1 // SPDX-License-Identifier: GPL-2.0-or-later
4 * Generic Bluetooth USB driver
10 #include <linux/module.h>
11 #include <linux/usb.h>
12 #include <linux/usb/quirks.h>
13 #include <linux/firmware.h>
14 #include <linux/iopoll.h>
15 #include <linux/of_device.h>
16 #include <linux/of_irq.h>
17 #include <linux/suspend.h>
18 #include <linux/gpio/consumer.h>
19 #include <linux/debugfs.h>
20 #include <asm/unaligned.h>
22 #include <net/bluetooth/bluetooth.h>
23 #include <net/bluetooth/hci_core.h>
32 static bool disable_scofix;
33 static bool force_scofix;
34 static bool enable_autosuspend = IS_ENABLED(CONFIG_BT_HCIBTUSB_AUTOSUSPEND);
35 static bool enable_poll_sync = IS_ENABLED(CONFIG_BT_HCIBTUSB_POLL_SYNC);
36 static bool reset = true;
38 static struct usb_driver btusb_driver;
40 #define BTUSB_IGNORE BIT(0)
41 #define BTUSB_DIGIANSWER BIT(1)
42 #define BTUSB_CSR BIT(2)
43 #define BTUSB_SNIFFER BIT(3)
44 #define BTUSB_BCM92035 BIT(4)
45 #define BTUSB_BROKEN_ISOC BIT(5)
46 #define BTUSB_WRONG_SCO_MTU BIT(6)
47 #define BTUSB_ATH3012 BIT(7)
48 #define BTUSB_INTEL_COMBINED BIT(8)
49 #define BTUSB_INTEL_BOOT BIT(9)
50 #define BTUSB_BCM_PATCHRAM BIT(10)
51 #define BTUSB_MARVELL BIT(11)
52 #define BTUSB_SWAVE BIT(12)
53 #define BTUSB_AMP BIT(13)
54 #define BTUSB_QCA_ROME BIT(14)
55 #define BTUSB_BCM_APPLE BIT(15)
56 #define BTUSB_REALTEK BIT(16)
57 #define BTUSB_BCM2045 BIT(17)
58 #define BTUSB_IFNUM_2 BIT(18)
59 #define BTUSB_CW6622 BIT(19)
60 #define BTUSB_MEDIATEK BIT(20)
61 #define BTUSB_WIDEBAND_SPEECH BIT(21)
62 #define BTUSB_VALID_LE_STATES BIT(22)
63 #define BTUSB_QCA_WCN6855 BIT(23)
64 #define BTUSB_INTEL_BROKEN_SHUTDOWN_LED BIT(24)
65 #define BTUSB_INTEL_BROKEN_INITIAL_NCMD BIT(25)
66 #define BTUSB_INTEL_NO_WBS_SUPPORT BIT(26)
67 #define BTUSB_ACTIONS_SEMI BIT(27)
69 static const struct usb_device_id btusb_table[] = {
70 /* Generic Bluetooth USB device */
71 { USB_DEVICE_INFO(0xe0, 0x01, 0x01) },
73 /* Generic Bluetooth AMP device */
74 { USB_DEVICE_INFO(0xe0, 0x01, 0x04), .driver_info = BTUSB_AMP },
76 /* Generic Bluetooth USB interface */
77 { USB_INTERFACE_INFO(0xe0, 0x01, 0x01) },
79 /* Apple-specific (Broadcom) devices */
80 { USB_VENDOR_AND_INTERFACE_INFO(0x05ac, 0xff, 0x01, 0x01),
81 .driver_info = BTUSB_BCM_APPLE | BTUSB_IFNUM_2 },
83 /* MediaTek MT76x0E */
84 { USB_DEVICE(0x0e8d, 0x763f) },
86 /* Broadcom SoftSailing reporting vendor specific */
87 { USB_DEVICE(0x0a5c, 0x21e1) },
89 /* Apple MacBookPro 7,1 */
90 { USB_DEVICE(0x05ac, 0x8213) },
93 { USB_DEVICE(0x05ac, 0x8215) },
95 /* Apple MacBookPro6,2 */
96 { USB_DEVICE(0x05ac, 0x8218) },
98 /* Apple MacBookAir3,1, MacBookAir3,2 */
99 { USB_DEVICE(0x05ac, 0x821b) },
101 /* Apple MacBookAir4,1 */
102 { USB_DEVICE(0x05ac, 0x821f) },
104 /* Apple MacBookPro8,2 */
105 { USB_DEVICE(0x05ac, 0x821a) },
107 /* Apple MacMini5,1 */
108 { USB_DEVICE(0x05ac, 0x8281) },
110 /* AVM BlueFRITZ! USB v2.0 */
111 { USB_DEVICE(0x057c, 0x3800), .driver_info = BTUSB_SWAVE },
113 /* Bluetooth Ultraport Module from IBM */
114 { USB_DEVICE(0x04bf, 0x030a) },
116 /* ALPS Modules with non-standard id */
117 { USB_DEVICE(0x044e, 0x3001) },
118 { USB_DEVICE(0x044e, 0x3002) },
120 /* Ericsson with non-standard id */
121 { USB_DEVICE(0x0bdb, 0x1002) },
123 /* Canyon CN-BTU1 with HID interfaces */
124 { USB_DEVICE(0x0c10, 0x0000) },
126 /* Broadcom BCM20702B0 (Dynex/Insignia) */
127 { USB_DEVICE(0x19ff, 0x0239), .driver_info = BTUSB_BCM_PATCHRAM },
129 /* Broadcom BCM43142A0 (Foxconn/Lenovo) */
130 { USB_VENDOR_AND_INTERFACE_INFO(0x105b, 0xff, 0x01, 0x01),
131 .driver_info = BTUSB_BCM_PATCHRAM },
133 /* Broadcom BCM920703 (HTC Vive) */
134 { USB_VENDOR_AND_INTERFACE_INFO(0x0bb4, 0xff, 0x01, 0x01),
135 .driver_info = BTUSB_BCM_PATCHRAM },
137 /* Foxconn - Hon Hai */
138 { USB_VENDOR_AND_INTERFACE_INFO(0x0489, 0xff, 0x01, 0x01),
139 .driver_info = BTUSB_BCM_PATCHRAM },
141 /* Lite-On Technology - Broadcom based */
142 { USB_VENDOR_AND_INTERFACE_INFO(0x04ca, 0xff, 0x01, 0x01),
143 .driver_info = BTUSB_BCM_PATCHRAM },
145 /* Broadcom devices with vendor specific id */
146 { USB_VENDOR_AND_INTERFACE_INFO(0x0a5c, 0xff, 0x01, 0x01),
147 .driver_info = BTUSB_BCM_PATCHRAM },
149 /* ASUSTek Computer - Broadcom based */
150 { USB_VENDOR_AND_INTERFACE_INFO(0x0b05, 0xff, 0x01, 0x01),
151 .driver_info = BTUSB_BCM_PATCHRAM },
153 /* Belkin F8065bf - Broadcom based */
154 { USB_VENDOR_AND_INTERFACE_INFO(0x050d, 0xff, 0x01, 0x01),
155 .driver_info = BTUSB_BCM_PATCHRAM },
157 /* IMC Networks - Broadcom based */
158 { USB_VENDOR_AND_INTERFACE_INFO(0x13d3, 0xff, 0x01, 0x01),
159 .driver_info = BTUSB_BCM_PATCHRAM },
161 /* Dell Computer - Broadcom based */
162 { USB_VENDOR_AND_INTERFACE_INFO(0x413c, 0xff, 0x01, 0x01),
163 .driver_info = BTUSB_BCM_PATCHRAM },
165 /* Toshiba Corp - Broadcom based */
166 { USB_VENDOR_AND_INTERFACE_INFO(0x0930, 0xff, 0x01, 0x01),
167 .driver_info = BTUSB_BCM_PATCHRAM },
169 /* Intel Bluetooth USB Bootloader (RAM module) */
170 { USB_DEVICE(0x8087, 0x0a5a),
171 .driver_info = BTUSB_INTEL_BOOT | BTUSB_BROKEN_ISOC },
173 { } /* Terminating entry */
176 MODULE_DEVICE_TABLE(usb, btusb_table);
178 static const struct usb_device_id quirks_table[] = {
179 /* CSR BlueCore devices */
180 { USB_DEVICE(0x0a12, 0x0001), .driver_info = BTUSB_CSR },
182 /* Broadcom BCM2033 without firmware */
183 { USB_DEVICE(0x0a5c, 0x2033), .driver_info = BTUSB_IGNORE },
185 /* Broadcom BCM2045 devices */
186 { USB_DEVICE(0x0a5c, 0x2045), .driver_info = BTUSB_BCM2045 },
188 /* Atheros 3011 with sflash firmware */
189 { USB_DEVICE(0x0489, 0xe027), .driver_info = BTUSB_IGNORE },
190 { USB_DEVICE(0x0489, 0xe03d), .driver_info = BTUSB_IGNORE },
191 { USB_DEVICE(0x04f2, 0xaff1), .driver_info = BTUSB_IGNORE },
192 { USB_DEVICE(0x0930, 0x0215), .driver_info = BTUSB_IGNORE },
193 { USB_DEVICE(0x0cf3, 0x3002), .driver_info = BTUSB_IGNORE },
194 { USB_DEVICE(0x0cf3, 0xe019), .driver_info = BTUSB_IGNORE },
195 { USB_DEVICE(0x13d3, 0x3304), .driver_info = BTUSB_IGNORE },
197 /* Atheros AR9285 Malbec with sflash firmware */
198 { USB_DEVICE(0x03f0, 0x311d), .driver_info = BTUSB_IGNORE },
200 /* Atheros 3012 with sflash firmware */
201 { USB_DEVICE(0x0489, 0xe04d), .driver_info = BTUSB_ATH3012 },
202 { USB_DEVICE(0x0489, 0xe04e), .driver_info = BTUSB_ATH3012 },
203 { USB_DEVICE(0x0489, 0xe056), .driver_info = BTUSB_ATH3012 },
204 { USB_DEVICE(0x0489, 0xe057), .driver_info = BTUSB_ATH3012 },
205 { USB_DEVICE(0x0489, 0xe05f), .driver_info = BTUSB_ATH3012 },
206 { USB_DEVICE(0x0489, 0xe076), .driver_info = BTUSB_ATH3012 },
207 { USB_DEVICE(0x0489, 0xe078), .driver_info = BTUSB_ATH3012 },
208 { USB_DEVICE(0x0489, 0xe095), .driver_info = BTUSB_ATH3012 },
209 { USB_DEVICE(0x04c5, 0x1330), .driver_info = BTUSB_ATH3012 },
210 { USB_DEVICE(0x04ca, 0x3004), .driver_info = BTUSB_ATH3012 },
211 { USB_DEVICE(0x04ca, 0x3005), .driver_info = BTUSB_ATH3012 },
212 { USB_DEVICE(0x04ca, 0x3006), .driver_info = BTUSB_ATH3012 },
213 { USB_DEVICE(0x04ca, 0x3007), .driver_info = BTUSB_ATH3012 },
214 { USB_DEVICE(0x04ca, 0x3008), .driver_info = BTUSB_ATH3012 },
215 { USB_DEVICE(0x04ca, 0x300b), .driver_info = BTUSB_ATH3012 },
216 { USB_DEVICE(0x04ca, 0x300d), .driver_info = BTUSB_ATH3012 },
217 { USB_DEVICE(0x04ca, 0x300f), .driver_info = BTUSB_ATH3012 },
218 { USB_DEVICE(0x04ca, 0x3010), .driver_info = BTUSB_ATH3012 },
219 { USB_DEVICE(0x04ca, 0x3014), .driver_info = BTUSB_ATH3012 },
220 { USB_DEVICE(0x04ca, 0x3018), .driver_info = BTUSB_ATH3012 },
221 { USB_DEVICE(0x0930, 0x0219), .driver_info = BTUSB_ATH3012 },
222 { USB_DEVICE(0x0930, 0x021c), .driver_info = BTUSB_ATH3012 },
223 { USB_DEVICE(0x0930, 0x0220), .driver_info = BTUSB_ATH3012 },
224 { USB_DEVICE(0x0930, 0x0227), .driver_info = BTUSB_ATH3012 },
225 { USB_DEVICE(0x0b05, 0x17d0), .driver_info = BTUSB_ATH3012 },
226 { USB_DEVICE(0x0cf3, 0x0036), .driver_info = BTUSB_ATH3012 },
227 { USB_DEVICE(0x0cf3, 0x3004), .driver_info = BTUSB_ATH3012 },
228 { USB_DEVICE(0x0cf3, 0x3008), .driver_info = BTUSB_ATH3012 },
229 { USB_DEVICE(0x0cf3, 0x311d), .driver_info = BTUSB_ATH3012 },
230 { USB_DEVICE(0x0cf3, 0x311e), .driver_info = BTUSB_ATH3012 },
231 { USB_DEVICE(0x0cf3, 0x311f), .driver_info = BTUSB_ATH3012 },
232 { USB_DEVICE(0x0cf3, 0x3121), .driver_info = BTUSB_ATH3012 },
233 { USB_DEVICE(0x0cf3, 0x817a), .driver_info = BTUSB_ATH3012 },
234 { USB_DEVICE(0x0cf3, 0x817b), .driver_info = BTUSB_ATH3012 },
235 { USB_DEVICE(0x0cf3, 0xe003), .driver_info = BTUSB_ATH3012 },
236 { USB_DEVICE(0x0cf3, 0xe004), .driver_info = BTUSB_ATH3012 },
237 { USB_DEVICE(0x0cf3, 0xe005), .driver_info = BTUSB_ATH3012 },
238 { USB_DEVICE(0x0cf3, 0xe006), .driver_info = BTUSB_ATH3012 },
239 { USB_DEVICE(0x13d3, 0x3362), .driver_info = BTUSB_ATH3012 },
240 { USB_DEVICE(0x13d3, 0x3375), .driver_info = BTUSB_ATH3012 },
241 { USB_DEVICE(0x13d3, 0x3393), .driver_info = BTUSB_ATH3012 },
242 { USB_DEVICE(0x13d3, 0x3395), .driver_info = BTUSB_ATH3012 },
243 { USB_DEVICE(0x13d3, 0x3402), .driver_info = BTUSB_ATH3012 },
244 { USB_DEVICE(0x13d3, 0x3408), .driver_info = BTUSB_ATH3012 },
245 { USB_DEVICE(0x13d3, 0x3423), .driver_info = BTUSB_ATH3012 },
246 { USB_DEVICE(0x13d3, 0x3432), .driver_info = BTUSB_ATH3012 },
247 { USB_DEVICE(0x13d3, 0x3472), .driver_info = BTUSB_ATH3012 },
248 { USB_DEVICE(0x13d3, 0x3474), .driver_info = BTUSB_ATH3012 },
249 { USB_DEVICE(0x13d3, 0x3487), .driver_info = BTUSB_ATH3012 },
250 { USB_DEVICE(0x13d3, 0x3490), .driver_info = BTUSB_ATH3012 },
252 /* Atheros AR5BBU12 with sflash firmware */
253 { USB_DEVICE(0x0489, 0xe02c), .driver_info = BTUSB_IGNORE },
255 /* Atheros AR5BBU12 with sflash firmware */
256 { USB_DEVICE(0x0489, 0xe036), .driver_info = BTUSB_ATH3012 },
257 { USB_DEVICE(0x0489, 0xe03c), .driver_info = BTUSB_ATH3012 },
259 /* QCA ROME chipset */
260 { USB_DEVICE(0x0cf3, 0x535b), .driver_info = BTUSB_QCA_ROME |
261 BTUSB_WIDEBAND_SPEECH },
262 { USB_DEVICE(0x0cf3, 0xe007), .driver_info = BTUSB_QCA_ROME |
263 BTUSB_WIDEBAND_SPEECH },
264 { USB_DEVICE(0x0cf3, 0xe009), .driver_info = BTUSB_QCA_ROME |
265 BTUSB_WIDEBAND_SPEECH },
266 { USB_DEVICE(0x0cf3, 0xe010), .driver_info = BTUSB_QCA_ROME |
267 BTUSB_WIDEBAND_SPEECH },
268 { USB_DEVICE(0x0cf3, 0xe300), .driver_info = BTUSB_QCA_ROME |
269 BTUSB_WIDEBAND_SPEECH },
270 { USB_DEVICE(0x0cf3, 0xe301), .driver_info = BTUSB_QCA_ROME |
271 BTUSB_WIDEBAND_SPEECH },
272 { USB_DEVICE(0x0cf3, 0xe360), .driver_info = BTUSB_QCA_ROME |
273 BTUSB_WIDEBAND_SPEECH },
274 { USB_DEVICE(0x0cf3, 0xe500), .driver_info = BTUSB_QCA_ROME |
275 BTUSB_WIDEBAND_SPEECH },
276 { USB_DEVICE(0x0489, 0xe092), .driver_info = BTUSB_QCA_ROME |
277 BTUSB_WIDEBAND_SPEECH },
278 { USB_DEVICE(0x0489, 0xe09f), .driver_info = BTUSB_QCA_ROME |
279 BTUSB_WIDEBAND_SPEECH },
280 { USB_DEVICE(0x0489, 0xe0a2), .driver_info = BTUSB_QCA_ROME |
281 BTUSB_WIDEBAND_SPEECH },
282 { USB_DEVICE(0x04ca, 0x3011), .driver_info = BTUSB_QCA_ROME |
283 BTUSB_WIDEBAND_SPEECH },
284 { USB_DEVICE(0x04ca, 0x3015), .driver_info = BTUSB_QCA_ROME |
285 BTUSB_WIDEBAND_SPEECH },
286 { USB_DEVICE(0x04ca, 0x3016), .driver_info = BTUSB_QCA_ROME |
287 BTUSB_WIDEBAND_SPEECH },
288 { USB_DEVICE(0x04ca, 0x301a), .driver_info = BTUSB_QCA_ROME |
289 BTUSB_WIDEBAND_SPEECH },
290 { USB_DEVICE(0x04ca, 0x3021), .driver_info = BTUSB_QCA_ROME |
291 BTUSB_WIDEBAND_SPEECH },
292 { USB_DEVICE(0x13d3, 0x3491), .driver_info = BTUSB_QCA_ROME |
293 BTUSB_WIDEBAND_SPEECH },
294 { USB_DEVICE(0x13d3, 0x3496), .driver_info = BTUSB_QCA_ROME |
295 BTUSB_WIDEBAND_SPEECH },
296 { USB_DEVICE(0x13d3, 0x3501), .driver_info = BTUSB_QCA_ROME |
297 BTUSB_WIDEBAND_SPEECH },
299 /* QCA WCN6855 chipset */
300 { USB_DEVICE(0x0cf3, 0xe600), .driver_info = BTUSB_QCA_WCN6855 |
301 BTUSB_WIDEBAND_SPEECH |
302 BTUSB_VALID_LE_STATES },
303 { USB_DEVICE(0x0489, 0xe0cc), .driver_info = BTUSB_QCA_WCN6855 |
304 BTUSB_WIDEBAND_SPEECH |
305 BTUSB_VALID_LE_STATES },
306 { USB_DEVICE(0x0489, 0xe0d6), .driver_info = BTUSB_QCA_WCN6855 |
307 BTUSB_WIDEBAND_SPEECH |
308 BTUSB_VALID_LE_STATES },
309 { USB_DEVICE(0x0489, 0xe0e3), .driver_info = BTUSB_QCA_WCN6855 |
310 BTUSB_WIDEBAND_SPEECH |
311 BTUSB_VALID_LE_STATES },
312 { USB_DEVICE(0x10ab, 0x9309), .driver_info = BTUSB_QCA_WCN6855 |
313 BTUSB_WIDEBAND_SPEECH |
314 BTUSB_VALID_LE_STATES },
315 { USB_DEVICE(0x10ab, 0x9409), .driver_info = BTUSB_QCA_WCN6855 |
316 BTUSB_WIDEBAND_SPEECH |
317 BTUSB_VALID_LE_STATES },
318 { USB_DEVICE(0x0489, 0xe0d0), .driver_info = BTUSB_QCA_WCN6855 |
319 BTUSB_WIDEBAND_SPEECH |
320 BTUSB_VALID_LE_STATES },
321 { USB_DEVICE(0x10ab, 0x9108), .driver_info = BTUSB_QCA_WCN6855 |
322 BTUSB_WIDEBAND_SPEECH |
323 BTUSB_VALID_LE_STATES },
324 { USB_DEVICE(0x10ab, 0x9109), .driver_info = BTUSB_QCA_WCN6855 |
325 BTUSB_WIDEBAND_SPEECH |
326 BTUSB_VALID_LE_STATES },
327 { USB_DEVICE(0x10ab, 0x9208), .driver_info = BTUSB_QCA_WCN6855 |
328 BTUSB_WIDEBAND_SPEECH |
329 BTUSB_VALID_LE_STATES },
330 { USB_DEVICE(0x10ab, 0x9209), .driver_info = BTUSB_QCA_WCN6855 |
331 BTUSB_WIDEBAND_SPEECH |
332 BTUSB_VALID_LE_STATES },
333 { USB_DEVICE(0x10ab, 0x9308), .driver_info = BTUSB_QCA_WCN6855 |
334 BTUSB_WIDEBAND_SPEECH |
335 BTUSB_VALID_LE_STATES },
336 { USB_DEVICE(0x10ab, 0x9408), .driver_info = BTUSB_QCA_WCN6855 |
337 BTUSB_WIDEBAND_SPEECH |
338 BTUSB_VALID_LE_STATES },
339 { USB_DEVICE(0x10ab, 0x9508), .driver_info = BTUSB_QCA_WCN6855 |
340 BTUSB_WIDEBAND_SPEECH |
341 BTUSB_VALID_LE_STATES },
342 { USB_DEVICE(0x10ab, 0x9509), .driver_info = BTUSB_QCA_WCN6855 |
343 BTUSB_WIDEBAND_SPEECH |
344 BTUSB_VALID_LE_STATES },
345 { USB_DEVICE(0x10ab, 0x9608), .driver_info = BTUSB_QCA_WCN6855 |
346 BTUSB_WIDEBAND_SPEECH |
347 BTUSB_VALID_LE_STATES },
348 { USB_DEVICE(0x10ab, 0x9609), .driver_info = BTUSB_QCA_WCN6855 |
349 BTUSB_WIDEBAND_SPEECH |
350 BTUSB_VALID_LE_STATES },
351 { USB_DEVICE(0x10ab, 0x9f09), .driver_info = BTUSB_QCA_WCN6855 |
352 BTUSB_WIDEBAND_SPEECH |
353 BTUSB_VALID_LE_STATES },
354 { USB_DEVICE(0x04ca, 0x3022), .driver_info = BTUSB_QCA_WCN6855 |
355 BTUSB_WIDEBAND_SPEECH |
356 BTUSB_VALID_LE_STATES },
357 { USB_DEVICE(0x0489, 0xe0c7), .driver_info = BTUSB_QCA_WCN6855 |
