1 /*
2  * HID driver for Nintendo Wii / Wii U peripherals
3  * Copyright (c) 2011-2013 David Herrmann <dh.herrmann@gmail.com>
4  */
5 
6 /*
7  * This program is free software; you can redistribute it and/or modify it
8  * under the terms of the GNU General Public License as published by the Free
9  * Software Foundation; either version 2 of the License, or (at your option)
10  * any later version.
11  */
12 
13 #include <linux/completion.h>
14 #include <linux/device.h>
15 #include <linux/hid.h>
16 #include <linux/input.h>
17 #include <linux/module.h>
18 #include <linux/mutex.h>
19 #include <linux/spinlock.h>
20 #include "hid-ids.h"
21 #include "hid-wiimote.h"
22 
23 /* output queue handling */
24 
wiimote_hid_send(struct hid_device * hdev,__u8 * buffer,size_t count)25 static int wiimote_hid_send(struct hid_device *hdev, __u8 *buffer,
26 			    size_t count)
27 {
28 	__u8 *buf;
29 	int ret;
30 
31 	if (!hdev->ll_driver->output_report)
32 		return -ENODEV;
33 
34 	buf = kmemdup(buffer, count, GFP_KERNEL);
35 	if (!buf)
36 		return -ENOMEM;
37 
38 	ret = hid_hw_output_report(hdev, buf, count);
39 
40 	kfree(buf);
41 	return ret;
42 }
43 
wiimote_queue_worker(struct work_struct * work)44 static void wiimote_queue_worker(struct work_struct *work)
45 {
46 	struct wiimote_queue *queue = container_of(work, struct wiimote_queue,
47 						   worker);
48 	struct wiimote_data *wdata = container_of(queue, struct wiimote_data,
49 						  queue);
50 	unsigned long flags;
51 	int ret;
52 
53 	spin_lock_irqsave(&wdata->queue.lock, flags);
54 
55 	while (wdata->queue.head != wdata->queue.tail) {
56 		spin_unlock_irqrestore(&wdata->queue.lock, flags);
57 		ret = wiimote_hid_send(wdata->hdev,
58 				 wdata->queue.outq[wdata->queue.tail].data,
59 				 wdata->queue.outq[wdata->queue.tail].size);
60 		if (ret < 0) {
61 			spin_lock_irqsave(&wdata->state.lock, flags);
62 			wiimote_cmd_abort(wdata);
63 			spin_unlock_irqrestore(&wdata->state.lock, flags);
64 		}
65 		spin_lock_irqsave(&wdata->queue.lock, flags);
66 
67 		wdata->queue.tail = (wdata->queue.tail + 1) % WIIMOTE_BUFSIZE;
68 	}
69 
70 	spin_unlock_irqrestore(&wdata->queue.lock, flags);
71 }
72 
wiimote_queue(struct wiimote_data * wdata,const __u8 * buffer,size_t count)73 static void wiimote_queue(struct wiimote_data *wdata, const __u8 *buffer,
74 								size_t count)
75 {
76 	unsigned long flags;
77 	__u8 newhead;
78 
79 	if (count > HID_MAX_BUFFER_SIZE) {
80 		hid_warn(wdata->hdev, "Sending too large output report\n");
81 
82 		spin_lock_irqsave(&wdata->queue.lock, flags);
83 		goto out_error;
84 	}
85 
86 	/*
87 	 * Copy new request into our output queue and check whether the
88 	 * queue is full. If it is full, discard this request.
89 	 * If it is empty we need to start a new worker that will
90 	 * send out the buffer to the hid device.
91 	 * If the queue is not empty, then there must be a worker
92 	 * that is currently sending out our buffer and this worker
93 	 * will reschedule itself until the queue is empty.
94 	 */
95 
96 	spin_lock_irqsave(&wdata->queue.lock, flags);
97 
98 	memcpy(wdata->queue.outq[wdata->queue.head].data, buffer, count);
99 	wdata->queue.outq[wdata->queue.head].size = count;
100 	newhead = (wdata->queue.head + 1) % WIIMOTE_BUFSIZE;
101 
102 	if (wdata->queue.head == wdata->queue.tail) {
103 		wdata->queue.head = newhead;
104 		schedule_work(&wdata->queue.worker);
105 	} else if (newhead != wdata->queue.tail) {
106 		wdata->queue.head = newhead;
107 	} else {
108 		hid_warn(wdata->hdev, "Output queue is full");
109 		goto out_error;
110 	}
111 
112 	goto out_unlock;
113 
114 out_error:
115 	wiimote_cmd_abort(wdata);
116 out_unlock:
117 	spin_unlock_irqrestore(&wdata->queue.lock, flags);
118 }
119 
120 /*
121  * This sets the rumble bit on the given output report if rumble is
122  * currently enabled.
123  * \cmd1 must point to the second byte in the output report => &cmd[1]
124  * This must be called on nearly every output report before passing it
125  * into the output queue!
126  */
wiiproto_keep_rumble(struct wiimote_data * wdata,__u8 * cmd1)127 static inline void wiiproto_keep_rumble(struct wiimote_data *wdata, __u8 *cmd1)
128 {
129 	if (wdata->state.flags & WIIPROTO_FLAG_RUMBLE)
130 		*cmd1 |= 0x01;
131 }
132 
wiiproto_req_rumble(struct wiimote_data * wdata,__u8 rumble)133 void wiiproto_req_rumble(struct wiimote_data *wdata, __u8 rumble)
134 {
135 	__u8 cmd[2];
136 
137 	rumble = !!rumble;
138 	if (rumble == !!(wdata->state.flags & WIIPROTO_FLAG_RUMBLE))
139 		return;
140 
141 	if (rumble)
142 		wdata->state.flags |= WIIPROTO_FLAG_RUMBLE;
143 	else
144 		wdata->state.flags &= ~WIIPROTO_FLAG_RUMBLE;
145 
146 	cmd[0] = WIIPROTO_REQ_RUMBLE;
147 	cmd[1] = 0;
148 
149 	wiiproto_keep_rumble(wdata, &cmd[1]);
150 	wiimote_queue(wdata, cmd, sizeof(cmd));
151 }
152 
wiiproto_req_leds(struct wiimote_data * wdata,int leds)153 void wiiproto_req_leds(struct wiimote_data *wdata, int leds)
154 {
155 	__u8 cmd[2];
156 
157 	leds &= WIIPROTO_FLAGS_LEDS;
158 	if ((wdata->state.flags & WIIPROTO_FLAGS_LEDS) == leds)
159 		return;
160 	wdata->state.flags = (wdata->state.flags & ~WIIPROTO_FLAGS_LEDS) | leds;
161 
162 	cmd[0] = WIIPROTO_REQ_LED;
163 	cmd[1] = 0;
164 
165 	if (leds & WIIPROTO_FLAG_LED1)
166 		cmd[1] |= 0x10;
167 	if (leds & WIIPROTO_FLAG_LED2)
168 		cmd[1] |= 0x20;
169 	if (leds & WIIPROTO_FLAG_LED3)
170 		cmd[1] |= 0x40;
171 	if (leds & WIIPROTO_FLAG_LED4)
172 		cmd[1] |= 0x80;
173 
174 	wiiproto_keep_rumble(wdata, &cmd[1]);
175 	wiimote_queue(wdata, cmd, sizeof(cmd));
176 }
177 
178 /*
179  * Check what peripherals of the wiimote are currently
180  * active and select a proper DRM that supports all of
181  * the requested data inputs.
182  *
183  * Not all combinations are actually supported. The following
184  * combinations work only with limitations:
185  *  - IR cam in extended or full mode disables any data transmission
186  *    of extension controllers. There is no DRM mode that supports
187  *    extension bytes plus extended/full IR.
188  *  - IR cam with accelerometer and extension *_EXT8 is not supported.
189  *    However, all extensions that need *_EXT8 are devices that don't
190  *    support IR cameras. Hence, this shouldn't happen under normal
191  *    operation.
192  *  - *_EXT16 is only supported in combination with buttons and
193  *    accelerometer. No IR or similar can be active simultaneously. As
194  *    above, all modules that require it are mutually exclusive with
195  *    IR/etc. so this doesn't matter.
196  */
select_drm(struct wiimote_data * wdata)197 static __u8 select_drm(struct wiimote_data *wdata)
198 {
199 	__u8 ir = wdata->state.flags & WIIPROTO_FLAGS_IR;
200 	bool ext;
201 
202 	ext = (wdata->state.flags & WIIPROTO_FLAG_EXT_USED) ||
203 	      (wdata->state.flags & WIIPROTO_FLAG_MP_USED);
204 
205 	/* some 3rd-party balance-boards are hard-coded to KEE, *sigh* */
206 	if (wdata->state.devtype == WIIMOTE_DEV_BALANCE_BOARD) {
207 		if (ext)
208 			return WIIPROTO_REQ_DRM_KEE;
209 		else
210 			return WIIPROTO_REQ_DRM_K;
211 	}
212 
213 	if (ir == WIIPROTO_FLAG_IR_BASIC) {
214 		if (wdata->state.flags & WIIPROTO_FLAG_ACCEL) {
215 			/* GEN10 and ealier devices bind IR formats to DRMs.
