Linux kernel mirror (for testing)
git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git
kernel
os
linux
Merge tag 'for-net-next-2026-04-13' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next
Luiz Augusto von Dentz says:
====================
bluetooth-next pull request for net-next:
core:
- hci_core: Rate limit the logging of invalid ISO handle
- hci_sync: make hci_cmd_sync_run_once return -EEXIST if exists
- hci_event: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER
- hci_event: fix potential UAF in SSP passkey handlers
- HCI: Avoid a couple -Wflex-array-member-not-at-end warnings
- L2CAP: CoC: Disconnect if received packet size exceeds MPS
- L2CAP: Add missing chan lock in l2cap_ecred_reconf_rsp
- L2CAP: Fix printing wrong information if SDU length exceeds MTU
- SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec
drivers:
- btusb: MT7922: Add VID/PID 0489/e174
- btusb: Add Lite-On 04ca:3807 for MediaTek MT7921
- btusb: Add MT7927 IDs ASUS ROG Crosshair X870E Hero, Lenovo Legion Pro 7
16ARX9, Gigabyte Z790 AORUS MASTER X, MSI X870E Ace Max, TP-Link
Archer TBE550E, ASUS X870E / ProArt X870E-Creator.
- btusb: Add MT7902 IDs 13d3/3579, 13d3/3580, 13d3/3594, 13d3/3596, 0e8d/1ede
- btusb: Add MT7902 IDs 13d3/3579, 13d3/3580, 13d3/3594, 13d3/3596, 0e8d/1ede
- btusb: MediaTek MT7922: Add VID 0489 & PID e11d
- btintel: Add support for Scorpious Peak2 support
- btintel: Add support for Scorpious Peak2F support
- btintel_pcie: Add device id of Scorpius Peak2, Nova Lake-PCD-H
- btintel_pcie: Add device id of Scorpious2, Nova Lake-PCD-S
- btmtk: Add reset mechanism if downloading firmware failed
- btmtk: Add MT6639 (MT7927) Bluetooth support
- btmtk: fix ISO interface setup for single alt setting
- btmtk: add MT7902 SDIO support
- Bluetooth: btmtk: add MT7902 MCU support
- btbcm: Add entry for BCM4343A2 UART Bluetooth
- qca: enable pwrseq support for wcn39xx devices
- hci_qca: Fix BT not getting powered-off on rmmod
- hci_qca: disable power control for WCN7850 when bt_en is not defined
- hci_qca: Fix missing wakeup during SSR memdump handling
- hci_ldisc: Clear HCI_UART_PROTO_INIT on error
- mmc: sdio: add MediaTek MT7902 SDIO device ID
- hci_ll: Enable BROKEN_ENHANCED_SETUP_SYNC_CONN for WL183x
* tag 'for-net-next-2026-04-13' of git://git.kernel.org/pub/scm/linux/kernel/git/bluetooth/bluetooth-next: (59 commits)
Bluetooth: hci_qca: Fix missing wakeup during SSR memdump handling
Bluetooth: btintel_pcie: use strscpy to copy plain strings
Bluetooth: hci_event: fix potential UAF in SSP passkey handlers
Bluetooth: hci.h: Avoid a couple -Wflex-array-member-not-at-end warnings
Bluetooth: SCO: check for codecs->num_codecs == 1 before assigning to sco_pi(sk)->codec
Bluetooth: btintel_pcie: Align shared DMA memory to 128 bytes
Bluetooth: l2cap: Add missing chan lock in l2cap_ecred_reconf_rsp
Bluetooth: hci_ll: Enable BROKEN_ENHANCED_SETUP_SYNC_CONN for WL183x
Bluetooth: btusb: MediaTek MT7922: Add VID 0489 & PID e11d
Bluetooth: btmtk: hide unused btmtk_mt6639_devs[] array
Bluetooth: btusb: Add MT7927 ID for ASUS X870E / ProArt X870E-Creator
Bluetooth: btusb: Add MT7927 ID for TP-Link Archer TBE550E
Bluetooth: btusb: Add MT7927 ID for MSI X870E Ace Max
Bluetooth: btusb: Add MT7927 ID for Gigabyte Z790 AORUS MASTER X
Bluetooth: btusb: Add MT7927 ID for Lenovo Legion Pro 7 16ARX9
Bluetooth: btusb: Add MT7927 ID for ASUS ROG Crosshair X870E Hero
Bluetooth: btmtk: fix ISO interface setup for single alt setting
Bluetooth: btmtk: Add MT6639 (MT7927) Bluetooth support
Bluetooth: fix locking in hci_conn_request_evt() with HCI_PROTO_DEFER
Bluetooth: btmtk: refactor endpoint lookup
...
====================
Link: https://patch.msgid.link/20260413132247.320961-1-luiz.dentz@gmail.com
Signed-off-by: Jakub Kicinski <kuba@kernel.org>
+476
-241
+5
-6
drivers/bluetooth/btbcm.c
+5
-6
drivers/bluetooth/btbcm.c
···
223
223
err = PTR_ERR(skb);
224
224
bt_dev_err(hdev, "BCM: Download Minidrv command failed (%d)",
225
225
err);
226
-
goto done;
226
+
return err;
227
227
}
228
228
kfree_skb(skb);
229
229
···
242
242
243
243
if (fw_size < cmd->plen) {
244
244
bt_dev_err(hdev, "BCM: Patch is corrupted");
245
-
err = -EINVAL;
246
-
goto done;
245
+
return -EINVAL;
247
246
}
248
247
249
248
cmd_param = fw_ptr;
···
257
258
err = PTR_ERR(skb);
258
259
bt_dev_err(hdev, "BCM: Patch command %04x failed (%d)",
259
260
opcode, err);
260
-
goto done;
261
+
return err;
261
262
}
262
263
kfree_skb(skb);
263
264
}
···
265
266
/* 250 msec delay after Launch Ram completes */
266
267
msleep(250);
267
268
268
-
done:
269
-
return err;
269
+
return 0;
270
270
}
271
271
EXPORT_SYMBOL(btbcm_patchram);
272
272
···
505
507
{ 0x6119, "BCM4345C0" }, /* 003.001.025 */
506
508
{ 0x6606, "BCM4345C5" }, /* 003.006.006 */
507
509
{ 0x230f, "BCM4356A2" }, /* 001.003.015 */
510
+
{ 0x2310, "BCM4343A2" }, /* 001.003.016 */
508
511
{ 0x220e, "BCM20702A1" }, /* 001.002.014 */
509
512
{ 0x420d, "BCM4349B1" }, /* 002.002.013 */
510
513
{ 0x420e, "BCM4349B1" }, /* 002.002.014 */
+92
-17
drivers/bluetooth/btintel.c
+92
-17
drivers/bluetooth/btintel.c
···
35
35
DSM_SET_RESET_METHOD = 3,
36
36
};
37
37
38
+
/* Hybrid ECDSA + LMS */
39
+
#define BTINTEL_RSA_HEADER_VER 0x00010000
40
+
#define BTINTEL_ECDSA_HEADER_VER 0x00020000
41
+
#define BTINTEL_HYBRID_HEADER_VER 0x00069700
42
+
#define BTINTEL_ECDSA_OFFSET 128
43
+
#define BTINTEL_CSS_HEADER_SIZE 128
44
+
#define BTINTEL_ECDSA_PUB_KEY_SIZE 96
45
+
#define BTINTEL_ECDSA_SIG_SIZE 96
46
+
#define BTINTEL_LMS_OFFSET 320
47
+
#define BTINTEL_LMS_PUB_KEY_SIZE 52
48
+
#define BTINTEL_LMS_SIG_SIZE 1744
49
+
#define BTINTEL_CMD_BUFFER_OFFSET 2116
50
+
38
51
#define BTINTEL_BT_DOMAIN 0x12
39
52
#define BTINTEL_SAR_LEGACY 0
40
53
#define BTINTEL_SAR_INC_PWR 1
···
502
489
case 0x1d: /* BlazarU (BzrU) */
503
490
case 0x1e: /* BlazarI (Bzr) */
504
491
case 0x1f: /* Scorpious Peak */
492
+
case 0x20: /* Scorpious Peak2 */
493
+
case 0x21: /* Scorpious Peak2 F */
505
494
case 0x22: /* BlazarIW (BzrIW) */
506
495
break;
507
496
default:
···
525
510
return -EINVAL;
526
511
}
527
512
528
-
/* Secure boot engine type should be either 1 (ECDSA) or 0 (RSA) */
529
-
if (version->sbe_type > 0x01) {
513
+
/* Secure boot engine type can be 0 (RSA), 1 (ECDSA), 2 (LMS), 3 (ECDSA + LMS) */
514
+
if (version->sbe_type > 0x03) {
530
515
bt_dev_err(hdev, "Unsupported Intel secure boot engine type (0x%x)",
531
516
version->sbe_type);
532
517
return -EINVAL;
···
1045
1030
return 0;
1046
1031
}
1047
1032
1033
+
static int btintel_sfi_hybrid_header_secure_send(struct hci_dev *hdev,
1034
+
const struct firmware *fw)
1035
+
{
1036
+
int err;
1037
+
1038
+
err = btintel_secure_send(hdev, 0x00, BTINTEL_CSS_HEADER_SIZE, fw->data);
1039
+
if (err < 0) {
1040
+
bt_dev_err(hdev, "Failed to send firmware CSS header (%d)", err);
1041
+
return err;
1042
+
}
1043
+
1044
+
err = btintel_secure_send(hdev, 0x03, BTINTEL_ECDSA_PUB_KEY_SIZE,
1045
+
fw->data + BTINTEL_ECDSA_OFFSET);
1046
+
if (err < 0) {
1047
+
bt_dev_err(hdev, "Failed to send firmware ECDSA pkey (%d)", err);
1048
+
return err;
1049
+
}
1050
+
1051
+
err = btintel_secure_send(hdev, 0x02, BTINTEL_ECDSA_SIG_SIZE,
1052
+
fw->data + BTINTEL_ECDSA_OFFSET + BTINTEL_ECDSA_PUB_KEY_SIZE);
1053
+
if (err < 0) {
1054
+
bt_dev_err(hdev, "Failed to send firmware ECDSA signature (%d)", err);
1055
+
return err;
1056
+
}
1057
+
1058
+
err = btintel_secure_send(hdev, 0x05, BTINTEL_LMS_PUB_KEY_SIZE,
1059
+
fw->data + BTINTEL_LMS_OFFSET);
1060
+
if (err < 0) {
1061
+
bt_dev_err(hdev, "Failed to send firmware LMS pkey (%d)", err);
1062
+
return err;
1063
+
}
1064
+
1065
+
err = btintel_secure_send(hdev, 0x04, BTINTEL_LMS_SIG_SIZE,
1066
+
fw->data + BTINTEL_LMS_OFFSET + BTINTEL_LMS_PUB_KEY_SIZE);
1067
+
if (err < 0) {
1068
+
bt_dev_err(hdev, "Failed to send firmware LMS signature (%d)", err);
1069
+
return err;
1070
+
}
1071
+
1072
+
return 0;
1073
+
}
1074
+
1048
1075
static int btintel_download_firmware_payload(struct hci_dev *hdev,
1049
1076
const struct firmware *fw,
1050
1077
size_t offset)
···
1260
1203
* Command Buffer.
