1 /*
2 *
3 * Copyright (c) 2013, The Linux Foundation. All rights reserved.
4 * Not a Contribution.
5 *
6 * Copyright 2012 The Android Open Source Project
7 *
8 * Licensed under the Apache License, Version 2.0 (the "License"); you
9 * may not use this file except in compliance with the License. You may
10 * obtain a copy of the License at
11 *
12 * http://www.apache.org/licenses/LICENSE-2.0
13 *
14 * Unless required by applicable law or agreed to in writing, software
15 * distributed under the License is distributed on an "AS IS" BASIS,
16 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
17 * implied. See the License for the specific language governing
18 * permissions and limitations under the License.
19 *
20 */
21
22 /******************************************************************************
23 *
24 * Filename: hw_ar3k.c
25 *
26 * Description: Contains controller-specific functions, like
27 * firmware patch download
28 * low power mode operations
29 *
30 ******************************************************************************/
31 #ifdef __cplusplus
32 extern "C" {
33 #endif
34
35 #define LOG_TAG "bt_vendor"
36
37 #include <sys/socket.h>
38 #include <utils/Log.h>
39 #include <sys/types.h>
40 #include <sys/stat.h>
41 #include <signal.h>
42 #include <time.h>
43 #include <errno.h>
44 #include <fcntl.h>
45 #include <dirent.h>
46 #include <ctype.h>
47 #include <cutils/properties.h>
48 #include <stdlib.h>
49 #include <termios.h>
50 #include <string.h>
51
52 #include "bt_hci_bdroid.h"
53 #include "bt_vendor_qcom.h"
54 #include "hci_uart.h"
55 #include "hw_ar3k.h"
56 #include "bt_vendor_qcom.h"
57
58 /******************************************************************************
59 ** Variables
60 ******************************************************************************/
61 int cbstat = 0;
62 #define PATCH_LOC_STRING_LEN 8
63 char ARbyte[3];
64 char ARptr[MAX_PATCH_CMD + 1];
65 int byte_cnt;
66 int patch_count = 0;
67 char patch_loc[PATCH_LOC_STRING_LEN + 1];
68 int PSCounter=0;
69
70 uint32_t dev_type = 0;
71 uint32_t rom_version = 0;
72 uint32_t build_version = 0;
73
74 char patch_file[PATH_MAX];
75 char ps_file[PATH_MAX];
76 FILE *stream;
77 int tag_count=0;
78
79 /* for friendly debugging outpout string */
80 static char *lpm_mode[] = {
81 "UNKNOWN",
82 "disabled",
83 "enabled"
84 };
85
86 static char *lpm_state[] = {
87 "UNKNOWN",
88 "de-asserted",
89 "asserted"
90 };
91
92 static uint8_t upio_state[UPIO_MAX_COUNT];
93 struct ps_cfg_entry ps_list[MAX_TAGS];
94
95 #define PS_EVENT_LEN 100
96
97 #ifdef __cplusplus
98 }
99 #endif
100
101 #define RESERVED(p) if(p) ALOGI( "%s: reserved param", __FUNCTION__);
102
103 /*****************************************************************************
104 ** Functions
105 *****************************************************************************/
106
is_bt_soc_ath()107 int is_bt_soc_ath() {
108 int ret = 0;
109 char bt_soc_type[PROPERTY_VALUE_MAX];
110 ret = property_get("qcom.bluetooth.soc", bt_soc_type, NULL);
111 if (ret != 0) {
112 ALOGI("qcom.bluetooth.soc set to %s\n", bt_soc_type);
113 if (!strncasecmp(bt_soc_type, "ath3k", sizeof("ath3k")))
114 return 1;
115 } else {
116 ALOGI("qcom.bluetooth.soc not set, so using default.\n");
117 }
118
119 return 0;
120 }
121
122 /*
123 * Send HCI command and wait for command complete event.
124 * The event buffer has to be freed by the caller.
125 */
126
send_hci_cmd_sync(int dev,uint8_t * cmd,int len,uint8_t ** event)127 static int send_hci_cmd_sync(int dev, uint8_t *cmd, int len, uint8_t **event)
128 {
129 int err;
130 uint8_t *hci_event;
131 uint8_t pkt_type = HCI_COMMAND_PKT;
132
133 if (len == 0)
134 return len;
135
136 if (write(dev, &pkt_type, 1) != 1)
137 return -EILSEQ;
138 if (write(dev, (unsigned char *)cmd, len) != len)
139 return -EILSEQ;
140
141 hci_event = (uint8_t *)malloc(PS_EVENT_LEN);
142 if (!hci_event)
143 return -ENOMEM;
144
145 err = read_hci_event(dev, (unsigned char *)hci_event, PS_EVENT_LEN);
146 if (err > 0) {
147 *event = hci_event;
148 } else {
149 free(hci_event);
150 return -EILSEQ;
151 }
152
153 return len;
154 }
155
convert_bdaddr(char * str_bdaddr,char * bdaddr)156 static void convert_bdaddr(char *str_bdaddr, char *bdaddr)
157 {
158 char bdbyte[3];
159 char *str_byte = str_bdaddr;
160 int i, j;
161 int colon_present = 0;
162
163 if (strstr(str_bdaddr, ":"))
164 colon_present = 1;
165
166 bdbyte[2] = '\0';
167
168 /* Reverse the BDADDR to LSB first */
169 for (i = 0, j = 5; i < 6; i++, j--) {
170 bdbyte[0] = str_byte[0];
171 bdbyte[1] = str_byte[1];
172 bdaddr[j] = strtol(bdbyte, NULL, 16);
173
174 if (colon_present == 1)
175 str_byte += 3;
176 else
177 str_byte += 2;
178 }
179 }
180
uart_speed(int s)181 static int uart_speed(int s)
182 {
