hci_qca.c (61700B)
1// SPDX-License-Identifier: GPL-2.0-only 2/* 3 * Bluetooth Software UART Qualcomm protocol 4 * 5 * HCI_IBS (HCI In-Band Sleep) is Qualcomm's power management 6 * protocol extension to H4. 7 * 8 * Copyright (C) 2007 Texas Instruments, Inc. 9 * Copyright (c) 2010, 2012, 2018 The Linux Foundation. All rights reserved. 10 * 11 * Acknowledgements: 12 * This file is based on hci_ll.c, which was... 13 * Written by Ohad Ben-Cohen <ohad@bencohen.org> 14 * which was in turn based on hci_h4.c, which was written 15 * by Maxim Krasnyansky and Marcel Holtmann. 16 */ 17 18#include <linux/kernel.h> 19#include <linux/clk.h> 20#include <linux/completion.h> 21#include <linux/debugfs.h> 22#include <linux/delay.h> 23#include <linux/devcoredump.h> 24#include <linux/device.h> 25#include <linux/gpio/consumer.h> 26#include <linux/mod_devicetable.h> 27#include <linux/module.h> 28#include <linux/of_device.h> 29#include <linux/acpi.h> 30#include <linux/platform_device.h> 31#include <linux/regulator/consumer.h> 32#include <linux/serdev.h> 33#include <linux/mutex.h> 34#include <asm/unaligned.h> 35 36#include <net/bluetooth/bluetooth.h> 37#include <net/bluetooth/hci_core.h> 38 39#include "hci_uart.h" 40#include "btqca.h" 41 42/* HCI_IBS protocol messages */ 43#define HCI_IBS_SLEEP_IND 0xFE 44#define HCI_IBS_WAKE_IND 0xFD 45#define HCI_IBS_WAKE_ACK 0xFC 46#define HCI_MAX_IBS_SIZE 10 47 48#define IBS_WAKE_RETRANS_TIMEOUT_MS 100 49#define IBS_BTSOC_TX_IDLE_TIMEOUT_MS 200 50#define IBS_HOST_TX_IDLE_TIMEOUT_MS 2000 51#define CMD_TRANS_TIMEOUT_MS 100 52#define MEMDUMP_TIMEOUT_MS 8000 53#define IBS_DISABLE_SSR_TIMEOUT_MS \ 54 (MEMDUMP_TIMEOUT_MS + FW_DOWNLOAD_TIMEOUT_MS) 55#define FW_DOWNLOAD_TIMEOUT_MS 3000 56 57/* susclk rate */ 58#define SUSCLK_RATE_32KHZ 32768 59 60/* Controller debug log header */ 61#define QCA_DEBUG_HANDLE 0x2EDC 62 63/* max retry count when init fails */ 64#define MAX_INIT_RETRIES 3 65 66/* Controller dump header */ 67#define QCA_SSR_DUMP_HANDLE 0x0108 68#define QCA_DUMP_PACKET_SIZE 255 69#define QCA_LAST_SEQUENCE_NUM 0xFFFF 70#define QCA_CRASHBYTE_PACKET_LEN 1096 71#define QCA_MEMDUMP_BYTE 0xFB 72 73enum qca_flags { 74 QCA_IBS_DISABLED, 75 QCA_DROP_VENDOR_EVENT, 76 QCA_SUSPENDING, 77 QCA_MEMDUMP_COLLECTION, 78 QCA_HW_ERROR_EVENT, 79 QCA_SSR_TRIGGERED, 80 QCA_BT_OFF, 81 QCA_ROM_FW 82}; 83 84enum qca_capabilities { 85 QCA_CAP_WIDEBAND_SPEECH = BIT(0), 86 QCA_CAP_VALID_LE_STATES = BIT(1), 87}; 88 89/* HCI_IBS transmit side sleep protocol states */ 90enum tx_ibs_states { 91 HCI_IBS_TX_ASLEEP, 92 HCI_IBS_TX_WAKING, 93 HCI_IBS_TX_AWAKE, 94}; 95 96/* HCI_IBS receive side sleep protocol states */ 97enum rx_states { 98 HCI_IBS_RX_ASLEEP, 99 HCI_IBS_RX_AWAKE, 100}; 101 102/* HCI_IBS transmit and receive side clock state vote */ 103enum hci_ibs_clock_state_vote { 104 HCI_IBS_VOTE_STATS_UPDATE, 105 HCI_IBS_TX_VOTE_CLOCK_ON, 106 HCI_IBS_TX_VOTE_CLOCK_OFF, 107 HCI_IBS_RX_VOTE_CLOCK_ON, 108 HCI_IBS_RX_VOTE_CLOCK_OFF, 109}; 110 111/* Controller memory dump states */ 112enum qca_memdump_states { 113 QCA_MEMDUMP_IDLE, 114 QCA_MEMDUMP_COLLECTING, 115 QCA_MEMDUMP_COLLECTED, 116 QCA_MEMDUMP_TIMEOUT, 117}; 118 119struct qca_memdump_data { 120 char *memdump_buf_head; 121 char *memdump_buf_tail; 122 u32 current_seq_no; 123 u32 received_dump; 124 u32 ram_dump_size; 125}; 126 127struct qca_memdump_event_hdr { 128 __u8 evt; 129 __u8 plen; 130 __u16 opcode; 131 __u16 seq_no; 132 __u8 reserved; 133} __packed; 134 135 136struct qca_dump_size { 137 u32 dump_size; 138} __packed; 139 140struct qca_data { 141 struct hci_uart *hu; 142 struct sk_buff *rx_skb; 143 struct sk_buff_head txq; 144 struct sk_buff_head tx_wait_q; /* HCI_IBS wait queue */ 145 struct sk_buff_head rx_memdump_q; /* Memdump wait queue */ 146 spinlock_t hci_ibs_lock; /* HCI_IBS state lock */ 147 u8 tx_ibs_state; /* HCI_IBS transmit side power state*/ 148 u8 rx_ibs_state; /* HCI_IBS receive side power state */ 149 bool tx_vote; /* Clock must be on for TX */ 150 bool rx_vote; /* Clock must be on for RX */ 151 struct timer_list tx_idle_timer; 152 u32 tx_idle_delay; 153 struct timer_list wake_retrans_timer; 154 u32 wake_retrans; 155 struct workqueue_struct *workqueue; 156 struct work_struct ws_awake_rx; 157 struct work_struct ws_awake_device; 158 struct work_struct ws_rx_vote_off; 159 struct work_struct ws_tx_vote_off; 160 struct work_struct ctrl_memdump_evt; 161 struct delayed_work ctrl_memdump_timeout; 162 struct qca_memdump_data *qca_memdump; 163 unsigned long flags; 164 struct completion drop_ev_comp; 165 wait_queue_head_t suspend_wait_q; 166 enum qca_memdump_states memdump_state; 167 struct mutex hci_memdump_lock; 168 169 /* For debugging purpose */ 170 u64 ibs_sent_wacks; 171 u64 ibs_sent_slps; 172 u64 ibs_sent_wakes; 173 u64 ibs_recv_wacks; 174 u64 ibs_recv_slps; 175 u64 ibs_recv_wakes; 176 u64 vote_last_jif; 177 u32 vote_on_ms; 178 u32 vote_off_ms; 179 u64 tx_votes_on; 180 u64 rx_votes_on; 181 u64 tx_votes_off; 182 u64 rx_votes_off; 183 u64 votes_on; 184 u64 votes_off; 185}; 186 187enum qca_speed_type { 188 QCA_INIT_SPEED = 1, 189 QCA_OPER_SPEED 190}; 191 192/* 193 * Voltage regulator information required for configuring the 194 * QCA Bluetooth chipset 195 */ 196struct qca_vreg { 197 const char *name; 198 unsigned int load_uA; 199}; 200 201struct qca_device_data { 202 enum qca_btsoc_type soc_type; 203 struct qca_vreg *vregs; 204 size_t num_vregs; 205 uint32_t capabilities; 206}; 207 208/* 209 * Platform data for the QCA Bluetooth power driver. 210 */ 211struct qca_power { 212 struct device *dev; 213 struct regulator_bulk_data *vreg_bulk; 214 int num_vregs; 215 bool vregs_on; 216}; 217 218struct qca_serdev { 219 struct hci_uart serdev_hu; 220 struct gpio_desc *bt_en; 221 struct gpio_desc *sw_ctrl; 222 struct clk *susclk; 223 enum qca_btsoc_type btsoc_type; 224 struct qca_power *bt_power; 225 u32 init_speed; 226 u32 oper_speed; 227 const char *firmware_name; 228}; 229 230static int qca_regulator_enable(struct qca_serdev *qcadev); 231static void qca_regulator_disable(struct qca_serdev *qcadev); 232static void qca_power_shutdown(struct hci_uart *hu); 233static int qca_power_off(struct hci_dev *hdev); 234static void qca_controller_memdump(struct work_struct *work); 235 236static enum qca_btsoc_type qca_soc_type(struct hci_uart *hu) 237{ 238 enum qca_btsoc_type soc_type; 239 240 if (hu->serdev) { 241 struct qca_serdev *qsd = serdev_device_get_drvdata(hu->serdev); 242 243 soc_type = qsd->btsoc_type; 244 } else { 245 soc_type = QCA_ROME; 246 } 247 248 return soc_type; 249} 250 251static const char *qca_get_firmware_name(struct hci_uart *hu) 252{ 253 if (hu->serdev) { 254 struct qca_serdev *qsd = serdev_device_get_drvdata(hu->serdev); 255 256 return qsd->firmware_name; 257 } else { 258 return NULL; 259 } 260} 261 262static void __serial_clock_on(struct tty_struct *tty) 263{ 264 /* TODO: Some chipset requires to enable UART clock on client 265 * side to save power consumption or manual work is required. 266 * Please put your code to control UART clock here if needed 267 */ 268} 269 270static void __serial_clock_off(struct tty_struct *tty) 271{ 272 /* TODO: Some chipset requires to disable UART clock on client 273 * side to save power consumption or manual work is required. 274 * Please put your code to control UART clock off here if needed 275 */ 276} 277 278/* serial_clock_vote needs to be called with the ibs lock held */ 279static void serial_clock_vote(unsigned long vote, struct hci_uart *hu) 280{ 281 struct qca_data *qca = hu->priv; 282 unsigned int diff; 283 284 bool old_vote = (qca->tx_vote | qca->rx_vote); 285 bool new_vote; 286 287 switch (vote) { 288 case HCI_IBS_VOTE_STATS_UPDATE: 289 diff = jiffies_to_msecs(jiffies - qca->vote_last_jif); 290 291 if (old_vote) 292 qca->vote_off_ms += diff; 293 else 294 qca->vote_on_ms += diff; 295 return; 296 297 case HCI_IBS_TX_VOTE_CLOCK_ON: 298 qca->tx_vote = true; 299 qca->tx_votes_on++; 300 break; 301 302 case HCI_IBS_RX_VOTE_CLOCK_ON: 303 qca->rx_vote = true; 304 qca->rx_votes_on++; 305 break; 306 307 case HCI_IBS_TX_VOTE_CLOCK_OFF: 308 qca->tx_vote = false; 309 qca->tx_votes_off++; 310 break; 311 312 case HCI_IBS_RX_VOTE_CLOCK_OFF: 313 qca->rx_vote = false; 314 qca->rx_votes_off++; 315 break; 316 317 default: 318 BT_ERR("Voting irregularity"); 319 return; 320 } 321 322 new_vote = qca->rx_vote | qca->tx_vote; 323 324 if (new_vote != old_vote) { 325 if (new_vote) 326 __serial_clock_on(hu->tty); 327 else 328 __serial_clock_off(hu->tty); 329 330 BT_DBG("Vote serial clock %s(%s)", new_vote ? "true" : "false", 331 vote ? "true" : "false"); 332 333 diff = jiffies_to_msecs(jiffies - qca->vote_last_jif); 334 335 if (new_vote) { 336 qca->votes_on++; 337 qca->vote_off_ms += diff; 338 } else { 339 qca->votes_off++; 340 qca->vote_on_ms += diff; 341 } 342 qca->vote_last_jif = jiffies; 343 } 344} 345 346/* Builds and sends an HCI_IBS command packet. 