1/* 2 * ng_ubt.c 3 */ 4 5/*- 6 * Copyright (c) 2001-2009 Maksim Yevmenkin <m_evmenkin@yahoo.com> 7 * All rights reserved. 8 * 9 * Redistribution and use in source and binary forms, with or without 10 * modification, are permitted provided that the following conditions 11 * are met: 12 * 1. Redistributions of source code must retain the above copyright 13 * notice, this list of conditions and the following disclaimer. 14 * 2. Redistributions in binary form must reproduce the above copyright 15 * notice, this list of conditions and the following disclaimer in the 16 * documentation and/or other materials provided with the distribution. 17 * 18 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 19 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 20 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 21 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 22 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 23 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 24 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 25 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 26 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 27 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 28 * SUCH DAMAGE. 29 * 30 * $Id: ng_ubt.c,v 1.16 2003/10/10 19:15:06 max Exp $ 31 * $FreeBSD: stable/10/sys/netgraph/bluetooth/drivers/ubt/ng_ubt.c 361916 2020-06-08 09:31:14Z hselasky $ 32 */ 33 34/* 35 * NOTE: ng_ubt2 driver has a split personality. On one side it is 36 * a USB device driver and on the other it is a Netgraph node. This 37 * driver will *NOT* create traditional /dev/ enties, only Netgraph 38 * node. 39 * 40 * NOTE ON LOCKS USED: ng_ubt2 drives uses 2 locks (mutexes) 41 * 42 * 1) sc_if_mtx - lock for device's interface #0 and #1. This lock is used 43 * by USB for any USB request going over device's interface #0 and #1, 44 * i.e. interrupt, control, bulk and isoc. transfers. 45 * 46 * 2) sc_ng_mtx - this lock is used to protect shared (between USB, Netgraph 47 * and Taskqueue) data, such as outgoing mbuf queues, task flags and hook 48 * pointer. This lock *SHOULD NOT* be grabbed for a long time. In fact, 49 * think of it as a spin lock. 50 * 51 * NOTE ON LOCKING STRATEGY: ng_ubt2 driver operates in 3 different contexts. 52 * 53 * 1) USB context. This is where all the USB related stuff happens. All 54 * callbacks run in this context. All callbacks are called (by USB) with 55 * appropriate interface lock held. It is (generally) allowed to grab 56 * any additional locks. 57 * 58 * 2) Netgraph context. This is where all the Netgraph related stuff happens. 59 * Since we mark node as WRITER, the Netgraph node will be "locked" (from 60 * Netgraph point of view). Any variable that is only modified from the 61 * Netgraph context does not require any additonal locking. It is generally 62 * *NOT* allowed to grab *ANY* additional locks. Whatever you do, *DO NOT* 63 * grab any lock in the Netgraph context that could cause de-scheduling of 64 * the Netgraph thread for significant amount of time. In fact, the only 65 * lock that is allowed in the Netgraph context is the sc_ng_mtx lock. 66 * Also make sure that any code that is called from the Netgraph context 67 * follows the rule above. 68 * 69 * 3) Taskqueue context. This is where ubt_task runs. Since we are generally 70 * NOT allowed to grab any lock that could cause de-scheduling in the 71 * Netgraph context, and, USB requires us to grab interface lock before 72 * doing things with transfers, it is safer to transition from the Netgraph 73 * context to the Taskqueue context before we can call into USB subsystem. 74 * 75 * So, to put everything together, the rules are as follows. 76 * It is OK to call from the USB context or the Taskqueue context into 77 * the Netgraph context (i.e. call NG_SEND_xxx functions). In other words 78 * it is allowed to call into the Netgraph context with locks held. 79 * Is it *NOT* OK to call from the Netgraph context into the USB context, 80 * because USB requires us to grab interface locks, and, it is safer to 81 * avoid it. So, to make things safer we set task flags to indicate which 82 * actions we want to perform and schedule ubt_task which would run in the 83 * Taskqueue context. 84 * Is is OK to call from the Taskqueue context into the USB context, 85 * and, ubt_task does just that (i.e. grabs appropriate interface locks 86 * before calling into USB). 87 * Access to the outgoing queues, task flags and hook pointer is 88 * controlled by the sc_ng_mtx lock. It is an unavoidable evil. Again, 89 * sc_ng_mtx should really be a spin lock (and it is very likely to an 90 * equivalent of spin lock due to adaptive nature of FreeBSD mutexes). 91 * All USB callbacks accept softc pointer as a private data. USB ensures 92 * that this pointer is valid. 93 */ 94 95#include <sys/stdint.h> 96#include <sys/stddef.h> 97#include <sys/param.h> 98#include <sys/queue.h> 99#include <sys/types.h> 100#include <sys/systm.h> 101#include <sys/kernel.h> 102#include <sys/bus.h> 103#include <sys/module.h> 104#include <sys/lock.h> 105#include <sys/mutex.h> 106#include <sys/condvar.h> 107#include <sys/sysctl.h> 108#include <sys/sx.h> 109#include <sys/unistd.h> 110#include <sys/callout.h> 111#include <sys/malloc.h> 112#include <sys/priv.h> 113 114#include "usbdevs.h" 115#include <dev/usb/usb.h> 116#include <dev/usb/usbdi.h> 117#include <dev/usb/usbdi_util.h> 118 119#define USB_DEBUG_VAR usb_debug 120#include <dev/usb/usb_debug.h> 121#include <dev/usb/usb_busdma.h> 122 123#include <sys/mbuf.h> 124#include <sys/taskqueue.h> 125 126#include <netgraph/ng_message.h> 127#include <netgraph/netgraph.h> 128#include <netgraph/ng_parse.h> 129#include <netgraph/bluetooth/include/ng_bluetooth.h> 130#include <netgraph/bluetooth/include/ng_hci.h> 131#include <netgraph/bluetooth/include/ng_ubt.h> 132#include <netgraph/bluetooth/drivers/ubt/ng_ubt_var.h> 133 134static int ubt_modevent(module_t, int, void *); 135static device_probe_t ubt_probe; 136static device_attach_t ubt_attach; 137static device_detach_t ubt_detach; 138 139static void ubt_task_schedule(ubt_softc_p, int); 140static task_fn_t ubt_task; 141 142#define ubt_xfer_start(sc, i) usbd_transfer_start((sc)->sc_xfer[(i)]) 143 144/* Netgraph methods */ 145static ng_constructor_t ng_ubt_constructor; 146static ng_shutdown_t ng_ubt_shutdown; 147static ng_newhook_t ng_ubt_newhook; 148static ng_connect_t ng_ubt_connect; 149static ng_disconnect_t ng_ubt_disconnect; 150static ng_rcvmsg_t ng_ubt_rcvmsg; 151static