treewide: Replace GPLv2 boilerplate/reference with SPDX - rule 157
[sfrench/cifs-2.6.git] / drivers / bluetooth / btrtl.c
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  *  Bluetooth support for Realtek devices
4  *
5  *  Copyright (C) 2015 Endless Mobile, Inc.
6  */
7
8 #include <linux/module.h>
9 #include <linux/firmware.h>
10 #include <asm/unaligned.h>
11 #include <linux/usb.h>
12
13 #include <net/bluetooth/bluetooth.h>
14 #include <net/bluetooth/hci_core.h>
15
16 #include "btrtl.h"
17
18 #define VERSION "0.1"
19
20 #define RTL_EPATCH_SIGNATURE    "Realtech"
21 #define RTL_ROM_LMP_3499        0x3499
22 #define RTL_ROM_LMP_8723A       0x1200
23 #define RTL_ROM_LMP_8723B       0x8723
24 #define RTL_ROM_LMP_8821A       0x8821
25 #define RTL_ROM_LMP_8761A       0x8761
26 #define RTL_ROM_LMP_8822B       0x8822
27 #define RTL_CONFIG_MAGIC        0x8723ab55
28
29 #define IC_MATCH_FL_LMPSUBV     (1 << 0)
30 #define IC_MATCH_FL_HCIREV      (1 << 1)
31 #define IC_MATCH_FL_HCIVER      (1 << 2)
32 #define IC_MATCH_FL_HCIBUS      (1 << 3)
33 #define IC_INFO(lmps, hcir) \
34         .match_flags = IC_MATCH_FL_LMPSUBV | IC_MATCH_FL_HCIREV, \
35         .lmp_subver = (lmps), \
36         .hci_rev = (hcir)
37
38 struct id_table {
39         __u16 match_flags;
40         __u16 lmp_subver;
41         __u16 hci_rev;
42         __u8 hci_ver;
43         __u8 hci_bus;
44         bool config_needed;
45         bool has_rom_version;
46         char *fw_name;
47         char *cfg_name;
48 };
49
50 struct btrtl_device_info {
51         const struct id_table *ic_info;
52         u8 rom_version;
53         u8 *fw_data;
54         int fw_len;
55         u8 *cfg_data;
56         int cfg_len;
57 };
58
59 static const struct id_table ic_id_table[] = {
60         { IC_MATCH_FL_LMPSUBV, RTL_ROM_LMP_8723A, 0x0,
61           .config_needed = false,
62           .has_rom_version = false,
63           .fw_name = "rtl_bt/rtl8723a_fw.bin",
64           .cfg_name = NULL },
65
66         { IC_MATCH_FL_LMPSUBV, RTL_ROM_LMP_3499, 0x0,
67           .config_needed = false,
68           .has_rom_version = false,
69           .fw_name = "rtl_bt/rtl8723a_fw.bin",
70           .cfg_name = NULL },
71
72         /* 8723BS */
73         { .match_flags = IC_MATCH_FL_LMPSUBV | IC_MATCH_FL_HCIREV |
74                          IC_MATCH_FL_HCIVER | IC_MATCH_FL_HCIBUS,
75           .lmp_subver = RTL_ROM_LMP_8723B,
76           .hci_rev = 0xb,
77           .hci_ver = 6,
78           .hci_bus = HCI_UART,
79           .config_needed = true,
80           .has_rom_version = true,
81           .fw_name  = "rtl_bt/rtl8723bs_fw.bin",
82           .cfg_name = "rtl_bt/rtl8723bs_config" },
83
84         /* 8723B */
85         { IC_INFO(RTL_ROM_LMP_8723B, 0xb),
86           .config_needed = false,
87           .has_rom_version = true,
88           .fw_name  = "rtl_bt/rtl8723b_fw.bin",
89           .cfg_name = "rtl_bt/rtl8723b_config" },
90
91         /* 8723D */
92         { IC_INFO(RTL_ROM_LMP_8723B, 0xd),
93           .config_needed = true,
94           .has_rom_version = true,