347 * These are very simple packets with only 1 cmd byte. 348 */ 349static int send_hci_ibs_cmd(u8 cmd, struct hci_uart *hu) 350{ 351 int err = 0; 352 struct sk_buff *skb = NULL; 353 struct qca_data *qca = hu->priv; 354 355 BT_DBG("hu %p send hci ibs cmd 0x%x", hu, cmd); 356 357 skb = bt_skb_alloc(1, GFP_ATOMIC); 358 if (!skb) { 359 BT_ERR("Failed to allocate memory for HCI_IBS packet"); 360 return -ENOMEM; 361 } 362 363 /* Assign HCI_IBS type */ 364 skb_put_u8(skb, cmd); 365 366 skb_queue_tail(&qca->txq, skb); 367 368 return err; 369} 370 371static void qca_wq_awake_device(struct work_struct *work) 372{ 373 struct qca_data *qca = container_of(work, struct qca_data, 374 ws_awake_device); 375 struct hci_uart *hu = qca->hu; 376 unsigned long retrans_delay; 377 unsigned long flags; 378 379 BT_DBG("hu %p wq awake device", hu); 380 381 /* Vote for serial clock */ 382 serial_clock_vote(HCI_IBS_TX_VOTE_CLOCK_ON, hu); 383 384 spin_lock_irqsave(&qca->hci_ibs_lock, flags); 385 386 /* Send wake indication to device */ 387 if (send_hci_ibs_cmd(HCI_IBS_WAKE_IND, hu) < 0) 388 BT_ERR("Failed to send WAKE to device"); 389 390 qca->ibs_sent_wakes++; 391 392 /* Start retransmit timer */ 393 retrans_delay = msecs_to_jiffies(qca->wake_retrans); 394 mod_timer(&qca->wake_retrans_timer, jiffies + retrans_delay); 395 396 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 397 398 /* Actually send the packets */ 399 hci_uart_tx_wakeup(hu); 400} 401 402static void qca_wq_awake_rx(struct work_struct *work) 403{ 404 struct qca_data *qca = container_of(work, struct qca_data, 405 ws_awake_rx); 406 struct hci_uart *hu = qca->hu; 407 unsigned long flags; 408 409 BT_DBG("hu %p wq awake rx", hu); 410 411 serial_clock_vote(HCI_IBS_RX_VOTE_CLOCK_ON, hu); 412 413 spin_lock_irqsave(&qca->hci_ibs_lock, flags); 414 qca->rx_ibs_state = HCI_IBS_RX_AWAKE; 415 416 /* Always acknowledge device wake up, 417 * sending IBS message doesn't count as TX ON. 418 */ 419 if (send_hci_ibs_cmd(HCI_IBS_WAKE_ACK, hu) < 0) 420 BT_ERR("Failed to acknowledge device wake up"); 421 422 qca->ibs_sent_wacks++; 423 424 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 425 426 /* Actually send the packets */ 427 hci_uart_tx_wakeup(hu); 428} 429 430static void qca_wq_serial_rx_clock_vote_off(struct work_struct *work) 431{ 432 struct qca_data *qca = container_of(work, struct qca_data, 433 ws_rx_vote_off); 434 struct hci_uart *hu = qca->hu; 435 436 BT_DBG("hu %p rx clock vote off", hu); 437 438 serial_clock_vote(HCI_IBS_RX_VOTE_CLOCK_OFF, hu); 439} 440 441static void qca_wq_serial_tx_clock_vote_off(struct work_struct *work) 442{ 443 struct qca_data *qca = container_of(work, struct qca_data, 444 ws_tx_vote_off); 445 struct hci_uart *hu = qca->hu; 446 447 BT_DBG("hu %p tx clock vote off", hu); 448 449 /* Run HCI tx handling unlocked */ 450 hci_uart_tx_wakeup(hu); 451 452 /* Now that message queued to tty driver, vote for tty clocks off. 453 * It is up to the tty driver to pend the clocks off until tx done. 454 */ 455 serial_clock_vote(HCI_IBS_TX_VOTE_CLOCK_OFF, hu); 456} 457 458static void hci_ibs_tx_idle_timeout(struct timer_list *t) 459{ 460 struct qca_data *qca = from_timer(qca, t, tx_idle_timer); 461 struct hci_uart *hu = qca->hu; 462 unsigned long flags; 463 464 BT_DBG("hu %p idle timeout in %d state", hu, qca->tx_ibs_state); 465 466 spin_lock_irqsave_nested(&qca->hci_ibs_lock, 467 flags, SINGLE_DEPTH_NESTING); 468 469 switch (qca->tx_ibs_state) { 470 case HCI_IBS_TX_AWAKE: 471 /* TX_IDLE, go to SLEEP */ 472 if (send_hci_ibs_cmd(HCI_IBS_SLEEP_IND, hu) < 0) { 473 BT_ERR("Failed to send SLEEP to device"); 474 break; 475 } 476 qca->tx_ibs_state = HCI_IBS_TX_ASLEEP; 477 qca->ibs_sent_slps++; 478 queue_work(qca->workqueue, &qca->ws_tx_vote_off); 479 break; 480 481 case HCI_IBS_TX_ASLEEP: 482 case HCI_IBS_TX_WAKING: 483 default: 484 BT_ERR("Spurious timeout tx state %d", qca->tx_ibs_state); 485 break; 486 } 487 488 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 489} 490 491static void hci_ibs_wake_retrans_timeout(struct timer_list *t) 492{ 493 struct qca_data *qca = from_timer(qca, t, wake_retrans_timer); 494 struct hci_uart *hu = qca->hu; 495 unsigned long flags, retrans_delay; 496 bool retransmit = false; 497 498 BT_DBG("hu %p wake retransmit timeout in %d state", 499 hu, qca->tx_ibs_state); 500 501 spin_lock_irqsave_nested(&qca->hci_ibs_lock, 502 flags, SINGLE_DEPTH_NESTING); 503 504 /* Don't retransmit the HCI_IBS_WAKE_IND when suspending. */ 505 if (test_bit(QCA_SUSPENDING, &qca->flags)) { 506 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 507 return; 508 } 509 510 switch (qca->tx_ibs_state) { 511 case HCI_IBS_TX_WAKING: 512 /* No WAKE_ACK, retransmit WAKE */ 513 retransmit = true; 514 if (send_hci_ibs_cmd(HCI_IBS_WAKE_IND, hu) < 0) { 515 BT_ERR("Failed to acknowledge device wake up"); 516 break; 517 } 518 qca->ibs_sent_wakes++; 519 retrans_delay = msecs_to_jiffies(qca->wake_retrans); 520 mod_timer(&qca->wake_retrans_timer, jiffies + retrans_delay); 521 break; 522 523 case HCI_IBS_TX_ASLEEP: 524 case HCI_IBS_TX_AWAKE: 525 default: 526 BT_ERR("Spurious timeout tx state %d", qca->tx_ibs_state); 527 break; 528 } 529 530 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 531 532 if (retransmit) 533 hci_uart_tx_wakeup(hu); 534} 535 536 537static void qca_controller_memdump_timeout(struct work_struct *work) 538{ 539 struct qca_data *qca = container_of(work, struct qca_data, 540 ctrl_memdump_timeout.work); 541 struct hci_uart *hu = qca->hu; 542 543 mutex_lock(&qca->hci_memdump_lock); 544 if (test_bit(QCA_MEMDUMP_COLLECTION, &qca->flags)) { 545 qca->memdump_state = QCA_MEMDUMP_TIMEOUT; 546 if (!test_bit(QCA_HW_ERROR_EVENT, &qca->flags)) { 547 /* Inject hw error event to reset the device 548 * and driver. 549 */ 550 hci_reset_dev(hu->hdev); 551 } 552 } 553 554 mutex_unlock(&qca->hci_memdump_lock); 555} 556 557 558/* Initialize protocol */ 559static int qca_open(struct hci_uart *hu) 560{ 561 struct qca_serdev *qcadev; 562 struct qca_data *qca; 563 564 BT_DBG("hu %p qca_open", hu); 565 566 if (!hci_uart_has_flow_control(hu)) 567 return -EOPNOTSUPP; 568 569 qca = kzalloc(sizeof(struct qca_data), GFP_KERNEL); 570 if (!qca) 571 return -ENOMEM; 572 573 skb_queue_head_init(&qca->txq); 574 skb_queue_head_init(&qca->tx_wait_q); 575 skb_queue_head_init(&qca->rx_memdump_q); 576 spin_lock_init(&qca->hci_ibs_lock); 577 mutex_init(&qca->hci_memdump_lock); 578 qca->workqueue = alloc_ordered_workqueue("qca_wq", 0); 579 if (!qca->workqueue) { 580 BT_ERR("QCA Workqueue not initialized properly"); 581 kfree(qca); 582 return -ENOMEM; 583 } 584 585 INIT_WORK(&qca->ws_awake_rx, qca_wq_awake_rx); 586 INIT_WORK(&qca->ws_awake_device, qca_wq_awake_device); 587 INIT_WORK(&qca->ws_rx_vote_off, qca_wq_serial_rx_clock_vote_off); 588 INIT_WORK(&qca->ws_tx_vote_off, qca_wq_serial_tx_clock_vote_off); 589 INIT_WORK(&qca->ctrl_memdump_evt, qca_controller_memdump); 590 INIT_DELAYED_WORK(&qca->ctrl_memdump_timeout, 591 qca_controller_memdump_timeout); 592 init_waitqueue_head(&qca->suspend_wait_q); 593 594 qca->hu = hu; 595 init_completion(&qca->drop_ev_comp); 596 597 /* Assume we start with both sides asleep -- extra wakes OK */ 598 qca->tx_ibs_state = HCI_IBS_TX_ASLEEP; 599 qca->rx_ibs_state = HCI_IBS_RX_ASLEEP; 600 601 qca->vote_last_jif = jiffies; 602 603 hu->priv = qca; 604 605 if (hu->serdev) { 606 qcadev = serdev_device_get_drvdata(hu->serdev); 607 608 if (qca_is_wcn399x(qcadev->btsoc_type) || 609 qca_is_wcn6750(qcadev->btsoc_type)) 610 hu->init_speed = qcadev->init_speed; 611 612 if (qcadev->oper_speed) 613 hu->oper_speed = qcadev->oper_speed; 614 } 615 616 timer_setup(&qca->wake_retrans_timer, hci_ibs_wake_retrans_timeout, 0); 617 qca->wake_retrans = IBS_WAKE_RETRANS_TIMEOUT_MS; 618 619 timer_setup(&qca->tx_idle_timer, hci_ibs_tx_idle_timeout, 0); 620 qca->tx_idle_delay = IBS_HOST_TX_IDLE_TIMEOUT_MS; 621 622 BT_DBG("HCI_UART_QCA open, tx_idle_delay=%u, wake_retrans=%u", 623 qca->tx_idle_delay, qca->wake_retrans); 624 625 return 0; 626} 627 628static void qca_debugfs_init(struct hci_dev *hdev) 629{ 630 struct hci_uart *hu = hci_get_drvdata(hdev); 631 struct qca_data *qca = hu->priv; 632 struct dentry *ibs_dir; 633 umode_t mode; 634 635 if (!hdev->debugfs) 636 