216 			 * Hence, we cannot use DRM_KAI here as it might be
217 			 * bound to IR_EXT. Use DRM_KAIE unconditionally so we
218 			 * work with all devices and our parsers can use the
219 			 * fixed formats, too. */
220 			return WIIPROTO_REQ_DRM_KAIE;
221 		} else {
222 			return WIIPROTO_REQ_DRM_KIE;
223 		}
224 	} else if (ir == WIIPROTO_FLAG_IR_EXT) {
225 		return WIIPROTO_REQ_DRM_KAI;
226 	} else if (ir == WIIPROTO_FLAG_IR_FULL) {
227 		return WIIPROTO_REQ_DRM_SKAI1;
228 	} else {
229 		if (wdata->state.flags & WIIPROTO_FLAG_ACCEL) {
230 			if (ext)
231 				return WIIPROTO_REQ_DRM_KAE;
232 			else
233 				return WIIPROTO_REQ_DRM_KA;
234 		} else {
235 			if (ext)
236 				return WIIPROTO_REQ_DRM_KEE;
237 			else
238 				return WIIPROTO_REQ_DRM_K;
239 		}
240 	}
241 }
242 
wiiproto_req_drm(struct wiimote_data * wdata,__u8 drm)243 void wiiproto_req_drm(struct wiimote_data *wdata, __u8 drm)
244 {
245 	__u8 cmd[3];
246 
247 	if (wdata->state.flags & WIIPROTO_FLAG_DRM_LOCKED)
248 		drm = wdata->state.drm;
249 	else if (drm == WIIPROTO_REQ_NULL)
250 		drm = select_drm(wdata);
251 
252 	cmd[0] = WIIPROTO_REQ_DRM;
253 	cmd[1] = 0;
254 	cmd[2] = drm;
255 
256 	wdata->state.drm = drm;
257 	wiiproto_keep_rumble(wdata, &cmd[1]);
258 	wiimote_queue(wdata, cmd, sizeof(cmd));
259 }
260 
wiiproto_req_status(struct wiimote_data * wdata)261 void wiiproto_req_status(struct wiimote_data *wdata)
262 {
263 	__u8 cmd[2];
264 
265 	cmd[0] = WIIPROTO_REQ_SREQ;
266 	cmd[1] = 0;
267 
268 	wiiproto_keep_rumble(wdata, &cmd[1]);
269 	wiimote_queue(wdata, cmd, sizeof(cmd));
270 }
271 
wiiproto_req_accel(struct wiimote_data * wdata,__u8 accel)272 void wiiproto_req_accel(struct wiimote_data *wdata, __u8 accel)
273 {
274 	accel = !!accel;
275 	if (accel == !!(wdata->state.flags & WIIPROTO_FLAG_ACCEL))
276 		return;
277 
278 	if (accel)
279 		wdata->state.flags |= WIIPROTO_FLAG_ACCEL;
280 	else
281 		wdata->state.flags &= ~WIIPROTO_FLAG_ACCEL;
282 
283 	wiiproto_req_drm(wdata, WIIPROTO_REQ_NULL);
284 }
285 
wiiproto_req_ir1(struct wiimote_data * wdata,__u8 flags)286 void wiiproto_req_ir1(struct wiimote_data *wdata, __u8 flags)
287 {
288 	__u8 cmd[2];
289 
290 	cmd[0] = WIIPROTO_REQ_IR1;
291 	cmd[1] = flags;
292 
293 	wiiproto_keep_rumble(wdata, &cmd[1]);
294 	wiimote_queue(wdata, cmd, sizeof(cmd));
295 }
296 
wiiproto_req_ir2(struct wiimote_data * wdata,__u8 flags)297 void wiiproto_req_ir2(struct wiimote_data *wdata, __u8 flags)
298 {
299 	__u8 cmd[2];
300 
301 	cmd[0] = WIIPROTO_REQ_IR2;
302 	cmd[1] = flags;
303 
304 	wiiproto_keep_rumble(wdata, &cmd[1]);
305 	wiimote_queue(wdata, cmd, sizeof(cmd));
306 }
307 
308 #define wiiproto_req_wreg(wdata, os, buf, sz) \
309 			wiiproto_req_wmem((wdata), false, (os), (buf), (sz))
310 
311 #define wiiproto_req_weeprom(wdata, os, buf, sz) \
312 			wiiproto_req_wmem((wdata), true, (os), (buf), (sz))
313 
wiiproto_req_wmem(struct wiimote_data * wdata,bool eeprom,__u32 offset,const __u8 * buf,__u8 size)314 static void wiiproto_req_wmem(struct wiimote_data *wdata, bool eeprom,
315 				__u32 offset, const __u8 *buf, __u8 size)
316 {
317 	__u8 cmd[22];
318 
319 	if (size > 16 || size == 0) {
320 		hid_warn(wdata->hdev, "Invalid length %d wmem request\n", size);
321 		return;
322 	}
323 
324 	memset(cmd, 0, sizeof(cmd));
325 	cmd[0] = WIIPROTO_REQ_WMEM;
326 	cmd[2] = (offset >> 16) & 0xff;
327 	cmd[3] = (offset >> 8) & 0xff;
328 	cmd[4] = offset & 0xff;
329 	cmd[5] = size;
330 	memcpy(&cmd[6], buf, size);
331 
332 	if (!eeprom)
333 		cmd[1] |= 0x04;
334 
335 	wiiproto_keep_rumble(wdata, &cmd[1]);
336 	wiimote_queue(wdata, cmd, sizeof(cmd));
337 }
338 
wiiproto_req_rmem(struct wiimote_data * wdata,bool eeprom,__u32 offset,__u16 size)339 void wiiproto_req_rmem(struct wiimote_data *wdata, bool eeprom, __u32 offset,
340 								__u16 size)
341 {
342 	__u8 cmd[7];
343 
344 	if (size == 0) {
345 		hid_warn(wdata->hdev, "Invalid length %d rmem request\n", size);
346 		return;
347 	}
348 
349 	cmd[0] = WIIPROTO_REQ_RMEM;
350 	cmd[1] = 0;
351 	cmd[2] = (offset >> 16) & 0xff;
352 	cmd[3] = (offset >> 8) & 0xff;
353 	cmd[4] = offset & 0xff;
354 	cmd[5] = (size >> 8) & 0xff;
355 	cmd[6] = size & 0xff;
356 
357 	if (!eeprom)
358 		cmd[1] |= 0x04;
359 
360 	wiiproto_keep_rumble(wdata, &cmd[1]);
361 	wiimote_queue(wdata, cmd, sizeof(cmd));
362 }
363 
364 /* requries the cmd-mutex to be held */
wiimote_cmd_write(struct wiimote_data * wdata,__u32 offset,const __u8 * wmem,__u8 size)365 int wiimote_cmd_write(struct wiimote_data *wdata, __u32 offset,
366 						const __u8 *wmem, __u8 size)
367 {
368 	unsigned long flags;
369 	int ret;
370 
371 	spin_lock_irqsave(&wdata->state.lock, flags);
372 	wiimote_cmd_set(wdata, WIIPROTO_REQ_WMEM, 0);
373 	wiiproto_req_wreg(wdata, offset, wmem, size);
374 	spin_unlock_irqrestore(&wdata->state.lock, flags);
375 
376 	ret = wiimote_cmd_wait(wdata);
377 	if (!ret && wdata->state.cmd_err)
378 		ret = -EIO;
379 
380 	return ret;
381 }
382 
383 /* requries the cmd-mutex to be held */
wiimote_cmd_read(struct wiimote_data * wdata,__u32 offset,__u8 * rmem,__u8 size)384 ssize_t wiimote_cmd_read(struct wiimote_data *wdata, __u32 offset, __u8 *rmem,
385 								__u8 size)
386 {
387 	unsigned long flags;
388 	ssize_t ret;
389 
390 	spin_lock_irqsave(&wdata->state.lock, flags);
391 	wdata->state.cmd_read_size = size;
392 	wdata->state.cmd_read_buf = rmem;
393 	wiimote_cmd_set(wdata, WIIPROTO_REQ_RMEM, offset & 0xffff);
394 	wiiproto_req_rreg(wdata, offset, size);
395 	spin_unlock_irqrestore(&wdata->state.lock, flags);
396 
397 	ret = wiimote_cmd_wait(wdata);
398 
399 	spin_lock_irqsave(&wdata->state.lock, flags);
400 	wdata->state.cmd_read_buf = NULL;
401 	spin_unlock_irqrestore(&wdata->state.lock, flags);
402 
403 	if (!ret) {
404 		if (wdata->state.cmd_read_size == 0)
405 			ret = -EIO;
406 		else
407 			ret = wdata->state.cmd_read_size;
408 	}
409 
410 	return ret;
411 }
412 
413 /* requires the cmd-mutex to be held */
wiimote_cmd_init_ext(struct wiimote_data * wdata)414 static int wiimote_cmd_init_ext(struct wiimote_data *wdata)
415 {
416 	__u8 wmem;
417 	int ret;
418 
419 	/* initialize extension */
420 	wmem = 0x55;
421 	ret = wiimote_cmd_write(wdata, 0xa400f0, &wmem, sizeof(wmem));
422 	if (ret)
423 		return ret;
424 
425 	/* disable default encryption */
426 	wmem = 0x0;
427 	ret = wiimote_cmd_write(wdata, 0xa400fb, &wmem, sizeof(wmem));
428 	if (ret)
429 		return ret;
430 
431 	return 0;
432 }
433 
434 /* requires the cmd-mutex to be held */
wiimote_cmd_read_ext(struct wiimote_data * wdata,__u8 * rmem)435 static __u8 wiimote_cmd_read_ext(struct wiimote_data *wdata, __u8 *rmem)
436 {
437 	int ret;
438 
439 	/* read extension ID */
440 	ret = wiimote_cmd_read(wdata, 0xa400fa, rmem, 6);
441 	if (ret != 6)
442 		return WIIMOTE_EXT_NONE;
443 
444 	hid_dbg(wdata->hdev, "extension ID: %6phC\n", rmem);
445 
446 	if (rmem[0] == 0xff && rmem[1] == 0xff && rmem[2] == 0xff &&
447 	    rmem[3] == 0xff && rmem[4] == 0xff && rmem[5] == 0xff)
448 		return WIIMOTE_EXT_NONE;
449 
450 	if (rmem[4] == 0x00 && rmem[5] == 0x00)
451 		return WIIMOTE_EXT_NUNCHUK;
452 	if (rmem[4] == 0x01 && rmem[5] == 0x01)
453 		return WIIMOTE_EXT_CLASSIC_CONTROLLER;
454 	if (rmem[4] == 0x04 && rmem[5] == 0x02)
455 		return WIIMOTE_EXT_BALANCE_BOARD;
456 	if (rmem[4] == 0x01 && rmem[5] == 0x20)
457 		return WIIMOTE_EXT_PRO_CONTROLLER;
458 	if (rmem[0] == 0x01 && rmem[1] == 0x00 &&
