Loading...
1// SPDX-License-Identifier: ISC
2/*
3 * Copyright (c) 2014-2017 Qualcomm Atheros, Inc.
4 */
5
6#include "testmode.h"
7
8#include <net/netlink.h>
9#include <linux/firmware.h>
10
11#include "debug.h"
12#include "wmi.h"
13#include "hif.h"
14#include "hw.h"
15#include "core.h"
16
17#include "testmode_i.h"
18
19static const struct nla_policy ath10k_tm_policy[ATH10K_TM_ATTR_MAX + 1] = {
20 [ATH10K_TM_ATTR_CMD] = { .type = NLA_U32 },
21 [ATH10K_TM_ATTR_DATA] = { .type = NLA_BINARY,
22 .len = ATH10K_TM_DATA_MAX_LEN },
23 [ATH10K_TM_ATTR_WMI_CMDID] = { .type = NLA_U32 },
24 [ATH10K_TM_ATTR_VERSION_MAJOR] = { .type = NLA_U32 },
25 [ATH10K_TM_ATTR_VERSION_MINOR] = { .type = NLA_U32 },
26};
27
28/* Returns true if callee consumes the skb and the skb should be discarded.
29 * Returns false if skb is not used. Does not sleep.
30 */
31bool ath10k_tm_event_wmi(struct ath10k *ar, u32 cmd_id, struct sk_buff *skb)
32{
33 struct sk_buff *nl_skb;
34 bool consumed;
35 int ret;
36
37 ath10k_dbg(ar, ATH10K_DBG_TESTMODE,
38 "testmode event wmi cmd_id %d skb %pK skb->len %d\n",
39 cmd_id, skb, skb->len);
40
41 ath10k_dbg_dump(ar, ATH10K_DBG_TESTMODE, NULL, "", skb->data, skb->len);
42
43 spin_lock_bh(&ar->data_lock);
44
45 if (!ar->testmode.utf_monitor) {
46 consumed = false;
47 goto out;
48 }
49
50 /* Only testmode.c should be handling events from utf firmware,
51 * otherwise all sort of problems will arise as mac80211 operations
52 * are not initialised.
53 */
54 consumed = true;
55
56 nl_skb = cfg80211_testmode_alloc_event_skb(ar->hw->wiphy,
57 2 * sizeof(u32) + skb->len,
58 GFP_ATOMIC);
59 if (!nl_skb) {
60 ath10k_warn(ar,
61 "failed to allocate skb for testmode wmi event\n");
62 goto out;
63 }
64
65 ret = nla_put_u32(nl_skb, ATH10K_TM_ATTR_CMD, ATH10K_TM_CMD_WMI);
66 if (ret) {
67 ath10k_warn(ar,
68 "failed to put testmode wmi event cmd attribute: %d\n",
69 ret);
70 kfree_skb(nl_skb);
71 goto out;
72 }
73
74 ret = nla_put_u32(nl_skb, ATH10K_TM_ATTR_WMI_CMDID, cmd_id);
75 if (ret) {
76 ath10k_warn(ar,
77 "failed to put testmode wmi event cmd_id: %d\n",
78 ret);
79 kfree_skb(nl_skb);
80 goto out;
81 }
82
83 ret = nla_put(nl_skb, ATH10K_TM_ATTR_DATA, skb->len, skb->data);
84 if (ret) {
85 ath10k_warn(ar,
86 "failed to copy skb to testmode wmi event: %d\n",
87 ret);
88 kfree_skb(nl_skb);
89 goto out;
90 }
91
92 cfg80211_testmode_event(nl_skb, GFP_ATOMIC);
93
94out:
95 spin_unlock_bh(&ar->data_lock);
96
97 return consumed;
98}
99
100static int ath10k_tm_cmd_get_version(struct ath10k *ar, struct nlattr *tb[])
101{
102 struct sk_buff *skb;
103 int ret;
104
105 ath10k_dbg(ar, ATH10K_DBG_TESTMODE,
106 "testmode cmd get version_major %d version_minor %d\n",
107 ATH10K_TESTMODE_VERSION_MAJOR,
108 ATH10K_TESTMODE_VERSION_MINOR);
109
110 skb = cfg80211_testmode_alloc_reply_skb(ar->hw->wiphy,
111 nla_total_size(sizeof(u32)));