1261
1204
*
1262
1205
* CSS Header byte positions 0x08 to 0x0B represent the CSS Header
1263
-
* version: RSA(0x00010000) , ECDSA (0x00020000)
1206
+
* version: RSA(0x00010000) , ECDSA (0x00020000) , HYBRID (0x00069700)
1264
1207
*/
1265
1208
css_header_ver = get_unaligned_le32(fw->data + CSS_HEADER_OFFSET);
1266
-
if (css_header_ver != 0x00010000) {
1267
-
bt_dev_err(hdev, "Invalid CSS Header version");
1209
+
if (css_header_ver != BTINTEL_RSA_HEADER_VER &&
1210
+
css_header_ver != BTINTEL_HYBRID_HEADER_VER) {
1211
+
bt_dev_err(hdev, "Invalid CSS Header version: 0x%8.8x", css_header_ver);
1268
1212
return -EINVAL;
1269
1213
}
1270
1214
···
1283
1225
err = btintel_download_firmware_payload(hdev, fw, RSA_HEADER_LEN);
1284
1226
if (err)
1285
1227
return err;
1286
-
} else if (hw_variant >= 0x17) {
1228
+
} else if (hw_variant >= 0x17 && css_header_ver == BTINTEL_RSA_HEADER_VER) {
1287
1229
/* Check if CSS header for ECDSA follows the RSA header */
1288
1230
if (fw->data[ECDSA_OFFSET] != 0x06)
1289
1231
return -EINVAL;
1290
1232
1291
1233
/* Check if the CSS Header version is ECDSA(0x00020000) */
1292
1234
css_header_ver = get_unaligned_le32(fw->data + ECDSA_OFFSET + CSS_HEADER_OFFSET);
1293
-
if (css_header_ver != 0x00020000) {
1294
-
bt_dev_err(hdev, "Invalid CSS Header version");
1235
+
if (css_header_ver != BTINTEL_ECDSA_HEADER_VER) {
1236
+
bt_dev_err(hdev, "Invalid CSS Header version: 0x%8.8x", css_header_ver);
1295
1237
return -EINVAL;
1296
1238
}
1297
1239
···
1314
1256
if (err)
1315
1257
return err;
1316
1258
}
1259
+
} else if (hw_variant >= 0x20 && css_header_ver == BTINTEL_HYBRID_HEADER_VER) {
1260
+
err = btintel_sfi_hybrid_header_secure_send(hdev, fw);
1261
+
if (err)
1262
+
return err;
1263
+
1264
+
err = btintel_download_firmware_payload(hdev, fw, BTINTEL_CMD_BUFFER_OFFSET);
1265
+
if (err)
1266
+
return err;
1317
1267
}
1318
1268
return 0;
1319
1269
}
···
2820
2754
2821
2755
struct btintel_dsbr_cmd cmd;
2822
2756
struct sk_buff *skb;
2823
-
u32 dsbr, cnvi;
2824
-
u8 status;
2757
+
u32 dsbr;
2758
+
u8 status, hw_variant;
2825
2759
int err;
2826
2760
2827
-
cnvi = ver->cnvi_top & 0xfff;
2761
+
hw_variant = INTEL_HW_VARIANT(ver->cnvi_bt);
2828
2762
/* DSBR command needs to be sent for,
2829
2763
* 1. BlazarI or BlazarIW + B0 step product in IML image.
2830
2764
* 2. Gale Peak2 or BlazarU in OP image.
2831
2765
* 3. Scorpious Peak in IML image.
2766
+
* 4. Scorpious Peak2 onwards + PCIe transport in IML image.
2832
2767
*/
2833
2768
2834
-
switch (cnvi) {
2835
-
case BTINTEL_CNVI_BLAZARI:
2836
-
case BTINTEL_CNVI_BLAZARIW:
2769
+
switch (hw_variant) {
2770
+
case BTINTEL_HWID_BZRI:
2771
+
case BTINTEL_HWID_BZRIW:
2837
2772
if (ver->img_type == BTINTEL_IMG_IML &&
2838
2773
INTEL_CNVX_TOP_STEP(ver->cnvi_top) == 0x01)
2839
2774
break;
2840
2775
return 0;
2841
-
case BTINTEL_CNVI_GAP:
2842
-
case BTINTEL_CNVI_BLAZARU:
2776
+
case BTINTEL_HWID_GAP:
2777
+
case BTINTEL_HWID_BZRU:
2843
2778
if (ver->img_type == BTINTEL_IMG_OP &&
2844
2779
hdev->bus == HCI_USB)
2845
2780
break;
2846
2781
return 0;
2847
-
case BTINTEL_CNVI_SCP:
2782
+
case BTINTEL_HWID_SCP:
2848
2783
if (ver->img_type == BTINTEL_IMG_IML)
2849
2784
break;
2850
2785
return 0;
2851
2786
default:
2787
+
/* Scorpius Peak2 onwards */
2788
+
if (hw_variant >= BTINTEL_HWID_SCP2 && hdev->bus == HCI_PCI
2789
+
&& ver->img_type == BTINTEL_IMG_IML)
2790
+
break;
2852
2791
return 0;
2853
2792
}
2854
2793
···
3330
3259
case 0x1d:
3331
3260
case 0x1e:
3332
3261
case 0x1f:
3262
+
case 0x20:
3263
+
case 0x21:
3333
3264
case 0x22:
3334
3265
hci_set_msft_opcode(hdev, 0xFC1E);
3335
3266
break;
···
3673
3600
case 0x1d:
3674
3601
case 0x1e:
3675
3602
case 0x1f:
3603
+
case 0x20:
3604
+
case 0x21:
3676
3605
case 0x22:
3677
3606
/* Display version information of TLV type */
3678
3607
btintel_version_info_tlv(hdev, &ver_tlv);
+15
-5
drivers/bluetooth/btintel.h
+15
-5
drivers/bluetooth/btintel.h
···
54
54
55
55
#define BTINTEL_HCI_OP_RESET 0xfc01
56
56
57
-
#define BTINTEL_CNVI_BLAZARI 0x900
58
-
#define BTINTEL_CNVI_BLAZARIW 0x901
59
-
#define BTINTEL_CNVI_GAP 0x910
60
-
#define BTINTEL_CNVI_BLAZARU 0x930
61
-
#define BTINTEL_CNVI_SCP 0xA00
57
+
#define BTINTEL_CNVI_BLAZARI 0x900 /* BlazarI - Lunar Lake */
58
+
#define BTINTEL_CNVI_BLAZARIW 0x901 /* BlazarIW - Wildcat Lake */
59
+
#define BTINTEL_CNVI_GAP 0x910 /* Gale Peak2 - Meteor Lake */
60
+
#define BTINTEL_CNVI_BLAZARU 0x930 /* BlazarU - Meteor Lake */
61
+
#define BTINTEL_CNVI_SCP 0xA00 /* Scorpius Peak - Panther Lake */
62
+
#define BTINTEL_CNVI_SCP2 0xA10 /* Scorpius Peak2 - Nova Lake */
63
+
#define BTINTEL_CNVI_SCP2F 0xA20 /* Scorpius Peak2F - Nova Lake */
62
64
63
65
/* CNVR */
64
66
#define BTINTEL_CNVR_FMP2 0x910
···
70
68
#define BTINTEL_IMG_OP 0x03 /* Operational image */
71
69
72
70
#define BTINTEL_FWID_MAXLEN 64
71
+
72
+
/* CNVi Hardware variant */
73
+
#define BTINTEL_HWID_GAP 0x1c /* Gale Peak2 - Meteor Lake */
74
+
#define BTINTEL_HWID_BZRI 0x1e /* BlazarI - Lunar Lake */
75
+
#define BTINTEL_HWID_BZRU 0x1d /* BlazarU - Meteor Lake */
76
+
#define BTINTEL_HWID_SCP 0x1f /* Scorpius Peak - Panther Lake */
77
+
#define BTINTEL_HWID_SCP2 0x20 /* Scorpius Peak2 - Nova Lake */
78
+
#define BTINTEL_HWID_BZRIW 0x22 /* BlazarIW - Wildcat Lake */
73
79
74
80
struct intel_version_tlv {
75
81
u32 cnvi_top;
+75
-47
drivers/bluetooth/btintel_pcie.c
+75
-47
drivers/bluetooth/btintel_pcie.c
···
9
9
#include <linux/kernel.h>
10
10
#include <linux/module.h>
11
11
#include <linux/firmware.h>
12
+
#include <linux/overflow.h>
12
13
#include <linux/pci.h>
14
+
#include <linux/string.h>
13
15
#include <linux/wait.h>
14
16
#include <linux/delay.h>
15
17
#include <linux/interrupt.h>
···
37
35
38
36
#define POLL_INTERVAL_US 10
39
37
38
+
#define BTINTEL_PCIE_DMA_ALIGN_128B 128 /* 128 byte aligned */
39
+
40
40
/* Intel Bluetooth PCIe device id table */
41
41
static const struct pci_device_id btintel_pcie_table[] = {
42
42
/* BlazarI, Wildcat Lake */
···
49
45
{ BTINTEL_PCI_DEVICE(0xE376, PCI_ANY_ID) },
50
46
/* Scorpious, Panther Lake-H404 */
51
47
{ BTINTEL_PCI_DEVICE(0xE476, PCI_ANY_ID) },
48
+
/* Scorpious2, Nova Lake-PCD-H */
49
+
{ BTINTEL_PCI_DEVICE(0xD346, PCI_ANY_ID) },
50
+
/* Scorpious2, Nova Lake-PCD-S */
51
+
{ BTINTEL_PCI_DEVICE(0x6E74, PCI_ANY_ID) },
52
52
{ 0 }
53
53
};
54
54
MODULE_DEVICE_TABLE(pci, btintel_pcie_table);
···
79
71
80
72
#define BTINTEL_PCIE_SCP_HWEXP_SIZE 4096
81
73
#define BTINTEL_PCIE_SCP_HWEXP_DMP_ADDR 0xB030F800
74
+
75
+
#define BTINTEL_PCIE_SCP2_HWEXP_SIZE 4096
76
+
#define BTINTEL_PCIE_SCP2_HWEXP_DMP_ADDR 0xB031D000
82
77
83
78
#define BTINTEL_PCIE_MAGIC_NUM 0xA5A5A5A5
84
79
···
279
268
if (!skb)
280
269
return;
281
270
282
-
snprintf(buf, sizeof(buf), "%s", "---- Dump of debug registers ---");
