1 /*
2 *
3 * Copyright (c) 2013, The Linux Foundation. All rights reserved.
4 * Not a Contribution.
5 *
6 * Copyright 2012 The Android Open Source Project
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you
9 * may not use this file except in compliance with the License. You may
10 * obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
17 * implied. See the License for the specific language governing
18 * permissions and limitations under the License.
19 *
20 */
21
22 /******************************************************************************
23 *
24 * Filename: hw_ar3k.c
25 *
26 * Description: Contains controller-specific functions, like
27 * firmware patch download
28 * low power mode operations
29 *
30 ******************************************************************************/
31 #ifdef __cplusplus
32 extern "C" {
33 #endif
34
35 #define LOG_TAG "bt_vendor"
36
37 #include <sys/socket.h>
38 #include <utils/Log.h>
39 #include <sys/types.h>
40 #include <sys/stat.h>
41 #include <signal.h>
42 #include <time.h>
43 #include <errno.h>
44 #include <fcntl.h>
45 #include <dirent.h>
46 #include <ctype.h>
47 #include <cutils/properties.h>
48 #include <stdbool.h>
49 #include <stdlib.h>
50 #include <string.h>
51 #include <termios.h>
52
53 #include "bt_hci_bdroid.h"
54 #include "hci_uart.h"
55 #include "hw_ar3k.h"
56
57 /******************************************************************************
58 ** Variables
59 ******************************************************************************/
60 int cbstat = 0;
61 #define PATCH_LOC_STRING_LEN 8
62 char ARbyte[3];
63 char ARptr[MAX_PATCH_CMD + 1];
64 int byte_cnt;
65 int patch_count = 0;
66 char patch_loc[PATCH_LOC_STRING_LEN + 1];
67 int PSCounter=0;
68
69 uint32_t dev_type = 0;
70 uint32_t rom_version = 0;
71 uint32_t build_version = 0;
72
73 char patch_file[PATH_MAX];
74 char ps_file[PATH_MAX];
75 FILE *stream;
76 int tag_count=0;
77
78 /* for friendly debugging outpout string */
79 static char *lpm_mode[] = {
80 "UNKNOWN",
81 "disabled",
82 "enabled"
83 };
84
85 static char *lpm_state[] = {
86 "UNKNOWN",
87 "de-asserted",
88 "asserted"
89 };
90
91 static uint8_t upio_state[UPIO_MAX_COUNT];
92 struct ps_cfg_entry ps_list[MAX_TAGS];
93
94 #define PS_EVENT_LEN 100
95
96 #ifdef __cplusplus
97 }
98 #endif
99
100 /*****************************************************************************
101 ** Functions
102 *****************************************************************************/
103
is_bt_soc_ath()104 int is_bt_soc_ath() {
105 int ret = 0;
106 char bt_soc_type[PROPERTY_VALUE_MAX];
107 ret = property_get("qcom.bluetooth.soc", bt_soc_type, NULL);
108 if (ret != 0) {
109 ALOGI("qcom.bluetooth.soc set to %s\n", bt_soc_type);
110 if (!strncasecmp(bt_soc_type, "ath3k", sizeof("ath3k")))
111 return 1;
112 } else {
113 ALOGI("qcom.bluetooth.soc not set, so using default.\n");
114 }
115
116 return 0;
117 }
118
119 /*
120 * Send HCI command and wait for command complete event.
121 * The event buffer has to be freed by the caller.
122 */
123
send_hci_cmd_sync(int dev,uint8_t * cmd,int len,uint8_t ** event)124 static int send_hci_cmd_sync(int dev, uint8_t *cmd, int len, uint8_t **event)
125 {
126 int err;
127 uint8_t *hci_event;
128 uint8_t pkt_type = HCI_COMMAND_PKT;
129
130 if (len == 0)
131 return len;
132
133 if (write(dev, &pkt_type, 1) != 1)
134 return -EILSEQ;
135 if (write(dev, (unsigned char *)cmd, len) != len)
136 return -EILSEQ;
137
138 hci_event = (uint8_t *)malloc(PS_EVENT_LEN);
139 if (!hci_event)
140 return -ENOMEM;
141
142 err = read_hci_event(dev, (unsigned char *)hci_event, PS_EVENT_LEN);
143 if (err > 0) {
144 *event = hci_event;
145 } else {
146 free(hci_event);
147 return -EILSEQ;
148 }
149
150 return len;
151 }
152
convert_bdaddr(char * str_bdaddr,char * bdaddr)153 static void convert_bdaddr(char *str_bdaddr, char *bdaddr)
154 {
155 char bdbyte[3];
156 char *str_byte = str_bdaddr;
157 int i, j;
158 int colon_present = 0;
159
160 if (strstr(str_bdaddr, ":"))
161 colon_present = 1;
162
163 bdbyte[2] = '\0';
164
165 /* Reverse the BDADDR to LSB first */
166 for (i = 0, j = 5; i < 6; i++, j--) {
167 bdbyte[0] = str_byte[0];
168 bdbyte[1] = str_byte[1];
169 bdaddr[j] = strtol(bdbyte, NULL, 16);
170
171 if (colon_present == 1)
172 str_byte += 3;
173 else
174 str_byte += 2;
175 }
176 }
177
uart_speed(int s)178 static int uart_speed(int s)
179 {
180 switch (s) {
181 case 9600:
182 return B9600;
183 case 19200:
184 return B19200;
185 case 38400:
186 return B38400;
187 case 57600:
188 return B57600;
189 case 115200:
190 return B115200;
191 case 230400:
192 return B230400;
193 case 460800:
194 return B460800;
195 case 500000:
196 return B500000;
197 case 576000:
198 return B576000;
199 case 921600:
200 return B921600;
201 case 1000000:
202 return B1000000;
203 case 1152000:
204 return B1152000;
205 case 1500000:
206 return B1500000;
207 case 2000000:
208 return B2000000;
209 #ifdef B2500000
210 case 2500000:
211 return B2500000;
212 #endif
213 #ifdef B3000000
214 case 3000000:
215 return B3000000;
216 #endif
217 #ifdef B3500000
218 case 3500000:
219 return B3500000;
220 #endif
221 #ifdef B4000000
222 case 4000000:
223 return B4000000;
224 #endif
225 default:
226 return B57600;
227 }
228 }
229
set_speed(int fd,struct termios * ti,int speed)230 int set_speed(int fd, struct termios *ti, int speed)
231 {
232 if (cfsetospeed(ti, uart_speed(speed)) < 0)
233 return -errno;
234
235 if (cfsetispeed(ti, uart_speed(speed)) < 0)
236 return -errno;
237
238 if (tcsetattr(fd, TCSANOW, ti) < 0)
239 return -errno;
240
241 return 0;
242 }
243
load_hci_ps_hdr(uint8_t * cmd,uint8_t ps_op,int len,int index)244 static void load_hci_ps_hdr(uint8_t *cmd, uint8_t ps_op, int len, int index)
245 {
246 hci_command_hdr *ch = (void *)cmd;
247
248 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
249 HCI_PS_CMD_OCF));
250 ch->plen = len + PS_HDR_LEN;
251 cmd += HCI_COMMAND_HDR_SIZE;
252
253 cmd[0] = ps_op;
254 cmd[1] = index;
255 cmd[2] = index >> 8;
256 cmd[3] = len;
257 }
258
259
read_ps_event(uint8_t * event,uint16_t ocf)260 static int read_ps_event(uint8_t *event, uint16_t ocf)
261 {
262 hci_event_hdr *eh;
263 uint16_t opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, ocf));
264
265 event++;
266
267 eh = (void *)event;
268 event += HCI_EVENT_HDR_SIZE;
269
270 if (eh->evt == EVT_CMD_COMPLETE) {
271 evt_cmd_complete *cc = (void *)event;
272
273 event += EVT_CMD_COMPLETE_SIZE;
274
275 if (cc->opcode == opcode && event[0] == HCI_EV_SUCCESS)
276 return 0;
277 else
278 return -EILSEQ;
279 }
280
281 return -EILSEQ;
282 }
283
284 #define PS_WRITE 1
285 #define PS_RESET 2
286 #define WRITE_PATCH 8
287 #define ENABLE_PATCH 11
288
289 #define HCI_PS_CMD_HDR_LEN 7
290
write_cmd(int fd,uint8_t * buffer,int len)291 static int write_cmd(int fd, uint8_t *buffer, int len)
292 {
293 uint8_t *event;
294 int err;
295
296 err = send_hci_cmd_sync(fd, buffer, len, &event);
297 if (err < 0)
298 return err;
299
300 err = read_ps_event(event, HCI_PS_CMD_OCF);
301
302 free(event);
303
304 return err;
305 }
306
307 #define PS_RESET_PARAM_LEN 6
308 #define PS_RESET_CMD_LEN (HCI_PS_CMD_HDR_LEN + PS_RESET_PARAM_LEN)
309
310 #define PS_ID_MASK 0xFF
311
312 /* Sends PS commands using vendor specficic HCI commands */
write_ps_cmd(int fd,uint8_t opcode,uint32_t ps_param)313 static int write_ps_cmd(int fd, uint8_t opcode, uint32_t ps_param)
314 {
315 uint8_t cmd[HCI_MAX_CMD_SIZE];
316 uint32_t i;
317
318 switch (opcode) {
319 case ENABLE_PATCH:
320 load_hci_ps_hdr(cmd, opcode, 0, 0x00);
321
322 if (write_cmd(fd, cmd, HCI_PS_CMD_HDR_LEN) < 0)
323 return -EILSEQ;
324 break;
325
326 case PS_RESET:
327 load_hci_ps_hdr(cmd, opcode, PS_RESET_PARAM_LEN, 0x00);
328
329 cmd[7] = 0x00;
330 cmd[PS_RESET_CMD_LEN - 2] = ps_param & PS_ID_MASK;
331 cmd[PS_RESET_CMD_LEN - 1] = (ps_param >> 8) & PS_ID_MASK;
332
333 if (write_cmd(fd, cmd, PS_RESET_CMD_LEN) < 0)
334 return -EILSEQ;
335 break;
336
337 case PS_WRITE:
338 for (i = 0; i < ps_param; i++) {
339 load_hci_ps_hdr(cmd, opcode, ps_list[i].len,
340 ps_list[i].id);
341
342 memcpy(&cmd[HCI_PS_CMD_HDR_LEN], ps_list[i].data,
343 ps_list[i].len);
344
345 if (write_cmd(fd, cmd, ps_list[i].len +
346 HCI_PS_CMD_HDR_LEN) < 0)
347 return -EILSEQ;
348 }
349 break;
350 }
351
352 return 0;
353 }
354
355 #define PS_ASIC_FILE "PS_ASIC.pst"
356 #define PS_FPGA_FILE "PS_FPGA.pst"
357 #define MAXPATHLEN 4096
get_ps_file_name(uint32_t devtype,uint32_t rom_version,char * path)358 static void get_ps_file_name(uint32_t devtype, uint32_t rom_version,char *path)
359 {
360 char *filename;
361
362 if (devtype == 0xdeadc0de)
363 filename = PS_ASIC_FILE;
364 else
365 filename = PS_FPGA_FILE;
366
367 snprintf(path, MAXPATHLEN, "%s%x/%s", FW_PATH, rom_version, filename);
368 }
369
370 #define PATCH_FILE "RamPatch.txt"
371 #define FPGA_ROM_VERSION 0x99999999
372 #define ROM_DEV_TYPE 0xdeadc0de
373
get_patch_file_name(uint32_t dev_type,uint32_t rom_version,uint32_t build_version,char * path)374 static void get_patch_file_name(uint32_t dev_type, uint32_t rom_version,
375 uint32_t build_version, char *path)
376 {
377 if (rom_version == FPGA_ROM_VERSION && dev_type != ROM_DEV_TYPE
378 &&dev_type != 0 && build_version == 1)
379 path[0] = '\0';
380 else
381 snprintf(path, MAXPATHLEN, "%s%x/%s", FW_PATH, rom_version, PATCH_FILE);
382 }
383