358 BTUSB_WIDEBAND_SPEECH |
359 BTUSB_VALID_LE_STATES },
360 { USB_DEVICE(0x0489, 0xe0c9), .driver_info = BTUSB_QCA_WCN6855 |
361 BTUSB_WIDEBAND_SPEECH |
362 BTUSB_VALID_LE_STATES },
363 { USB_DEVICE(0x0489, 0xe0ca), .driver_info = BTUSB_QCA_WCN6855 |
364 BTUSB_WIDEBAND_SPEECH |
365 BTUSB_VALID_LE_STATES },
366 { USB_DEVICE(0x0489, 0xe0cb), .driver_info = BTUSB_QCA_WCN6855 |
367 BTUSB_WIDEBAND_SPEECH |
368 BTUSB_VALID_LE_STATES },
369 { USB_DEVICE(0x0489, 0xe0ce), .driver_info = BTUSB_QCA_WCN6855 |
370 BTUSB_WIDEBAND_SPEECH |
371 BTUSB_VALID_LE_STATES },
372 { USB_DEVICE(0x0489, 0xe0de), .driver_info = BTUSB_QCA_WCN6855 |
373 BTUSB_WIDEBAND_SPEECH |
374 BTUSB_VALID_LE_STATES },
375 { USB_DEVICE(0x0489, 0xe0df), .driver_info = BTUSB_QCA_WCN6855 |
376 BTUSB_WIDEBAND_SPEECH |
377 BTUSB_VALID_LE_STATES },
378 { USB_DEVICE(0x0489, 0xe0e1), .driver_info = BTUSB_QCA_WCN6855 |
379 BTUSB_WIDEBAND_SPEECH |
380 BTUSB_VALID_LE_STATES },
381 { USB_DEVICE(0x0489, 0xe0ea), .driver_info = BTUSB_QCA_WCN6855 |
382 BTUSB_WIDEBAND_SPEECH |
383 BTUSB_VALID_LE_STATES },
384 { USB_DEVICE(0x0489, 0xe0ec), .driver_info = BTUSB_QCA_WCN6855 |
385 BTUSB_WIDEBAND_SPEECH |
386 BTUSB_VALID_LE_STATES },
387 { USB_DEVICE(0x04ca, 0x3023), .driver_info = BTUSB_QCA_WCN6855 |
388 BTUSB_WIDEBAND_SPEECH |
389 BTUSB_VALID_LE_STATES },
390 { USB_DEVICE(0x04ca, 0x3024), .driver_info = BTUSB_QCA_WCN6855 |
391 BTUSB_WIDEBAND_SPEECH |
392 BTUSB_VALID_LE_STATES },
393 { USB_DEVICE(0x04ca, 0x3a22), .driver_info = BTUSB_QCA_WCN6855 |
394 BTUSB_WIDEBAND_SPEECH |
395 BTUSB_VALID_LE_STATES },
396 { USB_DEVICE(0x04ca, 0x3a24), .driver_info = BTUSB_QCA_WCN6855 |
397 BTUSB_WIDEBAND_SPEECH |
398 BTUSB_VALID_LE_STATES },
399 { USB_DEVICE(0x04ca, 0x3a26), .driver_info = BTUSB_QCA_WCN6855 |
400 BTUSB_WIDEBAND_SPEECH |
401 BTUSB_VALID_LE_STATES },
402 { USB_DEVICE(0x04ca, 0x3a27), .driver_info = BTUSB_QCA_WCN6855 |
403 BTUSB_WIDEBAND_SPEECH |
404 BTUSB_VALID_LE_STATES },
406 /* QCA WCN785x chipset */
407 { USB_DEVICE(0x0cf3, 0xe700), .driver_info = BTUSB_QCA_WCN6855 |
408 BTUSB_WIDEBAND_SPEECH |
409 BTUSB_VALID_LE_STATES },
411 /* Broadcom BCM2035 */
412 { USB_DEVICE(0x0a5c, 0x2009), .driver_info = BTUSB_BCM92035 },
413 { USB_DEVICE(0x0a5c, 0x200a), .driver_info = BTUSB_WRONG_SCO_MTU },
414 { USB_DEVICE(0x0a5c, 0x2035), .driver_info = BTUSB_WRONG_SCO_MTU },
416 /* Broadcom BCM2045 */
417 { USB_DEVICE(0x0a5c, 0x2039), .driver_info = BTUSB_WRONG_SCO_MTU },
418 { USB_DEVICE(0x0a5c, 0x2101), .driver_info = BTUSB_WRONG_SCO_MTU },
420 /* IBM/Lenovo ThinkPad with Broadcom chip */
421 { USB_DEVICE(0x0a5c, 0x201e), .driver_info = BTUSB_WRONG_SCO_MTU },
422 { USB_DEVICE(0x0a5c, 0x2110), .driver_info = BTUSB_WRONG_SCO_MTU },
424 /* HP laptop with Broadcom chip */
425 { USB_DEVICE(0x03f0, 0x171d), .driver_info = BTUSB_WRONG_SCO_MTU },
427 /* Dell laptop with Broadcom chip */
428 { USB_DEVICE(0x413c, 0x8126), .driver_info = BTUSB_WRONG_SCO_MTU },
430 /* Dell Wireless 370 and 410 devices */
431 { USB_DEVICE(0x413c, 0x8152), .driver_info = BTUSB_WRONG_SCO_MTU },
432 { USB_DEVICE(0x413c, 0x8156), .driver_info = BTUSB_WRONG_SCO_MTU },
434 /* Belkin F8T012 and F8T013 devices */
435 { USB_DEVICE(0x050d, 0x0012), .driver_info = BTUSB_WRONG_SCO_MTU },
436 { USB_DEVICE(0x050d, 0x0013), .driver_info = BTUSB_WRONG_SCO_MTU },
438 /* Asus WL-BTD202 device */
439 { USB_DEVICE(0x0b05, 0x1715), .driver_info = BTUSB_WRONG_SCO_MTU },
441 /* Kensington Bluetooth USB adapter */
442 { USB_DEVICE(0x047d, 0x105e), .driver_info = BTUSB_WRONG_SCO_MTU },
444 /* RTX Telecom based adapters with buggy SCO support */
445 { USB_DEVICE(0x0400, 0x0807), .driver_info = BTUSB_BROKEN_ISOC },
446 { USB_DEVICE(0x0400, 0x080a), .driver_info = BTUSB_BROKEN_ISOC },
448 /* CONWISE Technology based adapters with buggy SCO support */
449 { USB_DEVICE(0x0e5e, 0x6622),
450 .driver_info = BTUSB_BROKEN_ISOC | BTUSB_CW6622},
452 /* Roper Class 1 Bluetooth Dongle (Silicon Wave based) */
453 { USB_DEVICE(0x1310, 0x0001), .driver_info = BTUSB_SWAVE },
455 /* Digianswer devices */
456 { USB_DEVICE(0x08fd, 0x0001), .driver_info = BTUSB_DIGIANSWER },
457 { USB_DEVICE(0x08fd, 0x0002), .driver_info = BTUSB_IGNORE },
459 /* CSR BlueCore Bluetooth Sniffer */
460 { USB_DEVICE(0x0a12, 0x0002),
461 .driver_info = BTUSB_SNIFFER | BTUSB_BROKEN_ISOC },
463 /* Frontline ComProbe Bluetooth Sniffer */
464 { USB_DEVICE(0x16d3, 0x0002),
465 .driver_info = BTUSB_SNIFFER | BTUSB_BROKEN_ISOC },
467 /* Marvell Bluetooth devices */
468 { USB_DEVICE(0x1286, 0x2044), .driver_info = BTUSB_MARVELL },
469 { USB_DEVICE(0x1286, 0x2046), .driver_info = BTUSB_MARVELL },
470 { USB_DEVICE(0x1286, 0x204e), .driver_info = BTUSB_MARVELL },
472 /* Intel Bluetooth devices */
473 { USB_DEVICE(0x8087, 0x0025), .driver_info = BTUSB_INTEL_COMBINED },
474 { USB_DEVICE(0x8087, 0x0026), .driver_info = BTUSB_INTEL_COMBINED },
475 { USB_DEVICE(0x8087, 0x0029), .driver_info = BTUSB_INTEL_COMBINED },
476 { USB_DEVICE(0x8087, 0x0032), .driver_info = BTUSB_INTEL_COMBINED },
477 { USB_DEVICE(0x8087, 0x0033), .driver_info = BTUSB_INTEL_COMBINED },
478 { USB_DEVICE(0x8087, 0x0035), .driver_info = BTUSB_INTEL_COMBINED },
479 { USB_DEVICE(0x8087, 0x0036), .driver_info = BTUSB_INTEL_COMBINED },
480 { USB_DEVICE(0x8087, 0x0037), .driver_info = BTUSB_INTEL_COMBINED },
481 { USB_DEVICE(0x8087, 0x0038), .driver_info = BTUSB_INTEL_COMBINED },
482 { USB_DEVICE(0x8087, 0x07da), .driver_info = BTUSB_CSR },
483 { USB_DEVICE(0x8087, 0x07dc), .driver_info = BTUSB_INTEL_COMBINED |
484 BTUSB_INTEL_NO_WBS_SUPPORT |
485 BTUSB_INTEL_BROKEN_INITIAL_NCMD |
486 BTUSB_INTEL_BROKEN_SHUTDOWN_LED },
487 { USB_DEVICE(0x8087, 0x0a2a), .driver_info = BTUSB_INTEL_COMBINED |
488 BTUSB_INTEL_NO_WBS_SUPPORT |
489 BTUSB_INTEL_BROKEN_SHUTDOWN_LED },
490 { USB_DEVICE(0x8087, 0x0a2b), .driver_info = BTUSB_INTEL_COMBINED },
491 { USB_DEVICE(0x8087, 0x0aa7), .driver_info = BTUSB_INTEL_COMBINED |
492 BTUSB_INTEL_BROKEN_SHUTDOWN_LED },
493 { USB_DEVICE(0x8087, 0x0aaa), .driver_info = BTUSB_INTEL_COMBINED },
495 /* Other Intel Bluetooth devices */
496 { USB_VENDOR_AND_INTERFACE_INFO(0x8087, 0xe0, 0x01, 0x01),
497 .driver_info = BTUSB_IGNORE },
499 /* Realtek 8821CE Bluetooth devices */
500 { USB_DEVICE(0x13d3, 0x3529), .driver_info = BTUSB_REALTEK |
501 BTUSB_WIDEBAND_SPEECH },
503 /* Realtek 8822CE Bluetooth devices */
504 { USB_DEVICE(0x0bda, 0xb00c), .driver_info = BTUSB_REALTEK |
505 BTUSB_WIDEBAND_SPEECH },
506 { USB_DEVICE(0x0bda, 0xc822), .driver_info = BTUSB_REALTEK |
507 BTUSB_WIDEBAND_SPEECH },
509 /* Realtek 8822CU Bluetooth devices */
510 { USB_DEVICE(0x13d3, 0x3549), .driver_info = BTUSB_REALTEK |
511 BTUSB_WIDEBAND_SPEECH },
513 /* Realtek 8852AE Bluetooth devices */
514 { USB_DEVICE(0x0bda, 0x2852), .driver_info = BTUSB_REALTEK |
515 BTUSB_WIDEBAND_SPEECH },
516 { USB_DEVICE(0x0bda, 0xc852), .driver_info = BTUSB_REALTEK |
517 BTUSB_WIDEBAND_SPEECH },
518 { USB_DEVICE(0x0bda, 0x385a), .driver_info = BTUSB_REALTEK |
519 BTUSB_WIDEBAND_SPEECH },
520 { USB_DEVICE(0x0bda, 0x4852), .driver_info = BTUSB_REALTEK |
521 BTUSB_WIDEBAND_SPEECH },
522 { USB_DEVICE(0x04c5, 0x165c), .driver_info = BTUSB_REALTEK |
523 BTUSB_WIDEBAND_SPEECH },
524 { USB_DEVICE(0x04ca, 0x4006), .driver_info = BTUSB_REALTEK |
525 BTUSB_WIDEBAND_SPEECH },
526 { USB_DEVICE(0x0cb8, 0xc549), .driver_info = BTUSB_REALTEK |
527 BTUSB_WIDEBAND_SPEECH },
529 /* Realtek 8852CE Bluetooth devices */
530 { USB_DEVICE(0x04ca, 0x4007), .driver_info = BTUSB_REALTEK |
531 BTUSB_WIDEBAND_SPEECH },
532 { USB_DEVICE(0x04c5, 0x1675), .driver_info = BTUSB_REALTEK |
533 BTUSB_WIDEBAND_SPEECH },
534 { USB_DEVICE(0x0cb8, 0xc558), .driver_info = BTUSB_REALTEK |
535 BTUSB_WIDEBAND_SPEECH },
536 { USB_DEVICE(0x13d3, 0x3587), .driver_info = BTUSB_REALTEK |
537 BTUSB_WIDEBAND_SPEECH },
538 { USB_DEVICE(0x13d3, 0x3586), .driver_info = BTUSB_REALTEK |
539 BTUSB_WIDEBAND_SPEECH },
540 { USB_DEVICE(0x13d3, 0x3592), .driver_info = BTUSB_REALTEK |
541 BTUSB_WIDEBAND_SPEECH },
543 /* Realtek 8852BE Bluetooth devices */
544 { USB_DEVICE(0x0cb8, 0xc559), .driver_info = BTUSB_REALTEK |
545 BTUSB_WIDEBAND_SPEECH },
546 { USB_DEVICE(0x0bda, 0x4853), .driver_info = BTUSB_REALTEK |
547 BTUSB_WIDEBAND_SPEECH },
548 { USB_DEVICE(0x0bda, 0x887b), .driver_info = BTUSB_REALTEK |
549 BTUSB_WIDEBAND_SPEECH },
550 { USB_DEVICE(0x0bda, 0xb85b), .driver_info = BTUSB_REALTEK |
551 BTUSB_WIDEBAND_SPEECH },
552 { USB_DEVICE(0x13d3, 0x3570), .driver_info = BTUSB_REALTEK |
553 BTUSB_WIDEBAND_SPEECH },
554 { USB_DEVICE(0x13d3, 0x3571), .driver_info = BTUSB_REALTEK |
555 BTUSB_WIDEBAND_SPEECH },
556 { USB_DEVICE(0x13d3, 0x3572), .driver_info = BTUSB_REALTEK |
557 BTUSB_WIDEBAND_SPEECH },
559 /* Realtek 8852BT/8852BE-VT Bluetooth devices */
560 { USB_DEVICE(0x0bda, 0x8520), .driver_info = BTUSB_REALTEK |
561 BTUSB_WIDEBAND_SPEECH },
562 /* Realtek Bluetooth devices */
563 { USB_VENDOR_AND_INTERFACE_INFO(0x0bda, 0xe0, 0x01, 0x01),
564 .driver_info = BTUSB_REALTEK },
566 /* MediaTek Bluetooth devices */
567 { USB_VENDOR_AND_INTERFACE_INFO(0x0e8d, 0xe0, 0x01, 0x01),
568 .driver_info = BTUSB_MEDIATEK |
569 BTUSB_WIDEBAND_SPEECH |
570 BTUSB_VALID_LE_STATES },
572 /* Additional MediaTek MT7615E Bluetooth devices */
573 { USB_DEVICE(0x13d3, 0x3560), .driver_info = BTUSB_MEDIATEK},
575 /* Additional MediaTek MT7663 Bluetooth devices */
576 { USB_DEVICE(0x043e, 0x310c), .driver_info = BTUSB_MEDIATEK |
577 BTUSB_WIDEBAND_SPEECH |
578 BTUSB_VALID_LE_STATES },
579 { USB_DEVICE(0x04ca, 0x3801), .driver_info = BTUSB_MEDIATEK |
580 BTUSB_WIDEBAND_SPEECH |
581 BTUSB_VALID_LE_STATES },
583 /* Additional MediaTek MT7668 Bluetooth devices */
584 { USB_DEVICE(0x043e, 0x3109), .driver_info = BTUSB_MEDIATEK |
585 BTUSB_WIDEBAND_SPEECH |
586 BTUSB_VALID_LE_STATES },
588 /* Additional MediaTek MT7921 Bluetooth devices */
589 { USB_DEVICE(0x0489, 0xe0c8), .driver_info = BTUSB_MEDIATEK |
590 BTUSB_WIDEBAND_SPEECH |
591 BTUSB_VALID_LE_STATES },
592 { USB_DEVICE(0x0489, 0xe0cd), .driver_info = BTUSB_MEDIATEK |
593 BTUSB_WIDEBAND_SPEECH |
594 BTUSB_VALID_LE_STATES },
595 { USB_DEVICE(0x0489, 0xe0e0), .driver_info = BTUSB_MEDIATEK |
596 BTUSB_WIDEBAND_SPEECH |
597 BTUSB_VALID_LE_STATES },
598 { USB_DEVICE(0x0489, 0xe0f2), .driver_info = BTUSB_MEDIATEK |
599 BTUSB_WIDEBAND_SPEECH |
600 BTUSB_VALID_LE_STATES },
601 { USB_DEVICE(0x04ca, 0x3802), .driver_info = BTUSB_MEDIATEK |
602 BTUSB_WIDEBAND_SPEECH |
603 BTUSB_VALID_LE_STATES },
604 { USB_DEVICE(0x0e8d, 0x0608), .driver_info = BTUSB_MEDIATEK |
605 BTUSB_WIDEBAND_SPEECH |
606 BTUSB_VALID_LE_STATES },
607 { USB_DEVICE(0x13d3, 0x3563), .driver_info = BTUSB_MEDIATEK |
608 BTUSB_WIDEBAND_SPEECH |
609 BTUSB_VALID_LE_STATES },
610 { USB_DEVICE(0x13d3, 0x3564), .driver_info = BTUSB_MEDIATEK |
611 BTUSB_WIDEBAND_SPEECH |
612 BTUSB_VALID_LE_STATES },
613 { USB_DEVICE(0x13d3, 0x3567), .driver_info = BTUSB_MEDIATEK |
614 BTUSB_WIDEBAND_SPEECH |
615 BTUSB_VALID_LE_STATES },
616 { USB_DEVICE(0x13d3, 0x3578), .driver_info = BTUSB_MEDIATEK |
617 BTUSB_WIDEBAND_SPEECH |
618 BTUSB_VALID_LE_STATES },
619 { USB_DEVICE(0x13d3, 0x3583), .driver_info = BTUSB_MEDIATEK |
620 BTUSB_WIDEBAND_SPEECH |
621 BTUSB_VALID_LE_STATES },
622 { USB_DEVICE(0x13d3, 0x3606), .driver_info = BTUSB_MEDIATEK |
623 BTUSB_WIDEBAND_SPEECH |
624 BTUSB_VALID_LE_STATES },
626 /* MediaTek MT7922 Bluetooth devices */
627 { USB_DEVICE(0x13d3, 0x3585), .driver_info = BTUSB_MEDIATEK |
628 BTUSB_WIDEBAND_SPEECH |
629 BTUSB_VALID_LE_STATES },
631 /* MediaTek MT7922A Bluetooth devices */
632 { USB_DEVICE(0x0489, 0xe0d8), .driver_info = BTUSB_MEDIATEK |
633 BTUSB_WIDEBAND_SPEECH |
634 BTUSB_VALID_LE_STATES },
635 { USB_DEVICE(0x0489, 0xe0d9), .driver_info = BTUSB_MEDIATEK |
636 BTUSB_WIDEBAND_SPEECH |
637 BTUSB_VALID_LE_STATES },
638 { USB_DEVICE(0x0489, 0xe0e2), .driver_info = BTUSB_MEDIATEK |
639 BTUSB_WIDEBAND_SPEECH |
640 BTUSB_VALID_LE_STATES },
641 { USB_DEVICE(0x0489, 0xe0e4), .driver_info = BTUSB_MEDIATEK |
642 BTUSB_WIDEBAND_SPEECH |
643 BTUSB_VALID_LE_STATES },
644 { USB_DEVICE(0x0489, 0xe0f1), .driver_info = BTUSB_MEDIATEK |
645 BTUSB_WIDEBAND_SPEECH |
646 BTUSB_VALID_LE_STATES },
647 { USB_DEVICE(0x0489, 0xe0f2), .driver_info = BTUSB_MEDIATEK |
648 BTUSB_WIDEBAND_SPEECH |
649 BTUSB_VALID_LE_STATES },
650 { USB_DEVICE(0x0489, 0xe0f5), .driver_info = BTUSB_MEDIATEK |
651 BTUSB_WIDEBAND_SPEECH |
652 BTUSB_VALID_LE_STATES },
653 { USB_DEVICE(0x0489, 0xe0f6), .driver_info = BTUSB_MEDIATEK |
654 BTUSB_WIDEBAND_SPEECH |
655 BTUSB_VALID_LE_STATES },
656 { USB_DEVICE(0x0489, 0xe102), .driver_info = BTUSB_MEDIATEK |
657 BTUSB_WIDEBAND_SPEECH |
658 BTUSB_VALID_LE_STATES },
659 { USB_DEVICE(0x04ca, 0x3804), .driver_info = BTUSB_MEDIATEK |
660 BTUSB_WIDEBAND_SPEECH |
661 BTUSB_VALID_LE_STATES },
662 { USB_DEVICE(0x04ca, 0x38e4), .driver_info = BTUSB_MEDIATEK |
663 BTUSB_WIDEBAND_SPEECH |
664 BTUSB_VALID_LE_STATES },
665 { USB_DEVICE(0x13d3, 0x3568), .driver_info = BTUSB_MEDIATEK |
666 BTUSB_WIDEBAND_SPEECH |
667 BTUSB_VALID_LE_STATES },
668 { USB_DEVICE(0x13d3, 0x3605), .driver_info = BTUSB_MEDIATEK |
669 BTUSB_WIDEBAND_SPEECH |
670 BTUSB_VALID_LE_STATES },
671 { USB_DEVICE(0x13d3, 0x3607), .driver_info = BTUSB_MEDIATEK |
672 BTUSB_WIDEBAND_SPEECH |
673 BTUSB_VALID_LE_STATES },
674 { USB_DEVICE(0x13d3, 0x3614), .driver_info = BTUSB_MEDIATEK |
675 BTUSB_WIDEBAND_SPEECH |
676 BTUSB_VALID_LE_STATES },
677 { USB_DEVICE(0x13d3, 0x3615), .driver_info = BTUSB_MEDIATEK |
678 BTUSB_WIDEBAND_SPEECH |
679 BTUSB_VALID_LE_STATES },
680 { USB_DEVICE(0x35f5, 0x7922), .driver_info = BTUSB_MEDIATEK |
681 BTUSB_WIDEBAND_SPEECH |
682 BTUSB_VALID_LE_STATES },
684 /* Additional MediaTek MT7925 Bluetooth devices */
685 { USB_DEVICE(0x0489, 0xe113), .driver_info = BTUSB_MEDIATEK |
686 BTUSB_WIDEBAND_SPEECH |
687 BTUSB_VALID_LE_STATES },
688 { USB_DEVICE(0x13d3, 0x3602), .driver_info = BTUSB_MEDIATEK |
689 BTUSB_WIDEBAND_SPEECH |
690 BTUSB_VALID_LE_STATES },
691 { USB_DEVICE(0x13d3, 0x3603), .driver_info = BTUSB_MEDIATEK |
692 BTUSB_WIDEBAND_SPEECH |
693 BTUSB_VALID_LE_STATES },
695 /* Additional Realtek 8723AE Bluetooth devices */
