1// SPDX-License-Identifier: GPL-2.0-or-later 2/* 3 * NXP Bluetooth driver 4 * Copyright 2023 NXP 5 */ 6 7#include <linux/module.h> 8#include <linux/kernel.h> 9 10#include <linux/serdev.h> 11#include <linux/of.h> 12#include <linux/skbuff.h> 13#include <asm/unaligned.h> 14#include <linux/firmware.h> 15#include <linux/string.h> 16#include <linux/crc8.h> 17#include <linux/crc32.h> 18#include <linux/string_helpers.h> 19 20#include <net/bluetooth/bluetooth.h> 21#include <net/bluetooth/hci_core.h> 22 23#include "h4_recv.h" 24 25#define MANUFACTURER_NXP 37 26 27#define BTNXPUART_TX_STATE_ACTIVE 1 28#define BTNXPUART_FW_DOWNLOADING 2 29#define BTNXPUART_CHECK_BOOT_SIGNATURE 3 30#define BTNXPUART_SERDEV_OPEN 4 31#define BTNXPUART_IR_IN_PROGRESS 5 32 33/* NXP HW err codes */ 34#define BTNXPUART_IR_HW_ERR 0xb0 35 36#define FIRMWARE_W8987 "nxp/uartuart8987_bt.bin" 37#define FIRMWARE_W8997 "nxp/uartuart8997_bt_v4.bin" 38#define FIRMWARE_W9098 "nxp/uartuart9098_bt_v1.bin" 39#define FIRMWARE_IW416 "nxp/uartiw416_bt_v0.bin" 40#define FIRMWARE_IW612 "nxp/uartspi_n61x_v1.bin.se" 41#define FIRMWARE_IW624 "nxp/uartiw624_bt.bin" 42#define FIRMWARE_SECURE_IW624 "nxp/uartiw624_bt.bin.se" 43#define FIRMWARE_AW693 "nxp/uartaw693_bt.bin" 44#define FIRMWARE_SECURE_AW693 "nxp/uartaw693_bt.bin.se" 45#define FIRMWARE_HELPER "nxp/helper_uart_3000000.bin" 46 47#define CHIP_ID_W9098 0x5c03 48#define CHIP_ID_IW416 0x7201 49#define CHIP_ID_IW612 0x7601 50#define CHIP_ID_IW624a 0x8000 51#define CHIP_ID_IW624c 0x8001 52#define CHIP_ID_AW693 0x8200 53 54#define FW_SECURE_MASK 0xc0 55#define FW_OPEN 0x00 56#define FW_AUTH_ILLEGAL 0x40 57#define FW_AUTH_PLAIN 0x80 58#define FW_AUTH_ENC 0xc0 59 60#define HCI_NXP_PRI_BAUDRATE 115200 61#define HCI_NXP_SEC_BAUDRATE 3000000 62 63#define MAX_FW_FILE_NAME_LEN 50 64 65/* Default ps timeout period in milliseconds */ 66#define PS_DEFAULT_TIMEOUT_PERIOD_MS 2000 67 68/* wakeup methods */ 69#define WAKEUP_METHOD_DTR 0 70#define WAKEUP_METHOD_BREAK 1 71#define WAKEUP_METHOD_EXT_BREAK 2 72#define WAKEUP_METHOD_RTS 3 73#define WAKEUP_METHOD_INVALID 0xff 74 75/* power save mode status */ 76#define PS_MODE_DISABLE 0 77#define PS_MODE_ENABLE 1 78 79/* Power Save Commands to ps_work_func */ 80#define PS_CMD_EXIT_PS 1 81#define PS_CMD_ENTER_PS 2 82 83/* power save state */ 84#define PS_STATE_AWAKE 0 85#define PS_STATE_SLEEP 1 86 87/* Bluetooth vendor command : Sleep mode */ 88#define HCI_NXP_AUTO_SLEEP_MODE 0xfc23 89/* Bluetooth vendor command : Wakeup method */ 90#define HCI_NXP_WAKEUP_METHOD 0xfc53 91/* Bluetooth vendor command : Set operational baudrate */ 92#define HCI_NXP_SET_OPER_SPEED 0xfc09 93/* Bluetooth vendor command: Independent Reset */ 94#define HCI_NXP_IND_RESET 0xfcfc 95 96/* Bluetooth Power State : Vendor cmd params */ 97#define BT_PS_ENABLE 0x02 98#define BT_PS_DISABLE 0x03 99 100/* Bluetooth Host Wakeup Methods */ 101#define BT_HOST_WAKEUP_METHOD_NONE 0x00 102#define BT_HOST_WAKEUP_METHOD_DTR 0x01 103#define BT_HOST_WAKEUP_METHOD_BREAK 0x02 104#define BT_HOST_WAKEUP_METHOD_GPIO 0x03 105 106/* Bluetooth Chip Wakeup Methods */ 107#define BT_CTRL_WAKEUP_METHOD_DSR 0x00 108#define BT_CTRL_WAKEUP_METHOD_BREAK 0x01 109#define BT_CTRL_WAKEUP_METHOD_GPIO 0x02 110#define BT_CTRL_WAKEUP_METHOD_EXT_BREAK 0x04 111#define BT_CTRL_WAKEUP_METHOD_RTS 0x05 112 113struct ps_data { 114 u8 target_ps_mode; /* ps mode to be set */ 115 u8 cur_psmode; /* current ps_mode */ 116 u8 ps_state; /* controller's power save state */ 117 u8 ps_cmd; 118 u8 h2c_wakeupmode; 119 u8 cur_h2c_wakeupmode; 120 u8 c2h_wakeupmode; 121 u8 c2h_wakeup_gpio; 122 u8 h2c_wakeup_gpio; 123 bool driver_sent_cmd; 124 u16 h2c_ps_interval; 125 u16 c2h_ps_interval; 126 struct hci_dev *hdev; 127 struct work_struct work; 128 struct timer_list ps_timer; 129}; 130 131struct wakeup_cmd_payload { 132 u8 c2h_wakeupmode; 133 u8 c2h_wakeup_gpio; 134 u8 h2c_wakeupmode; 135 u8 h2c_wakeup_gpio; 136} __packed; 137 138struct psmode_cmd_payload { 139 u8 ps_cmd; 140 __le16 c2h_ps_interval; 141} __packed; 142 143struct btnxpuart_data { 144 const char *helper_fw_name; 145 const char *fw_name; 146}; 147 148struct btnxpuart_dev { 149 struct hci_dev *hdev; 150 struct serdev_device *serdev; 151 152 struct work_struct tx_work; 153 unsigned long tx_state; 154 struct sk_buff_head txq; 155 struct sk_buff *rx_skb; 156 157 const struct firmware *fw; 158 u8 fw_name[MAX_FW_FILE_NAME_LEN]; 159 u32 fw_dnld_v1_offset; 160 u32 fw_v1_sent_bytes; 161 u32 fw_v3_offset_correction; 162 u32 fw_v1_expected_len; 163 u32 boot_reg_offset; 164 wait_queue_head_t fw_dnld_done_wait_q; 165 wait_queue_head_t check_boot_sign_wait_q; 166 167 u32 new_baudrate; 168 u32 current_baudrate; 169 u32 fw_init_baudrate; 170 bool timeout_changed; 171 bool baudrate_changed; 172 bool helper_downloaded; 173 174 struct ps_data psdata; 175 struct btnxpuart_data *nxp_data; 176}; 177 178#define NXP_V1_FW_REQ_PKT 0xa5 179#define NXP_V1_CHIP_VER_PKT 0xaa 180#define NXP_V3_FW_REQ_PKT 0xa7 181#define NXP_V3_CHIP_VER_PKT 0xab 182 183#define NXP_ACK_V1 0x5a 184#define NXP_NAK_V1 0xbf 185#define NXP_ACK_V3 0x7a 186#define NXP_NAK_V3 0x7b 187#define NXP_CRC_ERROR_V3 0x7c 188 189#define HDR_LEN 16 190 191#define NXP_RECV_CHIP_VER_V1 \ 192 .type = NXP_V1_CHIP_VER_PKT, \ 193 .hlen = 4, \ 194 .loff = 0, \ 195 .lsize = 0, \ 196 .maxlen = 4 197 198#define NXP_RECV_FW_REQ_V1 \ 199 .type = NXP_V1_FW_REQ_PKT, \ 200 .hlen = 4, \ 201 .loff = 0, \ 202 .lsize = 0, \ 203 .maxlen = 4 204 205#define NXP_RECV_CHIP_VER_V3 \ 206 .type = NXP_V3_CHIP_VER_PKT, \ 207 .hlen = 4, \ 208 .loff = 0, \ 209 .lsize = 0, \ 210 .maxlen = 4 211 212#define NXP_RECV_FW_REQ_V3 \ 213 .type = NXP_V3_FW_REQ_PKT, \ 214 .hlen = 9, \ 215 .loff = 0, \ 216 .lsize = 0, \ 217 .maxlen = 9 218 219struct v1_data_req { 220 __le16 len; 221 __le16 len_comp; 222} __packed; 223 224struct v1_start_ind { 225 __le16 chip_id; 226 __le16 chip_id_comp; 227} __packed; 228 229struct v3_data_req { 230 __le16 len; 231 __le32 offset; 232 __le16 error; 233 u8 crc; 234} __packed; 235 236struct v3_start_ind { 237 __le16 chip_id; 238 u8 loader_ver; 239 u8 crc; 240} __packed; 241 242/* UART register addresses of BT chip */ 243#define CLKDIVADDR 0x7f00008f 244#define UARTDIVADDR 0x7f000090 245#define UARTMCRADDR 0x7f000091 246#define UARTREINITADDR 0x7f000092 247#define UARTICRADDR 0x7f000093 248#define UARTFCRADDR 0x7f000094 249 250#define MCR 0x00000022 251#define INIT 0x00000001 252#define ICR 0x000000c7 253#define FCR 0x000000c7 254 255#define POLYNOMIAL8 0x07 256 257struct uart_reg { 258 __le32 address; 259 __le32 value; 260} __packed; 261 262struct uart_config { 263 struct uart_reg clkdiv; 264 struct uart_reg uartdiv; 265 struct uart_reg mcr; 266 struct uart_reg re_init; 267 struct uart_reg icr; 268 struct uart_reg fcr; 269 __be32 crc; 270} __packed; 271 272struct nxp_bootloader_cmd { 273 __le32 header; 274 __le32 arg; 275 __le32 payload_len; 276 __be32 crc; 277} __packed; 278 279static u8 crc8_table[CRC8_TABLE_SIZE]; 280 281/* Default configurations */ 282#define DEFAULT_H2C_WAKEUP_MODE WAKEUP_METHOD_BREAK 283#define DEFAULT_PS_MODE PS_MODE_DISABLE 284#define FW_INIT_BAUDRATE HCI_NXP_PRI_BAUDRATE 285 286static struct sk_buff *nxp_drv_send_cmd(struct hci_dev *hdev, u16 opcode, 287 u32 plen, 288 void *param) 289{ 290 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 291 struct ps_data *psdata = &nxpdev->psdata; 292 struct sk_buff *skb; 293 294 /* set flag to prevent nxp_enqueue from parsing values from this command and 295 * calling hci_cmd_sync_queue() again. 296 */ 297 psdata->driver_sent_cmd = true; 298 skb = __hci_cmd_sync(hdev, opcode, plen, param, HCI_CMD_TIMEOUT); 299 psdata->driver_sent_cmd = false; 300 301 return skb; 302} 303 304static void btnxpuart_tx_wakeup(struct btnxpuart_dev *nxpdev) 305{ 306 if (schedule_work(&nxpdev->tx_work)) 307 set_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state); 308} 309 310/* NXP Power Save Feature */ 311static void ps_start_timer(struct btnxpuart_dev *nxpdev) 312{ 313 struct ps_data *psdata = &nxpdev->psdata; 314 315 if (!psdata) 316 return; 317 318 if (psdata->cur_psmode == PS_MODE_ENABLE) 319 mod_timer(&psdata->ps_timer, jiffies + msecs_to_jiffies(psdata->h2c_ps_interval)); 320} 321 322static void ps_cancel_timer(struct btnxpuart_dev *nxpdev) 323{ 324 struct ps_data *psdata = &nxpdev->psdata; 325 326 flush_work(&psdata->work); 327 del_timer_sync(&psdata->ps_timer); 328} 329 330static void ps_control(struct hci_dev *hdev, u8 ps_state) 331{ 332 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 333 struct ps_data *psdata = &nxpdev->psdata; 334 int status; 335 336 if (psdata->ps_state == ps_state || 337 !test_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state)) 338 return; 339 340 switch (psdata->cur_h2c_wakeupmode) { 341 case WAKEUP_METHOD_DTR: 342 if (ps_state == PS_STATE_AWAKE) 343 status = serdev_device_set_tiocm(nxpdev->serdev, TIOCM_DTR, 0); 344 else 345 status = serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_DTR); 346 break; 347 case WAKEUP_METHOD_BREAK: 348 default: 349 if (ps_state == PS_STATE_AWAKE) 350 status = serdev_device_break_ctl(nxpdev->serdev, 0); 351 else 352 status = serdev_device_break_ctl(nxpdev->serdev, -1); 353 bt_dev_dbg(hdev, "Set UART break: %s, status=%d", 354 str_on_off(ps_state == PS_STATE_SLEEP), status); 355 break; 356 } 357 if (!status) 358 psdata->ps_state = ps_state; 359 if (ps_state == PS_STATE_AWAKE) 360 btnxpuart_tx_wakeup(nxpdev); 361} 362 363static void ps_work_func(struct work_struct *work) 364{ 365 struct ps_data *data = container_of(work, struct ps_data, work); 366 367 if (data->ps_cmd == PS_CMD_ENTER_PS && data->cur_psmode == PS_MODE_ENABLE) 368 ps_control(data->hdev, PS_STATE_SLEEP); 369 else if (data->ps_cmd == PS_CMD_EXIT_PS) 370 ps_control(data->hdev, PS_STATE_AWAKE); 371} 372 373static void ps_timeout_func(struct timer_list *t) 374{ 375 struct ps_data *data = from_timer(data, t, ps_timer); 376 struct hci_dev *hdev = data->hdev; 377 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 378 379 if (test_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state)) { 380 ps_start_timer(nxpdev); 381 } else { 382 data->ps_cmd = PS_CMD_ENTER_PS; 383 schedule_work(&data->work); 384 } 385} 386 387static void ps_setup(struct hci_dev *hdev) 388{ 389 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 390 struct ps_data *psdata = &nxpdev->psdata; 391 392 psdata->hdev = hdev; 393 INIT_WORK(&psdata->work, ps_work_func); 394 timer_setup(&psdata->ps_timer, ps_timeout_func, 0); 395} 396 397static void ps_wakeup(struct btnxpuart_dev *nxpdev) 398{ 399 struct ps_data *psdata = &nxpdev->psdata; 400 401 if (psdata->ps_state != PS_STATE_AWAKE) { 402 psdata->ps_cmd = PS_CMD_EXIT_PS; 403 schedule_work(&psdata->work); 404 } 405} 406 407static int send_ps_cmd(struct hci_dev *hdev, void *data) 408{ 409 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 410 struct ps_data *psdata = &nxpdev->psdata; 411 struct psmode_cmd_payload pcmd; 412 struct sk_buff *skb; 413 u8 *status; 414 415 if (psdata->target_ps_mode == PS_MODE_ENABLE) 416 pcmd.ps_cmd = BT_PS_ENABLE; 417 else 418 pcmd.ps_cmd = BT_PS_DISABLE; 419 pcmd.c2h_ps_interval = __cpu_to_le16(psdata->c2h_ps_interval); 420 421 skb = nxp_drv_send_cmd(hdev, HCI_NXP_AUTO_SLEEP_MODE, sizeof(pcmd), &pcmd); 422 if (IS_ERR(skb)) { 423 bt_dev_err(hdev, "Setting Power Save mode failed (%ld)", PTR_ERR(skb)); 424 return PTR_ERR(skb); 425 } 426 427 status = skb_pull_data(skb, 1); 428 if (status) { 429 if (!*status) 430 psdata->cur_psmode = psdata->target_ps_mode; 431 else 432 psdata->target_ps_mode = psdata->cur_psmode; 433 if (psdata->cur_psmode == PS_MODE_ENABLE) 434 ps_start_timer(nxpdev); 435 else 436 ps_wakeup(nxpdev); 437 bt_dev_dbg(hdev, "Power Save mode response: status=%d, ps_mode=%d", 438 *status, psdata->cur_psmode); 439 } 440 kfree_skb(skb); 441 442 return 0; 443} 444 445static int send_wakeup_method_cmd(struct hci_dev *hdev, void *data) 446{ 447 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 448 struct ps_data *psdata = &nxpdev->psdata; 449 struct wakeup_cmd_payload pcmd; 450 struct sk_buff *skb; 451 u8 *status; 452 453 pcmd.c2h_wakeupmode = psdata->c2h_wakeupmode; 454 pcmd.c2h_wakeup_gpio = psdata->c2h_wakeup_gpio; 455 switch (psdata->h2c_wakeupmode) { 456 case WAKEUP_METHOD_DTR: 457 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_DSR; 458 break; 459 case WAKEUP_METHOD_BREAK: 460 default: 461 pcmd.h2c_wakeupmode = BT_CTRL_WAKEUP_METHOD_BREAK; 462 break; 463 } 464 pcmd.h2c_wakeup_gpio = 0xff; 465 466 skb = nxp_drv_send_cmd(hdev, HCI_NXP_WAKEUP_METHOD, sizeof(pcmd), &pcmd); 467 if (IS_ERR(skb)) { 468 bt_dev_err(hdev, "Setting wake-up method failed (%ld)", PTR_ERR(skb)); 469 return PTR_ERR(skb); 470 } 471 472 status = skb_pull_data(skb, 1); 473 if (status) { 474 if (*status == 0) 475 psdata->cur_h2c_wakeupmode = psdata->h2c_wakeupmode; 476 else 477 psdata->h2c_wakeupmode = psdata->cur_h2c_wakeupmode; 478 bt_dev_dbg(hdev, "Set Wakeup Method response: status=%d, h2c_wakeupmode=%d", 479 *status, psdata->cur_h2c_wakeupmode); 480 } 481 kfree_skb(skb); 482 483 return 0; 484} 485 486static void ps_init(struct hci_dev *hdev) 487{ 488 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 489 struct ps_data *psdata = &nxpdev->psdata; 490 491 serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_RTS); 492 usleep_range(5000, 10000); 493 serdev_device_set_tiocm(nxpdev->serdev, TIOCM_RTS, 0); 494 usleep_range(5000, 10000); 495 496 psdata->ps_state = PS_STATE_AWAKE; 497 psdata->c2h_wakeupmode = BT_HOST_WAKEUP_METHOD_NONE; 498 psdata->c2h_wakeup_gpio = 0xff; 499 500 psdata->cur_h2c_wakeupmode = WAKEUP_METHOD_INVALID; 501 psdata->h2c_ps_interval = PS_DEFAULT_TIMEOUT_PERIOD_MS; 502 switch (DEFAULT_H2C_WAKEUP_MODE) { 503 case WAKEUP_METHOD_DTR: 504 psdata->h2c_wakeupmode = WAKEUP_METHOD_DTR; 505 serdev_device_set_tiocm(nxpdev->serdev, 0, TIOCM_DTR); 506 serdev_device_set_tiocm(nxpdev->serdev, TIOCM_DTR, 0); 507 break; 508 case WAKEUP_METHOD_BREAK: 509 default: 510 psdata->h2c_wakeupmode = WAKEUP_METHOD_BREAK; 511 serdev_device_break_ctl(nxpdev->serdev, -1); 512 usleep_range(5000, 10000); 513 serdev_device_break_ctl(nxpdev->serdev, 0); 514 usleep_range(5000, 10000); 515 break; 516 } 517 518 psdata->cur_psmode = PS_MODE_DISABLE; 519 psdata->target_ps_mode = DEFAULT_PS_MODE; 520 521 if (psdata->cur_h2c_wakeupmode != psdata->h2c_wakeupmode) 522 hci_cmd_sync_queue(hdev, send_wakeup_method_cmd, NULL, NULL); 523 if (psdata->cur_psmode != psdata->target_ps_mode) 524 hci_cmd_sync_queue(hdev, send_ps_cmd, NULL, NULL); 525} 526 527/* NXP Firmware Download Feature */ 528static int nxp_download_firmware(struct hci_dev *hdev) 529{ 530 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 531 int err = 0; 532 533 nxpdev->fw_dnld_v1_offset = 0; 534 nxpdev->fw_v1_sent_bytes = 0; 535 nxpdev->fw_v1_expected_len = HDR_LEN; 536 nxpdev->boot_reg_offset = 0; 537 nxpdev->fw_v3_offset_correction = 0; 538 nxpdev->baudrate_changed = false; 539 nxpdev->timeout_changed = false; 540 nxpdev->helper_downloaded = false; 541 542 serdev_device_set_baudrate(nxpdev->serdev, HCI_NXP_PRI_BAUDRATE); 543 serdev_device_set_flow_control(nxpdev->serdev, false); 544 nxpdev->current_baudrate = HCI_NXP_PRI_BAUDRATE; 545 546 /* Wait till FW is downloaded */ 547 err = wait_event_interruptible_timeout(nxpdev->fw_dnld_done_wait_q, 548 !test_bit(BTNXPUART_FW_DOWNLOADING, 549 &nxpdev->tx_state), 550 msecs_to_jiffies(60000)); 551 if (err == 0) { 552 bt_dev_err(hdev, "FW Download Timeout."); 553 return -ETIMEDOUT; 554 } 555 556 serdev_device_set_flow_control(nxpdev->serdev, true); 557 release_firmware(nxpdev->fw); 558 memset(nxpdev->fw_name, 0, sizeof(nxpdev->fw_name)); 559 560 /* Allow the downloaded FW to initialize */ 561 msleep(1200); 562 563 return 0; 564} 565 566static void nxp_send_ack(u8 ack, struct hci_dev *hdev) 567{ 568 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 569 u8 