112 if (!skb)
113 return -ENOMEM;
114
115 ret = nla_put_u32(skb, ATH10K_TM_ATTR_VERSION_MAJOR,
116 ATH10K_TESTMODE_VERSION_MAJOR);
117 if (ret) {
118 kfree_skb(skb);
119 return ret;
120 }
121
122 ret = nla_put_u32(skb, ATH10K_TM_ATTR_VERSION_MINOR,
123 ATH10K_TESTMODE_VERSION_MINOR);
124 if (ret) {
125 kfree_skb(skb);
126 return ret;
127 }
128
129 ret = nla_put_u32(skb, ATH10K_TM_ATTR_WMI_OP_VERSION,
130 ar->normal_mode_fw.fw_file.wmi_op_version);
131 if (ret) {
132 kfree_skb(skb);
133 return ret;
134 }
135
136 return cfg80211_testmode_reply(skb);
137}
138
139static int ath10k_tm_fetch_utf_firmware_api_1(struct ath10k *ar,
140 struct ath10k_fw_file *fw_file)
141{
142 char filename[100];
143 int ret;
144
145 snprintf(filename, sizeof(filename), "%s/%s",
146 ar->hw_params.fw.dir, ATH10K_FW_UTF_FILE);
147
148 /* load utf firmware image */
149 ret = firmware_request_nowarn(&fw_file->firmware, filename, ar->dev);
150 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode fw request '%s': %d\n",
151 filename, ret);
152
153 if (ret) {
154 ath10k_warn(ar, "failed to retrieve utf firmware '%s': %d\n",
155 filename, ret);
156 return ret;
157 }
158
159 /* We didn't find FW UTF API 1 ("utf.bin") does not advertise
160 * firmware features. Do an ugly hack where we force the firmware
161 * features to match with 10.1 branch so that wmi.c will use the
162 * correct WMI interface.
163 */
164
165 fw_file->wmi_op_version = ATH10K_FW_WMI_OP_VERSION_10_1;
166 fw_file->htt_op_version = ATH10K_FW_HTT_OP_VERSION_10_1;
167 fw_file->firmware_data = fw_file->firmware->data;
168 fw_file->firmware_len = fw_file->firmware->size;
169
170 return 0;
171}
172
173static int ath10k_tm_fetch_firmware(struct ath10k *ar)
174{
175 struct ath10k_fw_components *utf_mode_fw;
176 int ret;
177 char fw_name[100];
178 int fw_api2 = 2;
179
180 switch (ar->hif.bus) {
181 case ATH10K_BUS_SDIO:
182 case ATH10K_BUS_USB:
183 scnprintf(fw_name, sizeof(fw_name), "%s-%s-%d.bin",
184 ATH10K_FW_UTF_FILE_BASE, ath10k_bus_str(ar->hif.bus),
185 fw_api2);
186 break;
187 default:
188 scnprintf(fw_name, sizeof(fw_name), "%s-%d.bin",
189 ATH10K_FW_UTF_FILE_BASE, fw_api2);
190 break;
191 }
192
193 ret = ath10k_core_fetch_firmware_api_n(ar, fw_name,
194 &ar->testmode.utf_mode_fw.fw_file);
195 if (ret == 0) {
196 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode using fw utf api 2");
197 goto out;
198 }
199
200 ret = ath10k_tm_fetch_utf_firmware_api_1(ar, &ar->testmode.utf_mode_fw.fw_file);
201 if (ret) {
202 ath10k_err(ar, "failed to fetch utf firmware binary: %d", ret);
203 return ret;
204 }
205
206 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode using utf api 1");
207
208out:
209 utf_mode_fw = &ar->testmode.utf_mode_fw;
210
211 /* Use the same board data file as the normal firmware uses (but
212 * it's still "owned" by normal_mode_fw so we shouldn't free it.
