1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17#include <linux/firmware.h>
18#include <net/bluetooth/bluetooth.h>
19#include "rsi_mgmt.h"
20#include "rsi_hal.h"
21#include "rsi_sdio.h"
22#include "rsi_common.h"
23
24
25static struct ta_metadata metadata_flash_content[] = {
26 {"flash_content", 0x00010000},
27 {"rsi/rs9113_wlan_qspi.rps", 0x00010000},
28 {"rsi/rs9113_wlan_bt_dual_mode.rps", 0x00010000},
29 {"flash_content", 0x00010000},
30 {"rsi/rs9113_ap_bt_dual_mode.rps", 0x00010000},
31
32};
33
34static struct ta_metadata metadata[] = {{"pmemdata_dummy", 0x00000000},
35 {"rsi/rs9116_wlan.rps", 0x00000000},
36 {"rsi/rs9116_wlan_bt_classic.rps", 0x00000000},
37 {"rsi/pmemdata_dummy", 0x00000000},
38 {"rsi/rs9116_wlan_bt_classic.rps", 0x00000000}
39};
40
41int rsi_send_pkt_to_bus(struct rsi_common *common, struct sk_buff *skb)
42{
43 struct rsi_hw *adapter = common->priv;
44 int status;
45
46 if (common->coex_mode > 1)
47 mutex_lock(&common->tx_bus_mutex);
48
49 status = adapter->host_intf_ops->write_pkt(common->priv,
50 skb->data, skb->len);
51
52 if (common->coex_mode > 1)
53 mutex_unlock(&common->tx_bus_mutex);
54
55 return status;
56}
57
58int rsi_prepare_mgmt_desc(struct rsi_common *common, struct sk_buff *skb)
59{
60 struct rsi_hw *adapter = common->priv;
61 struct ieee80211_hdr *wh = NULL;
62 struct ieee80211_tx_info *info;
63 struct ieee80211_conf *conf = &adapter->hw->conf;
64 struct ieee80211_vif *vif;
65 struct rsi_mgmt_desc *mgmt_desc;
66 struct skb_info *tx_params;
67 struct rsi_xtended_desc *xtend_desc = NULL;
68 u8 header_size;
69 u32 dword_align_bytes = 0;
70
71 if (skb->len > MAX_MGMT_PKT_SIZE) {
72 rsi_dbg(INFO_ZONE, "%s: Dropping mgmt pkt > 512\n", __func__);
73 return -EINVAL;
74 }
75
76 info = IEEE80211_SKB_CB(skb);
77 tx_params = (struct skb_info *)info->driver_data;
78 vif = tx_params->vif;
79
80
81 header_size = FRAME_DESC_SZ + sizeof(struct rsi_xtended_desc);
82 if (header_size > skb_headroom(skb)) {
83 rsi_dbg(ERR_ZONE,
84 "%s: Failed to add extended descriptor\n",
85 __func__);
86 return -ENOSPC;
87 }
88 skb_push(skb, header_size);
89 dword_align_bytes = ((unsigned long)skb->data & 0x3f);
90 if (dword_align_bytes > skb_headroom(skb)) {
91 rsi_dbg(ERR_ZONE,
92 "%s: Failed to add dword align\n", __func__);
93 return -ENOSPC;
94 }
95 skb_push(skb, dword_align_bytes);
96 header_size += dword_align_bytes;
97
98 tx_params->internal_hdr_size = header_size;
99 memset(&skb->data[0], 0, header_size);
100 wh = (struct ieee80211_hdr *)&skb->data[header_size];
101
102 mgmt_desc = (struct rsi_mgmt_desc *)skb->data;
103 xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
104
105 rsi_set_len_qno(&mgmt_desc->len_qno, (skb->len - FRAME_DESC_SZ),
106 RSI_WIFI_MGMT_Q);
107 mgmt_desc->frame_type = TX_DOT11_MGMT;
108 mgmt_desc->header_len = MIN_802_11_HDR_LEN;
109 mgmt_desc->xtend_desc_size = header_size - FRAME_DESC_SZ;
110
111 if (ieee80211_is_probe_req(wh->frame_control))
112 mgmt_desc->frame_info = cpu_to_le16(RSI_INSERT_SEQ_IN_FW);
113 mgmt_desc->frame_info |= cpu_to_le16(RATE_INFO_ENABLE);
114 if (is_broadcast_ether_addr(wh->addr1))
115 mgmt_desc->frame_info |= cpu_to_le16(RSI_BROADCAST_PKT);
116
117 mgmt_desc->seq_ctrl =
118 cpu_to_le16(IEEE80211_SEQ_TO_SN(le16_to_cpu(wh->seq_ctrl)));
119 if ((common->band == NL80211_BAND_2GHZ) && !common->p2p_enabled)
120 mgmt_desc->rate_info = cpu_to_le16(RSI_RATE_1);
121 else
122 mgmt_desc->rate_info = cpu_to_le16(RSI_RATE_6);
123
124 if (conf_is_ht40(conf))
125 mgmt_desc->bbp_info = cpu_to_le16(FULL40M_ENABLE);
126
127 if (ieee80211_is_probe_resp(wh->frame_control)) {
128 mgmt_desc->misc_flags |= (RSI_ADD_DELTA_TSF_VAP_ID |
129 RSI_FETCH_RETRY_CNT_FRM_HST);
130#define PROBE_RESP_RETRY_CNT 3
131 xtend_desc->retry_cnt = PROBE_RESP_RETRY_CNT;
132 }
133
134 if (((vif->type == NL80211_IFTYPE_AP) ||
135 (vif->type == NL80211_IFTYPE_P2P_GO)) &&
136 (ieee80211_is_action(wh->frame_control))) {
137 struct rsi_sta *rsta = rsi_find_sta(common, wh->addr1);
138
139 if (rsta)
140 mgmt_desc->sta_id = tx_params->sta_id;
141 else
142 return -EINVAL;
143 }
144 mgmt_desc->rate_info |=
145 cpu_to_le16((tx_params->vap_id << RSI_DESC_VAP_ID_OFST) &