95           .fw_name  = "rtl_bt/rtl8723d_fw.bin",
96           .cfg_name = "rtl_bt/rtl8723d_config" },
97
98         /* 8723DS */
99         { .match_flags = IC_MATCH_FL_LMPSUBV | IC_MATCH_FL_HCIREV |
100                          IC_MATCH_FL_HCIVER | IC_MATCH_FL_HCIBUS,
101           .lmp_subver = RTL_ROM_LMP_8723B,
102           .hci_rev = 0xd,
103           .hci_ver = 8,
104           .hci_bus = HCI_UART,
105           .config_needed = true,
106           .has_rom_version = true,
107           .fw_name  = "rtl_bt/rtl8723ds_fw.bin",
108           .cfg_name = "rtl_bt/rtl8723ds_config" },
109
110         /* 8821A */
111         { IC_INFO(RTL_ROM_LMP_8821A, 0xa),
112           .config_needed = false,
113           .has_rom_version = true,
114           .fw_name  = "rtl_bt/rtl8821a_fw.bin",
115           .cfg_name = "rtl_bt/rtl8821a_config" },
116
117         /* 8821C */
118         { IC_INFO(RTL_ROM_LMP_8821A, 0xc),
119           .config_needed = false,
120           .has_rom_version = true,
121           .fw_name  = "rtl_bt/rtl8821c_fw.bin",
122           .cfg_name = "rtl_bt/rtl8821c_config" },
123
124         /* 8761A */
125         { IC_MATCH_FL_LMPSUBV, RTL_ROM_LMP_8761A, 0x0,
126           .config_needed = false,
127           .has_rom_version = true,
128           .fw_name  = "rtl_bt/rtl8761a_fw.bin",
129           .cfg_name = "rtl_bt/rtl8761a_config" },
130
131         /* 8822C with USB interface */
132         { IC_INFO(RTL_ROM_LMP_8822B, 0xc),
133           .config_needed = false,
134           .has_rom_version = true,
135           .fw_name  = "rtl_bt/rtl8822cu_fw.bin",
136           .cfg_name = "rtl_bt/rtl8822cu_config" },
137
138         /* 8822B */
139         { IC_INFO(RTL_ROM_LMP_8822B, 0xb),
140           .config_needed = true,
141           .has_rom_version = true,
142           .fw_name  = "rtl_bt/rtl8822b_fw.bin",
143           .cfg_name = "rtl_bt/rtl8822b_config" },
144         };
145
146 static const struct id_table *btrtl_match_ic(u16 lmp_subver, u16 hci_rev,
147                                              u8 hci_ver, u8 hci_bus)
148 {
149         int i;
150
151         for (i = 0; i < ARRAY_SIZE(ic_id_table); i++) {
152                 if ((ic_id_table[i].match_flags & IC_MATCH_FL_LMPSUBV) &&
153                     (ic_id_table[i].lmp_subver != lmp_subver))
154                         continue;
155                 if ((ic_id_table[i].match_flags & IC_MATCH_FL_HCIREV) &&
156                     (ic_id_table[i].hci_rev != hci_rev))
157                         continue;
158                 if ((ic_id_table[i].match_flags & IC_MATCH_FL_HCIVER) &&
159                     (ic_id_table[i].hci_ver != hci_ver))
160                         continue;
161                 if ((ic_id_table[i].match_flags & IC_MATCH_FL_HCIBUS) &&
162                     (ic_id_table[i].hci_bus != hci_bus))
163                         continue;
164
165                 break;
166         }
167         if (i >= ARRAY_SIZE(ic_id_table))
168                 return NULL;
169
170         return &ic_id_table[i];
171 }
172
