1 /* 2 * 3 * Copyright (c) 2013, The Linux Foundation. All rights reserved. 4 * Not a Contribution. 5 * 6 * Copyright 2012 The Android Open Source Project 7 * 8 * Licensed under the Apache License, Version 2.0 (the "License"); you 9 * may not use this file except in compliance with the License. You may 10 * obtain a copy of the License at 11 * 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, software 15 * distributed under the License is distributed on an "AS IS" BASIS, 16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 17 * implied. See the License for the specific language governing 18 * permissions and limitations under the License. 19 * 20 */ 21 22 /****************************************************************************** 23 * 24 * Filename: hw_ar3k.c 25 * 26 * Description: Contains controller-specific functions, like 27 * firmware patch download 28 * low power mode operations 29 * 30 ******************************************************************************/ 31 #ifdef __cplusplus 32 extern "C" { 33 #endif 34 35 #define LOG_TAG "bt_vendor" 36 37 #include <sys/socket.h> 38 #include <utils/Log.h> 39 #include <sys/types.h> 40 #include <sys/stat.h> 41 #include <signal.h> 42 #include <time.h> 43 #include <errno.h> 44 #include <fcntl.h> 45 #include <dirent.h> 46 #include <ctype.h> 47 #include <cutils/properties.h> 48 #include <stdlib.h> 49 #include <termios.h> 50 #include <string.h> 51 52 #include "bt_hci_bdroid.h" 53 #include "bt_vendor_qcom.h" 54 #include "hci_uart.h" 55 #include "hw_ar3k.h" 56 #include "bt_vendor_qcom.h" 57 58 /****************************************************************************** 59 ** Variables 60 ******************************************************************************/ 61 int cbstat = 0; 62 #define PATCH_LOC_STRING_LEN 8 63 char ARbyte[3]; 64 char ARptr[MAX_PATCH_CMD + 1]; 65 int byte_cnt; 66 int patch_count = 0; 67 char patch_loc[PATCH_LOC_STRING_LEN + 1]; 68 int PSCounter=0; 69 70 uint32_t dev_type = 0; 71 uint32_t rom_version = 0; 72 uint32_t build_version = 0; 73 74 char patch_file[PATH_MAX]; 75 char ps_file[PATH_MAX]; 76 FILE *stream; 77 int tag_count=0; 78 79 /* for friendly debugging outpout string */ 80 static char *lpm_mode[] = { 81 "UNKNOWN", 82 "disabled", 83 "enabled" 84 }; 85 86 static char *lpm_state[] = { 87 "UNKNOWN", 88 "de-asserted", 89 "asserted" 90 }; 91 92 static uint8_t upio_state[UPIO_MAX_COUNT]; 93 struct ps_cfg_entry ps_list[MAX_TAGS]; 94 95 #define PS_EVENT_LEN 100 96 97 #ifdef __cplusplus 98 } 99 #endif 100 101 #define RESERVED(p) if(p) ALOGI( "%s: reserved param", __FUNCTION__); 102 103 /***************************************************************************** 104 ** Functions 105 *****************************************************************************/ 106 107 int is_bt_soc_ath() { 108 int ret = 0; 109 char bt_soc_type[PROPERTY_VALUE_MAX]; 110 ret = property_get("qcom.bluetooth.soc", bt_soc_type, NULL); 111 if (ret != 0) { 112 ALOGI("qcom.bluetooth.soc set to %s\n", bt_soc_type); 113 if (!strncasecmp(bt_soc_type, "ath3k", sizeof("ath3k"))) 114 return 1; 115 } else { 116 ALOGI("qcom.bluetooth.soc not set, so using default.\n"); 117 } 118 119 return 0; 120 } 121 122 /* 123 * Send HCI command and wait for command complete event. 124 * The event buffer has to be freed by the caller. 125 */ 126 127 static int send_hci_cmd_sync(int dev, uint8_t *cmd, int len, uint8_t **event) 128 { 129 int err; 130 uint8_t *hci_event; 131 uint8_t pkt_type = HCI_COMMAND_PKT; 132 133 if (len == 0) 134 return len; 135 136 if (write(dev, &pkt_type, 1) != 1) 137 return -EILSEQ; 138 if (write(dev, (unsigned char *)cmd, len) != len) 139 return -EILSEQ; 140 141 hci_event = (uint8_t *)malloc(PS_EVENT_LEN); 142 if (!hci_event) 143 return -ENOMEM; 144 145 err = read_hci_event(dev, (unsigned char *)hci_event, PS_EVENT_LEN); 146 if (err > 0) { 147 *event = hci_event; 148 } else { 149 free(hci_event); 150 return -EILSEQ; 151 } 152 153 return len; 154 } 155 156 static void convert_bdaddr(char *str_bdaddr, char *bdaddr) 157 { 158 char bdbyte[3]; 159 char *str_byte = str_bdaddr; 160 int i, j; 161 int colon_present = 0; 162 163 if (strstr(str_bdaddr, ":")) 164 colon_present = 1; 165 