183 switch (s) {
184 case 9600:
185 return B9600;
186 case 19200:
187 return B19200;
188 case 38400:
189 return B38400;
190 case 57600:
191 return B57600;
192 case 115200:
193 return B115200;
194 case 230400:
195 return B230400;
196 case 460800:
197 return B460800;
198 case 500000:
199 return B500000;
200 case 576000:
201 return B576000;
202 case 921600:
203 return B921600;
204 case 1000000:
205 return B1000000;
206 case 1152000:
207 return B1152000;
208 case 1500000:
209 return B1500000;
210 case 2000000:
211 return B2000000;
212 #ifdef B2500000
213 case 2500000:
214 return B2500000;
215 #endif
216 #ifdef B3000000
217 case 3000000:
218 return B3000000;
219 #endif
220 #ifdef B3500000
221 case 3500000:
222 return B3500000;
223 #endif
224 #ifdef B4000000
225 case 4000000:
226 return B4000000;
227 #endif
228 default:
229 return B57600;
230 }
231 }
232
set_speed(int fd,struct termios * ti,int speed)233 int set_speed(int fd, struct termios *ti, int speed)
234 {
235 if (cfsetospeed(ti, uart_speed(speed)) < 0)
236 return -errno;
237
238 if (cfsetispeed(ti, uart_speed(speed)) < 0)
239 return -errno;
240
241 if (tcsetattr(fd, TCSANOW, ti) < 0)
242 return -errno;
243
244 return 0;
245 }
246
load_hci_ps_hdr(uint8_t * cmd,uint8_t ps_op,int len,int index)247 static void load_hci_ps_hdr(uint8_t *cmd, uint8_t ps_op, int len, int index)
248 {
249 hci_command_hdr *ch = (void *)cmd;
250
251 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
252 HCI_PS_CMD_OCF));
253 ch->plen = len + PS_HDR_LEN;
254 cmd += HCI_COMMAND_HDR_SIZE;
255
256 cmd[0] = ps_op;
257 cmd[1] = index;
258 cmd[2] = index >> 8;
259 cmd[3] = len;
260 }
261
262
read_ps_event(uint8_t * event,uint16_t ocf)263 static int read_ps_event(uint8_t *event, uint16_t ocf)
264 {
265 hci_event_hdr *eh;
266 uint16_t opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF, ocf));
267
268 event++;
269
270 eh = (void *)event;
271 event += HCI_EVENT_HDR_SIZE;
272
273 if (eh->evt == EVT_CMD_COMPLETE) {
274 evt_cmd_complete *cc = (void *)event;
275
276 event += EVT_CMD_COMPLETE_SIZE;
277
278 if (cc->opcode == opcode && event[0] == HCI_EV_SUCCESS)
279 return 0;
280 else
281 return -EILSEQ;
282 }
283
284 return -EILSEQ;
285 }
286
287 #define PS_WRITE 1
288 #define PS_RESET 2
289 #define WRITE_PATCH 8
290 #define ENABLE_PATCH 11
291
292 #define HCI_PS_CMD_HDR_LEN 7
293
write_cmd(int fd,uint8_t * buffer,int len)294 static int write_cmd(int fd, uint8_t *buffer, int len)
295 {
296 uint8_t *event;
297 int err;
298
299 err = send_hci_cmd_sync(fd, buffer, len, &event);
300 if (err < 0)
301 return err;
302
303 err = read_ps_event(event, HCI_PS_CMD_OCF);
304
305 free(event);
306
307 return err;
308 }
309
310 #define PS_RESET_PARAM_LEN 6
311 #define PS_RESET_CMD_LEN (HCI_PS_CMD_HDR_LEN + PS_RESET_PARAM_LEN)
312
313 #define PS_ID_MASK 0xFF
314
315 /* Sends PS commands using vendor specficic HCI commands */
write_ps_cmd(int fd,uint8_t opcode,uint32_t ps_param)316 static int write_ps_cmd(int fd, uint8_t opcode, uint32_t ps_param)
317 {
318 uint8_t cmd[HCI_MAX_CMD_SIZE];
319 uint32_t i;
320
321 switch (opcode) {
322 case ENABLE_PATCH:
323 load_hci_ps_hdr(cmd, opcode, 0, 0x00);
324
325 if (write_cmd(fd, cmd, HCI_PS_CMD_HDR_LEN) < 0)
326 return -EILSEQ;
327 break;
328
329 case PS_RESET:
330 load_hci_ps_hdr(cmd, opcode, PS_RESET_PARAM_LEN, 0x00);
331
332 cmd[7] = 0x00;
333 cmd[PS_RESET_CMD_LEN - 2] = ps_param & PS_ID_MASK;
334 cmd[PS_RESET_CMD_LEN - 1] = (ps_param >> 8) & PS_ID_MASK;
335
336 if (write_cmd(fd, cmd, PS_RESET_CMD_LEN) < 0)
337 return -EILSEQ;
338 break;
339
340 case PS_WRITE:
341 for (i = 0; i < ps_param; i++) {
342 load_hci_ps_hdr(cmd, opcode, ps_list[i].len,
343 ps_list[i].id);
344
345 memcpy(&cmd[HCI_PS_CMD_HDR_LEN], ps_list[i].data,
346 ps_list[i].len);
347
348 if (write_cmd(fd, cmd, ps_list[i].len +
349 HCI_PS_CMD_HDR_LEN) < 0)
350 return -EILSEQ;
351 }
352 break;
353 }
354
355 return 0;
356 }
357
358 #define PS_ASIC_FILE "PS_ASIC.pst"
359 #define PS_FPGA_FILE "PS_FPGA.pst"
360 #define MAXPATHLEN 4096
get_ps_file_name(uint32_t devtype,uint32_t rom_version,char * path)361 static void get_ps_file_name(uint32_t devtype, uint32_t rom_version,char *path)
362 {
363 char *filename;
364
365 if (devtype == 0xdeadc0de)
366 filename = PS_ASIC_FILE;
367 else
368 filename = PS_FPGA_FILE;
369
370 snprintf(path, MAXPATHLEN, "%s%x/%s", FW_PATH, rom_version, filename);
371 }
372
373 #define PATCH_FILE "RamPatch.txt"
374 #define FPGA_ROM_VERSION 0x99999999
375 #define ROM_DEV_TYPE 0xdeadc0de
376
get_patch_file_name(uint32_t dev_type,uint32_t rom_version,uint32_t build_version,char * path)377 static void get_patch_file_name(uint32_t dev_type, uint32_t rom_version,
378 uint32_t build_version, char *path)
379 {
380 if (rom_version == FPGA_ROM_VERSION && dev_type != ROM_DEV_TYPE