271
+
strscpy(buf, "---- Dump of debug registers ---");
283
272
bt_dev_dbg(hdev, "%s", buf);
284
273
skb_put_data(skb, buf, strlen(buf));
285
274
···
351
340
snprintf(buf, sizeof(buf), "txq: cr_tia: %u cr_hia: %u", cr_tia, cr_hia);
352
341
skb_put_data(skb, buf, strlen(buf));
353
342
bt_dev_dbg(hdev, "%s", buf);
354
-
snprintf(buf, sizeof(buf), "--------------------------------");
343
+
strscpy(buf, "--------------------------------");
355
344
bt_dev_dbg(hdev, "%s", buf);
356
345
357
346
hci_recv_diag(hdev, skb);
···
661
650
else
662
651
return -EINVAL;
663
652
664
-
snprintf(vendor, sizeof(vendor), "Vendor: Intel\n");
653
+
strscpy(vendor, "Vendor: Intel\n");
665
654
snprintf(driver, sizeof(driver), "Driver: %s\n",
666
655
data->dmp_hdr.driver_name);
667
656
···
1235
1224
return;
1236
1225
len = BTINTEL_PCIE_BLZR_HWEXP_SIZE; /* exception data length */
1237
1226
addr = BTINTEL_PCIE_BLZR_HWEXP_DMP_ADDR;
1238
-
break;
1227
+
break;
1239
1228
case BTINTEL_CNVI_SCP:
1240
1229
len = BTINTEL_PCIE_SCP_HWEXP_SIZE;
1241
1230
addr = BTINTEL_PCIE_SCP_HWEXP_DMP_ADDR;
1242
-
break;
1231
+
break;
1232
+
case BTINTEL_CNVI_SCP2:
1233
+
case BTINTEL_CNVI_SCP2F:
1234
+
len = BTINTEL_PCIE_SCP2_HWEXP_SIZE;
1235
+
addr = BTINTEL_PCIE_SCP2_HWEXP_DMP_ADDR;
1236
+
break;
1243
1237
default:
1244
1238
bt_dev_err(data->hdev, "Unsupported cnvi 0x%8.8x", data->dmp_hdr.cnvi_top);
1245
1239
return;
···
1753
1737
return 0;
1754
1738
}
1755
1739
1756
-
static void btintel_pcie_setup_ia(struct btintel_pcie_data *data,
1757
-
dma_addr_t p_addr, void *v_addr,
1758
-
struct ia *ia)
1759
-
{
1760
-
/* TR Head Index Array */
1761
-
ia->tr_hia_p_addr = p_addr;
1762
-
ia->tr_hia = v_addr;
1763
-
1764
-
/* TR Tail Index Array */
1765
-
ia->tr_tia_p_addr = p_addr + sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES;
1766
-
ia->tr_tia = v_addr + sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES;
1767
-
1768
-
/* CR Head index Array */
1769
-
ia->cr_hia_p_addr = p_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 2);
1770
-
ia->cr_hia = v_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 2);
1771
-
1772
-
/* CR Tail Index Array */
1773
-
ia->cr_tia_p_addr = p_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 3);
1774
-
ia->cr_tia = v_addr + (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 3);
1775
-
}
1776
-
1777
1740
static void btintel_pcie_free(struct btintel_pcie_data *data)
1778
1741
{
1779
1742
btintel_pcie_free_rxq_bufs(data, &data->rxq);
···
1770
1775
size_t total;
1771
1776
dma_addr_t p_addr;
1772
1777
void *v_addr;
1778
+
size_t tfd_size, frbd_size, ctx_size, ci_size, urbd0_size, urbd1_size;
1773
1779
1774
1780
/* Allocate the chunk of DMA memory for descriptors, index array, and
1775
1781
* context information, instead of allocating individually.
1776
1782
* The DMA memory for data buffer is allocated while setting up the
1777
1783
* each queue.
1778
1784
*
1779
-
* Total size is sum of the following
1785
+
* Total size is sum of the following and each of the individual sizes
1786
+
* are aligned to 128 bytes before adding up.
1787
+
*
1780
1788
* + size of TFD * Number of descriptors in queue
1781
1789
* + size of URBD0 * Number of descriptors in queue
1782
1790
* + size of FRBD * Number of descriptors in queue
···
1787
1789
* + size of index * Number of queues(2) * type of index array(4)
1788
1790
* + size of context information
1789
1791
*/
1790
-
total = (sizeof(struct tfd) + sizeof(struct urbd0)) * BTINTEL_PCIE_TX_DESCS_COUNT;
1791
-
total += (sizeof(struct frbd) + sizeof(struct urbd1)) * BTINTEL_PCIE_RX_DESCS_COUNT;
1792
+
tfd_size = ALIGN(sizeof(struct tfd) * BTINTEL_PCIE_TX_DESCS_COUNT,
1793
+
BTINTEL_PCIE_DMA_ALIGN_128B);
1794
+
urbd0_size = ALIGN(sizeof(struct urbd0) * BTINTEL_PCIE_TX_DESCS_COUNT,
1795
+
BTINTEL_PCIE_DMA_ALIGN_128B);
1792
1796
1793
-
/* Add the sum of size of index array and size of ci struct */
1794
-
total += (sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 4) + sizeof(struct ctx_info);
1797
+
frbd_size = ALIGN(sizeof(struct frbd) * BTINTEL_PCIE_RX_DESCS_COUNT,
1798
+
BTINTEL_PCIE_DMA_ALIGN_128B);
1799
+
urbd1_size = ALIGN(sizeof(struct urbd1) * BTINTEL_PCIE_RX_DESCS_COUNT,
1800
+
BTINTEL_PCIE_DMA_ALIGN_128B);
1795
1801
1796
-
/* Allocate DMA Pool */
1802
+
ci_size = ALIGN(sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES,
1803
+
BTINTEL_PCIE_DMA_ALIGN_128B);
1804
+
1805
+
ctx_size = ALIGN(sizeof(struct ctx_info), BTINTEL_PCIE_DMA_ALIGN_128B);
1806
+
1807
+
total = tfd_size + urbd0_size + frbd_size + urbd1_size + ctx_size + ci_size * 4;
1808
+
1797
1809
data->dma_pool = dma_pool_create(KBUILD_MODNAME, &data->pdev->dev,
1798
-
total, BTINTEL_PCIE_DMA_POOL_ALIGNMENT, 0);
1810
+
total, BTINTEL_PCIE_DMA_ALIGN_128B, 0);
1799
1811
if (!data->dma_pool) {
1800
1812
err = -ENOMEM;
1801
1813
goto exit_error;
···
1830
1822
data->txq.tfds_p_addr = p_addr;
1831
1823
data->txq.tfds = v_addr;
1832
1824
1833
-
p_addr += (sizeof(struct tfd) * BTINTEL_PCIE_TX_DESCS_COUNT);
1834
-
v_addr += (sizeof(struct tfd) * BTINTEL_PCIE_TX_DESCS_COUNT);
1825
+
p_addr += tfd_size;
1826
+
v_addr += tfd_size;
1835
1827
1836
1828
/* Setup urbd0 */
1837
1829
data->txq.urbd0s_p_addr = p_addr;
1838
1830
data->txq.urbd0s = v_addr;
1839
1831
1840
-
p_addr += (sizeof(struct urbd0) * BTINTEL_PCIE_TX_DESCS_COUNT);
1841
-
v_addr += (sizeof(struct urbd0) * BTINTEL_PCIE_TX_DESCS_COUNT);
1832
+
p_addr += urbd0_size;
1833
+
v_addr += urbd0_size;
1842
1834
1843
1835
/* Setup FRBD*/
1844
1836
data->rxq.frbds_p_addr = p_addr;
1845
1837
data->rxq.frbds = v_addr;
1846
1838
1847
-
p_addr += (sizeof(struct frbd) * BTINTEL_PCIE_RX_DESCS_COUNT);
1848
-
v_addr += (sizeof(struct frbd) * BTINTEL_PCIE_RX_DESCS_COUNT);
1839
+
p_addr += frbd_size;
1840
+
v_addr += frbd_size;
1849
1841
1850
1842
/* Setup urbd1 */
1851
1843
data->rxq.urbd1s_p_addr = p_addr;
1852
1844
data->rxq.urbd1s = v_addr;
1853
1845
1854
-
p_addr += (sizeof(struct urbd1) * BTINTEL_PCIE_RX_DESCS_COUNT);
1855
-
v_addr += (sizeof(struct urbd1) * BTINTEL_PCIE_RX_DESCS_COUNT);
1846
+
p_addr += urbd1_size;
1847
+
v_addr += urbd1_size;
1856
1848
1857
1849
/* Setup data buffers for txq */
1858
1850
err = btintel_pcie_setup_txq_bufs(data, &data->txq);
···
1864
1856
if (err)
1865
1857
goto exit_error_txq;
1866
1858
1867
-
/* Setup Index Array */
1868
-
btintel_pcie_setup_ia(data, p_addr, v_addr, &data->ia);
1859
+
/* TR Head Index Array */
1860
+
data->ia.tr_hia_p_addr = p_addr;
1861
+
data->ia.tr_hia = v_addr;
1862
+
p_addr += ci_size;
1863
+
v_addr += ci_size;
1864
+
1865
+
/* TR Tail Index Array */
1866
+
data->ia.tr_tia_p_addr = p_addr;
1867
+
data->ia.tr_tia = v_addr;
1868
+
p_addr += ci_size;
1869
+
v_addr += ci_size;
1870
+
1871
+