166 bdbyte[2] = '\0'; 167 168 /* Reverse the BDADDR to LSB first */ 169 for (i = 0, j = 5; i < 6; i++, j--) { 170 bdbyte[0] = str_byte[0]; 171 bdbyte[1] = str_byte[1]; 172 bdaddr[j] = strtol(bdbyte, NULL, 16); 173 174 if (colon_present == 1) 175 str_byte += 3; 176 else 177 str_byte += 2; 178 } 179 } 180 181 static int uart_speed(int s) 182 { 183 switch (s) { 184 case 9600: 185 return B9600; 186 case 19200: 187 return B19200; 188 case 38400: 189 return B38400; 190 case 57600: 191 return B57600; 192 case 115200: 193 return B115200; 194 case 230400: 195 return B230400; 196 case 460800: 197 return B460800; 198 case 500000: 199 return B500000; 200 case 576000: 201 return B576000; 202 case 921600: 203 return B921600; 204 case 1000000: 205 return B1000000; 206 case 1152000: 207 return B1152000; 208 case 1500000: 209 return B1500000; 210 case 2000000: 211 return B2000000; 212 #ifdef B2500000 213 case 2500000: 214 return B2500000; 215 #endif 216 #ifdef B3000000 217 case 3000000: 218 return B3000000; 219 #endif 220 #ifdef B3500000 221 case 3500000: 222 return B3500000; 223 #endif 224 #ifdef B4000000 225 case 4000000: 226 return B4000000; 227 #endif 228 default: 229 return B57600; 230 } 231 } 232 233 int set_speed(int fd, struct termios *ti, int speed) 234 { 235 if (cfsetospeed(ti, uart_speed(speed)) < 0) 236 return -errno; 237 238 if (cfsetispeed(ti, uart_speed(speed)) < 0) 239 return -errno; 240 241 if (tcsetattr(fd, TCSANOW, ti) < 0) 242 return -errno; 243 244 return 0; 245 } 246 247 static void load_hci_ps_hdr(uint8_t *cmd, uint8_t ps_op, int len, int index) 248 { 249 hci_command_hdr *ch = (void *)cmd; 250 251 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 252 HCI_PS_CMD_OCF)); 253 ch->plen = len + PS_HDR_LEN; 254 cmd += HCI_COMMAND_HDR_SIZE; 255 256 cmd[0] = ps_op; 257 cmd[1] = index; 258 cmd[2] = index >> 8; 259 cmd[3] = len; 260 } 261 262 263 static int read_ps_event(uint8_t *event, uint16_t ocf) 264 { 265 hci_event_hdr *eh; 266 uint16_t opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, ocf)); 267 268 event++; 269 270 eh = (void *)event; 271 event += HCI_EVENT_HDR_SIZE; 272 273 if (eh->evt == EVT_CMD_COMPLETE) { 274 evt_cmd_complete *cc = (void *)event; 275 276 event += EVT_CMD_COMPLETE_SIZE; 277 278 if (cc->opcode == opcode && event[0] == HCI_EV_SUCCESS) 279 return 0; 280 else 281 return -EILSEQ; 282 } 283 284 return -EILSEQ; 285 } 286 287 #define PS_WRITE 1 288 #define PS_RESET 2 289 #define WRITE_PATCH 8 290 #define ENABLE_PATCH 11 291 292 #define HCI_PS_CMD_HDR_LEN 7 293 294 static int write_cmd(int fd, uint8_t *buffer, int len) 295 { 296 uint8_t *event; 297 int err; 298 299 err = send_hci_cmd_sync(fd, buffer, len, &event); 300 if (err < 0) 301 return err; 302 303 err = read_ps_event(event, HCI_PS_CMD_OCF); 304 305 free(event); 306 307 return err; 308 } 309 310 #define PS_RESET_PARAM_LEN 6 311 #define PS_RESET_CMD_LEN (HCI_PS_CMD_HDR_LEN + PS_RESET_PARAM_LEN) 312 313 #define PS_ID_MASK 0xFF 314 315 /* Sends PS commands using vendor specficic HCI commands */ 316 static int write_ps_cmd(int fd, uint8_t opcode, uint32_t ps_param) 317 { 318 uint8_t cmd[HCI_MAX_CMD_SIZE]; 319 uint32_t i; 320 321 switch (opcode) { 322 case ENABLE_PATCH: 323 load_hci_ps_hdr(cmd, opcode, 0, 0x00); 324 325 if (write_cmd(fd, cmd, HCI_PS_CMD_HDR_LEN) < 0) 326 return -EILSEQ; 327 break; 328 329 case PS_RESET: 330 load_hci_ps_hdr(cmd, opcode, PS_RESET_PARAM_LEN, 0x00); 331 332 cmd[7] = 0x00; 333 cmd[PS_RESET_CMD_LEN - 2] = ps_param & PS_ID_MASK; 334 cmd[PS_RESET_CMD_LEN - 1] = (ps_param >> 8) & PS_ID_MASK; 335 336 if (write_cmd(fd, cmd, PS_RESET_CMD_LEN) < 0) 337 return -EILSEQ; 338 break; 339 340 case PS_WRITE: 341 for (i = 0; i < ps_param; i++) { 342 load_hci_ps_hdr(cmd, opcode, ps_list[i].len, 343 ps_list[i].id); 344 345 memcpy(&cmd[HCI_PS_CMD_HDR_LEN], ps_list[i].data, 346 ps_list[i].len); 347 348 if (write_cmd(fd, cmd, ps_list[i].len + 349 HCI_PS_CMD_HDR_LEN) < 0) 350 return -EILSEQ; 351 } 352 break; 353 } 354 355 return 0; 356 } 357 358 #define PS_ASIC_FILE "PS_ASIC.pst" 359 #define PS_FPGA_FILE "PS_FPGA.pst" 360 #define MAXPATHLEN 4096 361 static void get_ps_file_name(uint32_t devtype, uint32_t rom_version,char *path) 362 { 363 char *filename; 