1 // SPDX-License-Identifier: GPL-2.0-or-later 2 /* 3 * 4 * Bluetooth support for Intel PCIe devices 5 * 6 * Copyright (C) 2024 Intel Corporation 7 */ 8 9 #include <linux/kernel.h> 10 #include <linux/module.h> 11 #include <linux/firmware.h> 12 #include <linux/pci.h> 13 #include <linux/wait.h> 14 #include <linux/delay.h> 15 #include <linux/interrupt.h> 16 17 #include <linux/unaligned.h> 18 19 #include <net/bluetooth/bluetooth.h> 20 #include <net/bluetooth/hci_core.h> 21 22 #include "btintel.h" 23 #include "btintel_pcie.h" 24 25 #define VERSION "0.1" 26 27 #define BTINTEL_PCI_DEVICE(dev, subdev) \ 28 .vendor = PCI_VENDOR_ID_INTEL, \ 29 .device = (dev), \ 30 .subvendor = PCI_ANY_ID, \ 31 .subdevice = (subdev), \ 32 .driver_data = 0 33 34 #define POLL_INTERVAL_US 10 35 36 /* Intel Bluetooth PCIe device id table */ 37 static const struct pci_device_id btintel_pcie_table[] = { 38 { BTINTEL_PCI_DEVICE(0xA876, PCI_ANY_ID) }, 39 { BTINTEL_PCI_DEVICE(0xE476, PCI_ANY_ID) }, 40 { 0 } 41 }; 42 MODULE_DEVICE_TABLE(pci, btintel_pcie_table); 43 44 /* Intel PCIe uses 4 bytes of HCI type instead of 1 byte BT SIG HCI type */ 45 #define BTINTEL_PCIE_HCI_TYPE_LEN 4 46 #define BTINTEL_PCIE_HCI_CMD_PKT 0x00000001 47 #define BTINTEL_PCIE_HCI_ACL_PKT 0x00000002 48 #define BTINTEL_PCIE_HCI_SCO_PKT 0x00000003 49 #define BTINTEL_PCIE_HCI_EVT_PKT 0x00000004 50 #define BTINTEL_PCIE_HCI_ISO_PKT 0x00000005 51 52 #define BTINTEL_PCIE_MAGIC_NUM 0xA5A5A5A5 53 54 #define BTINTEL_PCIE_BLZR_HWEXP_SIZE 1024 55 #define BTINTEL_PCIE_BLZR_HWEXP_DMP_ADDR 0xB00A7C00 56 57 #define BTINTEL_PCIE_SCP_HWEXP_SIZE 4096 58 #define BTINTEL_PCIE_SCP_HWEXP_DMP_ADDR 0xB030F800 59 60 #define BTINTEL_PCIE_MAGIC_NUM 0xA5A5A5A5 61 62 #define BTINTEL_PCIE_TRIGGER_REASON_USER_TRIGGER 0x17A2 63 #define BTINTEL_PCIE_TRIGGER_REASON_FW_ASSERT 0x1E61 64 65 /* Alive interrupt context */ 66 enum { 67 BTINTEL_PCIE_ROM, 68 BTINTEL_PCIE_FW_DL, 69 BTINTEL_PCIE_HCI_RESET, 70 BTINTEL_PCIE_INTEL_HCI_RESET1, 71 BTINTEL_PCIE_INTEL_HCI_RESET2, 72 BTINTEL_PCIE_D0, 73 BTINTEL_PCIE_D3 74 }; 75 76 /* Structure for dbgc fragment buffer 77 * @buf_addr_lsb: LSB of the buffer's physical address 78 * @buf_addr_msb: MSB of the buffer's physical address 79 * @buf_size: Total size of the buffer 80 */ 81 struct btintel_pcie_dbgc_ctxt_buf { 82 u32 buf_addr_lsb; 83 u32 buf_addr_msb; 84 u32 buf_size; 85 }; 86 87 /* Structure for dbgc fragment 88 * @magic_num: 0XA5A5A5A5 89 * @ver: For Driver-FW compatibility 90 * @total_size: Total size of the payload debug info 91 * @num_buf: Num of allocated debug bufs 92 * @bufs: All buffer's addresses and sizes 93 */ 94 struct btintel_pcie_dbgc_ctxt { 95 u32 magic_num; 96 u32 ver; 97 u32 total_size; 98 u32 num_buf; 99 struct btintel_pcie_dbgc_ctxt_buf bufs[BTINTEL_PCIE_DBGC_BUFFER_COUNT]; 100 }; 101 102 /* This function initializes the memory for DBGC buffers and formats the 103 * DBGC fragment which consists header info and DBGC buffer's LSB, MSB and 104 * size as the payload 105 */ 106 static int btintel_pcie_setup_dbgc(struct btintel_pcie_data *data) 107 { 108 struct btintel_pcie_dbgc_ctxt db_frag; 109 struct data_buf *buf; 110 int i; 111 112 data->dbgc.count = BTINTEL_PCIE_DBGC_BUFFER_COUNT; 113 data->dbgc.bufs = devm_kcalloc(&data->pdev->dev, data->dbgc.count, 114 sizeof(*buf), GFP_KERNEL); 115 if (!data->dbgc.bufs) 116 return -ENOMEM; 117 118 data->dbgc.buf_v_addr = dmam_alloc_coherent(&data->pdev->dev, 119 data->dbgc.count * 120 BTINTEL_PCIE_DBGC_BUFFER_SIZE, 121 &data->dbgc.buf_p_addr, 122 GFP_KERNEL | __GFP_NOWARN); 123 if (!data->dbgc.buf_v_addr) 124 return -ENOMEM; 125 126 data->dbgc.frag_v_addr = dmam_alloc_coherent(&data->pdev->dev, 127 sizeof(struct btintel_pcie_dbgc_ctxt), 128 &data->dbgc.frag_p_addr, 129 GFP_KERNEL | __GFP_NOWARN); 130 if (!data->dbgc.frag_v_addr) 131 return -ENOMEM; 132 133 data->dbgc.frag_size = sizeof(struct btintel_pcie_dbgc_ctxt); 134 135 db_frag.magic_num = BTINTEL_PCIE_MAGIC_NUM; 136 db_frag.ver = BTINTEL_PCIE_DBGC_FRAG_VERSION; 137 db_frag.total_size = BTINTEL_PCIE_DBGC_FRAG_PAYLOAD_SIZE; 138 db_frag.num_buf = BTINTEL_PCIE_DBGC_FRAG_BUFFER_COUNT; 139 140 for (i = 0; i < data->dbgc.count; i++) { 141 buf = &data->dbgc.bufs[i]; 142 buf->data_p_addr = data->dbgc.buf_p_addr + i * BTINTEL_PCIE_DBGC_BUFFER_SIZE; 143 buf->data = data->dbgc.buf_v_addr + i * BTINTEL_PCIE_DBGC_BUFFER_SIZE; 144 db_frag.bufs[i].buf_addr_lsb = lower_32_bits(buf->data_p_addr); 145 db_frag.bufs[i].buf_addr_msb = upper_32_bits(buf->data_p_addr); 146 db_frag.bufs[i].buf_size = BTINTEL_PCIE_DBGC_BUFFER_SIZE; 147 } 148 149 memcpy(data->dbgc.frag_v_addr, &db_frag, sizeof(db_frag)); 150 return 0; 151 } 152 153 static inline void ipc_print_ia_ring(struct hci_dev *hdev, struct ia *ia, 154 u16 queue_num) 155 { 156 bt_dev_dbg(hdev, "IA: %s: tr-h:%02u tr-t:%02u cr-h:%02u cr-t:%02u", 157 queue_num == BTINTEL_PCIE_TXQ_NUM ? "TXQ" : "RXQ", 158 ia->tr_hia[queue_num], ia->tr_tia[queue_num], 159 ia->cr_hia[queue_num], ia->cr_tia[queue_num]); 160 } 161 162 static inline void ipc_print_urbd1(struct hci_dev *hdev, struct urbd1 *urbd1, 163 u16 index) 164 { 165 bt_dev_dbg(hdev, "RXQ:urbd1(%u) frbd_tag:%u status: 0x%x fixed:0x%x", 166 index, urbd1->frbd_tag, urbd1->status, urbd1->fixed); 167 } 168 169 static struct btintel_pcie_data *btintel_pcie_get_data(struct msix_entry *entry) 170 { 171 u8 queue = entry->entry; 172 struct msix_entry *entries = entry - queue; 173 174 return container_of(entries, struct btintel_pcie_data, msix_entries[0]); 175 } 176 177 /* Set the doorbell for TXQ to notify the device that @index (actually index-1) 178 * of the TFD is updated and ready to transmit. 179 */ 180 static void btintel_pcie_set_tx_db(struct btintel_pcie_data *data, u16 index) 181 { 182 u32 val; 183 184 val = index; 185 val |= (BTINTEL_PCIE_TX_DB_VEC << 16); 186 187 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_HBUS_TARG_WRPTR, val); 188 } 189 190 /* Copy the data to next(@tfd_index) data buffer and update the TFD(transfer 191 * descriptor) with the data length and the DMA address of the data buffer. 192 */ 193 static void btintel_pcie_prepare_tx(struct txq *txq, u16 tfd_index, 194 struct sk_buff *skb) 195 { 196 struct data_buf *buf; 197 struct tfd *tfd; 198 199 tfd = &txq->tfds[tfd_index]; 200 memset(tfd, 0, sizeof(*tfd)); 201 202 buf = &txq->bufs[tfd_index]; 203 204 tfd->size = skb->len; 205 tfd->addr = buf->data_p_addr; 206 207 /* Copy the outgoing data to DMA buffer */ 208 memcpy(buf->data, skb->data, tfd->size); 209 } 210 211 static inline void btintel_pcie_dump_debug_registers(struct hci_dev *hdev) 212 { 213 struct btintel_pcie_data *data = hci_get_drvdata(hdev); 214 u16 cr_hia, cr_tia; 215 u32 reg, mbox_reg; 216 struct sk_buff *skb; 217 u8 buf[80]; 218 219 skb = alloc_skb(1024, GFP_ATOMIC); 220 if (!skb) 221 return; 222 223 snprintf(buf, sizeof(buf), "%s", "---- Dump of debug registers ---"); 224 bt_dev_dbg(hdev, "%s", buf); 225 skb_put_data(skb, buf, strlen(buf)); 226 227 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_BOOT_STAGE_REG); 228 snprintf(buf, sizeof(buf), "boot stage: 0x%8.8x", reg); 229 bt_dev_dbg(hdev, "%s", buf); 230 skb_put_data(skb, buf, strlen(buf)); 231 data->boot_stage_cache = reg; 232 233 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_IPC_STATUS_REG); 234 snprintf(buf, sizeof(buf), "ipc status: 0x%8.8x", reg); 235 skb_put_data(skb, buf, strlen(buf)); 236 bt_dev_dbg(hdev, "%s", buf); 237 238 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_IPC_CONTROL_REG); 239 snprintf(buf, sizeof(buf), "ipc control: 0x%8.8x", reg); 240 skb_put_data(skb, buf, strlen(buf)); 241 bt_dev_dbg(hdev, "%s", buf); 242 243 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_IPC_SLEEP_CTL_REG); 244 snprintf(buf, sizeof(buf), "ipc sleep control: 0x%8.8x", reg); 245 skb_put_data(skb, buf, strlen(buf)); 246 bt_dev_dbg(hdev, "%s", buf); 247 248 /*Read the Mail box status and registers*/ 249 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_MBOX_STATUS_REG); 250 snprintf(buf, sizeof(buf), "mbox status: 0x%8.8x", reg); 251 skb_put_data(skb, buf, strlen(buf)); 252 if (reg & BTINTEL_PCIE_CSR_MBOX_STATUS_MBOX1) { 253 mbox_reg = btintel_pcie_rd_reg32(data, 254 BTINTEL_PCIE_CSR_MBOX_1_REG); 255 snprintf(buf, sizeof(buf), "mbox_1: 0x%8.8x", mbox_reg); 256 skb_put_data(skb, buf, strlen(buf)); 257 bt_dev_dbg(hdev, "%s", buf); 258 } 259 260 if (reg & BTINTEL_PCIE_CSR_MBOX_STATUS_MBOX2) { 261 mbox_reg = btintel_pcie_rd_reg32(data, 262 BTINTEL_PCIE_CSR_MBOX_2_REG); 263 snprintf(buf, sizeof(buf), "mbox_2: 0x%8.8x", mbox_reg); 264 skb_put_data(skb, buf, strlen(buf)); 265 bt_dev_dbg(hdev, "%s", buf); 266 } 267 268 if (reg & BTINTEL_PCIE_CSR_MBOX_STATUS_MBOX3) { 269 mbox_reg = btintel_pcie_rd_reg32(data, 270 BTINTEL_PCIE_CSR_MBOX_3_REG); 271 snprintf(buf, sizeof(buf), "mbox_3: 0x%8.8x", mbox_reg); 272 skb_put_data(skb, buf, strlen(buf)); 273 bt_dev_dbg(hdev, "%s", buf); 274 } 275 276 if (reg & BTINTEL_PCIE_CSR_MBOX_STATUS_MBOX4) { 277 mbox_reg = btintel_pcie_rd_reg32(data, 278 BTINTEL_PCIE_CSR_MBOX_4_REG); 279 snprintf(buf, sizeof(buf), "mbox_4: 0x%8.8x", mbox_reg); 