1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * NXP Bluetooth driver 4 * Copyright 2023 NXP 5 */ 6 7#include <linux/module.h> 8#include <linux/kernel.h> 9 10#include <linux/serdev.h> 11#include <linux/of.h> 12#include <linux/skbuff.h> 13#include <asm/unaligned.h> 14#include <linux/firmware.h> 15#include <linux/string.h> 16#include <linux/crc8.h> 17#include <linux/crc32.h> 18#include <linux/string_helpers.h> 19 20#include <net/bluetooth/bluetooth.h> 21#include <net/bluetooth/hci_core.h> 22 23#include "h4_recv.h" 24 25#define MANUFACTURER_NXP 37 26 27#define BTNXPUART_TX_STATE_ACTIVE 1 28#define BTNXPUART_FW_DOWNLOADING 2 29#define BTNXPUART_CHECK_BOOT_SIGNATURE 3 30#define BTNXPUART_SERDEV_OPEN 4 31#define BTNXPUART_IR_IN_PROGRESS 5 32 33/* NXP HW err codes */ 34#define BTNXPUART_IR_HW_ERR 0xb0 35 36#define FIRMWARE_W8987 "nxp/uartuart8987_bt.bin" 37#define FIRMWARE_W8997 "nxp/uartuart8997_bt_v4.bin" 38#define FIRMWARE_W9098 "nxp/uartuart9098_bt_v1.bin" 39#define FIRMWARE_IW416 "nxp/uartiw416_bt_v0.bin" 40#define FIRMWARE_IW612 "nxp/uartspi_n61x_v1.bin.se" 41#define FIRMWARE_IW624 "nxp/uartiw624_bt.bin" 42#define FIRMWARE_SECURE_IW624 "nxp/uartiw624_bt.bin.se" 43#define FIRMWARE_AW693 "nxp/uartaw693_bt.bin" 44#define FIRMWARE_SECURE_AW693 "nxp/uartaw693_bt.bin.se" 45#define FIRMWARE_HELPER "nxp/helper_uart_3000000.bin" 46 47#define CHIP_ID_W9098 0x5c03 48#define CHIP_ID_IW416 0x7201 49#define CHIP_ID_IW612 0x7601 50#define CHIP_ID_IW624a 0x8000 51#define CHIP_ID_IW624c 0x8001 52#define CHIP_ID_AW693 0x8200 53 54#define FW_SECURE_MASK 0xc0 55#define FW_OPEN 0x00 56#define FW_AUTH_ILLEGAL 0x40 57#define FW_AUTH_PLAIN 0x80 58#define FW_AUTH_ENC 0xc0 59 60#define HCI_NXP_PRI_BAUDRATE 115200 61#define HCI_NXP_SEC_BAUDRATE 3000000 62 63#define MAX_FW_FILE_NAME_LEN 50 64 65/* Default ps timeout period in milliseconds */ 66#define PS_DEFAULT_TIMEOUT_PERIOD_MS 2000 67 68/* wakeup methods */ 69#define WAKEUP_METHOD_DTR 0 70#define WAKEUP_METHOD_BREAK 1 71#define WAKEUP_METHOD_EXT_BREAK 2 72#define WAKEUP_METHOD_RTS 3 73#define WAKEUP_METHOD_INVALID 0xff 74 75/* power save mode status */ 76#define PS_MODE_DISABLE 0 77#define PS_MODE_ENABLE 1 78 79/* Power Save Commands to ps_work_func */ 80#define PS_CMD_EXIT_PS 1 81#define PS_CMD_ENTER_PS 2 82 83/* power save state */ 84#define PS_STATE_AWAKE 0 85#define PS_STATE_SLEEP 1 86 87/* Bluetooth vendor command : Sleep mode */ 88#define HCI_NXP_AUTO_SLEEP_MODE 0xfc23 89/* Bluetooth vendor command : Wakeup method */ 90#define HCI_NXP_WAKEUP_METHOD 0xfc53 91/* Bluetooth vendor command : Set operational baudrate */ 92#define HCI_NXP_SET_OPER_SPEED 0xfc09 93/* Bluetooth vendor command: Independent Reset */ 94#define HCI_NXP_IND_RESET 0xfcfc 95 96/* Bluetooth Power State : Vendor cmd params */ 97#define BT_PS_ENABLE 0x02 98#define BT_PS_DISABLE 0x03 99 100/* Bluetooth Host Wakeup Methods */ 101#define BT_HOST_WAKEUP_METHOD_NONE 0x00 102#define BT_HOST_WAKEUP_METHOD_DTR 0x01 103#define BT_HOST_WAKEUP_METHOD_BREAK 0x02 104#define BT_HOST_WAKEUP_METHOD_GPIO 0x03 105 106/* Bluetooth Chip Wakeup Methods */ 107#define BT_CTRL_WAKEUP_METHOD_DSR 0x00 108#define BT_CTRL_WAKEUP_METHOD_BREAK 0x01 109#define BT_CTRL_WAKEUP_METHOD_GPIO 0x02 110#define BT_CTRL_WAKEUP_METHOD_EXT_BREAK 0x04 111#define BT_CTRL_WAKEUP_METHOD_RTS 0x05 112 113struct ps_data { 114 u8 target_ps_mode; /* ps mode to be set */ 115 u8 cur_psmode; /* current ps_mode */ 116 u8 ps_state; /* controller's power save state */ 117 u8 ps_cmd; 118 u8 h2c_wakeupmode; 119 u8 cur_h2c_wakeupmode; 120 u8 c2h_wakeupmode; 121 u8 c2h_wakeup_gpio; 122 u8 h2c_wakeup_gpio; 123 bool driver_sent_cmd; 124 u16 h2c_ps_interval; 125 u16 c2h_ps_interval; 126 struct hci_dev *hdev; 127 struct work_struct work; 128 struct timer_list ps_timer; 129 struct mutex ps_lock; 130}; 131 132struct wakeup_cmd_payload { 133 u8 c2h_wakeupmode; 134 u8 c2h_wakeup_gpio; 135 u8 h2c_wakeupmode; 136 u8 h2c_wakeup_gpio; 137} __packed; 138 139struct psmode_cmd_payload { 140 u8 ps_cmd; 141 __le16 c2h_ps_interval; 142} __packed; 143 144struct btnxpuart_data { 145 const char *helper_fw_name; 146 const char *fw_name; 147}; 148 149struct btnxpuart_dev { 150 struct hci_dev *hdev; 151 struct serdev_device *serdev; 152 153 struct work_struct tx_work; 154 unsigned long tx_state; 155 struct sk_buff_head txq; 156 struct sk_buff *rx_skb; 157 158 const struct firmware *fw; 159 u8 fw_name[MAX_FW_FILE_NAME_LEN]; 160 u32 fw_dnld_v1_offset; 161 u32 fw_v1_sent_bytes; 162 u32 fw_v3_offset_correction; 163 u32 fw_v1_expected_len; 164 u32 boot_reg_offset; 165 wait_queue_head_t fw_dnld_done_wait_q; 166 wait_queue_head_t check_boot_sign_wait_q; 167 168 u32 new_baudrate; 169 u32 current_baudrate; 170 u32 fw_init_baudrate; 171 bool timeout_changed; 172 bool baudrate_changed; 173 bool helper_downloaded; 174 175 struct ps_data psdata; 176 struct btnxpuart_data *nxp_data; 177}; 178 179#define NXP_V1_FW_REQ_PKT 0xa5 180#define NXP_V1_CHIP_VER_PKT 0xaa 181#define NXP_V3_FW_REQ_PKT 0xa7 182#define NXP_V3_CHIP_VER_PKT 0xab 183 184#define NXP_ACK_V1 0x5a 185#define NXP_NAK_V1 0xbf 186#define NXP_ACK_V3 0x7a 187#define NXP_NAK_V3 0x7b 188#define NXP_CRC_ERROR_V3 0x7c 189 190#define HDR_LEN 16 191 192#define NXP_RECV_CHIP_VER_V1 \ 193 .type = NXP_V1_CHIP_VER_PKT, \ 194 .hlen = 4, \ 195 .loff = 0, \ 196 .lsize = 0, \ 197 .maxlen = 4 198 199#define NXP_RECV_FW_REQ_V1 \ 200 .type = NXP_V1_FW_REQ_PKT, \ 201 .hlen = 4, \ 202 .loff = 0, \ 203 .lsize = 0, \ 204 .maxlen = 4 205 206#define NXP_RECV_CHIP_VER_V3 \ 207 .type = NXP_V3_CHIP_VER_PKT, \ 208 .hlen = 4, \ 209 .loff = 0, \ 210 .lsize = 0, \ 211 .maxlen = 4 212 213#define NXP_RECV_FW_REQ_V3 \ 214 .type = NXP_V3_FW_REQ_PKT, \ 215 .hlen = 9, \ 216 .loff = 0, \ 217 .lsize = 0, \ 218 .maxlen = 9 219 220struct v1_data_req { 221 __le16 len; 222 __le16 len_comp; 223} __packed; 224 225struct v1_start_ind { 226 __le16 chip_id; 227 __le16 chip_id_comp; 228} __packed; 229 230struct v3_data_req { 231 __le16 len; 232 __le32 offset; 233 __le16 error; 234 u8 crc; 235} __packed; 236 237struct v3_start_ind { 238 __le16 chip_id; 239 u8 loader_ver; 240 u8 crc; 241} __packed; 242 243/* UART register addresses of BT chip */ 244#define CLKDIVADDR 0x7f00008f 245#define UARTDIVADDR 0x7f000090 246#define UARTMCRADDR 0x7f000091 247#define UARTREINITADDR 0x7f000092 248#define UARTICRADDR 0x7f000093 249#define UARTFCRADDR 0x7f000094 250 251#define MCR 0x00000022 252#define INIT 0x00000001 253#define ICR 0x000000c7 254#define FCR 0x000000c7 255 256#define POLYNOMIAL8 0x07 257 258struct uart_reg { 259 __le32 address; 260 __le32 value; 261} __packed; 262 263struct uart_config { 264 struct uart_reg clkdiv; 265 struct uart_reg uartdiv; 266 struct uart_reg mcr; 267 struct uart_reg re_init; 268 struct uart_reg icr; 269 struct uart_reg fcr; 270 __be32 crc; 271} __packed; 272 273struct nxp_bootloader_cmd { 274 __le32 header; 275 __le32 arg; 276 __le32 payload_len; 277 __be32 crc; 278} __packed; 279 280static u8 crc8_table[CRC8_TABLE_SIZE]; 281 282/* Default configurations */ 283#define DEFAULT_H2C_WAKEUP_MODE WAKEUP_METHOD_BREAK 284#define DEFAULT_PS_MODE PS_MODE_DISABLE 285#define FW_INIT_BAUDRATE HCI_NXP_PRI_BAUDRATE 286 287static struct sk_buff *nxp_drv_send_cmd(struct hci_dev *hdev, u16 opcode, 288 u32 plen, 289 void *param) 290{ 291 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 292 struct ps_data *psdata = &nxpdev->psdata; 293 struct sk_buff *skb; 294 295 /* set flag to prevent nxp_enqueue from parsing values from this command and 296 * calling hci_cmd_sync_queue() again. 297 */ 298 psdata->driver_sent_cmd = true; 299 skb = __hci_cmd_sync(hdev, opcode, plen, param, HCI_CMD_TIMEOUT); 300 psdata->driver_sent_cmd = false; 301 302 return skb; 303} 304 305static void btnxpuart_tx_wakeup(struct btnxpuart_dev *nxpdev) 306{ 307 if (schedule_work(&nxpdev->tx_work)) 308 set_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state); 309} 310 311/* NXP Power Save Feature */ 312static void ps_start_timer(struct btnxpuart_dev *nxpdev) 313{ 314 struct ps_data *psdata = &nxpdev->psdata; 315 316 if (!psdata) 317 return; 318 319 if (psdata->cur_psmode == PS_MODE_ENABLE) 320 mod_timer(&psdata->ps_timer, jiffies + msecs_to_jiffies(psdata->h2c_ps_interval)); 321 322 if (psdata->ps_state == PS_STATE_AWAKE && psdata->ps_cmd == PS_CMD_ENTER_PS) 323 cancel_work_sync(&psdata->work); 324} 325 326static void ps_cancel_timer(struct btnxpuart_dev *nxpdev) 327{ 328 struct ps_data *psdata = &nxpdev->psdata; 329 330 flush_work(&psdata->work); 331 del_timer_sync(&psdata->ps_timer); 332} 333 334static void ps_control(struct hci_dev *hdev, u8 ps_state) 335{ 336 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 337 struct ps_data *psdata = &nxpdev->psdata; 338 int status; 339 340 if (psdata->ps_state == ps_state || 341 !test_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state)) 342 return; 343 344 mutex_lock(&psdata->ps_lock); 345 switch (psdata->cur_h2c_wakeupmode) { 346 case WAKEUP_METHOD_DTR: 347 if (ps_state == PS_STATE_AWAKE) 348 status = serdev_device_set_tiocm(nxpdev->serdev, TIOCM_DTR, 0); 349 else 350 status = serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_DTR); 351 break; 352 case WAKEUP_METHOD_BREAK: 353 default: 354 if (ps_state == PS_STATE_AWAKE) 355 status = serdev_device_break_ctl(nxpdev->serdev, 0); 356 else 357 status = serdev_device_break_ctl(nxpdev->serdev, -1); 358 msleep(20); /* Allow chip to detect UART-break and enter sleep */ 359 bt_dev_dbg(hdev, "Set UART break: %s, status=%d", 360 str_on_off(ps_state == PS_STATE_SLEEP), status); 361 break; 362 } 363 if (!status) 364 psdata->ps_state = ps_state; 365 mutex_unlock(&psdata->ps_lock); 366 367 if (ps_state == PS_STATE_AWAKE) 368 btnxpuart_tx_wakeup(nxpdev); 369} 370 371static void ps_work_func(struct work_struct *work) 372{ 373 struct ps_data *data = container_of(work, struct ps_data, work); 374 375 if (data->ps_cmd == PS_CMD_ENTER_PS && data->cur_psmode == PS_MODE_ENABLE) 376 ps_control(data->hdev, PS_STATE_SLEEP); 377 else if (data->ps_cmd == PS_CMD_EXIT_PS) 378 ps_control(data->hdev, PS_STATE_AWAKE); 379} 380 381static void ps_timeout_func(struct timer_list *t) 382{ 383 struct ps_data *data = from_timer(data, t, ps_timer); 384 struct hci_dev *hdev = data->hdev; 385 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 386 387 if (test_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state)) { 388 ps_start_timer(nxpdev); 389 } else { 390 data->ps_cmd = PS_CMD_ENTER_PS; 391 schedule_work(&data->work); 392 } 393} 394 395static void ps_setup(struct hci_dev *hdev) 396{ 397 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 398 struct ps_data *psdata = &nxpdev->psdata; 399 400 psdata->hdev = hdev; 401 INIT_WORK(&psdata->work, ps_work_func); 402 