1 /** 2 * Copyright (c) 2014 Redpine Signals Inc. 3 * 4 * Permission to use, copy, modify, and/or distribute this software for any 5 * purpose with or without fee is hereby granted, provided that the above 6 * copyright notice and this permission notice appear in all copies. 7 * 8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 15 */ 16 17 #include <linux/firmware.h> 18 #include "rsi_mgmt.h" 19 #include "rsi_hal.h" 20 #include "rsi_sdio.h" 21 #include "rsi_common.h" 22 23 /* FLASH Firmware */ 24 static struct ta_metadata metadata_flash_content[] = { 25 {"flash_content", 0x00010000}, 26 {"rsi/rs9113_wlan_qspi.rps", 0x00010000}, 27 }; 28 29 int rsi_send_pkt_to_bus(struct rsi_common *common, struct sk_buff *skb) 30 { 31 struct rsi_hw *adapter = common->priv; 32 int status; 33 34 status = adapter->host_intf_ops->write_pkt(common->priv, 35 skb->data, skb->len); 36 return status; 37 } 38 39 static int rsi_prepare_mgmt_desc(struct rsi_common *common, struct sk_buff *skb) 40 { 41 struct rsi_hw *adapter = common->priv; 42 struct ieee80211_hdr *wh = NULL; 43 struct ieee80211_tx_info *info; 44 struct ieee80211_conf *conf = &adapter->hw->conf; 45 struct ieee80211_vif *vif; 46 struct rsi_mgmt_desc *mgmt_desc; 47 struct skb_info *tx_params; 48 struct ieee80211_bss_conf *bss = NULL; 49 struct xtended_desc *xtend_desc = NULL; 50 u8 header_size; 51 u32 dword_align_bytes = 0; 52 53 if (skb->len > MAX_MGMT_PKT_SIZE) { 54 rsi_dbg(INFO_ZONE, "%s: Dropping mgmt pkt > 512\n", __func__); 55 return -EINVAL; 56 } 57 58 info = IEEE80211_SKB_CB(skb); 59 tx_params = (struct skb_info *)info->driver_data; 60 vif = tx_params->vif; 61 62 /* Update header size */ 63 header_size = FRAME_DESC_SZ + sizeof(struct xtended_desc); 64 if (header_size > skb_headroom(skb)) { 65 rsi_dbg(ERR_ZONE, 66 "%s: Failed to add extended descriptor\n", 67 __func__); 68 return -ENOSPC; 69 } 70 skb_push(skb, header_size); 71 dword_align_bytes = ((unsigned long)skb->data & 0x3f); 72 if (dword_align_bytes > skb_headroom(skb)) { 73 rsi_dbg(ERR_ZONE, 74 "%s: Failed to add dword align\n", __func__); 75 return -ENOSPC; 76 } 77 skb_push(skb, dword_align_bytes); 78 header_size += dword_align_bytes; 79 80 tx_params->internal_hdr_size = header_size; 81 memset(&skb->data[0], 0, header_size); 82 bss = &vif->bss_conf; 83 wh = (struct ieee80211_hdr *)&skb->data[header_size]; 84 85 mgmt_desc = (struct rsi_mgmt_desc *)skb->data; 86 xtend_desc = (struct xtended_desc *)&skb->data[FRAME_DESC_SZ]; 87 88 rsi_set_len_qno(&mgmt_desc->len_qno, (skb->len - FRAME_DESC_SZ), 89 RSI_WIFI_MGMT_Q); 90 mgmt_desc->frame_type = TX_DOT11_MGMT; 91 mgmt_desc->header_len = MIN_802_11_HDR_LEN; 92 mgmt_desc->xtend_desc_size = header_size - FRAME_DESC_SZ; 93 mgmt_desc->frame_info |= cpu_to_le16(RATE_INFO_ENABLE); 94 if (is_broadcast_ether_addr(wh->addr1)) 95 mgmt_desc->frame_info |= cpu_to_le16(RSI_BROADCAST_PKT); 96 97 mgmt_desc->seq_ctrl = 98 cpu_to_le16(IEEE80211_SEQ_TO_SN(le16_to_cpu(wh->seq_ctrl))); 99 if ((common->band == NL80211_BAND_2GHZ) && !common->p2p_enabled) 100 mgmt_desc->rate_info = cpu_to_le16(RSI_RATE_1); 101 else 102 mgmt_desc->rate_info = cpu_to_le16(RSI_RATE_6); 103 104 if (conf_is_ht40(conf)) 105 mgmt_desc->bbp_info = cpu_to_le16(FULL40M_ENABLE); 106 107 if (ieee80211_is_probe_req(wh->frame_control)) { 108 if (!bss->assoc) { 109 rsi_dbg(INFO_ZONE, 110 "%s: blocking mgmt queue\n", __func__); 111 mgmt_desc->misc_flags = RSI_DESC_REQUIRE_CFM_TO_HOST; 112 xtend_desc->confirm_frame_type = PROBEREQ_CONFIRM; 113 common->mgmt_q_block = true; 114 rsi_dbg(INFO_ZONE, "Mgmt queue blocked\n"); 115 } 116 } 117 118 if (ieee80211_is_probe_resp(wh->frame_control)) { 119 mgmt_desc->misc_flags |= (RSI_ADD_DELTA_TSF_VAP_ID | 120 RSI_FETCH_RETRY_CNT_FRM_HST); 121 #define PROBE_RESP_RETRY_CNT 3 122 xtend_desc->retry_cnt = PROBE_RESP_RETRY_CNT; 123 } 124 125 if (((vif->type == NL80211_IFTYPE_AP) || 126 (vif->type == NL80211_IFTYPE_P2P_GO)) && 127 (ieee80211_is_action(wh->frame_control))) { 128 struct rsi_sta *rsta = rsi_find_sta(common, wh->addr1); 129 130 if (rsta) 131 mgmt_desc->sta_id = tx_params->sta_id; 132 else 133 return -EINVAL; 134 } 135 mgmt_desc->rate_info |= 136 cpu_to_le16((tx_params->vap_id << RSI_DESC_VAP_ID_OFST) & 137 RSI_DESC_VAP_ID_MASK); 138 139 return 0; 140 } 141 142 /* This function prepares descriptor for given data packet */ 143 static int rsi_prepare_data_desc(struct rsi_common *common, struct sk_buff *skb) 144 { 145 struct rsi_hw *adapter = common->priv; 146 struct ieee80211_vif *vif; 147 struct ieee80211_hdr *wh = NULL; 148 struct ieee80211_tx_info *info; 149 struct skb_info *tx_params; 150 struct ieee80211_bss_conf *bss; 151 struct rsi_data_desc *data_desc; 152 struct xtended_desc *xtend_desc; 153 u8 ieee80211_size = MIN_802_11_HDR_LEN; 154 u8 header_size; 155 u8 vap_id = 0; 156 u8 dword_align_bytes; 157 u16 seq_num; 158 159 info = IEEE80211_SKB_CB(skb); 160 vif = info->control.vif; 161 bss = &vif->bss_conf; 162 tx_params = (struct skb_info *)info->driver_data; 163 164 header_size = FRAME_DESC_SZ + sizeof(struct xtended_desc); 165 if (header_size > skb_headroom(skb)) { 166 rsi_dbg(ERR_ZONE, "%s: Unable to send pkt\n", __func__); 167 return -ENOSPC; 168 } 169 skb_push(skb, header_size); 170 dword_align_bytes = ((unsigned long)skb->data & 0x3f); 171 if (header_size > skb_headroom(skb)) { 172 rsi_dbg(ERR_ZONE, "%s: Not enough headroom\n", __func__); 173 return -ENOSPC; 174 } 175 skb_push(skb, dword_align_bytes); 176 header_size += dword_align_bytes; 177 178 tx_params->internal_hdr_size = header_size; 179 data_desc = (struct rsi_data_desc *)skb->data; 180 memset(data_desc, 0, header_size); 181 182 xtend_desc = (struct xtended_desc *)&skb->data[FRAME_DESC_SZ]; 183 wh = (struct ieee80211_hdr *)&skb->data[header_size]; 184 seq_num = IEEE80211_SEQ_TO_SN(le16_to_cpu(wh->seq_ctrl)); 185 186 data_desc->xtend_desc_size = header_size - FRAME_DESC_SZ; 187 188 if (ieee80211_is_data_qos(wh->frame_control)) { 189 ieee80211_size += 2; 190 data_desc->mac_flags |= cpu_to_le16(RSI_QOS_ENABLE); 191 } 192 193 if (((vif->type == NL80211_IFTYPE_STATION) || 194 (vif->type == NL80211_IFTYPE_P2P_CLIENT)) && 195 (adapter->ps_state == PS_ENABLED)) 196 wh->frame_control |= cpu_to_le16(RSI_SET_PS_ENABLE); 197 198 if ((!(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT)) && 199 (common->secinfo.security_enable)) { 200 if (rsi_is_cipher_wep(common)) 201 ieee80211_size += 4; 202 else 203 ieee80211_size += 8; 204 data_desc->mac_flags |= cpu_to_le16(RSI_ENCRYPT_PKT); 205 } 206 rsi_set_len_qno(&data_desc->len_qno, (skb->len - FRAME_DESC_SZ), 207 RSI_WIFI_DATA_Q); 208 data_desc->header_len = ieee80211_size; 209 210 if (common->min_rate != RSI_RATE_AUTO) { 211 /* Send fixed rate */ 212 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE); 213 data_desc->rate_info = cpu_to_le16(common->min_rate); 214 215 if (conf_is_ht40(&common->priv->hw->conf)) 216 data_desc->bbp_info = cpu_to_le16(FULL40M_ENABLE); 