1 /* 2 * ng_ubt.c 3 */ 4 5 /*- 6 * Copyright (c) 2001-2009 Maksim Yevmenkin <m_evmenkin@yahoo.com> 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 * $Id: ng_ubt.c,v 1.16 2003/10/10 19:15:06 max Exp $ 31 * $FreeBSD: head/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c 260482 2014-01-09 15:31:44Z adrian $ 32 */ 33 34 /* 35 * NOTE: ng_ubt2 driver has a split personality. On one side it is 36 * a USB device driver and on the other it is a Netgraph node. This 37 * driver will *NOT* create traditional /dev/ enties, only Netgraph 38 * node. 39 * 40 * NOTE ON LOCKS USED: ng_ubt2 drives uses 2 locks (mutexes) 41 * 42 * 1) sc_if_mtx - lock for device's interface #0 and #1. This lock is used 43 * by USB for any USB request going over device's interface #0 and #1, 44 * i.e. interrupt, control, bulk and isoc. transfers. 45 * 46 * 2) sc_ng_mtx - this lock is used to protect shared (between USB, Netgraph 47 * and Taskqueue) data, such as outgoing mbuf queues, task flags and hook 48 * pointer. This lock *SHOULD NOT* be grabbed for a long time. In fact, 49 * think of it as a spin lock. 50 * 51 * NOTE ON LOCKING STRATEGY: ng_ubt2 driver operates in 3 different contexts. 52 * 53 * 1) USB context. This is where all the USB related stuff happens. All 54 * callbacks run in this context. All callbacks are called (by USB) with 55 * appropriate interface lock held. It is (generally) allowed to grab 56 * any additional locks. 57 * 58 * 2) Netgraph context. This is where all the Netgraph related stuff happens. 59 * Since we mark node as WRITER, the Netgraph node will be "locked" (from 60 * Netgraph point of view). Any variable that is only modified from the 61 * Netgraph context does not require any additonal locking. It is generally 62 * *NOT* allowed to grab *ANY* additional locks. Whatever you do, *DO NOT* 63 * grab any lock in the Netgraph context that could cause de-scheduling of 64 * the Netgraph thread for significant amount of time. In fact, the only 65 * lock that is allowed in the Netgraph context is the sc_ng_mtx lock. 66 * Also make sure that any code that is called from the Netgraph context 67 * follows the rule above. 68 * 69 * 3) Taskqueue context. This is where ubt_task runs. Since we are generally 70 * NOT allowed to grab any lock that could cause de-scheduling in the 71 * Netgraph context, and, USB requires us to grab interface lock before 72 * doing things with transfers, it is safer to transition from the Netgraph 73 * context to the Taskqueue context before we can call into USB subsystem. 74 * 75 * So, to put everything together, the rules are as follows. 76 * It is OK to call from the USB context or the Taskqueue context into 77 * the Netgraph context (i.e. call NG_SEND_xxx functions). In other words 78 * it is allowed to call into the Netgraph context with locks held. 79 * Is it *NOT* OK to call from the Netgraph context into the USB context, 80 * because USB requires us to grab interface locks, and, it is safer to 81 * avoid it. So, to make things safer we set task flags to indicate which 82 * actions we want to perform and schedule ubt_task which would run in the 83 * Taskqueue context. 84 * Is is OK to call from the Taskqueue context into the USB context, 85 * and, ubt_task does just that (i.e. grabs appropriate interface locks 86 * before calling into USB). 87 * Access to the outgoing queues, task flags and hook pointer is 88 * controlled by the sc_ng_mtx lock. It is an unavoidable evil. Again, 89 * sc_ng_mtx should really be a spin lock (and it is very likely to an 90 * equivalent of spin lock due to adaptive nature of FreeBSD mutexes). 91 * All USB callbacks accept softc pointer as a private data. USB ensures 92 * that this pointer is valid. 93 */ 94 95 #include <sys/stdint.h> 96 #include <sys/param.h> 97 #include <sys/queue.h> 98 #include <sys/types.h> 99 #include <sys/systm.h> 100 #include <sys/kernel.h> 101 #include <sys/bus.h> 102 #include <sys/module.h> 103 #include <sys/lock.h> 104 #include <sys/condvar.h> 105 #include <sys/sysctl.h> 106 #include <sys/unistd.h> 107 #include <sys/callout.h> 108 #include <sys/malloc.h> 109 #include <sys/priv.h> 110 111 #include "usbdevs.h" 112 #include <bus/u4b/usb.h> 113 #include <bus/u4b/usbdi.h> 114 #include <bus/u4b/usbdi_util.h> 115 116 #define USB_DEBUG_VAR usb_debug 117 #include <bus/u4b/usb_debug.h> 118 #include <bus/u4b/usb_busdma.h> 119 120 #include <sys/mbuf.h> 121 #include <sys/taskqueue.h> 122 123 #include <netgraph7/ng_message.h> 124 #include <netgraph7/netgraph.h> 125 #include <netgraph7/ng_parse.h> 126 #include <netgraph7/bluetooth/include/ng_bluetooth.h> 127 #include <netgraph7/bluetooth/include/ng_hci.h> 128 #include <netgraph7/bluetooth/include/ng_ubt.h> 129 #include <netgraph7/bluetooth/drivers/ubt/ng_ubt_var.h> 130 131 static int ubt_modevent(module_t, int, void *); 132 static device_probe_t ubt_probe; 133 static device_attach_t ubt_attach; 134 static device_detach_t ubt_detach; 135 136 static void ubt_task_schedule(ubt_softc_p, int); 137 static task_fn_t ubt_task; 138 139 #define ubt_xfer_start(sc, i) usbd_transfer_start((sc)->sc_xfer[(i)]) 140 141 /* Netgraph methods */ 142 static ng_constructor_t ng_ubt_constructor; 143 static ng_shutdown_t ng_ubt_shutdown; 144 static ng_newhook_t ng_ubt_newhook; 145 static ng_connect_t ng_ubt_connect; 146 static ng_disconnect_t ng_ubt_disconnect; 147 static ng_rcvmsg_t ng_ubt_rcvmsg; 148 static ng_rcvdata_t ng_ubt_rcvdata; 149 150 /* Queue length */ 151 static const struct ng_parse_struct_field ng_ubt_node_qlen_type_fields[] = 152 { 153 { "queue", &ng_parse_int32_type, }, 154 { "qlen", &ng_parse_int32_type, }, 155 { NULL, } 156 }; 157 static const struct ng_parse_type ng_ubt_node_qlen_type = 158 { 159 &ng_parse_struct_type, 160 &ng_ubt_node_qlen_type_fields 161 }; 162 163 /* Stat info */ 164 static const struct ng_parse_struct_field ng_ubt_node_stat_type_fields[] = 165 { 166 { "pckts_recv", &ng_parse_uint32_type, }, 167 { "bytes_recv", &ng_parse_uint32_type, }, 168 { "pckts_sent", &ng_parse_uint32_type, }, 169 { "bytes_sent", &ng_parse_uint32_type, }, 170 { "oerrors", &ng_parse_uint32_type, }, 171 { "ierrors", &ng_parse_uint32_type, }, 172 { NULL, } 173 }; 174 static const struct ng_parse_type ng_ubt_node_stat_type = 175 { 176 &ng_parse_struct_type, 177 &ng_ubt_node_stat_type_fields 178 }; 179 180 /* Netgraph node command list */ 181 static const struct ng_cmdlist ng_ubt_cmdlist[] = 182 { 183 { 184 NGM_UBT_COOKIE, 185 