Loading...
1// SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
2/*
3 * Copyright (C) 2005-2014, 2018-2023 Intel Corporation
4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH
5 * Copyright (C) 2016-2017 Intel Deutschland GmbH
6 */
7#include <linux/completion.h>
8#include <linux/dma-mapping.h>
9#include <linux/firmware.h>
10#include <linux/module.h>
11#include <linux/vmalloc.h>
12
13#include "iwl-drv.h"
14#include "iwl-csr.h"
15#include "iwl-debug.h"
16#include "iwl-trans.h"
17#include "iwl-op-mode.h"
18#include "iwl-agn-hw.h"
19#include "fw/img.h"
20#include "iwl-dbg-tlv.h"
21#include "iwl-config.h"
22#include "iwl-modparams.h"
23#include "fw/api/alive.h"
24#include "fw/api/mac.h"
25
26/******************************************************************************
27 *
28 * module boiler plate
29 *
30 ******************************************************************************/
31
32#define DRV_DESCRIPTION "Intel(R) Wireless WiFi driver for Linux"
33MODULE_DESCRIPTION(DRV_DESCRIPTION);
34MODULE_LICENSE("GPL");
35
36#ifdef CONFIG_IWLWIFI_DEBUGFS
37static struct dentry *iwl_dbgfs_root;
38#endif
39
40/**
41 * struct iwl_drv - drv common data
42 * @list: list of drv structures using this opmode
43 * @fw: the iwl_fw structure
44 * @op_mode: the running op_mode
45 * @trans: transport layer
46 * @dev: for debug prints only
47 * @fw_index: firmware revision to try loading
48 * @firmware_name: composite filename of ucode file to load
49 * @request_firmware_complete: the firmware has been obtained from user space
50 * @dbgfs_drv: debugfs root directory entry
51 * @dbgfs_trans: debugfs transport directory entry
52 * @dbgfs_op_mode: debugfs op_mode directory entry
53 */
54struct iwl_drv {
55 struct list_head list;
56 struct iwl_fw fw;
57
58 struct iwl_op_mode *op_mode;
59 struct iwl_trans *trans;
60 struct device *dev;
61
62 int fw_index; /* firmware we're trying to load */
63 char firmware_name[64]; /* name of firmware file to load */
64
65 struct completion request_firmware_complete;
66
67#ifdef CONFIG_IWLWIFI_DEBUGFS
68 struct dentry *dbgfs_drv;
69 struct dentry *dbgfs_trans;
70 struct dentry *dbgfs_op_mode;
71#endif
72};
73
74enum {
75 DVM_OP_MODE,
76 MVM_OP_MODE,
77};
78
79/* Protects the table contents, i.e. the ops pointer & drv list */
80static DEFINE_MUTEX(iwlwifi_opmode_table_mtx);
81static struct iwlwifi_opmode_table {
82 const char *name; /* name: iwldvm, iwlmvm, etc */
83 const struct iwl_op_mode_ops *ops; /* pointer to op_mode ops */
84 struct list_head drv; /* list of devices using this op_mode */
85} iwlwifi_opmode_table[] = { /* ops set when driver is initialized */
86 [DVM_OP_MODE] = { .name = "iwldvm", .ops = NULL },
87 [MVM_OP_MODE] = { .name = "iwlmvm", .ops = NULL },
88};
89
90#define IWL_DEFAULT_SCAN_CHANNELS 40
91
92/*
93 * struct fw_sec: Just for the image parsing process.
94 * For the fw storage we are using struct fw_desc.
