1 /* $NetBSD: bcsp.c,v 1.14 2009/01/11 02:45:51 christos Exp $ */ 2 /* 3 * Copyright (c) 2007 KIYOHARA Takashi 4 * All rights reserved. 5 * 6 * Redistribution and use in source and binary forms, with or without 7 * modification, are permitted provided that the following conditions 8 * are met: 9 * 1. Redistributions of source code must retain the above copyright 10 * notice, this list of conditions and the following disclaimer. 11 * 2. Redistributions in binary form must reproduce the above copyright 12 * notice, this list of conditions and the following disclaimer in the 13 * documentation and/or other materials provided with the distribution. 14 * 15 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 16 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 17 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 18 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, 19 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 20 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 21 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 22 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 23 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 24 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 25 * POSSIBILITY OF SUCH DAMAGE. 26 */ 27 28 #include <sys/cdefs.h> 29 __KERNEL_RCSID(0, "$NetBSD: bcsp.c,v 1.14 2009/01/11 02:45:51 christos Exp $"); 30 31 #include <sys/types.h> 32 #include <sys/param.h> 33 #include <sys/callout.h> 34 #include <sys/conf.h> 35 #include <sys/device.h> 36 #include <sys/errno.h> 37 #include <sys/fcntl.h> 38 #include <sys/kauth.h> 39 #include <sys/kernel.h> 40 #include <sys/malloc.h> 41 #include <sys/mbuf.h> 42 #include <sys/proc.h> 43 #include <sys/sysctl.h> 44 #include <sys/syslimits.h> 45 #include <sys/systm.h> 46 #include <sys/tty.h> 47 48 #include <netbt/bluetooth.h> 49 #include <netbt/hci.h> 50 51 #include <dev/bluetooth/bcsp.h> 52 53 #include "ioconf.h" 54 55 #ifdef BCSP_DEBUG 56 #ifdef DPRINTF 57 #undef DPRINTF 58 #endif 59 #ifdef DPRINTFN 60 #undef DPRINTFN 61 #endif 62 63 #define DPRINTF(x) printf x 64 #define DPRINTFN(n, x) do { if (bcsp_debug > (n)) printf x; } while (0) 65 int bcsp_debug = 3; 66 #else 67 #undef DPRINTF 68 #undef DPRINTFN 69 70 #define DPRINTF(x) 71 #define DPRINTFN(n, x) 72 #endif 73 74 struct bcsp_softc { 75 device_t sc_dev; 76 77 struct tty *sc_tp; 78 struct hci_unit *sc_unit; /* Bluetooth HCI Unit */ 79 struct bt_stats sc_stats; 80 81 int sc_flags; 82 83 /* output queues */ 84 MBUFQ_HEAD() sc_cmdq; 85 MBUFQ_HEAD() sc_aclq; 86 MBUFQ_HEAD() sc_scoq; 87 88 int sc_baud; 89 int sc_init_baud; 90 91 /* variables of SLIP Layer */ 92 struct mbuf *sc_txp; /* outgoing packet */ 93 struct mbuf *sc_rxp; /* incoming packet */ 94 int sc_slip_txrsv; /* reserved byte data */ 95 int sc_slip_rxexp; /* expected byte data */ 96 void (*sc_transmit_callback)(struct bcsp_softc *, struct mbuf *); 97 98 /* variables of Packet Integrity Layer */ 99 int sc_pi_txcrc; /* use CRC, if true */ 100 101 /* variables of MUX Layer */ 102 bool sc_mux_send_ack; /* flag for send_ack */ 103 bool sc_mux_choke; /* Choke signal */ 104 struct timeval sc_mux_lastrx; /* Last Rx Pkt Time */ 105 106 /* variables of Sequencing Layer */ 107 MBUFQ_HEAD() sc_seqq; /* Sequencing Layer queue */ 108 MBUFQ_HEAD() sc_seq_retryq; /* retry queue */ 109 uint32_t sc_seq_txseq; 110 uint32_t sc_seq_txack; 111 uint32_t sc_seq_expected_rxseq; 112 uint32_t sc_seq_winspace; 113 uint32_t sc_seq_retries; 114 callout_t sc_seq_timer; 115 uint32_t sc_seq_timeout; 116 uint32_t sc_seq_winsize; 117 uint32_t sc_seq_retry_limit; 118 119 /* variables of Datagram Queue Layer */ 120 MBUFQ_HEAD() sc_dgq; /* Datagram Queue Layer queue */ 121 122 /* variables of BCSP Link Establishment Protocol */ 123 bool sc_le_muzzled; 124 bcsp_le_state_t sc_le_state; 125 callout_t sc_le_timer; 126 127 struct sysctllog *sc_log; /* sysctl log */ 128 }; 129 130 /* sc_flags */ 131 #define BCSP_XMIT (1 << 0) /* transmit active */ 132 #define BCSP_ENABLED (1 << 1) /* is enabled */ 133 134 void bcspattach(int); 135 static int bcsp_match(device_t, struct cfdata *, void *); 136 static void bcsp_attach(device_t, device_t, void *); 137 static int bcsp_detach(device_t, int); 138 139 /* tty functions */ 140 static int bcspopen(dev_t, struct tty *); 141 static int bcspclose(struct tty *, int); 142 static int bcspioctl(struct tty *, u_long, void *, int, struct lwp *); 143 144 static int bcsp_slip_transmit(struct tty *); 145 static int bcsp_slip_receive(int, struct tty *); 146 147 static void bcsp_pktintegrity_transmit(struct bcsp_softc *); 148 static void bcsp_pktintegrity_receive(struct bcsp_softc *, struct mbuf *); 149 static void bcsp_crc_update(uint16_t *, uint8_t); 150 static uint16_t bcsp_crc_reverse(uint16_t); 151 152 static void bcsp_mux_transmit(struct bcsp_softc *sc); 153 static void bcsp_mux_receive(struct bcsp_softc *sc, struct mbuf *m); 154 static __inline void bcsp_send_ack_command(struct bcsp_softc *sc); 155 static __inline struct mbuf *bcsp_create_ackpkt(void); 156 static __inline void bcsp_set_choke(struct bcsp_softc *, bool); 157 158 static void bcsp_sequencing_receive(struct bcsp_softc *, struct mbuf *); 159 static bool bcsp_tx_reliable_pkt(struct bcsp_softc *, struct mbuf *, u_int); 160 static __inline u_int bcsp_get_txack(struct bcsp_softc *); 161 static void bcsp_signal_rxack(struct bcsp_softc *, uint32_t); 162 static void bcsp_reliabletx_callback(struct bcsp_softc *, struct mbuf *); 163 static void bcsp_timer_timeout(void *); 164 static void bcsp_sequencing_reset(struct bcsp_softc *); 165 166 static void bcsp_datagramq_receive(struct bcsp_softc *, struct mbuf *); 167 static bool bcsp_tx_unreliable_pkt(struct bcsp_softc *, struct mbuf *, u_int); 168 