213 */
214 utf_mode_fw->board_data = ar->normal_mode_fw.board_data;
215 utf_mode_fw->board_len = ar->normal_mode_fw.board_len;
216
217 if (!utf_mode_fw->fw_file.otp_data) {
218 ath10k_info(ar, "utf.bin didn't contain otp binary, taking it from the normal mode firmware");
219 utf_mode_fw->fw_file.otp_data = ar->normal_mode_fw.fw_file.otp_data;
220 utf_mode_fw->fw_file.otp_len = ar->normal_mode_fw.fw_file.otp_len;
221 }
222
223 return 0;
224}
225
226static int ath10k_tm_cmd_utf_start(struct ath10k *ar, struct nlattr *tb[])
227{
228 const char *ver;
229 int ret;
230
231 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode cmd utf start\n");
232
233 mutex_lock(&ar->conf_mutex);
234
235 if (ar->state == ATH10K_STATE_UTF) {
236 ret = -EALREADY;
237 goto err;
238 }
239
240 /* start utf only when the driver is not in use */
241 if (ar->state != ATH10K_STATE_OFF) {
242 ret = -EBUSY;
243 goto err;
244 }
245
246 if (WARN_ON(ar->testmode.utf_mode_fw.fw_file.firmware != NULL)) {
247 /* utf image is already downloaded, it shouldn't be */
248 ret = -EEXIST;
249 goto err;
250 }
251
252 ret = ath10k_tm_fetch_firmware(ar);
253 if (ret) {
254 ath10k_err(ar, "failed to fetch UTF firmware: %d", ret);
255 goto err;
256 }
257
258 if (ar->testmode.utf_mode_fw.fw_file.codeswap_data &&
259 ar->testmode.utf_mode_fw.fw_file.codeswap_len) {
260 ret = ath10k_swap_code_seg_init(ar,
261 &ar->testmode.utf_mode_fw.fw_file);
262 if (ret) {
263 ath10k_warn(ar,
264 "failed to init utf code swap segment: %d\n",
265 ret);
266 goto err_release_utf_mode_fw;
267 }
268 }
269
270 spin_lock_bh(&ar->data_lock);
271 ar->testmode.utf_monitor = true;
272 spin_unlock_bh(&ar->data_lock);
273
274 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode wmi version %d\n",
275 ar->testmode.utf_mode_fw.fw_file.wmi_op_version);
276
277 ret = ath10k_hif_power_up(ar, ATH10K_FIRMWARE_MODE_UTF);
278 if (ret) {
279 ath10k_err(ar, "failed to power up hif (testmode): %d\n", ret);
280 ar->state = ATH10K_STATE_OFF;
281 goto err_release_utf_mode_fw;
282 }
283
284 ret = ath10k_core_start(ar, ATH10K_FIRMWARE_MODE_UTF,
285 &ar->testmode.utf_mode_fw);
286 if (ret) {
287 ath10k_err(ar, "failed to start core (testmode): %d\n", ret);
288 ar->state = ATH10K_STATE_OFF;
289 goto err_power_down;
290 }
291
292 ar->state = ATH10K_STATE_UTF;
293
294 if (strlen(ar->testmode.utf_mode_fw.fw_file.fw_version) > 0)
295 ver = ar->testmode.utf_mode_fw.fw_file.fw_version;
296 else
297 ver = "API 1";
298
299 ath10k_info(ar, "UTF firmware %s started\n", ver);
300
301 mutex_unlock(&ar->conf_mutex);
302
303 return 0;
304
305err_power_down:
306 ath10k_hif_power_down(ar);
307
308err_release_utf_mode_fw:
309 if (ar->testmode.utf_mode_fw.fw_file.codeswap_data &&
310 ar->testmode.utf_mode_fw.fw_file.codeswap_len)
311 ath10k_swap_code_seg_release(ar,
312 &ar->testmode.utf_mode_fw.fw_file);
313
314 release_firmware(ar->testmode.utf_mode_fw.fw_file.firmware);
315 ar->testmode.utf_mode_fw.fw_file.firmware = NULL;
316
317err:
318 mutex_unlock(&ar->conf_mutex);
319
320 return ret;
321}
322
323static void __ath10k_tm_cmd_utf_stop(struct ath10k *ar)
324{
325 lockdep_assert_held(&ar->conf_mutex);
326
327 ath10k_core_stop(ar);
328 ath10k_hif_power_down(ar);
329
330 spin_lock_bh(&ar->data_lock);
331
332 ar->testmode.utf_monitor = false;
333
334 spin_unlock_bh(&ar->data_lock);
335
336 if (ar->testmode.utf_mode_fw.fw_file.codeswap_data &&
337 ar->testmode.utf_mode_fw.fw_file.codeswap_len)
338 ath10k_swap_code_seg_release(ar,
339 &ar->testmode.utf_mode_fw.fw_file);
340
341 release_firmware(ar->testmode.utf_mode_fw.fw_file.firmware);
342 ar->testmode.utf_mode_fw.fw_file.firmware = NULL;
343
344 ar->state = ATH10K_STATE_OFF;
345}
346