mutex_init(&psdata->ps_lock); 403 timer_setup(&psdata->ps_timer, ps_timeout_func, 0); 404} 405 406static bool ps_wakeup(struct btnxpuart_dev *nxpdev) 407{ 408 struct ps_data *psdata = &nxpdev->psdata; 409 u8 ps_state; 410 411 mutex_lock(&psdata->ps_lock); 412 ps_state = psdata->ps_state; 413 mutex_unlock(&psdata->ps_lock); 414 415 if (ps_state != PS_STATE_AWAKE) { 416 psdata->ps_cmd = PS_CMD_EXIT_PS; 417 schedule_work(&psdata->work); 418 return true; 419 } 420 return false; 421} 422 423static int send_ps_cmd(struct hci_dev *hdev, void *data) 424{ 425 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 426 struct ps_data *psdata = &nxpdev->psdata; 427 struct psmode_cmd_payload pcmd; 428 struct sk_buff *skb; 429 u8 *status; 430 431 if (psdata->target_ps_mode == PS_MODE_ENABLE) 432 pcmd.ps_cmd = BT_PS_ENABLE; 433 else 434 pcmd.ps_cmd = BT_PS_DISABLE; 435 pcmd.c2h_ps_interval = __cpu_to_le16(psdata->c2h_ps_interval); 436 437 skb = nxp_drv_send_cmd(hdev, HCI_NXP_AUTO_SLEEP_MODE, sizeof(pcmd), &pcmd); 438 if (IS_ERR(skb)) { 439 bt_dev_err(hdev, "Setting Power Save mode failed (%ld)", PTR_ERR(skb)); 440 return PTR_ERR(skb); 441 } 442 443 status = skb_pull_data(skb, 1); 444 if (status) { 445 if (!*status) 446 psdata->cur_psmode = psdata->target_ps_mode; 447 else 448 psdata->target_ps_mode = psdata->cur_psmode; 449 if (psdata->cur_psmode == PS_MODE_ENABLE) 450 ps_start_timer(nxpdev); 451 else 452 ps_wakeup(nxpdev); 453 bt_dev_dbg(hdev, "Power Save mode response: status=%d, ps_mode=%d", 454 *status, psdata->cur_psmode); 455 } 456 kfree_skb(skb); 457 458 return 0; 459} 460 461static int send_wakeup_method_cmd(struct hci_dev *hdev, void *data) 462{ 463 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 464 struct ps_data *psdata = &nxpdev->psdata; 465 struct wakeup_cmd_payload pcmd; 466 struct sk_buff *skb; 467 u8 *status; 468 469 pcmd.c2h_wakeupmode = psdata->c2h_wakeupmode; 470 pcmd.c2h_wakeup_gpio = psdata->c2h_wakeup_gpio; 471 switch (psdata->h2c_wakeupmode) { 472 case WAKEUP_METHOD_DTR: 473 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_DSR; 474 break; 475 case WAKEUP_METHOD_BREAK: 476 default: 477 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_BREAK; 478 break; 479 } 480 pcmd.h2c_wakeup_gpio = 0xff; 481 482 skb = nxp_drv_send_cmd(hdev, HCI_NXP_WAKEUP_METHOD, sizeof(pcmd), &pcmd); 483 if (IS_ERR(skb)) { 484 bt_dev_err(hdev, "Setting wake-up method failed (%ld)", PTR_ERR(skb)); 485 return PTR_ERR(skb); 486 } 487 488 status = skb_pull_data(skb, 1); 489 if (status) { 490 if (*status == 0) 491 psdata->cur_h2c_wakeupmode = psdata->h2c_wakeupmode; 492 else 493 psdata->h2c_wakeupmode = psdata->cur_h2c_wakeupmode; 494 bt_dev_dbg(hdev, "Set Wakeup Method response: status=%d, h2c_wakeupmode=%d", 495 *status, psdata->cur_h2c_wakeupmode); 496 } 497 kfree_skb(skb); 498 499 return 0; 500} 501 502static void ps_init(struct hci_dev *hdev) 503{ 504 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 505 struct ps_data *psdata = &nxpdev->psdata; 506 507 serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_RTS); 508 usleep_range(5000, 10000); 509 serdev_device_set_tiocm(nxpdev->serdev, TIOCM_RTS, 0); 510 usleep_range(5000, 10000); 511 512 psdata->ps_state = PS_STATE_AWAKE; 513 psdata->c2h_wakeupmode = BT_HOST_WAKEUP_METHOD_NONE; 514 psdata->c2h_wakeup_gpio = 0xff; 515 516 psdata->cur_h2c_wakeupmode = WAKEUP_METHOD_INVALID; 517 psdata->h2c_ps_interval = PS_DEFAULT_TIMEOUT_PERIOD_MS; 518 switch (DEFAULT_H2C_WAKEUP_MODE) { 519 case WAKEUP_METHOD_DTR: 520 psdata->h2c_wakeupmode = WAKEUP_METHOD_DTR; 521 serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_DTR); 522 serdev_device_set_tiocm(nxpdev->serdev, TIOCM_DTR, 0); 523 break; 524 case WAKEUP_METHOD_BREAK: 525 default: 526 psdata->h2c_wakeupmode = WAKEUP_METHOD_BREAK; 527 serdev_device_break_ctl(nxpdev->serdev, -1); 528 usleep_range(5000, 10000); 529 serdev_device_break_ctl(nxpdev->serdev, 0); 530 usleep_range(5000, 10000); 531 break; 532 } 533 534 psdata->cur_psmode = PS_MODE_DISABLE; 535 psdata->target_ps_mode = DEFAULT_PS_MODE; 536 537 if (psdata->cur_h2c_wakeupmode != psdata->h2c_wakeupmode) 538 hci_cmd_sync_queue(hdev, send_wakeup_method_cmd, NULL, NULL); 539 if (psdata->cur_psmode != psdata->target_ps_mode) 540 hci_cmd_sync_queue(hdev, send_ps_cmd, NULL, NULL); 541} 542 543/* NXP Firmware Download Feature */ 544static int nxp_download_firmware(struct hci_dev *hdev) 545{ 546 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 547 int err = 0; 548 549 nxpdev->fw_dnld_v1_offset = 0; 550 nxpdev->fw_v1_sent_bytes = 0; 551 nxpdev->fw_v1_expected_len = HDR_LEN; 552 nxpdev->boot_reg_offset = 0; 553 nxpdev->fw_v3_offset_correction = 0; 554 nxpdev->baudrate_changed = false; 555 nxpdev->timeout_changed = false; 556 nxpdev->helper_downloaded = false; 557 558 serdev_device_set_baudrate(nxpdev->serdev, HCI_NXP_PRI_BAUDRATE); 559 serdev_device_set_flow_control(nxpdev->serdev, false); 560 nxpdev->current_baudrate = HCI_NXP_PRI_BAUDRATE; 561 562 /* Wait till FW is downloaded */ 563 err = wait_event_interruptible_timeout(nxpdev->fw_dnld_done_wait_q, 564 !test_bit(BTNXPUART_FW_DOWNLOADING, 565 &nxpdev->tx_state), 566 msecs_to_jiffies(60000)); 567 if (err == 0) { 568 bt_dev_err(hdev, "FW Download Timeout."); 569 return -ETIMEDOUT; 570 } 571 572 serdev_device_set_flow_control(nxpdev->serdev, true); 573 release_firmware(nxpdev->fw); 574 