static void bcsp_unreliabletx_callback(struct bcsp_softc *, struct mbuf *); 169 170 static int bcsp_start_le(struct bcsp_softc *); 171 static void bcsp_terminate_le(struct bcsp_softc *); 172 static void bcsp_input_le(struct bcsp_softc *, struct mbuf *); 173 static void bcsp_le_timeout(void *); 174 175 static void bcsp_start(struct bcsp_softc *); 176 177 /* bluetooth hci functions */ 178 static int bcsp_enable(device_t); 179 static void bcsp_disable(device_t); 180 static void bcsp_output_cmd(device_t, struct mbuf *); 181 static void bcsp_output_acl(device_t, struct mbuf *); 182 static void bcsp_output_sco(device_t, struct mbuf *); 183 static void bcsp_stats(device_t, struct bt_stats *, int); 184 185 #ifdef BCSP_DEBUG 186 static void bcsp_packet_print(struct mbuf *m); 187 #endif 188 189 190 /* 191 * It doesn't need to be exported, as only bcspattach() uses it, 192 * but there's no "official" way to make it static. 193 */ 194 CFATTACH_DECL_NEW(bcsp, sizeof(struct bcsp_softc), 195 bcsp_match, bcsp_attach, bcsp_detach, NULL); 196 197 static struct linesw bcsp_disc = { 198 .l_name = "bcsp", 199 .l_open = bcspopen, 200 .l_close = bcspclose, 201 .l_read = ttyerrio, 202 .l_write = ttyerrio, 203 .l_ioctl = bcspioctl, 204 .l_rint = bcsp_slip_receive, 205 .l_start = bcsp_slip_transmit, 206 .l_modem = ttymodem, 207 .l_poll = ttyerrpoll 208 }; 209 210 static const struct hci_if bcsp_hci = { 211 .enable = bcsp_enable, 212 .disable = bcsp_disable, 213 .output_cmd = bcsp_output_cmd, 214 .output_acl = bcsp_output_acl, 215 .output_sco = bcsp_output_sco, 216 .get_stats = bcsp_stats, 217 .ipl = IPL_TTY, 218 }; 219 220 /* ARGSUSED */ 221 void 222 bcspattach(int num __unused) 223 { 224 int error; 225 226 error = ttyldisc_attach(&bcsp_disc); 227 if (error) { 228 aprint_error("%s: unable to register line discipline, " 229 "error = %d\n", bcsp_cd.cd_name, error); 230 return; 231 } 232 233 error = config_cfattach_attach(bcsp_cd.cd_name, &bcsp_ca); 234 if (error) { 235 aprint_error("%s: unable to register cfattach, error = %d\n", 236 bcsp_cd.cd_name, error); 237 config_cfdriver_detach(&bcsp_cd); 238 (void) ttyldisc_detach(&bcsp_disc); 239 } 240 } 241 242 /* 243 * Autoconf match routine. 244 * 245 * XXX: unused: config_attach_pseudo(9) does not call ca_match. 246 */ 247 /* ARGSUSED */ 248 static int 249 bcsp_match(device_t self __unused, struct cfdata *cfdata __unused, 250 void *arg __unused) 251 { 252 253 /* pseudo-device; always present */ 254 return 1; 255 } 256 257 /* 258 * Autoconf attach routine. Called by config_attach_pseudo(9) when we 259 * open the line discipline. 260 */ 261 /* ARGSUSED */ 262 static void 263 bcsp_attach(device_t parent __unused, device_t self, void *aux __unused) 264 { 265 struct bcsp_softc *sc = device_private(self); 266 const struct sysctlnode *node; 267 int rc, bcsp_node_num; 268 269 aprint_normal("\n"); 270 aprint_naive("\n"); 271 272 sc->sc_dev = self; 273 callout_init(&sc->sc_seq_timer, 0); 274 callout_setfunc(&sc->sc_seq_timer, bcsp_timer_timeout, sc); 275 callout_init(&sc->sc_le_timer, 0); 276 callout_setfunc(&sc->sc_le_timer, bcsp_le_timeout, sc); 277 sc->sc_seq_timeout = BCSP_SEQ_TX_TIMEOUT; 278 sc->sc_seq_winsize = BCSP_SEQ_TX_WINSIZE; 279 sc->sc_seq_retry_limit = BCSP_SEQ_TX_RETRY_LIMIT; 280 MBUFQ_INIT(&sc->sc_seqq); 281 MBUFQ_INIT(&sc->sc_seq_retryq); 282 MBUFQ_INIT(&sc->sc_dgq); 283 MBUFQ_INIT(&sc->sc_cmdq); 284 MBUFQ_INIT(&sc->sc_aclq); 285 MBUFQ_INIT(&sc->sc_scoq); 286 287 /* Attach Bluetooth unit */ 288 sc->sc_unit = hci_attach(&bcsp_hci, self, 0); 289 290 if ((rc = sysctl_createv(&sc->sc_log, 0, NULL, NULL, 291 CTLFLAG_PERMANENT, CTLTYPE_NODE, "hw", NULL, 292 NULL, 0, NULL, 0, CTL_HW, CTL_EOL)) != 0) { 293 goto err; 294 } 295 if ((rc = sysctl_createv(&sc->sc_log, 0, NULL, &node, 296 0, CTLTYPE_NODE, device_xname(self), 297 SYSCTL_DESCR("bcsp controls"), 298 NULL, 0, NULL, 0, CTL_HW, CTL_CREATE, CTL_EOL)) != 0) { 299 goto err; 300 } 301 bcsp_node_num = node->sysctl_num; 302 if ((rc = sysctl_createv(&sc->sc_log, 0, NULL, &node, 303 CTLFLAG_READWRITE, CTLTYPE_INT, 304 "muzzled", SYSCTL_DESCR("muzzled for Link-establishment Layer"), 305 NULL, 0, &sc->sc_le_muzzled, 306 0, CTL_HW, bcsp_node_num, CTL_CREATE, CTL_EOL)) != 0) { 307 goto err; 308 } 309 if ((rc = sysctl_createv(&sc->sc_log, 0, NULL, &node, 310 CTLFLAG_READWRITE, CTLTYPE_INT, 311 "txcrc", SYSCTL_DESCR("txcrc for Packet Integrity Layer"), 312 NULL, 0, &sc->sc_pi_txcrc, 313 0, CTL_HW, bcsp_node_num, CTL_CREATE, CTL_EOL)) != 0) { 314 goto err; 315 } 316 if ((rc = sysctl_createv(&sc->sc_log, 0, NULL, &node, 317 CTLFLAG_READWRITE, CTLTYPE_INT, 318 "timeout", SYSCTL_DESCR("timeout for Sequencing Layer"), 319 NULL, 0, &sc->sc_seq_timeout, 320 0, CTL_HW, bcsp_node_num, CTL_CREATE, CTL_EOL)) != 0) { 321 goto err; 322 } 323 if ((rc = sysctl_createv(&sc->sc_log, 0, NULL, &node, 324 CTLFLAG_READWRITE, CTLTYPE_INT, 325 "winsize", SYSCTL_DESCR("winsize for Sequencing Layer"), 326 NULL, 0, &sc->sc_seq_winsize, 327 0, CTL_HW, bcsp_node_num, CTL_CREATE, CTL_EOL)) != 0) { 328 goto err; 329 } 330 if ((rc = sysctl_createv(&sc->sc_log, 0, NULL, &node, 331 CTLFLAG_READWRITE, CTLTYPE_INT, 332 "retry_limit", SYSCTL_DESCR("retry limit for Sequencing Layer"), 333 NULL, 0, &sc->sc_seq_retry_limit, 334 0, CTL_HW, bcsp_node_num, CTL_CREATE, CTL_EOL)) != 0) { 335 goto err; 336 } 337 return; 338 339 err: 340 aprint_error_dev(self, "sysctl_createv failed (rc = %d)\n", rc); 341 } 342 343 /* 344 * Autoconf detach routine. Called when we close the line discipline. 