146 RSI_DESC_VAP_ID_MASK);
147
148 return 0;
149}
150
151
152int rsi_prepare_data_desc(struct rsi_common *common, struct sk_buff *skb)
153{
154 struct rsi_hw *adapter = common->priv;
155 struct ieee80211_vif *vif;
156 struct ieee80211_hdr *wh = NULL;
157 struct ieee80211_tx_info *info;
158 struct skb_info *tx_params;
159 struct rsi_data_desc *data_desc;
160 struct rsi_xtended_desc *xtend_desc;
161 u8 ieee80211_size = MIN_802_11_HDR_LEN;
162 u8 header_size;
163 u8 vap_id = 0;
164 u8 dword_align_bytes;
165 u16 seq_num;
166
167 info = IEEE80211_SKB_CB(skb);
168 vif = info->control.vif;
169 tx_params = (struct skb_info *)info->driver_data;
170
171 header_size = FRAME_DESC_SZ + sizeof(struct rsi_xtended_desc);
172 if (header_size > skb_headroom(skb)) {
173 rsi_dbg(ERR_ZONE, "%s: Unable to send pkt\n", __func__);
174 return -ENOSPC;
175 }
176 skb_push(skb, header_size);
177 dword_align_bytes = ((unsigned long)skb->data & 0x3f);
178 if (header_size > skb_headroom(skb)) {
179 rsi_dbg(ERR_ZONE, "%s: Not enough headroom\n", __func__);
180 return -ENOSPC;
181 }
182 skb_push(skb, dword_align_bytes);
183 header_size += dword_align_bytes;
184
185 tx_params->internal_hdr_size = header_size;
186 data_desc = (struct rsi_data_desc *)skb->data;
187 memset(data_desc, 0, header_size);
188
189 xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
190 wh = (struct ieee80211_hdr *)&skb->data[header_size];
191 seq_num = IEEE80211_SEQ_TO_SN(le16_to_cpu(wh->seq_ctrl));
192
193 data_desc->xtend_desc_size = header_size - FRAME_DESC_SZ;
194
195 if (ieee80211_is_data_qos(wh->frame_control)) {
196 ieee80211_size += 2;
197 data_desc->mac_flags |= cpu_to_le16(RSI_QOS_ENABLE);
198 }
199
200 if (((vif->type == NL80211_IFTYPE_STATION) ||
201 (vif->type == NL80211_IFTYPE_P2P_CLIENT)) &&
202 (adapter->ps_state == PS_ENABLED))
203 wh->frame_control |= cpu_to_le16(RSI_SET_PS_ENABLE);
204
205 if ((!(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT)) &&
206 info->control.hw_key) {
207 if (rsi_is_cipher_wep(common))
208 ieee80211_size += 4;
209 else
210 ieee80211_size += 8;
211 data_desc->mac_flags |= cpu_to_le16(RSI_ENCRYPT_PKT);
212 }
213 rsi_set_len_qno(&data_desc->len_qno, (skb->len - FRAME_DESC_SZ),
214 RSI_WIFI_DATA_Q);
215 data_desc->header_len = ieee80211_size;
216
217 if (common->min_rate != RSI_RATE_AUTO) {
218
219 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
220 data_desc->rate_info = cpu_to_le16(common->min_rate);
221
222 if (conf_is_ht40(&common->priv->hw->conf))
223 data_desc->bbp_info = cpu_to_le16(FULL40M_ENABLE);
224
225 if ((common->vif_info[0].sgi) && (common->min_rate & 0x100)) {
226
227 data_desc->rate_info |=
228 cpu_to_le16(ENABLE_SHORTGI_RATE);
229 }
230 }
231
232 if (skb->protocol == cpu_to_be16(ETH_P_PAE)) {
233 rsi_dbg(INFO_ZONE, "*** Tx EAPOL ***\n");
234
235 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
236 if (common->band == NL80211_BAND_5GHZ)
237 data_desc->rate_info = cpu_to_le16(RSI_RATE_6);
238 else
239 data_desc->rate_info = cpu_to_le16(RSI_RATE_1);
240 data_desc->mac_flags |= cpu_to_le16(RSI_REKEY_PURPOSE);
241 data_desc->misc_flags |= RSI_FETCH_RETRY_CNT_FRM_HST;
242#define EAPOL_RETRY_CNT 15
243 xtend_desc->retry_cnt = EAPOL_RETRY_CNT;
244
245 if (common->eapol4_confirm)
246 skb->priority = VO_Q;
247 else
248 rsi_set_len_qno(&data_desc->len_qno,
249 (skb->len - FRAME_DESC_SZ),
250 RSI_WIFI_MGMT_Q);
251 if (((skb->len - header_size) == EAPOL4_PACKET_LEN) ||
252 ((skb->len - header_size) == EAPOL4_PACKET_LEN - 2)) {
253 data_desc->misc_flags |=
254 RSI_DESC_REQUIRE_CFM_TO_HOST;
255 xtend_desc->confirm_frame_type = EAPOL4_CONFIRM;
256 }
257 }
258
259 data_desc->mac_flags |= cpu_to_le16(seq_num & 0xfff);
260 data_desc->qid_tid = ((skb->priority & 0xf) |
261 ((tx_params->tid & 0xf) << 4));
262 data_desc->sta_id = tx_params->sta_id;
263
264 if ((is_broadcast_ether_addr(wh->addr1)) ||
265 (is_multicast_ether_addr(wh->addr1))) {
266 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
267 data_desc->frame_info |= cpu_to_le16(RSI_BROADCAST_PKT);
268 data_desc->sta_id = vap_id;
269
270 if ((vif->type == NL80211_IFTYPE_AP) ||
271 (vif->type == NL80211_IFTYPE_P2P_GO)) {