memset(nxpdev->fw_name, 0, sizeof(nxpdev->fw_name)); 575 576 /* Allow the downloaded FW to initialize */ 577 msleep(1200); 578 579 return 0; 580} 581 582static void nxp_send_ack(u8 ack, struct hci_dev *hdev) 583{ 584 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 585 u8 ack_nak[2]; 586 int len = 1; 587 588 ack_nak[0] = ack; 589 if (ack == NXP_ACK_V3) { 590 ack_nak[1] = crc8(crc8_table, ack_nak, 1, 0xff); 591 len = 2; 592 } 593 serdev_device_write_buf(nxpdev->serdev, ack_nak, len); 594} 595 596static bool nxp_fw_change_baudrate(struct hci_dev *hdev, u16 req_len) 597{ 598 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 599 struct nxp_bootloader_cmd nxp_cmd5; 600 struct uart_config uart_config; 601 u32 clkdivaddr = CLKDIVADDR - nxpdev->boot_reg_offset; 602 u32 uartdivaddr = UARTDIVADDR - nxpdev->boot_reg_offset; 603 u32 uartmcraddr = UARTMCRADDR - nxpdev->boot_reg_offset; 604 u32 uartreinitaddr = UARTREINITADDR - nxpdev->boot_reg_offset; 605 u32 uarticraddr = UARTICRADDR - nxpdev->boot_reg_offset; 606 u32 uartfcraddr = UARTFCRADDR - nxpdev->boot_reg_offset; 607 608 if (req_len == sizeof(nxp_cmd5)) { 609 nxp_cmd5.header = __cpu_to_le32(5); 610 nxp_cmd5.arg = 0; 611 nxp_cmd5.payload_len = __cpu_to_le32(sizeof(uart_config)); 612 /* FW expects swapped CRC bytes */ 613 nxp_cmd5.crc = __cpu_to_be32(crc32_be(0UL, (char *)&nxp_cmd5, 614 sizeof(nxp_cmd5) - 4)); 615 616 serdev_device_write_buf(nxpdev->serdev, (u8 *)&nxp_cmd5, sizeof(nxp_cmd5)); 617 nxpdev->fw_v3_offset_correction += req_len; 618 } else if (req_len == sizeof(uart_config)) { 619 uart_config.clkdiv.address = __cpu_to_le32(clkdivaddr); 620 uart_config.clkdiv.value = __cpu_to_le32(0x00c00000); 621 uart_config.uartdiv.address = __cpu_to_le32(uartdivaddr); 622 uart_config.uartdiv.value = __cpu_to_le32(1); 623 uart_config.mcr.address = __cpu_to_le32(uartmcraddr); 624 uart_config.mcr.value = __cpu_to_le32(MCR); 625 uart_config.re_init.address = __cpu_to_le32(uartreinitaddr); 626 uart_config.re_init.value = __cpu_to_le32(INIT); 627 uart_config.icr.address = __cpu_to_le32(uarticraddr); 628 uart_config.icr.value = __cpu_to_le32(ICR); 629 uart_config.fcr.address = __cpu_to_le32(uartfcraddr); 630 uart_config.fcr.value = __cpu_to_le32(FCR); 631 /* FW expects swapped CRC bytes */ 632 uart_config.crc = __cpu_to_be32(crc32_be(0UL, (char *)&uart_config, 633 sizeof(uart_config) - 4)); 634 635 serdev_device_write_buf(nxpdev->serdev, (u8 *)&uart_config, sizeof(uart_config)); 636 serdev_device_wait_until_sent(nxpdev->serdev, 0); 637 nxpdev->fw_v3_offset_correction += req_len; 638 return true; 639 } 640 return false; 641} 642 643static bool nxp_fw_change_timeout(struct hci_dev *hdev, u16 req_len) 644{ 645 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 646 struct nxp_bootloader_cmd nxp_cmd7; 647 648 if (req_len != sizeof(nxp_cmd7)) 649 return false; 650 651 nxp_cmd7.header = __cpu_to_le32(7); 652 nxp_cmd7.arg = __cpu_to_le32(0x70); 653 nxp_cmd7.payload_len = 0; 654 /* FW expects swapped CRC bytes */ 655 nxp_cmd7.crc = __cpu_to_be32(crc32_be(0UL, (char *)&nxp_cmd7, 656 sizeof(nxp_cmd7) - 4)); 657 serdev_device_write_buf(nxpdev->serdev, (u8 *)&nxp_cmd7, sizeof(nxp_cmd7)); 658 serdev_device_wait_until_sent(nxpdev->serdev, 0); 659 nxpdev->fw_v3_offset_correction += req_len; 660 return true; 661} 662 663static u32 nxp_get_data_len(const u8 *buf) 664{ 665 struct nxp_bootloader_cmd *hdr = (struct nxp_bootloader_cmd *)buf; 666 667 return __le32_to_cpu(hdr->payload_len); 668} 669 670static bool is_fw_downloading(struct btnxpuart_dev *nxpdev) 671{ 672 return test_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 673} 674 675static bool process_boot_signature(struct btnxpuart_dev *nxpdev) 676{ 677 if (test_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state)) { 678 clear_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state); 679 wake_up_interruptible(&nxpdev->check_boot_sign_wait_q); 680 return false; 681 } 682 return is_fw_downloading(nxpdev); 683} 684 685static int nxp_request_firmware(struct hci_dev *hdev, const char *fw_name) 686{ 687 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 688 int err = 0; 689 690 if (!fw_name) 691 return -ENOENT; 692 693 if (!strlen(nxpdev->fw_name)) { 694 snprintf(nxpdev->fw_name, MAX_FW_FILE_NAME_LEN, "%s", fw_name); 695 696 bt_dev_dbg(hdev, "Request Firmware: %s", nxpdev->fw_name); 697 err = request_firmware(&nxpdev->fw, nxpdev->fw_name, &hdev->dev); 698 if (err < 0) { 699 bt_dev_err(hdev, "Firmware file %s not found", nxpdev->fw_name); 700 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 701 } 702 } 703 return err; 704} 705 706/* for legacy chipsets with V1 bootloader */ 707static int nxp_recv_chip_ver_v1(struct hci_dev *hdev, struct sk_buff *skb) 708{ 709 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 710 struct v1_start_ind *req; 711 __u16 chip_id; 712 713 req = skb_pull_data(skb, sizeof(*req)); 714 if (!req) 715 goto free_skb; 716 717 chip_id = le16_to_cpu(req->chip_id ^ req->chip_id_comp); 718 if (chip_id == 0xffff && nxpdev->fw_dnld_v1_offset) { 719 nxpdev->fw_dnld_v1_offset = 0; 720 nxpdev->fw_v1_sent_bytes = 0; 721 nxpdev->fw_v1_expected_len = HDR_LEN; 722 release_firmware(nxpdev->fw); 723 memset(nxpdev->fw_name, 0, sizeof(nxpdev->fw_name)); 724 nxp_send_ack(NXP_ACK_V1, hdev); 725 } 726 727free_skb: 728 kfree_skb(skb); 729 return 0; 730} 731 732static int