This source file includes following definitions.
- rsi_send_pkt_to_bus
- rsi_prepare_mgmt_desc
- rsi_prepare_data_desc
- rsi_send_data_pkt
- rsi_send_mgmt_pkt
- rsi_send_bt_pkt
- rsi_prepare_beacon
- bl_cmd_timeout
- bl_start_cmd_timer
- bl_stop_cmd_timer
- bl_write_cmd
- bl_cmd
- bl_write_header
- read_flash_capacity
- ping_pong_write
- auto_fw_upgrade
- rsi_hal_prepare_fwload
- rsi_load_9113_firmware
- rsi_load_9116_firmware
- rsi_hal_device_init
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17 #include <linux/firmware.h>
18 #include <net/bluetooth/bluetooth.h>
19 #include "rsi_mgmt.h"
20 #include "rsi_hal.h"
21 #include "rsi_sdio.h"
22 #include "rsi_common.h"
23
24
25 static struct ta_metadata metadata_flash_content[] = {
26 {"flash_content", 0x00010000},
27 {"rsi/rs9113_wlan_qspi.rps", 0x00010000},
28 {"rsi/rs9113_wlan_bt_dual_mode.rps", 0x00010000},
29 {"flash_content", 0x00010000},
30 {"rsi/rs9113_ap_bt_dual_mode.rps", 0x00010000},
31
32 };
33
34 static struct ta_metadata metadata[] = {{"pmemdata_dummy", 0x00000000},
35 {"rsi/rs9116_wlan.rps", 0x00000000},
36 {"rsi/rs9116_wlan_bt_classic.rps", 0x00000000},
37 {"rsi/pmemdata_dummy", 0x00000000},
38 {"rsi/rs9116_wlan_bt_classic.rps", 0x00000000}
39 };
40
41 int rsi_send_pkt_to_bus(struct rsi_common *common, struct sk_buff *skb)
42 {
43 struct rsi_hw *adapter = common->priv;
44 int status;
45
46 if (common->coex_mode > 1)
47 mutex_lock(&common->tx_bus_mutex);
48
49 status = adapter->host_intf_ops->write_pkt(common->priv,
50 skb->data, skb->len);
51
52 if (common->coex_mode > 1)
53 mutex_unlock(&common->tx_bus_mutex);
54
55 return status;
56 }
57
58 int rsi_prepare_mgmt_desc(struct rsi_common *common, struct sk_buff *skb)
59 {
60 struct rsi_hw *adapter = common->priv;
61 struct ieee80211_hdr *wh = NULL;
62 struct ieee80211_tx_info *info;
63 struct ieee80211_conf *conf = &adapter->hw->conf;
64 struct ieee80211_vif *vif;
65 struct rsi_mgmt_desc *mgmt_desc;
66 struct skb_info *tx_params;
67 struct rsi_xtended_desc *xtend_desc = NULL;
68 u8 header_size;
69 u32 dword_align_bytes = 0;
70
71 if (skb->len > MAX_MGMT_PKT_SIZE) {
72 rsi_dbg(INFO_ZONE, "%s: Dropping mgmt pkt > 512\n", __func__);
73 return -EINVAL;
74 }
75
76 info = IEEE80211_SKB_CB(skb);
77 tx_params = (struct skb_info *)info->driver_data;
78 vif = tx_params->vif;
79
80
81 header_size = FRAME_DESC_SZ + sizeof(struct rsi_xtended_desc);
82 if (header_size > skb_headroom(skb)) {
83 rsi_dbg(ERR_ZONE,
84 "%s: Failed to add extended descriptor\n",
85 __func__);
86 return -ENOSPC;
87 }
88 skb_push(skb, header_size);
89 dword_align_bytes = ((unsigned long)skb->data & 0x3f);
90 if (dword_align_bytes > skb_headroom(skb)) {
91 rsi_dbg(ERR_ZONE,
92 "%s: Failed to add dword align\n", __func__);
93 return -ENOSPC;
94 }
95 skb_push(skb, dword_align_bytes);
96 header_size += dword_align_bytes;
97
98 tx_params->internal_hdr_size = header_size;
99 memset(&skb->data[0], 0, header_size);
100 wh = (struct ieee80211_hdr *)&skb->data[header_size];
101
102 mgmt_desc = (struct rsi_mgmt_desc *)skb->data;
103 xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
104
105 rsi_set_len_qno(&mgmt_desc->len_qno, (skb->len - FRAME_DESC_SZ),
106 RSI_WIFI_MGMT_Q);
107 mgmt_desc->frame_type = TX_DOT11_MGMT;
108 mgmt_desc->header_len = MIN_802_11_HDR_LEN;
109 mgmt_desc->xtend_desc_size = header_size - FRAME_DESC_SZ;
110
111 if (ieee80211_is_probe_req(wh->frame_control))
112 mgmt_desc->frame_info = cpu_to_le16(RSI_INSERT_SEQ_IN_FW);
113 mgmt_desc->frame_info |= cpu_to_le16(RATE_INFO_ENABLE);
114 if (is_broadcast_ether_addr(wh->addr1))
115 mgmt_desc->frame_info |= cpu_to_le16(RSI_BROADCAST_PKT);
116
117 mgmt_desc->seq_ctrl =
118 cpu_to_le16(IEEE80211_SEQ_TO_SN(le16_to_cpu(wh->seq_ctrl)));
119 if ((common->band == NL80211_BAND_2GHZ) && !common->p2p_enabled)
120 mgmt_desc->rate_info = cpu_to_le16(RSI_RATE_1);
121 else
122 mgmt_desc->rate_info = cpu_to_le16(RSI_RATE_6);
123
124 if (conf_is_ht40(conf))
125 mgmt_desc->bbp_info = cpu_to_le16(FULL40M_ENABLE);
126
127 if (ieee80211_is_probe_resp(wh->frame_control)) {
128 mgmt_desc->misc_flags |= (RSI_ADD_DELTA_TSF_VAP_ID |
129 RSI_FETCH_RETRY_CNT_FRM_HST);
130 #define PROBE_RESP_RETRY_CNT 3
131 xtend_desc->retry_cnt = PROBE_RESP_RETRY_CNT;
