1/* Firmware file reading and download helpers
2 *
3 * See copyright notice in main.c
4 */
5#include <linux/kernel.h>
6#include <linux/slab.h>
7#include <linux/firmware.h>
8#include <linux/device.h>
9#include <linux/module.h>
10
11#include "hermes.h"
12#include "hermes_dld.h"
13#include "orinoco.h"
14
15#include "fw.h"
16
17/* End markers (for Symbol firmware only) */
18#define TEXT_END	0x1A		/* End of text header */
19
20struct fw_info {
21	char *pri_fw;
22	char *sta_fw;
23	char *ap_fw;
24	u32 pda_addr;
25	u16 pda_size;
26};
27
28static const struct fw_info orinoco_fw[] = {
29	{ NULL, "agere_sta_fw.bin", "agere_ap_fw.bin", 0x00390000, 1000 },
30	{ NULL, "prism_sta_fw.bin", "prism_ap_fw.bin", 0, 1024 },
31	{ "symbol_sp24t_prim_fw", "symbol_sp24t_sec_fw", NULL, 0x00003100, 512 }
32};
33MODULE_FIRMWARE("agere_sta_fw.bin");
34MODULE_FIRMWARE("agere_ap_fw.bin");
35MODULE_FIRMWARE("prism_sta_fw.bin");
36MODULE_FIRMWARE("prism_ap_fw.bin");
37MODULE_FIRMWARE("symbol_sp24t_prim_fw");
38MODULE_FIRMWARE("symbol_sp24t_sec_fw");
39
40/* Structure used to access fields in FW
41 * Make sure LE decoding macros are used
42 */
43struct orinoco_fw_header {
44	char hdr_vers[6];       /* ASCII string for header version */
45	__le16 headersize;      /* Total length of header */
46	__le32 entry_point;     /* NIC entry point */
47	__le32 blocks;          /* Number of blocks to program */
48	__le32 block_offset;    /* Offset of block data from eof header */
49	__le32 pdr_offset;      /* Offset to PDR data from eof header */
50	__le32 pri_offset;      /* Offset to primary plug data */
51	__le32 compat_offset;   /* Offset to compatibility data*/
52	char signature[0];      /* FW signature length headersize-20 */
53} __packed;
54
55/* Check the range of various header entries. Return a pointer to a
56 * description of the problem, or NULL if everything checks out. */
57static const char *validate_fw(const struct orinoco_fw_header *hdr, size_t len)
58{
59	u16 hdrsize;
60
61	if (len < sizeof(*hdr))
62		return "image too small";
63	if (memcmp(hdr->hdr_vers, "HFW", 3) != 0)
64		return "format not recognised";
65
66	hdrsize = le16_to_cpu(hdr->headersize);
67	if (hdrsize > len)
68		return "bad headersize";
69	if ((hdrsize + le32_to_cpu(hdr->block_offset)) > len)
70		return "bad block offset";
71	if ((hdrsize + le32_to_cpu(hdr->pdr_offset)) > len)
72		return "bad PDR offset";
73	if ((hdrsize + le32_to_cpu(hdr->pri_offset)) > len)
74		return "bad PRI offset";
75	if ((hdrsize + le32_to_cpu(hdr->compat_offset)) > len)
76		return "bad compat offset";
77
78	/* TODO: consider adding a checksum or CRC to the firmware format */
79	return NULL;
80}
81
82#if defined(CONFIG_HERMES_CACHE_FW_ON_INIT) || defined(CONFIG_PM_SLEEP)
83static inline const struct firmware *
84orinoco_cached_fw_get(struct orinoco_private *priv, bool primary)
85{
86	if (primary)
87		return priv->cached_pri_fw;
88	else
89		return priv->cached_fw;
90}
91#else
92#define orinoco_cached_fw_get(priv, primary) (NULL)
93#endif
94
95/* Download either STA or AP firmware into the card. */
96static int
97orinoco_dl_firmware(struct orinoco_private *priv,
98		    const struct fw_info *fw,
99		    int ap)
100{
101	/* Plug Data Area (PDA) */
102	__le16 *pda;
103
104	struct hermes *hw = &priv->hw;
105	const struct firmware *fw_entry;
106	const struct orinoco_fw_header *hdr;
107	const unsigned char *first_block;
108	const void *end;
109	const char *firmware;
110	const char *fw_err;
111	struct device *dev = priv->dev;
112	int err = 0;
113
114	pda = kzalloc(fw->pda_size, GFP_KERNEL);
115	if (!pda)
116		return -ENOMEM;
117
118	if (ap)
119		firmware = fw->ap_fw;
120	else
121		firmware = fw->sta_fw;
122
123	dev_dbg(dev, "Attempting to download firmware %s\n", firmware);
124
125	/* Read current plug data */
126	err = hw->ops->read_pda(hw, pda, fw->pda_addr, fw->pda_size);
127	dev_dbg(dev, "Read PDA returned %d\n", err);
128	if (err)
129		goto free;
130
131	if (!orinoco_cached_fw_get(priv, false)) {
132		err = request_firmware(&fw_entry, firmware, priv->dev);