345 */ 346 /* ARGSUSED */ 347 static int 348 bcsp_detach(device_t self, int flags __unused) 349 { 350 struct bcsp_softc *sc = device_private(self); 351 352 if (sc->sc_unit != NULL) { 353 hci_detach(sc->sc_unit); 354 sc->sc_unit = NULL; 355 } 356 357 callout_stop(&sc->sc_seq_timer); 358 callout_destroy(&sc->sc_seq_timer); 359 360 callout_stop(&sc->sc_le_timer); 361 callout_destroy(&sc->sc_le_timer); 362 363 return 0; 364 } 365 366 367 /* 368 * Line discipline functions. 369 */ 370 /* ARGSUSED */ 371 static int 372 bcspopen(dev_t device __unused, struct tty *tp) 373 { 374 struct bcsp_softc *sc; 375 device_t dev; 376 struct cfdata *cfdata; 377 struct lwp *l = curlwp; /* XXX */ 378 int error, unit, s; 379 static char name[] = "bcsp"; 380 381 if ((error = kauth_authorize_device_tty(l->l_cred, 382 KAUTH_GENERIC_ISSUSER, tp)) != 0) 383 return error; 384 385 s = spltty(); 386 387 if (tp->t_linesw == &bcsp_disc) { 388 sc = tp->t_sc; 389 if (sc != NULL) { 390 splx(s); 391 return EBUSY; 392 } 393 } 394 395 KASSERT(tp->t_oproc != NULL); 396 397 cfdata = malloc(sizeof(struct cfdata), M_DEVBUF, M_WAITOK); 398 for (unit = 0; unit < bcsp_cd.cd_ndevs; unit++) 399 if (device_lookup(&bcsp_cd, unit) == NULL) 400 break; 401 cfdata->cf_name = name; 402 cfdata->cf_atname = name; 403 cfdata->cf_unit = unit; 404 cfdata->cf_fstate = FSTATE_STAR; 405 406 aprint_normal("%s%d at tty major %llu minor %llu", 407 name, unit, (unsigned long long)major(tp->t_dev), 408 (unsigned long long)minor(tp->t_dev)); 409 dev = config_attach_pseudo(cfdata); 410 if (dev == NULL) { 411 splx(s); 412 return EIO; 413 } 414 sc = device_private(dev); 415 416 mutex_spin_enter(&tty_lock); 417 tp->t_sc = sc; 418 sc->sc_tp = tp; 419 ttyflush(tp, FREAD | FWRITE); 420 mutex_spin_exit(&tty_lock); 421 422 splx(s); 423 424 sc->sc_slip_txrsv = BCSP_SLIP_PKTSTART; 425 bcsp_sequencing_reset(sc); 426 427 /* start link-establishment */ 428 bcsp_start_le(sc); 429 430 return 0; 431 } 432 433 /* ARGSUSED */ 434 static int 435 bcspclose(struct tty *tp, int flag __unused) 436 { 437 struct bcsp_softc *sc = tp->t_sc; 438 struct cfdata *cfdata; 439 int s; 440 441 /* terminate link-establishment */ 442 bcsp_terminate_le(sc); 443 444 s = spltty(); 445 446 MBUFQ_DRAIN(&sc->sc_dgq); 447 bcsp_sequencing_reset(sc); 448 449 mutex_spin_enter(&tty_lock); 450 ttyflush(tp, FREAD | FWRITE); 451 mutex_spin_exit(&tty_lock); /* XXX */ 452 ttyldisc_release(tp->t_linesw); 453 tp->t_linesw = ttyldisc_default(); 454 if (sc != NULL) { 455 tp->t_sc = NULL; 456 if (sc->sc_tp == tp) { 457 cfdata = device_cfdata(sc->sc_dev); 458 config_detach(sc->sc_dev, 0); 459 free(cfdata, M_DEVBUF); 460 } 461 462 } 463 splx(s); 464 return 0; 465 } 466 467 /* ARGSUSED */ 468 static int 469 bcspioctl(struct tty *tp, u_long cmd, void *data, int flag __unused, 470 struct lwp *l __unused) 471 { 472 struct bcsp_softc *sc = tp->t_sc; 473 int error; 474 475 if (sc == NULL || tp != sc->sc_tp) 476 return EPASSTHROUGH; 477 478 error = 0; 479 switch (cmd) { 480 default: 481 error = EPASSTHROUGH; 482 break; 483 } 484 485 return error; 486 } 487 488 489 /* 490 * UART Driver Layer is supported by com-driver. 491 */ 492 493 /* 494 * BCSP SLIP Layer functions: 495 * Supports to transmit/receive a byte stream. 496 * SLIP protocol described in Internet standard RFC 1055. 497 */ 498 static int 499 bcsp_slip_transmit(struct tty *tp) 500 { 501 struct bcsp_softc *sc = tp->t_sc; 502 struct mbuf *m; 503 int count, rlen; 504 uint8_t *rptr; 505 506 m = sc->sc_txp; 507 if (m == NULL) { 508 sc->sc_flags &= ~BCSP_XMIT; 509 bcsp_mux_transmit(sc); 510 return 0; 511 } 512 513 count = 0; 514 rlen = 0; 515 rptr = mtod(m, uint8_t *); 516 517 if (sc->sc_slip_txrsv != 0) { 518 #ifdef BCSP_DEBUG 519 if (sc->sc_slip_txrsv == BCSP_SLIP_PKTSTART) 520 DPRINTFN(4, ("%s: slip transmit start\n", 521 device_xname(sc->sc_dev))); 522 else 523 DPRINTFN(4, ("0x%02x ", sc->sc_slip_txrsv)); 524 #endif 525 526 if (putc(sc->sc_slip_txrsv, &tp->t_outq) < 0) 527 return 0; 528 count++; 529 530 if (sc->sc_slip_txrsv == BCSP_SLIP_ESCAPE_PKTEND || 531 sc->sc_slip_txrsv == BCSP_SLIP_ESCAPE_ESCAPE) { 532 rlen++; 533 rptr++; 534 } 535 sc->sc_slip_txrsv = 0; 536 } 537 538 for(;;) { 539 if (rlen >= m->m_len) { 540 m = m->m_next; 541 if (m == NULL) { 542 if (putc(BCSP_SLIP_PKTEND, &tp->t_outq) < 0) 543 break; 544 545 DPRINTFN(4, ("\n%s: slip transmit end\n", 546 device_xname(sc->sc_dev))); 547 548 m = sc->sc_txp; 549 sc->sc_txp = NULL; 550 sc->sc_slip_txrsv = BCSP_SLIP_PKTSTART; 551 552 sc->sc_transmit_callback(sc, m); 553 m = NULL; 554 break; 555 } 556 557 rlen = 0; 558 rptr = mtod(m, uint8_t *); 559 continue; 560 } 561 562 if (*rptr == BCSP_SLIP_PKTEND) { 563 if (putc(BCSP_SLIP_ESCAPE, &tp->t_outq) < 0) 564 break; 565 count++; 566 DPRINTFN(4, (" esc ")); 567 568 if (putc(BCSP_SLIP_ESCAPE_PKTEND, &tp->t_outq) < 0) { 569 sc->sc_slip_txrsv = BCSP_SLIP_ESCAPE_PKTEND; 570 break; 571 } 572 DPRINTFN(4, ("0x%02x ", BCSP_SLIP_ESCAPE_PKTEND)); 573 rptr++; 574 } else if (*rptr == BCSP_SLIP_ESCAPE) { 575 if (putc(BCSP_SLIP_ESCAPE, &tp->t_outq) < 0) 576 break; 577 count++; 578 DPRINTFN(4, (" esc ")); 579 580 if (putc(BCSP_SLIP_ESCAPE_ESCAPE, &tp->t_outq) < 0) { 581 sc->sc_slip_txrsv = BCSP_SLIP_ESCAPE_ESCAPE; 582 break; 583 } 584 DPRINTFN(4, ("0x%02x ", BCSP_SLIP_ESCAPE_ESCAPE)); 585 rptr++; 586 } else { 587 if (putc(*rptr++, &tp->t_outq) < 0) 588 break; 589 DPRINTFN(4, ("0x%02x ", *(rptr - 1))); 590 } 591 rlen++; 592 count++; 593 } 594 if (m != NULL) 595 m_adj(m, rlen); 596 597 sc->sc_stats.byte_tx += count; 598 599 if (tp->t_outq.c_cc != 0) 600 (*tp->t_oproc)(tp); 601 602 return 0; 603 } 604 605 static int 606 bcsp_slip_receive(int c, struct tty *tp) 607 { 608 struct bcsp_softc *sc = tp->t_sc; 609 struct mbuf *m = sc->sc_rxp; 610 int discard = 0; 611 const char *errstr; 612 613 c &= TTY_CHARMASK; 614 615 /* If we already started a packet, find the trailing end of it. */ 616 if (m) { 617 while (m->m_next) 618 m = m->m_next; 619 620 if (M_TRAILINGSPACE(m) == 0) { 621 /* extend mbuf */ 622 MGET(m->m_next, M_DONTWAIT, MT_DATA); 623 if (m->m_next == NULL) { 624 aprint_error_dev(sc->sc_dev, 625 "out of memory\n"); 626 sc->sc_stats.err_rx++; 627 return 0; /* (lost sync) */ 628 } 629 630 m = m->m_next; 631 m->m_len = 0; 632 } 633 } else 634 if (c != BCSP_SLIP_PKTSTART) { 635 discard = 1; 636 errstr = "not sync"; 637 goto discarded; 638 } 639 640 switch (c) { 641 case BCSP_SLIP_PKTSTART /* or _PKTEND */: 642 if (m == NULL) { 643 /* BCSP_SLIP_PKTSTART */ 644 645 DPRINTFN(4, ("%s: slip receive start\n", 646 device_xname(sc->sc_dev))); 647 648 /* new packet */ 649 MGETHDR(m, M_DONTWAIT, MT_DATA); 650 if (m == NULL) { 651 aprint_error_dev(sc->sc_dev, 652 "out of memory\n"); 653 sc->sc_stats.err_rx++; 654 return 0; /* (lost sync) */ 655 } 656 657 sc->sc_rxp = m; 658 m->m_pkthdr.len = m->m_len = 0; 659 sc->sc_slip_rxexp = 0; 660 } else { 661 /* BCSP_SLIP_PKTEND */ 662 663 if (m == sc->sc_rxp && m->m_len == 0) { 664 DPRINTFN(4, ("%s: resynchronises\n", 665 device_xname(sc->sc_dev))); 666 667 sc->sc_stats.byte_rx++; 668 return 0; 669 } 670 671 DPRINTFN(4, ("%s%s: slip receive end\n", 672 (m->m_len % 16 != 0) ? "\n" : "", 673 device_xname(sc->sc_dev))); 674 675 bcsp_pktintegrity_receive(sc, sc->sc_rxp); 676 sc->sc_rxp = NULL; 677 sc->sc_slip_rxexp = BCSP_SLIP_PKTSTART; 678 } 679 sc->sc_stats.byte_rx++; 680 return 0; 681 682 case BCSP_SLIP_ESCAPE: 683 684 DPRINTFN(4, (" esc")); 685 686 if (sc->sc_slip_rxexp == BCSP_SLIP_ESCAPE) { 687 discard = 1; 688 errstr = "waiting 0xdc or 0xdb"; 689 } else 690 sc->sc_slip_rxexp = BCSP_SLIP_ESCAPE; 691 break; 692 693 default: 694 DPRINTFN(4, (" 0x%02x%s", 695 c, (m->m_len % 16 == 15) ? "\n" : "")); 696 697 switch (sc->sc_slip_rxexp) { 698 case BCSP_SLIP_PKTSTART: 699 discard = 1; 700 errstr = "waiting 0xc0"; 701 break; 702 703 case BCSP_SLIP_ESCAPE: 704 if (c == BCSP_SLIP_ESCAPE_PKTEND) 705 mtod(m, uint8_t *)[m->m_len++] = 706 BCSP_SLIP_PKTEND; 707 else if (c == BCSP_SLIP_ESCAPE_ESCAPE) 708 mtod(m, uint8_t *)[m->m_len++] = 709 BCSP_SLIP_ESCAPE; 710 else { 711 discard = 1; 712 errstr = "unknown escape"; 713 } 714 sc->sc_slip_rxexp = 0; 715 break; 716 717 default: 718 mtod(m, uint8_t *)[m->m_len++] = c; 719 } 720 sc->sc_rxp->m_pkthdr.len++; 721 } 722 if (discard) { 723 discarded: 724 DPRINTFN(4, ("%s: receives unexpected byte 0x%02x: %s\n", 725 device_xname(sc->sc_dev), c, errstr)); 726 } 727 sc->sc_stats.byte_rx++; 728 729 return 0; 730 } 731 732 733 /* 734 * BCSP Packet Integrity Layer functions: 735 * handling Payload Length, Checksum, CRC. 736 */ 737 static void 738 bcsp_pktintegrity_transmit(struct bcsp_softc *sc) 739 { 740 struct mbuf *m = sc->sc_txp; 741 bcsp_hdr_t *hdrp = mtod(m, bcsp_hdr_t *); 742 int pldlen; 743 744 DPRINTFN(3, ("%s: pi transmit\n", device_xname(sc->sc_dev))); 745 746 pldlen = m->m_pkthdr.len - sizeof(bcsp_hdr_t); 747 748 if (sc->sc_pi_txcrc) 749 hdrp->flags |= BCSP_FLAGS_CRC_PRESENT; 750 751 BCSP_SET_PLEN(hdrp, pldlen); 752 BCSP_SET_CSUM(hdrp); 753 754 if (sc->sc_pi_txcrc) { 755 struct mbuf *_m; 756 int n = 0; 757 uint16_t crc = 0xffff; 758 uint8_t *buf; 759 760 for (_m = m; _m != NULL; _m = _m->m_next) { 761 buf = mtod(_m, uint8_t *); 762 for (n = 0; n < _m->m_len; n++) 763 bcsp_crc_update(&crc, *(buf + n)); 764 } 765 crc = htobe16(bcsp_crc_reverse(crc)); 766 m_copyback(m, m->m_pkthdr.len, sizeof(crc), &crc); 767 } 768 769 #ifdef BCSP_DEBUG 770 if (bcsp_debug == 4) 771 bcsp_packet_print(m); 772 #endif 773 774 bcsp_slip_transmit(sc->sc_tp); 775 } 776 777 static void 778 bcsp_pktintegrity_receive(struct bcsp_softc *sc, struct mbuf *m) 779 { 780 bcsp_hdr_t *hdrp = mtod(m, bcsp_hdr_t *); 781 u_int pldlen; 782 int discard = 0; 783 uint16_t crc = 0xffff; 784 const char *errstr; 785 786 DPRINTFN(3, ("%s: pi receive\n", device_xname(sc->sc_dev))); 787 #ifdef BCSP_DEBUG 788 if (bcsp_debug == 4) 789 bcsp_packet_print(m); 790 #endif 791 792 KASSERT(m->m_len >= sizeof(bcsp_hdr_t)); 793 794 pldlen = m->m_pkthdr.len - sizeof(bcsp_hdr_t) - 795 ((hdrp->flags & BCSP_FLAGS_CRC_PRESENT) ? sizeof(crc) : 0); 796 if (pldlen > 0xfff) { 797 discard = 1; 798 errstr = "Payload Length"; 799 goto discarded; 800 } 801 if (hdrp->csum != BCSP_GET_CSUM(hdrp)) { 802 discard = 1; 803 errstr = "Checksum"; 804 goto discarded; 805 } 806 if (BCSP_GET_PLEN(hdrp) != pldlen) { 807 discard = 1; 808 errstr = "Payload Length"; 809 goto discarded; 810 } 811 if (hdrp->flags & BCSP_FLAGS_CRC_PRESENT) { 812 struct mbuf *_m; 813 int i, n; 814 uint16_t crc0; 815 uint8_t *buf; 816 817 i = 0; 818 n = 0; 819 for (_m = m; _m != NULL; _m = _m->m_next) { 820 buf = mtod(m, uint8_t *); 821 for (n = 0; 822 n < _m->m_len && i < sizeof(bcsp_hdr_t) + pldlen; 823 n++, i++) 824 bcsp_crc_update(&crc, *(buf + n)); 825 } 826 827 m_copydata(_m, n, sizeof(crc0), &crc0); 828 if (be16toh(crc0) != bcsp_crc_reverse(crc)) { 829 discard = 1; 830 errstr = "CRC"; 831 } else 832 /* Shaves CRC */ 833 m_adj(m, (int)(0 - sizeof(crc))); 834 } 835 836 if (discard) { 837 discarded: 838 DPRINTFN(3, ("%s: receives unexpected packet: %s\n", 839 device_xname(sc->sc_dev), errstr)); 840 m_freem(m); 841 } else 842 bcsp_mux_receive(sc, m); 843 } 844 845 static const uint16_t crctbl[] = { 846 0x0000, 0x1081, 0x2102, 0x3183, 847 0x4204, 0x5285, 0x6306, 0x7387, 848 0x8408, 0x9489, 0xa50a, 0xb58b, 849 0xc60c, 0xd68d, 0xe70e, 0xf78f, 850 }; 851 852 static void 853 bcsp_crc_update(uint16_t *crc, uint8_t d) 854 { 855 uint16_t reg = *crc; 856 857 reg = (reg >> 4) ^ crctbl[(reg ^ d) & 0x000f]; 858 reg = (reg >> 4) ^ crctbl[(reg ^ (d >> 4)) & 0x000f]; 859 860 *crc = reg; 861 } 862 863 static uint16_t 864 bcsp_crc_reverse(uint16_t crc) 865 { 866 uint16_t b, rev; 867 868 for (b = 0, rev = 0; b < 16; b++) { 869 rev = rev << 1; 870 rev |= (crc & 1); 871 crc = crc >> 1; 872 } 873 874 return rev; 875 } 876 877 878 /* 879 * BCSP MUX Layer functions 880 */ 881 static void 882 bcsp_mux_transmit(struct bcsp_softc *sc) 883 { 884 struct mbuf *m; 885 bcsp_hdr_t *hdrp; 886 887 DPRINTFN(2, ("%s: mux transmit: sc_flags=0x%x, choke=%d", 888 device_xname(sc->sc_dev), sc->sc_flags, sc->sc_mux_choke)); 889 890 if (sc->sc_mux_choke) { 891 struct mbuf *_m = NULL; 892 893 /* In this case, send only Link Establishment packet */ 894 for (m = MBUFQ_FIRST(&sc->sc_dgq); m != NULL; 895 _m = m, m = MBUFQ_NEXT(m)) { 896 hdrp = mtod(m, bcsp_hdr_t *); 897 if (hdrp->ident == BCSP_CHANNEL_LE) { 898 if (m == MBUFQ_FIRST(&sc->sc_dgq)) 899 MBUFQ_DEQUEUE(&sc->sc_dgq, m); 900 else { 901 if (m->m_nextpkt == NULL) 902 sc->sc_dgq.mq_last = 903 &_m->m_nextpkt; 904 _m->m_nextpkt = m->m_nextpkt; 905 m->m_nextpkt = NULL; 906 } 907 goto transmit; 908 } 909 } 910 DPRINTFN(2, ("\n")); 911 return; 912 } 913 914 /* 915 * The MUX Layer always gives priority to packets from the Datagram 916 * Queue Layer over the Sequencing Layer. 917 */ 918 if (MBUFQ_FIRST(&sc->sc_dgq)) { 919 MBUFQ_DEQUEUE(&sc->sc_dgq, m); 920 goto transmit; 921 } 922 if (MBUFQ_FIRST(&sc->sc_seqq)) { 923 MBUFQ_DEQUEUE(&sc->sc_seqq, m); 924 hdrp = mtod(m, bcsp_hdr_t *); 925 hdrp->flags |= BCSP_FLAGS_PROTOCOL_REL; /* Reliable */ 926 goto transmit; 927 } 928 bcsp_start(sc); 929 if (sc->sc_mux_send_ack == true) { 930 m = bcsp_create_ackpkt(); 931 if (m != NULL) 932 goto transmit; 933 aprint_error_dev(sc->sc_dev, "out of memory\n"); 934 sc->sc_stats.err_tx++; 935 } 936 937 /* Nothing to send */ 938 DPRINTFN(2, ("\n")); 939 return; 940 941 transmit: 942 DPRINTFN(2, (", txack=%d, send_ack=%d\n", 943 bcsp_get_txack(sc), sc->sc_mux_send_ack)); 944 945 hdrp = mtod(m, bcsp_hdr_t *); 946 hdrp->flags |= 947 (bcsp_get_txack(sc) << BCSP_FLAGS_ACK_SHIFT) & BCSP_FLAGS_ACK_MASK; 948 if (sc->sc_mux_send_ack == true) 949 sc->sc_mux_send_ack = false; 950 951 #ifdef BCSP_DEBUG 952 if (bcsp_debug == 3) 953 bcsp_packet_print(m); 954 #endif 955 956 sc->sc_txp = m; 957 bcsp_pktintegrity_transmit(sc); 958 } 959 960 static void 961 bcsp_mux_receive(struct bcsp_softc *sc, struct mbuf *m) 962 { 963 bcsp_hdr_t *hdrp = mtod(m, bcsp_hdr_t *); 964 const u_int rxack = BCSP_FLAGS_ACK(hdrp->flags); 965 966 DPRINTFN(2, ("%s: mux receive: flags=0x%x, ident=%d, rxack=%d\n", 967 device_xname(sc->sc_dev), hdrp->flags, hdrp->ident, rxack)); 968 #ifdef BCSP_DEBUG 969 if (bcsp_debug == 3) 970 bcsp_packet_print(m); 971 #endif 972 973 bcsp_signal_rxack(sc, rxack); 974 975 microtime(&sc->sc_mux_lastrx); 976 977 /* if the Ack Packet received then discard */ 978 if (BCSP_FLAGS_SEQ(hdrp->flags) == 0 && 979 hdrp->ident == BCSP_IDENT_ACKPKT && 980 BCSP_GET_PLEN(hdrp) == 0) { 981 m_freem(m); 982 return; 983 } 984 985 if (hdrp->flags & BCSP_FLAGS_PROTOCOL_REL) 986 bcsp_sequencing_receive(sc, m); 987 else 988 bcsp_datagramq_receive(sc, m); 989 } 990 991 static __inline void 992 bcsp_send_ack_command(struct bcsp_softc *sc) 993 { 994 995 DPRINTFN(2, ("%s: mux send_ack_command\n", device_xname(sc->sc_dev))); 996 997 sc->sc_mux_send_ack = true; 998 } 999 1000 static __inline struct mbuf * 1001 bcsp_create_ackpkt() 1002 { 1003 struct mbuf *m; 1004 bcsp_hdr_t *hdrp; 1005 1006 MGETHDR(m, M_DONTWAIT, MT_DATA); 1007 if (m != NULL) { 1008 m->m_pkthdr.len = m->m_len = sizeof(bcsp_hdr_t); 1009 hdrp = mtod(m, bcsp_hdr_t *); 1010 /* 1011 * An Ack Packet has the following fields: 1012 * Ack Field: txack (not set yet) 1013 * Seq Field: 0 1014 * Protocol Identifier Field: 0 1015 * Protocol Type Field: Any value 1016 * Payload Length Field: 0 1017 */ 1018 memset(hdrp, 0, sizeof(bcsp_hdr_t)); 1019 } 1020 return m; 1021 } 1022 1023 static __inline void 1024 bcsp_set_choke(struct bcsp_softc *sc, bool choke) 1025 { 1026 1027 DPRINTFN(2, ("%s: mux set choke=%d\n", device_xname(sc->sc_dev), choke)); 1028 1029 sc->sc_mux_choke = choke; 1030 } 1031 1032 1033 /* 1034 * BCSP Sequencing Layer functions 1035 */ 1036 static void 1037 bcsp_sequencing_receive(struct bcsp_softc *sc, struct mbuf *m) 1038 { 1039 bcsp_hdr_t hdr; 1040 uint32_t rxseq; 1041 1042 m_copydata(m, 0, sizeof(bcsp_hdr_t), &hdr); 1043 rxseq = BCSP_FLAGS_SEQ(hdr.flags); 1044 1045 DPRINTFN(1, ("%s: seq receive: rxseq=%d, expected %d\n", 1046 device_xname(sc->sc_dev), rxseq, sc->sc_seq_expected_rxseq)); 1047 #ifdef BCSP_DEBUG 1048 if (bcsp_debug == 2) 1049 bcsp_packet_print(m); 1050 #endif 1051 1052 /* 1053 * We remove the header of BCSP and add the 'uint8_t type' of 1054 * hci_*_hdr_t to the head. 1055 */ 1056 m_adj(m, sizeof(bcsp_hdr_t) - sizeof(uint8_t)); 1057 1058 if (rxseq != sc->sc_seq_expected_rxseq) { 1059 m_freem(m); 1060 1061 /* send ack packet, if needly */ 1062 bcsp_mux_transmit(sc); 1063 1064 return; 1065 } 1066 1067 switch (hdr.ident) { 1068 case BCSP_CHANNEL_HCI_CMDEVT: 1069 *(mtod(m, uint8_t *)) = HCI_EVENT_PKT; 1070 if (!hci_input_event(sc->sc_unit, m)) 1071 sc->sc_stats.err_rx++; 1072 1073 sc->sc_stats.evt_rx++; 1074 break; 1075 1076 case BCSP_CHANNEL_HCI_ACL: 1077 *(mtod(m, uint8_t *)) = HCI_ACL_DATA_PKT; 1078 if (!hci_input_acl(sc->sc_unit, m)) 1079 sc->sc_stats.err_rx++; 1080 1081 sc->sc_stats.acl_rx++; 1082 break; 1083 1084 case BCSP_CHANNEL_HCI_SCO: 1085 *(mtod(m, uint8_t *)) = HCI_SCO_DATA_PKT; 1086 if (!hci_input_sco(sc->sc_unit, m)) 1087 sc->sc_stats.err_rx++; 1088 1089 sc->sc_stats.sco_rx++; 1090 break; 1091 1092 case BCSP_CHANNEL_HQ: 1093 case BCSP_CHANNEL_DEVMGT: 1094 case BCSP_CHANNEL_L2CAP: 1095 case BCSP_CHANNEL_RFCOMM: 1096 case BCSP_CHANNEL_SDP: 1097 case BCSP_CHANNEL_DFU: 1098 case BCSP_CHANNEL_VM: 1099 default: 1100 aprint_error_dev(sc->sc_dev, 1101 "received reliable packet with not support channel %d\n", 1102 