* Set alt configuration on interface #1 only if we found it */
583 if (wMaxPacketSize > 0 &&
584 usbd_set_alt_interface_index(uaa->device, 1, alt_index)) {
585 UBT_ALERT(sc, "could not set alternate setting %d " \
586 "for interface 1!\n", alt_index);
587 goto detach;
588 }
589
590 /* Setup transfers for both interfaces */
591 if (usbd_transfer_setup(uaa->device, iface_index, sc->sc_xfer,
592 ubt_config, UBT_N_TRANSFER, sc, &sc->sc_if_mtx)) {
593 UBT_ALERT(sc, "could not allocate transfers\n");
594 goto detach;
595 }
596
597 /* Claim all interfaces belonging to the Bluetooth part */
598 for (i = 1;; i++) {
599 iface = usbd_get_iface(uaa->device, i);
600 if (iface == NULL)
601 break;
602 id = usbd_get_interface_descriptor(iface);
603
604 if ((id != NULL) &&
605 (id->bInterfaceClass == UICLASS_WIRELESS) &&
606 (id->bInterfaceSubClass == UISUBCLASS_RF) &&
607 (id->bInterfaceProtocol == UIPROTO_BLUETOOTH)) {
608 usbd_set_parent_iface(uaa->device, i,
609 uaa->info.bIfaceIndex);
610 }
611 }
612 return (0); /* success */
613
614detach:
615 ubt_detach(dev);
616
617 return (ENXIO);
618} /* ubt_attach */
619
620/*
621 * Detach the device.
622 * USB context.
623 */
624
625int
626ubt_detach(device_t dev)
627{
628 struct ubt_softc *sc = device_get_softc(dev);
629 node_p node = sc->sc_node;
630
631 /* Destroy Netgraph node */
632 if (node != NULL) {
633 sc->sc_node = NULL;
634 NG_NODE_REALLY_DIE(node);
635 ng_rmnode_self(node);
636 }
637
638 /* Make sure ubt_task in gone */
639 taskqueue_drain(taskqueue_swi, &sc->sc_task);
640
641 /* Free USB transfers, if any */
642 usbd_transfer_unsetup(sc->sc_xfer, UBT_N_TRANSFER);
643
644 /* Destroy queues */
645 UBT_NG_LOCK(sc);
646 NG_BT_MBUFQ_DESTROY(&sc->sc_cmdq);
647 NG_BT_MBUFQ_DESTROY(&sc->sc_aclq);
648 NG_BT_MBUFQ_DESTROY(&sc->sc_scoq);
649 UBT_NG_UNLOCK(sc);
650
651 mtx_destroy(&sc->sc_if_mtx);
652 mtx_destroy(&sc->sc_ng_mtx);
653
654 return (0);
655} /* ubt_detach */
656
657/*
658 * Called when outgoing control request (HCI command) has completed, i.e.
659 * HCI command was sent to the device.
660 * USB context.
661 */
662
663static void
664ubt_ctrl_write_callback(struct usb_xfer *xfer, usb_error_t error)
665{
666 struct ubt_softc *sc = usbd_xfer_softc(xfer);
667 struct usb_device_request req;
668 struct mbuf *m;
669 struct usb_page_cache *pc;
670 int actlen;
671
672 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
673
674 switch (USB_GET_STATE(xfer)) {
675 case USB_ST_TRANSFERRED:
676 UBT_INFO(sc, "sent %d bytes to control pipe\n", actlen);
677 UBT_STAT_BYTES_SENT(sc, actlen);
678 UBT_STAT_PCKTS_SENT(sc);
679 /* FALLTHROUGH */
680
681 case USB_ST_SETUP:
682send_next:
683 /* Get next command mbuf, if any */
684 UBT_NG_LOCK(sc);
685 NG_BT_MBUFQ_DEQUEUE(&sc->sc_cmdq, m);
686 UBT_NG_UNLOCK(sc);
687
688 if (m == NULL) {
689 UBT_INFO(sc, "HCI command queue is empty\n");
690 break; /* transfer complete */
691 }
692
693 /* Initialize a USB control request and then schedule it */
694 bzero(&req, sizeof(req));
695 req.bmRequestType = UBT_HCI_REQUEST;
696 USETW(req.wLength, m->m_pkthdr.len);
697
698 UBT_INFO(sc, "Sending control request, " \
699 "bmRequestType=0x%02x, wLength=%d\n",
700 req.bmRequestType, UGETW(req.wLength));
701
702 pc = usbd_xfer_get_frame(xfer, 0);
703 usbd_copy_in(pc, 0, &req, sizeof(req));
704 pc = usbd_xfer_get_frame(xfer, 1);
705 usbd_m_copy_in(pc, 0, m, 0, m->m_pkthdr.len);
706
707 usbd_xfer_set_frame_len(xfer, 0, sizeof(req));
708 usbd_xfer_set_frame_len(xfer, 1, m->m_pkthdr.len);
709 usbd_xfer_set_frames(xfer, 2);
710
711 NG_FREE_M(m);
712
713 usbd_transfer_submit(xfer);
714 break;
715
716 default: /* Error */
717 if (error != USB_ERR_CANCELLED) {
718 UBT_WARN(sc, "control transfer failed: %s\n",
719 usbd_errstr(error));
720
721 UBT_STAT_OERROR(sc);
722 goto send_next;
723 }
724
725 /* transfer cancelled */
726 break;
727 }
728} /* ubt_ctrl_write_callback */
729
730/*
731 * Called when incoming interrupt transfer (HCI event) has completed, i.e.
