]> Git Repo - linux.git/blob - drivers/bluetooth/btrtl.c
slab: remove __alloc_size attribute from __kmalloc_track_caller
[linux.git] / drivers / bluetooth / btrtl.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *  Bluetooth support for Realtek devices
4  *
5  *  Copyright (C) 2015 Endless Mobile, Inc.
6  */
7
8 #include <linux/module.h>
9 #include <linux/firmware.h>
10 #include <asm/unaligned.h>
11 #include <linux/usb.h>
12
13 #include <net/bluetooth/bluetooth.h>
14 #include <net/bluetooth/hci_core.h>
15
16 #include "btrtl.h"
17
18 #define VERSION "0.1"
19
20 #define RTL_EPATCH_SIGNATURE    "Realtech"
21 #define RTL_ROM_LMP_8723A       0x1200
22 #define RTL_ROM_LMP_8723B       0x8723
23 #define RTL_ROM_LMP_8821A       0x8821
24 #define RTL_ROM_LMP_8761A       0x8761
25 #define RTL_ROM_LMP_8822B       0x8822
26 #define RTL_ROM_LMP_8852A       0x8852
27 #define RTL_CONFIG_MAGIC        0x8723ab55
28
29 #define IC_MATCH_FL_LMPSUBV     (1 << 0)
30 #define IC_MATCH_FL_HCIREV      (1 << 1)
31 #define IC_MATCH_FL_HCIVER      (1 << 2)
32 #define IC_MATCH_FL_HCIBUS      (1 << 3)
33 #define IC_INFO(lmps, hcir, hciv, bus) \
34         .match_flags = IC_MATCH_FL_LMPSUBV | IC_MATCH_FL_HCIREV | \
35                        IC_MATCH_FL_HCIVER | IC_MATCH_FL_HCIBUS, \
36         .lmp_subver = (lmps), \
37         .hci_rev = (hcir), \
38         .hci_ver = (hciv), \
39         .hci_bus = (bus)
40
41 enum btrtl_chip_id {
42         CHIP_ID_8723A,
43         CHIP_ID_8723B,
44         CHIP_ID_8821A,
45         CHIP_ID_8761A,
46         CHIP_ID_8822B = 8,
47         CHIP_ID_8723D,
48         CHIP_ID_8821C,
49         CHIP_ID_8822C = 13,
50         CHIP_ID_8761B,
51         CHIP_ID_8852A = 18,
52 };
53
54 struct id_table {
55         __u16 match_flags;
56         __u16 lmp_subver;
57         __u16 hci_rev;
58         __u8 hci_ver;
59         __u8 hci_bus;
60         bool config_needed;
61         bool has_rom_version;
62         bool has_msft_ext;
63         char *fw_name;
64         char *cfg_name;
65 };
66
67 struct btrtl_device_info {
68         const struct id_table *ic_info;
69         u8 rom_version;
70         u8 *fw_data;
71         int fw_len;
72         u8 *cfg_data;
73         int cfg_len;
74         bool drop_fw;
75         int project_id;
76 };
77
78 static const struct id_table ic_id_table[] = {
79         /* 8723A */
80         { IC_INFO(RTL_ROM_LMP_8723A, 0xb, 0x6, HCI_USB),
81           .config_needed = false,
82           .has_rom_version = false,
83           .fw_name = "rtl_bt/rtl8723a_fw.bin",
84           .cfg_name = NULL },
85
86         /* 8723BS */
87         { IC_INFO(RTL_ROM_LMP_8723B, 0xb, 0x6, HCI_UART),
88           .config_needed = true,
89           .has_rom_version = true,
90           .fw_name  = "rtl_bt/rtl8723bs_fw.bin",
91           .cfg_name = "rtl_bt/rtl8723bs_config" },
92
93         /* 8723B */
94         { IC_INFO(RTL_ROM_LMP_8723B, 0xb, 0x6, HCI_USB),
95           .config_needed = false,
96           .has_rom_version = true,
97           .fw_name  = "rtl_bt/rtl8723b_fw.bin",
98           .cfg_name = "rtl_bt/rtl8723b_config" },
99
100         /* 8723D */
101         { IC_INFO(RTL_ROM_LMP_8723B, 0xd, 0x8, HCI_USB),
102           .config_needed = true,
103           .has_rom_version = true,
104           .fw_name  = "rtl_bt/rtl8723d_fw.bin",
105           .cfg_name = "rtl_bt/rtl8723d_config" },
106
107         /* 8723DS */
108         { IC_INFO(RTL_ROM_LMP_8723B, 0xd, 0x8, HCI_UART),
109           .config_needed = true,
110           .has_rom_version = true,
111           .fw_name  = "rtl_bt/rtl8723ds_fw.bin",
112           .cfg_name = "rtl_bt/rtl8723ds_config" },
113
114         /* 8821A */
115         { IC_INFO(RTL_ROM_LMP_8821A, 0xa, 0x6, HCI_USB),
116           .config_needed = false,
117           .has_rom_version = true,