364 365 if (devtype == 0xdeadc0de) 366 filename = PS_ASIC_FILE; 367 else 368 filename = PS_FPGA_FILE; 369 370 snprintf(path, MAXPATHLEN, "%s%x/%s", FW_PATH, rom_version, filename); 371 } 372 373 #define PATCH_FILE "RamPatch.txt" 374 #define FPGA_ROM_VERSION 0x99999999 375 #define ROM_DEV_TYPE 0xdeadc0de 376 377 static void get_patch_file_name(uint32_t dev_type, uint32_t rom_version, 378 uint32_t build_version, char *path) 379 { 380 if (rom_version == FPGA_ROM_VERSION && dev_type != ROM_DEV_TYPE 381 &&dev_type != 0 && build_version == 1) 382 path[0] = '\0'; 383 else 384 snprintf(path, MAXPATHLEN, "%s%x/%s", FW_PATH, rom_version, PATCH_FILE); 385 } 386 387 static int set_cntrlr_baud(int fd, int speed) 388 { 389 int baud; 390 struct timespec tm = { 0, 500000}; 391 unsigned char cmd[MAX_CMD_LEN], rsp[HCI_MAX_EVENT_SIZE]; 392 unsigned char *ptr = cmd + 1; 393 hci_command_hdr *ch = (void *)ptr; 394 395 cmd[0] = HCI_COMMAND_PKT; 396 397 /* set controller baud rate to user specified value */ 398 ptr = cmd + 1; 399 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 400 HCI_CHG_BAUD_CMD_OCF)); 401 ch->plen = 2; 402 ptr += HCI_COMMAND_HDR_SIZE; 403 404 baud = speed/100; 405 ptr[0] = (char)baud; 406 ptr[1] = (char)(baud >> 8); 407 408 if (write(fd, cmd, WRITE_BAUD_CMD_LEN) != WRITE_BAUD_CMD_LEN) { 409 ALOGI("Failed to write change baud rate command"); 410 return -ETIMEDOUT; 411 } 412 413 nanosleep(&tm, NULL); 414 415 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) 416 return -ETIMEDOUT; 417 418 return 0; 419 } 420 421 #define PS_UNDEF 0 422 #define PS_ID 1 423 #define PS_LEN 2 424 #define PS_DATA 3 425 426 #define PS_MAX_LEN 500 427 #define LINE_SIZE_MAX (PS_MAX_LEN * 2) 428 #define ENTRY_PER_LINE 16 429 430 #define __check_comment(buf) (((buf)[0] == '/') && ((buf)[1] == '/')) 431 #define __skip_space(str) while (*(str) == ' ') ((str)++) 432 433 434 #define __is_delim(ch) ((ch) == ':') 435 #define MAX_PREAMBLE_LEN 4 436 437 /* Parse PS entry preamble of format [X:X] for main type and subtype */ 438 static int get_ps_type(char *ptr, int index, char *type, char *sub_type) 439 { 440 int i; 441 int delim = FALSE; 442 443 if (index > MAX_PREAMBLE_LEN) 444 return -EILSEQ; 445 446 for (i = 1; i < index; i++) { 447 if (__is_delim(ptr[i])) { 448 delim = TRUE; 449 continue; 450 } 451 452 if (isalpha(ptr[i])) { 453 if (delim == FALSE) 454 (*type) = toupper(ptr[i]); 455 else 456 (*sub_type) = toupper(ptr[i]); 457 } 458 } 459 460 return 0; 461 } 462 463 #define ARRAY 'A' 464 #define STRING 'S' 465 #define DECIMAL 'D' 466 #define BINARY 'B' 467 468 #define PS_HEX 0 469 #define PS_DEC 1 470 471 static int get_input_format(char *buf, struct ps_entry_type *format) 472 { 473 char *ptr = NULL; 474 char type = '\0'; 475 char sub_type = '\0'; 476 477 format->type = PS_HEX; 478 format->array = TRUE; 479 480 if (strstr(buf, "[") != buf) 481 return 0; 482 483 ptr = strstr(buf, "]"); 484 if (!ptr) 485 return -EILSEQ; 486 487 if (get_ps_type(buf, ptr - buf, &type, &sub_type) < 0) 488 return -EILSEQ; 489 490 /* Check is data type is of array */ 491 if (type == ARRAY || sub_type == ARRAY) 492 format->array = TRUE; 493 494 if (type == STRING || sub_type == STRING) 495 format->array = FALSE; 496 497 if (type == DECIMAL || type == BINARY) 498 format->type = PS_DEC; 499 else 500 format->type = PS_HEX; 501 502 return 0; 503 } 504 505 506 507 #define UNDEFINED 0xFFFF 508 509 static unsigned int read_data_in_section(char *buf, struct ps_entry_type type) 510 { 511 char *ptr = buf; 512 513 if (!buf) 514 return UNDEFINED; 515 516 if (buf == strstr(buf, "[")) { 517 ptr = strstr(buf, "]"); 518 if (!ptr) 519 return UNDEFINED; 520 521 ptr++; 522 } 523 524 if (type.type == PS_HEX && type.array != TRUE) 525 return strtol(ptr, NULL, 16); 526 527 return UNDEFINED; 528 } 529 530 531 /* Read PS entries as string, convert and add to Hex array */ 532 static void update_tag_data(struct ps_cfg_entry *tag, 533 struct tag_info *info, const char *ptr) 534 { 535 char buf[3]; 536 537 buf[2] = '\0'; 538 539 strlcpy(buf, &ptr[info->char_cnt],sizeof(buf)); 540 tag->data[info->byte_count] = strtol(buf, NULL, 16); 541 info->char_cnt += 3; 542 info->byte_count++; 543 544 