1 /**
2 * Copyright (c) 2014 Redpine Signals Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17 #include <linux/firmware.h>
18 #include <net/bluetooth/bluetooth.h>
19 #include "rsi_mgmt.h"
20 #include "rsi_hal.h"
21 #include "rsi_sdio.h"
22 #include "rsi_common.h"
23
24 /* FLASH Firmware */
25 static struct ta_metadata metadata_flash_content[] = {
26 {"flash_content", 0x00010000},
27 {"rsi/rs9113_wlan_qspi.rps", 0x00010000},
28 {"rsi/rs9113_wlan_bt_dual_mode.rps", 0x00010000},
29 {"flash_content", 0x00010000},
30 {"rsi/rs9113_ap_bt_dual_mode.rps", 0x00010000},
31
32 };
33
rsi_send_pkt_to_bus(struct rsi_common * common,struct sk_buff * skb)34 int rsi_send_pkt_to_bus(struct rsi_common *common, struct sk_buff *skb)
35 {
36 struct rsi_hw *adapter = common->priv;
37 int status;
38
39 if (common->coex_mode > 1)
40 mutex_lock(&common->tx_bus_mutex);
41
42 status = adapter->host_intf_ops->write_pkt(common->priv,
43 skb->data, skb->len);
44
45 if (common->coex_mode > 1)
46 mutex_unlock(&common->tx_bus_mutex);
47
48 return status;
49 }
50
rsi_prepare_mgmt_desc(struct rsi_common * common,struct sk_buff * skb)51 int rsi_prepare_mgmt_desc(struct rsi_common *common, struct sk_buff *skb)
52 {
53 struct rsi_hw *adapter = common->priv;
54 struct ieee80211_hdr *wh = NULL;
55 struct ieee80211_tx_info *info;
56 struct ieee80211_conf *conf = &adapter->hw->conf;
57 struct ieee80211_vif *vif;
58 struct rsi_mgmt_desc *mgmt_desc;
59 struct skb_info *tx_params;
60 struct rsi_xtended_desc *xtend_desc = NULL;
61 u8 header_size;
62 u32 dword_align_bytes = 0;
63
64 if (skb->len > MAX_MGMT_PKT_SIZE) {
65 rsi_dbg(INFO_ZONE, "%s: Dropping mgmt pkt > 512\n", __func__);
66 return -EINVAL;
67 }
68
69 info = IEEE80211_SKB_CB(skb);
70 tx_params = (struct skb_info *)info->driver_data;
71 vif = tx_params->vif;
72
73 /* Update header size */
74 header_size = FRAME_DESC_SZ + sizeof(struct rsi_xtended_desc);
75 if (header_size > skb_headroom(skb)) {
76 rsi_dbg(ERR_ZONE,
77 "%s: Failed to add extended descriptor\n",
78 __func__);
79 return -ENOSPC;
80 }
81 skb_push(skb, header_size);
82 dword_align_bytes = ((unsigned long)skb->data & 0x3f);
83 if (dword_align_bytes > skb_headroom(skb)) {
84 rsi_dbg(ERR_ZONE,
85 "%s: Failed to add dword align\n", __func__);
86 return -ENOSPC;
87 }
88 skb_push(skb, dword_align_bytes);
89 header_size += dword_align_bytes;
90
91 tx_params->internal_hdr_size = header_size;
92 memset(&skb->data[0], 0, header_size);
93 wh = (struct ieee80211_hdr *)&skb->data[header_size];
94
95 mgmt_desc = (struct rsi_mgmt_desc *)skb->data;
96 xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
97
98 rsi_set_len_qno(&mgmt_desc->len_qno, (skb->len - FRAME_DESC_SZ),
99 RSI_WIFI_MGMT_Q);
100 mgmt_desc->frame_type = TX_DOT11_MGMT;
101 mgmt_desc->header_len = MIN_802_11_HDR_LEN;
102 mgmt_desc->xtend_desc_size = header_size - FRAME_DESC_SZ;
103 mgmt_desc->frame_info |= cpu_to_le16(RATE_INFO_ENABLE);
104 if (is_broadcast_ether_addr(wh->addr1))
105 mgmt_desc->frame_info |= cpu_to_le16(RSI_BROADCAST_PKT);
106
107 mgmt_desc->seq_ctrl =
108 cpu_to_le16(IEEE80211_SEQ_TO_SN(le16_to_cpu(wh->seq_ctrl)));
109 if ((common->band == NL80211_BAND_2GHZ) && !common->p2p_enabled)
110 mgmt_desc->rate_info = cpu_to_le16(RSI_RATE_1);
111 else
112 mgmt_desc->rate_info = cpu_to_le16(RSI_RATE_6);
113
114 if (conf_is_ht40(conf))
115 mgmt_desc->bbp_info = cpu_to_le16(FULL40M_ENABLE);
116
117 if (ieee80211_is_probe_resp(wh->frame_control)) {
118 mgmt_desc->misc_flags |= (RSI_ADD_DELTA_TSF_VAP_ID |
119 RSI_FETCH_RETRY_CNT_FRM_HST);
120 #define PROBE_RESP_RETRY_CNT 3
121 xtend_desc->retry_cnt = PROBE_RESP_RETRY_CNT;
122 }
123
124 if (((vif->type == NL80211_IFTYPE_AP) ||
125 (vif->type == NL80211_IFTYPE_P2P_GO)) &&
126 (ieee80211_is_action(wh->frame_control))) {