132 }
133
134 if (((vif->type == NL80211_IFTYPE_AP) ||
135 (vif->type == NL80211_IFTYPE_P2P_GO)) &&
136 (ieee80211_is_action(wh->frame_control))) {
137 struct rsi_sta *rsta = rsi_find_sta(common, wh->addr1);
138
139 if (rsta)
140 mgmt_desc->sta_id = tx_params->sta_id;
141 else
142 return -EINVAL;
143 }
144 mgmt_desc->rate_info |=
145 cpu_to_le16((tx_params->vap_id << RSI_DESC_VAP_ID_OFST) &
146 RSI_DESC_VAP_ID_MASK);
147
148 return 0;
149 }
150
151
152 int rsi_prepare_data_desc(struct rsi_common *common, struct sk_buff *skb)
153 {
154 struct rsi_hw *adapter = common->priv;
155 struct ieee80211_vif *vif;
156 struct ieee80211_hdr *wh = NULL;
157 struct ieee80211_tx_info *info;
158 struct skb_info *tx_params;
159 struct rsi_data_desc *data_desc;
160 struct rsi_xtended_desc *xtend_desc;
161 u8 ieee80211_size = MIN_802_11_HDR_LEN;
162 u8 header_size;
163 u8 vap_id = 0;
164 u8 dword_align_bytes;
165 u16 seq_num;
166
167 info = IEEE80211_SKB_CB(skb);
168 vif = info->control.vif;
169 tx_params = (struct skb_info *)info->driver_data;
170
171 header_size = FRAME_DESC_SZ + sizeof(struct rsi_xtended_desc);
172 if (header_size > skb_headroom(skb)) {
173 rsi_dbg(ERR_ZONE, "%s: Unable to send pkt\n", __func__);
174 return -ENOSPC;
175 }
176 skb_push(skb, header_size);
177 dword_align_bytes = ((unsigned long)skb->data & 0x3f);
178 if (header_size > skb_headroom(skb)) {
179 rsi_dbg(ERR_ZONE, "%s: Not enough headroom\n", __func__);
180 return -ENOSPC;
181 }
182 skb_push(skb, dword_align_bytes);
183 header_size += dword_align_bytes;
184
185 tx_params->internal_hdr_size = header_size;
186 data_desc = (struct rsi_data_desc *)skb->data;
187 memset(data_desc, 0, header_size);
188
189 xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
190 wh = (struct ieee80211_hdr *)&skb->data[header_size];
191 seq_num = IEEE80211_SEQ_TO_SN(le16_to_cpu(wh->seq_ctrl));
192
193 data_desc->xtend_desc_size = header_size - FRAME_DESC_SZ;
194
195 if (ieee80211_is_data_qos(wh->frame_control)) {
196 ieee80211_size += 2;
197 data_desc->mac_flags |= cpu_to_le16(RSI_QOS_ENABLE);
198 }
199
200 if (((vif->type == NL80211_IFTYPE_STATION) ||
201 (vif->type == NL80211_IFTYPE_P2P_CLIENT)) &&
202 (adapter->ps_state == PS_ENABLED))
203 wh->frame_control |= cpu_to_le16(RSI_SET_PS_ENABLE);
204
205 if ((!(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT)) &&
206 (common->secinfo.security_enable)) {
207 if (rsi_is_cipher_wep(common))
208 ieee80211_size += 4;
209 else
210 ieee80211_size += 8;
211 data_desc->mac_flags |= cpu_to_le16(RSI_ENCRYPT_PKT);
212 }
213 rsi_set_len_qno(&data_desc->len_qno, (skb->len - FRAME_DESC_SZ),
214 RSI_WIFI_DATA_Q);
215 data_desc->header_len = ieee80211_size;
216
217 if (common->min_rate != RSI_RATE_AUTO) {
218
219 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
220 data_desc->rate_info = cpu_to_le16(common->min_rate);
221
222 if (conf_is_ht40(&common->priv->hw->conf))
223 data_desc->bbp_info = cpu_to_le16(FULL40M_ENABLE);
224
225 if ((common->vif_info[0].sgi) && (common->min_rate & 0x100)) {
226
227 data_desc->rate_info |=
228 cpu_to_le16(ENABLE_SHORTGI_RATE);
229 }
230 }
231
232 if (skb->protocol == cpu_to_be16(ETH_P_PAE)) {
233 rsi_dbg(INFO_ZONE, "*** Tx EAPOL ***\n");
234
235 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
236 if (common->band == NL80211_BAND_5GHZ)
237 data_desc->rate_info = cpu_to_le16(RSI_RATE_6);
238 else
239 data_desc->rate_info = cpu_to_le16(RSI_RATE_1);
240 data_desc->mac_flags |= cpu_to_le16(RSI_REKEY_PURPOSE);
241 data_desc->misc_flags |= RSI_FETCH_RETRY_CNT_FRM_HST;
242 #define EAPOL_RETRY_CNT 15
243 xtend_desc->retry_cnt = EAPOL_RETRY_CNT;
244
245 if (common->eapol4_confirm)
246 skb->priority = VO_Q;
247 else
248 rsi_set_len_qno(&data_desc->len_qno,
249 (skb->len - FRAME_DESC_SZ),
250 RSI_WIFI_MGMT_Q);
251 if ((skb->len - header_size) == EAPOL4_PACKET_LEN) {
252 data_desc->misc_flags |=
253 RSI_DESC_REQUIRE_CFM_TO_HOST;
254 xtend_desc->confirm_frame_type = EAPOL4_CONFIRM;
255 }
256 }
257
258 data_desc->mac_flags |= cpu_to_le16(seq_num & 0xfff);
259 data_desc->qid_tid = ((skb->priority & 0xf) |
260 ((tx_params->tid & 0xf) << 4));
261 data_desc->sta_id = tx_params->sta_id;
262