NGM_UBT_NODE_SET_DEBUG, 186 "set_debug", 187 &ng_parse_uint16_type, 188 NULL 189 }, 190 { 191 NGM_UBT_COOKIE, 192 NGM_UBT_NODE_GET_DEBUG, 193 "get_debug", 194 NULL, 195 &ng_parse_uint16_type 196 }, 197 { 198 NGM_UBT_COOKIE, 199 NGM_UBT_NODE_SET_QLEN, 200 "set_qlen", 201 &ng_ubt_node_qlen_type, 202 NULL 203 }, 204 { 205 NGM_UBT_COOKIE, 206 NGM_UBT_NODE_GET_QLEN, 207 "get_qlen", 208 &ng_ubt_node_qlen_type, 209 &ng_ubt_node_qlen_type 210 }, 211 { 212 NGM_UBT_COOKIE, 213 NGM_UBT_NODE_GET_STAT, 214 "get_stat", 215 NULL, 216 &ng_ubt_node_stat_type 217 }, 218 { 219 NGM_UBT_COOKIE, 220 NGM_UBT_NODE_RESET_STAT, 221 "reset_stat", 222 NULL, 223 NULL 224 }, 225 { 0, } 226 }; 227 228 /* Netgraph node type */ 229 static struct ng_type typestruct = 230 { 231 .version = NG_ABI_VERSION, 232 .name = NG_UBT_NODE_TYPE, 233 .constructor = ng_ubt_constructor, 234 .rcvmsg = ng_ubt_rcvmsg, 235 .shutdown = ng_ubt_shutdown, 236 .newhook = ng_ubt_newhook, 237 .connect = ng_ubt_connect, 238 .rcvdata = ng_ubt_rcvdata, 239 .disconnect = ng_ubt_disconnect, 240 .cmdlist = ng_ubt_cmdlist 241 }; 242 243 /**************************************************************************** 244 **************************************************************************** 245 ** USB specific 246 **************************************************************************** 247 ****************************************************************************/ 248 249 /* USB methods */ 250 static usb_callback_t ubt_ctrl_write_callback; 251 static usb_callback_t ubt_intr_read_callback; 252 static usb_callback_t ubt_bulk_read_callback; 253 static usb_callback_t ubt_bulk_write_callback; 254 static usb_callback_t ubt_isoc_read_callback; 255 static usb_callback_t ubt_isoc_write_callback; 256 257 static int ubt_fwd_mbuf_up(ubt_softc_p, struct mbuf **); 258 static int ubt_isoc_read_one_frame(struct usb_xfer *, int); 259 260 /* 261 * USB config 262 * 263 * The following desribes usb transfers that could be submitted on USB device. 264 * 265 * Interface 0 on the USB device must present the following endpoints 266 * 1) Interrupt endpoint to receive HCI events 267 * 2) Bulk IN endpoint to receive ACL data 268 * 3) Bulk OUT endpoint to send ACL data 269 * 270 * Interface 1 on the USB device must present the following endpoints 271 * 1) Isochronous IN endpoint to receive SCO data 272 * 2) Isochronous OUT endpoint to send SCO data 273 */ 274 275 static const struct usb_config ubt_config[UBT_N_TRANSFER] = 276 { 277 /* 278 * Interface #0 279 */ 280 281 /* Outgoing bulk transfer - ACL packets */ 282 [UBT_IF_0_BULK_DT_WR] = { 283 .type = UE_BULK, 284 .endpoint = UE_ADDR_ANY, 285 .direction = UE_DIR_OUT, 286 .if_index = 0, 287 .bufsize = UBT_BULK_WRITE_BUFFER_SIZE, 288 .flags = { .pipe_bof = 1, .force_short_xfer = 1, }, 289 .callback = &ubt_bulk_write_callback, 290 }, 291 /* Incoming bulk transfer - ACL packets */ 292 [UBT_IF_0_BULK_DT_RD] = { 293 .type = UE_BULK, 294 .endpoint = UE_ADDR_ANY, 295 .direction = UE_DIR_IN, 296 .if_index = 0, 297 .bufsize = UBT_BULK_READ_BUFFER_SIZE, 298 .flags = { .pipe_bof = 1, .short_xfer_ok = 1, }, 299 .callback = &ubt_bulk_read_callback, 300 }, 301 /* Incoming interrupt transfer - HCI events */ 302 [UBT_IF_0_INTR_DT_RD] = { 303 .type = UE_INTERRUPT, 304 .endpoint = UE_ADDR_ANY, 305 .direction = UE_DIR_IN, 306 .if_index = 0, 307 .flags = { .pipe_bof = 1, .short_xfer_ok = 1, }, 308 .bufsize = UBT_INTR_BUFFER_SIZE, 309 .callback = &ubt_intr_read_callback, 310 }, 311 /* Outgoing control transfer - HCI commands */ 312 [UBT_IF_0_CTRL_DT_WR] = { 313 .type = UE_CONTROL, 314 .endpoint = 0x00, /* control pipe */ 315 .direction = UE_DIR_ANY, 316 .if_index = 0, 317 .bufsize = UBT_CTRL_BUFFER_SIZE, 318 .callback = &ubt_ctrl_write_callback, 319 .timeout = 5000, /* 5 seconds */ 320 }, 321 322 /* 323 * Interface #1 324 */ 325 326 /* Incoming isochronous transfer #1 - SCO packets */ 327 [UBT_IF_1_ISOC_DT_RD1] = { 328 .type = UE_ISOCHRONOUS, 329 .endpoint = UE_ADDR_ANY, 330 .direction = UE_DIR_IN, 331 .if_index = 1, 332 .bufsize = 0, /* use "wMaxPacketSize * frames" */ 333 .frames = UBT_ISOC_NFRAMES, 334 .flags = { .short_xfer_ok = 1, }, 335 .callback = &ubt_isoc_read_callback, 336 }, 337 /* Incoming isochronous transfer #2 - SCO packets */ 338 [UBT_IF_1_ISOC_DT_RD2] = { 339 .type = UE_ISOCHRONOUS, 340 .endpoint = UE_ADDR_ANY, 341 .direction = UE_DIR_IN, 342 .if_index = 1, 343 .bufsize = 0, /* use "wMaxPacketSize * frames" */ 344 .frames = UBT_ISOC_NFRAMES, 345 .flags = { .short_xfer_ok = 1, }, 346 .callback = &ubt_isoc_read_callback, 347 }, 348 /* Outgoing isochronous transfer #1 - SCO packets */ 349 [UBT_IF_1_ISOC_DT_WR1] = { 350 .type = UE_ISOCHRONOUS, 351 .endpoint = UE_ADDR_ANY, 352 .direction = UE_DIR_OUT, 353 .if_index = 1, 354 .bufsize = 0, /* use "wMaxPacketSize * frames" */ 355 .frames = UBT_ISOC_NFRAMES, 356 .flags = { .short_xfer_ok = 1, }, 357 .callback = &ubt_isoc_write_callback, 358 }, 359 /* Outgoing isochronous transfer #2 - SCO packets */ 360 [UBT_IF_1_ISOC_DT_WR2] = { 361 .type = UE_ISOCHRONOUS, 362 .endpoint = UE_ADDR_ANY, 363 .direction = UE_DIR_OUT, 364 .if_index = 1, 365 .bufsize = 0, /* use "wMaxPacketSize * frames" */ 366 .frames = UBT_ISOC_NFRAMES, 367 .flags = { .short_xfer_ok = 1, }, 368 .callback = &ubt_isoc_write_callback, 369 }, 370 }; 371 372 /* 373 * If for some reason device should not be attached then put 374 * VendorID/ProductID pair into the list below. The format is 375 * as follows: 376 * 377 * { USB_VPI(VENDOR_ID, PRODUCT_ID, 0) }, 378 * 379 * where VENDOR_ID and PRODUCT_ID are hex numbers. 