2 BlueCore Serial Protocol (BCSP) for Linux Bluetooth stack (BlueZ).
3 Copyright 2002 by Fabrizio Gennari <fabrizio.gennari@philips.com>
6 hci_h4.c by Maxim Krasnyansky <maxk@qualcomm.com>
7 ABCSP by Carl Orsborn <cjo@csr.com>
9 This program is free software; you can redistribute it and/or modify
10 it under the terms of the GNU General Public License version 2 as
11 published by the Free Software Foundation;
13 THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
14 OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
15 FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
16 IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
17 CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
18 WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
19 ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
20 OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
22 ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
23 COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
24 SOFTWARE IS DISCLAIMED.
28 * $Id: hci_bcsp.c,v 1.2 2002/09/26 05:05:14 maxk Exp $
33 #include <linux/config.h>
34 #include <linux/module.h>
36 #include <linux/kernel.h>
37 #include <linux/init.h>
38 #include <linux/sched.h>
39 #include <linux/types.h>
40 #include <linux/fcntl.h>
41 #include <linux/interrupt.h>
42 #include <linux/ptrace.h>
43 #include <linux/poll.h>
45 #include <linux/slab.h>
46 #include <linux/tty.h>
47 #include <linux/errno.h>
48 #include <linux/string.h>
49 #include <linux/signal.h>
50 #include <linux/ioctl.h>
51 #include <linux/skbuff.h>
53 #include <net/bluetooth/bluetooth.h>
54 #include <net/bluetooth/hci_core.h>
58 #ifndef CONFIG_BT_HCIUART_DEBUG
60 #define BT_DBG( A... )
62 #define BT_DMP( A... )
65 /* ---- BCSP CRC calculation ---- */
67 /* Table for calculating CRC for polynomial 0x1021, LSB processed first,
68 initial value 0xffff, bits shifted in reverse order. */
70 static const u16 crc_table[] = {
71 0x0000, 0x1081, 0x2102, 0x3183,
72 0x4204, 0x5285, 0x6306, 0x7387,
73 0x8408, 0x9489, 0xa50a, 0xb58b,
74 0xc60c, 0xd68d, 0xe70e, 0xf78f
77 /* Initialise the crc calculator */
78 #define BCSP_CRC_INIT(x) x = 0xffff
81 Update crc with next data byte
84 The data byte is treated as two nibbles. The crc is generated
85 in reverse, i.e., bits are fed into the register from the top.
87 static void bcsp_crc_update(u16 *crc, u8 d)
91 reg = (reg >> 4) ^ crc_table[(reg ^ d) & 0x000f];
92 reg = (reg >> 4) ^ crc_table[(reg ^ (d >> 4)) & 0x000f];
98 Get reverse of generated crc
101 The crc generator (bcsp_crc_init() and bcsp_crc_update())
102 creates a reversed crc, so it needs to be swapped back before
105 static u16 bcsp_crc_reverse(u16 crc)
109 for (b = 0, rev = 0; b < 16; b++) {
117 /* ---- BCSP core ---- */
119 static void bcsp_slip_msgdelim(struct sk_buff *skb)
121 const char pkt_delim = 0xc0;
122 memcpy(skb_put(skb, 1), &pkt_delim, 1);
125 static void bcsp_slip_one_byte(struct sk_buff *skb, u8 c)
127 const char esc_c0[2] = { 0xdb, 0xdc };
128 const char esc_db[2] = { 0xdb, 0xdd };
132 memcpy(skb_put(skb, 2), &esc_c0, 2);
135 memcpy(skb_put(skb, 2), &esc_db, 2);