272 if (common->band == NL80211_BAND_5GHZ)
273 data_desc->rate_info = cpu_to_le16(RSI_RATE_6);
274 else
275 data_desc->rate_info = cpu_to_le16(RSI_RATE_1);
276 }
277 }
278 if (((vif->type == NL80211_IFTYPE_AP) ||
279 (vif->type == NL80211_IFTYPE_P2P_GO)) &&
280 (ieee80211_has_moredata(wh->frame_control)))
281 data_desc->frame_info |= cpu_to_le16(MORE_DATA_PRESENT);
282
283 data_desc->rate_info |=
284 cpu_to_le16((tx_params->vap_id << RSI_DESC_VAP_ID_OFST) &
285 RSI_DESC_VAP_ID_MASK);
286
287 return 0;
288}
289
290
291int rsi_send_data_pkt(struct rsi_common *common, struct sk_buff *skb)
292{
293 struct rsi_hw *adapter = common->priv;
294 struct ieee80211_vif *vif;
295 struct ieee80211_tx_info *info;
296 struct ieee80211_bss_conf *bss;
297 int status = -EINVAL;
298
299 if (!skb)
300 return 0;
301 if (common->iface_down)
302 goto err;
303
304 info = IEEE80211_SKB_CB(skb);
305 if (!info->control.vif)
306 goto err;
307 vif = info->control.vif;
308 bss = &vif->bss_conf;
309
310 if (((vif->type == NL80211_IFTYPE_STATION) ||
311 (vif->type == NL80211_IFTYPE_P2P_CLIENT)) &&
312 (!bss->assoc))
313 goto err;
314
315 status = rsi_send_pkt_to_bus(common, skb);
316 if (status)
317 rsi_dbg(ERR_ZONE, "%s: Failed to write pkt\n", __func__);
318
319err:
320 ++common->tx_stats.total_tx_pkt_freed[skb->priority];
321 rsi_indicate_tx_status(adapter, skb, status);
322 return status;
323}
324
325
326
327
328
329
330
331
332
333int rsi_send_mgmt_pkt(struct rsi_common *common,
334 struct sk_buff *skb)
335{
336 struct rsi_hw *adapter = common->priv;
337 struct ieee80211_bss_conf *bss;
338 struct ieee80211_hdr *wh;
339 struct ieee80211_tx_info *info;
340 struct skb_info *tx_params;
341 struct rsi_mgmt_desc *mgmt_desc;
342 struct rsi_xtended_desc *xtend_desc;
343 int status = -E2BIG;
344 u8 header_size;
345
346 info = IEEE80211_SKB_CB(skb);
347 tx_params = (struct skb_info *)info->driver_data;
348 header_size = tx_params->internal_hdr_size;
349
350 if (tx_params->flags & INTERNAL_MGMT_PKT) {
351 status = adapter->host_intf_ops->write_pkt(common->priv,
352 (u8 *)skb->data,
353 skb->len);
354 if (status) {
355 rsi_dbg(ERR_ZONE,
356 "%s: Failed to write the packet\n", __func__);
357 }
358 dev_kfree_skb(skb);
359 return status;
360 }
361
362 bss = &info->control.vif->bss_conf;
363 wh = (struct ieee80211_hdr *)&skb->data[header_size];
364 mgmt_desc = (struct rsi_mgmt_desc *)skb->data;
365 xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
366
367
368 if (ieee80211_is_probe_req(wh->frame_control) && !bss->assoc) {
369 rsi_dbg(INFO_ZONE,
370 "%s: blocking mgmt queue\n", __func__);
371 mgmt_desc->misc_flags = RSI_DESC_REQUIRE_CFM_TO_HOST;
372 xtend_desc->confirm_frame_type = PROBEREQ_CONFIRM;
373 common->mgmt_q_block = true;
374 rsi_dbg(INFO_ZONE, "Mgmt queue blocked\n");
375 }
376
377 status = rsi_send_pkt_to_bus(common, skb);
378 if (status)
379 rsi_dbg(ERR_ZONE, "%s: Failed to write the packet\n", __func__);
380
381 rsi_indicate_tx_status(common->priv, skb, status);
382 return status;
383}
384
385int rsi_send_bt_pkt(struct rsi_common *common, struct sk_buff *skb)
386{
387 int status = -EINVAL;
388 u8 header_size = 0;
389 struct rsi_bt_desc *bt_desc;
390 u8 queueno = ((skb->data[1] >> 4) & 0xf);
391
392 if (queueno == RSI_BT_MGMT_Q) {
393 status = rsi_send_pkt_to_bus(common, skb);
394 if (status)
395 rsi_dbg(ERR_ZONE, "%s: Failed to write bt mgmt pkt\n",
396 __func__);
397 goto out;
398 }
399 header_size = FRAME_DESC_SZ;
400 if (header_size > skb_headroom(skb)) {
401 rsi_dbg(ERR_ZONE, "%s: Not enough headroom\n", __func__);
402 status = -ENOSPC;
403 goto out;
404 }
405 skb_push(skb, header_size);
406 memset(skb->data, 0, header_size);
407 bt_desc = (struct rsi_bt_desc *)skb->data;
408
409 rsi_set_len_qno(&bt_desc->len_qno, (skb->len - FRAME_DESC_SZ),
410 RSI_BT_DATA_Q);
411 bt_desc->bt_pkt_type = cpu_to_le16(bt_cb(skb)->pkt_type);
412
413 status = rsi_send_pkt_to_bus(common, skb);
414 if (status)
415 rsi_dbg(ERR_ZONE, "%s: Failed to write bt pkt\n", __func__);
416
417out:
418 dev_kfree_skb(skb);
419 return status;
420}
421
422int rsi_prepare_beacon(struct rsi_common *common, struct sk_buff *skb)
423{