/* CR Head index Array */
1872
+
data->ia.cr_hia_p_addr = p_addr;
1873
+
data->ia.cr_hia = v_addr;
1874
+
p_addr += ci_size;
1875
+
v_addr += ci_size;
1876
+
1877
+
/* CR Tail Index Array */
1878
+
data->ia.cr_tia_p_addr = p_addr;
1879
+
data->ia.cr_tia = v_addr;
1880
+
p_addr += ci_size;
1881
+
v_addr += ci_size;
1869
1882
1870
1883
/* Setup data buffers for dbgc */
1871
1884
err = btintel_pcie_setup_dbgc(data);
···
1894
1865
goto exit_error_txq;
1895
1866
1896
1867
/* Setup Context Information */
1897
-
p_addr += sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 4;
1898
-
v_addr += sizeof(u16) * BTINTEL_PCIE_NUM_QUEUES * 4;
1899
-
1900
1868
data->ci = v_addr;
1901
1869
data->ci_p_addr = p_addr;
1902
1870
···
2119
2093
switch (INTEL_HW_VARIANT(ver_tlv.cnvi_bt)) {
2120
2094
case 0x1e: /* BzrI */
2121
2095
case 0x1f: /* ScP */
2096
+
case 0x20: /* ScP2 */
2097
+
case 0x21: /* ScP2 F */
2122
2098
case 0x22: /* BzrIW */
2123
2099
/* Display version information of TLV type */
2124
2100
btintel_version_info_tlv(hdev, &ver_tlv);
···
2400
2372
u16 opcode, num_supported_commands =
2401
2373
ARRAY_SIZE(btintel_pcie_hci_drv_supported_commands);
2402
2374
2403
-
rp_size = sizeof(*rp) + num_supported_commands * 2;
2375
+
rp_size = struct_size(rp, supported_commands, num_supported_commands);
2404
2376
2405
2377
rp = kmalloc(rp_size, GFP_KERNEL);
2406
2378
if (!rp)
-3
drivers/bluetooth/btintel_pcie.h
-3
drivers/bluetooth/btintel_pcie.h
···
178
178
/* The size of DMA buffer for TX and RX in bytes */
179
179
#define BTINTEL_PCIE_BUFFER_SIZE 4096
180
180
181
-
/* DMA allocation alignment */
182
-
#define BTINTEL_PCIE_DMA_POOL_ALIGNMENT 256
183
-
184
181
#define BTINTEL_PCIE_TX_WAIT_TIMEOUT_MS 500
185
182
186
183
/* Doorbell vector for TFD */
+83
-32
drivers/bluetooth/btmtk.c
+83
-32
drivers/bluetooth/btmtk.c
···
112
112
void btmtk_fw_get_filename(char *buf, size_t size, u32 dev_id, u32 fw_ver,
113
113
u32 fw_flavor)
114
114
{
115
-
if (dev_id == 0x7925)
115
+
if (dev_id == 0x6639)
116
+
snprintf(buf, size,
117
+
"mediatek/mt7927/BT_RAM_CODE_MT%04x_2_%x_hdr.bin",
118
+
dev_id & 0xffff, (fw_ver & 0xff) + 1);
119
+
else if (dev_id == 0x7925)
116
120
snprintf(buf, size,
117
121
"mediatek/mt%04x/BT_RAM_CODE_MT%04x_1_%x_hdr.bin",
118
122
dev_id & 0xffff, dev_id & 0xffff, (fw_ver & 0xff) + 1);
···
132
128
EXPORT_SYMBOL_GPL(btmtk_fw_get_filename);
133
129
134
130
int btmtk_setup_firmware_79xx(struct hci_dev *hdev, const char *fwname,
135
-
wmt_cmd_sync_func_t wmt_cmd_sync)
131
+
wmt_cmd_sync_func_t wmt_cmd_sync,
132
+
u32 dev_id)
136
133
{
137
134
struct btmtk_hci_wmt_params wmt_params;
138
135
struct btmtk_patch_header *hdr;
···
170
165
171
166
section_offset = le32_to_cpu(sectionmap->secoffset);
172
167
dl_size = le32_to_cpu(sectionmap->bin_info_spec.dlsize);
168
+
169
+
/* MT6639: only download sections where dlmode byte0 == 0x01,
170
+
* matching the Windows driver behavior which skips WiFi/other
171
+
* sections that would cause the chip to hang.
172
+
*/
173
+
if (dev_id == 0x6639 && dl_size > 0 &&
174
+
(le32_to_cpu(sectionmap->bin_info_spec.dlmodecrctype) & 0xff) != 0x01)
175
+
continue;
173
176
174
177
if (dl_size > 0) {
175
178
retry = 20;
···
218
205
}
219
206
}
220
207
208
+
/* If retry exhausted goto err_release_fw */
209
+
if (retry == 0) {
210
+
err = -EIO;
211
+
goto err_release_fw;
212
+
}
213
+
221
214
fw_ptr += section_offset;
222
215
wmt_params.op = BTMTK_WMT_PATCH_DWNLD;
223
-
wmt_params.status = NULL;
224
216
225
217
while (dl_size > 0) {
226
218
dlen = min_t(int, 250, dl_size);
···
243
225
wmt_params.data = fw_ptr;
244
226
245
227
err = wmt_cmd_sync(hdev, &wmt_params);
246
-
if (err < 0) {
228
+
/* Status BTMTK_WMT_PATCH_PROGRESS indicates firmware is
229
+
* in process of being downloaded, which is not expected to
230
+
* occur here.
231
+
*/
232
+
if (status == BTMTK_WMT_PATCH_PROGRESS) {
233
+
err = -EIO;
234
+
goto err_release_fw;
235
+
} else if (err < 0) {
247
236
bt_dev_err(hdev, "Failed to send wmt patch dwnld (%d)",
248
237
err);
249
238
goto err_release_fw;
···
467
442
EXPORT_SYMBOL_GPL(btmtk_process_coredump);
468
443
469
444
#if IS_ENABLED(CONFIG_BT_HCIBTUSB_MTK)
445
+
/* Known MT6639 (MT7927) Bluetooth USB devices.
446
+
* Used to scope the zero-CHIPID workaround to real MT6639 hardware,
447
+
* since some boards return 0x0000 from the MMIO chip ID register.
448
+
*/
449
+
static const struct {
450
+
u16 vendor;
451
+
u16 product;
452
+
} btmtk_mt6639_devs[] = {
453
+
{ 0x0489, 0xe13a }, /* ASUS ROG Crosshair X870E Hero */
454
+
{ 0x0489, 0xe0fa }, /* Lenovo Legion Pro 7 16ARX9 */
455
+
{ 0x0489, 0xe10f }, /* Gigabyte Z790 AORUS MASTER X */
456
+
{ 0x0489, 0xe110 }, /* MSI X870E Ace Max */
457
+
{ 0x0489, 0xe116 }, /* TP-Link Archer TBE550E */
458
+
{ 0x13d3, 0x3588 }, /* ASUS ROG STRIX X870E-E */
459
+
};
460
+
470
461
static void btmtk_usb_wmt_recv(struct urb *urb)
471
462
{
472
463
struct hci_dev *hdev = urb->context;
···
881
840
if (err < 0)
882
841
return err;
883
842
msleep(100);
884
-
} else if (dev_id == 0x7925) {
843
+
} else if (dev_id == 0x7925 || dev_id == 0x6639) {
885
844
err = btmtk_usb_uhw_reg_read(hdev, MTK_BT_RESET_REG_CONNV3, &val);
886
845
if (err < 0)
887
846
return err;
···
967
926
}
968
927
969
928
err = btmtk_usb_id_get(hdev, 0x70010200, &val);
970
-
if (err < 0 || !val)
929
+
if (err < 0 || (!val && dev_id != 0x6639))
971
930
bt_dev_err(hdev, "Can't get device id, subsys reset fail.");
972
931
973
932
return err;
···
1024
983
{
1025
984
struct btmtk_data *btmtk_data = hci_get_priv(hdev);
1026
985
struct usb_interface *intf = btmtk_data->isopkt_intf;
1027
-
int i, err;
986
+
int err;
1028
987
1029
988
if (!btmtk_data->isopkt_intf)
1030
989
return -ENODEV;
1031
990
1032
-
err = usb_set_interface(btmtk_data->udev, MTK_ISO_IFNUM, 1);
991
+
err = usb_set_interface(btmtk_data->udev, MTK_ISO_IFNUM,
992
+
(intf->num_altsetting > 1) ? 1 : 0);
1033
993
if (err < 0) {
1034
994
bt_dev_err(hdev, "setting interface failed (%d)", -err);
1035
995
return err;
1036
996
}
1037
997
1038
-
btmtk_data->isopkt_tx_ep = NULL;
1039
-
btmtk_data->isopkt_rx_ep = NULL;
1040
-
1041
-
for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
1042
-
struct usb_endpoint_descriptor *ep_desc;
1043
-
1044
-
ep_desc = &intf->cur_altsetting->endpoint[i].desc;
1045
-
1046
-
if (!btmtk_data->isopkt_tx_ep &&
1047
-
usb_endpoint_is_int_out(ep_desc)) {
1048
-
btmtk_data->isopkt_tx_ep = ep_desc;
1049
-
continue;
1050
-
}
1051
-
1052
-
if (!btmtk_data->isopkt_rx_ep &&
1053
-
usb_endpoint_is_int_in(ep_desc)) {
1054
-
btmtk_data->isopkt_rx_ep = ep_desc;
1055
-
continue;
1056
-
}
1057
-
}
1058
-
1059
-
if (!btmtk_data->isopkt_tx_ep ||
1060
-
!btmtk_data->isopkt_rx_ep) {
998
+