138 memcpy(skb_put(skb, 1), &c, 1);
142 static int bcsp_enqueue(struct hci_uart *hu, struct sk_buff *skb)
144 struct bcsp_struct *bcsp = hu->priv;
146 if (skb->len > 0xFFF) {
147 BT_ERR("Packet too long");
152 switch (skb->pkt_type) {
153 case HCI_ACLDATA_PKT:
154 case HCI_COMMAND_PKT:
155 skb_queue_tail(&bcsp->rel, skb);
158 case HCI_SCODATA_PKT:
159 skb_queue_tail(&bcsp->unrel, skb);
163 BT_ERR("Unknown packet type");
170 static struct sk_buff *bcsp_prepare_pkt(struct bcsp_struct *bcsp, u8 *data,
171 int len, int pkt_type)
173 struct sk_buff *nskb;
177 #ifdef CONFIG_BT_HCIUART_BCSP_TXCRC
178 u16 BCSP_CRC_INIT(bcsp_txmsg_crc);
182 case HCI_ACLDATA_PKT:
183 chan = 6; /* BCSP ACL channel */
184 rel = 1; /* reliable channel */
186 case HCI_COMMAND_PKT:
187 chan = 5; /* BCSP cmd/evt channel */
188 rel = 1; /* reliable channel */
190 case HCI_SCODATA_PKT:
191 chan = 7; /* BCSP SCO channel */
192 rel = 0; /* unreliable channel */
195 chan = 1; /* BCSP LE channel */
196 rel = 0; /* unreliable channel */
199 chan = 0; /* BCSP internal channel */
200 rel = 0; /* unreliable channel */
203 BT_ERR("Unknown packet type");
207 /* Max len of packet: (original len +4(bcsp hdr) +2(crc))*2
208 (because bytes 0xc0 and 0xdb are escaped, worst case is
209 when the packet is all made of 0xc0 and 0xdb :) )
210 + 2 (0xc0 delimiters at start and end). */
212 nskb = alloc_skb((len + 6) * 2 + 2, GFP_ATOMIC);
216 nskb->pkt_type = pkt_type;
218 bcsp_slip_msgdelim(nskb);
220 hdr[0] = bcsp->rxseq_txack << 3;
222 BT_DBG("We request packet no %u to card", bcsp->rxseq_txack);
225 hdr[0] |= 0x80 + bcsp->msgq_txseq;
226 BT_DBG("Sending packet with seqno %u", bcsp->msgq_txseq);
227 bcsp->msgq_txseq = ++(bcsp->msgq_txseq) & 0x07;
229 #ifdef CONFIG_BT_HCIUART_BCSP_TXCRC
233 hdr[1] = (len << 4) & 0xFF;
236 hdr[3] = ~(hdr[0] + hdr[1] + hdr[2]);
238 /* Put BCSP header */
239 for (i = 0; i < 4; i++) {
240 bcsp_slip_one_byte(nskb, hdr[i]);
241 #ifdef CONFIG_BT_HCIUART_BCSP_TXCRC
242 bcsp_crc_update(&bcsp_txmsg_crc, hdr[i]);
247 for (i = 0; i < len; i++) {
248 bcsp_slip_one_byte(nskb, data[i]);
249 #ifdef CONFIG_BT_HCIUART_BCSP_TXCRC
250 bcsp_crc_update(&bcsp_txmsg_crc, data[i]);
254 #ifdef CONFIG_BT_HCIUART_BCSP_TXCRC
256 bcsp_txmsg_crc = bcsp_crc_reverse(bcsp_txmsg_crc);
257 bcsp_slip_one_byte(nskb, (u8) ((bcsp_txmsg_crc >> 8) & 0x00ff));
258 bcsp_slip_one_byte(nskb, (u8) (bcsp_txmsg_crc & 0x00ff));
261 bcsp_slip_msgdelim(nskb);
265 /* This is a rewrite of pkt_avail in ABCSP */
266 static struct sk_buff *bcsp_dequeue(struct hci_uart *hu)
268 struct bcsp_struct *bcsp = (struct bcsp_struct *) hu->priv;
272 /* First of all, check for unreliable messages in the queue,
273 since they have priority */
275 if ((skb = skb_dequeue(&bcsp->unrel)) != NULL) {
276 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, skb->pkt_type);
281 skb_queue_head(&bcsp->unrel, skb);
282 BT_ERR("Could not dequeue pkt because alloc_skb failed");
286 /* Now, try to send a reliable pkt. We can only send a
287 reliable packet if the number of packets sent but not yet ack'ed
288 is < than the winsize */
290 spin_lock_irqsave(&bcsp->unack.lock, flags);