381 &&dev_type != 0 && build_version == 1)
382 path[0] = '\0';
383 else
384 snprintf(path, MAXPATHLEN, "%s%x/%s", FW_PATH, rom_version, PATCH_FILE);
385 }
386
set_cntrlr_baud(int fd,int speed)387 static int set_cntrlr_baud(int fd, int speed)
388 {
389 int baud;
390 struct timespec tm = { 0, 500000};
391 unsigned char cmd[MAX_CMD_LEN], rsp[HCI_MAX_EVENT_SIZE];
392 unsigned char *ptr = cmd + 1;
393 hci_command_hdr *ch = (void *)ptr;
394
395 cmd[0] = HCI_COMMAND_PKT;
396
397 /* set controller baud rate to user specified value */
398 ptr = cmd + 1;
399 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
400 HCI_CHG_BAUD_CMD_OCF));
401 ch->plen = 2;
402 ptr += HCI_COMMAND_HDR_SIZE;
403
404 baud = speed/100;
405 ptr[0] = (char)baud;
406 ptr[1] = (char)(baud >> 8);
407
408 if (write(fd, cmd, WRITE_BAUD_CMD_LEN) != WRITE_BAUD_CMD_LEN) {
409 ALOGI("Failed to write change baud rate command");
410 return -ETIMEDOUT;
411 }
412
413 nanosleep(&tm, NULL);
414
415 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0)
416 return -ETIMEDOUT;
417
418 return 0;
419 }
420
421 #define PS_UNDEF 0
422 #define PS_ID 1
423 #define PS_LEN 2
424 #define PS_DATA 3
425
426 #define PS_MAX_LEN 500
427 #define LINE_SIZE_MAX (PS_MAX_LEN * 2)
428 #define ENTRY_PER_LINE 16
429
430 #define __check_comment(buf) (((buf)[0] == '/') && ((buf)[1] == '/'))
431 #define __skip_space(str) while (*(str) == ' ') ((str)++)
432
433
434 #define __is_delim(ch) ((ch) == ':')
435 #define MAX_PREAMBLE_LEN 4
436
437 /* Parse PS entry preamble of format [X:X] for main type and subtype */
get_ps_type(char * ptr,int index,char * type,char * sub_type)438 static int get_ps_type(char *ptr, int index, char *type, char *sub_type)
439 {
440 int i;
441 int delim = FALSE;
442
443 if (index > MAX_PREAMBLE_LEN)
444 return -EILSEQ;
445
446 for (i = 1; i < index; i++) {
447 if (__is_delim(ptr[i])) {
448 delim = TRUE;
449 continue;
450 }
451
452 if (isalpha(ptr[i])) {
453 if (delim == FALSE)
454 (*type) = toupper(ptr[i]);
455 else
456 (*sub_type) = toupper(ptr[i]);
457 }
458 }
459
460 return 0;
461 }
462
463 #define ARRAY 'A'
464 #define STRING 'S'
465 #define DECIMAL 'D'
466 #define BINARY 'B'
467
468 #define PS_HEX 0
469 #define PS_DEC 1
470
get_input_format(char * buf,struct ps_entry_type * format)471 static int get_input_format(char *buf, struct ps_entry_type *format)
472 {
473 char *ptr = NULL;
474 char type = '\0';
475 char sub_type = '\0';
476
477 format->type = PS_HEX;
478 format->array = TRUE;
479
480 if (strstr(buf, "[") != buf)
481 return 0;
482
483 ptr = strstr(buf, "]");
484 if (!ptr)
485 return -EILSEQ;
486
487 if (get_ps_type(buf, ptr - buf, &type, &sub_type) < 0)
488 return -EILSEQ;
489
490 /* Check is data type is of array */
491 if (type == ARRAY || sub_type == ARRAY)
492 format->array = TRUE;
493
494 if (type == STRING || sub_type == STRING)
495 format->array = FALSE;
496
497 if (type == DECIMAL || type == BINARY)
498 format->type = PS_DEC;
499 else
500 format->type = PS_HEX;
501
502 return 0;
503 }
504
505
506
507 #define UNDEFINED 0xFFFF
508
read_data_in_section(char * buf,struct ps_entry_type type)509 static unsigned int read_data_in_section(char *buf, struct ps_entry_type type)
510 {
511 char *ptr = buf;
512
513 if (!buf)
514 return UNDEFINED;
515
516 if (buf == strstr(buf, "[")) {
517 ptr = strstr(buf, "]");
518 if (!ptr)
519 return UNDEFINED;
520
521 ptr++;
522 }
523
524 if (type.type == PS_HEX && type.array != TRUE)
525 return strtol(ptr, NULL, 16);
526
527 return UNDEFINED;
528 }
529
530
531 /* Read PS entries as string, convert and add to Hex array */
update_tag_data(struct ps_cfg_entry * tag,struct tag_info * info,const char * ptr)532 static void update_tag_data(struct ps_cfg_entry *tag,
533 struct tag_info *info, const char *ptr)
534 {
535 char buf[3];
536
537 buf[2] = '\0';
538
539 strlcpy(buf, &ptr[info->char_cnt],sizeof(buf));
540 tag->data[info->byte_count] = strtol(buf, NULL, 16);
541 info->char_cnt += 3;
542 info->byte_count++;
543
544 strlcpy(buf, &ptr[info->char_cnt], sizeof(buf));
545 tag->data[info->byte_count] = strtol(buf, NULL, 16);
546 info->char_cnt += 3;
547 info->byte_count++;
548 }
549
update_char_count(const char * buf)550 static inline int update_char_count(const char *buf)
551 {
552 char *end_ptr;
553
554 if (strstr(buf, "[") == buf) {
555 end_ptr = strstr(buf, "]");
556 if (!end_ptr)
557 return 0;
558 else
559 return(end_ptr - buf) + 1;
560 }
561
562 return 0;
563 }
564
565 #define PS_HEX 0
566 #define PS_DEC 1
567
ath_parse_ps(FILE * stream)568 static int ath_parse_ps(FILE *stream)
569 {
570 char buf[LINE_SIZE_MAX + 1];
571 char *ptr;
572 uint8_t tag_cnt = 0;
573 int16_t byte_count = 0;
574 struct ps_entry_type format;
575 struct tag_info status = { 0, 0, 0, 0};
576