380 */ 381 382 static const STRUCT_USB_HOST_ID ubt_ignore_devs[] = 383 { 384 /* AVM USB Bluetooth-Adapter BlueFritz! v1.0 */ 385 { USB_VPI(USB_VENDOR_AVM, 0x2200, 0) }, 386 387 /* Atheros 3011 with sflash firmware */ 388 { USB_VPI(0x0cf3, 0x3002, 0) }, 389 { USB_VPI(0x0cf3, 0xe019, 0) }, 390 { USB_VPI(0x13d3, 0x3304, 0) }, 391 { USB_VPI(0x0930, 0x0215, 0) }, 392 { USB_VPI(0x0489, 0xe03d, 0) }, 393 { USB_VPI(0x0489, 0xe027, 0) }, 394 395 /* Atheros AR9285 Malbec with sflash firmware */ 396 { USB_VPI(0x03f0, 0x311d, 0) }, 397 398 /* Atheros 3012 with sflash firmware */ 399 { USB_VPI(0x0cf3, 0x3004, 0), USB_DEV_BCD_LTEQ(1) }, 400 { USB_VPI(0x0cf3, 0x311d, 0), USB_DEV_BCD_LTEQ(1) }, 401 { USB_VPI(0x13d3, 0x3375, 0), USB_DEV_BCD_LTEQ(1) }, 402 { USB_VPI(0x04ca, 0x3005, 0), USB_DEV_BCD_LTEQ(1) }, 403 { USB_VPI(0x04ca, 0x3006, 0), USB_DEV_BCD_LTEQ(1) }, 404 { USB_VPI(0x04ca, 0x3008, 0), USB_DEV_BCD_LTEQ(1) }, 405 { USB_VPI(0x13d3, 0x3362, 0), USB_DEV_BCD_LTEQ(1) }, 406 { USB_VPI(0x0cf3, 0xe004, 0), USB_DEV_BCD_LTEQ(1) }, 407 { USB_VPI(0x0930, 0x0219, 0), USB_DEV_BCD_LTEQ(1) }, 408 { USB_VPI(0x0489, 0xe057, 0), USB_DEV_BCD_LTEQ(1) }, 409 { USB_VPI(0x13d3, 0x3393, 0), USB_DEV_BCD_LTEQ(1) }, 410 { USB_VPI(0x0489, 0xe04e, 0), USB_DEV_BCD_LTEQ(1) }, 411 { USB_VPI(0x0489, 0xe056, 0), USB_DEV_BCD_LTEQ(1) }, 412 413 /* Atheros AR5BBU12 with sflash firmware */ 414 { USB_VPI(0x0489, 0xe02c, 0), USB_DEV_BCD_LTEQ(1) }, 415 416 /* Atheros AR5BBU12 with sflash firmware */ 417 { USB_VPI(0x0489, 0xe03c, 0), USB_DEV_BCD_LTEQ(1) }, 418 { USB_VPI(0x0489, 0xe036, 0), USB_DEV_BCD_LTEQ(1) }, 419 }; 420 421 /* List of supported bluetooth devices */ 422 static const STRUCT_USB_HOST_ID ubt_devs[] = 423 { 424 /* Generic Bluetooth class devices */ 425 { USB_IFACE_CLASS(UDCLASS_WIRELESS), 426 USB_IFACE_SUBCLASS(UDSUBCLASS_RF), 427 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) }, 428 429 /* AVM USB Bluetooth-Adapter BlueFritz! v2.0 */ 430 { USB_VPI(USB_VENDOR_AVM, 0x3800, 0) }, 431 432 /* Broadcom USB dongles, mostly BCM20702 and BCM20702A0 */ 433 { USB_VENDOR(USB_VENDOR_BROADCOM), 434 USB_IFACE_CLASS(UICLASS_VENDOR), 435 USB_IFACE_SUBCLASS(UDSUBCLASS_RF), 436 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) }, 437 438 /* Apple-specific (Broadcom) devices */ 439 { USB_VENDOR(USB_VENDOR_APPLE), 440 USB_IFACE_CLASS(UICLASS_VENDOR), 441 USB_IFACE_SUBCLASS(UDSUBCLASS_RF), 442 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) }, 443 444 /* Foxconn - Hon Hai */ 445 { USB_VENDOR(USB_VENDOR_FOXCONN), 446 USB_IFACE_CLASS(UICLASS_VENDOR), 447 USB_IFACE_SUBCLASS(UDSUBCLASS_RF), 448 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) }, 449 450 /* MediaTek MT76x0E */ 451 { USB_VPI(USB_VENDOR_MEDIATEK, 0x763f, 0) }, 452 453 /* Broadcom SoftSailing reporting vendor specific */ 454 { USB_VPI(USB_VENDOR_BROADCOM, 0x21e1, 0) }, 455 456 /* Apple MacBookPro 7,1 */ 457 { USB_VPI(USB_VENDOR_APPLE, 0x8213, 0) }, 458 459 /* Apple iMac11,1 */ 460 { USB_VPI(USB_VENDOR_APPLE, 0x8215, 0) }, 461 462 /* Apple MacBookPro6,2 */ 463 { USB_VPI(USB_VENDOR_APPLE, 0x8218, 0) }, 464 465 /* Apple MacBookAir3,1, MacBookAir3,2 */ 466 { USB_VPI(USB_VENDOR_APPLE, 0x821b, 0) }, 467 468 /* Apple MacBookAir4,1 */ 469 { USB_VPI(USB_VENDOR_APPLE, 0x821f, 0) }, 470 471 /* MacBookAir6,1 */ 472 { USB_VPI(USB_VENDOR_APPLE, 0x828f, 0) }, 473 474 /* Apple MacBookPro8,2 */ 475 { USB_VPI(USB_VENDOR_APPLE, 0x821a, 0) }, 476 477 /* Apple MacMini5,1 */ 478 { USB_VPI(USB_VENDOR_APPLE, 0x8281, 0) }, 479 480 /* Bluetooth Ultraport Module from IBM */ 481 { USB_VPI(USB_VENDOR_TDK, 0x030a, 0) }, 482 483 /* ALPS Modules with non-standard ID */ 484 { USB_VPI(USB_VENDOR_ALPS, 0x3001, 0) }, 485 { USB_VPI(USB_VENDOR_ALPS, 0x3002, 0) }, 486 487 { USB_VPI(USB_VENDOR_ERICSSON2, 0x1002, 0) }, 488 489 /* Canyon CN-BTU1 with HID interfaces */ 490 { USB_VPI(USB_VENDOR_CANYON, 0x0000, 0) }, 491 492 /* Broadcom BCM20702A0 */ 493 { USB_VPI(USB_VENDOR_ASUS, 0x17b5, 0) }, 494 { USB_VPI(USB_VENDOR_ASUS, 0x17cb, 0) }, 495 { USB_VPI(USB_VENDOR_LITEON, 0x2003, 0) }, 496 { USB_VPI(USB_VENDOR_FOXCONN, 0xe042, 0) }, 497 { USB_VPI(USB_VENDOR_DELL, 0x8197, 0) }, 498 }; 499 500 /* 501 * Probe for a USB Bluetooth device. 502 * USB context. 503 */ 504 505 static int 506 ubt_probe(device_t dev) 507 { 508 struct usb_attach_arg *uaa = device_get_ivars(dev); 509 int error; 510 511 if (uaa->usb_mode != USB_MODE_HOST) 512 return (ENXIO); 513 514 if (uaa->info.bIfaceIndex != 0) 515 return (ENXIO); 516 517 if (usbd_lookup_id_by_uaa(ubt_ignore_devs, 518 sizeof(ubt_ignore_devs), uaa) == 0) 519 return (ENXIO); 520 521 error = usbd_lookup_id_by_uaa(ubt_devs, sizeof(ubt_devs), uaa); 522 if (error == 0) 523 return (BUS_PROBE_GENERIC); 524 return (error); 525 } /* ubt_probe */ 526 527 /* 528 * Attach the device. 529 * USB context. 530 */ 531 532 static int 533 ubt_attach(device_t dev) 534 { 535 struct usb_attach_arg *uaa = device_get_ivars(dev); 536 struct ubt_softc *sc = device_get_softc(dev); 537 struct usb_endpoint_descriptor *ed; 538 struct usb_interface_descriptor *id; 539 struct usb_interface *iface; 540 uint16_t wMaxPacketSize; 541 uint8_t alt_index, i, j; 542 uint8_t iface_index[2] = { 0, 1 }; 543 544 device_set_usb_desc(dev); 545 546 sc->sc_dev = dev; 547 sc->sc_debug = NG_UBT_WARN_LEVEL; 548 549 /* 550 * Create Netgraph node 551 */ 552 553 if (ng_make_node_common(&typestruct, &sc->sc_node) != 0) { 554 UBT_ALERT(sc, "could not create Netgraph node\n"); 555 return (ENXIO); 556 } 557 558 /* Name Netgraph node */ 559 if (ng_name_node(sc->sc_node, device_get_nameunit(dev)) != 0) { 560 UBT_ALERT(sc, "could not name Netgraph node\n"); 561 NG_NODE_UNREF(sc->sc_node); 562 return (ENXIO); 563 } 564 NG_NODE_SET_PRIVATE(sc->sc_node, sc); 565 NG_NODE_FORCE_WRITER(sc->sc_node); 566 567 /* 568 * Initialize device softc structure 569 */ 570 571 /* initialize locks */ 572 lockinit(&sc->sc_ng_lock, "ubt ng", 0, 0); 573 lockinit(&sc->sc_if_lock, "ubt if", 0, LK_CANRECURSE); 574 575 /* initialize packet queues */ 576 NG_BT_MBUFQ_INIT(&sc->sc_cmdq, UBT_DEFAULT_QLEN); 577 NG_BT_MBUFQ_INIT(&sc->sc_aclq, UBT_DEFAULT_QLEN); 578 NG_BT_MBUFQ_INIT(&sc->sc_scoq, UBT_DEFAULT_QLEN); 579 580 /* initialize glue task */ 581 TASK_INIT(&sc->sc_task, 0, ubt_task, sc); 582 583 /* 584 * Configure Bluetooth USB device. Discover all required USB 585 * interfaces and endpoints. 586 * 587 * USB device must present two interfaces: 588 * 1) Interface 0 that has 3 endpoints 589 * 1) Interrupt endpoint to receive HCI events 590 * 2) Bulk IN endpoint to receive ACL data 591 * 3) Bulk OUT endpoint to send ACL data 592 * 593 * 2) Interface 1 then has 2 endpoints 594 * 1) Isochronous IN endpoint to receive SCO data 595 * 2) Isochronous OUT endpoint to send SCO data 596 * 597 * Interface 1 (with isochronous endpoints) has several alternate 598 * configurations with different packet size. 599 */ 600 601 /* 602 * For interface #1 search alternate settings, and find 603 * the descriptor with the largest wMaxPacketSize 604 */ 605 606 wMaxPacketSize = 0; 607 alt_index = 0; 608 i = 0; 609 j = 0; 610 ed = NULL; 611 612 /* 613 * Search through all the descriptors looking for the largest 614 * packet size: 615 */ 616 while ((ed = (struct usb_endpoint_descriptor *)usb_desc_foreach( 617 usbd_get_config_descriptor(uaa->device), 618 (struct usb_descriptor *)ed))) { 619 620 if ((ed->bDescriptorType == UDESC_INTERFACE) && 621 (ed->bLength >= sizeof(*id))) { 622 id = (struct usb_interface_descriptor *)ed; 623 i = id->bInterfaceNumber; 624 j = id->bAlternateSetting; 625 } 626 627 if ((ed->bDescriptorType == UDESC_ENDPOINT) && 628 (ed->bLength >= sizeof(*ed)) && 629 (i == 1)) { 630 uint16_t temp; 631 632 temp = UGETW(ed->wMaxPacketSize); 633 if (temp > wMaxPacketSize) { 634 wMaxPacketSize = temp; 635 alt_index = j; 636 } 637 } 638 } 639 640 /* Set alt configuration on interface #1 only if we found it */ 641 if (wMaxPacketSize > 0 && 642 usbd_set_alt_interface_index(uaa->device, 1, alt_index)) { 643 UBT_ALERT(sc, "could not set alternate setting %d " \ 644 "for interface 1!