summaryrefslogtreecommitdiffstats
path: root/drivers/bluetooth
diff options
context:
space:
mode:
authorMatthias Kaehlcke <mka@chromium.org>2019-05-21 15:53:07 -0400
committerMarcel Holtmann <marcel@holtmann.org>2019-07-06 06:46:42 -0400
commit2faa3f15fa2fc13ad1e12a61fc3dbb14b326ba7a (patch)
treea3a3bf65d68c8da0b6bf6bcd8fe74809a1a1c8d0 /drivers/bluetooth
parent32646db8cc2862a14788de1bb4c365d0a27fb532 (diff)
Bluetooth: hci_qca: wcn3990: Drop baudrate change vendor event
Firmware download to the WCN3990 often fails with a 'TLV response size mismatch' error: [ 133.064659] Bluetooth: hci0: setting up wcn3990 [ 133.489150] Bluetooth: hci0: QCA controller version 0x02140201 [ 133.495245] Bluetooth: hci0: QCA Downloading qca/crbtfw21.tlv [ 133.507214] Bluetooth: hci0: QCA TLV response size mismatch [ 133.513265] Bluetooth: hci0: QCA Failed to download patch (-84) This is caused by a vendor event that corresponds to an earlier command to change the baudrate. The event is not processed in the context of the baudrate change and is later interpreted as response to the firmware download command (which is also a vendor command), but the driver detects that the event doesn't have the expected amount of associated data. More details: For the WCN3990 the vendor command for a baudrate change isn't sent as synchronous HCI command, because the controller sends the corresponding vendor event with the new baudrate. The event is received and decoded after the baudrate change of the host port. Identify the 'unused' event when it is received and don't add it to the queue of RX frames. Signed-off-by: Matthias Kaehlcke <mka@chromium.org> Signed-off-by: Marcel Holtmann <marcel@holtmann.org>
Diffstat (limited to 'drivers/bluetooth')
-rw-r--r--drivers/bluetooth/hci_qca.c55
1 files changed, 54 insertions, 1 deletions
diff --git a/drivers/bluetooth/hci_qca.c b/drivers/bluetooth/hci_qca.c
index 9d273cdde563..9f992b905f24 100644
--- a/drivers/bluetooth/hci_qca.c
+++ b/drivers/bluetooth/hci_qca.c
@@ -17,6 +17,7 @@
17 17
18#include <linux/kernel.h> 18#include <linux/kernel.h>
19#include <linux/clk.h> 19#include <linux/clk.h>
20#include <linux/completion.h>
20#include <linux/debugfs.h> 21#include <linux/debugfs.h>
21#include <linux/delay.h> 22#include <linux/delay.h>
22#include <linux/device.h> 23#include <linux/device.h>
@@ -53,6 +54,7 @@
53 54
54enum qca_flags { 55enum qca_flags {
55 QCA_IBS_ENABLED, 56 QCA_IBS_ENABLED,
57 QCA_DROP_VENDOR_EVENT,
56}; 58};
57 59
58/* HCI_IBS transmit side sleep protocol states */ 60/* HCI_IBS transmit side sleep protocol states */
@@ -97,6 +99,7 @@ struct qca_data {
97 struct work_struct ws_rx_vote_off; 99 struct work_struct ws_rx_vote_off;
98 struct work_struct ws_tx_vote_off; 100 struct work_struct ws_tx_vote_off;
99 unsigned long flags; 101 unsigned long flags;
102 struct completion drop_ev_comp;
100 103
101 /* For debugging purpose */ 104 /* For debugging purpose */
102 u64 ibs_sent_wacks; 105 u64 ibs_sent_wacks;
@@ -478,6 +481,7 @@ static int qca_open(struct hci_uart *hu)
478 INIT_WORK(&qca->ws_tx_vote_off, qca_wq_serial_tx_clock_vote_off); 481 INIT_WORK(&qca->ws_tx_vote_off, qca_wq_serial_tx_clock_vote_off);
479 482
480 qca->hu = hu; 483 qca->hu = hu;
484 init_completion(&qca->drop_ev_comp);
481 485
482 /* Assume we start with both sides asleep -- extra wakes OK */ 486 /* Assume we start with both sides asleep -- extra wakes OK */
483 qca->tx_ibs_state = HCI_IBS_TX_ASLEEP; 487 qca->tx_ibs_state = HCI_IBS_TX_ASLEEP;
@@ -872,6 +876,35 @@ static int qca_recv_acl_data(struct hci_dev *hdev, struct sk_buff *skb)
872 return hci_recv_frame(hdev, skb); 876 return hci_recv_frame(hdev, skb);
873} 877}
874 878
879static int qca_recv_event(struct hci_dev *hdev, struct sk_buff *skb)
880{
881 struct hci_uart *hu = hci_get_drvdata(hdev);
882 struct qca_data *qca = hu->priv;
883
884 if (test_bit(QCA_DROP_VENDOR_EVENT, &qca->flags)) {
885 struct hci_event_hdr *hdr = (void *)skb->data;
886
887 /* For the WCN3990 the vendor command for a baudrate change
888 * isn't sent as synchronous HCI command, because the
889 * controller sends the corresponding vendor event with the
890 * new baudrate. The event is received and properly decoded
891 * after changing the baudrate of the host port. It needs to
892 * be dropped, otherwise it can be misinterpreted as
893 * response to a later firmware download command (also a
894 * vendor command).
