1 /*
2 * ng_ubt.c
3 */
4
5 /*-
6 * Copyright (c) 2001-2009 Maksim Yevmenkin <m_evmenkin@yahoo.com>
7 * All rights reserved.
8 *
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
11 * are met:
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in the
16 * documentation and/or other materials provided with the distribution.
17 *
18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
28 * SUCH DAMAGE.
29 *
30 * $Id: ng_ubt.c,v 1.16 2003/10/10 19:15:06 max Exp $
31 * $FreeBSD: head/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c 260482 2014-01-09 15:31:44Z adrian $
32 */
33
34 /*
35 * NOTE: ng_ubt2 driver has a split personality. On one side it is
36 * a USB device driver and on the other it is a Netgraph node. This
37 * driver will *NOT* create traditional /dev/ enties, only Netgraph
38 * node.
39 *
40 * NOTE ON LOCKS USED: ng_ubt2 drives uses 2 locks (mutexes)
41 *
42 * 1) sc_if_mtx - lock for device's interface #0 and #1. This lock is used
43 * by USB for any USB request going over device's interface #0 and #1,
44 * i.e. interrupt, control, bulk and isoc. transfers.
45 *
46 * 2) sc_ng_mtx - this lock is used to protect shared (between USB, Netgraph
47 * and Taskqueue) data, such as outgoing mbuf queues, task flags and hook
48 * pointer. This lock *SHOULD NOT* be grabbed for a long time. In fact,
49 * think of it as a spin lock.
50 *
51 * NOTE ON LOCKING STRATEGY: ng_ubt2 driver operates in 3 different contexts.
52 *
53 * 1) USB context. This is where all the USB related stuff happens. All
54 * callbacks run in this context. All callbacks are called (by USB) with
55 * appropriate interface lock held. It is (generally) allowed to grab
56 * any additional locks.
57 *
58 * 2) Netgraph context. This is where all the Netgraph related stuff happens.
59 * Since we mark node as WRITER, the Netgraph node will be "locked" (from
60 * Netgraph point of view). Any variable that is only modified from the
61 * Netgraph context does not require any additonal locking. It is generally
62 * *NOT* allowed to grab *ANY* additional locks. Whatever you do, *DO NOT*
63 * grab any lock in the Netgraph context that could cause de-scheduling of
64 * the Netgraph thread for significant amount of time. In fact, the only
65 * lock that is allowed in the Netgraph context is the sc_ng_mtx lock.
66 * Also make sure that any code that is called from the Netgraph context
67 * follows the rule above.
68 *
69 * 3) Taskqueue context. This is where ubt_task runs. Since we are generally
70 * NOT allowed to grab any lock that could cause de-scheduling in the
71 * Netgraph context, and, USB requires us to grab interface lock before
72 * doing things with transfers, it is safer to transition from the Netgraph
73 * context to the Taskqueue context before we can call into USB subsystem.
74 *
75 * So, to put everything together, the rules are as follows.
76 * It is OK to call from the USB context or the Taskqueue context into
77 * the Netgraph context (i.e. call NG_SEND_xxx functions). In other words
78 * it is allowed to call into the Netgraph context with locks held.
79 * Is it *NOT* OK to call from the Netgraph context into the USB context,
80 * because USB requires us to grab interface locks, and, it is safer to
81 * avoid it. So, to make things safer we set task flags to indicate which
82 * actions we want to perform and schedule ubt_task which would run in the
83 * Taskqueue context.
84 * Is is OK to call from the Taskqueue context into the USB context,
85 * and, ubt_task does just that (i.e. grabs appropriate interface locks
86 * before calling into USB).
87 * Access to the outgoing queues, task flags and hook pointer is
88 * controlled by the sc_ng_mtx lock. It is an unavoidable evil. Again,
89 * sc_ng_mtx should really be a spin lock (and it is very likely to an
90 * equivalent of spin lock due to adaptive nature of FreeBSD mutexes).
91 * All USB callbacks accept softc pointer as a private data. USB ensures
92 * that this pointer is valid.
93 */
94
95 #include <sys/stdint.h>
96 #include <sys/param.h>
97 #include <sys/queue.h>
98 #include <sys/types.h>
99 #include <sys/systm.h>
100 #include <sys/kernel.h>
101 #include <sys/bus.h>
102 #include <sys/module.h>
103 #include <sys/lock.h>
104 #include <sys/condvar.h>
105 #include <sys/sysctl.h>
106 #include <sys/unistd.h>
107 #include <sys/callout.h>
108 #include <sys/malloc.h>
109 #include <sys/caps.h>
110
111 #include "usbdevs.h"
112 #include <bus/u4b/usb.h>
113 #include <bus/u4b/usbdi.h>
114 #include <bus/u4b/usbdi_util.h>
115
116 #define USB_DEBUG_VAR usb_debug
117 #include <bus/u4b/usb_debug.h>
118 #include <bus/u4b/usb_busdma.h>
119
120 #include <sys/mbuf.h>
121 #include <sys/taskqueue.h>
122
123 #include <netgraph7/ng_message.h>
124 #include <netgraph7/netgraph.h>
125 #include <netgraph7/ng_parse.h>
126 #include <netgraph7/bluetooth/include/ng_bluetooth.h>
127 #include <netgraph7/bluetooth/include/ng_hci.h>
128 #include <netgraph7/bluetooth/include/ng_ubt.h>
129 #include <netgraph7/bluetooth/drivers/ubt/ng_ubt_var.h>
130
131 static int ubt_modevent(module_t, int, void *);
132 static device_probe_t ubt_probe;
133 static device_attach_t ubt_attach;
134 static device_detach_t ubt_detach;
135
136 static void ubt_task_schedule(ubt_softc_p, int);
137 static task_fn_t ubt_task;
138
139 #define ubt_xfer_start(sc, i) usbd_transfer_start((sc)->sc_xfer[(i)])
140
141 /* Netgraph methods */
142 static ng_constructor_t ng_ubt_constructor;
143 static ng_shutdown_t ng_ubt_shutdown;
144 static ng_newhook_t ng_ubt_newhook;
145 static ng_connect_t ng_ubt_connect;
146 static ng_disconnect_t ng_ubt_disconnect;
147 static ng_rcvmsg_t ng_ubt_rcvmsg;
148 static ng_rcvdata_t ng_ubt_rcvdata;
149
150 /* Queue length */
151 static const struct ng_parse_struct_field ng_ubt_node_qlen_type_fields[] =
152 {
153 { "queue", &ng_parse_int32_type, },
154 { "qlen", &ng_parse_int32_type, },
155 { NULL, }
156 };
157 static const struct ng_parse_type ng_ubt_node_qlen_type =
158 {
159 &ng_parse_struct_type,
160 &ng_ubt_node_qlen_type_fields
161 };
162
163 /* Stat info */
164 static const struct ng_parse_struct_field ng_ubt_node_stat_type_fields[] =
165 {
166 { "pckts_recv", &ng_parse_uint32_type, },
167 { "bytes_recv", &ng_parse_uint32_type, },
168 { "pckts_sent", &ng_parse_uint32_type, },
169 { "bytes_sent", &ng_parse_uint32_type, },
170 { "oerrors", &ng_parse_uint32_type, },
171 { "ierrors", &ng_parse_uint32_type, },
172 { NULL, }
173 };
174 static const struct ng_parse_type ng_ubt_node_stat_type =
175 {
176 &ng_parse_struct_type,
177 &ng_ubt_node_stat_type_fields
178 };
179
180 /* Netgraph node command list */
181 static const struct ng_cmdlist ng_ubt_cmdlist[] =
182 {
183 {
184 NGM_UBT_COOKIE,
185 NGM_UBT_NODE_SET_DEBUG,
186 "set_debug",
187 &ng_parse_uint16_type,
188 NULL
189 },
190 {
191 NGM_UBT_COOKIE,
192 NGM_UBT_NODE_GET_DEBUG,
193 "get_debug",
194 NULL,
195 &ng_parse_uint16_type
196 },
197 {
198 NGM_UBT_COOKIE,
199 NGM_UBT_NODE_SET_QLEN,
200 "set_qlen",
201 &ng_ubt_node_qlen_type,
202 NULL
203 },
204 {
205 NGM_UBT_COOKIE,
206 NGM_UBT_NODE_GET_QLEN,
207 "get_qlen",
208 &ng_ubt_node_qlen_type,
209 &ng_ubt_node_qlen_type
210 },
211 {
212 NGM_UBT_COOKIE,
213 NGM_UBT_NODE_GET_STAT,
214 "get_stat",
215 NULL,
216 &ng_ubt_node_stat_type
217 },
218 {
219 NGM_UBT_COOKIE,
220 NGM_UBT_NODE_RESET_STAT,
221 "reset_stat",
222 NULL,
223 NULL
224 },
225 { 0, }
226 };
227
228 /* Netgraph node type */
229 static struct ng_type typestruct =
230 {
231 .version = NG_ABI_VERSION,
232 .name = NG_UBT_NODE_TYPE,
233 .constructor = ng_ubt_constructor,
234 .rcvmsg = ng_ubt_rcvmsg,
235 .shutdown = ng_ubt_shutdown,
236 .newhook = ng_ubt_newhook,
237 .connect = ng_ubt_connect,
238 .rcvdata = ng_ubt_rcvdata,
239 .disconnect = ng_ubt_disconnect,
240 .cmdlist = ng_ubt_cmdlist
241 };
242
243 /****************************************************************************
244 ****************************************************************************
245 ** USB specific
246 ****************************************************************************
247 ****************************************************************************/
248
249 /* USB methods */
250 static usb_callback_t ubt_ctrl_write_callback;
251 static usb_callback_t ubt_intr_read_callback;
252 static usb_callback_t ubt_bulk_read_callback;
253 static usb_callback_t ubt_bulk_write_callback;
254 static usb_callback_t ubt_isoc_read_callback;
255 static usb_callback_t ubt_isoc_write_callback;
256
257 static int ubt_fwd_mbuf_up(ubt_softc_p, struct mbuf **);
258 static int ubt_isoc_read_one_frame(struct usb_xfer *, int);
259
260 /*
261 * USB config
262 *
263 * The following desribes usb transfers that could be submitted on USB device.