459 	    rmem[4] == 0x01 && rmem[5] == 0x03)
460 		return WIIMOTE_EXT_DRUMS;
461 	if (rmem[0] == 0x00 && rmem[1] == 0x00 &&
462 	    rmem[4] == 0x01 && rmem[5] == 0x03)
463 		return WIIMOTE_EXT_GUITAR;
464 
465 	return WIIMOTE_EXT_UNKNOWN;
466 }
467 
468 /* requires the cmd-mutex to be held */
wiimote_cmd_init_mp(struct wiimote_data * wdata)469 static int wiimote_cmd_init_mp(struct wiimote_data *wdata)
470 {
471 	__u8 wmem;
472 	int ret;
473 
474 	/* initialize MP */
475 	wmem = 0x55;
476 	ret = wiimote_cmd_write(wdata, 0xa600f0, &wmem, sizeof(wmem));
477 	if (ret)
478 		return ret;
479 
480 	/* disable default encryption */
481 	wmem = 0x0;
482 	ret = wiimote_cmd_write(wdata, 0xa600fb, &wmem, sizeof(wmem));
483 	if (ret)
484 		return ret;
485 
486 	return 0;
487 }
488 
489 /* requires the cmd-mutex to be held */
wiimote_cmd_map_mp(struct wiimote_data * wdata,__u8 exttype)490 static bool wiimote_cmd_map_mp(struct wiimote_data *wdata, __u8 exttype)
491 {
492 	__u8 wmem;
493 
494 	/* map MP with correct pass-through mode */
495 	switch (exttype) {
496 	case WIIMOTE_EXT_CLASSIC_CONTROLLER:
497 	case WIIMOTE_EXT_DRUMS:
498 	case WIIMOTE_EXT_GUITAR:
499 		wmem = 0x07;
500 		break;
501 	case WIIMOTE_EXT_NUNCHUK:
502 		wmem = 0x05;
503 		break;
504 	default:
505 		wmem = 0x04;
506 		break;
507 	}
508 
509 	return wiimote_cmd_write(wdata, 0xa600fe, &wmem, sizeof(wmem));
510 }
511 
512 /* requires the cmd-mutex to be held */
wiimote_cmd_read_mp(struct wiimote_data * wdata,__u8 * rmem)513 static bool wiimote_cmd_read_mp(struct wiimote_data *wdata, __u8 *rmem)
514 {
515 	int ret;
516 
517 	/* read motion plus ID */
518 	ret = wiimote_cmd_read(wdata, 0xa600fa, rmem, 6);
519 	if (ret != 6)
520 		return false;
521 
522 	hid_dbg(wdata->hdev, "motion plus ID: %6phC\n", rmem);
523 
524 	if (rmem[5] == 0x05)
525 		return true;
526 
527 	hid_info(wdata->hdev, "unknown motion plus ID: %6phC\n", rmem);
528 
529 	return false;
530 }
531 
532 /* requires the cmd-mutex to be held */
wiimote_cmd_read_mp_mapped(struct wiimote_data * wdata)533 static __u8 wiimote_cmd_read_mp_mapped(struct wiimote_data *wdata)
534 {
535 	int ret;
536 	__u8 rmem[6];
537 
538 	/* read motion plus ID */
539 	ret = wiimote_cmd_read(wdata, 0xa400fa, rmem, 6);
540 	if (ret != 6)
541 		return WIIMOTE_MP_NONE;
542 
543 	hid_dbg(wdata->hdev, "mapped motion plus ID: %6phC\n", rmem);
544 
545 	if (rmem[0] == 0xff && rmem[1] == 0xff && rmem[2] == 0xff &&
546 	    rmem[3] == 0xff && rmem[4] == 0xff && rmem[5] == 0xff)
547 		return WIIMOTE_MP_NONE;
548 
549 	if (rmem[4] == 0x04 && rmem[5] == 0x05)
550 		return WIIMOTE_MP_SINGLE;
551 	else if (rmem[4] == 0x05 && rmem[5] == 0x05)
552 		return WIIMOTE_MP_PASSTHROUGH_NUNCHUK;
553 	else if (rmem[4] == 0x07 && rmem[5] == 0x05)
554 		return WIIMOTE_MP_PASSTHROUGH_CLASSIC;
555 
556 	return WIIMOTE_MP_UNKNOWN;
557 }
558 
559 /* device module handling */
560 
561 static const __u8 * const wiimote_devtype_mods[WIIMOTE_DEV_NUM] = {
562 	[WIIMOTE_DEV_PENDING] = (const __u8[]){
563 		WIIMOD_NULL,
564 	},
565 	[WIIMOTE_DEV_UNKNOWN] = (const __u8[]){
566 		WIIMOD_NO_MP,
567 		WIIMOD_NULL,
568 	},
569 	[WIIMOTE_DEV_GENERIC] = (const __u8[]){
570 		WIIMOD_KEYS,
571 		WIIMOD_RUMBLE,
572 		WIIMOD_BATTERY,
573 		WIIMOD_LED1,
574 		WIIMOD_LED2,
575 		WIIMOD_LED3,
576 		WIIMOD_LED4,
577 		WIIMOD_ACCEL,
578 		WIIMOD_IR,
579 		WIIMOD_NULL,
580 	},
581 	[WIIMOTE_DEV_GEN10] = (const __u8[]){
582 		WIIMOD_KEYS,
583 		WIIMOD_RUMBLE,
584 		WIIMOD_BATTERY,
585 		WIIMOD_LED1,
586 		WIIMOD_LED2,
587 		WIIMOD_LED3,
588 		WIIMOD_LED4,
589 		WIIMOD_ACCEL,
590 		WIIMOD_IR,
591 		WIIMOD_NULL,
592 	},
593 	[WIIMOTE_DEV_GEN20] = (const __u8[]){
594 		WIIMOD_KEYS,
595 		WIIMOD_RUMBLE,
596 		WIIMOD_BATTERY,
597 		WIIMOD_LED1,
598 		WIIMOD_LED2,
599 		WIIMOD_LED3,
600 		WIIMOD_LED4,
601 		WIIMOD_ACCEL,
602 		WIIMOD_IR,
603 		WIIMOD_BUILTIN_MP,
604 		WIIMOD_NULL,
605 	},
606 	[WIIMOTE_DEV_BALANCE_BOARD] = (const __u8[]) {
607 		WIIMOD_BATTERY,
608 		WIIMOD_LED1,
609 		WIIMOD_NO_MP,
610 		WIIMOD_NULL,
611 	},
612 	[WIIMOTE_DEV_PRO_CONTROLLER] = (const __u8[]) {
613 		WIIMOD_BATTERY,
614 		WIIMOD_LED1,
615 		WIIMOD_LED2,
616 		WIIMOD_LED3,
617 		WIIMOD_LED4,
618 		WIIMOD_NO_MP,
619 		WIIMOD_NULL,
620 	},
621 };
622 
wiimote_modules_load(struct wiimote_data * wdata,unsigned int devtype)623 static void wiimote_modules_load(struct wiimote_data *wdata,
624 				 unsigned int devtype)
625 {
626 	bool need_input = false;
627 	const __u8 *mods, *iter;
628 	const struct wiimod_ops *ops;
629 	int ret;
630 
631 	mods = wiimote_devtype_mods[devtype];
632 
633 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
634 		if (wiimod_table[*iter]->flags & WIIMOD_FLAG_INPUT) {
635 			need_input = true;
636 			break;
637 		}
638 	}
639 
640 	if (need_input) {
641 		wdata->input = input_allocate_device();
642 		if (!wdata->input)
643 			return;
644 
645 		input_set_drvdata(wdata->input, wdata);
646 		wdata->input->dev.parent = &wdata->hdev->dev;
647 		wdata->input->id.bustype = wdata->hdev->bus;
648 		wdata->input->id.vendor = wdata->hdev->vendor;
649 		wdata->input->id.product = wdata->hdev->product;
650 		wdata->input->id.version = wdata->hdev->version;
651 		wdata->input->name = WIIMOTE_NAME;
652 	}
653 
654 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
655 		ops = wiimod_table[*iter];
656 		if (!ops->probe)
657 			continue;
658 
659 		ret = ops->probe(ops, wdata);
660 		if (ret)
661 			goto error;
662 	}
663 
664 	if (wdata->input) {
665 		ret = input_register_device(wdata->input);
666 		if (ret)
667 			goto error;
668 	}
669 
670 	spin_lock_irq(&wdata->state.lock);
671 	wdata->state.devtype = devtype;
672 	spin_unlock_irq(&wdata->state.lock);
673 	return;
674 
675 error:
676 	for ( ; iter-- != mods; ) {
677 		ops = wiimod_table[*iter];
678 		if (ops->remove)
679 			ops->remove(ops, wdata);
680 	}
681 
682 	if (wdata->input) {
683 		input_free_device(wdata->input);
684 		wdata->input = NULL;
685 	}
686 }
687 
wiimote_modules_unload(struct wiimote_data * wdata)688 static void wiimote_modules_unload(struct wiimote_data *wdata)
689 {
690 	const __u8 *mods, *iter;
691 	const struct wiimod_ops *ops;
692 	unsigned long flags;
693 
694 	mods = wiimote_devtype_mods[wdata->state.devtype];
695 
696 	spin_lock_irqsave(&wdata->state.lock, flags);
697 	wdata->state.devtype = WIIMOTE_DEV_UNKNOWN;
698 	spin_unlock_irqrestore(&wdata->state.lock, flags);
699 
700 	/* find end of list */
701 	for (iter = mods; *iter != WIIMOD_NULL; ++iter)
702 		/* empty */ ;
703 
704 	if (wdata->input) {
705 		input_get_device(wdata->input);
706 		input_unregister_device(wdata->input);
707 	}
708 
709 	for ( ; iter-- != mods; ) {
710 		ops = wiimod_table[*iter];
711 		if (ops->remove)
712 			ops->remove(ops, wdata);
713 	}
714 
715 	if (wdata->input) {
716 		input_put_device(wdata->input);
717 		wdata->input = NULL;
718 	}
719 }
720 
721 /* device extension handling */
722 
wiimote_ext_load(struct wiimote_data * wdata,unsigned int ext)723 static void wiimote_ext_load(struct wiimote_data *wdata, unsigned int ext)
724 {
725 	unsigned long flags;
726 	const struct wiimod_ops *ops;
727 	int ret;
728 
729 	ops = wiimod_ext_table[ext];
730 
731 	if (ops->probe) {
732 		ret = ops->probe(ops, wdata);
733 		if (ret)
734 			ext = WIIMOTE_EXT_UNKNOWN;
735 	}
736 
737 	spin_lock_irqsave(&wdata->state.lock, flags);
738 	wdata->state.exttype = ext;
