Re: [PATCH] Bluetooth: Add HCI_QUIRK_NO_SCAN_WHILE_CONNECTED for combo chips

[Pauli Virtanen]

Hi,

su, 2026-04-19 kello 10:24 +0300, StefanCondorache kirjoitti:
> Realtek combo chips share a single antenna between Wi-Fi and Bluetooth.
> Background LE passive scanning while an active connection exists causes
> antenna multiplexing conflicts via Packet Traffic Arbitration (PTA),
> resulting in audio stuttering and Wi-Fi packet loss.
> 
> Add HCI_QUIRK_NO_SCAN_WHILE_CONNECTED to suppress passive scanning in
> hci_update_passive_scan_sync() when active connections are present.
> Set this quirk for all Realtek devices in btrtl_set_quirks().

Some general questions on this, which are not immediately apparent from
the commit message:

How is it know which Realtek models have this bug?

Which ones were tested?

Is it better to set the quirk for all Realtek devices than do it per
USB id / chipset for each known bad device?

> Also add device ID 0x0bda:0xc829 to the btusb Realtek device table.

Patches adding USB device ids usually have USB info from
/sys/kernel/debug/usb/devices in the commit message, see other patches
add these. Probably should be separate patch?

> Signed-off-by: StefanCondorache <condorachest@xxxxxxxxx>
> ---
>  drivers/bluetooth/btrtl.c   |  6 ++++++
>  drivers/bluetooth/btusb.c   |  2 ++
>  include/net/bluetooth/hci.h | 11 +++++++++++
>  net/bluetooth/hci_sync.c    |  7 +++++++
>  4 files changed, 26 insertions(+)
> 
> diff --git a/drivers/bluetooth/btrtl.c b/drivers/bluetooth/btrtl.c
> index 62f9d4df3a4f..00dfba656970 100644
> --- a/drivers/bluetooth/btrtl.c
> +++ b/drivers/bluetooth/btrtl.c
> @@ -1299,6 +1299,12 @@ EXPORT_SYMBOL_GPL(btrtl_download_firmware);
>  
>  void btrtl_set_quirks(struct hci_dev *hdev, struct btrtl_device_info *btrtl_dev)
>  {
> +	/* Realtek combo chips share the antenna between Wi-Fi and
> +	 * Bluetooth. Suppress passive scanning while connected to
> +	 * prevent coexistence issues.
> +	 */
> +	hci_set_quirk(hdev, HCI_QUIRK_NO_SCAN_WHILE_CONNECTED);

This sets the quirk for all Realtek chips.

Realtek chips are also in stuff like Bluetooth USB dongles that are not
combo wifi ones. Can they be identified?

> +
>  	/* Enable controller to do both LE scan and BR/EDR inquiry
>  	 * simultaneously.
>  	 */
> diff --git a/drivers/bluetooth/btusb.c b/drivers/bluetooth/btusb.c
> index 5f57953393be..87972f5fc567 100644
> --- a/drivers/bluetooth/btusb.c
> +++ b/drivers/bluetooth/btusb.c
> @@ -516,6 +516,8 @@ static const struct usb_device_id quirks_table[] = {
>  	/* Realtek 8822CU Bluetooth devices */
>  	{ USB_DEVICE(0x13d3, 0x3549), .driver_info = BTUSB_REALTEK |
>  						     BTUSB_WIDEBAND_SPEECH },
> +	{ USB_DEVICE(0x0bda, 0xc829), .driver_info = BTUSB_REALTEK |
> +							 BTUSB_WIDEBAND_SPEECH },
>  
>  	/* Realtek 8851BE Bluetooth devices */
>  	{ USB_DEVICE(0x0bda, 0xb850), .driver_info = BTUSB_REALTEK },
> diff --git a/include/net/bluetooth/hci.h b/include/net/bluetooth/hci.h
> index 572b1c620c5d..8466dc52aeca 100644
> --- a/include/net/bluetooth/hci.h
> +++ b/include/net/bluetooth/hci.h
> @@ -378,6 +378,17 @@ enum {
>  	 */
>  	HCI_QUIRK_BROKEN_READ_PAGE_SCAN_TYPE,
>  
> +	/* When this quirk is set, the controller suppresses passive LE
> +	 * background scanning while an active connection exists.
> +	 * This is required for combo chips with shared Wi-Fi/Bluetooth
> +	 * antennas to prevent coexistence issues causing audio drops
> +	 * and Wi-Fi packet loss.
> +	 *
> +	 * This quirk can be set before hci_register_dev is called or
> +	 * during the hdev->setup vendor callback.
> +	 */
> +	HCI_QUIRK_NO_SCAN_WHILE_CONNECTED,
> +
>  	__HCI_NUM_QUIRKS,
>  };
>  
> diff --git a/net/bluetooth/hci_sync.c b/net/bluetooth/hci_sync.c
> index fd3aacdea512..5e30e725efa2 100644
> --- a/net/bluetooth/hci_sync.c
> +++ b/net/bluetooth/hci_sync.c
> @@ -3194,6 +3194,13 @@ int hci_update_passive_scan_sync(struct hci_dev *hdev)
>  	if (hdev->discovery.state != DISCOVERY_STOPPED)
>  		return 0;
>  
> +	/* If the controller requires no scanning while connected,
> +	 * suppress passive scanning when an active connection exists.
> +	 */
> +	if (hci_test_quirk(hdev, HCI_QUIRK_NO_SCAN_WHILE_CONNECTED) &&
> +	    !list_empty(&hdev->conn_hash.list))
> +		return 0;
> +

Does this break initiating connections via hci_connect_le_scan() if
another connection is active?

Is it possible to make more than one LE connection simultaneously?

>  	/* Reset RSSI and UUID filters when starting background scanning
>  	 * since these filters are meant for service discovery only.
>  	 *

-- 
Pauli Virtanen