1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * HID driver for Nintendo Wii / Wii U peripherals
4  * Copyright (c) 2011-2013 David Herrmann <dh.herrmann@gmail.com>
5  */
6 
7 /*
8  */
9 
10 #include <linux/completion.h>
11 #include <linux/device.h>
12 #include <linux/hid.h>
13 #include <linux/input.h>
14 #include <linux/module.h>
15 #include <linux/mutex.h>
16 #include <linux/spinlock.h>
17 #include "hid-ids.h"
18 #include "hid-wiimote.h"
19 
20 /* output queue handling */
21 
wiimote_hid_send(struct hid_device * hdev,__u8 * buffer,size_t count)22 static int wiimote_hid_send(struct hid_device *hdev, __u8 *buffer,
23 			    size_t count)
24 {
25 	__u8 *buf;
26 	int ret;
27 
28 	if (!hdev->ll_driver->output_report)
29 		return -ENODEV;
30 
31 	buf = kmemdup(buffer, count, GFP_KERNEL);
32 	if (!buf)
33 		return -ENOMEM;
34 
35 	ret = hid_hw_output_report(hdev, buf, count);
36 
37 	kfree(buf);
38 	return ret;
39 }
40 
wiimote_queue_worker(struct work_struct * work)41 static void wiimote_queue_worker(struct work_struct *work)
42 {
43 	struct wiimote_queue *queue = container_of(work, struct wiimote_queue,
44 						   worker);
45 	struct wiimote_data *wdata = container_of(queue, struct wiimote_data,
46 						  queue);
47 	unsigned long flags;
48 	int ret;
49 
50 	spin_lock_irqsave(&wdata->queue.lock, flags);
51 
52 	while (wdata->queue.head != wdata->queue.tail) {
53 		spin_unlock_irqrestore(&wdata->queue.lock, flags);
54 		ret = wiimote_hid_send(wdata->hdev,
55 				 wdata->queue.outq[wdata->queue.tail].data,
56 				 wdata->queue.outq[wdata->queue.tail].size);
57 		if (ret < 0) {
58 			spin_lock_irqsave(&wdata->state.lock, flags);
59 			wiimote_cmd_abort(wdata);
60 			spin_unlock_irqrestore(&wdata->state.lock, flags);
61 		}
62 		spin_lock_irqsave(&wdata->queue.lock, flags);
63 
64 		wdata->queue.tail = (wdata->queue.tail + 1) % WIIMOTE_BUFSIZE;
65 	}
66 
67 	spin_unlock_irqrestore(&wdata->queue.lock, flags);
68 }
69 
wiimote_queue(struct wiimote_data * wdata,const __u8 * buffer,size_t count)70 static void wiimote_queue(struct wiimote_data *wdata, const __u8 *buffer,
71 								size_t count)
72 {
73 	unsigned long flags;
74 	__u8 newhead;
75 
76 	if (count > HID_MAX_BUFFER_SIZE) {
77 		hid_warn(wdata->hdev, "Sending too large output report\n");
78 
79 		spin_lock_irqsave(&wdata->queue.lock, flags);
80 		goto out_error;
81 	}
82 
83 	/*
84 	 * Copy new request into our output queue and check whether the
85 	 * queue is full. If it is full, discard this request.
86 	 * If it is empty we need to start a new worker that will
87 	 * send out the buffer to the hid device.
88 	 * If the queue is not empty, then there must be a worker
89 	 * that is currently sending out our buffer and this worker
90 	 * will reschedule itself until the queue is empty.
91 	 */
92 
93 	spin_lock_irqsave(&wdata->queue.lock, flags);
94 
95 	memcpy(wdata->queue.outq[wdata->queue.head].data, buffer, count);
96 	wdata->queue.outq[wdata->queue.head].size = count;
97 	newhead = (wdata->queue.head + 1) % WIIMOTE_BUFSIZE;
98 
99 	if (wdata->queue.head == wdata->queue.tail) {
100 		wdata->queue.head = newhead;
101 		schedule_work(&wdata->queue.worker);
102 	} else if (newhead != wdata->queue.tail) {
103 		wdata->queue.head = newhead;
104 	} else {
105 		hid_warn(wdata->hdev, "Output queue is full");
106 		goto out_error;
107 	}
108 
109 	goto out_unlock;
110 
111 out_error:
112 	wiimote_cmd_abort(wdata);
113 out_unlock:
114 	spin_unlock_irqrestore(&wdata->queue.lock, flags);
115 }
116 
117 /*
118  * This sets the rumble bit on the given output report if rumble is
119  * currently enabled.
120  * \cmd1 must point to the second byte in the output report => &cmd[1]
121  * This must be called on nearly every output report before passing it
122  * into the output queue!
123  */
wiiproto_keep_rumble(struct wiimote_data * wdata,__u8 * cmd1)124 static inline void wiiproto_keep_rumble(struct wiimote_data *wdata, __u8 *cmd1)
125 {
126 	if (wdata->state.flags & WIIPROTO_FLAG_RUMBLE)
127 		*cmd1 |= 0x01;
128 }
129 
wiiproto_req_rumble(struct wiimote_data * wdata,__u8 rumble)130 void wiiproto_req_rumble(struct wiimote_data *wdata, __u8 rumble)
131 {
132 	__u8 cmd[2];
133 
134 	rumble = !!rumble;
135 	if (rumble == !!(wdata->state.flags & WIIPROTO_FLAG_RUMBLE))
136 		return;
137 
138 	if (rumble)
139 		wdata->state.flags |= WIIPROTO_FLAG_RUMBLE;
140 	else
141 		wdata->state.flags &= ~WIIPROTO_FLAG_RUMBLE;
142 
143 	cmd[0] = WIIPROTO_REQ_RUMBLE;
144 	cmd[1] = 0;
145 
146 	wiiproto_keep_rumble(wdata, &cmd[1]);
147 	wiimote_queue(wdata, cmd, sizeof(cmd));
148 }
149 
wiiproto_req_leds(struct wiimote_data * wdata,int leds)150 void wiiproto_req_leds(struct wiimote_data *wdata, int leds)
151 {
152 	__u8 cmd[2];
153 
154 	leds &= WIIPROTO_FLAGS_LEDS;
155 	if ((wdata->state.flags & WIIPROTO_FLAGS_LEDS) == leds)
156 		return;
157 	wdata->state.flags = (wdata->state.flags & ~WIIPROTO_FLAGS_LEDS) | leds;
158 
159 	cmd[0] = WIIPROTO_REQ_LED;
160 	cmd[1] = 0;
161 
162 	if (leds & WIIPROTO_FLAG_LED1)
163 		cmd[1] |= 0x10;
164 	if (leds & WIIPROTO_FLAG_LED2)
165 		cmd[1] |= 0x20;
166 	if (leds & WIIPROTO_FLAG_LED3)
167 		cmd[1] |= 0x40;
168 	if (leds & WIIPROTO_FLAG_LED4)
169 		cmd[1] |= 0x80;
170 
171 	wiiproto_keep_rumble(wdata, &cmd[1]);
172 	wiimote_queue(wdata, cmd, sizeof(cmd));
173 }
174 
175 /*
176  * Check what peripherals of the wiimote are currently
177  * active and select a proper DRM that supports all of
178  * the requested data inputs.
179  *
180  * Not all combinations are actually supported. The following
181  * combinations work only with limitations:
182  *  - IR cam in extended or full mode disables any data transmission
183  *    of extension controllers. There is no DRM mode that supports
184  *    extension bytes plus extended/full IR.
185  *  - IR cam with accelerometer and extension *_EXT8 is not supported.
186  *    However, all extensions that need *_EXT8 are devices that don't
187  *    support IR cameras. Hence, this shouldn't happen under normal
188  *    operation.
189  *  - *_EXT16 is only supported in combination with buttons and
190  *    accelerometer. No IR or similar can be active simultaneously. As
191  *    above, all modules that require it are mutually exclusive with
192  *    IR/etc. so this doesn't matter.
193  */
select_drm(struct wiimote_data * wdata)194 static __u8 select_drm(struct wiimote_data *wdata)
195 {
196 	__u8 ir = wdata->state.flags & WIIPROTO_FLAGS_IR;
197 	bool ext;
198 
199 	ext = (wdata->state.flags & WIIPROTO_FLAG_EXT_USED) ||
200 	      (wdata->state.flags & WIIPROTO_FLAG_MP_USED);
201 
202 	/* some 3rd-party balance-boards are hard-coded to KEE, *sigh* */
203 	if (wdata->state.devtype == WIIMOTE_DEV_BALANCE_BOARD) {
204 		if (ext)
205 			return WIIPROTO_REQ_DRM_KEE;
206 		else
207 			return WIIPROTO_REQ_DRM_K;
208 	}
209 
210 	if (ir == WIIPROTO_FLAG_IR_BASIC) {
211 		if (wdata->state.flags & WIIPROTO_FLAG_ACCEL) {
212 			/* GEN10 and ealier devices bind IR formats to DRMs.