ng_rcvdata_t ng_ubt_rcvdata; 152 153/* Queue length */ 154static const struct ng_parse_struct_field ng_ubt_node_qlen_type_fields[] = 155{ 156 { "queue", &ng_parse_int32_type, }, 157 { "qlen", &ng_parse_int32_type, }, 158 { NULL, } 159}; 160static const struct ng_parse_type ng_ubt_node_qlen_type = 161{ 162 &ng_parse_struct_type, 163 &ng_ubt_node_qlen_type_fields 164}; 165 166/* Stat info */ 167static const struct ng_parse_struct_field ng_ubt_node_stat_type_fields[] = 168{ 169 { "pckts_recv", &ng_parse_uint32_type, }, 170 { "bytes_recv", &ng_parse_uint32_type, }, 171 { "pckts_sent", &ng_parse_uint32_type, }, 172 { "bytes_sent", &ng_parse_uint32_type, }, 173 { "oerrors", &ng_parse_uint32_type, }, 174 { "ierrors", &ng_parse_uint32_type, }, 175 { NULL, } 176}; 177static const struct ng_parse_type ng_ubt_node_stat_type = 178{ 179 &ng_parse_struct_type, 180 &ng_ubt_node_stat_type_fields 181}; 182 183/* Netgraph node command list */ 184static const struct ng_cmdlist ng_ubt_cmdlist[] = 185{ 186 { 187 NGM_UBT_COOKIE, 188 NGM_UBT_NODE_SET_DEBUG, 189 "set_debug", 190 &ng_parse_uint16_type, 191 NULL 192 }, 193 { 194 NGM_UBT_COOKIE, 195 NGM_UBT_NODE_GET_DEBUG, 196 "get_debug", 197 NULL, 198 &ng_parse_uint16_type 199 }, 200 { 201 NGM_UBT_COOKIE, 202 NGM_UBT_NODE_SET_QLEN, 203 "set_qlen", 204 &ng_ubt_node_qlen_type, 205 NULL 206 }, 207 { 208 NGM_UBT_COOKIE, 209 NGM_UBT_NODE_GET_QLEN, 210 "get_qlen", 211 &ng_ubt_node_qlen_type, 212 &ng_ubt_node_qlen_type 213 }, 214 { 215 NGM_UBT_COOKIE, 216 NGM_UBT_NODE_GET_STAT, 217 "get_stat", 218 NULL, 219 &ng_ubt_node_stat_type 220 }, 221 { 222 NGM_UBT_COOKIE, 223 NGM_UBT_NODE_RESET_STAT, 224 "reset_stat", 225 NULL, 226 NULL 227 }, 228 { 0, } 229}; 230 231/* Netgraph node type */ 232static struct ng_type typestruct = 233{ 234 .version = NG_ABI_VERSION, 235 .name = NG_UBT_NODE_TYPE, 236 .constructor = ng_ubt_constructor, 237 .rcvmsg = ng_ubt_rcvmsg, 238 .shutdown = ng_ubt_shutdown, 239 .newhook = ng_ubt_newhook, 240 .connect = ng_ubt_connect, 241 .rcvdata = ng_ubt_rcvdata, 242 .disconnect = ng_ubt_disconnect, 243 .cmdlist = ng_ubt_cmdlist 244}; 245 246/**************************************************************************** 247 **************************************************************************** 248 ** USB specific 249 **************************************************************************** 250 ****************************************************************************/ 251 252/* USB methods */ 253static usb_callback_t ubt_ctrl_write_callback; 254static usb_callback_t ubt_intr_read_callback; 255static usb_callback_t ubt_bulk_read_callback; 256static usb_callback_t ubt_bulk_write_callback; 257static usb_callback_t ubt_isoc_read_callback; 258static usb_callback_t ubt_isoc_write_callback; 259 260static int ubt_fwd_mbuf_up(ubt_softc_p, struct mbuf **); 261static int ubt_isoc_read_one_frame(struct usb_xfer *, int); 262 263/* 264 * USB config 265 * 266 * The following desribes usb transfers that could be submitted on USB device. 267 * 268 * Interface 0 on the USB device must present the following endpoints 269 * 1) Interrupt endpoint to receive HCI events 270 * 2) Bulk IN endpoint to receive ACL data 271 * 3) Bulk OUT endpoint to send ACL data 272 * 273 * Interface 1 on the USB device must present the following endpoints 274 * 1) Isochronous IN endpoint to receive SCO data 275 * 2) Isochronous OUT endpoint to send SCO data 276 */ 277 278static const struct usb_config ubt_config[UBT_N_TRANSFER] = 279{ 280 /* 281 * Interface #0 282 */ 283 284 /* Outgoing bulk transfer - ACL packets */ 285 [UBT_IF_0_BULK_DT_WR] = { 286 .type = UE_BULK, 287 .endpoint = UE_ADDR_ANY, 288 .direction = UE_DIR_OUT, 289 .if_index = 0, 290 .bufsize = UBT_BULK_WRITE_BUFFER_SIZE, 291 .flags = { .pipe_bof = 1, .force_short_xfer = 1, }, 292 .callback = &ubt_bulk_write_callback, 293 }, 294 /* Incoming bulk transfer - ACL packets */ 295 [UBT_IF_0_BULK_DT_RD] = { 296 .type = UE_BULK, 297 .endpoint = UE_ADDR_ANY, 298 .direction = UE_DIR_IN, 299 .if_index = 0, 300 .bufsize = UBT_BULK_READ_BUFFER_SIZE, 301 .flags = { .pipe_bof = 1, .short_xfer_ok = 1, }, 302 .callback = &ubt_bulk_read_callback, 303 }, 304 /* Incoming interrupt transfer - HCI events */ 305 [UBT_IF_0_INTR_DT_RD] = { 306 .type = UE_INTERRUPT, 307 .endpoint = UE_ADDR_ANY, 308 .direction = UE_DIR_IN, 309 .if_index = 0, 310 .flags = { .pipe_bof = 1, .short_xfer_ok = 1, }, 311 .bufsize = UBT_INTR_BUFFER_SIZE, 312 .callback = &ubt_intr_read_callback, 313 }, 314 /* Outgoing control transfer - HCI commands */ 315 [UBT_IF_0_CTRL_DT_WR] = { 316 .type = UE_CONTROL, 317 .endpoint = 0x00, /* control pipe */ 318 .direction = UE_DIR_ANY, 319 .if_index = 0, 320 .bufsize = UBT_CTRL_BUFFER_SIZE, 321 .callback = &ubt_ctrl_write_callback, 322 .timeout = 5000, /* 5 seconds */ 323 }, 324 325 /* 326 * Interface #1 327 */ 328 329 /* Incoming isochronous transfer #1 - SCO packets */ 330 [UBT_IF_1_ISOC_DT_RD1] = { 331 .type = UE_ISOCHRONOUS, 332 .endpoint = UE_ADDR_ANY, 333 .direction = UE_DIR_IN, 334 .if_index = 1, 335 .bufsize = 0, /* use "wMaxPacketSize * frames" */ 336 .frames = UBT_ISOC_NFRAMES, 337 .flags = { .short_xfer_ok = 1, }, 338 .callback = &ubt_isoc_read_callback, 339 }, 340 /* Incoming isochronous transfer #2 - SCO packets */ 341 [UBT_IF_1_ISOC_DT_RD2] = { 342 .type = UE_ISOCHRONOUS, 343 .endpoint = UE_ADDR_ANY, 344 .direction = UE_DIR_IN, 345 .if_index = 1, 346 .bufsize = 0, /* use "wMaxPacketSize * frames" */ 347 .frames = UBT_ISOC_NFRAMES, 348 .flags = { .short_xfer_ok = 1, }, 349 .callback = &ubt_isoc_read_callback, 350 }, 351 /* Outgoing isochronous transfer #1 - SCO packets */ 352 [UBT_IF_1_ISOC_DT_WR1] = { 353 .type = UE_ISOCHRONOUS, 354 .endpoint = UE_ADDR_ANY, 355 .direction = UE_DIR_OUT, 356 .if_index = 1, 357 .bufsize = 0, /* use "wMaxPacketSize * frames" */ 358 .frames = UBT_ISOC_NFRAMES, 359 .flags = { .short_xfer_ok = 1, }, 360 .callback = &ubt_isoc_write_callback, 361 }, 362 /* Outgoing isochronous transfer #2 - SCO packets */ 363 [UBT_IF_1_ISOC_DT_WR2] = { 364 .type = UE_ISOCHRONOUS, 365 .endpoint = UE_ADDR_ANY, 366 .direction = UE_DIR_OUT, 367 .if_index = 1, 368 .bufsize = 0, /* use "wMaxPacketSize * frames" */ 369 .frames = UBT_ISOC_NFRAMES, 370 .flags = { .short_xfer_ok = 1, }, 371 .callback = &ubt_isoc_write_callback, 372 }, 373}; 374 375/* 376 * If for some reason device should not be attached then put 377 * VendorID/ProductID pair into the list below. The format is 378 * as follows: 379 * 380 * { USB_VPI(VENDOR_ID, PRODUCT_ID, 0) }, 381 * 382 * where VENDOR_ID and PRODUCT_ID are hex numbers. 