217 218 if ((common->vif_info[0].sgi) && (common->min_rate & 0x100)) { 219 /* Only MCS rates */ 220 data_desc->rate_info |= 221 cpu_to_le16(ENABLE_SHORTGI_RATE); 222 } 223 } 224 225 if (skb->protocol == cpu_to_be16(ETH_P_PAE)) { 226 rsi_dbg(INFO_ZONE, "*** Tx EAPOL ***\n"); 227 228 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE); 229 if (common->band == NL80211_BAND_5GHZ) 230 data_desc->rate_info = cpu_to_le16(RSI_RATE_6); 231 else 232 data_desc->rate_info = cpu_to_le16(RSI_RATE_1); 233 data_desc->mac_flags |= cpu_to_le16(RSI_REKEY_PURPOSE); 234 data_desc->misc_flags |= RSI_FETCH_RETRY_CNT_FRM_HST; 235 #define EAPOL_RETRY_CNT 15 236 xtend_desc->retry_cnt = EAPOL_RETRY_CNT; 237 } 238 239 data_desc->mac_flags = cpu_to_le16(seq_num & 0xfff); 240 data_desc->qid_tid = ((skb->priority & 0xf) | 241 ((tx_params->tid & 0xf) << 4)); 242 data_desc->sta_id = tx_params->sta_id; 243 244 if ((is_broadcast_ether_addr(wh->addr1)) || 245 (is_multicast_ether_addr(wh->addr1))) { 246 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE); 247 data_desc->frame_info |= cpu_to_le16(RSI_BROADCAST_PKT); 248 data_desc->sta_id = vap_id; 249 250 if ((vif->type == NL80211_IFTYPE_AP) || 251 (vif->type == NL80211_IFTYPE_P2P_GO)) { 252 if (common->band == NL80211_BAND_5GHZ) 253 data_desc->rate_info = cpu_to_le16(RSI_RATE_6); 254 else 255 data_desc->rate_info = cpu_to_le16(RSI_RATE_1); 256 } 257 } 258 if (((vif->type == NL80211_IFTYPE_AP) || 259 (vif->type == NL80211_IFTYPE_P2P_GO)) && 260 (ieee80211_has_moredata(wh->frame_control))) 261 data_desc->frame_info |= cpu_to_le16(MORE_DATA_PRESENT); 262 263 data_desc->rate_info |= 264 cpu_to_le16((tx_params->vap_id << RSI_DESC_VAP_ID_OFST) & 265 RSI_DESC_VAP_ID_MASK); 266 267 return 0; 268 } 269 270 /* This function sends received data packet from driver to device */ 271 int rsi_send_data_pkt(struct rsi_common *common, struct sk_buff *skb) 272 { 273 struct rsi_hw *adapter = common->priv; 274 struct ieee80211_vif *vif; 275 struct ieee80211_tx_info *info; 276 struct ieee80211_bss_conf *bss; 277 int status = -EINVAL; 278 279 if (!skb) 280 return 0; 281 if (common->iface_down) 282 goto err; 283 284 info = IEEE80211_SKB_CB(skb); 285 if (!info->control.vif) 286 goto err; 287 vif = info->control.vif; 288 bss = &vif->bss_conf; 289 290 if (((vif->type == NL80211_IFTYPE_STATION) || 291 (vif->type == NL80211_IFTYPE_P2P_CLIENT)) && 292 (!bss->assoc)) 293 goto err; 294 295 status = rsi_prepare_data_desc(common, skb); 296 if (status) 297 goto err; 298 299 status = adapter->host_intf_ops->write_pkt(common->priv, skb->data, 300 skb->len); 301 if (status) 302 rsi_dbg(ERR_ZONE, "%s: Failed to write pkt\n", __func__); 303 304 err: 305 ++common->tx_stats.total_tx_pkt_freed[skb->priority]; 306 rsi_indicate_tx_status(adapter, skb, status); 307 return status; 308 } 309 310 /** 311 * rsi_send_mgmt_pkt() - This functions sends the received management packet 312 * from driver to device. 313 * @common: Pointer to the driver private structure. 314 * @skb: Pointer to the socket buffer structure. 315 * 316 * Return: status: 0 on success, -1 on failure. 