213 			 * Hence, we cannot use DRM_KAI here as it might be
214 			 * bound to IR_EXT. Use DRM_KAIE unconditionally so we
215 			 * work with all devices and our parsers can use the
216 			 * fixed formats, too. */
217 			return WIIPROTO_REQ_DRM_KAIE;
218 		} else {
219 			return WIIPROTO_REQ_DRM_KIE;
220 		}
221 	} else if (ir == WIIPROTO_FLAG_IR_EXT) {
222 		return WIIPROTO_REQ_DRM_KAI;
223 	} else if (ir == WIIPROTO_FLAG_IR_FULL) {
224 		return WIIPROTO_REQ_DRM_SKAI1;
225 	} else {
226 		if (wdata->state.flags & WIIPROTO_FLAG_ACCEL) {
227 			if (ext)
228 				return WIIPROTO_REQ_DRM_KAE;
229 			else
230 				return WIIPROTO_REQ_DRM_KA;
231 		} else {
232 			if (ext)
233 				return WIIPROTO_REQ_DRM_KEE;
234 			else
235 				return WIIPROTO_REQ_DRM_K;
236 		}
237 	}
238 }
239 
wiiproto_req_drm(struct wiimote_data * wdata,__u8 drm)240 void wiiproto_req_drm(struct wiimote_data *wdata, __u8 drm)
241 {
242 	__u8 cmd[3];
243 
244 	if (wdata->state.flags & WIIPROTO_FLAG_DRM_LOCKED)
245 		drm = wdata->state.drm;
246 	else if (drm == WIIPROTO_REQ_NULL)
247 		drm = select_drm(wdata);
248 
249 	cmd[0] = WIIPROTO_REQ_DRM;
250 	cmd[1] = 0;
251 	cmd[2] = drm;
252 
253 	wdata->state.drm = drm;
254 	wiiproto_keep_rumble(wdata, &cmd[1]);
255 	wiimote_queue(wdata, cmd, sizeof(cmd));
256 }
257 
wiiproto_req_status(struct wiimote_data * wdata)258 void wiiproto_req_status(struct wiimote_data *wdata)
259 {
260 	__u8 cmd[2];
261 
262 	cmd[0] = WIIPROTO_REQ_SREQ;
263 	cmd[1] = 0;
264 
265 	wiiproto_keep_rumble(wdata, &cmd[1]);
266 	wiimote_queue(wdata, cmd, sizeof(cmd));
267 }
268 
wiiproto_req_accel(struct wiimote_data * wdata,__u8 accel)269 void wiiproto_req_accel(struct wiimote_data *wdata, __u8 accel)
270 {
271 	accel = !!accel;
272 	if (accel == !!(wdata->state.flags & WIIPROTO_FLAG_ACCEL))
273 		return;
274 
275 	if (accel)
276 		wdata->state.flags |= WIIPROTO_FLAG_ACCEL;
277 	else
278 		wdata->state.flags &= ~WIIPROTO_FLAG_ACCEL;
279 
280 	wiiproto_req_drm(wdata, WIIPROTO_REQ_NULL);
281 }
282 
wiiproto_req_ir1(struct wiimote_data * wdata,__u8 flags)283 void wiiproto_req_ir1(struct wiimote_data *wdata, __u8 flags)
284 {
285 	__u8 cmd[2];
286 
287 	cmd[0] = WIIPROTO_REQ_IR1;
288 	cmd[1] = flags;
289 
290 	wiiproto_keep_rumble(wdata, &cmd[1]);
291 	wiimote_queue(wdata, cmd, sizeof(cmd));
292 }
293 
wiiproto_req_ir2(struct wiimote_data * wdata,__u8 flags)294 void wiiproto_req_ir2(struct wiimote_data *wdata, __u8 flags)
295 {
296 	__u8 cmd[2];
297 
298 	cmd[0] = WIIPROTO_REQ_IR2;
299 	cmd[1] = flags;
300 
301 	wiiproto_keep_rumble(wdata, &cmd[1]);
302 	wiimote_queue(wdata, cmd, sizeof(cmd));
303 }
304 
305 #define wiiproto_req_wreg(wdata, os, buf, sz) \
306 			wiiproto_req_wmem((wdata), false, (os), (buf), (sz))
307 
308 #define wiiproto_req_weeprom(wdata, os, buf, sz) \
309 			wiiproto_req_wmem((wdata), true, (os), (buf), (sz))
310 
wiiproto_req_wmem(struct wiimote_data * wdata,bool eeprom,__u32 offset,const __u8 * buf,__u8 size)311 static void wiiproto_req_wmem(struct wiimote_data *wdata, bool eeprom,
312 				__u32 offset, const __u8 *buf, __u8 size)
313 {
314 	__u8 cmd[22];
315 
316 	if (size > 16 || size == 0) {
317 		hid_warn(wdata->hdev, "Invalid length %d wmem request\n", size);
318 		return;
319 	}
320 
321 	memset(cmd, 0, sizeof(cmd));
322 	cmd[0] = WIIPROTO_REQ_WMEM;
323 	cmd[2] = (offset >> 16) & 0xff;
324 	cmd[3] = (offset >> 8) & 0xff;
325 	cmd[4] = offset & 0xff;
326 	cmd[5] = size;
327 	memcpy(&cmd[6], buf, size);
328 
329 	if (!eeprom)
330 		cmd[1] |= 0x04;
331 
332 	wiiproto_keep_rumble(wdata, &cmd[1]);
333 	wiimote_queue(wdata, cmd, sizeof(cmd));
334 }
335 
wiiproto_req_rmem(struct wiimote_data * wdata,bool eeprom,__u32 offset,__u16 size)336 void wiiproto_req_rmem(struct wiimote_data *wdata, bool eeprom, __u32 offset,
337 								__u16 size)
338 {
339 	__u8 cmd[7];
340 
341 	if (size == 0) {
342 		hid_warn(wdata->hdev, "Invalid length %d rmem request\n", size);
343 		return;
344 	}
345 
346 	cmd[0] = WIIPROTO_REQ_RMEM;
347 	cmd[1] = 0;
348 	cmd[2] = (offset >> 16) & 0xff;
349 	cmd[3] = (offset >> 8) & 0xff;
350 	cmd[4] = offset & 0xff;
351 	cmd[5] = (size >> 8) & 0xff;
352 	cmd[6] = size & 0xff;
353 
354 	if (!eeprom)
355 		cmd[1] |= 0x04;
356 
357 	wiiproto_keep_rumble(wdata, &cmd[1]);
358 	wiimote_queue(wdata, cmd, sizeof(cmd));
359 }
360 
361 /* requries the cmd-mutex to be held */
wiimote_cmd_write(struct wiimote_data * wdata,__u32 offset,const __u8 * wmem,__u8 size)362 int wiimote_cmd_write(struct wiimote_data *wdata, __u32 offset,
363 						const __u8 *wmem, __u8 size)
364 {
365 	unsigned long flags;
366 	int ret;
367 
368 	spin_lock_irqsave(&wdata->state.lock, flags);
369 	wiimote_cmd_set(wdata, WIIPROTO_REQ_WMEM, 0);
370 	wiiproto_req_wreg(wdata, offset, wmem, size);
371 	spin_unlock_irqrestore(&wdata->state.lock, flags);
372 
373 	ret = wiimote_cmd_wait(wdata);
374 	if (!ret && wdata->state.cmd_err)
375 		ret = -EIO;
376 
377 	return ret;
378 }
379 
380 /* requries the cmd-mutex to be held */
wiimote_cmd_read(struct wiimote_data * wdata,__u32 offset,__u8 * rmem,__u8 size)381 ssize_t wiimote_cmd_read(struct wiimote_data *wdata, __u32 offset, __u8 *rmem,
382 								__u8 size)
383 {
384 	unsigned long flags;
385 	ssize_t ret;
386 
387 	spin_lock_irqsave(&wdata->state.lock, flags);
388 	wdata->state.cmd_read_size = size;
389 	wdata->state.cmd_read_buf = rmem;
390 	wiimote_cmd_set(wdata, WIIPROTO_REQ_RMEM, offset & 0xffff);
391 	wiiproto_req_rreg(wdata, offset, size);
392 	spin_unlock_irqrestore(&wdata->state.lock, flags);
393 
394 	ret = wiimote_cmd_wait(wdata);
395 
396 	spin_lock_irqsave(&wdata->state.lock, flags);
397 	wdata->state.cmd_read_buf = NULL;
398 	spin_unlock_irqrestore(&wdata->state.lock, flags);
399 
400 	if (!ret) {
401 		if (wdata->state.cmd_read_size == 0)
402 			ret = -EIO;
403 		else
404 			ret = wdata->state.cmd_read_size;
405 	}
406 
407 	return ret;
408 }
409 
410 /* requires the cmd-mutex to be held */
wiimote_cmd_init_ext(struct wiimote_data * wdata)411 static int wiimote_cmd_init_ext(struct wiimote_data *wdata)
412 {
413 	__u8 wmem;
414 	int ret;
415 
416 	/* initialize extension */
417 	wmem = 0x55;
418 	ret = wiimote_cmd_write(wdata, 0xa400f0, &wmem, sizeof(wmem));
419 	if (ret)
420 		return ret;
421 
422 	/* disable default encryption */
423 	wmem = 0x0;
424 	ret = wiimote_cmd_write(wdata, 0xa400fb, &wmem, sizeof(wmem));
425 	if (ret)
426 		return ret;
427 
428 	return 0;
429 }
430 
431 /* requires the cmd-mutex to be held */
wiimote_cmd_read_ext(struct wiimote_data * wdata,__u8 * rmem)432 static __u8 wiimote_cmd_read_ext(struct wiimote_data *wdata, __u8 *rmem)
433 {
434 	int ret;
435 
436 	/* read extension ID */
437 	ret = wiimote_cmd_read(wdata, 0xa400fa, rmem, 6);
438 	if (ret != 6)
439 		return WIIMOTE_EXT_NONE;
440 
441 	hid_dbg(wdata->hdev, "extension ID: %6phC\n", rmem);
442 
443 	if (rmem[0] == 0xff && rmem[1] == 0xff && rmem[2] == 0xff &&
444 	    rmem[3] == 0xff && rmem[4] == 0xff && rmem[5] == 0xff)
445 		return WIIMOTE_EXT_NONE;
446 
447 	if (rmem[4] == 0x00 && rmem[5] == 0x00)
448 		return WIIMOTE_EXT_NUNCHUK;
449 	if (rmem[4] == 0x01 && rmem[5] == 0x01)
450 		return WIIMOTE_EXT_CLASSIC_CONTROLLER;
451 	if (rmem[4] == 0x04 && rmem[5] == 0x02)
452 		return WIIMOTE_EXT_BALANCE_BOARD;
453 	if (rmem[4] == 0x01 && rmem[5] == 0x20)
454 		return WIIMOTE_EXT_PRO_CONTROLLER;
455 	if (rmem[0] == 0x01 && rmem[1] == 0x00 &&
456 	    rmem[4] == 0x01 && rmem[5] == 0x03)
457 		return WIIMOTE_EXT_DRUMS;
458 	if (rmem[0] == 0x00 && rmem[1] == 0x00 &&
459 	    rmem[4] == 0x01 && rmem[5] == 0x03)
460 		return WIIMOTE_EXT_GUITAR;
461 
462 	return WIIMOTE_EXT_UNKNOWN;
463 }
464 
465 /* requires the cmd-mutex to be held */
wiimote_cmd_init_mp(struct wiimote_data * wdata)466 static int wiimote_cmd_init_mp(struct wiimote_data *wdata)
467 {
468 	__u8 wmem;
469 	int ret;
470 
471 	/* initialize MP */
472 	wmem = 0x55;
473 	ret = wiimote_cmd_write(wdata, 0xa600f0, &wmem, sizeof(wmem));
474 	if (ret)
475 		return ret;
476 
477 	/* disable default encryption */
478 	wmem = 0x0;