264 *
265 * Interface 0 on the USB device must present the following endpoints
266 * 1) Interrupt endpoint to receive HCI events
267 * 2) Bulk IN endpoint to receive ACL data
268 * 3) Bulk OUT endpoint to send ACL data
269 *
270 * Interface 1 on the USB device must present the following endpoints
271 * 1) Isochronous IN endpoint to receive SCO data
272 * 2) Isochronous OUT endpoint to send SCO data
273 */
274
275 static const struct usb_config ubt_config[UBT_N_TRANSFER] =
276 {
277 /*
278 * Interface #0
279 */
280
281 /* Outgoing bulk transfer - ACL packets */
282 [UBT_IF_0_BULK_DT_WR] = {
283 .type = UE_BULK,
284 .endpoint = UE_ADDR_ANY,
285 .direction = UE_DIR_OUT,
286 .if_index = 0,
287 .bufsize = UBT_BULK_WRITE_BUFFER_SIZE,
288 .flags = { .pipe_bof = 1, .force_short_xfer = 1, },
289 .callback = &ubt_bulk_write_callback,
290 },
291 /* Incoming bulk transfer - ACL packets */
292 [UBT_IF_0_BULK_DT_RD] = {
293 .type = UE_BULK,
294 .endpoint = UE_ADDR_ANY,
295 .direction = UE_DIR_IN,
296 .if_index = 0,
297 .bufsize = UBT_BULK_READ_BUFFER_SIZE,
298 .flags = { .pipe_bof = 1, .short_xfer_ok = 1, },
299 .callback = &ubt_bulk_read_callback,
300 },
301 /* Incoming interrupt transfer - HCI events */
302 [UBT_IF_0_INTR_DT_RD] = {
303 .type = UE_INTERRUPT,
304 .endpoint = UE_ADDR_ANY,
305 .direction = UE_DIR_IN,
306 .if_index = 0,
307 .flags = { .pipe_bof = 1, .short_xfer_ok = 1, },
308 .bufsize = UBT_INTR_BUFFER_SIZE,
309 .callback = &ubt_intr_read_callback,
310 },
311 /* Outgoing control transfer - HCI commands */
312 [UBT_IF_0_CTRL_DT_WR] = {
313 .type = UE_CONTROL,
314 .endpoint = 0x00, /* control pipe */
315 .direction = UE_DIR_ANY,
316 .if_index = 0,
317 .bufsize = UBT_CTRL_BUFFER_SIZE,
318 .callback = &ubt_ctrl_write_callback,
319 .timeout = 5000, /* 5 seconds */
320 },
321
322 /*
323 * Interface #1
324 */
325
326 /* Incoming isochronous transfer #1 - SCO packets */
327 [UBT_IF_1_ISOC_DT_RD1] = {
328 .type = UE_ISOCHRONOUS,
329 .endpoint = UE_ADDR_ANY,
330 .direction = UE_DIR_IN,
331 .if_index = 1,
332 .bufsize = 0, /* use "wMaxPacketSize * frames" */
333 .frames = UBT_ISOC_NFRAMES,
334 .flags = { .short_xfer_ok = 1, },
335 .callback = &ubt_isoc_read_callback,
336 },
337 /* Incoming isochronous transfer #2 - SCO packets */
338 [UBT_IF_1_ISOC_DT_RD2] = {
339 .type = UE_ISOCHRONOUS,
340 .endpoint = UE_ADDR_ANY,
341 .direction = UE_DIR_IN,
342 .if_index = 1,
343 .bufsize = 0, /* use "wMaxPacketSize * frames" */
344 .frames = UBT_ISOC_NFRAMES,
345 .flags = { .short_xfer_ok = 1, },
346 .callback = &ubt_isoc_read_callback,
347 },
348 /* Outgoing isochronous transfer #1 - SCO packets */
349 [UBT_IF_1_ISOC_DT_WR1] = {
350 .type = UE_ISOCHRONOUS,
351 .endpoint = UE_ADDR_ANY,
352 .direction = UE_DIR_OUT,
353 .if_index = 1,
354 .bufsize = 0, /* use "wMaxPacketSize * frames" */
355 .frames = UBT_ISOC_NFRAMES,
356 .flags = { .short_xfer_ok = 1, },
357 .callback = &ubt_isoc_write_callback,
358 },
359 /* Outgoing isochronous transfer #2 - SCO packets */
360 [UBT_IF_1_ISOC_DT_WR2] = {
361 .type = UE_ISOCHRONOUS,
362 .endpoint = UE_ADDR_ANY,
363 .direction = UE_DIR_OUT,
364 .if_index = 1,
365 .bufsize = 0, /* use "wMaxPacketSize * frames" */
366 .frames = UBT_ISOC_NFRAMES,
367 .flags = { .short_xfer_ok = 1, },
368 .callback = &ubt_isoc_write_callback,
369 },
370 };
371
372 /*
373 * If for some reason device should not be attached then put
374 * VendorID/ProductID pair into the list below. The format is
375 * as follows:
376 *
377 * { USB_VPI(VENDOR_ID, PRODUCT_ID, 0) },
378 *
379 * where VENDOR_ID and PRODUCT_ID are hex numbers.
