From 08188f95f81aa4c716184eb40e08873e810ad089 Mon Sep 17 00:00:00 2001 From: Adam Pigg <adam@piggz.co.uk> Date: Sat, 1 Jul 2017 09:04:43 +0100 Subject: [PATCH] BLUETOOTH: Add and port the BT HCI SMD driver Change-Id: I19e3cd2c7043d192590e4f81af6f8a18c9513d5e --- drivers/bluetooth/Kconfig | 10 + drivers/bluetooth/Makefile | 1 + drivers/bluetooth/hci_smd.c | 678 +++++++++++++++++++++++++++++++ include/net/bluetooth/hci.h | 1 + include/net/bluetooth/hci_core.h | 3 + 5 files changed, 693 insertions(+) create mode 100644 drivers/bluetooth/hci_smd.c diff --git a/drivers/bluetooth/Kconfig b/drivers/bluetooth/Kconfig index d3d007014679..95903015e45e 100644 --- a/drivers/bluetooth/Kconfig +++ b/drivers/bluetooth/Kconfig @@ -2,6 +2,16 @@ menu "Bluetooth device drivers" depends on BT +config BT_HCISMD + tristate "HCI SMD driver" + help + Bluetooth HCI SMD driver. + This driver is required if you want to use Bluetoth device with + SMD interface. + + Say Y here to compile support for Bluetooth USB devices into the + kernel or say M to compile is as a module (hci_smd). + config BT_HCIBTUSB tristate "HCI USB driver" depends on USB diff --git a/drivers/bluetooth/Makefile b/drivers/bluetooth/Makefile index d2e424bd273d..008ba6830e43 100644 --- a/drivers/bluetooth/Makefile +++ b/drivers/bluetooth/Makefile @@ -2,6 +2,7 @@ # Makefile for the Linux Bluetooth HCI device drivers. # +obj-$(CONFIG_BT_HCISMD) += hci_smd.o obj-$(CONFIG_BT_HCIVHCI) += hci_vhci.o obj-$(CONFIG_BT_HCIUART) += hci_uart.o obj-$(CONFIG_BT_HCIBCM203X) += bcm203x.o diff --git a/drivers/bluetooth/hci_smd.c b/drivers/bluetooth/hci_smd.c new file mode 100644 index 000000000000..8e9a7505ff1f --- /dev/null +++ b/drivers/bluetooth/hci_smd.c @@ -0,0 +1,678 @@ +/* + * HCI_SMD (HCI Shared Memory Driver) is Qualcomm's Shared memory driver + * for the BT HCI protocol. + * + * Copyright (c) 2000-2001, 2011-2012 The Linux Foundation. All rights reserved. + * Copyright (C) 2002-2003 Maxim Krasnyansky <maxk@qualcomm.com> + * Copyright (C) 2004-2006 Marcel Holtmann <marcel@holtmann.org> + * + * This file is based on drivers/bluetooth/hci_vhci.c + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License version 2 + * as published by the Free Software Foundation + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + */ + +#include <linux/module.h> +#include <linux/kernel.h> +#include <linux/init.h> +#include <linux/errno.h> +#include <linux/semaphore.h> +#include <linux/string.h> +#include <linux/skbuff.h> +#include <linux/wakelock.h> +#include <linux/workqueue.h> +#include <linux/uaccess.h> +#include <linux/interrupt.h> +#include <net/bluetooth/bluetooth.h> +#include <net/bluetooth/hci_core.h> +#include <net/bluetooth/hci.h> +#include <soc/qcom/smd.h> + +#define EVENT_CHANNEL "APPS_RIVA_BT_CMD" +#define DATA_CHANNEL "APPS_RIVA_BT_ACL" +/* release wakelock in 500ms, not immediately, because higher layers + * don't always take wakelocks when they should + * This is derived from the implementation for UART transport + */ + +#define RX_Q_MONITOR (500) /* 500 milli second */ +#define HCI_REGISTER_SET 0 + +/* SSR state machine to take care of back to back SSR requests + * and handling the incomming