479 	ret = wiimote_cmd_write(wdata, 0xa600fb, &wmem, sizeof(wmem));
480 	if (ret)
481 		return ret;
482 
483 	return 0;
484 }
485 
486 /* requires the cmd-mutex to be held */
wiimote_cmd_map_mp(struct wiimote_data * wdata,__u8 exttype)487 static bool wiimote_cmd_map_mp(struct wiimote_data *wdata, __u8 exttype)
488 {
489 	__u8 wmem;
490 
491 	/* map MP with correct pass-through mode */
492 	switch (exttype) {
493 	case WIIMOTE_EXT_CLASSIC_CONTROLLER:
494 	case WIIMOTE_EXT_DRUMS:
495 	case WIIMOTE_EXT_GUITAR:
496 		wmem = 0x07;
497 		break;
498 	case WIIMOTE_EXT_NUNCHUK:
499 		wmem = 0x05;
500 		break;
501 	default:
502 		wmem = 0x04;
503 		break;
504 	}
505 
506 	return wiimote_cmd_write(wdata, 0xa600fe, &wmem, sizeof(wmem));
507 }
508 
509 /* requires the cmd-mutex to be held */
wiimote_cmd_read_mp(struct wiimote_data * wdata,__u8 * rmem)510 static bool wiimote_cmd_read_mp(struct wiimote_data *wdata, __u8 *rmem)
511 {
512 	int ret;
513 
514 	/* read motion plus ID */
515 	ret = wiimote_cmd_read(wdata, 0xa600fa, rmem, 6);
516 	if (ret != 6)
517 		return false;
518 
519 	hid_dbg(wdata->hdev, "motion plus ID: %6phC\n", rmem);
520 
521 	if (rmem[5] == 0x05)
522 		return true;
523 
524 	hid_info(wdata->hdev, "unknown motion plus ID: %6phC\n", rmem);
525 
526 	return false;
527 }
528 
529 /* requires the cmd-mutex to be held */
wiimote_cmd_read_mp_mapped(struct wiimote_data * wdata)530 static __u8 wiimote_cmd_read_mp_mapped(struct wiimote_data *wdata)
531 {
532 	int ret;
533 	__u8 rmem[6];
534 
535 	/* read motion plus ID */
536 	ret = wiimote_cmd_read(wdata, 0xa400fa, rmem, 6);
537 	if (ret != 6)
538 		return WIIMOTE_MP_NONE;
539 
540 	hid_dbg(wdata->hdev, "mapped motion plus ID: %6phC\n", rmem);
541 
542 	if (rmem[0] == 0xff && rmem[1] == 0xff && rmem[2] == 0xff &&
543 	    rmem[3] == 0xff && rmem[4] == 0xff && rmem[5] == 0xff)
544 		return WIIMOTE_MP_NONE;
545 
546 	if (rmem[4] == 0x04 && rmem[5] == 0x05)
547 		return WIIMOTE_MP_SINGLE;
548 	else if (rmem[4] == 0x05 && rmem[5] == 0x05)
549 		return WIIMOTE_MP_PASSTHROUGH_NUNCHUK;
550 	else if (rmem[4] == 0x07 && rmem[5] == 0x05)
551 		return WIIMOTE_MP_PASSTHROUGH_CLASSIC;
552 
553 	return WIIMOTE_MP_UNKNOWN;
554 }
555 
556 /* device module handling */
557 
558 static const __u8 * const wiimote_devtype_mods[WIIMOTE_DEV_NUM] = {
559 	[WIIMOTE_DEV_PENDING] = (const __u8[]){
560 		WIIMOD_NULL,
561 	},
562 	[WIIMOTE_DEV_UNKNOWN] = (const __u8[]){
563 		WIIMOD_NO_MP,
564 		WIIMOD_NULL,
565 	},
566 	[WIIMOTE_DEV_GENERIC] = (const __u8[]){
567 		WIIMOD_KEYS,
568 		WIIMOD_RUMBLE,
569 		WIIMOD_BATTERY,
570 		WIIMOD_LED1,
571 		WIIMOD_LED2,
572 		WIIMOD_LED3,
573 		WIIMOD_LED4,
574 		WIIMOD_ACCEL,
575 		WIIMOD_IR,
576 		WIIMOD_NULL,
577 	},
578 	[WIIMOTE_DEV_GEN10] = (const __u8[]){
579 		WIIMOD_KEYS,
580 		WIIMOD_RUMBLE,
581 		WIIMOD_BATTERY,
582 		WIIMOD_LED1,
583 		WIIMOD_LED2,
584 		WIIMOD_LED3,
585 		WIIMOD_LED4,
586 		WIIMOD_ACCEL,
587 		WIIMOD_IR,
588 		WIIMOD_NULL,
589 	},
590 	[WIIMOTE_DEV_GEN20] = (const __u8[]){
591 		WIIMOD_KEYS,
592 		WIIMOD_RUMBLE,
593 		WIIMOD_BATTERY,
594 		WIIMOD_LED1,
595 		WIIMOD_LED2,
596 		WIIMOD_LED3,
597 		WIIMOD_LED4,
598 		WIIMOD_ACCEL,
599 		WIIMOD_IR,
600 		WIIMOD_BUILTIN_MP,
601 		WIIMOD_NULL,
602 	},
603 	[WIIMOTE_DEV_BALANCE_BOARD] = (const __u8[]) {
604 		WIIMOD_BATTERY,
605 		WIIMOD_LED1,
606 		WIIMOD_NO_MP,
607 		WIIMOD_NULL,
608 	},
609 	[WIIMOTE_DEV_PRO_CONTROLLER] = (const __u8[]) {
610 		WIIMOD_BATTERY,
611 		WIIMOD_LED1,
612 		WIIMOD_LED2,
613 		WIIMOD_LED3,
614 		WIIMOD_LED4,
615 		WIIMOD_NO_MP,
616 		WIIMOD_NULL,
617 	},
618 };
619 
wiimote_modules_load(struct wiimote_data * wdata,unsigned int devtype)620 static void wiimote_modules_load(struct wiimote_data *wdata,
621 				 unsigned int devtype)
622 {
623 	bool need_input = false;
624 	const __u8 *mods, *iter;
625 	const struct wiimod_ops *ops;
626 	int ret;
627 
628 	mods = wiimote_devtype_mods[devtype];
629 
630 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
631 		if (wiimod_table[*iter]->flags & WIIMOD_FLAG_INPUT) {
632 			need_input = true;
633 			break;
634 		}
635 	}
636 
637 	if (need_input) {
638 		wdata->input = input_allocate_device();
639 		if (!wdata->input)
640 			return;
641 
642 		input_set_drvdata(wdata->input, wdata);
643 		wdata->input->dev.parent = &wdata->hdev->dev;
644 		wdata->input->id.bustype = wdata->hdev->bus;
645 		wdata->input->id.vendor = wdata->hdev->vendor;
646 		wdata->input->id.product = wdata->hdev->product;
647 		wdata->input->id.version = wdata->hdev->version;
648 		wdata->input->name = WIIMOTE_NAME;
649 	}
650 
651 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
652 		ops = wiimod_table[*iter];
653 		if (!ops->probe)
654 			continue;
655 
656 		ret = ops->probe(ops, wdata);
657 		if (ret)
658 			goto error;
659 	}
660 
661 	if (wdata->input) {
662 		ret = input_register_device(wdata->input);
663 		if (ret)
664 			goto error;
665 	}
666 
667 	spin_lock_irq(&wdata->state.lock);
668 	wdata->state.devtype = devtype;
669 	spin_unlock_irq(&wdata->state.lock);
670 	return;
671 
672 error:
673 	for ( ; iter-- != mods; ) {
674 		ops = wiimod_table[*iter];
675 		if (ops->remove)
676 			ops->remove(ops, wdata);
677 	}
678 
679 	if (wdata->input) {
680 		input_free_device(wdata->input);
681 		wdata->input = NULL;
682 	}
683 }
684 
wiimote_modules_unload(struct wiimote_data * wdata)685 static void wiimote_modules_unload(struct wiimote_data *wdata)
686 {
687 	const __u8 *mods, *iter;
688 	const struct wiimod_ops *ops;
689 	unsigned long flags;
690 
691 	mods = wiimote_devtype_mods[wdata->state.devtype];
692 
693 	spin_lock_irqsave(&wdata->state.lock, flags);
694 	wdata->state.devtype = WIIMOTE_DEV_UNKNOWN;
695 	spin_unlock_irqrestore(&wdata->state.lock, flags);
696 
697 	/* find end of list */
698 	for (iter = mods; *iter != WIIMOD_NULL; ++iter)
699 		/* empty */ ;
700 
701 	if (wdata->input) {
702 		input_get_device(wdata->input);
703 		input_unregister_device(wdata->input);
704 	}
705 
706 	for ( ; iter-- != mods; ) {
707 		ops = wiimod_table[*iter];
708 		if (ops->remove)
709 			ops->remove(ops, wdata);
710 	}
711 
712 	if (wdata->input) {
713 		input_put_device(wdata->input);
714 		wdata->input = NULL;
715 	}
716 }
717 
718 /* device extension handling */
719 
wiimote_ext_load(struct wiimote_data * wdata,unsigned int ext)720 static void wiimote_ext_load(struct wiimote_data *wdata, unsigned int ext)
721 {
722 	unsigned long flags;
723 	const struct wiimod_ops *ops;
724 	int ret;
725 
726 	ops = wiimod_ext_table[ext];
727 
728 	if (ops->probe) {
729 		ret = ops->probe(ops, wdata);
730 		if (ret)
731 			ext = WIIMOTE_EXT_UNKNOWN;
732 	}
733 
734 	spin_lock_irqsave(&wdata->state.lock, flags);
735 	wdata->state.exttype = ext;
736 	spin_unlock_irqrestore(&wdata->state.lock, flags);
737 }
738 
wiimote_ext_unload(struct wiimote_data * wdata)739 static void wiimote_ext_unload(struct wiimote_data *wdata)
740 {
741 	unsigned long flags;
742 	const struct wiimod_ops *ops;
743 
744 	ops = wiimod_ext_table[wdata->state.exttype];
745 
746 	spin_lock_irqsave(&wdata->state.lock, flags);
747 	wdata->state.exttype = WIIMOTE_EXT_UNKNOWN;
748 	wdata->state.flags &= ~WIIPROTO_FLAG_EXT_USED;
749 	spin_unlock_irqrestore(&wdata->state.lock, flags);
750 
751 	if (ops->remove)
752 		ops->remove(ops, wdata);
753 }
754 
wiimote_mp_load(struct wiimote_data * wdata)755 static void wiimote_mp_load(struct wiimote_data *wdata)
756 {
757 	unsigned long flags;
758 	const struct wiimod_ops *ops;
759 	int ret;
760 	__u8 mode = 2;
761 
762 	ops = &wiimod_mp;
763 	if (ops->probe) {
764 		ret = ops->probe(ops, wdata);
765 		if (ret)
766 			mode = 1;
767 	}
768 
769 	spin_lock_irqsave(&wdata->state.lock, flags);
770 	wdata->state.mp = mode;
771 	spin_unlock_irqrestore(&wdata->state.lock, flags);
772 }
773 
wiimote_mp_unload(struct wiimote_data * wdata)774 static void wiimote_mp_unload(struct wiimote_data *wdata)
775 {
776 	unsigned long flags;
777 	const struct wiimod_ops *ops;
778 
779 	if (wdata->state.mp < 2)
780 		return;
781 
782 	ops = &wiimod_mp;