383 */ 384 385static const STRUCT_USB_HOST_ID ubt_ignore_devs[] = 386{ 387 /* AVM USB Bluetooth-Adapter BlueFritz! v1.0 */ 388 { USB_VPI(USB_VENDOR_AVM, 0x2200, 0) }, 389 390 /* Atheros 3011 with sflash firmware */ 391 { USB_VPI(0x0cf3, 0x3002, 0) }, 392 { USB_VPI(0x0cf3, 0xe019, 0) }, 393 { USB_VPI(0x13d3, 0x3304, 0) }, 394 { USB_VPI(0x0930, 0x0215, 0) }, 395 { USB_VPI(0x0489, 0xe03d, 0) }, 396 { USB_VPI(0x0489, 0xe027, 0) }, 397 398 /* Atheros AR9285 Malbec with sflash firmware */ 399 { USB_VPI(0x03f0, 0x311d, 0) }, 400 401 /* Atheros 3012 with sflash firmware */ 402 { USB_VPI(0x0cf3, 0x3004, 0) }, 403 { USB_VPI(0x0cf3, 0x311d, 0) }, 404 { USB_VPI(0x13d3, 0x3375, 0) }, 405 { USB_VPI(0x04ca, 0x3005, 0) }, 406 { USB_VPI(0x04ca, 0x3006, 0) }, 407 { USB_VPI(0x04ca, 0x3008, 0) }, 408 { USB_VPI(0x13d3, 0x3362, 0) }, 409 { USB_VPI(0x0cf3, 0xe004, 0) }, 410 { USB_VPI(0x0930, 0x0219, 0) }, 411 { USB_VPI(0x0489, 0xe057, 0) }, 412 { USB_VPI(0x13d3, 0x3393, 0) }, 413 { USB_VPI(0x0489, 0xe04e, 0) }, 414 { USB_VPI(0x0489, 0xe056, 0) }, 415 416 /* Atheros AR5BBU12 with sflash firmware */ 417 { USB_VPI(0x0489, 0xe02c, 0) }, 418 419 /* Atheros AR5BBU12 with sflash firmware */ 420 { USB_VPI(0x0489, 0xe03c, 0) }, 421 { USB_VPI(0x0489, 0xe036, 0) }, 422}; 423 424/* List of supported bluetooth devices */ 425static const STRUCT_USB_HOST_ID ubt_devs[] = 426{ 427 /* Generic Bluetooth class devices */ 428 { USB_IFACE_CLASS(UDCLASS_WIRELESS), 429 USB_IFACE_SUBCLASS(UDSUBCLASS_RF), 430 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) }, 431 432 /* AVM USB Bluetooth-Adapter BlueFritz! v2.0 */ 433 { USB_VPI(USB_VENDOR_AVM, 0x3800, 0) }, 434 435 /* Broadcom USB dongles, mostly BCM20702 and BCM20702A0 */ 436 { USB_VENDOR(USB_VENDOR_BROADCOM), 437 USB_IFACE_CLASS(UICLASS_VENDOR), 438 USB_IFACE_SUBCLASS(UDSUBCLASS_RF), 439 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) }, 440 441 /* Apple-specific (Broadcom) devices */ 442 { USB_VENDOR(USB_VENDOR_APPLE), 443 USB_IFACE_CLASS(UICLASS_VENDOR), 444 USB_IFACE_SUBCLASS(UDSUBCLASS_RF), 445 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) }, 446 447 /* Foxconn - Hon Hai */ 448 { USB_VENDOR(USB_VENDOR_FOXCONN), 449 USB_IFACE_CLASS(UICLASS_VENDOR), 450 USB_IFACE_SUBCLASS(UDSUBCLASS_RF), 451 USB_IFACE_PROTOCOL(UDPROTO_BLUETOOTH) }, 452 453 /* MediaTek MT76x0E */ 454 { USB_VPI(USB_VENDOR_MEDIATEK, 0x763f, 0) }, 455 456 /* Broadcom SoftSailing reporting vendor specific */ 457 { USB_VPI(USB_VENDOR_BROADCOM, 0x21e1, 0) }, 458 459 /* Apple MacBookPro 7,1 */ 460 { USB_VPI(USB_VENDOR_APPLE, 0x8213, 0) }, 461 462 /* Apple iMac11,1 */ 463 { USB_VPI(USB_VENDOR_APPLE, 0x8215, 0) }, 464 465 /* Apple MacBookPro6,2 */ 466 { USB_VPI(USB_VENDOR_APPLE, 0x8218, 0) }, 467 468 /* Apple MacBookAir3,1, MacBookAir3,2 */ 469 { USB_VPI(USB_VENDOR_APPLE, 0x821b, 0) }, 470 471 /* Apple MacBookAir4,1 */ 472 { USB_VPI(USB_VENDOR_APPLE, 0x821f, 0) }, 473 474 /* MacBookAir6,1 */ 475 { USB_VPI(USB_VENDOR_APPLE, 0x828f, 0) }, 476 477 /* Apple MacBookPro8,2 */ 478 { USB_VPI(USB_VENDOR_APPLE, 0x821a, 0) }, 479 480 /* Apple MacMini5,1 */ 481 { USB_VPI(USB_VENDOR_APPLE, 0x8281, 0) }, 482 483 /* Bluetooth Ultraport Module from IBM */ 484 { USB_VPI(USB_VENDOR_TDK, 0x030a, 0) }, 485 486 /* ALPS Modules with non-standard ID */ 487 { USB_VPI(USB_VENDOR_ALPS, 0x3001, 0) }, 488 { USB_VPI(USB_VENDOR_ALPS, 0x3002, 0) }, 489 490 { USB_VPI(USB_VENDOR_ERICSSON2, 0x1002, 0) }, 491 492 /* Canyon CN-BTU1 with HID interfaces */ 493 { USB_VPI(USB_VENDOR_CANYON, 0x0000, 0) }, 494 495 /* Broadcom BCM20702A0 */ 496 { USB_VPI(USB_VENDOR_ASUS, 0x17b5, 0) }, 497 { USB_VPI(USB_VENDOR_ASUS, 0x17cb, 0) }, 498 { USB_VPI(USB_VENDOR_LITEON, 0x2003, 0) }, 499 { USB_VPI(USB_VENDOR_FOXCONN, 0xe042, 0) }, 500 { USB_VPI(USB_VENDOR_DELL, 0x8197, 0) }, 501}; 502 503/* 504 * Probe for a USB Bluetooth device. 505 * USB context. 506 */ 507 508static int 509ubt_probe(device_t dev) 510{ 511 struct usb_attach_arg *uaa = device_get_ivars(dev); 512 int error; 513 514 if (uaa->usb_mode != USB_MODE_HOST) 515 return (ENXIO); 516 517 if (uaa->info.bIfaceIndex != 0) 518 return (ENXIO); 519 520 if (usbd_lookup_id_by_uaa(ubt_ignore_devs, 521 sizeof(ubt_ignore_devs), uaa) == 0) 522 return (ENXIO); 523 524 error = usbd_lookup_id_by_uaa(ubt_devs, sizeof(ubt_devs), uaa); 525 if (error == 0) 526 return (BUS_PROBE_GENERIC); 527 return (error); 528} /* ubt_probe */ 529 530/* 531 * Attach the device. 532 * USB context. 533 */ 534 535static int 536ubt_attach(device_t dev) 537{ 538 struct usb_attach_arg *uaa = device_get_ivars(dev); 539 struct ubt_softc *sc = device_get_softc(dev); 540 struct usb_endpoint_descriptor *ed; 541 struct usb_interface_descriptor *id; 542 struct usb_interface *iface; 543 uint32_t wMaxPacketSize; 544 uint8_t alt_index, i, j; 545 uint8_t iface_index[2] = { 0, 1 }; 546 547 device_set_usb_desc(dev); 548 549 sc->sc_dev = dev; 550 sc->sc_debug = NG_UBT_WARN_LEVEL; 551 552 /* 553 * Create Netgraph node 554 */ 555 556 if (ng_make_node_common(&typestruct, &sc->sc_node) != 0) { 557 UBT_ALERT(sc, "could not create Netgraph node\n"); 558 return (ENXIO); 559 } 560 561 /* Name Netgraph node */ 562 if (ng_name_node(sc->sc_node, device_get_nameunit(dev)) != 0) { 563 UBT_ALERT(sc, "could not name Netgraph node\n"); 564 NG_NODE_UNREF(sc->sc_node); 565 return (ENXIO); 566 } 567 NG_NODE_SET_PRIVATE(sc->sc_node, sc); 568 NG_NODE_FORCE_WRITER(sc->sc_node); 569 570 /* 571 * Initialize device softc structure 572 */ 573 574 /* initialize locks */ 575 mtx_init(&sc->sc_ng_mtx, "ubt ng", NULL, MTX_DEF); 576 mtx_init(&sc->sc_if_mtx, "ubt if", NULL, MTX_DEF | MTX_RECURSE); 577 578 /* initialize packet queues */ 579 NG_BT_MBUFQ_INIT(&sc->sc_cmdq, UBT_DEFAULT_QLEN); 580 NG_BT_MBUFQ_INIT(&sc->sc_aclq, UBT_DEFAULT_QLEN); 581 NG_BT_MBUFQ_INIT(&sc->sc_scoq, UBT_DEFAULT_QLEN); 582 583 /* initialize glue task */ 584 TASK_INIT(&sc->sc_task, 0, ubt_task, sc); 585 586 /* 587 * Configure Bluetooth USB device. Discover all required USB 588 * interfaces and endpoints. 