424 struct rsi_hw *adapter = (struct rsi_hw *)common->priv;
425 struct rsi_data_desc *bcn_frm;
426 struct ieee80211_hw *hw = common->priv->hw;
427 struct ieee80211_conf *conf = &hw->conf;
428 struct ieee80211_vif *vif;
429 struct sk_buff *mac_bcn;
430 u8 vap_id = 0, i;
431 u16 tim_offset = 0;
432
433 for (i = 0; i < RSI_MAX_VIFS; i++) {
434 vif = adapter->vifs[i];
435 if (!vif)
436 continue;
437 if ((vif->type == NL80211_IFTYPE_AP) ||
438 (vif->type == NL80211_IFTYPE_P2P_GO))
439 break;
440 }
441 if (!vif)
442 return -EINVAL;
443 mac_bcn = ieee80211_beacon_get_tim(adapter->hw,
444 vif,
445 &tim_offset, NULL);
446 if (!mac_bcn) {
447 rsi_dbg(ERR_ZONE, "Failed to get beacon from mac80211\n");
448 return -EINVAL;
449 }
450
451 common->beacon_cnt++;
452 bcn_frm = (struct rsi_data_desc *)skb->data;
453 rsi_set_len_qno(&bcn_frm->len_qno, mac_bcn->len, RSI_WIFI_DATA_Q);
454 bcn_frm->header_len = MIN_802_11_HDR_LEN;
455 bcn_frm->frame_info = cpu_to_le16(RSI_DATA_DESC_MAC_BBP_INFO |
456 RSI_DATA_DESC_NO_ACK_IND |
457 RSI_DATA_DESC_BEACON_FRAME |
458 RSI_DATA_DESC_INSERT_TSF |
459 RSI_DATA_DESC_INSERT_SEQ_NO |
460 RATE_INFO_ENABLE);
461 bcn_frm->rate_info = cpu_to_le16(vap_id << 14);
462 bcn_frm->qid_tid = BEACON_HW_Q;
463
464 if (conf_is_ht40_plus(conf)) {
465 bcn_frm->bbp_info = cpu_to_le16(LOWER_20_ENABLE);
466 bcn_frm->bbp_info |= cpu_to_le16(LOWER_20_ENABLE >> 12);
467 } else if (conf_is_ht40_minus(conf)) {
468 bcn_frm->bbp_info = cpu_to_le16(UPPER_20_ENABLE);
469 bcn_frm->bbp_info |= cpu_to_le16(UPPER_20_ENABLE >> 12);
470 }
471
472 if (common->band == NL80211_BAND_2GHZ)
473 bcn_frm->rate_info |= cpu_to_le16(RSI_RATE_1);
474 else
475 bcn_frm->rate_info |= cpu_to_le16(RSI_RATE_6);
476
477 if (mac_bcn->data[tim_offset + 2] == 0)
478 bcn_frm->frame_info |= cpu_to_le16(RSI_DATA_DESC_DTIM_BEACON);
479
480 memcpy(&skb->data[FRAME_DESC_SZ], mac_bcn->data, mac_bcn->len);
481 skb_put(skb, mac_bcn->len + FRAME_DESC_SZ);
482
483 dev_kfree_skb(mac_bcn);
484
485 return 0;
486}
487
488static void bl_cmd_timeout(struct timer_list *t)
489{
490 struct rsi_hw *adapter = from_timer(adapter, t, bl_cmd_timer);
491
492 adapter->blcmd_timer_expired = true;
493 del_timer(&adapter->bl_cmd_timer);
494}
495
496static int bl_start_cmd_timer(struct rsi_hw *adapter, u32 timeout)
497{
498 timer_setup(&adapter->bl_cmd_timer, bl_cmd_timeout, 0);
499 adapter->bl_cmd_timer.expires = (msecs_to_jiffies(timeout) + jiffies);
500
501 adapter->blcmd_timer_expired = false;
502 add_timer(&adapter->bl_cmd_timer);
503
504 return 0;
505}
506
507static int bl_stop_cmd_timer(struct rsi_hw *adapter)
508{
509 adapter->blcmd_timer_expired = false;
510 if (timer_pending(&adapter->bl_cmd_timer))
511 del_timer(&adapter->bl_cmd_timer);
512
513 return 0;
514}
515
516static int bl_write_cmd(struct rsi_hw *adapter, u8 cmd, u8 exp_resp,
517 u16 *cmd_resp)
518{
519 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
520 u32 regin_val = 0, regout_val = 0;
521 u32 regin_input = 0;
522 u8 output = 0;
523 int status;
524
525 regin_input = (REGIN_INPUT | adapter->priv->coex_mode);
526
527 while (!adapter->blcmd_timer_expired) {
528 regin_val = 0;
529 status = hif_ops->master_reg_read(adapter, SWBL_REGIN,
530 ®in_val, 2);
531 if (status < 0) {
532 rsi_dbg(ERR_ZONE,
533 "%s: Command %0x REGIN reading failed..\n",
534 __func__, cmd);
535 return status;
536 }
537 mdelay(1);
538 if ((regin_val >> 12) != REGIN_VALID)
539 break;
540 }
541 if (adapter->blcmd_timer_expired) {
542 rsi_dbg(ERR_ZONE,
543 "%s: Command %0x REGIN reading timed out..\n",
544 __func__, cmd);
545 return -ETIMEDOUT;
546 }
547
548 rsi_dbg(INFO_ZONE,
549 "Issuing write to Regin val:%0x sending cmd:%0x\n",
550 regin_val, (cmd | regin_input << 8));
551 status = hif_ops->master_reg_write(adapter, SWBL_REGIN,
552 (cmd | regin_input << 8), 2);
553 if (status < 0)
554 return status;
555 mdelay(1);
556
557 if (cmd == LOAD_HOSTED_FW || cmd == JUMP_TO_ZERO_PC) {
558
559
560
561 return 0;
562 }
563
564 while (!adapter->blcmd_timer_expired) {
565 regout_val = 0;
566 status = hif_ops->master_reg_read(adapter, SWBL_REGOUT,
567 ®out_val, 2);
568 if (status < 0) {
569 rsi_dbg(ERR_ZONE,