BT on/off,Airplane mode toggling and + * also spuriour SMD open notification while one SSr is in progress + */ +#define STATE_SSR_ON 0x1 +#define STATE_SSR_START 0x02 +#define STATE_SSR_CHANNEL_OPEN_PENDING 0x04 +#define STATE_SSR_PENDING_INIT 0x08 +#define STATE_SSR_COMPLETE 0x00 +#define STATE_SSR_OFF STATE_SSR_COMPLETE + +static int ssr_state = STATE_SSR_OFF; + + +static int hcismd_set; +static DEFINE_SEMAPHORE(hci_smd_enable); + +static int restart_in_progress; + +static int hcismd_set_enable(const char *val, struct kernel_param *kp); +module_param_call(hcismd_set, hcismd_set_enable, NULL, &hcismd_set, 0644); + +static void hci_dev_smd_open(struct work_struct *worker); +static void hci_dev_restart(struct work_struct *worker); + +struct hci_smd_data { + struct hci_dev *hdev; + unsigned long flags; + struct smd_channel *event_channel; + struct smd_channel *data_channel; + struct wake_lock wake_lock_tx; + struct wake_lock wake_lock_rx; + struct timer_list rx_q_timer; + struct tasklet_struct rx_task; +}; +static struct hci_smd_data hs; + +/* Rx queue monitor timer function */ +static int is_rx_q_empty(unsigned long arg) +{ + struct hci_dev *hdev = (struct hci_dev *) arg; + struct sk_buff_head *list_ = &hdev->rx_q; + struct sk_buff *list = ((struct sk_buff *)list_)->next; + BT_DBG("%s Rx timer triggered", hdev->name); + + if (list == (struct sk_buff *)list_) { + BT_DBG("%s RX queue empty", hdev->name); + return 1; + } else{ + BT_DBG("%s RX queue not empty", hdev->name); + return 0; + } +} + +static void release_lock(void) +{ + struct hci_smd_data *hsmd = &hs; + BT_DBG("Releasing Rx Lock"); + if (is_rx_q_empty((unsigned long)hsmd->hdev) && + wake_lock_active(&hs.wake_lock_rx)) + wake_unlock(&hs.wake_lock_rx); +} + +/* Rx timer callback function */ +static void schedule_timer(unsigned long arg) +{ + struct hci_dev *hdev = (struct hci_dev *) arg; + struct hci_smd_data *hsmd = &hs; + BT_DBG("%s Schedule Rx timer", hdev->name); + + if (is_rx_q_empty(arg) && wake_lock_active(&hs.wake_lock_rx)) { + BT_DBG("%s RX queue empty", hdev->name); + /* + * Since the queue is empty, its ideal + * to release the wake lock on Rx + */ + wake_unlock(&hs.wake_lock_rx); + } else{ + BT_DBG("%s RX queue not empty", hdev->name); + /* + * Restart the timer to monitor whether the Rx queue is + * empty for releasing the Rx wake lock + */ + mod_timer(&hsmd->rx_q_timer, + jiffies + msecs_to_jiffies(RX_Q_MONITOR)); + } +} + +static int hci_smd_open(struct hci_dev *hdev) +{ + set_bit(HCI_RUNNING, &hdev->flags); + return 0; +} + + +static int hci_smd_close(struct hci_dev *hdev) +{ + if (!test_and_clear_bit(HCI_RUNNING, &hdev->flags)) + return 0; + else + return -EPERM; +} + +#if 0 +static void hci_smd_destruct(struct hci_dev *hdev) +{ + if (NULL != hdev->driver_data) + kfree(hdev->driver_data); +} +#endif + +static void hci_smd_recv_data(void) +{ + int len = 0; + int rc = 0; + struct sk_buff *skb = NULL; + struct hci_smd_data *hsmd = &hs; + wake_lock(&hs.wake_lock_rx); + + len = smd_read_avail(hsmd->data_channel); + if (len > HCI_MAX_FRAME_SIZE) { + BT_ERR("Frame larger than the allowed size, flushing frame"); + smd_read(hsmd->data_channel, NULL, len); + goto