347static int ath10k_tm_cmd_utf_stop(struct ath10k *ar, struct nlattr *tb[])
348{
349 int ret;
350
351 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode cmd utf stop\n");
352
353 mutex_lock(&ar->conf_mutex);
354
355 if (ar->state != ATH10K_STATE_UTF) {
356 ret = -ENETDOWN;
357 goto out;
358 }
359
360 __ath10k_tm_cmd_utf_stop(ar);
361
362 ret = 0;
363
364 ath10k_info(ar, "UTF firmware stopped\n");
365
366out:
367 mutex_unlock(&ar->conf_mutex);
368 return ret;
369}
370
371static int ath10k_tm_cmd_wmi(struct ath10k *ar, struct nlattr *tb[])
372{
373 struct sk_buff *skb;
374 int ret, buf_len;
375 u32 cmd_id;
376 void *buf;
377
378 mutex_lock(&ar->conf_mutex);
379
380 if (ar->state != ATH10K_STATE_UTF) {
381 ret = -ENETDOWN;
382 goto out;
383 }
384
385 if (!tb[ATH10K_TM_ATTR_DATA]) {
386 ret = -EINVAL;
387 goto out;
388 }
389
390 if (!tb[ATH10K_TM_ATTR_WMI_CMDID]) {
391 ret = -EINVAL;
392 goto out;
393 }
394
395 buf = nla_data(tb[ATH10K_TM_ATTR_DATA]);
396 buf_len = nla_len(tb[ATH10K_TM_ATTR_DATA]);
397 cmd_id = nla_get_u32(tb[ATH10K_TM_ATTR_WMI_CMDID]);
398
399 ath10k_dbg(ar, ATH10K_DBG_TESTMODE,
400 "testmode cmd wmi cmd_id %d buf %pK buf_len %d\n",
401 cmd_id, buf, buf_len);
402
403 ath10k_dbg_dump(ar, ATH10K_DBG_TESTMODE, NULL, "", buf, buf_len);
404
405 skb = ath10k_wmi_alloc_skb(ar, buf_len);
406 if (!skb) {
407 ret = -ENOMEM;
408 goto out;
409 }
410
411 memcpy(skb->data, buf, buf_len);
412
413 ret = ath10k_wmi_cmd_send(ar, skb, cmd_id);
414 if (ret) {
415 ath10k_warn(ar, "failed to transmit wmi command (testmode): %d\n",
416 ret);
417 goto out;
418 }
419
420 ret = 0;
421
422out:
423 mutex_unlock(&ar->conf_mutex);
424 return ret;
425}
426
427int ath10k_tm_cmd(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
428 void *data, int len)
429{
430 struct ath10k *ar = hw->priv;
431 struct nlattr *tb[ATH10K_TM_ATTR_MAX + 1];
432 int ret;
433
434 ret = nla_parse_deprecated(tb, ATH10K_TM_ATTR_MAX, data, len,
435 ath10k_tm_policy, NULL);
436 if (ret)
437 return ret;
438
439 if (!tb[ATH10K_TM_ATTR_CMD])
440 return -EINVAL;
441
442 switch (nla_get_u32(tb[ATH10K_TM_ATTR_CMD])) {
443 case ATH10K_TM_CMD_GET_VERSION:
444 return ath10k_tm_cmd_get_version(ar, tb);
445 case ATH10K_TM_CMD_UTF_START:
446 return ath10k_tm_cmd_utf_start(ar, tb);
447 case ATH10K_TM_CMD_UTF_STOP:
448 return ath10k_tm_cmd_utf_stop(ar, tb);
449 case ATH10K_TM_CMD_WMI:
450 return ath10k_tm_cmd_wmi(ar, tb);
451 default:
452 return -EOPNOTSUPP;
453 }
454}
455
456void ath10k_testmode_destroy(struct ath10k *ar)
457{
458 mutex_lock(&ar->conf_mutex);
459
460 if (ar->state != ATH10K_STATE_UTF) {
461 /* utf firmware is not running, nothing to do */
462 goto out;
463 }
464
465 __ath10k_tm_cmd_utf_stop(ar);
466
467out:
468 mutex_unlock(&ar->conf_mutex);
469}
1/*
2 * Copyright (c) 2014 Qualcomm Atheros, Inc.
3 *
4 * Permission to use, copy, modify, and/or distribute this software for any
5 * purpose with or without fee is hereby granted, provided that the above
6 * copyright notice and this permission notice appear in all copies.
7 *
8 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15 */
16
17#include "testmode.h"
18
19#include <net/netlink.h>
20#include <linux/firmware.h>
21
22#include "debug.h"
23#include "wmi.h"
24#include "hif.h"
25#include "hw.h"
26
27#include "testmode_i.h"
28
29static const struct nla_policy ath10k_tm_policy[ATH10K_TM_ATTR_MAX + 1] = {
30 [ATH10K_TM_ATTR_CMD] = { .type = NLA_U32 },
31 [ATH10K_TM_ATTR_DATA] = { .type = NLA_BINARY,
32 .len = ATH10K_TM_DATA_MAX_LEN },
33 [ATH10K_TM_ATTR_WMI_CMDID] = { .type = NLA_U32 },
34 [ATH10K_TM_ATTR_VERSION_MAJOR] = { .type = NLA_U32 },
35 [ATH10K_TM_ATTR_VERSION_MINOR] = { .type = NLA_U32 },
36};
37
38/* Returns true if callee consumes the skb and the skb should be discarded.