err = usb_find_common_endpoints(intf->cur_altsetting, NULL, NULL,
999
+
&btmtk_data->isopkt_rx_ep,
1000
+
&btmtk_data->isopkt_tx_ep);
1001
+
if (err) {
1061
1002
bt_dev_err(hdev, "invalid interrupt descriptors");
1062
1003
return -ENODEV;
1063
1004
}
···
1333
1310
fw_flavor = (fw_flavor & 0x00000080) >> 7;
1334
1311
}
1335
1312
1313
+
if (!dev_id) {
1314
+
u16 vid = le16_to_cpu(btmtk_data->udev->descriptor.idVendor);
1315
+
u16 pid = le16_to_cpu(btmtk_data->udev->descriptor.idProduct);
1316
+
int i;
1317
+
1318
+
for (i = 0; i < ARRAY_SIZE(btmtk_mt6639_devs); i++) {
1319
+
if (vid == btmtk_mt6639_devs[i].vendor &&
1320
+
pid == btmtk_mt6639_devs[i].product) {
1321
+
dev_id = 0x6639;
1322
+
break;
1323
+
}
1324
+
}
1325
+
1326
+
if (dev_id)
1327
+
bt_dev_info(hdev, "MT6639: CHIPID=0x0000 with VID=%04x PID=%04x, using 0x6639",
1328
+
vid, pid);
1329
+
}
1330
+
1336
1331
btmtk_data->dev_id = dev_id;
1337
1332
1338
1333
err = btmtk_register_coredump(hdev, btmtk_data->drv_name, fw_version);
···
1367
1326
case 0x7922:
1368
1327
case 0x7925:
1369
1328
case 0x7961:
1329
+
case 0x7902:
1330
+
case 0x6639:
1370
1331
btmtk_fw_get_filename(fw_bin_name, sizeof(fw_bin_name), dev_id,
1371
1332
fw_version, fw_flavor);
1372
1333
1373
1334
err = btmtk_setup_firmware_79xx(hdev, fw_bin_name,
1374
-
btmtk_usb_hci_wmt_sync);
1335
+
btmtk_usb_hci_wmt_sync,
1336
+
dev_id);
1375
1337
if (err < 0) {
1338
+
/* retry once if setup firmware error */
1339
+
if (!test_and_set_bit(BTMTK_FIRMWARE_DL_RETRY, &btmtk_data->flags))
1340
+
btmtk_reset_sync(hdev);
1376
1341
bt_dev_err(hdev, "Failed to set up firmware (%d)", err);
1377
1342
return err;
1378
1343
}
···
1405
1358
1406
1359
hci_set_msft_opcode(hdev, 0xFD30);
1407
1360
hci_set_aosp_capable(hdev);
1361
+
1362
+
/* Clear BTMTK_FIRMWARE_DL_RETRY if setup successfully */
1363
+
test_and_clear_bit(BTMTK_FIRMWARE_DL_RETRY, &btmtk_data->flags);
1408
1364
1409
1365
/* Set up ISO interface after protocol enabled */
1410
1366
if (test_bit(BTMTK_ISOPKT_OVER_INTR, &btmtk_data->flags)) {
···
1547
1497
MODULE_FIRMWARE(FIRMWARE_MT7922);
1548
1498
MODULE_FIRMWARE(FIRMWARE_MT7961);
1549
1499
MODULE_FIRMWARE(FIRMWARE_MT7925);
1500
+
MODULE_FIRMWARE(FIRMWARE_MT7927);
+7
-2
drivers/bluetooth/btmtk.h
+7
-2
drivers/bluetooth/btmtk.h
···
5
5
#define FIRMWARE_MT7663 "mediatek/mt7663pr2h.bin"
6
6
#define FIRMWARE_MT7668 "mediatek/mt7668pr2h.bin"
7
7
#define FIRMWARE_MT7922 "mediatek/BT_RAM_CODE_MT7922_1_1_hdr.bin"
8
+
#define FIRMWARE_MT7902 "mediatek/BT_RAM_CODE_MT7902_1_1_hdr.bin"
8
9
#define FIRMWARE_MT7961 "mediatek/BT_RAM_CODE_MT7961_1_2_hdr.bin"
9
10
#define FIRMWARE_MT7925 "mediatek/mt7925/BT_RAM_CODE_MT7925_1_1_hdr.bin"
11
+
#define FIRMWARE_MT7927 "mediatek/mt7927/BT_RAM_CODE_MT6639_2_1_hdr.bin"
10
12
11
13
#define HCI_EV_WMT 0xe4
12
14
#define HCI_WMT_MAX_EVENT_SIZE 64
···
149
147
BTMTK_HW_RESET_ACTIVE,
150
148
BTMTK_ISOPKT_OVER_INTR,
151
149
BTMTK_ISOPKT_RUNNING,
150
+
BTMTK_FIRMWARE_DL_RETRY,
152
151
};
153
152
154
153
typedef int (*btmtk_reset_sync_func_t)(struct hci_dev *, void *);
···
190
187
int btmtk_set_bdaddr(struct hci_dev *hdev, const bdaddr_t *bdaddr);
191
188
192
189
int btmtk_setup_firmware_79xx(struct hci_dev *hdev, const char *fwname,
193
-
wmt_cmd_sync_func_t wmt_cmd_sync);
190
+
wmt_cmd_sync_func_t wmt_cmd_sync,
191
+
u32 dev_id);
194
192
195
193
int btmtk_setup_firmware(struct hci_dev *hdev, const char *fwname,
196
194
wmt_cmd_sync_func_t wmt_cmd_sync);
···
230
226
231
227
static inline int btmtk_setup_firmware_79xx(struct hci_dev *hdev,
232
228
const char *fwname,
233
-
wmt_cmd_sync_func_t wmt_cmd_sync)
229
+
wmt_cmd_sync_func_t wmt_cmd_sync,
230
+
u32 dev_id)
234
231
{
235
232
return -EOPNOTSUPP;
236
233
}
+30
-14
drivers/bluetooth/btmtksdio.c
+30
-14
drivers/bluetooth/btmtksdio.c
···
42
42
const char *fwname;
43
43
u16 chipid;
44
44
bool lp_mbox_supported;
45
+
bool pm_runtime_supported;
45
46
};
46
47
47
48
static const struct btmtksdio_data mt7663_data = {
48
49
.fwname = FIRMWARE_MT7663,
49
50
.chipid = 0x7663,
50
51
.lp_mbox_supported = false,
52
+
.pm_runtime_supported = true,
51
53
};
52
54
53
55
static const struct btmtksdio_data mt7668_data = {
54
56
.fwname = FIRMWARE_MT7668,
55
57
.chipid = 0x7668,
56
58
.lp_mbox_supported = false,
59
+
.pm_runtime_supported = true,
57
60
};
58
61
59
62
static const struct btmtksdio_data mt7921_data = {
60
63
.fwname = FIRMWARE_MT7961,
61
64
.chipid = 0x7921,
62
65
.lp_mbox_supported = true,
66
+
.pm_runtime_supported = true,
67
+
};
68
+
69
+
static const struct btmtksdio_data mt7902_data = {
70
+
.fwname = FIRMWARE_MT7902,
71
+
.chipid = 0x7902,
72
+
.lp_mbox_supported = false,
73
+
.pm_runtime_supported = false,
63
74
};
64
75
65
76
static const struct sdio_device_id btmtksdio_table[] = {
···
80
69
.driver_data = (kernel_ulong_t)&mt7668_data },
81
70
{SDIO_DEVICE(SDIO_VENDOR_ID_MEDIATEK, SDIO_DEVICE_ID_MEDIATEK_MT7961),
82
71
.driver_data = (kernel_ulong_t)&mt7921_data },
72
+
{SDIO_DEVICE(SDIO_VENDOR_ID_MEDIATEK, SDIO_DEVICE_ID_MEDIATEK_MT7902),
73
+
.driver_data = (kernel_ulong_t)&mt7902_data },
83
74
{ } /* Terminating entry */
84
75
};
85
76
MODULE_DEVICE_TABLE(sdio, btmtksdio_table);
···
883
870
u8 param = 0x1;
884
871
int err;
885
872
886
-
err = btmtk_setup_firmware_79xx(hdev, fwname, mtk_hci_wmt_sync);
873
+
err = btmtk_setup_firmware_79xx(hdev, fwname, mtk_hci_wmt_sync, 0);
887
874
if (err < 0) {
888
875
bt_dev_err(hdev, "Failed to setup 79xx firmware (%d)", err);
889
876
return err;
···
1103
1090
set_bit(BTMTKSDIO_HW_TX_READY, &bdev->tx_state);
1104
1091
1105
1092
switch (bdev->data->chipid) {
1093
+
case 0x7902:
1106
1094
case 0x7921:
1107
1095
if (test_bit(BTMTKSDIO_HW_RESET_ACTIVE, &bdev->tx_state)) {
1108
1096
err = btmtksdio_mtk_reg_read(hdev, MT7921_DLSTATUS,
···
1181
1167
delta = ktime_sub(rettime, calltime);
1182
1168
duration = (unsigned long long)ktime_to_ns(delta) >> 10;
1183
1169
1184
-
pm_runtime_set_autosuspend_delay(bdev->dev,
1185
-
MTKBTSDIO_AUTOSUSPEND_DELAY);
1186
-
pm_runtime_use_autosuspend(bdev->dev);
1170
+
if (bdev->data->pm_runtime_supported) {
1171
+
pm_runtime_set_autosuspend_delay(bdev->dev,
1172
+
MTKBTSDIO_AUTOSUSPEND_DELAY);
1173
+
pm_runtime_use_autosuspend(bdev->dev);
1187
1174
1188
-
err = pm_runtime_set_active(bdev->dev);
1189
-
if (err < 0)
1190
-
return err;
1175
+
err = pm_runtime_set_active(bdev->dev);
1176
+
if (err < 0)
1177
+
return err;
1191
1178
1192
-
/* Default forbid runtime auto suspend, that can be allowed by
1193
-
* enable_autosuspend flag or the PM runtime entry under sysfs.
1194
-
*/
1195
-
pm_runtime_forbid(bdev->dev);
1196
-
pm_runtime_enable(bdev->dev);
1179
+
/* Default forbid runtime auto suspend, that can be allowed by
1180
+
* enable_autosuspend flag or the PM runtime entry under sysfs.
