1 /*
2 * Wireless / Bluetooth USB class
3 *
4 * Copyright (c) 2018 Intel Corporation
5 *
6 * SPDX-License-Identifier: Apache-2.0
7 */
8
9 #include <zephyr/init.h>
10 #include <zephyr/sys/byteorder.h>
11
12 #include <zephyr/usb/usb_device.h>
13 #include <usb_descriptor.h>
14
15 #include <zephyr/net_buf.h>
16
17 #include <zephyr/bluetooth/buf.h>
18 #include <zephyr/bluetooth/hci_raw.h>
19 #include <zephyr/bluetooth/l2cap.h>
20 #include <zephyr/bluetooth/hci_vs.h>
21 #include <zephyr/drivers/bluetooth.h>
22 #include <zephyr/sys/atomic.h>
23
24 #include <zephyr/logging/log.h>
25 LOG_MODULE_REGISTER(usb_bluetooth, CONFIG_USB_DEVICE_LOG_LEVEL);
26
27 #define USB_RF_SUBCLASS 0x01
28 #define USB_BLUETOOTH_PROTOCOL 0x01
29
30 static K_FIFO_DEFINE(rx_queue);
31 static K_FIFO_DEFINE(tx_queue);
32
33 #define BLUETOOTH_INT_EP_ADDR 0x81
34 #define BLUETOOTH_OUT_EP_ADDR 0x02
35 #define BLUETOOTH_IN_EP_ADDR 0x82
36
37 /* HCI RX/TX threads */
38 static K_KERNEL_STACK_DEFINE(rx_thread_stack, CONFIG_BT_HCI_TX_STACK_SIZE);
39 static struct k_thread rx_thread_data;
40 static K_KERNEL_STACK_DEFINE(tx_thread_stack, 512);
41 static struct k_thread tx_thread_data;
42
43 /* HCI USB state flags */
44 static bool configured;
45 /*
46 * Shared variable between bluetooth_status_cb() and hci_tx_thread(),
47 * where hci_tx_thread() has read-only access to it.
48 */
49 static atomic_t suspended;
50
51 static uint8_t ep_out_buf[USB_MAX_FS_BULK_MPS];
52
53 struct usb_bluetooth_config {
54 struct usb_if_descriptor if0;
55 struct usb_ep_descriptor if0_int_ep;
56 struct usb_ep_descriptor if0_out_ep;
57 struct usb_ep_descriptor if0_in_ep;
58 } __packed;
59
60 USBD_CLASS_DESCR_DEFINE(primary, 0)
61 struct usb_bluetooth_config bluetooth_cfg = {
62 /* Interface descriptor 0 */
63 .if0 = {
64 .bLength = sizeof(struct usb_if_descriptor),
65 .bDescriptorType = USB_DESC_INTERFACE,
66 .bInterfaceNumber = 0,
67 .bAlternateSetting = 0,
68 .bNumEndpoints = 3,
69 .bInterfaceClass = USB_BCC_WIRELESS_CONTROLLER,
70 .bInterfaceSubClass = USB_RF_SUBCLASS,
71 .bInterfaceProtocol = USB_BLUETOOTH_PROTOCOL,
72 .iInterface = 0,
73 },
74
75 /* Interrupt Endpoint */
76 .if0_int_ep = {
77 .bLength = sizeof(struct usb_ep_descriptor),
78 .bDescriptorType = USB_DESC_ENDPOINT,
79 .bEndpointAddress = BLUETOOTH_INT_EP_ADDR,
80 .bmAttributes = USB_DC_EP_INTERRUPT,
81 .wMaxPacketSize = sys_cpu_to_le16(USB_MAX_FS_INT_MPS),
82 .bInterval = 0x01,
83 },
84
85 /* Data Endpoint OUT */
86 .if0_out_ep = {
87 .bLength = sizeof(struct usb_ep_descriptor),
88 .bDescriptorType = USB_DESC_ENDPOINT,