732 * HCI event was received from the device.
733 * USB context.
734 */
735
736static void
737ubt_intr_read_callback(struct usb_xfer *xfer, usb_error_t error)
738{
739 struct ubt_softc *sc = usbd_xfer_softc(xfer);
740 struct mbuf *m;
741 ng_hci_event_pkt_t *hdr;
742 struct usb_page_cache *pc;
743 int actlen;
744
745 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
746
747 m = NULL;
748
749 switch (USB_GET_STATE(xfer)) {
750 case USB_ST_TRANSFERRED:
751 /* Allocate a new mbuf */
752 MGETHDR(m, M_NOWAIT, MT_DATA);
753 if (m == NULL) {
754 UBT_STAT_IERROR(sc);
755 goto submit_next;
756 }
757
758 MCLGET(m, M_NOWAIT);
759 if (!(m->m_flags & M_EXT)) {
760 UBT_STAT_IERROR(sc);
761 goto submit_next;
762 }
763
764 /* Add HCI packet type */
765 *mtod(m, uint8_t *)= NG_HCI_EVENT_PKT;
766 m->m_pkthdr.len = m->m_len = 1;
767
768 if (actlen > MCLBYTES - 1)
769 actlen = MCLBYTES - 1;
770
771 pc = usbd_xfer_get_frame(xfer, 0);
772 usbd_copy_out(pc, 0, mtod(m, uint8_t *) + 1, actlen);
773 m->m_pkthdr.len += actlen;
774 m->m_len += actlen;
775
776 UBT_INFO(sc, "got %d bytes from interrupt pipe\n",
777 actlen);
778
779 /* Validate packet and send it up the stack */
780 if (m->m_pkthdr.len < (int)sizeof(*hdr)) {
781 UBT_INFO(sc, "HCI event packet is too short\n");
782
783 UBT_STAT_IERROR(sc);
784 goto submit_next;
785 }
786
787 hdr = mtod(m, ng_hci_event_pkt_t *);
788 if (hdr->length != (m->m_pkthdr.len - sizeof(*hdr))) {
789 UBT_ERR(sc, "Invalid HCI event packet size, " \
790 "length=%d, pktlen=%d\n",
791 hdr->length, m->m_pkthdr.len);
792
793 UBT_STAT_IERROR(sc);
794 goto submit_next;
795 }
796
797 UBT_INFO(sc, "got complete HCI event frame, pktlen=%d, " \
798 "length=%d\n", m->m_pkthdr.len, hdr->length);
799
800 UBT_STAT_PCKTS_RECV(sc);
801 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len);
802
803 ubt_fwd_mbuf_up(sc, &m);
804 /* m == NULL at this point */
805 /* FALLTHROUGH */
806
807 case USB_ST_SETUP:
808submit_next:
809 NG_FREE_M(m); /* checks for m != NULL */
810
811 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer));
812 usbd_transfer_submit(xfer);
813 break;
814
815 default: /* Error */
816 if (error != USB_ERR_CANCELLED) {
817 UBT_WARN(sc, "interrupt transfer failed: %s\n",
818 usbd_errstr(error));
819
820 /* Try to clear stall first */
821 usbd_xfer_set_stall(xfer);
822 goto submit_next;
823 }
824 /* transfer cancelled */
825 break;
826 }
827} /* ubt_intr_read_callback */
828
829/*
830 * Called when incoming bulk transfer (ACL packet) has completed, i.e.
831 * ACL packet was received from the device.
832 * USB context.
833 */
834
835static void
836ubt_bulk_read_callback(struct usb_xfer *xfer, usb_error_t error)
837{
838 struct ubt_softc *sc = usbd_xfer_softc(xfer);
839 struct mbuf *m;
840 ng_hci_acldata_pkt_t *hdr;
841 struct usb_page_cache *pc;
842 int len;
843 int actlen;
844
845 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
846
847 m = NULL;
848
849 switch (USB_GET_STATE(xfer)) {
850 case USB_ST_TRANSFERRED:
851 /* Allocate new mbuf */
852 MGETHDR(m, M_NOWAIT, MT_DATA);
853 if (m == NULL) {
854 UBT_STAT_IERROR(sc);
855 goto submit_next;
856 }
857
858 MCLGET(m, M_NOWAIT);
859 if (!(m->m_flags & M_EXT)) {
860 UBT_STAT_IERROR(sc);
861 goto submit_next;
862 }
863
864 /* Add HCI packet type */
865 *mtod(m, uint8_t *)= NG_HCI_ACL_DATA_PKT;
866 m->m_pkthdr.len = m->m_len = 1;
867
868 if (actlen > MCLBYTES - 1)
869 actlen = MCLBYTES - 1;
870
871 pc = usbd_xfer_get_frame(xfer, 0);
872 usbd_copy_out(pc, 0, mtod(m, uint8_t *) + 1, actlen);
873 m->m_pkthdr.len += actlen;
874 m->m_len += actlen;
875
876 UBT_INFO(sc, "got %d bytes from bulk-in pipe\n",
877 actlen);
878
879 /* Validate packet and send it up the stack */
880 if (m->m_pkthdr.len < (int)sizeof(*hdr)) {
881 UBT_INFO(sc, "HCI ACL packet is too short\n");
882
883 UBT_STAT_IERROR(sc);
884 goto submit_next;
885 }
886
887 hdr = mtod(m, ng_hci_acldata_pkt_t *);
888 len = le16toh(hdr->length);
889 if (len != (int)(m->m_pkthdr.len - sizeof(*hdr))) {
890 UBT_ERR(sc, "Invalid ACL packet size, length=%d, " \
891 "pktlen=%d\n", len, m->m_pkthdr.len);
892
893 UBT_STAT_IERROR(sc);
894 goto submit_next;
895 }
896
897 UBT_INFO(sc, "got complete ACL data packet, pktlen=%d, " \
898 "length=%d\n", m->m_pkthdr.len, len);
899
900 UBT_STAT_PCKTS_RECV(sc);
901 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len);
902
903 ubt_fwd_mbuf_up(sc, &m);
904 /* m == NULL at this point */
905 /* FALLTHOUGH */
906
907 case USB_ST_SETUP:
908submit_next:
909 NG_FREE_M(m); /* checks for m != NULL */
910
911 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer));
912 usbd_transfer_submit(xfer);
913 break;
914
915 default: /* Error */
916 if (error != USB_ERR_CANCELLED) {
917 UBT_WARN(sc, "bulk-in transfer failed: %s\n",
918 usbd_errstr(error));
919
920 /* Try to clear stall first */
921 usbd_xfer_set_stall(xfer);
922 goto submit_next;
923 }
924 /* transfer cancelled */
925 break;
926 }
927} /* ubt_bulk_read_callback */
928
929/*
930 * Called when outgoing bulk transfer (ACL packet) has completed, i.e.