739 	spin_unlock_irqrestore(&wdata->state.lock, flags);
740 }
741 
wiimote_ext_unload(struct wiimote_data * wdata)742 static void wiimote_ext_unload(struct wiimote_data *wdata)
743 {
744 	unsigned long flags;
745 	const struct wiimod_ops *ops;
746 
747 	ops = wiimod_ext_table[wdata->state.exttype];
748 
749 	spin_lock_irqsave(&wdata->state.lock, flags);
750 	wdata->state.exttype = WIIMOTE_EXT_UNKNOWN;
751 	wdata->state.flags &= ~WIIPROTO_FLAG_EXT_USED;
752 	spin_unlock_irqrestore(&wdata->state.lock, flags);
753 
754 	if (ops->remove)
755 		ops->remove(ops, wdata);
756 }
757 
wiimote_mp_load(struct wiimote_data * wdata)758 static void wiimote_mp_load(struct wiimote_data *wdata)
759 {
760 	unsigned long flags;
761 	const struct wiimod_ops *ops;
762 	int ret;
763 	__u8 mode = 2;
764 
765 	ops = &wiimod_mp;
766 	if (ops->probe) {
767 		ret = ops->probe(ops, wdata);
768 		if (ret)
769 			mode = 1;
770 	}
771 
772 	spin_lock_irqsave(&wdata->state.lock, flags);
773 	wdata->state.mp = mode;
774 	spin_unlock_irqrestore(&wdata->state.lock, flags);
775 }
776 
wiimote_mp_unload(struct wiimote_data * wdata)777 static void wiimote_mp_unload(struct wiimote_data *wdata)
778 {
779 	unsigned long flags;
780 	const struct wiimod_ops *ops;
781 
782 	if (wdata->state.mp < 2)
783 		return;
784 
785 	ops = &wiimod_mp;
786 
787 	spin_lock_irqsave(&wdata->state.lock, flags);
788 	wdata->state.mp = 0;
789 	wdata->state.flags &= ~WIIPROTO_FLAG_MP_USED;
790 	spin_unlock_irqrestore(&wdata->state.lock, flags);
791 
792 	if (ops->remove)
793 		ops->remove(ops, wdata);
794 }
795 
796 /* device (re-)initialization and detection */
797 
798 static const char *wiimote_devtype_names[WIIMOTE_DEV_NUM] = {
799 	[WIIMOTE_DEV_PENDING] = "Pending",
800 	[WIIMOTE_DEV_UNKNOWN] = "Unknown",
801 	[WIIMOTE_DEV_GENERIC] = "Generic",
802 	[WIIMOTE_DEV_GEN10] = "Nintendo Wii Remote (Gen 1)",
803 	[WIIMOTE_DEV_GEN20] = "Nintendo Wii Remote Plus (Gen 2)",
804 	[WIIMOTE_DEV_BALANCE_BOARD] = "Nintendo Wii Balance Board",
805 	[WIIMOTE_DEV_PRO_CONTROLLER] = "Nintendo Wii U Pro Controller",
806 };
807 
808 /* Try to guess the device type based on all collected information. We
809  * first try to detect by static extension types, then VID/PID and the
810  * device name. If we cannot detect the device, we use
811  * WIIMOTE_DEV_GENERIC so all modules will get probed on the device. */
wiimote_init_set_type(struct wiimote_data * wdata,__u8 exttype)812 static void wiimote_init_set_type(struct wiimote_data *wdata,
813 				  __u8 exttype)
814 {
815 	__u8 devtype = WIIMOTE_DEV_GENERIC;
816 	__u16 vendor, product;
817 	const char *name;
818 
819 	vendor = wdata->hdev->vendor;
820 	product = wdata->hdev->product;
821 	name = wdata->hdev->name;
822 
823 	if (exttype == WIIMOTE_EXT_BALANCE_BOARD) {
824 		devtype = WIIMOTE_DEV_BALANCE_BOARD;
825 		goto done;
826 	} else if (exttype == WIIMOTE_EXT_PRO_CONTROLLER) {
827 		devtype = WIIMOTE_DEV_PRO_CONTROLLER;
828 		goto done;
829 	}
830 
831 	if (!strcmp(name, "Nintendo RVL-CNT-01")) {
832 		devtype = WIIMOTE_DEV_GEN10;
833 		goto done;
834 	} else if (!strcmp(name, "Nintendo RVL-CNT-01-TR")) {
835 		devtype = WIIMOTE_DEV_GEN20;
836 		goto done;
837 	} else if (!strcmp(name, "Nintendo RVL-WBC-01")) {
838 		devtype = WIIMOTE_DEV_BALANCE_BOARD;
839 		goto done;
840 	} else if (!strcmp(name, "Nintendo RVL-CNT-01-UC")) {
841 		devtype = WIIMOTE_DEV_PRO_CONTROLLER;
842 		goto done;
843 	}
844 
845 	if (vendor == USB_VENDOR_ID_NINTENDO) {
846 		if (product == USB_DEVICE_ID_NINTENDO_WIIMOTE) {
847 			devtype = WIIMOTE_DEV_GEN10;
848 			goto done;
849 		} else if (product == USB_DEVICE_ID_NINTENDO_WIIMOTE2) {
850 			devtype = WIIMOTE_DEV_GEN20;
851 			goto done;
852 		}
853 	}
854 
855 done:
856 	if (devtype == WIIMOTE_DEV_GENERIC)
857 		hid_info(wdata->hdev, "cannot detect device; NAME: %s VID: %04x PID: %04x EXT: %04x\n",
858 			name, vendor, product, exttype);
859 	else
860 		hid_info(wdata->hdev, "detected device: %s\n",
861 			 wiimote_devtype_names[devtype]);
862 
863 	wiimote_modules_load(wdata, devtype);
864 }
865 
wiimote_init_detect(struct wiimote_data * wdata)866 static void wiimote_init_detect(struct wiimote_data *wdata)
867 {
868 	__u8 exttype = WIIMOTE_EXT_NONE, extdata[6];
869 	bool ext;
870 	int ret;
871 
872 	wiimote_cmd_acquire_noint(wdata);
873 
874 	spin_lock_irq(&wdata->state.lock);
875 	wdata->state.devtype = WIIMOTE_DEV_UNKNOWN;
876 	wiimote_cmd_set(wdata, WIIPROTO_REQ_SREQ, 0);
877 	wiiproto_req_status(wdata);
878 	spin_unlock_irq(&wdata->state.lock);
879 
880 	ret = wiimote_cmd_wait_noint(wdata);
881 	if (ret)
882 		goto out_release;
883 
884 	spin_lock_irq(&wdata->state.lock);
885 	ext = wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED;
886 	spin_unlock_irq(&wdata->state.lock);
887 
888 	if (!ext)
889 		goto out_release;
890 
891 	wiimote_cmd_init_ext(wdata);
892 	exttype = wiimote_cmd_read_ext(wdata, extdata);
893 
894 out_release:
895 	wiimote_cmd_release(wdata);
896 	wiimote_init_set_type(wdata, exttype);
897 
898 	/* schedule MP timer */
899 	spin_lock_irq(&wdata->state.lock);
900 	if (!(wdata->state.flags & WIIPROTO_FLAG_BUILTIN_MP) &&
901 	    !(wdata->state.flags & WIIPROTO_FLAG_NO_MP))
902 		mod_timer(&wdata->timer, jiffies + HZ * 4);
903 	spin_unlock_irq(&wdata->state.lock);
904 }
905 
906 /*
907  * MP hotplug events are not generated by the wiimote. Therefore, we need
908  * polling to detect it. We use a 4s interval for polling MP registers. This
909  * seems reasonable considering applications can trigger it manually via
910  * sysfs requests.
911  */
wiimote_init_poll_mp(struct wiimote_data * wdata)912 static void wiimote_init_poll_mp(struct wiimote_data *wdata)
913 {
914 	bool mp;
915 	__u8 mpdata[6];
916 
917 	wiimote_cmd_acquire_noint(wdata);
918 	wiimote_cmd_init_mp(wdata);
919 	mp = wiimote_cmd_read_mp(wdata, mpdata);
920 	wiimote_cmd_release(wdata);
921 
922 	/* load/unload MP module if it changed */
923 	if (mp) {
924 		if (!wdata->state.mp) {
925 			hid_info(wdata->hdev, "detected extension: Nintendo Wii Motion Plus\n");
926 			wiimote_mp_load(wdata);
927 		}
928 	} else if (wdata->state.mp) {
929 		wiimote_mp_unload(wdata);
930 	}
931 
932 	mod_timer(&wdata->timer, jiffies + HZ * 4);
933 }
934 
935 /*
936  * Check whether the wiimote is in the expected state. The extension registers
937  * may change during hotplug and initialization so we might get hotplug events
938  * that we caused by remapping some memory.
939  * We use some heuristics here to check known states. If the wiimote is in the
940  * expected state, we can ignore the hotplug event.
941  *
942  * Returns "true" if the device is in expected state, "false" if we should
943  * redo hotplug handling and extension initialization.
944  */
wiimote_init_check(struct wiimote_data * wdata)945 static bool wiimote_init_check(struct wiimote_data *wdata)
946 {
947 	__u32 flags;
948 	__u8 type, data[6];
949 	bool ret, poll_mp;
950 
951 	spin_lock_irq(&wdata->state.lock);
952 	flags = wdata->state.flags;
953 	spin_unlock_irq(&wdata->state.lock);
954 
955 	wiimote_cmd_acquire_noint(wdata);
956 
957 	/* If MP is used and active, but the extension is not, we expect:
958 	 *   read_mp_mapped() == WIIMOTE_MP_SINGLE
959 	 *   state.flags == !EXT_ACTIVE && !MP_PLUGGED && MP_ACTIVE
960 	 * We do not check EXT_PLUGGED because it might change during
961 	 * initialization of MP without extensions.