89 .bEndpointAddress = BLUETOOTH_OUT_EP_ADDR,
90 .bmAttributes = USB_DC_EP_BULK,
91 .wMaxPacketSize = sys_cpu_to_le16(USB_MAX_FS_BULK_MPS),
92 .bInterval = 0x01,
93 },
94
95 /* Data Endpoint IN */
96 .if0_in_ep = {
97 .bLength = sizeof(struct usb_ep_descriptor),
98 .bDescriptorType = USB_DESC_ENDPOINT,
99 .bEndpointAddress = BLUETOOTH_IN_EP_ADDR,
100 .bmAttributes = USB_DC_EP_BULK,
101 .wMaxPacketSize = sys_cpu_to_le16(USB_MAX_FS_BULK_MPS),
102 .bInterval = 0x01,
103 },
104 };
105
106 #define HCI_INT_EP_IDX 0
107 #define HCI_OUT_EP_IDX 1
108 #define HCI_IN_EP_IDX 2
109
110 static struct usb_ep_cfg_data bluetooth_ep_data[] = {
111 {
112 .ep_cb = usb_transfer_ep_callback,
113 .ep_addr = BLUETOOTH_INT_EP_ADDR,
114 },
115 {
116 .ep_cb = usb_transfer_ep_callback,
117 .ep_addr = BLUETOOTH_OUT_EP_ADDR,
118 },
119 {
120 .ep_cb = usb_transfer_ep_callback,
121 .ep_addr = BLUETOOTH_IN_EP_ADDR,
122 },
123 };
124
hci_tx_thread(void * p1,void * p2,void * p3)125 static void hci_tx_thread(void *p1, void *p2, void *p3)
126 {
127 ARG_UNUSED(p1);
128 ARG_UNUSED(p2);
129 ARG_UNUSED(p3);
130
131 LOG_DBG("Start USB Bluetooth thread");
132
133 while (true) {
134 struct net_buf *buf;
135
136 buf = k_fifo_get(&tx_queue, K_FOREVER);
137
138 if (IS_ENABLED(CONFIG_USB_DEVICE_BLUETOOTH_VS_H4) &&
139 bt_hci_raw_get_mode() == BT_HCI_RAW_MODE_H4) {
140 /* Force to sent over bulk if H4 is selected */
141 bt_buf_set_type(buf, BT_BUF_ACL_IN);
142 }
143
144 if (atomic_get(&suspended)) {
145 if (usb_wakeup_request()) {
146 LOG_DBG("Remote wakeup not enabled/supported");
147 }
148 /*
149 * Let's wait until operation is resumed.
150 * This is independent of usb_wakeup_request() result,
151 * as long as device is suspended it should not start
152 * any transfers.
153 */
154 while (atomic_get(&suspended)) {
155 k_sleep(K_MSEC(1));
156 }
157 }
158
159 switch (bt_buf_get_type(buf)) {
160 case BT_BUF_EVT:
161 usb_transfer_sync(
162 bluetooth_ep_data[HCI_INT_EP_IDX].ep_addr,
163 buf->data, buf->len,
164 USB_TRANS_WRITE | USB_TRANS_NO_ZLP);
165 break;
166 case BT_BUF_ACL_IN:
167 usb_transfer_sync(
168 bluetooth_ep_data[HCI_IN_EP_IDX].ep_addr,
169 buf->data, buf->len,
170 USB_TRANS_WRITE);
171 break;
172 default:
173 LOG_ERR("Unknown type %u", bt_buf_get_type(buf));
174 break;
175 }
176
177 net_buf_unref(buf);
178 }
179 }
180
hci_rx_thread(void * p1,void * p2,void * p3)181 static void hci_rx_thread(void *p1, void *p2, void *p3)
182 {
183 ARG_UNUSED(p1);
184 ARG_UNUSED(p2);
185 ARG_UNUSED(p3);
186
187 while (true) {
188 struct net_buf *buf;
189 int err;
190
191 buf = k_fifo_get(&rx_queue, K_FOREVER);