589 * 590 * USB device must present two interfaces: 591 * 1) Interface 0 that has 3 endpoints 592 * 1) Interrupt endpoint to receive HCI events 593 * 2) Bulk IN endpoint to receive ACL data 594 * 3) Bulk OUT endpoint to send ACL data 595 * 596 * 2) Interface 1 then has 2 endpoints 597 * 1) Isochronous IN endpoint to receive SCO data 598 * 2) Isochronous OUT endpoint to send SCO data 599 * 600 * Interface 1 (with isochronous endpoints) has several alternate 601 * configurations with different packet size. 602 */ 603 604 /* 605 * For interface #1 search alternate settings, and find 606 * the descriptor with the largest wMaxPacketSize 607 */ 608 609 wMaxPacketSize = 0; 610 alt_index = 0; 611 i = 0; 612 j = 0; 613 ed = NULL; 614 615 /* 616 * Search through all the descriptors looking for the largest 617 * packet size: 618 */ 619 while ((ed = (struct usb_endpoint_descriptor *)usb_desc_foreach( 620 usbd_get_config_descriptor(uaa->device), 621 (struct usb_descriptor *)ed))) { 622 623 if ((ed->bDescriptorType == UDESC_INTERFACE) && 624 (ed->bLength >= sizeof(*id))) { 625 id = (struct usb_interface_descriptor *)ed; 626 i = id->bInterfaceNumber; 627 j = id->bAlternateSetting; 628 } 629 630 if ((ed->bDescriptorType == UDESC_ENDPOINT) && 631 (ed->bLength >= sizeof(*ed)) && 632 (i == 1)) { 633 uint32_t temp; 634 635 temp = usbd_get_max_frame_length( 636 ed, NULL, usbd_get_speed(uaa->device)); 637 if (temp > wMaxPacketSize) { 638 wMaxPacketSize = temp; 639 alt_index = j; 640 } 641 } 642 } 643 644 /* Set alt configuration on interface #1 only if we found it */ 645 if (wMaxPacketSize > 0 && 646 usbd_set_alt_interface_index(uaa->device, 1, alt_index)) { 647 UBT_ALERT(sc, "could not set alternate setting %d " \ 648 "for interface 1!\n", alt_index); 649 goto detach; 650 } 651 652 /* Setup transfers for both interfaces */ 653 if (usbd_transfer_setup(uaa->device, iface_index, sc->sc_xfer, 654 ubt_config, UBT_N_TRANSFER, sc, &sc->sc_if_mtx)) { 655 UBT_ALERT(sc, "could not allocate transfers\n"); 656 goto detach; 657 } 658 659 /* Claim all interfaces belonging to the Bluetooth part */ 660 for (i = 1;; i++) { 661 iface = usbd_get_iface(uaa->device, i); 662 if (iface == NULL) 663 break; 664 id = usbd_get_interface_descriptor(iface); 665 666 if ((id != NULL) && 667 (id->bInterfaceClass == UICLASS_WIRELESS) && 668 (id->bInterfaceSubClass == UISUBCLASS_RF) && 669 (id->bInterfaceProtocol == UIPROTO_BLUETOOTH)) { 670 usbd_set_parent_iface(uaa->device, i, 671 uaa->info.bIfaceIndex); 672 } 673 } 674 return (0); /* success */ 675 676detach: 677 ubt_detach(dev); 678 679 return (ENXIO); 680} /* ubt_attach */ 681 682/* 683 * Detach the device. 684 * USB context. 685 */ 686 687int 688ubt_detach(device_t dev) 689{ 690 struct ubt_softc *sc = device_get_softc(dev); 691 node_p node = sc->sc_node; 692 693 /* Destroy Netgraph node */ 694 if (node != NULL) { 695 sc->sc_node = NULL; 696 NG_NODE_REALLY_DIE(node); 697 ng_rmnode_self(node); 698 } 699 700 /* Make sure ubt_task in gone */ 701 taskqueue_drain(taskqueue_swi, &sc->sc_task); 702 703 /* Free USB transfers, if any */ 704 usbd_transfer_unsetup(sc->sc_xfer, UBT_N_TRANSFER); 705 706 /* Destroy queues */ 707 UBT_NG_LOCK(sc); 708 NG_BT_MBUFQ_DESTROY(&sc->sc_cmdq); 709 NG_BT_MBUFQ_DESTROY(&sc->sc_aclq); 710 NG_BT_MBUFQ_DESTROY(&sc->sc_scoq); 711 UBT_NG_UNLOCK(sc); 712 713 mtx_destroy(&sc->sc_if_mtx); 714 mtx_destroy(&sc->sc_ng_mtx); 715 716 return (0); 717} /* ubt_detach */ 718 719/* 720 * Called when outgoing control request (HCI command) has completed, i.e. 721 * HCI command was sent to the device. 722 * USB context. 723 */ 724 725static void 726ubt_ctrl_write_callback(struct usb_xfer *xfer, usb_error_t error) 727{ 728 struct ubt_softc *sc = usbd_xfer_softc(xfer); 729 struct usb_device_request req; 730 struct mbuf *m; 731 struct usb_page_cache *pc; 732 int actlen; 733 734 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 735 736 switch (USB_GET_STATE(xfer)) { 737 case USB_ST_TRANSFERRED: 738 UBT_INFO(sc, "sent %d bytes to control pipe\n", actlen); 739 UBT_STAT_BYTES_SENT(sc, actlen); 740 UBT_STAT_PCKTS_SENT(sc); 741 /* FALLTHROUGH */ 742 743 case USB_ST_SETUP: 744send_next: 745 /* Get next command mbuf, if any */ 746 UBT_NG_LOCK(sc); 747 NG_BT_MBUFQ_DEQUEUE(&sc->sc_cmdq, m); 748 UBT_NG_UNLOCK(sc); 749 750 if (m == NULL) { 751 UBT_INFO(sc, "HCI command queue is empty\n"); 752 break; /* transfer complete */ 753 } 754 755 /* Initialize a USB control request and then schedule it */ 756 bzero(&req, sizeof(req)); 757 req.bmRequestType = UBT_HCI_REQUEST; 758 USETW(req.wLength, m->m_pkthdr.len); 759 760 UBT_INFO(sc, "Sending control request, " \ 761 "bmRequestType=0x%02x, wLength=%d\n", 762 req.bmRequestType, UGETW(req.wLength)); 763 764 pc = usbd_xfer_get_frame(xfer, 0); 765 usbd_copy_in(pc, 0, &req, sizeof(req)); 766 pc = usbd_xfer_get_frame(xfer, 1); 767 usbd_m_copy_in(pc, 0, m, 0, m->m_pkthdr.len); 768 769 usbd_xfer_set_frame_len(xfer, 0, sizeof(req)); 770 usbd_xfer_set_frame_len(xfer, 1, m->m_pkthdr.len); 771 usbd_xfer_set_frames(xfer, 2); 772 773 NG_FREE_M(m); 774 775 usbd_transfer_submit(xfer); 776 break; 777 778 default: /* Error */ 779 if (error != USB_ERR_CANCELLED) { 780 UBT_WARN(sc, "control transfer failed: %s\n", 781 usbd_errstr(error)); 782 783 UBT_STAT_OERROR(sc); 784 goto send_next; 785 } 786 787 /* transfer cancelled */ 788 break; 789 } 790} /* ubt_ctrl_write_callback */ 791 792/* 793 * Called when incoming interrupt transfer (HCI event) has completed, i.e. 794 * HCI event was received from the device. 795 * USB context. 796 */ 797 798static void 799ubt_intr_read_callback(struct usb_xfer *xfer, usb_error_t error) 800{ 801 struct ubt_softc *sc = usbd_xfer_softc(xfer); 802 struct mbuf *m; 803 ng_hci_event_pkt_t *hdr; 804 struct usb_page_cache *pc; 805 int actlen; 806 807 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 808 809 m = NULL; 810 811 switch (USB_GET_STATE(xfer)) { 812 case USB_ST_TRANSFERRED: 813 /* Allocate a new mbuf */ 814 MGETHDR(m, M_NOWAIT, MT_DATA); 815 if (m == NULL) { 816 UBT_STAT_IERROR(sc); 817 goto submit_next; 818 } 819 820 MCLGET(m, M_NOWAIT); 821 if (!