962 	 *  - If MP is unplugged/replugged, read_mp_mapped() fails
963 	 *  - If EXT is plugged, MP_PLUGGED will get set */
964 	if (wdata->state.exttype == WIIMOTE_EXT_NONE &&
965 	    wdata->state.mp > 0 && (flags & WIIPROTO_FLAG_MP_USED)) {
966 		type = wiimote_cmd_read_mp_mapped(wdata);
967 		ret = type == WIIMOTE_MP_SINGLE;
968 
969 		spin_lock_irq(&wdata->state.lock);
970 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
971 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_MP_PLUGGED);
972 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
973 		spin_unlock_irq(&wdata->state.lock);
974 
975 		if (!ret)
976 			hid_dbg(wdata->hdev, "state left: !EXT && MP\n");
977 
978 		/* while MP is mapped, we get EXT_PLUGGED events */
979 		poll_mp = false;
980 
981 		goto out_release;
982 	}
983 
984 	/* If MP is unused, but the extension port is used, we expect:
985 	 *   read_ext == state.exttype
986 	 *   state.flags == !MP_ACTIVE && EXT_ACTIVE
987 	 * - If MP is plugged/unplugged, our timer detects it
988 	 * - If EXT is unplugged/replugged, EXT_ACTIVE will become unset */
989 	if (!(flags & WIIPROTO_FLAG_MP_USED) &&
990 	    wdata->state.exttype != WIIMOTE_EXT_NONE) {
991 		type = wiimote_cmd_read_ext(wdata, data);
992 		ret = type == wdata->state.exttype;
993 
994 		spin_lock_irq(&wdata->state.lock);
995 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
996 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
997 		spin_unlock_irq(&wdata->state.lock);
998 
999 		if (!ret)
1000 			hid_dbg(wdata->hdev, "state left: EXT && !MP\n");
1001 
1002 		/* poll MP for hotplug events */
1003 		poll_mp = true;
1004 
1005 		goto out_release;
1006 	}
1007 
1008 	/* If neither MP nor an extension are used, we expect:
1009 	 *   read_ext() == WIIMOTE_EXT_NONE
1010 	 *   state.flags == !MP_ACTIVE && !EXT_ACTIVE && !EXT_PLUGGED
1011 	 * No need to perform any action in this case as everything is
1012 	 * disabled already.
1013 	 * - If MP is plugged/unplugged, our timer detects it
1014 	 * - If EXT is plugged, EXT_PLUGGED will be set */
1015 	if (!(flags & WIIPROTO_FLAG_MP_USED) &&
1016 	    wdata->state.exttype == WIIMOTE_EXT_NONE) {
1017 		type = wiimote_cmd_read_ext(wdata, data);
1018 		ret = type == wdata->state.exttype;
1019 
1020 		spin_lock_irq(&wdata->state.lock);
1021 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
1022 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
1023 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED);
1024 		spin_unlock_irq(&wdata->state.lock);
1025 
1026 		if (!ret)
1027 			hid_dbg(wdata->hdev, "state left: !EXT && !MP\n");
1028 
1029 		/* poll MP for hotplug events */
1030 		poll_mp = true;
1031 
1032 		goto out_release;
1033 	}
1034 
1035 	/* The trickiest part is if both EXT and MP are active. We cannot read
1036 	 * the EXT ID, anymore, because MP is mapped over it. However, we use
1037 	 * a handy trick here:
1038 	 *   - EXT_ACTIVE is unset whenever !MP_PLUGGED is sent
1039 	 * MP_PLUGGED might be re-sent again before we are scheduled, but
1040 	 * EXT_ACTIVE will stay unset.
1041 	 * So it is enough to check for mp_mapped() and MP_ACTIVE and
1042 	 * EXT_ACTIVE. EXT_PLUGGED is a sanity check. */
1043 	if (wdata->state.exttype != WIIMOTE_EXT_NONE &&
1044 	    wdata->state.mp > 0 && (flags & WIIPROTO_FLAG_MP_USED)) {
1045 		type = wiimote_cmd_read_mp_mapped(wdata);
1046 		ret = type != WIIMOTE_MP_NONE;
1047 		ret = ret && type != WIIMOTE_MP_UNKNOWN;
1048 		ret = ret && type != WIIMOTE_MP_SINGLE;
1049 
1050 		spin_lock_irq(&wdata->state.lock);
1051 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED);
1052 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
1053 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
1054 		spin_unlock_irq(&wdata->state.lock);
1055 
1056 		if (!ret)
1057 			hid_dbg(wdata->hdev, "state left: EXT && MP\n");
1058 
1059 		/* while MP is mapped, we get EXT_PLUGGED events */
1060 		poll_mp = false;
1061 
1062 		goto out_release;
1063 	}
1064 
1065 	/* unknown state */
1066 	ret = false;
1067 
1068 out_release:
1069 	wiimote_cmd_release(wdata);
1070 
1071 	/* only poll for MP if requested and if state didn't change */
1072 	if (ret && poll_mp && !(flags & WIIPROTO_FLAG_BUILTIN_MP) &&
1073 	    !(flags & WIIPROTO_FLAG_NO_MP))
1074 		wiimote_init_poll_mp(wdata);
1075 
1076 	return ret;
1077 }
1078 
1079 static const char *wiimote_exttype_names[WIIMOTE_EXT_NUM] = {
1080 	[WIIMOTE_EXT_NONE] = "None",
1081 	[WIIMOTE_EXT_UNKNOWN] = "Unknown",
1082 	[WIIMOTE_EXT_NUNCHUK] = "Nintendo Wii Nunchuk",
1083 	[WIIMOTE_EXT_CLASSIC_CONTROLLER] = "Nintendo Wii Classic Controller",
1084 	[WIIMOTE_EXT_BALANCE_BOARD] = "Nintendo Wii Balance Board",
1085 	[WIIMOTE_EXT_PRO_CONTROLLER] = "Nintendo Wii U Pro Controller",
1086 	[WIIMOTE_EXT_DRUMS] = "Nintendo Wii Drums",
1087 	[WIIMOTE_EXT_GUITAR] = "Nintendo Wii Guitar",
1088 };
1089 
1090 /*
1091  * Handle hotplug events
1092  * If we receive an hotplug event and the device-check failed, we deinitialize
1093  * the extension ports, re-read all extension IDs and set the device into
1094  * the desired state. This involves mapping MP into the main extension
1095  * registers, setting up extension passthrough modes and initializing the
1096  * requested extensions.
1097  */
wiimote_init_hotplug(struct wiimote_data * wdata)1098 static void wiimote_init_hotplug(struct wiimote_data *wdata)
1099 {
1100 	__u8 exttype, extdata[6], mpdata[6];
1101 	__u32 flags;
1102 	bool mp;
1103 
1104 	hid_dbg(wdata->hdev, "detect extensions..\n");
1105 
1106 	wiimote_cmd_acquire_noint(wdata);
1107 
1108 	spin_lock_irq(&wdata->state.lock);
1109 
1110 	/* get state snapshot that we will then work on */
1111 	flags = wdata->state.flags;
1112 
1113 	/* disable event forwarding temporarily */
1114 	wdata->state.flags &= ~WIIPROTO_FLAG_EXT_ACTIVE;
1115 	wdata->state.flags &= ~WIIPROTO_FLAG_MP_ACTIVE;
1116 
1117 	spin_unlock_irq(&wdata->state.lock);
1118 
1119 	/* init extension and MP (deactivates current extension or MP) */
1120 	wiimote_cmd_init_ext(wdata);
1121 	if (flags & WIIPROTO_FLAG_NO_MP) {
1122 		mp = false;
1123 	} else {
1124 		wiimote_cmd_init_mp(wdata);
1125 		mp = wiimote_cmd_read_mp(wdata, mpdata);
1126 	}
1127 	exttype = wiimote_cmd_read_ext(wdata, extdata);
1128 
1129 	wiimote_cmd_release(wdata);
1130 
1131 	/* load/unload extension module if it changed */
1132 	if (exttype != wdata->state.exttype) {
1133 		/* unload previous extension */
1134 		wiimote_ext_unload(wdata);
1135 
1136 		if (exttype == WIIMOTE_EXT_UNKNOWN) {
1137 			hid_info(wdata->hdev, "cannot detect extension; %6phC\n",
1138 				 extdata);
1139 		} else if (exttype == WIIMOTE_EXT_NONE) {
1140 			spin_lock_irq(&wdata->state.lock);
1141 			wdata->state.exttype = WIIMOTE_EXT_NONE;
1142 			spin_unlock_irq(&wdata->state.lock);
1143 		} else {
1144 			hid_info(wdata->hdev, "detected extension: %s\n",
1145 				 wiimote_exttype_names[exttype]);
1146 			/* try loading new extension */
1147 			wiimote_ext_load(wdata, exttype);
1148 		}
1149 	}
1150 
1151 	/* load/unload MP module if it changed */
1152 	if (mp) {
1153 		if (!wdata->state.mp) {
1154 			hid_info(wdata->hdev, "detected extension: Nintendo Wii Motion Plus\n");
1155 			wiimote_mp_load(wdata);
1156 		}
1157 	} else if (wdata->state.mp) {
1158 		wiimote_mp_unload(wdata);
1159 	}
1160 
1161 	/* if MP is not used, do not map or activate it */
1162 	if (!(flags & WIIPROTO_FLAG_MP_USED))
1163 		mp = false;
1164 
1165 	/* map MP into main extension registers if used */
1166 	if (mp) {
1167 		wiimote_cmd_acquire_noint(wdata);
1168 		wiimote_cmd_map_mp(wdata, exttype);
1169 		wiimote_cmd_release(wdata);
1170 
1171 		/* delete MP hotplug timer */
1172 		del_timer_sync(&wdata->timer);
1173 	} else {
1174 		/* reschedule MP hotplug timer */
1175 		if (!(flags & WIIPROTO_FLAG_BUILTIN_MP) &&
1176 		    !(flags & WIIPROTO_FLAG_NO_MP))
1177 			mod_timer(&wdata->timer, jiffies + HZ * 4);
1178 	}
1179 
1180 	spin_lock_irq(&wdata->state.lock);
1181 
1182 	/* enable data forwarding again and set expected hotplug state */
1183 	if (mp) {
1184 		wdata->state.flags |= WIIPROTO_FLAG_MP_ACTIVE;
1185 		if (wdata->state.exttype == WIIMOTE_EXT_NONE) {