set_cntrlr_baud(int fd,int speed)384 static int set_cntrlr_baud(int fd, int speed)
385 {
386 int baud;
387 struct timespec tm = { 0, 500000};
388 unsigned char cmd[MAX_CMD_LEN], rsp[HCI_MAX_EVENT_SIZE];
389 unsigned char *ptr = cmd + 1;
390 hci_command_hdr *ch = (void *)ptr;
391
392 cmd[0] = HCI_COMMAND_PKT;
393
394 /* set controller baud rate to user specified value */
395 ptr = cmd + 1;
396 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
397 HCI_CHG_BAUD_CMD_OCF));
398 ch->plen = 2;
399 ptr += HCI_COMMAND_HDR_SIZE;
400
401 baud = speed/100;
402 ptr[0] = (char)baud;
403 ptr[1] = (char)(baud >> 8);
404
405 if (write(fd, cmd, WRITE_BAUD_CMD_LEN) != WRITE_BAUD_CMD_LEN) {
406 ALOGI("Failed to write change baud rate command");
407 return -ETIMEDOUT;
408 }
409
410 nanosleep(&tm, NULL);
411
412 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0)
413 return -ETIMEDOUT;
414
415 return 0;
416 }
417
418 #define PS_UNDEF 0
419 #define PS_ID 1
420 #define PS_LEN 2
421 #define PS_DATA 3
422
423 #define PS_MAX_LEN 500
424 #define LINE_SIZE_MAX (PS_MAX_LEN * 2)
425 #define ENTRY_PER_LINE 16
426
427 #define __check_comment(buf) (((buf)[0] == '/') && ((buf)[1] == '/'))
428 #define __skip_space(str) while (*(str) == ' ') ((str)++)
429
430
431 #define __is_delim(ch) ((ch) == ':')
432 #define MAX_PREAMBLE_LEN 4
433
434 /* Parse PS entry preamble of format [X:X] for main type and subtype */
get_ps_type(char * ptr,int index,char * type,char * sub_type)435 static int get_ps_type(char *ptr, int index, char *type, char *sub_type)
436 {
437 int i;
438 int delim = false;
439
440 if (index > MAX_PREAMBLE_LEN)
441 return -EILSEQ;
442
443 for (i = 1; i < index; i++) {
444 if (__is_delim(ptr[i])) {
445 delim = true;
446 continue;
447 }
448
449 if (isalpha(ptr[i])) {
450 if (delim == false)
451 (*type) = toupper(ptr[i]);
452 else
453 (*sub_type) = toupper(ptr[i]);
454 }
455 }
456
457 return 0;
458 }
459
460 #define ARRAY 'A'
461 #define STRING 'S'
462 #define DECIMAL 'D'
463 #define BINARY 'B'
464
465 #define PS_HEX 0
466 #define PS_DEC 1
467
get_input_format(char * buf,struct ps_entry_type * format)468 static int get_input_format(char *buf, struct ps_entry_type *format)
469 {
470 char *ptr = NULL;
471 char type = '\0';
472 char sub_type = '\0';
473
474 format->type = PS_HEX;
475 format->array = true;
476
477 if (strstr(buf, "[") != buf)
478 return 0;
479
480 ptr = strstr(buf, "]");
481 if (!ptr)
482 return -EILSEQ;
483
484 if (get_ps_type(buf, ptr - buf, &type, &sub_type) < 0)
485 return -EILSEQ;
486
487 /* Check is data type is of array */
488 if (type == ARRAY || sub_type == ARRAY)
489 format->array = true;
490
491 if (type == STRING || sub_type == STRING)
492 format->array = false;
493
494 if (type == DECIMAL || type == BINARY)
495 format->type = PS_DEC;
496 else
497 format->type = PS_HEX;
498
499 return 0;
500 }
501
502
503
504 #define UNDEFINED 0xFFFF
505
read_data_in_section(char * buf,struct ps_entry_type type)506 static unsigned int read_data_in_section(char *buf, struct ps_entry_type type)
507 {
508 char *ptr = buf;
509
510 if (!buf)
511 return UNDEFINED;
512
513 if (buf == strstr(buf, "[")) {
514 ptr = strstr(buf, "]");
515 if (!ptr)
516 return UNDEFINED;
517
518 ptr++;
519 }
520
521 if (type.type == PS_HEX && type.array != true)
522 return strtol(ptr, NULL, 16);
523
524 return UNDEFINED;
525 }
526
527
528 /* Read PS entries as string, convert and add to Hex array */
update_tag_data(struct ps_cfg_entry * tag,struct tag_info * info,const char * ptr)529 static void update_tag_data(struct ps_cfg_entry *tag,
530 struct tag_info *info, const char *ptr)
531 {
532 char buf[3];
533
534 buf[2] = '\0';
535
536 strlcpy(buf, &ptr[info->char_cnt],sizeof(buf));
537 tag->data[info->byte_count] = strtol(buf, NULL, 16);
538 info->char_cnt += 3;
539 info->byte_count++;
540
541 strlcpy(buf, &ptr[info->char_cnt], sizeof(buf));
542 tag->data[info->byte_count] = strtol(buf, NULL, 16);
543 info->char_cnt += 3;
544 info->byte_count++;
545 }
546
update_char_count(const char * buf)547 static inline int update_char_count(const char *buf)
548 {
549 char *end_ptr;
550
551 if (strstr(buf, "[") == buf) {
552 end_ptr = strstr(buf, "]");
553 if (!end_ptr)
554 return 0;
555 else
556 return(end_ptr - buf) + 1;
557 }
558
559 return 0;
560 }
561
562 #define PS_HEX 0
563 #define PS_DEC 1
564
ath_parse_ps(FILE * stream)565 static int ath_parse_ps(FILE *stream)
566 {
567 char buf[LINE_SIZE_MAX + 1];
568 char *ptr;
569 uint8_t tag_cnt = 0;
570 int16_t byte_count = 0;
571 struct ps_entry_type format;
572 struct tag_info status = { 0, 0, 0, 0};
573
574 do {
575 int read_count;
576 struct ps_cfg_entry *tag;
577
578 ptr = fgets(buf, LINE_SIZE_MAX, stream);
579 if (!ptr)
580 break;