39 * Returns false if skb is not used. Does not sleep.
40 */
41bool ath10k_tm_event_wmi(struct ath10k *ar, u32 cmd_id, struct sk_buff *skb)
42{
43 struct sk_buff *nl_skb;
44 bool consumed;
45 int ret;
46
47 ath10k_dbg(ar, ATH10K_DBG_TESTMODE,
48 "testmode event wmi cmd_id %d skb %p skb->len %d\n",
49 cmd_id, skb, skb->len);
50
51 ath10k_dbg_dump(ar, ATH10K_DBG_TESTMODE, NULL, "", skb->data, skb->len);
52
53 spin_lock_bh(&ar->data_lock);
54
55 if (!ar->testmode.utf_monitor) {
56 consumed = false;
57 goto out;
58 }
59
60 /* Only testmode.c should be handling events from utf firmware,
61 * otherwise all sort of problems will arise as mac80211 operations
62 * are not initialised.
63 */
64 consumed = true;
65
66 nl_skb = cfg80211_testmode_alloc_event_skb(ar->hw->wiphy,
67 2 * sizeof(u32) + skb->len,
68 GFP_ATOMIC);
69 if (!nl_skb) {
70 ath10k_warn(ar,
71 "failed to allocate skb for testmode wmi event\n");
72 goto out;
73 }
74
75 ret = nla_put_u32(nl_skb, ATH10K_TM_ATTR_CMD, ATH10K_TM_CMD_WMI);
76 if (ret) {
77 ath10k_warn(ar,
78 "failed to to put testmode wmi event cmd attribute: %d\n",
79 ret);
80 kfree_skb(nl_skb);
81 goto out;
82 }
83
84 ret = nla_put_u32(nl_skb, ATH10K_TM_ATTR_WMI_CMDID, cmd_id);
85 if (ret) {
86 ath10k_warn(ar,
87 "failed to to put testmode wmi even cmd_id: %d\n",
88 ret);
89 kfree_skb(nl_skb);
90 goto out;
91 }
92
93 ret = nla_put(nl_skb, ATH10K_TM_ATTR_DATA, skb->len, skb->data);
94 if (ret) {
95 ath10k_warn(ar,
96 "failed to copy skb to testmode wmi event: %d\n",
97 ret);
98 kfree_skb(nl_skb);
99 goto out;
100 }
101
102 cfg80211_testmode_event(nl_skb, GFP_ATOMIC);
103
104out:
105 spin_unlock_bh(&ar->data_lock);
106
107 return consumed;
108}
109
110static int ath10k_tm_cmd_get_version(struct ath10k *ar, struct nlattr *tb[])
111{
112 struct sk_buff *skb;
113 int ret;
114
115 ath10k_dbg(ar, ATH10K_DBG_TESTMODE,
116 "testmode cmd get version_major %d version_minor %d\n",
117 ATH10K_TESTMODE_VERSION_MAJOR,
118 ATH10K_TESTMODE_VERSION_MINOR);
119
120 skb = cfg80211_testmode_alloc_reply_skb(ar->hw->wiphy,
121 nla_total_size(sizeof(u32)));
122 if (!skb)
123 return -ENOMEM;
124
125 ret = nla_put_u32(skb, ATH10K_TM_ATTR_VERSION_MAJOR,
126 ATH10K_TESTMODE_VERSION_MAJOR);
127 if (ret) {
128 kfree_skb(skb);
129 return ret;
130 }
131
132 ret = nla_put_u32(skb, ATH10K_TM_ATTR_VERSION_MINOR,
133 ATH10K_TESTMODE_VERSION_MINOR);
134 if (ret) {
135 kfree_skb(skb);
136 return ret;
137 }
138
139 return cfg80211_testmode_reply(skb);
140}
141
142static int ath10k_tm_fetch_utf_firmware_api_2(struct ath10k *ar)
143{
144 size_t len, magic_len, ie_len;
145 struct ath10k_fw_ie *hdr;
146 char filename[100];
147 __le32 *version;
148 const u8 *data;
149 int ie_id, ret;
150
151 snprintf(filename, sizeof(filename), "%s/%s",
152 ar->hw_params.fw.dir, ATH10K_FW_UTF_API2_FILE);
153
154 /* load utf firmware image */
155 ret = request_firmware(&ar->testmode.utf, filename, ar->dev);
156 if (ret) {
157 ath10k_warn(ar, "failed to retrieve utf firmware '%s': %d\n",
158 filename, ret);
159 return ret;
160 }
161
162 data = ar->testmode.utf->data;
163 len = ar->testmode.utf->size;
164