1186 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_PLUGGED;
1187 			wdata->state.flags &= ~WIIPROTO_FLAG_MP_PLUGGED;
1188 		} else {
1189 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_PLUGGED;
1190 			wdata->state.flags |= WIIPROTO_FLAG_MP_PLUGGED;
1191 			wdata->state.flags |= WIIPROTO_FLAG_EXT_ACTIVE;
1192 		}
1193 	} else if (wdata->state.exttype != WIIMOTE_EXT_NONE) {
1194 		wdata->state.flags |= WIIPROTO_FLAG_EXT_ACTIVE;
1195 	}
1196 
1197 	/* request status report for hotplug state updates */
1198 	wiiproto_req_status(wdata);
1199 
1200 	spin_unlock_irq(&wdata->state.lock);
1201 
1202 	hid_dbg(wdata->hdev, "detected extensions: MP: %d EXT: %d\n",
1203 		wdata->state.mp, wdata->state.exttype);
1204 }
1205 
wiimote_init_worker(struct work_struct * work)1206 static void wiimote_init_worker(struct work_struct *work)
1207 {
1208 	struct wiimote_data *wdata = container_of(work, struct wiimote_data,
1209 						  init_worker);
1210 	bool changed = false;
1211 
1212 	if (wdata->state.devtype == WIIMOTE_DEV_PENDING) {
1213 		wiimote_init_detect(wdata);
1214 		changed = true;
1215 	}
1216 
1217 	if (changed || !wiimote_init_check(wdata))
1218 		wiimote_init_hotplug(wdata);
1219 
1220 	if (changed)
1221 		kobject_uevent(&wdata->hdev->dev.kobj, KOBJ_CHANGE);
1222 }
1223 
__wiimote_schedule(struct wiimote_data * wdata)1224 void __wiimote_schedule(struct wiimote_data *wdata)
1225 {
1226 	if (!(wdata->state.flags & WIIPROTO_FLAG_EXITING))
1227 		schedule_work(&wdata->init_worker);
1228 }
1229 
wiimote_schedule(struct wiimote_data * wdata)1230 static void wiimote_schedule(struct wiimote_data *wdata)
1231 {
1232 	unsigned long flags;
1233 
1234 	spin_lock_irqsave(&wdata->state.lock, flags);
1235 	__wiimote_schedule(wdata);
1236 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1237 }
1238 
wiimote_init_timeout(struct timer_list * t)1239 static void wiimote_init_timeout(struct timer_list *t)
1240 {
1241 	struct wiimote_data *wdata = from_timer(wdata, t, timer);
1242 
1243 	wiimote_schedule(wdata);
1244 }
1245 
1246 /* protocol handlers */
1247 
handler_keys(struct wiimote_data * wdata,const __u8 * payload)1248 static void handler_keys(struct wiimote_data *wdata, const __u8 *payload)
1249 {
1250 	const __u8 *iter, *mods;
1251 	const struct wiimod_ops *ops;
1252 
1253 	ops = wiimod_ext_table[wdata->state.exttype];
1254 	if (ops->in_keys) {
1255 		ops->in_keys(wdata, payload);
1256 		return;
1257 	}
1258 
1259 	mods = wiimote_devtype_mods[wdata->state.devtype];
1260 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1261 		ops = wiimod_table[*iter];
1262 		if (ops->in_keys) {
1263 			ops->in_keys(wdata, payload);
1264 			break;
1265 		}
1266 	}
1267 }
1268 
handler_accel(struct wiimote_data * wdata,const __u8 * payload)1269 static void handler_accel(struct wiimote_data *wdata, const __u8 *payload)
1270 {
1271 	const __u8 *iter, *mods;
1272 	const struct wiimod_ops *ops;
1273 
1274 	ops = wiimod_ext_table[wdata->state.exttype];
1275 	if (ops->in_accel) {
1276 		ops->in_accel(wdata, payload);
1277 		return;
1278 	}
1279 
1280 	mods = wiimote_devtype_mods[wdata->state.devtype];
1281 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1282 		ops = wiimod_table[*iter];
1283 		if (ops->in_accel) {
1284 			ops->in_accel(wdata, payload);
1285 			break;
1286 		}
1287 	}
1288 }
1289 
valid_ext_handler(const struct wiimod_ops * ops,size_t len)1290 static bool valid_ext_handler(const struct wiimod_ops *ops, size_t len)
1291 {
1292 	if (!ops->in_ext)
1293 		return false;
1294 	if ((ops->flags & WIIMOD_FLAG_EXT8) && len < 8)
1295 		return false;
1296 	if ((ops->flags & WIIMOD_FLAG_EXT16) && len < 16)
1297 		return false;
1298 
1299 	return true;
1300 }
1301 
handler_ext(struct wiimote_data * wdata,const __u8 * payload,size_t len)1302 static void handler_ext(struct wiimote_data *wdata, const __u8 *payload,
1303 			size_t len)
1304 {
1305 	static const __u8 invalid[21] = { 0xff, 0xff, 0xff, 0xff,
1306 					  0xff, 0xff, 0xff, 0xff,
1307 					  0xff, 0xff, 0xff, 0xff,
1308 					  0xff, 0xff, 0xff, 0xff,
1309 					  0xff, 0xff, 0xff, 0xff,
1310 					  0xff };
1311 	const __u8 *iter, *mods;
1312 	const struct wiimod_ops *ops;
1313 	bool is_mp;
1314 
1315 	if (len > 21)
1316 		len = 21;
1317 	if (len < 6 || !memcmp(payload, invalid, len))
1318 		return;
1319 
1320 	/* if MP is active, track MP slot hotplugging */
1321 	if (wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE) {
1322 		/* this bit is set for invalid events (eg. during hotplug) */
1323 		if (payload[5] & 0x01)
1324 			return;
1325 
1326 		if (payload[4] & 0x01) {
1327 			if (!(wdata->state.flags & WIIPROTO_FLAG_MP_PLUGGED)) {
1328 				hid_dbg(wdata->hdev, "MP hotplug: 1\n");
1329 				wdata->state.flags |= WIIPROTO_FLAG_MP_PLUGGED;
1330 				__wiimote_schedule(wdata);
1331 			}
1332 		} else {
1333 			if (wdata->state.flags & WIIPROTO_FLAG_MP_PLUGGED) {
1334 				hid_dbg(wdata->hdev, "MP hotplug: 0\n");
1335 				wdata->state.flags &= ~WIIPROTO_FLAG_MP_PLUGGED;
1336 				wdata->state.flags &= ~WIIPROTO_FLAG_EXT_ACTIVE;
1337 				__wiimote_schedule(wdata);
1338 			}
1339 		}
1340 
1341 		/* detect MP data that is sent interleaved with EXT data */
1342 		is_mp = payload[5] & 0x02;
1343 	} else {
1344 		is_mp = false;
1345 	}
1346 
1347 	/* ignore EXT events if no extension is active */
1348 	if (!(wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE) && !is_mp)
1349 		return;
1350 
1351 	/* try forwarding to extension handler, first */
1352 	ops = wiimod_ext_table[wdata->state.exttype];
1353 	if (is_mp && ops->in_mp) {
1354 		ops->in_mp(wdata, payload);
1355 		return;
1356 	} else if (!is_mp && valid_ext_handler(ops, len)) {
1357 		ops->in_ext(wdata, payload);
1358 		return;
1359 	}
1360 
1361 	/* try forwarding to MP handler */
1362 	ops = &wiimod_mp;
1363 	if (is_mp && ops->in_mp) {
1364 		ops->in_mp(wdata, payload);
1365 		return;
1366 	} else if (!is_mp && valid_ext_handler(ops, len)) {
1367 		ops->in_ext(wdata, payload);
1368 		return;
1369 	}
1370 
1371 	/* try forwarding to loaded modules */
1372 	mods = wiimote_devtype_mods[wdata->state.devtype];
1373 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1374 		ops = wiimod_table[*iter];
1375 		if (is_mp && ops->in_mp) {
1376 			ops->in_mp(wdata, payload);
1377 			return;
1378 		} else if (!is_mp && valid_ext_handler(ops, len)) {
1379 			ops->in_ext(wdata, payload);
1380 			return;
1381 		}
1382 	}
1383 }
1384 
1385 #define ir_to_input0(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 0)
1386 #define ir_to_input1(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 1)
1387 #define ir_to_input2(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 2)
1388 #define ir_to_input3(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 3)
1389 
handler_ir(struct wiimote_data * wdata,const __u8 * payload,bool packed,unsigned int id)1390 static void handler_ir(struct wiimote_data *wdata, const __u8 *payload,
1391 		       bool packed, unsigned int id)
1392 {
1393 	const __u8 *iter, *mods;
1394 	const struct wiimod_ops *ops;
1395 
1396 	ops = wiimod_ext_table[wdata->state.exttype];
1397 	if (ops->in_ir) {
1398 		ops->in_ir(wdata, payload, packed, id);
1399 		return;
1400 	}
1401 
1402 	mods = wiimote_devtype_mods[wdata->state.devtype];
1403 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1404 		ops = wiimod_table[*iter];
1405 		if (ops->in_ir) {
1406 			ops->in_ir(wdata, payload, packed, id);
1407 			break;
1408 		}
1409 	}
1410 }
1411 
1412 /* reduced status report with "BB BB" key data only */
handler_status_K(struct wiimote_data * wdata,const __u8 * payload)1413 static void handler_status_K(struct wiimote_data *wdata,
1414 			     const __u8 *payload)
1415 {
1416 	handler_keys(wdata, payload);
1417 
1418 	/* on status reports the drm is reset so we need to resend the drm */
1419 	wiiproto_req_drm(wdata, WIIPROTO_REQ_NULL);
1420 }
1421 
1422 /* extended status report with "BB BB LF 00 00 VV" data */
handler_status(struct wiimote_data * wdata,const __u8 * payload)1423 static void handler_status(struct wiimote_data *wdata, const __u8 *payload)
1424 {
1425 	handler_status_K(wdata, payload);
1426 
1427 	/* update extension status */