380 */
381
382 static const STRUCT_USB_HOST_ID ubt_ignore_devs[] =
383 {
384 /* AVM USB Bluetooth-Adapter BlueFritz! v1.0 */
385 { USB_VPI(USB_VENDOR_AVM, 0x2200, 0) },
386
387 /* Atheros 3011 with sflash firmware */
388 { USB_VPI(0x0cf3, 0x3002, 0) },
389 { USB_VPI(0x0cf3, 0xe019, 0) },
390 { USB_VPI(0x13d3, 0x3304, 0) },
391 { USB_VPI(0x0930, 0x0215, 0) },
392 { USB_VPI(0x0489, 0xe03d, 0) },
393 { USB_VPI(0x0489, 0xe027, 0) },
394
395 /* Atheros AR9285 Malbec with sflash firmware */
396 { USB_VPI(0x03f0, 0x311d, 0) },
397
398 /* Atheros 3012 with sflash firmware */
399 { USB_VPI(0x0cf3, 0x3004, 0), USB_DEV_BCD_LTEQ(1) },
400 { USB_VPI(0x0cf3, 0x311d, 0), USB_DEV_BCD_LTEQ(1) },
401 { USB_VPI(0x13d3, 0x3375, 0), USB_DEV_BCD_LTEQ(1) },
402 { USB_VPI(0x04ca, 0x3005, 0), USB_DEV_BCD_LTEQ(1) },
403 { USB_VPI(0x04ca, 0x3006, 0), USB_DEV_BCD_LTEQ(1) },
404 { USB_VPI(0x04ca, 0x3008, 0), USB_DEV_BCD_LTEQ(1) },
405 { USB_VPI(0x13d3, 0x3362, 0), USB_DEV_BCD_LTEQ(1) },
406 { USB_VPI(0x0cf3, 0xe004, 0), USB_DEV_BCD_LTEQ(1) },
407 { USB_VPI(0x0930, 0x0219, 0), USB_DEV_BCD_LTEQ(1) },
408 { USB_VPI(0x0489, 0xe057, 0), USB_DEV_BCD_LTEQ(1) },
409 { USB_VPI(0x13d3, 0x3393, 0), USB_DEV_BCD_LTEQ(1) },
410 { USB_VPI(0x0489, 0xe04e, 0), USB_DEV_BCD_LTEQ(1) },
411 { USB_VPI(0x0489, 0xe056, 0), USB_DEV_BCD_LTEQ(1) },
412
413 /* Atheros AR5BBU12 with sflash firmware */
414 { USB_VPI(0x0489, 0xe02c, 0), USB_DEV_BCD_LTEQ(1) },
415
416 /* Atheros AR5BBU12 with sflash firmware */
417 { USB_VPI(0x0489, 0xe03c, 0), USB_DEV_BCD_LTEQ(1) },
418 { USB_VPI(0x0489, 0xe036, 0), USB_DEV_BCD_LTEQ(1) },
419 };
420
421 /* List of supported bluetooth devices */
422 static const STRUCT_USB_HOST_ID ubt_devs[] =
423 {
424 /* Generic Bluetooth class devices */
425 { USB_IFACE_CLASS(UDCLASS_WIRELESS),
426 USB_IFACE_SUBCLASS(UDSUBCLASS_RF),
427 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) },
428
429 /* AVM USB Bluetooth-Adapter BlueFritz! v2.0 */
430 { USB_VPI(USB_VENDOR_AVM, 0x3800, 0) },
431
432 /* Broadcom USB dongles, mostly BCM20702 and BCM20702A0 */
433 { USB_VENDOR(USB_VENDOR_BROADCOM),
434 USB_IFACE_CLASS(UICLASS_VENDOR),
435 USB_IFACE_SUBCLASS(UDSUBCLASS_RF),
436 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) },
437
438 /* Apple-specific (Broadcom) devices */
439 { USB_VENDOR(USB_VENDOR_APPLE),
440 USB_IFACE_CLASS(UICLASS_VENDOR),
441 USB_IFACE_SUBCLASS(UDSUBCLASS_RF),
442 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) },
443
444 /* Foxconn - Hon Hai */
445 { USB_VENDOR(USB_VENDOR_FOXCONN),
446 USB_IFACE_CLASS(UICLASS_VENDOR),
447 USB_IFACE_SUBCLASS(UDSUBCLASS_RF),
448 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) },
449
450 /* MediaTek MT76x0E */
451 { USB_VPI(USB_VENDOR_MEDIATEK, 0x763f, 0) },
452
453 /* Broadcom SoftSailing reporting vendor specific */
454 { USB_VPI(USB_VENDOR_BROADCOM, 0x21e1, 0) },
455
456 /* Apple MacBookPro 7,1 */
457 { USB_VPI(USB_VENDOR_APPLE, 0x8213, 0) },
458
459 /* Apple iMac11,1 */
460 { USB_VPI(USB_VENDOR_APPLE, 0x8215, 0) },
461
462 /* Apple MacBookPro6,2 */
463 { USB_VPI(USB_VENDOR_APPLE, 0x8218, 0) },
464
465 /* Apple MacBookAir3,1, MacBookAir3,2 */
466 { USB_VPI(USB_VENDOR_APPLE, 0x821b, 0) },
467
468 /* Apple MacBookAir4,1 */
469 { USB_VPI(USB_VENDOR_APPLE, 0x821f, 0) },
470
471 /* MacBookAir6,1 */
472 { USB_VPI(USB_VENDOR_APPLE, 0x828f, 0) },
473
474 /* Apple MacBookPro8,2 */
475 { USB_VPI(USB_VENDOR_APPLE, 0x821a, 0) },
476
477 /* Apple MacMini5,1 */
478 { USB_VPI(USB_VENDOR_APPLE, 0x8281, 0) },
479
480 /* Bluetooth Ultraport Module from IBM */
481 { USB_VPI(USB_VENDOR_TDK, 0x030a, 0) },
482
483 /* ALPS Modules with non-standard ID */
484 { USB_VPI(USB_VENDOR_ALPS, 0x3001, 0) },
485 { USB_VPI(USB_VENDOR_ALPS, 0x3002, 0) },
486
487 { USB_VPI(USB_VENDOR_ERICSSON2, 0x1002, 0) },
488
489 /* Canyon CN-BTU1 with HID interfaces */
490 { USB_VPI(USB_VENDOR_CANYON, 0x0000, 0) },
491
492 /* Broadcom BCM20702A0 */
493 { USB_VPI(USB_VENDOR_ASUS, 0x17b5, 0) },
494 { USB_VPI(USB_VENDOR_ASUS, 0x17cb, 0) },
495 { USB_VPI(USB_VENDOR_LITEON, 0x2003, 0) },
496 { USB_VPI(USB_VENDOR_FOXCONN, 0xe042, 0) },
497 { USB_VPI(USB_VENDOR_DELL, 0x8197, 0) },
498 };
499
500 /*
501 * Probe for a USB Bluetooth device.
502 * USB context.
503 */
504
505 static int
ubt_probe(device_t dev)506 ubt_probe(device_t dev)
507 {
508 struct usb_attach_arg *uaa = device_get_ivars(dev);
509 int error;
510
511 if (uaa->usb_mode != USB_MODE_HOST)
512 return (ENXIO);
513
514 if (uaa->info.bIfaceIndex != 0)
515 return (ENXIO);
516
517 if (usbd_lookup_id_by_uaa(ubt_ignore_devs,
518 sizeof(ubt_ignore_devs), uaa) == 0)
519 return (ENXIO);
520
521 error = usbd_lookup_id_by_uaa(ubt_devs, sizeof(ubt_devs), uaa);
522 if (error == 0)
523 return (BUS_PROBE_GENERIC);
524 return (error);
525 } /* ubt_probe */
526
527 /*
528 * Attach the device.
529 * USB context.
530 */
531
532 static int
ubt_attach(device_t dev)533 ubt_attach(device_t dev)
534 {
535 struct usb_attach_arg *uaa = device_get_ivars(dev);
536 struct ubt_softc *sc = device_get_softc(dev);
537 struct usb_endpoint_descriptor *ed;
538 struct usb_interface_descriptor *id;
539 struct usb_interface *iface;
540 uint16_t wMaxPacketSize;
541 uint8_t alt_index, i, j;
542 uint8_t iface_index[2] = { 0, 1 };
543
544 device_set_usb_desc(dev);
545
546 sc->sc_dev = dev;
547 sc->sc_debug = NG_UBT_WARN_LEVEL;
548
549 /*
550 * Create Netgraph node
551 */
552
553 if (ng_make_node_common(&typestruct, &sc->sc_node) != 0) {
554 UBT_ALERT(sc, "could not create Netgraph node\n");
555 return (ENXIO);
556 }
557
558 /* Name Netgraph node */
559 if (ng_name_node(sc->sc_node, device_get_nameunit(dev)) != 0) {
560 UBT_ALERT(sc, "could not name Netgraph node\n");
561 NG_NODE_UNREF(sc->sc_node);
562 return (ENXIO);
563 }
564 NG_NODE_SET_PRIVATE(sc->sc_node, sc);
565 NG_NODE_FORCE_WRITER(sc->sc_node);
566
567 /*
568 * Initialize device softc structure
569 */
570
571 /* initialize locks */
572 lockinit(&sc->sc_ng_lock, "ubt ng", 0, 0);
573 lockinit(&sc->sc_if_lock, "ubt if", 0, LK_CANRECURSE);
574
575 /* initialize packet queues */
576 NG_BT_MBUFQ_INIT(&sc->sc_cmdq, UBT_DEFAULT_QLEN);
577 NG_BT_MBUFQ_INIT(&sc->sc_aclq, UBT_DEFAULT_QLEN);
578 NG_BT_MBUFQ_INIT(&sc->sc_scoq, UBT_DEFAULT_QLEN);
579
580 /* initialize glue task */
581 TASK_INIT(&sc->sc_task, 0, ubt_task, sc);
582
583 /*
584 * Configure Bluetooth USB device. Discover all required USB
585 * interfaces and endpoints.
586 *
587 * USB device must present two interfaces:
588 * 1) Interface 0 that has 3 endpoints
589 * 1) Interrupt endpoint to receive HCI events
590 * 2) Bulk IN endpoint to receive ACL data
591 * 3) Bulk OUT endpoint to send ACL data
592 *
593 * 2) Interface 1 then has 2 endpoints
594 * 1) Isochronous IN endpoint to receive SCO data
595 * 2) Isochronous OUT endpoint to send SCO data
596 *
597 * Interface 1 (with isochronous endpoints) has several alternate
598 * configurations with different packet size.
