1 /* 2 * 3 * Copyright (c) 2013, The Linux Foundation. All rights reserved. 4 * Not a Contribution. 5 * 6 * Copyright 2012 The Android Open Source Project 7 * 8 * Licensed under the Apache License, Version 2.0 (the "License"); you 9 * may not use this file except in compliance with the License. You may 10 * obtain a copy of the License at 11 * 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, software 15 * distributed under the License is distributed on an "AS IS" BASIS, 16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 17 * implied. See the License for the specific language governing 18 * permissions and limitations under the License. 19 * 20 */ 21 22 /****************************************************************************** 23 * 24 * Filename: hw_ar3k.c 25 * 26 * Description: Contains controller-specific functions, like 27 * firmware patch download 28 * low power mode operations 29 * 30 ******************************************************************************/ 31 #ifdef __cplusplus 32 extern "C" { 33 #endif 34 35 #define LOG_TAG "bt_vendor" 36 37 #include <sys/socket.h> 38 #include <utils/Log.h> 39 #include <sys/types.h> 40 #include <sys/stat.h> 41 #include <signal.h> 42 #include <time.h> 43 #include <errno.h> 44 #include <fcntl.h> 45 #include <dirent.h> 46 #include <ctype.h> 47 #include <cutils/properties.h> 48 #include <stdlib.h> 49 #include <string.h> 50 #include <termios.h> 51 #include <string.h> 52 53 #include "bt_hci_bdroid.h" 54 #include "hci_uart.h" 55 #include "hw_ar3k.h" 56 57 /****************************************************************************** 58 ** Variables 59 ******************************************************************************/ 60 int cbstat = 0; 61 #define PATCH_LOC_STRING_LEN 8 62 char ARbyte[3]; 63 char ARptr[MAX_PATCH_CMD + 1]; 64 int byte_cnt; 65 int patch_count = 0; 66 char patch_loc[PATCH_LOC_STRING_LEN + 1]; 67 int PSCounter=0; 68 69 uint32_t dev_type = 0; 70 uint32_t rom_version = 0; 71 uint32_t build_version = 0; 72 73 char patch_file[PATH_MAX]; 74 char ps_file[PATH_MAX]; 75 FILE *stream; 76 int tag_count=0; 77 78 /* for friendly debugging outpout string */ 79 static char *lpm_mode[] = { 80 "UNKNOWN", 81 "disabled", 82 "enabled" 83 }; 84 85 static char *lpm_state[] = { 86 "UNKNOWN", 87 "de-asserted", 88 "asserted" 89 }; 90 91 static uint8_t upio_state[UPIO_MAX_COUNT]; 92 struct ps_cfg_entry ps_list[MAX_TAGS]; 93 94 #define PS_EVENT_LEN 100 95 96 #ifdef __cplusplus 97 } 98 #endif 99 100 #define RESERVED(p) if(p) ALOGI( "%s: reserved param", __FUNCTION__); 101 102 /***************************************************************************** 103 ** Functions 104 *****************************************************************************/ 105 106 int is_bt_soc_ath() { 107 int ret = 0; 108 char bt_soc_type[PROPERTY_VALUE_MAX]; 109 ret = property_get("qcom.bluetooth.soc", bt_soc_type, NULL); 110 if (ret != 0) { 111 ALOGI("qcom.bluetooth.soc set to %s\n", bt_soc_type); 112 if (!strncasecmp(bt_soc_type, "ath3k", sizeof("ath3k"))) 113 return 1; 114 } else { 115 ALOGI("qcom.bluetooth.soc not set, so using default.\n"); 116 } 117 118 return 0; 119 } 120 121 /* 122 * Send HCI command and wait for command complete event. 123 * The event buffer has to be freed by the caller. 124 */ 125 126 static int send_hci_cmd_sync(int dev, uint8_t *cmd, int len, uint8_t **event) 127 { 128 int err; 129 uint8_t *hci_event; 130 uint8_t pkt_type = HCI_COMMAND_PKT; 131 132 if (len == 0) 133 return len; 134 135 if (write(dev, &pkt_type, 1) != 1) 136 return -EILSEQ; 137 if (write(dev, (unsigned char *)cmd, len) != len) 138 return -EILSEQ; 139 140 hci_event = (uint8_t *)malloc(PS_EVENT_LEN); 141 if (!hci_event) 142 return -ENOMEM; 143 144 err = read_hci_event(dev, (unsigned char *)hci_event, PS_EVENT_LEN); 145 if (err > 0) { 146 *event = hci_event; 147 } else { 148 free(hci_event); 149 return -EILSEQ; 150 } 151 152 return len; 153 } 154 155 static void convert_bdaddr(char *str_bdaddr, char *bdaddr) 156 { 157 char bdbyte[3]; 158 char *str_byte = str_bdaddr; 159 int i, j; 160 int colon_present = 0; 161 162 if (strstr(str_bdaddr, ":")) 163 colon_present = 1; 164 165 bdbyte[2] = '\0'; 166 167 /* Reverse the BDADDR to LSB first */ 168 for (i = 0, j = 5; i < 6; i++, j--) { 169 bdbyte[0] = str_byte[0]; 170 bdbyte[1] = str_byte[1]; 171 bdaddr[j] = strtol(bdbyte, NULL, 16); 172 173 if (colon_present == 1) 174 str_byte += 3; 175 else 176 str_byte += 2; 177 } 178 } 179 180 static int uart_speed(int s) 181 { 182 switch (s) { 183 case 9600: 184 return B9600; 185 case 19200: 186 return B19200; 187 case 38400: 188 return B38400; 189 case 57600: 190 return B57600; 191 case 115200: 192 return B115200; 193 case 230400: 194 return B230400; 195 case 460800: 196 return B460800; 197 case 500000: 198 return B500000; 199 case 576000: 200 return B576000; 201 case 921600: 202 return B921600; 203 case 1000000: 204 return B1000000; 205 case 1152000: 206 return B1152000; 207 case 1500000: 208 return B1500000; 209 case 2000000: 210 return B2000000; 211 #ifdef B2500000 212 case 2500000: 213 return B2500000; 214 #endif 215 #ifdef B3000000 216 case 3000000: 217 return B3000000; 218 #endif 219 #ifdef B3500000 220 case 3500000: 221 return B3500000; 222 #endif 223 #ifdef B4000000 224 case 4000000: 225 return B4000000; 226 #endif 227 default: 228 return B57600; 229 } 230 } 231 232 int set_speed(int fd, struct termios *ti, int speed) 233 { 234 if (cfsetospeed(ti, uart_speed(speed)) < 0) 235 return -errno; 236 237 if (cfsetispeed(ti, uart_speed(speed)) < 0) 238 return -errno; 239 240 if (tcsetattr(fd, TCSANOW, ti) < 0) 241 return -errno; 242 243 return 0; 244 } 245 246 static void load_hci_ps_hdr(uint8_t *cmd, uint8_t ps_op, int len, int index) 247 { 248 hci_command_hdr *ch = (void *)cmd; 249 250 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 251 HCI_PS_CMD_OCF)); 252 ch->plen = len + PS_HDR_LEN; 253 cmd += HCI_COMMAND_HDR_SIZE; 254 255 cmd[0] = ps_op; 256 cmd[1] = index; 257 cmd[2] = index >> 8; 258 cmd[3] = len; 259 } 260 261 262 static int read_ps_event(uint8_t *event, uint16_t ocf) 263 { 264 hci_event_hdr *eh; 265 uint16_t opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, ocf)); 266 267 event++; 268 269 eh = (void *)event; 270 event += HCI_EVENT_HDR_SIZE; 271 272 if (eh->evt == EVT_CMD_COMPLETE) { 273 evt_cmd_complete *cc = (void *)event; 274 275 event += EVT_CMD_COMPLETE_SIZE; 276 277 if (cc->opcode == opcode && event[0] == HCI_EV_SUCCESS) 278 return 0; 279 else 280 return -EILSEQ; 281 } 282 283 return -EILSEQ; 284 } 285 286 #define PS_WRITE 1 287 #define PS_RESET 2 288 #define WRITE_PATCH 8 289 #define ENABLE_PATCH 11 290 291 #define HCI_PS_CMD_HDR_LEN 7 292 293 static int write_cmd(int fd, uint8_t *buffer, int len) 294 { 295 uint8_t *event; 296 int err; 297 298 err = send_hci_cmd_sync(fd, buffer, len, &event); 299 if (err < 0) 300 return err; 301 302 err = read_ps_event(event, HCI_PS_CMD_OCF); 303 304 free(event); 305 306 return err; 307 } 308 309 #define PS_RESET_PARAM_LEN 6 310 #define PS_RESET_CMD_LEN (HCI_PS_CMD_HDR_LEN + PS_RESET_PARAM_LEN) 311 312 #define PS_ID_MASK 0xFF 313 314 /* Sends PS commands using vendor specficic HCI commands */ 315 static int write_ps_cmd(int fd, uint8_t opcode, uint32_t ps_param) 316 { 317 uint8_t cmd[HCI_MAX_CMD_SIZE]; 318 uint32_t i; 319 320 switch (opcode) { 321 case ENABLE_PATCH: 322 load_hci_ps_hdr(cmd, opcode, 0, 0x00); 323 324 if (write_cmd(fd, cmd, HCI_PS_CMD_HDR_LEN) < 0) 325 return -EILSEQ; 326 break; 327 328 case PS_RESET: 329 load_hci_ps_hdr(cmd, opcode, PS_RESET_PARAM_LEN, 0x00); 330 331 cmd[7] = 0x00; 332 cmd[PS_RESET_CMD_LEN - 2] = ps_param & PS_ID_MASK; 333 cmd[PS_RESET_CMD_LEN - 1] = (ps_param >> 8) & PS_ID_MASK; 334 335 if (write_cmd(fd, cmd, PS_RESET_CMD_LEN) < 0) 336 return -EILSEQ; 337 break; 338 339 case PS_WRITE: 340 for (i = 0; i < ps_param; i++) { 341 load_hci_ps_hdr(cmd, opcode, ps_list[i].len, 342 ps_list[i].id); 343 344 memcpy(&cmd[HCI_PS_CMD_HDR_LEN], ps_list[i].data, 345 ps_list[i].len); 346 347 if (write_cmd(fd, cmd, ps_list[i].len + 348 HCI_PS_CMD_HDR_LEN) < 0) 349 return -EILSEQ; 350 } 351 break; 352 } 353 354 return 0; 355 } 356 357 #define PS_ASIC_FILE "PS_ASIC.pst" 358 #define PS_FPGA_FILE "PS_FPGA.pst" 359 #define MAXPATHLEN 4096 360 static void get_ps_file_name(uint32_t devtype, uint32_t rom_version,char *path) 361 { 362 char *filename; 363 364 if (devtype == 