263 if ((is_broadcast_ether_addr(wh->addr1)) ||
264 (is_multicast_ether_addr(wh->addr1))) {
265 data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
266 data_desc->frame_info |= cpu_to_le16(RSI_BROADCAST_PKT);
267 data_desc->sta_id = vap_id;
268
269 if ((vif->type == NL80211_IFTYPE_AP) ||
270 (vif->type == NL80211_IFTYPE_P2P_GO)) {
271 if (common->band == NL80211_BAND_5GHZ)
272 data_desc->rate_info = cpu_to_le16(RSI_RATE_6);
273 else
274 data_desc->rate_info = cpu_to_le16(RSI_RATE_1);
275 }
276 }
277 if (((vif->type == NL80211_IFTYPE_AP) ||
278 (vif->type == NL80211_IFTYPE_P2P_GO)) &&
279 (ieee80211_has_moredata(wh->frame_control)))
280 data_desc->frame_info |= cpu_to_le16(MORE_DATA_PRESENT);
281
282 data_desc->rate_info |=
283 cpu_to_le16((tx_params->vap_id << RSI_DESC_VAP_ID_OFST) &
284 RSI_DESC_VAP_ID_MASK);
285
286 return 0;
287 }
288
289
290 int rsi_send_data_pkt(struct rsi_common *common, struct sk_buff *skb)
291 {
292 struct rsi_hw *adapter = common->priv;
293 struct ieee80211_vif *vif;
294 struct ieee80211_tx_info *info;
295 struct ieee80211_bss_conf *bss;
296 int status = -EINVAL;
297
298 if (!skb)
299 return 0;
300 if (common->iface_down)
301 goto err;
302
303 info = IEEE80211_SKB_CB(skb);
304 if (!info->control.vif)
305 goto err;
306 vif = info->control.vif;
307 bss = &vif->bss_conf;
308
309 if (((vif->type == NL80211_IFTYPE_STATION) ||
310 (vif->type == NL80211_IFTYPE_P2P_CLIENT)) &&
311 (!bss->assoc))
312 goto err;
313
314 status = rsi_send_pkt_to_bus(common, skb);
315 if (status)
316 rsi_dbg(ERR_ZONE, "%s: Failed to write pkt\n", __func__);
317
318 err:
319 ++common->tx_stats.total_tx_pkt_freed[skb->priority];
320 rsi_indicate_tx_status(adapter, skb, status);
321 return status;
322 }
323
324
325
326
327
328
329
330
331
332 int rsi_send_mgmt_pkt(struct rsi_common *common,
333 struct sk_buff *skb)
334 {
335 struct rsi_hw *adapter = common->priv;
336 struct ieee80211_bss_conf *bss;
337 struct ieee80211_hdr *wh;
338 struct ieee80211_tx_info *info;
339 struct skb_info *tx_params;
340 struct rsi_mgmt_desc *mgmt_desc;
341 struct rsi_xtended_desc *xtend_desc;
342 int status = -E2BIG;
343 u8 header_size;
344
345 info = IEEE80211_SKB_CB(skb);
346 tx_params = (struct skb_info *)info->driver_data;
347 header_size = tx_params->internal_hdr_size;
348
349 if (tx_params->flags & INTERNAL_MGMT_PKT) {
350 status = adapter->host_intf_ops->write_pkt(common->priv,
351 (u8 *)skb->data,
352 skb->len);
353 if (status) {
354 rsi_dbg(ERR_ZONE,
355 "%s: Failed to write the packet\n", __func__);
356 }
357 dev_kfree_skb(skb);
358 return status;
359 }
360
361 bss = &info->control.vif->bss_conf;
362 wh = (struct ieee80211_hdr *)&skb->data[header_size];
363 mgmt_desc = (struct rsi_mgmt_desc *)skb->data;
364 xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
365
366
367 if (ieee80211_is_probe_req(wh->frame_control) && !bss->assoc) {
368 rsi_dbg(INFO_ZONE,
369 "%s: blocking mgmt queue\n", __func__);
370 mgmt_desc->misc_flags = RSI_DESC_REQUIRE_CFM_TO_HOST;
371 xtend_desc->confirm_frame_type = PROBEREQ_CONFIRM;
372 common->mgmt_q_block = true;
373 rsi_dbg(INFO_ZONE, "Mgmt queue blocked\n");
374 }
375
376 status = rsi_send_pkt_to_bus(common, skb);
377 if (status)
378 rsi_dbg(ERR_ZONE, "%s: Failed to write the packet\n", __func__);
379
380 rsi_indicate_tx_status(common->priv, skb, status);
381 return status;
382 }
383
384 int rsi_send_bt_pkt(struct rsi_common *common, struct sk_buff *skb)
385 {
386 int status = -EINVAL;
387 u8 header_size = 0;
388 struct rsi_bt_desc *bt_desc;
389 u8 queueno = ((skb->data[1] >> 4) & 0xf);
390
391 if (queueno == RSI_BT_MGMT_Q) {
392 status = rsi_send_pkt_to_bus(common, skb);
393 if (status)
394 rsi_dbg(ERR_ZONE, "%s: Failed to write bt mgmt pkt\n",
395 __func__);
396 goto out;
397 }
398 header_size = FRAME_DESC_SZ;
399 if (header_size > skb_headroom(skb)) {
400 rsi_dbg(ERR_ZONE, "%s: Not enough headroom\n", __func__);
401 status = -ENOSPC;
402 goto out;
403 }
404 skb_push(skb, header_size);
405 memset(skb->data, 0, header_size);
406 bt_desc = (struct rsi_bt_desc *)skb->data;
407
408 rsi_set_len_qno(&bt_desc->len_qno, (skb->len - FRAME_DESC_SZ),
409 RSI_BT_DATA_Q);
410 bt_desc->bt_pkt_type = cpu_to_le16(bt_cb(skb)->pkt_type);
411