strlcpy(buf, &ptr[info->char_cnt], sizeof(buf)); 545 tag->data[info->byte_count] = strtol(buf, NULL, 16); 546 info->char_cnt += 3; 547 info->byte_count++; 548 } 549 550 static inline int update_char_count(const char *buf) 551 { 552 char *end_ptr; 553 554 if (strstr(buf, "[") == buf) { 555 end_ptr = strstr(buf, "]"); 556 if (!end_ptr) 557 return 0; 558 else 559 return(end_ptr - buf) + 1; 560 } 561 562 return 0; 563 } 564 565 #define PS_HEX 0 566 #define PS_DEC 1 567 568 static int ath_parse_ps(FILE *stream) 569 { 570 char buf[LINE_SIZE_MAX + 1]; 571 char *ptr; 572 uint8_t tag_cnt = 0; 573 int16_t byte_count = 0; 574 struct ps_entry_type format; 575 struct tag_info status = { 0, 0, 0, 0}; 576 577 do { 578 int read_count; 579 struct ps_cfg_entry *tag; 580 581 ptr = fgets(buf, LINE_SIZE_MAX, stream); 582 if (!ptr) 583 break; 584 585 __skip_space(ptr); 586 if (__check_comment(ptr)) 587 continue; 588 589 /* Lines with a '#' will be followed by new PS entry */ 590 if (ptr == strstr(ptr, "#")) { 591 if (status.section != PS_UNDEF) { 592 return -EILSEQ; 593 } else { 594 status.section = PS_ID; 595 continue; 596 } 597 } 598 599 tag = &ps_list[tag_cnt]; 600 601 switch (status.section) { 602 case PS_ID: 603 if (get_input_format(ptr, &format) < 0) 604 return -EILSEQ; 605 606 tag->id = read_data_in_section(ptr, format); 607 status.section = PS_LEN; 608 break; 609 610 case PS_LEN: 611 if (get_input_format(ptr, &format) < 0) 612 return -EILSEQ; 613 614 byte_count = read_data_in_section(ptr, format); 615 if (byte_count > PS_MAX_LEN) 616 return -EILSEQ; 617 618 tag->len = byte_count; 619 tag->data = (uint8_t *)malloc(byte_count); 620 621 status.section = PS_DATA; 622 status.line_count = 0; 623 break; 624 625 case PS_DATA: 626 if (status.line_count == 0) 627 if (get_input_format(ptr, &format) < 0) 628 return -EILSEQ; 629 630 __skip_space(ptr); 631 632 status.char_cnt = update_char_count(ptr); 633 634 read_count = (byte_count > ENTRY_PER_LINE) ? 635 ENTRY_PER_LINE : byte_count; 636 637 if (format.type == PS_HEX && format.array == TRUE) { 638 while (read_count > 0) { 639 update_tag_data(tag, &status, ptr); 640 read_count -= 2; 641 } 642 643 if (byte_count > ENTRY_PER_LINE) 644 byte_count -= ENTRY_PER_LINE; 645 else 646 byte_count = 0; 647 } 648 649 status.line_count++; 650 651 if (byte_count == 0) 652 memset(&status, 0x00, sizeof(struct tag_info)); 653 654 if (status.section == PS_UNDEF) 655 tag_cnt++; 656 657 if (tag_cnt == MAX_TAGS) 658 return -EILSEQ; 659 break; 660 } 661 } while (ptr); 662 663 return tag_cnt; 664 } 665 666 #define PS_RAM_SIZE 2048 667 668 static int ps_config_download(int fd, int tag_count) 669 { 670 if (write_ps_cmd(fd, PS_RESET, PS_RAM_SIZE) < 0) 671 return -1; 672 673 if (tag_count > 0) 674 if (write_ps_cmd(fd, PS_WRITE, tag_count) < 0) 675 return -1; 676 return 0; 677 } 678 679 static int write_bdaddr(int pConfig, char *bdaddr) 680 { 681 uint8_t *event; 682 int err; 683 uint8_t cmd[13]; 684 uint8_t *ptr = cmd; 685 hci_command_hdr *ch = (void *)cmd; 686 687 memset(cmd, 0, sizeof(cmd)); 688 689 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 690 HCI_PS_CMD_OCF)); 691 ch->plen = 10; 692 ptr += HCI_COMMAND_HDR_SIZE; 693 694 ptr[0] = 0x01; 695 ptr[1] = 0x01; 696 ptr[2] = 0x00; 697 ptr[3] = 0x06; 698 699 convert_bdaddr(bdaddr, (char *)&ptr[4]); 700 701 err = send_hci_cmd_sync(pConfig, cmd, sizeof(cmd), &event); 702 if (err < 0) 703 return err; 704 705 err = read_ps_event(event, HCI_PS_CMD_OCF); 706 707 free(event); 708 709 return err; 710 } 711 712 static void write_bdaddr_from_file(int rom_version, int fd) 713 { 714 FILE *stream; 715 char bdaddr[PATH_MAX]; 716 char bdaddr_file[PATH_MAX]; 717 718 snprintf(bdaddr_file, MAXPATHLEN, "%s%x/%s", 719 FW_PATH, rom_version, BDADDR_FILE); 720 721 stream = fopen(bdaddr_file, "r"); 722 if (!stream) 723 return; 724 725 if (fgets(bdaddr, PATH_MAX - 1, stream)) 726 write_bdaddr(fd, bdaddr); 727 728 fclose(stream); 729 } 730 731 #define HCI_EVT_CMD_CMPL_OPCODE 3 732 #define HCI_EVT_CMD_CMPL_STATUS_RET_BYTE 5 733 734 void baswap(bdaddr_t *dst, const bdaddr_t *src) 735 { 736 register unsigned char *d = (unsigned char *) dst; 737 register const unsigned char *s = (const unsigned char *) src; 738 register int i; 739 for (i = 0; i < 6; i++) 740 d[i] = s[5-i]; 741 } 742 743 744 int str2ba(const char *str, bdaddr_t *ba) 745 { 746 uint8_t b[6]; 747 const char *ptr = str; 748 int i; 749 750 for (i = 0; i < 6; i++) { 751 b[i] = (uint8_t) strtol(ptr, NULL, 16); 752 ptr = strchr(ptr, ':'); 753 if (i != 5 && !ptr) 754 ptr = ":00:00:00:00:00"; 755 ptr++; 756 } 757 baswap(ba, (bdaddr_t *) b); 758 return 0; 759 } 760 761 #define DEV_REGISTER 0x4FFC 762 #define GET_DEV_TYPE_OCF 0x05 763 764 static int get_device_type(int dev, uint32_t *code) 765 { 766 uint8_t cmd[8] = {0}; 767 uint8_t *event; 768 uint32_t reg; 769 int err; 770 uint8_t *ptr = cmd; 771 hci_command_hdr *ch = (void *)cmd; 772 773 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 774 GET_DEV_TYPE_OCF)); 775 ch->plen = 5; 776 ptr += HCI_COMMAND_HDR_SIZE; 777 778 ptr[0] = (uint8_t)DEV_REGISTER; 779 ptr[1] = (uint8_t)DEV_REGISTER >> 8; 780 ptr[2] = (uint8_t)DEV_REGISTER >> 16; 781 ptr[3] = (uint8_t)DEV_REGISTER >> 24; 782 ptr[4] = 0x04; 783 784 err = send_hci_cmd_sync(dev, cmd, sizeof(cmd), &event); 785 if (err < 0) 786 return err; 787 788 err = read_ps_event(event, GET_DEV_TYPE_OCF); 789 if (err < 0) 790 goto cleanup; 791 792 reg = event[10]; 793 reg = (reg << 8) | event[9]; 794 reg = (reg << 8) | event[8]; 795 reg = (reg << 8) | event[7]; 796 *code = reg; 797 798 cleanup: 799 free(event); 800 801 return err; 802 } 803 804 #define GET_VERSION_OCF 0x1E 805 806 static int read_ath3k_version(int pConfig, uint32_t *rom_version, 807 uint32_t *build_version) 808 { 809 uint8_t cmd[3] = {0}; 810 uint8_t *event; 811 int err; 812 int status; 813 hci_command_hdr *ch = (void *)cmd; 814 815 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 816 GET_VERSION_OCF)); 817 ch->plen = 0; 818 819 err = send_hci_cmd_sync(pConfig, cmd, sizeof(cmd), &event); 820 if (err < 0) 821 return err; 822 823 err = read_ps_event(event, GET_VERSION_OCF); 824 if (err < 0) 825 goto cleanup; 826 827 status = event[10]; 828 status = (status << 8) | event[9]; 829 status = (status << 8) | event[8]; 830 status = (status << 8) | event[7]; 831 *rom_version = status; 832 833 status = event[14]; 834 status = (status << 8) | event[13]; 835 status = (status << 8) | event[12]; 836 status = (status << 8) | event[11]; 837 *build_version = status; 838 839 cleanup: 840 free(event); 841 842 return err; 843 } 844 845 #define VERIFY_CRC 9 846 #define PS_REGION 1 847 #define PATCH_REGION 2 848 849 static int get_ath3k_crc(int dev) 850 { 851 uint8_t cmd[7] = {0}; 852 uint8_t *event; 853 int err; 854 855 load_hci_ps_hdr(cmd, VERIFY_CRC, 0, PS_REGION | PATCH_REGION); 856 857 err = send_hci_cmd_sync(dev, cmd, sizeof(cmd), &event); 858 if (err < 0) 859 return err; 860 /* Send error code if CRC check patched */ 861 if (read_ps_event(event, HCI_PS_CMD_OCF) >= 0) 862 err = -EILSEQ; 863 864 free(event); 865 866 return err; 867 } 868 869 #define SET_PATCH_RAM_ID 0x0D 870 #define SET_PATCH_RAM_CMD_SIZE 11 871 #define ADDRESS_LEN 4 872 static int set_patch_ram(int dev, char *patch_loc, int len) 873 { 874 int err; 875 uint8_t cmd[20] = {0}; 876 int i, j; 877 char loc_byte[3]; 878 uint8_t *event; 879 uint8_t *loc_ptr = &cmd[7]; 880 881 RESERVED(len); 882 883 if (!patch_loc) 884 return -1; 885 886 loc_byte[2] = '\0'; 887 888 load_hci_ps_hdr(cmd, SET_PATCH_RAM_ID, ADDRESS_LEN, 0); 889 890 for (i = 0, j = 3; i < 4; i++, j--) { 891 loc_byte[0] = patch_loc[0]; 892 loc_byte[1] = patch_loc[1]; 893 loc_ptr[j] = strtol(loc_byte, NULL, 16); 894 patch_loc += 2; 895 } 896 897 err = send_hci_cmd_sync(dev, cmd, SET_PATCH_RAM_CMD_SIZE, &event); 898 if (err < 0) 899 return err; 900 901 err = read_ps_event(event, HCI_PS_CMD_OCF); 902 903 free(event); 904 905 return err; 906 } 907 908 #define PATCH_LOC_KEY "DA:" 909 #define PATCH_LOC_STRING_LEN 8 910 static int ps_patch_download(int fd, FILE *stream) 911 { 912 char byte[3]; 913 char ptr[MAX_PATCH_CMD + 1]; 914 int byte_cnt; 915 int patch_count = 0; 916 char patch_loc[PATCH_LOC_STRING_LEN + 1]; 917 918 byte[2] = '\0'; 919 920 while (fgets(ptr, MAX_PATCH_CMD, stream)) { 921 if (strlen(ptr) <= 1) 922 continue; 923 else if (strstr(ptr, PATCH_LOC_KEY) == ptr) { 924 strlcpy(patch_loc, &ptr[sizeof(PATCH_LOC_KEY) - 1], 925 PATCH_LOC_STRING_LEN); 