1181
+
*/
1182
+
pm_runtime_forbid(bdev->dev);
1183
+
pm_runtime_enable(bdev->dev);
1197
1184
1198
-
if (enable_autosuspend)
1199
-
pm_runtime_allow(bdev->dev);
1185
+
if (enable_autosuspend)
1186
+
pm_runtime_allow(bdev->dev);
1187
+
}
1200
1188
1201
1189
bt_dev_info(hdev, "Device setup in %llu usecs", duration);
1202
1190
+19
-18
drivers/bluetooth/btqca.c
+19
-18
drivers/bluetooth/btqca.c
···
801
801
snprintf(config.fwname, sizeof(config.fwname), "qca/%s", rampatch_name);
802
802
} else {
803
803
switch (soc_type) {
804
+
case QCA_QCA2066:
805
+
snprintf(config.fwname, sizeof(config.fwname),
806
+
"qca/hpbtfw%02x.tlv", rom_ver);
807
+
break;
808
+
case QCA_QCA6390:
809
+
snprintf(config.fwname, sizeof(config.fwname),
810
+
"qca/htbtfw%02x.tlv", rom_ver);
811
+
break;
804
812
case QCA_WCN3950:
805
813
snprintf(config.fwname, sizeof(config.fwname),
806
814
"qca/cmbtfw%02x.tlv", rom_ver);
···
822
814
case QCA_WCN3988:
823
815
snprintf(config.fwname, sizeof(config.fwname),
824
816
"qca/apbtfw%02x.tlv", rom_ver);
825
-
break;
826
-
case QCA_QCA2066:
827
-
snprintf(config.fwname, sizeof(config.fwname),
828
-
"qca/hpbtfw%02x.tlv", rom_ver);
829
-
break;
830
-
case QCA_QCA6390:
831
-
snprintf(config.fwname, sizeof(config.fwname),
832
-
"qca/htbtfw%02x.tlv", rom_ver);
833
817
break;
834
818
case QCA_WCN6750:
835
819
/* Choose mbn file by default.If mbn file is not found
···
892
892
}
893
893
} else {
894
894
switch (soc_type) {
895
+
case QCA_QCA2066:
896
+
qca_get_nvm_name_by_board(config.fwname,
897
+
sizeof(config.fwname),
898
+
"hpnv", soc_type, ver,
899
+
rom_ver, boardid);
900
+
break;
901
+
case QCA_QCA6390:
902
+
snprintf(config.fwname, sizeof(config.fwname),
903
+
"qca/htnv%02x.bin", rom_ver);
904
+
break;
895
905
case QCA_WCN3950:
896
906
if (le32_to_cpu(ver.soc_id) == QCA_WCN3950_SOC_ID_T)
897
907
variant = "t";
···
923
913
case QCA_WCN3988:
924
914
snprintf(config.fwname, sizeof(config.fwname),
925
915
"qca/apnv%02x.bin", rom_ver);
926
-
break;
927
-
case QCA_QCA2066:
928
-
qca_get_nvm_name_by_board(config.fwname,
929
-
sizeof(config.fwname), "hpnv", soc_type, ver,
930
-
rom_ver, boardid);
931
-
break;
932
-
case QCA_QCA6390:
933
-
snprintf(config.fwname, sizeof(config.fwname),
934
-
"qca/htnv%02x.bin", rom_ver);
935
916
break;
936
917
case QCA_WCN6750:
937
918
snprintf(config.fwname, sizeof(config.fwname),
···
957
956
}
958
957
959
958
switch (soc_type) {
960
-
case QCA_WCN3991:
961
959
case QCA_QCA2066:
962
960
case QCA_QCA6390:
961
+
case QCA_WCN3991:
963
962
case QCA_WCN6750:
964
963
case QCA_WCN6855:
965
964
case QCA_WCN7850:
+39
-45
drivers/bluetooth/btusb.c
+39
-45
drivers/bluetooth/btusb.c
···
671
671
BTUSB_WIDEBAND_SPEECH },
672
672
{ USB_DEVICE(0x13d3, 0x3606), .driver_info = BTUSB_MEDIATEK |
673
673
BTUSB_WIDEBAND_SPEECH },
674
-
674
+
/* MediaTek MT7902 Bluetooth devices */
675
+
{ USB_DEVICE(0x0e8d, 0x1ede), .driver_info = BTUSB_MEDIATEK |
676
+
BTUSB_WIDEBAND_SPEECH },
677
+
{ USB_DEVICE(0x13d3, 0x3579), .driver_info = BTUSB_MEDIATEK |
678
+
BTUSB_WIDEBAND_SPEECH },
679
+
{ USB_DEVICE(0x13d3, 0x3580), .driver_info = BTUSB_MEDIATEK |
680
+
BTUSB_WIDEBAND_SPEECH },
681
+
{ USB_DEVICE(0x13d3, 0x3594), .driver_info = BTUSB_MEDIATEK |
682
+
BTUSB_WIDEBAND_SPEECH },
683
+
{ USB_DEVICE(0x13d3, 0x3596), .driver_info = BTUSB_MEDIATEK |
684
+
BTUSB_WIDEBAND_SPEECH },
675
685
/* MediaTek MT7922 Bluetooth devices */
676
686
{ USB_DEVICE(0x13d3, 0x3585), .driver_info = BTUSB_MEDIATEK |
677
687
BTUSB_WIDEBAND_SPEECH },
···
707
697
BTUSB_WIDEBAND_SPEECH },
708
698
{ USB_DEVICE(0x0489, 0xe102), .driver_info = BTUSB_MEDIATEK |
709
699
BTUSB_WIDEBAND_SPEECH },
700
+
{ USB_DEVICE(0x0489, 0xe11d), .driver_info = BTUSB_MEDIATEK |
701
+
BTUSB_WIDEBAND_SPEECH },
710
702
{ USB_DEVICE(0x0489, 0xe152), .driver_info = BTUSB_MEDIATEK |
711
703
BTUSB_WIDEBAND_SPEECH },
712
704
{ USB_DEVICE(0x0489, 0xe153), .driver_info = BTUSB_MEDIATEK |
713
705
BTUSB_WIDEBAND_SPEECH },
714
706
{ USB_DEVICE(0x0489, 0xe170), .driver_info = BTUSB_MEDIATEK |
715
707
BTUSB_WIDEBAND_SPEECH },
708
+
{ USB_DEVICE(0x0489, 0xe174), .driver_info = BTUSB_MEDIATEK |
709
+
BTUSB_WIDEBAND_SPEECH },
716
710
{ USB_DEVICE(0x04ca, 0x3804), .driver_info = BTUSB_MEDIATEK |
711
+
BTUSB_WIDEBAND_SPEECH },
712
+
{ USB_DEVICE(0x04ca, 0x3807), .driver_info = BTUSB_MEDIATEK |
717
713
BTUSB_WIDEBAND_SPEECH },
718
714
{ USB_DEVICE(0x04ca, 0x38e4), .driver_info = BTUSB_MEDIATEK |
719
715
BTUSB_WIDEBAND_SPEECH },
···
752
736
{ USB_DEVICE(0x0489, 0xe124), .driver_info = BTUSB_MEDIATEK |
753
737
BTUSB_WIDEBAND_SPEECH },
754
738
{ USB_DEVICE(0x0489, 0xe139), .driver_info = BTUSB_MEDIATEK |
739
+
BTUSB_WIDEBAND_SPEECH },
740
+
{ USB_DEVICE(0x0489, 0xe13a), .driver_info = BTUSB_MEDIATEK |
741
+
BTUSB_WIDEBAND_SPEECH },
742
+
{ USB_DEVICE(0x0489, 0xe0fa), .driver_info = BTUSB_MEDIATEK |
743
+
BTUSB_WIDEBAND_SPEECH },
744
+
{ USB_DEVICE(0x0489, 0xe10f), .driver_info = BTUSB_MEDIATEK |
745
+
BTUSB_WIDEBAND_SPEECH },
746
+
{ USB_DEVICE(0x0489, 0xe110), .driver_info = BTUSB_MEDIATEK |
747
+
BTUSB_WIDEBAND_SPEECH },
748
+
{ USB_DEVICE(0x0489, 0xe116), .driver_info = BTUSB_MEDIATEK |
749
+
BTUSB_WIDEBAND_SPEECH },
750
+
{ USB_DEVICE(0x13d3, 0x3588), .driver_info = BTUSB_MEDIATEK |
755
751
BTUSB_WIDEBAND_SPEECH },
756
752
{ USB_DEVICE(0x0489, 0xe14e), .driver_info = BTUSB_MEDIATEK |
757
753
BTUSB_WIDEBAND_SPEECH },
···
817
789
{ USB_DEVICE(0x2357, 0x0604), .driver_info = BTUSB_REALTEK |
818
790
BTUSB_WIDEBAND_SPEECH },
819
791
{ USB_DEVICE(0x0b05, 0x190e), .driver_info = BTUSB_REALTEK |
820
-
BTUSB_WIDEBAND_SPEECH },
792
+
BTUSB_WIDEBAND_SPEECH },
821
793
{ USB_DEVICE(0x2550, 0x8761), .driver_info = BTUSB_REALTEK |
822
794
BTUSB_WIDEBAND_SPEECH },
823
795
{ USB_DEVICE(0x0bda, 0x8771), .driver_info = BTUSB_REALTEK |
···
2499
2471
HCI_INIT_TIMEOUT);
2500
2472
if (IS_ERR(skb)) {
2501
2473
int err = PTR_ERR(skb);
2474
+
2502
2475
bt_dev_err(hdev, "CSR: Local version failed (%d)", err);
2503
2476
return err;
2504
2477
}
···
3703
3674
{
3704
3675
struct btusb_data *data = hci_get_drvdata(hdev);
3705
3676
struct usb_interface *intf = data->diag;
3706
-
int i;
3677
+
int ret;
3707
3678
3708
3679
if (!data->diag)
3709
3680
return -ENODEV;
3710
3681
3711
-
data->diag_tx_ep = NULL;
3712
-
data->diag_rx_ep = NULL;
3713
-
3714
-
for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
3715
-
struct usb_endpoint_descriptor *ep_desc;
3716
-
3717
-
ep_desc = &intf->cur_altsetting->endpoint[i].desc;
3718
-
3719
-
if (!data->diag_tx_ep && usb_endpoint_is_bulk_out(ep_desc)) {
3720
-
data->diag_tx_ep = ep_desc;
3721
-
continue;
3722
-
}
3723
-
3724
-
if (!data->diag_rx_ep && usb_endpoint_is_bulk_in(ep_desc)) {
3725
-
data->diag_rx_ep = ep_desc;
3726
-
continue;
3727
-
}
3728
-
}
3729
-
3730
-
if (!data->diag_tx_ep || !data->diag_rx_ep) {
3682
+
ret = usb_find_common_endpoints(intf->cur_altsetting, &data->diag_rx_ep,
3683
+
&data->diag_tx_ep, NULL, NULL);
3684
+
if (ret) {
3731
3685
bt_dev_err(hdev, "invalid diagnostic descriptors");
3732
3686
return -ENODEV;
3733
3687
}
···
4036
4024
static int btusb_probe(struct usb_interface *intf,
4037
4025
const struct usb_device_id *id)
4038
4026
{
4039
-
struct usb_endpoint_descriptor *ep_desc;
4040
4027
struct gpio_desc *reset_gpio;
4041
4028
struct btusb_data *data;
4042
4029
struct hci_dev *hdev;
4043
4030
unsigned ifnum_base;
4044
-
int i, err, priv_size;
4031
+
int err, priv_size;
4045
4032
4046
4033
BT_DBG("intf %p id %p", intf, id);
4047
4034
···
4077
4066
if (!data)
4078
4067
return -ENOMEM;
4079
4068
4080
-
for (i = 0; i < intf->cur_altsetting->desc.bNumEndpoints; i++) {
4081
-
ep_desc = &intf->cur_altsetting->endpoint[i].desc;
4082
-
4083