1428 	if (payload[2] & 0x02) {
1429 		if (!(wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED)) {
1430 			hid_dbg(wdata->hdev, "EXT hotplug: 1\n");
1431 			wdata->state.flags |= WIIPROTO_FLAG_EXT_PLUGGED;
1432 			__wiimote_schedule(wdata);
1433 		}
1434 	} else {
1435 		if (wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED) {
1436 			hid_dbg(wdata->hdev, "EXT hotplug: 0\n");
1437 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_PLUGGED;
1438 			wdata->state.flags &= ~WIIPROTO_FLAG_MP_PLUGGED;
1439 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_ACTIVE;
1440 			wdata->state.flags &= ~WIIPROTO_FLAG_MP_ACTIVE;
1441 			__wiimote_schedule(wdata);
1442 		}
1443 	}
1444 
1445 	wdata->state.cmd_battery = payload[5];
1446 	if (wiimote_cmd_pending(wdata, WIIPROTO_REQ_SREQ, 0))
1447 		wiimote_cmd_complete(wdata);
1448 }
1449 
1450 /* reduced generic report with "BB BB" key data only */
handler_generic_K(struct wiimote_data * wdata,const __u8 * payload)1451 static void handler_generic_K(struct wiimote_data *wdata, const __u8 *payload)
1452 {
1453 	handler_keys(wdata, payload);
1454 }
1455 
handler_data(struct wiimote_data * wdata,const __u8 * payload)1456 static void handler_data(struct wiimote_data *wdata, const __u8 *payload)
1457 {
1458 	__u16 offset = payload[3] << 8 | payload[4];
1459 	__u8 size = (payload[2] >> 4) + 1;
1460 	__u8 err = payload[2] & 0x0f;
1461 
1462 	handler_keys(wdata, payload);
1463 
1464 	if (wiimote_cmd_pending(wdata, WIIPROTO_REQ_RMEM, offset)) {
1465 		if (err)
1466 			size = 0;
1467 		else if (size > wdata->state.cmd_read_size)
1468 			size = wdata->state.cmd_read_size;
1469 
1470 		wdata->state.cmd_read_size = size;
1471 		if (wdata->state.cmd_read_buf)
1472 			memcpy(wdata->state.cmd_read_buf, &payload[5], size);
1473 		wiimote_cmd_complete(wdata);
1474 	}
1475 }
1476 
handler_return(struct wiimote_data * wdata,const __u8 * payload)1477 static void handler_return(struct wiimote_data *wdata, const __u8 *payload)
1478 {
1479 	__u8 err = payload[3];
1480 	__u8 cmd = payload[2];
1481 
1482 	handler_keys(wdata, payload);
1483 
1484 	if (wiimote_cmd_pending(wdata, cmd, 0)) {
1485 		wdata->state.cmd_err = err;
1486 		wiimote_cmd_complete(wdata);
1487 	} else if (err) {
1488 		hid_warn(wdata->hdev, "Remote error %hhu on req %hhu\n", err,
1489 									cmd);
1490 	}
1491 }
1492 
handler_drm_KA(struct wiimote_data * wdata,const __u8 * payload)1493 static void handler_drm_KA(struct wiimote_data *wdata, const __u8 *payload)
1494 {
1495 	handler_keys(wdata, payload);
1496 	handler_accel(wdata, payload);
1497 }
1498 
handler_drm_KE(struct wiimote_data * wdata,const __u8 * payload)1499 static void handler_drm_KE(struct wiimote_data *wdata, const __u8 *payload)
1500 {
1501 	handler_keys(wdata, payload);
1502 	handler_ext(wdata, &payload[2], 8);
1503 }
1504 
handler_drm_KAI(struct wiimote_data * wdata,const __u8 * payload)1505 static void handler_drm_KAI(struct wiimote_data *wdata, const __u8 *payload)
1506 {
1507 	handler_keys(wdata, payload);
1508 	handler_accel(wdata, payload);
1509 	ir_to_input0(wdata, &payload[5], false);
1510 	ir_to_input1(wdata, &payload[8], false);
1511 	ir_to_input2(wdata, &payload[11], false);
1512 	ir_to_input3(wdata, &payload[14], false);
1513 }
1514 
handler_drm_KEE(struct wiimote_data * wdata,const __u8 * payload)1515 static void handler_drm_KEE(struct wiimote_data *wdata, const __u8 *payload)
1516 {
1517 	handler_keys(wdata, payload);
1518 	handler_ext(wdata, &payload[2], 19);
1519 }
1520 
handler_drm_KIE(struct wiimote_data * wdata,const __u8 * payload)1521 static void handler_drm_KIE(struct wiimote_data *wdata, const __u8 *payload)
1522 {
1523 	handler_keys(wdata, payload);
1524 	ir_to_input0(wdata, &payload[2], false);
1525 	ir_to_input1(wdata, &payload[4], true);
1526 	ir_to_input2(wdata, &payload[7], false);
1527 	ir_to_input3(wdata, &payload[9], true);
1528 	handler_ext(wdata, &payload[12], 9);
1529 }
1530 
handler_drm_KAE(struct wiimote_data * wdata,const __u8 * payload)1531 static void handler_drm_KAE(struct wiimote_data *wdata, const __u8 *payload)
1532 {
1533 	handler_keys(wdata, payload);
1534 	handler_accel(wdata, payload);
1535 	handler_ext(wdata, &payload[5], 16);
1536 }
1537 
handler_drm_KAIE(struct wiimote_data * wdata,const __u8 * payload)1538 static void handler_drm_KAIE(struct wiimote_data *wdata, const __u8 *payload)
1539 {
1540 	handler_keys(wdata, payload);
1541 	handler_accel(wdata, payload);
1542 	ir_to_input0(wdata, &payload[5], false);
1543 	ir_to_input1(wdata, &payload[7], true);
1544 	ir_to_input2(wdata, &payload[10], false);
1545 	ir_to_input3(wdata, &payload[12], true);
1546 	handler_ext(wdata, &payload[15], 6);
1547 }
1548 
handler_drm_E(struct wiimote_data * wdata,const __u8 * payload)1549 static void handler_drm_E(struct wiimote_data *wdata, const __u8 *payload)
1550 {
1551 	handler_ext(wdata, payload, 21);
1552 }
1553 
handler_drm_SKAI1(struct wiimote_data * wdata,const __u8 * payload)1554 static void handler_drm_SKAI1(struct wiimote_data *wdata, const __u8 *payload)
1555 {
1556 	handler_keys(wdata, payload);
1557 
1558 	wdata->state.accel_split[0] = payload[2];
1559 	wdata->state.accel_split[1] = (payload[0] >> 1) & (0x10 | 0x20);
1560 	wdata->state.accel_split[1] |= (payload[1] << 1) & (0x40 | 0x80);
1561 
1562 	ir_to_input0(wdata, &payload[3], false);
1563 	ir_to_input1(wdata, &payload[12], false);
1564 }
1565 
handler_drm_SKAI2(struct wiimote_data * wdata,const __u8 * payload)1566 static void handler_drm_SKAI2(struct wiimote_data *wdata, const __u8 *payload)
1567 {
1568 	__u8 buf[5];
1569 
1570 	handler_keys(wdata, payload);
1571 
1572 	wdata->state.accel_split[1] |= (payload[0] >> 5) & (0x01 | 0x02);
1573 	wdata->state.accel_split[1] |= (payload[1] >> 3) & (0x04 | 0x08);
1574 
1575 	buf[0] = 0;
1576 	buf[1] = 0;
1577 	buf[2] = wdata->state.accel_split[0];
1578 	buf[3] = payload[2];
1579 	buf[4] = wdata->state.accel_split[1];
1580 	handler_accel(wdata, buf);
1581 
1582 	ir_to_input2(wdata, &payload[3], false);
1583 	ir_to_input3(wdata, &payload[12], false);
1584 }
1585 
1586 struct wiiproto_handler {
1587 	__u8 id;
1588 	size_t size;
1589 	void (*func)(struct wiimote_data *wdata, const __u8 *payload);
1590 };
1591 
1592 static struct wiiproto_handler handlers[] = {
1593 	{ .id = WIIPROTO_REQ_STATUS, .size = 6, .func = handler_status },
1594 	{ .id = WIIPROTO_REQ_STATUS, .size = 2, .func = handler_status_K },
1595 	{ .id = WIIPROTO_REQ_DATA, .size = 21, .func = handler_data },
1596 	{ .id = WIIPROTO_REQ_DATA, .size = 2, .func = handler_generic_K },
1597 	{ .id = WIIPROTO_REQ_RETURN, .size = 4, .func = handler_return },
1598 	{ .id = WIIPROTO_REQ_RETURN, .size = 2, .func = handler_generic_K },
1599 	{ .id = WIIPROTO_REQ_DRM_K, .size = 2, .func = handler_keys },
1600 	{ .id = WIIPROTO_REQ_DRM_KA, .size = 5, .func = handler_drm_KA },
1601 	{ .id = WIIPROTO_REQ_DRM_KA, .size = 2, .func = handler_generic_K },
1602 	{ .id = WIIPROTO_REQ_DRM_KE, .size = 10, .func = handler_drm_KE },
1603 	{ .id = WIIPROTO_REQ_DRM_KE, .size = 2, .func = handler_generic_K },
1604 	{ .id = WIIPROTO_REQ_DRM_KAI, .size = 17, .func = handler_drm_KAI },
1605 	{ .id = WIIPROTO_REQ_DRM_KAI, .size = 2, .func = handler_generic_K },
1606 	{ .id = WIIPROTO_REQ_DRM_KEE, .size = 21, .func = handler_drm_KEE },
1607 	{ .id = WIIPROTO_REQ_DRM_KEE, .size = 2, .func = handler_generic_K },
1608 	{ .id = WIIPROTO_REQ_DRM_KAE, .size = 21, .func = handler_drm_KAE },
1609 	{ .id = WIIPROTO_REQ_DRM_KAE, .size = 2, .func = handler_generic_K },
1610 	{ .id = WIIPROTO_REQ_DRM_KIE, .size = 21, .func = handler_drm_KIE },
1611 	{ .id = WIIPROTO_REQ_DRM_KIE, .size = 2, .func = handler_generic_K },
1612 	{ .id = WIIPROTO_REQ_DRM_KAIE, .size = 21, .func = handler_drm_KAIE },
1613 	{ .id = WIIPROTO_REQ_DRM_KAIE, .size = 2, .func = handler_generic_K },
1614 	{ .id = WIIPROTO_REQ_DRM_E, .size = 21, .func = handler_drm_E },
1615 	{ .id = WIIPROTO_REQ_DRM_SKAI1, .size = 21, .func = handler_drm_SKAI1 },
1616 	{ .id = WIIPROTO_REQ_DRM_SKAI2, .size = 21, .func = handler_drm_SKAI2 },
1617 	{ .id = 0 }
1618 };
1619 
wiimote_hid_event(struct hid_device * hdev,struct hid_report * report,u8 * raw_data,int size)1620 static int wiimote_hid_event(struct hid_device *hdev, struct hid_report *report,