696 { USB_DEVICE(0x0930, 0x021d), .driver_info = BTUSB_REALTEK },
697 { USB_DEVICE(0x13d3, 0x3394), .driver_info = BTUSB_REALTEK },
699 /* Additional Realtek 8723BE Bluetooth devices */
700 { USB_DEVICE(0x0489, 0xe085), .driver_info = BTUSB_REALTEK },
701 { USB_DEVICE(0x0489, 0xe08b), .driver_info = BTUSB_REALTEK },
702 { USB_DEVICE(0x04f2, 0xb49f), .driver_info = BTUSB_REALTEK },
703 { USB_DEVICE(0x13d3, 0x3410), .driver_info = BTUSB_REALTEK },
704 { USB_DEVICE(0x13d3, 0x3416), .driver_info = BTUSB_REALTEK },
705 { USB_DEVICE(0x13d3, 0x3459), .driver_info = BTUSB_REALTEK },
706 { USB_DEVICE(0x13d3, 0x3494), .driver_info = BTUSB_REALTEK },
708 /* Additional Realtek 8723BU Bluetooth devices */
709 { USB_DEVICE(0x7392, 0xa611), .driver_info = BTUSB_REALTEK },
711 /* Additional Realtek 8723DE Bluetooth devices */
712 { USB_DEVICE(0x0bda, 0xb009), .driver_info = BTUSB_REALTEK },
713 { USB_DEVICE(0x2ff8, 0xb011), .driver_info = BTUSB_REALTEK },
715 /* Additional Realtek 8761BUV Bluetooth devices */
716 { USB_DEVICE(0x2357, 0x0604), .driver_info = BTUSB_REALTEK |
717 BTUSB_WIDEBAND_SPEECH },
718 { USB_DEVICE(0x0b05, 0x190e), .driver_info = BTUSB_REALTEK |
719 BTUSB_WIDEBAND_SPEECH },
720 { USB_DEVICE(0x2550, 0x8761), .driver_info = BTUSB_REALTEK |
721 BTUSB_WIDEBAND_SPEECH },
722 { USB_DEVICE(0x0bda, 0x8771), .driver_info = BTUSB_REALTEK |
723 BTUSB_WIDEBAND_SPEECH },
724 { USB_DEVICE(0x6655, 0x8771), .driver_info = BTUSB_REALTEK |
725 BTUSB_WIDEBAND_SPEECH },
726 { USB_DEVICE(0x7392, 0xc611), .driver_info = BTUSB_REALTEK |
727 BTUSB_WIDEBAND_SPEECH },
728 { USB_DEVICE(0x2b89, 0x8761), .driver_info = BTUSB_REALTEK |
729 BTUSB_WIDEBAND_SPEECH },
731 /* Additional Realtek 8821AE Bluetooth devices */
732 { USB_DEVICE(0x0b05, 0x17dc), .driver_info = BTUSB_REALTEK },
733 { USB_DEVICE(0x13d3, 0x3414), .driver_info = BTUSB_REALTEK },
734 { USB_DEVICE(0x13d3, 0x3458), .driver_info = BTUSB_REALTEK },
735 { USB_DEVICE(0x13d3, 0x3461), .driver_info = BTUSB_REALTEK },
736 { USB_DEVICE(0x13d3, 0x3462), .driver_info = BTUSB_REALTEK },
738 /* Additional Realtek 8822BE Bluetooth devices */
739 { USB_DEVICE(0x13d3, 0x3526), .driver_info = BTUSB_REALTEK },
740 { USB_DEVICE(0x0b05, 0x185c), .driver_info = BTUSB_REALTEK },
742 /* Additional Realtek 8822CE Bluetooth devices */
743 { USB_DEVICE(0x04ca, 0x4005), .driver_info = BTUSB_REALTEK |
744 BTUSB_WIDEBAND_SPEECH },
745 { USB_DEVICE(0x04c5, 0x161f), .driver_info = BTUSB_REALTEK |
746 BTUSB_WIDEBAND_SPEECH },
747 { USB_DEVICE(0x0b05, 0x18ef), .driver_info = BTUSB_REALTEK |
748 BTUSB_WIDEBAND_SPEECH },
749 { USB_DEVICE(0x13d3, 0x3548), .driver_info = BTUSB_REALTEK |
750 BTUSB_WIDEBAND_SPEECH },
751 { USB_DEVICE(0x13d3, 0x3549), .driver_info = BTUSB_REALTEK |
752 BTUSB_WIDEBAND_SPEECH },
753 { USB_DEVICE(0x13d3, 0x3553), .driver_info = BTUSB_REALTEK |
754 BTUSB_WIDEBAND_SPEECH },
755 { USB_DEVICE(0x13d3, 0x3555), .driver_info = BTUSB_REALTEK |
756 BTUSB_WIDEBAND_SPEECH },
757 { USB_DEVICE(0x2ff8, 0x3051), .driver_info = BTUSB_REALTEK |
758 BTUSB_WIDEBAND_SPEECH },
759 { USB_DEVICE(0x1358, 0xc123), .driver_info = BTUSB_REALTEK |
760 BTUSB_WIDEBAND_SPEECH },
761 { USB_DEVICE(0x0bda, 0xc123), .driver_info = BTUSB_REALTEK |
762 BTUSB_WIDEBAND_SPEECH },
763 { USB_DEVICE(0x0cb5, 0xc547), .driver_info = BTUSB_REALTEK |
764 BTUSB_WIDEBAND_SPEECH },
766 /* Actions Semiconductor ATS2851 based devices */
767 { USB_DEVICE(0x10d7, 0xb012), .driver_info = BTUSB_ACTIONS_SEMI },
769 /* Silicon Wave based devices */
770 { USB_DEVICE(0x0c10, 0x0000), .driver_info = BTUSB_SWAVE },
772 { } /* Terminating entry */
775 /* The Bluetooth USB module build into some devices needs to be reset on resume,
776 * this is a problem with the platform (likely shutting off all power) not with
777 * the module itself. So we use a DMI list to match known broken platforms.
779 static const struct dmi_system_id btusb_needs_reset_resume_table[] = {
781 /* Dell OptiPlex 3060 (QCA ROME device 0cf3:e007) */
783 DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."),
784 DMI_MATCH(DMI_PRODUCT_NAME, "OptiPlex 3060"),
788 /* Dell XPS 9360 (QCA ROME device 0cf3:e300) */
790 DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."),
791 DMI_MATCH(DMI_PRODUCT_NAME, "XPS 13 9360"),
795 /* Dell Inspiron 5565 (QCA ROME device 0cf3:e009) */
797 DMI_MATCH(DMI_SYS_VENDOR, "Dell Inc."),
798 DMI_MATCH(DMI_PRODUCT_NAME, "Inspiron 5565"),
804 struct qca_dump_info {
805 /* fields for dump collection */
814 #define BTUSB_MAX_ISOC_FRAMES 10
816 #define BTUSB_INTR_RUNNING 0
817 #define BTUSB_BULK_RUNNING 1
818 #define BTUSB_ISOC_RUNNING 2
819 #define BTUSB_SUSPENDING 3
820 #define BTUSB_DID_ISO_RESUME 4
821 #define BTUSB_BOOTLOADER 5
822 #define BTUSB_DOWNLOADING 6
823 #define BTUSB_FIRMWARE_LOADED 7
824 #define BTUSB_FIRMWARE_FAILED 8
825 #define BTUSB_BOOTING 9
826 #define BTUSB_DIAG_RUNNING 10
827 #define BTUSB_OOB_WAKE_ENABLED 11
828 #define BTUSB_HW_RESET_ACTIVE 12
829 #define BTUSB_TX_WAIT_VND_EVT 13
830 #define BTUSB_WAKEUP_AUTOSUSPEND 14
831 #define BTUSB_USE_ALT3_FOR_WBS 15
832 #define BTUSB_ALT6_CONTINUOUS_TX 16
833 #define BTUSB_HW_SSR_ACTIVE 17
836 struct hci_dev *hdev;
837 struct usb_device *udev;
838 struct usb_interface *intf;
839 struct usb_interface *isoc;
840 struct usb_interface *diag;
847 struct work_struct work;
848 struct work_struct waker;
849 struct delayed_work rx_work;
851 struct sk_buff_head acl_q;
853 struct usb_anchor deferred;
854 struct usb_anchor tx_anchor;
858 struct usb_anchor intr_anchor;
859 struct usb_anchor bulk_anchor;
860 struct usb_anchor isoc_anchor;
861 struct usb_anchor diag_anchor;
862 struct usb_anchor ctrl_anchor;
865 struct sk_buff *evt_skb;
866 struct sk_buff *acl_skb;
867 struct sk_buff *sco_skb;
869 struct usb_endpoint_descriptor *intr_ep;
870 struct usb_endpoint_descriptor *bulk_tx_ep;
871 struct usb_endpoint_descriptor *bulk_rx_ep;
872 struct usb_endpoint_descriptor *isoc_tx_ep;
873 struct usb_endpoint_descriptor *isoc_rx_ep;
874 struct usb_endpoint_descriptor *diag_tx_ep;
875 struct usb_endpoint_descriptor *diag_rx_ep;
877 struct gpio_desc *reset_gpio;
882 unsigned int sco_num;
883 unsigned int air_mode;
884 bool usb_alt6_packet_flow;
888 int (*recv_event)(struct hci_dev *hdev, struct sk_buff *skb);
889 int (*recv_acl)(struct hci_dev *hdev, struct sk_buff *skb);
890 int (*recv_bulk)(struct btusb_data *data, void *buffer, int count);
892 int (*setup_on_usb)(struct hci_dev *hdev);
894 int oob_wake_irq; /* irq for out-of-band wake-on-bt */
895 unsigned cmd_timeout_cnt;
897 struct qca_dump_info qca_dump;
900 static void btusb_reset(struct hci_dev *hdev)
902 struct btusb_data *data;
910 data = hci_get_drvdata(hdev);
911 /* This is not an unbalanced PM reference since the device will reset */
912 err = usb_autopm_get_interface(data->intf);
914 bt_dev_err(hdev, "Failed usb_autopm_get_interface: %d", err);
918 bt_dev_err(hdev, "Resetting usb device.");
919 usb_queue_reset_device(data->intf);
922 static void btusb_intel_cmd_timeout(struct hci_dev *hdev)
924 struct btusb_data *data = hci_get_drvdata(hdev);
925 struct gpio_desc *reset_gpio = data->reset_gpio;
926 struct btintel_data *intel_data = hci_get_priv(hdev);
928 if (++data->cmd_timeout_cnt < 5)
931 if (intel_data->acpi_reset_method) {
932 if (test_and_set_bit(INTEL_ACPI_RESET_ACTIVE, intel_data->flags)) {
933 bt_dev_err(hdev, "acpi: last reset failed ? Not resetting again");
937 bt_dev_err(hdev, "Initiating acpi reset method");
938 /* If ACPI reset method fails, lets try with legacy GPIO
941 if (!intel_data->acpi_reset_method(hdev)) {
952 * Toggle the hard reset line if the platform provides one. The reset
953 * is going to yank the device off the USB and then replug. So doing
954 * once is enough. The cleanup is handled correctly on the way out
955 * (standard USB disconnect), and the new device is detected cleanly
956 * and bound to the driver again like it should be.
958 if (test_and_set_bit(BTUSB_HW_RESET_ACTIVE, &data->flags)) {
959 bt_dev_err(hdev, "last reset failed? Not resetting again");
963 bt_dev_err(hdev, "Initiating HW reset via gpio");
964 gpiod_set_value_cansleep(reset_gpio, 1);
966 gpiod_set_value_cansleep(reset_gpio, 0);
969 #define RTK_DEVCOREDUMP_CODE_MEMDUMP 0x01
970 #define RTK_DEVCOREDUMP_CODE_HW_ERR 0x02
971 #define RTK_DEVCOREDUMP_CODE_CMD_TIMEOUT 0x03
973 #define RTK_SUB_EVENT_CODE_COREDUMP 0x34
975 struct rtk_dev_coredump_hdr {
981 static inline void btusb_rtl_alloc_devcoredump(struct hci_dev *hdev,
982 struct rtk_dev_coredump_hdr *hdr, u8 *buf, u32 len)
986 skb = alloc_skb(len + sizeof(*hdr), GFP_ATOMIC);
990 skb_put_data(skb, hdr, sizeof(*hdr));
992 skb_put_data(skb, buf, len);
994 if (!hci_devcd_init(hdev, skb->len)) {
995 hci_devcd_append(hdev, skb);
996 hci_devcd_complete(hdev);
998 bt_dev_err(hdev, "RTL: Failed to generate devcoredump");
1003 static void btusb_rtl_cmd_timeout(struct hci_dev *hdev)
1005 struct btusb_data *data = hci_get_drvdata(hdev);
1006 struct gpio_desc *reset_gpio = data->reset_gpio;
1007 struct rtk_dev_coredump_hdr hdr = {
1008 .type = RTK_DEVCOREDUMP_CODE_CMD_TIMEOUT,
1011 btusb_rtl_alloc_devcoredump(hdev, &hdr, NULL, 0);
1013 if (++data->cmd_timeout_cnt < 5)
1021 /* Toggle the hard reset line. The Realtek device is going to
1022 * yank itself off the USB and then replug. The cleanup is handled
1023 * correctly on the way out (standard USB disconnect), and the new
1024 * device is detected cleanly and bound to the driver again like
1027 if (test_and_set_bit(BTUSB_HW_RESET_ACTIVE, &data->flags)) {
1028 bt_dev_err(hdev, "last reset failed? Not resetting again");
1032 bt_dev_err(hdev, "Reset Realtek device via gpio");
1033 gpiod_set_value_cansleep(reset_gpio, 1);
1035 gpiod_set_value_cansleep(reset_gpio, 0);
1038 static void btusb_rtl_hw_error(struct hci_dev *hdev, u8 code)
1040 struct rtk_dev_coredump_hdr hdr = {
1041 .type = RTK_DEVCOREDUMP_CODE_HW_ERR,
1045 bt_dev_err(hdev, "RTL: hw err, trigger devcoredump (%d)", code);
1047 btusb_rtl_alloc_devcoredump(hdev, &hdr, NULL, 0);
1050 static void btusb_qca_cmd_timeout(struct hci_dev *hdev)
1052 struct btusb_data *data = hci_get_drvdata(hdev);
1053 struct gpio_desc *reset_gpio = data->reset_gpio;
1055 if (test_bit(BTUSB_HW_SSR_ACTIVE, &data->flags)) {
1056 bt_dev_info(hdev, "Ramdump in progress, defer cmd_timeout");
1060 if (++data->cmd_timeout_cnt < 5)
1064 bt_dev_err(hdev, "Reset qca device via bt_en gpio");
1066 /* Toggle the hard reset line. The qca bt device is going to
1067 * yank itself off the USB and then replug. The cleanup is handled
1068 * correctly on the way out (standard USB disconnect), and the new
1069 * device is detected cleanly and bound to the driver again like
1072 if (test_and_set_bit(BTUSB_HW_RESET_ACTIVE, &data->flags)) {
1073 bt_dev_err(hdev, "last reset failed? Not resetting again");
1077 gpiod_set_value_cansleep(reset_gpio, 0);
1079 gpiod_set_value_cansleep(reset_gpio, 1);
1087 static inline void btusb_free_frags(struct btusb_data *data)
1089 unsigned long flags;
1091 spin_lock_irqsave(&data->rxlock, flags);
1093 dev_kfree_skb_irq(data->evt_skb);
1094 data->evt_skb = NULL;
1096 dev_kfree_skb_irq(data->acl_skb);
1097 data->acl_skb = NULL;
1099 dev_kfree_skb_irq(data->sco_skb);
1100 data->sco_skb = NULL;
1102 spin_unlock_irqrestore(&data->rxlock, flags);
1105 static int btusb_recv_event(struct btusb_data *data, struct sk_buff *skb)
1107 if (data->intr_interval) {
1108 /* Trigger dequeue immediatelly if an event is received */
1109 schedule_delayed_work(&data->rx_work, 0);
1112 return data->recv_event(data->hdev, skb);
1115 static int btusb_recv_intr(struct btusb_data *data, void *buffer, int count)
1117 struct sk_buff *skb;
1118 unsigned long flags;
1121 spin_lock_irqsave(&data->rxlock, flags);
1122 skb = data->evt_skb;
1128 skb = bt_skb_alloc(HCI_MAX_EVENT_SIZE, GFP_ATOMIC);
1134 hci_skb_pkt_type(skb) = HCI_EVENT_PKT;
1135 hci_skb_expect(skb) = HCI_EVENT_HDR_SIZE;
1138 len = min_t(uint, hci_skb_expect(skb), count);
1139 skb_put_data(skb, buffer, len);
1143 hci_skb_expect(skb) -= len;
1145 if (skb->len == HCI_EVENT_HDR_SIZE) {
1146 /* Complete event header */
1147 hci_skb_expect(skb) = hci_event_hdr(skb)->plen;
1149 if (skb_tailroom(skb) < hci_skb_expect(skb)) {
1158 if (!hci_skb_expect(skb)) {
1159 /* Complete frame */
1160 btusb_recv_event(data, skb);
1165 data->evt_skb = skb;
1166 spin_unlock_irqrestore(&data->rxlock, flags);
1171 static int btusb_recv_acl(struct btusb_data *data, struct sk_buff *skb)
1173 /* Only queue ACL packet if intr_interval is set as it means
1174 * force_poll_sync has been enabled.
1176 if (!data->intr_interval)
1177 return data->recv_acl(data->hdev, skb);
1179 skb_queue_tail(&data->acl_q, skb);
1180 schedule_delayed_work(&data->rx_work, data->intr_interval);
1185 static int btusb_recv_bulk(struct btusb_data *data, void *buffer, int count)
1187 struct sk_buff *skb;
1188 unsigned long flags;
1191 spin_lock_irqsave(&data->rxlock, flags);
1192 skb = data->acl_skb;
1198 skb = bt_skb_alloc(HCI_MAX_FRAME_SIZE, GFP_ATOMIC);
1204 hci_skb_pkt_type(skb) = HCI_ACLDATA_PKT;
1205 hci_skb_expect(skb) = HCI_ACL_HDR_SIZE;
1208 len = min_t(uint, hci_skb_expect(skb), count);
1209 skb_put_data(skb, buffer, len);
1213 hci_skb_expect(skb) -= len;
1215 if (skb->len == HCI_ACL_HDR_SIZE) {
1216 __le16 dlen = hci_acl_hdr(skb)->dlen;
1218 /* Complete ACL header */
1219 hci_skb_expect(skb) = __le16_to_cpu(dlen);
1221 if (skb_tailroom(skb) < hci_skb_expect(skb)) {
1230 if (!hci_skb_expect(skb)) {
1231 /* Complete frame */
1232 btusb_recv_acl(data, skb);
1237 data->acl_skb = skb;
1238 spin_unlock_irqrestore(&data->rxlock, flags);
1243 static bool btusb_validate_sco_handle(struct hci_dev *hdev,
1244 struct hci_sco_hdr *hdr)
1248 if (hci_dev_test_flag(hdev, HCI_USER_CHANNEL))
1249 // Can't validate, userspace controls everything.
1253 * USB isochronous transfers are not designed to be reliable and may
1254 * lose fragments. When this happens, the next first fragment
1255 * encountered might actually be a continuation fragment.
1256 * Validate the handle to detect it and drop it, or else the upper
1257 * layer will get garbage for a while.