280 skb_put_data(skb, buf, strlen(buf)); 281 bt_dev_dbg(hdev, "%s", buf); 282 } 283 284 cr_hia = data->ia.cr_hia[BTINTEL_PCIE_RXQ_NUM]; 285 cr_tia = data->ia.cr_tia[BTINTEL_PCIE_RXQ_NUM]; 286 snprintf(buf, sizeof(buf), "rxq: cr_tia: %u cr_hia: %u", cr_tia, cr_hia); 287 skb_put_data(skb, buf, strlen(buf)); 288 bt_dev_dbg(hdev, "%s", buf); 289 290 cr_hia = data->ia.cr_hia[BTINTEL_PCIE_TXQ_NUM]; 291 cr_tia = data->ia.cr_tia[BTINTEL_PCIE_TXQ_NUM]; 292 snprintf(buf, sizeof(buf), "txq: cr_tia: %u cr_hia: %u", cr_tia, cr_hia); 293 skb_put_data(skb, buf, strlen(buf)); 294 bt_dev_dbg(hdev, "%s", buf); 295 snprintf(buf, sizeof(buf), "--------------------------------"); 296 bt_dev_dbg(hdev, "%s", buf); 297 298 hci_recv_diag(hdev, skb); 299 } 300 301 static int btintel_pcie_send_sync(struct btintel_pcie_data *data, 302 struct sk_buff *skb) 303 { 304 int ret; 305 u16 tfd_index; 306 struct txq *txq = &data->txq; 307 308 tfd_index = data->ia.tr_hia[BTINTEL_PCIE_TXQ_NUM]; 309 310 if (tfd_index > txq->count) 311 return -ERANGE; 312 313 /* Prepare for TX. It updates the TFD with the length of data and 314 * address of the DMA buffer, and copy the data to the DMA buffer 315 */ 316 btintel_pcie_prepare_tx(txq, tfd_index, skb); 317 318 tfd_index = (tfd_index + 1) % txq->count; 319 data->ia.tr_hia[BTINTEL_PCIE_TXQ_NUM] = tfd_index; 320 321 /* Arm wait event condition */ 322 data->tx_wait_done = false; 323 324 /* Set the doorbell to notify the device */ 325 btintel_pcie_set_tx_db(data, tfd_index); 326 327 /* Wait for the complete interrupt - URBD0 */ 328 ret = wait_event_timeout(data->tx_wait_q, data->tx_wait_done, 329 msecs_to_jiffies(BTINTEL_PCIE_TX_WAIT_TIMEOUT_MS)); 330 if (!ret) { 331 bt_dev_err(data->hdev, "tx completion timeout"); 332 btintel_pcie_dump_debug_registers(data->hdev); 333 return -ETIME; 334 } 335 336 return 0; 337 } 338 339 /* Set the doorbell for RXQ to notify the device that @index (actually index-1) 340 * is available to receive the data 341 */ 342 static void btintel_pcie_set_rx_db(struct btintel_pcie_data *data, u16 index) 343 { 344 u32 val; 345 346 val = index; 347 val |= (BTINTEL_PCIE_RX_DB_VEC << 16); 348 349 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_HBUS_TARG_WRPTR, val); 350 } 351 352 /* Update the FRBD (free buffer descriptor) with the @frbd_index and the 353 * DMA address of the free buffer. 354 */ 355 static void btintel_pcie_prepare_rx(struct rxq *rxq, u16 frbd_index) 356 { 357 struct data_buf *buf; 358 struct frbd *frbd; 359 360 /* Get the buffer of the FRBD for DMA */ 361 buf = &rxq->bufs[frbd_index]; 362 363 frbd = &rxq->frbds[frbd_index]; 364 memset(frbd, 0, sizeof(*frbd)); 365 366 /* Update FRBD */ 367 frbd->tag = frbd_index; 368 frbd->addr = buf->data_p_addr; 369 } 370 371 static int btintel_pcie_submit_rx(struct btintel_pcie_data *data) 372 { 373 u16 frbd_index; 374 struct rxq *rxq = &data->rxq; 375 376 frbd_index = data->ia.tr_hia[BTINTEL_PCIE_RXQ_NUM]; 377 378 if (frbd_index > rxq->count) 379 return -ERANGE; 380 381 /* Prepare for RX submit. It updates the FRBD with the address of DMA 382 * buffer 383 */ 384 btintel_pcie_prepare_rx(rxq, frbd_index); 385 386 frbd_index = (frbd_index + 1) % rxq->count; 387 data->ia.tr_hia[BTINTEL_PCIE_RXQ_NUM] = frbd_index; 388 ipc_print_ia_ring(data->hdev, &data->ia, BTINTEL_PCIE_RXQ_NUM); 389 390 /* Set the doorbell to notify the device */ 391 btintel_pcie_set_rx_db(data, frbd_index); 392 393 return 0; 394 } 395 396 static int btintel_pcie_start_rx(struct btintel_pcie_data *data) 397 { 398 int i, ret; 399 400 for (i = 0; i < BTINTEL_PCIE_RX_MAX_QUEUE; i++) { 401 ret = btintel_pcie_submit_rx(data); 402 if (ret) 403 return ret; 404 } 405 406 return 0; 407 } 408 409 static void btintel_pcie_reset_ia(struct btintel_pcie_data *data) 410 { 411 memset(data->ia.tr_hia, 0, sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES); 412 memset(data->ia.tr_tia, 0, sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES); 413 memset(data->ia.cr_hia, 0, sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES); 414 memset(data->ia.cr_tia, 0, sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES); 415 } 416 417 static int btintel_pcie_reset_bt(struct btintel_pcie_data *data) 418 { 419 u32 reg; 420 int retry = 3; 421 422 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); 423 424 reg &= ~(BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_ENA | 425 BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_INIT | 426 BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_INIT); 427 reg |= BTINTEL_PCIE_CSR_FUNC_CTRL_BUS_MASTER_DISCON; 428 429 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, reg); 430 431 do { 432 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); 433 if (reg & BTINTEL_PCIE_CSR_FUNC_CTRL_BUS_MASTER_STS) 434 break; 435 usleep_range(10000, 12000); 436 437 } while (--retry > 0); 438 usleep_range(10000, 12000); 439 440 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); 441 442 reg &= ~(BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_ENA | 443 BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_INIT | 444 BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_INIT); 445 reg |= BTINTEL_PCIE_CSR_FUNC_CTRL_SW_RESET; 446 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, reg); 447 usleep_range(10000, 12000); 448 449 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); 450 bt_dev_dbg(data->hdev, "csr register after reset: 0x%8.8x", reg); 451 452 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_BOOT_STAGE_REG); 453 454 /* If shared hardware reset is success then boot stage register shall be 455 * set to 0 456 */ 457 return reg == 0 ? 0 : -ENODEV; 458 } 459 460 static void btintel_pcie_mac_init(struct btintel_pcie_data *data) 461 { 462 u32 reg; 463 464 /* Set MAC_INIT bit to start primary bootloader */ 465 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); 466 reg &= ~(BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_INIT | 467 BTINTEL_PCIE_CSR_FUNC_CTRL_BUS_MASTER_DISCON | 468 BTINTEL_PCIE_CSR_FUNC_CTRL_SW_RESET); 469 reg |= (BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_ENA | 470 BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_INIT); 471 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, reg); 472 } 473 474 static int btintel_pcie_add_dmp_data(struct hci_dev *hdev, const void *data, int size) 475 { 476 struct sk_buff *skb; 477 int err; 478 479 skb = alloc_skb(size, GFP_ATOMIC); 480 if (!skb) 481 return -ENOMEM; 482 483 skb_put_data(skb, data, size); 484 err = hci_devcd_append(hdev, skb); 485 if (err) { 486 bt_dev_err(hdev, "Failed to append data in the coredump"); 487 return err; 488 } 489 490 return 0; 491 } 492 493 static int btintel_pcie_get_mac_access(struct btintel_pcie_data *data) 494 { 495 u32 reg; 496 int retry = 15; 497 498 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); 499 500 reg |= BTINTEL_PCIE_CSR_FUNC_CTRL_STOP_MAC_ACCESS_DIS; 501 reg |= BTINTEL_PCIE_CSR_FUNC_CTRL_XTAL_CLK_REQ; 502 if ((reg & BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_ACCESS_STS) == 0) 503 reg |= BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_ACCESS_REQ; 504 505 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, reg); 506 507 do { 508 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); 509 if (reg & BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_ACCESS_STS) 510 return 0; 511 /* Need delay here for Target Access harwdware to settle down*/ 512 usleep_range(1000, 1200); 513 514 } while (--retry > 0); 515 516 return -ETIME; 517 } 518 519 static void btintel_pcie_release_mac_access(struct btintel_pcie_data *data) 520 { 521 u32 reg; 522 523 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); 524 525 if (reg & BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_ACCESS_REQ) 526 reg &= ~BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_ACCESS_REQ; 527 528 if (reg & BTINTEL_PCIE_CSR_FUNC_CTRL_STOP_MAC_ACCESS_DIS) 529 reg &= ~BTINTEL_PCIE_CSR_FUNC_CTRL_STOP_MAC_ACCESS_DIS; 530 531 if (reg & BTINTEL_PCIE_CSR_FUNC_CTRL_XTAL_CLK_REQ) 532 reg &= ~BTINTEL_PCIE_CSR_FUNC_CTRL_XTAL_CLK_REQ; 533 534 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, reg); 535 } 536 537 static void btintel_pcie_copy_tlv(struct sk_buff *skb, enum btintel_pcie_tlv_type type, 538 void *data, int size) 539 { 540 struct intel_tlv *tlv; 541 542 tlv = skb_put(skb, sizeof(*tlv) + size); 543 tlv->type = type; 544 tlv->len = size; 545 memcpy(tlv->val, data, tlv->len); 546 } 547 548 static int btintel_pcie_read_dram_buffers(struct btintel_pcie_data *data) 549 { 550 u32 offset, prev_size, wr_ptr_status, dump_size, i; 551 struct btintel_pcie_dbgc *dbgc = &data->dbgc; 552 u8 buf_idx, dump_time_len, fw_build; 553 struct hci_dev *hdev = data->hdev; 554 struct intel_tlv *tlv; 555 struct timespec64 now; 556 struct sk_buff *skb; 557 struct tm tm_now; 558 char buf[256]; 559 u16 hdr_len; 560 int ret; 561 562 wr_ptr_status = btintel_pcie_rd_dev_mem(data, BTINTEL_PCIE_DBGC_CUR_DBGBUFF_STATUS); 563 offset = wr_ptr_status & BTINTEL_PCIE_DBG_OFFSET_BIT_MASK; 564 565 buf_idx = BTINTEL_PCIE_DBGC_DBG_BUF_IDX(wr_ptr_status); 566 if (buf_idx > dbgc->count) { 567 bt_dev_warn(hdev, "Buffer index is invalid"); 568 return -EINVAL; 569 } 570 571 prev_size = buf_idx * BTINTEL_PCIE_DBGC_BUFFER_SIZE; 572 if (prev_size + offset >= prev_size) 573 data->dmp_hdr.write_ptr = prev_size + offset; 574 else 575 return -EINVAL; 576 577 ktime_get_real_ts64(&now); 578 time64_to_tm(now.tv_sec, 0, &tm_now); 579 dump_time_len = snprintf(buf, sizeof(buf), "Dump Time: %02d-%02d-%04ld %02d:%02d:%02d", 580 tm_now.tm_mday, tm_now.tm_mon + 1, tm_now.tm_year + 1900, 581 tm_now.tm_hour, tm_now.tm_min, tm_now.tm_sec); 582 583 fw_build = snprintf(buf + dump_time_len, sizeof(buf) - dump_time_len, 584 "Firmware Timestamp: Year %u WW %02u buildtype %u build %u", 585 2000 + (data->dmp_hdr.fw_timestamp >> 8), 586 data->dmp_hdr.fw_timestamp & 0xff, data->dmp_hdr.fw_build_type, 587 data->dmp_hdr.fw_build_num); 588 589 hdr_len = sizeof(*tlv) + sizeof(data->dmp_hdr.cnvi_bt) + 590 sizeof(*tlv) + sizeof(data->dmp_hdr.write_ptr) + 591 sizeof(*tlv) + sizeof(data->dmp_hdr.wrap_ctr) + 592 sizeof(*tlv) + sizeof(data->dmp_hdr.trigger_reason) + 593 sizeof(*tlv) + sizeof(data->dmp_hdr.fw_git_sha1) + 594 sizeof(*tlv) + sizeof(data->dmp_hdr.cnvr_top) + 595 sizeof(*tlv) + sizeof(data->dmp_hdr.cnvi_top) + 596 sizeof(*tlv) + dump_time_len + 597 sizeof(*tlv) + fw_build; 598 599 dump_size = hdr_len + sizeof(hdr_len); 600 601 skb = alloc_skb(dump_size, GFP_KERNEL); 602 if (!skb) 603 return -ENOMEM; 604 605 /* Add debug buffers data length to dump size */ 606 dump_size += BTINTEL_PCIE_DBGC_BUFFER_SIZE * dbgc->count; 607 608 ret = hci_devcd_init(hdev, dump_size); 609 if (ret) { 610 bt_dev_err(hdev, "Failed to init devcoredump, err %d", ret); 611 kfree_skb(skb); 612 return ret; 613 } 614 615 skb_put_data(skb, &hdr_len, sizeof(hdr_len)); 616 617 btintel_pcie_copy_tlv(skb, BTINTEL_CNVI_BT, &data->dmp_hdr.cnvi_bt, 618 sizeof(data->dmp_hdr.cnvi_bt)); 619 620 btintel_pcie_copy_tlv(skb, BTINTEL_WRITE_PTR, &data->dmp_hdr.write_ptr, 621 sizeof(data->dmp_hdr.write_ptr)); 622 623 data->dmp_hdr.wrap_ctr = btintel_pcie_rd_dev_mem(data, 624 BTINTEL_PCIE_DBGC_DBGBUFF_WRAP_ARND); 625 626 btintel_pcie_copy_tlv(skb, BTINTEL_WRAP_CTR, &data->dmp_hdr.wrap_ctr, 627 sizeof(data->dmp_hdr.wrap_ctr)); 628 629 btintel_pcie_copy_tlv(skb, BTINTEL_TRIGGER_REASON, &data->dmp_hdr.trigger_reason, 630 sizeof(data->dmp_hdr.trigger_reason)); 631 632 btintel_pcie_copy_tlv(skb, BTINTEL_FW_SHA, &data->dmp_hdr.fw_git_sha1, 633 sizeof(data->dmp_hdr.fw_git_sha1)); 634 635 btintel_pcie_copy_tlv(skb, BTINTEL_CNVR_TOP, &data->dmp_hdr.cnvr_top, 636 sizeof(data->dmp_hdr.cnvr_top)); 637 638 btintel_pcie_copy_tlv(skb, BTINTEL_CNVI_TOP, &data->dmp_hdr.cnvi_top, 639 sizeof(data->dmp_hdr.cnvi_top)); 640 641 btintel_pcie_copy_tlv(skb, BTINTEL_DUMP_TIME, buf, dump_time_len); 642 643 btintel_pcie_copy_tlv(skb, BTINTEL_FW_BUILD, buf + dump_time_len, fw_build); 644 645 ret = hci_devcd_append(hdev, skb); 646 if (ret) 647 goto exit_err; 648 649 for (i = 0; i < dbgc->count; i++) { 650 ret = btintel_pcie_add_dmp_data(hdev, dbgc->bufs[i].data, 651 BTINTEL_PCIE_DBGC_BUFFER_SIZE); 652 if (ret) 653 break; 654 } 655 656 exit_err: 657 hci_devcd_complete(hdev); 658 return ret; 659 } 660 661 static void btintel_pcie_dump_traces(struct hci_dev *hdev) 662 { 663 struct btintel_pcie_data *data = hci_get_drvdata(hdev); 664 int ret = 0; 665 666 ret = btintel_pcie_get_mac_access(data); 667 if (ret) { 668 bt_dev_err(hdev, "Failed to get mac access: (%d)", ret); 669 return; 670 } 671 672 ret = btintel_pcie_read_dram_buffers(data); 673 674 btintel_pcie_release_mac_access(data); 675 676 if (ret) 677 bt_dev_err(hdev, "Failed to dump traces: (%d)", ret); 678 } 679 680 static void btintel_pcie_dump_hdr(struct hci_dev *hdev, struct sk_buff *skb) 681 { 682 struct btintel_pcie_data *data = hci_get_drvdata(hdev); 683 u16 len = skb->len; 684 u16 *hdrlen_ptr; 685 char buf[80]; 686 687 hdrlen_ptr = skb_put_zero(skb, sizeof(len)); 688 689 snprintf(buf, sizeof(buf), "Controller Name: 0x%X\n", 690 INTEL_HW_VARIANT(data->dmp_hdr.cnvi_bt)); 691 skb_put_data(skb, buf, strlen(buf)); 692 693 snprintf(buf, sizeof(buf), "Firmware Build Number: %u\n", 694 data->dmp_hdr.fw_build_num); 695 skb_put_data(skb, buf, strlen(buf)); 696 697 snprintf(buf, sizeof(buf), "Driver: %s\n", data->dmp_hdr.driver_name); 698 skb_put_data(skb, buf, strlen(buf)); 699 700 snprintf(buf, sizeof(buf), "Vendor: Intel\n"); 701 skb_put_data(skb, buf, strlen(buf)); 702 703 *hdrlen_ptr = skb->len - len; 704 } 705 706 static void btintel_pcie_dump_notify(struct hci_dev *hdev, int state) 707 { 708 struct btintel_pcie_data *data = hci_get_drvdata(hdev); 709 710 switch (state) { 711 case HCI_DEVCOREDUMP_IDLE: 712 data->dmp_hdr.state = HCI_DEVCOREDUMP_IDLE; 713 break; 714 case HCI_DEVCOREDUMP_ACTIVE: 715 data->dmp_hdr.state = HCI_DEVCOREDUMP_ACTIVE; 716 break; 717 case HCI_DEVCOREDUMP_TIMEOUT: 718 case HCI_DEVCOREDUMP_ABORT: 719 case HCI_DEVCOREDUMP_DONE: 720 data->dmp_hdr.state = HCI_DEVCOREDUMP_IDLE; 721 break; 722 } 723 } 724 725 /* This function enables BT function by setting BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_INIT bit in 726 * BTINTEL_PCIE_CSR_FUNC_CTRL_REG register and wait for MSI-X with 727 * BTINTEL_PCIE_MSIX_HW_INT_CAUSES_GP0. 728 * Then the host reads firmware version from BTINTEL_CSR_F2D_MBX and the boot stage 729 * from BTINTEL_PCIE_CSR_BOOT_STAGE_REG. 730 */ 731 static int btintel_pcie_enable_bt(struct btintel_pcie_data *data) 732 { 733 int err; 734 u32 reg; 735 736 data->gp0_received = false; 737 738 /* Update the DMA address of CI struct to CSR */ 739 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_CI_ADDR_LSB_REG, 740 data->ci_p_addr & 0xffffffff); 741 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_CI_ADDR_MSB_REG, 742 (u64)data->ci_p_addr >> 32); 743 744 /* Reset the cached value of boot stage. it is updated by the MSI-X 745 * gp0 interrupt handler. 746 */ 747 data->boot_stage_cache = 0x0; 748 749 /* Set MAC_INIT bit to start primary bootloader */ 750 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); 751 reg &= ~(BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_INIT | 752 BTINTEL_PCIE_CSR_FUNC_CTRL_BUS_MASTER_DISCON | 753 BTINTEL_PCIE_CSR_FUNC_CTRL_SW_RESET); 754 reg |= (BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_ENA | 755 BTINTEL_PCIE_CSR_FUNC_CTRL_MAC_INIT); 756 757 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, reg); 758 759 /* MAC is ready. Enable BT FUNC */ 760 btintel_pcie_set_reg_bits(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG, 761 BTINTEL_PCIE_CSR_FUNC_CTRL_FUNC_INIT); 762 763 btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_FUNC_CTRL_REG); 764 765 /* wait for interrupt from the device after booting up to primary 766 * bootloader. 767 */ 768 data->alive_intr_ctxt = BTINTEL_PCIE_ROM; 769 err = wait_event_timeout(data->gp0_wait_q, data->gp0_received, 770 msecs_to_jiffies(BTINTEL_DEFAULT_INTR_TIMEOUT_MS)); 771 if (!err) 772 return -ETIME; 773 774 /* Check cached boot stage is BTINTEL_PCIE_CSR_BOOT_STAGE_ROM(BIT(0)) */ 775 if (~data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_ROM) 776 return -ENODEV; 777 778 return 0; 779 } 780 781 static inline bool btintel_pcie_in_op(struct btintel_pcie_data *data) 782 { 783 return data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_OPFW; 784 } 785 786 static inline bool btintel_pcie_in_iml(struct btintel_pcie_data *data) 787 { 788 return data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_IML && 789 !(data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_OPFW); 790 } 791 792 static inline bool btintel_pcie_in_d3(struct btintel_pcie_data *data) 793 { 794 return data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_D3_STATE_READY; 795 } 796 797 static inline bool btintel_pcie_in_d0(struct btintel_pcie_data *data) 798 { 799 return !(data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_D3_STATE_READY); 800 } 801 802 static void btintel_pcie_wr_sleep_cntrl(struct btintel_pcie_data *data, 803 u32 dxstate) 804 { 805 bt_dev_dbg(data->hdev, "writing sleep_ctl_reg: 0x%8.8x", dxstate); 806 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_IPC_SLEEP_CTL_REG, dxstate); 807 } 808 809 static inline char *btintel_pcie_alivectxt_state2str(u32 alive_intr_ctxt) 810 { 811 switch (alive_intr_ctxt) { 812 case BTINTEL_PCIE_ROM: 813 return "rom"; 814 case BTINTEL_PCIE_FW_DL: 815 return "fw_dl"; 816 case BTINTEL_PCIE_D0: 817 return "d0"; 818 case BTINTEL_PCIE_D3: 819 return "d3"; 820 case BTINTEL_PCIE_HCI_RESET: 821 return "hci_reset"; 822 case BTINTEL_PCIE_INTEL_HCI_RESET1: 823 return "intel_reset1"; 824 case BTINTEL_PCIE_INTEL_HCI_RESET2: 825 return "intel_reset2"; 826 default: 827 return "unknown"; 828 } 829 } 830 831 static int btintel_pcie_read_device_mem(struct btintel_pcie_data *data, 832 void *buf, u32 dev_addr, int len) 833 { 834 int err; 835 u32 *val = buf; 836 837 /* Get device mac access */ 838 err = btintel_pcie_get_mac_access(data); 839 if (err) { 840 bt_dev_err(data->hdev, "Failed to get mac access %d", err); 841 return err; 842 } 843 844 for (; len > 0; len -= 4, dev_addr += 4, val++) 845 *val = btintel_pcie_rd_dev_mem(data, dev_addr); 846 847 btintel_pcie_release_mac_access(data); 848 849 return 0; 850 } 851 852 static inline bool btintel_pcie_in_lockdown(struct btintel_pcie_data *data) 853 { 854 return (data->boot_stage_cache & 855 BTINTEL_PCIE_CSR_BOOT_STAGE_ROM_LOCKDOWN) || 856 (data->boot_stage_cache & 857 BTINTEL_PCIE_CSR_BOOT_STAGE_IML_LOCKDOWN); 858 } 859 860 static inline bool btintel_pcie_in_error(struct btintel_pcie_data *data) 861 { 862 return (data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_DEVICE_ERR) || 863 (data->boot_stage_cache & BTINTEL_PCIE_CSR_BOOT_STAGE_ABORT_HANDLER); 864 } 865 866 static void btintel_pcie_msix_gp1_handler(struct btintel_pcie_data *data) 867 { 868 bt_dev_err(data->hdev, "Received gp1 mailbox interrupt"); 869 btintel_pcie_dump_debug_registers(data->hdev); 870 } 871 872 /* This function handles the MSI-X interrupt for gp0 cause (bit 0 in 873 * BTINTEL_PCIE_CSR_MSIX_HW_INT_CAUSES) which is sent for boot stage and image response. 