173 static int rtl_read_rom_version(struct hci_dev *hdev, u8 *version)
174 {
175         struct rtl_rom_version_evt *rom_version;
176         struct sk_buff *skb;
177
178         /* Read RTL ROM version command */
179         skb = __hci_cmd_sync(hdev, 0xfc6d, 0, NULL, HCI_INIT_TIMEOUT);
180         if (IS_ERR(skb)) {
181                 rtl_dev_err(hdev, "Read ROM version failed (%ld)\n",
182                             PTR_ERR(skb));
183                 return PTR_ERR(skb);
184         }
185
186         if (skb->len != sizeof(*rom_version)) {
187                 rtl_dev_err(hdev, "RTL version event length mismatch\n");
188                 kfree_skb(skb);
189                 return -EIO;
190         }
191
192         rom_version = (struct rtl_rom_version_evt *)skb->data;
193         rtl_dev_info(hdev, "rom_version status=%x version=%x\n",
194                      rom_version->status, rom_version->version);
195
196         *version = rom_version->version;
197
198         kfree_skb(skb);
199         return 0;
200 }
201
202 static int rtlbt_parse_firmware(struct hci_dev *hdev,
203                                 struct btrtl_device_info *btrtl_dev,
204                                 unsigned char **_buf)
205 {
206         static const u8 extension_sig[] = { 0x51, 0x04, 0xfd, 0x77 };
207         struct rtl_epatch_header *epatch_info;
208         unsigned char *buf;
209         int i, len;
210         size_t min_size;
211         u8 opcode, length, data;
212         int project_id = -1;
213         const unsigned char *fwptr, *chip_id_base;
214         const unsigned char *patch_length_base, *patch_offset_base;
215         u32 patch_offset = 0;
216         u16 patch_length, num_patches;
217         static const struct {
218                 __u16 lmp_subver;
219                 __u8 id;
220         } project_id_to_lmp_subver[] = {
221                 { RTL_ROM_LMP_8723A, 0 },
222                 { RTL_ROM_LMP_8723B, 1 },
223                 { RTL_ROM_LMP_8821A, 2 },
224                 { RTL_ROM_LMP_8761A, 3 },
225                 { RTL_ROM_LMP_8822B, 8 },
226                 { RTL_ROM_LMP_8723B, 9 },       /* 8723D */
227                 { RTL_ROM_LMP_8821A, 10 },      /* 8821C */
228                 { RTL_ROM_LMP_8822B, 13 },      /* 8822C */
229         };
230
231         min_size = sizeof(struct rtl_epatch_header) + sizeof(extension_sig) + 3;
232         if (btrtl_dev->fw_len < min_size)
233                 return -EINVAL;
234
235         fwptr = btrtl_dev->fw_data + btrtl_dev->fw_len - sizeof(extension_sig);
236         if (memcmp(fwptr, extension_sig, sizeof(extension_sig)) != 0) {
237                 rtl_dev_err(hdev, "extension section signature mismatch\n");
238                 return -EINVAL;
239         }
240
241         /* Loop from the end of the firmware parsing instructions, until
242          * we find an instruction that identifies the "project ID" for the
243          * hardware supported by this firwmare file.
244          * Once we have that, we double-check that that project_id is suitable
245          * for the hardware we are working with.
