1 /* 2 * 3 * Copyright (c) 2013, The Linux Foundation. All rights reserved. 4 * Not a Contribution. 5 * 6 * Copyright 2012 The Android Open Source Project 7 * 8 * Licensed under the Apache License, Version 2.0 (the "License"); you 9 * may not use this file except in compliance with the License. You may 10 * obtain a copy of the License at 11 * 12 * http://www.apache.org/licenses/LICENSE-2.0 13 * 14 * Unless required by applicable law or agreed to in writing, software 15 * distributed under the License is distributed on an "AS IS" BASIS, 16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or 17 * implied. See the License for the specific language governing 18 * permissions and limitations under the License. 19 * 20 */ 21 22 /****************************************************************************** 23 * 24 * Filename: hw_ar3k.c 25 * 26 * Description: Contains controller-specific functions, like 27 * firmware patch download 28 * low power mode operations 29 * 30 ******************************************************************************/ 31 #ifdef __cplusplus 32 extern "C" { 33 #endif 34 35 #define LOG_TAG "bt_vendor" 36 37 #include "bt_hci_bdroid.h" 38 #include "bt_vendor_qcom.h" 39 #include "bt_vendor_qcom.h" 40 #include "hci_uart.h" 41 #include "hw_ar3k.h" 42 43 #include <ctype.h> 44 #include <dirent.h> 45 #include <errno.h> 46 #include <fcntl.h> 47 #include <signal.h> 48 #include <stdlib.h> 49 #include <string.h> 50 #include <sys/socket.h> 51 #include <sys/stat.h> 52 #include <sys/types.h> 53 #include <sys/uio.h> 54 #include <termios.h> 55 #include <time.h> 56 #include <unistd.h> 57 58 #include <cutils/properties.h> 59 #include <utils/Log.h> 60 61 /****************************************************************************** 62 ** Variables 63 ******************************************************************************/ 64 int cbstat = 0; 65 #define PATCH_LOC_STRING_LEN 8 66 char ARbyte[3]; 67 char ARptr[MAX_PATCH_CMD + 1]; 68 int byte_cnt; 69 int patch_count = 0; 70 char patch_loc[PATCH_LOC_STRING_LEN + 1]; 71 int PSCounter=0; 72 73 uint32_t dev_type = 0; 74 uint32_t rom_version = 0; 75 uint32_t build_version = 0; 76 77 char patch_file[PATH_MAX]; 78 char ps_file[PATH_MAX]; 79 FILE *stream; 80 int tag_count=0; 81 82 /* for friendly debugging outpout string */ 83 static char *lpm_mode[] = { 84 "UNKNOWN", 85 "disabled", 86 "enabled" 87 }; 88 89 static char *lpm_state[] = { 90 "UNKNOWN", 91 "de-asserted", 92 "asserted" 93 }; 94 95 static uint8_t upio_state[UPIO_MAX_COUNT]; 96 struct ps_cfg_entry ps_list[MAX_TAGS]; 97 98 #define PS_EVENT_LEN 100 99 100 #ifdef __cplusplus 101 } 102 #endif 103 104 #define RESERVED(p) if(p) ALOGI( "%s: reserved param", __FUNCTION__); 105 106 /***************************************************************************** 107 ** Functions 108 *****************************************************************************/ 109 110 int is_bt_soc_ath() { 111 int ret = 0; 112 char bt_soc_type[PROPERTY_VALUE_MAX]; 113 ret = property_get("qcom.bluetooth.soc", bt_soc_type, NULL); 114 if (ret != 0) { 115 ALOGI("qcom.bluetooth.soc set to %s\n", bt_soc_type); 116 if (!strncasecmp(bt_soc_type, "ath3k", sizeof("ath3k"))) 117 return 1; 118 } else { 119 ALOGI("qcom.bluetooth.soc not set, so using default.\n"); 120 } 121 122 return 0; 123 } 124 125 /* 126 * Send HCI command and wait for command complete event. 127 * The event buffer has to be freed by the caller. 128 */ 129 130 static int send_hci_cmd_sync(int dev, uint8_t *cmd, int len, uint8_t **event) 131 { 132 int err; 133 uint8_t *hci_event; 134 uint8_t pkt_type = HCI_COMMAND_PKT; 135 136 if (len == 0) 137 return len; 138 139 if (write(dev, &pkt_type, 1) != 1) 140 return -EILSEQ; 141 if (write(dev, (unsigned char *)cmd, len) != len) 142 return -EILSEQ; 143 144 hci_event = (uint8_t *)malloc(PS_EVENT_LEN); 145 if (!hci_event) 146 return -ENOMEM; 147 148 err = read_hci_event(dev, (unsigned char *)hci_event, PS_EVENT_LEN); 149 if (err > 0) { 150 *event = hci_event; 151 } else { 152 free(hci_event); 153 return -EILSEQ; 154 } 155 156 return len; 157 } 158 159 static void convert_bdaddr(char *str_bdaddr, char *bdaddr) 160 { 161 char bdbyte[3]; 162 char *str_byte = str_bdaddr; 163 