783 
784 	spin_lock_irqsave(&wdata->state.lock, flags);
785 	wdata->state.mp = 0;
786 	wdata->state.flags &= ~WIIPROTO_FLAG_MP_USED;
787 	spin_unlock_irqrestore(&wdata->state.lock, flags);
788 
789 	if (ops->remove)
790 		ops->remove(ops, wdata);
791 }
792 
793 /* device (re-)initialization and detection */
794 
795 static const char *wiimote_devtype_names[WIIMOTE_DEV_NUM] = {
796 	[WIIMOTE_DEV_PENDING] = "Pending",
797 	[WIIMOTE_DEV_UNKNOWN] = "Unknown",
798 	[WIIMOTE_DEV_GENERIC] = "Generic",
799 	[WIIMOTE_DEV_GEN10] = "Nintendo Wii Remote (Gen 1)",
800 	[WIIMOTE_DEV_GEN20] = "Nintendo Wii Remote Plus (Gen 2)",
801 	[WIIMOTE_DEV_BALANCE_BOARD] = "Nintendo Wii Balance Board",
802 	[WIIMOTE_DEV_PRO_CONTROLLER] = "Nintendo Wii U Pro Controller",
803 };
804 
805 /* Try to guess the device type based on all collected information. We
806  * first try to detect by static extension types, then VID/PID and the
807  * device name. If we cannot detect the device, we use
808  * WIIMOTE_DEV_GENERIC so all modules will get probed on the device. */
wiimote_init_set_type(struct wiimote_data * wdata,__u8 exttype)809 static void wiimote_init_set_type(struct wiimote_data *wdata,
810 				  __u8 exttype)
811 {
812 	__u8 devtype = WIIMOTE_DEV_GENERIC;
813 	__u16 vendor, product;
814 	const char *name;
815 
816 	vendor = wdata->hdev->vendor;
817 	product = wdata->hdev->product;
818 	name = wdata->hdev->name;
819 
820 	if (exttype == WIIMOTE_EXT_BALANCE_BOARD) {
821 		devtype = WIIMOTE_DEV_BALANCE_BOARD;
822 		goto done;
823 	} else if (exttype == WIIMOTE_EXT_PRO_CONTROLLER) {
824 		devtype = WIIMOTE_DEV_PRO_CONTROLLER;
825 		goto done;
826 	}
827 
828 	if (!strcmp(name, "Nintendo RVL-CNT-01")) {
829 		devtype = WIIMOTE_DEV_GEN10;
830 		goto done;
831 	} else if (!strcmp(name, "Nintendo RVL-CNT-01-TR")) {
832 		devtype = WIIMOTE_DEV_GEN20;
833 		goto done;
834 	} else if (!strcmp(name, "Nintendo RVL-WBC-01")) {
835 		devtype = WIIMOTE_DEV_BALANCE_BOARD;
836 		goto done;
837 	} else if (!strcmp(name, "Nintendo RVL-CNT-01-UC")) {
838 		devtype = WIIMOTE_DEV_PRO_CONTROLLER;
839 		goto done;
840 	}
841 
842 	if (vendor == USB_VENDOR_ID_NINTENDO) {
843 		if (product == USB_DEVICE_ID_NINTENDO_WIIMOTE) {
844 			devtype = WIIMOTE_DEV_GEN10;
845 			goto done;
846 		} else if (product == USB_DEVICE_ID_NINTENDO_WIIMOTE2) {
847 			devtype = WIIMOTE_DEV_GEN20;
848 			goto done;
849 		}
850 	}
851 
852 done:
853 	if (devtype == WIIMOTE_DEV_GENERIC)
854 		hid_info(wdata->hdev, "cannot detect device; NAME: %s VID: %04x PID: %04x EXT: %04x\n",
855 			name, vendor, product, exttype);
856 	else
857 		hid_info(wdata->hdev, "detected device: %s\n",
858 			 wiimote_devtype_names[devtype]);
859 
860 	wiimote_modules_load(wdata, devtype);
861 }
862 
wiimote_init_detect(struct wiimote_data * wdata)863 static void wiimote_init_detect(struct wiimote_data *wdata)
864 {
865 	__u8 exttype = WIIMOTE_EXT_NONE, extdata[6];
866 	bool ext;
867 	int ret;
868 
869 	wiimote_cmd_acquire_noint(wdata);
870 
871 	spin_lock_irq(&wdata->state.lock);
872 	wdata->state.devtype = WIIMOTE_DEV_UNKNOWN;
873 	wiimote_cmd_set(wdata, WIIPROTO_REQ_SREQ, 0);
874 	wiiproto_req_status(wdata);
875 	spin_unlock_irq(&wdata->state.lock);
876 
877 	ret = wiimote_cmd_wait_noint(wdata);
878 	if (ret)
879 		goto out_release;
880 
881 	spin_lock_irq(&wdata->state.lock);
882 	ext = wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED;
883 	spin_unlock_irq(&wdata->state.lock);
884 
885 	if (!ext)
886 		goto out_release;
887 
888 	wiimote_cmd_init_ext(wdata);
889 	exttype = wiimote_cmd_read_ext(wdata, extdata);
890 
891 out_release:
892 	wiimote_cmd_release(wdata);
893 	wiimote_init_set_type(wdata, exttype);
894 
895 	/* schedule MP timer */
896 	spin_lock_irq(&wdata->state.lock);
897 	if (!(wdata->state.flags & WIIPROTO_FLAG_BUILTIN_MP) &&
898 	    !(wdata->state.flags & WIIPROTO_FLAG_NO_MP))
899 		mod_timer(&wdata->timer, jiffies + HZ * 4);
900 	spin_unlock_irq(&wdata->state.lock);
901 }
902 
903 /*
904  * MP hotplug events are not generated by the wiimote. Therefore, we need
905  * polling to detect it. We use a 4s interval for polling MP registers. This
906  * seems reasonable considering applications can trigger it manually via
907  * sysfs requests.
908  */
wiimote_init_poll_mp(struct wiimote_data * wdata)909 static void wiimote_init_poll_mp(struct wiimote_data *wdata)
910 {
911 	bool mp;
912 	__u8 mpdata[6];
913 
914 	wiimote_cmd_acquire_noint(wdata);
915 	wiimote_cmd_init_mp(wdata);
916 	mp = wiimote_cmd_read_mp(wdata, mpdata);
917 	wiimote_cmd_release(wdata);
918 
919 	/* load/unload MP module if it changed */
920 	if (mp) {
921 		if (!wdata->state.mp) {
922 			hid_info(wdata->hdev, "detected extension: Nintendo Wii Motion Plus\n");
923 			wiimote_mp_load(wdata);
924 		}
925 	} else if (wdata->state.mp) {
926 		wiimote_mp_unload(wdata);
927 	}
928 
929 	mod_timer(&wdata->timer, jiffies + HZ * 4);
930 }
931 
932 /*
933  * Check whether the wiimote is in the expected state. The extension registers
934  * may change during hotplug and initialization so we might get hotplug events
935  * that we caused by remapping some memory.
936  * We use some heuristics here to check known states. If the wiimote is in the
937  * expected state, we can ignore the hotplug event.
938  *
939  * Returns "true" if the device is in expected state, "false" if we should
940  * redo hotplug handling and extension initialization.
941  */
wiimote_init_check(struct wiimote_data * wdata)942 static bool wiimote_init_check(struct wiimote_data *wdata)
943 {
944 	__u32 flags;
945 	__u8 type, data[6];
946 	bool ret, poll_mp;
947 
948 	spin_lock_irq(&wdata->state.lock);
949 	flags = wdata->state.flags;
950 	spin_unlock_irq(&wdata->state.lock);
951 
952 	wiimote_cmd_acquire_noint(wdata);
953 
954 	/* If MP is used and active, but the extension is not, we expect:
955 	 *   read_mp_mapped() == WIIMOTE_MP_SINGLE
956 	 *   state.flags == !EXT_ACTIVE && !MP_PLUGGED && MP_ACTIVE
957 	 * We do not check EXT_PLUGGED because it might change during
958 	 * initialization of MP without extensions.
959 	 *  - If MP is unplugged/replugged, read_mp_mapped() fails
960 	 *  - If EXT is plugged, MP_PLUGGED will get set */
961 	if (wdata->state.exttype == WIIMOTE_EXT_NONE &&
962 	    wdata->state.mp > 0 && (flags & WIIPROTO_FLAG_MP_USED)) {
963 		type = wiimote_cmd_read_mp_mapped(wdata);
964 		ret = type == WIIMOTE_MP_SINGLE;
965 
966 		spin_lock_irq(&wdata->state.lock);
967 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
968 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_MP_PLUGGED);
969 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
970 		spin_unlock_irq(&wdata->state.lock);
971 
972 		if (!ret)
973 			hid_dbg(wdata->hdev, "state left: !EXT && MP\n");
974 
975 		/* while MP is mapped, we get EXT_PLUGGED events */
976 		poll_mp = false;
977 
978 		goto out_release;
979 	}
980 
981 	/* If MP is unused, but the extension port is used, we expect:
982 	 *   read_ext == state.exttype
983 	 *   state.flags == !MP_ACTIVE && EXT_ACTIVE
984 	 * - If MP is plugged/unplugged, our timer detects it
985 	 * - If EXT is unplugged/replugged, EXT_ACTIVE will become unset */
986 	if (!(flags & WIIPROTO_FLAG_MP_USED) &&
987 	    wdata->state.exttype != WIIMOTE_EXT_NONE) {
988 		type = wiimote_cmd_read_ext(wdata, data);
989 		ret = type == wdata->state.exttype;
990 
991 		spin_lock_irq(&wdata->state.lock);
992 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
993 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
994 		spin_unlock_irq(&wdata->state.lock);
995 
996 		if (!ret)
997 			hid_dbg(wdata->hdev, "state left: EXT && !MP\n");
998 
999 		/* poll MP for hotplug events */
1000 		poll_mp = true;
1001 
1002 		goto out_release;
1003 	}
1004 
1005 	/* If neither MP nor an extension are used, we expect:
1006 	 *   read_ext() == WIIMOTE_EXT_NONE
1007 	 *   state.flags == !MP_ACTIVE && !EXT_ACTIVE && !EXT_PLUGGED
1008 	 * No need to perform any action in this case as everything is
1009 	 * disabled already.