0xdeadc0de) 365 filename = PS_ASIC_FILE; 366 else 367 filename = PS_FPGA_FILE; 368 369 snprintf(path, MAXPATHLEN, "%s%x/%s", FW_PATH, rom_version, filename); 370 } 371 372 #define PATCH_FILE "RamPatch.txt" 373 #define FPGA_ROM_VERSION 0x99999999 374 #define ROM_DEV_TYPE 0xdeadc0de 375 376 static void get_patch_file_name(uint32_t dev_type, uint32_t rom_version, 377 uint32_t build_version, char *path) 378 { 379 if (rom_version == FPGA_ROM_VERSION && dev_type != ROM_DEV_TYPE 380 &&dev_type != 0 && build_version == 1) 381 path[0] = '\0'; 382 else 383 snprintf(path, MAXPATHLEN, "%s%x/%s", FW_PATH, rom_version, PATCH_FILE); 384 } 385 386 static int set_cntrlr_baud(int fd, int speed) 387 { 388 int baud; 389 struct timespec tm = { 0, 500000}; 390 unsigned char cmd[MAX_CMD_LEN], rsp[HCI_MAX_EVENT_SIZE]; 391 unsigned char *ptr = cmd + 1; 392 hci_command_hdr *ch = (void *)ptr; 393 394 cmd[0] = HCI_COMMAND_PKT; 395 396 /* set controller baud rate to user specified value */ 397 ptr = cmd + 1; 398 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 399 HCI_CHG_BAUD_CMD_OCF)); 400 ch->plen = 2; 401 ptr += HCI_COMMAND_HDR_SIZE; 402 403 baud = speed/100; 404 ptr[0] = (char)baud; 405 ptr[1] = (char)(baud >> 8); 406 407 if (write(fd, cmd, WRITE_BAUD_CMD_LEN) != WRITE_BAUD_CMD_LEN) { 408 ALOGI("Failed to write change baud rate command"); 409 return -ETIMEDOUT; 410 } 411 412 nanosleep(&tm, NULL); 413 414 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) 415 return -ETIMEDOUT; 416 417 return 0; 418 } 419 420 #define PS_UNDEF 0 421 #define PS_ID 1 422 #define PS_LEN 2 423 #define PS_DATA 3 424 425 #define PS_MAX_LEN 500 426 #define LINE_SIZE_MAX (PS_MAX_LEN * 2) 427 #define ENTRY_PER_LINE 16 428 429 #define __check_comment(buf) (((buf)[0] == '/') && ((buf)[1] == '/')) 430 #define __skip_space(str) while (*(str) == ' ') ((str)++) 431 432 433 #define __is_delim(ch) ((ch) == ':') 434 #define MAX_PREAMBLE_LEN 4 435 436 /* Parse PS entry preamble of format [X:X] for main type and subtype */ 437 static int get_ps_type(char *ptr, int index, char *type, char *sub_type) 438 { 439 int i; 440 int delim = FALSE; 441 442 if (index > MAX_PREAMBLE_LEN) 443 return -EILSEQ; 444 445 for (i = 1; i < index; i++) { 446 if (__is_delim(ptr[i])) { 447 delim = TRUE; 448 continue; 449 } 450 451 if (isalpha(ptr[i])) { 452 if (delim == FALSE) 453 (*type) = toupper(ptr[i]); 454 else 455 (*sub_type) = toupper(ptr[i]); 456 } 457 } 458 459 return 0; 460 } 461 462 #define ARRAY 'A' 463 #define STRING 'S' 464 #define DECIMAL 'D' 465 #define BINARY 'B' 466 467 #define PS_HEX 0 468 #define PS_DEC 1 469 470 static int get_input_format(char *buf, struct ps_entry_type *format) 471 { 472 char *ptr = NULL; 473 char type = '\0'; 474 char sub_type = '\0'; 475 476 format->type = PS_HEX; 477 format->array = TRUE; 478 479 if (strstr(buf, "[") != buf) 480 return 0; 481 482 ptr = strstr(buf, "]"); 483 if (!ptr) 484 return -EILSEQ; 485 486 if (get_ps_type(buf, ptr - buf, &type, &sub_type) < 0) 487 return -EILSEQ; 488 489 /* Check is data type is of array */ 490 if (type == ARRAY || sub_type == ARRAY) 491 format->array = TRUE; 492 493 if (type == STRING || sub_type == STRING) 494 format->array = FALSE; 495 496 if (type == DECIMAL || type == BINARY) 497 format->type = PS_DEC; 498 else 499 format->type = PS_HEX; 500 501 return 0; 502 } 503 504 505 506 #define UNDEFINED 0xFFFF 507 508 static unsigned int read_data_in_section(char *buf, struct ps_entry_type type) 509 { 510 char *ptr = buf; 511 512 if (!buf) 513 return UNDEFINED; 514 515 if (buf == strstr(buf, "[")) { 516 ptr = strstr(buf, "]"); 517 if (!ptr) 518 return UNDEFINED; 519 520 ptr++; 521 } 522 523 if (type.type == PS_HEX && type.array != TRUE) 524 return strtol(ptr, NULL, 16); 525 526 return UNDEFINED; 527 } 528 529 530 /* Read PS entries as string, convert and add to Hex array */ 531 static void update_tag_data(struct ps_cfg_entry *tag, 532 struct tag_info *info, const char *ptr) 533 { 534 char buf[3]; 535 536 buf[2] = '\0'; 537 538 strlcpy(buf, &ptr[info->char_cnt],sizeof(buf)); 539 tag->data[info->byte_count] = strtol(buf, NULL, 16); 540 info->char_cnt += 3; 541 info->byte_count++; 542 543 strlcpy(buf, &ptr[info->char_cnt], sizeof(buf)); 