570 "%s: Command %0x REGOUT reading failed..\n",
571 __func__, cmd);
572 return status;
573 }
574 mdelay(1);
575 if ((regout_val >> 8) == REGOUT_VALID)
576 break;
577 }
578 if (adapter->blcmd_timer_expired) {
579 rsi_dbg(ERR_ZONE,
580 "%s: Command %0x REGOUT reading timed out..\n",
581 __func__, cmd);
582 return status;
583 }
584
585 *cmd_resp = ((u16 *)®out_val)[0] & 0xffff;
586
587 output = ((u8 *)®out_val)[0] & 0xff;
588
589 status = hif_ops->master_reg_write(adapter, SWBL_REGOUT,
590 (cmd | REGOUT_INVALID << 8), 2);
591 if (status < 0) {
592 rsi_dbg(ERR_ZONE,
593 "%s: Command %0x REGOUT writing failed..\n",
594 __func__, cmd);
595 return status;
596 }
597 mdelay(1);
598
599 if (output != exp_resp) {
600 rsi_dbg(ERR_ZONE,
601 "%s: Recvd resp %x for cmd %0x\n",
602 __func__, output, cmd);
603 return -EINVAL;
604 }
605 rsi_dbg(INFO_ZONE,
606 "%s: Recvd Expected resp %x for cmd %0x\n",
607 __func__, output, cmd);
608
609 return 0;
610}
611
612static int bl_cmd(struct rsi_hw *adapter, u8 cmd, u8 exp_resp, char *str)
613{
614 u16 regout_val = 0;
615 u32 timeout;
616 int status;
617
618 if ((cmd == EOF_REACHED) || (cmd == PING_VALID) || (cmd == PONG_VALID))
619 timeout = BL_BURN_TIMEOUT;
620 else
621 timeout = BL_CMD_TIMEOUT;
622
623 bl_start_cmd_timer(adapter, timeout);
624 status = bl_write_cmd(adapter, cmd, exp_resp, ®out_val);
625 if (status < 0) {
626 bl_stop_cmd_timer(adapter);
627 rsi_dbg(ERR_ZONE,
628 "%s: Command %s (%0x) writing failed..\n",
629 __func__, str, cmd);
630 return status;
631 }
632 bl_stop_cmd_timer(adapter);
633 return 0;
634}
635
636#define CHECK_SUM_OFFSET 20
637#define LEN_OFFSET 8
638#define ADDR_OFFSET 16
639static int bl_write_header(struct rsi_hw *adapter, u8 *flash_content,
640 u32 content_size)
641{
642 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
643 struct bl_header *bl_hdr;
644 u32 write_addr, write_len;
645 int status;
646
647 bl_hdr = kzalloc(sizeof(*bl_hdr), GFP_KERNEL);
648 if (!bl_hdr)
649 return -ENOMEM;
650
651 bl_hdr->flags = 0;
652 bl_hdr->image_no = cpu_to_le32(adapter->priv->coex_mode);
653 bl_hdr->check_sum =
654 cpu_to_le32(*(u32 *)&flash_content[CHECK_SUM_OFFSET]);
655 bl_hdr->flash_start_address =
656 cpu_to_le32(*(u32 *)&flash_content[ADDR_OFFSET]);
657 bl_hdr->flash_len = cpu_to_le32(*(u32 *)&flash_content[LEN_OFFSET]);
658 write_len = sizeof(struct bl_header);
659
660 if (adapter->rsi_host_intf == RSI_HOST_INTF_USB) {
661 write_addr = PING_BUFFER_ADDRESS;
662 status = hif_ops->write_reg_multiple(adapter, write_addr,
663 (u8 *)bl_hdr, write_len);
664 if (status < 0) {
665 rsi_dbg(ERR_ZONE,
666 "%s: Failed to load Version/CRC structure\n",
667 __func__);
668 goto fail;
669 }
670 } else {
671 write_addr = PING_BUFFER_ADDRESS >> 16;
672 status = hif_ops->master_access_msword(adapter, write_addr);
673 if (status < 0) {
674 rsi_dbg(ERR_ZONE,
675 "%s: Unable to set ms word to common reg\n",
676 __func__);
677 goto fail;
678 }
679 write_addr = RSI_SD_REQUEST_MASTER |
680 (PING_BUFFER_ADDRESS & 0xFFFF);
681 status = hif_ops->write_reg_multiple(adapter, write_addr,
682 (u8 *)bl_hdr, write_len);
683 if (status < 0) {
684 rsi_dbg(ERR_ZONE,
685 "%s: Failed to load Version/CRC structure\n",
686 __func__);
687 goto fail;
688 }
689 }
690 status = 0;
691fail:
692 kfree(bl_hdr);
693 return status;
694}
695
696static u32 read_flash_capacity(struct rsi_hw *adapter)
697{
698 u32 flash_sz = 0;
699
700 if ((adapter->host_intf_ops->master_reg_read(adapter, FLASH_SIZE_ADDR,
701 &flash_sz, 2)) < 0) {
702 rsi_dbg(ERR_ZONE,
703 "%s: Flash size reading failed..\n",
704 __func__);
705 return 0;
706 }
707 rsi_dbg(INIT_ZONE, "Flash capacity: %d KiloBytes\n", flash_sz);
708
709 return (flash_sz * 1024);
710}
711
712static int ping_pong_write(struct rsi_hw *adapter, u8 cmd, u8 *addr, u32 size)
713{
714 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
715 u32 block_size = adapter->block_size;
716 u32 cmd_addr;
717 u16 cmd_resp, cmd_req;
718 u8 *str;
719 int status;
720
721 if (cmd == PING_WRITE) {
722 cmd_addr = PING_BUFFER_ADDRESS;
723 cmd_resp = PONG_AVAIL;
724 cmd_req = PING_VALID;
725 str = "PING_VALID";
726 } else {
727 cmd_addr = PONG_BUFFER_ADDRESS;