292 if (bcsp->unack.qlen < BCSP_TXWINSIZE && (skb = skb_dequeue(&bcsp->rel)) != NULL) {
293 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, skb->data, skb->len, skb->pkt_type);
295 __skb_queue_tail(&bcsp->unack, skb);
296 mod_timer(&bcsp->tbcsp, jiffies + HZ / 4);
297 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
300 skb_queue_head(&bcsp->rel, skb);
301 BT_ERR("Could not dequeue pkt because alloc_skb failed");
305 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
308 /* We could not send a reliable packet, either because there are
309 none or because there are too many unack'ed pkts. Did we receive
310 any packets we have not acknowledged yet ? */
312 if (bcsp->txack_req) {
313 /* if so, craft an empty ACK pkt and send it on BCSP unreliable
315 struct sk_buff *nskb = bcsp_prepare_pkt(bcsp, NULL, 0, BCSP_ACK_PKT);
319 /* We have nothing to send */
323 static int bcsp_flush(struct hci_uart *hu)
329 /* Remove ack'ed packets */
330 static void bcsp_pkt_cull(struct bcsp_struct *bcsp)
334 int i, pkts_to_be_removed;
337 spin_lock_irqsave(&bcsp->unack.lock, flags);
339 pkts_to_be_removed = bcsp->unack.qlen;
340 seqno = bcsp->msgq_txseq;
342 while (pkts_to_be_removed) {
343 if (bcsp->rxack == seqno)
345 pkts_to_be_removed--;
346 seqno = (seqno - 1) & 0x07;
349 if (bcsp->rxack != seqno)
350 BT_ERR("Peer acked invalid packet");
352 BT_DBG("Removing %u pkts out of %u, up to seqno %u",
353 pkts_to_be_removed, bcsp->unack.qlen, (seqno - 1) & 0x07);
355 for (i = 0, skb = ((struct sk_buff *) &bcsp->unack)->next; i < pkts_to_be_removed
356 && skb != (struct sk_buff *) &bcsp->unack; i++) {
357 struct sk_buff *nskb;
360 __skb_unlink(skb, &bcsp->unack);
364 if (bcsp->unack.qlen == 0)
365 del_timer(&bcsp->tbcsp);
366 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
368 if (i != pkts_to_be_removed)
369 BT_ERR("Removed only %u out of %u pkts", i, pkts_to_be_removed);
372 /* Handle BCSP link-establishment packets. When we
373 detect a "sync" packet, symptom that the BT module has reset,
374 we do nothing :) (yet) */
375 static void bcsp_handle_le_pkt(struct hci_uart *hu)
377 struct bcsp_struct *bcsp = hu->priv;
378 u8 conf_pkt[4] = { 0xad, 0xef, 0xac, 0xed };
379 u8 conf_rsp_pkt[4] = { 0xde, 0xad, 0xd0, 0xd0 };
380 u8 sync_pkt[4] = { 0xda, 0xdc, 0xed, 0xed };
382 /* spot "conf" pkts and reply with a "conf rsp" pkt */
383 if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 &&
384 !memcmp(&bcsp->rx_skb->data[4], conf_pkt, 4)) {
385 struct sk_buff *nskb = alloc_skb(4, GFP_ATOMIC);
387 BT_DBG("Found a LE conf pkt");
390 memcpy(skb_put(nskb, 4), conf_rsp_pkt, 4);
391 nskb->pkt_type = BCSP_LE_PKT;
393 skb_queue_head(&bcsp->unrel, nskb);
394 hci_uart_tx_wakeup(hu);
396 /* Spot "sync" pkts. If we find one...disaster! */
397 else if (bcsp->rx_skb->data[1] >> 4 == 4 && bcsp->rx_skb->data[2] == 0 &&
398 !memcmp(&bcsp->rx_skb->data[4], sync_pkt, 4)) {
399 BT_ERR("Found a LE sync pkt, card has reset");
403 static inline void bcsp_unslip_one_byte(struct bcsp_struct *bcsp, unsigned char byte)
405 const u8 c0 = 0xc0, db = 0xdb;
407 switch (bcsp->rx_esc_state) {
408 case BCSP_ESCSTATE_NOESC:
411 bcsp->rx_esc_state = BCSP_ESCSTATE_ESC;
414 memcpy(skb_put(bcsp->rx_skb, 1), &byte, 1);
415 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
416 bcsp->rx_state != BCSP_W4_CRC)
417 bcsp_crc_update(&bcsp->message_crc, byte);
422 case BCSP_ESCSTATE_ESC:
425 memcpy(skb_put(bcsp->rx_skb, 1), &c0, 1);
426 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
427 bcsp->rx_state != BCSP_W4_CRC)
428 bcsp_crc_update(&bcsp-> message_crc, 0xc0);
429 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
434 memcpy(skb_put(bcsp->rx_skb, 1), &db, 1);
435 if ((bcsp->rx_skb-> data[0] & 0x40) != 0 &&
436 bcsp->rx_state != BCSP_W4_CRC)
437 bcsp_crc_update(&bcsp-> message_crc, 0xdb);
438 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
443 BT_ERR ("Invalid byte %02x after esc byte", byte);
444 kfree_skb(bcsp->rx_skb);
446 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
452 static inline void bcsp_complete_rx_pkt(struct hci_uart *hu)
454 struct bcsp_struct *bcsp = hu->priv;
457 if (bcsp->rx_skb->data[0] & 0x80) { /* reliable pkt */
458 BT_DBG("Received seqno %u from card", bcsp->rxseq_txack);
460 bcsp->rxseq_txack %= 0x8;
463 /* If needed, transmit an ack pkt */
464 hci_uart_tx_wakeup(hu);
467 bcsp->rxack = (bcsp->rx_skb->data[0] >> 3) & 0x07;
468 BT_DBG("Request for pkt %u from card", bcsp->rxack);
471 if ((bcsp->rx_skb->data[1] & 0x0f) == 6 &&
472 bcsp->rx_skb->data[0] & 0x80) {
473 bcsp->rx_skb->pkt_type = HCI_ACLDATA_PKT;
475 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 5 &&
476 bcsp->rx_skb->data[0] & 0x80) {
477 bcsp->rx_skb->pkt_type = HCI_EVENT_PKT;
479 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 7) {
480 bcsp->rx_skb->pkt_type = HCI_SCODATA_PKT;
482 } else if ((bcsp->rx_skb->data[1] & 0x0f) == 1 &&
483 !(bcsp->rx_skb->data[0] & 0x80)) {
484 bcsp_handle_le_pkt(hu);
490 if ((bcsp->rx_skb->data[1] & 0x0f) != 0 &&
491 (bcsp->rx_skb->data[1] & 0x0f) != 1) {
492 BT_ERR ("Packet for unknown channel (%u %s)",
493 bcsp->rx_skb->data[1] & 0x0f,
494 bcsp->rx_skb->data[0] & 0x80 ?
495 "reliable" : "unreliable");
497 kfree_skb(bcsp->rx_skb);
499 /* Pull out BCSP hdr */
500 skb_pull(bcsp->rx_skb, 4);
502 hci_recv_frame(bcsp->rx_skb);
504 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
509 static int bcsp_recv(struct hci_uart *hu, void *data, int count)
511 struct bcsp_struct *bcsp = hu->priv;
512 register unsigned char *ptr;
514 BT_DBG("hu %p count %d rx_state %d rx_count %ld",
515 hu, count, bcsp->rx_state, bcsp->rx_count);
519 if (bcsp->rx_count) {
521 BT_ERR("Short BCSP packet");
522 kfree_skb(bcsp->rx_skb);
523 bcsp->rx_state = BCSP_W4_PKT_START;
526 bcsp_unslip_one_byte(bcsp, *ptr);
532 switch (bcsp->rx_state) {
533 case BCSP_W4_BCSP_HDR:
534 if ((0xff & (u8) ~ (bcsp->rx_skb->data[0] + bcsp->rx_skb->data[1] +
535 bcsp->rx_skb->data[2])) != bcsp->rx_skb->data[3]) {
536 BT_ERR("Error in BCSP hdr checksum");
537 kfree_skb(bcsp->rx_skb);
538 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
542 if (bcsp->rx_skb->data[0] & 0x80 /* reliable pkt */
543 && (bcsp->rx_skb->data[0] & 0x07) != bcsp->rxseq_txack) {
544 BT_ERR ("Out-of-order packet arrived, got %u expected %u",