1010 	 * - If MP is plugged/unplugged, our timer detects it
1011 	 * - If EXT is plugged, EXT_PLUGGED will be set */
1012 	if (!(flags & WIIPROTO_FLAG_MP_USED) &&
1013 	    wdata->state.exttype == WIIMOTE_EXT_NONE) {
1014 		type = wiimote_cmd_read_ext(wdata, data);
1015 		ret = type == wdata->state.exttype;
1016 
1017 		spin_lock_irq(&wdata->state.lock);
1018 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
1019 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
1020 		ret = ret && !(wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED);
1021 		spin_unlock_irq(&wdata->state.lock);
1022 
1023 		if (!ret)
1024 			hid_dbg(wdata->hdev, "state left: !EXT && !MP\n");
1025 
1026 		/* poll MP for hotplug events */
1027 		poll_mp = true;
1028 
1029 		goto out_release;
1030 	}
1031 
1032 	/* The trickiest part is if both EXT and MP are active. We cannot read
1033 	 * the EXT ID, anymore, because MP is mapped over it. However, we use
1034 	 * a handy trick here:
1035 	 *   - EXT_ACTIVE is unset whenever !MP_PLUGGED is sent
1036 	 * MP_PLUGGED might be re-sent again before we are scheduled, but
1037 	 * EXT_ACTIVE will stay unset.
1038 	 * So it is enough to check for mp_mapped() and MP_ACTIVE and
1039 	 * EXT_ACTIVE. EXT_PLUGGED is a sanity check. */
1040 	if (wdata->state.exttype != WIIMOTE_EXT_NONE &&
1041 	    wdata->state.mp > 0 && (flags & WIIPROTO_FLAG_MP_USED)) {
1042 		type = wiimote_cmd_read_mp_mapped(wdata);
1043 		ret = type != WIIMOTE_MP_NONE;
1044 		ret = ret && type != WIIMOTE_MP_UNKNOWN;
1045 		ret = ret && type != WIIMOTE_MP_SINGLE;
1046 
1047 		spin_lock_irq(&wdata->state.lock);
1048 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED);
1049 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE);
1050 		ret = ret && (wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE);
1051 		spin_unlock_irq(&wdata->state.lock);
1052 
1053 		if (!ret)
1054 			hid_dbg(wdata->hdev, "state left: EXT && MP\n");
1055 
1056 		/* while MP is mapped, we get EXT_PLUGGED events */
1057 		poll_mp = false;
1058 
1059 		goto out_release;
1060 	}
1061 
1062 	/* unknown state */
1063 	ret = false;
1064 
1065 out_release:
1066 	wiimote_cmd_release(wdata);
1067 
1068 	/* only poll for MP if requested and if state didn't change */
1069 	if (ret && poll_mp && !(flags & WIIPROTO_FLAG_BUILTIN_MP) &&
1070 	    !(flags & WIIPROTO_FLAG_NO_MP))
1071 		wiimote_init_poll_mp(wdata);
1072 
1073 	return ret;
1074 }
1075 
1076 static const char *wiimote_exttype_names[WIIMOTE_EXT_NUM] = {
1077 	[WIIMOTE_EXT_NONE] = "None",
1078 	[WIIMOTE_EXT_UNKNOWN] = "Unknown",
1079 	[WIIMOTE_EXT_NUNCHUK] = "Nintendo Wii Nunchuk",
1080 	[WIIMOTE_EXT_CLASSIC_CONTROLLER] = "Nintendo Wii Classic Controller",
1081 	[WIIMOTE_EXT_BALANCE_BOARD] = "Nintendo Wii Balance Board",
1082 	[WIIMOTE_EXT_PRO_CONTROLLER] = "Nintendo Wii U Pro Controller",
1083 	[WIIMOTE_EXT_DRUMS] = "Nintendo Wii Drums",
1084 	[WIIMOTE_EXT_GUITAR] = "Nintendo Wii Guitar",
1085 };
1086 
1087 /*
1088  * Handle hotplug events
1089  * If we receive an hotplug event and the device-check failed, we deinitialize
1090  * the extension ports, re-read all extension IDs and set the device into
1091  * the desired state. This involves mapping MP into the main extension
1092  * registers, setting up extension passthrough modes and initializing the
1093  * requested extensions.
1094  */
wiimote_init_hotplug(struct wiimote_data * wdata)1095 static void wiimote_init_hotplug(struct wiimote_data *wdata)
1096 {
1097 	__u8 exttype, extdata[6], mpdata[6];
1098 	__u32 flags;
1099 	bool mp;
1100 
1101 	hid_dbg(wdata->hdev, "detect extensions..\n");
1102 
1103 	wiimote_cmd_acquire_noint(wdata);
1104 
1105 	spin_lock_irq(&wdata->state.lock);
1106 
1107 	/* get state snapshot that we will then work on */
1108 	flags = wdata->state.flags;
1109 
1110 	/* disable event forwarding temporarily */
1111 	wdata->state.flags &= ~WIIPROTO_FLAG_EXT_ACTIVE;
1112 	wdata->state.flags &= ~WIIPROTO_FLAG_MP_ACTIVE;
1113 
1114 	spin_unlock_irq(&wdata->state.lock);
1115 
1116 	/* init extension and MP (deactivates current extension or MP) */
1117 	wiimote_cmd_init_ext(wdata);
1118 	if (flags & WIIPROTO_FLAG_NO_MP) {
1119 		mp = false;
1120 	} else {
1121 		wiimote_cmd_init_mp(wdata);
1122 		mp = wiimote_cmd_read_mp(wdata, mpdata);
1123 	}
1124 	exttype = wiimote_cmd_read_ext(wdata, extdata);
1125 
1126 	wiimote_cmd_release(wdata);
1127 
1128 	/* load/unload extension module if it changed */
1129 	if (exttype != wdata->state.exttype) {
1130 		/* unload previous extension */
1131 		wiimote_ext_unload(wdata);
1132 
1133 		if (exttype == WIIMOTE_EXT_UNKNOWN) {
1134 			hid_info(wdata->hdev, "cannot detect extension; %6phC\n",
1135 				 extdata);
1136 		} else if (exttype == WIIMOTE_EXT_NONE) {
1137 			spin_lock_irq(&wdata->state.lock);
1138 			wdata->state.exttype = WIIMOTE_EXT_NONE;
1139 			spin_unlock_irq(&wdata->state.lock);
1140 		} else {
1141 			hid_info(wdata->hdev, "detected extension: %s\n",
1142 				 wiimote_exttype_names[exttype]);
1143 			/* try loading new extension */
1144 			wiimote_ext_load(wdata, exttype);
1145 		}
1146 	}
1147 
1148 	/* load/unload MP module if it changed */
1149 	if (mp) {
1150 		if (!wdata->state.mp) {
1151 			hid_info(wdata->hdev, "detected extension: Nintendo Wii Motion Plus\n");
1152 			wiimote_mp_load(wdata);
1153 		}
1154 	} else if (wdata->state.mp) {
1155 		wiimote_mp_unload(wdata);
1156 	}
1157 
1158 	/* if MP is not used, do not map or activate it */
1159 	if (!(flags & WIIPROTO_FLAG_MP_USED))
1160 		mp = false;
1161 
1162 	/* map MP into main extension registers if used */
1163 	if (mp) {
1164 		wiimote_cmd_acquire_noint(wdata);
1165 		wiimote_cmd_map_mp(wdata, exttype);
1166 		wiimote_cmd_release(wdata);
1167 
1168 		/* delete MP hotplug timer */
1169 		del_timer_sync(&wdata->timer);
1170 	} else {
1171 		/* reschedule MP hotplug timer */
1172 		if (!(flags & WIIPROTO_FLAG_BUILTIN_MP) &&
1173 		    !(flags & WIIPROTO_FLAG_NO_MP))
1174 			mod_timer(&wdata->timer, jiffies + HZ * 4);
1175 	}
1176 
1177 	spin_lock_irq(&wdata->state.lock);
1178 
1179 	/* enable data forwarding again and set expected hotplug state */
1180 	if (mp) {
1181 		wdata->state.flags |= WIIPROTO_FLAG_MP_ACTIVE;
1182 		if (wdata->state.exttype == WIIMOTE_EXT_NONE) {
1183 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_PLUGGED;
1184 			wdata->state.flags &= ~WIIPROTO_FLAG_MP_PLUGGED;
1185 		} else {
1186 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_PLUGGED;
1187 			wdata->state.flags |= WIIPROTO_FLAG_MP_PLUGGED;
1188 			wdata->state.flags |= WIIPROTO_FLAG_EXT_ACTIVE;
1189 		}
1190 	} else if (wdata->state.exttype != WIIMOTE_EXT_NONE) {
1191 		wdata->state.flags |= WIIPROTO_FLAG_EXT_ACTIVE;
1192 	}
1193 
1194 	/* request status report for hotplug state updates */
1195 	wiiproto_req_status(wdata);
1196 
1197 	spin_unlock_irq(&wdata->state.lock);
1198 
1199 	hid_dbg(wdata->hdev, "detected extensions: MP: %d EXT: %d\n",
1200 		wdata->state.mp, wdata->state.exttype);
1201 }
1202 
wiimote_init_worker(struct work_struct * work)1203 static void wiimote_init_worker(struct work_struct *work)
1204 {
1205 	struct wiimote_data *wdata = container_of(work, struct wiimote_data,
1206 						  init_worker);
1207 	bool changed = false;
1208 
1209 	if (wdata->state.devtype == WIIMOTE_DEV_PENDING) {
1210 		wiimote_init_detect(wdata);
1211 		changed = true;
1212 	}
1213 
1214 	if (changed || !wiimote_init_check(wdata))
1215 		wiimote_init_hotplug(wdata);
1216 
1217 	if (changed)
1218 		kobject_uevent(&wdata->hdev->dev.kobj, KOBJ_CHANGE);
1219 }
1220 
__wiimote_schedule(struct wiimote_data * wdata)1221 void __wiimote_schedule(struct wiimote_data *wdata)
1222 {
1223 	if (!(wdata->state.flags & WIIPROTO_FLAG_EXITING))