118           .fw_name  = "rtl_bt/rtl8821a_fw.bin",
119           .cfg_name = "rtl_bt/rtl8821a_config" },
120
121         /* 8821C */
122         { IC_INFO(RTL_ROM_LMP_8821A, 0xc, 0x8, HCI_USB),
123           .config_needed = false,
124           .has_rom_version = true,
125           .has_msft_ext = true,
126           .fw_name  = "rtl_bt/rtl8821c_fw.bin",
127           .cfg_name = "rtl_bt/rtl8821c_config" },
128
129         /* 8761A */
130         { IC_INFO(RTL_ROM_LMP_8761A, 0xa, 0x6, HCI_USB),
131           .config_needed = false,
132           .has_rom_version = true,
133           .fw_name  = "rtl_bt/rtl8761a_fw.bin",
134           .cfg_name = "rtl_bt/rtl8761a_config" },
135
136         /* 8761B */
137         { IC_INFO(RTL_ROM_LMP_8761A, 0xb, 0xa, HCI_UART),
138           .config_needed = false,
139           .has_rom_version = true,
140           .has_msft_ext = true,
141           .fw_name  = "rtl_bt/rtl8761b_fw.bin",
142           .cfg_name = "rtl_bt/rtl8761b_config" },
143
144         /* 8761BU */
145         { IC_INFO(RTL_ROM_LMP_8761A, 0xb, 0xa, HCI_USB),
146           .config_needed = false,
147           .has_rom_version = true,
148           .fw_name  = "rtl_bt/rtl8761bu_fw.bin",
149           .cfg_name = "rtl_bt/rtl8761bu_config" },
150
151         /* 8822C with UART interface */
152         { IC_INFO(RTL_ROM_LMP_8822B, 0xc, 0xa, HCI_UART),
153           .config_needed = true,
154           .has_rom_version = true,
155           .has_msft_ext = true,
156           .fw_name  = "rtl_bt/rtl8822cs_fw.bin",
157           .cfg_name = "rtl_bt/rtl8822cs_config" },
158
159         /* 8822C with USB interface */
160         { IC_INFO(RTL_ROM_LMP_8822B, 0xc, 0xa, HCI_USB),
161           .config_needed = false,
162           .has_rom_version = true,
163           .has_msft_ext = true,
164           .fw_name  = "rtl_bt/rtl8822cu_fw.bin",
165           .cfg_name = "rtl_bt/rtl8822cu_config" },
166
167         /* 8822B */
168         { IC_INFO(RTL_ROM_LMP_8822B, 0xb, 0x7, HCI_USB),
169           .config_needed = true,
170           .has_rom_version = true,
171           .has_msft_ext = true,
172           .fw_name  = "rtl_bt/rtl8822b_fw.bin",
173           .cfg_name = "rtl_bt/rtl8822b_config" },
174
175         /* 8852A */
176         { IC_INFO(RTL_ROM_LMP_8852A, 0xa, 0xb, HCI_USB),
177           .config_needed = false,
178           .has_rom_version = true,
179           .has_msft_ext = true,
180           .fw_name  = "rtl_bt/rtl8852au_fw.bin",
181           .cfg_name = "rtl_bt/rtl8852au_config" },
182         };
183
184 static const struct id_table *btrtl_match_ic(u16 lmp_subver, u16 hci_rev,
185                                              u8 hci_ver, u8 hci_bus)
186 {
187         int i;
188
189         for (i = 0; i < ARRAY_SIZE(ic_id_table); i++) {
190                 if ((ic_id_table[i].match_flags & IC_MATCH_FL_LMPSUBV) &&
191                     (ic_id_table[i].lmp_subver != lmp_subver))
192                         continue;
193                 if ((ic_id_table[i].match_flags & IC_MATCH_FL_HCIREV) &&
194                     (ic_id_table[i].hci_rev != hci_rev))
195                         continue;
196                 if ((ic_id_table[i].match_flags & IC_MATCH_FL_HCIVER) &&
197                     (ic_id_table[i].hci_ver != hci_ver))
198                         continue;
199                 if ((ic_id_table[i].match_flags & IC_MATCH_FL_HCIBUS) &&
200                     (ic_id_table[i].hci_bus != hci_bus))
201                         continue;
202
203                 break;
204         }
205         if (i >= ARRAY_SIZE(ic_id_table))
206                 return NULL;
207
208         return &ic_id_table[i];
209 }
210
211 static struct sk_buff *btrtl_read_local_version(struct hci_dev *hdev)
212 {
213         struct sk_buff *skb;
214