931 * ACL packet was sent to the device.
932 * USB context.
933 */
934
935static void
936ubt_bulk_write_callback(struct usb_xfer *xfer, usb_error_t error)
937{
938 struct ubt_softc *sc = usbd_xfer_softc(xfer);
939 struct mbuf *m;
940 struct usb_page_cache *pc;
941 int actlen;
942
943 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
944
945 switch (USB_GET_STATE(xfer)) {
946 case USB_ST_TRANSFERRED:
947 UBT_INFO(sc, "sent %d bytes to bulk-out pipe\n", actlen);
948 UBT_STAT_BYTES_SENT(sc, actlen);
949 UBT_STAT_PCKTS_SENT(sc);
950 /* FALLTHROUGH */
951
952 case USB_ST_SETUP:
953send_next:
954 /* Get next mbuf, if any */
955 UBT_NG_LOCK(sc);
956 NG_BT_MBUFQ_DEQUEUE(&sc->sc_aclq, m);
957 UBT_NG_UNLOCK(sc);
958
959 if (m == NULL) {
960 UBT_INFO(sc, "ACL data queue is empty\n");
961 break; /* transfer completed */
962 }
963
964 /*
965 * Copy ACL data frame back to a linear USB transfer buffer
966 * and schedule transfer
967 */
968
969 pc = usbd_xfer_get_frame(xfer, 0);
970 usbd_m_copy_in(pc, 0, m, 0, m->m_pkthdr.len);
971 usbd_xfer_set_frame_len(xfer, 0, m->m_pkthdr.len);
972
973 UBT_INFO(sc, "bulk-out transfer has been started, len=%d\n",
974 m->m_pkthdr.len);
975
976 NG_FREE_M(m);
977
978 usbd_transfer_submit(xfer);
979 break;
980
981 default: /* Error */
982 if (error != USB_ERR_CANCELLED) {
983 UBT_WARN(sc, "bulk-out transfer failed: %s\n",
984 usbd_errstr(error));
985
986 UBT_STAT_OERROR(sc);
987
988 /* try to clear stall first */
989 usbd_xfer_set_stall(xfer);
990 goto send_next;
991 }
992 /* transfer cancelled */
993 break;
994 }
995} /* ubt_bulk_write_callback */
996
997/*
998 * Called when incoming isoc transfer (SCO packet) has completed, i.e.
999 * SCO packet was received from the device.
1000 * USB context.
1001 */
1002
1003static void
1004ubt_isoc_read_callback(struct usb_xfer *xfer, usb_error_t error)
1005{
1006 struct ubt_softc *sc = usbd_xfer_softc(xfer);
1007 int n;
1008 int actlen, nframes;
1009
1010 usbd_xfer_status(xfer, &actlen, NULL, NULL, &nframes);
1011
1012 switch (USB_GET_STATE(xfer)) {
1013 case USB_ST_TRANSFERRED:
1014 for (n = 0; n < nframes; n ++)
1015 if (ubt_isoc_read_one_frame(xfer, n) < 0)
1016 break;
1017 /* FALLTHROUGH */
1018
1019 case USB_ST_SETUP:
1020read_next:
1021 for (n = 0; n < nframes; n ++)
1022 usbd_xfer_set_frame_len(xfer, n,
1023 usbd_xfer_max_framelen(xfer));
1024
1025 usbd_transfer_submit(xfer);
1026 break;
1027
1028 default: /* Error */
1029 if (error != USB_ERR_CANCELLED) {
1030 UBT_STAT_IERROR(sc);
1031 goto read_next;
1032 }
1033
1034 /* transfer cancelled */
1035 break;
1036 }
1037} /* ubt_isoc_read_callback */
1038
1039/*
1040 * Helper function. Called from ubt_isoc_read_callback() to read
1041 * SCO data from one frame.
1042 * USB context.