728 cmd_resp = PING_AVAIL;
729 cmd_req = PONG_VALID;
730 str = "PONG_VALID";
731 }
732
733 status = hif_ops->load_data_master_write(adapter, cmd_addr, size,
734 block_size, addr);
735 if (status) {
736 rsi_dbg(ERR_ZONE, "%s: Unable to write blk at addr %0x\n",
737 __func__, *addr);
738 return status;
739 }
740
741 status = bl_cmd(adapter, cmd_req, cmd_resp, str);
742 if (status)
743 return status;
744
745 return 0;
746}
747
748static int auto_fw_upgrade(struct rsi_hw *adapter, u8 *flash_content,
749 u32 content_size)
750{
751 u8 cmd;
752 u32 temp_content_size, num_flash, index;
753 u32 flash_start_address;
754 int status;
755
756 if (content_size > MAX_FLASH_FILE_SIZE) {
757 rsi_dbg(ERR_ZONE,
758 "%s: Flash Content size is more than 400K %u\n",
759 __func__, MAX_FLASH_FILE_SIZE);
760 return -EINVAL;
761 }
762
763 flash_start_address = *(u32 *)&flash_content[FLASH_START_ADDRESS];
764 rsi_dbg(INFO_ZONE, "flash start address: %08x\n", flash_start_address);
765
766 if (flash_start_address < FW_IMAGE_MIN_ADDRESS) {
767 rsi_dbg(ERR_ZONE,
768 "%s: Fw image Flash Start Address is less than 64K\n",
769 __func__);
770 return -EINVAL;
771 }
772
773 if (flash_start_address % FLASH_SECTOR_SIZE) {
774 rsi_dbg(ERR_ZONE,
775 "%s: Flash Start Address is not multiple of 4K\n",
776 __func__);
777 return -EINVAL;
778 }
779
780 if ((flash_start_address + content_size) > adapter->flash_capacity) {
781 rsi_dbg(ERR_ZONE,
782 "%s: Flash Content will cross max flash size\n",
783 __func__);
784 return -EINVAL;
785 }
786
787 temp_content_size = content_size;
788 num_flash = content_size / FLASH_WRITE_CHUNK_SIZE;
789
790 rsi_dbg(INFO_ZONE, "content_size: %d, num_flash: %d\n",
791 content_size, num_flash);
792
793 for (index = 0; index <= num_flash; index++) {
794 rsi_dbg(INFO_ZONE, "flash index: %d\n", index);
795 if (index != num_flash) {
796 content_size = FLASH_WRITE_CHUNK_SIZE;
797 rsi_dbg(INFO_ZONE, "QSPI content_size:%d\n",
798 content_size);
799 } else {
800 content_size =
801 temp_content_size % FLASH_WRITE_CHUNK_SIZE;
802 rsi_dbg(INFO_ZONE,
803 "Writing last sector content_size:%d\n",
804 content_size);
805 if (!content_size) {
806 rsi_dbg(INFO_ZONE, "instruction size zero\n");
807 break;
808 }
809 }
810
811 if (index % 2)
812 cmd = PING_WRITE;
813 else
814 cmd = PONG_WRITE;
815
816 status = ping_pong_write(adapter, cmd, flash_content,
817 content_size);
818 if (status) {
819 rsi_dbg(ERR_ZONE, "%s: Unable to load %d block\n",
820 __func__, index);
821 return status;
822 }
823
824 rsi_dbg(INFO_ZONE,
825 "%s: Successfully loaded %d instructions\n",
826 __func__, index);
827 flash_content += content_size;
828 }
829
830 status = bl_cmd(adapter, EOF_REACHED, FW_LOADING_SUCCESSFUL,
831 "EOF_REACHED");
832 if (status)
833 return status;
834
835 rsi_dbg(INFO_ZONE, "FW loading is done and FW is running..\n");
836 return 0;
837}
838
839static int rsi_hal_prepare_fwload(struct rsi_hw *adapter)
840{
841 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
842 u32 regout_val = 0;
843 int status;
844
845 bl_start_cmd_timer(adapter, BL_CMD_TIMEOUT);
846
847 while (!adapter->blcmd_timer_expired) {
848 status = hif_ops->master_reg_read(adapter, SWBL_REGOUT,
849 ®out_val,
850 RSI_COMMON_REG_SIZE);
851 if (status < 0) {
852 bl_stop_cmd_timer(adapter);
853 rsi_dbg(ERR_ZONE,
854 "%s: REGOUT read failed\n", __func__);
855 return status;
856 }
857 mdelay(1);
858 if ((regout_val >> 8) == REGOUT_VALID)
859 break;
860 }
861 if (adapter->blcmd_timer_expired) {
862 rsi_dbg(ERR_ZONE, "%s: REGOUT read timedout\n", __func__);
863 rsi_dbg(ERR_ZONE,
864 "%s: Soft boot loader not present\n", __func__);
865 return -ETIMEDOUT;
866 }
867 bl_stop_cmd_timer(adapter);
868
869 rsi_dbg(INFO_ZONE, "Received Board Version Number: %x\n",
870 (regout_val & 0xff));
871
872 status = hif_ops->master_reg_write(adapter, SWBL_REGOUT,
873 (REGOUT_INVALID |
874 REGOUT_INVALID << 8),
875 RSI_COMMON_REG_SIZE);
876 if (status < 0)
877 rsi_dbg(ERR_ZONE, "%s: REGOUT writing failed..\n", __func__);
878 else
879 rsi_dbg(INFO_ZONE,
880 "===> Device is ready to load firmware <===\n");
881
882 return status;
883}
884
885static int rsi_load_9113_firmware(struct rsi_hw *adapter)