127 struct rsi_sta *rsta = rsi_find_sta(common, wh->addr1);
128
129 if (rsta)
130 mgmt_desc->sta_id = tx_params->sta_id;
131 else
132 return -EINVAL;
133 }
134 mgmt_desc->rate_info |=
135 cpu_to_le16((tx_params->vap_id << RSI_DESC_VAP_ID_OFST) &
136 RSI_DESC_VAP_ID_MASK);
137
138 return 0;
139 }
140
141 /* This function prepares descriptor for given data packet */
rsi_prepare_data_desc(struct rsi_common * common,struct sk_buff * skb)142 int rsi_prepare_data_desc(struct rsi_common *common, struct sk_buff *skb)
143 {
144 struct rsi_hw *adapter = common->priv;
145 struct ieee80211_vif *vif;
146 struct ieee80211_hdr *wh = NULL;
147 struct ieee80211_tx_info *info;
148 struct skb_info *tx_params;
149 struct rsi_data_desc *data_desc;
150 struct rsi_xtended_desc *xtend_desc;
151 u8 ieee80211_size = MIN_802_11_HDR_LEN;
152 u8 header_size;
153 u8 vap_id = 0;
154 u8 dword_align_bytes;
155 u16 seq_num;
156
157 info = IEEE80211_SKB_CB(skb);
158 vif = info->control.vif;
159 tx_params = (struct skb_info *)info->driver_data;
160
161 header_size = FRAME_DESC_SZ + sizeof(struct rsi_xtended_desc);
162 if (header_size > skb_headroom(skb)) {
163 rsi_dbg(ERR_ZONE, "%s: Unable to send pkt\n", __func__);
164 return -ENOSPC;
165 }
166 skb_push(skb, header_size);
167 dword_align_bytes = ((unsigned long)skb->data & 0x3f);
168 if (header_size > skb_headroom(skb)) {
169 rsi_dbg(ERR_ZONE, "%s: Not enough headroom\n", __func__);
170 return -ENOSPC;
171 }
172 skb_push(skb, dword_align_bytes);
173 header_size += dword_align_bytes;
174
175 tx_params->internal_hdr_size = header_size;
176 data_desc = (struct rsi_data_desc *)skb->data;
177 memset(data_desc, 0, header_size);
178
179 xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
180 wh = (struct ieee80211_hdr *)&skb->data[header_size];
181 seq_num = IEEE80211_SEQ_TO_SN(le16_to_cpu(wh->seq_ctrl));
182
183 data_desc->xtend_desc_size = header_size - FRAME_DESC_SZ;
184
185 if (ieee80211_is_data_qos(wh->frame_control)) {
186 ieee80211_size += 2;
187 data_desc->mac_flags |= cpu_to_le16(RSI_QOS_ENABLE);
188 }
189
190 if (((vif->type == NL80211_IFTYPE_STATION) ||
191 (vif->type == NL80211_IFTYPE_P2P_CLIENT)) &&
192 (adapter->ps_state == PS_ENABLED))
193 wh->frame_control |= cpu_to_le16(RSI_SET_PS_ENABLE);
194
195 if ((!(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT)) &&
196 (common->secinfo.security_enable)) {
197 if (rsi_is_cipher_wep(common))
198 ieee80211_size += 4;
199 else
200 ieee80211_size += 8;
201 data_desc->mac_flags |= cpu_to_le16(RSI_ENCRYPT_PKT);
202 }
203 rsi_set_len_qno(&data_desc->len_qno, (skb->len - FRAME_DESC_SZ),
204 RSI_WIFI_DATA_Q);
205 data_desc->header_len = ieee80211_size;
206
207 if (common->min_rate != RSI_RATE_AUTO) {
208 /* Send fixed rate */
209 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
210 data_desc->rate_info = cpu_to_le16(common->min_rate);
211
212 if (conf_is_ht40(&common->priv->hw->conf))
213 data_desc->bbp_info = cpu_to_le16(FULL40M_ENABLE);
214
215 if ((common->vif_info[0].sgi) && (common->min_rate & 0x100)) {
216 /* Only MCS rates */
217 data_desc->rate_info |=
218 cpu_to_le16(ENABLE_SHORTGI_RATE);
219 }
220 }
221
222 if (skb->protocol == cpu_to_be16(ETH_P_PAE)) {
223 rsi_dbg(INFO_ZONE, "*** Tx EAPOL ***\n");
224
225 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
226 if (common->band == NL80211_BAND_5GHZ)
227 data_desc->rate_info = cpu_to_le16(RSI_RATE_6);
228 else
229 data_desc->rate_info = cpu_to_le16(RSI_RATE_1);
230 data_desc->mac_flags |= cpu_to_le16(RSI_REKEY_PURPOSE);
231 data_desc->misc_flags |= RSI_FETCH_RETRY_CNT_FRM_HST;
232 #define EAPOL_RETRY_CNT 15
233 xtend_desc->retry_cnt = EAPOL_RETRY_CNT;
234
235 if (common->eapol4_confirm)
236 skb->priority = VO_Q;
237 else
238 rsi_set_len_qno(&data_desc->len_qno,