nxp_recv_fw_req_v1(struct hci_dev *hdev, struct sk_buff *skb) 733{ 734 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 735 struct btnxpuart_data *nxp_data = nxpdev->nxp_data; 736 struct v1_data_req *req; 737 __u16 len; 738 739 if (!process_boot_signature(nxpdev)) 740 goto free_skb; 741 742 req = skb_pull_data(skb, sizeof(*req)); 743 if (!req) 744 goto free_skb; 745 746 len = __le16_to_cpu(req->len ^ req->len_comp); 747 if (len != 0xffff) { 748 bt_dev_dbg(hdev, "ERR: Send NAK"); 749 nxp_send_ack(NXP_NAK_V1, hdev); 750 goto free_skb; 751 } 752 nxp_send_ack(NXP_ACK_V1, hdev); 753 754 len = __le16_to_cpu(req->len); 755 756 if (!nxp_data->helper_fw_name) { 757 if (!nxpdev->timeout_changed) { 758 nxpdev->timeout_changed = nxp_fw_change_timeout(hdev, 759 len); 760 goto free_skb; 761 } 762 if (!nxpdev->baudrate_changed) { 763 nxpdev->baudrate_changed = nxp_fw_change_baudrate(hdev, 764 len); 765 if (nxpdev->baudrate_changed) { 766 serdev_device_set_baudrate(nxpdev->serdev, 767 HCI_NXP_SEC_BAUDRATE); 768 serdev_device_set_flow_control(nxpdev->serdev, true); 769 nxpdev->current_baudrate = HCI_NXP_SEC_BAUDRATE; 770 } 771 goto free_skb; 772 } 773 } 774 775 if (!nxp_data->helper_fw_name || nxpdev->helper_downloaded) { 776 if (nxp_request_firmware(hdev, nxp_data->fw_name)) 777 goto free_skb; 778 } else if (nxp_data->helper_fw_name && !nxpdev->helper_downloaded) { 779 if (nxp_request_firmware(hdev, nxp_data->helper_fw_name)) 780 goto free_skb; 781 } 782 783 if (!len) { 784 bt_dev_dbg(hdev, "FW Downloaded Successfully: %zu bytes", 785 nxpdev->fw->size); 786 if (nxp_data->helper_fw_name && !nxpdev->helper_downloaded) { 787 nxpdev->helper_downloaded = true; 788 serdev_device_wait_until_sent(nxpdev->serdev, 0); 789 serdev_device_set_baudrate(nxpdev->serdev, 790 HCI_NXP_SEC_BAUDRATE); 791 serdev_device_set_flow_control(nxpdev->serdev, true); 792 } else { 793 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 794 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q); 795 } 796 goto free_skb; 797 } 798 if (len & 0x01) { 799 /* The CRC did not match at the other end. 800 * Simply send the same bytes again. 801 */ 802 len = nxpdev->fw_v1_sent_bytes; 803 bt_dev_dbg(hdev, "CRC error. Resend %d bytes of FW.", len); 804 } else { 805 nxpdev->fw_dnld_v1_offset += nxpdev->fw_v1_sent_bytes; 806 807 /* The FW bin file is made up of many blocks of 808 * 16 byte header and payload data chunks. If the 809 * FW has requested a header, read the payload length 810 * info from the header, before sending the header. 811 * In the next iteration, the FW should request the 812 * payload data chunk, which should be equal to the 813 * payload length read from header. If there is a 814 * mismatch, clearly the driver and FW are out of sync, 815 * and we need to re-send the previous header again. 816 */ 817 if (len == nxpdev->fw_v1_expected_len) { 818 if (len == HDR_LEN) 819 nxpdev->fw_v1_expected_len = nxp_get_data_len(nxpdev->fw->data + 820 nxpdev->fw_dnld_v1_offset); 821 else 822 nxpdev->fw_v1_expected_len = HDR_LEN; 823 } else if (len == HDR_LEN) { 824 /* FW download out of sync. Send previous chunk again */ 825 nxpdev->fw_dnld_v1_offset -= nxpdev->fw_v1_sent_bytes; 826 nxpdev->fw_v1_expected_len = HDR_LEN; 827 } 828 } 829 830 if (nxpdev->fw_dnld_v1_offset + len <= nxpdev->fw->size) 831 serdev_device_write_buf(nxpdev->serdev, nxpdev->fw->data + 832 nxpdev->fw_dnld_v1_offset, len); 833 nxpdev->fw_v1_sent_bytes = len; 834 835free_skb: 836 kfree_skb(skb); 837 return 0; 838} 839 840static char *nxp_get_fw_name_from_chipid(struct hci_dev *hdev, u16 chipid, 841 u8 loader_ver) 842{ 843 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 844 char *fw_name = NULL; 845 846 switch (chipid) { 847 case CHIP_ID_W9098: 848 fw_name = FIRMWARE_W9098; 849 break; 850 case CHIP_ID_IW416: 851 fw_name = FIRMWARE_IW416; 852 break; 853 case CHIP_ID_IW612: 854 fw_name = FIRMWARE_IW612; 855 break; 856 case CHIP_ID_IW624a: 857 case CHIP_ID_IW624c: 858 nxpdev->boot_reg_offset = 1; 859 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN) 860 fw_name = FIRMWARE_IW624; 861 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL) 862 fw_name = FIRMWARE_SECURE_IW624; 863 else 864 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver); 865 break; 866 case CHIP_ID_AW693: 867 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN) 868 fw_name = FIRMWARE_AW693; 869 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL) 870 fw_name = FIRMWARE_SECURE_AW693; 871 else 872 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver); 873 break; 874 default: 875 bt_dev_err(hdev, "Unknown chip signature %04x", chipid); 876 break; 877 } 878 return fw_name; 879} 880 881static int nxp_recv_chip_ver_v3(struct hci_dev *hdev, struct sk_buff *skb) 882{ 883 struct v3_start_ind *req = skb_pull_data(skb, sizeof(*req)); 884 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 885 u16 chip_id; 886 u8 loader_ver; 887 888 if (!process_boot_signature(nxpdev)) 889 goto free_skb; 890 891 chip_id = le16_to_cpu(req->chip_id); 892 loader_ver = req->loader_ver; 893 if (!nxp_request_firmware(hdev, nxp_get_fw_name_from_chipid(hdev, 894 chip_id, loader_ver))) 895 nxp_send_ack(NXP_ACK_V3, hdev); 896 897free_skb: 898 kfree_skb(skb); 899 return 0; 900} 901 902static int nxp_recv_fw_req_v3(struct hci_dev *hdev, struct sk_buff *skb) 903{ 904 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 