874 */ 875 static void btintel_pcie_msix_gp0_handler(struct btintel_pcie_data *data) 876 { 877 bool submit_rx, signal_waitq; 878 u32 reg, old_ctxt; 879 880 /* This interrupt is for three different causes and it is not easy to 881 * know what causes the interrupt. So, it compares each register value 882 * with cached value and update it before it wake up the queue. 883 */ 884 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_BOOT_STAGE_REG); 885 if (reg != data->boot_stage_cache) 886 data->boot_stage_cache = reg; 887 888 bt_dev_dbg(data->hdev, "Alive context: %s old_boot_stage: 0x%8.8x new_boot_stage: 0x%8.8x", 889 btintel_pcie_alivectxt_state2str(data->alive_intr_ctxt), 890 data->boot_stage_cache, reg); 891 reg = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_IMG_RESPONSE_REG); 892 if (reg != data->img_resp_cache) 893 data->img_resp_cache = reg; 894 895 if (btintel_pcie_in_error(data)) { 896 bt_dev_err(data->hdev, "Controller in error state"); 897 btintel_pcie_dump_debug_registers(data->hdev); 898 return; 899 } 900 901 if (btintel_pcie_in_lockdown(data)) { 902 bt_dev_err(data->hdev, "Controller in lockdown state"); 903 btintel_pcie_dump_debug_registers(data->hdev); 904 return; 905 } 906 907 data->gp0_received = true; 908 909 old_ctxt = data->alive_intr_ctxt; 910 submit_rx = false; 911 signal_waitq = false; 912 913 switch (data->alive_intr_ctxt) { 914 case BTINTEL_PCIE_ROM: 915 data->alive_intr_ctxt = BTINTEL_PCIE_FW_DL; 916 signal_waitq = true; 917 break; 918 case BTINTEL_PCIE_FW_DL: 919 /* Error case is already handled. Ideally control shall not 920 * reach here 921 */ 922 break; 923 case BTINTEL_PCIE_INTEL_HCI_RESET1: 924 if (btintel_pcie_in_op(data)) { 925 submit_rx = true; 926 break; 927 } 928 929 if (btintel_pcie_in_iml(data)) { 930 submit_rx = true; 931 data->alive_intr_ctxt = BTINTEL_PCIE_FW_DL; 932 break; 933 } 934 break; 935 case BTINTEL_PCIE_INTEL_HCI_RESET2: 936 if (btintel_test_and_clear_flag(data->hdev, INTEL_WAIT_FOR_D0)) { 937 btintel_wake_up_flag(data->hdev, INTEL_WAIT_FOR_D0); 938 data->alive_intr_ctxt = BTINTEL_PCIE_D0; 939 } 940 break; 941 case BTINTEL_PCIE_D0: 942 if (btintel_pcie_in_d3(data)) { 943 data->alive_intr_ctxt = BTINTEL_PCIE_D3; 944 signal_waitq = true; 945 break; 946 } 947 break; 948 case BTINTEL_PCIE_D3: 949 if (btintel_pcie_in_d0(data)) { 950 data->alive_intr_ctxt = BTINTEL_PCIE_D0; 951 submit_rx = true; 952 signal_waitq = true; 953 break; 954 } 955 break; 956 case BTINTEL_PCIE_HCI_RESET: 957 data->alive_intr_ctxt = BTINTEL_PCIE_D0; 958 submit_rx = true; 959 signal_waitq = true; 960 break; 961 default: 962 bt_dev_err(data->hdev, "Unknown state: 0x%2.2x", 963 data->alive_intr_ctxt); 964 break; 965 } 966 967 if (submit_rx) { 968 btintel_pcie_reset_ia(data); 969 btintel_pcie_start_rx(data); 970 } 971 972 if (signal_waitq) { 973 bt_dev_dbg(data->hdev, "wake up gp0 wait_q"); 974 wake_up(&data->gp0_wait_q); 975 } 976 977 if (old_ctxt != data->alive_intr_ctxt) 978 bt_dev_dbg(data->hdev, "alive context changed: %s -> %s", 979 btintel_pcie_alivectxt_state2str(old_ctxt), 980 btintel_pcie_alivectxt_state2str(data->alive_intr_ctxt)); 981 } 982 983 /* This function handles the MSX-X interrupt for rx queue 0 which is for TX 984 */ 985 static void btintel_pcie_msix_tx_handle(struct btintel_pcie_data *data) 986 { 987 u16 cr_tia, cr_hia; 988 struct txq *txq; 989 struct urbd0 *urbd0; 990 991 cr_tia = data->ia.cr_tia[BTINTEL_PCIE_TXQ_NUM]; 992 cr_hia = data->ia.cr_hia[BTINTEL_PCIE_TXQ_NUM]; 993 994 if (cr_tia == cr_hia) 995 return; 996 997 txq = &data->txq; 998 999 while (cr_tia != cr_hia) { 1000 data->tx_wait_done = true; 1001 wake_up(&data->tx_wait_q); 1002 1003 urbd0 = &txq->urbd0s[cr_tia]; 1004 1005 if (urbd0->tfd_index > txq->count) 1006 return; 1007 1008 cr_tia = (cr_tia + 1) % txq->count; 1009 data->ia.cr_tia[BTINTEL_PCIE_TXQ_NUM] = cr_tia; 1010 ipc_print_ia_ring(data->hdev, &data->ia, BTINTEL_PCIE_TXQ_NUM); 1011 } 1012 } 1013 1014 static int btintel_pcie_recv_event(struct hci_dev *hdev, struct sk_buff *skb) 1015 { 1016 struct hci_event_hdr *hdr = (void *)skb->data; 1017 struct btintel_pcie_data *data = hci_get_drvdata(hdev); 1018 1019 if (skb->len > HCI_EVENT_HDR_SIZE && hdr->evt == 0xff && 1020 hdr->plen > 0) { 1021 const void *ptr = skb->data + HCI_EVENT_HDR_SIZE + 1; 1022 unsigned int len = skb->len - HCI_EVENT_HDR_SIZE - 1; 1023 1024 if (btintel_test_flag(hdev, INTEL_BOOTLOADER)) { 1025 switch (skb->data[2]) { 1026 case 0x02: 1027 /* When switching to the operational firmware 1028 * the device sends a vendor specific event 1029 * indicating that the bootup completed. 1030 */ 1031 btintel_bootup(hdev, ptr, len); 1032 1033 /* If bootup event is from operational image, 1034 * driver needs to write sleep control register to 1035 * move into D0 state 1036 */ 1037 if (btintel_pcie_in_op(data)) { 1038 btintel_pcie_wr_sleep_cntrl(data, BTINTEL_PCIE_STATE_D0); 1039 data->alive_intr_ctxt = BTINTEL_PCIE_INTEL_HCI_RESET2; 1040 kfree_skb(skb); 1041 return 0; 1042 } 1043 1044 if (btintel_pcie_in_iml(data)) { 1045 /* In case of IML, there is no concept 1046 * of D0 transition. Just mimic as if 1047 * IML moved to D0 by clearing INTEL_WAIT_FOR_D0 1048 * bit and waking up the task waiting on 1049 * INTEL_WAIT_FOR_D0. This is required 1050 * as intel_boot() is common function for 1051 * both IML and OP image loading. 1052 */ 1053 if (btintel_test_and_clear_flag(data->hdev, 1054 INTEL_WAIT_FOR_D0)) 1055 btintel_wake_up_flag(data->hdev, 1056 INTEL_WAIT_FOR_D0); 1057 } 1058 kfree_skb(skb); 1059 return 0; 1060 case 0x06: 1061 /* When the firmware loading completes the 1062 * device sends out a vendor specific event 1063 * indicating the result of the firmware 1064 * loading. 1065 */ 1066 btintel_secure_send_result(hdev, ptr, len); 1067 kfree_skb(skb); 1068 return 0; 1069 } 1070 } 1071 1072 /* This is a debug event that comes from IML and OP image when it 1073 * starts execution. There is no need pass this event to stack. 1074 */ 1075 if (skb->data[2] == 0x97) { 1076 hci_recv_diag(hdev, skb); 1077 return 0; 1078 } 1079 } 1080 1081 return hci_recv_frame(hdev, skb); 1082 } 1083 /* Process the received rx data 1084 * It check the frame header to identify the data type and create skb 1085 * and calling HCI API 1086 */ 1087 static int btintel_pcie_recv_frame(struct btintel_pcie_data *data, 1088 struct sk_buff *skb) 1089 { 1090 int ret; 1091 u8 pkt_type; 1092 u16 plen; 1093 u32 pcie_pkt_type; 1094 void *pdata; 1095 struct hci_dev *hdev = data->hdev; 1096 1097 spin_lock(&data->hci_rx_lock); 1098 1099 /* The first 4 bytes indicates the Intel PCIe specific packet type */ 1100 pdata = skb_pull_data(skb, BTINTEL_PCIE_HCI_TYPE_LEN); 1101 if (!pdata) { 1102 bt_dev_err(hdev, "Corrupted packet received"); 1103 ret = -EILSEQ; 1104 goto exit_error; 1105 } 1106 1107 pcie_pkt_type = get_unaligned_le32(pdata); 1108 1109 switch (pcie_pkt_type) { 1110 case BTINTEL_PCIE_HCI_ACL_PKT: 1111 if (skb->len >= HCI_ACL_HDR_SIZE) { 1112 plen = HCI_ACL_HDR_SIZE + __le16_to_cpu(hci_acl_hdr(skb)->dlen); 1113 pkt_type = HCI_ACLDATA_PKT; 1114 } else { 1115 bt_dev_err(hdev, "ACL packet is too short"); 1116 ret = -EILSEQ; 1117 goto exit_error; 1118 } 1119 break; 1120 1121 case BTINTEL_PCIE_HCI_SCO_PKT: 1122 if (skb->len >= HCI_SCO_HDR_SIZE) { 1123 plen = HCI_SCO_HDR_SIZE + hci_sco_hdr(skb)->dlen; 1124 pkt_type = HCI_SCODATA_PKT; 1125 } else { 1126 bt_dev_err(hdev, "SCO packet is too short"); 1127 ret = -EILSEQ; 1128 goto exit_error; 1129 } 1130 break; 1131 1132 case BTINTEL_PCIE_HCI_EVT_PKT: 1133 if (skb->len >= HCI_EVENT_HDR_SIZE) { 1134 plen = HCI_EVENT_HDR_SIZE + hci_event_hdr(skb)->plen; 1135 pkt_type = HCI_EVENT_PKT; 1136 } else { 1137 bt_dev_err(hdev, "Event packet is too short"); 1138 ret = -EILSEQ; 1139 goto exit_error; 1140 } 1141 break; 1142 1143 case BTINTEL_PCIE_HCI_ISO_PKT: 1144 if (skb->len >= HCI_ISO_HDR_SIZE) { 1145 plen = HCI_ISO_HDR_SIZE + __le16_to_cpu(hci_iso_hdr(skb)->dlen); 1146 pkt_type = HCI_ISODATA_PKT; 1147 } else { 1148 bt_dev_err(hdev, "ISO packet is too short"); 1149 ret = -EILSEQ; 1150 goto exit_error; 1151 } 1152 break; 1153 1154 default: 1155 bt_dev_err(hdev, "Invalid packet type received: 0x%4.4x", 1156 pcie_pkt_type); 1157 ret = -EINVAL; 1158 goto exit_error; 1159 } 1160 1161 if (skb->len < plen) { 1162 bt_dev_err(hdev, "Received corrupted packet. type: 0x%2.2x", 1163 pkt_type); 1164 ret = -EILSEQ; 1165 goto exit_error; 1166 } 1167 1168 bt_dev_dbg(hdev, "pkt_type: 0x%2.2x len: %u", pkt_type, plen); 1169 1170 hci_skb_pkt_type(skb) = pkt_type; 1171 hdev->stat.byte_rx += plen; 1172 skb_trim(skb, plen); 1173 1174 if (pcie_pkt_type == BTINTEL_PCIE_HCI_EVT_PKT) 1175 ret = btintel_pcie_recv_event(hdev, skb); 1176 else 1177 ret = hci_recv_frame(hdev, skb); 1178 skb = NULL; /* skb is freed in the callee */ 1179 1180 exit_error: 1181 if (skb) 1182 kfree_skb(skb); 1183 1184 if (ret) 1185 hdev->stat.err_rx++; 1186 1187 spin_unlock(&data->hci_rx_lock); 1188 1189 return ret; 1190 } 1191 1192 static void btintel_pcie_read_hwexp(struct btintel_pcie_data *data) 1193 { 1194 int len, err, offset, pending; 1195 struct sk_buff *skb; 1196 u8 *buf, prefix[64]; 1197 u32 addr, val; 1198 u16 pkt_len; 1199 1200 struct tlv { 1201 u8 type; 1202 __le16 len; 1203 u8 val[]; 1204 } __packed; 1205 1206 struct tlv *tlv; 1207 1208 switch (data->dmp_hdr.cnvi_top & 0xfff) { 1209 case BTINTEL_CNVI_BLAZARI: 1210 case BTINTEL_CNVI_BLAZARIW: 1211 /* only from step B0 onwards */ 1212 if (INTEL_CNVX_TOP_STEP(data->dmp_hdr.cnvi_top) != 0x01) 1213 return; 1214 len = BTINTEL_PCIE_BLZR_HWEXP_SIZE; /* exception data length */ 1215 addr = BTINTEL_PCIE_BLZR_HWEXP_DMP_ADDR; 1216 break; 1217 case BTINTEL_CNVI_SCP: 1218 len = BTINTEL_PCIE_SCP_HWEXP_SIZE; 1219 addr = BTINTEL_PCIE_SCP_HWEXP_DMP_ADDR; 1220 break; 1221 default: 1222 bt_dev_err(data->hdev, "Unsupported cnvi 0x%8.8x", data->dmp_hdr.cnvi_top); 1223 return; 1224 } 1225 1226 buf = kzalloc(len, GFP_KERNEL); 1227 if (!buf) 1228 goto exit_on_error; 1229 1230 btintel_pcie_mac_init(data); 1231 1232 err = btintel_pcie_read_device_mem(data, buf, addr, len); 1233 if (err) 1234 goto exit_on_error; 1235 1236 val = get_unaligned_le32(buf); 1237 if (val != BTINTEL_PCIE_MAGIC_NUM) { 1238 bt_dev_err(data->hdev, "Invalid exception dump signature: 0x%8.8x", 1239 val); 1240 goto exit_on_error; 1241 } 1242 1243 snprintf(prefix, sizeof(prefix), "Bluetooth: %s: ", bt_dev_name(data->hdev)); 1244 1245 offset = 4; 1246 do { 1247 pending = len - offset; 1248 if (pending < sizeof(*tlv)) 1249 break; 1250 tlv = (struct tlv *)(buf + offset); 1251 1252 /* If type == 0, then there are no more TLVs to be parsed */ 1253 if (!tlv->type) { 1254 bt_dev_dbg(data->hdev, "Invalid TLV type 0"); 1255 break; 1256 } 1257 pkt_len = le16_to_cpu(tlv->len); 1258 offset += sizeof(*tlv); 1259 pending = len - offset; 1260 if (pkt_len > pending) 1261 break; 1262 1263 offset += pkt_len; 1264 1265 /* Only TLVs of type == 1 are HCI events, no need to process other 1266 * TLVs 1267 */ 1268 if (tlv->type != 1) 1269 continue; 1270 1271 bt_dev_dbg(data->hdev, "TLV packet length: %u", pkt_len); 1272 if (pkt_len > HCI_MAX_EVENT_SIZE) 1273 break; 1274 skb = bt_skb_alloc(pkt_len, GFP_KERNEL); 1275 if (!skb) 1276 goto exit_on_error; 1277 hci_skb_pkt_type(skb) = HCI_EVENT_PKT; 1278 skb_put_data(skb, tlv->val, pkt_len); 1279 1280 /* copy Intel specific pcie packet type */ 1281 val = BTINTEL_PCIE_HCI_EVT_PKT; 1282 memcpy(skb_push(skb, BTINTEL_PCIE_HCI_TYPE_LEN), &val, 1283 BTINTEL_PCIE_HCI_TYPE_LEN); 1284 1285 print_hex_dump(KERN_DEBUG, prefix, DUMP_PREFIX_OFFSET, 16, 1, 1286 tlv->val, pkt_len, false); 1287 1288 btintel_pcie_recv_frame(data, skb); 1289 } while (offset < len); 1290 1291 exit_on_error: 1292 kfree(buf); 1293 } 1294 1295 static void btintel_pcie_msix_hw_exp_handler(struct btintel_pcie_data *data) 1296 { 1297 bt_dev_err(data->hdev, "Received hw exception interrupt"); 1298 1299 if (test_and_set_bit(BTINTEL_PCIE_CORE_HALTED, &data->flags)) 1300 return; 1301 1302 if (test_and_set_bit(BTINTEL_PCIE_HWEXP_INPROGRESS, &data->flags)) 1303 return; 1304 1305 /* Trigger device core dump when there is HW exception */ 1306 if (!test_and_set_bit(BTINTEL_PCIE_COREDUMP_INPROGRESS, &data->flags)) 1307 data->dmp_hdr.trigger_reason = BTINTEL_PCIE_TRIGGER_REASON_FW_ASSERT; 1308 1309 queue_work(data->workqueue, &data->rx_work); 1310 } 1311 1312 static void btintel_pcie_rx_work(struct work_struct *work) 1313 { 1314 struct btintel_pcie_data *data = container_of(work, 1315 struct btintel_pcie_data, rx_work); 1316 struct sk_buff *skb; 1317 1318 if (test_bit(BTINTEL_PCIE_HWEXP_INPROGRESS, &data->flags)) { 1319 /* Unlike usb products, controller will not send hardware 1320 * exception event on exception. Instead controller writes the 1321 * hardware event to device memory along with optional debug 1322 * events, raises MSIX and halts. Driver shall read the 1323 * exception event from device memory and passes it stack for 1324 * further processing. 1325 */ 1326 btintel_pcie_read_hwexp(data); 1327 clear_bit(BTINTEL_PCIE_HWEXP_INPROGRESS, &data->flags); 1328 } 1329 1330 if (test_bit(BTINTEL_PCIE_COREDUMP_INPROGRESS, &data->flags)) { 1331 btintel_pcie_dump_traces(data->hdev); 1332 clear_bit(BTINTEL_PCIE_COREDUMP_INPROGRESS, &data->flags); 1333 } 1334 1335 /* Process the sk_buf in queue and send to the HCI layer */ 1336 while ((skb = skb_dequeue(&data->rx_skb_q))) { 1337 btintel_pcie_recv_frame(data, skb); 1338 } 1339 } 1340 1341 /* create sk_buff with data and save it to queue and start RX work */ 1342 static int btintel_pcie_submit_rx_work(struct btintel_pcie_data *data, u8 status, 1343 void *buf) 1344 { 1345 int ret, len; 1346 struct rfh_hdr *rfh_hdr; 1347 struct sk_buff *skb; 1348 1349 rfh_hdr = buf; 1350 1351 len = rfh_hdr->packet_len; 1352 if (len <= 0) { 1353 ret = -EINVAL; 1354 goto resubmit; 1355 } 1356 1357 /* Remove RFH header */ 1358 buf += sizeof(*rfh_hdr); 1359 1360 skb = alloc_skb(len, GFP_ATOMIC); 1361 if (!skb) 1362 goto resubmit; 1363 1364 skb_put_data(skb, buf, len); 1365 skb_queue_tail(&data->rx_skb_q, skb); 1366 queue_work(data->workqueue, &data->rx_work); 1367 1368 resubmit: 1369 ret = btintel_pcie_submit_rx(data); 1370 1371 return ret; 1372 } 1373 1374 /* Handles the MSI-X interrupt for rx queue 1 which is for RX */ 1375 static void btintel_pcie_msix_rx_handle(struct btintel_pcie_data *data) 1376 { 1377 u16 cr_hia, cr_tia; 1378 struct rxq *rxq; 1379 struct urbd1 *urbd1; 1380 struct data_buf *buf; 1381 int ret; 1382 struct hci_dev *hdev = data->hdev; 1383 1384 cr_hia = data->ia.cr_hia[BTINTEL_PCIE_RXQ_NUM]; 1385 cr_tia = data->ia.cr_tia[BTINTEL_PCIE_RXQ_NUM]; 1386 1387 bt_dev_dbg(hdev, "RXQ: cr_hia: %u cr_tia: %u", cr_hia, cr_tia); 1388 1389 /* Check CR_TIA and CR_HIA for change */ 1390 if (cr_tia == cr_hia) 1391 return; 1392 1393 rxq = &data->rxq; 1394 1395 /* The firmware sends multiple CD in a single MSI-X and it needs to 1396 * process all received CDs in this interrupt. 1397 */ 1398 while (cr_tia != cr_hia) { 1399 urbd1 = &rxq->urbd1s[cr_tia]; 1400 ipc_print_urbd1(data->hdev, urbd1, cr_tia); 1401 1402 buf = &rxq->bufs[urbd1->frbd_tag]; 1403 if (!buf) { 1404 bt_dev_err(hdev, "RXQ: failed to get the DMA buffer for %d", 1405 urbd1->frbd_tag); 1406 return; 1407 } 1408 1409 ret = btintel_pcie_submit_rx_work(data, urbd1->status, 1410 buf->data); 1411 if (ret) { 1412 bt_dev_err(hdev, "RXQ: failed to submit rx request"); 1413 return; 1414 } 1415 1416 cr_tia = (cr_tia + 1) % rxq->count; 1417 data->ia.cr_tia[BTINTEL_PCIE_RXQ_NUM] = cr_tia; 1418 ipc_print_ia_ring(data->hdev, &data->ia, BTINTEL_PCIE_RXQ_NUM); 1419 } 1420 } 1421 1422 static irqreturn_t btintel_pcie_msix_isr(int irq, void *data) 1423 { 1424 return IRQ_WAKE_THREAD; 1425 } 1426 1427 static inline bool btintel_pcie_is_rxq_empty(struct btintel_pcie_data *data) 1428 { 1429 return data->ia.cr_hia[BTINTEL_PCIE_RXQ_NUM] == data->ia.cr_tia[BTINTEL_PCIE_RXQ_NUM]; 1430 } 1431 1432 static inline bool btintel_pcie_is_txackq_empty(struct btintel_pcie_data *data) 1433 { 1434 return data->ia.cr_tia[BTINTEL_PCIE_TXQ_NUM] == data->ia.cr_hia[BTINTEL_PCIE_TXQ_NUM]; 1435 } 1436 1437 static irqreturn_t btintel_pcie_irq_msix_handler(int irq, void *dev_id) 1438 { 1439 struct msix_entry *entry = dev_id; 1440 struct btintel_pcie_data *data = btintel_pcie_get_data(entry); 1441 u32 intr_fh, intr_hw; 1442 1443 spin_lock(&data->irq_lock); 1444 intr_fh = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_MSIX_FH_INT_CAUSES); 1445 intr_hw = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_MSIX_HW_INT_CAUSES); 1446 1447 /* Clear causes registers to avoid being handling the same cause */ 1448 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_MSIX_FH_INT_CAUSES, intr_fh); 1449 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_MSIX_HW_INT_CAUSES, intr_hw); 1450 spin_unlock(&data->irq_lock); 1451 1452 if (unlikely(!