599 */
600
601 /*
602 * For interface #1 search alternate settings, and find
603 * the descriptor with the largest wMaxPacketSize
604 */
605
606 wMaxPacketSize = 0;
607 alt_index = 0;
608 i = 0;
609 j = 0;
610 ed = NULL;
611
612 /*
613 * Search through all the descriptors looking for the largest
614 * packet size:
615 */
616 while ((ed = (struct usb_endpoint_descriptor *)usb_desc_foreach(
617 usbd_get_config_descriptor(uaa->device),
618 (struct usb_descriptor *)ed))) {
619
620 if ((ed->bDescriptorType == UDESC_INTERFACE) &&
621 (ed->bLength >= sizeof(*id))) {
622 id = (struct usb_interface_descriptor *)ed;
623 i = id->bInterfaceNumber;
624 j = id->bAlternateSetting;
625 }
626
627 if ((ed->bDescriptorType == UDESC_ENDPOINT) &&
628 (ed->bLength >= sizeof(*ed)) &&
629 (i == 1)) {
630 uint16_t temp;
631
632 temp = UGETW(ed->wMaxPacketSize);
633 if (temp > wMaxPacketSize) {
634 wMaxPacketSize = temp;
635 alt_index = j;
636 }
637 }
638 }
639
640 /* Set alt configuration on interface #1 only if we found it */
641 if (wMaxPacketSize > 0 &&
642 usbd_set_alt_interface_index(uaa->device, 1, alt_index)) {
643 UBT_ALERT(sc, "could not set alternate setting %d " \
644 "for interface 1!\n", alt_index);
645 goto detach;
646 }
647
648 /* Setup transfers for both interfaces */
649 if (usbd_transfer_setup(uaa->device, iface_index, sc->sc_xfer,
650 ubt_config, UBT_N_TRANSFER, sc, &sc->sc_if_lock)) {
651 UBT_ALERT(sc, "could not allocate transfers\n");
652 goto detach;
653 }
654
655 /* Claim all interfaces belonging to the Bluetooth part */
656 for (i = 1;; i++) {
657 iface = usbd_get_iface(uaa->device, i);
658 if (iface == NULL)
659 break;
660 id = usbd_get_interface_descriptor(iface);
661
662 if ((id != NULL) &&
663 (id->bInterfaceClass == UICLASS_WIRELESS) &&
664 (id->bInterfaceSubClass == UISUBCLASS_RF) &&
665 (id->bInterfaceProtocol == UIPROTO_BLUETOOTH)) {
666 usbd_set_parent_iface(uaa->device, i,
667 uaa->info.bIfaceIndex);
668 }
669 }
670 return (0); /* success */
671
672 detach:
673 ubt_detach(dev);
674
675 return (ENXIO);
676 } /* ubt_attach */
677
678 /*
679 * Detach the device.
680 * USB context.
681 */
682
683 int
ubt_detach(device_t dev)684 ubt_detach(device_t dev)
685 {
686 struct ubt_softc *sc = device_get_softc(dev);
687 node_p node = sc->sc_node;
688
689 /* Destroy Netgraph node */
690 if (node != NULL) {
691 sc->sc_node = NULL;
692 NG_NODE_REALLY_DIE(node);
693 ng_rmnode_self(node);
694 }
695
696 /* Make sure ubt_task in gone */
697 taskqueue_drain(taskqueue_swi, &sc->sc_task);
698
699 /* Free USB transfers, if any */
700 usbd_transfer_unsetup(sc->sc_xfer, UBT_N_TRANSFER);
701
702 /* Destroy queues */
703 UBT_NG_LOCK(sc);
704 NG_BT_MBUFQ_DESTROY(&sc->sc_cmdq);
705 NG_BT_MBUFQ_DESTROY(&sc->sc_aclq);
706 NG_BT_MBUFQ_DESTROY(&sc->sc_scoq);
707 UBT_NG_UNLOCK(sc);
708
709 lockuninit(&sc->sc_if_lock);
710 lockuninit(&sc->sc_ng_lock);
711
712 return (0);
713 } /* ubt_detach */
714
715 /*
716 * Called when outgoing control request (HCI command) has completed, i.e.
717 * HCI command was sent to the device.
718 * USB context.
719 */
720
721 static void
ubt_ctrl_write_callback(struct usb_xfer * xfer,usb_error_t error)722 ubt_ctrl_write_callback(struct usb_xfer *xfer, usb_error_t error)
723 {
724 struct ubt_softc *sc = usbd_xfer_softc(xfer);
725 struct usb_device_request req;
726 struct mbuf *m;
727 struct usb_page_cache *pc;
728 int actlen;
729
730 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
731
732 switch (USB_GET_STATE(xfer)) {
733 case USB_ST_TRANSFERRED:
734 UBT_INFO(sc, "sent %d bytes to control pipe\n", actlen);
735 UBT_STAT_BYTES_SENT(sc, actlen);
736 UBT_STAT_PCKTS_SENT(sc);
737 /* FALLTHROUGH */
738
739 case USB_ST_SETUP:
740 send_next:
741 /* Get next command mbuf, if any */
742 UBT_NG_LOCK(sc);
743 NG_BT_MBUFQ_DEQUEUE(&sc->sc_cmdq, m);
744 UBT_NG_UNLOCK(sc);
745
746 if (m == NULL) {
747 UBT_INFO(sc, "HCI command queue is empty\n");
748 break; /* transfer complete */
749 }
750
751 /* Initialize a USB control request and then schedule it */
752 bzero(&req, sizeof(req));
753 req.bmRequestType = UBT_HCI_REQUEST;
754 USETW(req.wLength, m->m_pkthdr.len);
755
756 UBT_INFO(sc, "Sending control request, " \
757 "bmRequestType=0x%02x, wLength=%d\n",
758 req.bmRequestType, UGETW(req.wLength));
759
760 pc = usbd_xfer_get_frame(xfer, 0);
761 usbd_copy_in(pc, 0, &req, sizeof(req));
762 pc = usbd_xfer_get_frame(xfer, 1);
763 usbd_m_copy_in(pc, 0, m, 0, m->m_pkthdr.len);
764
765 usbd_xfer_set_frame_len(xfer, 0, sizeof(req));
766 usbd_xfer_set_frame_len(xfer, 1, m->m_pkthdr.len);
767 usbd_xfer_set_frames(xfer, 2);
768
769 NG_FREE_M(m);
770
771 usbd_transfer_submit(xfer);
772 break;
773
774 default: /* Error */
775 if (error != USB_ERR_CANCELLED) {
776 UBT_WARN(sc, "control transfer failed: %s\n",
777 usbd_errstr(error));
778
779 UBT_STAT_OERROR(sc);
780 goto send_next;
781 }
782
783 /* transfer cancelled */
784 break;
785 }
786 } /* ubt_ctrl_write_callback */
787
788 /*
789 * Called when incoming interrupt transfer (HCI event) has completed, i.e.
790 * HCI event was received from the device.
791 * USB context.
792 */
793
794 static void
ubt_intr_read_callback(struct usb_xfer * xfer,usb_error_t error)795 ubt_intr_read_callback(struct usb_xfer *xfer, usb_error_t error)
796 {
797 struct ubt_softc *sc = usbd_xfer_softc(xfer);
798 struct mbuf *m;
799 ng_hci_event_pkt_t *hdr;
800 struct usb_page_cache *pc;
801 int actlen;
802
803 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
804
805 m = NULL;
806
807 switch (USB_GET_STATE(xfer)) {
808 case USB_ST_TRANSFERRED:
809 /* Allocate a new mbuf */
810 MGETHDR(m, M_NOWAIT, MT_DATA);
811 if (m == NULL) {
812 UBT_STAT_IERROR(sc);
813 goto submit_next;
814 }
815
816 MCLGET(m, M_NOWAIT);
817 if (!(m->m_flags & M_EXT)) {
818 UBT_STAT_IERROR(sc);
819 goto submit_next;
820 }
821
822 /* Add HCI packet type */
823 *mtod(m, uint8_t *)= NG_HCI_EVENT_PKT;
824 m->m_pkthdr.len = m->m_len = 1;
825
826 if (actlen > MCLBYTES - 1)
827 actlen = MCLBYTES - 1;
828
829 pc = usbd_xfer_get_frame(xfer, 0);
830 usbd_copy_out(pc, 0, mtod(m, uint8_t *) + 1, actlen);
831 m->m_pkthdr.len += actlen;
832 m->m_len += actlen;
833
834 UBT_INFO(sc, "got %d bytes from interrupt pipe\n",
835 actlen);
836
837 /* Validate packet and send it up the stack */
838 if (m->m_pkthdr.len < (int)sizeof(*hdr)) {
839 UBT_INFO(sc, "HCI event packet is too short\n");
840
841 UBT_STAT_IERROR(sc);
842 goto submit_next;
843 }
844
845 hdr = mtod(m, ng_hci_event_pkt_t *);
846 if (hdr->length != (m->m_pkthdr.len - sizeof(*hdr))) {
847 UBT_ERR(sc, "Invalid HCI event packet size, " \
848 "length=%d, pktlen=%d\n",
849 hdr->length, m->m_pkthdr.len);
850
851 UBT_STAT_IERROR(sc);
852 goto submit_next;
853 }
854
855 UBT_INFO(sc, "got complete HCI event frame, pktlen=%d, " \
856 "length=%d\n", m->m_pkthdr.len, hdr->length);
857
858 UBT_STAT_PCKTS_RECV(sc);
859 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len);
860
861 ubt_fwd_mbuf_up(sc, &m);
862 /* m == NULL at this point */
863 /* FALLTHROUGH */
864
865 case USB_ST_SETUP:
866 submit_next:
867 NG_FREE_M(m); /* checks for m != NULL */
868
869 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer));
870 usbd_transfer_submit(xfer);
871 break;
872
873 default: /* Error */
874 if (error != USB_ERR_CANCELLED) {
875 UBT_WARN(sc, "interrupt transfer failed: %s\n",
876 usbd_errstr(error));
877
878 /* Try to clear stall first */
879 usbd_xfer_set_stall(xfer);
880 goto submit_next;
881 }
882 /* transfer cancelled */
883 break;
884 }
885 } /* ubt_intr_read_callback */
886
887 /*
888 * Called when incoming bulk transfer (ACL packet) has completed, i.e.