int i, j; 164 int colon_present = 0; 165 166 if (strstr(str_bdaddr, ":")) 167 colon_present = 1; 168 169 bdbyte[2] = '\0'; 170 171 /* Reverse the BDADDR to LSB first */ 172 for (i = 0, j = 5; i < 6; i++, j--) { 173 bdbyte[0] = str_byte[0]; 174 bdbyte[1] = str_byte[1]; 175 bdaddr[j] = strtol(bdbyte, NULL, 16); 176 177 if (colon_present == 1) 178 str_byte += 3; 179 else 180 str_byte += 2; 181 } 182 } 183 184 static int uart_speed(int s) 185 { 186 switch (s) { 187 case 9600: 188 return B9600; 189 case 19200: 190 return B19200; 191 case 38400: 192 return B38400; 193 case 57600: 194 return B57600; 195 case 115200: 196 return B115200; 197 case 230400: 198 return B230400; 199 case 460800: 200 return B460800; 201 case 500000: 202 return B500000; 203 case 576000: 204 return B576000; 205 case 921600: 206 return B921600; 207 case 1000000: 208 return B1000000; 209 case 1152000: 210 return B1152000; 211 case 1500000: 212 return B1500000; 213 case 2000000: 214 return B2000000; 215 #ifdef B2500000 216 case 2500000: 217 return B2500000; 218 #endif 219 #ifdef B3000000 220 case 3000000: 221 return B3000000; 222 #endif 223 #ifdef B3500000 224 case 3500000: 225 return B3500000; 226 #endif 227 #ifdef B4000000 228 case 4000000: 229 return B4000000; 230 #endif 231 default: 232 return B57600; 233 } 234 } 235 236 int set_speed(int fd, struct termios *ti, int speed) 237 { 238 if (cfsetospeed(ti, uart_speed(speed)) < 0) 239 return -errno; 240 241 if (cfsetispeed(ti, uart_speed(speed)) < 0) 242 return -errno; 243 244 if (tcsetattr(fd, TCSANOW, ti) < 0) 245 return -errno; 246 247 return 0; 248 } 249 250 static void load_hci_ps_hdr(uint8_t *cmd, uint8_t ps_op, int len, int index) 251 { 252 hci_command_hdr *ch = (void *)cmd; 253 254 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 255 HCI_PS_CMD_OCF)); 256 ch->plen = len + PS_HDR_LEN; 257 cmd += HCI_COMMAND_HDR_SIZE; 258 259 cmd[0] = ps_op; 260 cmd[1] = index; 261 cmd[2] = index >> 8; 262 cmd[3] = len; 263 } 264 265 266 static int read_ps_event(uint8_t *event, uint16_t ocf) 267 { 268 hci_event_hdr *eh; 269 uint16_t opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, ocf)); 270 271 event++; 272 273 eh = (void *)event; 274 event += HCI_EVENT_HDR_SIZE; 275 276 if (eh->evt == EVT_CMD_COMPLETE) { 277 evt_cmd_complete *cc = (void *)event; 278 279 event += EVT_CMD_COMPLETE_SIZE; 280 281 if (cc->opcode == opcode && event[0] == HCI_EV_SUCCESS) 282 return 0; 283 else 284 return -EILSEQ; 285 } 286 287 return -EILSEQ; 288 } 289 290 #define PS_WRITE 1 291 #define PS_RESET 2 292 #define WRITE_PATCH 8 293 #define ENABLE_PATCH 11 294 295 #define HCI_PS_CMD_HDR_LEN 7 296 297 static int write_cmd(int fd, uint8_t *buffer, int len) 298 { 299 uint8_t *event; 300 int err; 301 302 err = send_hci_cmd_sync(fd, buffer, len, &event); 303 if (err < 0) 304 return err; 305 306 err = read_ps_event(event, HCI_PS_CMD_OCF); 307 308 free(event); 309 310 return err; 311 } 312 313 #define PS_RESET_PARAM_LEN 6 314 #define PS_RESET_CMD_LEN (HCI_PS_CMD_HDR_LEN + PS_RESET_PARAM_LEN) 315 316 #define PS_ID_MASK 0xFF 317 318 /* Sends PS commands using vendor specficic HCI commands */ 319 static int write_ps_cmd(int fd, uint8_t opcode, uint32_t ps_param) 320 { 321 uint8_t cmd[HCI_MAX_CMD_SIZE]; 322 uint32_t i; 323 324 switch (opcode) { 325 case ENABLE_PATCH: 326 load_hci_ps_hdr(cmd, opcode, 0, 0x00); 327 328 if (write_cmd(fd, cmd, HCI_PS_CMD_HDR_LEN) < 0) 329 return -EILSEQ; 330 break; 331 332 case PS_RESET: 333 load_hci_ps_hdr(cmd, opcode, PS_RESET_PARAM_LEN, 0x00); 334 335 cmd[7] = 0x00; 336 cmd[PS_RESET_CMD_LEN - 2] = ps_param & PS_ID_MASK; 337 cmd[PS_RESET_CMD_LEN - 1] = (ps_param >> 8) & PS_ID_MASK; 338 339 if (write_cmd(fd, cmd, PS_RESET_CMD_LEN) < 0) 340 return -EILSEQ; 341 break; 342 343 case PS_WRITE: 344 for (i = 0; i < ps_param; i++) { 345 load_hci_ps_hdr(cmd, opcode, ps_list[i].len, 346 ps_list[i].id); 347 348 memcpy(&cmd[HCI_PS_CMD_HDR_LEN], ps_list[i].data, 349 ps_list[i].len); 350 351 if (write_cmd(fd, cmd, ps_list[i].len + 352 HCI_PS_CMD_HDR_LEN) < 0) 353 return -EILSEQ; 354 } 355 break; 356 } 357 358 return 0; 359 } 360 361 #define PS_ASIC_FILE "PS_ASIC.pst" 362 #define PS_FPGA_FILE "PS_FPGA.pst" 363 #define MAXPATHLEN 4096 364 static void