215         skb = __hci_cmd_sync(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL,
216                              HCI_INIT_TIMEOUT);
217         if (IS_ERR(skb)) {
218                 rtl_dev_err(hdev, "HCI_OP_READ_LOCAL_VERSION failed (%ld)",
219                             PTR_ERR(skb));
220                 return skb;
221         }
222
223         if (skb->len != sizeof(struct hci_rp_read_local_version)) {
224                 rtl_dev_err(hdev, "HCI_OP_READ_LOCAL_VERSION event length mismatch");
225                 kfree_skb(skb);
226                 return ERR_PTR(-EIO);
227         }
228
229         return skb;
230 }
231
232 static int rtl_read_rom_version(struct hci_dev *hdev, u8 *version)
233 {
234         struct rtl_rom_version_evt *rom_version;
235         struct sk_buff *skb;
236
237         /* Read RTL ROM version command */
238         skb = __hci_cmd_sync(hdev, 0xfc6d, 0, NULL, HCI_INIT_TIMEOUT);
239         if (IS_ERR(skb)) {
240                 rtl_dev_err(hdev, "Read ROM version failed (%ld)",
241                             PTR_ERR(skb));
242                 return PTR_ERR(skb);
243         }
244
245         if (skb->len != sizeof(*rom_version)) {
246                 rtl_dev_err(hdev, "version event length mismatch");
247                 kfree_skb(skb);
248                 return -EIO;
249         }
250
251         rom_version = (struct rtl_rom_version_evt *)skb->data;
252         rtl_dev_info(hdev, "rom_version status=%x version=%x",
253                      rom_version->status, rom_version->version);
254
255         *version = rom_version->version;
256
257         kfree_skb(skb);
258         return 0;
259 }
260
261 static int rtlbt_parse_firmware(struct hci_dev *hdev,
262                                 struct btrtl_device_info *btrtl_dev,
263                                 unsigned char **_buf)
264 {
265         static const u8 extension_sig[] = { 0x51, 0x04, 0xfd, 0x77 };
266         struct rtl_epatch_header *epatch_info;
267         unsigned char *buf;
268         int i, len;
269         size_t min_size;
270         u8 opcode, length, data;
271         int project_id = -1;
272         const unsigned char *fwptr, *chip_id_base;
273         const unsigned char *patch_length_base, *patch_offset_base;
274         u32 patch_offset = 0;
275         u16 patch_length, num_patches;
276         static const struct {
277                 __u16 lmp_subver;
278                 __u8 id;
279         } project_id_to_lmp_subver[] = {
280                 { RTL_ROM_LMP_8723A, 0 },
281                 { RTL_ROM_LMP_8723B, 1 },
282                 { RTL_ROM_LMP_8821A, 2 },
283                 { RTL_ROM_LMP_8761A, 3 },
284                 { RTL_ROM_LMP_8822B, 8 },
285                 { RTL_ROM_LMP_8723B, 9 },       /* 8723D */
286                 { RTL_ROM_LMP_8821A, 10 },      /* 8821C */
287                 { RTL_ROM_LMP_8822B, 13 },      /* 8822C */
288                 { RTL_ROM_LMP_8761A, 14 },      /* 8761B */
289                 { RTL_ROM_LMP_8852A, 18 },      /* 8852A */
290         };
291
292         min_size = sizeof(struct rtl_epatch_header) + sizeof(extension_sig) + 3;
293         if (btrtl_dev->fw_len < min_size)
294                 return -EINVAL;
295
296         fwptr = btrtl_dev->fw_data + btrtl_dev->fw_len - sizeof(extension_sig);
297         if (memcmp(fwptr, extension_sig, sizeof(extension_sig)) != 0) {
298                 rtl_dev_err(hdev, "extension section signature mismatch");
299                 return -EINVAL;
300         }
301
302         /* Loop from the end of the firmware parsing instructions, until
303          * we find an instruction that identifies the "project ID" for the
304          * hardware supported by this firwmare file.
305          * Once we have that, we double-check that that project_id is suitable
306          * for the hardware we are working with.