165 /* FIXME: call release_firmware() in error cases */
166
167 /* magic also includes the null byte, check that as well */
168 magic_len = strlen(ATH10K_FIRMWARE_MAGIC) + 1;
169
170 if (len < magic_len) {
171 ath10k_err(ar, "utf firmware file is too small to contain magic\n");
172 ret = -EINVAL;
173 goto err;
174 }
175
176 if (memcmp(data, ATH10K_FIRMWARE_MAGIC, magic_len) != 0) {
177 ath10k_err(ar, "invalid firmware magic\n");
178 ret = -EINVAL;
179 goto err;
180 }
181
182 /* jump over the padding */
183 magic_len = ALIGN(magic_len, 4);
184
185 len -= magic_len;
186 data += magic_len;
187
188 /* loop elements */
189 while (len > sizeof(struct ath10k_fw_ie)) {
190 hdr = (struct ath10k_fw_ie *)data;
191
192 ie_id = le32_to_cpu(hdr->id);
193 ie_len = le32_to_cpu(hdr->len);
194
195 len -= sizeof(*hdr);
196 data += sizeof(*hdr);
197
198 if (len < ie_len) {
199 ath10k_err(ar, "invalid length for FW IE %d (%zu < %zu)\n",
200 ie_id, len, ie_len);
201 ret = -EINVAL;
202 goto err;
203 }
204
205 switch (ie_id) {
206 case ATH10K_FW_IE_FW_VERSION:
207 if (ie_len > sizeof(ar->testmode.utf_version) - 1)
208 break;
209
210 memcpy(ar->testmode.utf_version, data, ie_len);
211 ar->testmode.utf_version[ie_len] = '\0';
212
213 ath10k_dbg(ar, ATH10K_DBG_TESTMODE,
214 "testmode found fw utf version %s\n",
215 ar->testmode.utf_version);
216 break;
217 case ATH10K_FW_IE_TIMESTAMP:
218 /* ignore timestamp, but don't warn about it either */
219 break;
220 case ATH10K_FW_IE_FW_IMAGE:
221 ath10k_dbg(ar, ATH10K_DBG_TESTMODE,
222 "testmode found fw image ie (%zd B)\n",
223 ie_len);
224
225 ar->testmode.utf_firmware_data = data;
226 ar->testmode.utf_firmware_len = ie_len;
227 break;
228 case ATH10K_FW_IE_WMI_OP_VERSION:
229 if (ie_len != sizeof(u32))
230 break;
231 version = (__le32 *)data;
232 ar->testmode.op_version = le32_to_cpup(version);
233 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode found fw ie wmi op version %d\n",
234 ar->testmode.op_version);
235 break;
236 default:
237 ath10k_warn(ar, "Unknown testmode FW IE: %u\n",
238 le32_to_cpu(hdr->id));
239 break;
240 }
241 /* jump over the padding */
242 ie_len = ALIGN(ie_len, 4);
243
244 len -= ie_len;
245 data += ie_len;
246 }
247
248 if (!ar->testmode.utf_firmware_data || !ar->testmode.utf_firmware_len) {
249 ath10k_err(ar, "No ATH10K_FW_IE_FW_IMAGE found\n");
250 ret = -EINVAL;
251 goto err;
252 }
253
254 return 0;
255
256err:
257 release_firmware(ar->testmode.utf);
258
259 return ret;
260}
261
262static int ath10k_tm_fetch_utf_firmware_api_1(struct ath10k *ar)
263{
264 char filename[100];
265 int ret;
266
267 snprintf(filename, sizeof(filename), "%s/%s",
268 ar->hw_params.fw.dir, ATH10K_FW_UTF_FILE);
269
270 /* load utf firmware image */
271 ret = request_firmware(&ar->testmode.utf, filename, ar->dev);
272 if (ret) {
273 ath10k_warn(ar, "failed to retrieve utf firmware '%s': %d\n",
274 filename, ret);
275 return ret;
276 }
277
278 /* We didn't find FW UTF API 1 ("utf.bin") does not advertise
279 * firmware features. Do an ugly hack where we force the firmware
280 * features to match with 10.1 branch so that wmi.c will use the
281 * correct WMI interface.