581
582 __skip_space(ptr);
583 if (__check_comment(ptr))
584 continue;
585
586 /* Lines with a '#' will be followed by new PS entry */
587 if (ptr == strstr(ptr, "#")) {
588 if (status.section != PS_UNDEF) {
589 return -EILSEQ;
590 } else {
591 status.section = PS_ID;
592 continue;
593 }
594 }
595
596 tag = &ps_list[tag_cnt];
597
598 switch (status.section) {
599 case PS_ID:
600 if (get_input_format(ptr, &format) < 0)
601 return -EILSEQ;
602
603 tag->id = read_data_in_section(ptr, format);
604 status.section = PS_LEN;
605 break;
606
607 case PS_LEN:
608 if (get_input_format(ptr, &format) < 0)
609 return -EILSEQ;
610
611 byte_count = read_data_in_section(ptr, format);
612 if (byte_count > PS_MAX_LEN)
613 return -EILSEQ;
614
615 tag->len = byte_count;
616 tag->data = (uint8_t *)malloc(byte_count);
617
618 status.section = PS_DATA;
619 status.line_count = 0;
620 break;
621
622 case PS_DATA:
623 if (status.line_count == 0)
624 if (get_input_format(ptr, &format) < 0)
625 return -EILSEQ;
626
627 __skip_space(ptr);
628
629 status.char_cnt = update_char_count(ptr);
630
631 read_count = (byte_count > ENTRY_PER_LINE) ?
632 ENTRY_PER_LINE : byte_count;
633
634 if (format.type == PS_HEX && format.array == true) {
635 while (read_count > 0) {
636 update_tag_data(tag, &status, ptr);
637 read_count -= 2;
638 }
639
640 if (byte_count > ENTRY_PER_LINE)
641 byte_count -= ENTRY_PER_LINE;
642 else
643 byte_count = 0;
644 }
645
646 status.line_count++;
647
648 if (byte_count == 0)
649 memset(&status, 0x00, sizeof(struct tag_info));
650
651 if (status.section == PS_UNDEF)
652 tag_cnt++;
653
654 if (tag_cnt == MAX_TAGS)
655 return -EILSEQ;
656 break;
657 }
658 } while (ptr);
659
660 return tag_cnt;
661 }
662
663 #define PS_RAM_SIZE 2048
664
ps_config_download(int fd,int tag_count)665 static int ps_config_download(int fd, int tag_count)
666 {
667 if (write_ps_cmd(fd, PS_RESET, PS_RAM_SIZE) < 0)
668 return -1;
669
670 if (tag_count > 0)
671 if (write_ps_cmd(fd, PS_WRITE, tag_count) < 0)
672 return -1;
673 return 0;
674 }
675
write_bdaddr(int pConfig,char * bdaddr)676 static int write_bdaddr(int pConfig, char *bdaddr)
677 {
678 uint8_t *event;
679 int err;
680 uint8_t cmd[13];
681 uint8_t *ptr = cmd;
682 hci_command_hdr *ch = (void *)cmd;
683
684 memset(cmd, 0, sizeof(cmd));
685
686 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
687 HCI_PS_CMD_OCF));
688 ch->plen = 10;
689 ptr += HCI_COMMAND_HDR_SIZE;
690
691 ptr[0] = 0x01;
692 ptr[1] = 0x01;
693 ptr[2] = 0x00;
694 ptr[3] = 0x06;
695
696 convert_bdaddr(bdaddr, (char *)&ptr[4]);
697
698 err = send_hci_cmd_sync(pConfig, cmd, sizeof(cmd), &event);
699 if (err < 0)
700 return err;
701
702 err = read_ps_event(event, HCI_PS_CMD_OCF);
703
704 free(event);
705
706 return err;
707 }
708
write_bdaddr_from_file(int rom_version,int fd)709 static void write_bdaddr_from_file(int rom_version, int fd)
710 {
711 FILE *stream;
712 char bdaddr[PATH_MAX];
713 char bdaddr_file[PATH_MAX];
714
715 snprintf(bdaddr_file, MAXPATHLEN, "%s%x/%s",
716 FW_PATH, rom_version, BDADDR_FILE);
717
718 stream = fopen(bdaddr_file, "r");
719 if (!stream)
720 return;
721
722 if (fgets(bdaddr, PATH_MAX - 1, stream))
723 write_bdaddr(fd, bdaddr);
724
725 fclose(stream);
726 }
727
728 #define HCI_EVT_CMD_CMPL_OPCODE 3
729 #define HCI_EVT_CMD_CMPL_STATUS_RET_BYTE 5
730
baswap(bdaddr_t * dst,const bdaddr_t * src)731 void baswap(bdaddr_t *dst, const bdaddr_t *src)
732 {
733 register unsigned char *d = (unsigned char *) dst;
734 register const unsigned char *s = (const unsigned char *) src;
735 register int i;
736 for (i = 0; i < 6; i++)
737 d[i] = s[5-i];
738 }
739
740
str2ba(const char * str,bdaddr_t * ba)741 int str2ba(const char *str, bdaddr_t *ba)
742 {
743 uint8_t b[6];
744 const char *ptr = str;
745 int i;
746
747 for (i = 0; i < 6; i++) {
748 b[i] = (uint8_t) strtol(ptr, NULL, 16);
749 ptr = strchr(ptr, ':');
750 if (i != 5 && !ptr)
751 ptr = ":00:00:00:00:00";
752 ptr++;
753 }
754 baswap(ba, (bdaddr_t *) b);
755 return 0;
756 }
757
758 #define DEV_REGISTER 0x4FFC
759 #define GET_DEV_TYPE_OCF 0x05
760
get_device_type(int dev,uint32_t * code)761 static int get_device_type(int dev, uint32_t *code)
762 {
763 uint8_t cmd[8] = {0};
764 uint8_t *event;
765 uint32_t reg;
766 int err;
767 uint8_t *ptr = cmd;
768 hci_command_hdr *ch = (void *)cmd;
769
770 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
771 GET_DEV_TYPE_OCF));
772 ch->plen = 5;
773 ptr += HCI_COMMAND_HDR_SIZE;
774
775 ptr[0] = (uint8_t)DEV_REGISTER;
776 ptr[1] = (uint8_t)DEV_REGISTER >> 8;
777 ptr[2] = (uint8_t)DEV_REGISTER >> 16;
778 ptr[3] = (uint8_t)DEV_REGISTER >> 24;
779 ptr[4] = 0x04;
780
781 err = send_hci_cmd_sync(dev, cmd, sizeof(cmd), &event);