return; 637 638 ibs_dir = debugfs_create_dir("ibs", hdev->debugfs); 639 640 /* read only */ 641 mode = 0444; 642 debugfs_create_u8("tx_ibs_state", mode, ibs_dir, &qca->tx_ibs_state); 643 debugfs_create_u8("rx_ibs_state", mode, ibs_dir, &qca->rx_ibs_state); 644 debugfs_create_u64("ibs_sent_sleeps", mode, ibs_dir, 645 &qca->ibs_sent_slps); 646 debugfs_create_u64("ibs_sent_wakes", mode, ibs_dir, 647 &qca->ibs_sent_wakes); 648 debugfs_create_u64("ibs_sent_wake_acks", mode, ibs_dir, 649 &qca->ibs_sent_wacks); 650 debugfs_create_u64("ibs_recv_sleeps", mode, ibs_dir, 651 &qca->ibs_recv_slps); 652 debugfs_create_u64("ibs_recv_wakes", mode, ibs_dir, 653 &qca->ibs_recv_wakes); 654 debugfs_create_u64("ibs_recv_wake_acks", mode, ibs_dir, 655 &qca->ibs_recv_wacks); 656 debugfs_create_bool("tx_vote", mode, ibs_dir, &qca->tx_vote); 657 debugfs_create_u64("tx_votes_on", mode, ibs_dir, &qca->tx_votes_on); 658 debugfs_create_u64("tx_votes_off", mode, ibs_dir, &qca->tx_votes_off); 659 debugfs_create_bool("rx_vote", mode, ibs_dir, &qca->rx_vote); 660 debugfs_create_u64("rx_votes_on", mode, ibs_dir, &qca->rx_votes_on); 661 debugfs_create_u64("rx_votes_off", mode, ibs_dir, &qca->rx_votes_off); 662 debugfs_create_u64("votes_on", mode, ibs_dir, &qca->votes_on); 663 debugfs_create_u64("votes_off", mode, ibs_dir, &qca->votes_off); 664 debugfs_create_u32("vote_on_ms", mode, ibs_dir, &qca->vote_on_ms); 665 debugfs_create_u32("vote_off_ms", mode, ibs_dir, &qca->vote_off_ms); 666 667 /* read/write */ 668 mode = 0644; 669 debugfs_create_u32("wake_retrans", mode, ibs_dir, &qca->wake_retrans); 670 debugfs_create_u32("tx_idle_delay", mode, ibs_dir, 671 &qca->tx_idle_delay); 672} 673 674/* Flush protocol data */ 675static int qca_flush(struct hci_uart *hu) 676{ 677 struct qca_data *qca = hu->priv; 678 679 BT_DBG("hu %p qca flush", hu); 680 681 skb_queue_purge(&qca->tx_wait_q); 682 skb_queue_purge(&qca->txq); 683 684 return 0; 685} 686 687/* Close protocol */ 688static int qca_close(struct hci_uart *hu) 689{ 690 struct qca_data *qca = hu->priv; 691 692 BT_DBG("hu %p qca close", hu); 693 694 serial_clock_vote(HCI_IBS_VOTE_STATS_UPDATE, hu); 695 696 skb_queue_purge(&qca->tx_wait_q); 697 skb_queue_purge(&qca->txq); 698 skb_queue_purge(&qca->rx_memdump_q); 699 destroy_workqueue(qca->workqueue); 700 del_timer_sync(&qca->tx_idle_timer); 701 del_timer_sync(&qca->wake_retrans_timer); 702 qca->hu = NULL; 703 704 kfree_skb(qca->rx_skb); 705 706 hu->priv = NULL; 707 708 kfree(qca); 709 710 return 0; 711} 712 713/* Called upon a wake-up-indication from the device. 714 */ 715static void device_want_to_wakeup(struct hci_uart *hu) 716{ 717 unsigned long flags; 718 struct qca_data *qca = hu->priv; 719 720 BT_DBG("hu %p want to wake up", hu); 721 722 spin_lock_irqsave(&qca->hci_ibs_lock, flags); 723 724 qca->ibs_recv_wakes++; 725 726 /* Don't wake the rx up when suspending. */ 727 if (test_bit(QCA_SUSPENDING, &qca->flags)) { 728 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 729 return; 730 } 731 732 switch (qca->rx_ibs_state) { 733 case HCI_IBS_RX_ASLEEP: 734 /* Make sure clock is on - we may have turned clock off since 735 * receiving the wake up indicator awake rx clock. 736 */ 737 queue_work(qca->workqueue, &qca->ws_awake_rx); 738 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 739 return; 740 741 case HCI_IBS_RX_AWAKE: 742 /* Always acknowledge device wake up, 743 * sending IBS message doesn't count as TX ON. 744 */ 745 if (send_hci_ibs_cmd(HCI_IBS_WAKE_ACK, hu) < 0) { 746 BT_ERR("Failed to acknowledge device wake up"); 747 break; 748 } 749 qca->ibs_sent_wacks++; 750 break; 751 752 default: 753 /* Any other state is illegal */ 754 BT_ERR("Received HCI_IBS_WAKE_IND in rx state %d", 755 qca->rx_ibs_state); 756 break; 757 } 758 759 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 760 761 /* Actually send the packets */ 762 hci_uart_tx_wakeup(hu); 763} 764 765/* Called upon a sleep-indication from the device. 766 */ 767static void device_want_to_sleep(struct hci_uart *hu) 768{ 769 unsigned long flags; 770 struct qca_data *qca = hu->priv; 771 772 BT_DBG("hu %p want to sleep in %d state", hu, qca->rx_ibs_state); 773 774 spin_lock_irqsave(&qca->hci_ibs_lock, flags); 775 776 qca->ibs_recv_slps++; 777 778 switch (qca->rx_ibs_state) { 779 case HCI_IBS_RX_AWAKE: 780 /* Update state */ 781 qca->rx_ibs_state = HCI_IBS_RX_ASLEEP; 782 /* Vote off rx clock under workqueue */ 783 queue_work(qca->workqueue, &qca->ws_rx_vote_off); 784 break; 785 786 case HCI_IBS_RX_ASLEEP: 787 break; 788 789 default: 790 /* Any other state is illegal */ 791 BT_ERR("Received HCI_IBS_SLEEP_IND in rx state %d", 792 qca->rx_ibs_state); 793 break; 794 } 795 796 wake_up_interruptible(&qca->suspend_wait_q); 797 798 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 799} 800 801/* Called upon wake-up-acknowledgement from the device 802 */ 803static void device_woke_up(struct hci_uart *hu) 804{ 805 unsigned long flags, idle_delay; 806 struct qca_data *qca = hu->priv; 807 struct sk_buff *skb = NULL; 808 809 BT_DBG("hu %p woke up", hu); 810 811 spin_lock_irqsave(&qca->hci_ibs_lock, flags); 812 813 qca->ibs_recv_wacks++; 814 815 /* Don't react to the wake-up-acknowledgment when suspending. */ 816 if (test_bit(QCA_SUSPENDING, &qca->flags)) { 817 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 818 return; 819 } 820 821 switch (qca->tx_ibs_state) { 822 case HCI_IBS_TX_AWAKE: 823 /* Expect one if we send 2 WAKEs */ 824 BT_DBG("Received HCI_IBS_WAKE_ACK in tx state %d", 825 qca->tx_ibs_state); 826 break; 827 828 case HCI_IBS_TX_WAKING: 829 /* Send pending packets */ 830 while ((skb = skb_dequeue(&qca->tx_wait_q))) 831 skb_queue_tail(&qca->txq, skb); 832 833 /* Switch timers and change state to HCI_IBS_TX_AWAKE */ 834 del_timer(&qca->wake_retrans_timer); 835 idle_delay = msecs_to_jiffies(qca->tx_idle_delay); 836 mod_timer(&qca->tx_idle_timer, jiffies + idle_delay); 837 qca->tx_ibs_state = HCI_IBS_TX_AWAKE; 838 break; 839 840 case HCI_IBS_TX_ASLEEP: 841 default: 842 BT_ERR("Received HCI_IBS_WAKE_ACK in tx state %d", 843 qca->tx_ibs_state); 844 break; 845 } 846 847 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 848 849 /* Actually send the packets */ 850 hci_uart_tx_wakeup(hu); 851} 852 853/* Enqueue frame for transmittion (padding, crc, etc) may be called from 854 * two simultaneous tasklets. 855 */ 856static int qca_enqueue(struct hci_uart *hu, struct sk_buff *skb) 857{ 858 unsigned long flags = 0, idle_delay; 859 struct qca_data *qca = hu->priv; 860 861 BT_DBG("hu %p qca enq skb %p tx_ibs_state %d", hu, skb, 862 qca->tx_ibs_state); 863 864 if (test_bit(QCA_SSR_TRIGGERED, &qca->flags)) { 865 /* As SSR is in progress, ignore the packets */ 866 bt_dev_dbg(hu->hdev, "SSR is in progress"); 867 kfree_skb(skb); 868 return 0; 869 } 870 871 /* Prepend skb with frame type */ 872 memcpy(skb_push(skb, 1), &hci_skb_pkt_type(skb), 1); 873 874 spin_lock_irqsave(&qca->hci_ibs_lock, flags); 875 876 /* Don't go to sleep in middle of patch download or 877 * Out-Of-Band(GPIOs control) sleep is selected. 878 * Don't wake the device up when suspending. 879 */ 880 if (test_bit(QCA_IBS_DISABLED, &qca->flags) || 881 test_bit(QCA_SUSPENDING, &qca->flags)) { 882 skb_queue_tail(&qca->txq, skb); 883 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 884 return 0; 885 } 886 887 /* Act according to current state */ 888 switch (qca->tx_ibs_state) { 889 case HCI_IBS_TX_AWAKE: 890 BT_DBG("Device awake, sending normally"); 891 skb_queue_tail(&qca->txq, skb); 892 idle_delay = msecs_to_jiffies(qca->tx_idle_delay); 893 mod_timer(&qca->tx_idle_timer, jiffies + idle_delay); 894 break; 895 896 case HCI_IBS_TX_ASLEEP: 897 BT_DBG("Device asleep, waking up and queueing packet"); 898 /* Save packet for later */ 899 skb_queue_tail(&qca->tx_wait_q, skb); 900 901 qca->tx_ibs_state = HCI_IBS_TX_WAKING; 902 /* Schedule a work queue to wake up device */ 903 queue_work(qca->workqueue, &qca->ws_awake_device); 904 break; 905 906 case HCI_IBS_TX_WAKING: 907 BT_DBG("Device waking up, queueing packet"); 908 /* Transient state; just keep packet for later */ 909 skb_queue_tail(&qca->tx_wait_q, skb); 910 break; 911 912 default: 913 BT_ERR("Illegal tx state: %d (losing packet)", 914 qca->tx_ibs_state); 915 kfree_skb(skb); 916 break; 917 } 918 919 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 920 921 return 0; 922} 923 924static int qca_ibs_sleep_ind(struct hci_dev *hdev, struct sk_buff *skb) 925{ 926 struct hci_uart *hu = hci_get_drvdata(hdev); 927 928 BT_DBG("hu %p recv hci ibs cmd 0x%x", hu, HCI_IBS_SLEEP_IND); 929 930 device_want_to_sleep(hu); 931 932 kfree_skb(skb); 933 return 0; 934} 935 936static int qca_ibs_wake_ind(struct hci_dev *hdev, struct sk_buff *skb) 937{ 938 struct hci_uart *hu = hci_get_drvdata(hdev); 939 940 BT_DBG("hu %p recv hci ibs cmd 0x%x", hu, HCI_IBS_WAKE_IND); 941 942 device_want_to_wakeup(hu); 943 944 kfree_skb(skb); 945 return 0; 946} 947 948static int qca_ibs_wake_ack(struct hci_dev *hdev, struct sk_buff *skb) 949{ 950 struct hci_uart *hu = hci_get_drvdata(hdev); 951 952 BT_DBG("hu %p recv hci ibs cmd 0x%x", hu, HCI_IBS_WAKE_ACK); 953 954 device_woke_up(hu); 955 956 kfree_skb(skb); 957 return 0; 958} 959 960static int qca_recv_acl_data(struct hci_dev *hdev, struct sk_buff *skb) 961{ 962 /* We receive debug logs from chip as an ACL packets. 