905 struct v3_data_req *req; 906 __u16 len; 907 __u32 offset; 908 909 if (!process_boot_signature(nxpdev)) 910 goto free_skb; 911 912 req = skb_pull_data(skb, sizeof(*req)); 913 if (!req || !nxpdev->fw) 914 goto free_skb; 915 916 nxp_send_ack(NXP_ACK_V3, hdev); 917 918 len = __le16_to_cpu(req->len); 919 920 if (!nxpdev->timeout_changed) { 921 nxpdev->timeout_changed = nxp_fw_change_timeout(hdev, len); 922 goto free_skb; 923 } 924 925 if (!nxpdev->baudrate_changed) { 926 nxpdev->baudrate_changed = nxp_fw_change_baudrate(hdev, len); 927 if (nxpdev->baudrate_changed) { 928 serdev_device_set_baudrate(nxpdev->serdev, 929 HCI_NXP_SEC_BAUDRATE); 930 serdev_device_set_flow_control(nxpdev->serdev, true); 931 nxpdev->current_baudrate = HCI_NXP_SEC_BAUDRATE; 932 } 933 goto free_skb; 934 } 935 936 if (req->len == 0) { 937 bt_dev_dbg(hdev, "FW Downloaded Successfully: %zu bytes", 938 nxpdev->fw->size); 939 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 940 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q); 941 goto free_skb; 942 } 943 if (req->error) 944 bt_dev_dbg(hdev, "FW Download received err 0x%02x from chip", 945 req->error); 946 947 offset = __le32_to_cpu(req->offset); 948 if (offset < nxpdev->fw_v3_offset_correction) { 949 /* This scenario should ideally never occur. But if it ever does, 950 * FW is out of sync and needs a power cycle. 951 */ 952 bt_dev_err(hdev, "Something went wrong during FW download"); 953 bt_dev_err(hdev, "Please power cycle and try again"); 954 goto free_skb; 955 } 956 957 serdev_device_write_buf(nxpdev->serdev, nxpdev->fw->data + offset - 958 nxpdev->fw_v3_offset_correction, len); 959 960free_skb: 961 kfree_skb(skb); 962 return 0; 963} 964 965static int nxp_set_baudrate_cmd(struct hci_dev *hdev, void *data) 966{ 967 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 968 __le32 new_baudrate = __cpu_to_le32(nxpdev->new_baudrate); 969 struct ps_data *psdata = &nxpdev->psdata; 970 struct sk_buff *skb; 971 u8 *status; 972 973 if (!psdata) 974 return 0; 975 976 skb = nxp_drv_send_cmd(hdev, HCI_NXP_SET_OPER_SPEED, 4, (u8 *)&new_baudrate); 977 if (IS_ERR(skb)) { 978 bt_dev_err(hdev, "Setting baudrate failed (%ld)", PTR_ERR(skb)); 979 return PTR_ERR(skb); 980 } 981 982 status = (u8 *)skb_pull_data(skb, 1); 983 if (status) { 984 if (*status == 0) { 985 serdev_device_set_baudrate(nxpdev->serdev, nxpdev->new_baudrate); 986 nxpdev->current_baudrate = nxpdev->new_baudrate; 987 } 988 bt_dev_dbg(hdev, "Set baudrate response: status=%d, baudrate=%d", 989 *status, nxpdev->new_baudrate); 990 } 991 kfree_skb(skb); 992 993 return 0; 994} 995 996static int nxp_check_boot_sign(struct btnxpuart_dev *nxpdev) 997{ 998 serdev_device_set_baudrate(nxpdev->serdev, HCI_NXP_PRI_BAUDRATE); 999 if (test_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state)) 1000 serdev_device_set_flow_control(nxpdev->serdev, false); 1001 else 1002 serdev_device_set_flow_control(nxpdev->serdev, true); 1003 set_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state); 1004 1005 return wait_event_interruptible_timeout(nxpdev->check_boot_sign_wait_q, 1006 !test_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, 1007 &nxpdev->tx_state), 1008 msecs_to_jiffies(1000)); 1009} 1010 1011static int nxp_set_ind_reset(struct hci_dev *hdev, void *data) 1012{ 1013 static const u8 ir_hw_err[] = { HCI_EV_HARDWARE_ERROR, 1014 0x01, BTNXPUART_IR_HW_ERR }; 1015 struct sk_buff *skb; 1016 1017 skb = bt_skb_alloc(3, GFP_ATOMIC); 1018 if (!skb) 1019 return -ENOMEM; 1020 1021 hci_skb_pkt_type(skb) = HCI_EVENT_PKT; 1022 skb_put_data(skb, ir_hw_err, 3); 1023 1024 /* Inject Hardware Error to upper stack */ 1025 return hci_recv_frame(hdev, skb); 1026} 1027 1028/* NXP protocol */ 1029static int nxp_setup(struct hci_dev *hdev) 1030{ 1031 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1032 int err = 0; 1033 1034 if (nxp_check_boot_sign(nxpdev)) { 1035 bt_dev_dbg(hdev, "Need FW Download."); 1036 err = nxp_download_firmware(hdev); 1037 if (err < 0) 1038 return err; 1039 } else { 1040 bt_dev_dbg(hdev, "FW already running."); 1041 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1042 } 1043 1044 serdev_device_set_baudrate(nxpdev->serdev, nxpdev->fw_init_baudrate); 1045 nxpdev->current_baudrate = nxpdev->fw_init_baudrate; 1046 1047 if (nxpdev->current_baudrate != HCI_NXP_SEC_BAUDRATE) { 1048 nxpdev->new_baudrate = HCI_NXP_SEC_BAUDRATE; 1049 hci_cmd_sync_queue(hdev, nxp_set_baudrate_cmd, NULL, NULL); 1050 } 1051 1052 ps_init(hdev); 1053 1054 if (test_and_clear_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state)) 1055 hci_dev_clear_flag(hdev, HCI_SETUP); 1056 1057 return 0; 1058} 1059 1060static void nxp_hw_err(struct hci_dev *hdev, u8 code) 1061{ 1062 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1063 1064 switch (code) { 1065 case BTNXPUART_IR_HW_ERR: 1066 set_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state); 1067 hci_dev_set_flag(hdev, HCI_SETUP); 1068 break; 1069 default: 1070 break; 1071 } 1072} 1073 1074static int nxp_shutdown(struct hci_dev *hdev) 1075{ 1076 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1077 struct sk_buff *skb; 1078 u8 *status; 1079 u8 pcmd = 0; 1080 1081 if (test_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state)) { 1082 skb = nxp_drv_send_cmd(hdev, HCI_NXP_IND_RESET, 1, &pcmd); 1083 if (IS_ERR(skb)) 1084 return