1260 handle = hci_handle(__le16_to_cpu(hdr->handle));
1262 switch (hci_conn_lookup_type(hdev, handle)) {
1271 static int btusb_recv_isoc(struct btusb_data *data, void *buffer, int count)
1273 struct sk_buff *skb;
1274 unsigned long flags;
1277 spin_lock_irqsave(&data->rxlock, flags);
1278 skb = data->sco_skb;
1284 skb = bt_skb_alloc(HCI_MAX_SCO_SIZE, GFP_ATOMIC);
1290 hci_skb_pkt_type(skb) = HCI_SCODATA_PKT;
1291 hci_skb_expect(skb) = HCI_SCO_HDR_SIZE;
1294 len = min_t(uint, hci_skb_expect(skb), count);
1295 skb_put_data(skb, buffer, len);
1299 hci_skb_expect(skb) -= len;
1301 if (skb->len == HCI_SCO_HDR_SIZE) {
1302 /* Complete SCO header */
1303 struct hci_sco_hdr *hdr = hci_sco_hdr(skb);
1305 hci_skb_expect(skb) = hdr->dlen;
1307 if (skb_tailroom(skb) < hci_skb_expect(skb) ||
1308 !btusb_validate_sco_handle(data->hdev, hdr)) {
1317 if (!hci_skb_expect(skb)) {
1318 /* Complete frame */
1319 hci_recv_frame(data->hdev, skb);
1324 data->sco_skb = skb;
1325 spin_unlock_irqrestore(&data->rxlock, flags);
1330 static void btusb_intr_complete(struct urb *urb)
1332 struct hci_dev *hdev = urb->context;
1333 struct btusb_data *data = hci_get_drvdata(hdev);
1336 BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status,
1337 urb->actual_length);
1339 if (!test_bit(HCI_RUNNING, &hdev->flags))
1342 if (urb->status == 0) {
1343 hdev->stat.byte_rx += urb->actual_length;
1345 if (btusb_recv_intr(data, urb->transfer_buffer,
1346 urb->actual_length) < 0) {
1347 bt_dev_err(hdev, "corrupted event packet");
1348 hdev->stat.err_rx++;
1350 } else if (urb->status == -ENOENT) {
1351 /* Avoid suspend failed when usb_kill_urb */
1355 if (!test_bit(BTUSB_INTR_RUNNING, &data->flags))
1358 usb_mark_last_busy(data->udev);
1359 usb_anchor_urb(urb, &data->intr_anchor);
1361 err = usb_submit_urb(urb, GFP_ATOMIC);
1363 /* -EPERM: urb is being killed;
1364 * -ENODEV: device got disconnected
1366 if (err != -EPERM && err != -ENODEV)
1367 bt_dev_err(hdev, "urb %p failed to resubmit (%d)",
1370 hci_cmd_sync_cancel(hdev, -err);
1371 usb_unanchor_urb(urb);
1375 static int btusb_submit_intr_urb(struct hci_dev *hdev, gfp_t mem_flags)
1377 struct btusb_data *data = hci_get_drvdata(hdev);
1383 BT_DBG("%s", hdev->name);
1388 urb = usb_alloc_urb(0, mem_flags);
1392 size = le16_to_cpu(data->intr_ep->wMaxPacketSize);
1394 buf = kmalloc(size, mem_flags);
1400 pipe = usb_rcvintpipe(data->udev, data->intr_ep->bEndpointAddress);
1402 usb_fill_int_urb(urb, data->udev, pipe, buf, size,
1403 btusb_intr_complete, hdev, data->intr_ep->bInterval);
1405 urb->transfer_flags |= URB_FREE_BUFFER;
1407 usb_anchor_urb(urb, &data->intr_anchor);
1409 err = usb_submit_urb(urb, mem_flags);
1411 if (err != -EPERM && err != -ENODEV)
1412 bt_dev_err(hdev, "urb %p submission failed (%d)",
1415 hci_cmd_sync_cancel(hdev, -err);
1416 usb_unanchor_urb(urb);
1419 /* Only initialize intr_interval if URB poll sync is enabled */
1420 if (!data->poll_sync)
1423 /* The units are frames (milliseconds) for full and low speed devices,
1424 * and microframes (1/8 millisecond) for highspeed and SuperSpeed
1427 * This is done once on open/resume so it shouldn't change even if
1428 * force_poll_sync changes.
1430 switch (urb->dev->speed) {
1431 case USB_SPEED_SUPER_PLUS:
1432 case USB_SPEED_SUPER: /* units are 125us */
1433 data->intr_interval = usecs_to_jiffies(urb->interval * 125);
1436 data->intr_interval = msecs_to_jiffies(urb->interval);
1446 static void btusb_bulk_complete(struct urb *urb)
1448 struct hci_dev *hdev = urb->context;
1449 struct btusb_data *data = hci_get_drvdata(hdev);
1452 BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status,
1453 urb->actual_length);
1455 if (!test_bit(HCI_RUNNING, &hdev->flags))
1458 if (urb->status == 0) {
1459 hdev->stat.byte_rx += urb->actual_length;
1461 if (data->recv_bulk(data, urb->transfer_buffer,
1462 urb->actual_length) < 0) {
1463 bt_dev_err(hdev, "corrupted ACL packet");
1464 hdev->stat.err_rx++;
1466 } else if (urb->status == -ENOENT) {
1467 /* Avoid suspend failed when usb_kill_urb */
1471 if (!test_bit(BTUSB_BULK_RUNNING, &data->flags))
1474 usb_anchor_urb(urb, &data->bulk_anchor);
1475 usb_mark_last_busy(data->udev);
1477 err = usb_submit_urb(urb, GFP_ATOMIC);
1479 /* -EPERM: urb is being killed;
1480 * -ENODEV: device got disconnected
1482 if (err != -EPERM && err != -ENODEV)
1483 bt_dev_err(hdev, "urb %p failed to resubmit (%d)",
1485 usb_unanchor_urb(urb);
1489 static int btusb_submit_bulk_urb(struct hci_dev *hdev, gfp_t mem_flags)
1491 struct btusb_data *data = hci_get_drvdata(hdev);
1495 int err, size = HCI_MAX_FRAME_SIZE;
1497 BT_DBG("%s", hdev->name);
1499 if (!data->bulk_rx_ep)
1502 urb = usb_alloc_urb(0, mem_flags);
1506 buf = kmalloc(size, mem_flags);
1512 pipe = usb_rcvbulkpipe(data->udev, data->bulk_rx_ep->bEndpointAddress);
1514 usb_fill_bulk_urb(urb, data->udev, pipe, buf, size,
1515 btusb_bulk_complete, hdev);
1517 urb->transfer_flags |= URB_FREE_BUFFER;
1519 usb_mark_last_busy(data->udev);
1520 usb_anchor_urb(urb, &data->bulk_anchor);
1522 err = usb_submit_urb(urb, mem_flags);
1524 if (err != -EPERM && err != -ENODEV)
1525 bt_dev_err(hdev, "urb %p submission failed (%d)",
1527 usb_unanchor_urb(urb);
1535 static void btusb_isoc_complete(struct urb *urb)
1537 struct hci_dev *hdev = urb->context;
1538 struct btusb_data *data = hci_get_drvdata(hdev);
1541 BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status,
1542 urb->actual_length);
1544 if (!test_bit(HCI_RUNNING, &hdev->flags))
1547 if (urb->status == 0) {
1548 for (i = 0; i < urb->number_of_packets; i++) {
1549 unsigned int offset = urb->iso_frame_desc[i].offset;
1550 unsigned int length = urb->iso_frame_desc[i].actual_length;
1552 if (urb->iso_frame_desc[i].status)
1555 hdev->stat.byte_rx += length;
1557 if (btusb_recv_isoc(data, urb->transfer_buffer + offset,
1559 bt_dev_err(hdev, "corrupted SCO packet");
1560 hdev->stat.err_rx++;
1563 } else if (urb->status == -ENOENT) {
1564 /* Avoid suspend failed when usb_kill_urb */
1568 if (!test_bit(BTUSB_ISOC_RUNNING, &data->flags))
1571 usb_anchor_urb(urb, &data->isoc_anchor);
1573 err = usb_submit_urb(urb, GFP_ATOMIC);
1575 /* -EPERM: urb is being killed;
1576 * -ENODEV: device got disconnected
1578 if (err != -EPERM && err != -ENODEV)
1579 bt_dev_err(hdev, "urb %p failed to resubmit (%d)",
1581 usb_unanchor_urb(urb);
1585 static inline void __fill_isoc_descriptor_msbc(struct urb *urb, int len,
1586 int mtu, struct btusb_data *data)
1588 int i = 0, offset = 0;
1589 unsigned int interval;
1591 BT_DBG("len %d mtu %d", len, mtu);
1593 /* For mSBC ALT 6 settings some chips need to transmit the data
1594 * continuously without the zero length of USB packets.
1596 if (test_bit(BTUSB_ALT6_CONTINUOUS_TX, &data->flags))
1597 goto ignore_usb_alt6_packet_flow;
1599 /* For mSBC ALT 6 setting the host will send the packet at continuous
1600 * flow. As per core spec 5, vol 4, part B, table 2.1. For ALT setting
1601 * 6 the HCI PACKET INTERVAL should be 7.5ms for every usb packets.
1602 * To maintain the rate we send 63bytes of usb packets alternatively for
1603 * 7ms and 8ms to maintain the rate as 7.5ms.
1605 if (data->usb_alt6_packet_flow) {
1607 data->usb_alt6_packet_flow = false;
1610 data->usb_alt6_packet_flow = true;
1613 for (i = 0; i < interval; i++) {
1614 urb->iso_frame_desc[i].offset = offset;
1615 urb->iso_frame_desc[i].length = offset;
1618 ignore_usb_alt6_packet_flow:
1619 if (len && i < BTUSB_MAX_ISOC_FRAMES) {
1620 urb->iso_frame_desc[i].offset = offset;
1621 urb->iso_frame_desc[i].length = len;
1625 urb->number_of_packets = i;
1628 static inline void __fill_isoc_descriptor(struct urb *urb, int len, int mtu)
1632 BT_DBG("len %d mtu %d", len, mtu);
1634 for (i = 0; i < BTUSB_MAX_ISOC_FRAMES && len >= mtu;
1635 i++, offset += mtu, len -= mtu) {
1636 urb->iso_frame_desc[i].offset = offset;
1637 urb->iso_frame_desc[i].length = mtu;
1640 if (len && i < BTUSB_MAX_ISOC_FRAMES) {
1641 urb->iso_frame_desc[i].offset = offset;
1642 urb->iso_frame_desc[i].length = len;
1646 urb->number_of_packets = i;
1649 static int btusb_submit_isoc_urb(struct hci_dev *hdev, gfp_t mem_flags)
1651 struct btusb_data *data = hci_get_drvdata(hdev);
1657 BT_DBG("%s", hdev->name);
1659 if (!data->isoc_rx_ep)
1662 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, mem_flags);
1666 size = le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize) *
1667 BTUSB_MAX_ISOC_FRAMES;
1669 buf = kmalloc(size, mem_flags);
1675 pipe = usb_rcvisocpipe(data->udev, data->isoc_rx_ep->bEndpointAddress);
1677 usb_fill_int_urb(urb, data->udev, pipe, buf, size, btusb_isoc_complete,
1678 hdev, data->isoc_rx_ep->bInterval);
1680 urb->transfer_flags = URB_FREE_BUFFER | URB_ISO_ASAP;
1682 __fill_isoc_descriptor(urb, size,
1683 le16_to_cpu(data->isoc_rx_ep->wMaxPacketSize));
1685 usb_anchor_urb(urb, &data->isoc_anchor);
1687 err = usb_submit_urb(urb, mem_flags);
1689 if (err != -EPERM && err != -ENODEV)
1690 bt_dev_err(hdev, "urb %p submission failed (%d)",
1692 usb_unanchor_urb(urb);
1700 static void btusb_diag_complete(struct urb *urb)
1702 struct hci_dev *hdev = urb->context;
1703 struct btusb_data *data = hci_get_drvdata(hdev);
1706 BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status,
1707 urb->actual_length);
1709 if (urb->status == 0) {
1710 struct sk_buff *skb;
1712 skb = bt_skb_alloc(urb->actual_length, GFP_ATOMIC);
1714 skb_put_data(skb, urb->transfer_buffer,
1715 urb->actual_length);
1716 hci_recv_diag(hdev, skb);
1718 } else if (urb->status == -ENOENT) {
1719 /* Avoid suspend failed when usb_kill_urb */
1723 if (!test_bit(BTUSB_DIAG_RUNNING, &data->flags))
1726 usb_anchor_urb(urb, &data->diag_anchor);
1727 usb_mark_last_busy(data->udev);
1729 err = usb_submit_urb(urb, GFP_ATOMIC);
1731 /* -EPERM: urb is being killed;
1732 * -ENODEV: device got disconnected
1734 if (err != -EPERM && err != -ENODEV)
1735 bt_dev_err(hdev, "urb %p failed to resubmit (%d)",
1737 usb_unanchor_urb(urb);
1741 static int btusb_submit_diag_urb(struct hci_dev *hdev, gfp_t mem_flags)
1743 struct btusb_data *data = hci_get_drvdata(hdev);
1747 int err, size = HCI_MAX_FRAME_SIZE;
1749 BT_DBG("%s", hdev->name);
1751 if (!data->diag_rx_ep)
1754 urb = usb_alloc_urb(0, mem_flags);
1758 buf = kmalloc(size, mem_flags);
1764 pipe = usb_rcvbulkpipe(data->udev, data->diag_rx_ep->bEndpointAddress);
1766 usb_fill_bulk_urb(urb, data->udev, pipe, buf, size,
1767 btusb_diag_complete, hdev);
1769 urb->transfer_flags |= URB_FREE_BUFFER;
1771 usb_mark_last_busy(data->udev);
1772 usb_anchor_urb(urb, &data->diag_anchor);
1774 err = usb_submit_urb(urb, mem_flags);
1776 if (err != -EPERM && err != -ENODEV)
1777 bt_dev_err(hdev, "urb %p submission failed (%d)",
1779 usb_unanchor_urb(urb);
1787 static void btusb_tx_complete(struct urb *urb)
1789 struct sk_buff *skb = urb->context;
1790 struct hci_dev *hdev = (struct hci_dev *)skb->dev;
1791 struct btusb_data *data = hci_get_drvdata(hdev);
1792 unsigned long flags;
1794 BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status,
1795 urb->actual_length);
1797 if (!test_bit(HCI_RUNNING, &hdev->flags))
1801 hdev->stat.byte_tx += urb->transfer_buffer_length;
1803 if (hci_skb_pkt_type(skb) == HCI_COMMAND_PKT)
1804 hci_cmd_sync_cancel(hdev, -urb->status);
1805 hdev->stat.err_tx++;
1809 spin_lock_irqsave(&data->txlock, flags);
1810 data->tx_in_flight--;
1811 spin_unlock_irqrestore(&data->txlock, flags);
1813 kfree(urb->setup_packet);
1818 static void btusb_isoc_tx_complete(struct urb *urb)
1820 struct sk_buff *skb = urb->context;
1821 struct hci_dev *hdev = (struct hci_dev *)skb->dev;
1823 BT_DBG("%s urb %p status %d count %d", hdev->name, urb, urb->status,
1824 urb->actual_length);
1826 if (!test_bit(HCI_RUNNING, &hdev->flags))
1830 hdev->stat.byte_tx += urb->transfer_buffer_length;
1832 hdev->stat.err_tx++;
1835 kfree(urb->setup_packet);
1840 static int btusb_open(struct hci_dev *hdev)
1842 struct btusb_data *data = hci_get_drvdata(hdev);
1845 BT_DBG("%s", hdev->name);
1847 err = usb_autopm_get_interface(data->intf);
1851 /* Patching USB firmware files prior to starting any URBs of HCI path
1852 * It is more safe to use USB bulk channel for downloading USB patch
1854 if (data->setup_on_usb) {
1855 err = data->setup_on_usb(hdev);
1860 data->intf->needs_remote_wakeup = 1;
1862 if (test_and_set_bit(BTUSB_INTR_RUNNING, &data->flags))
1865 err = btusb_submit_intr_urb(hdev, GFP_KERNEL);
1869 err = btusb_submit_bulk_urb(hdev, GFP_KERNEL);
1871 usb_kill_anchored_urbs(&data->intr_anchor);
1875 set_bit(BTUSB_BULK_RUNNING, &data->flags);
1876 btusb_submit_bulk_urb(hdev, GFP_KERNEL);
1879 if (!btusb_submit_diag_urb(hdev, GFP_KERNEL))
1880 set_bit(BTUSB_DIAG_RUNNING, &data->flags);
1884 usb_autopm_put_interface(data->intf);
1888 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
1890 usb_autopm_put_interface(data->intf);
1894 static void btusb_stop_traffic(struct btusb_data *data)
1896 usb_kill_anchored_urbs(&data->intr_anchor);
1897 usb_kill_anchored_urbs(&data->bulk_anchor);
1898 usb_kill_anchored_urbs(&data->isoc_anchor);
1899 usb_kill_anchored_urbs(&data->diag_anchor);
1900 usb_kill_anchored_urbs(&data->ctrl_anchor);
1903 static int btusb_close(struct hci_dev *hdev)
1905 struct btusb_data *data = hci_get_drvdata(hdev);
1908 BT_DBG("%s", hdev->name);
1910 cancel_delayed_work(&data->rx_work);
1911 cancel_work_sync(&data->work);
1912 cancel_work_sync(&data->waker);
1914 skb_queue_purge(&data->acl_q);
1916 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
1917 clear_bit(BTUSB_BULK_RUNNING, &data->flags);
1918 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
1919 clear_bit(BTUSB_DIAG_RUNNING, &data->flags);
1921 btusb_stop_traffic(data);
1922 btusb_free_frags(data);
1924 err = usb_autopm_get_interface(data->intf);
1928 data->intf->needs_remote_wakeup = 0;
1930 /* Enable remote wake up for auto-suspend */
1931 if (test_bit(BTUSB_WAKEUP_AUTOSUSPEND, &data->flags))
1932 data->intf->needs_remote_wakeup = 1;
1934 usb_autopm_put_interface(data->intf);
1937 usb_scuttle_anchored_urbs(&data->deferred);
1941 static int btusb_flush(struct hci_dev *hdev)
1943 struct btusb_data *data = hci_get_drvdata(hdev);
1945 BT_DBG("%s", hdev->name);
1947 cancel_delayed_work(&data->rx_work);
1949 skb_queue_purge(&data->acl_q);
1951 usb_kill_anchored_urbs(&data->tx_anchor);
1952 btusb_free_frags(data);
1957 static struct urb *alloc_ctrl_urb(struct hci_dev *hdev, struct sk_buff *skb)
1959 struct btusb_data *data = hci_get_drvdata(hdev);
1960 struct usb_ctrlrequest *dr;
1964 urb = usb_alloc_urb(0, GFP_KERNEL);
1966 return ERR_PTR(-ENOMEM);
1968 dr = kmalloc(sizeof(*dr), GFP_KERNEL);
1971 return ERR_PTR(-ENOMEM);
1974 dr->bRequestType = data->cmdreq_type;
1975 dr->bRequest = data->cmdreq;
1978 dr->wLength = __cpu_to_le16(skb->len);
1980 pipe = usb_sndctrlpipe(data->udev, 0x00);
1982 usb_fill_control_urb(urb, data->udev, pipe, (void *)dr,
1983 skb->data, skb->len, btusb_tx_complete, skb);
1985 skb->dev = (void *)hdev;
1990 static struct urb *alloc_bulk_urb(struct hci_dev *hdev, struct sk_buff *skb)
1992 struct btusb_data *data = hci_get_drvdata(hdev);
1996 if (!data->bulk_tx_ep)
1997 return ERR_PTR(-ENODEV);
1999 urb = usb_alloc_urb(0, GFP_KERNEL);
2001 return ERR_PTR(-ENOMEM);
2003 pipe = usb_sndbulkpipe(data->udev, data->bulk_tx_ep->bEndpointAddress);
2005 usb_fill_bulk_urb(urb, data->udev, pipe,
2006 skb->data, skb->len, btusb_tx_complete, skb);
2008 skb->dev = (void *)hdev;
2013 static struct urb *alloc_isoc_urb(struct hci_dev *hdev, struct sk_buff *skb)
2015 struct btusb_data *data = hci_get_drvdata(hdev);
2019 if (!data->isoc_tx_ep)
2020 return ERR_PTR(-ENODEV);
2022 urb = usb_alloc_urb(BTUSB_MAX_ISOC_FRAMES, GFP_KERNEL);
2024 return ERR_PTR(-ENOMEM);
2026 pipe = usb_sndisocpipe(data->udev, data->isoc_tx_ep->bEndpointAddress);
2028 usb_fill_int_urb(urb, data->udev, pipe,
2029 skb->data, skb->len, btusb_isoc_tx_complete,
2030 skb, data->isoc_tx_ep->bInterval);
2032 urb->transfer_flags = URB_ISO_ASAP;
2034 if (data->isoc_altsetting == 6)
2035 __fill_isoc_descriptor_msbc(urb, skb->len,
2036 le16_to_cpu(data->isoc_tx_ep->wMaxPacketSize),
2039 __fill_isoc_descriptor(urb, skb->len,
2040 le16_to_cpu(data->isoc_tx_ep->wMaxPacketSize));
2041 skb->dev = (void *)hdev;
2046 static int submit_tx_urb(struct hci_dev *hdev, struct urb *urb)
2048 struct btusb_data *data = hci_get_drvdata(hdev);
2051 usb_anchor_urb(urb, &data->tx_anchor);
2053 err = usb_submit_urb(urb, GFP_KERNEL);
2055 if (err != -EPERM && err != -ENODEV)
2056 bt_dev_err(hdev, "urb %p submission failed (%d)",
2058 kfree(urb->setup_packet);
2059 usb_unanchor_urb(urb);
2061 usb_mark_last_busy(data->udev);
2068 static int submit_or_queue_tx_urb(struct hci_dev *hdev, struct urb *urb)
2070 struct btusb_data *data = hci_get_drvdata(hdev);
2071 unsigned long flags;
2074 spin_lock_irqsave(&data->txlock, flags);
2075 suspending = test_bit(BTUSB_SUSPENDING, &data->flags);
2077 data->tx_in_flight++;
2078 spin_unlock_irqrestore(&data->txlock, flags);
2081 return submit_tx_urb(hdev, urb);
2083 usb_anchor_urb(urb, &data->deferred);
2084 schedule_work(&data->waker);
2090 static int btusb_send_frame(struct hci_dev *hdev, struct sk_buff *skb)
2094 BT_DBG("%s", hdev->name);
2096 switch (hci_skb_pkt_type(skb)) {
2097 case HCI_COMMAND_PKT:
2098 urb = alloc_ctrl_urb(hdev, skb);
2100 return PTR_ERR(urb);
2102 hdev->stat.cmd_tx++;
2103 return submit_or_queue_tx_urb(hdev, urb);
2105 case HCI_ACLDATA_PKT:
2106 urb = alloc_bulk_urb(hdev, skb);
2108 return PTR_ERR(urb);
2110 hdev->stat.acl_tx++;
2111 return submit_or_queue_tx_urb(hdev, urb);
2113 case HCI_SCODATA_PKT:
2114 if (hci_conn_num(hdev, SCO_LINK) < 1)
2117 urb = alloc_isoc_urb(hdev, skb);
2119 return PTR_ERR(urb);
2121 hdev->stat.sco_tx++;
2122 return submit_tx_urb(hdev, urb);
2124 case HCI_ISODATA_PKT:
2125 urb = alloc_bulk_urb(hdev, skb);
2127 return PTR_ERR(urb);
2129 return submit_or_queue_tx_urb(hdev, urb);
2135 static void btusb_notify(struct hci_dev *hdev, unsigned int evt)
2137 struct btusb_data *data = hci_get_drvdata(hdev);
2139 BT_DBG("%s evt %d", hdev->name, evt);
2141 if (hci_conn_num(hdev, SCO_LINK) != data->sco_num) {
2142 data->sco_num = hci_conn_num(hdev, SCO_LINK);
2143 data->air_mode = evt;
2144 schedule_work(&data->work);
2148 static inline int __set_isoc_interface(struct hci_dev *hdev, int altsetting)
2150 struct btusb_data *data = hci_get_drvdata(hdev);
2151 struct usb_interface *intf = data->isoc;
2152 struct usb_endpoint_descriptor *ep_desc;
2158 err = usb_set_interface(data->udev, data->isoc_ifnum, altsetting);
2160 bt_dev_err(hdev, "setting interface failed (%d)", -err);
2164 data->isoc_altsetting = altsetting;
2166 data->isoc_tx_ep = NULL;
2167 data->isoc_rx_ep = NULL;
2169 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
2170 ep_desc = &intf->cur_altsetting->endpoint[i].desc;
2172 if (!data->isoc_tx_ep && usb_endpoint_is_isoc_out(ep_desc)) {
2173 data->isoc_tx_ep = ep_desc;
2177 if (!data->isoc_rx_ep && usb_endpoint_is_isoc_in(ep_desc)) {
2178 data->isoc_rx_ep = ep_desc;
2183 if (!data->isoc_tx_ep || !data->isoc_rx_ep) {
2184 bt_dev_err(hdev, "invalid SCO descriptors");
2191 static int btusb_switch_alt_setting(struct hci_dev *hdev, int new_alts)
2193 struct btusb_data *data = hci_get_drvdata(hdev);
2196 if (data->isoc_altsetting != new_alts) {
2197 unsigned long flags;
2199 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
2200 usb_kill_anchored_urbs(&data->isoc_anchor);
2202 /* When isochronous alternate setting needs to be
2203 * changed, because SCO connection has been added
2204 * or removed, a packet fragment may be left in the
2205 * reassembling state. This could lead to wrongly
2206 * assembled fragments.