782 if (err < 0)
783 return err;
784
785 err = read_ps_event(event, GET_DEV_TYPE_OCF);
786 if (err < 0)
787 goto cleanup;
788
789 reg = event[10];
790 reg = (reg << 8) | event[9];
791 reg = (reg << 8) | event[8];
792 reg = (reg << 8) | event[7];
793 *code = reg;
794
795 cleanup:
796 free(event);
797
798 return err;
799 }
800
801 #define GET_VERSION_OCF 0x1E
802
read_ath3k_version(int pConfig,uint32_t * rom_version,uint32_t * build_version)803 static int read_ath3k_version(int pConfig, uint32_t *rom_version,
804 uint32_t *build_version)
805 {
806 uint8_t cmd[3] = {0};
807 uint8_t *event;
808 int err;
809 int status;
810 hci_command_hdr *ch = (void *)cmd;
811
812 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
813 GET_VERSION_OCF));
814 ch->plen = 0;
815
816 err = send_hci_cmd_sync(pConfig, cmd, sizeof(cmd), &event);
817 if (err < 0)
818 return err;
819
820 err = read_ps_event(event, GET_VERSION_OCF);
821 if (err < 0)
822 goto cleanup;
823
824 status = event[10];
825 status = (status << 8) | event[9];
826 status = (status << 8) | event[8];
827 status = (status << 8) | event[7];
828 *rom_version = status;
829
830 status = event[14];
831 status = (status << 8) | event[13];
832 status = (status << 8) | event[12];
833 status = (status << 8) | event[11];
834 *build_version = status;
835
836 cleanup:
837 free(event);
838
839 return err;
840 }
841
842 #define VERIFY_CRC 9
843 #define PS_REGION 1
844 #define PATCH_REGION 2
845
get_ath3k_crc(int dev)846 static int get_ath3k_crc(int dev)
847 {
848 uint8_t cmd[7] = {0};
849 uint8_t *event;
850 int err;
851
852 load_hci_ps_hdr(cmd, VERIFY_CRC, 0, PS_REGION | PATCH_REGION);
853
854 err = send_hci_cmd_sync(dev, cmd, sizeof(cmd), &event);
855 if (err < 0)
856 return err;
857 /* Send error code if CRC check patched */
858 if (read_ps_event(event, HCI_PS_CMD_OCF) >= 0)
859 err = -EILSEQ;
860
861 free(event);
862
863 return err;
864 }
865
866 #define SET_PATCH_RAM_ID 0x0D
867 #define SET_PATCH_RAM_CMD_SIZE 11
868 #define ADDRESS_LEN 4
set_patch_ram(int dev,char * patch_loc,int len)869 static int set_patch_ram(int dev, char *patch_loc, int len)
870 {
871 int err;
872 uint8_t cmd[20] = {0};
873 int i, j;
874 char loc_byte[3];
875 uint8_t *event;
876 uint8_t *loc_ptr = &cmd[7];
877
878 if (!patch_loc)
879 return -1;
880
881 loc_byte[2] = '\0';
882
883 load_hci_ps_hdr(cmd, SET_PATCH_RAM_ID, ADDRESS_LEN, 0);
884
885 for (i = 0, j = 3; i < 4; i++, j--) {
886 loc_byte[0] = patch_loc[0];
887 loc_byte[1] = patch_loc[1];
888 loc_ptr[j] = strtol(loc_byte, NULL, 16);
889 patch_loc += 2;
890 }
891
892 err = send_hci_cmd_sync(dev, cmd, SET_PATCH_RAM_CMD_SIZE, &event);
893 if (err < 0)
894 return err;
895
896 err = read_ps_event(event, HCI_PS_CMD_OCF);
897
898 free(event);
899
900 return err;
901 }
902
903 #define PATCH_LOC_KEY "DA:"
904 #define PATCH_LOC_STRING_LEN 8
ps_patch_download(int fd,FILE * stream)905 static int ps_patch_download(int fd, FILE *stream)
906 {
907 char byte[3];
908 char ptr[MAX_PATCH_CMD + 1];
909 int byte_cnt;
910 int patch_count = 0;
911 char patch_loc[PATCH_LOC_STRING_LEN + 1];
912
913 byte[2] = '\0';
914
915 while (fgets(ptr, MAX_PATCH_CMD, stream)) {
916 if (strlen(ptr) <= 1)
917 continue;
918 else if (strstr(ptr, PATCH_LOC_KEY) == ptr) {
919 strlcpy(patch_loc, &ptr[sizeof(PATCH_LOC_KEY) - 1],
920 PATCH_LOC_STRING_LEN);
921 if (set_patch_ram(fd, patch_loc, sizeof(patch_loc)) < 0)
922 return -1;
923 } else if (isxdigit(ptr[0]))
924 break;
925 else
926 return -1;
927 }
928
929 byte_cnt = strtol(ptr, NULL, 16);
930
931 while (byte_cnt > 0) {
932 int i;
933 uint8_t cmd[HCI_MAX_CMD_SIZE] = {0};
934 struct patch_entry patch;
935
936 if (byte_cnt > MAX_PATCH_CMD)
937 patch.len = MAX_PATCH_CMD;
938 else
939 patch.len = byte_cnt;
940
941 for (i = 0; i < patch.len; i++) {
942 if (!fgets(byte, 3, stream))
943 return -1;
944
945 patch.data[i] = strtoul(byte, NULL, 16);
946 }
947
948 load_hci_ps_hdr(cmd, WRITE_PATCH, patch.len, patch_count);
949 memcpy(&cmd[HCI_PS_CMD_HDR_LEN], patch.data, patch.len);
950
951 if (write_cmd(fd, cmd, patch.len + HCI_PS_CMD_HDR_LEN) < 0)
952 return -1;
953
954 patch_count++;
955 byte_cnt = byte_cnt - MAX_PATCH_CMD;
956 }
957
958 if (write_ps_cmd(fd, ENABLE_PATCH, 0) < 0)
959 return -1;
960
961 return patch_count;
962 }
963
ath_ps_download(int fd)964 static int ath_ps_download(int fd)
965 {
966 int err = 0;
967 int tag_count;
968 int patch_count = 0;
969 uint32_t rom_version = 0;
970 uint32_t build_version = 0;
971 uint32_t dev_type = 0;
972 char patch_file[PATH_MAX];
973 char ps_file[PATH_MAX];
974 FILE *stream;
975
976 /*
977 * Verfiy firmware version. depending on it select the PS
978 * config file to download.