ack_nak[2]; 570 int len = 1; 571 572 ack_nak[0] = ack; 573 if (ack == NXP_ACK_V3) { 574 ack_nak[1] = crc8(crc8_table, ack_nak, 1, 0xff); 575 len = 2; 576 } 577 serdev_device_write_buf(nxpdev->serdev, ack_nak, len); 578} 579 580static bool nxp_fw_change_baudrate(struct hci_dev *hdev, u16 req_len) 581{ 582 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 583 struct nxp_bootloader_cmd nxp_cmd5; 584 struct uart_config uart_config; 585 u32 clkdivaddr = CLKDIVADDR - nxpdev->boot_reg_offset; 586 u32 uartdivaddr = UARTDIVADDR - nxpdev->boot_reg_offset; 587 u32 uartmcraddr = UARTMCRADDR - nxpdev->boot_reg_offset; 588 u32 uartreinitaddr = UARTREINITADDR - nxpdev->boot_reg_offset; 589 u32 uarticraddr = UARTICRADDR - nxpdev->boot_reg_offset; 590 u32 uartfcraddr = UARTFCRADDR - nxpdev->boot_reg_offset; 591 592 if (req_len == sizeof(nxp_cmd5)) { 593 nxp_cmd5.header = __cpu_to_le32(5); 594 nxp_cmd5.arg = 0; 595 nxp_cmd5.payload_len = __cpu_to_le32(sizeof(uart_config)); 596 /* FW expects swapped CRC bytes */ 597 nxp_cmd5.crc = __cpu_to_be32(crc32_be(0UL, (char *)&nxp_cmd5, 598 sizeof(nxp_cmd5) - 4)); 599 600 serdev_device_write_buf(nxpdev->serdev, (u8 *)&nxp_cmd5, sizeof(nxp_cmd5)); 601 nxpdev->fw_v3_offset_correction += req_len; 602 } else if (req_len == sizeof(uart_config)) { 603 uart_config.clkdiv.address = __cpu_to_le32(clkdivaddr); 604 uart_config.clkdiv.value = __cpu_to_le32(0x00c00000); 605 uart_config.uartdiv.address = __cpu_to_le32(uartdivaddr); 606 uart_config.uartdiv.value = __cpu_to_le32(1); 607 uart_config.mcr.address = __cpu_to_le32(uartmcraddr); 608 uart_config.mcr.value = __cpu_to_le32(MCR); 609 uart_config.re_init.address = __cpu_to_le32(uartreinitaddr); 610 uart_config.re_init.value = __cpu_to_le32(INIT); 611 uart_config.icr.address = __cpu_to_le32(uarticraddr); 612 uart_config.icr.value = __cpu_to_le32(ICR); 613 uart_config.fcr.address = __cpu_to_le32(uartfcraddr); 614 uart_config.fcr.value = __cpu_to_le32(FCR); 615 /* FW expects swapped CRC bytes */ 616 uart_config.crc = __cpu_to_be32(crc32_be(0UL, (char *)&uart_config, 617 sizeof(uart_config) - 4)); 618 619 serdev_device_write_buf(nxpdev->serdev, (u8 *)&uart_config, sizeof(uart_config)); 620 serdev_device_wait_until_sent(nxpdev->serdev, 0); 621 nxpdev->fw_v3_offset_correction += req_len; 622 return true; 623 } 624 return false; 625} 626 627static bool nxp_fw_change_timeout(struct hci_dev *hdev, u16 req_len) 628{ 629 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 630 struct nxp_bootloader_cmd nxp_cmd7; 631 632 if (req_len != sizeof(nxp_cmd7)) 633 return false; 634 635 nxp_cmd7.header = __cpu_to_le32(7); 636 nxp_cmd7.arg = __cpu_to_le32(0x70); 637 nxp_cmd7.payload_len = 0; 638 /* FW expects swapped CRC bytes */ 639 nxp_cmd7.crc = __cpu_to_be32(crc32_be(0UL, (char *)&nxp_cmd7, 640 sizeof(nxp_cmd7) - 4)); 641 serdev_device_write_buf(nxpdev->serdev, (u8 *)&nxp_cmd7, sizeof(nxp_cmd7)); 642 serdev_device_wait_until_sent(nxpdev->serdev, 0); 643 nxpdev->fw_v3_offset_correction += req_len; 644 return true; 645} 646 647static u32 nxp_get_data_len(const u8 *buf) 648{ 649 struct nxp_bootloader_cmd *hdr = (struct nxp_bootloader_cmd *)buf; 650 651 return __le32_to_cpu(hdr->payload_len); 652} 653 654static bool is_fw_downloading(struct btnxpuart_dev *nxpdev) 655{ 656 return test_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 657} 658 659static bool process_boot_signature(struct btnxpuart_dev *nxpdev) 660{ 661 if (test_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state)) { 662 clear_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state); 663 wake_up_interruptible(&nxpdev->check_boot_sign_wait_q); 664 return false; 665 } 666 return is_fw_downloading(nxpdev); 667} 668 669static int nxp_request_firmware(struct hci_dev *hdev, const char *fw_name) 670{ 671 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 672 int err = 0; 673 674 if (!fw_name) 675 return -ENOENT; 676 677 if (!strlen(nxpdev->fw_name)) { 678 snprintf(nxpdev->fw_name, MAX_FW_FILE_NAME_LEN, "%s", fw_name); 679 680 bt_dev_dbg(hdev, "Request Firmware: %s", nxpdev->fw_name); 681 err = request_firmware(&nxpdev->fw, nxpdev->fw_name, &hdev->dev); 682 if (err < 0) { 683 bt_dev_err(hdev, "Firmware file %s not found", nxpdev->fw_name); 684 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 685 } 686 } 687 return err; 688} 689 690/* for legacy chipsets with V1 bootloader */ 691static int nxp_recv_chip_ver_v1(struct hci_dev *hdev, struct sk_buff *skb) 692{ 693 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 694 struct v1_start_ind *req; 695 __u16 chip_id; 696 697 req = skb_pull_data(skb, sizeof(*req)); 698 if (!req) 699 goto free_skb; 700 701 chip_id = le16_to_cpu(req->chip_id ^ req->chip_id_comp); 702 if (chip_id == 0xffff && nxpdev->fw_dnld_v1_offset) { 703 nxpdev->fw_dnld_v1_offset = 0; 704 nxpdev->fw_v1_sent_bytes = 0; 705 nxpdev->fw_v1_expected_len = HDR_LEN; 706 release_firmware(nxpdev->fw); 707 memset(nxpdev->fw_name, 0, sizeof(nxpdev->fw_name)); 708 nxp_send_ack(NXP_ACK_V1, hdev); 709 } 710 711free_skb: 712 kfree_skb(skb); 713 return 0; 714} 715 716static int nxp_recv_fw_req_v1(struct hci_dev *hdev, struct sk_buff *skb) 717{ 718 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 719 struct btnxpuart_data *nxp_data = nxpdev->nxp_data; 720 struct v1_data_req *req; 