895 */
896
897 if (hdr->evt == HCI_EV_VENDOR)
898 complete(&qca->drop_ev_comp);
899
900 kfree(skb);
901
902 return 0;
903 }
904
905 return hci_recv_frame(hdev, skb);
906}
907
875#define QCA_IBS_SLEEP_IND_EVENT \ 908#define QCA_IBS_SLEEP_IND_EVENT \
876 .type = HCI_IBS_SLEEP_IND, \ 909 .type = HCI_IBS_SLEEP_IND, \
877 .hlen = 0, \ 910 .hlen = 0, \
@@ -896,7 +929,7 @@ static int qca_recv_acl_data(struct hci_dev *hdev, struct sk_buff *skb)
896static const struct h4_recv_pkt qca_recv_pkts[] = { 929static const struct h4_recv_pkt qca_recv_pkts[] = {
897 { H4_RECV_ACL, .recv = qca_recv_acl_data }, 930 { H4_RECV_ACL, .recv = qca_recv_acl_data },
898 { H4_RECV_SCO, .recv = hci_recv_frame }, 931 { H4_RECV_SCO, .recv = hci_recv_frame },
899 { H4_RECV_EVENT, .recv = hci_recv_frame }, 932 { H4_RECV_EVENT, .recv = qca_recv_event },
900 { QCA_IBS_WAKE_IND_EVENT, .recv = qca_ibs_wake_ind }, 933 { QCA_IBS_WAKE_IND_EVENT, .recv = qca_ibs_wake_ind },
901 { QCA_IBS_WAKE_ACK_EVENT, .recv = qca_ibs_wake_ack }, 934 { QCA_IBS_WAKE_ACK_EVENT, .recv = qca_ibs_wake_ack },
902 { QCA_IBS_SLEEP_IND_EVENT, .recv = qca_ibs_sleep_ind }, 935 { QCA_IBS_SLEEP_IND_EVENT, .recv = qca_ibs_sleep_ind },
@@ -1091,6 +1124,7 @@ static int qca_check_speeds(struct hci_uart *hu)
1091static int qca_set_speed(struct hci_uart *hu, enum qca_speed_type speed_type) 1124static int qca_set_speed(struct hci_uart *hu, enum qca_speed_type speed_type)
1092{ 1125{
1093 unsigned int speed, qca_baudrate; 1126 unsigned int speed, qca_baudrate;
1127 struct qca_data *qca = hu->priv;
1094 int ret = 0; 1128 int ret = 0;
1095 1129
1096 if (speed_type == QCA_INIT_SPEED) { 1130 if (speed_type == QCA_INIT_SPEED) {
@@ -1110,6 +1144,11 @@ static int qca_set_speed(struct hci_uart *hu, enum qca_speed_type speed_type)
1110 if (qca_is_wcn399x(soc_type)) 1144 if (qca_is_wcn399x(soc_type))
1111 hci_uart_set_flow_control(hu, true); 1145 hci_uart_set_flow_control(hu, true);
1112 1146
1147 if (soc_type == QCA_WCN3990) {
1148 reinit_completion(&qca->drop_ev_comp);
1149 set_bit(QCA_DROP_VENDOR_EVENT, &qca->flags);
1150 }
1151
1113 qca_baudrate = qca_get_baudrate_value(speed); 1152 qca_baudrate = qca_get_baudrate_value(speed);
1114 bt_dev_dbg(hu->hdev, "Set UART speed to %d", speed); 1153 bt_dev_dbg(hu->hdev, "Set UART speed to %d", speed);
1115 ret = qca_set_baudrate(hu->hdev, qca_baudrate); 1154 ret = qca_set_baudrate(hu->hdev, qca_baudrate);
@@ -1121,6 +1160,20 @@ static int qca_set_speed(struct hci_uart *hu, enum qca_speed_type speed_type)
1121error: 1160error:
1122 if (qca_is_wcn399x(soc_type)) 1161 if (qca_is_wcn399x(soc_type))
1123 hci_uart_set_flow_control(hu, false); 1162 hci_uart_set_flow_control(hu, false);
1163
1164 if (soc_type == QCA_WCN3990) {
1165 /* Wait for the controller to send the vendor event
1166 * for the baudrate change command.
1167 */
1168 if (!wait_for_completion_timeout(&qca->drop_ev_comp,
1169 msecs_to_jiffies(100))) {
1170 bt_dev_err(hu->hdev,
1171 "Failed to change controller baudrate\n");
1172 ret = -ETIMEDOUT;
1173 }
1174
1175 clear_bit(QCA_DROP_VENDOR_EVENT, &qca->flags);
1176 }
1124 } 1177 }
1125 1178
1126 return ret; 1179 return ret;
generated by cgit v1.2.2 (git 2.25.0) at 2025-09-17 04:49:42 -0400