1224 		schedule_work(&wdata->init_worker);
1225 }
1226 
wiimote_schedule(struct wiimote_data * wdata)1227 static void wiimote_schedule(struct wiimote_data *wdata)
1228 {
1229 	unsigned long flags;
1230 
1231 	spin_lock_irqsave(&wdata->state.lock, flags);
1232 	__wiimote_schedule(wdata);
1233 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1234 }
1235 
wiimote_init_timeout(struct timer_list * t)1236 static void wiimote_init_timeout(struct timer_list *t)
1237 {
1238 	struct wiimote_data *wdata = from_timer(wdata, t, timer);
1239 
1240 	wiimote_schedule(wdata);
1241 }
1242 
1243 /* protocol handlers */
1244 
handler_keys(struct wiimote_data * wdata,const __u8 * payload)1245 static void handler_keys(struct wiimote_data *wdata, const __u8 *payload)
1246 {
1247 	const __u8 *iter, *mods;
1248 	const struct wiimod_ops *ops;
1249 
1250 	ops = wiimod_ext_table[wdata->state.exttype];
1251 	if (ops->in_keys) {
1252 		ops->in_keys(wdata, payload);
1253 		return;
1254 	}
1255 
1256 	mods = wiimote_devtype_mods[wdata->state.devtype];
1257 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1258 		ops = wiimod_table[*iter];
1259 		if (ops->in_keys) {
1260 			ops->in_keys(wdata, payload);
1261 			break;
1262 		}
1263 	}
1264 }
1265 
handler_accel(struct wiimote_data * wdata,const __u8 * payload)1266 static void handler_accel(struct wiimote_data *wdata, const __u8 *payload)
1267 {
1268 	const __u8 *iter, *mods;
1269 	const struct wiimod_ops *ops;
1270 
1271 	ops = wiimod_ext_table[wdata->state.exttype];
1272 	if (ops->in_accel) {
1273 		ops->in_accel(wdata, payload);
1274 		return;
1275 	}
1276 
1277 	mods = wiimote_devtype_mods[wdata->state.devtype];
1278 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1279 		ops = wiimod_table[*iter];
1280 		if (ops->in_accel) {
1281 			ops->in_accel(wdata, payload);
1282 			break;
1283 		}
1284 	}
1285 }
1286 
valid_ext_handler(const struct wiimod_ops * ops,size_t len)1287 static bool valid_ext_handler(const struct wiimod_ops *ops, size_t len)
1288 {
1289 	if (!ops->in_ext)
1290 		return false;
1291 	if ((ops->flags & WIIMOD_FLAG_EXT8) && len < 8)
1292 		return false;
1293 	if ((ops->flags & WIIMOD_FLAG_EXT16) && len < 16)
1294 		return false;
1295 
1296 	return true;
1297 }
1298 
handler_ext(struct wiimote_data * wdata,const __u8 * payload,size_t len)1299 static void handler_ext(struct wiimote_data *wdata, const __u8 *payload,
1300 			size_t len)
1301 {
1302 	static const __u8 invalid[21] = { 0xff, 0xff, 0xff, 0xff,
1303 					  0xff, 0xff, 0xff, 0xff,
1304 					  0xff, 0xff, 0xff, 0xff,
1305 					  0xff, 0xff, 0xff, 0xff,
1306 					  0xff, 0xff, 0xff, 0xff,
1307 					  0xff };
1308 	const __u8 *iter, *mods;
1309 	const struct wiimod_ops *ops;
1310 	bool is_mp;
1311 
1312 	if (len > 21)
1313 		len = 21;
1314 	if (len < 6 || !memcmp(payload, invalid, len))
1315 		return;
1316 
1317 	/* if MP is active, track MP slot hotplugging */
1318 	if (wdata->state.flags & WIIPROTO_FLAG_MP_ACTIVE) {
1319 		/* this bit is set for invalid events (eg. during hotplug) */
1320 		if (payload[5] & 0x01)
1321 			return;
1322 
1323 		if (payload[4] & 0x01) {
1324 			if (!(wdata->state.flags & WIIPROTO_FLAG_MP_PLUGGED)) {
1325 				hid_dbg(wdata->hdev, "MP hotplug: 1\n");
1326 				wdata->state.flags |= WIIPROTO_FLAG_MP_PLUGGED;
1327 				__wiimote_schedule(wdata);
1328 			}
1329 		} else {
1330 			if (wdata->state.flags & WIIPROTO_FLAG_MP_PLUGGED) {
1331 				hid_dbg(wdata->hdev, "MP hotplug: 0\n");
1332 				wdata->state.flags &= ~WIIPROTO_FLAG_MP_PLUGGED;
1333 				wdata->state.flags &= ~WIIPROTO_FLAG_EXT_ACTIVE;
1334 				__wiimote_schedule(wdata);
1335 			}
1336 		}
1337 
1338 		/* detect MP data that is sent interleaved with EXT data */
1339 		is_mp = payload[5] & 0x02;
1340 	} else {
1341 		is_mp = false;
1342 	}
1343 
1344 	/* ignore EXT events if no extension is active */
1345 	if (!(wdata->state.flags & WIIPROTO_FLAG_EXT_ACTIVE) && !is_mp)
1346 		return;
1347 
1348 	/* try forwarding to extension handler, first */
1349 	ops = wiimod_ext_table[wdata->state.exttype];
1350 	if (is_mp && ops->in_mp) {
1351 		ops->in_mp(wdata, payload);
1352 		return;
1353 	} else if (!is_mp && valid_ext_handler(ops, len)) {
1354 		ops->in_ext(wdata, payload);
1355 		return;
1356 	}
1357 
1358 	/* try forwarding to MP handler */
1359 	ops = &wiimod_mp;
1360 	if (is_mp && ops->in_mp) {
1361 		ops->in_mp(wdata, payload);
1362 		return;
1363 	} else if (!is_mp && valid_ext_handler(ops, len)) {
1364 		ops->in_ext(wdata, payload);
1365 		return;
1366 	}
1367 
1368 	/* try forwarding to loaded modules */
1369 	mods = wiimote_devtype_mods[wdata->state.devtype];
1370 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1371 		ops = wiimod_table[*iter];
1372 		if (is_mp && ops->in_mp) {
1373 			ops->in_mp(wdata, payload);
1374 			return;
1375 		} else if (!is_mp && valid_ext_handler(ops, len)) {
1376 			ops->in_ext(wdata, payload);
1377 			return;
1378 		}
1379 	}
1380 }
1381 
1382 #define ir_to_input0(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 0)
1383 #define ir_to_input1(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 1)
1384 #define ir_to_input2(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 2)
1385 #define ir_to_input3(wdata, ir, packed) handler_ir((wdata), (ir), (packed), 3)
1386 
handler_ir(struct wiimote_data * wdata,const __u8 * payload,bool packed,unsigned int id)1387 static void handler_ir(struct wiimote_data *wdata, const __u8 *payload,
1388 		       bool packed, unsigned int id)
1389 {
1390 	const __u8 *iter, *mods;
1391 	const struct wiimod_ops *ops;
1392 
1393 	ops = wiimod_ext_table[wdata->state.exttype];
1394 	if (ops->in_ir) {
1395 		ops->in_ir(wdata, payload, packed, id);
1396 		return;
1397 	}
1398 
1399 	mods = wiimote_devtype_mods[wdata->state.devtype];
1400 	for (iter = mods; *iter != WIIMOD_NULL; ++iter) {
1401 		ops = wiimod_table[*iter];
1402 		if (ops->in_ir) {
1403 			ops->in_ir(wdata, payload, packed, id);
1404 			break;
1405 		}
1406 	}
1407 }
1408 
1409 /* reduced status report with "BB BB" key data only */
handler_status_K(struct wiimote_data * wdata,const __u8 * payload)1410 static void handler_status_K(struct wiimote_data *wdata,
1411 			     const __u8 *payload)
1412 {
1413 	handler_keys(wdata, payload);
1414 
1415 	/* on status reports the drm is reset so we need to resend the drm */
1416 	wiiproto_req_drm(wdata, WIIPROTO_REQ_NULL);
1417 }
1418 
1419 /* extended status report with "BB BB LF 00 00 VV" data */
handler_status(struct wiimote_data * wdata,const __u8 * payload)1420 static void handler_status(struct wiimote_data *wdata, const __u8 *payload)
1421 {
1422 	handler_status_K(wdata, payload);
1423 
1424 	/* update extension status */
1425 	if (payload[2] & 0x02) {
1426 		if (!(wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED)) {
1427 			hid_dbg(wdata->hdev, "EXT hotplug: 1\n");
1428 			wdata->state.flags |= WIIPROTO_FLAG_EXT_PLUGGED;
1429 			__wiimote_schedule(wdata);
1430 		}
1431 	} else {
1432 		if (wdata->state.flags & WIIPROTO_FLAG_EXT_PLUGGED) {
1433 			hid_dbg(wdata->hdev, "EXT hotplug: 0\n");
1434 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_PLUGGED;
1435 			wdata->state.flags &= ~WIIPROTO_FLAG_MP_PLUGGED;
1436 			wdata->state.flags &= ~WIIPROTO_FLAG_EXT_ACTIVE;
1437 			wdata->state.flags &= ~WIIPROTO_FLAG_MP_ACTIVE;
1438 			__wiimote_schedule(wdata);
1439 		}
1440 	}
1441 
1442 	wdata->state.cmd_battery = payload[5];
1443 	if (wiimote_cmd_pending(wdata, WIIPROTO_REQ_SREQ, 0))
1444 		wiimote_cmd_complete(wdata);
1445 }
1446 
1447 /* reduced generic report with "BB BB" key data only */
handler_generic_K(struct wiimote_data * wdata,const __u8 * payload)1448 static void handler_generic_K(struct wiimote_data *wdata, const __u8 *payload)