-
if (!data->intr_ep && usb_endpoint_is_int_in(ep_desc)) {
4084
-
data->intr_ep = ep_desc;
4085
-
continue;
4086
-
}
4087
-
4088
-
if (!data->bulk_tx_ep && usb_endpoint_is_bulk_out(ep_desc)) {
4089
-
data->bulk_tx_ep = ep_desc;
4090
-
continue;
4091
-
}
4092
-
4093
-
if (!data->bulk_rx_ep && usb_endpoint_is_bulk_in(ep_desc)) {
4094
-
data->bulk_rx_ep = ep_desc;
4095
-
continue;
4096
-
}
4097
-
}
4098
-
4099
-
if (!data->intr_ep || !data->bulk_tx_ep || !data->bulk_rx_ep) {
4069
+
err = usb_find_common_endpoints(intf->cur_altsetting, &data->bulk_rx_ep,
4070
+
&data->bulk_tx_ep, &data->intr_ep, NULL);
4071
+
if (err) {
4100
4072
kfree(data);
4101
4073
return -ENODEV;
4102
4074
}
+3
drivers/bluetooth/hci_ldisc.c
+3
drivers/bluetooth/hci_ldisc.c
···
692
692
693
693
if (hci_register_dev(hdev) < 0) {
694
694
BT_ERR("Can't register HCI device");
695
+
percpu_down_write(&hu->proto_lock);
696
+
clear_bit(HCI_UART_PROTO_INIT, &hu->flags);
697
+
percpu_up_write(&hu->proto_lock);
695
698
hu->proto->close(hu);
696
699
hu->hdev = NULL;
697
700
hci_free_dev(hdev);
+10
drivers/bluetooth/hci_ll.c
+10
drivers/bluetooth/hci_ll.c
···
68
68
struct gpio_desc *enable_gpio;
69
69
struct clk *ext_clk;
70
70
bdaddr_t bdaddr;
71
+
bool broken_enhanced_setup;
71
72
};
72
73
73
74
struct ll_struct {
···
659
658
hci_set_quirk(hu->hdev, HCI_QUIRK_INVALID_BDADDR);
660
659
}
661
660
661
+
if (lldev->broken_enhanced_setup)
662
+
hci_set_quirk(hu->hdev,
663
+
HCI_QUIRK_BROKEN_ENHANCED_SETUP_SYNC_CONN);
664
+
662
665
/* Operational speed if any */
663
666
if (hu->oper_speed)
664
667
speed = hu->oper_speed;
···
716
711
717
712
of_property_read_u32(serdev->dev.of_node, "max-speed", &max_speed);
718
713
hci_uart_set_speeds(hu, 115200, max_speed);
714
+
715
+
if (of_device_is_compatible(serdev->dev.of_node, "ti,wl1831-st") ||
716
+
of_device_is_compatible(serdev->dev.of_node, "ti,wl1835-st") ||
717
+
of_device_is_compatible(serdev->dev.of_node, "ti,wl1837-st"))
718
+
lldev->broken_enhanced_setup = true;
719
719
720
720
/* optional BD address from nvram */
721
721
bdaddr_cell = nvmem_cell_get(&serdev->dev, "bd-address");
+49
-35
drivers/bluetooth/hci_qca.c
+49
-35
drivers/bluetooth/hci_qca.c
···
236
236
237
237
static int qca_regulator_enable(struct qca_serdev *qcadev);
238
238
static void qca_regulator_disable(struct qca_serdev *qcadev);
239
-
static void qca_power_shutdown(struct hci_uart *hu);
240
-
static int qca_power_off(struct hci_dev *hdev);
239
+
static void qca_power_off(struct hci_uart *hu);
241
240
static void qca_controller_memdump(struct work_struct *work);
242
241
static void qca_dmp_hdr(struct hci_dev *hdev, struct sk_buff *skb);
243
242
···
722
723
723
724
BT_DBG("hu %p qca close", hu);
724
725
726
+
/* BT core skips qca_hci_shutdown() which calls qca_power_off() on rmmod */
727
+
if (!test_bit(QCA_BT_OFF, &qca->flags))
728
+
qca_power_off(hu);
729
+
725
730
serial_clock_vote(HCI_IBS_VOTE_STATS_UPDATE, hu);
726
731
727
732
skb_queue_purge(&qca->tx_wait_q);
···
1108
1105
qca->qca_memdump = NULL;
1109
1106
qca->memdump_state = QCA_MEMDUMP_COLLECTED;
1110
1107
cancel_delayed_work(&qca->ctrl_memdump_timeout);
1111
-
clear_bit(QCA_MEMDUMP_COLLECTION, &qca->flags);
1108
+
clear_and_wake_up_bit(QCA_MEMDUMP_COLLECTION, &qca->flags);
1112
1109
clear_bit(QCA_IBS_DISABLED, &qca->flags);
1113
1110
mutex_unlock(&qca->hci_memdump_lock);
1114
1111
return;
···
1186
1183
kfree(qca->qca_memdump);
1187
1184
qca->qca_memdump = NULL;
1188
1185
qca->memdump_state = QCA_MEMDUMP_COLLECTED;
1189
-
clear_bit(QCA_MEMDUMP_COLLECTION, &qca->flags);
1186
+
clear_and_wake_up_bit(QCA_MEMDUMP_COLLECTION, &qca->flags);
1190
1187
}
1191
1188
1192
1189
mutex_unlock(&qca->hci_memdump_lock);
···
1853
1850
return 0;
1854
1851
1855
1852
switch (soc_type) {
1853
+
case QCA_QCA6390:
1856
1854
case QCA_WCN3950:
1857
1855
case QCA_WCN3988:
1858
1856
case QCA_WCN3990:
···
1862
1858
case QCA_WCN6750:
1863
1859
case QCA_WCN6855:
1864
1860
case QCA_WCN7850:
1865
-
case QCA_QCA6390:
1866
1861
ret = qca_regulator_init(hu);
1867
1862
break;
1868
1863
···
2050
2047
2051
2048
out:
2052
2049
if (ret) {
2053
-
qca_power_shutdown(hu);
2050
+
qca_power_off(hu);
2054
2051
2055
2052
if (retries < MAX_INIT_RETRIES) {
2056
2053
bt_dev_warn(hdev, "Retry BT power ON:%d", retries);
···
2097
2094
.recv = qca_recv,
2098
2095
.enqueue = qca_enqueue,
2099
2096
.dequeue = qca_dequeue,
2097
+
};
2098
+
2099
+
static const struct qca_device_data qca_soc_data_qca2066 __maybe_unused = {
2100
+
.soc_type = QCA_QCA2066,
2101
+
.num_vregs = 0,
2102
+
.capabilities = QCA_CAP_WIDEBAND_SPEECH | QCA_CAP_VALID_LE_STATES |
2103
+
QCA_CAP_HFP_HW_OFFLOAD,
2104
+
};
2105
+
2106
+
static const struct qca_device_data qca_soc_data_qca6390 __maybe_unused = {
2107
+
.soc_type = QCA_QCA6390,
2108
+
.num_vregs = 0,
2100
2109
};
2101
2110
2102
2111
static const struct qca_device_data qca_soc_data_wcn3950 __maybe_unused = {
···
2167
2152
.num_vregs = 4,
2168
2153
};
2169
2154
2170
-
static const struct qca_device_data qca_soc_data_qca2066 __maybe_unused = {
2171
-
.soc_type = QCA_QCA2066,
2172
-
.num_vregs = 0,
2173
-
.capabilities = QCA_CAP_WIDEBAND_SPEECH | QCA_CAP_VALID_LE_STATES |
2174
-
QCA_CAP_HFP_HW_OFFLOAD,
2175
-
};
2176
-
2177
-
static const struct qca_device_data qca_soc_data_qca6390 __maybe_unused = {
2178
-
.soc_type = QCA_QCA6390,
2179
-
.num_vregs = 0,
2180
-
};
2181
-
2182
2155
static const struct qca_device_data qca_soc_data_wcn6750 __maybe_unused = {
2183
2156
.soc_type = QCA_WCN6750,
2184
2157
.vregs = (struct qca_vreg []) {
···
2214
2211
QCA_CAP_HFP_HW_OFFLOAD,
2215
2212
};
2216
2213
2217
-
static void qca_power_shutdown(struct hci_uart *hu)
2214
+
static void qca_power_off(struct hci_uart *hu)
2218
2215
{
2219
2216
struct qca_serdev *qcadev;
2220
2217
struct qca_data *qca = hu->priv;
···
2241
2238
qcadev = serdev_device_get_drvdata(hu->serdev);
2242
2239
power = qcadev->bt_power;
2243
2240
2241
+
switch (soc_type) {
2242
+
case QCA_WCN3988:
2243
+
case QCA_WCN3990:
2244
+
case QCA_WCN3991:
2245
+
case QCA_WCN3998:
2246
+
host_set_baudrate(hu, 2400);
2247
+
qca_send_power_pulse(hu, false);
2248
+
break;
2249
+
default:
2250
+
break;
2251
+
}
2252
+
2244
2253
if (power && power->pwrseq) {
2245
2254
pwrseq_power_off(power->pwrseq);
2246
2255
set_bit(QCA_BT_OFF, &qca->flags);
···
2264
2249
case QCA_WCN3990:
2265
2250
case QCA_WCN3991:
2266
2251
case QCA_WCN3998:
2267
-
host_set_baudrate(hu, 2400);
2268
-
qca_send_power_pulse(hu, false);
2269
2252
qca_regulator_disable(qcadev);
2270
2253
break;
2271
2254
···
2274
2261
qca_regulator_disable(qcadev);
2275
2262
if (qcadev->sw_ctrl) {
2276
2263
sw_ctrl_state = gpiod_get_value_cansleep(qcadev->sw_ctrl);
2277
-
bt_dev_dbg(hu->hdev, "SW_CTRL is %d", sw_ctrl_state);
2264
+
BT_DBG("SW_CTRL is %d", sw_ctrl_state);
2278
2265
}
2279
2266
break;
2280
2267
···
2285
2272
set_bit(QCA_BT_OFF, &qca->flags);
2286
2273
}
2287
2274
2288
-
static int qca_power_off(struct hci_dev *hdev)
2275
+
static int qca_hci_shutdown(struct hci_dev *hdev)
2289
2276
{
2290
2277
struct hci_uart *hu = hci_get_drvdata(hdev);
2291
2278
struct qca_data *qca = hu->priv;
···
2304
2291
usleep_range(8000, 10000);
2305
2292
}
2306
2293
2307
-
qca_power_shutdown(hu);
2294
+
qca_power_off(hu);
2308
2295
return 0;
2309
2296
}
2310
2297
···
2415
2402
qcadev->btsoc_type = QCA_ROME;
2416
2403
2417
2404
switch (qcadev->btsoc_type) {
2405
+
case QCA_QCA6390:
2418
2406
case QCA_WCN3950:
2419
2407
case QCA_WCN3988:
2420
2408
case QCA_WCN3990:
···
2424
2410
case QCA_WCN6750:
2425
2411
case QCA_WCN6855:
2426
2412
case QCA_WCN7850:
2427
-
case QCA_QCA6390:
2428
2413
qcadev->bt_power = devm_kzalloc(&serdev->dev,