1043 */
1044
1045static int
1046ubt_isoc_read_one_frame(struct usb_xfer *xfer, int frame_no)
1047{
1048 struct ubt_softc *sc = usbd_xfer_softc(xfer);
1049 struct usb_page_cache *pc;
1050 struct mbuf *m;
1051 int len, want, got, total;
1052
1053 /* Get existing SCO reassembly buffer */
1054 pc = usbd_xfer_get_frame(xfer, 0);
1055 m = sc->sc_isoc_in_buffer;
1056 total = usbd_xfer_frame_len(xfer, frame_no);
1057
1058 /* While we have data in the frame */
1059 while (total > 0) {
1060 if (m == NULL) {
1061 /* Start new reassembly buffer */
1062 MGETHDR(m, M_NOWAIT, MT_DATA);
1063 if (m == NULL) {
1064 UBT_STAT_IERROR(sc);
1065 return (-1); /* XXX out of sync! */
1066 }
1067
1068 MCLGET(m, M_NOWAIT);
1069 if (!(m->m_flags & M_EXT)) {
1070 UBT_STAT_IERROR(sc);
1071 NG_FREE_M(m);
1072 return (-1); /* XXX out of sync! */
1073 }
1074
1075 /* Expect SCO header */
1076 *mtod(m, uint8_t *) = NG_HCI_SCO_DATA_PKT;
1077 m->m_pkthdr.len = m->m_len = got = 1;
1078 want = sizeof(ng_hci_scodata_pkt_t);
1079 } else {
1080 /*
1081 * Check if we have SCO header and if so
1082 * adjust amount of data we want
1083 */
1084 got = m->m_pkthdr.len;
1085 want = sizeof(ng_hci_scodata_pkt_t);
1086
1087 if (got >= want)
1088 want += mtod(m, ng_hci_scodata_pkt_t *)->length;
1089 }
1090
1091 /* Append frame data to the SCO reassembly buffer */
1092 len = total;
1093 if (got + len > want)
1094 len = want - got;
1095
1096 usbd_copy_out(pc, frame_no * usbd_xfer_max_framelen(xfer),
1097 mtod(m, uint8_t *) + m->m_pkthdr.len, len);
1098
1099 m->m_pkthdr.len += len;
1100 m->m_len += len;
1101 total -= len;
1102
1103 /* Check if we got everything we wanted, if not - continue */
1104 if (got != want)
1105 continue;
1106
1107 /* If we got here then we got complete SCO frame */
1108 UBT_INFO(sc, "got complete SCO data frame, pktlen=%d, " \
1109 "length=%d\n", m->m_pkthdr.len,
1110 mtod(m, ng_hci_scodata_pkt_t *)->length);
1111
1112 UBT_STAT_PCKTS_RECV(sc);
1113 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len);
1114
1115 ubt_fwd_mbuf_up(sc, &m);
1116 /* m == NULL at this point */
1117 }
1118
1119 /* Put SCO reassembly buffer back */
1120 sc->sc_isoc_in_buffer = m;
1121
1122 return (0);
1123} /* ubt_isoc_read_one_frame */
1124
1125/*
1126 * Called when outgoing isoc transfer (SCO packet) has completed, i.e.
1127 * SCO packet was sent to the device.
1128 * USB context.
1129 */
1130
1131static void
1132ubt_isoc_write_callback(struct usb_xfer *xfer, usb_error_t error)
1133{
1134 struct ubt_softc *sc = usbd_xfer_softc(xfer);
1135 struct usb_page_cache *pc;
1136 struct mbuf *m;
1137 int n, space, offset;
1138 int actlen, nframes;
1139
1140 usbd_xfer_status(xfer, &actlen, NULL, NULL, &nframes);
1141 pc = usbd_xfer_get_frame(xfer, 0);
1142
1143 switch (USB_GET_STATE(xfer)) {
1144 case USB_ST_TRANSFERRED:
1145 UBT_INFO(sc, "sent %d bytes to isoc-out pipe\n", actlen);
1146 UBT_STAT_BYTES_SENT(sc, actlen);
1147 UBT_STAT_PCKTS_SENT(sc);
1148 /* FALLTHROUGH */
1149
1150 case USB_ST_SETUP:
1151send_next:
1152 offset = 0;
1153 space = usbd_xfer_max_framelen(xfer) * nframes;
1154 m = NULL;
1155
1156 while (space > 0) {
1157 if (m == NULL) {
1158 UBT_NG_LOCK(sc);
1159 NG_BT_MBUFQ_DEQUEUE(&sc->sc_scoq, m);
1160 UBT_NG_UNLOCK(sc);
1161
1162 if (m == NULL)
1163 break;
1164 }
1165
1166 n = min(space, m->m_pkthdr.len);
1167 if (n > 0) {
1168 usbd_m_copy_in(pc, offset, m,0, n);
1169 m_adj(m, n);
1170
1171 offset += n;
1172 space -= n;
1173 }
1174
1175 if (m->m_pkthdr.len == 0)
1176 NG_FREE_M(m); /* sets m = NULL */
1177 }
1178
1179 /* Put whatever is left from mbuf back on queue */
1180 if (m != NULL) {
1181 UBT_NG_LOCK(sc);
1182 NG_BT_MBUFQ_PREPEND(&sc->sc_scoq, m);
1183 UBT_NG_UNLOCK(sc);
1184 }
1185
1186 /*
1187 * Calculate sizes for isoc frames.