963 * Instead of sending the data to ACL to decode the 964 * received data, we are pushing them to the above layers 965 * as a diagnostic packet. 966 */ 967 if (get_unaligned_le16(skb->data) == QCA_DEBUG_HANDLE) 968 return hci_recv_diag(hdev, skb); 969 970 return hci_recv_frame(hdev, skb); 971} 972 973static void qca_controller_memdump(struct work_struct *work) 974{ 975 struct qca_data *qca = container_of(work, struct qca_data, 976 ctrl_memdump_evt); 977 struct hci_uart *hu = qca->hu; 978 struct sk_buff *skb; 979 struct qca_memdump_event_hdr *cmd_hdr; 980 struct qca_memdump_data *qca_memdump = qca->qca_memdump; 981 struct qca_dump_size *dump; 982 char *memdump_buf; 983 char nullBuff[QCA_DUMP_PACKET_SIZE] = { 0 }; 984 u16 seq_no; 985 u32 dump_size; 986 u32 rx_size; 987 enum qca_btsoc_type soc_type = qca_soc_type(hu); 988 989 while ((skb = skb_dequeue(&qca->rx_memdump_q))) { 990 991 mutex_lock(&qca->hci_memdump_lock); 992 /* Skip processing the received packets if timeout detected 993 * or memdump collection completed. 994 */ 995 if (qca->memdump_state == QCA_MEMDUMP_TIMEOUT || 996 qca->memdump_state == QCA_MEMDUMP_COLLECTED) { 997 mutex_unlock(&qca->hci_memdump_lock); 998 return; 999 } 1000 1001 if (!qca_memdump) { 1002 qca_memdump = kzalloc(sizeof(struct qca_memdump_data), 1003 GFP_ATOMIC); 1004 if (!qca_memdump) { 1005 mutex_unlock(&qca->hci_memdump_lock); 1006 return; 1007 } 1008 1009 qca->qca_memdump = qca_memdump; 1010 } 1011 1012 qca->memdump_state = QCA_MEMDUMP_COLLECTING; 1013 cmd_hdr = (void *) skb->data; 1014 seq_no = __le16_to_cpu(cmd_hdr->seq_no); 1015 skb_pull(skb, sizeof(struct qca_memdump_event_hdr)); 1016 1017 if (!seq_no) { 1018 1019 /* This is the first frame of memdump packet from 1020 * the controller, Disable IBS to recevie dump 1021 * with out any interruption, ideally time required for 1022 * the controller to send the dump is 8 seconds. let us 1023 * start timer to handle this asynchronous activity. 1024 */ 1025 set_bit(QCA_IBS_DISABLED, &qca->flags); 1026 set_bit(QCA_MEMDUMP_COLLECTION, &qca->flags); 1027 dump = (void *) skb->data; 1028 dump_size = __le32_to_cpu(dump->dump_size); 1029 if (!(dump_size)) { 1030 bt_dev_err(hu->hdev, "Rx invalid memdump size"); 1031 kfree(qca_memdump); 1032 kfree_skb(skb); 1033 qca->qca_memdump = NULL; 1034 mutex_unlock(&qca->hci_memdump_lock); 1035 return; 1036 } 1037 1038 bt_dev_info(hu->hdev, "QCA collecting dump of size:%u", 1039 dump_size); 1040 queue_delayed_work(qca->workqueue, 1041 &qca->ctrl_memdump_timeout, 1042 msecs_to_jiffies(MEMDUMP_TIMEOUT_MS) 1043 ); 1044 1045 skb_pull(skb, sizeof(dump_size)); 1046 memdump_buf = vmalloc(dump_size); 1047 qca_memdump->ram_dump_size = dump_size; 1048 qca_memdump->memdump_buf_head = memdump_buf; 1049 qca_memdump->memdump_buf_tail = memdump_buf; 1050 } 1051 1052 memdump_buf = qca_memdump->memdump_buf_tail; 1053 1054 /* If sequence no 0 is missed then there is no point in 1055 * accepting the other sequences. 1056 */ 1057 if (!memdump_buf) { 1058 bt_dev_err(hu->hdev, "QCA: Discarding other packets"); 1059 kfree(qca_memdump); 1060 kfree_skb(skb); 1061 qca->qca_memdump = NULL; 1062 mutex_unlock(&qca->hci_memdump_lock); 1063 return; 1064 } 1065 1066 /* There could be chance of missing some packets from 1067 * the controller. In such cases let us store the dummy 1068 * packets in the buffer. 1069 */ 1070 /* For QCA6390, controller does not lost packets but 1071 * sequence number field of packet sometimes has error 1072 * bits, so skip this checking for missing packet. 1073 */ 1074 while ((seq_no > qca_memdump->current_seq_no + 1) && 1075 (soc_type != QCA_QCA6390) && 1076 seq_no != QCA_LAST_SEQUENCE_NUM) { 1077 bt_dev_err(hu->hdev, "QCA controller missed packet:%d", 1078 qca_memdump->current_seq_no); 1079 rx_size = qca_memdump->received_dump; 1080 rx_size += QCA_DUMP_PACKET_SIZE; 1081 if (rx_size > qca_memdump->ram_dump_size) { 1082 bt_dev_err(hu->hdev, 1083 "QCA memdump received %d, no space for missed packet", 1084 qca_memdump->received_dump); 1085 break; 1086 } 1087 memcpy(memdump_buf, nullBuff, QCA_DUMP_PACKET_SIZE); 1088 memdump_buf = memdump_buf + QCA_DUMP_PACKET_SIZE; 1089 qca_memdump->received_dump += QCA_DUMP_PACKET_SIZE; 1090 qca_memdump->current_seq_no++; 1091 } 1092 1093 rx_size = qca_memdump->received_dump + skb->len; 1094 if (rx_size <= qca_memdump->ram_dump_size) { 1095 if ((seq_no != QCA_LAST_SEQUENCE_NUM) && 1096 (seq_no != qca_memdump->current_seq_no)) 1097 bt_dev_err(hu->hdev, 1098 "QCA memdump unexpected packet %d", 1099 seq_no); 1100 bt_dev_dbg(hu->hdev, 1101 "QCA memdump packet %d with length %d", 1102 seq_no, skb->len); 1103 memcpy(memdump_buf, (unsigned char *)skb->data, 1104 skb->len); 1105 memdump_buf = memdump_buf + skb->len; 1106 qca_memdump->memdump_buf_tail = memdump_buf; 1107 qca_memdump->current_seq_no = seq_no + 1; 1108 qca_memdump->received_dump += skb->len; 1109 } else { 1110 bt_dev_err(hu->hdev, 1111 "QCA memdump received %d, no space for packet %d", 1112 qca_memdump->received_dump, seq_no); 1113 } 1114 qca->qca_memdump = qca_memdump; 1115 kfree_skb(skb); 1116 if (seq_no == QCA_LAST_SEQUENCE_NUM) { 1117 bt_dev_info(hu->hdev, 1118 "QCA memdump Done, received %d, total %d", 1119 qca_memdump->received_dump, 1120 qca_memdump->ram_dump_size); 1121 memdump_buf = qca_memdump->memdump_buf_head; 1122 dev_coredumpv(&hu->serdev->dev, memdump_buf, 1123 qca_memdump->received_dump, GFP_KERNEL); 1124 cancel_delayed_work(&qca->ctrl_memdump_timeout); 1125 kfree(qca->qca_memdump); 1126 qca->qca_memdump = NULL; 1127 qca->memdump_state = QCA_MEMDUMP_COLLECTED; 1128 clear_bit(QCA_MEMDUMP_COLLECTION, &qca->flags); 1129 } 1130 1131 mutex_unlock(&qca->hci_memdump_lock); 1132 } 1133 1134} 1135 1136static int qca_controller_memdump_event(struct hci_dev *hdev, 1137 struct sk_buff *skb) 1138{ 1139 struct hci_uart *hu = hci_get_drvdata(hdev); 1140 struct qca_data *qca = hu->priv; 1141 1142 set_bit(QCA_SSR_TRIGGERED, &qca->flags); 1143 skb_queue_tail(&qca->rx_memdump_q, skb); 1144 queue_work(qca->workqueue, &qca->ctrl_memdump_evt); 1145 1146 return 0; 1147} 1148 1149static int qca_recv_event(struct hci_dev *hdev, struct sk_buff *skb) 1150{ 1151 struct hci_uart *hu = hci_get_drvdata(hdev); 1152 struct qca_data *qca = hu->priv; 1153 1154 if (test_bit(QCA_DROP_VENDOR_EVENT, &qca->flags)) { 1155 struct hci_event_hdr *hdr = (void *)skb->data; 1156 1157 /* For the WCN3990 the vendor command for a baudrate change 1158 * isn't sent as synchronous HCI command, because the 1159 * controller sends the corresponding vendor event with the 1160 * new baudrate. The event is received and properly decoded 1161 * after changing the baudrate of the host port. It needs to 1162 * be dropped, otherwise it can be misinterpreted as 1163 * response to a later firmware download command (also a 1164 * vendor command). 1165 */ 1166 1167 if (hdr->evt == HCI_EV_VENDOR) 1168 complete(&qca->drop_ev_comp); 1169 1170 kfree_skb(skb); 1171 1172 return 0; 1173 } 1174 /* We receive chip memory dump as an event packet, With a dedicated 1175 * handler followed by a hardware error event. When this event is 1176 * received we store dump into a file before closing hci. This 1177 * dump will help in triaging the issues. 