412 status = rsi_send_pkt_to_bus(common, skb);
413 if (status)
414 rsi_dbg(ERR_ZONE, "%s: Failed to write bt pkt\n", __func__);
415
416 out:
417 dev_kfree_skb(skb);
418 return status;
419 }
420
421 int rsi_prepare_beacon(struct rsi_common *common, struct sk_buff *skb)
422 {
423 struct rsi_hw *adapter = (struct rsi_hw *)common->priv;
424 struct rsi_data_desc *bcn_frm;
425 struct ieee80211_hw *hw = common->priv->hw;
426 struct ieee80211_conf *conf = &hw->conf;
427 struct ieee80211_vif *vif;
428 struct sk_buff *mac_bcn;
429 u8 vap_id = 0, i;
430 u16 tim_offset = 0;
431
432 for (i = 0; i < RSI_MAX_VIFS; i++) {
433 vif = adapter->vifs[i];
434 if (!vif)
435 continue;
436 if ((vif->type == NL80211_IFTYPE_AP) ||
437 (vif->type == NL80211_IFTYPE_P2P_GO))
438 break;
439 }
440 if (!vif)
441 return -EINVAL;
442 mac_bcn = ieee80211_beacon_get_tim(adapter->hw,
443 vif,
444 &tim_offset, NULL);
445 if (!mac_bcn) {
446 rsi_dbg(ERR_ZONE, "Failed to get beacon from mac80211\n");
447 return -EINVAL;
448 }
449
450 common->beacon_cnt++;
451 bcn_frm = (struct rsi_data_desc *)skb->data;
452 rsi_set_len_qno(&bcn_frm->len_qno, mac_bcn->len, RSI_WIFI_DATA_Q);
453 bcn_frm->header_len = MIN_802_11_HDR_LEN;
454 bcn_frm->frame_info = cpu_to_le16(RSI_DATA_DESC_MAC_BBP_INFO |
455 RSI_DATA_DESC_NO_ACK_IND |
456 RSI_DATA_DESC_BEACON_FRAME |
457 RSI_DATA_DESC_INSERT_TSF |
458 RSI_DATA_DESC_INSERT_SEQ_NO |
459 RATE_INFO_ENABLE);
460 bcn_frm->rate_info = cpu_to_le16(vap_id << 14);
461 bcn_frm->qid_tid = BEACON_HW_Q;
462
463 if (conf_is_ht40_plus(conf)) {
464 bcn_frm->bbp_info = cpu_to_le16(LOWER_20_ENABLE);
465 bcn_frm->bbp_info |= cpu_to_le16(LOWER_20_ENABLE >> 12);
466 } else if (conf_is_ht40_minus(conf)) {
467 bcn_frm->bbp_info = cpu_to_le16(UPPER_20_ENABLE);
468 bcn_frm->bbp_info |= cpu_to_le16(UPPER_20_ENABLE >> 12);
469 }
470
471 if (common->band == NL80211_BAND_2GHZ)
472 bcn_frm->bbp_info |= cpu_to_le16(RSI_RATE_1);
473 else
474 bcn_frm->bbp_info |= cpu_to_le16(RSI_RATE_6);
475
476 if (mac_bcn->data[tim_offset + 2] == 0)
477 bcn_frm->frame_info |= cpu_to_le16(RSI_DATA_DESC_DTIM_BEACON);
478
479 memcpy(&skb->data[FRAME_DESC_SZ], mac_bcn->data, mac_bcn->len);
480 skb_put(skb, mac_bcn->len + FRAME_DESC_SZ);
481
482 dev_kfree_skb(mac_bcn);
483
484 return 0;
485 }
486
487 static void bl_cmd_timeout(struct timer_list *t)
488 {
489 struct rsi_hw *adapter = from_timer(adapter, t, bl_cmd_timer);
490
491 adapter->blcmd_timer_expired = true;
492 del_timer(&adapter->bl_cmd_timer);
493 }
494
495 static int bl_start_cmd_timer(struct rsi_hw *adapter, u32 timeout)
496 {
497 timer_setup(&adapter->bl_cmd_timer, bl_cmd_timeout, 0);
498 adapter->bl_cmd_timer.expires = (msecs_to_jiffies(timeout) + jiffies);
499
500 adapter->blcmd_timer_expired = false;
501 add_timer(&adapter->bl_cmd_timer);
502
503 return 0;
504 }
505
506 static int bl_stop_cmd_timer(struct rsi_hw *adapter)
507 {
508 adapter->blcmd_timer_expired = false;
509 if (timer_pending(&adapter->bl_cmd_timer))
510 del_timer(&adapter->bl_cmd_timer);
511
512 return 0;
513 }
514
515 static int bl_write_cmd(struct rsi_hw *adapter, u8 cmd, u8 exp_resp,
516 u16 *cmd_resp)
517 {
518 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
519 u32 regin_val = 0, regout_val = 0;
520 u32 regin_input = 0;
521 u8 output = 0;
522 int status;
523
524 regin_input = (REGIN_INPUT | adapter->priv->coex_mode);
525
526 while (!adapter->blcmd_timer_expired) {
527 regin_val = 0;
528 status = hif_ops->master_reg_read(adapter, SWBL_REGIN,
529 ®in_val, 2);
530 if (status < 0) {
531 rsi_dbg(ERR_ZONE,
532 "%s: Command %0x REGIN reading failed..\n",
533 __func__, cmd);
534 return status;
535 }
536 mdelay(1);
537 if ((regin_val >> 12) != REGIN_VALID)
538 break;
539 }
540 if (adapter->blcmd_timer_expired) {
541 rsi_dbg(ERR_ZONE,
542 "%s: Command %0x REGIN reading timed out..\n",
543 __func__, cmd);
544 return -ETIMEDOUT;
545 }
546
547 rsi_dbg(INFO_ZONE,
548 "Issuing write to Regin val:%0x sending cmd:%0x\n",
549 regin_val, (cmd | regin_input << 8));
550 status = hif_ops->master_reg_write(adapter, SWBL_REGIN,
551 (cmd | regin_input << 8), 2);
552 if (status < 0)
553 return status;
554 mdelay(1);
555
556 if (cmd == LOAD_HOSTED_FW || cmd == JUMP_TO_ZERO_PC) {
557
558
559