545 bcsp->rx_skb->data[0] & 0x07, bcsp->rxseq_txack);
547 kfree_skb(bcsp->rx_skb);
548 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
552 bcsp->rx_state = BCSP_W4_DATA;
553 bcsp->rx_count = (bcsp->rx_skb->data[1] >> 4) +
554 (bcsp->rx_skb->data[2] << 4); /* May be 0 */
558 if (bcsp->rx_skb->data[0] & 0x40) { /* pkt with crc */
559 bcsp->rx_state = BCSP_W4_CRC;
562 bcsp_complete_rx_pkt(hu);
566 if (bcsp_crc_reverse(bcsp->message_crc) !=
567 (bcsp->rx_skb->data[bcsp->rx_skb->len - 2] << 8) +
568 bcsp->rx_skb->data[bcsp->rx_skb->len - 1]) {
570 BT_ERR ("Checksum failed: computed %04x received %04x",
571 bcsp_crc_reverse(bcsp->message_crc),
572 (bcsp->rx_skb-> data[bcsp->rx_skb->len - 2] << 8) +
573 bcsp->rx_skb->data[bcsp->rx_skb->len - 1]);
575 kfree_skb(bcsp->rx_skb);
576 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
580 skb_trim(bcsp->rx_skb, bcsp->rx_skb->len - 2);
581 bcsp_complete_rx_pkt(hu);
584 case BCSP_W4_PKT_DELIMITER:
587 bcsp->rx_state = BCSP_W4_PKT_START;
590 /*BT_ERR("Ignoring byte %02x", *ptr);*/
596 case BCSP_W4_PKT_START:
603 bcsp->rx_state = BCSP_W4_BCSP_HDR;
605 bcsp->rx_esc_state = BCSP_ESCSTATE_NOESC;
606 BCSP_CRC_INIT(bcsp->message_crc);
608 /* Do not increment ptr or decrement count
609 * Allocate packet. Max len of a BCSP pkt=
610 * 0xFFF (payload) +4 (header) +2 (crc) */
612 bcsp->rx_skb = bt_skb_alloc(0x1005, GFP_ATOMIC);
614 BT_ERR("Can't allocate mem for new packet");
615 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
619 bcsp->rx_skb->dev = (void *) hu->hdev;
628 /* Arrange to retransmit all messages in the relq. */
629 static void bcsp_timed_event(unsigned long arg)
631 struct hci_uart *hu = (struct hci_uart *) arg;
632 struct bcsp_struct *bcsp = (struct bcsp_struct *) hu->priv;
636 BT_ERR("Timeout, retransmitting %u pkts", bcsp->unack.qlen);
637 spin_lock_irqsave(&bcsp->unack.lock, flags);
639 while ((skb = __skb_dequeue_tail(&bcsp->unack)) != NULL) {
640 bcsp->msgq_txseq = (bcsp->msgq_txseq - 1) & 0x07;
641 skb_queue_head(&bcsp->rel, skb);
644 spin_unlock_irqrestore(&bcsp->unack.lock, flags);
646 hci_uart_tx_wakeup(hu);
649 static int bcsp_open(struct hci_uart *hu)
651 struct bcsp_struct *bcsp;
655 bcsp = kmalloc(sizeof(*bcsp), GFP_ATOMIC);
658 memset(bcsp, 0, sizeof(*bcsp));
661 skb_queue_head_init(&bcsp->unack);
662 skb_queue_head_init(&bcsp->rel);
663 skb_queue_head_init(&bcsp->unrel);
665 init_timer(&bcsp->tbcsp);
666 bcsp->tbcsp.function = bcsp_timed_event;
667 bcsp->tbcsp.data = (u_long) hu;
669 bcsp->rx_state = BCSP_W4_PKT_DELIMITER;
674 static int bcsp_close(struct hci_uart *hu)
676 struct bcsp_struct *bcsp = hu->priv;
681 skb_queue_purge(&bcsp->unack);
682 skb_queue_purge(&bcsp->rel);
683 skb_queue_purge(&bcsp->unrel);
684 del_timer(&bcsp->tbcsp);
690 static struct hci_uart_proto bcsp = {
694 .enqueue = bcsp_enqueue,
695 .dequeue = bcsp_dequeue,
702 int err = hci_uart_register_proto(&bcsp);
704 BT_INFO("HCI BCSP protocol initialized");
706 BT_ERR("HCI BCSP protocol registration failed");
711 int bcsp_deinit(void)
713 return hci_uart_unregister_proto(&bcsp);
git://git.onelab.eu / linux-2.6.git / blob