577 do {
578 int read_count;
579 struct ps_cfg_entry *tag;
580
581 ptr = fgets(buf, LINE_SIZE_MAX, stream);
582 if (!ptr)
583 break;
584
585 __skip_space(ptr);
586 if (__check_comment(ptr))
587 continue;
588
589 /* Lines with a '#' will be followed by new PS entry */
590 if (ptr == strstr(ptr, "#")) {
591 if (status.section != PS_UNDEF) {
592 return -EILSEQ;
593 } else {
594 status.section = PS_ID;
595 continue;
596 }
597 }
598
599 tag = &ps_list[tag_cnt];
600
601 switch (status.section) {
602 case PS_ID:
603 if (get_input_format(ptr, &format) < 0)
604 return -EILSEQ;
605
606 tag->id = read_data_in_section(ptr, format);
607 status.section = PS_LEN;
608 break;
609
610 case PS_LEN:
611 if (get_input_format(ptr, &format) < 0)
612 return -EILSEQ;
613
614 byte_count = read_data_in_section(ptr, format);
615 if (byte_count > PS_MAX_LEN)
616 return -EILSEQ;
617
618 tag->len = byte_count;
619 tag->data = (uint8_t *)malloc(byte_count);
620
621 status.section = PS_DATA;
622 status.line_count = 0;
623 break;
624
625 case PS_DATA:
626 if (status.line_count == 0)
627 if (get_input_format(ptr, &format) < 0)
628 return -EILSEQ;
629
630 __skip_space(ptr);
631
632 status.char_cnt = update_char_count(ptr);
633
634 read_count = (byte_count > ENTRY_PER_LINE) ?
635 ENTRY_PER_LINE : byte_count;
636
637 if (format.type == PS_HEX && format.array == TRUE) {
638 while (read_count > 0) {
639 update_tag_data(tag, &status, ptr);
640 read_count -= 2;
641 }
642
643 if (byte_count > ENTRY_PER_LINE)
644 byte_count -= ENTRY_PER_LINE;
645 else
646 byte_count = 0;
647 }
648
649 status.line_count++;
650
651 if (byte_count == 0)
652 memset(&status, 0x00, sizeof(struct tag_info));
653
654 if (status.section == PS_UNDEF)
655 tag_cnt++;
656
657 if (tag_cnt == MAX_TAGS)
658 return -EILSEQ;
659 break;
660 }
661 } while (ptr);
662
663 return tag_cnt;
664 }
665
666 #define PS_RAM_SIZE 2048
667
ps_config_download(int fd,int tag_count)668 static int ps_config_download(int fd, int tag_count)
669 {
670 if (write_ps_cmd(fd, PS_RESET, PS_RAM_SIZE) < 0)
671 return -1;
672
673 if (tag_count > 0)
674 if (write_ps_cmd(fd, PS_WRITE, tag_count) < 0)
675 return -1;
676 return 0;
677 }
678
write_bdaddr(int pConfig,char * bdaddr)679 static int write_bdaddr(int pConfig, char *bdaddr)
680 {
681 uint8_t *event;
682 int err;
683 uint8_t cmd[13];
684 uint8_t *ptr = cmd;
685 hci_command_hdr *ch = (void *)cmd;
686
687 memset(cmd, 0, sizeof(cmd));
688
689 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
690 HCI_PS_CMD_OCF));
691 ch->plen = 10;
692 ptr += HCI_COMMAND_HDR_SIZE;
693
694 ptr[0] = 0x01;
695 ptr[1] = 0x01;
696 ptr[2] = 0x00;
697 ptr[3] = 0x06;
698
699 convert_bdaddr(bdaddr, (char *)&ptr[4]);
700
701 err = send_hci_cmd_sync(pConfig, cmd, sizeof(cmd), &event);
702 if (err < 0)
703 return err;
704
705 err = read_ps_event(event, HCI_PS_CMD_OCF);
706
707 free(event);
708
709 return err;
710 }
711
write_bdaddr_from_file(int rom_version,int fd)712 static void write_bdaddr_from_file(int rom_version, int fd)
713 {
714 FILE *stream;
715 char bdaddr[PATH_MAX];
716 char bdaddr_file[PATH_MAX];
717
718 snprintf(bdaddr_file, MAXPATHLEN, "%s%x/%s",
719 FW_PATH, rom_version, BDADDR_FILE);
720
721 stream = fopen(bdaddr_file, "r");
722 if (!stream)
723 return;
724
725 if (fgets(bdaddr, PATH_MAX - 1, stream))
726 write_bdaddr(fd, bdaddr);
727
728 fclose(stream);
729 }
730
731 #define HCI_EVT_CMD_CMPL_OPCODE 3
732 #define HCI_EVT_CMD_CMPL_STATUS_RET_BYTE 5
733
baswap(bdaddr_t * dst,const bdaddr_t * src)734 void baswap(bdaddr_t *dst, const bdaddr_t *src)
735 {
736 register unsigned char *d = (unsigned char *) dst;
737 register const unsigned char *s = (const unsigned char *) src;
738 register int i;
739 for (i = 0; i < 6; i++)
740 d[i] = s[5-i];
741 }
742
743
str2ba(const char * str,bdaddr_t * ba)744 int str2ba(const char *str, bdaddr_t *ba)
745 {
746 uint8_t b[6];
747 const char *ptr = str;
748 int i;
749
750 for (i = 0; i < 6; i++) {
751 b[i] = (uint8_t) strtol(ptr, NULL, 16);
752 ptr = strchr(ptr, ':');
753 if (i != 5 && !ptr)
754 ptr = ":00:00:00:00:00";
755 ptr++;
756 }
757 baswap(ba, (bdaddr_t *) b);
758 return 0;
759 }
760
761 #define DEV_REGISTER 0x4FFC
762 #define GET_DEV_TYPE_OCF 0x05
763
get_device_type(int dev,uint32_t * code)764 static int get_device_type(int dev, uint32_t *code)
765 {
766 uint8_t cmd[8] = {0};
767 uint8_t *event;
768 uint32_t reg;
769 int err;
770 uint8_t *ptr = cmd;
771 hci_command_hdr *ch = (void *)cmd;
772
773 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
774 GET_DEV_TYPE_OCF));
775 ch->plen = 5;
776 ptr += HCI_COMMAND_HDR_SIZE;
777
778 ptr[0] = (uint8_t)DEV_REGISTER;
779 ptr[1] = (uint8_t)DEV_REGISTER >> 8;
780 ptr[2] = (uint8_t)DEV_REGISTER >> 16;
781 ptr[3] = (uint8_t)DEV_REGISTER >> 24;
782 ptr[4] = 0x04;