get_ps_file_name(uint32_t devtype, uint32_t rom_version,char *path) 365 { 366 char *filename; 367 368 if (devtype == 0xdeadc0de) 369 filename = PS_ASIC_FILE; 370 else 371 filename = PS_FPGA_FILE; 372 373 snprintf(path, MAXPATHLEN, "%s%x/%s", FW_PATH, rom_version, filename); 374 } 375 376 #define PATCH_FILE "RamPatch.txt" 377 #define FPGA_ROM_VERSION 0x99999999 378 #define ROM_DEV_TYPE 0xdeadc0de 379 380 static void get_patch_file_name(uint32_t dev_type, uint32_t rom_version, 381 uint32_t build_version, char *path) 382 { 383 if (rom_version == FPGA_ROM_VERSION && dev_type != ROM_DEV_TYPE 384 &&dev_type != 0 && build_version == 1) 385 path[0] = '\0'; 386 else 387 snprintf(path, MAXPATHLEN, "%s%x/%s", FW_PATH, rom_version, PATCH_FILE); 388 } 389 390 static int set_cntrlr_baud(int fd, int speed) 391 { 392 int baud; 393 struct timespec tm = { 0, 500000}; 394 unsigned char cmd[MAX_CMD_LEN], rsp[HCI_MAX_EVENT_SIZE]; 395 unsigned char *ptr = cmd + 1; 396 hci_command_hdr *ch = (void *)ptr; 397 398 cmd[0] = HCI_COMMAND_PKT; 399 400 /* set controller baud rate to user specified value */ 401 ptr = cmd + 1; 402 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 403 HCI_CHG_BAUD_CMD_OCF)); 404 ch->plen = 2; 405 ptr += HCI_COMMAND_HDR_SIZE; 406 407 baud = speed/100; 408 ptr[0] = (char)baud; 409 ptr[1] = (char)(baud >> 8); 410 411 if (write(fd, cmd, WRITE_BAUD_CMD_LEN) != WRITE_BAUD_CMD_LEN) { 412 ALOGI("Failed to write change baud rate command"); 413 return -ETIMEDOUT; 414 } 415 416 nanosleep(&tm, NULL); 417 418 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) 419 return -ETIMEDOUT; 420 421 return 0; 422 } 423 424 #define PS_UNDEF 0 425 #define PS_ID 1 426 #define PS_LEN 2 427 #define PS_DATA 3 428 429 #define PS_MAX_LEN 500 430 #define LINE_SIZE_MAX (PS_MAX_LEN * 2) 431 #define ENTRY_PER_LINE 16 432 433 #define __check_comment(buf) (((buf)[0] == '/') && ((buf)[1] == '/')) 434 #define __skip_space(str) while (*(str) == ' ') ((str)++) 435 436 437 #define __is_delim(ch) ((ch) == ':') 438 #define MAX_PREAMBLE_LEN 4 439 440 /* Parse PS entry preamble of format [X:X] for main type and subtype */ 441 static int get_ps_type(char *ptr, int index, char *type, char *sub_type) 442 { 443 int i; 444 int delim = FALSE; 445 446 if (index > MAX_PREAMBLE_LEN) 447 return -EILSEQ; 448 449 for (i = 1; i < index; i++) { 450 if (__is_delim(ptr[i])) { 451 delim = TRUE; 452 continue; 453 } 454 455 if (isalpha(ptr[i])) { 456 if (delim == FALSE) 457 (*type) = toupper(ptr[i]); 458 else 459 (*sub_type) = toupper(ptr[i]); 460 } 461 } 462 463 return 0; 464 } 465 466 #define ARRAY 'A' 467 #define STRING 'S' 468 #define DECIMAL 'D' 469 #define BINARY 'B' 470 471 #define PS_HEX 0 472 #define PS_DEC 1 473 474 static int get_input_format(char *buf, struct ps_entry_type *format) 475 { 476 char *ptr = NULL; 477 char type = '\0'; 478 char sub_type = '\0'; 479 480 format->type = PS_HEX; 481 format->array = TRUE; 482 483 if (strstr(buf, "[") != buf) 484 return 0; 485 486 ptr = strstr(buf, "]"); 487 if (!ptr) 488 return -EILSEQ; 489 490 if (get_ps_type(buf, ptr - buf, &type, &sub_type) < 0) 491 return -EILSEQ; 492 493 /* Check is data type is of array */ 494 if (type == ARRAY || sub_type == ARRAY) 495 format->array = TRUE; 496 497 if (type == STRING || sub_type == STRING) 498 format->array = FALSE; 499 500 if (type == DECIMAL || type == BINARY) 501 format->type = PS_DEC; 502 else 503 format->type = PS_HEX; 504 505 return 0; 506 } 507 508 509 510 #define UNDEFINED 0xFFFF 511 512 static unsigned int read_data_in_section(char *buf, struct ps_entry_type type) 513 { 514 char *ptr = buf; 515 516 if (!buf) 517 return UNDEFINED; 518 519 if (buf == strstr(buf, "[")) { 520 ptr = strstr(buf, "]"); 521 if (!ptr) 522 return UNDEFINED; 523 524 ptr++; 525 } 526 527 if (type.type == PS_HEX && type.array != TRUE) 528 return strtol(ptr, NULL, 16); 529 530 return UNDEFINED; 531 } 532 533 534 /* Read PS entries as string, convert and add to Hex array */ 535 static void update_tag_data(struct ps_cfg_entry *tag, 536 struct tag_info *info, const char *ptr) 537 { 538 char buf[3]; 539 540 buf[2] = '\0'; 541 542 strlcpy(buf, &ptr[info->char_cnt],sizeof(buf)); 543 tag->data[info->byte_count] = strtol(buf, NULL, 16); 544 