(intr_fh | intr_hw))) { 1453 /* Ignore interrupt, inta == 0 */ 1454 return IRQ_NONE; 1455 } 1456 1457 /* This interrupt is raised when there is an hardware exception */ 1458 if (intr_hw & BTINTEL_PCIE_MSIX_HW_INT_CAUSES_HWEXP) 1459 btintel_pcie_msix_hw_exp_handler(data); 1460 1461 if (intr_hw & BTINTEL_PCIE_MSIX_HW_INT_CAUSES_GP1) 1462 btintel_pcie_msix_gp1_handler(data); 1463 1464 /* This interrupt is triggered by the firmware after updating 1465 * boot_stage register and image_response register 1466 */ 1467 if (intr_hw & BTINTEL_PCIE_MSIX_HW_INT_CAUSES_GP0) 1468 btintel_pcie_msix_gp0_handler(data); 1469 1470 /* For TX */ 1471 if (intr_fh & BTINTEL_PCIE_MSIX_FH_INT_CAUSES_0) { 1472 btintel_pcie_msix_tx_handle(data); 1473 if (!btintel_pcie_is_rxq_empty(data)) 1474 btintel_pcie_msix_rx_handle(data); 1475 } 1476 1477 /* For RX */ 1478 if (intr_fh & BTINTEL_PCIE_MSIX_FH_INT_CAUSES_1) { 1479 btintel_pcie_msix_rx_handle(data); 1480 if (!btintel_pcie_is_txackq_empty(data)) 1481 btintel_pcie_msix_tx_handle(data); 1482 } 1483 1484 /* 1485 * Before sending the interrupt the HW disables it to prevent a nested 1486 * interrupt. This is done by writing 1 to the corresponding bit in 1487 * the mask register. After handling the interrupt, it should be 1488 * re-enabled by clearing this bit. This register is defined as write 1 1489 * clear (W1C) register, meaning that it's cleared by writing 1 1490 * to the bit. 1491 */ 1492 btintel_pcie_wr_reg32(data, BTINTEL_PCIE_CSR_MSIX_AUTOMASK_ST, 1493 BIT(entry->entry)); 1494 1495 return IRQ_HANDLED; 1496 } 1497 1498 /* This function requests the irq for MSI-X and registers the handlers per irq. 1499 * Currently, it requests only 1 irq for all interrupt causes. 1500 */ 1501 static int btintel_pcie_setup_irq(struct btintel_pcie_data *data) 1502 { 1503 int err; 1504 int num_irqs, i; 1505 1506 for (i = 0; i < BTINTEL_PCIE_MSIX_VEC_MAX; i++) 1507 data->msix_entries[i].entry = i; 1508 1509 num_irqs = pci_alloc_irq_vectors(data->pdev, BTINTEL_PCIE_MSIX_VEC_MIN, 1510 BTINTEL_PCIE_MSIX_VEC_MAX, PCI_IRQ_MSIX); 1511 if (num_irqs < 0) 1512 return num_irqs; 1513 1514 data->alloc_vecs = num_irqs; 1515 data->msix_enabled = 1; 1516 data->def_irq = 0; 1517 1518 /* setup irq handler */ 1519 for (i = 0; i < data->alloc_vecs; i++) { 1520 struct msix_entry *msix_entry; 1521 1522 msix_entry = &data->msix_entries[i]; 1523 msix_entry->vector = pci_irq_vector(data->pdev, i); 1524 1525 err = devm_request_threaded_irq(&data->pdev->dev, 1526 msix_entry->vector, 1527 btintel_pcie_msix_isr, 1528 btintel_pcie_irq_msix_handler, 1529 IRQF_SHARED, 1530 KBUILD_MODNAME, 1531 msix_entry); 1532 if (err) { 1533 pci_free_irq_vectors(data->pdev); 1534 data->alloc_vecs = 0; 1535 return err; 1536 } 1537 } 1538 return 0; 1539 } 1540 1541 struct btintel_pcie_causes_list { 1542 u32 cause; 1543 u32 mask_reg; 1544 u8 cause_num; 1545 }; 1546 1547 static struct btintel_pcie_causes_list causes_list[] = { 1548 { BTINTEL_PCIE_MSIX_FH_INT_CAUSES_0, BTINTEL_PCIE_CSR_MSIX_FH_INT_MASK, 0x00 }, 1549 { BTINTEL_PCIE_MSIX_FH_INT_CAUSES_1, BTINTEL_PCIE_CSR_MSIX_FH_INT_MASK, 0x01 }, 1550 { BTINTEL_PCIE_MSIX_HW_INT_CAUSES_GP0, BTINTEL_PCIE_CSR_MSIX_HW_INT_MASK, 0x20 }, 1551 { BTINTEL_PCIE_MSIX_HW_INT_CAUSES_HWEXP, BTINTEL_PCIE_CSR_MSIX_HW_INT_MASK, 0x23 }, 1552 }; 1553 1554 /* This function configures the interrupt masks for both HW_INT_CAUSES and 1555 * FH_INT_CAUSES which are meaningful to us. 1556 * 1557 * After resetting BT function via PCIE FLR or FUNC_CTRL reset, the driver 1558 * need to call this function again to configure since the masks 1559 * are reset to 0xFFFFFFFF after reset. 1560 */ 1561 static void btintel_pcie_config_msix(struct btintel_pcie_data *data) 1562 { 1563 int i; 1564 int val = data->def_irq | BTINTEL_PCIE_MSIX_NON_AUTO_CLEAR_CAUSE; 1565 1566 /* Set Non Auto Clear Cause */ 1567 for (i = 0; i < ARRAY_SIZE(causes_list); i++) { 1568 btintel_pcie_wr_reg8(data, 1569 BTINTEL_PCIE_CSR_MSIX_IVAR(causes_list[i].cause_num), 1570 val); 1571 btintel_pcie_clr_reg_bits(data, 1572 causes_list[i].mask_reg, 1573 causes_list[i].cause); 1574 } 1575 1576 /* Save the initial interrupt mask */ 1577 data->fh_init_mask = ~btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_MSIX_FH_INT_MASK); 1578 data->hw_init_mask = ~btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_MSIX_HW_INT_MASK); 1579 } 1580 1581 static int btintel_pcie_config_pcie(struct pci_dev *pdev, 1582 struct btintel_pcie_data *data) 1583 { 1584 int err; 1585 1586 err = pcim_enable_device(pdev); 1587 if (err) 1588 return err; 1589 1590 pci_set_master(pdev); 1591 1592 err = dma_set_mask_and_coherent(&pdev->dev, DMA_BIT_MASK(64)); 1593 if (err) { 1594 err = dma_set_mask_and_coherent(&pdev->dev, DMA_BIT_MASK(32)); 1595 if (err) 1596 return err; 1597 } 1598 1599 data->base_addr = pcim_iomap_region(pdev, 0, KBUILD_MODNAME); 1600 if (IS_ERR(data->base_addr)) 1601 return PTR_ERR(data->base_addr); 1602 1603 err = btintel_pcie_setup_irq(data); 1604 if (err) 1605 return err; 1606 1607 /* Configure MSI-X with causes list */ 1608 btintel_pcie_config_msix(data); 1609 1610 return 0; 1611 } 1612 1613 static void btintel_pcie_init_ci(struct btintel_pcie_data *data, 1614 struct ctx_info *ci) 1615 { 1616 ci->version = 0x1; 1617 ci->size = sizeof(*ci); 1618 ci->config = 0x0000; 1619 ci->addr_cr_hia = data->ia.cr_hia_p_addr; 1620 ci->addr_tr_tia = data->ia.tr_tia_p_addr; 1621 ci->addr_cr_tia = data->ia.cr_tia_p_addr; 1622 ci->addr_tr_hia = data->ia.tr_hia_p_addr; 1623 ci->num_cr_ia = BTINTEL_PCIE_NUM_QUEUES; 1624 ci->num_tr_ia = BTINTEL_PCIE_NUM_QUEUES; 1625 ci->addr_urbdq0 = data->txq.urbd0s_p_addr; 1626 ci->addr_tfdq = data->txq.tfds_p_addr; 1627 ci->num_tfdq = data->txq.count; 1628 ci->num_urbdq0 = data->txq.count; 1629 ci->tfdq_db_vec = BTINTEL_PCIE_TXQ_NUM; 1630 ci->urbdq0_db_vec = BTINTEL_PCIE_TXQ_NUM; 1631 ci->rbd_size = BTINTEL_PCIE_RBD_SIZE_4K; 1632 ci->addr_frbdq = data->rxq.frbds_p_addr; 1633 ci->num_frbdq = data->rxq.count; 1634 ci->frbdq_db_vec = BTINTEL_PCIE_RXQ_NUM; 1635 ci->addr_urbdq1 = data->rxq.urbd1s_p_addr; 1636 ci->num_urbdq1 = data->rxq.count; 1637 ci->urbdq_db_vec = BTINTEL_PCIE_RXQ_NUM; 1638 1639 ci->dbg_output_mode = 0x01; 1640 ci->dbgc_addr = data->dbgc.frag_p_addr; 1641 ci->dbgc_size = data->dbgc.frag_size; 1642 ci->dbg_preset = 0x00; 1643 } 1644 1645 static void btintel_pcie_free_txq_bufs(struct btintel_pcie_data *data, 1646 struct txq *txq) 1647 { 1648 /* Free data buffers first */ 1649 dma_free_coherent(&data->pdev->dev, txq->count * BTINTEL_PCIE_BUFFER_SIZE, 1650 txq->buf_v_addr, txq->buf_p_addr); 1651 kfree(txq->bufs); 1652 } 1653 1654 static int btintel_pcie_setup_txq_bufs(struct btintel_pcie_data *data, 1655 struct txq *txq) 1656 { 1657 int i; 1658 struct data_buf *buf; 1659 1660 /* Allocate the same number of buffers as the descriptor */ 1661 txq->bufs = kmalloc_array(txq->count, sizeof(*buf), GFP_KERNEL); 1662 if (!txq->bufs) 1663 return -ENOMEM; 1664 1665 /* Allocate full chunk of data buffer for DMA first and do indexing and 1666 * initialization next, so it can be freed easily 1667 */ 1668 txq->buf_v_addr = dma_alloc_coherent(&data->pdev->dev, 1669 txq->count * BTINTEL_PCIE_BUFFER_SIZE, 1670 &txq->buf_p_addr, 1671 GFP_KERNEL | __GFP_NOWARN); 1672 if (!txq->buf_v_addr) { 1673 kfree(txq->bufs); 1674 return -ENOMEM; 1675 } 1676 1677 /* Setup the allocated DMA buffer to bufs. Each data_buf should 1678 * have virtual address and physical address 1679 */ 1680 for (i = 0; i < txq->count; i++) { 1681 buf = &txq->bufs[i]; 1682 buf->data_p_addr = txq->buf_p_addr + (i * BTINTEL_PCIE_BUFFER_SIZE); 1683 buf->data = txq->buf_v_addr + (i * BTINTEL_PCIE_BUFFER_SIZE); 1684 } 1685 1686 return 0; 1687 } 1688 1689 static void btintel_pcie_free_rxq_bufs(struct btintel_pcie_data *data, 1690 struct rxq *rxq) 1691 { 1692 /* Free data buffers first */ 1693 dma_free_coherent(&data->pdev->dev, rxq->count * BTINTEL_PCIE_BUFFER_SIZE, 1694 rxq->buf_v_addr, rxq->buf_p_addr); 1695 kfree(rxq->bufs); 1696 } 1697 1698 static int btintel_pcie_setup_rxq_bufs(struct btintel_pcie_data *data, 1699 struct rxq *rxq) 1700 { 1701 int i; 1702 struct data_buf *buf; 1703 1704 /* Allocate the same number of buffers as the descriptor */ 1705 rxq->bufs = kmalloc_array(rxq->count, sizeof(*buf), GFP_KERNEL); 1706 if (!rxq->bufs) 1707 return -ENOMEM; 1708 1709 /* Allocate full chunk of data buffer for DMA first and do indexing and 1710 * initialization next, so it can be freed easily 1711 */ 1712 rxq->buf_v_addr = dma_alloc_coherent(&data->pdev->dev, 1713 rxq->count * BTINTEL_PCIE_BUFFER_SIZE, 1714 &rxq->buf_p_addr, 1715 GFP_KERNEL | __GFP_NOWARN); 1716 if (!rxq->buf_v_addr) { 1717 kfree(rxq->bufs); 1718 return -ENOMEM; 1719 } 1720 1721 /* Setup the allocated DMA buffer to bufs. Each data_buf should 1722 * have virtual address and physical address 1723 */ 1724 for (i = 0; i < rxq->count; i++) { 1725 buf = &rxq->bufs[i]; 1726 buf->data_p_addr = rxq->buf_p_addr + (i * BTINTEL_PCIE_BUFFER_SIZE); 1727 buf->data = rxq->buf_v_addr + (i * BTINTEL_PCIE_BUFFER_SIZE); 1728 } 1729 1730 return 0; 1731 } 1732 1733 static void btintel_pcie_setup_ia(struct btintel_pcie_data *data, 1734 dma_addr_t p_addr, void *v_addr, 1735 struct ia *ia) 1736 { 1737 /* TR Head Index Array */ 1738 ia->tr_hia_p_addr = p_addr; 1739 ia->tr_hia = v_addr; 1740 1741 /* TR Tail Index Array */ 1742 ia->tr_tia_p_addr = p_addr + sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES; 1743 ia->tr_tia = v_addr + sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES; 1744 1745 /* CR Head index Array */ 1746 ia->cr_hia_p_addr = p_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 2); 1747 ia->cr_hia = v_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 2); 1748 1749 /* CR Tail Index Array */ 1750 ia->cr_tia_p_addr = p_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 3); 1751 ia->cr_tia = v_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 3); 1752 } 1753 1754 static void btintel_pcie_free(struct btintel_pcie_data *data) 1755 { 1756 btintel_pcie_free_rxq_bufs(data, &data->rxq); 1757 btintel_pcie_free_txq_bufs(data, &data->txq); 1758 1759 dma_pool_free(data->dma_pool, data->dma_v_addr, data->dma_p_addr); 1760 dma_pool_destroy(data->dma_pool); 1761 } 1762 1763 /* Allocate tx and rx queues, any related data structures and buffers. 