hdr.ident); 1103 m_freem(m); 1104 break; 1105 } 1106 1107 sc->sc_seq_expected_rxseq = 1108 (sc->sc_seq_expected_rxseq + 1) & BCSP_FLAGS_SEQ_MASK; 1109 sc->sc_seq_txack = sc->sc_seq_expected_rxseq; 1110 bcsp_send_ack_command(sc); 1111 } 1112 1113 static bool 1114 bcsp_tx_reliable_pkt(struct bcsp_softc *sc, struct mbuf *m, u_int protocol_id) 1115 { 1116 bcsp_hdr_t *hdrp; 1117 struct mbuf *_m; 1118 u_int pldlen; 1119 int s; 1120 1121 DPRINTFN(1, ("%s: seq transmit:" 1122 "protocol_id=%d, winspace=%d, txseq=%d\n", device_xname(sc->sc_dev), 1123 protocol_id, sc->sc_seq_winspace, sc->sc_seq_txseq)); 1124 1125 for (pldlen = 0, _m = m; _m != NULL; _m = _m->m_next) { 1126 if (_m->m_len < 0) 1127 return false; 1128 pldlen += _m->m_len; 1129 } 1130 if (pldlen > 0xfff) 1131 return false; 1132 if (protocol_id == BCSP_IDENT_ACKPKT || protocol_id > 15) 1133 return false; 1134 1135 if (sc->sc_seq_winspace == 0) 1136 return false; 1137 1138 M_PREPEND(m, sizeof(bcsp_hdr_t), M_DONTWAIT); 1139 if (m == NULL) { 1140 aprint_error_dev(sc->sc_dev, "out of memory\n"); 1141 return false; 1142 } 1143 KASSERT(m->m_len >= sizeof(bcsp_hdr_t)); 1144 1145 hdrp = mtod(m, bcsp_hdr_t *); 1146 memset(hdrp, 0, sizeof(bcsp_hdr_t)); 1147 hdrp->flags |= sc->sc_seq_txseq; 1148 hdrp->ident = protocol_id; 1149 1150 callout_schedule(&sc->sc_seq_timer, sc->sc_seq_timeout); 1151 1152 s = splserial(); 1153 MBUFQ_ENQUEUE(&sc->sc_seqq, m); 1154 splx(s); 1155 sc->sc_transmit_callback = bcsp_reliabletx_callback; 1156 1157 #ifdef BCSP_DEBUG 1158 if (bcsp_debug == 2) 1159 bcsp_packet_print(m); 1160 #endif 1161 1162 sc->sc_seq_txseq = (sc->sc_seq_txseq + 1) & BCSP_FLAGS_SEQ_MASK; 1163 sc->sc_seq_winspace--; 1164 _m = m_copym(m, 0, M_COPYALL, M_DONTWAIT); 1165 if (_m == NULL) { 1166 aprint_error_dev(sc->sc_dev, "out of memory\n"); 1167 return false; 1168 } 1169 MBUFQ_ENQUEUE(&sc->sc_seq_retryq, _m); 1170 bcsp_mux_transmit(sc); 1171 1172 return true; 1173 } 1174 1175 #if 0 1176 static bool 1177 bcsp_rx_reliable_pkt(struct bcsp_softc *sc, struct mbuf *m, u_int protocol_id) 1178 { 1179 1180 return false; 1181 } 1182 1183 /* XXXX: I can't understand meaning this function... */ 1184 static __inline void 1185 bcsp_link_failed(struct bcsp_softc *sc) 1186 { 1187 1188 return (sc->sc_seq_retries >= sc->sc_seq_retry_limit); 1189 } 1190 #endif 1191 1192 static __inline u_int 1193 bcsp_get_txack(struct bcsp_softc *sc) 1194 { 1195 1196 return sc->sc_seq_txack; 1197 } 1198 1199 static void 1200 bcsp_signal_rxack(struct bcsp_softc *sc, uint32_t rxack) 1201 { 1202 bcsp_hdr_t *hdrp; 1203 struct mbuf *m; 1204 uint32_t seqno = (rxack - 1) & BCSP_FLAGS_SEQ_MASK; 1205 int s; 1206 1207 DPRINTFN(1, ("%s: seq signal rxack: rxack=%d\n", 1208 device_xname(sc->sc_dev), rxack)); 1209 1210 s = splserial(); 1211 m = MBUFQ_FIRST(&sc->sc_seq_retryq); 1212 while (m != NULL) { 1213 hdrp = mtod(m, bcsp_hdr_t *); 1214 if (BCSP_FLAGS_SEQ(hdrp->flags) == seqno) { 1215 struct mbuf *m0; 1216 1217 for (m0 = MBUFQ_FIRST(&sc->sc_seq_retryq); 1218 m0 != MBUFQ_NEXT(m); 1219 m0 = MBUFQ_FIRST(&sc->sc_seq_retryq)) { 1220 MBUFQ_DEQUEUE(&sc->sc_seq_retryq, m0); 1221 m_freem(m0); 1222 sc->sc_seq_winspace++; 1223 } 1224 break; 1225 } 1226 m = MBUFQ_NEXT(m); 1227 } 1228 splx(s); 1229 sc->sc_seq_retries = 0; 1230 1231 if (sc->sc_seq_winspace == sc->sc_seq_winsize) 1232 callout_stop(&sc->sc_seq_timer); 1233 else 1234 callout_schedule(&sc->sc_seq_timer, sc->sc_seq_timeout); 1235 } 1236 1237 static void 1238 bcsp_reliabletx_callback(struct bcsp_softc *sc, struct mbuf *m) 1239 { 1240 1241 m_freem(m); 1242 } 1243 1244 static void 1245 bcsp_timer_timeout(void *arg) 1246 { 1247 struct bcsp_softc *sc = arg; 1248 struct mbuf *m, *_m; 1249 int s, i = 0; 1250 1251 DPRINTFN(1, ("%s: seq timeout: retries=%d\n", 1252 device_xname(sc->sc_dev), sc->sc_seq_retries)); 1253 1254 s = splserial(); 1255 for (m = MBUFQ_FIRST(&sc->sc_seq_retryq); m != NULL; 1256 m = MBUFQ_NEXT(m)) { 1257 _m = m_copym(m, 0, M_COPYALL, M_DONTWAIT); 1258 if (_m == NULL) { 1259 aprint_error_dev(sc->sc_dev, "out of memory\n"); 1260 return; 1261 } 1262 MBUFQ_ENQUEUE(&sc->sc_seqq, _m); 1263 i++; 1264 } 1265 splx(s); 1266 1267 if (i != 0) { 1268 if (++sc->sc_seq_retries < sc->sc_seq_retry_limit) 1269 callout_schedule(&sc->sc_seq_timer, sc->sc_seq_timeout); 1270 else { 1271 aprint_error_dev(sc->sc_dev, 1272 "reached the retry limit." 1273 " restart the link-establishment\n"); 1274 bcsp_sequencing_reset(sc); 1275 bcsp_start_le(sc); 1276 return; 1277 } 1278 } 1279 bcsp_mux_transmit(sc); 1280 } 1281 1282 static void 1283 bcsp_sequencing_reset(struct bcsp_softc *sc) 1284 { 1285 int s; 1286 1287 s = splserial(); 1288 MBUFQ_DRAIN(&sc->sc_seqq); 1289 MBUFQ_DRAIN(&sc->sc_seq_retryq); 1290 splx(s); 1291 1292 1293 sc->sc_seq_txseq = 0; 1294 sc->sc_seq_txack = 0; 1295 sc->sc_seq_winspace = sc->sc_seq_winsize; 1296 sc->sc_seq_retries = 0; 1297 callout_stop(&sc->sc_seq_timer); 1298 1299 sc->sc_mux_send_ack = false; 1300 1301 /* XXXX: expected_rxseq should be set by MUX Layer */ 1302 sc->sc_seq_expected_rxseq = 0; 1303 } 1304 1305 1306 /* 1307 * BCSP Datagram Queue Layer functions 1308 */ 1309 static void 1310 bcsp_datagramq_receive(struct bcsp_softc *sc, struct mbuf *m) 1311 { 1312 bcsp_hdr_t hdr; 1313 1314 DPRINTFN(1, ("%s: dgq receive\n", device_xname(sc->sc_dev))); 1315 #ifdef BCSP_DEBUG 1316 if (bcsp_debug == 2) 1317 bcsp_packet_print(m); 1318 #endif 1319 1320 m_copydata(m, 0, sizeof(bcsp_hdr_t), &hdr); 1321 1322 switch (hdr.ident) { 1323 case BCSP_CHANNEL_LE: 1324 m_adj(m, sizeof(bcsp_hdr_t)); 1325 bcsp_input_le(sc, m); 1326 break; 1327 1328 case BCSP_CHANNEL_HCI_SCO: 1329 /* 1330 * We remove the header of BCSP and add the 'uint8_t type' of 1331 * hci_scodata_hdr_t to the head. 1332 */ 1333 