721 __u16 len; 722 723 if (!process_boot_signature(nxpdev)) 724 goto free_skb; 725 726 req = skb_pull_data(skb, sizeof(*req)); 727 if (!req) 728 goto free_skb; 729 730 len = __le16_to_cpu(req->len ^ req->len_comp); 731 if (len != 0xffff) { 732 bt_dev_dbg(hdev, "ERR: Send NAK"); 733 nxp_send_ack(NXP_NAK_V1, hdev); 734 goto free_skb; 735 } 736 nxp_send_ack(NXP_ACK_V1, hdev); 737 738 len = __le16_to_cpu(req->len); 739 740 if (!nxp_data->helper_fw_name) { 741 if (!nxpdev->timeout_changed) { 742 nxpdev->timeout_changed = nxp_fw_change_timeout(hdev, 743 len); 744 goto free_skb; 745 } 746 if (!nxpdev->baudrate_changed) { 747 nxpdev->baudrate_changed = nxp_fw_change_baudrate(hdev, 748 len); 749 if (nxpdev->baudrate_changed) { 750 serdev_device_set_baudrate(nxpdev->serdev, 751 HCI_NXP_SEC_BAUDRATE); 752 serdev_device_set_flow_control(nxpdev->serdev, true); 753 nxpdev->current_baudrate = HCI_NXP_SEC_BAUDRATE; 754 } 755 goto free_skb; 756 } 757 } 758 759 if (!nxp_data->helper_fw_name || nxpdev->helper_downloaded) { 760 if (nxp_request_firmware(hdev, nxp_data->fw_name)) 761 goto free_skb; 762 } else if (nxp_data->helper_fw_name && !nxpdev->helper_downloaded) { 763 if (nxp_request_firmware(hdev, nxp_data->helper_fw_name)) 764 goto free_skb; 765 } 766 767 if (!len) { 768 bt_dev_dbg(hdev, "FW Downloaded Successfully: %zu bytes", 769 nxpdev->fw->size); 770 if (nxp_data->helper_fw_name && !nxpdev->helper_downloaded) { 771 nxpdev->helper_downloaded = true; 772 serdev_device_wait_until_sent(nxpdev->serdev, 0); 773 serdev_device_set_baudrate(nxpdev->serdev, 774 HCI_NXP_SEC_BAUDRATE); 775 serdev_device_set_flow_control(nxpdev->serdev, true); 776 } else { 777 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 778 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q); 779 } 780 goto free_skb; 781 } 782 if (len & 0x01) { 783 /* The CRC did not match at the other end. 784 * Simply send the same bytes again. 785 */ 786 len = nxpdev->fw_v1_sent_bytes; 787 bt_dev_dbg(hdev, "CRC error. Resend %d bytes of FW.", len); 788 } else { 789 nxpdev->fw_dnld_v1_offset += nxpdev->fw_v1_sent_bytes; 790 791 /* The FW bin file is made up of many blocks of 792 * 16 byte header and payload data chunks. If the 793 * FW has requested a header, read the payload length 794 * info from the header, before sending the header. 795 * In the next iteration, the FW should request the 796 * payload data chunk, which should be equal to the 797 * payload length read from header. If there is a 798 * mismatch, clearly the driver and FW are out of sync, 799 * and we need to re-send the previous header again. 800 */ 801 if (len == nxpdev->fw_v1_expected_len) { 802 if (len == HDR_LEN) 803 nxpdev->fw_v1_expected_len = nxp_get_data_len(nxpdev->fw->data + 804 nxpdev->fw_dnld_v1_offset); 805 else 806 nxpdev->fw_v1_expected_len = HDR_LEN; 807 } else if (len == HDR_LEN) { 808 /* FW download out of sync. Send previous chunk again */ 809 nxpdev->fw_dnld_v1_offset -= nxpdev->fw_v1_sent_bytes; 810 nxpdev->fw_v1_expected_len = HDR_LEN; 811 } 812 } 813 814 if (nxpdev->fw_dnld_v1_offset + len <= nxpdev->fw->size) 815 serdev_device_write_buf(nxpdev->serdev, nxpdev->fw->data + 816 nxpdev->fw_dnld_v1_offset, len); 817 nxpdev->fw_v1_sent_bytes = len; 818 819free_skb: 820 kfree_skb(skb); 821 return 0; 822} 823 824static char *nxp_get_fw_name_from_chipid(struct hci_dev *hdev, u16 chipid, 825 u8 loader_ver) 826{ 827 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 828 char *fw_name = NULL; 829 830 switch (chipid) { 831 case CHIP_ID_W9098: 832 fw_name = FIRMWARE_W9098; 833 break; 834 case CHIP_ID_IW416: 835 fw_name = FIRMWARE_IW416; 836 break; 837 case CHIP_ID_IW612: 838 fw_name = FIRMWARE_IW612; 839 break; 840 case CHIP_ID_IW624a: 841 case CHIP_ID_IW624c: 842 nxpdev->boot_reg_offset = 1; 843 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN) 844 fw_name = FIRMWARE_IW624; 845 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL) 846 fw_name = FIRMWARE_SECURE_IW624; 847 else 848 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver); 849 break; 850 case CHIP_ID_AW693: 851 if ((loader_ver & FW_SECURE_MASK) == FW_OPEN) 852 fw_name = FIRMWARE_AW693; 853 else if ((loader_ver & FW_SECURE_MASK) != FW_AUTH_ILLEGAL) 854 fw_name = FIRMWARE_SECURE_AW693; 855 else 856 bt_dev_err(hdev, "Illegal loader version %02x", loader_ver); 857 break; 858 default: 859 bt_dev_err(hdev, "Unknown chip signature %04x", chipid); 860 break; 861 } 862 return fw_name; 863} 864 865static int nxp_recv_chip_ver_v3(struct hci_dev *hdev, struct sk_buff *skb) 866{ 867 struct v3_start_ind *req = skb_pull_data(skb, sizeof(*req)); 868 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 869 u16 chip_id; 870 u8 loader_ver; 871 872 if (!process_boot_signature(nxpdev)) 873 goto free_skb; 874 875 chip_id = le16_to_cpu(req->chip_id); 876 loader_ver = req->loader_ver; 877 if (!nxp_request_firmware(hdev, nxp_get_fw_name_from_chipid(hdev, 878 chip_id, loader_ver))) 879 nxp_send_ack(NXP_ACK_V3, hdev); 880 881free_skb: 882 kfree_skb(skb); 883 return 0; 884} 885 886static int nxp_recv_fw_req_v3(struct hci_dev *hdev, struct sk_buff *skb) 887{ 888 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 889 struct v3_data_req *req; 890 __u16 len; 891 __u32 offset; 892 893 if (!process_boot_signature(nxpdev)) 894 goto free_skb; 