886{
887 struct rsi_common *common = adapter->priv;
888 const struct firmware *fw_entry = NULL;
889 u32 content_size;
890 u16 tmp_regout_val = 0;
891 struct ta_metadata *metadata_p;
892 int status;
893
894 status = bl_cmd(adapter, CONFIG_AUTO_READ_MODE, CMD_PASS,
895 "AUTO_READ_CMD");
896 if (status < 0)
897 return status;
898
899 adapter->flash_capacity = read_flash_capacity(adapter);
900 if (adapter->flash_capacity <= 0) {
901 rsi_dbg(ERR_ZONE,
902 "%s: Unable to read flash size from EEPROM\n",
903 __func__);
904 return -EINVAL;
905 }
906
907 metadata_p = &metadata_flash_content[adapter->priv->coex_mode];
908
909 rsi_dbg(INIT_ZONE, "%s: Loading file %s\n", __func__, metadata_p->name);
910 adapter->fw_file_name = metadata_p->name;
911
912 status = request_firmware(&fw_entry, metadata_p->name, adapter->device);
913 if (status < 0) {
914 rsi_dbg(ERR_ZONE, "%s: Failed to open file %s\n",
915 __func__, metadata_p->name);
916 return status;
917 }
918 content_size = fw_entry->size;
919 rsi_dbg(INFO_ZONE, "FW Length = %d bytes\n", content_size);
920
921
922 common->lmac_ver.ver.info.fw_ver[0] =
923 fw_entry->data[LMAC_VER_OFFSET_9113] & 0xFF;
924 common->lmac_ver.ver.info.fw_ver[1] =
925 fw_entry->data[LMAC_VER_OFFSET_9113 + 1] & 0xFF;
926 common->lmac_ver.major =
927 fw_entry->data[LMAC_VER_OFFSET_9113 + 2] & 0xFF;
928 common->lmac_ver.release_num =
929 fw_entry->data[LMAC_VER_OFFSET_9113 + 3] & 0xFF;
930 common->lmac_ver.minor =
931 fw_entry->data[LMAC_VER_OFFSET_9113 + 4] & 0xFF;
932 common->lmac_ver.patch_num = 0;
933 rsi_print_version(common);
934
935 status = bl_write_header(adapter, (u8 *)fw_entry->data, content_size);
936 if (status) {
937 rsi_dbg(ERR_ZONE,
938 "%s: RPS Image header loading failed\n",
939 __func__);
940 goto fail;
941 }
942
943 bl_start_cmd_timer(adapter, BL_CMD_TIMEOUT);
944 status = bl_write_cmd(adapter, CHECK_CRC, CMD_PASS, &tmp_regout_val);
945 if (status) {
946 bl_stop_cmd_timer(adapter);
947 rsi_dbg(ERR_ZONE,
948 "%s: CHECK_CRC Command writing failed..\n",
949 __func__);
950 if ((tmp_regout_val & 0xff) == CMD_FAIL) {
951 rsi_dbg(ERR_ZONE,
952 "CRC Fail.. Proceeding to Upgrade mode\n");
953 goto fw_upgrade;
954 }
955 }
956 bl_stop_cmd_timer(adapter);
957
958 status = bl_cmd(adapter, POLLING_MODE, CMD_PASS, "POLLING_MODE");
959 if (status)
960 goto fail;
961
962load_image_cmd:
963 status = bl_cmd(adapter, LOAD_HOSTED_FW, LOADING_INITIATED,
964 "LOAD_HOSTED_FW");
965 if (status)
966 goto fail;
967 rsi_dbg(INFO_ZONE, "Load Image command passed..\n");
968 goto success;
969
970fw_upgrade:
971 status = bl_cmd(adapter, BURN_HOSTED_FW, SEND_RPS_FILE, "FW_UPGRADE");
972 if (status)
973 goto fail;
974
975 rsi_dbg(INFO_ZONE, "Burn Command Pass.. Upgrading the firmware\n");
976
977 status = auto_fw_upgrade(adapter, (u8 *)fw_entry->data, content_size);
978 if (status == 0) {
979 rsi_dbg(ERR_ZONE, "Firmware upgradation Done\n");
980 goto load_image_cmd;
981 }
982 rsi_dbg(ERR_ZONE, "Firmware upgrade failed\n");
983
984 status = bl_cmd(adapter, CONFIG_AUTO_READ_MODE, CMD_PASS,
985 "AUTO_READ_MODE");
986 if (status)
987 goto fail;
988
989success:
990 rsi_dbg(ERR_ZONE, "***** Firmware Loading successful *****\n");
991 release_firmware(fw_entry);
992 return 0;
993
994fail:
995 rsi_dbg(ERR_ZONE, "##### Firmware loading failed #####\n");
996 release_firmware(fw_entry);
997 return status;
998}
999
1000static int rsi_load_9116_firmware(struct rsi_hw *adapter)
1001{
1002 struct rsi_common *common = adapter->priv;
1003 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
1004 const struct firmware *fw_entry;
1005 struct ta_metadata *metadata_p;
1006 u8 *ta_firmware, *fw_p;
1007 struct bootload_ds bootload_ds;
1008 u32 instructions_sz, base_address;
1009 u16 block_size = adapter->block_size;
1010 u32 dest, len;
1011 int status, cnt;
1012
1013 rsi_dbg(INIT_ZONE, "***** Load 9116 TA Instructions *****\n");
1014
1015 if (adapter->rsi_host_intf == RSI_HOST_INTF_USB) {
1016 status = bl_cmd(adapter, POLLING_MODE, CMD_PASS,
1017 "POLLING_MODE");
1018 if (status < 0)
1019 return status;
1020 }
1021
1022 status = hif_ops->master_reg_write(adapter, MEM_ACCESS_CTRL_FROM_HOST,