926 if (set_patch_ram(fd, patch_loc, sizeof(patch_loc)) < 0) 927 return -1; 928 } else if (isxdigit(ptr[0])) 929 break; 930 else 931 return -1; 932 } 933 934 byte_cnt = strtol(ptr, NULL, 16); 935 936 while (byte_cnt > 0) { 937 int i; 938 uint8_t cmd[HCI_MAX_CMD_SIZE] = {0}; 939 struct patch_entry patch; 940 941 if (byte_cnt > MAX_PATCH_CMD) 942 patch.len = MAX_PATCH_CMD; 943 else 944 patch.len = byte_cnt; 945 946 for (i = 0; i < patch.len; i++) { 947 if (!fgets(byte, 3, stream)) 948 return -1; 949 950 patch.data[i] = strtoul(byte, NULL, 16); 951 } 952 953 load_hci_ps_hdr(cmd, WRITE_PATCH, patch.len, patch_count); 954 memcpy(&cmd[HCI_PS_CMD_HDR_LEN], patch.data, patch.len); 955 956 if (write_cmd(fd, cmd, patch.len + HCI_PS_CMD_HDR_LEN) < 0) 957 return -1; 958 959 patch_count++; 960 byte_cnt = byte_cnt - MAX_PATCH_CMD; 961 } 962 963 if (write_ps_cmd(fd, ENABLE_PATCH, 0) < 0) 964 return -1; 965 966 return patch_count; 967 } 968 969 static int ath_ps_download(int fd) 970 { 971 int err = 0; 972 int tag_count; 973 int patch_count = 0; 974 uint32_t rom_version = 0; 975 uint32_t build_version = 0; 976 uint32_t dev_type = 0; 977 char patch_file[PATH_MAX]; 978 char ps_file[PATH_MAX]; 979 FILE *stream; 980 981 /* 982 * Verfiy firmware version. depending on it select the PS 983 * config file to download. 984 */ 985 if (get_device_type(fd, &dev_type) < 0) { 986 err = -EILSEQ; 987 goto download_cmplete; 988 } 989 990 if (read_ath3k_version(fd, &rom_version, &build_version) < 0) { 991 err = -EILSEQ; 992 goto download_cmplete; 993 } 994 995 /* Do not download configuration if CRC passes */ 996 if (get_ath3k_crc(fd) < 0) { 997 err = 0; 998 goto download_cmplete; 999 } 1000 1001 get_ps_file_name(dev_type, rom_version, ps_file); 1002 get_patch_file_name(dev_type, rom_version, build_version, patch_file); 1003 1004 stream = fopen(ps_file, "r"); 1005 if (!stream) { 1006 ALOGI("firmware file open error:%s, ver:%x\n",ps_file, rom_version); 1007 if (rom_version == 0x1020201) 1008 err = 0; 1009 else 1010 err = -EILSEQ; 1011 goto download_cmplete; 1012 } 1013 tag_count = ath_parse_ps(stream); 1014 1015 fclose(stream); 1016 1017 if (tag_count < 0) { 1018 err = -EILSEQ; 1019 goto download_cmplete; 1020 } 1021 1022 /* 1023 * It is not necessary that Patch file be available, 1024 * continue with PS Operations if patch file is not available. 1025 */ 1026 if (patch_file[0] == '\0') 1027 err = 0; 1028 1029 stream = fopen(patch_file, "r"); 1030 if (!stream) 1031 err = 0; 1032 else { 1033 patch_count = ps_patch_download(fd, stream); 1034 fclose(stream); 1035 1036 if (patch_count < 0) { 1037 err = -EILSEQ; 1038 goto download_cmplete; 1039 } 1040 } 1041 1042 err = ps_config_download(fd, tag_count); 1043 1044 download_cmplete: 1045 if (!err) 1046 write_bdaddr_from_file(rom_version, fd); 1047 1048 return err; 1049 } 1050 1051 int ath3k_init(int fd, int speed, int init_speed, char *bdaddr, struct termios *ti) 1052 { 1053 ALOGI(" %s ", __FUNCTION__); 1054 1055 int r; 1056 int err = 0; 1057 struct timespec tm = { 0, 500000}; 1058 unsigned char cmd[MAX_CMD_LEN] = {0}; 1059 unsigned char rsp[HCI_MAX_EVENT_SIZE]; 1060 unsigned char *ptr = cmd + 1; 1061 hci_command_hdr *ch = (void *)ptr; 1062 int flags = 0; 1063 1064 if (ioctl(fd, TIOCMGET, &flags) < 0) { 1065 ALOGI("TIOCMGET failed in init\n"); 1066 return -1; 1067 } 1068 flags |= TIOCM_RTS; 1069 if (ioctl(fd, TIOCMSET, &flags) < 0) { 1070 ALOGI("TIOCMSET failed in init: HW Flow-on error\n"); 1071 return -1; 1072 } 1073 1074 /* set both controller and host baud rate to maximum possible value */ 1075 err = set_cntrlr_baud(fd, speed); 1076 ALOGI("set_cntrlr_baud : ret:%d \n", err); 1077 if (err < 0) 1078 return err; 1079 1080 err = set_speed(fd, ti, speed); 1081 if (err < 0) { 1082 ALOGI("Can't set required baud rate"); 1083 return err; 1084 } 1085 1086 /* Download PS and patch */ 1087 r = ath_ps_download(fd); 1088 if (r < 0) { 1089 ALOGI("Failed to Download configuration"); 1090 err = -ETIMEDOUT; 1091 goto failed; 1092 } 1093 1094 ALOGI("ath_ps_download is done\n"); 1095 1096 cmd[0] = HCI_COMMAND_PKT; 1097 /* Write BDADDR */ 1098 if (bdaddr) { 1099 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 1100 HCI_PS_CMD_OCF)); 