\n", alt_index); 645 goto detach; 646 } 647 648 /* Setup transfers for both interfaces */ 649 if (usbd_transfer_setup(uaa->device, iface_index, sc->sc_xfer, 650 ubt_config, UBT_N_TRANSFER, sc, &sc->sc_if_lock)) { 651 UBT_ALERT(sc, "could not allocate transfers\n"); 652 goto detach; 653 } 654 655 /* Claim all interfaces belonging to the Bluetooth part */ 656 for (i = 1;; i++) { 657 iface = usbd_get_iface(uaa->device, i); 658 if (iface == NULL) 659 break; 660 id = usbd_get_interface_descriptor(iface); 661 662 if ((id != NULL) && 663 (id->bInterfaceClass == UICLASS_WIRELESS) && 664 (id->bInterfaceSubClass == UISUBCLASS_RF) && 665 (id->bInterfaceProtocol == UIPROTO_BLUETOOTH)) { 666 usbd_set_parent_iface(uaa->device, i, 667 uaa->info.bIfaceIndex); 668 } 669 } 670 return (0); /* success */ 671 672 detach: 673 ubt_detach(dev); 674 675 return (ENXIO); 676 } /* ubt_attach */ 677 678 /* 679 * Detach the device. 680 * USB context. 681 */ 682 683 int 684 ubt_detach(device_t dev) 685 { 686 struct ubt_softc *sc = device_get_softc(dev); 687 node_p node = sc->sc_node; 688 689 /* Destroy Netgraph node */ 690 if (node != NULL) { 691 sc->sc_node = NULL; 692 NG_NODE_REALLY_DIE(node); 693 ng_rmnode_self(node); 694 } 695 696 /* Make sure ubt_task in gone */ 697 taskqueue_drain(taskqueue_swi, &sc->sc_task); 698 699 /* Free USB transfers, if any */ 700 usbd_transfer_unsetup(sc->sc_xfer, UBT_N_TRANSFER); 701 702 /* Destroy queues */ 703 UBT_NG_LOCK(sc); 704 NG_BT_MBUFQ_DESTROY(&sc->sc_cmdq); 705 NG_BT_MBUFQ_DESTROY(&sc->sc_aclq); 706 NG_BT_MBUFQ_DESTROY(&sc->sc_scoq); 707 UBT_NG_UNLOCK(sc); 708 709 lockuninit(&sc->sc_if_lock); 710 lockuninit(&sc->sc_ng_lock); 711 712 return (0); 713 } /* ubt_detach */ 714 715 /* 716 * Called when outgoing control request (HCI command) has completed, i.e. 717 * HCI command was sent to the device. 718 * USB context. 719 */ 720 721 static void 722 ubt_ctrl_write_callback(struct usb_xfer *xfer, usb_error_t error) 723 { 724 struct ubt_softc *sc = usbd_xfer_softc(xfer); 725 struct usb_device_request req; 726 struct mbuf *m; 727 struct usb_page_cache *pc; 728 int actlen; 729 730 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 731 732 switch (USB_GET_STATE(xfer)) { 733 case USB_ST_TRANSFERRED: 734 UBT_INFO(sc, "sent %d bytes to control pipe\n", actlen); 735 UBT_STAT_BYTES_SENT(sc, actlen); 736 UBT_STAT_PCKTS_SENT(sc); 737 /* FALLTHROUGH */ 738 739 case USB_ST_SETUP: 740 send_next: 741 /* Get next command mbuf, if any */ 742 UBT_NG_LOCK(sc); 743 NG_BT_MBUFQ_DEQUEUE(&sc->sc_cmdq, m); 744 UBT_NG_UNLOCK(sc); 745 746 if (m == NULL) { 747 UBT_INFO(sc, "HCI command queue is empty\n"); 748 break; /* transfer complete */ 749 } 750 751 /* Initialize a USB control request and then schedule it */ 752 bzero(&req, sizeof(req)); 753 req.bmRequestType = UBT_HCI_REQUEST; 754 USETW(req.wLength, m->m_pkthdr.len); 755 756 UBT_INFO(sc, "Sending control request, " \ 757 "bmRequestType=0x%02x, wLength=%d\n", 758 req.bmRequestType, UGETW(req.wLength)); 759 760 pc = usbd_xfer_get_frame(xfer, 0); 761 usbd_copy_in(pc, 0, &req, sizeof(req)); 762 pc = usbd_xfer_get_frame(xfer, 1); 763 usbd_m_copy_in(pc, 0, m, 0, m->m_pkthdr.len); 764 765 usbd_xfer_set_frame_len(xfer, 0, sizeof(req)); 766 usbd_xfer_set_frame_len(xfer, 1, m->m_pkthdr.len); 767 usbd_xfer_set_frames(xfer, 2); 768 769 NG_FREE_M(m); 770 771 usbd_transfer_submit(xfer); 772 break; 773 774 default: /* Error */ 775 if (error != USB_ERR_CANCELLED) { 776 UBT_WARN(sc, "control transfer failed: %s\n", 777 usbd_errstr(error)); 778 779 UBT_STAT_OERROR(sc); 780 goto send_next; 781 } 782 783 /* transfer cancelled */ 784 break; 785 } 786 } /* ubt_ctrl_write_callback */ 787 788 /* 789 * Called when incoming interrupt transfer (HCI event) has completed, i.e. 790 * HCI event was received from the device. 791 * USB context. 792 */ 793 794 static void 795 ubt_intr_read_callback(struct usb_xfer *xfer, usb_error_t error) 796 { 797 struct ubt_softc *sc = usbd_xfer_softc(xfer); 798 struct mbuf *m; 799 ng_hci_event_pkt_t *hdr; 800 struct usb_page_cache *pc; 801 int actlen; 802 803 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 804 805 m = NULL; 806 807 switch (USB_GET_STATE(xfer)) { 808 case USB_ST_TRANSFERRED: 809 /* Allocate a new mbuf */ 810 MGETHDR(m, M_NOWAIT, MT_DATA); 811 if (m == NULL) { 812 UBT_STAT_IERROR(sc); 813 goto submit_next; 814 } 815 816 MCLGET(m, M_NOWAIT); 817 if (!(m->m_flags & M_EXT)) { 818 UBT_STAT_IERROR(sc); 819 goto submit_next; 820 } 821 822 /* Add HCI packet type */ 823 *mtod(m, uint8_t *)= NG_HCI_EVENT_PKT; 824 m->m_pkthdr.len = m->m_len = 1; 825 826 if (actlen > MCLBYTES - 1) 827 actlen = MCLBYTES - 1; 828 829 pc = usbd_xfer_get_frame(xfer, 0); 830 usbd_copy_out(pc, 0, mtod(m, uint8_t *) + 1, actlen); 831 m->m_pkthdr.len += actlen; 832 m->m_len += actlen; 833 834 UBT_INFO(sc, "got %d bytes from interrupt pipe\n", 835 actlen); 836 837 /* Validate packet and send it up the stack */ 838 if (m->m_pkthdr.len < (int)sizeof(*hdr)) { 839 UBT_INFO(sc, "HCI event packet is too short\n"); 840 841 UBT_STAT_IERROR(sc); 842 goto submit_next; 843 } 844 845 hdr = mtod(m, ng_hci_event_pkt_t *); 846 if (hdr->length != (m->m_pkthdr.len - sizeof(*hdr))) { 847 UBT_ERR(sc, "Invalid HCI event packet size, " \ 848 "length=%d, pktlen=%d\n", 849 hdr->length, m->m_pkthdr.len); 850 851 UBT_STAT_IERROR(sc); 852 goto submit_next; 853 } 854 855 UBT_INFO(sc, "got complete HCI event frame, pktlen=%d, " \ 856 "length=%d\n", m->m_pkthdr.len, hdr->length); 857 858 UBT_STAT_PCKTS_RECV(sc); 859 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len); 860 861 ubt_fwd_mbuf_up(sc, &m); 862 /* m == NULL at this point */ 863 /* FALLTHROUGH */ 864 865 case USB_ST_SETUP: 866 submit_next: 867 NG_FREE_M(m); /* checks for m != NULL */ 868 869 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer)); 870 usbd_transfer_submit(xfer); 871 break; 872 873 default: /* Error */ 874 if (error != USB_ERR_CANCELLED) { 875 UBT_WARN(sc, "interrupt transfer failed: %s\n", 876 usbd_errstr(error)); 877 878 /* Try to clear stall first */ 879 usbd_xfer_set_stall(xfer); 880 goto submit_next; 881 } 882 /* transfer cancelled */ 883 break; 884 } 885 } /* ubt_intr_read_callback */ 886 887 /* 888 * Called when incoming bulk transfer (ACL packet) has completed, i.e. 889 * ACL packet was received from the device. 