2208 * Clear outstanding fragment when selecting a new
2209 * alternate setting.
2211 spin_lock_irqsave(&data->rxlock, flags);
2212 dev_kfree_skb_irq(data->sco_skb);
2213 data->sco_skb = NULL;
2214 spin_unlock_irqrestore(&data->rxlock, flags);
2216 err = __set_isoc_interface(hdev, new_alts);
2221 if (!test_and_set_bit(BTUSB_ISOC_RUNNING, &data->flags)) {
2222 if (btusb_submit_isoc_urb(hdev, GFP_KERNEL) < 0)
2223 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
2225 btusb_submit_isoc_urb(hdev, GFP_KERNEL);
2231 static struct usb_host_interface *btusb_find_altsetting(struct btusb_data *data,
2234 struct usb_interface *intf = data->isoc;
2237 BT_DBG("Looking for Alt no :%d", alt);
2242 for (i = 0; i < intf->num_altsetting; i++) {
2243 if (intf->altsetting[i].desc.bAlternateSetting == alt)
2244 return &intf->altsetting[i];
2250 static void btusb_work(struct work_struct *work)
2252 struct btusb_data *data = container_of(work, struct btusb_data, work);
2253 struct hci_dev *hdev = data->hdev;
2257 if (data->sco_num > 0) {
2258 if (!test_bit(BTUSB_DID_ISO_RESUME, &data->flags)) {
2259 err = usb_autopm_get_interface(data->isoc ? data->isoc : data->intf);
2261 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
2262 usb_kill_anchored_urbs(&data->isoc_anchor);
2266 set_bit(BTUSB_DID_ISO_RESUME, &data->flags);
2269 if (data->air_mode == HCI_NOTIFY_ENABLE_SCO_CVSD) {
2270 if (hdev->voice_setting & 0x0020) {
2271 static const int alts[3] = { 2, 4, 5 };
2273 new_alts = alts[data->sco_num - 1];
2275 new_alts = data->sco_num;
2277 } else if (data->air_mode == HCI_NOTIFY_ENABLE_SCO_TRANSP) {
2278 /* Bluetooth USB spec recommends alt 6 (63 bytes), but
2279 * many adapters do not support it. Alt 1 appears to
2280 * work for all adapters that do not have alt 6, and
2281 * which work with WBS at all. Some devices prefer
2282 * alt 3 (HCI payload >= 60 Bytes let air packet
2283 * data satisfy 60 bytes), requiring
2284 * MTU >= 3 (packets) * 25 (size) - 3 (headers) = 72
2285 * see also Core spec 5, vol 4, B 2.1.1 & Table 2.1.
2287 if (btusb_find_altsetting(data, 6))
2289 else if (btusb_find_altsetting(data, 3) &&
2290 hdev->sco_mtu >= 72 &&
2291 test_bit(BTUSB_USE_ALT3_FOR_WBS, &data->flags))
2297 if (btusb_switch_alt_setting(hdev, new_alts) < 0)
2298 bt_dev_err(hdev, "set USB alt:(%d) failed!", new_alts);
2300 usb_kill_anchored_urbs(&data->isoc_anchor);
2302 if (test_and_clear_bit(BTUSB_ISOC_RUNNING, &data->flags))
2303 __set_isoc_interface(hdev, 0);
2305 if (test_and_clear_bit(BTUSB_DID_ISO_RESUME, &data->flags))
2306 usb_autopm_put_interface(data->isoc ? data->isoc : data->intf);
2310 static void btusb_waker(struct work_struct *work)
2312 struct btusb_data *data = container_of(work, struct btusb_data, waker);
2315 err = usb_autopm_get_interface(data->intf);
2319 usb_autopm_put_interface(data->intf);
2322 static void btusb_rx_work(struct work_struct *work)
2324 struct btusb_data *data = container_of(work, struct btusb_data,
2326 struct sk_buff *skb;
2328 /* Dequeue ACL data received during the interval */
2329 while ((skb = skb_dequeue(&data->acl_q)))
2330 data->recv_acl(data->hdev, skb);
2333 static int btusb_setup_bcm92035(struct hci_dev *hdev)
2335 struct sk_buff *skb;
2338 BT_DBG("%s", hdev->name);
2340 skb = __hci_cmd_sync(hdev, 0xfc3b, 1, &val, HCI_INIT_TIMEOUT);
2342 bt_dev_err(hdev, "BCM92035 command failed (%ld)", PTR_ERR(skb));
2349 static int btusb_setup_csr(struct hci_dev *hdev)
2351 struct btusb_data *data = hci_get_drvdata(hdev);
2352 u16 bcdDevice = le16_to_cpu(data->udev->descriptor.bcdDevice);
2353 struct hci_rp_read_local_version *rp;
2354 struct sk_buff *skb;
2355 bool is_fake = false;
2358 BT_DBG("%s", hdev->name);
2360 skb = __hci_cmd_sync(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL,
2363 int err = PTR_ERR(skb);
2364 bt_dev_err(hdev, "CSR: Local version failed (%d)", err);
2368 rp = skb_pull_data(skb, sizeof(*rp));
2370 bt_dev_err(hdev, "CSR: Local version length mismatch");
2375 bt_dev_info(hdev, "CSR: Setting up dongle with HCI ver=%u rev=%04x",
2376 rp->hci_ver, le16_to_cpu(rp->hci_rev));
2378 bt_dev_info(hdev, "LMP ver=%u subver=%04x; manufacturer=%u",
2379 rp->lmp_ver, le16_to_cpu(rp->lmp_subver),
2380 le16_to_cpu(rp->manufacturer));
2382 /* Detect a wide host of Chinese controllers that aren't CSR.
2384 * Known fake bcdDevices: 0x0100, 0x0134, 0x1915, 0x2520, 0x7558, 0x8891
2386 * The main thing they have in common is that these are really popular low-cost
2387 * options that support newer Bluetooth versions but rely on heavy VID/PID
2388 * squatting of this poor old Bluetooth 1.1 device. Even sold as such.
2390 * We detect actual CSR devices by checking that the HCI manufacturer code
2391 * is Cambridge Silicon Radio (10) and ensuring that LMP sub-version and
2392 * HCI rev values always match. As they both store the firmware number.
2394 if (le16_to_cpu(rp->manufacturer) != 10 ||
2395 le16_to_cpu(rp->hci_rev) != le16_to_cpu(rp->lmp_subver))
2398 /* Known legit CSR firmware build numbers and their supported BT versions:
2399 * - 1.1 (0x1) -> 0x0073, 0x020d, 0x033c, 0x034e
2400 * - 1.2 (0x2) -> 0x04d9, 0x0529
2401 * - 2.0 (0x3) -> 0x07a6, 0x07ad, 0x0c5c
2402 * - 2.1 (0x4) -> 0x149c, 0x1735, 0x1899 (0x1899 is a BlueCore4-External)
2403 * - 4.0 (0x6) -> 0x1d86, 0x2031, 0x22bb
2405 * e.g. Real CSR dongles with LMP subversion 0x73 are old enough that
2406 * support BT 1.1 only; so it's a dead giveaway when some
2407 * third-party BT 4.0 dongle reuses it.
2409 else if (le16_to_cpu(rp->lmp_subver) <= 0x034e &&
2410 rp->hci_ver > BLUETOOTH_VER_1_1)
2413 else if (le16_to_cpu(rp->lmp_subver) <= 0x0529 &&
2414 rp->hci_ver > BLUETOOTH_VER_1_2)
2417 else if (le16_to_cpu(rp->lmp_subver) <= 0x0c5c &&
2418 rp->hci_ver > BLUETOOTH_VER_2_0)
2421 else if (le16_to_cpu(rp->lmp_subver) <= 0x1899 &&
2422 rp->hci_ver > BLUETOOTH_VER_2_1)
2425 else if (le16_to_cpu(rp->lmp_subver) <= 0x22bb &&
2426 rp->hci_ver > BLUETOOTH_VER_4_0)
2429 /* Other clones which beat all the above checks */
2430 else if (bcdDevice == 0x0134 &&
2431 le16_to_cpu(rp->lmp_subver) == 0x0c5c &&
2432 rp->hci_ver == BLUETOOTH_VER_2_0)
2436 bt_dev_warn(hdev, "CSR: Unbranded CSR clone detected; adding workarounds and force-suspending once...");
2438 /* Generally these clones have big discrepancies between
2439 * advertised features and what's actually supported.
2440 * Probably will need to be expanded in the future;
2441 * without these the controller will lock up.
2443 set_bit(HCI_QUIRK_BROKEN_STORED_LINK_KEY, &hdev->quirks);
2444 set_bit(HCI_QUIRK_BROKEN_ERR_DATA_REPORTING, &hdev->quirks);
2445 set_bit(HCI_QUIRK_BROKEN_FILTER_CLEAR_ALL, &hdev->quirks);
2446 set_bit(HCI_QUIRK_NO_SUSPEND_NOTIFIER, &hdev->quirks);
2448 /* Clear the reset quirk since this is not an actual
2449 * early Bluetooth 1.1 device from CSR.
2451 clear_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks);
2452 clear_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks);
2455 * Special workaround for these BT 4.0 chip clones, and potentially more:
2457 * - 0x0134: a Barrot 8041a02 (HCI rev: 0x0810 sub: 0x1012)
2458 * - 0x7558: IC markings FR3191AHAL 749H15143 (HCI rev/sub-version: 0x0709)
2460 * These controllers are really messed-up.
2462 * 1. Their bulk RX endpoint will never report any data unless
2463 * the device was suspended at least once (yes, really).
2464 * 2. They will not wakeup when autosuspended and receiving data
2465 * on their bulk RX endpoint from e.g. a keyboard or mouse
2466 * (IOW remote-wakeup support is broken for the bulk endpoint).
2468 * To fix 1. enable runtime-suspend, force-suspend the
2469 * HCI and then wake-it up by disabling runtime-suspend.
2471 * To fix 2. clear the HCI's can_wake flag, this way the HCI
2472 * will still be autosuspended when it is not open.
2476 * Because these are widespread problems we prefer generic solutions; so
2477 * apply this initialization quirk to every controller that gets here,
2478 * it should be harmless. The alternative is to not work at all.
2480 pm_runtime_allow(&data->udev->dev);
2482 ret = pm_runtime_suspend(&data->udev->dev);
2486 bt_dev_warn(hdev, "CSR: Couldn't suspend the device for our Barrot 8041a02 receive-issue workaround");
2488 pm_runtime_forbid(&data->udev->dev);
2490 device_set_wakeup_capable(&data->udev->dev, false);
2492 /* Re-enable autosuspend if this was requested */
2493 if (enable_autosuspend)
2494 usb_enable_autosuspend(data->udev);
2502 static int inject_cmd_complete(struct hci_dev *hdev, __u16 opcode)
2504 struct sk_buff *skb;
2505 struct hci_event_hdr *hdr;
2506 struct hci_ev_cmd_complete *evt;
2508 skb = bt_skb_alloc(sizeof(*hdr) + sizeof(*evt) + 1, GFP_KERNEL);
2512 hdr = skb_put(skb, sizeof(*hdr));
2513 hdr->evt = HCI_EV_CMD_COMPLETE;
2514 hdr->plen = sizeof(*evt) + 1;
2516 evt = skb_put(skb, sizeof(*evt));
2518 evt->opcode = cpu_to_le16(opcode);
2520 skb_put_u8(skb, 0x00);
2522 hci_skb_pkt_type(skb) = HCI_EVENT_PKT;
2524 return hci_recv_frame(hdev, skb);
2527 static int btusb_recv_bulk_intel(struct btusb_data *data, void *buffer,
2530 struct hci_dev *hdev = data->hdev;
2532 /* When the device is in bootloader mode, then it can send
2533 * events via the bulk endpoint. These events are treated the
2534 * same way as the ones received from the interrupt endpoint.
2536 if (btintel_test_flag(hdev, INTEL_BOOTLOADER))
2537 return btusb_recv_intr(data, buffer, count);
2539 return btusb_recv_bulk(data, buffer, count);
2542 static int btusb_send_frame_intel(struct hci_dev *hdev, struct sk_buff *skb)
2546 BT_DBG("%s", hdev->name);
2548 switch (hci_skb_pkt_type(skb)) {
2549 case HCI_COMMAND_PKT:
2550 if (btintel_test_flag(hdev, INTEL_BOOTLOADER)) {
2551 struct hci_command_hdr *cmd = (void *)skb->data;
2552 __u16 opcode = le16_to_cpu(cmd->opcode);
2554 /* When in bootloader mode and the command 0xfc09
2555 * is received, it needs to be send down the
2556 * bulk endpoint. So allocate a bulk URB instead.
2558 if (opcode == 0xfc09)
2559 urb = alloc_bulk_urb(hdev, skb);
2561 urb = alloc_ctrl_urb(hdev, skb);
2563 /* When the 0xfc01 command is issued to boot into
2564 * the operational firmware, it will actually not
2565 * send a command complete event. To keep the flow
2566 * control working inject that event here.
2568 if (opcode == 0xfc01)
2569 inject_cmd_complete(hdev, opcode);
2571 urb = alloc_ctrl_urb(hdev, skb);
2574 return PTR_ERR(urb);
2576 hdev->stat.cmd_tx++;
2577 return submit_or_queue_tx_urb(hdev, urb);
2579 case HCI_ACLDATA_PKT:
2580 urb = alloc_bulk_urb(hdev, skb);
2582 return PTR_ERR(urb);
2584 hdev->stat.acl_tx++;
2585 return submit_or_queue_tx_urb(hdev, urb);
2587 case HCI_SCODATA_PKT:
2588 if (hci_conn_num(hdev, SCO_LINK) < 1)
2591 urb = alloc_isoc_urb(hdev, skb);
2593 return PTR_ERR(urb);
2595 hdev->stat.sco_tx++;
2596 return submit_tx_urb(hdev, urb);
2598 case HCI_ISODATA_PKT:
2599 urb = alloc_bulk_urb(hdev, skb);
2601 return PTR_ERR(urb);
2603 return submit_or_queue_tx_urb(hdev, urb);
2609 static int btusb_setup_realtek(struct hci_dev *hdev)
2611 struct btusb_data *data = hci_get_drvdata(hdev);
2614 ret = btrtl_setup_realtek(hdev);
2616 if (btrealtek_test_flag(data->hdev, REALTEK_ALT6_CONTINUOUS_TX_CHIP))
2617 set_bit(BTUSB_ALT6_CONTINUOUS_TX, &data->flags);
2622 static int btusb_recv_event_realtek(struct hci_dev *hdev, struct sk_buff *skb)
2624 if (skb->data[0] == HCI_VENDOR_PKT && skb->data[2] == RTK_SUB_EVENT_CODE_COREDUMP) {
2625 struct rtk_dev_coredump_hdr hdr = {
2626 .code = RTK_DEVCOREDUMP_CODE_MEMDUMP,
2629 bt_dev_dbg(hdev, "RTL: received coredump vendor evt, len %u",
2632 btusb_rtl_alloc_devcoredump(hdev, &hdr, skb->data, skb->len);
2638 return hci_recv_frame(hdev, skb);
2641 /* UHW CR mapping */
2642 #define MTK_BT_MISC 0x70002510
2643 #define MTK_BT_SUBSYS_RST 0x70002610
2644 #define MTK_UDMA_INT_STA_BT 0x74000024
2645 #define MTK_UDMA_INT_STA_BT1 0x74000308
2646 #define MTK_BT_WDT_STATUS 0x740003A0
2647 #define MTK_EP_RST_OPT 0x74011890
2648 #define MTK_EP_RST_IN_OUT_OPT 0x00010001
2649 #define MTK_BT_RST_DONE 0x00000100
2650 #define MTK_BT_RESET_REG_CONNV3 0x70028610
2651 #define MTK_BT_READ_DEV_ID 0x70010200
2654 static void btusb_mtk_wmt_recv(struct urb *urb)
2656 struct hci_dev *hdev = urb->context;
2657 struct btusb_data *data = hci_get_drvdata(hdev);
2658 struct sk_buff *skb;
2661 if (urb->status == 0 && urb->actual_length > 0) {
2662 hdev->stat.byte_rx += urb->actual_length;
2664 /* WMT event shouldn't be fragmented and the size should be
2665 * less than HCI_WMT_MAX_EVENT_SIZE.
2667 skb = bt_skb_alloc(HCI_WMT_MAX_EVENT_SIZE, GFP_ATOMIC);
2669 hdev->stat.err_rx++;
2670 kfree(urb->setup_packet);
2674 hci_skb_pkt_type(skb) = HCI_EVENT_PKT;
2675 skb_put_data(skb, urb->transfer_buffer, urb->actual_length);
2677 /* When someone waits for the WMT event, the skb is being cloned
2678 * and being processed the events from there then.
2680 if (test_bit(BTUSB_TX_WAIT_VND_EVT, &data->flags)) {
2681 data->evt_skb = skb_clone(skb, GFP_ATOMIC);
2682 if (!data->evt_skb) {
2684 kfree(urb->setup_packet);
2689 err = hci_recv_frame(hdev, skb);
2691 kfree_skb(data->evt_skb);
2692 data->evt_skb = NULL;
2693 kfree(urb->setup_packet);
2697 if (test_and_clear_bit(BTUSB_TX_WAIT_VND_EVT,
2699 /* Barrier to sync with other CPUs */
2700 smp_mb__after_atomic();
2701 wake_up_bit(&data->flags,
2702 BTUSB_TX_WAIT_VND_EVT);
2704 kfree(urb->setup_packet);
2706 } else if (urb->status == -ENOENT) {
2707 /* Avoid suspend failed when usb_kill_urb */
2711 usb_mark_last_busy(data->udev);
2713 /* The URB complete handler is still called with urb->actual_length = 0
2714 * when the event is not available, so we should keep re-submitting
2715 * URB until WMT event returns, Also, It's necessary to wait some time
2716 * between the two consecutive control URBs to relax the target device
2717 * to generate the event. Otherwise, the WMT event cannot return from
2718 * the device successfully.
2722 usb_anchor_urb(urb, &data->ctrl_anchor);
2723 err = usb_submit_urb(urb, GFP_ATOMIC);
2725 kfree(urb->setup_packet);
2726 /* -EPERM: urb is being killed;
2727 * -ENODEV: device got disconnected
2729 if (err != -EPERM && err != -ENODEV)
2730 bt_dev_err(hdev, "urb %p failed to resubmit (%d)",
2732 usb_unanchor_urb(urb);
2736 static int btusb_mtk_submit_wmt_recv_urb(struct hci_dev *hdev)
2738 struct btusb_data *data = hci_get_drvdata(hdev);
2739 struct usb_ctrlrequest *dr;
2745 urb = usb_alloc_urb(0, GFP_KERNEL);
2749 dr = kmalloc(sizeof(*dr), GFP_KERNEL);
2755 dr->bRequestType = USB_TYPE_VENDOR | USB_DIR_IN;
2757 dr->wIndex = cpu_to_le16(0);
2758 dr->wValue = cpu_to_le16(48);
2759 dr->wLength = cpu_to_le16(size);
2761 buf = kmalloc(size, GFP_KERNEL);
2768 pipe = usb_rcvctrlpipe(data->udev, 0);
2770 usb_fill_control_urb(urb, data->udev, pipe, (void *)dr,
2771 buf, size, btusb_mtk_wmt_recv, hdev);
2773 urb->transfer_flags |= URB_FREE_BUFFER;
2775 usb_anchor_urb(urb, &data->ctrl_anchor);
2776 err = usb_submit_urb(urb, GFP_KERNEL);
2778 if (err != -EPERM && err != -ENODEV)
2779 bt_dev_err(hdev, "urb %p submission failed (%d)",
2781 usb_unanchor_urb(urb);
2789 static int btusb_mtk_hci_wmt_sync(struct hci_dev *hdev,
2790 struct btmtk_hci_wmt_params *wmt_params)
2792 struct btusb_data *data = hci_get_drvdata(hdev);
2793 struct btmtk_hci_wmt_evt_funcc *wmt_evt_funcc;
2794 u32 hlen, status = BTMTK_WMT_INVALID;
2795 struct btmtk_hci_wmt_evt *wmt_evt;
2796 struct btmtk_hci_wmt_cmd *wc;
2797 struct btmtk_wmt_hdr *hdr;
2800 /* Send the WMT command and wait until the WMT event returns */
2801 hlen = sizeof(*hdr) + wmt_params->dlen;
2805 wc = kzalloc(hlen, GFP_KERNEL);
2811 hdr->op = wmt_params->op;
2812 hdr->dlen = cpu_to_le16(wmt_params->dlen + 1);
2813 hdr->flag = wmt_params->flag;
2814 memcpy(wc->data, wmt_params->data, wmt_params->dlen);
2816 set_bit(BTUSB_TX_WAIT_VND_EVT, &data->flags);
2818 /* WMT cmd/event doesn't follow up the generic HCI cmd/event handling,
2819 * it needs constantly polling control pipe until the host received the
2820 * WMT event, thus, we should require to specifically acquire PM counter
2821 * on the USB to prevent the interface from entering auto suspended
2822 * while WMT cmd/event in progress.