1449 {
1450 	handler_keys(wdata, payload);
1451 }
1452 
handler_data(struct wiimote_data * wdata,const __u8 * payload)1453 static void handler_data(struct wiimote_data *wdata, const __u8 *payload)
1454 {
1455 	__u16 offset = payload[3] << 8 | payload[4];
1456 	__u8 size = (payload[2] >> 4) + 1;
1457 	__u8 err = payload[2] & 0x0f;
1458 
1459 	handler_keys(wdata, payload);
1460 
1461 	if (wiimote_cmd_pending(wdata, WIIPROTO_REQ_RMEM, offset)) {
1462 		if (err)
1463 			size = 0;
1464 		else if (size > wdata->state.cmd_read_size)
1465 			size = wdata->state.cmd_read_size;
1466 
1467 		wdata->state.cmd_read_size = size;
1468 		if (wdata->state.cmd_read_buf)
1469 			memcpy(wdata->state.cmd_read_buf, &payload[5], size);
1470 		wiimote_cmd_complete(wdata);
1471 	}
1472 }
1473 
handler_return(struct wiimote_data * wdata,const __u8 * payload)1474 static void handler_return(struct wiimote_data *wdata, const __u8 *payload)
1475 {
1476 	__u8 err = payload[3];
1477 	__u8 cmd = payload[2];
1478 
1479 	handler_keys(wdata, payload);
1480 
1481 	if (wiimote_cmd_pending(wdata, cmd, 0)) {
1482 		wdata->state.cmd_err = err;
1483 		wiimote_cmd_complete(wdata);
1484 	} else if (err) {
1485 		hid_warn(wdata->hdev, "Remote error %u on req %u\n", err,
1486 									cmd);
1487 	}
1488 }
1489 
handler_drm_KA(struct wiimote_data * wdata,const __u8 * payload)1490 static void handler_drm_KA(struct wiimote_data *wdata, const __u8 *payload)
1491 {
1492 	handler_keys(wdata, payload);
1493 	handler_accel(wdata, payload);
1494 }
1495 
handler_drm_KE(struct wiimote_data * wdata,const __u8 * payload)1496 static void handler_drm_KE(struct wiimote_data *wdata, const __u8 *payload)
1497 {
1498 	handler_keys(wdata, payload);
1499 	handler_ext(wdata, &payload[2], 8);
1500 }
1501 
handler_drm_KAI(struct wiimote_data * wdata,const __u8 * payload)1502 static void handler_drm_KAI(struct wiimote_data *wdata, const __u8 *payload)
1503 {
1504 	handler_keys(wdata, payload);
1505 	handler_accel(wdata, payload);
1506 	ir_to_input0(wdata, &payload[5], false);
1507 	ir_to_input1(wdata, &payload[8], false);
1508 	ir_to_input2(wdata, &payload[11], false);
1509 	ir_to_input3(wdata, &payload[14], false);
1510 }
1511 
handler_drm_KEE(struct wiimote_data * wdata,const __u8 * payload)1512 static void handler_drm_KEE(struct wiimote_data *wdata, const __u8 *payload)
1513 {
1514 	handler_keys(wdata, payload);
1515 	handler_ext(wdata, &payload[2], 19);
1516 }
1517 
handler_drm_KIE(struct wiimote_data * wdata,const __u8 * payload)1518 static void handler_drm_KIE(struct wiimote_data *wdata, const __u8 *payload)
1519 {
1520 	handler_keys(wdata, payload);
1521 	ir_to_input0(wdata, &payload[2], false);
1522 	ir_to_input1(wdata, &payload[4], true);
1523 	ir_to_input2(wdata, &payload[7], false);
1524 	ir_to_input3(wdata, &payload[9], true);
1525 	handler_ext(wdata, &payload[12], 9);
1526 }
1527 
handler_drm_KAE(struct wiimote_data * wdata,const __u8 * payload)1528 static void handler_drm_KAE(struct wiimote_data *wdata, const __u8 *payload)
1529 {
1530 	handler_keys(wdata, payload);
1531 	handler_accel(wdata, payload);
1532 	handler_ext(wdata, &payload[5], 16);
1533 }
1534 
handler_drm_KAIE(struct wiimote_data * wdata,const __u8 * payload)1535 static void handler_drm_KAIE(struct wiimote_data *wdata, const __u8 *payload)
1536 {
1537 	handler_keys(wdata, payload);
1538 	handler_accel(wdata, payload);
1539 	ir_to_input0(wdata, &payload[5], false);
1540 	ir_to_input1(wdata, &payload[7], true);
1541 	ir_to_input2(wdata, &payload[10], false);
1542 	ir_to_input3(wdata, &payload[12], true);
1543 	handler_ext(wdata, &payload[15], 6);
1544 }
1545 
handler_drm_E(struct wiimote_data * wdata,const __u8 * payload)1546 static void handler_drm_E(struct wiimote_data *wdata, const __u8 *payload)
1547 {
1548 	handler_ext(wdata, payload, 21);
1549 }
1550 
handler_drm_SKAI1(struct wiimote_data * wdata,const __u8 * payload)1551 static void handler_drm_SKAI1(struct wiimote_data *wdata, const __u8 *payload)
1552 {
1553 	handler_keys(wdata, payload);
1554 
1555 	wdata->state.accel_split[0] = payload[2];
1556 	wdata->state.accel_split[1] = (payload[0] >> 1) & (0x10 | 0x20);
1557 	wdata->state.accel_split[1] |= (payload[1] << 1) & (0x40 | 0x80);
1558 
1559 	ir_to_input0(wdata, &payload[3], false);
1560 	ir_to_input1(wdata, &payload[12], false);
1561 }
1562 
handler_drm_SKAI2(struct wiimote_data * wdata,const __u8 * payload)1563 static void handler_drm_SKAI2(struct wiimote_data *wdata, const __u8 *payload)
1564 {
1565 	__u8 buf[5];
1566 
1567 	handler_keys(wdata, payload);
1568 
1569 	wdata->state.accel_split[1] |= (payload[0] >> 5) & (0x01 | 0x02);
1570 	wdata->state.accel_split[1] |= (payload[1] >> 3) & (0x04 | 0x08);
1571 
1572 	buf[0] = 0;
1573 	buf[1] = 0;
1574 	buf[2] = wdata->state.accel_split[0];
1575 	buf[3] = payload[2];
1576 	buf[4] = wdata->state.accel_split[1];
1577 	handler_accel(wdata, buf);
1578 
1579 	ir_to_input2(wdata, &payload[3], false);
1580 	ir_to_input3(wdata, &payload[12], false);
1581 }
1582 
1583 struct wiiproto_handler {
1584 	__u8 id;
1585 	size_t size;
1586 	void (*func)(struct wiimote_data *wdata, const __u8 *payload);
1587 };
1588 
1589 static const struct wiiproto_handler handlers[] = {
1590 	{ .id = WIIPROTO_REQ_STATUS, .size = 6, .func = handler_status },
1591 	{ .id = WIIPROTO_REQ_STATUS, .size = 2, .func = handler_status_K },
1592 	{ .id = WIIPROTO_REQ_DATA, .size = 21, .func = handler_data },
1593 	{ .id = WIIPROTO_REQ_DATA, .size = 2, .func = handler_generic_K },
1594 	{ .id = WIIPROTO_REQ_RETURN, .size = 4, .func = handler_return },
1595 	{ .id = WIIPROTO_REQ_RETURN, .size = 2, .func = handler_generic_K },
1596 	{ .id = WIIPROTO_REQ_DRM_K, .size = 2, .func = handler_keys },
1597 	{ .id = WIIPROTO_REQ_DRM_KA, .size = 5, .func = handler_drm_KA },
1598 	{ .id = WIIPROTO_REQ_DRM_KA, .size = 2, .func = handler_generic_K },
1599 	{ .id = WIIPROTO_REQ_DRM_KE, .size = 10, .func = handler_drm_KE },
1600 	{ .id = WIIPROTO_REQ_DRM_KE, .size = 2, .func = handler_generic_K },
1601 	{ .id = WIIPROTO_REQ_DRM_KAI, .size = 17, .func = handler_drm_KAI },
1602 	{ .id = WIIPROTO_REQ_DRM_KAI, .size = 2, .func = handler_generic_K },
1603 	{ .id = WIIPROTO_REQ_DRM_KEE, .size = 21, .func = handler_drm_KEE },
1604 	{ .id = WIIPROTO_REQ_DRM_KEE, .size = 2, .func = handler_generic_K },
1605 	{ .id = WIIPROTO_REQ_DRM_KAE, .size = 21, .func = handler_drm_KAE },
1606 	{ .id = WIIPROTO_REQ_DRM_KAE, .size = 2, .func = handler_generic_K },
1607 	{ .id = WIIPROTO_REQ_DRM_KIE, .size = 21, .func = handler_drm_KIE },
1608 	{ .id = WIIPROTO_REQ_DRM_KIE, .size = 2, .func = handler_generic_K },
1609 	{ .id = WIIPROTO_REQ_DRM_KAIE, .size = 21, .func = handler_drm_KAIE },
1610 	{ .id = WIIPROTO_REQ_DRM_KAIE, .size = 2, .func = handler_generic_K },
1611 	{ .id = WIIPROTO_REQ_DRM_E, .size = 21, .func = handler_drm_E },
1612 	{ .id = WIIPROTO_REQ_DRM_SKAI1, .size = 21, .func = handler_drm_SKAI1 },
1613 	{ .id = WIIPROTO_REQ_DRM_SKAI2, .size = 21, .func = handler_drm_SKAI2 },
1614 	{ .id = 0 }
1615 };
1616 
wiimote_hid_event(struct hid_device * hdev,struct hid_report * report,u8 * raw_data,int size)1617 static int wiimote_hid_event(struct hid_device *hdev, struct hid_report *report,
1618 							u8 *raw_data, int size)
1619 {
1620 	struct wiimote_data *wdata = hid_get_drvdata(hdev);
1621 	const struct wiiproto_handler *h;
1622 	int i;
1623 	unsigned long flags;
1624 
1625 	if (size < 1)
1626 		return -EINVAL;
1627 
1628 	for (i = 0; handlers[i].id; ++i) {
1629 		h = &handlers[i];
1630 		if (h->id == raw_data[0] && h->size < size) {
1631 			spin_lock_irqsave(&wdata->state.lock, flags);
1632 			h->func(wdata, &raw_data[1]);
1633 			spin_unlock_irqrestore(&wdata->state.lock, flags);