1188 * Note that offset could be 0 at this point (i.e. we have
1189 * nothing to send). That is fine, as we have isoc. transfers
1190 * going in both directions all the time. In this case it
1191 * would be just empty isoc. transfer.
1192 */
1193
1194 for (n = 0; n < nframes; n ++) {
1195 usbd_xfer_set_frame_len(xfer, n,
1196 min(offset, usbd_xfer_max_framelen(xfer)));
1197 offset -= usbd_xfer_frame_len(xfer, n);
1198 }
1199
1200 usbd_transfer_submit(xfer);
1201 break;
1202
1203 default: /* Error */
1204 if (error != USB_ERR_CANCELLED) {
1205 UBT_STAT_OERROR(sc);
1206 goto send_next;
1207 }
1208
1209 /* transfer cancelled */
1210 break;
1211 }
1212}
1213
1214/*
1215 * Utility function to forward provided mbuf upstream (i.e. up the stack).
1216 * Modifies value of the mbuf pointer (sets it to NULL).
1217 * Save to call from any context.
1218 */
1219
1220static int
1221ubt_fwd_mbuf_up(ubt_softc_p sc, struct mbuf **m)
1222{
1223 hook_p hook;
1224 int error;
1225
1226 /*
1227 * Close the race with Netgraph hook newhook/disconnect methods.
1228 * Save the hook pointer atomically. Two cases are possible:
1229 *
1230 * 1) The hook pointer is NULL. It means disconnect method got
1231 * there first. In this case we are done.
1232 *
1233 * 2) The hook pointer is not NULL. It means that hook pointer
1234 * could be either in valid or invalid (i.e. in the process
1235 * of disconnect) state. In any case grab an extra reference
1236 * to protect the hook pointer.
1237 *
1238 * It is ok to pass hook in invalid state to NG_SEND_DATA_ONLY() as
1239 * it checks for it. Drop extra reference after NG_SEND_DATA_ONLY().
1240 */
1241
1242 UBT_NG_LOCK(sc);
1243 if ((hook = sc->sc_hook) != NULL)
1244 NG_HOOK_REF(hook);
1245 UBT_NG_UNLOCK(sc);
1246
1247 if (hook == NULL) {
1248 NG_FREE_M(*m);
1249 return (ENETDOWN);
1250 }
1251
1252 NG_SEND_DATA_ONLY(error, hook, *m);
1253 NG_HOOK_UNREF(hook);
1254
1255 if (error != 0)
1256 UBT_STAT_IERROR(sc);
1257
1258 return (error);
1259} /* ubt_fwd_mbuf_up */
1260
1261/****************************************************************************
1262 ****************************************************************************
1263 ** Glue
1264 ****************************************************************************
1265 ****************************************************************************/
1266
1267/*
1268 * Schedule glue task. Should be called with sc_ng_mtx held.
1269 * Netgraph context.
1270 */
1271
1272static void
1273ubt_task_schedule(ubt_softc_p sc, int action)
1274{
1275 mtx_assert(&sc->sc_ng_mtx, MA_OWNED);
1276
1277 /*
1278 * Try to handle corner case when "start all" and "stop all"
1279 * actions can both be set before task is executed.
1280 *
1281 * The rules are
1282 *
1283 * sc_task_flags action new sc_task_flags
1284 * ------------------------------------------------------
1285 * 0 start start
1286 * 0 stop stop
1287 * start start start
1288 * start stop stop
1289 * stop start stop|start
1290 * stop stop stop
1291 * stop|start start stop|start
1292 * stop|start stop stop
1293 */
1294
1295 if (action != 0) {
1296 if ((action & UBT_FLAG_T_STOP_ALL) != 0)
1297 sc->sc_task_flags &= ~UBT_FLAG_T_START_ALL;
1298
1299 sc->sc_task_flags |= action;
1300 }
1301
1302 if (sc->sc_task_flags & UBT_FLAG_T_PENDING)
1303 return;
1304
1305 if (taskqueue_enqueue(taskqueue_swi, &sc->sc_task) == 0) {
1306 sc->sc_task_flags |= UBT_FLAG_T_PENDING;
1307 return;
1308 }
1309
1310 /* XXX: i think this should never happen */
1311} /* ubt_task_schedule */
1312
1313/*
1314 * Glue task. Examines sc_task_flags and does things depending on it.
1315 * Taskqueue context.
1316 */
1317
1318static void
1319ubt_task(void *context, int pending)
1320{
1321 ubt_softc_p sc = context;
1322 int task_flags, i;
1323
1324 UBT_NG_LOCK(sc);
1325 task_flags = sc->sc_task_flags;
1326 sc->sc_task_flags = 0;
1327 UBT_NG_UNLOCK(sc);
1328
1329 /*
1330 * Stop all USB transfers synchronously.
1331 * Stop interface #0 and #1 transfers at the same time and in the
1332 * same loop. usbd_transfer_drain() will do appropriate locking.
1333 */
1334
1335 if (task_flags & UBT_FLAG_T_STOP_ALL)
1336 for (i = 0; i < UBT_N_TRANSFER; i ++)
1337 usbd_transfer_drain(sc->sc_xfer[i]);
1338
1339 /* Start incoming interrupt and bulk, and all isoc. USB transfers */
1340 if (task_flags & UBT_FLAG_T_START_ALL) {
1341 /*
1342 * Interface #0
1343 */
1344
1345 mtx_lock(&sc->sc_if_mtx);
1346
1347 ubt_xfer_start(sc, UBT_IF_0_INTR_DT_RD);
1348 ubt_xfer_start(sc, UBT_IF_0_BULK_DT_RD);
1349
1350 /*
1351 * Interface #1
1352 * Start both read and write isoc. transfers by default.