783
784 err = send_hci_cmd_sync(dev, cmd, sizeof(cmd), &event);
785 if (err < 0)
786 return err;
787
788 err = read_ps_event(event, GET_DEV_TYPE_OCF);
789 if (err < 0)
790 goto cleanup;
791
792 reg = event[10];
793 reg = (reg << 8) | event[9];
794 reg = (reg << 8) | event[8];
795 reg = (reg << 8) | event[7];
796 *code = reg;
797
798 cleanup:
799 free(event);
800
801 return err;
802 }
803
804 #define GET_VERSION_OCF 0x1E
805
read_ath3k_version(int pConfig,uint32_t * rom_version,uint32_t * build_version)806 static int read_ath3k_version(int pConfig, uint32_t *rom_version,
807 uint32_t *build_version)
808 {
809 uint8_t cmd[3] = {0};
810 uint8_t *event;
811 int err;
812 int status;
813 hci_command_hdr *ch = (void *)cmd;
814
815 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
816 GET_VERSION_OCF));
817 ch->plen = 0;
818
819 err = send_hci_cmd_sync(pConfig, cmd, sizeof(cmd), &event);
820 if (err < 0)
821 return err;
822
823 err = read_ps_event(event, GET_VERSION_OCF);
824 if (err < 0)
825 goto cleanup;
826
827 status = event[10];
828 status = (status << 8) | event[9];
829 status = (status << 8) | event[8];
830 status = (status << 8) | event[7];
831 *rom_version = status;
832
833 status = event[14];
834 status = (status << 8) | event[13];
835 status = (status << 8) | event[12];
836 status = (status << 8) | event[11];
837 *build_version = status;
838
839 cleanup:
840 free(event);
841
842 return err;
843 }
844
845 #define VERIFY_CRC 9
846 #define PS_REGION 1
847 #define PATCH_REGION 2
848
get_ath3k_crc(int dev)849 static int get_ath3k_crc(int dev)
850 {
851 uint8_t cmd[7] = {0};
852 uint8_t *event;
853 int err;
854
855 load_hci_ps_hdr(cmd, VERIFY_CRC, 0, PS_REGION | PATCH_REGION);
856
857 err = send_hci_cmd_sync(dev, cmd, sizeof(cmd), &event);
858 if (err < 0)
859 return err;
860 /* Send error code if CRC check patched */
861 if (read_ps_event(event, HCI_PS_CMD_OCF) >= 0)
862 err = -EILSEQ;
863
864 free(event);
865
866 return err;
867 }
868
869 #define SET_PATCH_RAM_ID 0x0D
870 #define SET_PATCH_RAM_CMD_SIZE 11
871 #define ADDRESS_LEN 4
set_patch_ram(int dev,char * patch_loc,int len)872 static int set_patch_ram(int dev, char *patch_loc, int len)
873 {
874 int err;
875 uint8_t cmd[20] = {0};
876 int i, j;
877 char loc_byte[3];
878 uint8_t *event;
879 uint8_t *loc_ptr = &cmd[7];
880
881 RESERVED(len);
882
883 if (!patch_loc)
884 return -1;
885
886 loc_byte[2] = '\0';
887
888 load_hci_ps_hdr(cmd, SET_PATCH_RAM_ID, ADDRESS_LEN, 0);
889
890 for (i = 0, j = 3; i < 4; i++, j--) {
891 loc_byte[0] = patch_loc[0];
892 loc_byte[1] = patch_loc[1];
893 loc_ptr[j] = strtol(loc_byte, NULL, 16);
894 patch_loc += 2;
895 }
896
897 err = send_hci_cmd_sync(dev, cmd, SET_PATCH_RAM_CMD_SIZE, &event);
898 if (err < 0)
899 return err;
900
901 err = read_ps_event(event, HCI_PS_CMD_OCF);
902
903 free(event);
904
905 return err;
906 }
907
908 #define PATCH_LOC_KEY "DA:"
909 #define PATCH_LOC_STRING_LEN 8
ps_patch_download(int fd,FILE * stream)910 static int ps_patch_download(int fd, FILE *stream)
911 {
912 char byte[3];
913 char ptr[MAX_PATCH_CMD + 1];
914 int byte_cnt;
915 int patch_count = 0;
916 char patch_loc[PATCH_LOC_STRING_LEN + 1];
917
918 byte[2] = '\0';
919
920 while (fgets(ptr, MAX_PATCH_CMD, stream)) {
921 if (strlen(ptr) <= 1)
922 continue;
923 else if (strstr(ptr, PATCH_LOC_KEY) == ptr) {
924 strlcpy(patch_loc, &ptr[sizeof(PATCH_LOC_KEY) - 1],
925 PATCH_LOC_STRING_LEN);
926 if (set_patch_ram(fd, patch_loc, sizeof(patch_loc)) < 0)
927 return -1;
928 } else if (isxdigit(ptr[0]))
929 break;
930 else
931 return -1;
932 }
933
934 byte_cnt = strtol(ptr, NULL, 16);
935
936 while (byte_cnt > 0) {
937 int i;
938 uint8_t cmd[HCI_MAX_CMD_SIZE] = {0};
939 struct patch_entry patch;
940
941 if (byte_cnt > MAX_PATCH_CMD)
942 patch.len = MAX_PATCH_CMD;
943 else
944 patch.len = byte_cnt;
945
946 for (i = 0; i < patch.len; i++) {
947 if (!fgets(byte, 3, stream))
948 return -1;
949
950 patch.data[i] = strtoul(byte, NULL, 16);
951 }
952
953 load_hci_ps_hdr(cmd, WRITE_PATCH, patch.len, patch_count);
954 memcpy(&cmd[HCI_PS_CMD_HDR_LEN], patch.data, patch.len);
955
956 if (write_cmd(fd, cmd, patch.len + HCI_PS_CMD_HDR_LEN) < 0)
957 return -1;
958
959 patch_count++;
960 byte_cnt = byte_cnt - MAX_PATCH_CMD;
961 }
962
963 if (write_ps_cmd(fd, ENABLE_PATCH, 0) < 0)
964 return -1;
965
966 return patch_count;
967 }
968
ath_ps_download(int fd)969 static int ath_ps_download(int fd)
970 {
971 int err = 0;
972 int tag_count;
973 int patch_count = 0;
974 uint32_t rom_version = 0;
975 uint32_t build_version = 0;
976 uint32_t dev_type = 0;
977 char patch_file[PATH_MAX];
978 char ps_file[PATH_MAX];
979 FILE *stream;
980
981 /*
982 * Verfiy firmware version. depending on it select the PS
983 * config file to download.