239 (skb->len - FRAME_DESC_SZ),
240 RSI_WIFI_MGMT_Q);
241 if ((skb->len - header_size) == EAPOL4_PACKET_LEN) {
242 data_desc->misc_flags |=
243 RSI_DESC_REQUIRE_CFM_TO_HOST;
244 xtend_desc->confirm_frame_type = EAPOL4_CONFIRM;
245 }
246 }
247
248 data_desc->mac_flags |= cpu_to_le16(seq_num & 0xfff);
249 data_desc->qid_tid = ((skb->priority & 0xf) |
250 ((tx_params->tid & 0xf) << 4));
251 data_desc->sta_id = tx_params->sta_id;
252
253 if ((is_broadcast_ether_addr(wh->addr1)) ||
254 (is_multicast_ether_addr(wh->addr1))) {
255 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
256 data_desc->frame_info |= cpu_to_le16(RSI_BROADCAST_PKT);
257 data_desc->sta_id = vap_id;
258
259 if ((vif->type == NL80211_IFTYPE_AP) ||
260 (vif->type == NL80211_IFTYPE_P2P_GO)) {
261 if (common->band == NL80211_BAND_5GHZ)
262 data_desc->rate_info = cpu_to_le16(RSI_RATE_6);
263 else
264 data_desc->rate_info = cpu_to_le16(RSI_RATE_1);
265 }
266 }
267 if (((vif->type == NL80211_IFTYPE_AP) ||
268 (vif->type == NL80211_IFTYPE_P2P_GO)) &&
269 (ieee80211_has_moredata(wh->frame_control)))
270 data_desc->frame_info |= cpu_to_le16(MORE_DATA_PRESENT);
271
272 data_desc->rate_info |=
273 cpu_to_le16((tx_params->vap_id << RSI_DESC_VAP_ID_OFST) &
274 RSI_DESC_VAP_ID_MASK);
275
276 return 0;
277 }
278
279 /* This function sends received data packet from driver to device */
rsi_send_data_pkt(struct rsi_common * common,struct sk_buff * skb)280 int rsi_send_data_pkt(struct rsi_common *common, struct sk_buff *skb)
281 {
282 struct rsi_hw *adapter = common->priv;
283 struct ieee80211_vif *vif;
284 struct ieee80211_tx_info *info;
285 struct skb_info *tx_params;
286 struct ieee80211_bss_conf *bss;
287 int status = -EINVAL;
288 u8 header_size;
289
290 if (!skb)
291 return 0;
292 if (common->iface_down)
293 goto err;
294
295 info = IEEE80211_SKB_CB(skb);
296 if (!info->control.vif)
297 goto err;
298 vif = info->control.vif;
299 bss = &vif->bss_conf;
300 tx_params = (struct skb_info *)info->driver_data;
301 header_size = tx_params->internal_hdr_size;
302
303 if (((vif->type == NL80211_IFTYPE_STATION) ||
304 (vif->type == NL80211_IFTYPE_P2P_CLIENT)) &&
305 (!bss->assoc))
306 goto err;
307
308 status = rsi_send_pkt_to_bus(common, skb);
309 if (status)
310 rsi_dbg(ERR_ZONE, "%s: Failed to write pkt\n", __func__);
311
312 err:
313 ++common->tx_stats.total_tx_pkt_freed[skb->priority];
314 rsi_indicate_tx_status(adapter, skb, status);
315 return status;
316 }
317
318 /**
319 * rsi_send_mgmt_pkt() - This functions sends the received management packet
320 * from driver to device.
321 * @common: Pointer to the driver private structure.
322 * @skb: Pointer to the socket buffer structure.
323 *
324 * Return: status: 0 on success, -1 on failure.
325 */
rsi_send_mgmt_pkt(struct rsi_common * common,struct sk_buff * skb)326 int rsi_send_mgmt_pkt(struct rsi_common *common,
327 struct sk_buff *skb)
328 {
329 struct rsi_hw *adapter = common->priv;
330 struct ieee80211_bss_conf *bss;
331 struct ieee80211_hdr *wh;
332 struct ieee80211_tx_info *info;
333 struct skb_info *tx_params;
334 struct rsi_mgmt_desc *mgmt_desc;
335 struct rsi_xtended_desc *xtend_desc;
336 int status = -E2BIG;
337 u8 header_size;
338
339 info = IEEE80211_SKB_CB(skb);
340 tx_params = (struct skb_info *)info->driver_data;
341 header_size = tx_params->internal_hdr_size;
342
343 if (tx_params->flags & INTERNAL_MGMT_PKT) {
344 status = adapter->host_intf_ops->write_pkt(common->priv,
345 (u8 *)skb->data,
346 skb->len);
347 if (status) {
348 rsi_dbg(ERR_ZONE,
349 "%s: Failed to write the packet\n", __func__);
350 }
351 dev_kfree_skb(skb);
352 return status;
353 }
354
355 bss = &info->control.vif->bss_conf;
356 wh = (struct ieee80211_hdr *)&skb->data[header_size];
357 mgmt_desc = (struct rsi_mgmt_desc *)skb->data;