2824 err = usb_autopm_get_interface(data->intf);
2828 err = __hci_cmd_send(hdev, 0xfc6f, hlen, wc);
2831 clear_bit(BTUSB_TX_WAIT_VND_EVT, &data->flags);
2832 usb_autopm_put_interface(data->intf);
2836 /* Submit control IN URB on demand to process the WMT event */
2837 err = btusb_mtk_submit_wmt_recv_urb(hdev);
2839 usb_autopm_put_interface(data->intf);
2844 /* The vendor specific WMT commands are all answered by a vendor
2845 * specific event and will have the Command Status or Command
2846 * Complete as with usual HCI command flow control.
2848 * After sending the command, wait for BTUSB_TX_WAIT_VND_EVT
2849 * state to be cleared. The driver specific event receive routine
2850 * will clear that state and with that indicate completion of the
2853 err = wait_on_bit_timeout(&data->flags, BTUSB_TX_WAIT_VND_EVT,
2854 TASK_INTERRUPTIBLE, HCI_INIT_TIMEOUT);
2855 if (err == -EINTR) {
2856 bt_dev_err(hdev, "Execution of wmt command interrupted");
2857 clear_bit(BTUSB_TX_WAIT_VND_EVT, &data->flags);
2862 bt_dev_err(hdev, "Execution of wmt command timed out");
2863 clear_bit(BTUSB_TX_WAIT_VND_EVT, &data->flags);
2868 if (data->evt_skb == NULL)
2871 /* Parse and handle the return WMT event */
2872 wmt_evt = (struct btmtk_hci_wmt_evt *)data->evt_skb->data;
2873 if (wmt_evt->whdr.op != hdr->op) {
2874 bt_dev_err(hdev, "Wrong op received %d expected %d",
2875 wmt_evt->whdr.op, hdr->op);
2880 switch (wmt_evt->whdr.op) {
2881 case BTMTK_WMT_SEMAPHORE:
2882 if (wmt_evt->whdr.flag == 2)
2883 status = BTMTK_WMT_PATCH_UNDONE;
2885 status = BTMTK_WMT_PATCH_DONE;
2887 case BTMTK_WMT_FUNC_CTRL:
2888 wmt_evt_funcc = (struct btmtk_hci_wmt_evt_funcc *)wmt_evt;
2889 if (be16_to_cpu(wmt_evt_funcc->status) == 0x404)
2890 status = BTMTK_WMT_ON_DONE;
2891 else if (be16_to_cpu(wmt_evt_funcc->status) == 0x420)
2892 status = BTMTK_WMT_ON_PROGRESS;
2894 status = BTMTK_WMT_ON_UNDONE;
2896 case BTMTK_WMT_PATCH_DWNLD:
2897 if (wmt_evt->whdr.flag == 2)
2898 status = BTMTK_WMT_PATCH_DONE;
2899 else if (wmt_evt->whdr.flag == 1)
2900 status = BTMTK_WMT_PATCH_PROGRESS;
2902 status = BTMTK_WMT_PATCH_UNDONE;
2906 if (wmt_params->status)
2907 *wmt_params->status = status;
2910 kfree_skb(data->evt_skb);
2911 data->evt_skb = NULL;
2917 static int btusb_mtk_func_query(struct hci_dev *hdev)
2919 struct btmtk_hci_wmt_params wmt_params;
2923 /* Query whether the function is enabled */
2924 wmt_params.op = BTMTK_WMT_FUNC_CTRL;
2925 wmt_params.flag = 4;
2926 wmt_params.dlen = sizeof(param);
2927 wmt_params.data = ¶m;
2928 wmt_params.status = &status;
2930 err = btusb_mtk_hci_wmt_sync(hdev, &wmt_params);
2932 bt_dev_err(hdev, "Failed to query function status (%d)", err);
2939 static int btusb_mtk_uhw_reg_write(struct btusb_data *data, u32 reg, u32 val)
2941 struct hci_dev *hdev = data->hdev;
2945 buf = kzalloc(4, GFP_KERNEL);
2949 put_unaligned_le32(val, buf);
2951 pipe = usb_sndctrlpipe(data->udev, 0);
2952 err = usb_control_msg(data->udev, pipe, 0x02,
2954 reg >> 16, reg & 0xffff,
2955 buf, 4, USB_CTRL_SET_TIMEOUT);
2957 bt_dev_err(hdev, "Failed to write uhw reg(%d)", err);
2967 static int btusb_mtk_uhw_reg_read(struct btusb_data *data, u32 reg, u32 *val)
2969 struct hci_dev *hdev = data->hdev;
2973 buf = kzalloc(4, GFP_KERNEL);
2977 pipe = usb_rcvctrlpipe(data->udev, 0);
2978 err = usb_control_msg(data->udev, pipe, 0x01,
2980 reg >> 16, reg & 0xffff,
2981 buf, 4, USB_CTRL_GET_TIMEOUT);
2983 bt_dev_err(hdev, "Failed to read uhw reg(%d)", err);
2987 *val = get_unaligned_le32(buf);
2988 bt_dev_dbg(hdev, "reg=%x, value=0x%08x", reg, *val);
2996 static int btusb_mtk_reg_read(struct btusb_data *data, u32 reg, u32 *val)
2998 int pipe, err, size = sizeof(u32);
3001 buf = kzalloc(size, GFP_KERNEL);
3005 pipe = usb_rcvctrlpipe(data->udev, 0);
3006 err = usb_control_msg(data->udev, pipe, 0x63,
3007 USB_TYPE_VENDOR | USB_DIR_IN,
3008 reg >> 16, reg & 0xffff,
3009 buf, size, USB_CTRL_GET_TIMEOUT);
3013 *val = get_unaligned_le32(buf);
3021 static int btusb_mtk_id_get(struct btusb_data *data, u32 reg, u32 *id)
3023 return btusb_mtk_reg_read(data, reg, id);
3026 static u32 btusb_mtk_reset_done(struct hci_dev *hdev)
3028 struct btusb_data *data = hci_get_drvdata(hdev);
3031 btusb_mtk_uhw_reg_read(data, MTK_BT_MISC, &val);
3033 return val & MTK_BT_RST_DONE;
3036 static int btusb_mtk_reset(struct hci_dev *hdev, void *rst_data)
3038 struct btusb_data *data = hci_get_drvdata(hdev);
3039 struct btmediatek_data *mediatek;
3043 /* It's MediaTek specific bluetooth reset mechanism via USB */
3044 if (test_and_set_bit(BTUSB_HW_RESET_ACTIVE, &data->flags)) {
3045 bt_dev_err(hdev, "last reset failed? Not resetting again");
3049 err = usb_autopm_get_interface(data->intf);
3053 btusb_stop_traffic(data);
3054 usb_kill_anchored_urbs(&data->tx_anchor);
3055 mediatek = hci_get_priv(hdev);
3057 if (mediatek->dev_id == 0x7925) {
3058 btusb_mtk_uhw_reg_read(data, MTK_BT_RESET_REG_CONNV3, &val);
3060 btusb_mtk_uhw_reg_write(data, MTK_BT_RESET_REG_CONNV3, val);
3061 btusb_mtk_uhw_reg_read(data, MTK_BT_RESET_REG_CONNV3, &val);
3064 btusb_mtk_uhw_reg_write(data, MTK_BT_RESET_REG_CONNV3, val);
3065 btusb_mtk_uhw_reg_write(data, MTK_EP_RST_OPT, 0x00010001);
3066 btusb_mtk_uhw_reg_read(data, MTK_BT_RESET_REG_CONNV3, &val);
3068 btusb_mtk_uhw_reg_write(data, MTK_BT_RESET_REG_CONNV3, val);
3069 btusb_mtk_uhw_reg_write(data, MTK_UDMA_INT_STA_BT, 0x000000FF);
3070 btusb_mtk_uhw_reg_read(data, MTK_UDMA_INT_STA_BT, &val);
3071 btusb_mtk_uhw_reg_write(data, MTK_UDMA_INT_STA_BT1, 0x000000FF);
3072 btusb_mtk_uhw_reg_read(data, MTK_UDMA_INT_STA_BT1, &val);
3075 /* It's Device EndPoint Reset Option Register */
3076 bt_dev_dbg(hdev, "Initiating reset mechanism via uhw");
3077 btusb_mtk_uhw_reg_write(data, MTK_EP_RST_OPT, MTK_EP_RST_IN_OUT_OPT);
3078 btusb_mtk_uhw_reg_read(data, MTK_BT_WDT_STATUS, &val);
3080 /* Reset the bluetooth chip via USB interface. */
3081 btusb_mtk_uhw_reg_write(data, MTK_BT_SUBSYS_RST, 1);
3082 btusb_mtk_uhw_reg_write(data, MTK_UDMA_INT_STA_BT, 0x000000FF);
3083 btusb_mtk_uhw_reg_read(data, MTK_UDMA_INT_STA_BT, &val);
3084 btusb_mtk_uhw_reg_write(data, MTK_UDMA_INT_STA_BT1, 0x000000FF);
3085 btusb_mtk_uhw_reg_read(data, MTK_UDMA_INT_STA_BT1, &val);
3086 /* MT7921 need to delay 20ms between toggle reset bit */
3088 btusb_mtk_uhw_reg_write(data, MTK_BT_SUBSYS_RST, 0);
3089 btusb_mtk_uhw_reg_read(data, MTK_BT_SUBSYS_RST, &val);
3092 err = readx_poll_timeout(btusb_mtk_reset_done, hdev, val,
3093 val & MTK_BT_RST_DONE, 20000, 1000000);
3095 bt_dev_err(hdev, "Reset timeout");
3097 btusb_mtk_id_get(data, 0x70010200, &val);
3099 bt_dev_err(hdev, "Can't get device id, subsys reset fail.");
3101 usb_queue_reset_device(data->intf);
3103 clear_bit(BTUSB_HW_RESET_ACTIVE, &data->flags);
3108 static int btusb_mtk_setup(struct hci_dev *hdev)
3110 struct btusb_data *data = hci_get_drvdata(hdev);
3111 struct btmtk_hci_wmt_params wmt_params;
3112 ktime_t calltime, delta, rettime;
3113 struct btmtk_tci_sleep tci_sleep;
3114 unsigned long long duration;
3115 struct sk_buff *skb;
3119 char fw_bin_name[64];
3120 u32 fw_version = 0, fw_flavor = 0;
3122 struct btmediatek_data *mediatek;
3124 calltime = ktime_get();
3126 err = btusb_mtk_id_get(data, 0x80000008, &dev_id);
3128 bt_dev_err(hdev, "Failed to get device id (%d)", err);
3132 if (!dev_id || dev_id != 0x7663) {
3133 err = btusb_mtk_id_get(data, 0x70010200, &dev_id);
3135 bt_dev_err(hdev, "Failed to get device id (%d)", err);
3138 err = btusb_mtk_id_get(data, 0x80021004, &fw_version);
3140 bt_dev_err(hdev, "Failed to get fw version (%d)", err);
3143 err = btusb_mtk_id_get(data, 0x70010020, &fw_flavor);
3145 bt_dev_err(hdev, "Failed to get fw flavor (%d)", err);
3148 fw_flavor = (fw_flavor & 0x00000080) >> 7;
3151 mediatek = hci_get_priv(hdev);
3152 mediatek->dev_id = dev_id;
3153 mediatek->reset_sync = btusb_mtk_reset;
3155 err = btmtk_register_coredump(hdev, btusb_driver.name, fw_version);
3157 bt_dev_err(hdev, "Failed to register coredump (%d)", err);
3161 fwname = FIRMWARE_MT7663;
3164 fwname = FIRMWARE_MT7668;
3169 if (dev_id == 0x7925)
3170 snprintf(fw_bin_name, sizeof(fw_bin_name),
3171 "mediatek/mt%04x/BT_RAM_CODE_MT%04x_1_%x_hdr.bin",
3172 dev_id & 0xffff, dev_id & 0xffff, (fw_version & 0xff) + 1);
3173 else if (dev_id == 0x7961 && fw_flavor)
3174 snprintf(fw_bin_name, sizeof(fw_bin_name),
3175 "mediatek/BT_RAM_CODE_MT%04x_1a_%x_hdr.bin",
3176 dev_id & 0xffff, (fw_version & 0xff) + 1);
3178 snprintf(fw_bin_name, sizeof(fw_bin_name),
3179 "mediatek/BT_RAM_CODE_MT%04x_1_%x_hdr.bin",
3180 dev_id & 0xffff, (fw_version & 0xff) + 1);
3182 err = btmtk_setup_firmware_79xx(hdev, fw_bin_name,
3183 btusb_mtk_hci_wmt_sync);
3185 bt_dev_err(hdev, "Failed to set up firmware (%d)", err);
3189 /* It's Device EndPoint Reset Option Register */
3190 btusb_mtk_uhw_reg_write(data, MTK_EP_RST_OPT, MTK_EP_RST_IN_OUT_OPT);
3192 /* Enable Bluetooth protocol */
3194 wmt_params.op = BTMTK_WMT_FUNC_CTRL;
3195 wmt_params.flag = 0;
3196 wmt_params.dlen = sizeof(param);
3197 wmt_params.data = ¶m;
3198 wmt_params.status = NULL;
3200 err = btusb_mtk_hci_wmt_sync(hdev, &wmt_params);
3202 bt_dev_err(hdev, "Failed to send wmt func ctrl (%d)", err);
3206 hci_set_msft_opcode(hdev, 0xFD30);
3207 hci_set_aosp_capable(hdev);
3210 bt_dev_err(hdev, "Unsupported hardware variant (%08x)",
3215 /* Query whether the firmware is already download */
3216 wmt_params.op = BTMTK_WMT_SEMAPHORE;
3217 wmt_params.flag = 1;
3218 wmt_params.dlen = 0;
3219 wmt_params.data = NULL;
3220 wmt_params.status = &status;
3222 err = btusb_mtk_hci_wmt_sync(hdev, &wmt_params);
3224 bt_dev_err(hdev, "Failed to query firmware status (%d)", err);
3228 if (status == BTMTK_WMT_PATCH_DONE) {
3229 bt_dev_info(hdev, "firmware already downloaded");
3230 goto ignore_setup_fw;
3233 /* Setup a firmware which the device definitely requires */
3234 err = btmtk_setup_firmware(hdev, fwname,
3235 btusb_mtk_hci_wmt_sync);
3240 err = readx_poll_timeout(btusb_mtk_func_query, hdev, status,
3241 status < 0 || status != BTMTK_WMT_ON_PROGRESS,
3243 /* -ETIMEDOUT happens */
3247 /* The other errors happen in btusb_mtk_func_query */
3251 if (status == BTMTK_WMT_ON_DONE) {
3252 bt_dev_info(hdev, "function already on");
3253 goto ignore_func_on;
3256 /* Enable Bluetooth protocol */
3258 wmt_params.op = BTMTK_WMT_FUNC_CTRL;
3259 wmt_params.flag = 0;
3260 wmt_params.dlen = sizeof(param);
3261 wmt_params.data = ¶m;
3262 wmt_params.status = NULL;
3264 err = btusb_mtk_hci_wmt_sync(hdev, &wmt_params);
3266 bt_dev_err(hdev, "Failed to send wmt func ctrl (%d)", err);
3271 /* Apply the low power environment setup */
3272 tci_sleep.mode = 0x5;
3273 tci_sleep.duration = cpu_to_le16(0x640);
3274 tci_sleep.host_duration = cpu_to_le16(0x640);
3275 tci_sleep.host_wakeup_pin = 0;
3276 tci_sleep.time_compensation = 0;
3278 skb = __hci_cmd_sync(hdev, 0xfc7a, sizeof(tci_sleep), &tci_sleep,
3282 bt_dev_err(hdev, "Failed to apply low power setting (%d)", err);
3288 rettime = ktime_get();
3289 delta = ktime_sub(rettime, calltime);
3290 duration = (unsigned long long)ktime_to_ns(delta) >> 10;
3292 bt_dev_info(hdev, "Device setup in %llu usecs", duration);
3297 static int btusb_mtk_shutdown(struct hci_dev *hdev)
3299 struct btmtk_hci_wmt_params wmt_params;
3303 /* Disable the device */
3304 wmt_params.op = BTMTK_WMT_FUNC_CTRL;
3305 wmt_params.flag = 0;
3306 wmt_params.dlen = sizeof(param);
3307 wmt_params.data = ¶m;
3308 wmt_params.status = NULL;
3310 err = btusb_mtk_hci_wmt_sync(hdev, &wmt_params);
3312 bt_dev_err(hdev, "Failed to send wmt func ctrl (%d)", err);
3319 static int btusb_recv_acl_mtk(struct hci_dev *hdev, struct sk_buff *skb)
3321 struct btusb_data *data = hci_get_drvdata(hdev);
3322 u16 handle = le16_to_cpu(hci_acl_hdr(skb)->handle);
3325 case 0xfc6f: /* Firmware dump from device */
3326 /* When the firmware hangs, the device can no longer
3327 * suspend and thus disable auto-suspend.
3329 usb_disable_autosuspend(data->udev);
3331 /* We need to forward the diagnostic packet to userspace daemon
3332 * for backward compatibility, so we have to clone the packet
3333 * extraly for the in-kernel coredump support.
3335 if (IS_ENABLED(CONFIG_DEV_COREDUMP)) {
3336 struct sk_buff *skb_cd = skb_clone(skb, GFP_ATOMIC);
3339 btmtk_process_coredump(hdev, skb_cd);
3343 case 0x05ff: /* Firmware debug logging 1 */
3344 case 0x05fe: /* Firmware debug logging 2 */
3345 return hci_recv_diag(hdev, skb);
3348 return hci_recv_frame(hdev, skb);
3352 /* Configure an out-of-band gpio as wake-up pin, if specified in device tree */
3353 static int marvell_config_oob_wake(struct hci_dev *hdev)
3355 struct sk_buff *skb;
3356 struct btusb_data *data = hci_get_drvdata(hdev);
3357 struct device *dev = &data->udev->dev;
3358 u16 pin, gap, opcode;
3362 /* Move on if no wakeup pin specified */
3363 if (of_property_read_u16(dev->of_node, "marvell,wakeup-pin", &pin) ||
3364 of_property_read_u16(dev->of_node, "marvell,wakeup-gap-ms", &gap))
3367 /* Vendor specific command to configure a GPIO as wake-up pin */
3368 opcode = hci_opcode_pack(0x3F, 0x59);
3369 cmd[0] = opcode & 0xFF;
3370 cmd[1] = opcode >> 8;
3371 cmd[2] = 2; /* length of parameters that follow */
3373 cmd[4] = gap; /* time in ms, for which wakeup pin should be asserted */
3375 skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL);
3377 bt_dev_err(hdev, "%s: No memory", __func__);
3381 skb_put_data(skb, cmd, sizeof(cmd));
3382 hci_skb_pkt_type(skb) = HCI_COMMAND_PKT;
3384 ret = btusb_send_frame(hdev, skb);
3386 bt_dev_err(hdev, "%s: configuration failed", __func__);
3395 static int btusb_set_bdaddr_marvell(struct hci_dev *hdev,
3396 const bdaddr_t *bdaddr)
3398 struct sk_buff *skb;
3403 buf[1] = sizeof(bdaddr_t);
3404 memcpy(buf + 2, bdaddr, sizeof(bdaddr_t));
3406 skb = __hci_cmd_sync(hdev, 0xfc22, sizeof(buf), buf, HCI_INIT_TIMEOUT);
3409 bt_dev_err(hdev, "changing Marvell device address failed (%ld)",
3418 static int btusb_set_bdaddr_ath3012(struct hci_dev *hdev,
3419 const bdaddr_t *bdaddr)
3421 struct sk_buff *skb;
3428 buf[3] = sizeof(bdaddr_t);
3429 memcpy(buf + 4, bdaddr, sizeof(bdaddr_t));
3431 skb = __hci_cmd_sync(hdev, 0xfc0b, sizeof(buf), buf, HCI_INIT_TIMEOUT);
3434 bt_dev_err(hdev, "Change address command failed (%ld)", ret);
3442 static int btusb_set_bdaddr_wcn6855(struct hci_dev *hdev,
3443 const bdaddr_t *bdaddr)
3445 struct sk_buff *skb;
3449 memcpy(buf, bdaddr, sizeof(bdaddr_t));
3451 skb = __hci_cmd_sync_ev(hdev, 0xfc14, sizeof(buf), buf,
3452 HCI_EV_CMD_COMPLETE, HCI_INIT_TIMEOUT);
3455 bt_dev_err(hdev, "Change address command failed (%ld)", ret);
3463 #define QCA_MEMDUMP_ACL_HANDLE 0x2EDD
3464 #define QCA_MEMDUMP_SIZE_MAX 0x100000
3465 #define QCA_MEMDUMP_VSE_CLASS 0x01
3466 #define QCA_MEMDUMP_MSG_TYPE 0x08
3467 #define QCA_MEMDUMP_PKT_SIZE 248
3468 #define QCA_LAST_SEQUENCE_NUM 0xffff
3470 struct qca_dump_hdr {
3478 __le32 ram_dump_size;
3485 static void btusb_dump_hdr_qca(struct hci_dev *hdev, struct sk_buff *skb)
3488 struct btusb_data *btdata = hci_get_drvdata(hdev);
3490 snprintf(buf, sizeof(buf), "Controller Name: 0x%x\n",
3491 btdata->qca_dump.controller_id);
3492 skb_put_data(skb, buf, strlen(buf));
3494 snprintf(buf, sizeof(buf), "Firmware Version: 0x%x\n",
3495 btdata->qca_dump.fw_version);
3496 skb_put_data(skb, buf, strlen(buf));
3498 snprintf(buf, sizeof(buf), "Driver: %s\nVendor: qca\n",
3500 skb_put_data(skb, buf, strlen(buf));
3502 snprintf(buf, sizeof(buf), "VID: 0x%x\nPID:0x%x\n",
3503 btdata->qca_dump.id_vendor, btdata->qca_dump.id_product);
3504 skb_put_data(skb, buf, strlen(buf));
3506 snprintf(buf, sizeof(buf), "Lmp Subversion: 0x%x\n",
3508 skb_put_data(skb, buf, strlen(buf));
3511 static void btusb_coredump_qca(struct hci_dev *hdev)
3514 static const u8 param[] = { 0x26 };
3516 err = __hci_cmd_send(hdev, 0xfc0c, 1, param);
3518 bt_dev_err(hdev, "%s: triggle crash failed (%d)", __func__, err);
3522 * ==0: not a dump pkt.