1634 			break;
1635 		}
1636 	}
1637 
1638 	if (!handlers[i].id)
1639 		hid_warn(hdev, "Unhandled report %hhu size %d\n", raw_data[0],
1640 									size);
1641 
1642 	return 0;
1643 }
1644 
wiimote_ext_show(struct device * dev,struct device_attribute * attr,char * buf)1645 static ssize_t wiimote_ext_show(struct device *dev,
1646 				struct device_attribute *attr,
1647 				char *buf)
1648 {
1649 	struct wiimote_data *wdata = dev_to_wii(dev);
1650 	__u8 type;
1651 	unsigned long flags;
1652 
1653 	spin_lock_irqsave(&wdata->state.lock, flags);
1654 	type = wdata->state.exttype;
1655 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1656 
1657 	switch (type) {
1658 	case WIIMOTE_EXT_NONE:
1659 		return sprintf(buf, "none\n");
1660 	case WIIMOTE_EXT_NUNCHUK:
1661 		return sprintf(buf, "nunchuk\n");
1662 	case WIIMOTE_EXT_CLASSIC_CONTROLLER:
1663 		return sprintf(buf, "classic\n");
1664 	case WIIMOTE_EXT_BALANCE_BOARD:
1665 		return sprintf(buf, "balanceboard\n");
1666 	case WIIMOTE_EXT_PRO_CONTROLLER:
1667 		return sprintf(buf, "procontroller\n");
1668 	case WIIMOTE_EXT_DRUMS:
1669 		return sprintf(buf, "drums\n");
1670 	case WIIMOTE_EXT_GUITAR:
1671 		return sprintf(buf, "guitar\n");
1672 	case WIIMOTE_EXT_UNKNOWN:
1673 	default:
1674 		return sprintf(buf, "unknown\n");
1675 	}
1676 }
1677 
wiimote_ext_store(struct device * dev,struct device_attribute * attr,const char * buf,size_t count)1678 static ssize_t wiimote_ext_store(struct device *dev,
1679 				 struct device_attribute *attr,
1680 				 const char *buf, size_t count)
1681 {
1682 	struct wiimote_data *wdata = dev_to_wii(dev);
1683 
1684 	if (!strcmp(buf, "scan")) {
1685 		wiimote_schedule(wdata);
1686 	} else {
1687 		return -EINVAL;
1688 	}
1689 
1690 	return strnlen(buf, PAGE_SIZE);
1691 }
1692 
1693 static DEVICE_ATTR(extension, S_IRUGO | S_IWUSR | S_IWGRP, wiimote_ext_show,
1694 		   wiimote_ext_store);
1695 
wiimote_dev_show(struct device * dev,struct device_attribute * attr,char * buf)1696 static ssize_t wiimote_dev_show(struct device *dev,
1697 				struct device_attribute *attr,
1698 				char *buf)
1699 {
1700 	struct wiimote_data *wdata = dev_to_wii(dev);
1701 	__u8 type;
1702 	unsigned long flags;
1703 
1704 	spin_lock_irqsave(&wdata->state.lock, flags);
1705 	type = wdata->state.devtype;
1706 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1707 
1708 	switch (type) {
1709 	case WIIMOTE_DEV_GENERIC:
1710 		return sprintf(buf, "generic\n");
1711 	case WIIMOTE_DEV_GEN10:
1712 		return sprintf(buf, "gen10\n");
1713 	case WIIMOTE_DEV_GEN20:
1714 		return sprintf(buf, "gen20\n");
1715 	case WIIMOTE_DEV_BALANCE_BOARD:
1716 		return sprintf(buf, "balanceboard\n");
1717 	case WIIMOTE_DEV_PRO_CONTROLLER:
1718 		return sprintf(buf, "procontroller\n");
1719 	case WIIMOTE_DEV_PENDING:
1720 		return sprintf(buf, "pending\n");
1721 	case WIIMOTE_DEV_UNKNOWN:
1722 	default:
1723 		return sprintf(buf, "unknown\n");
1724 	}
1725 }
1726 
1727 static DEVICE_ATTR(devtype, S_IRUGO, wiimote_dev_show, NULL);
1728 
wiimote_create(struct hid_device * hdev)1729 static struct wiimote_data *wiimote_create(struct hid_device *hdev)
1730 {
1731 	struct wiimote_data *wdata;
1732 
1733 	wdata = kzalloc(sizeof(*wdata), GFP_KERNEL);
1734 	if (!wdata)
1735 		return NULL;
1736 
1737 	wdata->hdev = hdev;
1738 	hid_set_drvdata(hdev, wdata);
1739 
1740 	spin_lock_init(&wdata->queue.lock);
1741 	INIT_WORK(&wdata->queue.worker, wiimote_queue_worker);
1742 
1743 	spin_lock_init(&wdata->state.lock);
1744 	init_completion(&wdata->state.ready);
1745 	mutex_init(&wdata->state.sync);
1746 	wdata->state.drm = WIIPROTO_REQ_DRM_K;
1747 	wdata->state.cmd_battery = 0xff;
1748 
1749 	INIT_WORK(&wdata->init_worker, wiimote_init_worker);
1750 	timer_setup(&wdata->timer, wiimote_init_timeout, 0);
1751 
1752 	return wdata;
1753 }
1754 
wiimote_destroy(struct wiimote_data * wdata)1755 static void wiimote_destroy(struct wiimote_data *wdata)
1756 {
1757 	unsigned long flags;
1758 
1759 	wiidebug_deinit(wdata);
1760 
1761 	/* prevent init_worker from being scheduled again */
1762 	spin_lock_irqsave(&wdata->state.lock, flags);
1763 	wdata->state.flags |= WIIPROTO_FLAG_EXITING;
1764 	spin_unlock_irqrestore(&wdata->state.lock, flags);
1765 
1766 	cancel_work_sync(&wdata->init_worker);
1767 	del_timer_sync(&wdata->timer);
1768 
1769 	device_remove_file(&wdata->hdev->dev, &dev_attr_devtype);
1770 	device_remove_file(&wdata->hdev->dev, &dev_attr_extension);
1771 
1772 	wiimote_mp_unload(wdata);
1773 	wiimote_ext_unload(wdata);
1774 	wiimote_modules_unload(wdata);
1775 	cancel_work_sync(&wdata->queue.worker);
1776 	hid_hw_close(wdata->hdev);
1777 	hid_hw_stop(wdata->hdev);
1778 
1779 	kfree(wdata);
1780 }
1781 
wiimote_hid_probe(struct hid_device * hdev,const struct hid_device_id * id)1782 static int wiimote_hid_probe(struct hid_device *hdev,
1783 				const struct hid_device_id *id)
1784 {
1785 	struct wiimote_data *wdata;
1786 	int ret;
1787 
1788 	hdev->quirks |= HID_QUIRK_NO_INIT_REPORTS;
1789 
1790 	wdata = wiimote_create(hdev);
1791 	if (!wdata) {
1792 		hid_err(hdev, "Can't alloc device\n");
1793 		return -ENOMEM;
1794 	}
1795 
1796 	ret = hid_parse(hdev);
1797 	if (ret) {
1798 		hid_err(hdev, "HID parse failed\n");
1799 		goto err;
1800 	}
1801 
1802 	ret = hid_hw_start(hdev, HID_CONNECT_HIDRAW);
1803 	if (ret) {
1804 		hid_err(hdev, "HW start failed\n");
1805 		goto err;
1806 	}
1807 
1808 	ret = hid_hw_open(hdev);
1809 	if (ret) {
1810 		hid_err(hdev, "cannot start hardware I/O\n");
1811 		goto err_stop;
1812 	}
1813 
1814 	ret = device_create_file(&hdev->dev, &dev_attr_extension);
1815 	if (ret) {
1816 		hid_err(hdev, "cannot create sysfs attribute\n");
1817 		goto err_close;
1818 	}
1819 
1820 	ret = device_create_file(&hdev->dev, &dev_attr_devtype);
1821 	if (ret) {
1822 		hid_err(hdev, "cannot create sysfs attribute\n");
1823 		goto err_ext;
1824 	}
1825 
1826 	ret = wiidebug_init(wdata);
1827 	if (ret)
1828 		goto err_free;
1829 
1830 	hid_info(hdev, "New device registered\n");
1831 
1832 	/* schedule device detection */
1833 	wiimote_schedule(wdata);
1834 
1835 	return 0;
1836 
1837 err_free:
1838 	wiimote_destroy(wdata);
1839 	return ret;
1840 
1841 err_ext:
1842 	device_remove_file(&wdata->hdev->dev, &dev_attr_extension);
1843 err_close:
1844 	hid_hw_close(hdev);
1845 err_stop:
1846 	hid_hw_stop(hdev);
1847 err:
1848 	input_free_device(wdata->ir);
1849 	input_free_device(wdata->accel);
1850 	kfree(wdata);
1851 	return ret;
1852 }
1853 
wiimote_hid_remove(struct hid_device * hdev)1854 static void wiimote_hid_remove(struct hid_device *hdev)
1855 {
1856 	struct wiimote_data *wdata = hid_get_drvdata(hdev);
1857 
1858 	hid_info(hdev, "Device removed\n");
1859 	wiimote_destroy(wdata);
1860 }
1861 
1862 static const struct hid_device_id wiimote_hid_devices[] = {
1863 	{ HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_NINTENDO,
1864 				USB_DEVICE_ID_NINTENDO_WIIMOTE) },
1865 	{ HID_BLUETOOTH_DEVICE(USB_VENDOR_ID_NINTENDO,
1866 				USB_DEVICE_ID_NINTENDO_WIIMOTE2) },
1867 	{ }
1868 };
1869 
1870 bool wiimote_dpad_as_analog = false;
1871 module_param_named(dpad_as_analog, wiimote_dpad_as_analog, bool, 0644);
1872 MODULE_PARM_DESC(dpad_as_analog, "Use D-Pad as main analog input");
1873 
1874 MODULE_DEVICE_TABLE(hid, wiimote_hid_devices);
1875 
1876 static struct hid_driver wiimote_hid_driver = {
1877 	.name = "wiimote",
1878 	.id_table = wiimote_hid_devices,
1879 	.probe = wiimote_hid_probe,
1880 	.remove = wiimote_hid_remove,
1881 	.raw_event = wiimote_hid_event,
1882 };
1883 module_hid_driver(wiimote_hid_driver);
1884 
1885 MODULE_LICENSE("GPL");
1886 MODULE_AUTHOR("David Herrmann <dh.herrmann@gmail.com>");
1887 MODULE_DESCRIPTION("Driver for Nintendo Wii / Wii U peripherals");
1888