133
134		if (err) {
135			dev_err(dev, "Cannot find firmware %s\n", firmware);
136			err = -ENOENT;
137			goto free;
138		}
139	} else
140		fw_entry = orinoco_cached_fw_get(priv, false);
141
142	hdr = (const struct orinoco_fw_header *) fw_entry->data;
143
144	fw_err = validate_fw(hdr, fw_entry->size);
145	if (fw_err) {
146		dev_warn(dev, "Invalid firmware image detected (%s). "
147			 "Aborting download\n", fw_err);
148		err = -EINVAL;
149		goto abort;
150	}
151
152	/* Enable aux port to allow programming */
153	err = hw->ops->program_init(hw, le32_to_cpu(hdr->entry_point));
154	dev_dbg(dev, "Program init returned %d\n", err);
155	if (err != 0)
156		goto abort;
157
158	/* Program data */
159	first_block = (fw_entry->data +
160		       le16_to_cpu(hdr->headersize) +
161		       le32_to_cpu(hdr->block_offset));
162	end = fw_entry->data + fw_entry->size;
163
164	err = hermes_program(hw, first_block, end);
165	dev_dbg(dev, "Program returned %d\n", err);
166	if (err != 0)
167		goto abort;
168
169	/* Update production data */
170	first_block = (fw_entry->data +
171		       le16_to_cpu(hdr->headersize) +
172		       le32_to_cpu(hdr->pdr_offset));
173
174	err = hermes_apply_pda_with_defaults(hw, first_block, end, pda,
175					     &pda[fw->pda_size / sizeof(*pda)]);
176	dev_dbg(dev, "Apply PDA returned %d\n", err);
177	if (err)
178		goto abort;
179
180	/* Tell card we've finished */
181	err = hw->ops->program_end(hw);
182	dev_dbg(dev, "Program end returned %d\n", err);
183	if (err != 0)
184		goto abort;
185
186	/* Check if we're running */
187	dev_dbg(dev, "hermes_present returned %d\n", hermes_present(hw));
188
189abort:
190	/* If we requested the firmware, release it. */
191	if (!orinoco_cached_fw_get(priv, false))
192		release_firmware(fw_entry);
193
194free:
195	kfree(pda);
196	return err;
197}
198
199/*
200 * Process a firmware image - stop the card, load the firmware, reset
201 * the card and make sure it responds.  For the secondary firmware take
202 * care of the PDA - read it and then write it on top of the firmware.
203 */
204static int
205symbol_dl_image(struct orinoco_private *priv, const struct fw_info *fw,
206		const unsigned char *image, const void *end,
207		int secondary)
208{
209	struct hermes *hw = &priv->hw;
210	int ret = 0;
211	const unsigned char *ptr;
212	const unsigned char *first_block;
213
214	/* Plug Data Area (PDA) */
215	__le16 *pda = NULL;
216
217	/* Binary block begins after the 0x1A marker */
218	ptr = image;
219	while (*ptr++ != TEXT_END);
220	first_block = ptr;
221
222	/* Read the PDA from EEPROM */
223	if (secondary) {
224		pda = kzalloc(fw->pda_size, GFP_KERNEL);
225		if (!pda)
226			return -ENOMEM;
227
228		ret = hw->ops->read_pda(hw, pda, fw->pda_addr, fw->pda_size);
229		if (ret)
230			goto free;
231	}
232
233	/* Stop the firmware, so that it can be safely rewritten */
234	if (priv->stop_fw) {
235		ret = priv->stop_fw(priv, 1);
236		if (ret)
237			goto free;
238	}
239
240	/* Program the adapter with new firmware */
241	ret = hermes_program(hw, first_block, end);
242	if (ret)
243		goto free;
244
245	/* Write the PDA to the adapter */
246	if (secondary) {
247		size_t len = hermes_blocks_length(first_block, end);
248		ptr = first_block + len;
249		ret = hermes_apply_pda(hw, ptr, end, pda,
250				       &pda[fw->pda_size / sizeof(*pda)]);
251		kfree(pda);
252		if (ret)
253			return ret;
254	}
255
256	/* Run the firmware */
257	if (priv->stop_fw) {
258		ret = priv->stop_fw(priv, 0);
259		if (ret)
260			return ret;
261	}
262
263	/* Reset hermes chip and make sure it responds */
264	ret = hw->ops->init(hw);
265
266	/* hermes_reset() should return 0 with the secondary firmware */
267	if (secondary && ret != 0)
268		return -ENODEV;
269
270	/* And this should work with any firmware */
271	if (!hermes_present(hw))
272		return -ENODEV;
273
274	return 0;
275
276free:
277	kfree(pda);
278	return ret;
279}
280
281
282/*
283 * Download the firmware into the card, this also does a PCMCIA soft
284 * reset on the card, to make sure it's in a sane state.