1178 */ 1179 if ((skb->data[0] == HCI_VENDOR_PKT) && 1180 (get_unaligned_be16(skb->data + 2) == QCA_SSR_DUMP_HANDLE)) 1181 return qca_controller_memdump_event(hdev, skb); 1182 1183 return hci_recv_frame(hdev, skb); 1184} 1185 1186#define QCA_IBS_SLEEP_IND_EVENT \ 1187 .type = HCI_IBS_SLEEP_IND, \ 1188 .hlen = 0, \ 1189 .loff = 0, \ 1190 .lsize = 0, \ 1191 .maxlen = HCI_MAX_IBS_SIZE 1192 1193#define QCA_IBS_WAKE_IND_EVENT \ 1194 .type = HCI_IBS_WAKE_IND, \ 1195 .hlen = 0, \ 1196 .loff = 0, \ 1197 .lsize = 0, \ 1198 .maxlen = HCI_MAX_IBS_SIZE 1199 1200#define QCA_IBS_WAKE_ACK_EVENT \ 1201 .type = HCI_IBS_WAKE_ACK, \ 1202 .hlen = 0, \ 1203 .loff = 0, \ 1204 .lsize = 0, \ 1205 .maxlen = HCI_MAX_IBS_SIZE 1206 1207static const struct h4_recv_pkt qca_recv_pkts[] = { 1208 { H4_RECV_ACL, .recv = qca_recv_acl_data }, 1209 { H4_RECV_SCO, .recv = hci_recv_frame }, 1210 { H4_RECV_EVENT, .recv = qca_recv_event }, 1211 { QCA_IBS_WAKE_IND_EVENT, .recv = qca_ibs_wake_ind }, 1212 { QCA_IBS_WAKE_ACK_EVENT, .recv = qca_ibs_wake_ack }, 1213 { QCA_IBS_SLEEP_IND_EVENT, .recv = qca_ibs_sleep_ind }, 1214}; 1215 1216static int qca_recv(struct hci_uart *hu, const void *data, int count) 1217{ 1218 struct qca_data *qca = hu->priv; 1219 1220 if (!test_bit(HCI_UART_REGISTERED, &hu->flags)) 1221 return -EUNATCH; 1222 1223 qca->rx_skb = h4_recv_buf(hu->hdev, qca->rx_skb, data, count, 1224 qca_recv_pkts, ARRAY_SIZE(qca_recv_pkts)); 1225 if (IS_ERR(qca->rx_skb)) { 1226 int err = PTR_ERR(qca->rx_skb); 1227 bt_dev_err(hu->hdev, "Frame reassembly failed (%d)", err); 1228 qca->rx_skb = NULL; 1229 return err; 1230 } 1231 1232 return count; 1233} 1234 1235static struct sk_buff *qca_dequeue(struct hci_uart *hu) 1236{ 1237 struct qca_data *qca = hu->priv; 1238 1239 return skb_dequeue(&qca->txq); 1240} 1241 1242static uint8_t qca_get_baudrate_value(int speed) 1243{ 1244 switch (speed) { 1245 case 9600: 1246 return QCA_BAUDRATE_9600; 1247 case 19200: 1248 return QCA_BAUDRATE_19200; 1249 case 38400: 1250 return QCA_BAUDRATE_38400; 1251 case 57600: 1252 return QCA_BAUDRATE_57600; 1253 case 115200: 1254 return QCA_BAUDRATE_115200; 1255 case 230400: 1256 return QCA_BAUDRATE_230400; 1257 case 460800: 1258 return QCA_BAUDRATE_460800; 1259 case 500000: 1260 return QCA_BAUDRATE_500000; 1261 case 921600: 1262 return QCA_BAUDRATE_921600; 1263 case 1000000: 1264 return QCA_BAUDRATE_1000000; 1265 case 2000000: 1266 return QCA_BAUDRATE_2000000; 1267 case 3000000: 1268 return QCA_BAUDRATE_3000000; 1269 case 3200000: 1270 return QCA_BAUDRATE_3200000; 1271 case 3500000: 1272 return QCA_BAUDRATE_3500000; 1273 default: 1274 return QCA_BAUDRATE_115200; 1275 } 1276} 1277 1278static int qca_set_baudrate(struct hci_dev *hdev, uint8_t baudrate) 1279{ 1280 struct hci_uart *hu = hci_get_drvdata(hdev); 1281 struct qca_data *qca = hu->priv; 1282 struct sk_buff *skb; 1283 u8 cmd[] = { 0x01, 0x48, 0xFC, 0x01, 0x00 }; 1284 1285 if (baudrate > QCA_BAUDRATE_3200000) 1286 return -EINVAL; 1287 1288 cmd[4] = baudrate; 1289 1290 skb = bt_skb_alloc(sizeof(cmd), GFP_KERNEL); 1291 if (!skb) { 1292 bt_dev_err(hdev, "Failed to allocate baudrate packet"); 1293 return -ENOMEM; 1294 } 1295 1296 /* Assign commands to change baudrate and packet type. */ 1297 skb_put_data(skb, cmd, sizeof(cmd)); 1298 hci_skb_pkt_type(skb) = HCI_COMMAND_PKT; 1299 1300 skb_queue_tail(&qca->txq, skb); 1301 hci_uart_tx_wakeup(hu); 1302 1303 /* Wait for the baudrate change request to be sent */ 1304 1305 while (!skb_queue_empty(&qca->txq)) 1306 usleep_range(100, 200); 1307 1308 if (hu->serdev) 1309 serdev_device_wait_until_sent(hu->serdev, 1310 msecs_to_jiffies(CMD_TRANS_TIMEOUT_MS)); 1311 1312 /* Give the controller time to process the request */ 1313 if (qca_is_wcn399x(qca_soc_type(hu)) || 1314 qca_is_wcn6750(qca_soc_type(hu))) 1315 usleep_range(1000, 10000); 1316 else 1317 msleep(300); 1318 1319 return 0; 1320} 1321 1322static inline void host_set_baudrate(struct hci_uart *hu, unsigned int speed) 1323{ 1324 if (hu->serdev) 1325 serdev_device_set_baudrate(hu->serdev, speed); 1326 else 1327 hci_uart_set_baudrate(hu, speed); 1328} 1329 1330static int qca_send_power_pulse(struct hci_uart *hu, bool on) 1331{ 1332 int ret; 1333 int timeout = msecs_to_jiffies(CMD_TRANS_TIMEOUT_MS); 1334 u8 cmd = on ? QCA_WCN3990_POWERON_PULSE : QCA_WCN3990_POWEROFF_PULSE; 1335 1336 /* These power pulses are single byte command which are sent 1337 * at required baudrate to wcn3990. On wcn3990, we have an external 1338 * circuit at Tx pin which decodes the pulse sent at specific baudrate. 1339 * For example, wcn3990 supports RF COEX antenna for both Wi-Fi/BT 1340 * and also we use the same power inputs to turn on and off for 1341 * Wi-Fi/BT. Powering up the power sources will not enable BT, until 1342 * we send a power on pulse at 115200 bps. This algorithm will help to 1343 * save power. Disabling hardware flow control is mandatory while 1344 * sending power pulses to SoC. 1345 */ 1346 bt_dev_dbg(hu->hdev, "sending power pulse %02x to controller", cmd); 1347 1348 serdev_device_write_flush(hu->serdev); 1349 hci_uart_set_flow_control(hu, true); 1350 ret = serdev_device_write_buf(hu->serdev, &cmd, sizeof(cmd)); 1351 if (ret < 0) { 1352 bt_dev_err(hu->hdev, "failed to send power pulse %02x", cmd); 1353 return ret; 1354 } 1355 1356 serdev_device_wait_until_sent(hu->serdev, timeout); 1357 hci_uart_set_flow_control(hu, false); 1358 1359 /* Give to controller time to boot/shutdown */ 1360 if (on) 1361 msleep(100); 1362 else 1363 usleep_range(1000, 10000); 1364 1365 return 0; 1366} 1367 1368static unsigned int qca_get_speed(struct hci_uart *hu, 1369 enum qca_speed_type speed_type) 1370{ 1371 unsigned int speed = 0; 1372 1373 if (speed_type == QCA_INIT_SPEED) { 1374 if (hu->init_speed) 1375 speed = hu->init_speed; 1376 else if (hu->proto->init_speed) 1377 speed = hu->proto->init_speed; 1378 } else { 1379 if (hu->oper_speed) 1380 speed = hu->oper_speed; 1381 else if (hu->proto->oper_speed) 1382 speed = hu->proto->oper_speed; 1383 } 1384 1385 return speed; 1386} 1387 1388static int qca_check_speeds(struct hci_uart *hu) 1389{ 1390 if (qca_is_wcn399x(qca_soc_type(hu)) || 1391 qca_is_wcn6750(qca_soc_type(hu))) { 1392 if (!qca_get_speed(hu, QCA_INIT_SPEED) && 1393 !qca_get_speed(hu, QCA_OPER_SPEED)) 1394 return -EINVAL; 1395 } else { 1396 if (!qca_get_speed(hu, QCA_INIT_SPEED) || 1397 !qca_get_speed(hu, QCA_OPER_SPEED)) 1398 return -EINVAL; 1399 } 1400 1401 return 0; 1402} 1403 1404static int qca_set_speed(struct hci_uart *hu, enum qca_speed_type speed_type) 1405{ 1406 unsigned int speed, qca_baudrate; 1407 struct qca_data *qca = hu->priv; 1408 int ret = 0; 1409 1410 if (speed_type == QCA_INIT_SPEED) { 1411 speed = qca_get_speed(hu, QCA_INIT_SPEED); 1412 if (speed) 1413 host_set_baudrate(hu, speed); 1414 } else { 1415 enum qca_btsoc_type soc_type = qca_soc_type(hu); 1416 1417 speed = qca_get_speed(hu, QCA_OPER_SPEED); 1418 if (!speed) 1419 return 0; 1420 1421 /* Disable flow control for wcn3990 to deassert RTS while 1422 * changing the baudrate of chip and host. 1423 */ 1424 if (qca_is_wcn399x(soc_type) || 1425 qca_is_wcn6750(soc_type)) 1426 hci_uart_set_flow_control(hu, true); 1427 1428 if (soc_type == QCA_WCN3990) { 1429 reinit_completion(&qca->drop_ev_comp); 1430 set_bit(QCA_DROP_VENDOR_EVENT, &qca->flags); 1431 } 1432 1433 qca_baudrate = qca_get_baudrate_value(speed); 1434 bt_dev_dbg(hu->hdev, "Set UART speed to %d", speed); 1435 ret = qca_set_baudrate(hu->hdev, qca_baudrate); 1436 if (ret) 1437 goto error; 1438 1439 host_set_baudrate(hu, speed); 1440 1441error: 1442 if (qca_is_wcn399x(soc_type) || 1443 qca_is_wcn6750(soc_type)) 1444 hci_uart_set_flow_control(hu, false); 1445 1446 if (soc_type == QCA_WCN3990) { 1447 /* Wait for the controller to send the vendor event 1448 * for the baudrate change command. 1449 */ 1450 if (!wait_for_completion_timeout(&qca->drop_ev_comp, 1451 msecs_to_jiffies(100))) { 1452 bt_dev_err(hu->hdev, 1453 "Failed to change controller baudrate\n"); 1454 ret = -ETIMEDOUT; 1455 } 1456 1457 clear_bit(QCA_DROP_VENDOR_EVENT, &qca->flags); 1458 } 1459 } 1460 1461 return ret; 1462} 1463 1464static int qca_send_crashbuffer(struct hci_uart *hu) 1465{ 1466 struct qca_data *qca = hu->priv; 1467 struct sk_buff *skb; 1468 1469 skb = bt_skb_alloc(QCA_CRASHBYTE_PACKET_LEN, GFP_KERNEL); 1470 if (!skb) { 1471 bt_dev_err(hu->hdev, "Failed to allocate memory for skb packet"); 1472 return -ENOMEM; 1473 } 1474 1475 /* We forcefully crash the controller, by sending 0xfb byte for 1476 * 1024 times. We also might have chance of losing data, To be 1477 * on safer side we send 1096 bytes to the SoC. 1478 */ 1479 memset(skb_put(skb, QCA_CRASHBYTE_PACKET_LEN), QCA_MEMDUMP_BYTE, 1480 QCA_CRASHBYTE_PACKET_LEN); 1481 hci_skb_pkt_type(skb) = HCI_COMMAND_PKT; 1482 bt_dev_info(hu->hdev, "crash the soc to collect controller dump"); 1483 skb_queue_tail(&qca->txq, skb); 1484 hci_uart_tx_wakeup(hu); 1485 1486 return 0; 1487} 1488 1489static void qca_wait_for_dump_collection(struct hci_dev *hdev) 1490{ 1491 struct hci_uart *hu = hci_get_drvdata(hdev); 1492 struct qca_data *qca = hu->priv; 1493 1494 wait_on_bit_timeout(&qca->flags, QCA_MEMDUMP_COLLECTION, 1495 TASK_UNINTERRUPTIBLE, MEMDUMP_TIMEOUT_MS); 1496 1497 clear_bit(QCA_MEMDUMP_COLLECTION, &qca->flags); 1498} 1499 1500static void qca_hw_error(struct hci_dev *hdev, u8 code) 1501{ 1502 struct hci_uart *hu = hci_get_drvdata(hdev); 1503 struct qca_data *qca = hu->priv; 1504 1505 set_bit(QCA_SSR_TRIGGERED, &qca->flags); 1506 set_bit(QCA_HW_ERROR_EVENT, &qca->flags); 1507 bt_dev_info(hdev, "mem_dump_status: %d", qca->memdump_state); 1508 1509 if (qca->memdump_state == QCA_MEMDUMP_IDLE) { 1510 /* If hardware error event received for other than QCA 1511 * soc memory dump event, then we need to crash the SOC 1512 * and wait here for 8 seconds to get the dump packets. 