890 * USB context. 891 */ 892 893 static void 894 ubt_bulk_read_callback(struct usb_xfer *xfer, usb_error_t error) 895 { 896 struct ubt_softc *sc = usbd_xfer_softc(xfer); 897 struct mbuf *m; 898 ng_hci_acldata_pkt_t *hdr; 899 struct usb_page_cache *pc; 900 int len; 901 int actlen; 902 903 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 904 905 m = NULL; 906 907 switch (USB_GET_STATE(xfer)) { 908 case USB_ST_TRANSFERRED: 909 /* Allocate new mbuf */ 910 MGETHDR(m, M_NOWAIT, MT_DATA); 911 if (m == NULL) { 912 UBT_STAT_IERROR(sc); 913 goto submit_next; 914 } 915 916 MCLGET(m, M_NOWAIT); 917 if (!(m->m_flags & M_EXT)) { 918 UBT_STAT_IERROR(sc); 919 goto submit_next; 920 } 921 922 /* Add HCI packet type */ 923 *mtod(m, uint8_t *)= NG_HCI_ACL_DATA_PKT; 924 m->m_pkthdr.len = m->m_len = 1; 925 926 if (actlen > MCLBYTES - 1) 927 actlen = MCLBYTES - 1; 928 929 pc = usbd_xfer_get_frame(xfer, 0); 930 usbd_copy_out(pc, 0, mtod(m, uint8_t *) + 1, actlen); 931 m->m_pkthdr.len += actlen; 932 m->m_len += actlen; 933 934 UBT_INFO(sc, "got %d bytes from bulk-in pipe\n", 935 actlen); 936 937 /* Validate packet and send it up the stack */ 938 if (m->m_pkthdr.len < (int)sizeof(*hdr)) { 939 UBT_INFO(sc, "HCI ACL packet is too short\n"); 940 941 UBT_STAT_IERROR(sc); 942 goto submit_next; 943 } 944 945 hdr = mtod(m, ng_hci_acldata_pkt_t *); 946 len = le16toh(hdr->length); 947 if (len != (int)(m->m_pkthdr.len - sizeof(*hdr))) { 948 UBT_ERR(sc, "Invalid ACL packet size, length=%d, " \ 949 "pktlen=%d\n", len, m->m_pkthdr.len); 950 951 UBT_STAT_IERROR(sc); 952 goto submit_next; 953 } 954 955 UBT_INFO(sc, "got complete ACL data packet, pktlen=%d, " \ 956 "length=%d\n", m->m_pkthdr.len, len); 957 958 UBT_STAT_PCKTS_RECV(sc); 959 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len); 960 961 ubt_fwd_mbuf_up(sc, &m); 962 /* m == NULL at this point */ 963 /* FALLTHOUGH */ 964 965 case USB_ST_SETUP: 966 submit_next: 967 NG_FREE_M(m); /* checks for m != NULL */ 968 969 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer)); 970 usbd_transfer_submit(xfer); 971 break; 972 973 default: /* Error */ 974 if (error != USB_ERR_CANCELLED) { 975 UBT_WARN(sc, "bulk-in transfer failed: %s\n", 976 usbd_errstr(error)); 977 978 /* Try to clear stall first */ 979 usbd_xfer_set_stall(xfer); 980 goto submit_next; 981 } 982 /* transfer cancelled */ 983 break; 984 } 985 } /* ubt_bulk_read_callback */ 986 987 /* 988 * Called when outgoing bulk transfer (ACL packet) has completed, i.e. 989 * ACL packet was sent to the device. 990 * USB context. 991 */ 992 993 static void 994 ubt_bulk_write_callback(struct usb_xfer *xfer, usb_error_t error) 995 { 996 struct ubt_softc *sc = usbd_xfer_softc(xfer); 997 struct mbuf *m; 998 struct usb_page_cache *pc; 999 int actlen; 1000 1001 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 1002 1003 switch (USB_GET_STATE(xfer)) { 1004 case USB_ST_TRANSFERRED: 1005 UBT_INFO(sc, "sent %d bytes to bulk-out pipe\n", actlen); 1006 UBT_STAT_BYTES_SENT(sc, actlen); 1007 UBT_STAT_PCKTS_SENT(sc); 1008 /* FALLTHROUGH */ 1009 1010 case USB_ST_SETUP: 1011 send_next: 1012 /* Get next mbuf, if any */ 1013 UBT_NG_LOCK(sc); 1014 NG_BT_MBUFQ_DEQUEUE(&sc->sc_aclq, m); 1015 UBT_NG_UNLOCK(sc); 1016 1017 if (m == NULL) { 1018 UBT_INFO(sc, "ACL data queue is empty\n"); 1019 break; /* transfer completed */ 1020 } 1021 1022 /* 1023 * Copy ACL data frame back to a linear USB transfer buffer 1024 * and schedule transfer 1025 */ 1026 1027 pc = usbd_xfer_get_frame(xfer, 0); 1028 usbd_m_copy_in(pc, 0, m, 0, m->m_pkthdr.len); 1029 usbd_xfer_set_frame_len(xfer, 0, m->m_pkthdr.len); 1030 1031 UBT_INFO(sc, "bulk-out transfer has been started, len=%d\n", 1032 m->m_pkthdr.len); 1033 1034 NG_FREE_M(m); 1035 1036 usbd_transfer_submit(xfer); 1037 break; 1038 1039 default: /* Error */ 1040 if (error != USB_ERR_CANCELLED) { 1041 UBT_WARN(sc, "bulk-out transfer failed: %s\n", 1042 usbd_errstr(error)); 1043 1044 UBT_STAT_OERROR(sc); 1045 1046 /* try to clear stall first */ 1047 usbd_xfer_set_stall(xfer); 1048 goto send_next; 1049 } 1050 /* transfer cancelled */ 1051 break; 1052 } 1053 } /* ubt_bulk_write_callback */ 1054 1055 /* 1056 * Called when incoming isoc transfer (SCO packet) has completed, i.e. 1057 * SCO packet was received from the device. 1058 * USB context. 1059 */ 1060 1061 static void 1062 ubt_isoc_read_callback(struct usb_xfer *xfer, usb_error_t error) 1063 { 1064 struct ubt_softc *sc = usbd_xfer_softc(xfer); 1065 int n; 1066 int actlen, nframes; 1067 1068 usbd_xfer_status(xfer, &actlen, NULL, NULL, &nframes); 1069 1070 switch (USB_GET_STATE(xfer)) { 1071 case USB_ST_TRANSFERRED: 1072 for (n = 0; n < nframes; n ++) 1073 if (ubt_isoc_read_one_frame(xfer, n) < 0) 1074 break; 1075 /* FALLTHROUGH */ 1076 1077 case USB_ST_SETUP: 1078 read_next: 1079 for (n = 0; n < nframes; n ++) 1080 usbd_xfer_set_frame_len(xfer, n, 1081 usbd_xfer_max_framelen(xfer)); 1082 1083 usbd_transfer_submit(xfer); 1084 break; 1085 1086 default: /* Error */ 1087 if (error != USB_ERR_CANCELLED) { 1088 UBT_STAT_IERROR(sc); 1089 goto read_next; 1090 } 1091 1092 /* transfer cancelled */ 1093 break; 1094 } 1095 } /* ubt_isoc_read_callback */ 1096 1097 /* 1098 * Helper function. Called from ubt_isoc_read_callback() to read 1099 * SCO data from one frame. 1100 * USB context. 1101 */ 1102 1103 static int 1104 ubt_isoc_read_one_frame(struct usb_xfer *xfer, int frame_no) 1105 { 1106 struct ubt_softc *sc = usbd_xfer_softc(xfer); 1107 struct usb_page_cache *pc; 1108 struct mbuf *m; 1109 int len, want, got, total; 1110 1111 /* Get existing SCO reassembly buffer */ 1112 pc = usbd_xfer_get_frame(xfer, 0); 1113 m = sc->sc_isoc_in_buffer; 1114 total = usbd_xfer_frame_len(xfer, frame_no); 1115 1116 /* While we have data in the frame */ 1117 while (total > 0) { 1118 if (m == NULL) { 1119 /* Start new reassembly buffer */ 1120 MGETHDR(m, M_NOWAIT, MT_DATA); 1121 if (m == NULL) { 1122 UBT_STAT_IERROR(sc); 1123 return (-1); /* XXX out of sync! */ 1124 } 1125 1126 MCLGET(m, M_NOWAIT); 1127 if (!