544 tag->data[info->byte_count] = strtol(buf, NULL, 16); 545 info->char_cnt += 3; 546 info->byte_count++; 547 } 548 549 static inline int update_char_count(const char *buf) 550 { 551 char *end_ptr; 552 553 if (strstr(buf, "[") == buf) { 554 end_ptr = strstr(buf, "]"); 555 if (!end_ptr) 556 return 0; 557 else 558 return(end_ptr - buf) + 1; 559 } 560 561 return 0; 562 } 563 564 #define PS_HEX 0 565 #define PS_DEC 1 566 567 static int ath_parse_ps(FILE *stream) 568 { 569 char buf[LINE_SIZE_MAX + 1]; 570 char *ptr; 571 uint8_t tag_cnt = 0; 572 int16_t byte_count = 0; 573 struct ps_entry_type format; 574 struct tag_info status = { 0, 0, 0, 0}; 575 576 do { 577 int read_count; 578 struct ps_cfg_entry *tag; 579 580 ptr = fgets(buf, LINE_SIZE_MAX, stream); 581 if (!ptr) 582 break; 583 584 __skip_space(ptr); 585 if (__check_comment(ptr)) 586 continue; 587 588 /* Lines with a '#' will be followed by new PS entry */ 589 if (ptr == strstr(ptr, "#")) { 590 if (status.section != PS_UNDEF) { 591 return -EILSEQ; 592 } else { 593 status.section = PS_ID; 594 continue; 595 } 596 } 597 598 tag = &ps_list[tag_cnt]; 599 600 switch (status.section) { 601 case PS_ID: 602 if (get_input_format(ptr, &format) < 0) 603 return -EILSEQ; 604 605 tag->id = read_data_in_section(ptr, format); 606 status.section = PS_LEN; 607 break; 608 609 case PS_LEN: 610 if (get_input_format(ptr, &format) < 0) 611 return -EILSEQ; 612 613 byte_count = read_data_in_section(ptr, format); 614 if (byte_count > PS_MAX_LEN) 615 return -EILSEQ; 616 617 tag->len = byte_count; 618 tag->data = (uint8_t *)malloc(byte_count); 619 620 status.section = PS_DATA; 621 status.line_count = 0; 622 break; 623 624 case PS_DATA: 625 if (status.line_count == 0) 626 if (get_input_format(ptr, &format) < 0) 627 return -EILSEQ; 628 629 __skip_space(ptr); 630 631 status.char_cnt = update_char_count(ptr); 632 633 read_count = (byte_count > ENTRY_PER_LINE) ? 634 ENTRY_PER_LINE : byte_count; 635 636 if (format.type == PS_HEX && format.array == TRUE) { 637 while (read_count > 0) { 638 update_tag_data(tag, &status, ptr); 639 read_count -= 2; 640 } 641 642 if (byte_count > ENTRY_PER_LINE) 643 byte_count -= ENTRY_PER_LINE; 644 else 645 byte_count = 0; 646 } 647 648 status.line_count++; 649 650 if (byte_count == 0) 651 memset(&status, 0x00, sizeof(struct tag_info)); 652 653 if (status.section == PS_UNDEF) 654 tag_cnt++; 655 656 if (tag_cnt == MAX_TAGS) 657 return -EILSEQ; 658 break; 659 } 660 } while (ptr); 661 662 return tag_cnt; 663 } 664 665 #define PS_RAM_SIZE 2048 666 667 static int ps_config_download(int fd, int tag_count) 668 { 669 if (write_ps_cmd(fd, PS_RESET, PS_RAM_SIZE) < 0) 670 return -1; 671 672 if (tag_count > 0) 673 if (write_ps_cmd(fd, PS_WRITE, tag_count) < 0) 674 return -1; 675 return 0; 676 } 677 678 static int write_bdaddr(int pConfig, char *bdaddr) 679 { 680 uint8_t *event; 681 int err; 682 uint8_t cmd[13]; 683 uint8_t *ptr = cmd; 684 hci_command_hdr *ch = (void *)cmd; 685 686 memset(cmd, 0, sizeof(cmd)); 687 688 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 689 HCI_PS_CMD_OCF)); 690 ch->plen = 10; 691 ptr += HCI_COMMAND_HDR_SIZE; 692 693 ptr[0] = 0x01; 694 ptr[1] = 0x01; 695 ptr[2] = 0x00; 696 ptr[3] = 0x06; 697 698 convert_bdaddr(bdaddr, (char *)&ptr[4]); 699 700 err = send_hci_cmd_sync(pConfig, cmd, sizeof(cmd), &event); 701 if (err < 0) 702 return err; 703 704 err = read_ps_event(event, HCI_PS_CMD_OCF); 705 706 free(event); 707 708 return err; 709 } 710 711 static void write_bdaddr_from_file(int rom_version, int fd) 712 { 713 FILE *stream; 714 char bdaddr[PATH_MAX]; 715 char bdaddr_file[PATH_MAX]; 716 717 snprintf(bdaddr_file, MAXPATHLEN, "%s%x/%s", 718 FW_PATH, rom_version, BDADDR_FILE); 719 720 stream = fopen(bdaddr_file, "r"); 721 if (!stream) 722 return; 723 724 if (fgets(bdaddr, PATH_MAX - 1, stream)) 725 write_bdaddr(fd, bdaddr); 726 727 fclose(stream); 728 } 729 730 #define HCI_EVT_CMD_CMPL_OPCODE 3 731 #define HCI_EVT_CMD_CMPL_STATUS_RET_BYTE 5 732 733 void baswap(bdaddr_t *dst, const bdaddr_t *src) 734 { 735 register unsigned char *d = (unsigned char *) dst; 736 register const unsigned char *s = (const unsigned char *) src; 737 register int i; 738 for (i = 0; i < 6; i++) 