1764 */ 1765 static int btintel_pcie_alloc(struct btintel_pcie_data *data) 1766 { 1767 int err = 0; 1768 size_t total; 1769 dma_addr_t p_addr; 1770 void *v_addr; 1771 1772 /* Allocate the chunk of DMA memory for descriptors, index array, and 1773 * context information, instead of allocating individually. 1774 * The DMA memory for data buffer is allocated while setting up the 1775 * each queue. 1776 * 1777 * Total size is sum of the following 1778 * + size of TFD * Number of descriptors in queue 1779 * + size of URBD0 * Number of descriptors in queue 1780 * + size of FRBD * Number of descriptors in queue 1781 * + size of URBD1 * Number of descriptors in queue 1782 * + size of index * Number of queues(2) * type of index array(4) 1783 * + size of context information 1784 */ 1785 total = (sizeof(struct tfd) + sizeof(struct urbd0) + sizeof(struct frbd) 1786 + sizeof(struct urbd1)) * BTINTEL_DESCS_COUNT; 1787 1788 /* Add the sum of size of index array and size of ci struct */ 1789 total += (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 4) + sizeof(struct ctx_info); 1790 1791 /* Allocate DMA Pool */ 1792 data->dma_pool = dma_pool_create(KBUILD_MODNAME, &data->pdev->dev, 1793 total, BTINTEL_PCIE_DMA_POOL_ALIGNMENT, 0); 1794 if (!data->dma_pool) { 1795 err = -ENOMEM; 1796 goto exit_error; 1797 } 1798 1799 v_addr = dma_pool_zalloc(data->dma_pool, GFP_KERNEL | __GFP_NOWARN, 1800 &p_addr); 1801 if (!v_addr) { 1802 dma_pool_destroy(data->dma_pool); 1803 err = -ENOMEM; 1804 goto exit_error; 1805 } 1806 1807 data->dma_p_addr = p_addr; 1808 data->dma_v_addr = v_addr; 1809 1810 /* Setup descriptor count */ 1811 data->txq.count = BTINTEL_DESCS_COUNT; 1812 data->rxq.count = BTINTEL_DESCS_COUNT; 1813 1814 /* Setup tfds */ 1815 data->txq.tfds_p_addr = p_addr; 1816 data->txq.tfds = v_addr; 1817 1818 p_addr += (sizeof(struct tfd) * BTINTEL_DESCS_COUNT); 1819 v_addr += (sizeof(struct tfd) * BTINTEL_DESCS_COUNT); 1820 1821 /* Setup urbd0 */ 1822 data->txq.urbd0s_p_addr = p_addr; 1823 data->txq.urbd0s = v_addr; 1824 1825 p_addr += (sizeof(struct urbd0) * BTINTEL_DESCS_COUNT); 1826 v_addr += (sizeof(struct urbd0) * BTINTEL_DESCS_COUNT); 1827 1828 /* Setup FRBD*/ 1829 data->rxq.frbds_p_addr = p_addr; 1830 data->rxq.frbds = v_addr; 1831 1832 p_addr += (sizeof(struct frbd) * BTINTEL_DESCS_COUNT); 1833 v_addr += (sizeof(struct frbd) * BTINTEL_DESCS_COUNT); 1834 1835 /* Setup urbd1 */ 1836 data->rxq.urbd1s_p_addr = p_addr; 1837 data->rxq.urbd1s = v_addr; 1838 1839 p_addr += (sizeof(struct urbd1) * BTINTEL_DESCS_COUNT); 1840 v_addr += (sizeof(struct urbd1) * BTINTEL_DESCS_COUNT); 1841 1842 /* Setup data buffers for txq */ 1843 err = btintel_pcie_setup_txq_bufs(data, &data->txq); 1844 if (err) 1845 goto exit_error_pool; 1846 1847 /* Setup data buffers for rxq */ 1848 err = btintel_pcie_setup_rxq_bufs(data, &data->rxq); 1849 if (err) 1850 goto exit_error_txq; 1851 1852 /* Setup Index Array */ 1853 btintel_pcie_setup_ia(data, p_addr, v_addr, &data->ia); 1854 1855 /* Setup data buffers for dbgc */ 1856 err = btintel_pcie_setup_dbgc(data); 1857 if (err) 1858 goto exit_error_txq; 1859 1860 /* Setup Context Information */ 1861 p_addr += sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 4; 1862 v_addr += sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 4; 1863 1864 data->ci = v_addr; 1865 data->ci_p_addr = p_addr; 1866 1867 /* Initialize the CI */ 1868 btintel_pcie_init_ci(data, data->ci); 1869 1870 return 0; 1871 1872 exit_error_txq: 1873 btintel_pcie_free_txq_bufs(data, &data->txq); 1874 exit_error_pool: 1875 dma_pool_free(data->dma_pool, data->dma_v_addr, data->dma_p_addr); 1876 dma_pool_destroy(data->dma_pool); 1877 exit_error: 1878 return err; 1879 } 1880 1881 static int btintel_pcie_open(struct hci_dev *hdev) 1882 { 1883 bt_dev_dbg(hdev, ""); 1884 1885 return 0; 1886 } 1887 1888 static int btintel_pcie_close(struct hci_dev *hdev) 1889 { 1890 bt_dev_dbg(hdev, ""); 1891 1892 return 0; 1893 } 1894 1895 static int btintel_pcie_inject_cmd_complete(struct hci_dev *hdev, __u16 opcode) 1896 { 1897 struct sk_buff *skb; 1898 struct hci_event_hdr *hdr; 1899 struct hci_ev_cmd_complete *evt; 1900 1901 skb = bt_skb_alloc(sizeof(*hdr) + sizeof(*evt) + 1, GFP_KERNEL); 1902 if (!skb) 1903 return -ENOMEM; 1904 1905 hdr = (struct hci_event_hdr *)skb_put(skb, sizeof(*hdr)); 1906 hdr->evt = HCI_EV_CMD_COMPLETE; 1907 hdr->plen = sizeof(*evt) + 1; 1908 1909 evt = (struct hci_ev_cmd_complete *)skb_put(skb, sizeof(*evt)); 1910 evt->ncmd = 0x01; 1911 evt->opcode = cpu_to_le16(opcode); 1912 1913 *(u8 *)skb_put(skb, 1) = 0x00; 1914 1915 hci_skb_pkt_type(skb) = HCI_EVENT_PKT; 1916 1917 return hci_recv_frame(hdev, skb); 1918 } 1919 1920 static int btintel_pcie_send_frame(struct hci_dev *hdev, 1921 struct sk_buff *skb) 1922 { 1923 struct btintel_pcie_data *data = hci_get_drvdata(hdev); 1924 struct hci_command_hdr *cmd; 1925 __u16 opcode = ~0; 1926 int ret; 1927 u32 type; 1928 u32 old_ctxt; 1929 1930 /* Due to the fw limitation, the type header of the packet should be 1931 * 4 bytes unlike 1 byte for UART. In UART, the firmware can read 1932 * the first byte to get the packet type and redirect the rest of data 1933 * packet to the right handler. 1934 * 1935 * But for PCIe, THF(Transfer Flow Handler) fetches the 4 bytes of data 1936 * from DMA memory and by the time it reads the first 4 bytes, it has 1937 * already consumed some part of packet. Thus the packet type indicator 1938 * for iBT PCIe is 4 bytes. 1939 * 1940 * Luckily, when HCI core creates the skb, it allocates 8 bytes of 1941 * head room for profile and driver use, and before sending the data 1942 * to the device, append the iBT PCIe packet type in the front. 1943 */ 1944 switch (hci_skb_pkt_type(skb)) { 1945 case HCI_COMMAND_PKT: 1946 type = BTINTEL_PCIE_HCI_CMD_PKT; 1947 cmd = (void *)skb->data; 1948 opcode = le16_to_cpu(cmd->opcode); 1949 if (btintel_test_flag(hdev, INTEL_BOOTLOADER)) { 1950 struct hci_command_hdr *cmd = (void *)skb->data; 1951 __u16 opcode = le16_to_cpu(cmd->opcode); 1952 1953 /* When the 0xfc01 command is issued to boot into 1954 * the operational firmware, it will actually not 1955 * send a command complete event. To keep the flow 1956 * control working inject that event here. 1957 */ 1958 if (opcode == 0xfc01) 1959 btintel_pcie_inject_cmd_complete(hdev, opcode); 1960 } 1961 /* Firmware raises alive interrupt on HCI_OP_RESET */ 1962 if (opcode == HCI_OP_RESET) 1963 data->gp0_received = false; 1964 1965 hdev->stat.cmd_tx++; 1966 break; 1967 case HCI_ACLDATA_PKT: 1968 type = BTINTEL_PCIE_HCI_ACL_PKT; 1969 hdev->stat.acl_tx++; 1970 break; 1971 case HCI_SCODATA_PKT: 1972 type = BTINTEL_PCIE_HCI_SCO_PKT; 1973 hdev->stat.sco_tx++; 1974 break; 1975 case HCI_ISODATA_PKT: 1976 type = BTINTEL_PCIE_HCI_ISO_PKT; 1977 break; 1978 default: 1979 bt_dev_err(hdev, "Unknown HCI packet type"); 1980 return -EILSEQ; 1981 } 1982 memcpy(skb_push(skb, BTINTEL_PCIE_HCI_TYPE_LEN), &type, 1983 BTINTEL_PCIE_HCI_TYPE_LEN); 1984 1985 ret = btintel_pcie_send_sync(data, skb); 1986 if (ret) { 1987 hdev->stat.err_tx++; 1988 bt_dev_err(hdev, "Failed to send frame (%d)", ret); 1989 goto exit_error; 1990 } 1991 1992 if (type == BTINTEL_PCIE_HCI_CMD_PKT && 1993 (opcode == HCI_OP_RESET || opcode == 0xfc01)) { 1994 old_ctxt = data->alive_intr_ctxt; 1995 data->alive_intr_ctxt = 1996 (opcode == 0xfc01 ? BTINTEL_PCIE_INTEL_HCI_RESET1 : 1997 BTINTEL_PCIE_HCI_RESET); 1998 bt_dev_dbg(data->hdev, "sent cmd: 0x%4.4x alive context changed: %s -> %s", 1999 opcode, btintel_pcie_alivectxt_state2str(old_ctxt), 2000 btintel_pcie_alivectxt_state2str(data->alive_intr_ctxt)); 2001 if (opcode == HCI_OP_RESET) { 2002 ret = wait_event_timeout(data->gp0_wait_q, 2003 data->gp0_received, 2004 msecs_to_jiffies(BTINTEL_DEFAULT_INTR_TIMEOUT_MS)); 2005 if (!ret) { 2006 hdev->stat.err_tx++; 2007 bt_dev_err(hdev, "No alive interrupt received for %s", 2008 btintel_pcie_alivectxt_state2str(data->alive_intr_ctxt)); 2009 ret = -ETIME; 2010 goto exit_error; 2011 } 2012 } 2013 } 2014 hdev->stat.byte_tx += skb->len; 