307          */
308         while (fwptr >= btrtl_dev->fw_data + (sizeof(*epatch_info) + 3)) {
309                 opcode = *--fwptr;
310                 length = *--fwptr;
311                 data = *--fwptr;
312
313                 BT_DBG("check op=%x len=%x data=%x", opcode, length, data);
314
315                 if (opcode == 0xff) /* EOF */
316                         break;
317
318                 if (length == 0) {
319                         rtl_dev_err(hdev, "found instruction with length 0");
320                         return -EINVAL;
321                 }
322
323                 if (opcode == 0 && length == 1) {
324                         project_id = data;
325                         break;
326                 }
327
328                 fwptr -= length;
329         }
330
331         if (project_id < 0) {
332                 rtl_dev_err(hdev, "failed to find version instruction");
333                 return -EINVAL;
334         }
335
336         /* Find project_id in table */
337         for (i = 0; i < ARRAY_SIZE(project_id_to_lmp_subver); i++) {
338                 if (project_id == project_id_to_lmp_subver[i].id) {
339                         btrtl_dev->project_id = project_id;
340                         break;
341                 }
342         }
343
344         if (i >= ARRAY_SIZE(project_id_to_lmp_subver)) {
345                 rtl_dev_err(hdev, "unknown project id %d", project_id);
346                 return -EINVAL;
347         }
348
349         if (btrtl_dev->ic_info->lmp_subver !=
350                                 project_id_to_lmp_subver[i].lmp_subver) {
351                 rtl_dev_err(hdev, "firmware is for %x but this is a %x",
352                             project_id_to_lmp_subver[i].lmp_subver,
353                             btrtl_dev->ic_info->lmp_subver);
354                 return -EINVAL;
355         }
356
357         epatch_info = (struct rtl_epatch_header *)btrtl_dev->fw_data;
358         if (memcmp(epatch_info->signature, RTL_EPATCH_SIGNATURE, 8) != 0) {
359                 rtl_dev_err(hdev, "bad EPATCH signature");
360                 return -EINVAL;
361         }
362
363         num_patches = le16_to_cpu(epatch_info->num_patches);
364         BT_DBG("fw_version=%x, num_patches=%d",
365                le32_to_cpu(epatch_info->fw_version), num_patches);
366
367         /* After the rtl_epatch_header there is a funky patch metadata section.
368          * Assuming 2 patches, the layout is:
369          * ChipID1 ChipID2 PatchLength1 PatchLength2 PatchOffset1 PatchOffset2
370          *
371          * Find the right patch for this chip.
372          */
373         min_size += 8 * num_patches;
374         if (btrtl_dev->fw_len < min_size)
375                 return -EINVAL;
376
377         chip_id_base = btrtl_dev->fw_data + sizeof(struct rtl_epatch_header);
378         patch_length_base = chip_id_base + (sizeof(u16) * num_patches);
379         patch_offset_base = patch_length_base + (sizeof(u16) * num_patches);
380         for (i = 0; i < num_patches; i++) {
381                 u16 chip_id = get_unaligned_le16(chip_id_base +
382                                                  (i * sizeof(u16)));
383                 if (chip_id == btrtl_dev->rom_version + 1) {
384                         patch_length = get_unaligned_le16(patch_length_base +
385                                                           (i * sizeof(u16)));
386                         patch_offset = get_unaligned_le32(patch_offset_base +
387                                                           (i * sizeof(u32)));
388                         break;
389                 }
390         }
391
392         if (!patch_offset) {
393                 rtl_dev_err(hdev, "didn't find patch for chip id %d",
394                             btrtl_dev->rom_version);
395                 return -EINVAL;
396         }
397
398         BT_DBG("length=%x offset=%x index %d", patch_length, patch_offset, i);
399         min_size = patch_offset + patch_length;
400         if (btrtl_dev->fw_len < min_size)
401                 return -EINVAL;
402
403         /* Copy the firmware into a new buffer and write the version at
404          * the end.
405          */
406         len = patch_length;
407         buf = kvmalloc(patch_length, GFP_KERNEL);
408         if (!buf)
409                 return -ENOMEM;
410
411         memcpy(buf, btrtl_dev->fw_data + patch_offset, patch_length - 4);
412         memcpy(buf + patch_length - 4, &epatch_info->fw_version, 4);
413
414         *_buf = buf;
415         return len;
416 }
417
418 static int rtl_download_firmware(struct hci_dev *hdev,
419                                  const unsigned char *data, int fw_len)
420 {
421         struct rtl_download_cmd *dl_cmd;
422         int frag_num = fw_len / RTL_FRAG_LEN + 1;
423         int frag_len = RTL_FRAG_LEN;
424         int ret = 0;
425         int i;
426         struct sk_buff *skb;
427         struct hci_rp_read_local_version *rp;
428