317 */ 318 int rsi_send_mgmt_pkt(struct rsi_common *common, 319 struct sk_buff *skb) 320 { 321 struct rsi_hw *adapter = common->priv; 322 struct ieee80211_tx_info *info; 323 struct skb_info *tx_params; 324 int status = -E2BIG; 325 326 info = IEEE80211_SKB_CB(skb); 327 tx_params = (struct skb_info *)info->driver_data; 328 329 if (tx_params->flags & INTERNAL_MGMT_PKT) { 330 status = adapter->host_intf_ops->write_pkt(common->priv, 331 (u8 *)skb->data, 332 skb->len); 333 if (status) { 334 rsi_dbg(ERR_ZONE, 335 "%s: Failed to write the packet\n", __func__); 336 } 337 dev_kfree_skb(skb); 338 return status; 339 } 340 341 if (FRAME_DESC_SZ > skb_headroom(skb)) 342 goto err; 343 344 rsi_prepare_mgmt_desc(common, skb); 345 status = adapter->host_intf_ops->write_pkt(common->priv, 346 (u8 *)skb->data, skb->len); 347 if (status) 348 rsi_dbg(ERR_ZONE, "%s: Failed to write the packet\n", __func__); 349 350 err: 351 rsi_indicate_tx_status(common->priv, skb, status); 352 return status; 353 } 354 355 int rsi_prepare_beacon(struct rsi_common *common, struct sk_buff *skb) 356 { 357 struct rsi_hw *adapter = (struct rsi_hw *)common->priv; 358 struct rsi_data_desc *bcn_frm; 359 struct ieee80211_hw *hw = common->priv->hw; 360 struct ieee80211_conf *conf = &hw->conf; 361 struct ieee80211_vif *vif; 362 struct sk_buff *mac_bcn; 363 u8 vap_id = 0, i; 364 u16 tim_offset = 0; 365 366 for (i = 0; i < RSI_MAX_VIFS; i++) { 367 vif = adapter->vifs[i]; 368 if (!vif) 369 continue; 370 if ((vif->type == NL80211_IFTYPE_AP) || 371 (vif->type == NL80211_IFTYPE_P2P_GO)) 372 break; 373 } 374 if (!vif) 375 return -EINVAL; 376 mac_bcn = ieee80211_beacon_get_tim(adapter->hw, 377 vif, 378 &tim_offset, NULL); 379 if (!mac_bcn) { 380 rsi_dbg(ERR_ZONE, "Failed to get beacon from mac80211\n"); 381 return -EINVAL; 382 } 383 384 common->beacon_cnt++; 385 bcn_frm = (struct rsi_data_desc *)skb->data; 386 rsi_set_len_qno(&bcn_frm->len_qno, mac_bcn->len, RSI_WIFI_DATA_Q); 387 bcn_frm->header_len = MIN_802_11_HDR_LEN; 388 bcn_frm->frame_info = cpu_to_le16(RSI_DATA_DESC_MAC_BBP_INFO | 389 RSI_DATA_DESC_NO_ACK_IND | 390 RSI_DATA_DESC_BEACON_FRAME | 391 RSI_DATA_DESC_INSERT_TSF | 392 RSI_DATA_DESC_INSERT_SEQ_NO | 393 RATE_INFO_ENABLE); 394 bcn_frm->rate_info = cpu_to_le16(vap_id << 14); 395 bcn_frm->qid_tid = BEACON_HW_Q; 396 397 if (conf_is_ht40_plus(conf)) { 398 bcn_frm->bbp_info = cpu_to_le16(LOWER_20_ENABLE); 399 bcn_frm->bbp_info |= cpu_to_le16(LOWER_20_ENABLE >> 12); 400 } else if (conf_is_ht40_minus(conf)) { 401 bcn_frm->bbp_info = cpu_to_le16(UPPER_20_ENABLE); 402 bcn_frm->bbp_info |= cpu_to_le16(UPPER_20_ENABLE >> 12); 403 } 404 405 if (common->band == NL80211_BAND_2GHZ) 406 bcn_frm->bbp_info |= cpu_to_le16(RSI_RATE_1); 407 else 408 bcn_frm->bbp_info |= cpu_to_le16(RSI_RATE_6); 409 410 if (mac_bcn->data[tim_offset + 2] == 0) 411 bcn_frm->frame_info |= cpu_to_le16(RSI_DATA_DESC_DTIM_BEACON); 412 413 memcpy(&skb->data[FRAME_DESC_SZ], mac_bcn->data, mac_bcn->len); 414 skb_put(skb, mac_bcn->len + FRAME_DESC_SZ); 415 416 dev_kfree_skb(mac_bcn); 417 418 return 0; 419 } 420 421 static void bl_cmd_timeout(struct timer_list *t) 422 { 423 struct rsi_hw *adapter = from_timer(adapter, t, bl_cmd_timer); 424 425 adapter->blcmd_timer_expired = true; 426 del_timer(&adapter->bl_cmd_timer); 427 } 428 429 static int bl_start_cmd_timer(struct rsi_hw *adapter, u32 timeout) 430 { 431 timer_setup(&adapter->bl_cmd_timer, bl_cmd_timeout, 0); 432 adapter->bl_cmd_timer.expires = (msecs_to_jiffies(timeout) + jiffies); 433 434 adapter->blcmd_timer_expired = false; 435 add_timer(&adapter->bl_cmd_timer); 436 437 return 0; 438 } 439 440 static int bl_stop_cmd_timer(struct rsi_hw *adapter) 441 { 442 adapter->blcmd_timer_expired = false; 443 if (timer_pending(&adapter->bl_cmd_timer)) 444 del_timer(&adapter->bl_cmd_timer); 445 446 return 0; 447 } 448 449 static int bl_write_cmd(struct rsi_hw *adapter, u8 cmd, u8 exp_resp, 450 u16 *cmd_resp) 451 { 452 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops; 453 u32 regin_val = 0, regout_val = 0; 454 u32 regin_input = 0; 455 u8 output = 0; 456 int status; 457 458 regin_input = (REGIN_INPUT | adapter->priv->coex_mode); 459 460 while (!adapter->blcmd_timer_expired) { 461 regin_val = 0; 462 status = hif_ops->master_reg_read(adapter, SWBL_REGIN, 463 ®in_val, 2); 464 if (status < 0) { 465 rsi_dbg(ERR_ZONE, 466 "%s: Command %0x REGIN reading failed..\n", 467 __func__, cmd); 468 return status; 469 } 470 mdelay(1); 471 if ((regin_val >> 12) != REGIN_VALID) 472 break; 473 } 474 if (adapter->blcmd_timer_expired) { 475 rsi_dbg(ERR_ZONE, 476 "%s: Command %0x REGIN reading timed out..\n", 477 __func__, cmd); 478 return -ETIMEDOUT; 479 } 480 481 rsi_dbg(INFO_ZONE, 482 "Issuing write to Regin val:%0x sending cmd:%0x\n", 483 regin_val, (cmd | regin_input << 8)); 484 status = hif_ops->master_reg_write(adapter, SWBL_REGIN, 485 (cmd | regin_input << 8), 2); 486 if (status < 0) 487 return status; 488 mdelay(1); 489 490 if (cmd == LOAD_HOSTED_FW || cmd == JUMP_TO_ZERO_PC) { 491 /* JUMP_TO_ZERO_PC doesn't expect 492 * any response. So return from here 493 */ 494 return 0; 495 } 496 497 while (!adapter->blcmd_timer_expired) { 498 regout_val = 0; 499 status = hif_ops->master_reg_read(adapter, SWBL_REGOUT, 500 ®out_val, 2); 501 if (status < 0) { 502 rsi_dbg(ERR_ZONE, 503 "%s: Command %0x REGOUT reading failed..\n", 504 __func__, cmd); 505 return status; 506 } 507 mdelay(1); 508 if ((regout_val >> 8) == REGOUT_VALID) 509 break; 510 } 511 if (adapter->blcmd_timer_expired) { 512 rsi_dbg(ERR_ZONE, 513 "%s: Command %0x REGOUT reading timed out..\n", 514 __func__, cmd); 515 return status; 516 } 517 518 *cmd_resp = ((u16 *)®out_val)[0] & 0xffff; 519 520 output = ((u8 *)®out_val)[0] & 0xff; 521 522 status = hif_ops->master_reg_write(adapter, SWBL_REGOUT, 523 (cmd | REGOUT_INVALID << 8), 2); 524 if (status < 0) { 525 rsi_dbg(ERR_ZONE, 526 "%s: Command %0x REGOUT writing failed..\n", 527 __func__, cmd); 528 return status; 529 } 530 mdelay(1); 531 532 if (output != exp_resp) { 533 rsi_dbg(ERR_ZONE, 534 "%s: Recvd resp %x for cmd %0x\n", 535 __func__, output, cmd); 536 return -EINVAL; 537 } 538 rsi_dbg(INFO_ZONE, 539 "%s: Recvd Expected resp %x for cmd %0x\n", 540 __func__, output, cmd); 541 542 return 0; 543 } 544 545 static int bl_cmd(struct rsi_hw *adapter, u8 cmd, u8 exp_resp, char *str) 546 { 547 u16 regout_val = 0; 548 u32 timeout; 549 int status; 550 551 if ((cmd == EOF_REACHED) || (cmd == PING_VALID) || (cmd == PONG_VALID)) 552 timeout = BL_BURN_TIMEOUT; 553 else 554 timeout = BL_CMD_TIMEOUT; 555 556 bl_start_cmd_timer(adapter, timeout); 557 status = bl_write_cmd(adapter, cmd, exp_resp, ®out_val); 558 if (status < 0) { 559 rsi_dbg(ERR_ZONE, 560 "%s: Command %s (%0x) writing failed..\n", 561 __func__, str, cmd); 562 return status; 563 } 564 bl_stop_cmd_timer(adapter); 565 return 0; 566 } 567 568 #define CHECK_SUM_OFFSET 20 569 #define LEN_OFFSET 8 570 #define ADDR_OFFSET 16 571 static int bl_write_header(struct rsi_hw *adapter, u8 *flash_content, 572 u32 content_size) 573 { 574 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops; 575 struct bl_header bl_hdr; 576 u32 write_addr, write_len; 577 int status; 578 579 bl_hdr.flags = 0; 580 bl_hdr.image_no = cpu_to_le32(adapter->priv->coex_mode); 581 bl_hdr.check_sum = cpu_to_le32( 