1/*
2 *
3 *  Bluetooth HCI UART driver
4 *
5 *  Copyright (C) 2000-2001  Qualcomm Incorporated
6 *  Copyright (C) 2002-2003  Maxim Krasnyansky <maxk@qualcomm.com>
7 *  Copyright (C) 2004-2005  Marcel Holtmann <marcel@holtmann.org>
8 *
9 *
10 *  This program is free software; you can redistribute it and/or modify
11 *  it under the terms of the GNU General Public License as published by
12 *  the Free Software Foundation; either version 2 of the License, or
13 *  (at your option) any later version.
14 *
15 *  This program is distributed in the hope that it will be useful,
16 *  but WITHOUT ANY WARRANTY; without even the implied warranty of
17 *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18 *  GNU General Public License for more details.
19 *
20 *  You should have received a copy of the GNU General Public License
21 *  along with this program; if not, write to the Free Software
22 *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
23 *
24 */
25
26#include <linux/module.h>
27
28#include <linux/kernel.h>
29#include <linux/init.h>
30#include <linux/types.h>
31#include <linux/fcntl.h>
32#include <linux/interrupt.h>
33#include <linux/ptrace.h>
34#include <linux/poll.h>
35
36#include <linux/slab.h>
37#include <linux/tty.h>
38#include <linux/errno.h>
39#include <linux/string.h>
40#include <linux/signal.h>
41#include <linux/ioctl.h>
42#include <linux/skbuff.h>
43
44#include <net/bluetooth/bluetooth.h>
45#include <net/bluetooth/hci_core.h>
46
47#include "hci_uart.h"
48
49#ifndef CONFIG_BT_HCIUART_DEBUG
50#undef  BT_DBG
51#define BT_DBG( A... )
52#endif
53
54#define VERSION "1.2"
55
56struct h4_struct {
57	unsigned long rx_state;
58	unsigned long rx_count;
59	struct sk_buff *rx_skb;
60	struct sk_buff_head txq;
61};
62
63/* H4 receiver States */
64#define H4_W4_PACKET_TYPE	0
65#define H4_W4_EVENT_HDR		1
66#define H4_W4_ACL_HDR		2
67#define H4_W4_SCO_HDR		3
68#define H4_W4_DATA		4
69
70/* Initialize protocol */
71static int h4_open(struct hci_uart *hu)
72{
73	struct h4_struct *h4;
74
75	BT_DBG("hu %p", hu);
76
77	h4 = kzalloc(sizeof(*h4), GFP_ATOMIC);
78	if (!h4)
79		return -ENOMEM;
80
81	skb_queue_head_init(&h4->txq);
82
83	hu->priv = h4;
84	return 0;
85}
86
87/* Flush protocol data */
88static int h4_flush(struct hci_uart *hu)
89{
90	struct h4_struct *h4 = hu->priv;
91
92	BT_DBG("hu %p", hu);
93
94	skb_queue_purge(&h4->txq);
95
96	return 0;
97}
98
99/* Close protocol */
100static int h4_close(struct hci_uart *hu)
101{
102	struct h4_struct *h4 = hu->priv;
103
104	hu->priv = NULL;
105
106	BT_DBG("hu %p", hu);
107
108	skb_queue_purge(&h4->txq);
109
110	if (h4->rx_skb)
111		kfree_skb(h4->rx_skb);
112
113	hu->priv = NULL;
114	kfree(h4);
115
116	return 0;
117}
118
119/* Enqueue frame for transmittion (padding, crc, etc) */
120static int h4_enqueue(struct hci_uart *hu, struct sk_buff *skb)
121{
122	struct h4_struct *h4 = hu->priv;
123
124	BT_DBG("hu %p skb %p", hu, skb);
125
126	/* Prepend skb with frame type */
127	memcpy(skb_push(skb, 1), &bt_cb(skb)->pkt_type, 1);
128	skb_queue_tail(&h4->txq, skb);
129
130	return 0;
131}
132
133static inline int h4_check_data_len(struct h4_struct *h4, int len)
134{
135	register int room = skb_tailroom(h4->rx_skb);
136
137	BT_DBG("len %d room %d", len, room);
138
139	if (!len) {
140		hci_recv_frame(h4->rx_skb);
141	} else if (len > room) {
142		BT_ERR("Data length is too large");
143		kfree_skb(h4->rx_skb);
144	} else {
145		h4->rx_state = H4_W4_DATA;