984 */
985 if (get_device_type(fd, &dev_type) < 0) {
986 err = -EILSEQ;
987 goto download_cmplete;
988 }
989
990 if (read_ath3k_version(fd, &rom_version, &build_version) < 0) {
991 err = -EILSEQ;
992 goto download_cmplete;
993 }
994
995 /* Do not download configuration if CRC passes */
996 if (get_ath3k_crc(fd) < 0) {
997 err = 0;
998 goto download_cmplete;
999 }
1000
1001 get_ps_file_name(dev_type, rom_version, ps_file);
1002 get_patch_file_name(dev_type, rom_version, build_version, patch_file);
1003
1004 stream = fopen(ps_file, "r");
1005 if (!stream) {
1006 ALOGI("firmware file open error:%s, ver:%x\n",ps_file, rom_version);
1007 if (rom_version == 0x1020201)
1008 err = 0;
1009 else
1010 err = -EILSEQ;
1011 goto download_cmplete;
1012 }
1013 tag_count = ath_parse_ps(stream);
1014
1015 fclose(stream);
1016
1017 if (tag_count < 0) {
1018 err = -EILSEQ;
1019 goto download_cmplete;
1020 }
1021
1022 /*
1023 * It is not necessary that Patch file be available,
1024 * continue with PS Operations if patch file is not available.
1025 */
1026 if (patch_file[0] == '\0')
1027 err = 0;
1028
1029 stream = fopen(patch_file, "r");
1030 if (!stream)
1031 err = 0;
1032 else {
1033 patch_count = ps_patch_download(fd, stream);
1034 fclose(stream);
1035
1036 if (patch_count < 0) {
1037 err = -EILSEQ;
1038 goto download_cmplete;
1039 }
1040 }
1041
1042 err = ps_config_download(fd, tag_count);
1043
1044 download_cmplete:
1045 if (!err)
1046 write_bdaddr_from_file(rom_version, fd);
1047
1048 return err;
1049 }
1050
ath3k_init(int fd,int speed,int init_speed,char * bdaddr,struct termios * ti)1051 int ath3k_init(int fd, int speed, int init_speed, char *bdaddr, struct termios *ti)
1052 {
1053 ALOGI(" %s ", __FUNCTION__);
1054
1055 int r;
1056 int err = 0;
1057 struct timespec tm = { 0, 500000};
1058 unsigned char cmd[MAX_CMD_LEN] = {0};
1059 unsigned char rsp[HCI_MAX_EVENT_SIZE];
1060 unsigned char *ptr = cmd + 1;
1061 hci_command_hdr *ch = (void *)ptr;
1062 int flags = 0;
1063
1064 if (ioctl(fd, TIOCMGET, &flags) < 0) {
1065 ALOGI("TIOCMGET failed in init\n");
1066 return -1;
1067 }
1068 flags |= TIOCM_RTS;
1069 if (ioctl(fd, TIOCMSET, &flags) < 0) {
1070 ALOGI("TIOCMSET failed in init: HW Flow-on error\n");
1071 return -1;
1072 }
1073
1074 /* set both controller and host baud rate to maximum possible value */
1075 err = set_cntrlr_baud(fd, speed);
1076 ALOGI("set_cntrlr_baud : ret:%d \n", err);
1077 if (err < 0)
1078 return err;
1079
1080 err = set_speed(fd, ti, speed);
1081 if (err < 0) {
1082 ALOGI("Can't set required baud rate");
1083 return err;
1084 }
1085
1086 /* Download PS and patch */
1087 r = ath_ps_download(fd);
1088 if (r < 0) {
1089 ALOGI("Failed to Download configuration");
1090 err = -ETIMEDOUT;
1091 goto failed;
1092 }
1093
1094 ALOGI("ath_ps_download is done\n");
1095
1096 cmd[0] = HCI_COMMAND_PKT;
1097 /* Write BDADDR */
1098 if (bdaddr) {
1099 ch->opcode = htobs(cmd_opcode_pack(HCI_VENDOR_CMD_OGF,
1100 HCI_PS_CMD_OCF));
1101 ch->plen = 10;
1102 ptr += HCI_COMMAND_HDR_SIZE;
1103
1104 ptr[0] = 0x01;
1105 ptr[1] = 0x01;
1106 ptr[2] = 0x00;
1107 ptr[3] = 0x06;
1108 str2ba(bdaddr, (bdaddr_t *)(ptr + 4));
1109
1110 if (write(fd, cmd, WRITE_BDADDR_CMD_LEN) !=
1111 WRITE_BDADDR_CMD_LEN) {
1112 ALOGI("Failed to write BD_ADDR command\n");
1113 err = -ETIMEDOUT;
1114 goto failed;
1115 }
1116
1117 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) {
1118 ALOGI("Failed to set BD_ADDR\n");
1119 err = -ETIMEDOUT;
1120 goto failed;
1121 }
1122 }
1123
1124 /* Send HCI Reset */
1125 cmd[1] = 0x03;
1126 cmd[2] = 0x0C;
1127 cmd[3] = 0x00;
1128
1129 r = write(fd, cmd, 4);
1130 if (r != 4) {
1131 err = -ETIMEDOUT;
1132 goto failed;
1133 }
1134
1135 nanosleep(&tm, NULL);
1136 if (read_hci_event(fd, rsp, sizeof(rsp)) < 0) {
1137 err = -ETIMEDOUT;
1138 goto failed;
1139 }
1140
1141 ALOGI("HCI Reset is done\n");
1142 err = set_cntrlr_baud(fd, speed);
1143 if (err < 0)
1144 ALOGI("set_cntrlr_baud0:%d,%d\n", speed, err);
1145
1146 failed:
1147 if (err < 0) {
1148 set_cntrlr_baud(fd, init_speed);
1149 set_speed(fd, ti, init_speed);
1150 }
1151
1152 return err;
1153
1154 }
1155 #define BTPROTO_HCI 1
1156
1157 /* Open HCI device.