358 xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
359
360 /* Indicate to firmware to give cfm for probe */
361 if (ieee80211_is_probe_req(wh->frame_control) && !bss->assoc) {
362 rsi_dbg(INFO_ZONE,
363 "%s: blocking mgmt queue\n", __func__);
364 mgmt_desc->misc_flags = RSI_DESC_REQUIRE_CFM_TO_HOST;
365 xtend_desc->confirm_frame_type = PROBEREQ_CONFIRM;
366 common->mgmt_q_block = true;
367 rsi_dbg(INFO_ZONE, "Mgmt queue blocked\n");
368 }
369
370 status = rsi_send_pkt_to_bus(common, skb);
371 if (status)
372 rsi_dbg(ERR_ZONE, "%s: Failed to write the packet\n", __func__);
373
374 rsi_indicate_tx_status(common->priv, skb, status);
375 return status;
376 }
377
rsi_send_bt_pkt(struct rsi_common * common,struct sk_buff * skb)378 int rsi_send_bt_pkt(struct rsi_common *common, struct sk_buff *skb)
379 {
380 int status = -EINVAL;
381 u8 header_size = 0;
382 struct rsi_bt_desc *bt_desc;
383 u8 queueno = ((skb->data[1] >> 4) & 0xf);
384
385 if (queueno == RSI_BT_MGMT_Q) {
386 status = rsi_send_pkt_to_bus(common, skb);
387 if (status)
388 rsi_dbg(ERR_ZONE, "%s: Failed to write bt mgmt pkt\n",
389 __func__);
390 goto out;
391 }
392 header_size = FRAME_DESC_SZ;
393 if (header_size > skb_headroom(skb)) {
394 rsi_dbg(ERR_ZONE, "%s: Not enough headroom\n", __func__);
395 status = -ENOSPC;
396 goto out;
397 }
398 skb_push(skb, header_size);
399 memset(skb->data, 0, header_size);
400 bt_desc = (struct rsi_bt_desc *)skb->data;
401
402 rsi_set_len_qno(&bt_desc->len_qno, (skb->len - FRAME_DESC_SZ),
403 RSI_BT_DATA_Q);
404 bt_desc->bt_pkt_type = cpu_to_le16(bt_cb(skb)->pkt_type);
405
406 status = rsi_send_pkt_to_bus(common, skb);
407 if (status)
408 rsi_dbg(ERR_ZONE, "%s: Failed to write bt pkt\n", __func__);
409
410 out:
411 dev_kfree_skb(skb);
412 return status;
413 }
414
rsi_prepare_beacon(struct rsi_common * common,struct sk_buff * skb)415 int rsi_prepare_beacon(struct rsi_common *common, struct sk_buff *skb)
416 {
417 struct rsi_hw *adapter = (struct rsi_hw *)common->priv;
418 struct rsi_data_desc *bcn_frm;
419 struct ieee80211_hw *hw = common->priv->hw;
420 struct ieee80211_conf *conf = &hw->conf;
421 struct ieee80211_vif *vif;
422 struct sk_buff *mac_bcn;
423 u8 vap_id = 0, i;
424 u16 tim_offset = 0;
425
426 for (i = 0; i < RSI_MAX_VIFS; i++) {
427 vif = adapter->vifs[i];
428 if (!vif)
429 continue;
430 if ((vif->type == NL80211_IFTYPE_AP) ||
431 (vif->type == NL80211_IFTYPE_P2P_GO))
432 break;
433 }
434 if (!vif)
435 return -EINVAL;
436 mac_bcn = ieee80211_beacon_get_tim(adapter->hw,
437 vif,
438 &tim_offset, NULL);
439 if (!mac_bcn) {
440 rsi_dbg(ERR_ZONE, "Failed to get beacon from mac80211\n");
441 return -EINVAL;
442 }
443
444 common->beacon_cnt++;
445 bcn_frm = (struct rsi_data_desc *)skb->data;
446 rsi_set_len_qno(&bcn_frm->len_qno, mac_bcn->len, RSI_WIFI_DATA_Q);
447 bcn_frm->header_len = MIN_802_11_HDR_LEN;
448 bcn_frm->frame_info = cpu_to_le16(RSI_DATA_DESC_MAC_BBP_INFO |
449 RSI_DATA_DESC_NO_ACK_IND |
450 RSI_DATA_DESC_BEACON_FRAME |
451 RSI_DATA_DESC_INSERT_TSF |
452 RSI_DATA_DESC_INSERT_SEQ_NO |
453 RATE_INFO_ENABLE);
454 bcn_frm->rate_info = cpu_to_le16(vap_id << 14);
455 bcn_frm->qid_tid = BEACON_HW_Q;
456
457 if (conf_is_ht40_plus(conf)) {
458 bcn_frm->bbp_info = cpu_to_le16(LOWER_20_ENABLE);
459 bcn_frm->bbp_info |= cpu_to_le16(LOWER_20_ENABLE >> 12);
460 } else if (conf_is_ht40_minus(conf)) {
461 bcn_frm->bbp_info = cpu_to_le16(UPPER_20_ENABLE);
462 bcn_frm->bbp_info |= cpu_to_le16(UPPER_20_ENABLE >> 12);
463 }
464
465 if (common->band == NL80211_BAND_2GHZ)
466 bcn_frm->bbp_info |= cpu_to_le16(RSI_RATE_1);
467 else
468 bcn_frm->bbp_info |= cpu_to_le16(RSI_RATE_6);
469
470 if (mac_bcn->data[tim_offset + 2] == 0)
471 bcn_frm->frame_info |= cpu_to_le16(RSI_DATA_DESC_DTIM_BEACON);