895 896 req = skb_pull_data(skb, sizeof(*req)); 897 if (!req || !nxpdev->fw) 898 goto free_skb; 899 900 nxp_send_ack(NXP_ACK_V3, hdev); 901 902 len = __le16_to_cpu(req->len); 903 904 if (!nxpdev->timeout_changed) { 905 nxpdev->timeout_changed = nxp_fw_change_timeout(hdev, len); 906 goto free_skb; 907 } 908 909 if (!nxpdev->baudrate_changed) { 910 nxpdev->baudrate_changed = nxp_fw_change_baudrate(hdev, len); 911 if (nxpdev->baudrate_changed) { 912 serdev_device_set_baudrate(nxpdev->serdev, 913 HCI_NXP_SEC_BAUDRATE); 914 serdev_device_set_flow_control(nxpdev->serdev, true); 915 nxpdev->current_baudrate = HCI_NXP_SEC_BAUDRATE; 916 } 917 goto free_skb; 918 } 919 920 if (req->len == 0) { 921 bt_dev_dbg(hdev, "FW Downloaded Successfully: %zu bytes", 922 nxpdev->fw->size); 923 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 924 wake_up_interruptible(&nxpdev->fw_dnld_done_wait_q); 925 goto free_skb; 926 } 927 if (req->error) 928 bt_dev_dbg(hdev, "FW Download received err 0x%02x from chip", 929 req->error); 930 931 offset = __le32_to_cpu(req->offset); 932 if (offset < nxpdev->fw_v3_offset_correction) { 933 /* This scenario should ideally never occur. But if it ever does, 934 * FW is out of sync and needs a power cycle. 935 */ 936 bt_dev_err(hdev, "Something went wrong during FW download"); 937 bt_dev_err(hdev, "Please power cycle and try again"); 938 goto free_skb; 939 } 940 941 serdev_device_write_buf(nxpdev->serdev, nxpdev->fw->data + offset - 942 nxpdev->fw_v3_offset_correction, len); 943 944free_skb: 945 kfree_skb(skb); 946 return 0; 947} 948 949static int nxp_set_baudrate_cmd(struct hci_dev *hdev, void *data) 950{ 951 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 952 __le32 new_baudrate = __cpu_to_le32(nxpdev->new_baudrate); 953 struct ps_data *psdata = &nxpdev->psdata; 954 struct sk_buff *skb; 955 u8 *status; 956 957 if (!psdata) 958 return 0; 959 960 skb = nxp_drv_send_cmd(hdev, HCI_NXP_SET_OPER_SPEED, 4, (u8 *)&new_baudrate); 961 if (IS_ERR(skb)) { 962 bt_dev_err(hdev, "Setting baudrate failed (%ld)", PTR_ERR(skb)); 963 return PTR_ERR(skb); 964 } 965 966 status = (u8 *)skb_pull_data(skb, 1); 967 if (status) { 968 if (*status == 0) { 969 serdev_device_set_baudrate(nxpdev->serdev, nxpdev->new_baudrate); 970 nxpdev->current_baudrate = nxpdev->new_baudrate; 971 } 972 bt_dev_dbg(hdev, "Set baudrate response: status=%d, baudrate=%d", 973 *status, nxpdev->new_baudrate); 974 } 975 kfree_skb(skb); 976 977 return 0; 978} 979 980static int nxp_check_boot_sign(struct btnxpuart_dev *nxpdev) 981{ 982 serdev_device_set_baudrate(nxpdev->serdev, HCI_NXP_PRI_BAUDRATE); 983 if (test_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state)) 984 serdev_device_set_flow_control(nxpdev->serdev, false); 985 else 986 serdev_device_set_flow_control(nxpdev->serdev, true); 987 set_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, &nxpdev->tx_state); 988 989 return wait_event_interruptible_timeout(nxpdev->check_boot_sign_wait_q, 990 !test_bit(BTNXPUART_CHECK_BOOT_SIGNATURE, 991 &nxpdev->tx_state), 992 msecs_to_jiffies(1000)); 993} 994 995static int nxp_set_ind_reset(struct hci_dev *hdev, void *data) 996{ 997 static const u8 ir_hw_err[] = { HCI_EV_HARDWARE_ERROR, 998 0x01, BTNXPUART_IR_HW_ERR }; 999 struct sk_buff *skb; 1000 1001 skb = bt_skb_alloc(3, GFP_ATOMIC); 1002 if (!skb) 1003 return -ENOMEM; 1004 1005 hci_skb_pkt_type(skb) = HCI_EVENT_PKT; 1006 skb_put_data(skb, ir_hw_err, 3); 1007 1008 /* Inject Hardware Error to upper stack */ 1009 return hci_recv_frame(hdev, skb); 1010} 1011 1012/* NXP protocol */ 1013static int nxp_setup(struct hci_dev *hdev) 1014{ 1015 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1016 int err = 0; 1017 1018 if (nxp_check_boot_sign(nxpdev)) { 1019 bt_dev_dbg(hdev, "Need FW Download."); 1020 err = nxp_download_firmware(hdev); 1021 if (err < 0) 1022 return err; 1023 } else { 1024 bt_dev_dbg(hdev, "FW already running."); 1025 clear_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1026 } 1027 1028 serdev_device_set_baudrate(nxpdev->serdev, nxpdev->fw_init_baudrate); 1029 nxpdev->current_baudrate = nxpdev->fw_init_baudrate; 1030 1031 if (nxpdev->current_baudrate != HCI_NXP_SEC_BAUDRATE) { 1032 nxpdev->new_baudrate = HCI_NXP_SEC_BAUDRATE; 1033 hci_cmd_sync_queue(hdev, nxp_set_baudrate_cmd, NULL, NULL); 1034 } 1035 1036 ps_init(hdev); 1037 1038 if (test_and_clear_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state)) 1039 hci_dev_clear_flag(hdev, HCI_SETUP); 1040 1041 return 0; 1042} 1043 1044static void nxp_hw_err(struct hci_dev *hdev, u8 code) 1045{ 1046 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1047 1048 switch (code) { 1049 case BTNXPUART_IR_HW_ERR: 1050 set_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state); 1051 hci_dev_set_flag(hdev, HCI_SETUP); 1052 break; 1053 default: 1054 break; 1055 } 1056} 1057 1058static int nxp_shutdown(struct hci_dev *hdev) 1059{ 1060 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1061 struct sk_buff *skb; 1062 u8 *status; 1063 u8 pcmd = 0; 1064 1065 if (test_bit(BTNXPUART_IR_IN_PROGRESS, &nxpdev->tx_state)) { 1066 skb = nxp_drv_send_cmd(hdev, HCI_NXP_IND_RESET, 1, &pcmd); 1067 if (IS_ERR(skb)) 1068 return PTR_ERR(skb); 1069 1070 status = skb_pull_data(skb, 1); 1071 if (status) { 1072 