1353 * Get them going all the time even if we have nothing
1354 * to send to avoid any delays.
1355 */
1356
1357 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_RD1);
1358 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_RD2);
1359 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_WR1);
1360 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_WR2);
1361
1362 mtx_unlock(&sc->sc_if_mtx);
1363 }
1364
1365 /* Start outgoing control transfer */
1366 if (task_flags & UBT_FLAG_T_START_CTRL) {
1367 mtx_lock(&sc->sc_if_mtx);
1368 ubt_xfer_start(sc, UBT_IF_0_CTRL_DT_WR);
1369 mtx_unlock(&sc->sc_if_mtx);
1370 }
1371
1372 /* Start outgoing bulk transfer */
1373 if (task_flags & UBT_FLAG_T_START_BULK) {
1374 mtx_lock(&sc->sc_if_mtx);
1375 ubt_xfer_start(sc, UBT_IF_0_BULK_DT_WR);
1376 mtx_unlock(&sc->sc_if_mtx);
1377 }
1378} /* ubt_task */
1379
1380/****************************************************************************
1381 ****************************************************************************
1382 ** Netgraph specific
1383 ****************************************************************************
1384 ****************************************************************************/
1385
1386/*
1387 * Netgraph node constructor. Do not allow to create node of this type.
1388 * Netgraph context.
1389 */
1390
1391static int
1392ng_ubt_constructor(node_p node)
1393{
1394 return (EINVAL);
1395} /* ng_ubt_constructor */
1396
1397/*
1398 * Netgraph node destructor. Destroy node only when device has been detached.
1399 * Netgraph context.
1400 */
1401
1402static int
1403ng_ubt_shutdown(node_p node)
1404{
1405 if (node->nd_flags & NGF_REALLY_DIE) {
1406 /*
1407 * We came here because the USB device is being
1408 * detached, so stop being persistant.
1409 */
1410 NG_NODE_SET_PRIVATE(node, NULL);
1411 NG_NODE_UNREF(node);
1412 } else
1413 NG_NODE_REVIVE(node); /* tell ng_rmnode we are persisant */
1414
1415 return (0);
1416} /* ng_ubt_shutdown */
1417
1418/*
1419 * Create new hook. There can only be one.
1420 * Netgraph context.
1421 */
1422
1423static int
1424ng_ubt_newhook(node_p node, hook_p hook, char const *name)
1425{
1426 struct ubt_softc *sc = NG_NODE_PRIVATE(node);
1427
1428 if (strcmp(name, NG_UBT_HOOK) != 0)
1429 return (EINVAL);
1430
1431 UBT_NG_LOCK(sc);
1432 if (sc->sc_hook != NULL) {
1433 UBT_NG_UNLOCK(sc);
1434
1435 return (EISCONN);
1436 }
1437
1438 sc->sc_hook = hook;
1439 UBT_NG_UNLOCK(sc);
1440
1441 return (0);
1442} /* ng_ubt_newhook */
1443
1444/*
1445 * Connect hook. Start incoming USB transfers.
1446 * Netgraph context.
1447 */
1448
1449static int
1450ng_ubt_connect(hook_p hook)
1451{
1452 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1453
1454 NG_HOOK_FORCE_QUEUE(NG_HOOK_PEER(hook));
1455
1456 UBT_NG_LOCK(sc);
1457 ubt_task_schedule(sc, UBT_FLAG_T_START_ALL);
1458 UBT_NG_UNLOCK(sc);
1459
1460 return (0);
1461} /* ng_ubt_connect */
1462
1463/*
1464 * Disconnect hook.
1465 * Netgraph context.
1466 */
1467
1468static int
1469ng_ubt_disconnect(hook_p hook)
1470{
1471 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1472
1473 UBT_NG_LOCK(sc);
1474
1475 if (hook != sc->sc_hook) {
1476 UBT_NG_UNLOCK(sc);
1477
1478 return (EINVAL);
1479 }
1480
1481 sc->sc_hook = NULL;
1482
1483 /* Kick off task to stop all USB xfers */
1484 ubt_task_schedule(sc, UBT_FLAG_T_STOP_ALL);
1485
1486 /* Drain queues */
1487 NG_BT_MBUFQ_DRAIN(&sc->sc_cmdq);
1488 NG_BT_MBUFQ_DRAIN(&sc->sc_aclq);
1489 NG_BT_MBUFQ_DRAIN(&sc->sc_scoq);
1490
1491 UBT_NG_UNLOCK(sc);
1492
1493 return (0);
1494} /* ng_ubt_disconnect */
1495
1496/*
1497 * Process control message.
1498 * Netgraph context.