info->char_cnt += 3; 545 info->byte_count++; 546 547 strlcpy(buf, &ptr[info->char_cnt], sizeof(buf)); 548 tag->data[info->byte_count] = strtol(buf, NULL, 16); 549 info->char_cnt += 3; 550 info->byte_count++; 551 } 552 553 static inline int update_char_count(const char *buf) 554 { 555 char *end_ptr; 556 557 if (strstr(buf, "[") == buf) { 558 end_ptr = strstr(buf, "]"); 559 if (!end_ptr) 560 return 0; 561 else 562 return(end_ptr - buf) + 1; 563 } 564 565 return 0; 566 } 567 568 #define PS_HEX 0 569 #define PS_DEC 1 570 571 static int ath_parse_ps(FILE *stream) 572 { 573 char buf[LINE_SIZE_MAX + 1]; 574 char *ptr; 575 uint8_t tag_cnt = 0; 576 int16_t byte_count = 0; 577 struct ps_entry_type format; 578 struct tag_info status = { 0, 0, 0, 0}; 579 580 do { 581 int read_count; 582 struct ps_cfg_entry *tag; 583 584 ptr = fgets(buf, LINE_SIZE_MAX, stream); 585 if (!ptr) 586 break; 587 588 __skip_space(ptr); 589 if (__check_comment(ptr)) 590 continue; 591 592 /* Lines with a '#' will be followed by new PS entry */ 593 if (ptr == strstr(ptr, "#")) { 594 if (status.section != PS_UNDEF) { 595 return -EILSEQ; 596 } else { 597 status.section = PS_ID; 598 continue; 599 } 600 } 601 602 tag = &ps_list[tag_cnt]; 603 604 switch (status.section) { 605 case PS_ID: 606 if (get_input_format(ptr, &format) < 0) 607 return -EILSEQ; 608 609 tag->id = read_data_in_section(ptr, format); 610 status.section = PS_LEN; 611 break; 612 613 case PS_LEN: 614 if (get_input_format(ptr, &format) < 0) 615 return -EILSEQ; 616 617 byte_count = read_data_in_section(ptr, format); 618 if (byte_count > PS_MAX_LEN) 619 return -EILSEQ; 620 621 tag->len = byte_count; 622 tag->data = (uint8_t *)malloc(byte_count); 623 624 status.section = PS_DATA; 625 status.line_count = 0; 626 break; 627 628 case PS_DATA: 629 if (status.line_count == 0) 630 if (get_input_format(ptr, &format) < 0) 631 return -EILSEQ; 632 633 __skip_space(ptr); 634 635 status.char_cnt = update_char_count(ptr); 636 637 read_count = (byte_count > ENTRY_PER_LINE) ? 638 ENTRY_PER_LINE : byte_count; 639 640 if (format.type == PS_HEX && format.array == TRUE) { 641 while (read_count > 0) { 642 update_tag_data(tag, &status, ptr); 643 read_count -= 2; 644 } 645 646 if (byte_count > ENTRY_PER_LINE) 647 byte_count -= ENTRY_PER_LINE; 648 else 649 byte_count = 0; 650 } 651 652 status.line_count++; 653 654 if (byte_count == 0) 655 memset(&status, 0x00, sizeof(struct tag_info)); 656 657 if (status.section == PS_UNDEF) 658 tag_cnt++; 659 660 if (tag_cnt == MAX_TAGS) 661 return -EILSEQ; 662 break; 663 } 664 } while (ptr); 665 666 return tag_cnt; 667 } 668 669 #define PS_RAM_SIZE 2048 670 671 static int ps_config_download(int fd, int tag_count) 672 { 673 if (write_ps_cmd(fd, PS_RESET, PS_RAM_SIZE) < 0) 674 return -1; 675 676 if (tag_count > 0) 677 if (write_ps_cmd(fd, PS_WRITE, tag_count) < 0) 678 return -1; 679 return 0; 680 } 681 682 static int write_bdaddr(int pConfig, char *bdaddr) 683 { 684 uint8_t *event; 685 int err; 686 uint8_t cmd[13]; 687 uint8_t *ptr = cmd; 688 hci_command_hdr *ch = (void *)cmd; 689 690 memset(cmd, 0, sizeof(cmd)); 691 692 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 693 HCI_PS_CMD_OCF)); 694 ch->plen = 10; 695 ptr += HCI_COMMAND_HDR_SIZE; 696 697 ptr[0] = 0x01; 698 ptr[1] = 0x01; 699 ptr[2] = 0x00; 700 ptr[3] = 0x06; 701 702 convert_bdaddr(bdaddr, (char *)&ptr[4]); 703 704 err = send_hci_cmd_sync(pConfig, cmd, sizeof(cmd), &event); 705 if (err < 0) 706 return err; 707 708 err = read_ps_event(event, HCI_PS_CMD_OCF); 709 710 free(event); 711 712 return err; 713 } 714 715 static void write_bdaddr_from_file(int rom_version, int fd) 716 { 717 FILE *stream; 718 char bdaddr[PATH_MAX]; 719 char bdaddr_file[PATH_MAX]; 720 721 snprintf(bdaddr_file, MAXPATHLEN, "%s%x/%s", 722 FW_PATH, rom_version, BDADDR_FILE); 723 724 stream = fopen(bdaddr_file, "r"); 725 if (!stream) 726 return; 727 728 if (fgets(bdaddr, PATH_MAX - 1, stream)) 729 write_bdaddr(fd, bdaddr); 730 731 fclose(stream); 732 } 733 734 #define HCI_EVT_CMD_CMPL_OPCODE 3 735 #define HCI_EVT_CMD_CMPL_STATUS_RET_BYTE 5 736 737 void baswap(bdaddr_t *dst, const bdaddr_t *src) 738 { 739 register unsigned char *d = (unsigned char *) dst; 740 register const unsigned char *s = (const unsigned char *) src; 741 register int i; 742 for (i = 0; i < 6; i++) 743 d[i] = s[5-i]; 744 } 745 746 747 int str2ba(const char *str, bdaddr_t *ba) 748 { 749 uint8_t b[6]; 750 const char *ptr = str; 751 int i; 752 753 for (i = 0; i < 6; i++) { 754 b[i] = (uint8_t) strtol(ptr, NULL, 16); 755 ptr = strchr(ptr, ':'); 756 if (i != 5 && !ptr) 757 ptr = ":00:00:00:00:00"; 758 ptr++; 759 } 760 baswap(ba, (bdaddr_t *) b); 761 return 0; 762 } 763 764 #define DEV_REGISTER 0x4FFC 765 #define GET_DEV_TYPE_OCF 0x05 766 767 static int get_device_type(int dev, uint32_t *code) 768 { 769 uint8_t cmd[8] = {0}; 770 uint8_t *event; 771 uint32_t reg; 772 int err; 773 uint8_t *ptr = cmd; 774 hci_command_hdr *ch = (void *)cmd; 775 776 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 777 GET_DEV_TYPE_OCF)); 778 ch->plen = 5; 779 ptr += HCI_COMMAND_HDR_SIZE; 780 781 ptr[0] = (uint8_t)DEV_REGISTER; 782 ptr[1] = (uint8_t)DEV_REGISTER >> 8; 783 ptr[2] = (uint8_t)DEV_REGISTER >> 16; 784 ptr[3] = (uint8_t)DEV_REGISTER >> 24; 785 ptr[4] = 0x04; 786 787 err = send_hci_cmd_sync(dev, cmd, sizeof(cmd), &event); 788 if (err < 0) 789 return err; 790 791 err = read_ps_event(event, GET_DEV_TYPE_OCF); 792 if (err < 0) 793 goto cleanup; 794 795 reg = event[10]; 796 reg = (reg << 8) | event[9]; 797 reg = (reg << 8) | event[8]; 798 reg = (reg << 8) | event[7]; 799 *code = reg; 800 801 cleanup: 802 free(event); 803 804 return err; 805 } 806 807 #define GET_VERSION_OCF 0x1E 808 809 static int read_ath3k_version(int pConfig, uint32_t *rom_version, 810 uint32_t *build_version) 811 { 812 uint8_t cmd[3] = {0}; 813 uint8_t *event; 814 int err; 815 int status; 816 hci_command_hdr *ch = (void *)cmd; 817 818 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 819 GET_VERSION_OCF)); 820 ch->plen = 0; 821 822 err = send_hci_cmd_sync(pConfig, cmd, sizeof(cmd), &event); 823 if (err < 0) 824 return err; 825 826 err = read_ps_event(event, GET_VERSION_OCF); 827 if (err < 0) 828 goto cleanup; 829 830 status = event[10]; 831 status = (status << 8) | event[9]; 832 status = (status << 8) | event[8]; 833 status = (status << 8) | event[7]; 834 *rom_version = status; 835 836 status = event[14]; 837 status = (status << 8) | event[13]; 838 status = (status << 8) | event[12]; 839 status = (status << 8) | event[11]; 840 *build_version = status; 841 842 cleanup: 843 free(event); 844 845 return err; 846 } 847 848 #define VERIFY_CRC 9 849 #define PS_REGION 1 850 #define PATCH_REGION 2 851 852 static int get_ath3k_crc(int dev) 853 { 854 uint8_t cmd[7] = {0}; 855 uint8_t *event; 856 int err; 857 858 load_hci_ps_hdr(cmd, VERIFY_CRC, 0, PS_REGION | PATCH_REGION); 859 860 err = send_hci_cmd_sync(dev, cmd, sizeof(cmd), &event); 861 if (err < 0) 862 return err; 863 /* Send error code if CRC check patched */ 864 if (read_ps_event(event, HCI_PS_CMD_OCF) >= 0) 865 err = -EILSEQ; 866 867 free(event); 868 869 return err; 870 } 871 872 #define SET_PATCH_RAM_ID 0x0D 873 #define SET_PATCH_RAM_CMD_SIZE 11 874 #define ADDRESS_LEN 4 875 static int set_patch_ram(int dev, char *patch_loc, int len) 876 { 877 int err; 878 uint8_t cmd[20] = {0}; 879 int i, j; 880 char loc_byte[3]; 881 uint8_t *event; 882 uint8_t *loc_ptr = &cmd[7]; 883 884 RESERVED(len); 885 886 if (!patch_loc) 887 return -1; 888 889 loc_byte[2] = '\0'; 890 891 load_hci_ps_hdr(cmd, SET_PATCH_RAM_ID, ADDRESS_LEN, 0); 892 893 for (i = 0, j = 3; i < 4; i++, j--) { 894 loc_byte[0] = patch_loc[0]; 895 loc_byte[1] = patch_loc[1]; 896 loc_ptr[j] = strtol(loc_byte, NULL, 16); 897 patch_loc += 2; 898 } 899 900 err = send_hci_cmd_sync(dev, cmd, SET_PATCH_RAM_CMD_SIZE, &event); 901 if (err < 0) 902 return err; 903 904 err = read_ps_event(event, HCI_PS_CMD_OCF); 905 906 free(event); 907 908 return err; 909 } 910 911 #define PATCH_LOC_KEY "DA:" 912 #define PATCH_LOC_STRING_LEN 8 913 static int ps_patch_download(int fd, FILE *stream) 914 { 915 char byte[3]; 916 char ptr[MAX_PATCH_CMD + 1]; 917 int byte_cnt; 918 int patch_count = 0; 919 char patch_loc[PATCH_LOC_STRING_LEN + 1]; 920 921 byte[2] = '\0'; 922 923 while (fgets(ptr, MAX_PATCH_CMD, stream)) { 924 if (strlen(ptr) <= 1) 925 continue; 926 else if (strstr(ptr, PATCH_LOC_KEY) == ptr) { 927 strlcpy(patch_loc, &ptr[sizeof(PATCH_LOC_KEY) - 