1513 * This will block main thread to be on hold until we 1514 * collect dump. 1515 */ 1516 set_bit(QCA_MEMDUMP_COLLECTION, &qca->flags); 1517 qca_send_crashbuffer(hu); 1518 qca_wait_for_dump_collection(hdev); 1519 } else if (qca->memdump_state == QCA_MEMDUMP_COLLECTING) { 1520 /* Let us wait here until memory dump collected or 1521 * memory dump timer expired. 1522 */ 1523 bt_dev_info(hdev, "waiting for dump to complete"); 1524 qca_wait_for_dump_collection(hdev); 1525 } 1526 1527 mutex_lock(&qca->hci_memdump_lock); 1528 if (qca->memdump_state != QCA_MEMDUMP_COLLECTED) { 1529 bt_dev_err(hu->hdev, "clearing allocated memory due to memdump timeout"); 1530 if (qca->qca_memdump) { 1531 vfree(qca->qca_memdump->memdump_buf_head); 1532 kfree(qca->qca_memdump); 1533 qca->qca_memdump = NULL; 1534 } 1535 qca->memdump_state = QCA_MEMDUMP_TIMEOUT; 1536 cancel_delayed_work(&qca->ctrl_memdump_timeout); 1537 } 1538 mutex_unlock(&qca->hci_memdump_lock); 1539 1540 if (qca->memdump_state == QCA_MEMDUMP_TIMEOUT || 1541 qca->memdump_state == QCA_MEMDUMP_COLLECTED) { 1542 cancel_work_sync(&qca->ctrl_memdump_evt); 1543 skb_queue_purge(&qca->rx_memdump_q); 1544 } 1545 1546 clear_bit(QCA_HW_ERROR_EVENT, &qca->flags); 1547} 1548 1549static void qca_cmd_timeout(struct hci_dev *hdev) 1550{ 1551 struct hci_uart *hu = hci_get_drvdata(hdev); 1552 struct qca_data *qca = hu->priv; 1553 1554 set_bit(QCA_SSR_TRIGGERED, &qca->flags); 1555 if (qca->memdump_state == QCA_MEMDUMP_IDLE) { 1556 set_bit(QCA_MEMDUMP_COLLECTION, &qca->flags); 1557 qca_send_crashbuffer(hu); 1558 qca_wait_for_dump_collection(hdev); 1559 } else if (qca->memdump_state == QCA_MEMDUMP_COLLECTING) { 1560 /* Let us wait here until memory dump collected or 1561 * memory dump timer expired. 1562 */ 1563 bt_dev_info(hdev, "waiting for dump to complete"); 1564 qca_wait_for_dump_collection(hdev); 1565 } 1566 1567 mutex_lock(&qca->hci_memdump_lock); 1568 if (qca->memdump_state != QCA_MEMDUMP_COLLECTED) { 1569 qca->memdump_state = QCA_MEMDUMP_TIMEOUT; 1570 if (!test_bit(QCA_HW_ERROR_EVENT, &qca->flags)) { 1571 /* Inject hw error event to reset the device 1572 * and driver. 1573 */ 1574 hci_reset_dev(hu->hdev); 1575 } 1576 } 1577 mutex_unlock(&qca->hci_memdump_lock); 1578} 1579 1580static bool qca_wakeup(struct hci_dev *hdev) 1581{ 1582 struct hci_uart *hu = hci_get_drvdata(hdev); 1583 bool wakeup; 1584 1585 /* UART driver handles the interrupt from BT SoC.So we need to use 1586 * device handle of UART driver to get the status of device may wakeup. 1587 */ 1588 wakeup = device_may_wakeup(hu->serdev->ctrl->dev.parent); 1589 bt_dev_dbg(hu->hdev, "wakeup status : %d", wakeup); 1590 1591 return !wakeup; 1592} 1593 1594static int qca_regulator_init(struct hci_uart *hu) 1595{ 1596 enum qca_btsoc_type soc_type = qca_soc_type(hu); 1597 struct qca_serdev *qcadev; 1598 int ret; 1599 bool sw_ctrl_state; 1600 1601 /* Check for vregs status, may be hci down has turned 1602 * off the voltage regulator. 1603 */ 1604 qcadev = serdev_device_get_drvdata(hu->serdev); 1605 if (!qcadev->bt_power->vregs_on) { 1606 serdev_device_close(hu->serdev); 1607 ret = qca_regulator_enable(qcadev); 1608 if (ret) 1609 return ret; 1610 1611 ret = serdev_device_open(hu->serdev); 1612 if (ret) { 1613 bt_dev_err(hu->hdev, "failed to open port"); 1614 return ret; 1615 } 1616 } 1617 1618 if (qca_is_wcn399x(soc_type)) { 1619 /* Forcefully enable wcn399x to enter in to boot mode. */ 1620 host_set_baudrate(hu, 2400); 1621 ret = qca_send_power_pulse(hu, false); 1622 if (ret) 1623 return ret; 1624 } 1625 1626 /* For wcn6750 need to enable gpio bt_en */ 1627 if (qcadev->bt_en) { 1628 gpiod_set_value_cansleep(qcadev->bt_en, 0); 1629 msleep(50); 1630 gpiod_set_value_cansleep(qcadev->bt_en, 1); 1631 msleep(50); 1632 if (qcadev->sw_ctrl) { 1633 sw_ctrl_state = gpiod_get_value_cansleep(qcadev->sw_ctrl); 1634 bt_dev_dbg(hu->hdev, "SW_CTRL is %d", sw_ctrl_state); 1635 } 1636 } 1637 1638 qca_set_speed(hu, QCA_INIT_SPEED); 1639 1640 if (qca_is_wcn399x(soc_type)) { 1641 ret = qca_send_power_pulse(hu, true); 1642 if (ret) 1643 return ret; 1644 } 1645 1646 /* Now the device is in ready state to communicate with host. 1647 * To sync host with device we need to reopen port. 1648 * Without this, we will have RTS and CTS synchronization 1649 * issues. 1650 */ 1651 serdev_device_close(hu->serdev); 1652 ret = serdev_device_open(hu->serdev); 1653 if (ret) { 1654 bt_dev_err(hu->hdev, "failed to open port"); 1655 return ret; 1656 } 1657 1658 hci_uart_set_flow_control(hu, false); 1659 1660 return 0; 1661} 1662 1663static int qca_power_on(struct hci_dev *hdev) 1664{ 1665 struct hci_uart *hu = hci_get_drvdata(hdev); 1666 enum qca_btsoc_type soc_type = qca_soc_type(hu); 1667 struct qca_serdev *qcadev; 1668 struct qca_data *qca = hu->priv; 1669 int ret = 0; 1670 1671 /* Non-serdev device usually is powered by external power 1672 * and don't need additional action in driver for power on 1673 */ 1674 if (!hu->serdev) 1675 return 0; 1676 1677 if (qca_is_wcn399x(soc_type) || 1678 qca_is_wcn6750(soc_type)) { 1679 ret = qca_regulator_init(hu); 1680 } else { 1681 qcadev = serdev_device_get_drvdata(hu->serdev); 1682 if (qcadev->bt_en) { 1683 gpiod_set_value_cansleep(qcadev->bt_en, 1); 1684 /* Controller needs time to bootup. */ 1685 msleep(150); 1686 } 1687 } 1688 1689 clear_bit(QCA_BT_OFF, &qca->flags); 1690 return ret; 1691} 1692 1693static int qca_setup(struct hci_uart *hu) 1694{ 1695 struct hci_dev *hdev = hu->hdev; 1696 struct qca_data *qca = hu->priv; 1697 unsigned int speed, qca_baudrate = QCA_BAUDRATE_115200; 1698 unsigned int retries = 0; 1699 enum qca_btsoc_type soc_type = qca_soc_type(hu); 1700 const char *firmware_name = qca_get_firmware_name(hu); 1701 int ret; 1702 struct qca_btsoc_version ver; 1703 1704 ret = qca_check_speeds(hu); 1705 if (ret) 1706 return ret; 1707 1708 clear_bit(QCA_ROM_FW, &qca->flags); 1709 /* Patch downloading has to be done without IBS mode */ 1710 set_bit(QCA_IBS_DISABLED, &qca->flags); 1711 1712 /* Enable controller to do both LE scan and BR/EDR inquiry 1713 * simultaneously. 1714 */ 1715 set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks); 1716 1717 bt_dev_info(hdev, "setting up %s", 1718 qca_is_wcn399x(soc_type) ? "wcn399x" : 1719 (soc_type == QCA_WCN6750) ? "wcn6750" : "ROME/QCA6390"); 1720 1721 qca->memdump_state = QCA_MEMDUMP_IDLE; 1722 1723retry: 1724 ret = qca_power_on(hdev); 1725 if (ret) 1726 goto out; 1727 1728 clear_bit(QCA_SSR_TRIGGERED, &qca->flags); 1729 1730 if (qca_is_wcn399x(soc_type) || 1731 qca_is_wcn6750(soc_type)) { 1732 set_bit(HCI_QUIRK_USE_BDADDR_PROPERTY, &hdev->quirks); 1733 hci_set_aosp_capable(hdev); 1734 1735 ret = qca_read_soc_version(hdev, &ver, soc_type); 1736 if (ret) 1737 goto out; 1738 } else { 1739 qca_set_speed(hu, QCA_INIT_SPEED); 1740 } 1741 1742 /* Setup user speed if needed */ 1743 speed = qca_get_speed(hu, QCA_OPER_SPEED); 1744 if (speed) { 1745 ret = qca_set_speed(hu, QCA_OPER_SPEED); 1746 if (ret) 1747 goto out; 1748 1749 qca_baudrate = qca_get_baudrate_value(speed); 1750 } 1751 1752 if (!(qca_is_wcn399x(soc_type) || 1753 qca_is_wcn6750(soc_type))) { 1754 /* Get QCA version information */ 1755 ret = qca_read_soc_version(hdev, &ver, soc_type); 1756 if (ret) 1757 goto out; 1758 } 1759 1760 /* Setup patch / NVM configurations */ 1761 ret = qca_uart_setup(hdev, qca_baudrate, soc_type, ver, 1762 firmware_name); 1763 if (!ret) { 1764 clear_bit(QCA_IBS_DISABLED, &qca->flags); 1765 qca_debugfs_init(hdev); 1766 hu->hdev->hw_error = qca_hw_error; 1767 hu->hdev->cmd_timeout = qca_cmd_timeout; 1768 hu->hdev->wakeup = qca_wakeup; 1769 } else if (ret == -ENOENT) { 1770 /* No patch/nvm-config found, run with original fw/config */ 1771 set_bit(QCA_ROM_FW, &qca->flags); 1772 ret = 0; 1773 } else if (ret == -EAGAIN) { 1774 /* 1775 * Userspace firmware loader will return -EAGAIN in case no 1776 * patch/nvm-config is found, so run with original fw/config. 