472
473 memcpy(&skb->data[FRAME_DESC_SZ], mac_bcn->data, mac_bcn->len);
474 skb_put(skb, mac_bcn->len + FRAME_DESC_SZ);
475
476 dev_kfree_skb(mac_bcn);
477
478 return 0;
479 }
480
bl_cmd_timeout(struct timer_list * t)481 static void bl_cmd_timeout(struct timer_list *t)
482 {
483 struct rsi_hw *adapter = from_timer(adapter, t, bl_cmd_timer);
484
485 adapter->blcmd_timer_expired = true;
486 del_timer(&adapter->bl_cmd_timer);
487 }
488
bl_start_cmd_timer(struct rsi_hw * adapter,u32 timeout)489 static int bl_start_cmd_timer(struct rsi_hw *adapter, u32 timeout)
490 {
491 timer_setup(&adapter->bl_cmd_timer, bl_cmd_timeout, 0);
492 adapter->bl_cmd_timer.expires = (msecs_to_jiffies(timeout) + jiffies);
493
494 adapter->blcmd_timer_expired = false;
495 add_timer(&adapter->bl_cmd_timer);
496
497 return 0;
498 }
499
bl_stop_cmd_timer(struct rsi_hw * adapter)500 static int bl_stop_cmd_timer(struct rsi_hw *adapter)
501 {
502 adapter->blcmd_timer_expired = false;
503 if (timer_pending(&adapter->bl_cmd_timer))
504 del_timer(&adapter->bl_cmd_timer);
505
506 return 0;
507 }
508
bl_write_cmd(struct rsi_hw * adapter,u8 cmd,u8 exp_resp,u16 * cmd_resp)509 static int bl_write_cmd(struct rsi_hw *adapter, u8 cmd, u8 exp_resp,
510 u16 *cmd_resp)
511 {
512 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
513 u32 regin_val = 0, regout_val = 0;
514 u32 regin_input = 0;
515 u8 output = 0;
516 int status;
517
518 regin_input = (REGIN_INPUT | adapter->priv->coex_mode);
519
520 while (!adapter->blcmd_timer_expired) {
521 regin_val = 0;
522 status = hif_ops->master_reg_read(adapter, SWBL_REGIN,
523 ®in_val, 2);
524 if (status < 0) {
525 rsi_dbg(ERR_ZONE,
526 "%s: Command %0x REGIN reading failed..\n",
527 __func__, cmd);
528 return status;
529 }
530 mdelay(1);
531 if ((regin_val >> 12) != REGIN_VALID)
532 break;
533 }
534 if (adapter->blcmd_timer_expired) {
535 rsi_dbg(ERR_ZONE,
536 "%s: Command %0x REGIN reading timed out..\n",
537 __func__, cmd);
538 return -ETIMEDOUT;
539 }
540
541 rsi_dbg(INFO_ZONE,
542 "Issuing write to Regin val:%0x sending cmd:%0x\n",
543 regin_val, (cmd | regin_input << 8));
544 status = hif_ops->master_reg_write(adapter, SWBL_REGIN,
545 (cmd | regin_input << 8), 2);
546 if (status < 0)
547 return status;
548 mdelay(1);
549
550 if (cmd == LOAD_HOSTED_FW || cmd == JUMP_TO_ZERO_PC) {
551 /* JUMP_TO_ZERO_PC doesn't expect
552 * any response. So return from here
553 */
554 return 0;
555 }
556
557 while (!adapter->blcmd_timer_expired) {
558 regout_val = 0;
559 status = hif_ops->master_reg_read(adapter, SWBL_REGOUT,
560 ®out_val, 2);
561 if (status < 0) {
562 rsi_dbg(ERR_ZONE,
563 "%s: Command %0x REGOUT reading failed..\n",
564 __func__, cmd);
565 return status;
566 }
567 mdelay(1);
568 if ((regout_val >> 8) == REGOUT_VALID)
569 break;
570 }
571 if (adapter->blcmd_timer_expired) {
572 rsi_dbg(ERR_ZONE,
573 "%s: Command %0x REGOUT reading timed out..\n",
574 __func__, cmd);
575 return status;
576 }
577
578 *cmd_resp = ((u16 *)®out_val)[0] & 0xffff;
579
580 output = ((u8 *)®out_val)[0] & 0xff;
581
582 status = hif_ops->master_reg_write(adapter, SWBL_REGOUT,
583 (cmd | REGOUT_INVALID << 8), 2);
584 if (status < 0) {
585 rsi_dbg(ERR_ZONE,
586 "%s: Command %0x REGOUT writing failed..\n",
587 __func__, cmd);
588 return status;
589 }
590 mdelay(1);
591
592 if (output != exp_resp) {
593 rsi_dbg(ERR_ZONE,
594 "%s: Recvd resp %x for cmd %0x\n",
595 __func__, output, cmd);
596 return -EINVAL;
597 }
598 rsi_dbg(INFO_ZONE,
599 "%s: Recvd Expected resp %x for cmd %0x\n",
600 __func__, output, cmd);
601
602 return 0;
603 }
604
bl_cmd(struct rsi_hw * adapter,u8 cmd,u8 exp_resp,char * str)605 static int bl_cmd(struct rsi_hw *adapter, u8 cmd, u8 exp_resp, char *str)
606 {
607 u16 regout_val = 0;
608 u32 timeout;