889 * ACL packet was received from the device.
890 * USB context.
891 */
892
893 static void
ubt_bulk_read_callback(struct usb_xfer * xfer,usb_error_t error)894 ubt_bulk_read_callback(struct usb_xfer *xfer, usb_error_t error)
895 {
896 struct ubt_softc *sc = usbd_xfer_softc(xfer);
897 struct mbuf *m;
898 ng_hci_acldata_pkt_t *hdr;
899 struct usb_page_cache *pc;
900 int len;
901 int actlen;
902
903 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
904
905 m = NULL;
906
907 switch (USB_GET_STATE(xfer)) {
908 case USB_ST_TRANSFERRED:
909 /* Allocate new mbuf */
910 MGETHDR(m, M_NOWAIT, MT_DATA);
911 if (m == NULL) {
912 UBT_STAT_IERROR(sc);
913 goto submit_next;
914 }
915
916 MCLGET(m, M_NOWAIT);
917 if (!(m->m_flags & M_EXT)) {
918 UBT_STAT_IERROR(sc);
919 goto submit_next;
920 }
921
922 /* Add HCI packet type */
923 *mtod(m, uint8_t *)= NG_HCI_ACL_DATA_PKT;
924 m->m_pkthdr.len = m->m_len = 1;
925
926 if (actlen > MCLBYTES - 1)
927 actlen = MCLBYTES - 1;
928
929 pc = usbd_xfer_get_frame(xfer, 0);
930 usbd_copy_out(pc, 0, mtod(m, uint8_t *) + 1, actlen);
931 m->m_pkthdr.len += actlen;
932 m->m_len += actlen;
933
934 UBT_INFO(sc, "got %d bytes from bulk-in pipe\n",
935 actlen);
936
937 /* Validate packet and send it up the stack */
938 if (m->m_pkthdr.len < (int)sizeof(*hdr)) {
939 UBT_INFO(sc, "HCI ACL packet is too short\n");
940
941 UBT_STAT_IERROR(sc);
942 goto submit_next;
943 }
944
945 hdr = mtod(m, ng_hci_acldata_pkt_t *);
946 len = le16toh(hdr->length);
947 if (len != (int)(m->m_pkthdr.len - sizeof(*hdr))) {
948 UBT_ERR(sc, "Invalid ACL packet size, length=%d, " \
949 "pktlen=%d\n", len, m->m_pkthdr.len);
950
951 UBT_STAT_IERROR(sc);
952 goto submit_next;
953 }
954
955 UBT_INFO(sc, "got complete ACL data packet, pktlen=%d, " \
956 "length=%d\n", m->m_pkthdr.len, len);
957
958 UBT_STAT_PCKTS_RECV(sc);
959 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len);
960
961 ubt_fwd_mbuf_up(sc, &m);
962 /* m == NULL at this point */
963 /* FALLTHOUGH */
964
965 case USB_ST_SETUP:
966 submit_next:
967 NG_FREE_M(m); /* checks for m != NULL */
968
969 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer));
970 usbd_transfer_submit(xfer);
971 break;
972
973 default: /* Error */
974 if (error != USB_ERR_CANCELLED) {
975 UBT_WARN(sc, "bulk-in transfer failed: %s\n",
976 usbd_errstr(error));
977
978 /* Try to clear stall first */
979 usbd_xfer_set_stall(xfer);
980 goto submit_next;
981 }
982 /* transfer cancelled */
983 break;
984 }
985 } /* ubt_bulk_read_callback */
986
987 /*
988 * Called when outgoing bulk transfer (ACL packet) has completed, i.e.
989 * ACL packet was sent to the device.
990 * USB context.
991 */
992
993 static void
ubt_bulk_write_callback(struct usb_xfer * xfer,usb_error_t error)994 ubt_bulk_write_callback(struct usb_xfer *xfer, usb_error_t error)
995 {
996 struct ubt_softc *sc = usbd_xfer_softc(xfer);
997 struct mbuf *m;
998 struct usb_page_cache *pc;
999 int actlen;
1000
1001 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL);
1002
1003 switch (USB_GET_STATE(xfer)) {
1004 case USB_ST_TRANSFERRED:
1005 UBT_INFO(sc, "sent %d bytes to bulk-out pipe\n", actlen);
1006 UBT_STAT_BYTES_SENT(sc, actlen);
1007 UBT_STAT_PCKTS_SENT(sc);
1008 /* FALLTHROUGH */
1009
1010 case USB_ST_SETUP:
1011 send_next:
1012 /* Get next mbuf, if any */
1013 UBT_NG_LOCK(sc);
1014 NG_BT_MBUFQ_DEQUEUE(&sc->sc_aclq, m);
1015 UBT_NG_UNLOCK(sc);
1016
1017 if (m == NULL) {
1018 UBT_INFO(sc, "ACL data queue is empty\n");
1019 break; /* transfer completed */
1020 }
1021
1022 /*
1023 * Copy ACL data frame back to a linear USB transfer buffer
1024 * and schedule transfer
1025 */
1026
1027 pc = usbd_xfer_get_frame(xfer, 0);
1028 usbd_m_copy_in(pc, 0, m, 0, m->m_pkthdr.len);
1029 usbd_xfer_set_frame_len(xfer, 0, m->m_pkthdr.len);
1030
1031 UBT_INFO(sc, "bulk-out transfer has been started, len=%d\n",
1032 m->m_pkthdr.len);
1033
1034 NG_FREE_M(m);
1035
1036 usbd_transfer_submit(xfer);
1037 break;
1038
1039 default: /* Error */
1040 if (error != USB_ERR_CANCELLED) {
1041 UBT_WARN(sc, "bulk-out transfer failed: %s\n",
1042 usbd_errstr(error));
1043
1044 UBT_STAT_OERROR(sc);
1045
1046 /* try to clear stall first */
1047 usbd_xfer_set_stall(xfer);
1048 goto send_next;
1049 }
1050 /* transfer cancelled */
1051 break;
1052 }
1053 } /* ubt_bulk_write_callback */
1054
1055 /*
1056 * Called when incoming isoc transfer (SCO packet) has completed, i.e.
1057 * SCO packet was received from the device.
1058 * USB context.
1059 */
1060
1061 static void
ubt_isoc_read_callback(struct usb_xfer * xfer,usb_error_t error)1062 ubt_isoc_read_callback(struct usb_xfer *xfer, usb_error_t error)
1063 {
1064 struct ubt_softc *sc = usbd_xfer_softc(xfer);
1065 int n;
1066 int actlen, nframes;
1067
1068 usbd_xfer_status(xfer, &actlen, NULL, NULL, &nframes);
1069
1070 switch (USB_GET_STATE(xfer)) {
1071 case USB_ST_TRANSFERRED:
1072 for (n = 0; n < nframes; n ++)
1073 if (ubt_isoc_read_one_frame(xfer, n) < 0)
1074 break;
1075 /* FALLTHROUGH */
1076
1077 case USB_ST_SETUP:
1078 read_next:
1079 for (n = 0; n < nframes; n ++)
1080 usbd_xfer_set_frame_len(xfer, n,
1081 usbd_xfer_max_framelen(xfer));
1082
1083 usbd_transfer_submit(xfer);
1084 break;
1085
1086 default: /* Error */
1087 if (error != USB_ERR_CANCELLED) {
1088 UBT_STAT_IERROR(sc);
1089 goto read_next;
1090 }
1091
1092 /* transfer cancelled */
1093 break;
1094 }
1095 } /* ubt_isoc_read_callback */
1096
1097 /*
1098 * Helper function. Called from ubt_isoc_read_callback() to read
1099 * SCO data from one frame.
1100 * USB context.