(m->m_flags & M_EXT)) { 1128 UBT_STAT_IERROR(sc); 1129 NG_FREE_M(m); 1130 return (-1); /* XXX out of sync! */ 1131 } 1132 1133 /* Expect SCO header */ 1134 *mtod(m, uint8_t *) = NG_HCI_SCO_DATA_PKT; 1135 m->m_pkthdr.len = m->m_len = got = 1; 1136 want = sizeof(ng_hci_scodata_pkt_t); 1137 } else { 1138 /* 1139 * Check if we have SCO header and if so 1140 * adjust amount of data we want 1141 */ 1142 got = m->m_pkthdr.len; 1143 want = sizeof(ng_hci_scodata_pkt_t); 1144 1145 if (got >= want) 1146 want += mtod(m, ng_hci_scodata_pkt_t *)->length; 1147 } 1148 1149 /* Append frame data to the SCO reassembly buffer */ 1150 len = total; 1151 if (got + len > want) 1152 len = want - got; 1153 1154 usbd_copy_out(pc, frame_no * usbd_xfer_max_framelen(xfer), 1155 mtod(m, uint8_t *) + m->m_pkthdr.len, len); 1156 1157 m->m_pkthdr.len += len; 1158 m->m_len += len; 1159 total -= len; 1160 1161 /* Check if we got everything we wanted, if not - continue */ 1162 if (got != want) 1163 continue; 1164 1165 /* If we got here then we got complete SCO frame */ 1166 UBT_INFO(sc, "got complete SCO data frame, pktlen=%d, " \ 1167 "length=%d\n", m->m_pkthdr.len, 1168 mtod(m, ng_hci_scodata_pkt_t *)->length); 1169 1170 UBT_STAT_PCKTS_RECV(sc); 1171 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len); 1172 1173 ubt_fwd_mbuf_up(sc, &m); 1174 /* m == NULL at this point */ 1175 } 1176 1177 /* Put SCO reassembly buffer back */ 1178 sc->sc_isoc_in_buffer = m; 1179 1180 return (0); 1181 } /* ubt_isoc_read_one_frame */ 1182 1183 /* 1184 * Called when outgoing isoc transfer (SCO packet) has completed, i.e. 1185 * SCO packet was sent to the device. 1186 * USB context. 1187 */ 1188 1189 static void 1190 ubt_isoc_write_callback(struct usb_xfer *xfer, usb_error_t error) 1191 { 1192 struct ubt_softc *sc = usbd_xfer_softc(xfer); 1193 struct usb_page_cache *pc; 1194 struct mbuf *m; 1195 int n, space, offset; 1196 int actlen, nframes; 1197 1198 usbd_xfer_status(xfer, &actlen, NULL, NULL, &nframes); 1199 pc = usbd_xfer_get_frame(xfer, 0); 1200 1201 switch (USB_GET_STATE(xfer)) { 1202 case USB_ST_TRANSFERRED: 1203 UBT_INFO(sc, "sent %d bytes to isoc-out pipe\n", actlen); 1204 UBT_STAT_BYTES_SENT(sc, actlen); 1205 UBT_STAT_PCKTS_SENT(sc); 1206 /* FALLTHROUGH */ 1207 1208 case USB_ST_SETUP: 1209 send_next: 1210 offset = 0; 1211 space = usbd_xfer_max_framelen(xfer) * nframes; 1212 m = NULL; 1213 1214 while (space > 0) { 1215 if (m == NULL) { 1216 UBT_NG_LOCK(sc); 1217 NG_BT_MBUFQ_DEQUEUE(&sc->sc_scoq, m); 1218 UBT_NG_UNLOCK(sc); 1219 1220 if (m == NULL) 1221 break; 1222 } 1223 1224 n = min(space, m->m_pkthdr.len); 1225 if (n > 0) { 1226 usbd_m_copy_in(pc, offset, m,0, n); 1227 m_adj(m, n); 1228 1229 offset += n; 1230 space -= n; 1231 } 1232 1233 if (m->m_pkthdr.len == 0) 1234 NG_FREE_M(m); /* sets m = NULL */ 1235 } 1236 1237 /* Put whatever is left from mbuf back on queue */ 1238 if (m != NULL) { 1239 UBT_NG_LOCK(sc); 1240 NG_BT_MBUFQ_PREPEND(&sc->sc_scoq, m); 1241 UBT_NG_UNLOCK(sc); 1242 } 1243 1244 /* 1245 * Calculate sizes for isoc frames. 1246 * Note that offset could be 0 at this point (i.e. we have 1247 * nothing to send). That is fine, as we have isoc. transfers 1248 * going in both directions all the time. In this case it 1249 * would be just empty isoc. transfer. 1250 */ 1251 1252 for (n = 0; n < nframes; n ++) { 1253 usbd_xfer_set_frame_len(xfer, n, 1254 min(offset, usbd_xfer_max_framelen(xfer))); 1255 offset -= usbd_xfer_frame_len(xfer, n); 1256 } 1257 1258 usbd_transfer_submit(xfer); 1259 break; 1260 1261 default: /* Error */ 1262 if (error != USB_ERR_CANCELLED) { 1263 UBT_STAT_OERROR(sc); 1264 goto send_next; 1265 } 1266 1267 /* transfer cancelled */ 1268 break; 1269 } 1270 } 1271 1272 /* 1273 * Utility function to forward provided mbuf upstream (i.e. up the stack). 1274 * Modifies value of the mbuf pointer (sets it to NULL). 1275 * Save to call from any context. 1276 */ 1277 1278 static int 1279 ubt_fwd_mbuf_up(ubt_softc_p sc, struct mbuf **m) 1280 { 1281 hook_p hook; 1282 int error; 1283 1284 /* 1285 * Close the race with Netgraph hook newhook/disconnect methods. 1286 * Save the hook pointer atomically. Two cases are possible: 1287 * 1288 * 1) The hook pointer is NULL. It means disconnect method got 1289 * there first. In this case we are done. 1290 * 1291 * 2) The hook pointer is not NULL. It means that hook pointer 1292 * could be either in valid or invalid (i.e. in the process 1293 * of disconnect) state. In any case grab an extra reference 1294 * to protect the hook pointer. 1295 * 1296 * It is ok to pass hook in invalid state to NG_SEND_DATA_ONLY() as 1297 * it checks for it. Drop extra reference after NG_SEND_DATA_ONLY(). 1298 */ 1299 1300 UBT_NG_LOCK(sc); 1301 if ((hook = sc->sc_hook) != NULL) 1302 NG_HOOK_REF(hook); 1303 UBT_NG_UNLOCK(sc); 1304 1305 if (hook == NULL) { 1306 NG_FREE_M(*m); 1307 return (ENETDOWN); 1308 } 1309 1310 NG_SEND_DATA_ONLY(error, hook, *m); 1311 NG_HOOK_UNREF(hook); 1312 1313 if (error != 0) 1314 UBT_STAT_IERROR(sc); 1315 1316 return (error); 1317 } /* ubt_fwd_mbuf_up */ 1318 1319 /**************************************************************************** 1320 **************************************************************************** 1321 ** Glue 1322 **************************************************************************** 1323 ****************************************************************************/ 1324 1325 /* 1326 * Schedule glue task. Should be called with sc_ng_mtx held. 1327 * Netgraph context. 1328 */ 1329 1330 static void 1331 ubt_task_schedule(ubt_softc_p sc, int action) 1332 { 1333 KKASSERT(lockowned(&sc->sc_ng_lock) != 0); 1334 1335 /* 1336 * Try to handle corner case when "start all" and "stop all" 1337 * actions can both be set before task is executed. 1338 * 1339 * The rules are 1340 * 1341 * sc_task_flags action new sc_task_flags 1342 * ------------------------------------------------------ 1343 * 0 start start 1344 * 0 stop stop 1345 * start start start 1346 * start stop stop 1347 * stop start stop|start 1348 * stop stop stop 1349 * stop|start start stop|start 1350 * stop|start stop stop 1351 */ 1352 1353 if (action != 0) { 1354 if ((action & UBT_FLAG_T_STOP_ALL) != 0) 1355 sc->sc_task_flags &= ~UBT_FLAG_T_START_ALL; 1356 1357 sc->sc_task_flags |= action; 1358 } 1359 1360 if (sc->sc_task_flags & UBT_FLAG_T_PENDING) 1361 return; 1362 1363 if (taskqueue_enqueue(taskqueue_swi, &sc->sc_task) == 0) { 1364 sc->sc_task_flags |= UBT_FLAG_T_PENDING; 1365 return; 1366 } 1367 1368 /* XXX: i think this should never happen */ 1369 } /* ubt_task_schedule */ 1370 1371 /* 1372 * Glue task. Examines sc_task_flags and does things depending on it. 1373 * Taskqueue context. 