560 return 0;
561 }
562
563 while (!adapter->blcmd_timer_expired) {
564 regout_val = 0;
565 status = hif_ops->master_reg_read(adapter, SWBL_REGOUT,
566 ®out_val, 2);
567 if (status < 0) {
568 rsi_dbg(ERR_ZONE,
569 "%s: Command %0x REGOUT reading failed..\n",
570 __func__, cmd);
571 return status;
572 }
573 mdelay(1);
574 if ((regout_val >> 8) == REGOUT_VALID)
575 break;
576 }
577 if (adapter->blcmd_timer_expired) {
578 rsi_dbg(ERR_ZONE,
579 "%s: Command %0x REGOUT reading timed out..\n",
580 __func__, cmd);
581 return status;
582 }
583
584 *cmd_resp = ((u16 *)®out_val)[0] & 0xffff;
585
586 output = ((u8 *)®out_val)[0] & 0xff;
587
588 status = hif_ops->master_reg_write(adapter, SWBL_REGOUT,
589 (cmd | REGOUT_INVALID << 8), 2);
590 if (status < 0) {
591 rsi_dbg(ERR_ZONE,
592 "%s: Command %0x REGOUT writing failed..\n",
593 __func__, cmd);
594 return status;
595 }
596 mdelay(1);
597
598 if (output != exp_resp) {
599 rsi_dbg(ERR_ZONE,
600 "%s: Recvd resp %x for cmd %0x\n",
601 __func__, output, cmd);
602 return -EINVAL;
603 }
604 rsi_dbg(INFO_ZONE,
605 "%s: Recvd Expected resp %x for cmd %0x\n",
606 __func__, output, cmd);
607
608 return 0;
609 }
610
611 static int bl_cmd(struct rsi_hw *adapter, u8 cmd, u8 exp_resp, char *str)
612 {
613 u16 regout_val = 0;
614 u32 timeout;
615 int status;
616
617 if ((cmd == EOF_REACHED) || (cmd == PING_VALID) || (cmd == PONG_VALID))
618 timeout = BL_BURN_TIMEOUT;
619 else
620 timeout = BL_CMD_TIMEOUT;
621
622 bl_start_cmd_timer(adapter, timeout);
623 status = bl_write_cmd(adapter, cmd, exp_resp, ®out_val);
624 if (status < 0) {
625 bl_stop_cmd_timer(adapter);
626 rsi_dbg(ERR_ZONE,
627 "%s: Command %s (%0x) writing failed..\n",
628 __func__, str, cmd);
629 return status;
630 }
631 bl_stop_cmd_timer(adapter);
632 return 0;
633 }
634
635 #define CHECK_SUM_OFFSET 20
636 #define LEN_OFFSET 8
637 #define ADDR_OFFSET 16
638 static int bl_write_header(struct rsi_hw *adapter, u8 *flash_content,
639 u32 content_size)
640 {
641 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
642 struct bl_header *bl_hdr;
643 u32 write_addr, write_len;
644 int status;
645
646 bl_hdr = kzalloc(sizeof(*bl_hdr), GFP_KERNEL);
647 if (!bl_hdr)
648 return -ENOMEM;
649
650 bl_hdr->flags = 0;
651 bl_hdr->image_no = cpu_to_le32(adapter->priv->coex_mode);
652 bl_hdr->check_sum =
653 cpu_to_le32(*(u32 *)&flash_content[CHECK_SUM_OFFSET]);
654 bl_hdr->flash_start_address =
655 cpu_to_le32(*(u32 *)&flash_content[ADDR_OFFSET]);
656 bl_hdr->flash_len = cpu_to_le32(*(u32 *)&flash_content[LEN_OFFSET]);
657 write_len = sizeof(struct bl_header);
658
659 if (adapter->rsi_host_intf == RSI_HOST_INTF_USB) {
660 write_addr = PING_BUFFER_ADDRESS;
661 status = hif_ops->write_reg_multiple(adapter, write_addr,
662 (u8 *)bl_hdr, write_len);
663 if (status < 0) {
664 rsi_dbg(ERR_ZONE,
665 "%s: Failed to load Version/CRC structure\n",
666 __func__);
667 goto fail;
668 }
669 } else {
670 write_addr = PING_BUFFER_ADDRESS >> 16;
671 status = hif_ops->master_access_msword(adapter, write_addr);
672 if (status < 0) {
673 rsi_dbg(ERR_ZONE,
674 "%s: Unable to set ms word to common reg\n",
675 __func__);
676 goto fail;
677 }
678 write_addr = RSI_SD_REQUEST_MASTER |
679 (PING_BUFFER_ADDRESS & 0xFFFF);
680 status = hif_ops->write_reg_multiple(adapter, write_addr,
681 (u8 *)bl_hdr, write_len);
682 if (status < 0) {
683 rsi_dbg(ERR_ZONE,
684 "%s: Failed to load Version/CRC structure\n",
685 __func__);
686 goto fail;
687 }
688 }
689 status = 0;
690 fail:
691 kfree(bl_hdr);
692 return status;
693 }
694
695 static u32 read_flash_capacity(struct rsi_hw *adapter)
696 {
697 u32 flash_sz = 0;
698
699 if ((adapter->host_intf_ops->master_reg_read(adapter, FLASH_SIZE_ADDR,
700 &flash_sz, 2)) < 0) {
701 rsi_dbg(ERR_ZONE,
702 "%s: Flash size reading failed..\n",
703 __func__);
704 return 0;
705 }
706 rsi_dbg(INIT_ZONE, "Flash capacity: %d KiloBytes\n", flash_sz);
707
708 return (flash_sz * 1024);
709 }
710
711 static int ping_pong_write(struct rsi_hw *adapter, u8 cmd, u8 *addr, u32 size)
712 {
713 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
714 u32 block_size = adapter->block_size;
715 u32 cmd_addr;
716 u16 cmd_resp, cmd_req;
717 u8 *str;
718 int status;
719
720 if (cmd == PING_WRITE) {