1101 */
1102
1103 static int
ubt_isoc_read_one_frame(struct usb_xfer * xfer,int frame_no)1104 ubt_isoc_read_one_frame(struct usb_xfer *xfer, int frame_no)
1105 {
1106 struct ubt_softc *sc = usbd_xfer_softc(xfer);
1107 struct usb_page_cache *pc;
1108 struct mbuf *m;
1109 int len, want, got, total;
1110
1111 /* Get existing SCO reassembly buffer */
1112 pc = usbd_xfer_get_frame(xfer, 0);
1113 m = sc->sc_isoc_in_buffer;
1114 total = usbd_xfer_frame_len(xfer, frame_no);
1115
1116 /* While we have data in the frame */
1117 while (total > 0) {
1118 if (m == NULL) {
1119 /* Start new reassembly buffer */
1120 MGETHDR(m, M_NOWAIT, MT_DATA);
1121 if (m == NULL) {
1122 UBT_STAT_IERROR(sc);
1123 return (-1); /* XXX out of sync! */
1124 }
1125
1126 MCLGET(m, M_NOWAIT);
1127 if (!(m->m_flags & M_EXT)) {
1128 UBT_STAT_IERROR(sc);
1129 NG_FREE_M(m);
1130 return (-1); /* XXX out of sync! */
1131 }
1132
1133 /* Expect SCO header */
1134 *mtod(m, uint8_t *) = NG_HCI_SCO_DATA_PKT;
1135 m->m_pkthdr.len = m->m_len = got = 1;
1136 want = sizeof(ng_hci_scodata_pkt_t);
1137 } else {
1138 /*
1139 * Check if we have SCO header and if so
1140 * adjust amount of data we want
1141 */
1142 got = m->m_pkthdr.len;
1143 want = sizeof(ng_hci_scodata_pkt_t);
1144
1145 if (got >= want)
1146 want += mtod(m, ng_hci_scodata_pkt_t *)->length;
1147 }
1148
1149 /* Append frame data to the SCO reassembly buffer */
1150 len = total;
1151 if (got + len > want)
1152 len = want - got;
1153
1154 usbd_copy_out(pc, frame_no * usbd_xfer_max_framelen(xfer),
1155 mtod(m, uint8_t *) + m->m_pkthdr.len, len);
1156
1157 m->m_pkthdr.len += len;
1158 m->m_len += len;
1159 total -= len;
1160
1161 /* Check if we got everything we wanted, if not - continue */
1162 if (got != want)
1163 continue;
1164
1165 /* If we got here then we got complete SCO frame */
1166 UBT_INFO(sc, "got complete SCO data frame, pktlen=%d, " \
1167 "length=%d\n", m->m_pkthdr.len,
1168 mtod(m, ng_hci_scodata_pkt_t *)->length);
1169
1170 UBT_STAT_PCKTS_RECV(sc);
1171 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len);
1172
1173 ubt_fwd_mbuf_up(sc, &m);
1174 /* m == NULL at this point */
1175 }
1176
1177 /* Put SCO reassembly buffer back */
1178 sc->sc_isoc_in_buffer = m;
1179
1180 return (0);
1181 } /* ubt_isoc_read_one_frame */
1182
1183 /*
1184 * Called when outgoing isoc transfer (SCO packet) has completed, i.e.
1185 * SCO packet was sent to the device.
1186 * USB context.
1187 */
1188
1189 static void
ubt_isoc_write_callback(struct usb_xfer * xfer,usb_error_t error)1190 ubt_isoc_write_callback(struct usb_xfer *xfer, usb_error_t error)
1191 {
1192 struct ubt_softc *sc = usbd_xfer_softc(xfer);
1193 struct usb_page_cache *pc;
1194 struct mbuf *m;
1195 int n, space, offset;
1196 int actlen, nframes;
1197
1198 usbd_xfer_status(xfer, &actlen, NULL, NULL, &nframes);
1199 pc = usbd_xfer_get_frame(xfer, 0);
1200
1201 switch (USB_GET_STATE(xfer)) {
1202 case USB_ST_TRANSFERRED:
1203 UBT_INFO(sc, "sent %d bytes to isoc-out pipe\n", actlen);
1204 UBT_STAT_BYTES_SENT(sc, actlen);
1205 UBT_STAT_PCKTS_SENT(sc);
1206 /* FALLTHROUGH */
1207
1208 case USB_ST_SETUP:
1209 send_next:
1210 offset = 0;
1211 space = usbd_xfer_max_framelen(xfer) * nframes;
1212 m = NULL;
1213
1214 while (space > 0) {
1215 if (m == NULL) {
1216 UBT_NG_LOCK(sc);
1217 NG_BT_MBUFQ_DEQUEUE(&sc->sc_scoq, m);
1218 UBT_NG_UNLOCK(sc);
1219
1220 if (m == NULL)
1221 break;
1222 }
1223
1224 n = min(space, m->m_pkthdr.len);
1225 if (n > 0) {
1226 usbd_m_copy_in(pc, offset, m,0, n);
1227 m_adj(m, n);
1228
1229 offset += n;
1230 space -= n;
1231 }
1232
1233 if (m->m_pkthdr.len == 0)
1234 NG_FREE_M(m); /* sets m = NULL */
1235 }
1236
1237 /* Put whatever is left from mbuf back on queue */
1238 if (m != NULL) {
1239 UBT_NG_LOCK(sc);
1240 NG_BT_MBUFQ_PREPEND(&sc->sc_scoq, m);
1241 UBT_NG_UNLOCK(sc);
1242 }
1243
1244 /*
1245 * Calculate sizes for isoc frames.
1246 * Note that offset could be 0 at this point (i.e. we have
1247 * nothing to send). That is fine, as we have isoc. transfers
1248 * going in both directions all the time. In this case it
1249 * would be just empty isoc. transfer.
1250 */
1251
1252 for (n = 0; n < nframes; n ++) {
1253 usbd_xfer_set_frame_len(xfer, n,
1254 min(offset, usbd_xfer_max_framelen(xfer)));
1255 offset -= usbd_xfer_frame_len(xfer, n);
1256 }
1257
1258 usbd_transfer_submit(xfer);
1259 break;
1260
1261 default: /* Error */
1262 if (error != USB_ERR_CANCELLED) {
1263 UBT_STAT_OERROR(sc);
1264 goto send_next;
1265 }
1266
1267 /* transfer cancelled */
1268 break;
1269 }
1270 }
1271
1272 /*
1273 * Utility function to forward provided mbuf upstream (i.e. up the stack).
1274 * Modifies value of the mbuf pointer (sets it to NULL).
1275 * Save to call from any context.
1276 */
1277
1278 static int
ubt_fwd_mbuf_up(ubt_softc_p sc,struct mbuf ** m)1279 ubt_fwd_mbuf_up(ubt_softc_p sc, struct mbuf **m)
1280 {
1281 hook_p hook;
1282 int error;
1283
1284 /*
1285 * Close the race with Netgraph hook newhook/disconnect methods.
1286 * Save the hook pointer atomically. Two cases are possible:
1287 *
1288 * 1) The hook pointer is NULL. It means disconnect method got
1289 * there first. In this case we are done.
1290 *
1291 * 2) The hook pointer is not NULL. It means that hook pointer
1292 * could be either in valid or invalid (i.e. in the process
1293 * of disconnect) state. In any case grab an extra reference
1294 * to protect the hook pointer.
1295 *
1296 * It is ok to pass hook in invalid state to NG_SEND_DATA_ONLY() as
1297 * it checks for it. Drop extra reference after NG_SEND_DATA_ONLY().
1298 */
1299
1300 UBT_NG_LOCK(sc);
1301 if ((hook = sc->sc_hook) != NULL)
1302 NG_HOOK_REF(hook);
1303 UBT_NG_UNLOCK(sc);
1304
1305 if (hook == NULL) {
1306 NG_FREE_M(*m);
1307 return (ENETDOWN);
1308 }
1309
1310 NG_SEND_DATA_ONLY(error, hook, *m);
1311 NG_HOOK_UNREF(hook);
1312
1313 if (error != 0)
1314 UBT_STAT_IERROR(sc);
1315
1316 return (error);
1317 } /* ubt_fwd_mbuf_up */
1318
1319 /****************************************************************************
1320 ****************************************************************************
1321 ** Glue
1322 ****************************************************************************
1323 ****************************************************************************/
1324
1325 /*
1326 * Schedule glue task. Should be called with sc_ng_mtx held.
1327 * Netgraph context.
1328 */
1329
1330 static void
ubt_task_schedule(ubt_softc_p sc,int action)1331 ubt_task_schedule(ubt_softc_p sc, int action)
1332 {
1333 KKASSERT(lockowned(&sc->sc_ng_lock) != 0);
1334
1335 /*
1336 * Try to handle corner case when "start all" and "stop all"
1337 * actions can both be set before task is executed.
1338 *
1339 * The rules are
1340 *
1341 * sc_task_flags action new sc_task_flags
1342 * ------------------------------------------------------
1343 * 0 start start
1344 * 0 stop stop
1345 * start start start
1346 * start stop stop
1347 * stop start stop|start
1348 * stop stop stop
1349 * stop|start start stop|start
1350 * stop|start stop stop
1351 */
1352
1353 if (action != 0) {
1354 if ((action & UBT_FLAG_T_STOP_ALL) != 0)
1355 sc->sc_task_flags &= ~UBT_FLAG_T_START_ALL;
1356
1357 sc->sc_task_flags |= action;
1358 }
1359
1360 if (sc->sc_task_flags & UBT_FLAG_T_PENDING)
1361 return;
1362
1363 if (taskqueue_enqueue(taskqueue_swi, &sc->sc_task) == 0) {
1364 sc->sc_task_flags |= UBT_FLAG_T_PENDING;
1365 return;
1366 }
1367
1368 /* XXX: i think this should never happen */
1369 } /* ubt_task_schedule */
1370
1371 /*
1372 * Glue task. Examines sc_task_flags and does things depending on it.
1373 * Taskqueue context.