1], 928 PATCH_LOC_STRING_LEN); 929 if (set_patch_ram(fd, patch_loc, sizeof(patch_loc)) < 0) 930 return -1; 931 } else if (isxdigit(ptr[0])) 932 break; 933 else 934 return -1; 935 } 936 937 byte_cnt = strtol(ptr, NULL, 16); 938 939 while (byte_cnt > 0) { 940 int i; 941 uint8_t cmd[HCI_MAX_CMD_SIZE] = {0}; 942 struct patch_entry patch; 943 944 if (byte_cnt > MAX_PATCH_CMD) 945 patch.len = MAX_PATCH_CMD; 946 else 947 patch.len = byte_cnt; 948 949 for (i = 0; i < patch.len; i++) { 950 if (!fgets(byte, 3, stream)) 951 return -1; 952 953 patch.data[i] = strtoul(byte, NULL, 16); 954 } 955 956 load_hci_ps_hdr(cmd, WRITE_PATCH, patch.len, patch_count); 957 memcpy(&cmd[HCI_PS_CMD_HDR_LEN], patch.data, patch.len); 958 959 if (write_cmd(fd, cmd, patch.len + HCI_PS_CMD_HDR_LEN) < 0) 960 return -1; 961 962 patch_count++; 963 byte_cnt = byte_cnt - MAX_PATCH_CMD; 964 } 965 966 if (write_ps_cmd(fd, ENABLE_PATCH, 0) < 0) 967 return -1; 968 969 return patch_count; 970 } 971 972 static int ath_ps_download(int fd) 973 { 974 int err = 0; 975 int tag_count; 976 int patch_count = 0; 977 uint32_t rom_version = 0; 978 uint32_t build_version = 0; 979 uint32_t dev_type = 0; 980 char patch_file[PATH_MAX]; 981 char ps_file[PATH_MAX]; 982 FILE *stream; 983 984 /* 985 * Verfiy firmware version. depending on it select the PS 986 * config file to download. 987 */ 988 if (get_device_type(fd, &dev_type) < 0) { 989 err = -EILSEQ; 990 goto download_cmplete; 991 } 992 993 if (read_ath3k_version(fd, &rom_version, &build_version) < 0) { 994 err = -EILSEQ; 995 goto download_cmplete; 996 } 997 998 /* Do not download configuration if CRC passes */ 999 if (get_ath3k_crc(fd) < 0) { 1000 err = 0; 1001 goto download_cmplete; 1002 } 1003 1004 get_ps_file_name(dev_type, rom_version, ps_file); 1005 get_patch_file_name(dev_type, rom_version, build_version, patch_file); 1006 1007 stream = fopen(ps_file, "r"); 1008 if (!stream) { 1009 ALOGI("firmware file open error:%s, ver:%x\n",ps_file, rom_version); 1010 if (rom_version == 0x1020201) 1011 err = 0; 1012 else 1013 err = -EILSEQ; 1014 goto download_cmplete; 1015 } 1016 tag_count = ath_parse_ps(stream); 1017 1018 fclose(stream); 1019 1020 if (tag_count < 0) { 1021 err = -EILSEQ; 1022 goto download_cmplete; 1023 } 1024 1025 /* 1026 * It is not necessary that Patch file be available, 1027 * continue with PS Operations if patch file is not available. 1028 */ 1029 if (patch_file[0] == '\0') 1030 err = 0; 1031 1032 stream = fopen(patch_file, "r"); 1033 if (!stream) 1034 err = 0; 1035 else { 1036 patch_count = ps_patch_download(fd, stream); 1037 fclose(stream); 1038 1039 if (patch_count < 0) { 1040 err = -EILSEQ; 1041 goto download_cmplete; 1042 } 1043 } 1044 1045 err = ps_config_download(fd, tag_count); 1046 1047 download_cmplete: 1048 if (!err) 1049 write_bdaddr_from_file(rom_version, fd); 1050 1051 return err; 1052 } 1053 1054 int ath3k_init(int fd, int speed, int init_speed, char *bdaddr, struct termios *ti) 1055 { 1056 ALOGI(" %s ", __FUNCTION__); 1057 1058 int r; 1059 int err = 0; 1060 struct timespec tm = { 0, 500000}; 1061 unsigned char cmd[MAX_CMD_LEN] = {0}; 1062 unsigned char rsp[HCI_MAX_EVENT_SIZE]; 1063 unsigned char *ptr = cmd + 1; 1064 hci_command_hdr *ch = (void *)ptr; 1065 int flags = 0; 1066 1067 if (ioctl(fd, TIOCMGET, &flags) < 0) { 1068 ALOGI("TIOCMGET failed in init\n"); 1069 return -1; 1070 } 1071 flags |= TIOCM_RTS; 1072 if (ioctl(fd, TIOCMSET, &flags) < 0) { 1073 ALOGI("TIOCMSET failed in init: HW Flow-on error\n"); 1074 return -1; 1075 } 1076 1077 /* set both controller and host baud rate to maximum possible value */ 1078 err = set_cntrlr_baud(fd, speed); 1079 ALOGI("set_cntrlr_baud : ret:%d \n", err); 1080 if (err < 0) 1081 return err; 1082 1083 err = set_speed(fd, ti, speed); 1084 if (err < 0) { 1085 ALOGI("Can't set required baud rate"); 1086 return err; 1087 } 1088 1089 /* Download PS and patch */ 1090 r = ath_ps_download(fd); 1091 if (r < 0) { 1092 ALOGI("Failed to Download configuration"); 1093 err = -ETIMEDOUT; 1094 goto failed; 1095 } 1096 1097 ALOGI("ath_ps_download is done\n"); 1098 1099 cmd[0] = HCI_COMMAND_PKT; 1100 /* Write BDADDR */ 1101 if (bdaddr) { 1102 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, 