1158 * Returns device descriptor (dd). */
hci_open_dev(int dev_id)1159 int hci_open_dev(int dev_id)
1160 {
1161 struct sockaddr_hci a;
1162 int dd, err;
1163
1164 /* Create HCI socket */
1165 dd = socket(AF_BLUETOOTH, SOCK_RAW, BTPROTO_HCI);
1166 if (dd < 0)
1167 return dd;
1168
1169 /* Bind socket to the HCI device */
1170 memset(&a, 0, sizeof(a));
1171 a.hci_family = AF_BLUETOOTH;
1172 a.hci_dev = dev_id;
1173 if (bind(dd, (struct sockaddr *) &a, sizeof(a)) < 0)
1174 goto failed;
1175
1176 return dd;
1177
1178 failed:
1179 err = errno;
1180 close(dd);
1181 errno = err;
1182
1183 return -1;
1184 }
1185
hci_close_dev(int dd)1186 int hci_close_dev(int dd)
1187 {
1188 return close(dd);
1189 }
1190
1191 /* HCI functions that require open device
1192 * dd - Device descriptor returned by hci_open_dev. */
1193
hci_send_cmd(int dd,uint16_t ogf,uint16_t ocf,uint8_t plen,void * param)1194 int hci_send_cmd(int dd, uint16_t ogf, uint16_t ocf, uint8_t plen, void *param)
1195 {
1196 uint8_t type = HCI_COMMAND_PKT;
1197 hci_command_hdr hc;
1198 struct iovec iv[3];
1199 int ivn;
1200
1201 hc.opcode = htobs(cmd_opcode_pack(ogf, ocf));
1202 hc.plen= plen;
1203
1204 iv[0].iov_base = &type;
1205 iv[0].iov_len = 1;
1206 iv[1].iov_base = &hc;
1207 iv[1].iov_len = HCI_COMMAND_HDR_SIZE;
1208 ivn = 2;
1209
1210 if (plen) {
1211 iv[2].iov_base = param;
1212 iv[2].iov_len = plen;
1213 ivn = 3;
1214 }
1215
1216 while (writev(dd, iv, ivn) < 0) {
1217 if (errno == EAGAIN || errno == EINTR)
1218 continue;
1219 return -1;
1220 }
1221 return 0;
1222 }
1223
1224 #define HCI_SLEEP_CMD_OCF 0x04
1225 #define TIOCSETD 0x5423
1226 #define HCIUARTSETFLAGS _IOW('U', 204, int)
1227 #define HCIUARTSETPROTO _IOW('U', 200, int)
1228 #define HCIUARTGETDEVICE _IOW('U', 202, int)
1229 /*
1230 * Atheros AR300x specific initialization post callback
1231 */
ath3k_post(int fd,int pm)1232 int ath3k_post(int fd, int pm)
1233 {
1234 int dev_id, dd;
1235 struct timespec tm = { 0, 50000};
1236
1237 sleep(1);
1238
1239 dev_id = ioctl(fd, HCIUARTGETDEVICE, 0);
1240 if (dev_id < 0) {
1241 perror("cannot get device id");
1242 return dev_id;
1243 }
1244
1245 dd = hci_open_dev(dev_id);
1246 if (dd < 0) {
1247 perror("HCI device open failed");
1248 return dd;
1249 }
1250
1251 if (ioctl(dd, HCIDEVUP, dev_id) < 0 && errno != EALREADY) {
1252 perror("hci down:Power management Disabled");
1253 hci_close_dev(dd);
1254 return -1;
1255 }
1256
1257 /* send vendor specific command with Sleep feature Enabled */
1258 if (hci_send_cmd(dd, OGF_VENDOR_CMD, HCI_SLEEP_CMD_OCF, 1, &pm) < 0)
1259 perror("PM command failed, power management Disabled");
1260
1261 nanosleep(&tm, NULL);
1262 hci_close_dev(dd);
1263
1264 return 0;
1265 }
1266
1267
1268
1269 #define FLOW_CTL 0x0001
1270 #define ENABLE_PM 1
1271 #define DISABLE_PM 0
1272
1273 /* Initialize UART driver */
init_uart(char * dev,struct uart_t * u,int send_break,int raw)1274 static int init_uart(char *dev, struct uart_t *u, int send_break, int raw)
1275 {
1276 ALOGI(" %s ", __FUNCTION__);
1277
1278 struct termios ti;
1279
1280 int i, fd;
1281 unsigned long flags = 0;
1282
1283 if (raw)
1284 flags |= 1 << HCI_UART_RAW_DEVICE;
1285
1286
1287 fd = open(dev, O_RDWR | O_NOCTTY);
1288
1289 if (fd < 0) {
1290 ALOGI("Can't open serial port");
1291 return -1;
1292 }
1293
1294
1295 tcflush(fd, TCIOFLUSH);
1296
1297 if (tcgetattr(fd, &ti) < 0) {
1298 ALOGI("Can't get port settings: %d\n", errno);
1299 return -1;
1300 }
1301
1302 cfmakeraw(&ti);
1303
1304 ti.c_cflag |= CLOCAL;
1305 if (u->flags & FLOW_CTL)
1306 ti.c_cflag |= CRTSCTS;
1307 else
1308 ti.c_cflag &= ~CRTSCTS;
1309
1310 if (tcsetattr(fd, TCSANOW, &ti) < 0) {
1311 ALOGI("Can't set port settings");
1312 return -1;
1313 }
1314
1315 if (set_speed(fd, &ti, u->init_speed) < 0) {