246          */
247         while (fwptr >= btrtl_dev->fw_data + (sizeof(*epatch_info) + 3)) {
248                 opcode = *--fwptr;
249                 length = *--fwptr;
250                 data = *--fwptr;
251
252                 BT_DBG("check op=%x len=%x data=%x", opcode, length, data);
253
254                 if (opcode == 0xff) /* EOF */
255                         break;
256
257                 if (length == 0) {
258                         rtl_dev_err(hdev, "found instruction with length 0\n");
259                         return -EINVAL;
260                 }
261
262                 if (opcode == 0 && length == 1) {
263                         project_id = data;
264                         break;
265                 }
266
267                 fwptr -= length;
268         }
269
270         if (project_id < 0) {
271                 rtl_dev_err(hdev, "failed to find version instruction\n");
272                 return -EINVAL;
273         }
274
275         /* Find project_id in table */
276         for (i = 0; i < ARRAY_SIZE(project_id_to_lmp_subver); i++) {
277                 if (project_id == project_id_to_lmp_subver[i].id)
278                         break;
279         }
280
281         if (i >= ARRAY_SIZE(project_id_to_lmp_subver)) {
282                 rtl_dev_err(hdev, "unknown project id %d\n", project_id);
283                 return -EINVAL;
284         }
285
286         if (btrtl_dev->ic_info->lmp_subver !=
287                                 project_id_to_lmp_subver[i].lmp_subver) {
288                 rtl_dev_err(hdev, "firmware is for %x but this is a %x\n",
289                             project_id_to_lmp_subver[i].lmp_subver,
290                             btrtl_dev->ic_info->lmp_subver);
291                 return -EINVAL;
292         }
293
294         epatch_info = (struct rtl_epatch_header *)btrtl_dev->fw_data;
295         if (memcmp(epatch_info->signature, RTL_EPATCH_SIGNATURE, 8) != 0) {
296                 rtl_dev_err(hdev, "bad EPATCH signature\n");
297                 return -EINVAL;
298         }
299
300         num_patches = le16_to_cpu(epatch_info->num_patches);
301         BT_DBG("fw_version=%x, num_patches=%d",
302                le32_to_cpu(epatch_info->fw_version), num_patches);
303
304         /* After the rtl_epatch_header there is a funky patch metadata section.
305          * Assuming 2 patches, the layout is:
306          * ChipID1 ChipID2 PatchLength1 PatchLength2 PatchOffset1 PatchOffset2
307          *
308          * Find the right patch for this chip.
309          */
310         min_size += 8 * num_patches;
311         if (btrtl_dev->fw_len < min_size)
312                 return -EINVAL;
313
314         chip_id_base = btrtl_dev->fw_data + sizeof(struct rtl_epatch_header);
315         patch_length_base = chip_id_base + (sizeof(u16) * num_patches);
316         patch_offset_base = patch_length_base + (sizeof(u16) * num_patches);
317         for (i = 0; i < num_patches; i++) {
318                 u16 chip_id = get_unaligned_le16(chip_id_base +
319                                                  (i * sizeof(u16)));
320                 if (chip_id == btrtl_dev->rom_version + 1) {
321                         patch_length = get_unaligned_le16(patch_length_base +
322                                                           (i * sizeof(u16)));
323                         patch_offset = get_unaligned_le32(patch_offset_base +
324                                                           (i * sizeof(u32)));
325                         break;
326                 }
327         }
328
329         if (!patch_offset) {
330                 rtl_dev_err(hdev, "didn't find patch for chip id %d",
331                             btrtl_dev->rom_version);
332                 return -EINVAL;
333         }
334
335         BT_DBG("length=%x offset=%x index %d", patch_length, patch_offset, i);
336         min_size = patch_offset + patch_length;
337         if (btrtl_dev->fw_len < min_size)
338                 return -EINVAL;
339
340         /* Copy the firmware into a new buffer and write the version at
341          * the end.