PTR_ERR(skb); 1085 1086 status = skb_pull_data(skb, 1); 1087 if (status) { 1088 serdev_device_set_flow_control(nxpdev->serdev, false); 1089 set_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1090 } 1091 kfree_skb(skb); 1092 } 1093 1094 return 0; 1095} 1096 1097static int btnxpuart_queue_skb(struct hci_dev *hdev, struct sk_buff *skb) 1098{ 1099 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1100 1101 /* Prepend skb with frame type */ 1102 memcpy(skb_push(skb, 1), &hci_skb_pkt_type(skb), 1); 1103 skb_queue_tail(&nxpdev->txq, skb); 1104 btnxpuart_tx_wakeup(nxpdev); 1105 return 0; 1106} 1107 1108static int nxp_enqueue(struct hci_dev *hdev, struct sk_buff *skb) 1109{ 1110 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1111 struct ps_data *psdata = &nxpdev->psdata; 1112 struct hci_command_hdr *hdr; 1113 struct psmode_cmd_payload ps_parm; 1114 struct wakeup_cmd_payload wakeup_parm; 1115 __le32 baudrate_parm; 1116 1117 /* if vendor commands are received from user space (e.g. hcitool), update 1118 * driver flags accordingly and ask driver to re-send the command to FW. 1119 * In case the payload for any command does not match expected payload 1120 * length, let the firmware and user space program handle it, or throw 1121 * an error. 1122 */ 1123 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT && !psdata->driver_sent_cmd) { 1124 hdr = (struct hci_command_hdr *)skb->data; 1125 if (hdr->plen != (skb->len - HCI_COMMAND_HDR_SIZE)) 1126 return btnxpuart_queue_skb(hdev, skb); 1127 1128 switch (__le16_to_cpu(hdr->opcode)) { 1129 case HCI_NXP_AUTO_SLEEP_MODE: 1130 if (hdr->plen == sizeof(ps_parm)) { 1131 memcpy(&ps_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen); 1132 if (ps_parm.ps_cmd == BT_PS_ENABLE) 1133 psdata->target_ps_mode = PS_MODE_ENABLE; 1134 else if (ps_parm.ps_cmd == BT_PS_DISABLE) 1135 psdata->target_ps_mode = PS_MODE_DISABLE; 1136 psdata->c2h_ps_interval = __le16_to_cpu(ps_parm.c2h_ps_interval); 1137 hci_cmd_sync_queue(hdev, send_ps_cmd, NULL, NULL); 1138 goto free_skb; 1139 } 1140 break; 1141 case HCI_NXP_WAKEUP_METHOD: 1142 if (hdr->plen == sizeof(wakeup_parm)) { 1143 memcpy(&wakeup_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen); 1144 psdata->c2h_wakeupmode = wakeup_parm.c2h_wakeupmode; 1145 psdata->c2h_wakeup_gpio = wakeup_parm.c2h_wakeup_gpio; 1146 psdata->h2c_wakeup_gpio = wakeup_parm.h2c_wakeup_gpio; 1147 switch (wakeup_parm.h2c_wakeupmode) { 1148 case BT_CTRL_WAKEUP_METHOD_DSR: 1149 psdata->h2c_wakeupmode = WAKEUP_METHOD_DTR; 1150 break; 1151 case BT_CTRL_WAKEUP_METHOD_BREAK: 1152 default: 1153 psdata->h2c_wakeupmode = WAKEUP_METHOD_BREAK; 1154 break; 1155 } 1156 hci_cmd_sync_queue(hdev, send_wakeup_method_cmd, NULL, NULL); 1157 goto free_skb; 1158 } 1159 break; 1160 case HCI_NXP_SET_OPER_SPEED: 1161 if (hdr->plen == sizeof(baudrate_parm)) { 1162 memcpy(&baudrate_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen); 1163 nxpdev->new_baudrate = __le32_to_cpu(baudrate_parm); 1164 hci_cmd_sync_queue(hdev, nxp_set_baudrate_cmd, NULL, NULL); 1165 goto free_skb; 1166 } 1167 break; 1168 case HCI_NXP_IND_RESET: 1169 if (hdr->plen == 1) { 1170 hci_cmd_sync_queue(hdev, nxp_set_ind_reset, NULL, NULL); 1171 goto free_skb; 1172 } 1173 break; 1174 default: 1175 break; 1176 } 1177 } 1178 1179 return btnxpuart_queue_skb(hdev, skb); 1180 1181free_skb: 1182 kfree_skb(skb); 1183 return 0; 1184} 1185 1186static struct sk_buff *nxp_dequeue(void *data) 1187{ 1188 struct btnxpuart_dev *nxpdev = (struct btnxpuart_dev *)data; 1189 1190 ps_start_timer(nxpdev); 1191 return skb_dequeue(&nxpdev->txq); 1192} 1193 1194/* btnxpuart based on serdev */ 1195static void btnxpuart_tx_work(struct work_struct *work) 1196{ 1197 struct btnxpuart_dev *nxpdev = container_of(work, struct btnxpuart_dev, 1198 tx_work); 1199 struct serdev_device *serdev = nxpdev->serdev; 1200 struct hci_dev *hdev = nxpdev->hdev; 1201 struct sk_buff *skb; 1202 int len; 1203 1204 if (ps_wakeup(nxpdev)) 1205 return; 1206 1207 while ((skb = nxp_dequeue(nxpdev))) { 1208 len = serdev_device_write_buf(serdev, skb->data, skb->len); 1209 hdev->stat.byte_tx += len; 1210 1211 skb_pull(skb, len); 1212 if (skb->len > 0) { 1213 skb_queue_head(&nxpdev->txq, skb); 1214 break; 1215 } 1216 1217 switch (hci_skb_pkt_type(skb)) { 1218 case HCI_COMMAND_PKT: 1219 hdev->stat.cmd_tx++; 1220 break; 1221 case HCI_ACLDATA_PKT: 1222 hdev->stat.acl_tx++; 1223 break; 1224 case HCI_SCODATA_PKT: 1225 hdev->stat.sco_tx++; 1226 break; 1227 } 1228 1229 kfree_skb(skb); 1230 } 1231 clear_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state); 1232} 1233 1234static int btnxpuart_open(struct hci_dev *hdev) 1235{ 1236 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1237 int err = 0; 1238 1239 err = serdev_device_open(nxpdev->serdev); 1240 if (err) { 1241 bt_dev_err(hdev, "Unable to open UART device %s", 1242 dev_name(&nxpdev->serdev->dev)); 1243 } else { 1244 set_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state); 1245 } 1246 return err; 1247} 1248 1249static int btnxpuart_close(struct hci_dev *hdev) 1250{ 1251 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1252 1253 ps_wakeup(nxpdev); 1254 serdev_device_close(nxpdev->serdev); 1255 skb_queue_purge(&nxpdev->txq); 1256 kfree_skb(nxpdev->rx_skb); 1257 nxpdev->rx_skb = NULL; 1258 clear_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state); 1259 return 