1374 */
1375
1376 static void
ubt_task(void * context,int pending)1377 ubt_task(void *context, int pending)
1378 {
1379 ubt_softc_p sc = context;
1380 int task_flags, i;
1381
1382 UBT_NG_LOCK(sc);
1383 task_flags = sc->sc_task_flags;
1384 sc->sc_task_flags = 0;
1385 UBT_NG_UNLOCK(sc);
1386
1387 /*
1388 * Stop all USB transfers synchronously.
1389 * Stop interface #0 and #1 transfers at the same time and in the
1390 * same loop. usbd_transfer_drain() will do appropriate locking.
1391 */
1392
1393 if (task_flags & UBT_FLAG_T_STOP_ALL)
1394 for (i = 0; i < UBT_N_TRANSFER; i ++)
1395 usbd_transfer_drain(sc->sc_xfer[i]);
1396
1397 /* Start incoming interrupt and bulk, and all isoc. USB transfers */
1398 if (task_flags & UBT_FLAG_T_START_ALL) {
1399 /*
1400 * Interface #0
1401 */
1402
1403 lockmgr(&sc->sc_if_lock, LK_EXCLUSIVE);
1404
1405 ubt_xfer_start(sc, UBT_IF_0_INTR_DT_RD);
1406 ubt_xfer_start(sc, UBT_IF_0_BULK_DT_RD);
1407
1408 /*
1409 * Interface #1
1410 * Start both read and write isoc. transfers by default.
1411 * Get them going all the time even if we have nothing
1412 * to send to avoid any delays.
1413 */
1414
1415 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_RD1);
1416 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_RD2);
1417 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_WR1);
1418 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_WR2);
1419
1420 lockmgr(&sc->sc_if_lock, LK_RELEASE);
1421 }
1422
1423 /* Start outgoing control transfer */
1424 if (task_flags & UBT_FLAG_T_START_CTRL) {
1425 lockmgr(&sc->sc_if_lock, LK_EXCLUSIVE);
1426 ubt_xfer_start(sc, UBT_IF_0_CTRL_DT_WR);
1427 lockmgr(&sc->sc_if_lock, LK_RELEASE);
1428 }
1429
1430 /* Start outgoing bulk transfer */
1431 if (task_flags & UBT_FLAG_T_START_BULK) {
1432 lockmgr(&sc->sc_if_lock, LK_EXCLUSIVE);
1433 ubt_xfer_start(sc, UBT_IF_0_BULK_DT_WR);
1434 lockmgr(&sc->sc_if_lock, LK_RELEASE);
1435 }
1436 } /* ubt_task */
1437
1438 /****************************************************************************
1439 ****************************************************************************
1440 ** Netgraph specific
1441 ****************************************************************************
1442 ****************************************************************************/
1443
1444 /*
1445 * Netgraph node constructor. Do not allow to create node of this type.
1446 * Netgraph context.
1447 */
1448
1449 static int
ng_ubt_constructor(node_p node)1450 ng_ubt_constructor(node_p node)
1451 {
1452 return (EINVAL);
1453 } /* ng_ubt_constructor */
1454
1455 /*
1456 * Netgraph node destructor. Destroy node only when device has been detached.
1457 * Netgraph context.
1458 */
1459
1460 static int
ng_ubt_shutdown(node_p node)1461 ng_ubt_shutdown(node_p node)
1462 {
1463 if (node->nd_flags & NGF_REALLY_DIE) {
1464 /*
1465 * We came here because the USB device is being
1466 * detached, so stop being persistant.
1467 */
1468 NG_NODE_SET_PRIVATE(node, NULL);
1469 NG_NODE_UNREF(node);
1470 } else
1471 NG_NODE_REVIVE(node); /* tell ng_rmnode we are persisant */
1472
1473 return (0);
1474 } /* ng_ubt_shutdown */
1475
1476 /*
1477 * Create new hook. There can only be one.
1478 * Netgraph context.
1479 */
1480
1481 static int
ng_ubt_newhook(node_p node,hook_p hook,char const * name)1482 ng_ubt_newhook(node_p node, hook_p hook, char const *name)
1483 {
1484 struct ubt_softc *sc = NG_NODE_PRIVATE(node);
1485
1486 if (strcmp(name, NG_UBT_HOOK) != 0)
1487 return (EINVAL);
1488
1489 UBT_NG_LOCK(sc);
1490 if (sc->sc_hook != NULL) {
1491 UBT_NG_UNLOCK(sc);
1492
1493 return (EISCONN);
1494 }
1495
1496 sc->sc_hook = hook;
1497 UBT_NG_UNLOCK(sc);
1498
1499 return (0);
1500 } /* ng_ubt_newhook */
1501
1502 /*
1503 * Connect hook. Start incoming USB transfers.
1504 * Netgraph context.
1505 */
1506
1507 static int
ng_ubt_connect(hook_p hook)1508 ng_ubt_connect(hook_p hook)
1509 {
1510 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1511
1512 NG_HOOK_FORCE_QUEUE(NG_HOOK_PEER(hook));
1513
1514 UBT_NG_LOCK(sc);
1515 ubt_task_schedule(sc, UBT_FLAG_T_START_ALL);
1516 UBT_NG_UNLOCK(sc);
1517
1518 return (0);
1519 } /* ng_ubt_connect */
1520
1521 /*
1522 * Disconnect hook.
1523 * Netgraph context.
1524 */
1525
1526 static int
ng_ubt_disconnect(hook_p hook)1527 ng_ubt_disconnect(hook_p hook)
1528 {
1529 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1530
1531 UBT_NG_LOCK(sc);
1532
1533 if (hook != sc->sc_hook) {
1534 UBT_NG_UNLOCK(sc);
1535
1536 return (EINVAL);
1537 }
1538
1539 sc->sc_hook = NULL;
1540
1541 /* Kick off task to stop all USB xfers */
1542 ubt_task_schedule(sc, UBT_FLAG_T_STOP_ALL);
1543
1544 /* Drain queues */
1545 NG_BT_MBUFQ_DRAIN(&sc->sc_cmdq);
1546 NG_BT_MBUFQ_DRAIN(&sc->sc_aclq);
1547 NG_BT_MBUFQ_DRAIN(&sc->sc_scoq);
1548
1549 UBT_NG_UNLOCK(sc);
1550
1551 return (0);
1552 } /* ng_ubt_disconnect */
1553
1554 /*
1555 * Process control message.
1556 * Netgraph context.