342          */
343         len = patch_length;
344         buf = kmemdup(btrtl_dev->fw_data + patch_offset, patch_length,
345                       GFP_KERNEL);
346         if (!buf)
347                 return -ENOMEM;
348
349         memcpy(buf + patch_length - 4, &epatch_info->fw_version, 4);
350
351         *_buf = buf;
352         return len;
353 }
354
355 static int rtl_download_firmware(struct hci_dev *hdev,
356                                  const unsigned char *data, int fw_len)
357 {
358         struct rtl_download_cmd *dl_cmd;
359         int frag_num = fw_len / RTL_FRAG_LEN + 1;
360         int frag_len = RTL_FRAG_LEN;
361         int ret = 0;
362         int i;
363
364         dl_cmd = kmalloc(sizeof(struct rtl_download_cmd), GFP_KERNEL);
365         if (!dl_cmd)
366                 return -ENOMEM;
367
368         for (i = 0; i < frag_num; i++) {
369                 struct sk_buff *skb;
370
371                 BT_DBG("download fw (%d/%d)", i, frag_num);
372
373                 dl_cmd->index = i;
374                 if (i == (frag_num - 1)) {
375                         dl_cmd->index |= 0x80; /* data end */
376                         frag_len = fw_len % RTL_FRAG_LEN;
377                 }
378                 memcpy(dl_cmd->data, data, frag_len);
379
380                 /* Send download command */
381                 skb = __hci_cmd_sync(hdev, 0xfc20, frag_len + 1, dl_cmd,
382                                      HCI_INIT_TIMEOUT);
383                 if (IS_ERR(skb)) {
384                         rtl_dev_err(hdev, "download fw command failed (%ld)\n",
385                                     PTR_ERR(skb));
386                         ret = -PTR_ERR(skb);
387                         goto out;
388                 }
389
390                 if (skb->len != sizeof(struct rtl_download_response)) {
391                         rtl_dev_err(hdev, "download fw event length mismatch\n");
392                         kfree_skb(skb);
393                         ret = -EIO;
394                         goto out;
395                 }
396
397                 kfree_skb(skb);
398                 data += RTL_FRAG_LEN;
399         }
400
401 out:
402         kfree(dl_cmd);
403         return ret;
404 }
405
406 static int rtl_load_file(struct hci_dev *hdev, const char *name, u8 **buff)
407 {
408         const struct firmware *fw;
409         int ret;
410
411         rtl_dev_info(hdev, "rtl: loading %s\n", name);
412         ret = request_firmware(&fw, name, &hdev->dev);
413         if (ret < 0)
414                 return ret;
415         ret = fw->size;
416         *buff = kmemdup(fw->data, ret, GFP_KERNEL);
417         if (!*buff)
418                 ret = -ENOMEM;
419
420         release_firmware(fw);
421
422         return ret;
423 }
424
425 static int btrtl_setup_rtl8723a(struct hci_dev *hdev,
426                                 struct btrtl_device_info *btrtl_dev)
427 {
428         if (btrtl_dev->fw_len < 8)
429                 return -EINVAL;
430
431         /* Check that the firmware doesn't have the epatch signature
432          * (which is only for RTL8723B and newer).
433          */
434         if (!memcmp(btrtl_dev->fw_data, RTL_EPATCH_SIGNATURE, 8)) {
435                 rtl_dev_err(hdev, "unexpected EPATCH signature!\n");
436                 return -EINVAL;
437         }
438
439         return rtl_download_firmware(hdev, btrtl_dev->fw_data,
440                                      btrtl_dev->fw_len);
441 }
442
443 static int btrtl_setup_rtl8723b(struct hci_dev *hdev,
444                                 struct btrtl_device_info *btrtl_dev)
445 {
446         unsigned char *fw_data = NULL;
447         int ret;
448         u8 *tbuff;
449
450         ret = rtlbt_parse_firmware(hdev, btrtl_dev, &fw_data);
451         if (ret < 0)
452                 goto out;