out_data; + } + + if (len <= 0) + goto out_data; + + skb = bt_skb_alloc(len, GFP_ATOMIC); + if (!skb) { + BT_ERR("Error in allocating socket buffer"); + smd_read(hsmd->data_channel, NULL, len); + goto out_data; + } + + rc = smd_read(hsmd->data_channel, skb_put(skb, len), len); + if (rc < len) { + BT_ERR("Error in reading from the channel"); + goto out_data; + } + + skb->dev = (void *)hsmd->hdev; + bt_cb(skb)->pkt_type = HCI_ACLDATA_PKT; + skb_orphan(skb); + + rc = hci_recv_frame(hsmd->hdev, skb); + if (rc < 0) { + BT_ERR("Error in passing the packet to HCI Layer"); + /* + * skb is getting freed in hci_recv_frame, making it + * to null to avoid multiple access + */ + skb = NULL; + goto out_data; + } + + /* + * Start the timer to monitor whether the Rx queue is + * empty for releasing the Rx wake lock + */ + BT_DBG("Rx Timer is starting"); + mod_timer(&hsmd->rx_q_timer, + jiffies + msecs_to_jiffies(RX_Q_MONITOR)); + +out_data: + release_lock(); + if (rc) + kfree_skb(skb); +} + +static void hci_smd_recv_event(void) +{ + int len = 0; + int rc = 0; + struct sk_buff *skb = NULL; + struct hci_smd_data *hsmd = &hs; + wake_lock(&hs.wake_lock_rx); + + len = smd_read_avail(hsmd->event_channel); + if (len > HCI_MAX_FRAME_SIZE) { + BT_ERR("Frame larger than the allowed size, flushing frame"); + rc = smd_read(hsmd->event_channel, NULL, len); + goto out_event; + } + + while (len > 0) { + skb = bt_skb_alloc(len, GFP_ATOMIC); + if (!skb) { + BT_ERR("Error in allocating socket buffer"); + smd_read(hsmd->event_channel, NULL, len); + goto out_event; + } + + rc = smd_read(hsmd->event_channel, skb_put(skb, len), len); + if (rc < len) { + BT_ERR("Error in reading from the event channel"); + goto out_event; + } + + skb->dev = (void *)hsmd->hdev; + bt_cb(skb)->pkt_type = HCI_EVENT_PKT; + + skb_orphan(skb); + + rc = hci_recv_frame(hsmd->hdev, skb); + if (rc < 0) { + BT_ERR("Error in passing the packet to HCI Layer"); + /* + * skb is getting freed in hci_recv_frame, making it + * to null to avoid multiple access + */ + skb = NULL; + goto out_event; + } + + len = smd_read_avail(hsmd->event_channel); + /* + * Start the timer to monitor whether the Rx queue is + * empty for releasing the Rx wake lock + */ + BT_DBG("Rx Timer is starting"); + mod_timer(&hsmd->rx_q_timer, + jiffies + msecs_to_jiffies(RX_Q_MONITOR)); + } +out_event: + release_lock(); + if (rc) + kfree_skb(skb); +} + +static int hci_smd_send_frame(struct hci_dev *hdev, struct sk_buff *skb) +{ + int len; + int avail; + int ret = 0; + wake_lock(&hs.wake_lock_tx); + + switch (bt_cb(skb)->pkt_type) { + case HCI_COMMAND_PKT: + avail = smd_write_avail(hs.event_channel); + if (!avail) { + BT_ERR("No space available for smd frame"); + ret = -ENOSPC; + } + len = smd_write(hs.event_channel, skb->data, skb->len); + if (len < skb->len) { + BT_ERR("Failed to write Command %d", len); + ret = -ENODEV; + } + break; + case HCI_ACLDATA_PKT: + case HCI_SCODATA_PKT: + avail = smd_write_avail(hs.data_channel); + if (!avail) { + BT_ERR("No space available for smd frame"); + ret = -ENOSPC; + } + len = smd_write(hs.data_channel, skb->data, skb->len); + if (len < skb->len) { + BT_ERR("Failed to write Data %d", len); + ret = -ENODEV; + } + break; + default: + BT_ERR("Uknown packet type"); + ret = -ENODEV; + break; + } + + kfree_skb(skb); + wake_unlock(&hs.wake_lock_tx); + return ret; +} + +static void hci_smd_rx(unsigned long arg) +{ + struct hci_smd_data *hsmd = &hs; + + while ((smd_read_avail(hsmd->event_channel) > 0) || + (smd_read_avail(hsmd->data_channel) > 0)) { + hci_smd_recv_event(); + hci_smd_recv_data(); + } +} + +static void hci_smd_notify_event(void *data, unsigned int event) +{ + struct hci_dev *hdev = hs.hdev; + struct hci_smd_data *hsmd = &hs; + struct work_struct *reset_worker; + struct work_struct *open_worker; + + int len = 0; + + if (!hdev) { + BT_ERR("Frame for unknown HCI device (hdev=NULL)"); + return; + } + + switch (event) { + case SMD_EVENT_DATA: + len = smd_read_avail(hsmd->event_channel); + if (len > 0) + tasklet_hi_schedule(&hs.rx_task); + else if (len < 0) + BT_ERR("Failed to read event from smd %d", len); + + break; + case SMD_EVENT_OPEN: + BT_INFO("opening HCI-SMD channel :%s", EVENT_CHANNEL); + BT_DBG("SSR state is : %x", ssr_state); + if ((ssr_state == STATE_SSR_OFF) || + (ssr_state == STATE_SSR_CHANNEL_OPEN_PENDING)) { + + hci_smd_open(hdev); + open_worker = kzalloc(sizeof(*open_worker), GFP_ATOMIC); + if (!open_worker) { + BT_ERR("Out of memory"); + break; + } + if (ssr_state == STATE_SSR_CHANNEL_OPEN_PENDING) { + ssr_state = STATE_SSR_PENDING_INIT; + BT_INFO("SSR state is : %x", ssr_state); + } + INIT_WORK(open_worker, hci_dev_smd_open); + schedule_work(open_worker); + + } + break; + case SMD_EVENT_CLOSE: + BT_INFO("Closing HCI-SMD channel :%s", EVENT_CHANNEL); + BT_DBG("SSR state is : %x", ssr_state); + if ((ssr_state == STATE_SSR_OFF) || + (ssr_state == (STATE_SSR_PENDING_INIT))) { + + hci_smd_close(hdev); + reset_worker = kzalloc(sizeof(*reset_worker), + GFP_ATOMIC); + if (!reset_worker) { + BT_ERR("Out of memory"); + break; + } + ssr_state = STATE_SSR_ON; + BT_INFO("SSR state is : %x", ssr_state); + INIT_WORK(reset_worker, hci_dev_restart); + schedule_work(reset_worker); + + } else if (ssr_state & STATE_SSR_ON) { + BT_ERR("SSR state is : %x", ssr_state); + } + + break; + default: + break; + } +} + +static void hci_smd_notify_data(void *data, unsigned int event) +{ + struct hci_dev *hdev = hs.hdev; + struct hci_smd_data *hsmd = &hs; + int len = 0; + + if (!hdev) { + BT_ERR("Frame for unknown HCI device (hdev=NULL)"); + return; + } + + switch (event) { + case SMD_EVENT_DATA: + len = smd_read_avail(hsmd->data_channel); + if (len > 0) + tasklet_hi_schedule(&hs.rx_task); + else if (len < 0) + BT_ERR("Failed to read data from smd %d", len); + break; + case SMD_EVENT_OPEN: + BT_INFO("opening HCI-SMD channel :%s", DATA_CHANNEL); + hci_smd_open(hdev); + break; + case SMD_EVENT_CLOSE: + BT_INFO("Closing HCI-SMD channel :%s", DATA_CHANNEL); + hci_smd_close(hdev); + break; + default: + break; + } + +} + +static int hci_smd_hci_register_dev(struct hci_smd_data *hsmd) +{ + struct hci_dev *hdev; + + if (hsmd->hdev) + hdev = hsmd->hdev; + else { + BT_ERR("hdev is NULL"); + return 0; + } + /* Allow the incomming SSR even the prev one at PENDING INIT STATE + * since clenup need to be started again from the beging