979 */
980 if (get_device_type(fd, &dev_type) < 0) {
981 err = -EILSEQ;
982 goto download_cmplete;
983 }
984
985 if (read_ath3k_version(fd, &rom_version, &build_version) < 0) {
986 err = -EILSEQ;
987 goto download_cmplete;
988 }
989
990 /* Do not download configuration if CRC passes */
991 if (get_ath3k_crc(fd) < 0) {
992 err = 0;
993 goto download_cmplete;
994 }
995
996 get_ps_file_name(dev_type, rom_version, ps_file);
997 get_patch_file_name(dev_type, rom_version, build_version, patch_file);
998
999 stream = fopen(ps_file, "r");
1000 if (!stream) {
1001 ALOGI("firmware file open error:%s, ver:%x\n",ps_file, rom_version);
1002 if (rom_version == 0x1020201)
1003 err = 0;
1004 else
1005 err = -EILSEQ;
1006 goto download_cmplete;
1007 }
1008 tag_count = ath_parse_ps(stream);
1009
1010 fclose(stream);
1011
1012 if (tag_count < 0) {
1013 err = -EILSEQ;
1014 goto download_cmplete;
1015 }
1016
1017 /*
1018 * It is not necessary that Patch file be available,
1019 * continue with PS Operations if patch file is not available.
1020 */
1021 if (patch_file[0] == '\0')
1022 err = 0;
1023
1024 stream = fopen(patch_file, "r");
1025 if (!stream)
1026 err = 0;
1027 else {
1028 patch_count = ps_patch_download(fd, stream);
1029 fclose(stream);
1030
1031 if (patch_count < 0) {
1032 err = -EILSEQ;
1033 goto download_cmplete;
1034 }
1035 }
1036
1037 err = ps_config_download(fd, tag_count);
1038
1039 download_cmplete:
1040 if (!err)
1041 write_bdaddr_from_file(rom_version, fd);
1042
1043 return err;
1044 }
1045
ath3k_init(int fd,int speed,int init_speed,char * bdaddr,struct termios * ti)1046 int ath3k_init(int fd, int speed, int init_speed, char *bdaddr, struct termios *ti)
1047 {
1048 ALOGI(" %s ", __FUNCTION__);
1049
1050 int r;
1051 int err = 0;
1052 struct timespec tm = { 0, 500000};
1053 unsigned char cmd[MAX_CMD_LEN] = {0};
1054 unsigned char rsp[HCI_MAX_EVENT_SIZE];
1055 unsigned char *ptr = cmd + 1;
1056 hci_command_hdr *ch = (void *)ptr;
1057 int flags = 0;
1058
1059 if (ioctl(fd, TIOCMGET, &flags) < 0) {
1060 ALOGI("TIOCMGET failed in init\n");
1061 return -1;
1062 }
1063 flags |= TIOCM_RTS;
1064 if (ioctl(fd, TIOCMSET, &flags) < 0) {
1065 ALOGI("TIOCMSET failed in init: HW Flow-on error\n");
1066 return -1;
1067 }
1068
1069 /* set both controller and host baud rate to maximum possible value */
1070 err = set_cntrlr_baud(fd, speed);
1071 ALOGI("set_cntrlr_baud : ret:%d \n", err);
1072 if (err < 0)
1073 return err;
1074
1075 err = set_speed(fd, ti, speed);
1076 if (err < 0) {
1077 ALOGI("Can't set required baud rate");
1078 return err;
1079 }
1080
1081 /* Download PS and patch */
1082 r = ath_ps_download(fd);
1083 if (r < 0) {
1084 ALOGI("Failed to Download configuration");
1085 err = -ETIMEDOUT;
1086 goto failed;
1087 }
1088
1089 ALOGI("ath_ps_download is done\n");
1090
1091 cmd[0] = HCI_COMMAND_PKT;
1092 /* Write BDADDR */
1093 if (bdaddr) {
1094 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
1095 HCI_PS_CMD_OCF));
1096 ch->plen = 10;
1097 ptr += HCI_COMMAND_HDR_SIZE;
1098
1099 ptr[0] = 0x01;
1100 ptr[1] = 0x01;
1101 ptr[2] = 0x00;
1102 ptr[3] = 0x06;
1103 str2ba(bdaddr, (bdaddr_t *)(ptr + 4));
1104
1105 if (write(fd, cmd, WRITE_BDADDR_CMD_LEN) !=
1106 WRITE_BDADDR_CMD_LEN) {
1107 ALOGI("Failed to write BD_ADDR command\n");
1108 err = -ETIMEDOUT;
1109 goto failed;
1110 }
1111
1112 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) {
1113 ALOGI("Failed to set BD_ADDR\n");
1114 err = -ETIMEDOUT;
1115 goto failed;
1116 }
1117 }
1118
1119 /* Send HCI Reset */
1120 cmd[1] = 0x03;
1121 cmd[2] = 0x0C;
1122 cmd[3] = 0x00;
1123
1124 r = write(fd, cmd, 4);
1125 if (r != 4) {
1126 err = -ETIMEDOUT;
1127 goto failed;
1128 }
1129
1130 nanosleep(&tm, NULL);
1131 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) {
1132 err = -ETIMEDOUT;
1133 goto failed;
1134 }
1135
1136 ALOGI("HCI Reset is done\n");
1137 err = set_cntrlr_baud(fd, speed);
1138 if (err < 0)
1139 ALOGI("set_cntrlr_baud0:%d,%d\n", speed, err);
1140
1141 failed:
1142 if (err < 0) {
1143 set_cntrlr_baud(fd, init_speed);
1144 set_speed(fd, ti, init_speed);
1145 }
1146
1147 return err;
1148
1149 }
1150 #define BTPROTO_HCI 1
1151
1152 /* Open HCI device.