1023 RAM_384K_ACCESS_FROM_TA,
1024 RSI_9116_REG_SIZE);
1025 if (status < 0) {
1026 rsi_dbg(ERR_ZONE, "%s: Unable to access full RAM memory\n",
1027 __func__);
1028 return status;
1029 }
1030
1031 metadata_p = &metadata[adapter->priv->coex_mode];
1032 rsi_dbg(INIT_ZONE, "%s: loading file %s\n", __func__, metadata_p->name);
1033 status = request_firmware(&fw_entry, metadata_p->name, adapter->device);
1034 if (status < 0) {
1035 rsi_dbg(ERR_ZONE, "%s: Failed to open file %s\n",
1036 __func__, metadata_p->name);
1037 return status;
1038 }
1039
1040 ta_firmware = kmemdup(fw_entry->data, fw_entry->size, GFP_KERNEL);
1041 if (!ta_firmware) {
1042 status = -ENOMEM;
1043 goto fail_release_fw;
1044 }
1045 fw_p = ta_firmware;
1046 instructions_sz = fw_entry->size;
1047 rsi_dbg(INFO_ZONE, "FW Length = %d bytes\n", instructions_sz);
1048
1049 common->lmac_ver.major = ta_firmware[LMAC_VER_OFFSET_9116];
1050 common->lmac_ver.minor = ta_firmware[LMAC_VER_OFFSET_9116 + 1];
1051 common->lmac_ver.release_num = ta_firmware[LMAC_VER_OFFSET_9116 + 2];
1052 common->lmac_ver.patch_num = ta_firmware[LMAC_VER_OFFSET_9116 + 3];
1053 common->lmac_ver.ver.info.fw_ver[0] =
1054 ta_firmware[LMAC_VER_OFFSET_9116 + 4];
1055
1056 if (instructions_sz % FW_ALIGN_SIZE)
1057 instructions_sz +=
1058 (FW_ALIGN_SIZE - (instructions_sz % FW_ALIGN_SIZE));
1059 rsi_dbg(INFO_ZONE, "instructions_sz : %d\n", instructions_sz);
1060
1061 if (*(u16 *)fw_p == RSI_9116_FW_MAGIC_WORD) {
1062 memcpy(&bootload_ds, fw_p, sizeof(struct bootload_ds));
1063 fw_p += le16_to_cpu(bootload_ds.offset);
1064 rsi_dbg(INFO_ZONE, "FW start = %x\n", *(u32 *)fw_p);
1065
1066 cnt = 0;
1067 do {
1068 rsi_dbg(ERR_ZONE, "%s: Loading chunk %d\n",
1069 __func__, cnt);
1070
1071 dest = le32_to_cpu(bootload_ds.bl_entry[cnt].dst_addr);
1072 len = le32_to_cpu(bootload_ds.bl_entry[cnt].control) &
1073 RSI_BL_CTRL_LEN_MASK;
1074 rsi_dbg(INFO_ZONE, "length %d destination %x\n",
1075 len, dest);
1076
1077 status = hif_ops->load_data_master_write(adapter, dest,
1078 len,
1079 block_size,
1080 fw_p);
1081 if (status < 0) {
1082 rsi_dbg(ERR_ZONE,
1083 "Failed to load chunk %d\n", cnt);
1084 break;
1085 }
1086 fw_p += len;
1087 if (le32_to_cpu(bootload_ds.bl_entry[cnt].control) &
1088 RSI_BL_CTRL_LAST_ENTRY)
1089 break;
1090 cnt++;
1091 } while (1);
1092 } else {
1093 base_address = metadata_p->address;
1094 status = hif_ops->load_data_master_write(adapter,
1095 base_address,
1096 instructions_sz,
1097 block_size,
1098 ta_firmware);
1099 }
1100 if (status) {
1101 rsi_dbg(ERR_ZONE,
1102 "%s: Unable to load %s blk\n",
1103 __func__, metadata_p->name);
1104 goto fail_free_fw;
1105 }
1106
1107 rsi_dbg(INIT_ZONE, "%s: Successfully loaded %s instructions\n",
1108 __func__, metadata_p->name);
1109
1110 if (adapter->rsi_host_intf == RSI_HOST_INTF_SDIO) {
1111 if (hif_ops->ta_reset(adapter))
1112 rsi_dbg(ERR_ZONE, "Unable to put ta in reset\n");
1113 } else {
1114 if (bl_cmd(adapter, JUMP_TO_ZERO_PC,
1115 CMD_PASS, "JUMP_TO_ZERO") < 0)
1116 rsi_dbg(INFO_ZONE, "Jump to zero command failed\n");
1117 else
1118 rsi_dbg(INFO_ZONE, "Jump to zero command successful\n");
1119 }
1120
1121fail_free_fw:
1122 kfree(ta_firmware);
1123fail_release_fw:
1124 release_firmware(fw_entry);
1125
1126 return status;
1127}
1128
1129int rsi_hal_device_init(struct rsi_hw *adapter)
1130{
1131 struct rsi_common *common = adapter->priv;
1132 int status;
1133
1134 switch (adapter->device_model) {
1135 case RSI_DEV_9113:
1136 status = rsi_hal_prepare_fwload(adapter);
1137 if (status < 0)
1138 return status;
1139 if (rsi_load_9113_firmware(adapter)) {
1140 rsi_dbg(ERR_ZONE,
1141 "%s: Failed to load TA instructions\n",
1142 __func__);
1143 return -EINVAL;
1144 }
1145 break;
1146 case RSI_DEV_9116:
1147 status = rsi_hal_prepare_fwload(adapter);
1148 if (status < 0)
1149 return status;
1150 if (rsi_load_9116_firmware(adapter)) {
1151 rsi_dbg(ERR_ZONE,
1152 "%s: Failed to load firmware to 9116 device\n",
1153 __func__);
1154 return -EINVAL;
1155 }
1156 break;
1157 default:
1158 return -EINVAL;
1159 }
1160 common->fsm_state = FSM_CARD_NOT_READY;
1161
1162 return 0;
1163}
1164EXPORT_SYMBOL_GPL(rsi_hal_device_init);
1165
1166