(m->m_flags & M_EXT)) { 822 UBT_STAT_IERROR(sc); 823 goto submit_next; 824 } 825 826 /* Add HCI packet type */ 827 *mtod(m, uint8_t *)= NG_HCI_EVENT_PKT; 828 m->m_pkthdr.len = m->m_len = 1; 829 830 if (actlen > MCLBYTES - 1) 831 actlen = MCLBYTES - 1; 832 833 pc = usbd_xfer_get_frame(xfer, 0); 834 usbd_copy_out(pc, 0, mtod(m, uint8_t *) + 1, actlen); 835 m->m_pkthdr.len += actlen; 836 m->m_len += actlen; 837 838 UBT_INFO(sc, "got %d bytes from interrupt pipe\n", 839 actlen); 840 841 /* Validate packet and send it up the stack */ 842 if (m->m_pkthdr.len < (int)sizeof(*hdr)) { 843 UBT_INFO(sc, "HCI event packet is too short\n"); 844 845 UBT_STAT_IERROR(sc); 846 goto submit_next; 847 } 848 849 hdr = mtod(m, ng_hci_event_pkt_t *); 850 if (hdr->length != (m->m_pkthdr.len - sizeof(*hdr))) { 851 UBT_ERR(sc, "Invalid HCI event packet size, " \ 852 "length=%d, pktlen=%d\n", 853 hdr->length, m->m_pkthdr.len); 854 855 UBT_STAT_IERROR(sc); 856 goto submit_next; 857 } 858 859 UBT_INFO(sc, "got complete HCI event frame, pktlen=%d, " \ 860 "length=%d\n", m->m_pkthdr.len, hdr->length); 861 862 UBT_STAT_PCKTS_RECV(sc); 863 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len); 864 865 ubt_fwd_mbuf_up(sc, &m); 866 /* m == NULL at this point */ 867 /* FALLTHROUGH */ 868 869 case USB_ST_SETUP: 870submit_next: 871 NG_FREE_M(m); /* checks for m != NULL */ 872 873 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer)); 874 usbd_transfer_submit(xfer); 875 break; 876 877 default: /* Error */ 878 if (error != USB_ERR_CANCELLED) { 879 UBT_WARN(sc, "interrupt transfer failed: %s\n", 880 usbd_errstr(error)); 881 882 /* Try to clear stall first */ 883 usbd_xfer_set_stall(xfer); 884 goto submit_next; 885 } 886 /* transfer cancelled */ 887 break; 888 } 889} /* ubt_intr_read_callback */ 890 891/* 892 * Called when incoming bulk transfer (ACL packet) has completed, i.e. 893 * ACL packet was received from the device. 894 * USB context. 895 */ 896 897static void 898ubt_bulk_read_callback(struct usb_xfer *xfer, usb_error_t error) 899{ 900 struct ubt_softc *sc = usbd_xfer_softc(xfer); 901 struct mbuf *m; 902 ng_hci_acldata_pkt_t *hdr; 903 struct usb_page_cache *pc; 904 int len; 905 int actlen; 906 907 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 908 909 m = NULL; 910 911 switch (USB_GET_STATE(xfer)) { 912 case USB_ST_TRANSFERRED: 913 /* Allocate new mbuf */ 914 MGETHDR(m, M_NOWAIT, MT_DATA); 915 if (m == NULL) { 916 UBT_STAT_IERROR(sc); 917 goto submit_next; 918 } 919 920 MCLGET(m, M_NOWAIT); 921 if (!(m->m_flags & M_EXT)) { 922 UBT_STAT_IERROR(sc); 923 goto submit_next; 924 } 925 926 /* Add HCI packet type */ 927 *mtod(m, uint8_t *)= NG_HCI_ACL_DATA_PKT; 928 m->m_pkthdr.len = m->m_len = 1; 929 930 if (actlen > MCLBYTES - 1) 931 actlen = MCLBYTES - 1; 932 933 pc = usbd_xfer_get_frame(xfer, 0); 934 usbd_copy_out(pc, 0, mtod(m, uint8_t *) + 1, actlen); 935 m->m_pkthdr.len += actlen; 936 m->m_len += actlen; 937 938 UBT_INFO(sc, "got %d bytes from bulk-in pipe\n", 939 actlen); 940 941 /* Validate packet and send it up the stack */ 942 if (m->m_pkthdr.len < (int)sizeof(*hdr)) { 943 UBT_INFO(sc, "HCI ACL packet is too short\n"); 944 945 UBT_STAT_IERROR(sc); 946 goto submit_next; 947 } 948 949 hdr = mtod(m, ng_hci_acldata_pkt_t *); 950 len = le16toh(hdr->length); 951 if (len != (int)(m->m_pkthdr.len - sizeof(*hdr))) { 952 UBT_ERR(sc, "Invalid ACL packet size, length=%d, " \ 953 "pktlen=%d\n", len, m->m_pkthdr.len); 954 955 UBT_STAT_IERROR(sc); 956 goto submit_next; 957 } 958 959 UBT_INFO(sc, "got complete ACL data packet, pktlen=%d, " \ 960 "length=%d\n", m->m_pkthdr.len, len); 961 962 UBT_STAT_PCKTS_RECV(sc); 963 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len); 964 965 ubt_fwd_mbuf_up(sc, &m); 966 /* m == NULL at this point */ 967 /* FALLTHOUGH */ 968 969 case USB_ST_SETUP: 970submit_next: 971 NG_FREE_M(m); /* checks for m != NULL */ 972 973 usbd_xfer_set_frame_len(xfer, 0, usbd_xfer_max_len(xfer)); 974 usbd_transfer_submit(xfer); 975 break; 976 977 default: /* Error */ 978 if (error != USB_ERR_CANCELLED) { 979 UBT_WARN(sc, "bulk-in transfer failed: %s\n", 980 usbd_errstr(error)); 981 982 /* Try to clear stall first */ 983 usbd_xfer_set_stall(xfer); 984 goto submit_next; 985 } 986 /* transfer cancelled */ 987 break; 988 } 989} /* ubt_bulk_read_callback */ 990 991/* 992 * Called when outgoing bulk transfer (ACL packet) has completed, i.e. 993 * ACL packet was sent to the device. 994 * USB context. 995 */ 996 997static void 998ubt_bulk_write_callback(struct usb_xfer *xfer, usb_error_t error) 999{ 1000 struct ubt_softc *sc = usbd_xfer_softc(xfer); 1001 struct mbuf *m; 1002 struct usb_page_cache *pc; 1003 int actlen; 1004 1005 usbd_xfer_status(xfer, &actlen, NULL, NULL, NULL); 1006 1007 switch (USB_GET_STATE(xfer)) { 1008 case USB_ST_TRANSFERRED: 1009 UBT_INFO(sc, "sent %d bytes to bulk-out pipe\n", actlen); 1010 UBT_STAT_BYTES_SENT(sc, actlen); 1011 UBT_STAT_PCKTS_SENT(sc); 1012 /* FALLTHROUGH */ 1013 1014 case USB_ST_SETUP: 1015send_next: 1016 /* Get next mbuf, if any */ 1017 UBT_NG_LOCK(sc); 1018 NG_BT_MBUFQ_DEQUEUE(&sc->sc_aclq, m); 1019 UBT_NG_UNLOCK(sc); 1020 1021 if (m == NULL) { 1022 UBT_INFO(sc, "ACL data queue is empty\n"); 1023 break; /* transfer completed */ 1024 } 1025 1026 /* 1027 * Copy ACL data frame back to a linear USB transfer buffer 1028 * and schedule transfer 1029 */ 1030 1031 pc = usbd_xfer_get_frame(xfer, 0); 1032 usbd_m_copy_in(pc, 0, m, 0, m->m_pkthdr.len); 1033 usbd_xfer_set_frame_len(xfer, 0, m->m_pkthdr.len); 1034 1035 UBT_INFO(sc, "bulk-out transfer has been started, len=%d\n", 1036 m->m_pkthdr.len); 1037 1038 NG_FREE_M(m); 1039 1040 usbd_transfer_submit(xfer); 1041 break; 1042 1043 default: /* Error */ 1044 if (error != USB_ERR_CANCELLED) { 1045 UBT_WARN(sc, "bulk-out transfer failed: %s\n", 1046 usbd_errstr(error)); 1047 1048 UBT_STAT_OERROR(sc); 1049 1050 /* try to clear stall first */ 1051 usbd_xfer_set_stall(xfer); 1052 goto send_next; 1053 } 1054 /* transfer cancelled */ 1055 break; 1056 } 1057} /* ubt_bulk_write_callback */ 1058 1059/* 1060 * Called when incoming isoc transfer (SCO packet) has completed, i.e. 1061 * SCO packet was received from the device. 1062 * USB context. 1063 */ 1064 1065static void 1066ubt_isoc_read_callback(struct usb_xfer *xfer, usb_error_t error) 1067{ 1068 struct ubt_softc *sc = usbd_xfer_softc(xfer); 1069 int n; 1070 int actlen, nframes; 1071 1072 usbd_xfer_status(xfer, &actlen, NULL, NULL, &nframes); 1073 1074 switch (USB_GET_STATE(xfer)) { 1075 case USB_ST_TRANSFERRED: 1076 for (n = 0; n < nframes; n ++) 1077 if (ubt_isoc_read_one_frame(xfer, n) < 0) 1078 break; 1079 /* FALLTHROUGH */ 1080 1081 case USB_ST_SETUP: 1082read_next: 1083 for (n = 0; n < nframes; n ++) 1084 usbd_xfer_set_frame_len(xfer, n, 1085 usbd_xfer_max_framelen(xfer)); 1086 1087 usbd_transfer_submit(xfer); 1088 break; 1089 1090 default: /* Error */ 1091 if (error != USB_ERR_CANCELLED) { 1092 UBT_STAT_IERROR(sc); 1093 goto read_next; 1094 } 1095 1096 /* transfer cancelled */ 1097 break; 1098 } 1099} /* ubt_isoc_read_callback */ 1100 1101/* 1102 * Helper function. Called from ubt_isoc_read_callback() to read 1103 * SCO data from one frame. 1104 * USB context. 