609 int status;
610
611 if ((cmd == EOF_REACHED) || (cmd == PING_VALID) || (cmd == PONG_VALID))
612 timeout = BL_BURN_TIMEOUT;
613 else
614 timeout = BL_CMD_TIMEOUT;
615
616 bl_start_cmd_timer(adapter, timeout);
617 status = bl_write_cmd(adapter, cmd, exp_resp, ®out_val);
618 if (status < 0) {
619 rsi_dbg(ERR_ZONE,
620 "%s: Command %s (%0x) writing failed..\n",
621 __func__, str, cmd);
622 return status;
623 }
624 bl_stop_cmd_timer(adapter);
625 return 0;
626 }
627
628 #define CHECK_SUM_OFFSET 20
629 #define LEN_OFFSET 8
630 #define ADDR_OFFSET 16
bl_write_header(struct rsi_hw * adapter,u8 * flash_content,u32 content_size)631 static int bl_write_header(struct rsi_hw *adapter, u8 *flash_content,
632 u32 content_size)
633 {
634 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
635 struct bl_header *bl_hdr;
636 u32 write_addr, write_len;
637 int status;
638
639 bl_hdr = kzalloc(sizeof(*bl_hdr), GFP_KERNEL);
640 if (!bl_hdr)
641 return -ENOMEM;
642
643 bl_hdr->flags = 0;
644 bl_hdr->image_no = cpu_to_le32(adapter->priv->coex_mode);
645 bl_hdr->check_sum =
646 cpu_to_le32(*(u32 *)&flash_content[CHECK_SUM_OFFSET]);
647 bl_hdr->flash_start_address =
648 cpu_to_le32(*(u32 *)&flash_content[ADDR_OFFSET]);
649 bl_hdr->flash_len = cpu_to_le32(*(u32 *)&flash_content[LEN_OFFSET]);
650 write_len = sizeof(struct bl_header);
651
652 if (adapter->rsi_host_intf == RSI_HOST_INTF_USB) {
653 write_addr = PING_BUFFER_ADDRESS;
654 status = hif_ops->write_reg_multiple(adapter, write_addr,
655 (u8 *)bl_hdr, write_len);
656 if (status < 0) {
657 rsi_dbg(ERR_ZONE,
658 "%s: Failed to load Version/CRC structure\n",
659 __func__);
660 goto fail;
661 }
662 } else {
663 write_addr = PING_BUFFER_ADDRESS >> 16;
664 status = hif_ops->master_access_msword(adapter, write_addr);
665 if (status < 0) {
666 rsi_dbg(ERR_ZONE,
667 "%s: Unable to set ms word to common reg\n",
668 __func__);
669 goto fail;
670 }
671 write_addr = RSI_SD_REQUEST_MASTER |
672 (PING_BUFFER_ADDRESS & 0xFFFF);
673 status = hif_ops->write_reg_multiple(adapter, write_addr,
674 (u8 *)bl_hdr, write_len);
675 if (status < 0) {
676 rsi_dbg(ERR_ZONE,
677 "%s: Failed to load Version/CRC structure\n",
678 __func__);
679 goto fail;
680 }
681 }
682 status = 0;
683 fail:
684 kfree(bl_hdr);
685 return status;
686 }
687
read_flash_capacity(struct rsi_hw * adapter)688 static u32 read_flash_capacity(struct rsi_hw *adapter)
689 {
690 u32 flash_sz = 0;
691
692 if ((adapter->host_intf_ops->master_reg_read(adapter, FLASH_SIZE_ADDR,
693 &flash_sz, 2)) < 0) {
694 rsi_dbg(ERR_ZONE,
695 "%s: Flash size reading failed..\n",
696 __func__);
697 return 0;
698 }
699 rsi_dbg(INIT_ZONE, "Flash capacity: %d KiloBytes\n", flash_sz);
700
701 return (flash_sz * 1024); /* Return size in kbytes */
702 }
703
ping_pong_write(struct rsi_hw * adapter,u8 cmd,u8 * addr,u32 size)704 static int ping_pong_write(struct rsi_hw *adapter, u8 cmd, u8 *addr, u32 size)
705 {
706 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
707 u32 block_size = adapter->block_size;
708 u32 cmd_addr;
709 u16 cmd_resp, cmd_req;
710 u8 *str;
711 int status;
712
713 if (cmd == PING_WRITE) {
714 cmd_addr = PING_BUFFER_ADDRESS;
715 cmd_resp = PONG_AVAIL;
716 cmd_req = PING_VALID;
717 str = "PING_VALID";
718 } else {
719 cmd_addr = PONG_BUFFER_ADDRESS;
720 cmd_resp = PING_AVAIL;
721 cmd_req = PONG_VALID;
722 str = "PONG_VALID";
723 }
724
725 status = hif_ops->load_data_master_write(adapter, cmd_addr, size,
726 block_size, addr);
727 if (status) {
728 rsi_dbg(ERR_ZONE, "%s: Unable to write blk at addr %0x\n",
729 __func__, *addr);
730 return status;
731 }
732
733 status = bl_cmd(adapter, cmd_req, cmd_resp, str);
734 if (status) {
735 bl_stop_cmd_timer(adapter);
736 return status;
737 }
738 return 0;
739 }
740