429         dl_cmd = kmalloc(sizeof(struct rtl_download_cmd), GFP_KERNEL);
430         if (!dl_cmd)
431                 return -ENOMEM;
432
433         for (i = 0; i < frag_num; i++) {
434                 struct sk_buff *skb;
435
436                 BT_DBG("download fw (%d/%d)", i, frag_num);
437
438                 if (i > 0x7f)
439                         dl_cmd->index = (i & 0x7f) + 1;
440                 else
441                         dl_cmd->index = i;
442
443                 if (i == (frag_num - 1)) {
444                         dl_cmd->index |= 0x80; /* data end */
445                         frag_len = fw_len % RTL_FRAG_LEN;
446                 }
447                 memcpy(dl_cmd->data, data, frag_len);
448
449                 /* Send download command */
450                 skb = __hci_cmd_sync(hdev, 0xfc20, frag_len + 1, dl_cmd,
451                                      HCI_INIT_TIMEOUT);
452                 if (IS_ERR(skb)) {
453                         rtl_dev_err(hdev, "download fw command failed (%ld)",
454                                     PTR_ERR(skb));
455                         ret = PTR_ERR(skb);
456                         goto out;
457                 }
458
459                 if (skb->len != sizeof(struct rtl_download_response)) {
460                         rtl_dev_err(hdev, "download fw event length mismatch");
461                         kfree_skb(skb);
462                         ret = -EIO;
463                         goto out;
464                 }
465
466                 kfree_skb(skb);
467                 data += RTL_FRAG_LEN;
468         }
469
470         skb = btrtl_read_local_version(hdev);
471         if (IS_ERR(skb)) {
472                 ret = PTR_ERR(skb);
473                 rtl_dev_err(hdev, "read local version failed");
474                 goto out;
475         }
476
477         rp = (struct hci_rp_read_local_version *)skb->data;
478         rtl_dev_info(hdev, "fw version 0x%04x%04x",
479                      __le16_to_cpu(rp->hci_rev), __le16_to_cpu(rp->lmp_subver));
480         kfree_skb(skb);
481
482 out:
483         kfree(dl_cmd);
484         return ret;
485 }
486
487 static int rtl_load_file(struct hci_dev *hdev, const char *name, u8 **buff)
488 {
489         const struct firmware *fw;
490         int ret;
491
492         rtl_dev_info(hdev, "loading %s", name);
493         ret = request_firmware(&fw, name, &hdev->dev);
494         if (ret < 0)
495                 return ret;
496         ret = fw->size;
497         *buff = kvmalloc(fw->size, GFP_KERNEL);
498         if (*buff)
499                 memcpy(*buff, fw->data, ret);
500         else
501                 ret = -ENOMEM;
502
503         release_firmware(fw);
504
505         return ret;
506 }
507
508 static int btrtl_setup_rtl8723a(struct hci_dev *hdev,
509                                 struct btrtl_device_info *btrtl_dev)
510 {
511         if (btrtl_dev->fw_len < 8)
512                 return -EINVAL;
513
514         /* Check that the firmware doesn't have the epatch signature
515          * (which is only for RTL8723B and newer).
516          */
517         if (!memcmp(btrtl_dev->fw_data, RTL_EPATCH_SIGNATURE, 8)) {
518                 rtl_dev_err(hdev, "unexpected EPATCH signature!");
519                 return -EINVAL;
520         }
521
522         return rtl_download_firmware(hdev, btrtl_dev->fw_data,
523                                      btrtl_dev->fw_len);
524 }
525
526 static int btrtl_setup_rtl8723b(struct hci_dev *hdev,
527                                 struct btrtl_device_info *btrtl_dev)
528 {
529         unsigned char *fw_data = NULL;
530         int ret;
531         u8 *tbuff;
532
533         ret = rtlbt_parse_firmware(hdev, btrtl_dev, &fw_data);
534         if (ret < 0)
535                 goto out;
536
537         if (btrtl_dev->cfg_len > 0) {
538                 tbuff = kvzalloc(ret + btrtl_dev->cfg_len, GFP_KERNEL);
539                 if (!tbuff) {
540                         ret = -ENOMEM;
541                         goto out;
542                 }
543
544                 memcpy(tbuff, fw_data, ret);
545                 kvfree(fw_data);
546
547                 memcpy(tbuff + ret, btrtl_dev->cfg_data, btrtl_dev->cfg_len);
548                 ret += btrtl_dev->cfg_len;
549
550                 fw_data = tbuff;
551         }
552
553         rtl_dev_info(hdev, "cfg_sz %d, total sz %d", btrtl_dev->cfg_len, ret);
554
555         ret = rtl_download_firmware(hdev, fw_data, ret);
556
557 out:
558         kvfree(fw_data);
559         return ret;
560 }
561
562 void btrtl_free(struct btrtl_device_info *btrtl_dev)
563 {
564         kvfree(btrtl_dev->fw_data);
565         kvfree(btrtl_dev->cfg_data);
566         kfree(btrtl_dev);
567 }
568 EXPORT_SYMBOL_GPL(btrtl_free);
569
570 struct btrtl_device_info *btrtl_initialize(struct hci_dev *hdev,
571                                            const char *postfix)
572 {
573         struct btrtl_device_info *btrtl_dev;
574         struct sk_buff *skb;