3523 * < 0: fails to handle a dump pkt
3526 static int handle_dump_pkt_qca(struct hci_dev *hdev, struct sk_buff *skb)
3531 unsigned int sk_len;
3535 struct hci_event_hdr *event_hdr;
3536 struct hci_acl_hdr *acl_hdr;
3537 struct qca_dump_hdr *dump_hdr;
3538 struct btusb_data *btdata = hci_get_drvdata(hdev);
3539 struct usb_device *udev = btdata->udev;
3541 pkt_type = hci_skb_pkt_type(skb);
3545 if (pkt_type == HCI_ACLDATA_PKT) {
3546 acl_hdr = hci_acl_hdr(skb);
3547 if (le16_to_cpu(acl_hdr->handle) != QCA_MEMDUMP_ACL_HANDLE)
3549 sk_ptr += HCI_ACL_HDR_SIZE;
3550 sk_len -= HCI_ACL_HDR_SIZE;
3551 event_hdr = (struct hci_event_hdr *)sk_ptr;
3553 event_hdr = hci_event_hdr(skb);
3556 if ((event_hdr->evt != HCI_VENDOR_PKT)
3557 || (event_hdr->plen != (sk_len - HCI_EVENT_HDR_SIZE)))
3560 sk_ptr += HCI_EVENT_HDR_SIZE;
3561 sk_len -= HCI_EVENT_HDR_SIZE;
3563 dump_hdr = (struct qca_dump_hdr *)sk_ptr;
3564 if ((sk_len < offsetof(struct qca_dump_hdr, data))
3565 || (dump_hdr->vse_class != QCA_MEMDUMP_VSE_CLASS)
3566 || (dump_hdr->msg_type != QCA_MEMDUMP_MSG_TYPE))
3569 /*it is dump pkt now*/
3570 seqno = le16_to_cpu(dump_hdr->seqno);
3572 set_bit(BTUSB_HW_SSR_ACTIVE, &btdata->flags);
3573 dump_size = le32_to_cpu(dump_hdr->ram_dump_size);
3574 if (!dump_size || (dump_size > QCA_MEMDUMP_SIZE_MAX)) {
3576 bt_dev_err(hdev, "Invalid memdump size(%u)",
3581 ret = hci_devcd_init(hdev, dump_size);
3583 bt_dev_err(hdev, "memdump init error(%d)", ret);
3587 btdata->qca_dump.ram_dump_size = dump_size;
3588 btdata->qca_dump.ram_dump_seqno = 0;
3589 sk_ptr += offsetof(struct qca_dump_hdr, data0);
3590 sk_len -= offsetof(struct qca_dump_hdr, data0);
3592 usb_disable_autosuspend(udev);
3593 bt_dev_info(hdev, "%s memdump size(%u)\n",
3594 (pkt_type == HCI_ACLDATA_PKT) ? "ACL" : "event",
3597 sk_ptr += offsetof(struct qca_dump_hdr, data);
3598 sk_len -= offsetof(struct qca_dump_hdr, data);
3601 if (!btdata->qca_dump.ram_dump_size) {
3603 bt_dev_err(hdev, "memdump is not active");
3607 if ((seqno > btdata->qca_dump.ram_dump_seqno + 1) && (seqno != QCA_LAST_SEQUENCE_NUM)) {
3608 dump_size = QCA_MEMDUMP_PKT_SIZE * (seqno - btdata->qca_dump.ram_dump_seqno - 1);
3609 hci_devcd_append_pattern(hdev, 0x0, dump_size);
3611 "expected memdump seqno(%u) is not received(%u)\n",
3612 btdata->qca_dump.ram_dump_seqno, seqno);
3613 btdata->qca_dump.ram_dump_seqno = seqno;
3618 skb_pull(skb, skb->len - sk_len);
3619 hci_devcd_append(hdev, skb);
3620 btdata->qca_dump.ram_dump_seqno++;
3621 if (seqno == QCA_LAST_SEQUENCE_NUM) {
3623 "memdump done: pkts(%u), total(%u)\n",
3624 btdata->qca_dump.ram_dump_seqno, btdata->qca_dump.ram_dump_size);
3626 hci_devcd_complete(hdev);
3632 if (btdata->qca_dump.ram_dump_size)
3633 usb_enable_autosuspend(udev);
3634 btdata->qca_dump.ram_dump_size = 0;
3635 btdata->qca_dump.ram_dump_seqno = 0;
3636 clear_bit(BTUSB_HW_SSR_ACTIVE, &btdata->flags);
3643 static int btusb_recv_acl_qca(struct hci_dev *hdev, struct sk_buff *skb)
3645 if (handle_dump_pkt_qca(hdev, skb))
3647 return hci_recv_frame(hdev, skb);
3650 static int btusb_recv_evt_qca(struct hci_dev *hdev, struct sk_buff *skb)
3652 if (handle_dump_pkt_qca(hdev, skb))
3654 return hci_recv_frame(hdev, skb);
3658 #define QCA_DFU_PACKET_LEN 4096
3660 #define QCA_GET_TARGET_VERSION 0x09
3661 #define QCA_CHECK_STATUS 0x05
3662 #define QCA_DFU_DOWNLOAD 0x01
3664 #define QCA_SYSCFG_UPDATED 0x40
3665 #define QCA_PATCH_UPDATED 0x80
3666 #define QCA_DFU_TIMEOUT 3000
3667 #define QCA_FLAG_MULTI_NVM 0x80
3668 #define QCA_BT_RESET_WAIT_MS 100
3670 #define WCN6855_2_0_RAM_VERSION_GF 0x400c1200
3671 #define WCN6855_2_1_RAM_VERSION_GF 0x400c1211
3673 struct qca_version {
3675 __le32 patch_version;
3683 struct qca_rampatch_version {
3684 __le16 rom_version_high;
3685 __le16 rom_version_low;
3686 __le16 patch_version;
3689 struct qca_device_info {
3691 u8 rampatch_hdr; /* length of header in rampatch */
3692 u8 nvm_hdr; /* length of header in NVM */
3693 u8 ver_offset; /* offset of version structure in rampatch */
3696 static const struct qca_device_info qca_devices_table[] = {
3697 { 0x00000100, 20, 4, 8 }, /* Rome 1.0 */
3698 { 0x00000101, 20, 4, 8 }, /* Rome 1.1 */
3699 { 0x00000200, 28, 4, 16 }, /* Rome 2.0 */
3700 { 0x00000201, 28, 4, 16 }, /* Rome 2.1 */
3701 { 0x00000300, 28, 4, 16 }, /* Rome 3.0 */
3702 { 0x00000302, 28, 4, 16 }, /* Rome 3.2 */
3703 { 0x00130100, 40, 4, 16 }, /* WCN6855 1.0 */
3704 { 0x00130200, 40, 4, 16 }, /* WCN6855 2.0 */
3705 { 0x00130201, 40, 4, 16 }, /* WCN6855 2.1 */
3706 { 0x00190200, 40, 4, 16 }, /* WCN785x 2.0 */
3709 static int btusb_qca_send_vendor_req(struct usb_device *udev, u8 request,
3710 void *data, u16 size)
3715 buf = kmalloc(size, GFP_KERNEL);
3719 /* Found some of USB hosts have IOT issues with ours so that we should
3720 * not wait until HCI layer is ready.
3722 pipe = usb_rcvctrlpipe(udev, 0);
3723 err = usb_control_msg(udev, pipe, request, USB_TYPE_VENDOR | USB_DIR_IN,
3724 0, 0, buf, size, USB_CTRL_GET_TIMEOUT);
3726 dev_err(&udev->dev, "Failed to access otp area (%d)", err);
3730 memcpy(data, buf, size);
3738 static int btusb_setup_qca_download_fw(struct hci_dev *hdev,
3739 const struct firmware *firmware,
3742 struct btusb_data *btdata = hci_get_drvdata(hdev);
3743 struct usb_device *udev = btdata->udev;
3744 size_t count, size, sent = 0;
3748 buf = kmalloc(QCA_DFU_PACKET_LEN, GFP_KERNEL);
3752 count = firmware->size;
3754 size = min_t(size_t, count, hdr_size);
3755 memcpy(buf, firmware->data, size);
3757 /* USB patches should go down to controller through USB path
3758 * because binary format fits to go down through USB channel.
3759 * USB control path is for patching headers and USB bulk is for
3762 pipe = usb_sndctrlpipe(udev, 0);
3763 err = usb_control_msg(udev, pipe, QCA_DFU_DOWNLOAD, USB_TYPE_VENDOR,
3764 0, 0, buf, size, USB_CTRL_SET_TIMEOUT);
3766 bt_dev_err(hdev, "Failed to send headers (%d)", err);
3773 /* ep2 need time to switch from function acl to function dfu,
3774 * so we add 20ms delay here.
3779 size = min_t(size_t, count, QCA_DFU_PACKET_LEN);
3781 memcpy(buf, firmware->data + sent, size);
3783 pipe = usb_sndbulkpipe(udev, 0x02);
3784 err = usb_bulk_msg(udev, pipe, buf, size, &len,
3787 bt_dev_err(hdev, "Failed to send body at %zd of %zd (%d)",
3788 sent, firmware->size, err);
3793 bt_dev_err(hdev, "Failed to get bulk buffer");
3807 static int btusb_setup_qca_load_rampatch(struct hci_dev *hdev,
3808 struct qca_version *ver,
3809 const struct qca_device_info *info)
3811 struct qca_rampatch_version *rver;
3812 const struct firmware *fw;
3813 u32 ver_rom, ver_patch, rver_rom;
3814 u16 rver_rom_low, rver_rom_high, rver_patch;
3818 ver_rom = le32_to_cpu(ver->rom_version);
3819 ver_patch = le32_to_cpu(ver->patch_version);
3821 snprintf(fwname, sizeof(fwname), "qca/rampatch_usb_%08x.bin", ver_rom);
3823 err = request_firmware(&fw, fwname, &hdev->dev);
3825 bt_dev_err(hdev, "failed to request rampatch file: %s (%d)",
3830 bt_dev_info(hdev, "using rampatch file: %s", fwname);
3832 rver = (struct qca_rampatch_version *)(fw->data + info->ver_offset);
3833 rver_rom_low = le16_to_cpu(rver->rom_version_low);
3834 rver_patch = le16_to_cpu(rver->patch_version);
3836 if (ver_rom & ~0xffffU) {
3837 rver_rom_high = le16_to_cpu(rver->rom_version_high);
3838 rver_rom = rver_rom_high << 16 | rver_rom_low;
3840 rver_rom = rver_rom_low;
3843 bt_dev_info(hdev, "QCA: patch rome 0x%x build 0x%x, "
3844 "firmware rome 0x%x build 0x%x",
3845 rver_rom, rver_patch, ver_rom, ver_patch);
3847 if (rver_rom != ver_rom || rver_patch <= ver_patch) {
3848 bt_dev_err(hdev, "rampatch file version did not match with firmware");
3853 err = btusb_setup_qca_download_fw(hdev, fw, info->rampatch_hdr);
3856 release_firmware(fw);
3861 static void btusb_generate_qca_nvm_name(char *fwname, size_t max_size,
3862 const struct qca_version *ver)
3864 u32 rom_version = le32_to_cpu(ver->rom_version);
3865 u16 flag = le16_to_cpu(ver->flag);
3867 if (((flag >> 8) & 0xff) == QCA_FLAG_MULTI_NVM) {
3868 /* The board_id should be split into two bytes
3869 * The 1st byte is chip ID, and the 2nd byte is platform ID
3870 * For example, board ID 0x010A, 0x01 is platform ID. 0x0A is chip ID
3871 * we have several platforms, and platform IDs are continuously added
3873 * 0x00 is for Mobile
3875 * 0x02 is for Automotive
3876 * 0x03 is for Consumer electronic
3878 u16 board_id = (ver->chip_id << 8) + ver->platform_id;
3879 const char *variant;
3881 switch (le32_to_cpu(ver->ram_version)) {
3882 case WCN6855_2_0_RAM_VERSION_GF:
3883 case WCN6855_2_1_RAM_VERSION_GF:
3891 if (board_id == 0) {
3892 snprintf(fwname, max_size, "qca/nvm_usb_%08x%s.bin",
3893 rom_version, variant);
3895 snprintf(fwname, max_size, "qca/nvm_usb_%08x%s_%04x.bin",
3896 rom_version, variant, board_id);
3899 snprintf(fwname, max_size, "qca/nvm_usb_%08x.bin",
3905 static int btusb_setup_qca_load_nvm(struct hci_dev *hdev,
3906 struct qca_version *ver,
3907 const struct qca_device_info *info)
3909 const struct firmware *fw;
3913 btusb_generate_qca_nvm_name(fwname, sizeof(fwname), ver);
3915 err = request_firmware(&fw, fwname, &hdev->dev);
3917 bt_dev_err(hdev, "failed to request NVM file: %s (%d)",
3922 bt_dev_info(hdev, "using NVM file: %s", fwname);
3924 err = btusb_setup_qca_download_fw(hdev, fw, info->nvm_hdr);
3926 release_firmware(fw);
3931 /* identify the ROM version and check whether patches are needed */
3932 static bool btusb_qca_need_patch(struct usb_device *udev)
3934 struct qca_version ver;
3936 if (btusb_qca_send_vendor_req(udev, QCA_GET_TARGET_VERSION, &ver,
3939 /* only low ROM versions need patches */
3940 return !(le32_to_cpu(ver.rom_version) & ~0xffffU);
3943 static int btusb_setup_qca(struct hci_dev *hdev)
3945 struct btusb_data *btdata = hci_get_drvdata(hdev);
3946 struct usb_device *udev = btdata->udev;
3947 const struct qca_device_info *info = NULL;
3948 struct qca_version ver;
3953 err = btusb_qca_send_vendor_req(udev, QCA_GET_TARGET_VERSION, &ver,
3958 ver_rom = le32_to_cpu(ver.rom_version);
3960 for (i = 0; i < ARRAY_SIZE(qca_devices_table); i++) {
3961 if (ver_rom == qca_devices_table[i].rom_version)
3962 info = &qca_devices_table[i];
3965 /* If the rom_version is not matched in the qca_devices_table
3966 * and the high ROM version is not zero, we assume this chip no
3967 * need to load the rampatch and nvm.
3969 if (ver_rom & ~0xffffU)
3972 bt_dev_err(hdev, "don't support firmware rome 0x%x", ver_rom);
3976 err = btusb_qca_send_vendor_req(udev, QCA_CHECK_STATUS, &status,
3981 if (!(status & QCA_PATCH_UPDATED)) {
3982 err = btusb_setup_qca_load_rampatch(hdev, &ver, info);
3987 err = btusb_qca_send_vendor_req(udev, QCA_GET_TARGET_VERSION, &ver,
3992 btdata->qca_dump.fw_version = le32_to_cpu(ver.patch_version);
3993 btdata->qca_dump.controller_id = le32_to_cpu(ver.rom_version);
3995 if (!(status & QCA_SYSCFG_UPDATED)) {
3996 err = btusb_setup_qca_load_nvm(hdev, &ver, info);
4000 /* WCN6855 2.1 and later will reset to apply firmware downloaded here, so
4001 * wait ~100ms for reset Done then go ahead, otherwise, it maybe
4002 * cause potential enable failure.
4004 if (info->rom_version >= 0x00130201)
4005 msleep(QCA_BT_RESET_WAIT_MS);
4008 /* Mark HCI_OP_ENHANCED_SETUP_SYNC_CONN as broken as it doesn't seem to
4009 * work with the likes of HSP/HFP mSBC.