739 d[i] = s[5-i]; 740 } 741 742 743 int str2ba(const char *str, bdaddr_t *ba) 744 { 745 uint8_t b[6]; 746 const char *ptr = str; 747 int i; 748 749 for (i = 0; i < 6; i++) { 750 b[i] = (uint8_t) strtol(ptr, NULL, 16); 751 ptr = strchr(ptr, ':'); 752 if (i != 5 && !ptr) 753 ptr = ":00:00:00:00:00"; 754 ptr++; 755 } 756 baswap(ba, (bdaddr_t *) b); 757 return 0; 758 } 759 760 #define DEV_REGISTER 0x4FFC 761 #define GET_DEV_TYPE_OCF 0x05 762 763 static int get_device_type(int dev, uint32_t *code) 764 { 765 uint8_t cmd[8] = {0}; 766 uint8_t *event; 767 uint32_t reg; 768 int err; 769 uint8_t *ptr = cmd; 770 hci_command_hdr *ch = (void *)cmd; 771 772 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 773 GET_DEV_TYPE_OCF)); 774 ch->plen = 5; 775 ptr += HCI_COMMAND_HDR_SIZE; 776 777 ptr[0] = (uint8_t)DEV_REGISTER; 778 ptr[1] = (uint8_t)DEV_REGISTER >> 8; 779 ptr[2] = (uint8_t)DEV_REGISTER >> 16; 780 ptr[3] = (uint8_t)DEV_REGISTER >> 24; 781 ptr[4] = 0x04; 782 783 err = send_hci_cmd_sync(dev, cmd, sizeof(cmd), &event); 784 if (err < 0) 785 return err; 786 787 err = read_ps_event(event, GET_DEV_TYPE_OCF); 788 if (err < 0) 789 goto cleanup; 790 791 reg = event[10]; 792 reg = (reg << 8) | event[9]; 793 reg = (reg << 8) | event[8]; 794 reg = (reg << 8) | event[7]; 795 *code = reg; 796 797 cleanup: 798 free(event); 799 800 return err; 801 } 802 803 #define GET_VERSION_OCF 0x1E 804 805 static int read_ath3k_version(int pConfig, uint32_t *rom_version, 806 uint32_t *build_version) 807 { 808 uint8_t cmd[3] = {0}; 809 uint8_t *event; 810 int err; 811 int status; 812 hci_command_hdr *ch = (void *)cmd; 813 814 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 815 GET_VERSION_OCF)); 816 ch->plen = 0; 817 818 err = send_hci_cmd_sync(pConfig, cmd, sizeof(cmd), &event); 819 if (err < 0) 820 return err; 821 822 err = read_ps_event(event, GET_VERSION_OCF); 823 if (err < 0) 824 goto cleanup; 825 826 status = event[10]; 827 status = (status << 8) | event[9]; 828 status = (status << 8) | event[8]; 829 status = (status << 8) | event[7]; 830 *rom_version = status; 831 832 status = event[14]; 833 status = (status << 8) | event[13]; 834 status = (status << 8) | event[12]; 835 status = (status << 8) | event[11]; 836 *build_version = status; 837 838 cleanup: 839 free(event); 840 841 return err; 842 } 843 844 #define VERIFY_CRC 9 845 #define PS_REGION 1 846 #define PATCH_REGION 2 847 848 static int get_ath3k_crc(int dev) 849 { 850 uint8_t cmd[7] = {0}; 851 uint8_t *event; 852 int err; 853 854 load_hci_ps_hdr(cmd, VERIFY_CRC, 0, PS_REGION | PATCH_REGION); 855 856 err = send_hci_cmd_sync(dev, cmd, sizeof(cmd), &event); 857 if (err < 0) 858 return err; 859 /* Send error code if CRC check patched */ 860 if (read_ps_event(event, HCI_PS_CMD_OCF) >= 0) 861 err = -EILSEQ; 862 863 free(event); 864 865 return err; 866 } 867 868 #define SET_PATCH_RAM_ID 0x0D 869 #define SET_PATCH_RAM_CMD_SIZE 11 870 #define ADDRESS_LEN 4 871 static int set_patch_ram(int dev, char *patch_loc, int len) 872 { 873 int err; 874 uint8_t cmd[20] = {0}; 875 int i, j; 876 char loc_byte[3]; 877 uint8_t *event; 878 uint8_t *loc_ptr = &cmd[7]; 879 880 RESERVED(len); 881 882 if (!patch_loc) 883 return -1; 884 885 loc_byte[2] = '\0'; 886 887 load_hci_ps_hdr(cmd, SET_PATCH_RAM_ID, ADDRESS_LEN, 0); 888 889 for (i = 0, j = 3; i < 4; i++, j--) { 890 loc_byte[0] = patch_loc[0]; 891 loc_byte[1] = patch_loc[1]; 892 loc_ptr[j] = strtol(loc_byte, NULL, 16); 893 patch_loc += 2; 894 } 895 896 err = send_hci_cmd_sync(dev, cmd, SET_PATCH_RAM_CMD_SIZE, &event); 897 if (err < 0) 898 return err; 899 900 err = read_ps_event(event, HCI_PS_CMD_OCF); 901 902 free(event); 903 904 return err; 905 } 906 907 #define PATCH_LOC_KEY "DA:" 908 #define PATCH_LOC_STRING_LEN 8 909 static int ps_patch_download(int fd, FILE *stream) 910 { 911 char byte[3]; 912 char ptr[MAX_PATCH_CMD + 1]; 913 int byte_cnt; 914 int patch_count = 0; 915 char patch_loc[PATCH_LOC_STRING_LEN + 1]; 916 917 byte[2] = '\0'; 918 919 while (fgets(ptr, MAX_PATCH_CMD, stream)) { 920 if (strlen(ptr) <= 1) 921 continue; 922 else if (strstr(ptr, PATCH_LOC_KEY) == ptr) { 923 strlcpy(patch_loc, &ptr[sizeof(PATCH_LOC_KEY) - 1], 924 PATCH_LOC_STRING_LEN); 925 if (set_patch_ram(fd, patch_loc, sizeof(patch_loc)) < 0) 926 return -1; 927 } else if (isxdigit(ptr[0])) 928 break; 929 else 930 return -1; 931 } 932 933 byte_cnt = strtol(ptr, NULL, 16); 934 935 while (byte_cnt > 0) { 936 int i; 937 uint8_t cmd[HCI_MAX_CMD_SIZE] = {0}; 938 struct patch_entry patch; 939 940 if (byte_cnt > MAX_PATCH_CMD) 941 patch.len = MAX_PATCH_CMD; 942 else 943 patch.len = byte_cnt; 944 945 for (i = 0; i < patch.len; i++) { 946 if (!fgets(byte, 3, stream)) 947 return -1; 948 949 patch.data[i] = strtoul(byte, NULL, 16); 950 } 951 952 load_hci_ps_hdr(cmd, WRITE_PATCH, patch.len, patch_count); 953 memcpy(&cmd[HCI_PS_CMD_HDR_LEN], patch.data, patch.len); 954 955 if (write_cmd(fd, cmd, patch.len + HCI_PS_CMD_HDR_LEN) < 0) 956 return -1; 957 958 patch_count++; 959 byte_cnt = byte_cnt - MAX_PATCH_CMD; 960 } 961 962 if (write_ps_cmd(fd, ENABLE_PATCH, 0) < 0) 963 return -1; 964 965 return patch_count; 966 } 967 968 static int ath_ps_download(int fd) 969 { 970 int err = 0; 971 int tag_count; 972 int patch_count = 0; 973 uint32_t rom_version = 0; 974 uint32_t build_version = 0; 975 uint32_t dev_type = 0; 976 char patch_file[PATH_MAX]; 977 char ps_file[PATH_MAX]; 978 FILE *stream; 979 980 /* 981 * Verfiy firmware version. depending on it select the PS 982 * config file to download. 983 */ 984 if (get_device_type(fd, &dev_type) < 0) { 985 err = -EILSEQ; 986 goto download_cmplete; 987 } 988 989 if (read_ath3k_version(fd, &rom_version, &build_version) < 0) { 990 err = -EILSEQ; 991 goto download_cmplete; 992 } 993 994 /* Do not download configuration if CRC passes */ 995 if (get_ath3k_crc(fd) < 0) { 996 err = 0; 997 goto download_cmplete; 998 } 999 1000 get_ps_file_name(dev_type, rom_version, ps_file); 1001 get_patch_file_name(dev_type, rom_version, build_version, patch_file); 1002 1003 stream = fopen(ps_file, "r"); 1004 if (!stream) { 1005 ALOGI("firmware file open error:%s, ver:%x\n",ps_file, rom_version); 1006 if (rom_version == 0x1020201) 1007 err = 0; 1008 else 1009 err = -EILSEQ; 1010 goto download_cmplete; 1011 } 1012 tag_count = ath_parse_ps(stream); 1013 1014 fclose(stream); 1015 1016 if (tag_count < 0) { 1017 err = -EILSEQ; 1018 goto download_cmplete; 1019 } 1020 1021 /* 1022 * It is not necessary that Patch file be available, 1023 * continue with PS Operations if patch file is not available. 1024 */ 1025 if (patch_file[0] == '\0') 1026 err = 0; 1027 1028 stream = fopen(patch_file, "r"); 1029 if (!stream) 1030 err = 0; 1031 else { 1032 patch_count = ps_patch_download(fd, stream); 1033 fclose(stream); 1034 1035 if (patch_count < 0) { 1036 err = -EILSEQ; 1037 goto download_cmplete; 1038 } 1039 } 1040 1041 err = ps_config_download(fd, tag_count); 1042 1043 download_cmplete: 1044 if (!err) 1045 write_bdaddr_from_file(rom_version, fd); 1046 1047 return err; 1048 } 1049 1050 int ath3k_init(int fd, int speed, int init_speed, char *bdaddr, struct termios *ti) 1051 { 1052 ALOGI(" %s ", __FUNCTION__); 1053 1054 int r; 1055 int err = 0; 1056 struct timespec tm = { 0, 500000}; 1057 unsigned char cmd[MAX_CMD_LEN] = {0}; 1058 unsigned char rsp[HCI_MAX_EVENT_SIZE]; 1059 unsigned char *ptr = cmd + 1; 1060 hci_command_hdr *ch = (void *)ptr; 1061 int flags = 0; 1062 1063 if (ioctl(fd, TIOCMGET, &flags) < 0) { 1064 ALOGI("TIOCMGET failed in init\n"); 1065 return -1; 1066 } 1067 flags |= TIOCM_RTS; 1068 if (ioctl(fd, TIOCMSET, &flags) < 0) { 1069 ALOGI("TIOCMSET failed in init: HW Flow-on error\n"); 1070 return -1; 1071 } 1072 1073 /* set both controller and host baud rate to maximum possible value */ 1074 err = set_cntrlr_baud(fd, speed); 1075 ALOGI("set_cntrlr_baud : ret:%d \n", err); 1076 if (err < 0) 1077 return err; 1078 1079 err = set_speed(fd, ti, speed); 1080 if (err < 0) { 1081 ALOGI("Can't set required baud rate"); 1082 return err; 1083 } 1084 1085 /* Download PS and patch */ 1086 r = ath_ps_download(fd); 1087 if (r < 0) { 1088 ALOGI("Failed to Download configuration"); 1089 err = -ETIMEDOUT; 1090 goto failed; 1091 } 1092 1093 ALOGI("ath_ps_download is done\n"); 1094 1095 cmd[0] = HCI_COMMAND_PKT; 1096 /* Write BDADDR */ 1097 if (bdaddr) { 1098 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 1099 HCI_PS_CMD_OCF)); 1100 