453
454         if (btrtl_dev->cfg_len > 0) {
455                 tbuff = kzalloc(ret + btrtl_dev->cfg_len, GFP_KERNEL);
456                 if (!tbuff) {
457                         ret = -ENOMEM;
458                         goto out;
459                 }
460
461                 memcpy(tbuff, fw_data, ret);
462                 kfree(fw_data);
463
464                 memcpy(tbuff + ret, btrtl_dev->cfg_data, btrtl_dev->cfg_len);
465                 ret += btrtl_dev->cfg_len;
466
467                 fw_data = tbuff;
468         }
469
470         rtl_dev_info(hdev, "cfg_sz %d, total sz %d\n", btrtl_dev->cfg_len, ret);
471
472         ret = rtl_download_firmware(hdev, fw_data, ret);
473
474 out:
475         kfree(fw_data);
476         return ret;
477 }
478
479 static struct sk_buff *btrtl_read_local_version(struct hci_dev *hdev)
480 {
481         struct sk_buff *skb;
482
483         skb = __hci_cmd_sync(hdev, HCI_OP_READ_LOCAL_VERSION, 0, NULL,
484                              HCI_INIT_TIMEOUT);
485         if (IS_ERR(skb)) {
486                 rtl_dev_err(hdev, "HCI_OP_READ_LOCAL_VERSION failed (%ld)\n",
487                             PTR_ERR(skb));
488                 return skb;
489         }
490
491         if (skb->len != sizeof(struct hci_rp_read_local_version)) {
492                 rtl_dev_err(hdev, "HCI_OP_READ_LOCAL_VERSION event length mismatch\n");
493                 kfree_skb(skb);
494                 return ERR_PTR(-EIO);
495         }
496
497         return skb;
498 }
499
500 void btrtl_free(struct btrtl_device_info *btrtl_dev)
501 {
502         kfree(btrtl_dev->fw_data);
503         kfree(btrtl_dev->cfg_data);
504         kfree(btrtl_dev);
505 }
506 EXPORT_SYMBOL_GPL(btrtl_free);
507
508 struct btrtl_device_info *btrtl_initialize(struct hci_dev *hdev,
509                                            const char *postfix)
510 {
511         struct btrtl_device_info *btrtl_dev;
512         struct sk_buff *skb;
513         struct hci_rp_read_local_version *resp;
514         char cfg_name[40];
515         u16 hci_rev, lmp_subver;
516         u8 hci_ver;
517         int ret;
518
519         btrtl_dev = kzalloc(sizeof(*btrtl_dev), GFP_KERNEL);
520         if (!btrtl_dev) {
521                 ret = -ENOMEM;
522                 goto err_alloc;
523         }
524
525         skb = btrtl_read_local_version(hdev);
526         if (IS_ERR(skb)) {
527                 ret = PTR_ERR(skb);
528                 goto err_free;
529         }
530
531         resp = (struct hci_rp_read_local_version *)skb->data;
532         rtl_dev_info(hdev, "rtl: examining hci_ver=%02x hci_rev=%04x lmp_ver=%02x lmp_subver=%04x\n",
533                      resp->hci_ver, resp->hci_rev,
534                      resp->lmp_ver, resp->lmp_subver);
535
536         hci_ver = resp->hci_ver;
537         hci_rev = le16_to_cpu(resp->hci_rev);
538         lmp_subver = le16_to_cpu(resp->lmp_subver);
539         kfree_skb(skb);
540
541         btrtl_dev->ic_info = btrtl_match_ic(lmp_subver, hci_rev, hci_ver,
542                                             hdev->bus);
543
544         if (!btrtl_dev->ic_info) {
545                 rtl_dev_info(hdev, "rtl: unknown IC info, lmp subver %04x, hci rev %04x, hci ver %04x",
546                             lmp_subver, hci_rev, hci_ver);
547                 return btrtl_dev;
548         }
549
550         if (btrtl_dev->ic_info->has_rom_version) {
551                 ret = rtl_read_rom_version(hdev, &btrtl_dev->rom_version);
552                 if (ret)
553                         goto err_free;
554         }
555
556         btrtl_dev->fw_len = rtl_load_file(hdev, btrtl_dev->ic_info->fw_name,
557                                           &btrtl_dev->fw_data);
558         if (btrtl_dev->fw_len < 0) {
559                 rtl_dev_err(hdev, "firmware file %s not found\n",