575         struct hci_rp_read_local_version *resp;
576         char cfg_name[40];
577         u16 hci_rev, lmp_subver;
578         u8 hci_ver;
579         int ret;
580         u16 opcode;
581         u8 cmd[2];
582
583         btrtl_dev = kzalloc(sizeof(*btrtl_dev), GFP_KERNEL);
584         if (!btrtl_dev) {
585                 ret = -ENOMEM;
586                 goto err_alloc;
587         }
588
589         skb = btrtl_read_local_version(hdev);
590         if (IS_ERR(skb)) {
591                 ret = PTR_ERR(skb);
592                 goto err_free;
593         }
594
595         resp = (struct hci_rp_read_local_version *)skb->data;
596         rtl_dev_info(hdev, "examining hci_ver=%02x hci_rev=%04x lmp_ver=%02x lmp_subver=%04x",
597                      resp->hci_ver, resp->hci_rev,
598                      resp->lmp_ver, resp->lmp_subver);
599
600         hci_ver = resp->hci_ver;
601         hci_rev = le16_to_cpu(resp->hci_rev);
602         lmp_subver = le16_to_cpu(resp->lmp_subver);
603
604         btrtl_dev->ic_info = btrtl_match_ic(lmp_subver, hci_rev, hci_ver,
605                                             hdev->bus);
606
607         if (!btrtl_dev->ic_info)
608                 btrtl_dev->drop_fw = true;
609
610         if (btrtl_dev->drop_fw) {
611                 opcode = hci_opcode_pack(0x3f, 0x66);
612                 cmd[0] = opcode & 0xff;
613                 cmd[1] = opcode >> 8;
614
615                 skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL);
616                 if (!skb)
617                         goto out_free;
618
619                 skb_put_data(skb, cmd, sizeof(cmd));
620                 hci_skb_pkt_type(skb) = HCI_COMMAND_PKT;
621
622                 hdev->send(hdev, skb);
623
624                 /* Ensure the above vendor command is sent to controller and
625                  * process has done.
626                  */
627                 msleep(200);
628
629                 /* Read the local version again. Expect to have the vanilla
630                  * version as cold boot.
631                  */
632                 skb = btrtl_read_local_version(hdev);
633                 if (IS_ERR(skb)) {
634                         ret = PTR_ERR(skb);
635                         goto err_free;
636                 }
637
638                 resp = (struct hci_rp_read_local_version *)skb->data;
639                 rtl_dev_info(hdev, "examining hci_ver=%02x hci_rev=%04x lmp_ver=%02x lmp_subver=%04x",
640                              resp->hci_ver, resp->hci_rev,
641                              resp->lmp_ver, resp->lmp_subver);
642
643                 hci_ver = resp->hci_ver;
644                 hci_rev = le16_to_cpu(resp->hci_rev);
645                 lmp_subver = le16_to_cpu(resp->lmp_subver);
646
647                 btrtl_dev->ic_info = btrtl_match_ic(lmp_subver, hci_rev, hci_ver,
648                                                     hdev->bus);
649         }
650 out_free:
651         kfree_skb(skb);
652
653         if (!btrtl_dev->ic_info) {
654                 rtl_dev_info(hdev, "unknown IC info, lmp subver %04x, hci rev %04x, hci ver %04x",
655                             lmp_subver, hci_rev, hci_ver);
656                 return btrtl_dev;
657         }
658
659         if (btrtl_dev->ic_info->has_rom_version) {
660                 ret = rtl_read_rom_version(hdev, &btrtl_dev->rom_version);
661                 if (ret)
662                         goto err_free;
663         }
664
665         btrtl_dev->fw_len = rtl_load_file(hdev, btrtl_dev->ic_info->fw_name,
666                                           &btrtl_dev->fw_data);
667         if (btrtl_dev->fw_len < 0) {
668                 rtl_dev_err(hdev, "firmware file %s not found",
669                             btrtl_dev->ic_info->fw_name);
670                 ret = btrtl_dev->fw_len;
671                 goto err_free;
672         }
673
674         if (btrtl_dev->ic_info->cfg_name) {
675                 if (postfix) {
676                         snprintf(cfg_name, sizeof(cfg_name), "%s-%s.bin",
677                                  btrtl_dev->ic_info->cfg_name, postfix);
678                 } else {
679                         snprintf(cfg_name, sizeof(cfg_name), "%s.bin",
680                                  btrtl_dev->ic_info->cfg_name);
681                 }
682                 btrtl_dev->cfg_len = rtl_load_file(hdev, cfg_name,
683                                                    &btrtl_dev->cfg_data);
684                 if (btrtl_dev->ic_info->config_needed &&
685                     btrtl_dev->cfg_len <= 0) {
686                         rtl_dev_err(hdev, "mandatory config file %s not found",
687                                     btrtl_dev->ic_info->cfg_name);
688                         ret = btrtl_dev->cfg_len;
689                         goto err_free;
690                 }
691         }
692
693         /* The following chips supports the Microsoft vendor extension,
694          * therefore set the corresponding VsMsftOpCode.