1374 */ 1375 1376 static void 1377 ubt_task(void *context, int pending) 1378 { 1379 ubt_softc_p sc = context; 1380 int task_flags, i; 1381 1382 UBT_NG_LOCK(sc); 1383 task_flags = sc->sc_task_flags; 1384 sc->sc_task_flags = 0; 1385 UBT_NG_UNLOCK(sc); 1386 1387 /* 1388 * Stop all USB transfers synchronously. 1389 * Stop interface #0 and #1 transfers at the same time and in the 1390 * same loop. usbd_transfer_drain() will do appropriate locking. 1391 */ 1392 1393 if (task_flags & UBT_FLAG_T_STOP_ALL) 1394 for (i = 0; i < UBT_N_TRANSFER; i ++) 1395 usbd_transfer_drain(sc->sc_xfer[i]); 1396 1397 /* Start incoming interrupt and bulk, and all isoc. USB transfers */ 1398 if (task_flags & UBT_FLAG_T_START_ALL) { 1399 /* 1400 * Interface #0 1401 */ 1402 1403 lockmgr(&sc->sc_if_lock, LK_EXCLUSIVE); 1404 1405 ubt_xfer_start(sc, UBT_IF_0_INTR_DT_RD); 1406 ubt_xfer_start(sc, UBT_IF_0_BULK_DT_RD); 1407 1408 /* 1409 * Interface #1 1410 * Start both read and write isoc. transfers by default. 1411 * Get them going all the time even if we have nothing 1412 * to send to avoid any delays. 1413 */ 1414 1415 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_RD1); 1416 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_RD2); 1417 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_WR1); 1418 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_WR2); 1419 1420 lockmgr(&sc->sc_if_lock, LK_RELEASE); 1421 } 1422 1423 /* Start outgoing control transfer */ 1424 if (task_flags & UBT_FLAG_T_START_CTRL) { 1425 lockmgr(&sc->sc_if_lock, LK_EXCLUSIVE); 1426 ubt_xfer_start(sc, UBT_IF_0_CTRL_DT_WR); 1427 lockmgr(&sc->sc_if_lock, LK_RELEASE); 1428 } 1429 1430 /* Start outgoing bulk transfer */ 1431 if (task_flags & UBT_FLAG_T_START_BULK) { 1432 lockmgr(&sc->sc_if_lock, LK_EXCLUSIVE); 1433 ubt_xfer_start(sc, UBT_IF_0_BULK_DT_WR); 1434 lockmgr(&sc->sc_if_lock, LK_RELEASE); 1435 } 1436 } /* ubt_task */ 1437 1438 /**************************************************************************** 1439 **************************************************************************** 1440 ** Netgraph specific 1441 **************************************************************************** 1442 ****************************************************************************/ 1443 1444 /* 1445 * Netgraph node constructor. Do not allow to create node of this type. 1446 * Netgraph context. 1447 */ 1448 1449 static int 1450 ng_ubt_constructor(node_p node) 1451 { 1452 return (EINVAL); 1453 } /* ng_ubt_constructor */ 1454 1455 /* 1456 * Netgraph node destructor. Destroy node only when device has been detached. 1457 * Netgraph context. 1458 */ 1459 1460 static int 1461 ng_ubt_shutdown(node_p node) 1462 { 1463 if (node->nd_flags & NGF_REALLY_DIE) { 1464 /* 1465 * We came here because the USB device is being 1466 * detached, so stop being persistant. 1467 */ 1468 NG_NODE_SET_PRIVATE(node, NULL); 1469 NG_NODE_UNREF(node); 1470 } else 1471 NG_NODE_REVIVE(node); /* tell ng_rmnode we are persisant */ 1472 1473 return (0); 1474 } /* ng_ubt_shutdown */ 1475 1476 /* 1477 * Create new hook. There can only be one. 1478 * Netgraph context. 1479 */ 1480 1481 static int 1482 ng_ubt_newhook(node_p node, hook_p hook, char const *name) 1483 { 1484 struct ubt_softc *sc = NG_NODE_PRIVATE(node); 1485 1486 if (strcmp(name, NG_UBT_HOOK) != 0) 1487 return (EINVAL); 1488 1489 UBT_NG_LOCK(sc); 1490 if (sc->sc_hook != NULL) { 1491 UBT_NG_UNLOCK(sc); 1492 1493 return (EISCONN); 1494 } 1495 1496 sc->sc_hook = hook; 1497 UBT_NG_UNLOCK(sc); 1498 1499 return (0); 1500 } /* ng_ubt_newhook */ 1501 1502 /* 1503 * Connect hook. Start incoming USB transfers. 1504 * Netgraph context. 1505 */ 1506 1507 static int 1508 ng_ubt_connect(hook_p hook) 1509 { 1510 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 1511 1512 NG_HOOK_FORCE_QUEUE(NG_HOOK_PEER(hook)); 1513 1514 UBT_NG_LOCK(sc); 1515 ubt_task_schedule(sc, UBT_FLAG_T_START_ALL); 1516 UBT_NG_UNLOCK(sc); 1517 1518 return (0); 1519 } /* ng_ubt_connect */ 1520 1521 /* 1522 * Disconnect hook. 1523 * Netgraph context. 1524 */ 1525 1526 static int 1527 ng_ubt_disconnect(hook_p hook) 1528 { 1529 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 1530 1531 UBT_NG_LOCK(sc); 1532 1533 if (hook != sc->sc_hook) { 1534 UBT_NG_UNLOCK(sc); 1535 1536 return (EINVAL); 1537 } 1538 1539 sc->sc_hook = NULL; 1540 1541 /* Kick off task to stop all USB xfers */ 1542 ubt_task_schedule(sc, UBT_FLAG_T_STOP_ALL); 1543 1544 /* Drain queues */ 1545 NG_BT_MBUFQ_DRAIN(&sc->sc_cmdq); 1546 NG_BT_MBUFQ_DRAIN(&sc->sc_aclq); 1547 NG_BT_MBUFQ_DRAIN(&sc->sc_scoq); 1548 1549 UBT_NG_UNLOCK(sc); 1550 1551 return (0); 1552 } /* ng_ubt_disconnect */ 1553 1554 /* 1555 * Process control message. 1556 * Netgraph context. 1557 */ 1558 1559 static int 1560 ng_ubt_rcvmsg(node_p node, item_p item, hook_p lasthook) 1561 { 1562 struct ubt_softc *sc = NG_NODE_PRIVATE(node); 1563 struct ng_mesg *msg, *rsp = NULL; 1564 struct ng_bt_mbufq *q; 1565 int error = 0, queue, qlen; 1566 1567 NGI_GET_MSG(item, msg); 1568 1569 switch (msg->header.typecookie) { 1570 case NGM_GENERIC_COOKIE: 1571 switch (msg->header.cmd) { 1572 case NGM_TEXT_STATUS: 1573 NG_MKRESPONSE(rsp, msg, NG_TEXTRESPONSE, M_WAITOK | M_NULLOK); 1574 if (rsp == NULL) { 1575 error = ENOMEM; 1576 break; 1577 } 1578 1579 ksnprintf(rsp->data, NG_TEXTRESPONSE, 1580 "Hook: %s\n" \ 1581 "Task flags: %#x\n" \ 1582 "Debug: %d\n" \ 1583 "CMD queue: [have:%d,max:%d]\n" \ 1584 "ACL queue: [have:%d,max:%d]\n" \ 1585 "SCO queue: [have:%d,max:%d]", 1586 (sc->sc_hook != NULL) ? NG_UBT_HOOK : "", 1587 sc->sc_task_flags, 1588 sc->sc_debug, 1589 sc->sc_cmdq.len, 1590 sc->sc_cmdq.maxlen, 1591 sc->sc_aclq.len, 1592 sc->sc_aclq.maxlen, 1593 sc->sc_scoq.len, 1594 sc->sc_scoq.maxlen); 1595 break; 1596 1597 default: 1598 error = EINVAL; 1599 break; 1600 } 1601 break; 1602 1603 case NGM_UBT_COOKIE: 1604 switch (msg->header.cmd) { 1605 case NGM_UBT_NODE_SET_DEBUG: 1606 if (msg->header.arglen != sizeof(ng_ubt_node_debug_ep)){ 1607 error = EMSGSIZE; 1608 break; 1609 } 1610 1611 sc->sc_debug = *((ng_ubt_node_debug_ep *) (msg->data)); 