serdev_device_set_flow_control(nxpdev->serdev, false); 1073 set_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1074 } 1075 kfree_skb(skb); 1076 } 1077 1078 return 0; 1079} 1080 1081static int btnxpuart_queue_skb(struct hci_dev *hdev, struct sk_buff *skb) 1082{ 1083 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1084 1085 /* Prepend skb with frame type */ 1086 memcpy(skb_push(skb, 1), &hci_skb_pkt_type(skb), 1); 1087 skb_queue_tail(&nxpdev->txq, skb); 1088 btnxpuart_tx_wakeup(nxpdev); 1089 return 0; 1090} 1091 1092static int nxp_enqueue(struct hci_dev *hdev, struct sk_buff *skb) 1093{ 1094 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1095 struct ps_data *psdata = &nxpdev->psdata; 1096 struct hci_command_hdr *hdr; 1097 struct psmode_cmd_payload ps_parm; 1098 struct wakeup_cmd_payload wakeup_parm; 1099 __le32 baudrate_parm; 1100 1101 /* if vendor commands are received from user space (e.g. hcitool), update 1102 * driver flags accordingly and ask driver to re-send the command to FW. 1103 * In case the payload for any command does not match expected payload 1104 * length, let the firmware and user space program handle it, or throw 1105 * an error. 1106 */ 1107 if (bt_cb(skb)->pkt_type == HCI_COMMAND_PKT && !psdata->driver_sent_cmd) { 1108 hdr = (struct hci_command_hdr *)skb->data; 1109 if (hdr->plen != (skb->len - HCI_COMMAND_HDR_SIZE)) 1110 return btnxpuart_queue_skb(hdev, skb); 1111 1112 switch (__le16_to_cpu(hdr->opcode)) { 1113 case HCI_NXP_AUTO_SLEEP_MODE: 1114 if (hdr->plen == sizeof(ps_parm)) { 1115 memcpy(&ps_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen); 1116 if (ps_parm.ps_cmd == BT_PS_ENABLE) 1117 psdata->target_ps_mode = PS_MODE_ENABLE; 1118 else if (ps_parm.ps_cmd == BT_PS_DISABLE) 1119 psdata->target_ps_mode = PS_MODE_DISABLE; 1120 psdata->c2h_ps_interval = __le16_to_cpu(ps_parm.c2h_ps_interval); 1121 hci_cmd_sync_queue(hdev, send_ps_cmd, NULL, NULL); 1122 goto free_skb; 1123 } 1124 break; 1125 case HCI_NXP_WAKEUP_METHOD: 1126 if (hdr->plen == sizeof(wakeup_parm)) { 1127 memcpy(&wakeup_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen); 1128 psdata->c2h_wakeupmode = wakeup_parm.c2h_wakeupmode; 1129 psdata->c2h_wakeup_gpio = wakeup_parm.c2h_wakeup_gpio; 1130 psdata->h2c_wakeup_gpio = wakeup_parm.h2c_wakeup_gpio; 1131 switch (wakeup_parm.h2c_wakeupmode) { 1132 case BT_CTRL_WAKEUP_METHOD_DSR: 1133 psdata->h2c_wakeupmode = WAKEUP_METHOD_DTR; 1134 break; 1135 case BT_CTRL_WAKEUP_METHOD_BREAK: 1136 default: 1137 psdata->h2c_wakeupmode = WAKEUP_METHOD_BREAK; 1138 break; 1139 } 1140 hci_cmd_sync_queue(hdev, send_wakeup_method_cmd, NULL, NULL); 1141 goto free_skb; 1142 } 1143 break; 1144 case HCI_NXP_SET_OPER_SPEED: 1145 if (hdr->plen == sizeof(baudrate_parm)) { 1146 memcpy(&baudrate_parm, skb->data + HCI_COMMAND_HDR_SIZE, hdr->plen); 1147 nxpdev->new_baudrate = __le32_to_cpu(baudrate_parm); 1148 hci_cmd_sync_queue(hdev, nxp_set_baudrate_cmd, NULL, NULL); 1149 goto free_skb; 1150 } 1151 break; 1152 case HCI_NXP_IND_RESET: 1153 if (hdr->plen == 1) { 1154 hci_cmd_sync_queue(hdev, nxp_set_ind_reset, NULL, NULL); 1155 goto free_skb; 1156 } 1157 break; 1158 default: 1159 break; 1160 } 1161 } 1162 1163 return btnxpuart_queue_skb(hdev, skb); 1164 1165free_skb: 1166 kfree_skb(skb); 1167 return 0; 1168} 1169 1170static struct sk_buff *nxp_dequeue(void *data) 1171{ 1172 struct btnxpuart_dev *nxpdev = (struct btnxpuart_dev *)data; 1173 1174 ps_wakeup(nxpdev); 1175 ps_start_timer(nxpdev); 1176 return skb_dequeue(&nxpdev->txq); 1177} 1178 1179/* btnxpuart based on serdev */ 1180static void btnxpuart_tx_work(struct work_struct *work) 1181{ 1182 struct btnxpuart_dev *nxpdev = container_of(work, struct btnxpuart_dev, 1183 tx_work); 1184 struct serdev_device *serdev = nxpdev->serdev; 1185 struct hci_dev *hdev = nxpdev->hdev; 1186 struct sk_buff *skb; 1187 int len; 1188 1189 while ((skb = nxp_dequeue(nxpdev))) { 1190 len = serdev_device_write_buf(serdev, skb->data, skb->len); 1191 hdev->stat.byte_tx += len; 1192 1193 skb_pull(skb, len); 1194 if (skb->len > 0) { 1195 skb_queue_head(&nxpdev->txq, skb); 1196 break; 1197 } 1198 1199 switch (hci_skb_pkt_type(skb)) { 1200 case HCI_COMMAND_PKT: 1201 hdev->stat.cmd_tx++; 1202 break; 1203 case HCI_ACLDATA_PKT: 1204 hdev->stat.acl_tx++; 1205 break; 1206 case HCI_SCODATA_PKT: 1207 hdev->stat.sco_tx++; 1208 break; 1209 } 1210 1211 kfree_skb(skb); 1212 } 1213 clear_bit(BTNXPUART_TX_STATE_ACTIVE, &nxpdev->tx_state); 1214} 1215 1216static int btnxpuart_open(struct hci_dev *hdev) 1217{ 1218 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1219 int err = 0; 1220 1221 err = serdev_device_open(nxpdev->serdev); 1222 if (err) { 1223 bt_dev_err(hdev, "Unable to open UART device %s", 1224 dev_name(&nxpdev->serdev->dev)); 1225 } else { 1226 set_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state); 1227 } 1228 return err; 1229} 1230 1231static int btnxpuart_close(struct hci_dev *hdev) 1232{ 1233 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1234 1235 ps_wakeup(nxpdev); 1236 serdev_device_close(nxpdev->serdev); 1237 skb_queue_purge(&nxpdev->txq); 1238 kfree_skb(nxpdev->rx_skb); 1239 nxpdev->rx_skb = NULL; 1240 clear_bit(BTNXPUART_SERDEV_OPEN, &nxpdev->tx_state); 1241 return 0; 1242} 1243 1244static int btnxpuart_flush(struct hci_dev *hdev) 1245{ 1246 struct