1499 */
1500
1501static int
1502ng_ubt_rcvmsg(node_p node, item_p item, hook_p lasthook)
1503{
1504 struct ubt_softc *sc = NG_NODE_PRIVATE(node);
1505 struct ng_mesg *msg, *rsp = NULL;
1506 struct ng_bt_mbufq *q;
1507 int error = 0, queue, qlen;
1508
1509 NGI_GET_MSG(item, msg);
1510
1511 switch (msg->header.typecookie) {
1512 case NGM_GENERIC_COOKIE:
1513 switch (msg->header.cmd) {
1514 case NGM_TEXT_STATUS:
1515 NG_MKRESPONSE(rsp, msg, NG_TEXTRESPONSE, M_NOWAIT);
1516 if (rsp == NULL) {
1517 error = ENOMEM;
1518 break;
1519 }
1520
1521 snprintf(rsp->data, NG_TEXTRESPONSE,
1522 "Hook: %s\n" \
1523 "Task flags: %#x\n" \
1524 "Debug: %d\n" \
1525 "CMD queue: [have:%d,max:%d]\n" \
1526 "ACL queue: [have:%d,max:%d]\n" \
1527 "SCO queue: [have:%d,max:%d]",
1528 (sc->sc_hook != NULL) ? NG_UBT_HOOK : "",
1529 sc->sc_task_flags,
1530 sc->sc_debug,
1531 sc->sc_cmdq.len,
1532 sc->sc_cmdq.maxlen,
1533 sc->sc_aclq.len,
1534 sc->sc_aclq.maxlen,
1535 sc->sc_scoq.len,
1536 sc->sc_scoq.maxlen);
1537 break;
1538
1539 default:
1540 error = EINVAL;
1541 break;
1542 }
1543 break;
1544
1545 case NGM_UBT_COOKIE:
1546 switch (msg->header.cmd) {
1547 case NGM_UBT_NODE_SET_DEBUG:
1548 if (msg->header.arglen != sizeof(ng_ubt_node_debug_ep)){
1549 error = EMSGSIZE;
1550 break;
1551 }
1552
1553 sc->sc_debug = *((ng_ubt_node_debug_ep *) (msg->data));
1554 break;
1555
1556 case NGM_UBT_NODE_GET_DEBUG:
1557 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_debug_ep),
1558 M_NOWAIT);
1559 if (rsp == NULL) {
1560 error = ENOMEM;
1561 break;
1562 }
1563
1564 *((ng_ubt_node_debug_ep *) (rsp->data)) = sc->sc_debug;
1565 break;
1566
1567 case NGM_UBT_NODE_SET_QLEN:
1568 if (msg->header.arglen != sizeof(ng_ubt_node_qlen_ep)) {
1569 error = EMSGSIZE;
1570 break;
1571 }
1572
1573 queue = ((ng_ubt_node_qlen_ep *) (msg->data))->queue;
1574 qlen = ((ng_ubt_node_qlen_ep *) (msg->data))->qlen;
1575
1576 switch (queue) {
1577 case NGM_UBT_NODE_QUEUE_CMD:
1578 q = &sc->sc_cmdq;
1579 break;
1580
1581 case NGM_UBT_NODE_QUEUE_ACL:
1582 q = &sc->sc_aclq;
1583 break;
1584
1585 case NGM_UBT_NODE_QUEUE_SCO:
1586 q = &sc->sc_scoq;
1587 break;
1588
1589 default:
1590 error = EINVAL;
1591 goto done;
1592 /* NOT REACHED */
1593 }
1594
1595 q->maxlen = qlen;
1596 break;
1597
1598 case NGM_UBT_NODE_GET_QLEN:
1599 if (msg->header.arglen != sizeof(ng_ubt_node_qlen_ep)) {
1600 error = EMSGSIZE;
1601 break;
1602 }
1603
1604 queue = ((ng_ubt_node_qlen_ep *) (msg->data))->queue;
1605
1606 switch (queue) {
1607 case NGM_UBT_NODE_QUEUE_CMD:
1608 q = &sc->sc_cmdq;
1609 break;
1610
1611 case NGM_UBT_NODE_QUEUE_ACL:
1612 q = &sc->sc_aclq;
1613 break;
1614
1615 case NGM_UBT_NODE_QUEUE_SCO:
1616 q = &sc->sc_scoq;
1617 break;
1618
1619 default:
1620 error = EINVAL;
1621 goto done;
1622 /* NOT REACHED */
1623 }
1624
1625 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_qlen_ep),
1626 M_NOWAIT);
1627 if (rsp == NULL) {
1628 error = ENOMEM;
1629 break;
1630 }
1631
1632 ((ng_ubt_node_qlen_ep *) (rsp->data))->queue = queue;
1633 ((ng_ubt_node_qlen_ep *) (rsp->data))->qlen = q->maxlen;
1634 break;
1635
1636 case NGM_UBT_NODE_GET_STAT:
1637 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_stat_ep),
1638 M_NOWAIT);
1639 if (rsp == NULL) {
1640 error = ENOMEM;
1641 break;
1642 }
1643
1644 bcopy(&sc->sc_stat, rsp->data,
1645 sizeof(ng_ubt_node_stat_ep));
1646 break;
1647
1648 case NGM_UBT_NODE_RESET_STAT:
1649 UBT_STAT_RESET(sc);
1650 break;
1651
1652 default:
1653 error = EINVAL;
1654 break;
1655 }
1656 break;
1657
1658 default:
1659 error = EINVAL;
1660 break;
1661 }
1662done:
1663 NG_RESPOND_MSG(error, node, item, rsp);
1664 NG_FREE_MSG(msg);
1665
1666 return (error);
1667} /* ng_ubt_rcvmsg */
1668
1669/*
1670 * Process data.
1671 * Netgraph context.