146		h4->rx_count = len;
147		return len;
148	}
149
150	h4->rx_state = H4_W4_PACKET_TYPE;
151	h4->rx_skb   = NULL;
152	h4->rx_count = 0;
153
154	return 0;
155}
156
157/* Recv data */
158static int h4_recv(struct hci_uart *hu, void *data, int count)
159{
160	struct h4_struct *h4 = hu->priv;
161	register char *ptr;
162	struct hci_event_hdr *eh;
163	struct hci_acl_hdr   *ah;
164	struct hci_sco_hdr   *sh;
165	register int len, type, dlen;
166
167	BT_DBG("hu %p count %d rx_state %ld rx_count %ld",
168			hu, count, h4->rx_state, h4->rx_count);
169
170	ptr = data;
171	while (count) {
172		if (h4->rx_count) {
173			len = min_t(unsigned int, h4->rx_count, count);
174			memcpy(skb_put(h4->rx_skb, len), ptr, len);
175			h4->rx_count -= len; count -= len; ptr += len;
176
177			if (h4->rx_count)
178				continue;
179
180			switch (h4->rx_state) {
181			case H4_W4_DATA:
182				BT_DBG("Complete data");
183
184				hci_recv_frame(h4->rx_skb);
185
186				h4->rx_state = H4_W4_PACKET_TYPE;
187				h4->rx_skb = NULL;
188				continue;
189
190			case H4_W4_EVENT_HDR:
191				eh = hci_event_hdr(h4->rx_skb);
192
193				BT_DBG("Event header: evt 0x%2.2x plen %d", eh->evt, eh->plen);
194
195				h4_check_data_len(h4, eh->plen);
196				continue;
197
198			case H4_W4_ACL_HDR:
199				ah = hci_acl_hdr(h4->rx_skb);
200				dlen = __le16_to_cpu(ah->dlen);
201
202				BT_DBG("ACL header: dlen %d", dlen);
203
204				h4_check_data_len(h4, dlen);
205				continue;
206
207			case H4_W4_SCO_HDR:
208				sh = hci_sco_hdr(h4->rx_skb);
209
210				BT_DBG("SCO header: dlen %d", sh->dlen);
211
212				h4_check_data_len(h4, sh->dlen);
213				continue;
214			}
215		}
216
217		/* H4_W4_PACKET_TYPE */
218		switch (*ptr) {
219		case HCI_EVENT_PKT:
220			BT_DBG("Event packet");
221			h4->rx_state = H4_W4_EVENT_HDR;
222			h4->rx_count = HCI_EVENT_HDR_SIZE;
223			type = HCI_EVENT_PKT;
224			break;
225
226		case HCI_ACLDATA_PKT:
227			BT_DBG("ACL packet");
228			h4->rx_state = H4_W4_ACL_HDR;
229			h4->rx_count = HCI_ACL_HDR_SIZE;
230			type = HCI_ACLDATA_PKT;
231			break;
232
233		case HCI_SCODATA_PKT:
234			BT_DBG("SCO packet");
235			h4->rx_state = H4_W4_SCO_HDR;
236			h4->rx_count = HCI_SCO_HDR_SIZE;
237			type = HCI_SCODATA_PKT;
238			break;
239
240		default:
241			BT_ERR("Unknown HCI packet type %2.2x", (__u8)*ptr);
242			hu->hdev->stat.err_rx++;
243			ptr++; count--;
244			continue;
245		};
246
247		ptr++; count--;
248
249		/* Allocate packet */
250		h4->rx_skb = bt_skb_alloc(HCI_MAX_FRAME_SIZE, GFP_ATOMIC);
251		if (!h4->rx_skb) {
252			BT_ERR("Can't allocate mem for new packet");
253			h4->rx_state = H4_W4_PACKET_TYPE;
254			h4->rx_count = 0;
255			return 0;
256		}
257
258		h4->rx_skb->dev = (void *) hu->hdev;
259		bt_cb(h4->rx_skb)->pkt_type = type;
260	}
261
262	return count;
263}
264
265static struct sk_buff *h4_dequeue(struct hci_uart *hu)
266{
267	struct h4_struct *h4 = hu->priv;
268	return skb_dequeue(&h4->txq);
269}
270
271static struct hci_uart_proto h4p = {
272	.id		= HCI_UART_H4,
273	.open		= h4_open,
274	.close		= h4_close,
275	.recv		= h4_recv,
276	.enqueue	= h4_enqueue,
277	.dequeue	= h4_dequeue,
278	.flush		= h4_flush,
279};
280
281int h4_init(void)
282{
283	int err = hci_uart_register_proto(&h4p);
284
285	if (!err)
286		BT_INFO("HCI H4 protocol initialized");
287	else
288		BT_ERR("HCI H4 protocol registration failed");
289
290	return err;
291}
292
293int h4_deinit(void)
294{
295	return hci_uart_unregister_proto(&h4p);
296}
297