1101 ch->plen = 10; 1102 ptr += HCI_COMMAND_HDR_SIZE; 1103 1104 ptr[0] = 0x01; 1105 ptr[1] = 0x01; 1106 ptr[2] = 0x00; 1107 ptr[3] = 0x06; 1108 str2ba(bdaddr, (bdaddr_t *)(ptr + 4)); 1109 1110 if (write(fd, cmd, WRITE_BDADDR_CMD_LEN) != 1111 WRITE_BDADDR_CMD_LEN) { 1112 ALOGI("Failed to write BD_ADDR command\n"); 1113 err = -ETIMEDOUT; 1114 goto failed; 1115 } 1116 1117 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) { 1118 ALOGI("Failed to set BD_ADDR\n"); 1119 err = -ETIMEDOUT; 1120 goto failed; 1121 } 1122 } 1123 1124 /* Send HCI Reset */ 1125 cmd[1] = 0x03; 1126 cmd[2] = 0x0C; 1127 cmd[3] = 0x00; 1128 1129 r = write(fd, cmd, 4); 1130 if (r != 4) { 1131 err = -ETIMEDOUT; 1132 goto failed; 1133 } 1134 1135 nanosleep(&tm, NULL); 1136 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) { 1137 err = -ETIMEDOUT; 1138 goto failed; 1139 } 1140 1141 ALOGI("HCI Reset is done\n"); 1142 err = set_cntrlr_baud(fd, speed); 1143 if (err < 0) 1144 ALOGI("set_cntrlr_baud0:%d,%d\n", speed, err); 1145 1146 failed: 1147 if (err < 0) { 1148 set_cntrlr_baud(fd, init_speed); 1149 set_speed(fd, ti, init_speed); 1150 } 1151 1152 return err; 1153 1154 } 1155 #define BTPROTO_HCI 1 1156 1157 /* Open HCI device. 1158 * Returns device descriptor (dd). */ 1159 int hci_open_dev(int dev_id) 1160 { 1161 struct sockaddr_hci a; 1162 int dd, err; 1163 1164 /* Create HCI socket */ 1165 dd = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 1166 if (dd < 0) 1167 return dd; 1168 1169 /* Bind socket to the HCI device */ 1170 memset(&a, 0, sizeof(a)); 1171 a.hci_family = AF_BLUETOOTH; 1172 a.hci_dev = dev_id; 1173 if (bind(dd, (struct sockaddr *) &a, sizeof(a)) < 0) 1174 goto failed; 1175 1176 return dd; 1177 1178 failed: 1179 err = errno; 1180 close(dd); 1181 errno = err; 1182 1183 return -1; 1184 } 1185 1186 int hci_close_dev(int dd) 1187 { 1188 return close(dd); 1189 } 1190 1191 /* HCI functions that require open device 1192 * dd - Device descriptor returned by hci_open_dev. */ 1193 1194 int hci_send_cmd(int dd, uint16_t ogf, uint16_t ocf, uint8_t plen, void *param) 1195 { 1196 uint8_t type = HCI_COMMAND_PKT; 1197 hci_command_hdr hc; 1198 struct iovec iv[3]; 1199 int ivn; 1200 1201 hc.opcode = htobs(cmd_opcode_pack(ogf, ocf)); 1202 hc.plen= plen; 1203 1204 iv[0].iov_base = &type; 1205 iv[0].iov_len = 1; 1206 iv[1].iov_base = &hc; 1207 iv[1].iov_len = HCI_COMMAND_HDR_SIZE; 1208 ivn = 2; 1209 1210 if (plen) { 1211 iv[2].iov_base = param; 1212 iv[2].iov_len = plen; 1213 ivn = 3; 1214 } 1215 1216 while (writev(dd, iv, ivn) < 0) { 1217 if (errno == EAGAIN || errno == EINTR) 1218 continue; 1219 return -1; 1220 } 1221 return 0; 1222 } 1223 1224 #define HCI_SLEEP_CMD_OCF 0x04 1225 #define TIOCSETD 0x5423 1226 #define HCIUARTSETFLAGS _IOW('U', 204, int) 1227 #define HCIUARTSETPROTO _IOW('U', 200, int) 1228 #define HCIUARTGETDEVICE _IOW('U', 202, int) 1229 /* 1230 * Atheros AR300x specific initialization post callback 1231 */ 1232 int ath3k_post(int fd, int pm) 1233 { 1234 int dev_id, dd; 1235 struct timespec tm = { 0, 50000}; 1236 1237 sleep(1); 1238 1239 dev_id = ioctl(fd, HCIUARTGETDEVICE, 0); 1240 if (dev_id < 0) { 1241 perror("cannot get device id"); 1242 return dev_id; 1243 } 1244 1245 dd = hci_open_dev(dev_id); 1246 if (dd < 0) { 1247 perror("HCI device open failed"); 1248 return dd; 1249 } 1250 1251 if (ioctl(dd, HCIDEVUP, dev_id) < 0 && errno != EALREADY) { 1252 perror("hci down:Power management Disabled"); 1253 hci_close_dev(dd); 1254 return -1; 1255 } 1256 1257 /* send vendor specific command with Sleep feature Enabled */ 1258 if (hci_send_cmd(dd, OGF_VENDOR_CMD, HCI_SLEEP_CMD_OCF, 1, &pm) < 0) 1259 perror("PM command failed, power management Disabled"); 1260 1261 nanosleep(&tm, NULL); 1262 hci_close_dev(dd); 1263 1264 return 0; 1265 } 1266 1267 1268 1269 #define FLOW_CTL 0x0001 1270 #define ENABLE_PM 1 1271 #define DISABLE_PM 0 1272 1273 /* Initialize UART driver */ 1274 static int init_uart(char *dev, struct uart_t *u, int send_break, int raw) 1275 { 1276 ALOGI(" %s ", __FUNCTION__); 1277 1278 struct termios ti; 1279 1280 int i, fd; 1281 unsigned long flags = 0; 1282 1283 if (raw) 1284 flags |= 1 << HCI_UART_RAW_DEVICE; 1285 1286 1287 fd = open(dev, O_RDWR | O_NOCTTY); 1288 1289 if (fd < 0) { 1290 ALOGI("Can't open serial port"); 1291 return -1; 1292 } 1293 1294 1295 tcflush(fd, TCIOFLUSH); 1296 1297 if (tcgetattr(fd, &ti) < 0) { 1298 ALOGI("Can't get port settings: %d\n", errno); 1299 return -1; 1300 } 1301 1302 cfmakeraw(&ti); 1303 1304 ti.c_cflag |= CLOCAL; 1305 if (u->flags & FLOW_CTL) 1306 ti.c_cflag |= CRTSCTS; 1307 else 1308 ti.c_cflag &= ~CRTSCTS; 1309 1310 if (tcsetattr(fd, TCSANOW, &ti) < 0) { 1311 ALOGI("Can't set port settings"); 1312 return -1; 1313 } 1314 1315 if (set_speed(fd, &ti, u->init_speed) < 0) { 1316 ALOGI("Can't set initial baud rate"); 1317 return -1; 1318 } 1319 1320 tcflush(fd, TCIOFLUSH); 1321 1322 if (send_break) { 1323 tcsendbreak(fd, 0); 1324 usleep(500000); 1325 } 1326 1327 ath3k_init(fd,u->speed,u->init_speed,u->bdaddr, &ti); 1328 1329 ALOGI("Device setup complete\n"); 1330 1331 1332 tcflush(fd, TCIOFLUSH); 1333 1334 // Set actual baudrate 1335 /* 1336 if (set_speed(fd, &ti, u->speed) < 0) { 1337 perror("Can't set baud rate"); 1338 return -1; 1339 } 1340 1341 i = N_HCI; 1342 if (ioctl(fd, TIOCSETD, &i) < 0) { 1343 perror("Can't set line discipline"); 1344 return -1; 1345 } 1346 1347 if (flags && ioctl(fd, HCIUARTSETFLAGS, flags) < 0) { 1348 perror("Can't set UART flags"); 1349 return -1; 1350 } 1351 1352 if (ioctl(fd, HCIUARTSETPROTO, u->proto) < 0) { 1353 perror("Can't set device"); 1354 return -1; 1355 } 1356 1357 #if !defined(SW_BOARD_HAVE_BLUETOOTH_RTK) 1358 ath3k_post(fd, u->pm); 1359 #endif 1360 */ 1361 1362 return fd; 1363 } 1364 1365 1366 int hw_config_ath3k(char *port_name) 1367 { 1368 ALOGI(" %s ", __FUNCTION__); 1369 PSCounter=0; 1370 struct sigaction sa; 1371 struct uart_t u ; 1372 int n=0,send_break=0,raw=0; 1373 1374 memset(&u, 0, sizeof(u)); 1375 u.speed =3000000; 1376 u.init_speed =115200; 1377 u.flags |= FLOW_CTL; 1378 u.pm = DISABLE_PM; 1379 1380 n = init_uart(port_name, &u, send_break, raw); 1381 if (n < 0) { 1382 ALOGI("Can't initialize device"); 1383 } 1384 1385 return n; 1386 } 1387 1388 void lpm_set_ar3k(uint8_t pio, uint8_t action, uint8_t polarity) 1389 { 1390 int rc; 1391 int fd = -1; 1392 char buffer; 1393 1394 ALOGI("lpm mode: %d action: %d", pio, action); 1395 1396 RESERVED(polarity); 1397 1398 switch (pio) 1399 { 1400 case UPIO_LPM_MODE: 1401 if (upio_state[UPIO_LPM_MODE] == action) 1402 { 1403 ALOGI("LPM is %s already", lpm_mode[action]); 1404 return; 1405 } 1406 1407 fd = open(VENDOR_LPM_PROC_NODE, O_WRONLY); 1408 1409 if (fd < 0) 1410 { 1411 ALOGE("upio_set : open(%s) for write failed: %s (%d)", 1412 VENDOR_LPM_PROC_NODE, strerror(errno), errno); 1413 return; 1414 } 1415 1416 if (action == UPIO_ASSERT) 1417 { 1418 buffer = '1'; 1419 } 1420 else 1421 { 1422 buffer = '0'; 1423 } 1424 1425 if (write(fd, &buffer, 1) < 0) 1426 { 1427 ALOGE("upio_set : write(%s) failed: %s (%d)", 1428 VENDOR_LPM_PROC_NODE, strerror(errno),errno); 1429 } 1430 else 1431 { 1432 upio_state[UPIO_LPM_MODE] = action; 1433 ALOGI("LPM is set to %s", lpm_mode[action]); 1434 } 1435 1436 if (fd >= 0) 1437 close(fd); 1438 1439 break; 1440 1441 case UPIO_BT_WAKE: 1442 /* UPIO_DEASSERT should be allowed because in Rx case assert occur 1443 * from the remote side where as deassert will be initiated from Host 1444 */ 1445 if ((action == UPIO_ASSERT) && (upio_state[UPIO_BT_WAKE] == action)) 1446 { 1447 ALOGI("BT_WAKE is %s already", lpm_state[action]); 1448 1449 return; 1450 } 1451 1452 if (action == UPIO_DEASSERT) 1453 buffer = '0'; 1454 else 1455 buffer = '1'; 1456 1457 fd = open(VENDOR_BTWRITE_PROC_NODE, O_WRONLY); 1458 1459 if (fd < 0) 1460 { 1461 ALOGE("upio_set : open(%s) for write failed: %s (%d)", 1462 VENDOR_BTWRITE_PROC_NODE, strerror(errno), errno); 1463 return; 1464 } 1465 1466 if (write(fd, &buffer, 1) < 0) 1467 { 1468 ALOGE("upio_set : write(%s) failed: %s (%d)", 1469 VENDOR_BTWRITE_PROC_NODE, strerror(errno),errno); 1470 } 1471 else 1472 { 1473 upio_state[UPIO_BT_WAKE] = action; 1474 ALOGI("BT_WAKE is set to %s", lpm_state[action]); 1475 } 1476 1477 ALOGI("proc btwrite assertion"); 1478 1479 if (fd >= 0) 1480 close(fd); 1481 1482 break; 1483 1484 case UPIO_HOST_WAKE: 1485 ALOGI("upio_set: UPIO_HOST_WAKE"); 1486 break; 1487 } 1488 1489 } 1490