btnxpuart_dev *nxpdev = hci_get_drvdata(hdev); 1247 1248 /* Flush any pending characters */ 1249 serdev_device_write_flush(nxpdev->serdev); 1250 skb_queue_purge(&nxpdev->txq); 1251 1252 cancel_work_sync(&nxpdev->tx_work); 1253 1254 kfree_skb(nxpdev->rx_skb); 1255 nxpdev->rx_skb = NULL; 1256 1257 return 0; 1258} 1259 1260static const struct h4_recv_pkt nxp_recv_pkts[] = { 1261 { H4_RECV_ACL, .recv = hci_recv_frame }, 1262 { H4_RECV_SCO, .recv = hci_recv_frame }, 1263 { H4_RECV_EVENT, .recv = hci_recv_frame }, 1264 { NXP_RECV_CHIP_VER_V1, .recv = nxp_recv_chip_ver_v1 }, 1265 { NXP_RECV_FW_REQ_V1, .recv = nxp_recv_fw_req_v1 }, 1266 { NXP_RECV_CHIP_VER_V3, .recv = nxp_recv_chip_ver_v3 }, 1267 { NXP_RECV_FW_REQ_V3, .recv = nxp_recv_fw_req_v3 }, 1268}; 1269 1270static int btnxpuart_receive_buf(struct serdev_device *serdev, const u8 *data, 1271 size_t count) 1272{ 1273 struct btnxpuart_dev *nxpdev = serdev_device_get_drvdata(serdev); 1274 1275 ps_start_timer(nxpdev); 1276 1277 nxpdev->rx_skb = h4_recv_buf(nxpdev->hdev, nxpdev->rx_skb, data, count, 1278 nxp_recv_pkts, ARRAY_SIZE(nxp_recv_pkts)); 1279 if (IS_ERR(nxpdev->rx_skb)) { 1280 int err = PTR_ERR(nxpdev->rx_skb); 1281 /* Safe to ignore out-of-sync bootloader signatures */ 1282 if (!is_fw_downloading(nxpdev)) 1283 bt_dev_err(nxpdev->hdev, "Frame reassembly failed (%d)", err); 1284 nxpdev->rx_skb = NULL; 1285 return count; 1286 } 1287 if (!is_fw_downloading(nxpdev)) 1288 nxpdev->hdev->stat.byte_rx += count; 1289 return count; 1290} 1291 1292static void btnxpuart_write_wakeup(struct serdev_device *serdev) 1293{ 1294 serdev_device_write_wakeup(serdev); 1295} 1296 1297static const struct serdev_device_ops btnxpuart_client_ops = { 1298 .receive_buf = btnxpuart_receive_buf, 1299 .write_wakeup = btnxpuart_write_wakeup, 1300}; 1301 1302static int nxp_serdev_probe(struct serdev_device *serdev) 1303{ 1304 struct hci_dev *hdev; 1305 struct btnxpuart_dev *nxpdev; 1306 1307 nxpdev = devm_kzalloc(&serdev->dev, sizeof(*nxpdev), GFP_KERNEL); 1308 if (!nxpdev) 1309 return -ENOMEM; 1310 1311 nxpdev->nxp_data = (struct btnxpuart_data *)device_get_match_data(&serdev->dev); 1312 1313 nxpdev->serdev = serdev; 1314 serdev_device_set_drvdata(serdev, nxpdev); 1315 1316 serdev_device_set_client_ops(serdev, &btnxpuart_client_ops); 1317 1318 INIT_WORK(&nxpdev->tx_work, btnxpuart_tx_work); 1319 skb_queue_head_init(&nxpdev->txq); 1320 1321 init_waitqueue_head(&nxpdev->fw_dnld_done_wait_q); 1322 init_waitqueue_head(&nxpdev->check_boot_sign_wait_q); 1323 1324 device_property_read_u32(&nxpdev->serdev->dev, "fw-init-baudrate", 1325 &nxpdev->fw_init_baudrate); 1326 if (!nxpdev->fw_init_baudrate) 1327 nxpdev->fw_init_baudrate = FW_INIT_BAUDRATE; 1328 1329 set_bit(BTNXPUART_FW_DOWNLOADING, &nxpdev->tx_state); 1330 1331 crc8_populate_msb(crc8_table, POLYNOMIAL8); 1332 1333 /* Initialize and register HCI device */ 1334 hdev = hci_alloc_dev(); 1335 if (!hdev) { 1336 dev_err(&serdev->dev, "Can't allocate HCI device\n"); 1337 return -ENOMEM; 1338 } 1339 1340 nxpdev->hdev = hdev; 1341 1342 hdev->bus = HCI_UART; 1343 hci_set_drvdata(hdev, nxpdev); 1344 1345 hdev->manufacturer = MANUFACTURER_NXP; 1346 hdev->open = btnxpuart_open; 1347 hdev->close = btnxpuart_close; 1348 hdev->flush = btnxpuart_flush; 1349 hdev->setup = nxp_setup; 1350 hdev->send = nxp_enqueue; 1351 hdev->hw_error = nxp_hw_err; 1352 hdev->shutdown = nxp_shutdown; 1353 SET_HCIDEV_DEV(hdev, &serdev->dev); 1354 1355 if (hci_register_dev(hdev) < 0) { 1356 dev_err(&serdev->dev, "Can't register HCI device\n"); 1357 hci_free_dev(hdev); 1358 return -ENODEV; 1359 } 1360 1361 ps_setup(hdev); 1362 1363 return 0; 1364} 1365 1366static void nxp_serdev_remove(struct serdev_device *serdev) 1367{ 1368 struct btnxpuart_dev *nxpdev = serdev_device_get_drvdata(serdev); 1369 struct hci_dev *hdev = nxpdev->hdev; 1370 1371 /* Restore FW baudrate to fw_init_baudrate if changed. 1372 * This will ensure FW baudrate is in sync with 1373 * driver baudrate in case this driver is re-inserted. 1374 */ 1375 if (nxpdev->current_baudrate != nxpdev->fw_init_baudrate) { 1376 nxpdev->new_baudrate = nxpdev->fw_init_baudrate; 1377 nxp_set_baudrate_cmd(hdev, NULL); 1378 } 1379 1380 ps_cancel_timer(nxpdev); 1381 hci_unregister_dev(hdev); 1382 hci_free_dev(hdev); 1383} 1384 1385static struct btnxpuart_data w8987_data __maybe_unused = { 1386 .helper_fw_name = NULL, 1387 .fw_name = FIRMWARE_W8987, 1388}; 1389 1390static struct btnxpuart_data w8997_data __maybe_unused = { 1391 .helper_fw_name = FIRMWARE_HELPER, 1392 .fw_name = FIRMWARE_W8997, 1393}; 1394 1395static const struct of_device_id nxpuart_of_match_table[] __maybe_unused = { 1396 { .compatible = "nxp,88w8987-bt", .data = &w8987_data }, 1397 { .compatible = "nxp,88w8997-bt", .data = &w8997_data }, 1398 { } 1399}; 1400MODULE_DEVICE_TABLE(of, nxpuart_of_match_table); 1401 1402static struct serdev_device_driver nxp_serdev_driver = { 1403 .probe = nxp_serdev_probe, 1404 .remove = nxp_serdev_remove, 1405 .driver = { 1406 .name = "btnxpuart", 1407 .of_match_table = of_match_ptr(nxpuart_of_match_table), 1408 }, 1409}; 1410 1411module_serdev_device_driver(nxp_serdev_driver); 1412 1413MODULE_AUTHOR("Neeraj Sanjay Kale <neeraj.sanjaykale@nxp.com>"); 1414MODULE_DESCRIPTION("NXP Bluetooth Serial driver"); 1415MODULE_LICENSE("GPL"); 1416