560                             btrtl_dev->ic_info->fw_name);
561                 ret = btrtl_dev->fw_len;
562                 goto err_free;
563         }
564
565         if (btrtl_dev->ic_info->cfg_name) {
566                 if (postfix) {
567                         snprintf(cfg_name, sizeof(cfg_name), "%s-%s.bin",
568                                  btrtl_dev->ic_info->cfg_name, postfix);
569                 } else {
570                         snprintf(cfg_name, sizeof(cfg_name), "%s.bin",
571                                  btrtl_dev->ic_info->cfg_name);
572                 }
573                 btrtl_dev->cfg_len = rtl_load_file(hdev, cfg_name,
574                                                    &btrtl_dev->cfg_data);
575                 if (btrtl_dev->ic_info->config_needed &&
576                     btrtl_dev->cfg_len <= 0) {
577                         rtl_dev_err(hdev, "mandatory config file %s not found\n",
578                                     btrtl_dev->ic_info->cfg_name);
579                         ret = btrtl_dev->cfg_len;
580                         goto err_free;
581                 }
582         }
583
584         return btrtl_dev;
585
586 err_free:
587         btrtl_free(btrtl_dev);
588 err_alloc:
589         return ERR_PTR(ret);
590 }
591 EXPORT_SYMBOL_GPL(btrtl_initialize);
592
593 int btrtl_download_firmware(struct hci_dev *hdev,
594                             struct btrtl_device_info *btrtl_dev)
595 {
596         /* Match a set of subver values that correspond to stock firmware,
597          * which is not compatible with standard btusb.
598          * If matched, upload an alternative firmware that does conform to
599          * standard btusb. Once that firmware is uploaded, the subver changes
600          * to a different value.
601          */
602         if (!btrtl_dev->ic_info) {
603                 rtl_dev_info(hdev, "rtl: assuming no firmware upload needed\n");
604                 return 0;
605         }
606
607         switch (btrtl_dev->ic_info->lmp_subver) {
608         case RTL_ROM_LMP_8723A:
609         case RTL_ROM_LMP_3499:
610                 return btrtl_setup_rtl8723a(hdev, btrtl_dev);
611         case RTL_ROM_LMP_8723B:
612         case RTL_ROM_LMP_8821A:
613         case RTL_ROM_LMP_8761A:
614         case RTL_ROM_LMP_8822B:
615                 return btrtl_setup_rtl8723b(hdev, btrtl_dev);
616         default:
617                 rtl_dev_info(hdev, "rtl: assuming no firmware upload needed\n");
618                 return 0;
619         }
620 }
621 EXPORT_SYMBOL_GPL(btrtl_download_firmware);
622
623 int btrtl_setup_realtek(struct hci_dev *hdev)
624 {
625         struct btrtl_device_info *btrtl_dev;
626         int ret;
627
628         btrtl_dev = btrtl_initialize(hdev, NULL);
629         if (IS_ERR(btrtl_dev))
630                 return PTR_ERR(btrtl_dev);
631
632         ret = btrtl_download_firmware(hdev, btrtl_dev);
633
634         btrtl_free(btrtl_dev);
635
636         return ret;
637 }
638 EXPORT_SYMBOL_GPL(btrtl_setup_realtek);
639
640 static unsigned int btrtl_convert_baudrate(u32 device_baudrate)
641 {
642         switch (device_baudrate) {
643         case 0x0252a00a:
644                 return 230400;
645
646         case 0x05f75004:
647                 return 921600;
648
649         case 0x00005004:
650                 return 1000000;
651
652         case 0x04928002:
653         case 0x01128002:
654                 return 1500000;
655
656         case 0x00005002:
657                 return 2000000;
658
659         case 0x0000b001:
660                 return 2500000;
661
662         case 0x04928001:
663                 return 3000000;
664
665         case 0x052a6001:
666                 return 3500000;
667
668         case 0x00005001:
669                 return 4000000;
670