285 */
286static int
287symbol_dl_firmware(struct orinoco_private *priv,
288		   const struct fw_info *fw)
289{
290	struct device *dev = priv->dev;
291	int ret;
292	const struct firmware *fw_entry;
293
294	if (!orinoco_cached_fw_get(priv, true)) {
295		if (request_firmware(&fw_entry, fw->pri_fw, priv->dev) != 0) {
296			dev_err(dev, "Cannot find firmware: %s\n", fw->pri_fw);
297			return -ENOENT;
298		}
299	} else
300		fw_entry = orinoco_cached_fw_get(priv, true);
301
302	/* Load primary firmware */
303	ret = symbol_dl_image(priv, fw, fw_entry->data,
304			      fw_entry->data + fw_entry->size, 0);
305
306	if (!orinoco_cached_fw_get(priv, true))
307		release_firmware(fw_entry);
308	if (ret) {
309		dev_err(dev, "Primary firmware download failed\n");
310		return ret;
311	}
312
313	if (!orinoco_cached_fw_get(priv, false)) {
314		if (request_firmware(&fw_entry, fw->sta_fw, priv->dev) != 0) {
315			dev_err(dev, "Cannot find firmware: %s\n", fw->sta_fw);
316			return -ENOENT;
317		}
318	} else
319		fw_entry = orinoco_cached_fw_get(priv, false);
320
321	/* Load secondary firmware */
322	ret = symbol_dl_image(priv, fw, fw_entry->data,
323			      fw_entry->data + fw_entry->size, 1);
324	if (!orinoco_cached_fw_get(priv, false))
325		release_firmware(fw_entry);
326	if (ret)
327		dev_err(dev, "Secondary firmware download failed\n");
328
329	return ret;
330}
331
332int orinoco_download(struct orinoco_private *priv)
333{
334	int err = 0;
335	/* Reload firmware */
336	switch (priv->firmware_type) {
337	case FIRMWARE_TYPE_AGERE:
338		/* case FIRMWARE_TYPE_INTERSIL: */
339		err = orinoco_dl_firmware(priv,
340					  &orinoco_fw[priv->firmware_type], 0);
341		break;
342
343	case FIRMWARE_TYPE_SYMBOL:
344		err = symbol_dl_firmware(priv,
345					 &orinoco_fw[priv->firmware_type]);
346		break;
347	case FIRMWARE_TYPE_INTERSIL:
348		break;
349	}
350	/* TODO: if we fail we probably need to reinitialise
351	 * the driver */
352
353	return err;
354}
355
356#if defined(CONFIG_HERMES_CACHE_FW_ON_INIT) || defined(CONFIG_PM_SLEEP)
357void orinoco_cache_fw(struct orinoco_private *priv, int ap)
358{
359	const struct firmware *fw_entry = NULL;
360	const char *pri_fw;
361	const char *fw;
362
363	pri_fw = orinoco_fw[priv->firmware_type].pri_fw;
364	if (ap)
365		fw = orinoco_fw[priv->firmware_type].ap_fw;
366	else
367		fw = orinoco_fw[priv->firmware_type].sta_fw;
368
369	if (pri_fw) {
370		if (request_firmware(&fw_entry, pri_fw, priv->dev) == 0)
371			priv->cached_pri_fw = fw_entry;
372	}
373
374	if (fw) {
375		if (request_firmware(&fw_entry, fw, priv->dev) == 0)
376			priv->cached_fw = fw_entry;
377	}
378}
379
380void orinoco_uncache_fw(struct orinoco_private *priv)
381{
382	release_firmware(priv->cached_pri_fw);
383	release_firmware(priv->cached_fw);
384	priv->cached_pri_fw = NULL;
385	priv->cached_fw = NULL;
386}
387#endif
388