582 *(u32 *)&flash_content[CHECK_SUM_OFFSET]); 583 bl_hdr.flash_start_address = cpu_to_le32( 584 *(u32 *)&flash_content[ADDR_OFFSET]); 585 bl_hdr.flash_len = cpu_to_le32(*(u32 *)&flash_content[LEN_OFFSET]); 586 write_len = sizeof(struct bl_header); 587 588 if (adapter->rsi_host_intf == RSI_HOST_INTF_USB) { 589 write_addr = PING_BUFFER_ADDRESS; 590 status = hif_ops->write_reg_multiple(adapter, write_addr, 591 (u8 *)&bl_hdr, write_len); 592 if (status < 0) { 593 rsi_dbg(ERR_ZONE, 594 "%s: Failed to load Version/CRC structure\n", 595 __func__); 596 return status; 597 } 598 } else { 599 write_addr = PING_BUFFER_ADDRESS >> 16; 600 status = hif_ops->master_access_msword(adapter, write_addr); 601 if (status < 0) { 602 rsi_dbg(ERR_ZONE, 603 "%s: Unable to set ms word to common reg\n", 604 __func__); 605 return status; 606 } 607 write_addr = RSI_SD_REQUEST_MASTER | 608 (PING_BUFFER_ADDRESS & 0xFFFF); 609 status = hif_ops->write_reg_multiple(adapter, write_addr, 610 (u8 *)&bl_hdr, write_len); 611 if (status < 0) { 612 rsi_dbg(ERR_ZONE, 613 "%s: Failed to load Version/CRC structure\n", 614 __func__); 615 return status; 616 } 617 } 618 return 0; 619 } 620 621 static u32 read_flash_capacity(struct rsi_hw *adapter) 622 { 623 u32 flash_sz = 0; 624 625 if ((adapter->host_intf_ops->master_reg_read(adapter, FLASH_SIZE_ADDR, 626 &flash_sz, 2)) < 0) { 627 rsi_dbg(ERR_ZONE, 628 "%s: Flash size reading failed..\n", 629 __func__); 630 return 0; 631 } 632 rsi_dbg(INIT_ZONE, "Flash capacity: %d KiloBytes\n", flash_sz); 633 634 return (flash_sz * 1024); /* Return size in kbytes */ 635 } 636 637 static int ping_pong_write(struct rsi_hw *adapter, u8 cmd, u8 *addr, u32 size) 638 { 639 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops; 640 u32 block_size = adapter->block_size; 641 u32 cmd_addr; 642 u16 cmd_resp, cmd_req; 643 u8 *str; 644 int status; 645 646 if (cmd == PING_WRITE) { 647 cmd_addr = PING_BUFFER_ADDRESS; 648 cmd_resp = PONG_AVAIL; 649 cmd_req = PING_VALID; 650 str = "PING_VALID"; 651 } else { 652 cmd_addr = PONG_BUFFER_ADDRESS; 653 cmd_resp = PING_AVAIL; 654 cmd_req = PONG_VALID; 655 str = "PONG_VALID"; 656 } 657 658 status = hif_ops->load_data_master_write(adapter, cmd_addr, size, 659 block_size, addr); 660 if (status) { 661 rsi_dbg(ERR_ZONE, "%s: Unable to write blk at addr %0x\n", 662 __func__, *addr); 663 return status; 664 } 665 666 status = bl_cmd(adapter, cmd_req, cmd_resp, str); 667 if (status) { 668 bl_stop_cmd_timer(adapter); 669 return status; 670 } 671 return 0; 672 } 673 674 static int auto_fw_upgrade(struct rsi_hw *adapter, u8 *flash_content, 675 u32 content_size) 676 { 677 u8 cmd, *temp_flash_content; 678 u32 temp_content_size, num_flash, index; 679 u32 flash_start_address; 680 int status; 681 682 temp_flash_content = flash_content; 683 684 if (content_size > MAX_FLASH_FILE_SIZE) { 685 rsi_dbg(ERR_ZONE, 686 "%s: Flash Content size is more than 400K %u\n", 687 __func__, MAX_FLASH_FILE_SIZE); 688 return -EINVAL; 689 } 690 691 flash_start_address = *(u32 *)&flash_content[FLASH_START_ADDRESS]; 692 rsi_dbg(INFO_ZONE, "flash start address: %08x\n", flash_start_address); 693 694 if (flash_start_address < FW_IMAGE_MIN_ADDRESS) { 695 rsi_dbg(ERR_ZONE, 696 "%s: Fw image Flash Start Address is less than 64K\n", 697 __func__); 698 return -EINVAL; 699 } 700 701 if (flash_start_address % FLASH_SECTOR_SIZE) { 702 rsi_dbg(ERR_ZONE, 703 "%s: Flash Start Address is not multiple of 4K\n", 704 __func__); 705 return -EINVAL; 706 } 707 708 if ((flash_start_address + content_size) > adapter->flash_capacity) { 709 rsi_dbg(ERR_ZONE, 710 "%s: Flash Content will cross max flash size\n", 711 __func__); 712 return -EINVAL; 713 } 714 715 temp_content_size = content_size; 716 num_flash = content_size / FLASH_WRITE_CHUNK_SIZE; 717 718 rsi_dbg(INFO_ZONE, "content_size: %d, num_flash: %d\n", 719 content_size, num_flash); 720 721 for (index = 0; index <= num_flash; index++) { 722 rsi_dbg(INFO_ZONE, "flash index: %d\n", index); 723 if (index != num_flash) { 724 content_size = FLASH_WRITE_CHUNK_SIZE; 725 rsi_dbg(INFO_ZONE, "QSPI content_size:%d\n", 726 content_size); 727 } else { 728 content_size = 729 temp_content_size % FLASH_WRITE_CHUNK_SIZE; 730 rsi_dbg(INFO_ZONE, 731 "Writing last sector content_size:%d\n", 732 content_size); 733 if (!content_size) { 734 rsi_dbg(INFO_ZONE, "instruction size zero\n"); 735 break; 736 } 737 } 738 739 if (index % 2) 740 cmd = PING_WRITE; 741 else 742 cmd = PONG_WRITE; 743 744 status = ping_pong_write(adapter, cmd, flash_content, 745 content_size); 746 if (status) { 747 rsi_dbg(ERR_ZONE, "%s: Unable to load %d block\n", 748 __func__, index); 749 return status; 750 } 751 752 rsi_dbg(INFO_ZONE, 753 "%s: Successfully loaded %d instructions\n", 754 __func__, index); 755 flash_content += content_size; 756 } 757 758 status = bl_cmd(adapter, EOF_REACHED, FW_LOADING_SUCCESSFUL, 759 "EOF_REACHED"); 760 if (status) { 761 bl_stop_cmd_timer(adapter); 762 return status; 763 } 764 rsi_dbg(INFO_ZONE, "FW loading is done and FW is running..\n"); 765 return 0; 766 } 767 768 static int rsi_load_firmware(struct rsi_hw *adapter) 769 { 770 struct rsi_common *common = adapter->priv; 771 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops; 772 const struct firmware *fw_entry = NULL; 773 u32 regout_val = 0, content_size; 774 u16 tmp_regout_val = 0; 775 u8 *flash_content = NULL; 776 struct ta_metadata *metadata_p; 777 int status; 778 779 bl_start_cmd_timer(adapter, BL_CMD_TIMEOUT); 780 781 while (!adapter->blcmd_timer_expired) { 782 status = hif_ops->master_reg_read(adapter, SWBL_REGOUT, 783 ®out_val, 2); 784 if (status < 0) { 785 rsi_dbg(ERR_ZONE, 786 "%s: REGOUT read failed\n", __func__); 787 return status; 788 } 789 mdelay(1); 790 if ((regout_val >> 8) == REGOUT_VALID) 791 break; 792 } 793 if (adapter->blcmd_timer_expired) { 794 rsi_dbg(ERR_ZONE, "%s: REGOUT read timedout\n", __func__); 795 rsi_dbg(ERR_ZONE, 796 "%s: Soft boot loader not present\n", __func__); 797 return -ETIMEDOUT; 798 } 799 bl_stop_cmd_timer(adapter); 800 801 rsi_dbg(INFO_ZONE, "Received Board Version Number: %x\n", 802 (regout_val & 0xff)); 803 804 status = hif_ops->master_reg_write(adapter, SWBL_REGOUT, 805 (REGOUT_INVALID | REGOUT_INVALID << 8), 806 2); 807 if (status < 0) { 808 rsi_dbg(ERR_ZONE, "%s: REGOUT writing failed..\n", __func__); 809 return status; 810 } 811 mdelay(1); 812 813 status = bl_cmd(adapter, CONFIG_AUTO_READ_MODE, CMD_PASS, 814 "AUTO_READ_CMD"); 815 if (status < 0) 816 return status; 817 818 adapter->flash_capacity = read_flash_capacity(adapter); 819 if (adapter->flash_capacity <= 0) { 820 rsi_dbg(ERR_ZONE, 821 "%s: Unable to read flash size from EEPROM\n", 822 __func__); 823 return -EINVAL; 824 } 825 826 metadata_p = &metadata_flash_content[adapter->priv->coex_mode]; 827 828 rsi_dbg(INIT_ZONE, "%s: Loading file %s\n", __func__, metadata_p->name); 829 adapter->fw_file_name = metadata_p->name; 830 831 status = request_firmware(&fw_entry, metadata_p->name, adapter->device); 832 if (status < 0) { 833 rsi_dbg(ERR_ZONE, "%s: Failed to open file %s\n", 834 __func__, metadata_p->name); 835 return status; 836 } 837 flash_content = kmemdup(fw_entry->data, fw_entry->size, GFP_KERNEL); 838 if (!flash_content) { 839 rsi_dbg(ERR_ZONE, "%s: Failed to copy firmware\n", __func__); 840 status = -EIO; 841 goto fail; 842 } 843 content_size = fw_entry->size; 844 rsi_dbg(INFO_ZONE, "FW Length = %d bytes\n", content_size); 845 846 /* Get the firmware version */ 847 common->lmac_ver.ver.info.fw_ver[0] = 848 flash_content[LMAC_VER_OFFSET] & 0xFF; 849 common->lmac_ver.ver.info.fw_ver[1] = 850 flash_content[LMAC_VER_OFFSET + 1] & 0xFF; 851 common->lmac_ver.major = flash_content[LMAC_VER_OFFSET + 2] & 0xFF; 852 common->lmac_ver.release_num = 853 flash_content[LMAC_VER_OFFSET + 3] & 0xFF; 854 common->lmac_ver.minor = flash_content[LMAC_VER_OFFSET + 4] & 0xFF; 855 common->lmac_ver.patch_num = 0; 856 rsi_print_version(common); 857 858 status = bl_write_header(adapter, flash_content, content_size); 859 if (status) { 860 rsi_dbg(ERR_ZONE, 861 "%s: RPS Image header loading failed\n", 862 __func__); 863 goto fail; 864 } 865 866 bl_start_cmd_timer(adapter, BL_CMD_TIMEOUT); 867 status = bl_write_cmd(adapter, CHECK_CRC, CMD_PASS, &tmp_regout_val); 868 if (status) { 869 bl_stop_cmd_timer(adapter); 870 rsi_dbg(ERR_ZONE, 871 "%s: CHECK_CRC Command writing failed..\n", 872 __func__); 873 if ((tmp_regout_val & 0xff) == CMD_FAIL) { 874 rsi_dbg(ERR_ZONE, 875 "CRC Fail.. Proceeding to Upgrade mode\n"); 876 goto fw_upgrade; 877 } 878 } 879 bl_stop_cmd_timer(adapter); 880 881 status = bl_cmd(adapter, POLLING_MODE, CMD_PASS, "POLLING_MODE"); 882 if (status) 883 goto fail; 884 885 load_image_cmd: 886 status = bl_cmd(adapter, LOAD_HOSTED_FW, LOADING_INITIATED, 887 "LOAD_HOSTED_FW"); 888 if (status) 889 goto fail; 890 rsi_dbg(INFO_ZONE, "Load Image command passed..\n"); 891 goto success; 892 893 fw_upgrade: 894 status = bl_cmd(adapter, BURN_HOSTED_FW, SEND_RPS_FILE, "FW_UPGRADE"); 895 if (status) 896 goto fail; 897 898 rsi_dbg(INFO_ZONE, "Burn Command Pass.. Upgrading the firmware\n"); 899 900 status = auto_fw_upgrade(adapter, flash_content, content_size); 901 if (status == 0) { 902 rsi_dbg(ERR_ZONE, "Firmware upgradation Done\n"); 903 goto load_image_cmd; 904 } 905 rsi_dbg(ERR_ZONE, "Firmware upgrade failed\n"); 906 907 status = bl_cmd(adapter, CONFIG_AUTO_READ_MODE, CMD_PASS, 908 "AUTO_READ_MODE"); 909 if (status) 910 goto fail; 911 912 success: 913 rsi_dbg(ERR_ZONE, "***** Firmware Loading successful *****\n"); 914 kfree(flash_content); 915 release_firmware(fw_entry); 916 return 0; 917 918 fail: 919 rsi_dbg(ERR_ZONE, "##### Firmware loading failed #####\n"); 920 kfree(flash_content); 921 release_firmware(fw_entry); 922 return status; 923 } 924 925 int rsi_hal_device_init(struct rsi_hw *adapter) 926 { 927 struct rsi_common *common = adapter->priv; 928 929 common->coex_mode = RSI_DEV_COEX_MODE_WIFI_ALONE; 930 common->oper_mode = RSI_DEV_OPMODE_WIFI_ALONE; 931 adapter->device_model = RSI_DEV_9113; 932 933 switch (adapter->device_model) { 934 case RSI_DEV_9113: 935 if (rsi_load_firmware(adapter)) { 936 rsi_dbg(ERR_ZONE, 937 "%s: Failed to load TA instructions\n", 938 __func__); 939 return -EINVAL; 940 } 941 break; 942 default: 943 return -EINVAL; 944 } 945 common->fsm_state = FSM_CARD_NOT_READY; 946 947 return 0; 948 } 949 EXPORT_SYMBOL_GPL(rsi_hal_device_init); 950 951