1612 break; 1613 1614 case NGM_UBT_NODE_GET_DEBUG: 1615 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_debug_ep), 1616 M_WAITOK | M_NULLOK); 1617 if (rsp == NULL) { 1618 error = ENOMEM; 1619 break; 1620 } 1621 1622 *((ng_ubt_node_debug_ep *) (rsp->data)) = sc->sc_debug; 1623 break; 1624 1625 case NGM_UBT_NODE_SET_QLEN: 1626 if (msg->header.arglen != sizeof(ng_ubt_node_qlen_ep)) { 1627 error = EMSGSIZE; 1628 break; 1629 } 1630 1631 queue = ((ng_ubt_node_qlen_ep *) (msg->data))->queue; 1632 qlen = ((ng_ubt_node_qlen_ep *) (msg->data))->qlen; 1633 1634 switch (queue) { 1635 case NGM_UBT_NODE_QUEUE_CMD: 1636 q = &sc->sc_cmdq; 1637 break; 1638 1639 case NGM_UBT_NODE_QUEUE_ACL: 1640 q = &sc->sc_aclq; 1641 break; 1642 1643 case NGM_UBT_NODE_QUEUE_SCO: 1644 q = &sc->sc_scoq; 1645 break; 1646 1647 default: 1648 error = EINVAL; 1649 goto done; 1650 /* NOT REACHED */ 1651 } 1652 1653 q->maxlen = qlen; 1654 break; 1655 1656 case NGM_UBT_NODE_GET_QLEN: 1657 if (msg->header.arglen != sizeof(ng_ubt_node_qlen_ep)) { 1658 error = EMSGSIZE; 1659 break; 1660 } 1661 1662 queue = ((ng_ubt_node_qlen_ep *) (msg->data))->queue; 1663 1664 switch (queue) { 1665 case NGM_UBT_NODE_QUEUE_CMD: 1666 q = &sc->sc_cmdq; 1667 break; 1668 1669 case NGM_UBT_NODE_QUEUE_ACL: 1670 q = &sc->sc_aclq; 1671 break; 1672 1673 case NGM_UBT_NODE_QUEUE_SCO: 1674 q = &sc->sc_scoq; 1675 break; 1676 1677 default: 1678 error = EINVAL; 1679 goto done; 1680 /* NOT REACHED */ 1681 } 1682 1683 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_qlen_ep), 1684 M_WAITOK | M_NULLOK); 1685 if (rsp == NULL) { 1686 error = ENOMEM; 1687 break; 1688 } 1689 1690 ((ng_ubt_node_qlen_ep *) (rsp->data))->queue = queue; 1691 ((ng_ubt_node_qlen_ep *) (rsp->data))->qlen = q->maxlen; 1692 break; 1693 1694 case NGM_UBT_NODE_GET_STAT: 1695 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_stat_ep), 1696 M_WAITOK | M_NULLOK); 1697 if (rsp == NULL) { 1698 error = ENOMEM; 1699 break; 1700 } 1701 1702 bcopy(&sc->sc_stat, rsp->data, 1703 sizeof(ng_ubt_node_stat_ep)); 1704 break; 1705 1706 case NGM_UBT_NODE_RESET_STAT: 1707 UBT_STAT_RESET(sc); 1708 break; 1709 1710 default: 1711 error = EINVAL; 1712 break; 1713 } 1714 break; 1715 1716 default: 1717 error = EINVAL; 1718 break; 1719 } 1720 done: 1721 NG_RESPOND_MSG(error, node, item, rsp); 1722 NG_FREE_MSG(msg); 1723 1724 return (error); 1725 } /* ng_ubt_rcvmsg */ 1726 1727 /* 1728 * Process data. 1729 * Netgraph context. 1730 */ 1731 1732 static int 1733 ng_ubt_rcvdata(hook_p hook, item_p item) 1734 { 1735 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 1736 struct mbuf *m; 1737 struct ng_bt_mbufq *q; 1738 int action, error = 0; 1739 1740 if (hook != sc->sc_hook) { 1741 error = EINVAL; 1742 goto done; 1743 } 1744 1745 /* Deatch mbuf and get HCI frame type */ 1746 NGI_GET_M(item, m); 1747 1748 /* 1749 * Minimal size of the HCI frame is 4 bytes: 1 byte frame type, 1750 * 2 bytes connection handle and at least 1 byte of length. 1751 * Panic on data frame that has size smaller than 4 bytes (it 1752 * should not happen) 1753 */ 1754 1755 if (m->m_pkthdr.len < 4) 1756 panic("HCI frame size is too small! pktlen=%d\n", 1757 m->m_pkthdr.len); 1758 1759 /* Process HCI frame */ 1760 switch (*mtod(m, uint8_t *)) { /* XXX call m_pullup ? */ 1761 case NG_HCI_CMD_PKT: 1762 if (m->m_pkthdr.len - 1 > (int)UBT_CTRL_BUFFER_SIZE) 1763 panic("HCI command frame size is too big! " \ 1764 "buffer size=%zd, packet len=%d\n", 1765 UBT_CTRL_BUFFER_SIZE, m->m_pkthdr.len); 1766 1767 q = &sc->sc_cmdq; 1768 action = UBT_FLAG_T_START_CTRL; 1769 break; 1770 1771 case NG_HCI_ACL_DATA_PKT: 1772 if (m->m_pkthdr.len - 1 > UBT_BULK_WRITE_BUFFER_SIZE) 1773 panic("ACL data frame size is too big! " \ 1774 "buffer size=%d, packet len=%d\n", 1775 UBT_BULK_WRITE_BUFFER_SIZE, m->m_pkthdr.len); 1776 1777 q = &sc->sc_aclq; 1778 action = UBT_FLAG_T_START_BULK; 1779 break; 1780 1781 case NG_HCI_SCO_DATA_PKT: 1782 q = &sc->sc_scoq; 1783 action = 0; 1784 break; 1785 1786 default: 1787 UBT_ERR(sc, "Dropping unsupported HCI frame, type=0x%02x, " \ 1788 "pktlen=%d\n", *mtod(m, uint8_t *), m->m_pkthdr.len); 1789 1790 NG_FREE_M(m); 1791 error = EINVAL; 1792 goto done; 1793 /* NOT REACHED */ 1794 } 1795 1796 UBT_NG_LOCK(sc); 1797 if (NG_BT_MBUFQ_FULL(q)) { 1798 NG_BT_MBUFQ_DROP(q); 1799 UBT_NG_UNLOCK(sc); 1800 1801 UBT_ERR(sc, "Dropping HCI frame 0x%02x, len=%d. Queue full\n", 1802 *mtod(m, uint8_t *), m->m_pkthdr.len); 1803 1804 NG_FREE_M(m); 1805 } else { 1806 /* Loose HCI packet type, enqueue mbuf and kick off task */ 1807 m_adj(m, sizeof(uint8_t)); 1808 NG_BT_MBUFQ_ENQUEUE(q, m); 1809 ubt_task_schedule(sc, action); 1810 UBT_NG_UNLOCK(sc); 1811 } 1812 done: 1813 NG_FREE_ITEM(item); 1814 1815 return (error); 1816 } /* ng_ubt_rcvdata */ 1817 1818 /**************************************************************************** 1819 **************************************************************************** 1820 ** Module 1821 **************************************************************************** 1822 ****************************************************************************/ 1823 1824 /* 1825 * Load/Unload the driver module 1826 */ 1827 1828 static int 1829 ubt_modevent(module_t mod, int event, void *data) 1830 { 1831 int error; 1832 1833 switch (event) { 1834 case MOD_LOAD: 1835 error = ng_newtype(&typestruct); 1836 if (error != 0) 1837 kprintf("%s: Could not register Netgraph node type, " \ 1838 "error=%d\n", NG_UBT_NODE_TYPE, error); 1839 break; 1840 1841 case MOD_UNLOAD: 1842 error = ng_rmtype(&typestruct); 1843 break; 1844 1845 default: 1846 error = EOPNOTSUPP; 1847 break; 1848 } 1849 1850 return (error); 1851 } /* ubt_modevent */ 1852 1853 static devclass_t ubt_devclass; 1854 1855 static device_method_t ubt_methods[] = 1856 { 1857 DEVMETHOD(device_probe, ubt_probe), 1858 DEVMETHOD(device_attach, ubt_attach), 1859 DEVMETHOD(device_detach, ubt_detach), 1860 1861 DEVMETHOD_END 1862 }; 1863 1864 static driver_t ubt_driver = 1865 { 1866 .name = "ubt", 1867 .methods = ubt_methods, 1868 .size = sizeof(struct ubt_softc), 1869 }; 1870 1871 DRIVER_MODULE(ng_ubt, uhub, ubt_driver, ubt_devclass, ubt_modevent, NULL); 1872 MODULE_VERSION(ng_ubt, NG_BLUETOOTH_VERSION); 1873 MODULE_DEPEND(ng_ubt, netgraph, NG_ABI_VERSION, NG_ABI_VERSION, NG_ABI_VERSION); 1874 MODULE_DEPEND(ng_ubt, ng_hci, NG_BLUETOOTH_VERSION, NG_BLUETOOTH_VERSION, NG_BLUETOOTH_VERSION); 1875 MODULE_DEPEND(ng_ubt, usb, 1, 1, 1); 1876 1877