671         case 0x0252c014:
672         default:
673                 return 115200;
674         }
675 }
676
677 int btrtl_get_uart_settings(struct hci_dev *hdev,
678                             struct btrtl_device_info *btrtl_dev,
679                             unsigned int *controller_baudrate,
680                             u32 *device_baudrate, bool *flow_control)
681 {
682         struct rtl_vendor_config *config;
683         struct rtl_vendor_config_entry *entry;
684         int i, total_data_len;
685         bool found = false;
686
687         total_data_len = btrtl_dev->cfg_len - sizeof(*config);
688         if (total_data_len <= 0) {
689                 rtl_dev_warn(hdev, "no config loaded\n");
690                 return -EINVAL;
691         }
692
693         config = (struct rtl_vendor_config *)btrtl_dev->cfg_data;
694         if (le32_to_cpu(config->signature) != RTL_CONFIG_MAGIC) {
695                 rtl_dev_err(hdev, "invalid config magic\n");
696                 return -EINVAL;
697         }
698
699         if (total_data_len < le16_to_cpu(config->total_len)) {
700                 rtl_dev_err(hdev, "config is too short\n");
701                 return -EINVAL;
702         }
703
704         for (i = 0; i < total_data_len; ) {
705                 entry = ((void *)config->entry) + i;
706
707                 switch (le16_to_cpu(entry->offset)) {
708                 case 0xc:
709                         if (entry->len < sizeof(*device_baudrate)) {
710                                 rtl_dev_err(hdev, "invalid UART config entry\n");
711                                 return -EINVAL;
712                         }
713
714                         *device_baudrate = get_unaligned_le32(entry->data);
715                         *controller_baudrate = btrtl_convert_baudrate(
716                                                         *device_baudrate);
717
718                         if (entry->len >= 13)
719                                 *flow_control = !!(entry->data[12] & BIT(2));
720                         else
721                                 *flow_control = false;
722
723                         found = true;
724                         break;
725
726                 default:
727                         rtl_dev_dbg(hdev, "skipping config entry 0x%x (len %u)\n",
728                                    le16_to_cpu(entry->offset), entry->len);
729                         break;
730                 };
731
732                 i += sizeof(*entry) + entry->len;
733         }
734
735         if (!found) {
736                 rtl_dev_err(hdev, "no UART config entry found\n");
737                 return -ENOENT;
738         }
739
740         rtl_dev_dbg(hdev, "device baudrate = 0x%08x\n", *device_baudrate);
741         rtl_dev_dbg(hdev, "controller baudrate = %u\n", *controller_baudrate);
742         rtl_dev_dbg(hdev, "flow control %d\n", *flow_control);
743
744         return 0;
745 }
746 EXPORT_SYMBOL_GPL(btrtl_get_uart_settings);
747
748 MODULE_AUTHOR("Daniel Drake <drake@endlessm.com>");
749 MODULE_DESCRIPTION("Bluetooth support for Realtek devices ver " VERSION);
750 MODULE_VERSION(VERSION);
751 MODULE_LICENSE("GPL");
752 MODULE_FIRMWARE("rtl_bt/rtl8723a_fw.bin");
753 MODULE_FIRMWARE("rtl_bt/rtl8723b_fw.bin");
754 MODULE_FIRMWARE("rtl_bt/rtl8723b_config.bin");
755 MODULE_FIRMWARE("rtl_bt/rtl8723bs_fw.bin");
756 MODULE_FIRMWARE("rtl_bt/rtl8723bs_config.bin");
757 MODULE_FIRMWARE("rtl_bt/rtl8723ds_fw.bin");
758 MODULE_FIRMWARE("rtl_bt/rtl8723ds_config.bin");
759 MODULE_FIRMWARE("rtl_bt/rtl8761a_fw.bin");
760 MODULE_FIRMWARE("rtl_bt/rtl8761a_config.bin");
761 MODULE_FIRMWARE("rtl_bt/rtl8821a_fw.bin");
762 MODULE_FIRMWARE("rtl_bt/rtl8821a_config.bin");
763 MODULE_FIRMWARE("rtl_bt/rtl8822b_fw.bin");
764 MODULE_FIRMWARE("rtl_bt/rtl8822b_config.bin");