282 */
283
284 ar->testmode.op_version = ATH10K_FW_WMI_OP_VERSION_10_1;
285 ar->testmode.utf_firmware_data = ar->testmode.utf->data;
286 ar->testmode.utf_firmware_len = ar->testmode.utf->size;
287
288 return 0;
289}
290
291static int ath10k_tm_fetch_firmware(struct ath10k *ar)
292{
293 int ret;
294
295 ret = ath10k_tm_fetch_utf_firmware_api_2(ar);
296 if (ret == 0) {
297 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode using fw utf api 2");
298 return 0;
299 }
300
301 ret = ath10k_tm_fetch_utf_firmware_api_1(ar);
302 if (ret) {
303 ath10k_err(ar, "failed to fetch utf firmware binary: %d", ret);
304 return ret;
305 }
306
307 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode using utf api 1");
308
309 return 0;
310}
311
312static int ath10k_tm_cmd_utf_start(struct ath10k *ar, struct nlattr *tb[])
313{
314 const char *ver;
315 int ret;
316
317 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode cmd utf start\n");
318
319 mutex_lock(&ar->conf_mutex);
320
321 if (ar->state == ATH10K_STATE_UTF) {
322 ret = -EALREADY;
323 goto err;
324 }
325
326 /* start utf only when the driver is not in use */
327 if (ar->state != ATH10K_STATE_OFF) {
328 ret = -EBUSY;
329 goto err;
330 }
331
332 if (WARN_ON(ar->testmode.utf != NULL)) {
333 /* utf image is already downloaded, it shouldn't be */
334 ret = -EEXIST;
335 goto err;
336 }
337
338 ret = ath10k_tm_fetch_firmware(ar);
339 if (ret) {
340 ath10k_err(ar, "failed to fetch UTF firmware: %d", ret);
341 goto err;
342 }
343
344 spin_lock_bh(&ar->data_lock);
345 ar->testmode.utf_monitor = true;
346 spin_unlock_bh(&ar->data_lock);
347 BUILD_BUG_ON(sizeof(ar->fw_features) !=
348 sizeof(ar->testmode.orig_fw_features));
349
350 memcpy(ar->testmode.orig_fw_features, ar->fw_features,
351 sizeof(ar->fw_features));
352 ar->testmode.orig_wmi_op_version = ar->wmi.op_version;
353 memset(ar->fw_features, 0, sizeof(ar->fw_features));
354
355 ar->wmi.op_version = ar->testmode.op_version;
356
357 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode wmi version %d\n",
358 ar->wmi.op_version);
359
360 ret = ath10k_hif_power_up(ar);
361 if (ret) {
362 ath10k_err(ar, "failed to power up hif (testmode): %d\n", ret);
363 ar->state = ATH10K_STATE_OFF;
364 goto err_fw_features;
365 }
366
367 ret = ath10k_core_start(ar, ATH10K_FIRMWARE_MODE_UTF);
368 if (ret) {
369 ath10k_err(ar, "failed to start core (testmode): %d\n", ret);
370 ar->state = ATH10K_STATE_OFF;
371 goto err_power_down;
372 }
373
374 ar->state = ATH10K_STATE_UTF;
375
376 if (strlen(ar->testmode.utf_version) > 0)
377 ver = ar->testmode.utf_version;
378 else
379 ver = "API 1";
380
381 ath10k_info(ar, "UTF firmware %s started\n", ver);
382
383 mutex_unlock(&ar->conf_mutex);
384
385 return 0;
386
387err_power_down:
388 ath10k_hif_power_down(ar);
389
390err_fw_features:
391 /* return the original firmware features */
392 memcpy(ar->fw_features, ar->testmode.orig_fw_features,
393 sizeof(ar->fw_features));
394 ar->wmi.op_version = ar->testmode.orig_wmi_op_version;
395
396 release_firmware(ar->testmode.utf);
397 ar->testmode.utf = NULL;
398
399err:
400 mutex_unlock(&ar->conf_mutex);
401
402 return ret;
403}
404
405static void __ath10k_tm_cmd_utf_stop(struct ath10k *ar)
406{
407 lockdep_assert_held(&ar->conf_mutex);