695          */
696         if (btrtl_dev->ic_info->has_msft_ext)
697                 hci_set_msft_opcode(hdev, 0xFCF0);
698
699         return btrtl_dev;
700
701 err_free:
702         btrtl_free(btrtl_dev);
703 err_alloc:
704         return ERR_PTR(ret);
705 }
706 EXPORT_SYMBOL_GPL(btrtl_initialize);
707
708 int btrtl_download_firmware(struct hci_dev *hdev,
709                             struct btrtl_device_info *btrtl_dev)
710 {
711         /* Match a set of subver values that correspond to stock firmware,
712          * which is not compatible with standard btusb.
713          * If matched, upload an alternative firmware that does conform to
714          * standard btusb. Once that firmware is uploaded, the subver changes
715          * to a different value.
716          */
717         if (!btrtl_dev->ic_info) {
718                 rtl_dev_info(hdev, "assuming no firmware upload needed");
719                 return 0;
720         }
721
722         switch (btrtl_dev->ic_info->lmp_subver) {
723         case RTL_ROM_LMP_8723A:
724                 return btrtl_setup_rtl8723a(hdev, btrtl_dev);
725         case RTL_ROM_LMP_8723B:
726         case RTL_ROM_LMP_8821A:
727         case RTL_ROM_LMP_8761A:
728         case RTL_ROM_LMP_8822B:
729         case RTL_ROM_LMP_8852A:
730                 return btrtl_setup_rtl8723b(hdev, btrtl_dev);
731         default:
732                 rtl_dev_info(hdev, "assuming no firmware upload needed");
733                 return 0;
734         }
735 }
736 EXPORT_SYMBOL_GPL(btrtl_download_firmware);
737
738 void btrtl_set_quirks(struct hci_dev *hdev, struct btrtl_device_info *btrtl_dev)
739 {
740         /* Enable controller to do both LE scan and BR/EDR inquiry
741          * simultaneously.
742          */
743         set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks);
744
745         /* Enable central-peripheral role (able to create new connections with
746          * an existing connection in slave role).
747          */
748         /* Enable WBS supported for the specific Realtek devices. */
749         switch (btrtl_dev->project_id) {
750         case CHIP_ID_8822C:
751         case CHIP_ID_8852A:
752                 set_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks);
753                 set_bit(HCI_QUIRK_WIDEBAND_SPEECH_SUPPORTED, &hdev->quirks);
754                 hci_set_aosp_capable(hdev);
755                 break;
756         default:
757                 rtl_dev_dbg(hdev, "Central-peripheral role not enabled.");
758                 rtl_dev_dbg(hdev, "WBS supported not enabled.");
759                 break;
760         }
761 }
762 EXPORT_SYMBOL_GPL(btrtl_set_quirks);
763
764 int btrtl_setup_realtek(struct hci_dev *hdev)
765 {
766         struct btrtl_device_info *btrtl_dev;
767         int ret;
768
769         btrtl_dev = btrtl_initialize(hdev, NULL);
770         if (IS_ERR(btrtl_dev))
771                 return PTR_ERR(btrtl_dev);
772
773         ret = btrtl_download_firmware(hdev, btrtl_dev);
774
775         btrtl_set_quirks(hdev, btrtl_dev);
776
777         btrtl_free(btrtl_dev);
778         return ret;
779 }
780 EXPORT_SYMBOL_GPL(btrtl_setup_realtek);
781
782 int btrtl_shutdown_realtek(struct hci_dev *hdev)
783 {
784         struct sk_buff *skb;
785         int ret;
786
787         /* According to the vendor driver, BT must be reset on close to avoid
788          * firmware crash.