2015 kfree_skb(skb); 2016 2017 exit_error: 2018 return ret; 2019 } 2020 2021 static void btintel_pcie_release_hdev(struct btintel_pcie_data *data) 2022 { 2023 struct hci_dev *hdev; 2024 2025 hdev = data->hdev; 2026 hci_unregister_dev(hdev); 2027 hci_free_dev(hdev); 2028 data->hdev = NULL; 2029 } 2030 2031 static int btintel_pcie_setup_internal(struct hci_dev *hdev) 2032 { 2033 struct btintel_pcie_data *data = hci_get_drvdata(hdev); 2034 const u8 param[1] = { 0xFF }; 2035 struct intel_version_tlv ver_tlv; 2036 struct sk_buff *skb; 2037 int err; 2038 2039 BT_DBG("%s", hdev->name); 2040 2041 skb = __hci_cmd_sync(hdev, 0xfc05, 1, param, HCI_CMD_TIMEOUT); 2042 if (IS_ERR(skb)) { 2043 bt_dev_err(hdev, "Reading Intel version command failed (%ld)", 2044 PTR_ERR(skb)); 2045 return PTR_ERR(skb); 2046 } 2047 2048 /* Check the status */ 2049 if (skb->data[0]) { 2050 bt_dev_err(hdev, "Intel Read Version command failed (%02x)", 2051 skb->data[0]); 2052 err = -EIO; 2053 goto exit_error; 2054 } 2055 2056 /* Apply the common HCI quirks for Intel device */ 2057 set_bit(HCI_QUIRK_STRICT_DUPLICATE_FILTER, &hdev->quirks); 2058 set_bit(HCI_QUIRK_SIMULTANEOUS_DISCOVERY, &hdev->quirks); 2059 set_bit(HCI_QUIRK_NON_PERSISTENT_DIAG, &hdev->quirks); 2060 2061 /* Set up the quality report callback for Intel devices */ 2062 hdev->set_quality_report = btintel_set_quality_report; 2063 2064 memset(&ver_tlv, 0, sizeof(ver_tlv)); 2065 /* For TLV type device, parse the tlv data */ 2066 err = btintel_parse_version_tlv(hdev, &ver_tlv, skb); 2067 if (err) { 2068 bt_dev_err(hdev, "Failed to parse TLV version information"); 2069 goto exit_error; 2070 } 2071 2072 switch (INTEL_HW_PLATFORM(ver_tlv.cnvi_bt)) { 2073 case 0x37: 2074 break; 2075 default: 2076 bt_dev_err(hdev, "Unsupported Intel hardware platform (0x%2x)", 2077 INTEL_HW_PLATFORM(ver_tlv.cnvi_bt)); 2078 err = -EINVAL; 2079 goto exit_error; 2080 } 2081 2082 /* Check for supported iBT hardware variants of this firmware 2083 * loading method. 2084 * 2085 * This check has been put in place to ensure correct forward 2086 * compatibility options when newer hardware variants come 2087 * along. 2088 */ 2089 switch (INTEL_HW_VARIANT(ver_tlv.cnvi_bt)) { 2090 case 0x1e: /* BzrI */ 2091 case 0x1f: /* ScP */ 2092 /* Display version information of TLV type */ 2093 btintel_version_info_tlv(hdev, &ver_tlv); 2094 2095 /* Apply the device specific HCI quirks for TLV based devices 2096 * 2097 * All TLV based devices support WBS 2098 */ 2099 set_bit(HCI_QUIRK_WIDEBAND_SPEECH_SUPPORTED, &hdev->quirks); 2100 2101 /* Setup MSFT Extension support */ 2102 btintel_set_msft_opcode(hdev, 2103 INTEL_HW_VARIANT(ver_tlv.cnvi_bt)); 2104 2105 err = btintel_bootloader_setup_tlv(hdev, &ver_tlv); 2106 if (err) 2107 goto exit_error; 2108 break; 2109 default: 2110 bt_dev_err(hdev, "Unsupported Intel hw variant (%u)", 2111 INTEL_HW_VARIANT(ver_tlv.cnvi_bt)); 2112 err = -EINVAL; 2113 goto exit_error; 2114 break; 2115 } 2116 2117 data->dmp_hdr.cnvi_top = ver_tlv.cnvi_top; 2118 data->dmp_hdr.cnvr_top = ver_tlv.cnvr_top; 2119 data->dmp_hdr.fw_timestamp = ver_tlv.timestamp; 2120 data->dmp_hdr.fw_build_type = ver_tlv.build_type; 2121 data->dmp_hdr.fw_build_num = ver_tlv.build_num; 2122 data->dmp_hdr.cnvi_bt = ver_tlv.cnvi_bt; 2123 2124 if (ver_tlv.img_type == 0x02 || ver_tlv.img_type == 0x03) 2125 data->dmp_hdr.fw_git_sha1 = ver_tlv.git_sha1; 2126 2127 err = hci_devcd_register(hdev, btintel_pcie_dump_traces, btintel_pcie_dump_hdr, 2128 btintel_pcie_dump_notify); 2129 if (err) { 2130 bt_dev_err(hdev, "Failed to register coredump (%d)", err); 2131 goto exit_error; 2132 } 2133 2134 btintel_print_fseq_info(hdev); 2135 exit_error: 2136 kfree_skb(skb); 2137 2138 return err; 2139 } 2140 2141 static int btintel_pcie_setup(struct hci_dev *hdev) 2142 { 2143 int err, fw_dl_retry = 0; 2144 struct btintel_pcie_data *data = hci_get_drvdata(hdev); 2145 2146 while ((err = btintel_pcie_setup_internal(hdev)) && fw_dl_retry++ < 1) { 2147 bt_dev_err(hdev, "Firmware download retry count: %d", 2148 fw_dl_retry); 2149 btintel_pcie_dump_debug_registers(hdev); 2150 err = btintel_pcie_reset_bt(data); 2151 if (err) { 2152 bt_dev_err(hdev, "Failed to do shr reset: %d", err); 2153 break; 2154 } 2155 usleep_range(10000, 12000); 2156 btintel_pcie_reset_ia(data); 2157 btintel_pcie_config_msix(data); 2158 err = btintel_pcie_enable_bt(data); 2159 if (err) { 2160 bt_dev_err(hdev, "Failed to enable hardware: %d", err); 2161 break; 2162 } 2163 btintel_pcie_start_rx(data); 2164 } 2165 return err; 2166 } 2167 2168 static int btintel_pcie_setup_hdev(struct btintel_pcie_data *data) 2169 { 2170 int err; 2171 struct hci_dev *hdev; 2172 2173 hdev = hci_alloc_dev_priv(sizeof(struct btintel_data)); 2174 if (!hdev) 2175 return -ENOMEM; 2176 2177 hdev->bus = HCI_PCI; 2178 hci_set_drvdata(hdev, data); 2179 2180 data->hdev = hdev; 2181 SET_HCIDEV_DEV(hdev, &data->pdev->dev); 2182 2183 hdev->manufacturer = 2; 2184 hdev->open = btintel_pcie_open; 2185 hdev->close = btintel_pcie_close; 2186 hdev->send = btintel_pcie_send_frame; 2187 hdev->setup = btintel_pcie_setup; 2188 hdev->shutdown = btintel_shutdown_combined; 2189 hdev->hw_error = btintel_hw_error; 2190 hdev->set_diag = btintel_set_diag; 2191 hdev->set_bdaddr = btintel_set_bdaddr; 2192 2193 err = hci_register_dev(hdev); 2194 if (err < 0) { 2195 BT_ERR("Failed to register to hdev (%d)", err); 2196 goto exit_error; 2197 } 2198 2199 data->dmp_hdr.driver_name = KBUILD_MODNAME; 2200 return 0; 2201 2202 exit_error: 2203 hci_free_dev(hdev); 2204 return err; 2205 } 2206 2207 static int btintel_pcie_probe(struct pci_dev *pdev, 2208 const struct pci_device_id *ent) 2209 { 2210 int err; 2211 struct btintel_pcie_data *data; 2212 2213 if (!pdev) 2214 return -ENODEV; 2215 2216 data = devm_kzalloc(&pdev->dev, sizeof(*data), GFP_KERNEL); 2217 if (!data) 2218 return -ENOMEM; 2219 2220 data->pdev = pdev; 2221 2222 spin_lock_init(&data->irq_lock); 2223 spin_lock_init(&data->hci_rx_lock); 2224 2225 init_waitqueue_head(&data->gp0_wait_q); 2226 data->gp0_received = false; 2227 2228 init_waitqueue_head(&data->tx_wait_q); 2229 data->tx_wait_done = false; 2230 2231 data->workqueue = alloc_ordered_workqueue(KBUILD_MODNAME, WQ_HIGHPRI); 2232 if (!data->workqueue) 2233 return -ENOMEM; 2234 2235 skb_queue_head_init(&data->rx_skb_q); 2236 INIT_WORK(&data->rx_work, btintel_pcie_rx_work); 2237 2238 data->boot_stage_cache = 0x00; 2239 data->img_resp_cache = 0x00; 2240 2241 err = btintel_pcie_config_pcie(pdev, data); 2242 if (err) 2243 goto exit_error; 2244 2245 pci_set_drvdata(pdev, data); 2246 2247 err = btintel_pcie_alloc(data); 2248 if (err) 2249 goto exit_error; 2250 2251 err = btintel_pcie_enable_bt(data); 2252 if (err) 2253 goto exit_error; 2254 2255 /* CNV information (CNVi and CNVr) is in CSR */ 2256 data->cnvi = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_HW_REV_REG); 2257 2258 data->cnvr = btintel_pcie_rd_reg32(data, BTINTEL_PCIE_CSR_RF_ID_REG); 2259 2260 err = btintel_pcie_start_rx(data); 2261 if (err) 2262 goto exit_error; 2263 2264 err = btintel_pcie_setup_hdev(data); 2265 if (err) 2266 goto exit_error; 2267 2268 bt_dev_dbg(data->hdev, "cnvi: 0x%8.8x cnvr: 0x%8.8x", data->cnvi, 2269 data->cnvr); 2270 return 0; 2271 2272 exit_error: 2273 /* reset device before exit */ 2274 btintel_pcie_reset_bt(data); 2275 2276 pci_clear_master(pdev); 2277 2278 pci_set_drvdata(pdev, NULL); 2279 2280 return err; 2281 } 2282 2283 static void btintel_pcie_remove(struct pci_dev *pdev) 2284 { 2285 struct btintel_pcie_data *data; 2286 2287 data = pci_get_drvdata(pdev); 2288 2289 btintel_pcie_reset_bt(data); 2290 for (int i = 0; i < data->alloc_vecs; i++) { 2291 struct msix_entry *msix_entry; 2292 2293 msix_entry = &data->msix_entries[i]; 2294 free_irq(msix_entry->vector, msix_entry); 2295 } 2296 2297 pci_free_irq_vectors(pdev); 2298 2299 btintel_pcie_release_hdev(data); 2300 2301 flush_work(&data->rx_work); 2302 2303 destroy_workqueue(data->workqueue); 2304 2305 btintel_pcie_free(data); 2306 2307 pci_clear_master(pdev); 2308 2309 pci_set_drvdata(pdev, NULL); 2310 } 2311 2312 #ifdef CONFIG_DEV_COREDUMP 2313 static void btintel_pcie_coredump(struct device *dev) 2314 { 2315 struct pci_dev *pdev = to_pci_dev(dev); 2316 struct btintel_pcie_data *data = pci_get_drvdata(pdev); 2317 2318 if (test_and_set_bit(BTINTEL_PCIE_COREDUMP_INPROGRESS, &data->flags)) 2319 return; 2320 2321 data->dmp_hdr.trigger_reason = BTINTEL_PCIE_TRIGGER_REASON_USER_TRIGGER; 2322 queue_work(data->workqueue, &data->rx_work); 2323 } 2324 #endif 2325 2326 static struct pci_driver btintel_pcie_driver = { 2327 .name = KBUILD_MODNAME, 2328 .id_table = btintel_pcie_table, 2329 .probe = btintel_pcie_probe, 2330 .remove = btintel_pcie_remove, 2331 #ifdef CONFIG_DEV_COREDUMP 2332 .driver.coredump = btintel_pcie_coredump 2333 #endif 2334 }; 2335 module_pci_driver(btintel_pcie_driver); 2336 2337 MODULE_AUTHOR("Tedd Ho-Jeong An <tedd.an@intel.com>"); 2338 MODULE_DESCRIPTION("Intel Bluetooth PCIe transport driver ver " VERSION); 2339 MODULE_VERSION(VERSION); 2340 MODULE_LICENSE("GPL"); 2341