1777 */ 1778 set_bit(QCA_ROM_FW, &qca->flags); 1779 ret = 0; 1780 } 1781 1782out: 1783 if (ret && retries < MAX_INIT_RETRIES) { 1784 bt_dev_warn(hdev, "Retry BT power ON:%d", retries); 1785 qca_power_shutdown(hu); 1786 if (hu->serdev) { 1787 serdev_device_close(hu->serdev); 1788 ret = serdev_device_open(hu->serdev); 1789 if (ret) { 1790 bt_dev_err(hdev, "failed to open port"); 1791 return ret; 1792 } 1793 } 1794 retries++; 1795 goto retry; 1796 } 1797 1798 /* Setup bdaddr */ 1799 if (soc_type == QCA_ROME) 1800 hu->hdev->set_bdaddr = qca_set_bdaddr_rome; 1801 else 1802 hu->hdev->set_bdaddr = qca_set_bdaddr; 1803 1804 return ret; 1805} 1806 1807static const struct hci_uart_proto qca_proto = { 1808 .id = HCI_UART_QCA, 1809 .name = "QCA", 1810 .manufacturer = 29, 1811 .init_speed = 115200, 1812 .oper_speed = 3000000, 1813 .open = qca_open, 1814 .close = qca_close, 1815 .flush = qca_flush, 1816 .setup = qca_setup, 1817 .recv = qca_recv, 1818 .enqueue = qca_enqueue, 1819 .dequeue = qca_dequeue, 1820}; 1821 1822static const struct qca_device_data qca_soc_data_wcn3990 = { 1823 .soc_type = QCA_WCN3990, 1824 .vregs = (struct qca_vreg []) { 1825 { "vddio", 15000 }, 1826 { "vddxo", 80000 }, 1827 { "vddrf", 300000 }, 1828 { "vddch0", 450000 }, 1829 }, 1830 .num_vregs = 4, 1831}; 1832 1833static const struct qca_device_data qca_soc_data_wcn3991 = { 1834 .soc_type = QCA_WCN3991, 1835 .vregs = (struct qca_vreg []) { 1836 { "vddio", 15000 }, 1837 { "vddxo", 80000 }, 1838 { "vddrf", 300000 }, 1839 { "vddch0", 450000 }, 1840 }, 1841 .num_vregs = 4, 1842 .capabilities = QCA_CAP_WIDEBAND_SPEECH | QCA_CAP_VALID_LE_STATES, 1843}; 1844 1845static const struct qca_device_data qca_soc_data_wcn3998 = { 1846 .soc_type = QCA_WCN3998, 1847 .vregs = (struct qca_vreg []) { 1848 { "vddio", 10000 }, 1849 { "vddxo", 80000 }, 1850 { "vddrf", 300000 }, 1851 { "vddch0", 450000 }, 1852 }, 1853 .num_vregs = 4, 1854}; 1855 1856static const struct qca_device_data qca_soc_data_qca6390 = { 1857 .soc_type = QCA_QCA6390, 1858 .num_vregs = 0, 1859}; 1860 1861static const struct qca_device_data qca_soc_data_wcn6750 = { 1862 .soc_type = QCA_WCN6750, 1863 .vregs = (struct qca_vreg []) { 1864 { "vddio", 5000 }, 1865 { "vddaon", 26000 }, 1866 { "vddbtcxmx", 126000 }, 1867 { "vddrfacmn", 12500 }, 1868 { "vddrfa0p8", 102000 }, 1869 { "vddrfa1p7", 302000 }, 1870 { "vddrfa1p2", 257000 }, 1871 { "vddrfa2p2", 1700000 }, 1872 { "vddasd", 200 }, 1873 }, 1874 .num_vregs = 9, 1875 .capabilities = QCA_CAP_WIDEBAND_SPEECH | QCA_CAP_VALID_LE_STATES, 1876}; 1877 1878static void qca_power_shutdown(struct hci_uart *hu) 1879{ 1880 struct qca_serdev *qcadev; 1881 struct qca_data *qca = hu->priv; 1882 unsigned long flags; 1883 enum qca_btsoc_type soc_type = qca_soc_type(hu); 1884 bool sw_ctrl_state; 1885 1886 /* From this point we go into power off state. But serial port is 1887 * still open, stop queueing the IBS data and flush all the buffered 1888 * data in skb's. 1889 */ 1890 spin_lock_irqsave(&qca->hci_ibs_lock, flags); 1891 set_bit(QCA_IBS_DISABLED, &qca->flags); 1892 qca_flush(hu); 1893 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 1894 1895 /* Non-serdev device usually is powered by external power 1896 * and don't need additional action in driver for power down 1897 */ 1898 if (!hu->serdev) 1899 return; 1900 1901 qcadev = serdev_device_get_drvdata(hu->serdev); 1902 1903 if (qca_is_wcn399x(soc_type)) { 1904 host_set_baudrate(hu, 2400); 1905 qca_send_power_pulse(hu, false); 1906 qca_regulator_disable(qcadev); 1907 } else if (soc_type == QCA_WCN6750) { 1908 gpiod_set_value_cansleep(qcadev->bt_en, 0); 1909 msleep(100); 1910 qca_regulator_disable(qcadev); 1911 if (qcadev->sw_ctrl) { 1912 sw_ctrl_state = gpiod_get_value_cansleep(qcadev->sw_ctrl); 1913 bt_dev_dbg(hu->hdev, "SW_CTRL is %d", sw_ctrl_state); 1914 } 1915 } else if (qcadev->bt_en) { 1916 gpiod_set_value_cansleep(qcadev->bt_en, 0); 1917 } 1918 1919 set_bit(QCA_BT_OFF, &qca->flags); 1920} 1921 1922static int qca_power_off(struct hci_dev *hdev) 1923{ 1924 struct hci_uart *hu = hci_get_drvdata(hdev); 1925 struct qca_data *qca = hu->priv; 1926 enum qca_btsoc_type soc_type = qca_soc_type(hu); 1927 1928 hu->hdev->hw_error = NULL; 1929 hu->hdev->cmd_timeout = NULL; 1930 1931 del_timer_sync(&qca->wake_retrans_timer); 1932 del_timer_sync(&qca->tx_idle_timer); 1933 1934 /* Stop sending shutdown command if soc crashes. */ 1935 if (soc_type != QCA_ROME 1936 && qca->memdump_state == QCA_MEMDUMP_IDLE) { 1937 qca_send_pre_shutdown_cmd(hdev); 1938 usleep_range(8000, 10000); 1939 } 1940 1941 qca_power_shutdown(hu); 1942 return 0; 1943} 1944 1945static int qca_regulator_enable(struct qca_serdev *qcadev) 1946{ 1947 struct qca_power *power = qcadev->bt_power; 1948 int ret; 1949 1950 /* Already enabled */ 1951 if (power->vregs_on) 1952 return 0; 1953 1954 BT_DBG("enabling %d regulators)", power->num_vregs); 1955 1956 ret = regulator_bulk_enable(power->num_vregs, power->vreg_bulk); 1957 if (ret) 1958 return ret; 1959 1960 power->vregs_on = true; 1961 1962 ret = clk_prepare_enable(qcadev->susclk); 1963 if (ret) 1964 qca_regulator_disable(qcadev); 1965 1966 return ret; 1967} 1968 1969static void qca_regulator_disable(struct qca_serdev *qcadev) 1970{ 1971 struct qca_power *power; 1972 1973 if (!qcadev) 1974 return; 1975 1976 power = qcadev->bt_power; 1977 1978 /* Already disabled? */ 1979 if (!power->vregs_on) 1980 return; 1981 1982 regulator_bulk_disable(power->num_vregs, power->vreg_bulk); 1983 power->vregs_on = false; 1984 1985 clk_disable_unprepare(qcadev->susclk); 1986} 1987 1988static int qca_init_regulators(struct qca_power *qca, 1989 const struct qca_vreg *vregs, size_t num_vregs) 1990{ 1991 struct regulator_bulk_data *bulk; 1992 int ret; 1993 int i; 1994 1995 bulk = devm_kcalloc(qca->dev, num_vregs, sizeof(*bulk), GFP_KERNEL); 1996 if (!bulk) 1997 return -ENOMEM; 1998 1999 for (i = 0; i < num_vregs; i++) 2000 bulk[i].supply = vregs[i].name; 2001 2002 ret = devm_regulator_bulk_get(qca->dev, num_vregs, bulk); 2003 if (ret < 0) 2004 return ret; 2005 2006 for (i = 0; i < num_vregs; i++) { 2007 ret = regulator_set_load(bulk[i].consumer, vregs[i].load_uA); 2008 if (ret) 2009 return ret; 2010 } 2011 2012 qca->vreg_bulk = bulk; 2013 qca->num_vregs = num_vregs; 2014 2015 return 0; 2016} 2017 2018static int qca_serdev_probe(struct serdev_device *serdev) 2019{ 2020 struct qca_serdev *qcadev; 2021 struct hci_dev *hdev; 2022 const struct qca_device_data *data; 2023 int err; 2024 bool power_ctrl_enabled = true; 2025 2026 qcadev = devm_kzalloc(&serdev->dev, sizeof(*qcadev), GFP_KERNEL); 2027 if (!qcadev) 2028 return -ENOMEM; 2029 2030 qcadev->serdev_hu.serdev = serdev; 2031 data = device_get_match_data(&serdev->dev); 2032 serdev_device_set_drvdata(serdev, qcadev); 2033 device_property_read_string(&serdev->dev, "firmware-name", 2034 &qcadev->firmware_name); 2035 device_property_read_u32(&serdev->dev, "max-speed", 2036 &qcadev->oper_speed); 2037 if (!qcadev->oper_speed) 2038 BT_DBG("UART will pick default operating speed"); 2039 2040 if (data && 2041 (qca_is_wcn399x(data->soc_type) || 2042 qca_is_wcn6750(data->soc_type))) { 2043 qcadev->btsoc_type = data->soc_type; 2044 qcadev->bt_power = devm_kzalloc(&serdev->dev, 2045 sizeof(struct qca_power), 2046 GFP_KERNEL); 2047 if (!qcadev->bt_power) 2048 return -ENOMEM; 2049 2050 qcadev->bt_power->dev = &serdev->dev; 2051 err = qca_init_regulators(qcadev->bt_power, data->vregs, 2052 data->num_vregs); 2053 if (err) { 2054 BT_ERR("Failed to init regulators:%d", err); 2055 return err; 2056 } 2057 2058 qcadev->bt_power->vregs_on = false; 2059 2060 qcadev->bt_en = devm_gpiod_get_optional(&serdev->dev, "enable", 2061 GPIOD_OUT_LOW); 2062 if (IS_ERR_OR_NULL(qcadev->bt_en) && data->soc_type == QCA_WCN6750) { 2063 dev_err(&serdev->dev, "failed to acquire BT_EN gpio\n"); 2064 power_ctrl_enabled = false; 2065 } 2066 2067 qcadev->sw_ctrl = devm_gpiod_get_optional(&serdev->dev, "swctrl", 2068 GPIOD_IN); 2069 if (IS_ERR_OR_NULL(qcadev->sw_ctrl) && data->soc_type == QCA_WCN6750) 2070 dev_warn(&serdev->dev, "failed to acquire SW_CTRL gpio\n"); 2071 2072 qcadev->susclk = devm_clk_get_optional(&serdev->dev, NULL); 2073 if (IS_ERR(qcadev->susclk)) { 2074 dev_err(&serdev->dev, "failed to acquire clk\n"); 2075 return PTR_ERR(qcadev->susclk); 2076 } 2077 2078 err = hci_uart_register_device(&qcadev->serdev_hu, &qca_proto); 2079 if (err) { 2080 BT_ERR("wcn3990 serdev registration failed"); 2081 return err; 2082 } 2083 } else { 2084 if (data) 2085 qcadev->btsoc_type = data->soc_type; 2086 else 2087 qcadev->btsoc_type = QCA_ROME; 2088 2089 qcadev->bt_en = devm_gpiod_get_optional(&serdev->dev, "enable", 2090 GPIOD_OUT_LOW); 2091 if (IS_ERR_OR_NULL(qcadev->bt_en)) { 2092 dev_warn(&serdev->dev, "failed to acquire enable gpio\n"); 2093 power_ctrl_enabled = false; 2094 } 2095 2096 qcadev->susclk = devm_clk_get_optional(&serdev->dev, NULL); 2097 if (IS_ERR(qcadev->susclk)) { 2098 dev_warn(&serdev->dev, "failed to acquire clk\n"); 2099 return PTR_ERR(qcadev->susclk); 2100 } 2101 err = clk_set_rate(qcadev->susclk, SUSCLK_RATE_32KHZ); 2102 if (err) 2103 return err; 2104 2105 err = clk_prepare_enable(qcadev->susclk); 2106 if (err) 2107 return err; 2108 2109 err = hci_uart_register_device(&qcadev->serdev_hu, &qca_proto); 2110 if (err) { 2111 BT_ERR("Rome serdev registration failed"); 2112 clk_disable_unprepare(qcadev->susclk); 2113 return err; 2114 } 2115 } 2116 2117 hdev = qcadev->serdev_hu.hdev; 2118 2119 if (power_ctrl_enabled) { 2120 set_bit(HCI_QUIRK_NON_PERSISTENT_SETUP, &hdev->quirks); 2121 hdev->shutdown = qca_power_off; 2122 } 2123 2124 if (data) { 2125 /* Wideband speech support must be set per driver since it can't 2126 * be queried via hci. Same with the valid le states quirk. 