4011 set_bit(HCI_QUIRK_BROKEN_ENHANCED_SETUP_SYNC_CONN, &hdev->quirks);
4016 static inline int __set_diag_interface(struct hci_dev *hdev)
4018 struct btusb_data *data = hci_get_drvdata(hdev);
4019 struct usb_interface *intf = data->diag;
4025 data->diag_tx_ep = NULL;
4026 data->diag_rx_ep = NULL;
4028 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
4029 struct usb_endpoint_descriptor *ep_desc;
4031 ep_desc = &intf->cur_altsetting->endpoint[i].desc;
4033 if (!data->diag_tx_ep && usb_endpoint_is_bulk_out(ep_desc)) {
4034 data->diag_tx_ep = ep_desc;
4038 if (!data->diag_rx_ep && usb_endpoint_is_bulk_in(ep_desc)) {
4039 data->diag_rx_ep = ep_desc;
4044 if (!data->diag_tx_ep || !data->diag_rx_ep) {
4045 bt_dev_err(hdev, "invalid diagnostic descriptors");
4052 static struct urb *alloc_diag_urb(struct hci_dev *hdev, bool enable)
4054 struct btusb_data *data = hci_get_drvdata(hdev);
4055 struct sk_buff *skb;
4059 if (!data->diag_tx_ep)
4060 return ERR_PTR(-ENODEV);
4062 urb = usb_alloc_urb(0, GFP_KERNEL);
4064 return ERR_PTR(-ENOMEM);
4066 skb = bt_skb_alloc(2, GFP_KERNEL);
4069 return ERR_PTR(-ENOMEM);
4072 skb_put_u8(skb, 0xf0);
4073 skb_put_u8(skb, enable);
4075 pipe = usb_sndbulkpipe(data->udev, data->diag_tx_ep->bEndpointAddress);
4077 usb_fill_bulk_urb(urb, data->udev, pipe,
4078 skb->data, skb->len, btusb_tx_complete, skb);
4080 skb->dev = (void *)hdev;
4085 static int btusb_bcm_set_diag(struct hci_dev *hdev, bool enable)
4087 struct btusb_data *data = hci_get_drvdata(hdev);
4093 if (!test_bit(HCI_RUNNING, &hdev->flags))
4096 urb = alloc_diag_urb(hdev, enable);
4098 return PTR_ERR(urb);
4100 return submit_or_queue_tx_urb(hdev, urb);
4104 static irqreturn_t btusb_oob_wake_handler(int irq, void *priv)
4106 struct btusb_data *data = priv;
4108 pm_wakeup_event(&data->udev->dev, 0);
4111 /* Disable only if not already disabled (keep it balanced) */
4112 if (test_and_clear_bit(BTUSB_OOB_WAKE_ENABLED, &data->flags)) {
4113 disable_irq_nosync(irq);
4114 disable_irq_wake(irq);
4119 static const struct of_device_id btusb_match_table[] = {
4120 { .compatible = "usb1286,204e" },
4121 { .compatible = "usbcf3,e300" }, /* QCA6174A */
4122 { .compatible = "usb4ca,301a" }, /* QCA6174A (Lite-On) */
4125 MODULE_DEVICE_TABLE(of, btusb_match_table);
4127 /* Use an oob wakeup pin? */
4128 static int btusb_config_oob_wake(struct hci_dev *hdev)
4130 struct btusb_data *data = hci_get_drvdata(hdev);
4131 struct device *dev = &data->udev->dev;
4134 clear_bit(BTUSB_OOB_WAKE_ENABLED, &data->flags);
4136 if (!of_match_device(btusb_match_table, dev))
4139 /* Move on if no IRQ specified */
4140 irq = of_irq_get_byname(dev->of_node, "wakeup");
4142 bt_dev_dbg(hdev, "%s: no OOB Wakeup IRQ in DT", __func__);
4146 irq_set_status_flags(irq, IRQ_NOAUTOEN);
4147 ret = devm_request_irq(&hdev->dev, irq, btusb_oob_wake_handler,
4148 0, "OOB Wake-on-BT", data);
4150 bt_dev_err(hdev, "%s: IRQ request failed", __func__);
4154 ret = device_init_wakeup(dev, true);
4156 bt_dev_err(hdev, "%s: failed to init_wakeup", __func__);
4160 data->oob_wake_irq = irq;
4161 bt_dev_info(hdev, "OOB Wake-on-BT configured at IRQ %u", irq);
4166 static void btusb_check_needs_reset_resume(struct usb_interface *intf)
4168 if (dmi_check_system(btusb_needs_reset_resume_table))
4169 interface_to_usbdev(intf)->quirks |= USB_QUIRK_RESET_RESUME;
4172 static bool btusb_wakeup(struct hci_dev *hdev)
4174 struct btusb_data *data = hci_get_drvdata(hdev);
4176 return device_may_wakeup(&data->udev->dev);
4179 static int btusb_shutdown_qca(struct hci_dev *hdev)
4181 struct sk_buff *skb;
4183 skb = __hci_cmd_sync(hdev, HCI_OP_RESET, 0, NULL, HCI_INIT_TIMEOUT);
4185 bt_dev_err(hdev, "HCI reset during shutdown failed");
4186 return PTR_ERR(skb);
4193 static ssize_t force_poll_sync_read(struct file *file, char __user *user_buf,
4194 size_t count, loff_t *ppos)
4196 struct btusb_data *data = file->private_data;
4199 buf[0] = data->poll_sync ? 'Y' : 'N';
4202 return simple_read_from_buffer(user_buf, count, ppos, buf, 2);
4205 static ssize_t force_poll_sync_write(struct file *file,
4206 const char __user *user_buf,
4207 size_t count, loff_t *ppos)
4209 struct btusb_data *data = file->private_data;
4213 err = kstrtobool_from_user(user_buf, count, &enable);
4217 /* Only allow changes while the adapter is down */
4218 if (test_bit(HCI_UP, &data->hdev->flags))
4221 if (data->poll_sync == enable)
4224 data->poll_sync = enable;
4229 static const struct file_operations force_poll_sync_fops = {
4230 .open = simple_open,
4231 .read = force_poll_sync_read,
4232 .write = force_poll_sync_write,
4233 .llseek = default_llseek,
4236 static int btusb_probe(struct usb_interface *intf,
4237 const struct usb_device_id *id)
4239 struct usb_endpoint_descriptor *ep_desc;
4240 struct gpio_desc *reset_gpio;
4241 struct btusb_data *data;
4242 struct hci_dev *hdev;
4243 unsigned ifnum_base;
4244 int i, err, priv_size;
4246 BT_DBG("intf %p id %p", intf, id);
4248 if ((id->driver_info & BTUSB_IFNUM_2) &&
4249 (intf->cur_altsetting->desc.bInterfaceNumber != 0) &&
4250 (intf->cur_altsetting->desc.bInterfaceNumber != 2))
4253 ifnum_base = intf->cur_altsetting->desc.bInterfaceNumber;
4255 if (!id->driver_info) {
4256 const struct usb_device_id *match;
4258 match = usb_match_id(intf, quirks_table);
4263 if (id->driver_info == BTUSB_IGNORE)
4266 if (id->driver_info & BTUSB_ATH3012) {
4267 struct usb_device *udev = interface_to_usbdev(intf);
4269 /* Old firmware would otherwise let ath3k driver load
4270 * patch and sysconfig files
4272 if (le16_to_cpu(udev->descriptor.bcdDevice) <= 0x0001 &&
4273 !btusb_qca_need_patch(udev))
4277 data = devm_kzalloc(&intf->dev, sizeof(*data), GFP_KERNEL);
4281 for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
4282 ep_desc = &intf->cur_altsetting->endpoint[i].desc;
4284 if (!data->intr_ep && usb_endpoint_is_int_in(ep_desc)) {
4285 data->intr_ep = ep_desc;
4289 if (!data->bulk_tx_ep && usb_endpoint_is_bulk_out(ep_desc)) {
4290 data->bulk_tx_ep = ep_desc;
4294 if (!data->bulk_rx_ep && usb_endpoint_is_bulk_in(ep_desc)) {
4295 data->bulk_rx_ep = ep_desc;
4300 if (!data->intr_ep || !data->bulk_tx_ep || !data->bulk_rx_ep)
4303 if (id->driver_info & BTUSB_AMP) {
4304 data->cmdreq_type = USB_TYPE_CLASS | 0x01;
4305 data->cmdreq = 0x2b;
4307 data->cmdreq_type = USB_TYPE_CLASS;
4308 data->cmdreq = 0x00;
4311 data->udev = interface_to_usbdev(intf);
4314 INIT_WORK(&data->work, btusb_work);
4315 INIT_WORK(&data->waker, btusb_waker);
4316 INIT_DELAYED_WORK(&data->rx_work, btusb_rx_work);
4318 skb_queue_head_init(&data->acl_q);
4320 init_usb_anchor(&data->deferred);
4321 init_usb_anchor(&data->tx_anchor);
4322 spin_lock_init(&data->txlock);
4324 init_usb_anchor(&data->intr_anchor);
4325 init_usb_anchor(&data->bulk_anchor);
4326 init_usb_anchor(&data->isoc_anchor);
4327 init_usb_anchor(&data->diag_anchor);
4328 init_usb_anchor(&data->ctrl_anchor);
4329 spin_lock_init(&data->rxlock);
4333 data->recv_event = hci_recv_frame;
4334 data->recv_bulk = btusb_recv_bulk;
4336 if (id->driver_info & BTUSB_INTEL_COMBINED) {
4337 /* Allocate extra space for Intel device */
4338 priv_size += sizeof(struct btintel_data);
4340 /* Override the rx handlers */
4341 data->recv_event = btintel_recv_event;
4342 data->recv_bulk = btusb_recv_bulk_intel;
4343 } else if (id->driver_info & BTUSB_REALTEK) {
4344 /* Allocate extra space for Realtek device */
4345 priv_size += sizeof(struct btrealtek_data);
4347 data->recv_event = btusb_recv_event_realtek;
4348 } else if (id->driver_info & BTUSB_MEDIATEK) {
4349 /* Allocate extra space for Mediatek device */
4350 priv_size += sizeof(struct btmediatek_data);
4353 data->recv_acl = hci_recv_frame;
4355 hdev = hci_alloc_dev_priv(priv_size);
4359 hdev->bus = HCI_USB;
4360 hci_set_drvdata(hdev, data);
4364 SET_HCIDEV_DEV(hdev, &intf->dev);
4366 reset_gpio = gpiod_get_optional(&data->udev->dev, "reset",
4368 if (IS_ERR(reset_gpio)) {
4369 err = PTR_ERR(reset_gpio);
4371 } else if (reset_gpio) {
4372 data->reset_gpio = reset_gpio;
4375 hdev->open = btusb_open;
4376 hdev->close = btusb_close;
4377 hdev->flush = btusb_flush;
4378 hdev->send = btusb_send_frame;
4379 hdev->notify = btusb_notify;
4380 hdev->wakeup = btusb_wakeup;
4383 err = btusb_config_oob_wake(hdev);
4387 /* Marvell devices may need a specific chip configuration */
4388 if (id->driver_info & BTUSB_MARVELL && data->oob_wake_irq) {
4389 err = marvell_config_oob_wake(hdev);
4394 if (id->driver_info & BTUSB_CW6622)
4395 set_bit(HCI_QUIRK_BROKEN_STORED_LINK_KEY, &hdev->quirks);
4397 if (id->driver_info & BTUSB_BCM2045)
4398 set_bit(HCI_QUIRK_BROKEN_STORED_LINK_KEY, &hdev->quirks);
4400 if (id->driver_info & BTUSB_BCM92035)
4401 hdev->setup = btusb_setup_bcm92035;
4403 if (IS_ENABLED(CONFIG_BT_HCIBTUSB_BCM) &&
4404 (id->driver_info & BTUSB_BCM_PATCHRAM)) {
4405 hdev->manufacturer = 15;
4406 hdev->setup = btbcm_setup_patchram;
4407 hdev->set_diag = btusb_bcm_set_diag;
4408 hdev->set_bdaddr = btbcm_set_bdaddr;
4410 /* Broadcom LM_DIAG Interface numbers are hardcoded */
4411 data->diag = usb_ifnum_to_if(data->udev, ifnum_base + 2);
4414 if (IS_ENABLED(CONFIG_BT_HCIBTUSB_BCM) &&
4415 (id->driver_info & BTUSB_BCM_APPLE)) {
4416 hdev->manufacturer = 15;
4417 hdev->setup = btbcm_setup_apple;
4418 hdev->set_diag = btusb_bcm_set_diag;
4420 /* Broadcom LM_DIAG Interface numbers are hardcoded */
4421 data->diag = usb_ifnum_to_if(data->udev, ifnum_base + 2);
4424 /* Combined Intel Device setup to support multiple setup routine */
4425 if (id->driver_info & BTUSB_INTEL_COMBINED) {
4426 err = btintel_configure_setup(hdev, btusb_driver.name);
4430 /* Transport specific configuration */
4431 hdev->send = btusb_send_frame_intel;
4432 hdev->cmd_timeout = btusb_intel_cmd_timeout;
4434 if (id->driver_info & BTUSB_INTEL_NO_WBS_SUPPORT)
4435 btintel_set_flag(hdev, INTEL_ROM_LEGACY_NO_WBS_SUPPORT);
4437 if (id->driver_info & BTUSB_INTEL_BROKEN_INITIAL_NCMD)
4438 btintel_set_flag(hdev, INTEL_BROKEN_INITIAL_NCMD);
4440 if (id->driver_info & BTUSB_INTEL_BROKEN_SHUTDOWN_LED)
4441 btintel_set_flag(hdev, INTEL_BROKEN_SHUTDOWN_LED);
4444 if (id->driver_info & BTUSB_MARVELL)
4445 hdev->set_bdaddr = btusb_set_bdaddr_marvell;
4447 if (IS_ENABLED(CONFIG_BT_HCIBTUSB_MTK) &&
4448 (id->driver_info & BTUSB_MEDIATEK)) {
4449 hdev->setup = btusb_mtk_setup;
4450 hdev->shutdown = btusb_mtk_shutdown;
4451 hdev->manufacturer = 70;
4452 hdev->cmd_timeout = btmtk_reset_sync;
4453 hdev->set_bdaddr = btmtk_set_bdaddr;
4454 set_bit(HCI_QUIRK_BROKEN_ENHANCED_SETUP_SYNC_CONN, &hdev->quirks);
4455 set_bit(HCI_QUIRK_NON_PERSISTENT_SETUP, &hdev->quirks);
4456 data->recv_acl = btusb_recv_acl_mtk;
4459 if (id->driver_info & BTUSB_SWAVE) {
4460 set_bit(HCI_QUIRK_FIXUP_INQUIRY_MODE, &hdev->quirks);
4461 set_bit(HCI_QUIRK_BROKEN_LOCAL_COMMANDS, &hdev->quirks);
4464 if (id->driver_info & BTUSB_INTEL_BOOT) {
4465 hdev->manufacturer = 2;
4466 set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
4469 if (id->driver_info & BTUSB_ATH3012) {
4470 data->setup_on_usb = btusb_setup_qca;
4471 hdev->set_bdaddr = btusb_set_bdaddr_ath3012;
4472 set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks);
4473 set_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks);
4476 if (id->driver_info & BTUSB_QCA_ROME) {
4477 data->setup_on_usb = btusb_setup_qca;
4478 hdev->shutdown = btusb_shutdown_qca;
4479 hdev->set_bdaddr = btusb_set_bdaddr_ath3012;
4480 hdev->cmd_timeout = btusb_qca_cmd_timeout;
4481 set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks);
4482 btusb_check_needs_reset_resume(intf);
4485 if (id->driver_info & BTUSB_QCA_WCN6855) {
4486 data->qca_dump.id_vendor = id->idVendor;
4487 data->qca_dump.id_product = id->idProduct;
4488 data->recv_event = btusb_recv_evt_qca;
4489 data->recv_acl = btusb_recv_acl_qca;
4490 hci_devcd_register(hdev, btusb_coredump_qca, btusb_dump_hdr_qca, NULL);
4491 data->setup_on_usb = btusb_setup_qca;
4492 hdev->shutdown = btusb_shutdown_qca;
4493 hdev->set_bdaddr = btusb_set_bdaddr_wcn6855;
4494 hdev->cmd_timeout = btusb_qca_cmd_timeout;
4495 set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks);
4496 hci_set_msft_opcode(hdev, 0xFD70);
4499 if (id->driver_info & BTUSB_AMP) {
4500 /* AMP controllers do not support SCO packets */
4503 /* Interface orders are hardcoded in the specification */
4504 data->isoc = usb_ifnum_to_if(data->udev, ifnum_base + 1);
4505 data->isoc_ifnum = ifnum_base + 1;
4508 if (IS_ENABLED(CONFIG_BT_HCIBTUSB_RTL) &&
4509 (id->driver_info & BTUSB_REALTEK)) {
4510 btrtl_set_driver_name(hdev, btusb_driver.name);
4511 hdev->setup = btusb_setup_realtek;
4512 hdev->shutdown = btrtl_shutdown_realtek;
4513 hdev->cmd_timeout = btusb_rtl_cmd_timeout;
4514 hdev->hw_error = btusb_rtl_hw_error;
4516 /* Realtek devices need to set remote wakeup on auto-suspend */
4517 set_bit(BTUSB_WAKEUP_AUTOSUSPEND, &data->flags);
4518 set_bit(BTUSB_USE_ALT3_FOR_WBS, &data->flags);
4521 if (id->driver_info & BTUSB_ACTIONS_SEMI) {
4522 /* Support is advertised, but not implemented */
4523 set_bit(HCI_QUIRK_BROKEN_ERR_DATA_REPORTING, &hdev->quirks);
4524 set_bit(HCI_QUIRK_BROKEN_READ_TRANSMIT_POWER, &hdev->quirks);
4525 set_bit(HCI_QUIRK_BROKEN_SET_RPA_TIMEOUT, &hdev->quirks);
4526 set_bit(HCI_QUIRK_BROKEN_EXT_SCAN, &hdev->quirks);
4527 set_bit(HCI_QUIRK_BROKEN_READ_ENC_KEY_SIZE, &hdev->quirks);
4531 set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks);
4533 if (force_scofix || id->driver_info & BTUSB_WRONG_SCO_MTU) {
4534 if (!disable_scofix)
4535 set_bit(HCI_QUIRK_FIXUP_BUFFER_SIZE, &hdev->quirks);
4538 if (id->driver_info & BTUSB_BROKEN_ISOC)
4541 if (id->driver_info & BTUSB_WIDEBAND_SPEECH)
4542 set_bit(HCI_QUIRK_WIDEBAND_SPEECH_SUPPORTED, &hdev->quirks);
4544 if (id->driver_info & BTUSB_VALID_LE_STATES)
4545 set_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks);
4547 if (id->driver_info & BTUSB_DIGIANSWER) {
4548 data->cmdreq_type = USB_TYPE_VENDOR;
4549 set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks);
4552 if (id->driver_info & BTUSB_CSR) {
4553 struct usb_device *udev = data->udev;
4554 u16 bcdDevice = le16_to_cpu(udev->descriptor.bcdDevice);
4556 /* Old firmware would otherwise execute USB reset */
4557 if (bcdDevice < 0x117)
4558 set_bit(HCI_QUIRK_RESET_ON_CLOSE, &hdev->quirks);
4560 /* This must be set first in case we disable it for fakes */
4561 set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks);
4563 /* Fake CSR devices with broken commands */
4564 if (le16_to_cpu(udev->descriptor.idVendor) == 0x0a12 &&
4565 le16_to_cpu(udev->descriptor.idProduct) == 0x0001)
4566 hdev->setup = btusb_setup_csr;
4569 if (id->driver_info & BTUSB_SNIFFER) {
4570 struct usb_device *udev = data->udev;
4572 /* New sniffer firmware has crippled HCI interface */
4573 if (le16_to_cpu(udev->descriptor.bcdDevice) > 0x997)
4574 set_bit(HCI_QUIRK_RAW_DEVICE, &hdev->quirks);
4577 if (id->driver_info & BTUSB_INTEL_BOOT) {
4578 /* A bug in the bootloader causes that interrupt interface is
4579 * only enabled after receiving SetInterface(0, AltSetting=0).
4581 err = usb_set_interface(data->udev, 0, 0);
4583 BT_ERR("failed to set interface 0, alt 0 %d", err);
4589 err = usb_driver_claim_interface(&btusb_driver,
4595 if (IS_ENABLED(CONFIG_BT_HCIBTUSB_BCM) && data->diag) {
4596 if (!usb_driver_claim_interface(&btusb_driver,
4598 __set_diag_interface(hdev);
4603 if (enable_autosuspend)
4604 usb_enable_autosuspend(data->udev);
4606 data->poll_sync = enable_poll_sync;
4608 err = hci_register_dev(hdev);
4612 usb_set_intfdata(intf, data);
4614 debugfs_create_file("force_poll_sync", 0644, hdev->debugfs, data,
4615 &force_poll_sync_fops);
4620 if (data->reset_gpio)
4621 gpiod_put(data->reset_gpio);
4626 static void btusb_disconnect(struct usb_interface *intf)
4628 struct btusb_data *data = usb_get_intfdata(intf);
4629 struct hci_dev *hdev;
4631 BT_DBG("intf %p", intf);
4637 usb_set_intfdata(data->intf, NULL);
4640 usb_set_intfdata(data->isoc, NULL);
4643 usb_set_intfdata(data->diag, NULL);
4645 hci_unregister_dev(hdev);
4647 if (intf == data->intf) {
4649 usb_driver_release_interface(&btusb_driver, data->isoc);
4651 usb_driver_release_interface(&btusb_driver, data->diag);
4652 } else if (intf == data->isoc) {
4654 usb_driver_release_interface(&btusb_driver, data->diag);
4655 usb_driver_release_interface(&btusb_driver, data->intf);
4656 } else if (intf == data->diag) {
4657 usb_driver_release_interface(&btusb_driver, data->intf);
4659 usb_driver_release_interface(&btusb_driver, data->isoc);
4662 if (data->oob_wake_irq)
4663 device_init_wakeup(&data->udev->dev, false);
4665 if (data->reset_gpio)
4666 gpiod_put(data->reset_gpio);
4672 static int btusb_suspend(struct usb_interface *intf, pm_message_t message)
4674 struct btusb_data *data = usb_get_intfdata(intf);
4676 BT_DBG("intf %p", intf);
4678 /* Don't suspend if there are connections */
4679 if (hci_conn_count(data->hdev))
4682 if (data->suspend_count++)
4685 spin_lock_irq(&data->txlock);
4686 if (!(PMSG_IS_AUTO(message) && data->tx_in_flight)) {
4687 set_bit(BTUSB_SUSPENDING, &data->flags);
4688 spin_unlock_irq(&data->txlock);
4690 spin_unlock_irq(&data->txlock);
4691 data->suspend_count--;
4695 cancel_work_sync(&data->work);
4697 btusb_stop_traffic(data);
4698 usb_kill_anchored_urbs(&data->tx_anchor);
4700 if (data->oob_wake_irq && device_may_wakeup(&data->udev->dev)) {
4701 set_bit(BTUSB_OOB_WAKE_ENABLED, &data->flags);
4702 enable_irq_wake(data->oob_wake_irq);
4703 enable_irq(data->oob_wake_irq);
4706 /* For global suspend, Realtek devices lose the loaded fw
4707 * in them. But for autosuspend, firmware should remain.
4708 * Actually, it depends on whether the usb host sends
4709 * set feature (enable wakeup) or not.
4711 if (test_bit(BTUSB_WAKEUP_AUTOSUSPEND, &data->flags)) {
4712 if (PMSG_IS_AUTO(message) &&
4713 device_can_wakeup(&data->udev->dev))
4714 data->udev->do_remote_wakeup = 1;
4715 else if (!PMSG_IS_AUTO(message) &&
4716 !device_may_wakeup(&data->udev->dev)) {
4717 data->udev->do_remote_wakeup = 0;
4718 data->udev->reset_resume = 1;
4725 static void play_deferred(struct btusb_data *data)
4730 while ((urb = usb_get_from_anchor(&data->deferred))) {
4731 usb_anchor_urb(urb, &data->tx_anchor);
4733 err = usb_submit_urb(urb, GFP_ATOMIC);
4735 if (err != -EPERM && err != -ENODEV)
4736 BT_ERR("%s urb %p submission failed (%d)",
4737 data->hdev->name, urb, -err);
4738 kfree(urb->setup_packet);
4739 usb_unanchor_urb(urb);
4744 data->tx_in_flight++;
4748 /* Cleanup the rest deferred urbs. */
4749 while ((urb = usb_get_from_anchor(&data->deferred))) {
4750 kfree(urb->setup_packet);
4755 static int btusb_resume(struct usb_interface *intf)
4757 struct btusb_data *data = usb_get_intfdata(intf);
4758 struct hci_dev *hdev = data->hdev;
4761 BT_DBG("intf %p", intf);
4763 if (--data->suspend_count)
4766 /* Disable only if not already disabled (keep it balanced) */
4767 if (test_and_clear_bit(BTUSB_OOB_WAKE_ENABLED, &data->flags)) {
4768 disable_irq(data->oob_wake_irq);
4769 disable_irq_wake(data->oob_wake_irq);
4772 if (!test_bit(HCI_RUNNING, &hdev->flags))
4775 if (test_bit(BTUSB_INTR_RUNNING, &data->flags)) {
4776 err = btusb_submit_intr_urb(hdev, GFP_NOIO);
4778 clear_bit(BTUSB_INTR_RUNNING, &data->flags);
4783 if (test_bit(BTUSB_BULK_RUNNING, &data->flags)) {
4784 err = btusb_submit_bulk_urb(hdev, GFP_NOIO);
4786 clear_bit(BTUSB_BULK_RUNNING, &data->flags);
4790 btusb_submit_bulk_urb(hdev, GFP_NOIO);
4793 if (test_bit(BTUSB_ISOC_RUNNING, &data->flags)) {
4794 if (btusb_submit_isoc_urb(hdev, GFP_NOIO) < 0)
4795 clear_bit(BTUSB_ISOC_RUNNING, &data->flags);
4797 btusb_submit_isoc_urb(hdev, GFP_NOIO);
4800 spin_lock_irq(&data->txlock);
4801 play_deferred(data);
4802 clear_bit(BTUSB_SUSPENDING, &data->flags);
4803 spin_unlock_irq(&data->txlock);
4804 schedule_work(&data->work);
4809 usb_scuttle_anchored_urbs(&data->deferred);
4811 spin_lock_irq(&data->txlock);
4812 clear_bit(BTUSB_SUSPENDING, &data->flags);
4813 spin_unlock_irq(&data->txlock);
4819 #ifdef CONFIG_DEV_COREDUMP
4820 static void btusb_coredump(struct device *dev)
4822 struct btusb_data *data = dev_get_drvdata(dev);
4823 struct hci_dev *hdev = data->hdev;
4825 if (hdev->dump.coredump)
4826 hdev->dump.coredump(hdev);
4830 static struct usb_driver btusb_driver = {
4832 .probe = btusb_probe,
4833 .disconnect = btusb_disconnect,
4835 .suspend = btusb_suspend,
4836 .resume = btusb_resume,
4838 .id_table = btusb_table,
4839 .supports_autosuspend = 1,
4840 .disable_hub_initiated_lpm = 1,
4842 #ifdef CONFIG_DEV_COREDUMP
4844 .coredump = btusb_coredump,
4849 module_usb_driver(btusb_driver);
4851 module_param(disable_scofix, bool, 0644);
4852 MODULE_PARM_DESC(disable_scofix, "Disable fixup of wrong SCO buffer size");
4854 module_param(force_scofix, bool, 0644);
4855 MODULE_PARM_DESC(force_scofix, "Force fixup of wrong SCO buffers size");
4857 module_param(enable_autosuspend, bool, 0644);
4858 MODULE_PARM_DESC(enable_autosuspend, "Enable USB autosuspend by default");
4860 module_param(reset, bool, 0644);
4861 MODULE_PARM_DESC(reset, "Send HCI reset command on initialization");
4864 MODULE_DESCRIPTION("Generic Bluetooth USB driver ver " VERSION);
4865 MODULE_VERSION(VERSION);
4866 MODULE_LICENSE("GPL");
projects / linux.git / blob