789          */
790         skb = __hci_cmd_sync(hdev, HCI_OP_RESET, 0, NULL, HCI_INIT_TIMEOUT);
791         if (IS_ERR(skb)) {
792                 ret = PTR_ERR(skb);
793                 bt_dev_err(hdev, "HCI reset during shutdown failed");
794                 return ret;
795         }
796         kfree_skb(skb);
797
798         return 0;
799 }
800 EXPORT_SYMBOL_GPL(btrtl_shutdown_realtek);
801
802 static unsigned int btrtl_convert_baudrate(u32 device_baudrate)
803 {
804         switch (device_baudrate) {
805         case 0x0252a00a:
806                 return 230400;
807
808         case 0x05f75004:
809                 return 921600;
810
811         case 0x00005004:
812                 return 1000000;
813
814         case 0x04928002:
815         case 0x01128002:
816                 return 1500000;
817
818         case 0x00005002:
819                 return 2000000;
820
821         case 0x0000b001:
822                 return 2500000;
823
824         case 0x04928001:
825                 return 3000000;
826
827         case 0x052a6001:
828                 return 3500000;
829
830         case 0x00005001:
831                 return 4000000;
832
833         case 0x0252c014:
834         default:
835                 return 115200;
836         }
837 }
838
839 int btrtl_get_uart_settings(struct hci_dev *hdev,
840                             struct btrtl_device_info *btrtl_dev,
841                             unsigned int *controller_baudrate,
842                             u32 *device_baudrate, bool *flow_control)
843 {
844         struct rtl_vendor_config *config;
845         struct rtl_vendor_config_entry *entry;
846         int i, total_data_len;
847         bool found = false;
848
849         total_data_len = btrtl_dev->cfg_len - sizeof(*config);
850         if (total_data_len <= 0) {
851                 rtl_dev_warn(hdev, "no config loaded");
852                 return -EINVAL;
853         }
854
855         config = (struct rtl_vendor_config *)btrtl_dev->cfg_data;
856         if (le32_to_cpu(config->signature) != RTL_CONFIG_MAGIC) {
857                 rtl_dev_err(hdev, "invalid config magic");
858                 return -EINVAL;
859         }
860
861         if (total_data_len < le16_to_cpu(config->total_len)) {
862                 rtl_dev_err(hdev, "config is too short");
863                 return -EINVAL;
864         }
865
866         for (i = 0; i < total_data_len; ) {
867                 entry = ((void *)config->entry) + i;
868
869                 switch (le16_to_cpu(entry->offset)) {
870                 case 0xc:
871                         if (entry->len < sizeof(*device_baudrate)) {
872                                 rtl_dev_err(hdev, "invalid UART config entry");
873                                 return -EINVAL;
874                         }
875
876                         *device_baudrate = get_unaligned_le32(entry->data);
877                         *controller_baudrate = btrtl_convert_baudrate(
878                                                         *device_baudrate);
879
880                         if (entry->len >= 13)
881                                 *flow_control = !!(entry->data[12] & BIT(2));
882                         else
883                                 *flow_control = false;
884
885                         found = true;
886                         break;
887
888                 default:
889                         rtl_dev_dbg(hdev, "skipping config entry 0x%x (len %u)",
890                                    le16_to_cpu(entry->offset), entry->len);
891                         break;
892                 }
893
894                 i += sizeof(*entry) + entry->len;
895         }
896
897         if (!found) {
898                 rtl_dev_err(hdev, "no UART config entry found");
899                 return -ENOENT;
900         }
901
902         rtl_dev_dbg(hdev, "device baudrate = 0x%08x", *device_baudrate);
903         rtl_dev_dbg(hdev, "controller baudrate = %u", *controller_baudrate);
904         rtl_dev_dbg(hdev, "flow control %d", *flow_control);
905
906         return 0;
907 }
908 EXPORT_SYMBOL_GPL(btrtl_get_uart_settings);
909
910 MODULE_AUTHOR("Daniel Drake <[email protected]>");
911 MODULE_DESCRIPTION("Bluetooth support for Realtek devices ver " VERSION);
912 MODULE_VERSION(VERSION);
913 MODULE_LICENSE("GPL");
914 MODULE_FIRMWARE("rtl_bt/rtl8723a_fw.bin");
915 MODULE_FIRMWARE("rtl_bt/rtl8723b_fw.bin");
916 MODULE_FIRMWARE("rtl_bt/rtl8723b_config.bin");
917 MODULE_FIRMWARE("rtl_bt/rtl8723bs_fw.bin");
918 MODULE_FIRMWARE("rtl_bt/rtl8723bs_config.bin");
919 MODULE_FIRMWARE("rtl_bt/rtl8723ds_fw.bin");
920 MODULE_FIRMWARE("rtl_bt/rtl8723ds_config.bin");
921 MODULE_FIRMWARE("rtl_bt/rtl8761a_fw.bin");
922 MODULE_FIRMWARE("rtl_bt/rtl8761a_config.bin");
923 MODULE_FIRMWARE("rtl_bt/rtl8821a_fw.bin");
924 MODULE_FIRMWARE("rtl_bt/rtl8821a_config.bin");
925 MODULE_FIRMWARE("rtl_bt/rtl8822b_fw.bin");
926 MODULE_FIRMWARE("rtl_bt/rtl8822b_config.bin");
927 MODULE_FIRMWARE("rtl_bt/rtl8852au_fw.bin");
928 MODULE_FIRMWARE("rtl_bt/rtl8852au_config.bin");
This page took 0.086556 seconds and 4 git commands to generate.