2127 */ 2128 if (data->capabilities & QCA_CAP_WIDEBAND_SPEECH) 2129 set_bit(HCI_QUIRK_WIDEBAND_SPEECH_SUPPORTED, 2130 &hdev->quirks); 2131 2132 if (data->capabilities & QCA_CAP_VALID_LE_STATES) 2133 set_bit(HCI_QUIRK_VALID_LE_STATES, &hdev->quirks); 2134 } 2135 2136 return 0; 2137} 2138 2139static void qca_serdev_remove(struct serdev_device *serdev) 2140{ 2141 struct qca_serdev *qcadev = serdev_device_get_drvdata(serdev); 2142 struct qca_power *power = qcadev->bt_power; 2143 2144 if ((qca_is_wcn399x(qcadev->btsoc_type) || 2145 qca_is_wcn6750(qcadev->btsoc_type)) && 2146 power->vregs_on) 2147 qca_power_shutdown(&qcadev->serdev_hu); 2148 else if (qcadev->susclk) 2149 clk_disable_unprepare(qcadev->susclk); 2150 2151 hci_uart_unregister_device(&qcadev->serdev_hu); 2152} 2153 2154static void qca_serdev_shutdown(struct device *dev) 2155{ 2156 int ret; 2157 int timeout = msecs_to_jiffies(CMD_TRANS_TIMEOUT_MS); 2158 struct serdev_device *serdev = to_serdev_device(dev); 2159 struct qca_serdev *qcadev = serdev_device_get_drvdata(serdev); 2160 const u8 ibs_wake_cmd[] = { 0xFD }; 2161 const u8 edl_reset_soc_cmd[] = { 0x01, 0x00, 0xFC, 0x01, 0x05 }; 2162 2163 if (qcadev->btsoc_type == QCA_QCA6390) { 2164 serdev_device_write_flush(serdev); 2165 ret = serdev_device_write_buf(serdev, ibs_wake_cmd, 2166 sizeof(ibs_wake_cmd)); 2167 if (ret < 0) { 2168 BT_ERR("QCA send IBS_WAKE_IND error: %d", ret); 2169 return; 2170 } 2171 serdev_device_wait_until_sent(serdev, timeout); 2172 usleep_range(8000, 10000); 2173 2174 serdev_device_write_flush(serdev); 2175 ret = serdev_device_write_buf(serdev, edl_reset_soc_cmd, 2176 sizeof(edl_reset_soc_cmd)); 2177 if (ret < 0) { 2178 BT_ERR("QCA send EDL_RESET_REQ error: %d", ret); 2179 return; 2180 } 2181 serdev_device_wait_until_sent(serdev, timeout); 2182 usleep_range(8000, 10000); 2183 } 2184} 2185 2186static int __maybe_unused qca_suspend(struct device *dev) 2187{ 2188 struct serdev_device *serdev = to_serdev_device(dev); 2189 struct qca_serdev *qcadev = serdev_device_get_drvdata(serdev); 2190 struct hci_uart *hu = &qcadev->serdev_hu; 2191 struct qca_data *qca = hu->priv; 2192 unsigned long flags; 2193 bool tx_pending = false; 2194 int ret = 0; 2195 u8 cmd; 2196 u32 wait_timeout = 0; 2197 2198 set_bit(QCA_SUSPENDING, &qca->flags); 2199 2200 /* if BT SoC is running with default firmware then it does not 2201 * support in-band sleep 2202 */ 2203 if (test_bit(QCA_ROM_FW, &qca->flags)) 2204 return 0; 2205 2206 /* During SSR after memory dump collection, controller will be 2207 * powered off and then powered on.If controller is powered off 2208 * during SSR then we should wait until SSR is completed. 2209 */ 2210 if (test_bit(QCA_BT_OFF, &qca->flags) && 2211 !test_bit(QCA_SSR_TRIGGERED, &qca->flags)) 2212 return 0; 2213 2214 if (test_bit(QCA_IBS_DISABLED, &qca->flags) || 2215 test_bit(QCA_SSR_TRIGGERED, &qca->flags)) { 2216 wait_timeout = test_bit(QCA_SSR_TRIGGERED, &qca->flags) ? 2217 IBS_DISABLE_SSR_TIMEOUT_MS : 2218 FW_DOWNLOAD_TIMEOUT_MS; 2219 2220 /* QCA_IBS_DISABLED flag is set to true, During FW download 2221 * and during memory dump collection. It is reset to false, 2222 * After FW download complete. 2223 */ 2224 wait_on_bit_timeout(&qca->flags, QCA_IBS_DISABLED, 2225 TASK_UNINTERRUPTIBLE, msecs_to_jiffies(wait_timeout)); 2226 2227 if (test_bit(QCA_IBS_DISABLED, &qca->flags)) { 2228 bt_dev_err(hu->hdev, "SSR or FW download time out"); 2229 ret = -ETIMEDOUT; 2230 goto error; 2231 } 2232 } 2233 2234 cancel_work_sync(&qca->ws_awake_device); 2235 cancel_work_sync(&qca->ws_awake_rx); 2236 2237 spin_lock_irqsave_nested(&qca->hci_ibs_lock, 2238 flags, SINGLE_DEPTH_NESTING); 2239 2240 switch (qca->tx_ibs_state) { 2241 case HCI_IBS_TX_WAKING: 2242 del_timer(&qca->wake_retrans_timer); 2243 fallthrough; 2244 case HCI_IBS_TX_AWAKE: 2245 del_timer(&qca->tx_idle_timer); 2246 2247 serdev_device_write_flush(hu->serdev); 2248 cmd = HCI_IBS_SLEEP_IND; 2249 ret = serdev_device_write_buf(hu->serdev, &cmd, sizeof(cmd)); 2250 2251 if (ret < 0) { 2252 BT_ERR("Failed to send SLEEP to device"); 2253 break; 2254 } 2255 2256 qca->tx_ibs_state = HCI_IBS_TX_ASLEEP; 2257 qca->ibs_sent_slps++; 2258 tx_pending = true; 2259 break; 2260 2261 case HCI_IBS_TX_ASLEEP: 2262 break; 2263 2264 default: 2265 BT_ERR("Spurious tx state %d", qca->tx_ibs_state); 2266 ret = -EINVAL; 2267 break; 2268 } 2269 2270 spin_unlock_irqrestore(&qca->hci_ibs_lock, flags); 2271 2272 if (ret < 0) 2273 goto error; 2274 2275 if (tx_pending) { 2276 serdev_device_wait_until_sent(hu->serdev, 2277 msecs_to_jiffies(CMD_TRANS_TIMEOUT_MS)); 2278 serial_clock_vote(HCI_IBS_TX_VOTE_CLOCK_OFF, hu); 2279 } 2280 2281 /* Wait for HCI_IBS_SLEEP_IND sent by device to indicate its Tx is going 2282 * to sleep, so that the packet does not wake the system later. 2283 */ 2284 ret = wait_event_interruptible_timeout(qca->suspend_wait_q, 2285 qca->rx_ibs_state == HCI_IBS_RX_ASLEEP, 2286 msecs_to_jiffies(IBS_BTSOC_TX_IDLE_TIMEOUT_MS)); 2287 if (ret == 0) { 2288 ret = -ETIMEDOUT; 2289 goto error; 2290 } 2291 2292 return 0; 2293 2294error: 2295 clear_bit(QCA_SUSPENDING, &qca->flags); 2296 2297 return ret; 2298} 2299 2300static int __maybe_unused qca_resume(struct device *dev) 2301{ 2302 struct serdev_device *serdev = to_serdev_device(dev); 2303 struct qca_serdev *qcadev = serdev_device_get_drvdata(serdev); 2304 struct hci_uart *hu = &qcadev->serdev_hu; 2305 struct qca_data *qca = hu->priv; 2306 2307 clear_bit(QCA_SUSPENDING, &qca->flags); 2308 2309 return 0; 2310} 2311 2312static SIMPLE_DEV_PM_OPS(qca_pm_ops, qca_suspend, qca_resume); 2313 2314#ifdef CONFIG_OF 2315static const struct of_device_id qca_bluetooth_of_match[] = { 2316 { .compatible = "qcom,qca6174-bt" }, 2317 { .compatible = "qcom,qca6390-bt", .data = &qca_soc_data_qca6390}, 2318 { .compatible = "qcom,qca9377-bt" }, 2319 { .compatible = "qcom,wcn3990-bt", .data = &qca_soc_data_wcn3990}, 2320 { .compatible = "qcom,wcn3991-bt", .data = &qca_soc_data_wcn3991}, 2321 { .compatible = "qcom,wcn3998-bt", .data = &qca_soc_data_wcn3998}, 2322 { .compatible = "qcom,wcn6750-bt", .data = &qca_soc_data_wcn6750}, 2323 { /* sentinel */ } 2324}; 2325MODULE_DEVICE_TABLE(of, qca_bluetooth_of_match); 2326#endif 2327 2328#ifdef CONFIG_ACPI 2329static const struct acpi_device_id qca_bluetooth_acpi_match[] = { 2330 { "QCOM6390", (kernel_ulong_t)&qca_soc_data_qca6390 }, 2331 { "DLA16390", (kernel_ulong_t)&qca_soc_data_qca6390 }, 2332 { "DLB16390", (kernel_ulong_t)&qca_soc_data_qca6390 }, 2333 { "DLB26390", (kernel_ulong_t)&qca_soc_data_qca6390 }, 2334 { }, 2335}; 2336MODULE_DEVICE_TABLE(acpi, qca_bluetooth_acpi_match); 2337#endif 2338 2339 2340static struct serdev_device_driver qca_serdev_driver = { 2341 .probe = qca_serdev_probe, 2342 .remove = qca_serdev_remove, 2343 .driver = { 2344 .name = "hci_uart_qca", 2345 .of_match_table = of_match_ptr(qca_bluetooth_of_match), 2346 .acpi_match_table = ACPI_PTR(qca_bluetooth_acpi_match), 2347 .shutdown = qca_serdev_shutdown, 2348 .pm = &qca_pm_ops, 2349 }, 2350}; 2351 2352int __init qca_init(void) 2353{ 2354 serdev_device_driver_register(&qca_serdev_driver); 2355 2356 return hci_uart_register_proto(&qca_proto); 2357} 2358 2359int __exit qca_deinit(void) 2360{ 2361 serdev_device_driver_unregister(&qca_serdev_driver); 2362 2363 return hci_uart_unregister_proto(&qca_proto); 2364}