1103 HCI_PS_CMD_OCF)); 1104 ch->plen = 10; 1105 ptr += HCI_COMMAND_HDR_SIZE; 1106 1107 ptr[0] = 0x01; 1108 ptr[1] = 0x01; 1109 ptr[2] = 0x00; 1110 ptr[3] = 0x06; 1111 str2ba(bdaddr, (bdaddr_t *)(ptr + 4)); 1112 1113 if (write(fd, cmd, WRITE_BDADDR_CMD_LEN) != 1114 WRITE_BDADDR_CMD_LEN) { 1115 ALOGI("Failed to write BD_ADDR command\n"); 1116 err = -ETIMEDOUT; 1117 goto failed; 1118 } 1119 1120 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) { 1121 ALOGI("Failed to set BD_ADDR\n"); 1122 err = -ETIMEDOUT; 1123 goto failed; 1124 } 1125 } 1126 1127 /* Send HCI Reset */ 1128 cmd[1] = 0x03; 1129 cmd[2] = 0x0C; 1130 cmd[3] = 0x00; 1131 1132 r = write(fd, cmd, 4); 1133 if (r != 4) { 1134 err = -ETIMEDOUT; 1135 goto failed; 1136 } 1137 1138 nanosleep(&tm, NULL); 1139 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) { 1140 err = -ETIMEDOUT; 1141 goto failed; 1142 } 1143 1144 ALOGI("HCI Reset is done\n"); 1145 err = set_cntrlr_baud(fd, speed); 1146 if (err < 0) 1147 ALOGI("set_cntrlr_baud0:%d,%d\n", speed, err); 1148 1149 failed: 1150 if (err < 0) { 1151 set_cntrlr_baud(fd, init_speed); 1152 set_speed(fd, ti, init_speed); 1153 } 1154 1155 return err; 1156 1157 } 1158 #define BTPROTO_HCI 1 1159 1160 /* Open HCI device. 1161 * Returns device descriptor (dd). */ 1162 int hci_open_dev(int dev_id) 1163 { 1164 struct sockaddr_hci a; 1165 int dd, err; 1166 1167 /* Create HCI socket */ 1168 dd = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI); 1169 if (dd < 0) 1170 return dd; 1171 1172 /* Bind socket to the HCI device */ 1173 memset(&a, 0, sizeof(a)); 1174 a.hci_family = AF_BLUETOOTH; 1175 a.hci_dev = dev_id; 1176 if (bind(dd, (struct sockaddr *) &a, sizeof(a)) < 0) 1177 goto failed; 1178 1179 return dd; 1180 1181 failed: 1182 err = errno; 1183 close(dd); 1184 errno = err; 1185 1186 return -1; 1187 } 1188 1189 int hci_close_dev(int dd) 1190 { 1191 return close(dd); 1192 } 1193 1194 /* HCI functions that require open device 1195 * dd - Device descriptor returned by hci_open_dev. */ 1196 1197 int hci_send_cmd(int dd, uint16_t ogf, uint16_t ocf, uint8_t plen, void *param) 1198 { 1199 uint8_t type = HCI_COMMAND_PKT; 1200 hci_command_hdr hc; 1201 struct iovec iv[3]; 1202 int ivn; 1203 1204 hc.opcode = htobs(cmd_opcode_pack(ogf, ocf)); 1205 hc.plen= plen; 1206 1207 iv[0].iov_base = &type; 1208 iv[0].iov_len = 1; 1209 iv[1].iov_base = &hc; 1210 iv[1].iov_len = HCI_COMMAND_HDR_SIZE; 1211 ivn = 2; 1212 1213 if (plen) { 1214 iv[2].iov_base = param; 1215 iv[2].iov_len = plen; 1216 ivn = 3; 1217 } 1218 1219 while (writev(dd, iv, ivn) < 0) { 1220 if (errno == EAGAIN || errno == EINTR) 1221 continue; 1222 return -1; 1223 } 1224 return 0; 1225 } 1226 1227 #define HCI_SLEEP_CMD_OCF 0x04 1228 #define TIOCSETD 0x5423 1229 #define HCIUARTSETFLAGS _IOW('U', 204, int) 1230 #define HCIUARTSETPROTO _IOW('U', 200, int) 1231 #define HCIUARTGETDEVICE _IOW('U', 202, int) 1232 /* 1233 * Atheros AR300x specific initialization post callback 1234 */ 1235 int ath3k_post(int fd, int pm) 1236 { 1237 int dev_id, dd; 1238 struct timespec tm = { 0, 50000}; 1239 1240 sleep(1); 1241 1242 dev_id = ioctl(fd, HCIUARTGETDEVICE, 0); 1243 if (dev_id < 0) { 1244 perror("cannot get device id"); 1245 return dev_id; 1246 } 1247 1248 dd = hci_open_dev(dev_id); 1249 if (dd < 0) { 1250 perror("HCI device open failed"); 1251 return dd; 1252 } 1253 1254 if (ioctl(dd, HCIDEVUP, dev_id) < 0 && errno != EALREADY) { 1255 perror("hci down:Power management Disabled"); 1256 hci_close_dev(dd); 1257 return -1; 1258 } 1259 1260 /* send vendor specific command with Sleep feature Enabled */ 1261 if (hci_send_cmd(dd, OGF_VENDOR_CMD, HCI_SLEEP_CMD_OCF, 1, &pm) < 0) 1262 perror("PM command failed, power management Disabled"); 1263 1264 nanosleep(&tm, NULL); 1265 hci_close_dev(dd); 1266 1267 return 0; 1268 } 1269 1270 1271 1272 #define FLOW_CTL 0x0001 1273 #define ENABLE_PM 1 1274 #define DISABLE_PM 0 1275 1276 /* Initialize UART driver */ 1277 static int init_uart(char *dev, struct uart_t *u, int send_break, int raw) 1278 { 1279 ALOGI(" %s ", __FUNCTION__); 1280 1281 struct termios ti; 1282 1283 int i, fd; 1284 unsigned long flags = 0; 1285 1286 if (raw) 1287 flags |= 1 << HCI_UART_RAW_DEVICE; 1288 1289 1290 fd = open(dev, O_RDWR | O_NOCTTY); 1291 1292 if (fd < 0) { 1293 ALOGI("Can't open serial port"); 1294 return -1; 1295 } 1296 1297 1298 tcflush(fd, TCIOFLUSH); 1299 1300 if (tcgetattr(fd, &ti) < 0) { 1301 ALOGI("Can't get port settings: %d\n", errno); 1302 return -1; 1303 } 1304 1305 cfmakeraw(&ti); 1306 1307 ti.c_cflag |= CLOCAL; 1308 if (u->flags & FLOW_CTL) 1309 ti.c_cflag |= CRTSCTS; 1310 else 1311 ti.c_cflag &= ~CRTSCTS; 1312 1313 if (tcsetattr(fd, TCSANOW, &ti) < 0) { 1314 ALOGI("Can't set port settings"); 1315 return -1; 1316 } 1317 1318 if (set_speed(fd, &ti, u->init_speed) < 0) { 1319 ALOGI("Can't set initial baud rate"); 1320 return -1; 1321 } 1322 1323 tcflush(fd, TCIOFLUSH); 1324 1325 if (send_break) { 1326 tcsendbreak(fd, 0); 1327 usleep(500000); 1328 } 1329 1330 ath3k_init(fd,u->speed,u->init_speed,u->bdaddr, &ti); 1331 1332 ALOGI("Device setup complete\n"); 1333 1334 1335 tcflush(fd, TCIOFLUSH); 1336 1337 // Set actual baudrate 1338 /* 1339 if (set_speed(fd, &ti, u->speed) < 0) { 1340 perror("Can't set baud rate"); 1341 return -1; 1342 } 1343 1344 i = N_HCI; 1345 if (ioctl(fd, TIOCSETD, &i) < 0) { 1346 perror("Can't set line discipline"); 1347 return -1; 1348 } 1349 1350 if (flags && ioctl(fd, HCIUARTSETFLAGS, flags) < 0) { 1351 perror("Can't set UART flags"); 1352 return -1; 1353 } 1354 1355 if (ioctl(fd, HCIUARTSETPROTO, u->proto) < 0) { 1356 perror("Can't set device"); 1357 return -1; 1358 } 1359 1360 #if !defined(SW_BOARD_HAVE_BLUETOOTH_RTK) 1361 ath3k_post(fd, u->pm); 1362 #endif 1363 */ 1364 1365 return fd; 1366 } 1367 1368 1369 int hw_config_ath3k(char *port_name) 1370 { 1371 ALOGI(" %s ", __FUNCTION__); 1372 PSCounter=0; 1373 struct sigaction sa; 1374 struct uart_t u ; 1375 int n=0,send_break=0,raw=0; 1376 1377 memset(&u, 0, sizeof(u)); 1378 u.speed =3000000; 1379 u.init_speed =115200; 1380 u.flags |= FLOW_CTL; 1381 u.pm = DISABLE_PM; 1382 1383 n = init_uart(port_name, &u, send_break, raw); 1384 if (n < 0) { 1385 ALOGI("Can't initialize device"); 1386 } 1387 1388 return n; 1389 } 1390 1391 void lpm_set_ar3k(uint8_t pio, uint8_t action, uint8_t polarity) 1392 { 1393 int rc; 1394 int fd = -1; 1395 char buffer; 1396 1397 ALOGI("lpm mode: %d action: %d", pio, action); 1398 1399 RESERVED(polarity); 1400 1401 switch (pio) 1402 { 1403 case UPIO_LPM_MODE: 1404 if (upio_state[UPIO_LPM_MODE] == action) 1405 { 1406 ALOGI("LPM is %s already", lpm_mode[action]); 1407 return; 1408 } 1409 1410 fd = open(VENDOR_LPM_PROC_NODE, O_WRONLY); 1411 1412 if (fd < 0) 1413 { 1414 ALOGE("upio_set : open(%s) for write failed: %s (%d)", 1415 VENDOR_LPM_PROC_NODE, strerror(errno), errno); 1416 return; 1417 } 1418 1419 if (action == UPIO_ASSERT) 1420 { 1421 buffer = '1'; 1422 } 1423 else 1424 { 1425 buffer = '0'; 1426 } 1427 1428 if (write(fd, &buffer, 1) < 0) 1429 { 1430 ALOGE("upio_set : write(%s) failed: %s (%d)", 1431 VENDOR_LPM_PROC_NODE, strerror(errno),errno); 1432 } 1433 else 1434 { 1435 upio_state[UPIO_LPM_MODE] = action; 1436 ALOGI("LPM is set to %s", lpm_mode[action]); 1437 } 1438 1439 if (fd >= 0) 1440 close(fd); 1441 1442 break; 1443 1444 case UPIO_BT_WAKE: 1445 /* UPIO_DEASSERT should be allowed because in Rx case assert occur 1446 * from the remote side where as deassert will be initiated from Host 1447 */ 1448 if ((action == UPIO_ASSERT) && (upio_state[UPIO_BT_WAKE] == action)) 1449 { 1450 ALOGI("BT_WAKE is %s already", lpm_state[action]); 1451 1452 return; 1453 } 1454 1455 if (action == UPIO_DEASSERT) 1456 buffer = '0'; 1457 else 1458 buffer = '1'; 1459 1460 fd = open(VENDOR_BTWRITE_PROC_NODE, O_WRONLY); 1461 1462 if (fd < 0) 1463 { 1464 ALOGE("upio_set : open(%s) for write failed: %s (%d)", 1465 VENDOR_BTWRITE_PROC_NODE, strerror(errno), errno); 1466 return; 1467 } 1468 1469 if (write(fd, &buffer, 1) < 0) 1470 { 1471 ALOGE("upio_set : write(%s) failed: %s (%d)", 1472 VENDOR_BTWRITE_PROC_NODE, strerror(errno),errno); 1473 } 1474 else 1475 { 1476 upio_state[UPIO_BT_WAKE] = action; 1477 ALOGI("BT_WAKE is set to %s", lpm_state[action]); 1478 } 1479 1480 ALOGI("proc btwrite assertion"); 1481 1482 if (fd >= 0) 1483 close(fd); 1484 1485 break; 1486 1487 case UPIO_HOST_WAKE: 1488 ALOGI("upio_set: UPIO_HOST_WAKE"); 1489 break; 1490 } 1491 1492 } 1493