auto_fw_upgrade(struct rsi_hw * adapter,u8 * flash_content,u32 content_size)741 static int auto_fw_upgrade(struct rsi_hw *adapter, u8 *flash_content,
742 u32 content_size)
743 {
744 u8 cmd;
745 u32 temp_content_size, num_flash, index;
746 u32 flash_start_address;
747 int status;
748
749 if (content_size > MAX_FLASH_FILE_SIZE) {
750 rsi_dbg(ERR_ZONE,
751 "%s: Flash Content size is more than 400K %u\n",
752 __func__, MAX_FLASH_FILE_SIZE);
753 return -EINVAL;
754 }
755
756 flash_start_address = *(u32 *)&flash_content[FLASH_START_ADDRESS];
757 rsi_dbg(INFO_ZONE, "flash start address: %08x\n", flash_start_address);
758
759 if (flash_start_address < FW_IMAGE_MIN_ADDRESS) {
760 rsi_dbg(ERR_ZONE,
761 "%s: Fw image Flash Start Address is less than 64K\n",
762 __func__);
763 return -EINVAL;
764 }
765
766 if (flash_start_address % FLASH_SECTOR_SIZE) {
767 rsi_dbg(ERR_ZONE,
768 "%s: Flash Start Address is not multiple of 4K\n",
769 __func__);
770 return -EINVAL;
771 }
772
773 if ((flash_start_address + content_size) > adapter->flash_capacity) {
774 rsi_dbg(ERR_ZONE,
775 "%s: Flash Content will cross max flash size\n",
776 __func__);
777 return -EINVAL;
778 }
779
780 temp_content_size = content_size;
781 num_flash = content_size / FLASH_WRITE_CHUNK_SIZE;
782
783 rsi_dbg(INFO_ZONE, "content_size: %d, num_flash: %d\n",
784 content_size, num_flash);
785
786 for (index = 0; index <= num_flash; index++) {
787 rsi_dbg(INFO_ZONE, "flash index: %d\n", index);
788 if (index != num_flash) {
789 content_size = FLASH_WRITE_CHUNK_SIZE;
790 rsi_dbg(INFO_ZONE, "QSPI content_size:%d\n",
791 content_size);
792 } else {
793 content_size =
794 temp_content_size % FLASH_WRITE_CHUNK_SIZE;
795 rsi_dbg(INFO_ZONE,
796 "Writing last sector content_size:%d\n",
797 content_size);
798 if (!content_size) {
799 rsi_dbg(INFO_ZONE, "instruction size zero\n");
800 break;
801 }
802 }
803
804 if (index % 2)
805 cmd = PING_WRITE;
806 else
807 cmd = PONG_WRITE;
808
809 status = ping_pong_write(adapter, cmd, flash_content,
810 content_size);
811 if (status) {
812 rsi_dbg(ERR_ZONE, "%s: Unable to load %d block\n",
813 __func__, index);
814 return status;
815 }
816
817 rsi_dbg(INFO_ZONE,
818 "%s: Successfully loaded %d instructions\n",
819 __func__, index);
820 flash_content += content_size;
821 }
822
823 status = bl_cmd(adapter, EOF_REACHED, FW_LOADING_SUCCESSFUL,
824 "EOF_REACHED");
825 if (status) {
826 bl_stop_cmd_timer(adapter);
827 return status;
828 }
829 rsi_dbg(INFO_ZONE, "FW loading is done and FW is running..\n");
830 return 0;
831 }
832
rsi_load_firmware(struct rsi_hw * adapter)833 static int rsi_load_firmware(struct rsi_hw *adapter)
834 {
835 struct rsi_common *common = adapter->priv;
836 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
837 const struct firmware *fw_entry = NULL;
838 u32 regout_val = 0, content_size;
839 u16 tmp_regout_val = 0;
840 struct ta_metadata *metadata_p;
841 int status;
842
843 bl_start_cmd_timer(adapter, BL_CMD_TIMEOUT);
844
845 while (!adapter->blcmd_timer_expired) {
846 status = hif_ops->master_reg_read(adapter, SWBL_REGOUT,
847 ®out_val, 2);
848 if (status < 0) {
849 rsi_dbg(ERR_ZONE,
850 "%s: REGOUT read failed\n", __func__);
851 return status;
852 }
853 mdelay(1);
854 if ((regout_val >> 8) == REGOUT_VALID)
855 break;
856 }
857 if (adapter->blcmd_timer_expired) {
858 rsi_dbg(ERR_ZONE, "%s: REGOUT read timedout\n", __func__);
859 rsi_dbg(ERR_ZONE,
860 "%s: Soft boot loader not present\n", __func__);
861 return -ETIMEDOUT;
862 }
863 bl_stop_cmd_timer(adapter);
864
865 rsi_dbg(INFO_ZONE, "Received Board Version Number: %x\n",
866 (regout_val & 0xff));
867
868 status = hif_ops->master_reg_write(adapter, SWBL_REGOUT,
869 (REGOUT_INVALID | REGOUT_INVALID << 8),
870 2);
871 if (status < 0) {
872 rsi_dbg(ERR_ZONE, "%s: REGOUT writing failed..\n", __func__);