m_adj(m, sizeof(bcsp_hdr_t) - sizeof(uint8_t)); 1334 *(mtod(m, uint8_t *)) = HCI_SCO_DATA_PKT; 1335 if (!hci_input_sco(sc->sc_unit, m)) 1336 sc->sc_stats.err_rx++; 1337 1338 sc->sc_stats.sco_rx++; 1339 break; 1340 1341 default: 1342 aprint_error_dev(sc->sc_dev, 1343 "received unreliable packet with not support channel %d\n", 1344 hdr.ident); 1345 m_freem(m); 1346 break; 1347 } 1348 } 1349 1350 static bool 1351 bcsp_tx_unreliable_pkt(struct bcsp_softc *sc, struct mbuf *m, u_int protocol_id) 1352 { 1353 bcsp_hdr_t *hdrp; 1354 struct mbuf *_m; 1355 u_int pldlen; 1356 int s; 1357 1358 DPRINTFN(1, ("%s: dgq transmit: protocol_id=%d,", 1359 device_xname(sc->sc_dev), protocol_id)); 1360 1361 for (pldlen = 0, _m = m; _m != NULL; _m = m->m_next) { 1362 if (_m->m_len < 0) 1363 return false; 1364 pldlen += _m->m_len; 1365 } 1366 DPRINTFN(1, (" pldlen=%d\n", pldlen)); 1367 if (pldlen > 0xfff) 1368 return false; 1369 if (protocol_id == BCSP_IDENT_ACKPKT || protocol_id > 15) 1370 return false; 1371 1372 M_PREPEND(m, sizeof(bcsp_hdr_t), M_DONTWAIT); 1373 if (m == NULL) { 1374 aprint_error_dev(sc->sc_dev, "out of memory\n"); 1375 return false; 1376 } 1377 KASSERT(m->m_len >= sizeof(bcsp_hdr_t)); 1378 1379 hdrp = mtod(m, bcsp_hdr_t *); 1380 memset(hdrp, 0, sizeof(bcsp_hdr_t)); 1381 hdrp->ident = protocol_id; 1382 1383 s = splserial(); 1384 MBUFQ_ENQUEUE(&sc->sc_dgq, m); 1385 splx(s); 1386 sc->sc_transmit_callback = bcsp_unreliabletx_callback; 1387 1388 #ifdef BCSP_DEBUG 1389 if (bcsp_debug == 2) 1390 bcsp_packet_print(m); 1391 #endif 1392 1393 bcsp_mux_transmit(sc); 1394 1395 return true; 1396 } 1397 1398 #if 0 1399 static bool 1400 bcsp_rx_unreliable_pkt(struct bcsp_softc *sc, struct mbuf *m, u_int protocol_id) 1401 { 1402 1403 return false; 1404 } 1405 #endif 1406 1407 static void 1408 bcsp_unreliabletx_callback(struct bcsp_softc *sc, struct mbuf *m) 1409 { 1410 1411 if (M_GETCTX(m, void *) == NULL) 1412 m_freem(m); 1413 else if (!hci_complete_sco(sc->sc_unit, m)) 1414 sc->sc_stats.err_tx++; 1415 } 1416 1417 1418 /* 1419 * BlueCore Link Establishment Protocol functions 1420 */ 1421 static const uint8_t sync[] = BCSP_LE_SYNC; 1422 static const uint8_t syncresp[] = BCSP_LE_SYNCRESP; 1423 static const uint8_t conf[] = BCSP_LE_CONF; 1424 static const uint8_t confresp[] = BCSP_LE_CONFRESP; 1425 1426 static int 1427 bcsp_start_le(struct bcsp_softc *sc) 1428 { 1429 1430 DPRINTF(("%s: start link-establish\n", device_xname(sc->sc_dev))); 1431 1432 bcsp_set_choke(sc, true); 1433 1434 if (!sc->sc_le_muzzled) { 1435 struct mbuf *m; 1436 1437 m = m_gethdr(M_WAIT, MT_DATA); 1438 m->m_pkthdr.len = m->m_len = 0; 1439 m_copyback(m, 0, sizeof(sync), sync); 1440 if (!bcsp_tx_unreliable_pkt(sc, m, BCSP_CHANNEL_LE)) { 1441 aprint_error_dev(sc->sc_dev, 1442 "le-packet transmit failed\n"); 1443 return EINVAL; 1444 } 1445 } 1446 callout_schedule(&sc->sc_le_timer, BCSP_LE_TSHY_TIMEOUT); 1447 1448 sc->sc_le_state = le_state_shy; 1449 return 0; 1450 } 1451 1452 static void 1453 bcsp_terminate_le(struct bcsp_softc *sc) 1454 { 1455 struct mbuf *m; 1456 1457 /* terminate link-establishment */ 1458 callout_stop(&sc->sc_le_timer); 1459 bcsp_set_choke(sc, true); 1460 MGETHDR(m, M_DONTWAIT, MT_DATA); 1461 if (m == NULL) 1462 aprint_error_dev(sc->sc_dev, "out of memory\n"); 1463 else { 1464 /* length of le packets is 4 */ 1465 m->m_pkthdr.len = m->m_len = 0; 1466 m_copyback(m, 0, sizeof(sync), sync); 1467 if (!bcsp_tx_unreliable_pkt(sc, m, BCSP_CHANNEL_LE)) 1468 aprint_error_dev(sc->sc_dev, 1469 "link-establishment terminations failed\n"); 1470 } 1471 } 1472 1473 static void 1474 bcsp_input_le(struct bcsp_softc *sc, struct mbuf *m) 1475 { 1476 uint32_t *rcvpkt; 1477 int i; 1478 const uint8_t *rplypkt; 1479 static struct { 1480 const char *type; 1481 const uint8_t *datap; 1482 } pkt[] = { 1483 { "sync", sync }, 1484 { "sync-resp", syncresp }, 1485 { "conf", conf }, 1486 { "conf-resp", confresp }, 1487 1488 { NULL, 0 } 1489 }; 1490 1491 DPRINTFN(0, ("%s: le input: state %d, muzzled %d\n", 1492 device_xname(sc->sc_dev), sc->sc_le_state, sc->sc_le_muzzled)); 1493 #ifdef BCSP_DEBUG 1494 if (bcsp_debug == 1) 1495 bcsp_packet_print(m); 1496 #endif 1497 1498 rcvpkt = mtod(m, uint32_t *); 1499 i = 0; 1500 1501 /* length of le packets is 4 */ 1502 if (m->m_len == sizeof(uint32_t)) 1503 for (i = 0; pkt[i].type != NULL; i++) 1504 if (*(const uint32_t *)pkt[i].datap == *rcvpkt) 1505 break; 1506 if (m->m_len != sizeof(uint32_t) || pkt[i].type == NULL) { 1507 aprint_error_dev(sc->sc_dev, "received unknown packet\n"); 1508 m_freem(m); 1509 return; 1510 } 1511 1512 rplypkt = NULL; 1513 switch (sc->sc_le_state) { 1514 case le_state_shy: 1515 if (*rcvpkt == *(const uint32_t *)sync) { 1516 sc->sc_le_muzzled = false; 1517 rplypkt = syncresp; 1518 } else if (*rcvpkt == *(const uint32_t *)syncresp) { 1519 DPRINTF(("%s: state change to curious\n", 1520 device_xname(sc->sc_dev))); 1521 1522 rplypkt = conf; 1523 callout_schedule(&sc->sc_le_timer, 1524 BCSP_LE_TCONF_TIMEOUT); 1525 sc->sc_le_state = le_state_curious; 1526 } else 1527 aprint_error_dev(sc->sc_dev, 1528 "received an unknown packet at shy\n"); 1529 break; 1530 1531 case le_state_curious: 1532 if (*rcvpkt == *(const uint32_t *)sync) 1533 rplypkt = syncresp; 1534 else if (*rcvpkt == *(const uint32_t *)conf) 1535 rplypkt = confresp; 1536 else if (*rcvpkt == *(const uint32_t *)confresp) { 1537 DPRINTF(("%s: state change to garrulous:\n", 1538 device_xname(sc->sc_dev))); 1539 1540 bcsp_set_choke(sc, false); 1541 callout_stop(&sc->sc_le_timer); 1542 sc->sc_le_state = le_state_garrulous; 1543 } else 1544 aprint_error_dev(sc->sc_dev, 1545 "received unknown packet at curious\n"); 1546 break; 1547 1548 case le_state_garrulous: 1549 if (*rcvpkt == *(const uint32_t *)conf) 1550 rplypkt = confresp; 1551 else if (*rcvpkt == *(const uint32_t *)sync) { 1552 /* XXXXX */ 1553 aprint_error_dev(sc->sc_dev, 1554 "received sync! peer to reset?