408
409 ath10k_core_stop(ar);
410 ath10k_hif_power_down(ar);
411
412 spin_lock_bh(&ar->data_lock);
413
414 ar->testmode.utf_monitor = false;
415
416 spin_unlock_bh(&ar->data_lock);
417
418 /* return the original firmware features */
419 memcpy(ar->fw_features, ar->testmode.orig_fw_features,
420 sizeof(ar->fw_features));
421 ar->wmi.op_version = ar->testmode.orig_wmi_op_version;
422
423 release_firmware(ar->testmode.utf);
424 ar->testmode.utf = NULL;
425
426 ar->state = ATH10K_STATE_OFF;
427}
428
429static int ath10k_tm_cmd_utf_stop(struct ath10k *ar, struct nlattr *tb[])
430{
431 int ret;
432
433 ath10k_dbg(ar, ATH10K_DBG_TESTMODE, "testmode cmd utf stop\n");
434
435 mutex_lock(&ar->conf_mutex);
436
437 if (ar->state != ATH10K_STATE_UTF) {
438 ret = -ENETDOWN;
439 goto out;
440 }
441
442 __ath10k_tm_cmd_utf_stop(ar);
443
444 ret = 0;
445
446 ath10k_info(ar, "UTF firmware stopped\n");
447
448out:
449 mutex_unlock(&ar->conf_mutex);
450 return ret;
451}
452
453static int ath10k_tm_cmd_wmi(struct ath10k *ar, struct nlattr *tb[])
454{
455 struct sk_buff *skb;
456 int ret, buf_len;
457 u32 cmd_id;
458 void *buf;
459
460 mutex_lock(&ar->conf_mutex);
461
462 if (ar->state != ATH10K_STATE_UTF) {
463 ret = -ENETDOWN;
464 goto out;
465 }
466
467 if (!tb[ATH10K_TM_ATTR_DATA]) {
468 ret = -EINVAL;
469 goto out;
470 }
471
472 if (!tb[ATH10K_TM_ATTR_WMI_CMDID]) {
473 ret = -EINVAL;
474 goto out;
475 }
476
477 buf = nla_data(tb[ATH10K_TM_ATTR_DATA]);
478 buf_len = nla_len(tb[ATH10K_TM_ATTR_DATA]);
479 cmd_id = nla_get_u32(tb[ATH10K_TM_ATTR_WMI_CMDID]);
480
481 ath10k_dbg(ar, ATH10K_DBG_TESTMODE,
482 "testmode cmd wmi cmd_id %d buf %p buf_len %d\n",
483 cmd_id, buf, buf_len);
484
485 ath10k_dbg_dump(ar, ATH10K_DBG_TESTMODE, NULL, "", buf, buf_len);
486
487 skb = ath10k_wmi_alloc_skb(ar, buf_len);
488 if (!skb) {
489 ret = -ENOMEM;
490 goto out;
491 }
492
493 memcpy(skb->data, buf, buf_len);
494
495 ret = ath10k_wmi_cmd_send(ar, skb, cmd_id);
496 if (ret) {
497 ath10k_warn(ar, "failed to transmit wmi command (testmode): %d\n",
498 ret);
499 goto out;
500 }
501
502 ret = 0;
503
504out:
505 mutex_unlock(&ar->conf_mutex);
506 return ret;
507}
508
509int ath10k_tm_cmd(struct ieee80211_hw *hw, struct ieee80211_vif *vif,
510 void *data, int len)
511{
512 struct ath10k *ar = hw->priv;
513 struct nlattr *tb[ATH10K_TM_ATTR_MAX + 1];
514 int ret;
515
516 ret = nla_parse(tb, ATH10K_TM_ATTR_MAX, data, len,
517 ath10k_tm_policy);
518 if (ret)
519 return ret;
520
521 if (!tb[ATH10K_TM_ATTR_CMD])
522 return -EINVAL;
523
524 switch (nla_get_u32(tb[ATH10K_TM_ATTR_CMD])) {
525 case ATH10K_TM_CMD_GET_VERSION:
526 return ath10k_tm_cmd_get_version(ar, tb);
527 case ATH10K_TM_CMD_UTF_START:
528 return ath10k_tm_cmd_utf_start(ar, tb);
529 case ATH10K_TM_CMD_UTF_STOP:
530 return ath10k_tm_cmd_utf_stop(ar, tb);
531 case ATH10K_TM_CMD_WMI:
532 return ath10k_tm_cmd_wmi(ar, tb);
533 default:
534 return -EOPNOTSUPP;
535 }
536}
537
538void ath10k_testmode_destroy(struct ath10k *ar)
539{
540 mutex_lock(&ar->conf_mutex);
541
542 if (ar->state != ATH10K_STATE_UTF) {
543 /* utf firmware is not running, nothing to do */
544 goto out;
545 }
546
547 __ath10k_tm_cmd_utf_stop(ar);
548
549out:
550 mutex_unlock(&ar->conf_mutex);
551}