721 cmd_addr = PING_BUFFER_ADDRESS;
722 cmd_resp = PONG_AVAIL;
723 cmd_req = PING_VALID;
724 str = "PING_VALID";
725 } else {
726 cmd_addr = PONG_BUFFER_ADDRESS;
727 cmd_resp = PING_AVAIL;
728 cmd_req = PONG_VALID;
729 str = "PONG_VALID";
730 }
731
732 status = hif_ops->load_data_master_write(adapter, cmd_addr, size,
733 block_size, addr);
734 if (status) {
735 rsi_dbg(ERR_ZONE, "%s: Unable to write blk at addr %0x\n",
736 __func__, *addr);
737 return status;
738 }
739
740 status = bl_cmd(adapter, cmd_req, cmd_resp, str);
741 if (status)
742 return status;
743
744 return 0;
745 }
746
747 static int auto_fw_upgrade(struct rsi_hw *adapter, u8 *flash_content,
748 u32 content_size)
749 {
750 u8 cmd;
751 u32 temp_content_size, num_flash, index;
752 u32 flash_start_address;
753 int status;
754
755 if (content_size > MAX_FLASH_FILE_SIZE) {
756 rsi_dbg(ERR_ZONE,
757 "%s: Flash Content size is more than 400K %u\n",
758 __func__, MAX_FLASH_FILE_SIZE);
759 return -EINVAL;
760 }
761
762 flash_start_address = *(u32 *)&flash_content[FLASH_START_ADDRESS];
763 rsi_dbg(INFO_ZONE, "flash start address: %08x\n", flash_start_address);
764
765 if (flash_start_address < FW_IMAGE_MIN_ADDRESS) {
766 rsi_dbg(ERR_ZONE,
767 "%s: Fw image Flash Start Address is less than 64K\n",
768 __func__);
769 return -EINVAL;
770 }
771
772 if (flash_start_address % FLASH_SECTOR_SIZE) {
773 rsi_dbg(ERR_ZONE,
774 "%s: Flash Start Address is not multiple of 4K\n",
775 __func__);
776 return -EINVAL;
777 }
778
779 if ((flash_start_address + content_size) > adapter->flash_capacity) {
780 rsi_dbg(ERR_ZONE,
781 "%s: Flash Content will cross max flash size\n",
782 __func__);
783 return -EINVAL;
784 }
785
786 temp_content_size = content_size;
787 num_flash = content_size / FLASH_WRITE_CHUNK_SIZE;
788
789 rsi_dbg(INFO_ZONE, "content_size: %d, num_flash: %d\n",
790 content_size, num_flash);
791
792 for (index = 0; index <= num_flash; index++) {
793 rsi_dbg(INFO_ZONE, "flash index: %d\n", index);
794 if (index != num_flash) {
795 content_size = FLASH_WRITE_CHUNK_SIZE;
796 rsi_dbg(INFO_ZONE, "QSPI content_size:%d\n",
797 content_size);
798 } else {
799 content_size =
800 temp_content_size % FLASH_WRITE_CHUNK_SIZE;
801 rsi_dbg(INFO_ZONE,
802 "Writing last sector content_size:%d\n",
803 content_size);
804 if (!content_size) {
805 rsi_dbg(INFO_ZONE, "instruction size zero\n");
806 break;
807 }
808 }
809
810 if (index % 2)
811 cmd = PING_WRITE;
812 else
813 cmd = PONG_WRITE;
814
815 status = ping_pong_write(adapter, cmd, flash_content,
816 content_size);
817 if (status) {
818 rsi_dbg(ERR_ZONE, "%s: Unable to load %d block\n",
819 __func__, index);
820 return status;
821 }
822
823 rsi_dbg(INFO_ZONE,
824 "%s: Successfully loaded %d instructions\n",
825 __func__, index);
826 flash_content += content_size;
827 }
828
829 status = bl_cmd(adapter, EOF_REACHED, FW_LOADING_SUCCESSFUL,
830 "EOF_REACHED");
831 if (status)
832 return status;
833
834 rsi_dbg(INFO_ZONE, "FW loading is done and FW is running..\n");
835 return 0;
836 }
837
838 static int rsi_hal_prepare_fwload(struct rsi_hw *adapter)
839 {
840 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
841 u32 regout_val = 0;
842 int status;
843
844 bl_start_cmd_timer(adapter, BL_CMD_TIMEOUT);
845
846 while (!adapter->blcmd_timer_expired) {
847 status = hif_ops->master_reg_read(adapter, SWBL_REGOUT,
848 ®out_val,
849 RSI_COMMON_REG_SIZE);
850 if (status < 0) {
851 bl_stop_cmd_timer(adapter);
852 rsi_dbg(ERR_ZONE,
853 "%s: REGOUT read failed\n", __func__);
854 return status;
855 }
856 mdelay(1);
857 if ((regout_val >> 8) == REGOUT_VALID)
858 break;
859 }
860 if (adapter->blcmd_timer_expired) {
861 rsi_dbg(ERR_ZONE, "%s: REGOUT read timedout\n", __func__);
862 rsi_dbg(ERR_ZONE,
863 "%s: Soft boot loader not present\n", __func__);
864 return -ETIMEDOUT;
865 }
866 bl_stop_cmd_timer(adapter);
867
868 rsi_dbg(INFO_ZONE, "Received Board Version Number: %x\n",
869 (regout_val & 0xff));
870
871 status = hif_ops->master_reg_write(adapter, SWBL_REGOUT,
872 (REGOUT_INVALID |
873 REGOUT_INVALID << 8),
874 RSI_COMMON_REG_SIZE);
875 if (status < 0)
876 rsi_dbg(ERR_ZONE, "%s: REGOUT writing failed..\n", __func__);
877 else
878 rsi_dbg(INFO_ZONE,