0; 1260} 1261 1262static int btnxpuart_flush(struct hci_dev *hdev) 1263{ 1264 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1265 1266 /* Flush any pending characters */ 1267 serdev_device_write_flush(nxpdev->serdev); 1268 skb_queue_purge(&nxpdev->txq); 1269 1270 cancel_work_sync(&nxpdev->tx_work); 1271 1272 kfree_skb(nxpdev->rx_skb); 1273 nxpdev->rx_skb = NULL; 1274 1275 return 0; 1276} 1277 1278static const struct h4_recv_pkt nxp_recv_pkts[] = { 1279 { H4_RECV_ACL, .recv = hci_recv_frame }, 1280 { H4_RECV_SCO, .recv = hci_recv_frame }, 1281 { H4_RECV_EVENT, .recv = hci_recv_frame }, 1282 { NXP_RECV_CHIP_VER_V1, .recv = nxp_recv_chip_ver_v1 }, 1283 { NXP_RECV_FW_REQ_V1, .recv = nxp_recv_fw_req_v1 }, 1284 { NXP_RECV_CHIP_VER_V3, .recv = nxp_recv_chip_ver_v3 }, 1285 { NXP_RECV_FW_REQ_V3, .recv = nxp_recv_fw_req_v3 }, 1286}; 1287 1288static size_t btnxpuart_receive_buf(struct serdev_device *serdev, 1289 const u8 *data, size_t count) 1290{ 1291 struct btnxpuart_dev *nxpdev = serdev_device_get_drvdata(serdev); 1292 1293 ps_start_timer(nxpdev); 1294 1295 nxpdev->rx_skb = h4_recv_buf(nxpdev->hdev, nxpdev->rx_skb, data, count, 1296 nxp_recv_pkts, ARRAY_SIZE(nxp_recv_pkts)); 1297 if (IS_ERR(nxpdev->rx_skb)) { 1298 int err = PTR_ERR(nxpdev->rx_skb); 1299 /* Safe to ignore out-of-sync bootloader signatures */ 1300 if (!is_fw_downloading(nxpdev)) 1301 bt_dev_err(nxpdev->hdev, "Frame reassembly failed (%d)", err); 1302 return count; 1303 } 1304 if (!is_fw_downloading(nxpdev)) 1305 nxpdev->hdev->stat.byte_rx += count; 1306 return count; 1307} 1308 1309static void btnxpuart_write_wakeup(struct serdev_device *serdev) 1310{ 1311 serdev_device_write_wakeup(serdev); 1312} 1313 1314static const struct serdev_device_ops btnxpuart_client_ops = { 1315 .receive_buf = btnxpuart_receive_buf, 1316 .write_wakeup = btnxpuart_write_wakeup, 1317}; 1318 1319static int nxp_serdev_probe(struct serdev_device *serdev) 1320{ 1321 struct hci_dev *hdev; 1322 struct btnxpuart_dev *nxpdev; 1323 1324 nxpdev = devm_kzalloc(&serdev->dev, sizeof(*nxpdev), GFP_KERNEL); 1325 if (!nxpdev) 1326 return -ENOMEM; 1327 1328 nxpdev->nxp_data = (struct btnxpuart_data *)device_get_match_data(&serdev->dev); 1329 1330 nxpdev->serdev = serdev; 1331 serdev_device_set_drvdata(serdev, nxpdev); 1332 1333 serdev_device_set_client_ops(serdev, &btnxpuart_client_ops); 1334 1335 INIT_WORK(&nxpdev->tx_work, btnxpuart_tx_work); 1336 skb_queue_head_init(&nxpdev->txq); 1337 1338 init_waitqueue_head(&nxpdev->fw_dnld_done_wait_q); 1339 init_waitqueue_head(&nxpdev->check_boot_sign_wait_q); 1340 1341 device_property_read_u32(&nxpdev->serdev->dev, "fw-init-baudrate", 1342 &nxpdev->fw_init_baudrate); 1343 if (!nxpdev->fw_init_baudrate) 1344 nxpdev->fw_init_baudrate = FW_INIT_BAUDRATE; 1345 1346 set_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1347 1348 crc8_populate_msb(crc8_table, POLYNOMIAL8); 1349 1350 /* Initialize and register HCI device */ 1351 hdev = hci_alloc_dev(); 1352 if (!hdev) { 1353 dev_err(&serdev->dev, "Can't allocate HCI device\n"); 1354 return -ENOMEM; 1355 } 1356 1357 nxpdev->hdev = hdev; 1358 1359 hdev->bus = HCI_UART; 1360 hci_set_drvdata(hdev, nxpdev); 1361 1362 hdev->manufacturer = MANUFACTURER_NXP; 1363 hdev->open = btnxpuart_open; 1364 hdev->close = btnxpuart_close; 1365 hdev->flush = btnxpuart_flush; 1366 hdev->setup = nxp_setup; 1367 hdev->send = nxp_enqueue; 1368 hdev->hw_error = nxp_hw_err; 1369 hdev->shutdown = nxp_shutdown; 1370 SET_HCIDEV_DEV(hdev, &serdev->dev); 1371 1372 if (hci_register_dev(hdev) < 0) { 1373 dev_err(&serdev->dev, "Can't register HCI device\n"); 1374 hci_free_dev(hdev); 1375 return -ENODEV; 1376 } 1377 1378 ps_setup(hdev); 1379 1380 return 0; 1381} 1382 1383static void nxp_serdev_remove(struct serdev_device *serdev) 1384{ 1385 struct btnxpuart_dev *nxpdev = serdev_device_get_drvdata(serdev); 1386 struct hci_dev *hdev = nxpdev->hdev; 1387 1388 /* Restore FW baudrate to fw_init_baudrate if changed. 1389 * This will ensure FW baudrate is in sync with 1390 * driver baudrate in case this driver is re-inserted. 1391 */ 1392 if (nxpdev->current_baudrate != nxpdev->fw_init_baudrate) { 1393 nxpdev->new_baudrate = nxpdev->fw_init_baudrate; 1394 nxp_set_baudrate_cmd(hdev, NULL); 1395 } 1396 1397 ps_cancel_timer(nxpdev); 1398 hci_unregister_dev(hdev); 1399 hci_free_dev(hdev); 1400} 1401 1402static struct btnxpuart_data w8987_data __maybe_unused = { 1403 .helper_fw_name = NULL, 1404 .fw_name = FIRMWARE_W8987, 1405}; 1406 1407static struct btnxpuart_data w8997_data __maybe_unused = { 1408 .helper_fw_name = FIRMWARE_HELPER, 1409 .fw_name = FIRMWARE_W8997, 1410}; 1411 1412static const struct of_device_id nxpuart_of_match_table[] __maybe_unused = { 1413 { .compatible = "nxp,88w8987-bt", .data = &w8987_data }, 1414 { .compatible = "nxp,88w8997-bt", .data = &w8997_data }, 1415 { } 1416}; 1417MODULE_DEVICE_TABLE(of, nxpuart_of_match_table); 1418 1419static struct serdev_device_driver nxp_serdev_driver = { 1420 .probe = nxp_serdev_probe, 1421 .remove = nxp_serdev_remove, 1422 .driver = { 1423 .name = "btnxpuart", 1424 .of_match_table = of_match_ptr(nxpuart_of_match_table), 1425 }, 1426}; 1427 1428module_serdev_device_driver(nxp_serdev_driver); 1429 1430MODULE_AUTHOR("Neeraj Sanjay Kale <neeraj.sanjaykale@nxp.com>"); 1431MODULE_DESCRIPTION("NXP Bluetooth Serial driver"); 1432MODULE_LICENSE("GPL"); 1433