873 return status;
874 }
875 mdelay(1);
876
877 status = bl_cmd(adapter, CONFIG_AUTO_READ_MODE, CMD_PASS,
878 "AUTO_READ_CMD");
879 if (status < 0)
880 return status;
881
882 adapter->flash_capacity = read_flash_capacity(adapter);
883 if (adapter->flash_capacity <= 0) {
884 rsi_dbg(ERR_ZONE,
885 "%s: Unable to read flash size from EEPROM\n",
886 __func__);
887 return -EINVAL;
888 }
889
890 metadata_p = &metadata_flash_content[adapter->priv->coex_mode];
891
892 rsi_dbg(INIT_ZONE, "%s: Loading file %s\n", __func__, metadata_p->name);
893 adapter->fw_file_name = metadata_p->name;
894
895 status = request_firmware(&fw_entry, metadata_p->name, adapter->device);
896 if (status < 0) {
897 rsi_dbg(ERR_ZONE, "%s: Failed to open file %s\n",
898 __func__, metadata_p->name);
899 return status;
900 }
901 content_size = fw_entry->size;
902 rsi_dbg(INFO_ZONE, "FW Length = %d bytes\n", content_size);
903
904 /* Get the firmware version */
905 common->lmac_ver.ver.info.fw_ver[0] =
906 fw_entry->data[LMAC_VER_OFFSET] & 0xFF;
907 common->lmac_ver.ver.info.fw_ver[1] =
908 fw_entry->data[LMAC_VER_OFFSET + 1] & 0xFF;
909 common->lmac_ver.major = fw_entry->data[LMAC_VER_OFFSET + 2] & 0xFF;
910 common->lmac_ver.release_num =
911 fw_entry->data[LMAC_VER_OFFSET + 3] & 0xFF;
912 common->lmac_ver.minor = fw_entry->data[LMAC_VER_OFFSET + 4] & 0xFF;
913 common->lmac_ver.patch_num = 0;
914 rsi_print_version(common);
915
916 status = bl_write_header(adapter, (u8 *)fw_entry->data, content_size);
917 if (status) {
918 rsi_dbg(ERR_ZONE,
919 "%s: RPS Image header loading failed\n",
920 __func__);
921 goto fail;
922 }
923
924 bl_start_cmd_timer(adapter, BL_CMD_TIMEOUT);
925 status = bl_write_cmd(adapter, CHECK_CRC, CMD_PASS, &tmp_regout_val);
926 if (status) {
927 bl_stop_cmd_timer(adapter);
928 rsi_dbg(ERR_ZONE,
929 "%s: CHECK_CRC Command writing failed..\n",
930 __func__);
931 if ((tmp_regout_val & 0xff) == CMD_FAIL) {
932 rsi_dbg(ERR_ZONE,
933 "CRC Fail.. Proceeding to Upgrade mode\n");
934 goto fw_upgrade;
935 }
936 }
937 bl_stop_cmd_timer(adapter);
938
939 status = bl_cmd(adapter, POLLING_MODE, CMD_PASS, "POLLING_MODE");
940 if (status)
941 goto fail;
942
943 load_image_cmd:
944 status = bl_cmd(adapter, LOAD_HOSTED_FW, LOADING_INITIATED,
945 "LOAD_HOSTED_FW");
946 if (status)
947 goto fail;
948 rsi_dbg(INFO_ZONE, "Load Image command passed..\n");
949 goto success;
950
951 fw_upgrade:
952 status = bl_cmd(adapter, BURN_HOSTED_FW, SEND_RPS_FILE, "FW_UPGRADE");
953 if (status)
954 goto fail;
955
956 rsi_dbg(INFO_ZONE, "Burn Command Pass.. Upgrading the firmware\n");
957
958 status = auto_fw_upgrade(adapter, (u8 *)fw_entry->data, content_size);
959 if (status == 0) {
960 rsi_dbg(ERR_ZONE, "Firmware upgradation Done\n");
961 goto load_image_cmd;
962 }
963 rsi_dbg(ERR_ZONE, "Firmware upgrade failed\n");
964
965 status = bl_cmd(adapter, CONFIG_AUTO_READ_MODE, CMD_PASS,
966 "AUTO_READ_MODE");
967 if (status)
968 goto fail;
969
970 success:
971 rsi_dbg(ERR_ZONE, "***** Firmware Loading successful *****\n");
972 release_firmware(fw_entry);
973 return 0;
974
975 fail:
976 rsi_dbg(ERR_ZONE, "##### Firmware loading failed #####\n");
977 release_firmware(fw_entry);
978 return status;
979 }
980
rsi_hal_device_init(struct rsi_hw * adapter)981 int rsi_hal_device_init(struct rsi_hw *adapter)
982 {
983 struct rsi_common *common = adapter->priv;
984
985 switch (adapter->device_model) {
986 case RSI_DEV_9113:
987 if (rsi_load_firmware(adapter)) {
988 rsi_dbg(ERR_ZONE,
989 "%s: Failed to load TA instructions\n",
990 __func__);
991 return -EINVAL;
992 }
993 break;
994 default:
995 return -EINVAL;
996 }
997 common->fsm_state = FSM_CARD_NOT_READY;
998
999 return 0;
1000 }
1001 EXPORT_SYMBOL_GPL(rsi_hal_device_init);
1002
1003