1153 * Returns device descriptor (dd). */
hci_open_dev(int dev_id)1154 int hci_open_dev(int dev_id)
1155 {
1156 struct sockaddr_hci a;
1157 int dd, err;
1158
1159 /* Create HCI socket */
1160 dd = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
1161 if (dd < 0)
1162 return dd;
1163
1164 /* Bind socket to the HCI device */
1165 memset(&a, 0, sizeof(a));
1166 a.hci_family = AF_BLUETOOTH;
1167 a.hci_dev = dev_id;
1168 if (bind(dd, (struct sockaddr *) &a, sizeof(a)) < 0)
1169 goto failed;
1170
1171 return dd;
1172
1173 failed:
1174 err = errno;
1175 close(dd);
1176 errno = err;
1177
1178 return -1;
1179 }
1180
hci_close_dev(int dd)1181 int hci_close_dev(int dd)
1182 {
1183 return close(dd);
1184 }
1185
1186 /* HCI functions that require open device
1187 * dd - Device descriptor returned by hci_open_dev. */
1188
hci_send_cmd(int dd,uint16_t ogf,uint16_t ocf,uint8_t plen,void * param)1189 int hci_send_cmd(int dd, uint16_t ogf, uint16_t ocf, uint8_t plen, void *param)
1190 {
1191 uint8_t type = HCI_COMMAND_PKT;
1192 hci_command_hdr hc;
1193 struct iovec iv[3];
1194 int ivn;
1195
1196 hc.opcode = htobs(cmd_opcode_pack(ogf, ocf));
1197 hc.plen= plen;
1198
1199 iv[0].iov_base = &type;
1200 iv[0].iov_len = 1;
1201 iv[1].iov_base = &hc;
1202 iv[1].iov_len = HCI_COMMAND_HDR_SIZE;
1203 ivn = 2;
1204
1205 if (plen) {
1206 iv[2].iov_base = param;
1207 iv[2].iov_len = plen;
1208 ivn = 3;
1209 }
1210
1211 while (writev(dd, iv, ivn) < 0) {
1212 if (errno == EAGAIN || errno == EINTR)
1213 continue;
1214 return -1;
1215 }
1216 return 0;
1217 }
1218
1219 #define HCI_SLEEP_CMD_OCF 0x04
1220 #define TIOCSETD 0x5423
1221 #define HCIUARTSETFLAGS _IOW('U', 204, int)
1222 #define HCIUARTSETPROTO _IOW('U', 200, int)
1223 #define HCIUARTGETDEVICE _IOW('U', 202, int)
1224 /*
1225 * Atheros AR300x specific initialization post callback
1226 */
ath3k_post(int fd,int pm)1227 int ath3k_post(int fd, int pm)
1228 {
1229 int dev_id, dd;
1230 struct timespec tm = { 0, 50000};
1231
1232 sleep(1);
1233
1234 dev_id = ioctl(fd, HCIUARTGETDEVICE, 0);
1235 if (dev_id < 0) {
1236 perror("cannot get device id");
1237 return dev_id;
1238 }
1239
1240 dd = hci_open_dev(dev_id);
1241 if (dd < 0) {
1242 perror("HCI device open failed");
1243 return dd;
1244 }
1245
1246 if (ioctl(dd, HCIDEVUP, dev_id) < 0 && errno != EALREADY) {
1247 perror("hci down:Power management Disabled");
1248 hci_close_dev(dd);
1249 return -1;
1250 }
1251
1252 /* send vendor specific command with Sleep feature Enabled */
1253 if (hci_send_cmd(dd, OGF_VENDOR_CMD, HCI_SLEEP_CMD_OCF, 1, &pm) < 0)
1254 perror("PM command failed, power management Disabled");
1255
1256 nanosleep(&tm, NULL);
1257 hci_close_dev(dd);
1258
1259 return 0;
1260 }
1261
1262
1263
1264 #define FLOW_CTL 0x0001
1265 #define ENABLE_PM 1
1266 #define DISABLE_PM 0
1267
1268 /* Initialize UART driver */
init_uart(char * dev,struct uart_t * u,int send_break,int raw)1269 static int init_uart(char *dev, struct uart_t *u, int send_break, int raw)
1270 {
1271 ALOGI(" %s ", __FUNCTION__);
1272
1273 struct termios ti;
1274
1275 int i, fd;
1276 unsigned long flags = 0;
1277
1278 if (raw)
1279 flags |= 1 << HCI_UART_RAW_DEVICE;
1280
1281
1282 fd = open(dev, O_RDWR | O_NOCTTY);
1283
1284 if (fd < 0) {
1285 ALOGI("Can't open serial port");
1286 return -1;
1287 }
1288
1289
1290 tcflush(fd, TCIOFLUSH);
1291
1292 if (tcgetattr(fd, &ti) < 0) {
1293 ALOGI("Can't get port settings: %d\n", errno);
1294 return -1;
1295 }
1296
1297 cfmakeraw(&ti);
1298
1299 ti.c_cflag |= CLOCAL;
1300 if (u->flags & FLOW_CTL)
1301 ti.c_cflag |= CRTSCTS;
1302 else
1303 ti.c_cflag &= ~CRTSCTS;
1304
1305 if (tcsetattr(fd, TCSANOW, &ti) < 0) {
1306 ALOGI("Can't set port settings");
1307 return -1;
1308 }
1309