1621 							u8 *raw_data, int size)
1622 {
1623 	struct wiimote_data *wdata = hid_get_drvdata(hdev);
1624 	struct wiiproto_handler *h;
1625 	int i;
1626 	unsigned long flags;
1627 
1628 	if (size < 1)
1629 		return -EINVAL;
1630 
1631 	spin_lock_irqsave(&wdata->state.lock, flags);
1632 
1633 	for (i = 0; handlers[i].id; ++i) {
1634 		h = &handlers[i];
1635 		if (h->id == raw_data[0] && h->size < size) {
1636 			h->func(wdata, &raw_data[1]);
1637 			break;
1638 		}
1639 	}
1640 
1641 	if (!handlers[i].id)
1642 		hid_warn(hdev, "Unhandled report %hhu size %d\n", raw_data[0],
1643 									size);
1644 
1645 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1646 
1647 	return 0;
1648 }
1649 
wiimote_ext_show(struct device * dev,struct device_attribute * attr,char * buf)1650 static ssize_t wiimote_ext_show(struct device *dev,
1651 				struct device_attribute *attr,
1652 				char *buf)
1653 {
1654 	struct wiimote_data *wdata = dev_to_wii(dev);
1655 	__u8 type;
1656 	unsigned long flags;
1657 
1658 	spin_lock_irqsave(&wdata->state.lock, flags);
1659 	type = wdata->state.exttype;
1660 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1661 
1662 	switch (type) {
1663 	case WIIMOTE_EXT_NONE:
1664 		return sprintf(buf, "none\n");
1665 	case WIIMOTE_EXT_NUNCHUK:
1666 		return sprintf(buf, "nunchuk\n");
1667 	case WIIMOTE_EXT_CLASSIC_CONTROLLER:
1668 		return sprintf(buf, "classic\n");
1669 	case WIIMOTE_EXT_BALANCE_BOARD:
1670 		return sprintf(buf, "balanceboard\n");
1671 	case WIIMOTE_EXT_PRO_CONTROLLER:
1672 		return sprintf(buf, "procontroller\n");
1673 	case WIIMOTE_EXT_DRUMS:
1674 		return sprintf(buf, "drums\n");
1675 	case WIIMOTE_EXT_GUITAR:
1676 		return sprintf(buf, "guitar\n");
1677 	case WIIMOTE_EXT_UNKNOWN:
1678 		/* fallthrough */
1679 	default:
1680 		return sprintf(buf, "unknown\n");
1681 	}
1682 }
1683 
wiimote_ext_store(struct device * dev,struct device_attribute * attr,const char * buf,size_t count)1684 static ssize_t wiimote_ext_store(struct device *dev,
1685 				 struct device_attribute *attr,
1686 				 const char *buf, size_t count)
1687 {
1688 	struct wiimote_data *wdata = dev_to_wii(dev);
1689 
1690 	if (!strcmp(buf, "scan")) {
1691 		wiimote_schedule(wdata);
1692 	} else {
1693 		return -EINVAL;
1694 	}
1695 
1696 	return strnlen(buf, PAGE_SIZE);
1697 }
1698 
1699 static DEVICE_ATTR(extension, S_IRUGO | S_IWUSR | S_IWGRP, wiimote_ext_show,
1700 		   wiimote_ext_store);
1701 
wiimote_dev_show(struct device * dev,struct device_attribute * attr,char * buf)1702 static ssize_t wiimote_dev_show(struct device *dev,
1703 				struct device_attribute *attr,
1704 				char *buf)
1705 {
1706 	struct wiimote_data *wdata = dev_to_wii(dev);
1707 	__u8 type;
1708 	unsigned long flags;
1709 
1710 	spin_lock_irqsave(&wdata->state.lock, flags);
1711 	type = wdata->state.devtype;
1712 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1713 
1714 	switch (type) {
1715 	case WIIMOTE_DEV_GENERIC:
1716 		return sprintf(buf, "generic\n");
1717 	case WIIMOTE_DEV_GEN10:
1718 		return sprintf(buf, "gen10\n");
1719 	case WIIMOTE_DEV_GEN20:
1720 		return sprintf(buf, "gen20\n");
1721 	case WIIMOTE_DEV_BALANCE_BOARD:
1722 		return sprintf(buf, "balanceboard\n");
1723 	case WIIMOTE_DEV_PRO_CONTROLLER:
1724 		return sprintf(buf, "procontroller\n");
1725 	case WIIMOTE_DEV_PENDING:
1726 		return sprintf(buf, "pending\n");
1727 	case WIIMOTE_DEV_UNKNOWN:
1728 		/* fallthrough */
1729 	default:
1730 		return sprintf(buf, "unknown\n");
1731 	}
1732 }
1733 
1734 static DEVICE_ATTR(devtype, S_IRUGO, wiimote_dev_show, NULL);
1735 
wiimote_create(struct hid_device * hdev)1736 static struct wiimote_data *wiimote_create(struct hid_device *hdev)
1737 {
1738 	struct wiimote_data *wdata;
1739 
1740 	wdata = kzalloc(sizeof(*wdata), GFP_KERNEL);
1741 	if (!wdata)
1742 		return NULL;
1743 
1744 	wdata->hdev = hdev;
1745 	hid_set_drvdata(hdev, wdata);
1746 
1747 	spin_lock_init(&wdata->queue.lock);
1748 	INIT_WORK(&wdata->queue.worker, wiimote_queue_worker);
1749 
1750 	spin_lock_init(&wdata->state.lock);
1751 	init_completion(&wdata->state.ready);
1752 	mutex_init(&wdata->state.sync);
1753 	wdata->state.drm = WIIPROTO_REQ_DRM_K;
1754 	wdata->state.cmd_battery = 0xff;
1755 
1756 	INIT_WORK(&wdata->init_worker, wiimote_init_worker);
1757 	timer_setup(&wdata->timer, wiimote_init_timeout, 0);
1758 
1759 	return wdata;
1760 }
1761 
wiimote_destroy(struct wiimote_data * wdata)1762 static void wiimote_destroy(struct wiimote_data *wdata)
1763 {
1764 	unsigned long flags;
1765 
1766 	wiidebug_deinit(wdata);
1767 
1768 	/* prevent init_worker from being scheduled again */
1769 	spin_lock_irqsave(&wdata->state.lock, flags);
1770 	wdata->state.flags |= WIIPROTO_FLAG_EXITING;
1771 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1772 
1773 	cancel_work_sync(&wdata->init_worker);
1774 	del_timer_sync(&wdata->timer);
1775 
1776 	device_remove_file(&wdata->hdev->dev, &dev_attr_devtype);
1777 	device_remove_file(&wdata->hdev->dev, &dev_attr_extension);
1778 
1779 	wiimote_mp_unload(wdata);
1780 	wiimote_ext_unload(wdata);
1781 	wiimote_modules_unload(wdata);
1782 	cancel_work_sync(&wdata->queue.worker);
1783 	hid_hw_close(wdata->hdev);
1784 	hid_hw_stop(wdata->hdev);
1785 
1786 	kfree(wdata);
1787 }
1788 
wiimote_hid_probe(struct hid_device * hdev,const struct hid_device_id * id)1789 static int wiimote_hid_probe(struct hid_device *hdev,
1790 				const struct hid_device_id *id)
1791 {
1792 	struct wiimote_data *wdata;
1793 	int ret;
1794 
1795 	hdev->quirks |= HID_QUIRK_NO_INIT_REPORTS;
1796 
1797 	wdata = wiimote_create(hdev);
1798 	if (!wdata) {
1799 		hid_err(hdev, "Can't alloc device\n");
1800 		return -ENOMEM;
1801 	}
1802 
1803 	ret = hid_parse(hdev);
1804 	if (ret) {
1805 		hid_err(hdev, "HID parse failed\n");
1806 		goto err;
1807 	}
1808 
1809 	ret = hid_hw_start(hdev, HID_CONNECT_HIDRAW);
1810 	if (ret) {
1811 		hid_err(hdev, "HW start failed\n");
1812 		goto err;
1813 	}
1814 
1815 	ret = hid_hw_open(hdev);
1816 	if (ret) {
1817 		hid_err(hdev, "cannot start hardware I/O\n");
1818 		goto err_stop;
1819 	}
1820 
1821 	ret = device_create_file(&hdev->dev, &dev_attr_extension);
1822 	if (ret) {
1823 		hid_err(hdev, "cannot create sysfs attribute\n");
1824 		goto err_close;
1825 	}
1826 
1827 	ret = device_create_file(&hdev->dev, &dev_attr_devtype);
1828 	if (ret) {
1829 		hid_err(hdev, "cannot create sysfs attribute\n");
1830 		goto err_ext;
1831 	}
1832 
1833 	ret = wiidebug_init(wdata);
1834 	if (ret)
1835 		goto err_free;
1836 
1837 	hid_info(hdev, "New device registered\n");
1838 
1839 	/* schedule device detection */
1840 	wiimote_schedule(wdata);
1841 
1842 	return 0;
1843 
1844 err_free:
1845 	wiimote_destroy(wdata);
1846 	return ret;
1847 
1848 err_ext:
1849 	device_remove_file(&wdata->hdev->dev, &dev_attr_extension);
1850 err_close:
1851 	hid_hw_close(hdev);
1852 err_stop:
1853 	hid_hw_stop(hdev);
1854 err:
1855 	input_free_device(wdata->ir);
1856 	input_free_device(wdata->accel);
1857 	kfree(wdata);
1858 	return ret;
1859 }
1860 
wiimote_hid_remove(struct hid_device * hdev)1861 static void wiimote_hid_remove(struct hid_device *hdev)
1862 {
1863 	struct wiimote_data *wdata = hid_get_drvdata(hdev);
1864 
1865 	hid_info(hdev, "Device removed\n");
1866 	wiimote_destroy(wdata);
1867 }
1868 
1869 static const struct hid_device_id wiimote_hid_devices[] = {
1870 	{ HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_NINTENDO,
1871 				USB_DEVICE_ID_NINTENDO_WIIMOTE) },
1872 	{ HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_NINTENDO,
1873 				USB_DEVICE_ID_NINTENDO_WIIMOTE2) },
1874 	{ }
1875 };
1876 MODULE_DEVICE_TABLE(hid, wiimote_hid_devices);
1877 
1878 static struct hid_driver wiimote_hid_driver = {
1879 	.name = "wiimote",
1880 	.id_table = wiimote_hid_devices,
1881 	.probe = wiimote_hid_probe,
1882 	.remove = wiimote_hid_remove,
1883 	.raw_event = wiimote_hid_event,
1884 };
1885 module_hid_driver(wiimote_hid_driver);
1886 
1887 MODULE_LICENSE("GPL");
1888 MODULE_AUTHOR("David Herrmann <dh.herrmann@gmail.com>");
1889 MODULE_DESCRIPTION("Driver for Nintendo Wii / Wii U peripherals");
1890