1105 */ 1106 1107static int 1108ubt_isoc_read_one_frame(struct usb_xfer *xfer, int frame_no) 1109{ 1110 struct ubt_softc *sc = usbd_xfer_softc(xfer); 1111 struct usb_page_cache *pc; 1112 struct mbuf *m; 1113 int len, want, got, total; 1114 1115 /* Get existing SCO reassembly buffer */ 1116 pc = usbd_xfer_get_frame(xfer, 0); 1117 m = sc->sc_isoc_in_buffer; 1118 total = usbd_xfer_frame_len(xfer, frame_no); 1119 1120 /* While we have data in the frame */ 1121 while (total > 0) { 1122 if (m == NULL) { 1123 /* Start new reassembly buffer */ 1124 MGETHDR(m, M_NOWAIT, MT_DATA); 1125 if (m == NULL) { 1126 UBT_STAT_IERROR(sc); 1127 return (-1); /* XXX out of sync! */ 1128 } 1129 1130 MCLGET(m, M_NOWAIT); 1131 if (!(m->m_flags & M_EXT)) { 1132 UBT_STAT_IERROR(sc); 1133 NG_FREE_M(m); 1134 return (-1); /* XXX out of sync! */ 1135 } 1136 1137 /* Expect SCO header */ 1138 *mtod(m, uint8_t *) = NG_HCI_SCO_DATA_PKT; 1139 m->m_pkthdr.len = m->m_len = got = 1; 1140 want = sizeof(ng_hci_scodata_pkt_t); 1141 } else { 1142 /* 1143 * Check if we have SCO header and if so 1144 * adjust amount of data we want 1145 */ 1146 got = m->m_pkthdr.len; 1147 want = sizeof(ng_hci_scodata_pkt_t); 1148 1149 if (got >= want) 1150 want += mtod(m, ng_hci_scodata_pkt_t *)->length; 1151 } 1152 1153 /* Append frame data to the SCO reassembly buffer */ 1154 len = total; 1155 if (got + len > want) 1156 len = want - got; 1157 1158 usbd_copy_out(pc, frame_no * usbd_xfer_max_framelen(xfer), 1159 mtod(m, uint8_t *) + m->m_pkthdr.len, len); 1160 1161 m->m_pkthdr.len += len; 1162 m->m_len += len; 1163 total -= len; 1164 1165 /* Check if we got everything we wanted, if not - continue */ 1166 if (got != want) 1167 continue; 1168 1169 /* If we got here then we got complete SCO frame */ 1170 UBT_INFO(sc, "got complete SCO data frame, pktlen=%d, " \ 1171 "length=%d\n", m->m_pkthdr.len, 1172 mtod(m, ng_hci_scodata_pkt_t *)->length); 1173 1174 UBT_STAT_PCKTS_RECV(sc); 1175 UBT_STAT_BYTES_RECV(sc, m->m_pkthdr.len); 1176 1177 ubt_fwd_mbuf_up(sc, &m); 1178 /* m == NULL at this point */ 1179 } 1180 1181 /* Put SCO reassembly buffer back */ 1182 sc->sc_isoc_in_buffer = m; 1183 1184 return (0); 1185} /* ubt_isoc_read_one_frame */ 1186 1187/* 1188 * Called when outgoing isoc transfer (SCO packet) has completed, i.e. 1189 * SCO packet was sent to the device. 1190 * USB context. 1191 */ 1192 1193static void 1194ubt_isoc_write_callback(struct usb_xfer *xfer, usb_error_t error) 1195{ 1196 struct ubt_softc *sc = usbd_xfer_softc(xfer); 1197 struct usb_page_cache *pc; 1198 struct mbuf *m; 1199 int n, space, offset; 1200 int actlen, nframes; 1201 1202 usbd_xfer_status(xfer, &actlen, NULL, NULL, &nframes); 1203 pc = usbd_xfer_get_frame(xfer, 0); 1204 1205 switch (USB_GET_STATE(xfer)) { 1206 case USB_ST_TRANSFERRED: 1207 UBT_INFO(sc, "sent %d bytes to isoc-out pipe\n", actlen); 1208 UBT_STAT_BYTES_SENT(sc, actlen); 1209 UBT_STAT_PCKTS_SENT(sc); 1210 /* FALLTHROUGH */ 1211 1212 case USB_ST_SETUP: 1213send_next: 1214 offset = 0; 1215 space = usbd_xfer_max_framelen(xfer) * nframes; 1216 m = NULL; 1217 1218 while (space > 0) { 1219 if (m == NULL) { 1220 UBT_NG_LOCK(sc); 1221 NG_BT_MBUFQ_DEQUEUE(&sc->sc_scoq, m); 1222 UBT_NG_UNLOCK(sc); 1223 1224 if (m == NULL) 1225 break; 1226 } 1227 1228 n = min(space, m->m_pkthdr.len); 1229 if (n > 0) { 1230 usbd_m_copy_in(pc, offset, m,0, n); 1231 m_adj(m, n); 1232 1233 offset += n; 1234 space -= n; 1235 } 1236 1237 if (m->m_pkthdr.len == 0) 1238 NG_FREE_M(m); /* sets m = NULL */ 1239 } 1240 1241 /* Put whatever is left from mbuf back on queue */ 1242 if (m != NULL) { 1243 UBT_NG_LOCK(sc); 1244 NG_BT_MBUFQ_PREPEND(&sc->sc_scoq, m); 1245 UBT_NG_UNLOCK(sc); 1246 } 1247 1248 /* 1249 * Calculate sizes for isoc frames. 1250 * Note that offset could be 0 at this point (i.e. we have 1251 * nothing to send). That is fine, as we have isoc. transfers 1252 * going in both directions all the time. In this case it 1253 * would be just empty isoc. transfer. 1254 */ 1255 1256 for (n = 0; n < nframes; n ++) { 1257 usbd_xfer_set_frame_len(xfer, n, 1258 min(offset, usbd_xfer_max_framelen(xfer))); 1259 offset -= usbd_xfer_frame_len(xfer, n); 1260 } 1261 1262 usbd_transfer_submit(xfer); 1263 break; 1264 1265 default: /* Error */ 1266 if (error != USB_ERR_CANCELLED) { 1267 UBT_STAT_OERROR(sc); 1268 goto send_next; 1269 } 1270 1271 /* transfer cancelled */ 1272 break; 1273 } 1274} 1275 1276/* 1277 * Utility function to forward provided mbuf upstream (i.e. up the stack). 1278 * Modifies value of the mbuf pointer (sets it to NULL). 1279 * Save to call from any context. 1280 */ 1281 1282static int 1283ubt_fwd_mbuf_up(ubt_softc_p sc, struct mbuf **m) 1284{ 1285 hook_p hook; 1286 int error; 1287 1288 /* 1289 * Close the race with Netgraph hook newhook/disconnect methods. 1290 * Save the hook pointer atomically. Two cases are possible: 1291 * 1292 * 1) The hook pointer is NULL. It means disconnect method got 1293 * there first. In this case we are done. 1294 * 1295 * 2) The hook pointer is not NULL. It means that hook pointer 1296 * could be either in valid or invalid (i.e. in the process 1297 * of disconnect) state. In any case grab an extra reference 1298 * to protect the hook pointer. 1299 * 1300 * It is ok to pass hook in invalid state to NG_SEND_DATA_ONLY() as 1301 * it checks for it. Drop extra reference after NG_SEND_DATA_ONLY(). 1302 */ 1303 1304 UBT_NG_LOCK(sc); 1305 if ((hook = sc->sc_hook) != NULL) 1306 NG_HOOK_REF(hook); 1307 UBT_NG_UNLOCK(sc); 1308 1309 if (hook == NULL) { 1310 NG_FREE_M(*m); 1311 return (ENETDOWN); 1312 } 1313 1314 NG_SEND_DATA_ONLY(error, hook, *m); 1315 NG_HOOK_UNREF(hook); 1316 1317 if (error != 0) 1318 UBT_STAT_IERROR(sc); 1319 1320 return (error); 1321} /* ubt_fwd_mbuf_up */ 1322 1323/**************************************************************************** 1324 **************************************************************************** 1325 ** Glue 1326 **************************************************************************** 1327 ****************************************************************************/ 1328 1329/* 1330 * Schedule glue task. Should be called with sc_ng_mtx held. 1331 * Netgraph context. 1332 */ 1333 1334static void 1335ubt_task_schedule(ubt_softc_p sc, int action) 1336{ 1337 mtx_assert(&sc->sc_ng_mtx, MA_OWNED); 1338 1339 /* 1340 * Try to handle corner case when "start all" and "stop all" 1341 * actions can both be set before task is executed. 