192
193 err = bt_send(buf);
194 if (err) {
195 LOG_ERR("Error sending to driver");
196 net_buf_unref(buf);
197 }
198 }
199 }
200
hci_pkt_get_len(struct net_buf * buf,const uint8_t * data,size_t size)201 static uint16_t hci_pkt_get_len(struct net_buf *buf,
202 const uint8_t *data, size_t size)
203 {
204 uint16_t len = 0;
205 size_t hdr_len = 0;
206
207 switch (bt_buf_get_type(buf)) {
208 case BT_BUF_CMD: {
209 struct bt_hci_cmd_hdr *cmd_hdr;
210
211 hdr_len = sizeof(*cmd_hdr);
212 cmd_hdr = (struct bt_hci_cmd_hdr *)data;
213 len = cmd_hdr->param_len + hdr_len;
214 break;
215 }
216 case BT_BUF_ACL_OUT: {
217 struct bt_hci_acl_hdr *acl_hdr;
218
219 hdr_len = sizeof(*acl_hdr);
220 acl_hdr = (struct bt_hci_acl_hdr *)data;
221 len = sys_le16_to_cpu(acl_hdr->len) + hdr_len;
222 break;
223 }
224 case BT_BUF_ISO_OUT: {
225 struct bt_hci_iso_hdr *iso_hdr;
226
227 hdr_len = sizeof(*iso_hdr);
228 iso_hdr = (struct bt_hci_iso_hdr *)data;
229 len = bt_iso_hdr_len(sys_le16_to_cpu(iso_hdr->len)) + hdr_len;
230 break;
231 }
232 default:
233 LOG_ERR("Unknown bt buffer type");
234 return 0;
235 }
236
237 return (size < hdr_len) ? 0 : len;
238 }
239
acl_read_cb(uint8_t ep,int size,void * priv)240 static void acl_read_cb(uint8_t ep, int size, void *priv)
241 {
242 static struct net_buf *buf;
243 static uint16_t pkt_len;
244 uint8_t *data = ep_out_buf;
245
246 if (size == 0) {
247 goto restart_out_transfer;
248 }
249
250 if (buf == NULL) {
251 /*
252 * Obtain the first chunk and determine the length
253 * of the HCI packet.
254 */
255 if (IS_ENABLED(CONFIG_USB_DEVICE_BLUETOOTH_VS_H4) &&
256 bt_hci_raw_get_mode() == BT_HCI_RAW_MODE_H4) {
257 buf = bt_buf_get_tx(BT_BUF_H4, K_FOREVER, data, size);
258 if (!buf) {
259 LOG_ERR("Failed to allocate buffer");
260 goto restart_out_transfer;
261 }
262
263 pkt_len = hci_pkt_get_len(buf, &data[1], size - 1);
264 LOG_DBG("pkt_len %u, chunk %u", pkt_len, size);
265 } else {
266 buf = bt_buf_get_tx(BT_BUF_ACL_OUT, K_FOREVER,
267 data, size);
268 if (!buf) {
269 LOG_ERR("Failed to allocate buffer");
270 goto restart_out_transfer;
271 }
272
273 pkt_len = hci_pkt_get_len(buf, data, size);
274 LOG_DBG("pkt_len %u, chunk %u", pkt_len, size);
275 }
276
277 if (pkt_len == 0) {
278 LOG_ERR("Failed to get packet length");
279 net_buf_unref(buf);
280 buf = NULL;
281 }
282 } else {
283 if (net_buf_tailroom(buf) < size) {
284 LOG_ERR("Buffer tailroom too small");
285 net_buf_unref(buf);
286 buf = NULL;
287 goto restart_out_transfer;
288 }
289
290 /*
291 * Take over the next chunk if HCI packet is
292 * larger than USB_MAX_FS_BULK_MPS.