879 "===> Device is ready to load firmware <===\n");
880
881 return status;
882 }
883
884 static int rsi_load_9113_firmware(struct rsi_hw *adapter)
885 {
886 struct rsi_common *common = adapter->priv;
887 const struct firmware *fw_entry = NULL;
888 u32 content_size;
889 u16 tmp_regout_val = 0;
890 struct ta_metadata *metadata_p;
891 int status;
892
893 status = bl_cmd(adapter, CONFIG_AUTO_READ_MODE, CMD_PASS,
894 "AUTO_READ_CMD");
895 if (status < 0)
896 return status;
897
898 adapter->flash_capacity = read_flash_capacity(adapter);
899 if (adapter->flash_capacity <= 0) {
900 rsi_dbg(ERR_ZONE,
901 "%s: Unable to read flash size from EEPROM\n",
902 __func__);
903 return -EINVAL;
904 }
905
906 metadata_p = &metadata_flash_content[adapter->priv->coex_mode];
907
908 rsi_dbg(INIT_ZONE, "%s: Loading file %s\n", __func__, metadata_p->name);
909 adapter->fw_file_name = metadata_p->name;
910
911 status = request_firmware(&fw_entry, metadata_p->name, adapter->device);
912 if (status < 0) {
913 rsi_dbg(ERR_ZONE, "%s: Failed to open file %s\n",
914 __func__, metadata_p->name);
915 return status;
916 }
917 content_size = fw_entry->size;
918 rsi_dbg(INFO_ZONE, "FW Length = %d bytes\n", content_size);
919
920
921 common->lmac_ver.ver.info.fw_ver[0] =
922 fw_entry->data[LMAC_VER_OFFSET_9113] & 0xFF;
923 common->lmac_ver.ver.info.fw_ver[1] =
924 fw_entry->data[LMAC_VER_OFFSET_9113 + 1] & 0xFF;
925 common->lmac_ver.major =
926 fw_entry->data[LMAC_VER_OFFSET_9113 + 2] & 0xFF;
927 common->lmac_ver.release_num =
928 fw_entry->data[LMAC_VER_OFFSET_9113 + 3] & 0xFF;
929 common->lmac_ver.minor =
930 fw_entry->data[LMAC_VER_OFFSET_9113 + 4] & 0xFF;
931 common->lmac_ver.patch_num = 0;
932 rsi_print_version(common);
933
934 status = bl_write_header(adapter, (u8 *)fw_entry->data, content_size);
935 if (status) {
936 rsi_dbg(ERR_ZONE,
937 "%s: RPS Image header loading failed\n",
938 __func__);
939 goto fail;
940 }
941
942 bl_start_cmd_timer(adapter, BL_CMD_TIMEOUT);
943 status = bl_write_cmd(adapter, CHECK_CRC, CMD_PASS, &tmp_regout_val);
944 if (status) {
945 bl_stop_cmd_timer(adapter);
946 rsi_dbg(ERR_ZONE,
947 "%s: CHECK_CRC Command writing failed..\n",
948 __func__);
949 if ((tmp_regout_val & 0xff) == CMD_FAIL) {
950 rsi_dbg(ERR_ZONE,
951 "CRC Fail.. Proceeding to Upgrade mode\n");
952 goto fw_upgrade;
953 }
954 }
955 bl_stop_cmd_timer(adapter);
956
957 status = bl_cmd(adapter, POLLING_MODE, CMD_PASS, "POLLING_MODE");
958 if (status)
959 goto fail;
960
961 load_image_cmd:
962 status = bl_cmd(adapter, LOAD_HOSTED_FW, LOADING_INITIATED,
963 "LOAD_HOSTED_FW");
964 if (status)
965 goto fail;
966 rsi_dbg(INFO_ZONE, "Load Image command passed..\n");
967 goto success;
968
969 fw_upgrade:
970 status = bl_cmd(adapter, BURN_HOSTED_FW, SEND_RPS_FILE, "FW_UPGRADE");
971 if (status)
972 goto fail;
973
974 rsi_dbg(INFO_ZONE, "Burn Command Pass.. Upgrading the firmware\n");
975
976 status = auto_fw_upgrade(adapter, (u8 *)fw_entry->data, content_size);
977 if (status == 0) {
978 rsi_dbg(ERR_ZONE, "Firmware upgradation Done\n");
979 goto load_image_cmd;
980 }
981 rsi_dbg(ERR_ZONE, "Firmware upgrade failed\n");
982
983 status = bl_cmd(adapter, CONFIG_AUTO_READ_MODE, CMD_PASS,
984 "AUTO_READ_MODE");
985 if (status)
986 goto fail;
987
988 success:
989 rsi_dbg(ERR_ZONE, "***** Firmware Loading successful *****\n");
990 release_firmware(fw_entry);
991 return 0;
992
993 fail:
994 rsi_dbg(ERR_ZONE, "##### Firmware loading failed #####\n");
995 release_firmware(fw_entry);
996 return status;
997 }
998
999 static int rsi_load_9116_firmware(struct rsi_hw *adapter)
1000 {
1001 struct rsi_common *common = adapter->priv;
1002 struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
1003 const struct firmware *fw_entry;
1004 struct ta_metadata *metadata_p;
1005 u8 *ta_firmware, *fw_p;
1006 struct bootload_ds bootload_ds;
1007 u32 instructions_sz, base_address;
1008 u16 block_size = adapter->block_size;
1009 u32 dest, len;
1010 int status, cnt;
1011
1012 rsi_dbg(INIT_ZONE, "***** Load 9116 TA Instructions *****\n");
1013
1014 if (adapter->rsi_host_intf == RSI_HOST_INTF_USB) {
1015 status = bl_cmd(adapter, POLLING_MODE, CMD_PASS,
1016 "POLLING_MODE");
1017 if (status < 0)
1018 return status;
1019 }
1020