1316 ALOGI("Can't set initial baud rate");
1317 return -1;
1318 }
1319
1320 tcflush(fd, TCIOFLUSH);
1321
1322 if (send_break) {
1323 tcsendbreak(fd, 0);
1324 usleep(500000);
1325 }
1326
1327 ath3k_init(fd,u->speed,u->init_speed,u->bdaddr, &ti);
1328
1329 ALOGI("Device setup complete\n");
1330
1331
1332 tcflush(fd, TCIOFLUSH);
1333
1334 // Set actual baudrate
1335 /*
1336 if (set_speed(fd, &ti, u->speed) < 0) {
1337 perror("Can't set baud rate");
1338 return -1;
1339 }
1340
1341 i = N_HCI;
1342 if (ioctl(fd, TIOCSETD, &i) < 0) {
1343 perror("Can't set line discipline");
1344 return -1;
1345 }
1346
1347 if (flags && ioctl(fd, HCIUARTSETFLAGS, flags) < 0) {
1348 perror("Can't set UART flags");
1349 return -1;
1350 }
1351
1352 if (ioctl(fd, HCIUARTSETPROTO, u->proto) < 0) {
1353 perror("Can't set device");
1354 return -1;
1355 }
1356
1357 #if !defined(SW_BOARD_HAVE_BLUETOOTH_RTK)
1358 ath3k_post(fd, u->pm);
1359 #endif
1360 */
1361
1362 return fd;
1363 }
1364
1365
hw_config_ath3k(char * port_name)1366 int hw_config_ath3k(char *port_name)
1367 {
1368 ALOGI(" %s ", __FUNCTION__);
1369 PSCounter=0;
1370 struct sigaction sa;
1371 struct uart_t u ;
1372 int n=0,send_break=0,raw=0;
1373
1374 memset(&u, 0, sizeof(u));
1375 u.speed =3000000;
1376 u.init_speed =115200;
1377 u.flags |= FLOW_CTL;
1378 u.pm = DISABLE_PM;
1379
1380 n = init_uart(port_name, &u, send_break, raw);
1381 if (n < 0) {
1382 ALOGI("Can't initialize device");
1383 }
1384
1385 return n;
1386 }
1387
lpm_set_ar3k(uint8_t pio,uint8_t action,uint8_t polarity)1388 void lpm_set_ar3k(uint8_t pio, uint8_t action, uint8_t polarity)
1389 {
1390 int rc;
1391 int fd = -1;
1392 char buffer;
1393
1394 ALOGI("lpm mode: %d action: %d", pio, action);
1395
1396 RESERVED(polarity);
1397
1398 switch (pio)
1399 {
1400 case UPIO_LPM_MODE:
1401 if (upio_state[UPIO_LPM_MODE] == action)
1402 {
1403 ALOGI("LPM is %s already", lpm_mode[action]);
1404 return;
1405 }
1406
1407 fd = open(VENDOR_LPM_PROC_NODE, O_WRONLY);
1408
1409 if (fd < 0)
1410 {
1411 ALOGE("upio_set : open(%s) for write failed: %s (%d)",
1412 VENDOR_LPM_PROC_NODE, strerror(errno), errno);
1413 return;
1414 }
1415
1416 if (action == UPIO_ASSERT)
1417 {
1418 buffer = '1';
1419 }
1420 else
1421 {
1422 buffer = '0';
1423 }
1424
1425 if (write(fd, &buffer, 1) < 0)
1426 {
1427 ALOGE("upio_set : write(%s) failed: %s (%d)",
1428 VENDOR_LPM_PROC_NODE, strerror(errno),errno);
1429 }
1430 else
1431 {
1432 upio_state[UPIO_LPM_MODE] = action;
1433 ALOGI("LPM is set to %s", lpm_mode[action]);
1434 }
1435
1436 if (fd >= 0)
1437 close(fd);
1438
1439 break;
1440
1441 case UPIO_BT_WAKE:
1442 /* UPIO_DEASSERT should be allowed because in Rx case assert occur
1443 * from the remote side where as deassert will be initiated from Host
1444 */
1445 if ((action == UPIO_ASSERT) && (upio_state[UPIO_BT_WAKE] == action))
1446 {
1447 ALOGI("BT_WAKE is %s already", lpm_state[action]);
1448
1449 return;
1450 }
1451
1452 if (action == UPIO_DEASSERT)
1453 buffer = '0';
1454 else
1455 buffer = '1';
1456
1457 fd = open(VENDOR_BTWRITE_PROC_NODE, O_WRONLY);
1458
1459 if (fd < 0)
1460 {
1461 ALOGE("upio_set : open(%s) for write failed: %s (%d)",
1462 VENDOR_BTWRITE_PROC_NODE, strerror(errno), errno);
1463 return;
1464 }
1465
1466 if (write(fd, &buffer, 1) < 0)
1467 {
1468 ALOGE("upio_set : write(%s) failed: %s (%d)",
1469 VENDOR_BTWRITE_PROC_NODE, strerror(errno),errno);
1470 }
1471 else
1472 {
1473 upio_state[UPIO_BT_WAKE] = action;
1474 ALOGI("BT_WAKE is set to %s", lpm_state[action]);
1475 }
1476
1477 ALOGI("proc btwrite assertion");
1478
1479 if (fd >= 0)
1480 close(fd);
1481
1482 break;
1483
1484 case UPIO_HOST_WAKE:
1485 ALOGI("upio_set: UPIO_HOST_WAKE");
1486 break;
1487 }
1488
1489 }
1490