1342 * 1343 * The rules are 1344 * 1345 * sc_task_flags action new sc_task_flags 1346 * ------------------------------------------------------ 1347 * 0 start start 1348 * 0 stop stop 1349 * start start start 1350 * start stop stop 1351 * stop start stop|start 1352 * stop stop stop 1353 * stop|start start stop|start 1354 * stop|start stop stop 1355 */ 1356 1357 if (action != 0) { 1358 if ((action & UBT_FLAG_T_STOP_ALL) != 0) 1359 sc->sc_task_flags &= ~UBT_FLAG_T_START_ALL; 1360 1361 sc->sc_task_flags |= action; 1362 } 1363 1364 if (sc->sc_task_flags & UBT_FLAG_T_PENDING) 1365 return; 1366 1367 if (taskqueue_enqueue(taskqueue_swi, &sc->sc_task) == 0) { 1368 sc->sc_task_flags |= UBT_FLAG_T_PENDING; 1369 return; 1370 } 1371 1372 /* XXX: i think this should never happen */ 1373} /* ubt_task_schedule */ 1374 1375/* 1376 * Glue task. Examines sc_task_flags and does things depending on it. 1377 * Taskqueue context. 1378 */ 1379 1380static void 1381ubt_task(void *context, int pending) 1382{ 1383 ubt_softc_p sc = context; 1384 int task_flags, i; 1385 1386 UBT_NG_LOCK(sc); 1387 task_flags = sc->sc_task_flags; 1388 sc->sc_task_flags = 0; 1389 UBT_NG_UNLOCK(sc); 1390 1391 /* 1392 * Stop all USB transfers synchronously. 1393 * Stop interface #0 and #1 transfers at the same time and in the 1394 * same loop. usbd_transfer_drain() will do appropriate locking. 1395 */ 1396 1397 if (task_flags & UBT_FLAG_T_STOP_ALL) 1398 for (i = 0; i < UBT_N_TRANSFER; i ++) 1399 usbd_transfer_drain(sc->sc_xfer[i]); 1400 1401 /* Start incoming interrupt and bulk, and all isoc. USB transfers */ 1402 if (task_flags & UBT_FLAG_T_START_ALL) { 1403 /* 1404 * Interface #0 1405 */ 1406 1407 mtx_lock(&sc->sc_if_mtx); 1408 1409 ubt_xfer_start(sc, UBT_IF_0_INTR_DT_RD); 1410 ubt_xfer_start(sc, UBT_IF_0_BULK_DT_RD); 1411 1412 /* 1413 * Interface #1 1414 * Start both read and write isoc. transfers by default. 1415 * Get them going all the time even if we have nothing 1416 * to send to avoid any delays. 1417 */ 1418 1419 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_RD1); 1420 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_RD2); 1421 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_WR1); 1422 ubt_xfer_start(sc, UBT_IF_1_ISOC_DT_WR2); 1423 1424 mtx_unlock(&sc->sc_if_mtx); 1425 } 1426 1427 /* Start outgoing control transfer */ 1428 if (task_flags & UBT_FLAG_T_START_CTRL) { 1429 mtx_lock(&sc->sc_if_mtx); 1430 ubt_xfer_start(sc, UBT_IF_0_CTRL_DT_WR); 1431 mtx_unlock(&sc->sc_if_mtx); 1432 } 1433 1434 /* Start outgoing bulk transfer */ 1435 if (task_flags & UBT_FLAG_T_START_BULK) { 1436 mtx_lock(&sc->sc_if_mtx); 1437 ubt_xfer_start(sc, UBT_IF_0_BULK_DT_WR); 1438 mtx_unlock(&sc->sc_if_mtx); 1439 } 1440} /* ubt_task */ 1441 1442/**************************************************************************** 1443 **************************************************************************** 1444 ** Netgraph specific 1445 **************************************************************************** 1446 ****************************************************************************/ 1447 1448/* 1449 * Netgraph node constructor. Do not allow to create node of this type. 1450 * Netgraph context. 1451 */ 1452 1453static int 1454ng_ubt_constructor(node_p node) 1455{ 1456 return (EINVAL); 1457} /* ng_ubt_constructor */ 1458 1459/* 1460 * Netgraph node destructor. Destroy node only when device has been detached. 1461 * Netgraph context. 1462 */ 1463 1464static int 1465ng_ubt_shutdown(node_p node) 1466{ 1467 if (node->nd_flags & NGF_REALLY_DIE) { 1468 /* 1469 * We came here because the USB device is being 1470 * detached, so stop being persistant. 1471 */ 1472 NG_NODE_SET_PRIVATE(node, NULL); 1473 NG_NODE_UNREF(node); 1474 } else 1475 NG_NODE_REVIVE(node); /* tell ng_rmnode we are persisant */ 1476 1477 return (0); 1478} /* ng_ubt_shutdown */ 1479 1480/* 1481 * Create new hook. There can only be one. 1482 * Netgraph context. 1483 */ 1484 1485static int 1486ng_ubt_newhook(node_p node, hook_p hook, char const *name) 1487{ 1488 struct ubt_softc *sc = NG_NODE_PRIVATE(node); 1489 1490 if (strcmp(name, NG_UBT_HOOK) != 0) 1491 return (EINVAL); 1492 1493 UBT_NG_LOCK(sc); 1494 if (sc->sc_hook != NULL) { 1495 UBT_NG_UNLOCK(sc); 1496 1497 return (EISCONN); 1498 } 1499 1500 sc->sc_hook = hook; 1501 UBT_NG_UNLOCK(sc); 1502 1503 return (0); 1504} /* ng_ubt_newhook */ 1505 1506/* 1507 * Connect hook. Start incoming USB transfers. 1508 * Netgraph context. 1509 */ 1510 1511static int 1512ng_ubt_connect(hook_p hook) 1513{ 1514 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 1515 1516 NG_HOOK_FORCE_QUEUE(NG_HOOK_PEER(hook)); 1517 1518 UBT_NG_LOCK(sc); 1519 ubt_task_schedule(sc, UBT_FLAG_T_START_ALL); 1520 UBT_NG_UNLOCK(sc); 1521 1522 return (0); 1523} /* ng_ubt_connect */ 1524 1525/* 1526 * Disconnect hook. 1527 * Netgraph context. 1528 */ 1529 1530static int 1531ng_ubt_disconnect(hook_p hook) 1532{ 1533 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 1534 1535 UBT_NG_LOCK(sc); 1536 1537 if (hook != sc->sc_hook) { 1538 UBT_NG_UNLOCK(sc); 1539 1540 return (EINVAL); 1541 } 1542 1543 sc->sc_hook = NULL; 1544 1545 /* Kick off task to stop all USB xfers */ 1546 ubt_task_schedule(sc, UBT_FLAG_T_STOP_ALL); 1547 1548 /* Drain queues */ 1549 NG_BT_MBUFQ_DRAIN(&sc->sc_cmdq); 1550 NG_BT_MBUFQ_DRAIN(&sc->sc_aclq); 1551 NG_BT_MBUFQ_DRAIN(&sc->sc_scoq); 1552 1553 UBT_NG_UNLOCK(sc); 1554 1555 return (0); 1556} /* ng_ubt_disconnect */ 1557 1558/* 1559 * Process control message. 1560 * Netgraph context. 1561 */ 1562 1563static int 1564ng_ubt_rcvmsg(node_p node, item_p item, hook_p lasthook) 1565{ 1566 struct ubt_softc *sc = NG_NODE_PRIVATE(node); 1567 struct ng_mesg *msg, *rsp = NULL; 1568 struct ng_bt_mbufq *q; 1569 int error = 0, queue, qlen; 1570 1571 NGI_GET_MSG(item, msg); 1572 1573 switch (msg->header.typecookie) { 1574 case NGM_GENERIC_COOKIE: 1575 switch (msg->header.cmd) { 1576 case NGM_TEXT_STATUS: 1577 NG_MKRESPONSE(rsp, msg, NG_TEXTRESPONSE, M_NOWAIT); 1578 if (rsp == NULL) { 1579 error = ENOMEM; 1580 break; 1581 } 1582 1583 snprintf(rsp->data, NG_TEXTRESPONSE, 1584 "Hook: %s\n" \ 1585 "Task flags: %#x\n" \ 1586 "Debug: %d\n" \ 1587 "CMD queue: [have:%d,max:%d]\n" \ 1588 "ACL queue: [have:%d,max:%d]\n" \ 1589 "SCO queue: [have:%d,max:%d]", 1590 (sc->sc_hook != NULL) ? NG_UBT_HOOK : "", 1591 sc->sc_task_flags, 1592 sc->sc_debug, 1593 sc->sc_cmdq.len, 1594 sc->sc_cmdq.maxlen, 1595 sc->sc_aclq.len, 1596 sc->sc_aclq.maxlen, 1597 sc->sc_scoq.len, 1598 sc->sc_scoq.maxlen); 1599 break; 1600 1601 default: 1602 error = EINVAL; 1603 break; 1604 } 1605 break; 1606 1607 case NGM_UBT_COOKIE: 1608 switch (msg->header.cmd) { 1609 case NGM_UBT_NODE_SET_DEBUG: 1610 if (msg->header.arglen != sizeof(ng_ubt_node_debug_ep)){ 1611 error = EMSGSIZE; 1612 break; 1613 } 1614 1615 sc->sc_debug = *((ng_ubt_node_debug_ep *) (msg->data)); 1616 break; 1617 1618 case NGM_UBT_NODE_GET_DEBUG: 1619 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_debug_ep), 1620 M_NOWAIT); 1621 if (rsp == NULL) { 1622 error = ENOMEM; 1623 break; 1624 } 1625 1626 *((ng_ubt_node_debug_ep *) (rsp->data)) = sc->sc_debug; 1627 break; 1628 1629 case NGM_UBT_NODE_SET_QLEN: 1630 if (msg->header.arglen != sizeof(ng_ubt_node_qlen_ep)) { 1631 error = EMSGSIZE; 1632 break; 1633 } 1634 1635 queue = ((ng_ubt_node_qlen_ep *) (msg->data))->queue; 1636 qlen = ((ng_ubt_node_qlen_ep *) (msg->data))->qlen; 1637 1638 switch (queue) { 1639 case NGM_UBT_NODE_QUEUE_CMD: 1640 q = &sc->sc_cmdq; 1641 break; 1642 1643 case NGM_UBT_NODE_QUEUE_ACL: 1644 q = &sc->sc_aclq; 1645 break; 1646 1647 case NGM_UBT_NODE_QUEUE_SCO: 1648 q = &sc->sc_scoq; 1649 break; 1650 1651 default: 1652 error = EINVAL; 1653 goto done; 1654 /* NOT REACHED */ 1655 } 1656 1657 q->maxlen = qlen; 1658 break; 1659 1660 case NGM_UBT_NODE_GET_QLEN: 1661 if (msg->header.arglen != sizeof(ng_ubt_node_qlen_ep)) { 1662 error = EMSGSIZE; 1663 break; 1664 } 1665 1666 queue = ((ng_ubt_node_qlen_ep *) (msg->data))->queue; 1667 1668 switch (queue) { 1669 case NGM_UBT_NODE_QUEUE_CMD: 1670 q = &sc->sc_cmdq; 1671 break; 1672 1673 case NGM_UBT_NODE_QUEUE_ACL: 1674 q = &sc->sc_aclq; 1675 break; 1676 1677 case NGM_UBT_NODE_QUEUE_SCO: 1678 q = &sc->sc_scoq; 1679 break; 1680 1681 default: 1682 error = EINVAL; 1683 goto done; 1684 /* NOT REACHED */ 1685 } 1686 1687 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_qlen_ep), 1688 M_NOWAIT); 1689 if (rsp == NULL) { 1690 error = ENOMEM; 1691 break; 1692 } 1693 1694 ((ng_ubt_node_qlen_ep *) (rsp->data))->queue = queue; 1695 ((ng_ubt_node_qlen_ep *) (rsp->data))->qlen = q->maxlen; 1696 break; 1697 1698 case NGM_UBT_NODE_GET_STAT: 1699 NG_MKRESPONSE(rsp, msg, sizeof(ng_ubt_node_stat_ep), 1700 M_NOWAIT); 1701 if (rsp == NULL) { 1702 error = ENOMEM; 1703 break; 1704 } 1705 1706 bcopy(&sc->sc_stat, rsp->data, 1707 sizeof(ng_ubt_node_stat_ep)); 1708 break; 1709 1710 case NGM_UBT_NODE_RESET_STAT: 1711 UBT_STAT_RESET(sc); 1712 break; 1713 1714 default: 1715 error = EINVAL; 1716 break; 1717 } 1718 break; 1719 1720 default: 1721 error = EINVAL; 1722 break; 1723 } 1724done: 1725 NG_RESPOND_MSG(error, node, item, rsp); 1726 NG_FREE_MSG(msg); 1727 1728 return (error); 1729} /* ng_ubt_rcvmsg */ 1730 1731/* 1732 * Process data. 1733 * Netgraph context. 1734 */ 1735 1736static int 1737ng_ubt_rcvdata(hook_p hook, item_p item) 1738{ 1739 struct ubt_softc *sc = NG_NODE_PRIVATE(NG_HOOK_NODE(hook)); 1740 struct mbuf *m; 1741 struct ng_bt_mbufq *q; 1742 int action, error = 0; 1743 1744 if (hook != sc->sc_hook) { 1745 error = EINVAL; 1746 goto done; 1747 } 1748 1749 /* Deatch mbuf and get HCI frame type */ 1750 NGI_GET_M(item, m); 1751 1752 /* 1753 * Minimal size of the HCI frame is 4 bytes: 1 byte frame type, 1754 * 2 bytes connection handle and at least 1 byte of length. 1755 * Panic on data frame that has size smaller than 4 bytes (it 1756 * should not happen) 1757 */ 1758 1759 if (m->m_pkthdr.len < 4) 1760 panic("HCI frame size is too small! pktlen=%d\n", 1761 m->m_pkthdr.len); 1762 1763 /* Process HCI frame */ 1764 switch (*mtod(m, uint8_t *)) { /* XXX call m_pullup ? */ 1765 case NG_HCI_CMD_PKT: 1766 if (m->m_pkthdr.len - 1 > (int)UBT_CTRL_BUFFER_SIZE) 1767 panic("HCI command frame size is too big! " \ 1768 "buffer size=%zd, packet len=%d\n", 1769 UBT_CTRL_BUFFER_SIZE, m->m_pkthdr.len); 1770 1771 q = &sc->sc_cmdq; 1772 action = UBT_FLAG_T_START_CTRL; 1773 break; 1774 1775 case NG_HCI_ACL_DATA_PKT: 1776 if (m->m_pkthdr.len - 1 > UBT_BULK_WRITE_BUFFER_SIZE) 1777 panic("ACL data frame size is too big! " \ 1778 "buffer size=%d, packet len=%d\n", 1779 UBT_BULK_WRITE_BUFFER_SIZE, m->m_pkthdr.len); 1780 1781 q = &sc->sc_aclq; 1782 action = UBT_FLAG_T_START_BULK; 1783 break; 1784 1785 case NG_HCI_SCO_DATA_PKT: 1786 q = &sc->sc_scoq; 1787 action = 0; 1788 break; 1789 1790 default: 1791 UBT_ERR(sc, "Dropping unsupported HCI frame, type=0x%02x, " \ 1792 "pktlen=%d\n", *mtod(m, uint8_t *), m->m_pkthdr.len); 1793 1794 NG_FREE_M(m); 1795 error = EINVAL; 1796 goto done; 1797 /* NOT REACHED */ 1798 } 1799 1800 UBT_NG_LOCK(sc); 1801 if (NG_BT_MBUFQ_FULL(q)) { 1802 NG_BT_MBUFQ_DROP(q); 1803 UBT_NG_UNLOCK(sc); 1804 1805 UBT_ERR(sc, "Dropping HCI frame 0x%02x, len=%d. Queue full\n", 1806 *mtod(m, uint8_t *), m->m_pkthdr.len); 1807 1808 NG_FREE_M(m); 1809 } else { 1810 /* Loose HCI packet type, enqueue mbuf and kick off task */ 1811 m_adj(m, sizeof(uint8_t)); 1812 NG_BT_MBUFQ_ENQUEUE(q, m); 1813 ubt_task_schedule(sc, action); 1814 UBT_NG_UNLOCK(sc); 1815 } 1816done: 1817 NG_FREE_ITEM(item); 1818 1819 return (error); 1820} /* ng_ubt_rcvdata */ 1821 1822/**************************************************************************** 1823 **************************************************************************** 1824 ** Module 1825 **************************************************************************** 1826 ****************************************************************************/ 1827 1828/* 1829 * Load/Unload the driver module 1830 */ 1831 1832static int 1833ubt_modevent(module_t mod, int event, void *data) 1834{ 1835 int error; 1836 1837 switch (event) { 1838 case MOD_LOAD: 1839 error = ng_newtype(&typestruct); 1840 if (error != 0) 1841 printf("%s: Could not register Netgraph node type, " \ 1842 "error=%d\n", NG_UBT_NODE_TYPE, error); 1843 break; 1844 1845 case MOD_UNLOAD: 1846 error = ng_rmtype(&typestruct); 1847 break; 1848 1849 default: 1850 error = EOPNOTSUPP; 1851 break; 1852 } 1853 1854 return (error); 1855} /* ubt_modevent */ 1856 1857static devclass_t ubt_devclass; 1858 1859static device_method_t ubt_methods[] = 1860{ 1861 DEVMETHOD(device_probe, ubt_probe), 1862 DEVMETHOD(device_attach, ubt_attach), 1863 DEVMETHOD(device_detach, ubt_detach), 1864 DEVMETHOD_END 1865}; 1866 1867static driver_t ubt_driver = 1868{ 1869 .name = "ubt", 1870 .methods = ubt_methods, 1871 .size = sizeof(struct ubt_softc), 1872}; 1873 1874DRIVER_MODULE(ng_ubt, uhub, ubt_driver, ubt_devclass, ubt_modevent, 0); 1875MODULE_VERSION(ng_ubt, NG_BLUETOOTH_VERSION); 1876MODULE_DEPEND(ng_ubt, netgraph, NG_ABI_VERSION, NG_ABI_VERSION, NG_ABI_VERSION); 1877MODULE_DEPEND(ng_ubt, ng_hci, NG_BLUETOOTH_VERSION, NG_BLUETOOTH_VERSION, NG_BLUETOOTH_VERSION); 1878MODULE_DEPEND(ng_ubt, usb, 1, 1, 1); 1879 1880