1021 status = hif_ops->master_reg_write(adapter, MEM_ACCESS_CTRL_FROM_HOST,
1022 RAM_384K_ACCESS_FROM_TA,
1023 RSI_9116_REG_SIZE);
1024 if (status < 0) {
1025 rsi_dbg(ERR_ZONE, "%s: Unable to access full RAM memory\n",
1026 __func__);
1027 return status;
1028 }
1029
1030 metadata_p = &metadata[adapter->priv->coex_mode];
1031 rsi_dbg(INIT_ZONE, "%s: loading file %s\n", __func__, metadata_p->name);
1032 status = request_firmware(&fw_entry, metadata_p->name, adapter->device);
1033 if (status < 0) {
1034 rsi_dbg(ERR_ZONE, "%s: Failed to open file %s\n",
1035 __func__, metadata_p->name);
1036 return status;
1037 }
1038
1039 ta_firmware = kmemdup(fw_entry->data, fw_entry->size, GFP_KERNEL);
1040 if (!ta_firmware)
1041 goto fail_release_fw;
1042 fw_p = ta_firmware;
1043 instructions_sz = fw_entry->size;
1044 rsi_dbg(INFO_ZONE, "FW Length = %d bytes\n", instructions_sz);
1045
1046 common->lmac_ver.major = ta_firmware[LMAC_VER_OFFSET_9116];
1047 common->lmac_ver.minor = ta_firmware[LMAC_VER_OFFSET_9116 + 1];
1048 common->lmac_ver.release_num = ta_firmware[LMAC_VER_OFFSET_9116 + 2];
1049 common->lmac_ver.patch_num = ta_firmware[LMAC_VER_OFFSET_9116 + 3];
1050 common->lmac_ver.ver.info.fw_ver[0] =
1051 ta_firmware[LMAC_VER_OFFSET_9116 + 4];
1052
1053 if (instructions_sz % FW_ALIGN_SIZE)
1054 instructions_sz +=
1055 (FW_ALIGN_SIZE - (instructions_sz % FW_ALIGN_SIZE));
1056 rsi_dbg(INFO_ZONE, "instructions_sz : %d\n", instructions_sz);
1057
1058 if (*(u16 *)fw_p == RSI_9116_FW_MAGIC_WORD) {
1059 memcpy(&bootload_ds, fw_p, sizeof(struct bootload_ds));
1060 fw_p += le16_to_cpu(bootload_ds.offset);
1061 rsi_dbg(INFO_ZONE, "FW start = %x\n", *(u32 *)fw_p);
1062
1063 cnt = 0;
1064 do {
1065 rsi_dbg(ERR_ZONE, "%s: Loading chunk %d\n",
1066 __func__, cnt);
1067
1068 dest = le32_to_cpu(bootload_ds.bl_entry[cnt].dst_addr);
1069 len = le32_to_cpu(bootload_ds.bl_entry[cnt].control) &
1070 RSI_BL_CTRL_LEN_MASK;
1071 rsi_dbg(INFO_ZONE, "length %d destination %x\n",
1072 len, dest);
1073
1074 status = hif_ops->load_data_master_write(adapter, dest,
1075 len,
1076 block_size,
1077 fw_p);
1078 if (status < 0) {
1079 rsi_dbg(ERR_ZONE,
1080 "Failed to load chunk %d\n", cnt);
1081 break;
1082 }
1083 fw_p += len;
1084 if (le32_to_cpu(bootload_ds.bl_entry[cnt].control) &
1085 RSI_BL_CTRL_LAST_ENTRY)
1086 break;
1087 cnt++;
1088 } while (1);
1089 } else {
1090 base_address = metadata_p->address;
1091 status = hif_ops->load_data_master_write(adapter,
1092 base_address,
1093 instructions_sz,
1094 block_size,
1095 ta_firmware);
1096 }
1097 if (status) {
1098 rsi_dbg(ERR_ZONE,
1099 "%s: Unable to load %s blk\n",
1100 __func__, metadata_p->name);
1101 goto fail_free_fw;
1102 }
1103
1104 rsi_dbg(INIT_ZONE, "%s: Successfully loaded %s instructions\n",
1105 __func__, metadata_p->name);
1106
1107 if (adapter->rsi_host_intf == RSI_HOST_INTF_SDIO) {
1108 if (hif_ops->ta_reset(adapter))
1109 rsi_dbg(ERR_ZONE, "Unable to put ta in reset\n");
1110 } else {
1111 if (bl_cmd(adapter, JUMP_TO_ZERO_PC,
1112 CMD_PASS, "JUMP_TO_ZERO") < 0)
1113 rsi_dbg(INFO_ZONE, "Jump to zero command failed\n");
1114 else
1115 rsi_dbg(INFO_ZONE, "Jump to zero command successful\n");
1116 }
1117
1118 fail_free_fw:
1119 kfree(ta_firmware);
1120 fail_release_fw:
1121 release_firmware(fw_entry);
1122
1123 return status;
1124 }
1125
1126 int rsi_hal_device_init(struct rsi_hw *adapter)
1127 {
1128 struct rsi_common *common = adapter->priv;
1129 int status;
1130
1131 switch (adapter->device_model) {
1132 case RSI_DEV_9113:
1133 status = rsi_hal_prepare_fwload(adapter);
1134 if (status < 0)
1135 return status;
1136 if (rsi_load_9113_firmware(adapter)) {
1137 rsi_dbg(ERR_ZONE,
1138 "%s: Failed to load TA instructions\n",
1139 __func__);
1140 return -EINVAL;
1141 }
1142 break;
1143 case RSI_DEV_9116:
1144 status = rsi_hal_prepare_fwload(adapter);
1145 if (status < 0)
1146 return status;
1147 if (rsi_load_9116_firmware(adapter)) {
1148 rsi_dbg(ERR_ZONE,
1149 "%s: Failed to load firmware to 9116 device\n",
1150 __func__);
1151 return -EINVAL;
1152 }
1153 break;
1154 default:
1155 return -EINVAL;
1156 }
1157 common->fsm_state = FSM_CARD_NOT_READY;
1158
1159 return 0;
1160 }
1161 EXPORT_SYMBOL_GPL(rsi_hal_device_init);
1162