and ignore + * or bypass the prev one + */ + if ((ssr_state == STATE_SSR_OFF) || + (ssr_state == STATE_SSR_PENDING_INIT)) { + + if (test_and_set_bit(HCI_REGISTER_SET, &hsmd->flags)) { + BT_ERR("HCI device registered already"); + return 0; + } else + BT_INFO("HCI device registration is starting"); + if (hci_register_dev(hdev) < 0) { + BT_ERR("Can't register HCI device"); + hci_free_dev(hdev); + hsmd->hdev = NULL; + clear_bit(HCI_REGISTER_SET, &hsmd->flags); + return -ENODEV; + } + if (ssr_state == STATE_SSR_PENDING_INIT) { + ssr_state = STATE_SSR_COMPLETE; + BT_INFO("SSR state is : %x", ssr_state); + } + } else if (ssr_state) + BT_ERR("Registration called in invalid context"); + return 0; +} + +static int hci_smd_register_smd(struct hci_smd_data *hsmd) +{ + struct hci_dev *hdev; + int rc; + + /* Initialize and register HCI device */ + hdev = hci_alloc_dev(); + if (!hdev) { + BT_ERR("Can't allocate HCI device"); + return -ENOMEM; + } + + hsmd->hdev = hdev; + hdev->bus = HCI_SMD; + hdev->driver_data = NULL; + hdev->open = hci_smd_open; + hdev->close = hci_smd_close; + hdev->send = hci_smd_send_frame; + //hdev->destruct = hci_smd_destruct; + hdev->owner = THIS_MODULE; + + + tasklet_init(&hsmd->rx_task, + hci_smd_rx, (unsigned long) hsmd); + /* + * Setup the timer to monitor whether the Rx queue is empty, + * to control the wake lock release + */ + setup_timer(&hsmd->rx_q_timer, schedule_timer, + (unsigned long) hsmd->hdev); + if (ssr_state == STATE_SSR_START) { + ssr_state = STATE_SSR_CHANNEL_OPEN_PENDING; + BT_INFO("SSR state is : %x", ssr_state); + } + /* Open the SMD Channel and device and register the callback function */ + rc = smd_named_open_on_edge(EVENT_CHANNEL, SMD_APPS_WCNSS, + &hsmd->event_channel, hdev, hci_smd_notify_event); + if (rc < 0) { + BT_ERR("Cannot open the command channel"); + hci_free_dev(hdev); + hsmd->hdev = NULL; + return -ENODEV; + } + + rc = smd_named_open_on_edge(DATA_CHANNEL, SMD_APPS_WCNSS, + &hsmd->data_channel, hdev, hci_smd_notify_data); + if (rc < 0) { + BT_ERR("Failed to open the Data channel"); + hci_free_dev(hdev); + hsmd->hdev = NULL; + return -ENODEV; + } + + /* Disable the read interrupts on the channel */ + smd_disable_read_intr(hsmd->event_channel); + smd_disable_read_intr(hsmd->data_channel); + return 0; +} + +static void hci_smd_deregister_dev(struct hci_smd_data *hsmd) +{ + tasklet_kill(&hs.rx_task); + if (ssr_state) + BT_DBG("SSR state is : %x", ssr_state); + /* Though the hci_smd driver is not registered with the hci + * need to close the opened channels as a part of cleaup + */ + if (!test_and_clear_bit(HCI_REGISTER_SET, &hsmd->flags)) { + BT_ERR("HCI device un-registered already"); + } else { + BT_INFO("HCI device un-registration going on"); + + if (hsmd->hdev) { + hci_unregister_dev(hsmd->hdev) ; + hci_free_dev(hsmd->hdev); + hsmd->hdev = NULL; + } + } + smd_close(hs.event_channel); + smd_close(hs.data_channel); + + if (wake_lock_active(&hs.wake_lock_rx)) + wake_unlock(&hs.wake_lock_rx); + if (wake_lock_active(&hs.wake_lock_tx)) + wake_unlock(&hs.wake_lock_tx); + + /*Destroy the timer used to monitor the Rx queue for emptiness */ + if (hs.rx_q_timer.function) { + del_timer_sync(&hs.rx_q_timer); + hs.rx_q_timer.function = NULL; + hs.rx_q_timer.data = 0; + } +} + +static void hci_dev_restart(struct work_struct *worker) +{ + down(&hci_smd_enable); + restart_in_progress = 1; + BT_DBG("SSR state is : %x", ssr_state); + + if (ssr_state == STATE_SSR_ON) { + ssr_state = STATE_SSR_START; + BT_INFO("SSR state is : %x", ssr_state); + } else { + BT_ERR("restart triggered in wrong context"); + up(&hci_smd_enable); + kfree(worker); + return; + } + hci_smd_deregister_dev(&hs); + hci_smd_register_smd(&hs); + up(&hci_smd_enable); + kfree(worker); + +} + +static void hci_dev_smd_open(struct work_struct *worker) +{ + down(&hci_smd_enable); + if (ssr_state) + BT_DBG("SSR state is : %x", ssr_state); + + if ((ssr_state != STATE_SSR_OFF) && + (ssr_state != (STATE_SSR_PENDING_INIT))) { + up(&hci_smd_enable); + kfree(worker); + return; + } + + if (restart_in_progress == 1) { + /* Allow wcnss to initialize */ + restart_in_progress = 0; + msleep(10000); + } + + hci_smd_hci_register_dev(&hs); + up(&hci_smd_enable); + kfree(worker); + +} + +static int hcismd_set_enable(const char *val, struct kernel_param *kp) +{ + int ret = 0; + + pr_err("hcismd_set_enable %d", hcismd_set); + + down(&hci_smd_enable); + + ret = param_set_int(val, kp); + + if (ret) + goto done; + + /* Ignore the all incomming register de-register requests in case of + * SSR is in-progress + */ + switch (hcismd_set) { + + case 1: + if ((hs.hdev == NULL) && (ssr_state == STATE_SSR_OFF)) + hci_smd_register_smd(&hs); + else if (ssr_state) + BT_ERR("SSR is in progress,state is : %x", ssr_state); + + break; + case 0: + if (ssr_state == STATE_SSR_OFF) + hci_smd_deregister_dev(&hs); + else if (ssr_state) + BT_ERR("SSR is in progress,state is : %x", ssr_state); + break; + default: + ret = -EFAULT; + } + +done: + up(&hci_smd_enable); + return ret; +} +static int __init hci_smd_init(void) +{ + wake_lock_init(&hs.wake_lock_rx, WAKE_LOCK_SUSPEND, + "msm_smd_Rx"); + wake_lock_init(&hs.wake_lock_tx, WAKE_LOCK_SUSPEND, + "msm_smd_Tx"); + restart_in_progress = 0; + ssr_state = STATE_SSR_OFF; + hs.hdev = NULL; + return 0; +} +module_init(hci_smd_init); + +static void __exit hci_smd_exit(void) +{ + wake_lock_destroy(&hs.wake_lock_rx); + wake_lock_destroy(&hs.wake_lock_tx); +} +module_exit(hci_smd_exit); + +MODULE_AUTHOR("Ankur Nandwani <ankurn@codeaurora.org>"); +MODULE_DESCRIPTION("Bluetooth SMD driver"); +MODULE_LICENSE("GPL v2"); diff --git a/include/net/bluetooth/hci.h b/include/net/bluetooth/hci.h index cb8d4b314bcf..84e041e99f78 100644 --- a/include/net/bluetooth/hci.h +++ b/include/net/bluetooth/hci.h @@ -59,6 +59,7 @@ #define HCI_RS232 4 #define HCI_PCI 5 #define HCI_SDIO 6 +#define HCI_SMD 7 /* HCI controller types */ #define HCI_BREDR 0x00 diff --git a/include/net/bluetooth/hci_core.h b/include/net/bluetooth/hci_core.h index b1980ccdd6ee..a2c759045bfc 100644 --- a/include/net/bluetooth/hci_core.h +++ b/include/net/bluetooth/hci_core.h @@ -349,6 +349,9 @@ struct hci_dev { struct delayed_work rpa_expired; bdaddr_t rpa; + void *driver_data; + struct module *owner; + int (*open)(struct hci_dev *hdev); int (*close)(struct hci_dev *hdev); int (*flush)(struct hci_dev *hdev);