1557 */
1558
1559 static int
ng_ubt_rcvmsg(node_p node,item_p item,hook_p lasthook)1560 ng_ubt_rcvmsg(node_p node, item_p item, hook_p lasthook)
1561 {
1562 struct ubt_softc *sc = NG_NODE_PRIVATE(node);
1563 struct ng_mesg *msg, *rsp = NULL;
1564 struct ng_bt_mbufq *q;
1565 int error = 0, queue, qlen;
1566
1567 NGI_GET_MSG(item, msg);
1568
1569 switch (msg->header.typecookie) {
1570 case NGM_GENERIC_COOKIE:
1571 switch (msg->header.cmd) {
1572 case NGM_TEXT_STATUS:
1573 NG_MKRESPONSE(rsp, msg, NG_TEXTRESPONSE, M_WAITOK | M_NULLOK);
1574 if (rsp == NULL) {
1575 error = ENOMEM;
1576 break;
1577 }
1578
1579 ksnprintf(rsp->data, NG_TEXTRESPONSE,
1580 "Hook: %s\n" \
1581 "Task flags: %#x\n" \
1582 "Debug: %d\n" \
1583 "CMD queue: [have:%d,max:%d]\n" \
1584 "ACL queue: [have:%d,max:%d]\n" \
1585 "SCO queue: [have:%d,max:%d]",
1586 (sc->sc_hook != NULL) ? NG_UBT_HOOK : "",
1587 sc->sc_task_flags,
1588 sc->sc_debug,
1589 sc->sc_cmdq.len,
1590 sc->sc_cmdq.maxlen,
1591 sc->sc_aclq.len,
1592 sc->sc_aclq.maxlen,
1593 sc->sc_scoq.len,
1594 sc->sc_scoq.maxlen);
1595 break;
1596
1597 default:
1598 error = EINVAL;
1599 break;
1600 }
1601 break;
1602
1603 case NGM_UBT_COOKIE:
1604 switch (msg->header.cmd) {
1605 case NGM_UBT_NODE_SET_DEBUG:
1606 if (msg->header.arglen != sizeof(ng_ubt_node_debug_ep)){
1607 error = EMSGSIZE;
1608 break;
1609 }
1610
1611 sc->sc_debug = *((ng_ubt_node_debug_ep *) (msg->data));
1612 break;
1613
1614 case NGM_UBT_NODE_GET_DEBUG:
1615 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_debug_ep),
1616 M_WAITOK | M_NULLOK);
1617 if (rsp == NULL) {
1618 error = ENOMEM;
1619 break;
1620 }
1621
1622 *((ng_ubt_node_debug_ep *) (rsp->data)) = sc->sc_debug;
1623 break;
1624
1625 case NGM_UBT_NODE_SET_QLEN:
1626 if (msg->header.arglen != sizeof(ng_ubt_node_qlen_ep)) {
1627 error = EMSGSIZE;
1628 break;
1629 }
1630
1631 queue = ((ng_ubt_node_qlen_ep *) (msg->data))->queue;
1632 qlen = ((ng_ubt_node_qlen_ep *) (msg->data))->qlen;
1633
1634 switch (queue) {
1635 case NGM_UBT_NODE_QUEUE_CMD:
1636 q = &sc->sc_cmdq;
1637 break;
1638
1639 case NGM_UBT_NODE_QUEUE_ACL:
1640 q = &sc->sc_aclq;
1641 break;
1642
1643 case NGM_UBT_NODE_QUEUE_SCO:
1644 q = &sc->sc_scoq;
1645 break;
1646
1647 default:
1648 error = EINVAL;
1649 goto done;
1650 /* NOT REACHED */
1651 }
1652
1653 q->maxlen = qlen;
1654 break;
1655
1656 case NGM_UBT_NODE_GET_QLEN:
1657 if (msg->header.arglen != sizeof(ng_ubt_node_qlen_ep)) {
1658 error = EMSGSIZE;
1659 break;
1660 }
1661
1662 queue = ((ng_ubt_node_qlen_ep *) (msg->data))->queue;
1663
1664 switch (queue) {
1665 case NGM_UBT_NODE_QUEUE_CMD:
1666 q = &sc->sc_cmdq;
1667 break;
1668
1669 case NGM_UBT_NODE_QUEUE_ACL:
1670 q = &sc->sc_aclq;
1671 break;
1672
1673 case NGM_UBT_NODE_QUEUE_SCO:
1674 q = &sc->sc_scoq;
1675 break;
1676
1677 default:
1678 error = EINVAL;
1679 goto done;
1680 /* NOT REACHED */
1681 }
1682
1683 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_qlen_ep),
1684 M_WAITOK | M_NULLOK);
1685 if (rsp == NULL) {
1686 error = ENOMEM;
1687 break;
1688 }
1689
1690 ((ng_ubt_node_qlen_ep *) (rsp->data))->queue = queue;
1691 ((ng_ubt_node_qlen_ep *) (rsp->data))->qlen = q->maxlen;
1692 break;
1693
1694 case NGM_UBT_NODE_GET_STAT:
1695 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_stat_ep),
1696 M_WAITOK | M_NULLOK);
1697 if (rsp == NULL) {
1698 error = ENOMEM;
1699 break;
1700 }
1701
1702 bcopy(&sc->sc_stat, rsp->data,
1703 sizeof(ng_ubt_node_stat_ep));
1704 break;
1705
1706 case NGM_UBT_NODE_RESET_STAT:
1707 UBT_STAT_RESET(sc);
1708 break;
1709
1710 default:
1711 error = EINVAL;
1712 break;
1713 }
1714 break;
1715
1716 default:
1717 error = EINVAL;
1718 break;
1719 }
1720 done:
1721 NG_RESPOND_MSG(error, node, item, rsp);
1722 NG_FREE_MSG(msg);
1723
1724 return (error);
1725 } /* ng_ubt_rcvmsg */
1726
1727 /*
1728 * Process data.
1729 * Netgraph context.
1730 */
1731
1732 static int
ng_ubt_rcvdata(hook_p hook,item_p item)1733 ng_ubt_rcvdata(hook_p hook, item_p item)
1734 {
1735 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook));
1736 struct mbuf *m;
1737 struct ng_bt_mbufq *q;
1738 int action, error = 0;
1739
1740 if (hook != sc->sc_hook) {
1741 error = EINVAL;
1742 goto done;
1743 }
1744
1745 /* Deatch mbuf and get HCI frame type */
1746 NGI_GET_M(item, m);
1747
1748 /*
1749 * Minimal size of the HCI frame is 4 bytes: 1 byte frame type,
1750 * 2 bytes connection handle and at least 1 byte of length.
1751 * Panic on data frame that has size smaller than 4 bytes (it
1752 * should not happen)
1753 */
1754
1755 if (m->m_pkthdr.len < 4)
1756 panic("HCI frame size is too small! pktlen=%d\n",
1757 m->m_pkthdr.len);
1758
1759 /* Process HCI frame */
1760 switch (*mtod(m, uint8_t *)) { /* XXX call m_pullup ? */
1761 case NG_HCI_CMD_PKT:
1762 if (m->m_pkthdr.len - 1 > (int)UBT_CTRL_BUFFER_SIZE)
1763 panic("HCI command frame size is too big! " \
1764 "buffer size=%zd, packet len=%d\n",
1765 UBT_CTRL_BUFFER_SIZE, m->m_pkthdr.len);
1766
1767 q = &sc->sc_cmdq;
1768 action = UBT_FLAG_T_START_CTRL;
1769 break;
1770
1771 case NG_HCI_ACL_DATA_PKT:
1772 if (m->m_pkthdr.len - 1 > UBT_BULK_WRITE_BUFFER_SIZE)
1773 panic("ACL data frame size is too big! " \
1774 "buffer size=%d, packet len=%d\n",
1775 UBT_BULK_WRITE_BUFFER_SIZE, m->m_pkthdr.len);
1776
1777 q = &sc->sc_aclq;
1778 action = UBT_FLAG_T_START_BULK;
1779 break;
1780
1781 case NG_HCI_SCO_DATA_PKT:
1782 q = &sc->sc_scoq;
1783 action = 0;
1784 break;
1785
1786 default:
1787 UBT_ERR(sc, "Dropping unsupported HCI frame, type=0x%02x, " \
1788 "pktlen=%d\n", *mtod(m, uint8_t *), m->m_pkthdr.len);
1789
1790 NG_FREE_M(m);
1791 error = EINVAL;
1792 goto done;
1793 /* NOT REACHED */
1794 }
1795
1796 UBT_NG_LOCK(sc);
1797 if (NG_BT_MBUFQ_FULL(q)) {
1798 NG_BT_MBUFQ_DROP(q);
1799 UBT_NG_UNLOCK(sc);
1800
1801 UBT_ERR(sc, "Dropping HCI frame 0x%02x, len=%d. Queue full\n",
1802 *mtod(m, uint8_t *), m->m_pkthdr.len);
1803
1804 NG_FREE_M(m);
1805 } else {
1806 /* Loose HCI packet type, enqueue mbuf and kick off task */
1807 m_adj(m, sizeof(uint8_t));
1808 NG_BT_MBUFQ_ENQUEUE(q, m);
1809 ubt_task_schedule(sc, action);
1810 UBT_NG_UNLOCK(sc);
1811 }
1812 done:
1813 NG_FREE_ITEM(item);
1814
1815 return (error);
1816 } /* ng_ubt_rcvdata */
1817
1818 /****************************************************************************
1819 ****************************************************************************
1820 ** Module
1821 ****************************************************************************
1822 ****************************************************************************/
1823
1824 /*
1825 * Load/Unload the driver module
1826 */
1827
1828 static int
ubt_modevent(module_t mod,int event,void * data)1829 ubt_modevent(module_t mod, int event, void *data)
1830 {
1831 int error;
1832
1833 switch (event) {
1834 case MOD_LOAD:
1835 error = ng_newtype(&typestruct);
1836 if (error != 0)
1837 kprintf("%s: Could not register Netgraph node type, " \
1838 "error=%d\n", NG_UBT_NODE_TYPE, error);
1839 break;
1840
1841 case MOD_UNLOAD:
1842 error = ng_rmtype(&typestruct);
1843 break;
1844
1845 default:
1846 error = EOPNOTSUPP;
1847 break;
1848 }
1849
1850 return (error);
1851 } /* ubt_modevent */
1852
1853 static devclass_t ubt_devclass;
1854
1855 static device_method_t ubt_methods[] =
1856 {
1857 DEVMETHOD(device_probe, ubt_probe),
1858 DEVMETHOD(device_attach, ubt_attach),
1859 DEVMETHOD(device_detach, ubt_detach),
1860
1861 DEVMETHOD_END
1862 };
1863
1864 static driver_t ubt_driver =
1865 {
1866 .name = "ubt",
1867 .methods = ubt_methods,
1868 .size = sizeof(struct ubt_softc),
1869 };
1870
1871 DRIVER_MODULE(ng_ubt, uhub, ubt_driver, ubt_devclass, ubt_modevent, NULL);
1872 MODULE_VERSION(ng_ubt, NG_BLUETOOTH_VERSION);
1873 MODULE_DEPEND(ng_ubt, netgraph, NG_ABI_VERSION, NG_ABI_VERSION, NG_ABI_VERSION);
1874 MODULE_DEPEND(ng_ubt, ng_hci, NG_BLUETOOTH_VERSION, NG_BLUETOOTH_VERSION, NG_BLUETOOTH_VERSION);
1875 MODULE_DEPEND(ng_ubt, usb, 1, 1, 1);
1876
1877