1672 */
1673
1674static int
1675ng_ubt_rcvdata(hook_p hook, item_p item)
1676{
1677 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1678 struct mbuf *m;
1679 struct ng_bt_mbufq *q;
1680 int action, error = 0;
1681
1682 if (hook != sc->sc_hook) {
1683 error = EINVAL;
1684 goto done;
1685 }
1686
1687 /* Deatch mbuf and get HCI frame type */
1688 NGI_GET_M(item, m);
1689
1690 /*
1691 * Minimal size of the HCI frame is 4 bytes: 1 byte frame type,
1692 * 2 bytes connection handle and at least 1 byte of length.
1693 * Panic on data frame that has size smaller than 4 bytes (it
1694 * should not happen)
1695 */
1696
1697 if (m->m_pkthdr.len < 4)
1698 panic("HCI frame size is too small! pktlen=%d\n",
1699 m->m_pkthdr.len);
1700
1701 /* Process HCI frame */
1702 switch (*mtod(m, uint8_t *)) { /* XXX call m_pullup ? */
1703 case NG_HCI_CMD_PKT:
1704 if (m->m_pkthdr.len - 1 > (int)UBT_CTRL_BUFFER_SIZE)
1705 panic("HCI command frame size is too big! " \
1706 "buffer size=%zd, packet len=%d\n",
1707 UBT_CTRL_BUFFER_SIZE, m->m_pkthdr.len);
1708
1709 q = &sc->sc_cmdq;
1710 action = UBT_FLAG_T_START_CTRL;
1711 break;
1712
1713 case NG_HCI_ACL_DATA_PKT:
1714 if (m->m_pkthdr.len - 1 > UBT_BULK_WRITE_BUFFER_SIZE)
1715 panic("ACL data frame size is too big! " \
1716 "buffer size=%d, packet len=%d\n",
1717 UBT_BULK_WRITE_BUFFER_SIZE, m->m_pkthdr.len);
1718
1719 q = &sc->sc_aclq;
1720 action = UBT_FLAG_T_START_BULK;
1721 break;
1722
1723 case NG_HCI_SCO_DATA_PKT:
1724 q = &sc->sc_scoq;
1725 action = 0;
1726 break;
1727
1728 default:
1729 UBT_ERR(sc, "Dropping unsupported HCI frame, type=0x%02x, " \
1730 "pktlen=%d\n", *mtod(m, uint8_t *), m->m_pkthdr.len);
1731
1732 NG_FREE_M(m);
1733 error = EINVAL;
1734 goto done;
1735 /* NOT REACHED */
1736 }
1737
1738 UBT_NG_LOCK(sc);
1739 if (NG_BT_MBUFQ_FULL(q)) {
1740 NG_BT_MBUFQ_DROP(q);
1741 UBT_NG_UNLOCK(sc);
1742
1743 UBT_ERR(sc, "Dropping HCI frame 0x%02x, len=%d. Queue full\n",
1744 *mtod(m, uint8_t *), m->m_pkthdr.len);
1745
1746 NG_FREE_M(m);
1747 } else {
1748 /* Loose HCI packet type, enqueue mbuf and kick off task */
1749 m_adj(m, sizeof(uint8_t));
1750 NG_BT_MBUFQ_ENQUEUE(q, m);
1751 ubt_task_schedule(sc, action);
1752 UBT_NG_UNLOCK(sc);
1753 }
1754done:
1755 NG_FREE_ITEM(item);
1756
1757 return (error);
1758} /* ng_ubt_rcvdata */
1759
1760/****************************************************************************
1761 ****************************************************************************
1762 ** Module
1763 ****************************************************************************
1764 ****************************************************************************/
1765
1766/*
1767 * Load/Unload the driver module
1768 */
1769
1770static int
1771ubt_modevent(module_t mod, int event, void *data)
1772{
1773 int error;
1774
1775 switch (event) {
1776 case MOD_LOAD:
1777 error = ng_newtype(&typestruct);
1778 if (error != 0)
1779 printf("%s: Could not register Netgraph node type, " \
1780 "error=%d\n", NG_UBT_NODE_TYPE, error);
1781 break;
1782
1783 case MOD_UNLOAD:
1784 error = ng_rmtype(&typestruct);
1785 break;
1786
1787 default:
1788 error = EOPNOTSUPP;
1789 break;
1790 }
1791
1792 return (error);
1793} /* ubt_modevent */
1794
1795static devclass_t ubt_devclass;
1796
1797static device_method_t ubt_methods[] =
1798{
1799 DEVMETHOD(device_probe, ubt_probe),
1800 DEVMETHOD(device_attach, ubt_attach),
1801 DEVMETHOD(device_detach, ubt_detach),
1802 DEVMETHOD_END
1803};
1804
1805static driver_t ubt_driver =
1806{
1807 .name = "ubt",
1808 .methods = ubt_methods,
1809 .size = sizeof(struct ubt_softc),
1810};
1811
1812DRIVER_MODULE(ng_ubt, uhub, ubt_driver, ubt_devclass, ubt_modevent, 0);
1813MODULE_VERSION(ng_ubt, NG_BLUETOOTH_VERSION);
1814MODULE_DEPEND(ng_ubt, netgraph, NG_ABI_VERSION, NG_ABI_VERSION, NG_ABI_VERSION);
1815MODULE_DEPEND(ng_ubt, ng_hci, NG_BLUETOOTH_VERSION, NG_BLUETOOTH_VERSION, NG_BLUETOOTH_VERSION);
1816MODULE_DEPEND(ng_ubt, usb, 1, 1, 1);
1817