\n"); 1555 1556 bcsp_sequencing_reset(sc); 1557 rplypkt = sync; 1558 sc->sc_le_state = le_state_shy; 1559 } else 1560 aprint_error_dev(sc->sc_dev, 1561 "received unknown packet at garrulous\n"); 1562 break; 1563 } 1564 1565 m_freem(m); 1566 1567 if (rplypkt != NULL) { 1568 MGETHDR(m, M_DONTWAIT, MT_DATA); 1569 if (m == NULL) 1570 aprint_error_dev(sc->sc_dev, "out of memory\n"); 1571 else { 1572 /* length of le packets is 4 */ 1573 m->m_pkthdr.len = m->m_len = 0; 1574 m_copyback(m, 0, 4, rplypkt); 1575 if (!bcsp_tx_unreliable_pkt(sc, m, BCSP_CHANNEL_LE)) 1576 aprint_error_dev(sc->sc_dev, 1577 "le-packet transmit failed\n"); 1578 } 1579 } 1580 } 1581 1582 static void 1583 bcsp_le_timeout(void *arg) 1584 { 1585 struct bcsp_softc *sc = arg; 1586 struct mbuf *m; 1587 int timeout; 1588 const uint8_t *sndpkt = NULL; 1589 1590 DPRINTFN(0, ("%s: le timeout: state %d, muzzled %d\n", 1591 device_xname(sc->sc_dev), sc->sc_le_state, sc->sc_le_muzzled)); 1592 1593 switch (sc->sc_le_state) { 1594 case le_state_shy: 1595 if (!sc->sc_le_muzzled) 1596 sndpkt = sync; 1597 timeout = BCSP_LE_TSHY_TIMEOUT; 1598 break; 1599 1600 case le_state_curious: 1601 sndpkt = conf; 1602 timeout = BCSP_LE_TCONF_TIMEOUT; 1603 break; 1604 1605 default: 1606 aprint_error_dev(sc->sc_dev, 1607 "timeout happen at unknown state %d\n", sc->sc_le_state); 1608 return; 1609 } 1610 1611 if (sndpkt != NULL) { 1612 MGETHDR(m, M_DONTWAIT, MT_DATA); 1613 if (m == NULL) 1614 aprint_error_dev(sc->sc_dev, "out of memory\n"); 1615 else { 1616 /* length of le packets is 4 */ 1617 m->m_pkthdr.len = m->m_len = 0; 1618 m_copyback(m, 0, 4, sndpkt); 1619 if (!bcsp_tx_unreliable_pkt(sc, m, BCSP_CHANNEL_LE)) 1620 aprint_error_dev(sc->sc_dev, 1621 "le-packet transmit failed\n"); 1622 } 1623 } 1624 1625 callout_schedule(&sc->sc_le_timer, timeout); 1626 } 1627 1628 1629 /* 1630 * BlueCore Serial Protocol functions. 1631 */ 1632 static int 1633 bcsp_enable(device_t self) 1634 { 1635 struct bcsp_softc *sc = device_private(self); 1636 int s; 1637 1638 if (sc->sc_flags & BCSP_ENABLED) 1639 return 0; 1640 1641 s = spltty(); 1642 1643 sc->sc_flags |= BCSP_ENABLED; 1644 sc->sc_flags &= ~BCSP_XMIT; 1645 1646 splx(s); 1647 1648 return 0; 1649 } 1650 1651 static void 1652 bcsp_disable(device_t self) 1653 { 1654 struct bcsp_softc *sc = device_private(self); 1655 int s; 1656 1657 if ((sc->sc_flags & BCSP_ENABLED) == 0) 1658 return; 1659 1660 s = spltty(); 1661 1662 if (sc->sc_rxp) { 1663 m_freem(sc->sc_rxp); 1664 sc->sc_rxp = NULL; 1665 } 1666 1667 if (sc->sc_txp) { 1668 m_freem(sc->sc_txp); 1669 sc->sc_txp = NULL; 1670 } 1671 1672 MBUFQ_DRAIN(&sc->sc_cmdq); 1673 MBUFQ_DRAIN(&sc->sc_aclq); 1674 MBUFQ_DRAIN(&sc->sc_scoq); 1675 1676 sc->sc_flags &= ~BCSP_ENABLED; 1677 splx(s); 1678 } 1679 1680 static void 1681 bcsp_start(struct bcsp_softc *sc) 1682 { 1683 struct mbuf *m; 1684 1685 KASSERT((sc->sc_flags & BCSP_XMIT) == 0); 1686 KASSERT(sc->sc_txp == NULL); 1687 1688 if (MBUFQ_FIRST(&sc->sc_aclq)) { 1689 MBUFQ_DEQUEUE(&sc->sc_aclq, m); 1690 sc->sc_stats.acl_tx++; 1691 sc->sc_flags |= BCSP_XMIT; 1692 bcsp_tx_reliable_pkt(sc, m, BCSP_CHANNEL_HCI_ACL); 1693 } 1694 1695 if (MBUFQ_FIRST(&sc->sc_cmdq)) { 1696 MBUFQ_DEQUEUE(&sc->sc_cmdq, m); 1697 sc->sc_stats.cmd_tx++; 1698 sc->sc_flags |= BCSP_XMIT; 1699 bcsp_tx_reliable_pkt(sc, m, BCSP_CHANNEL_HCI_CMDEVT); 1700 } 1701 1702 if (MBUFQ_FIRST(&sc->sc_scoq)) { 1703 MBUFQ_DEQUEUE(&sc->sc_scoq, m); 1704 sc->sc_stats.sco_tx++; 1705 /* XXXX: We can transmit with reliable */ 1706 sc->sc_flags |= BCSP_XMIT; 1707 bcsp_tx_unreliable_pkt(sc, m, BCSP_CHANNEL_HCI_SCO); 1708 } 1709 1710 return; 1711 } 1712 1713 static void 1714 bcsp_output_cmd(device_t self, struct mbuf *m) 1715 { 1716 struct bcsp_softc *sc = device_private(self); 1717 int s; 1718 1719 KASSERT(sc->sc_flags & BCSP_ENABLED); 1720 1721 m_adj(m, sizeof(uint8_t)); 1722 M_SETCTX(m, NULL); 1723 1724 s = spltty(); 1725 MBUFQ_ENQUEUE(&sc->sc_cmdq, m); 1726 if ((sc->sc_flags & BCSP_XMIT) == 0) 1727 bcsp_start(sc); 1728 1729 splx(s); 1730 } 1731 1732 static void 1733 bcsp_output_acl(device_t self, struct mbuf *m) 1734 { 1735 struct bcsp_softc *sc = device_private(self); 1736 int s; 1737 1738 KASSERT(sc->sc_flags & BCSP_ENABLED); 1739 1740 m_adj(m, sizeof(uint8_t)); 1741 M_SETCTX(m, NULL); 1742 1743 s = spltty(); 1744 MBUFQ_ENQUEUE(&sc->sc_aclq, m); 1745 if ((sc->sc_flags & BCSP_XMIT) == 0) 1746 bcsp_start(sc); 1747 1748 splx(s); 1749 } 1750 1751 static void 1752 bcsp_output_sco(device_t self, struct mbuf *m) 1753 { 1754 struct bcsp_softc *sc = device_private(self); 1755 int s; 1756 1757 KASSERT(sc->sc_flags & BCSP_ENABLED); 1758 1759 m_adj(m, sizeof(uint8_t)); 1760 1761 s = spltty(); 1762 MBUFQ_ENQUEUE(&sc->sc_scoq, m); 1763 if ((sc->sc_flags & BCSP_XMIT) == 0) 1764 bcsp_start(sc); 1765 1766 splx(s); 1767 } 1768 1769 static void 1770 bcsp_stats(device_t self, struct bt_stats *dest, int flush) 1771 { 1772 struct bcsp_softc *sc = device_private(self); 1773 int s; 1774 1775 s = spltty(); 1776 memcpy(dest, &sc->sc_stats, sizeof(struct bt_stats)); 1777 1778 if (flush) 1779 memset(&sc->sc_stats, 0, sizeof(struct bt_stats)); 1780 1781 splx(s); 1782 } 1783 1784 1785 #ifdef BCSP_DEBUG 1786 static void 1787 bcsp_packet_print(struct mbuf *m) 1788 { 1789 int i; 1790 uint8_t *p; 1791 1792 for ( ; m != NULL; m = m->m_next) { 1793 p = mtod(m, uint8_t *); 1794 for (i = 0; i < m->m_len; i++) { 1795 if (i % 16 == 0) 1796 printf(" "); 1797 printf(" %02x", *(p + i)); 1798 if (i % 16 == 15) 1799 printf("\n"); 1800 } 1801 printf("\n"); 1802 } 1803 } 1804 #endif 1805