ch->plen = 10; 1101 ptr += HCI_COMMAND_HDR_SIZE; 1102 1103 ptr[0] = 0x01; 1104 ptr[1] = 0x01; 1105 ptr[2] = 0x00; 1106 ptr[3] = 0x06; 1107 str2ba(bdaddr, (bdaddr_t *)(ptr + 4)); 1108 1109 if (write(fd, cmd, WRITE_BDADDR_CMD_LEN) != 1110 WRITE_BDADDR_CMD_LEN) { 1111 ALOGI("Failed to write BD_ADDR command\n"); 1112 err = -ETIMEDOUT; 1113 goto failed; 1114 } 1115 1116 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) { 1117 ALOGI("Failed to set BD_ADDR\n"); 1118 err = -ETIMEDOUT; 1119 goto failed; 1120 } 1121 } 1122 1123 /* Send HCI Reset */ 1124 cmd[1] = 0x03; 1125 cmd[2] = 0x0C; 1126 cmd[3] = 0x00; 1127 1128 r = write(fd, cmd, 4); 1129 if (r != 4) { 1130 err = -ETIMEDOUT; 1131 goto failed; 1132 } 1133 1134 nanosleep(&tm, NULL); 1135 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) { 1136 err = -ETIMEDOUT; 1137 goto failed; 1138 } 1139 1140 ALOGI("HCI Reset is done\n"); 1141 err = set_cntrlr_baud(fd, speed); 1142 if (err < 0) 1143 ALOGI("set_cntrlr_baud0:%d,%d\n", speed, err); 1144 1145 failed: 1146 if (err < 0) { 1147 set_cntrlr_baud(fd, init_speed); 1148 set_speed(fd, ti, init_speed); 1149 } 1150 1151 return err; 1152 1153 } 1154 #define BTPROTO_HCI 1 1155 1156 /* Open HCI device. 1157 * Returns device descriptor (dd). */ 1158 int hci_open_dev(int dev_id) 1159 { 1160 struct sockaddr_hci a; 1161 int dd, err; 1162 1163 /* Create HCI socket */ 1164 dd = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 1165 if (dd < 0) 1166 return dd; 1167 1168 /* Bind socket to the HCI device */ 1169 memset(&a, 0, sizeof(a)); 1170 a.hci_family = AF_BLUETOOTH; 1171 a.hci_dev = dev_id; 1172 if (bind(dd, (struct sockaddr *) &a, sizeof(a)) < 0) 1173 goto failed; 1174 1175 return dd; 1176 1177 failed: 1178 err = errno; 1179 close(dd); 1180 errno = err; 1181 1182 return -1; 1183 } 1184 1185 int hci_close_dev(int dd) 1186 { 1187 return close(dd); 1188 } 1189 1190 /* HCI functions that require open device 1191 * dd - Device descriptor returned by hci_open_dev. */ 1192 1193 int hci_send_cmd(int dd, uint16_t ogf, uint16_t ocf, uint8_t plen, void *param) 1194 { 1195 uint8_t type = HCI_COMMAND_PKT; 1196 hci_command_hdr hc; 1197 struct iovec iv[3]; 1198 int ivn; 1199 1200 hc.opcode = htobs(cmd_opcode_pack(ogf, ocf)); 1201 hc.plen= plen; 1202 1203 iv[0].iov_base = &type; 1204 iv[0].iov_len = 1; 1205 iv[1].iov_base = &hc; 1206 iv[1].iov_len = HCI_COMMAND_HDR_SIZE; 1207 ivn = 2; 1208 1209 if (plen) { 1210 iv[2].iov_base = param; 1211 iv[2].iov_len = plen; 1212 ivn = 3; 1213 } 1214 1215 while (writev(dd, iv, ivn) < 0) { 1216 if (errno == EAGAIN || errno == EINTR) 1217 continue; 1218 return -1; 1219 } 1220 return 0; 1221 } 1222 1223 #define HCI_SLEEP_CMD_OCF 0x04 1224 #define TIOCSETD 0x5423 1225 #define HCIUARTSETFLAGS _IOW('U', 204, int) 1226 #define HCIUARTSETPROTO _IOW('U', 200, int) 1227 #define HCIUARTGETDEVICE _IOW('U', 202, int) 1228 /* 1229 * Atheros AR300x specific initialization post callback 1230 */ 1231 int ath3k_post(int fd, int pm) 1232 { 1233 int dev_id, dd; 1234 struct timespec tm = { 0, 50000}; 1235 1236 sleep(1); 1237 1238 dev_id = ioctl(fd, HCIUARTGETDEVICE, 0); 1239 if (dev_id < 0) { 1240 perror("cannot get device id"); 1241 return dev_id; 1242 } 1243 1244 dd = hci_open_dev(dev_id); 1245 if (dd < 0) { 1246 perror("HCI device open failed"); 1247 return dd; 1248 } 1249 1250 if (ioctl(dd, HCIDEVUP, dev_id) < 0 && errno != EALREADY) { 1251 perror("hci down:Power management Disabled"); 1252 hci_close_dev(dd); 1253 return -1; 1254 } 1255 1256 /* send vendor specific command with Sleep feature Enabled */ 1257 if (hci_send_cmd(dd, OGF_VENDOR_CMD, HCI_SLEEP_CMD_OCF, 1, &pm) < 0) 1258 perror("PM command failed, power management Disabled"); 1259 1260 nanosleep(&tm, NULL); 1261 hci_close_dev(dd); 1262 1263 return 0; 1264 } 1265 1266 1267 1268 #define FLOW_CTL 0x0001 1269 #define ENABLE_PM 1 1270 #define DISABLE_PM 0 1271 1272 /* Initialize UART driver */ 1273 static int init_uart(char *dev, struct uart_t *u, int send_break, int raw) 1274 { 1275 ALOGI(" %s ", __FUNCTION__); 1276 1277 struct termios ti; 1278 1279 int i, fd; 1280 unsigned long flags = 0; 1281 1282 if (raw) 1283 flags |= 1 << HCI_UART_RAW_DEVICE; 1284 1285 1286 fd = open(dev, O_RDWR | O_NOCTTY); 1287 1288 if (fd < 0) { 1289 ALOGI("Can't open serial port"); 1290 return -1; 1291 } 1292 1293 1294 tcflush(fd, TCIOFLUSH); 1295 1296 if (tcgetattr(fd, &ti) < 0) { 1297 ALOGI("Can't get port settings: %d\n", errno); 1298 return -1; 1299 } 1300 1301 cfmakeraw(&ti); 1302 1303 ti.c_cflag |= CLOCAL; 1304 if (u->flags & FLOW_CTL) 1305 ti.c_cflag |= CRTSCTS; 1306 else 1307 ti.c_cflag &= ~CRTSCTS; 1308 1309 if (tcsetattr(fd, TCSANOW, &ti) < 0) { 1310 ALOGI("Can't set port settings"); 1311 return -1; 1312 } 1313 1314 if (set_speed(fd, &ti, u->init_speed) < 0) { 1315 ALOGI("Can't set initial baud rate"); 1316 return -1; 1317 } 1318 1319 tcflush(fd, TCIOFLUSH); 1320 1321 if (send_break) { 1322 tcsendbreak(fd, 0); 1323 usleep(500000); 1324 } 1325 1326 ath3k_init(fd,u->speed,u->init_speed,u->bdaddr, &ti); 1327 1328 ALOGI("Device setup complete\n"); 1329 1330 1331 tcflush(fd, TCIOFLUSH); 1332 1333 // Set actual baudrate 1334 /* 1335 if (set_speed(fd, &ti, u->speed) < 0) { 1336 perror("Can't set baud rate"); 1337 return -1; 1338 } 1339 1340 i = N_HCI; 1341 if (ioctl(fd, TIOCSETD, &i) < 0) { 1342 perror("Can't set line discipline"); 1343 return -1; 1344 } 1345 1346 if (flags && ioctl(fd, HCIUARTSETFLAGS, flags) < 0) { 1347 perror("Can't set UART flags"); 1348 return -1; 1349 } 1350 1351 if (ioctl(fd, HCIUARTSETPROTO, u->proto) < 0) { 1352 perror("Can't set device"); 1353 return -1; 1354 } 1355 1356 #if !defined(SW_BOARD_HAVE_BLUETOOTH_RTK) 1357 ath3k_post(fd, u->pm); 1358 #endif 1359 */ 1360 1361 return fd; 1362 } 1363 1364 1365 int hw_config_ath3k(char *port_name) 1366 { 1367 ALOGI(" %s ", __FUNCTION__); 1368 PSCounter=0; 1369 struct sigaction sa; 1370 struct uart_t u ; 1371 int n=0,send_break=0,raw=0; 1372 1373 memset(&u, 0, sizeof(u)); 1374 u.speed =3000000; 1375 u.init_speed =115200; 1376 u.flags |= FLOW_CTL; 1377 u.pm = DISABLE_PM; 1378 1379 n = init_uart(port_name, &u, send_break, raw); 1380 if (n < 0) { 1381 ALOGI("Can't initialize device"); 1382 } 1383 1384 return n; 1385 } 1386 1387 void lpm_set_ar3k(uint8_t pio, uint8_t action, uint8_t polarity) 1388 { 1389 int rc; 1390 int fd = -1; 1391 char buffer; 1392 1393 ALOGI("lpm mode: %d action: %d", pio, action); 1394 1395 RESERVED(polarity); 1396 1397 switch (pio) 1398 { 1399 case UPIO_LPM_MODE: 1400 if (upio_state[UPIO_LPM_MODE] == action) 1401 { 1402 ALOGI("LPM is %s already", lpm_mode[action]); 1403 return; 1404 } 1405 1406 fd = open(VENDOR_LPM_PROC_NODE, O_WRONLY); 1407 1408 if (fd < 0) 1409 { 1410 ALOGE("upio_set : open(%s) for write failed: %s (%d)", 1411 VENDOR_LPM_PROC_NODE, strerror(errno), errno); 1412 return; 1413 } 1414 1415 if (action == UPIO_ASSERT) 1416 { 1417 buffer = '1'; 1418 } 1419 else 1420 { 1421 buffer = '0'; 1422 } 1423 1424 if (write(fd, &buffer, 1) < 0) 1425 { 1426 ALOGE("upio_set : write(%s) failed: %s (%d)", 1427 VENDOR_LPM_PROC_NODE, strerror(errno),errno); 1428 } 1429 else 1430 { 1431 upio_state[UPIO_LPM_MODE] = action; 1432 ALOGI("LPM is set to %s", lpm_mode[action]); 1433 } 1434 1435 if (fd >= 0) 1436 close(fd); 1437 1438 break; 1439 1440 case UPIO_BT_WAKE: 1441 /* UPIO_DEASSERT should be allowed because in Rx case assert occur 1442 * from the remote side where as deassert will be initiated from Host 1443 */ 1444 if ((action == UPIO_ASSERT) && (upio_state[UPIO_BT_WAKE] == action)) 1445 { 1446 ALOGI("BT_WAKE is %s already", lpm_state[action]); 1447 1448 return; 1449 } 1450 1451 if (action == UPIO_DEASSERT) 1452 buffer = '0'; 1453 else 1454 buffer = '1'; 1455 1456 fd = open(VENDOR_BTWRITE_PROC_NODE, O_WRONLY); 1457 1458 if (fd < 0) 1459 { 1460 ALOGE("upio_set : open(%s) for write failed: %s (%d)", 1461 VENDOR_BTWRITE_PROC_NODE, strerror(errno), errno); 1462 return; 1463 } 1464 1465 if (write(fd, &buffer, 1) < 0) 1466 { 1467 ALOGE("upio_set : write(%s) failed: %s (%d)", 1468 VENDOR_BTWRITE_PROC_NODE, strerror(errno),errno); 1469 } 1470 else 1471 { 1472 upio_state[UPIO_BT_WAKE] = action; 1473 ALOGI("BT_WAKE is set to %s", lpm_state[action]); 1474 } 1475 1476 ALOGI("proc btwrite assertion"); 1477 1478 if (fd >= 0) 1479 close(fd); 1480 1481 break; 1482 1483 case UPIO_HOST_WAKE: 1484 ALOGI("upio_set: UPIO_HOST_WAKE"); 1485 break; 1486 } 1487 1488 } 1489