2429
2414
sizeof(struct qca_power),
2430
2415
GFP_KERNEL);
···
2435
2422
}
2436
2423
2437
2424
switch (qcadev->btsoc_type) {
2425
+
case QCA_WCN3950:
2426
+
case QCA_WCN3988:
2427
+
case QCA_WCN3990:
2428
+
case QCA_WCN3991:
2429
+
case QCA_WCN3998:
2430
+
case QCA_WCN6750:
2438
2431
case QCA_WCN6855:
2439
2432
case QCA_WCN7850:
2440
-
case QCA_WCN6750:
2441
2433
if (!device_property_present(&serdev->dev, "enable-gpios")) {
2442
2434
/*
2443
2435
* Backward compatibility with old DT sources. If the
···
2464
2446
else
2465
2447
break;
2466
2448
}
2467
-
fallthrough;
2468
-
case QCA_WCN3950:
2469
-
case QCA_WCN3988:
2470
-
case QCA_WCN3990:
2471
-
case QCA_WCN3991:
2472
-
case QCA_WCN3998:
2449
+
2473
2450
qcadev->bt_power->dev = &serdev->dev;
2474
2451
err = qca_init_regulators(qcadev->bt_power, data->vregs,
2475
2452
data->num_vregs);
···
2484
2471
2485
2472
if (!qcadev->bt_en &&
2486
2473
(data->soc_type == QCA_WCN6750 ||
2487
-
data->soc_type == QCA_WCN6855))
2474
+
data->soc_type == QCA_WCN6855 ||
2475
+
data->soc_type == QCA_WCN7850))
2488
2476
power_ctrl_enabled = false;
2489
2477
2490
2478
qcadev->sw_ctrl = devm_gpiod_get_optional(&serdev->dev, "swctrl",
···
2544
2530
2545
2531
if (power_ctrl_enabled) {
2546
2532
hci_set_quirk(hdev, HCI_QUIRK_NON_PERSISTENT_SETUP);
2547
-
hdev->shutdown = qca_power_off;
2533
+
hdev->shutdown = qca_hci_shutdown;
2548
2534
}
2549
2535
2550
2536
if (data) {
···
2579
2565
case QCA_WCN6855:
2580
2566
case QCA_WCN7850:
2581
2567
if (power->vregs_on)
2582
-
qca_power_shutdown(&qcadev->serdev_hu);
2568
+
qca_power_off(&qcadev->serdev_hu);
2583
2569
break;
2584
2570
default:
2585
2571
break;
+1
include/linux/mmc/sdio_ids.h
+1
include/linux/mmc/sdio_ids.h
···
111
111
#define SDIO_VENDOR_ID_MEDIATEK 0x037a
112
112
#define SDIO_DEVICE_ID_MEDIATEK_MT7663 0x7663
113
113
#define SDIO_DEVICE_ID_MEDIATEK_MT7668 0x7668
114
+
#define SDIO_DEVICE_ID_MEDIATEK_MT7902 0x790a
114
115
#define SDIO_DEVICE_ID_MEDIATEK_MT7961 0x7961
115
116
116
117
#define SDIO_VENDOR_ID_MICROCHIP_WILC 0x0296
+12
-4
include/net/bluetooth/hci.h
+12
-4
include/net/bluetooth/hci.h
···
1468
1468
} __packed;
1469
1469
1470
1470
#define HCI_OP_READ_LOCAL_CODECS 0x100b
1471
-
struct hci_std_codecs {
1471
+
struct hci_std_codecs_hdr {
1472
1472
__u8 num;
1473
+
} __packed;
1474
+
1475
+
struct hci_std_codecs {
1476
+
struct hci_std_codecs_hdr;
1473
1477
__u8 codec[];
1474
1478
} __packed;
1475
1479
···
1491
1487
1492
1488
struct hci_rp_read_local_supported_codecs {
1493
1489
__u8 status;
1494
-
struct hci_std_codecs std_codecs;
1490
+
struct hci_std_codecs_hdr std_codecs;
1495
1491
struct hci_vnd_codecs vnd_codecs;
1496
1492
} __packed;
1497
1493
···
1508
1504
__u8 transport;
1509
1505
} __packed;
1510
1506
1511
-
struct hci_std_codecs_v2 {
1507
+
struct hci_std_codecs_v2_hdr {
1512
1508
__u8 num;
1509
+
} __packed;
1510
+
1511
+
struct hci_std_codecs_v2 {
1512
+
struct hci_std_codecs_v2_hdr;
1513
1513
struct hci_std_codec_v2 codec[];
1514
1514
} __packed;
1515
1515
···
1530
1522
1531
1523
struct hci_rp_read_local_supported_codecs_v2 {
1532
1524
__u8 status;
1533
-
struct hci_std_codecs_v2 std_codecs;
1525
+
struct hci_std_codecs_v2_hdr std_codecs;
1534
1526
struct hci_vnd_codecs_v2 vendor_codecs;
1535
1527
} __packed;
1536
1528
+3
-1
net/bluetooth/hci_conn.c
+3
-1
net/bluetooth/hci_conn.c
···
3083
3083
int hci_abort_conn(struct hci_conn *conn, u8 reason)
3084
3084
{
3085
3085
struct hci_dev *hdev = conn->hdev;
3086
+
int err;
3086
3087
3087
3088
/* If abort_reason has already been set it means the connection is
3088
3089
* already being aborted so don't attempt to overwrite it.
···
3120
3119
* as a result to MGMT_OP_DISCONNECT/MGMT_OP_UNPAIR which does
3121
3120
* already queue its callback on cmd_sync_work.
3122
3121
*/
3123
-
return hci_cmd_sync_run_once(hdev, abort_conn_sync, conn, NULL);
3122
+
err = hci_cmd_sync_run_once(hdev, abort_conn_sync, conn, NULL);
3123
+
return (err == -EEXIST) ? 0 : err;
3124
3124
}
3125
3125
3126
3126
void hci_setup_tx_timestamp(struct sk_buff *skb, size_t key_offset,
+2
-2
net/bluetooth/hci_core.c
+2
-2
net/bluetooth/hci_core.c
···
3917
3917
3918
3918
err = iso_recv(hdev, handle, skb, flags);
3919
3919
if (err == -ENOENT)
3920
-
bt_dev_err(hdev, "ISO packet for unknown connection handle %d",
3921
-
handle);
3920
+
bt_dev_err_ratelimited(hdev, "ISO packet for unknown connection handle %d",
3921
+
handle);
3922
3922
else if (err)
3923
3923
bt_dev_dbg(hdev, "ISO packet recv for handle %d failed: %d",
3924
3924
handle, err);
+14
-7
net/bluetooth/hci_event.c
+14
-7
net/bluetooth/hci_event.c
···
3340
3340
3341
3341
memcpy(conn->dev_class, ev->dev_class, 3);
3342
3342
3343
-
hci_dev_unlock(hdev);
3344
-
3345
3343
if (ev->link_type == ACL_LINK ||
3346
3344
(!(flags & HCI_PROTO_DEFER) && !lmp_esco_capable(hdev))) {
3347
3345
struct hci_cp_accept_conn_req cp;
···
3373
3375
hci_connect_cfm(conn, 0);
3374
3376
}
3375
3377
3376
-
return;
3377
3378
unlock:
3378
3379
hci_dev_unlock(hdev);
3379
3380
}
···
5495
5498
5496
5499
bt_dev_dbg(hdev, "");
5497
5500
5501
+
hci_dev_lock(hdev);
5502
+
5498
5503
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
5499
5504
if (!conn)
5500
-
return;
5505
+
goto unlock;
5501
5506
5502
5507
conn->passkey_notify = __le32_to_cpu(ev->passkey);
5503
5508
conn->passkey_entered = 0;
···
5508
5509
mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
5509
5510
conn->dst_type, conn->passkey_notify,
5510
5511
conn->passkey_entered);
5512
+
5513
+
unlock:
5514
+
hci_dev_unlock(hdev);
5511
5515
}
5512
5516
5513
5517
static void hci_keypress_notify_evt(struct hci_dev *hdev, void *data,
···
5521
5519
5522
5520
bt_dev_dbg(hdev, "");
5523
5521
5522
+
hci_dev_lock(hdev);
5523
+
5524
5524
conn = hci_conn_hash_lookup_ba(hdev, ACL_LINK, &ev->bdaddr);
5525
5525
if (!conn)
5526
-
return;
5526
+
goto unlock;
5527
5527
5528
5528
switch (ev->type) {
5529
5529
case HCI_KEYPRESS_STARTED:
5530
5530
conn->passkey_entered = 0;
5531
-
return;
5531
+
goto unlock;
5532
5532
5533
5533
case HCI_KEYPRESS_ENTERED:
5534
5534
conn->passkey_entered++;
···
5545
5541
break;
5546
5542
5547
5543
case HCI_KEYPRESS_COMPLETED:
5548
-
return;
5544
+
goto unlock;
5549
5545
}
5550
5546
5551
5547
if (hci_dev_test_flag(hdev, HCI_MGMT))
5552
5548
mgmt_user_passkey_notify(hdev, &conn->dst, conn->type,
5553
5549
conn->dst_type, conn->passkey_notify,
5554
5550
conn->passkey_entered);
5551
+
5552
+
unlock:
5553
+
hci_dev_unlock(hdev);
5555
5554
}
5556
5555
5557
5556
static void hci_simple_pair_complete_evt(struct hci_dev *hdev, void *data,
+1
-1
net/bluetooth/hci_sync.c
+1
-1
net/bluetooth/hci_sync.c
+14
-1
net/bluetooth/l2cap_core.c
+14
-1
net/bluetooth/l2cap_core.c
···
5473
5473
if (chan->ident != cmd->ident)
5474
5474
continue;
5475
5475
5476
+
l2cap_chan_hold(chan);
5477
+
l2cap_chan_lock(chan);
5478
+
5476
5479
l2cap_chan_del(chan, ECONNRESET);
5480
+
5481
+
l2cap_chan_unlock(chan);
5482
+
l2cap_chan_put(chan);
5477
5483
}
5478
5484
5479
5485
return 0;
···
6711
6705
return -ENOBUFS;
6712
6706
}
6713
6707
6708
+
if (skb->len > chan->mps) {
6709
+
BT_ERR("Too big LE L2CAP MPS: len %u > %u", skb->len,
6710
+
chan->mps);
6711
+
l2cap_send_disconn_req(chan, ECONNRESET);
6712
+
return -ENOBUFS;
6713
+
}
6714
+
6714
6715
chan->rx_credits--;
6715
6716
BT_DBG("chan %p: rx_credits %u -> %u",
6716
6717
chan, chan->rx_credits + 1, chan->rx_credits);
···
6746
6733
6747
6734
if (sdu_len > chan->imtu) {
6748
6735
BT_ERR("Too big LE L2CAP SDU length: len %u > %u",
6749
-
skb->len, sdu_len);
6736
+
sdu_len, chan->imtu);
6750
6737
l2cap_send_disconn_req(chan, ECONNRESET);
6751
6738
err = -EMSGSIZE;
6752
6739
goto failed;