1310 if (set_speed(fd, &ti, u->init_speed) < 0) {
1311 ALOGI("Can't set initial baud rate");
1312 return -1;
1313 }
1314
1315 tcflush(fd, TCIOFLUSH);
1316
1317 if (send_break) {
1318 tcsendbreak(fd, 0);
1319 usleep(500000);
1320 }
1321
1322 ath3k_init(fd,u->speed,u->init_speed,u->bdaddr, &ti);
1323
1324 ALOGI("Device setup complete\n");
1325
1326
1327 tcflush(fd, TCIOFLUSH);
1328
1329 // Set actual baudrate
1330 /*
1331 if (set_speed(fd, &ti, u->speed) < 0) {
1332 perror("Can't set baud rate");
1333 return -1;
1334 }
1335
1336 i = N_HCI;
1337 if (ioctl(fd, TIOCSETD, &i) < 0) {
1338 perror("Can't set line discipline");
1339 return -1;
1340 }
1341
1342 if (flags && ioctl(fd, HCIUARTSETFLAGS, flags) < 0) {
1343 perror("Can't set UART flags");
1344 return -1;
1345 }
1346
1347 if (ioctl(fd, HCIUARTSETPROTO, u->proto) < 0) {
1348 perror("Can't set device");
1349 return -1;
1350 }
1351
1352 #if !defined(SW_BOARD_HAVE_BLUETOOTH_RTK)
1353 ath3k_post(fd, u->pm);
1354 #endif
1355 */
1356
1357 return fd;
1358 }
1359
1360
hw_config_ath3k(char * port_name)1361 int hw_config_ath3k(char *port_name)
1362 {
1363 ALOGI(" %s ", __FUNCTION__);
1364 PSCounter=0;
1365 struct sigaction sa;
1366 struct uart_t u ;
1367 int n=0,send_break=0,raw=0;
1368
1369 memset(&u, 0, sizeof(u));
1370 u.speed =3000000;
1371 u.init_speed =115200;
1372 u.flags |= FLOW_CTL;
1373 u.pm = DISABLE_PM;
1374
1375 n = init_uart(port_name, &u, send_break, raw);
1376 if (n < 0) {
1377 ALOGI("Can't initialize device");
1378 }
1379
1380 return n;
1381 }
1382
lpm_set_ar3k(uint8_t pio,uint8_t action,uint8_t polarity)1383 void lpm_set_ar3k(uint8_t pio, uint8_t action, uint8_t polarity)
1384 {
1385 int rc;
1386 int fd = -1;
1387 char buffer;
1388
1389 ALOGI("lpm mode: %d action: %d", pio, action);
1390
1391 switch (pio)
1392 {
1393 case UPIO_LPM_MODE:
1394 if (upio_state[UPIO_LPM_MODE] == action)
1395 {
1396 ALOGI("LPM is %s already", lpm_mode[action]);
1397 return;
1398 }
1399
1400 fd = open(VENDOR_LPM_PROC_NODE, O_WRONLY);
1401
1402 if (fd < 0)
1403 {
1404 ALOGE("upio_set : open(%s) for write failed: %s (%d)",
1405 VENDOR_LPM_PROC_NODE, strerror(errno), errno);
1406 return;
1407 }
1408
1409 if (action == UPIO_ASSERT)
1410 {
1411 buffer = '1';
1412 }
1413 else
1414 {
1415 buffer = '0';
1416 }
1417
1418 if (write(fd, &buffer, 1) < 0)
1419 {
1420 ALOGE("upio_set : write(%s) failed: %s (%d)",
1421 VENDOR_LPM_PROC_NODE, strerror(errno),errno);
1422 }
1423 else
1424 {
1425 upio_state[UPIO_LPM_MODE] = action;
1426 ALOGI("LPM is set to %s", lpm_mode[action]);
1427 }
1428
1429 if (fd >= 0)
1430 close(fd);
1431
1432 break;
1433
1434 case UPIO_BT_WAKE:
1435 /* UPIO_DEASSERT should be allowed because in Rx case assert occur
1436 * from the remote side where as deassert will be initiated from Host
1437 */
1438 if ((action == UPIO_ASSERT) && (upio_state[UPIO_BT_WAKE] == action))
1439 {
1440 ALOGI("BT_WAKE is %s already", lpm_state[action]);
1441
1442 return;
1443 }
1444
1445 if (action == UPIO_DEASSERT)
1446 buffer = '0';
1447 else
1448 buffer = '1';
1449
1450 fd = open(VENDOR_BTWRITE_PROC_NODE, O_WRONLY);
1451
1452 if (fd < 0)
1453 {
1454 ALOGE("upio_set : open(%s) for write failed: %s (%d)",
1455 VENDOR_BTWRITE_PROC_NODE, strerror(errno), errno);
1456 return;
1457 }
1458
1459 if (write(fd, &buffer, 1) < 0)
1460 {
1461 ALOGE("upio_set : write(%s) failed: %s (%d)",
1462 VENDOR_BTWRITE_PROC_NODE, strerror(errno),errno);
1463 }
1464 else
1465 {
1466 upio_state[UPIO_BT_WAKE] = action;
1467 ALOGI("BT_WAKE is set to %s", lpm_state[action]);
1468 }
1469
1470 ALOGI("proc btwrite assertion");
1471
1472 if (fd >= 0)
1473 close(fd);
1474
1475 break;
1476
1477 case UPIO_HOST_WAKE:
1478 ALOGI("upio_set: UPIO_HOST_WAKE");
1479 break;
1480 }
1481
1482 }
1483