293 */
294 net_buf_add_mem(buf, data, size);
295 LOG_DBG("len %u, chunk %u", buf->len, size);
296 }
297
298 if (buf != NULL && pkt_len == buf->len) {
299 k_fifo_put(&rx_queue, buf);
300 LOG_DBG("put");
301 buf = NULL;
302 pkt_len = 0;
303 }
304
305 restart_out_transfer:
306 usb_transfer(bluetooth_ep_data[HCI_OUT_EP_IDX].ep_addr, ep_out_buf,
307 sizeof(ep_out_buf), USB_TRANS_READ,
308 acl_read_cb, NULL);
309 }
310
bluetooth_status_cb(struct usb_cfg_data * cfg,enum usb_dc_status_code status,const uint8_t * param)311 static void bluetooth_status_cb(struct usb_cfg_data *cfg,
312 enum usb_dc_status_code status,
313 const uint8_t *param)
314 {
315 ARG_UNUSED(cfg);
316 atomic_val_t tmp;
317
318 /* Check the USB status and do needed action if required */
319 switch (status) {
320 case USB_DC_RESET:
321 LOG_DBG("Device reset detected");
322 configured = false;
323 atomic_clear(&suspended);
324 break;
325 case USB_DC_CONFIGURED:
326 LOG_DBG("Device configured");
327 if (!configured) {
328 configured = true;
329 /* Start reading */
330 acl_read_cb(bluetooth_ep_data[HCI_OUT_EP_IDX].ep_addr,
331 0, NULL);
332 }
333 break;
334 case USB_DC_DISCONNECTED:
335 LOG_DBG("Device disconnected");
336 /* Cancel any transfer */
337 usb_cancel_transfer(bluetooth_ep_data[HCI_INT_EP_IDX].ep_addr);
338 usb_cancel_transfer(bluetooth_ep_data[HCI_IN_EP_IDX].ep_addr);
339 usb_cancel_transfer(bluetooth_ep_data[HCI_OUT_EP_IDX].ep_addr);
340 configured = false;
341 atomic_clear(&suspended);
342 break;
343 case USB_DC_SUSPEND:
344 LOG_DBG("Device suspended");
345 atomic_set(&suspended, 1);
346 break;
347 case USB_DC_RESUME:
348 tmp = atomic_clear(&suspended);
349 if (tmp) {
350 LOG_DBG("Device resumed from suspend");
351 } else {
352 LOG_DBG("Spurious resume event");
353 }
354 break;
355 case USB_DC_UNKNOWN:
356 default:
357 LOG_DBG("Unknown state");
358 break;
359 }
360 }
361
vs_read_usb_transport_mode(struct net_buf * buf)362 static uint8_t vs_read_usb_transport_mode(struct net_buf *buf)
363 {
364 struct net_buf *rsp;
365 struct bt_hci_rp_vs_read_usb_transport_mode *rp;
366
367 rsp = bt_hci_cmd_complete_create(BT_HCI_OP_VS_READ_USB_TRANSPORT_MODE,
368 sizeof(*rp) + 2);
369 rp = net_buf_add(rsp, sizeof(*rp));
370 rp->status = BT_HCI_ERR_SUCCESS;
371 rp->num_supported_modes = 2;
372
373 net_buf_add_u8(rsp, BT_HCI_VS_USB_H2_MODE);
374 net_buf_add_u8(rsp, BT_HCI_VS_USB_H4_MODE);
375
376 k_fifo_put(&tx_queue, rsp);
377
378 return BT_HCI_ERR_EXT_HANDLED;
379 }
380
vs_set_usb_transport_mode(struct net_buf * buf)381 static uint8_t vs_set_usb_transport_mode(struct net_buf *buf)
382 {
383 struct bt_hci_cp_vs_set_usb_transport_mode *cp;
384 uint8_t mode;
385
386 cp = net_buf_pull_mem(buf, sizeof(*cp));
387
388 switch (cp->mode) {
389 case BT_HCI_VS_USB_H2_MODE:
390 mode = BT_HCI_RAW_MODE_PASSTHROUGH;
391 break;
392 case BT_HCI_VS_USB_H4_MODE:
393 mode = BT_HCI_RAW_MODE_H4;
394 break;
395 default:
396 LOG_DBG("Invalid mode: %u", cp->mode);
397 return BT_HCI_ERR_INVALID_PARAM;
398 }
399
400 LOG_DBG("mode %u", mode);
401
402 bt_hci_raw_set_mode(mode);
403
404 return BT_HCI_ERR_SUCCESS;
405 }
406
407 static struct bt_hci_raw_cmd_ext cmd_ext[] = {
408 BT_HCI_RAW_CMD_EXT(BT_OCF(BT_HCI_OP_VS_READ_USB_TRANSPORT_MODE), 0,
409 vs_read_usb_transport_mode),
410 BT_HCI_RAW_CMD_EXT(BT_OCF(BT_HCI_OP_VS_SET_USB_TRANSPORT_MODE),
411 sizeof(struct bt_hci_cp_vs_set_usb_transport_mode),
412 vs_set_usb_transport_mode),
413 };
414
bluetooth_class_handler(struct usb_setup_packet * setup,int32_t * len,uint8_t ** data)415 static int bluetooth_class_handler(struct usb_setup_packet *setup,
416 int32_t *len, uint8_t **data)
417 {
418 struct net_buf *buf;
419
420 if (usb_reqtype_is_to_host(setup) ||
421 setup->RequestType.type != USB_REQTYPE_TYPE_CLASS) {
422 return -ENOTSUP;
423 }
424
425 LOG_DBG("len %u", *len);
426
427 buf = bt_buf_get_tx(BT_BUF_CMD, K_NO_WAIT, *data, *len);
428 if (!buf) {
429 LOG_ERR("Cannot get free buffer\n");
430 return -ENOMEM;
431 }
432
433 k_fifo_put(&rx_queue, buf);
434
435 return 0;
436 }
437
bluetooth_interface_config(struct usb_desc_header * head,uint8_t bInterfaceNumber)438 static void bluetooth_interface_config(struct usb_desc_header *head,
439 uint8_t bInterfaceNumber)
440 {
441 ARG_UNUSED(head);
442
443 bluetooth_cfg.if0.bInterfaceNumber = bInterfaceNumber;
444 }
445
446 USBD_DEFINE_CFG_DATA(bluetooth_config) = {
447 .usb_device_description = NULL,
448 .interface_config = bluetooth_interface_config,
449 .interface_descriptor = &bluetooth_cfg.if0,
450 .cb_usb_status = bluetooth_status_cb,
451 .interface = {
452 .class_handler = bluetooth_class_handler,
453 .custom_handler = NULL,
454 .vendor_handler = NULL,
455 },
456 .num_endpoints = ARRAY_SIZE(bluetooth_ep_data),
457 .endpoint = bluetooth_ep_data,
458 };
459
bluetooth_init(void)460 static int bluetooth_init(void)
461 {
462 int ret;
463
464 LOG_DBG("Initialization");
465
466 ret = bt_enable_raw(&tx_queue);
467 if (ret) {
468 LOG_ERR("Failed to open Bluetooth raw channel: %d", ret);
469 return ret;
470 }
471
472 if (IS_ENABLED(CONFIG_USB_DEVICE_BLUETOOTH_VS_H4)) {
473 bt_hci_raw_cmd_ext_register(cmd_ext, ARRAY_SIZE(cmd_ext));
474 }
475
476 k_thread_create(&rx_thread_data, rx_thread_stack,
477 K_KERNEL_STACK_SIZEOF(rx_thread_stack),
478 hci_rx_thread, NULL, NULL, NULL,
479 K_PRIO_COOP(8), 0, K_NO_WAIT);
480
481 k_thread_name_set(&rx_thread_data, "usb_bt_rx");
482
483 k_thread_create(&tx_thread_data, tx_thread_stack,
484 K_KERNEL_STACK_SIZEOF(tx_thread_stack),
485 hci_tx_thread, NULL, NULL, NULL,
486 K_PRIO_COOP(8), 0, K_NO_WAIT);
487
488 k_thread_name_set(&tx_thread_data, "usb_bt_tx");
489
490 return 0;
491 }
492
493 SYS_INIT(bluetooth_init, APPLICATION, CONFIG_KERNEL_INIT_PRIORITY_DEVICE);
494