95 */
96struct fw_sec {
97 const void *data; /* the sec data */
98 size_t size; /* section size */
99 u32 offset; /* offset of writing in the device */
100};
101
102static void iwl_free_fw_desc(struct iwl_drv *drv, struct fw_desc *desc)
103{
104 vfree(desc->data);
105 desc->data = NULL;
106 desc->len = 0;
107}
108
109static void iwl_free_fw_img(struct iwl_drv *drv, struct fw_img *img)
110{
111 int i;
112 for (i = 0; i < img->num_sec; i++)
113 iwl_free_fw_desc(drv, &img->sec[i]);
114 kfree(img->sec);
115}
116
117static void iwl_dealloc_ucode(struct iwl_drv *drv)
118{
119 int i;
120
121 kfree(drv->fw.dbg.dest_tlv);
122 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.conf_tlv); i++)
123 kfree(drv->fw.dbg.conf_tlv[i]);
124 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.trigger_tlv); i++)
125 kfree(drv->fw.dbg.trigger_tlv[i]);
126 kfree(drv->fw.dbg.mem_tlv);
127 kfree(drv->fw.iml);
128 kfree(drv->fw.ucode_capa.cmd_versions);
129 kfree(drv->fw.phy_integration_ver);
130 kfree(drv->trans->dbg.pc_data);
131 drv->trans->dbg.pc_data = NULL;
132
133 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++)
134 iwl_free_fw_img(drv, drv->fw.img + i);
135
136 /* clear the data for the aborted load case */
137 memset(&drv->fw, 0, sizeof(drv->fw));
138}
139
140static int iwl_alloc_fw_desc(struct iwl_drv *drv, struct fw_desc *desc,
141 struct fw_sec *sec)
142{
143 void *data;
144
145 desc->data = NULL;
146
147 if (!sec || !sec->size)
148 return -EINVAL;
149
150 data = vmalloc(sec->size);
151 if (!data)
152 return -ENOMEM;
153
154 desc->len = sec->size;
155 desc->offset = sec->offset;
156 memcpy(data, sec->data, desc->len);
157 desc->data = data;
158
159 return 0;
160}
161
162static inline char iwl_drv_get_step(int step)
163{
164 if (step == SILICON_Z_STEP)
165 return 'z';
166 if (step == SILICON_TC_STEP)
167 return 'a';
168 return 'a' + step;
169}
170
171const char *iwl_drv_get_fwname_pre(struct iwl_trans *trans, char *buf)
172{
173 char mac_step, rf_step;
174 const char *rf, *cdb;
175
176 if (trans->cfg->fw_name_pre)
177 return trans->cfg->fw_name_pre;
178
179 if (WARN_ON(!trans->cfg->fw_name_mac))
180 return "unconfigured";
181
182 mac_step = iwl_drv_get_step(trans->hw_rev_step);
183
184 rf_step = iwl_drv_get_step(CSR_HW_RFID_STEP(trans->hw_rf_id));
185
186 switch (CSR_HW_RFID_TYPE(trans->hw_rf_id)) {
187 case IWL_CFG_RF_TYPE_HR1:
188 case IWL_CFG_RF_TYPE_HR2:
189 rf = "hr";
190 break;
191 case IWL_CFG_RF_TYPE_GF:
192 rf = "gf";
193 break;
194 case IWL_CFG_RF_TYPE_MR:
195 rf = "mr";
196 break;
197 case IWL_CFG_RF_TYPE_MS:
198 rf = "ms";
199 break;
200 case IWL_CFG_RF_TYPE_FM:
201 rf = "fm";
202 break;
203 case IWL_CFG_RF_TYPE_WH:
204 if (SILICON_Z_STEP ==
205 CSR_HW_RFID_STEP(trans->hw_rf_id)) {
206 rf = "whtc";
207 rf_step = 'a';
208 } else {
209 rf = "wh";
210 }
211 break;
212 default:
213 return "unknown-rf";
214 }
215
216 cdb = CSR_HW_RFID_IS_CDB(trans->hw_rf_id) ? "4" : "";
217
218 scnprintf(buf, FW_NAME_PRE_BUFSIZE,
219 "iwlwifi-%s-%c0-%s%s-%c0",
220 trans->cfg->fw_name_mac, mac_step,
221 rf, cdb, rf_step);
222
223 return buf;
224}
225IWL_EXPORT_SYMBOL(iwl_drv_get_fwname_pre);
226
227static void iwl_req_fw_callback(const struct firmware *ucode_raw,
228 void *context);
229
230static int iwl_request_firmware(struct iwl_drv *drv, bool first)
231{
232 const struct iwl_cfg *cfg = drv->trans->cfg;
233 char _fw_name_pre[FW_NAME_PRE_BUFSIZE];
234 const char *fw_name_pre;
235
236 if (drv->trans->trans_cfg->device_family == IWL_DEVICE_FAMILY_9000 &&
237 (drv->trans->hw_rev_step != SILICON_B_STEP &&
238 drv->trans->hw_rev_step != SILICON_C_STEP)) {
239 IWL_ERR(drv,
240 "Only HW steps B and C are currently supported (0x%0x)\n",
241 drv->trans->hw_rev);
242 return -EINVAL;
243 }
244
245 fw_name_pre = iwl_drv_get_fwname_pre(drv->trans, _fw_name_pre);
246
247 if (first)
248 drv->fw_index = cfg->ucode_api_max;
249 else
250 drv->fw_index--;
251
252 if (drv->fw_index < cfg->ucode_api_min) {
253 IWL_ERR(drv, "no suitable firmware found!\n");
254
255 if (cfg->ucode_api_min == cfg->ucode_api_max) {
256 IWL_ERR(drv, "%s-%d is required\n", fw_name_pre,
257 cfg->ucode_api_max);
258 } else {
259 IWL_ERR(drv, "minimum version required: %s-%d\n",
260 fw_name_pre, cfg->ucode_api_min);
261 IWL_ERR(drv, "maximum version supported: %s-%d\n",
262 fw_name_pre, cfg->ucode_api_max);
263 }
264
265 IWL_ERR(drv,
266 "check git://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git\n");
267 return -ENOENT;
268 }
269
270 snprintf(drv->firmware_name, sizeof(drv->firmware_name), "%s-%d.ucode",
271 fw_name_pre, drv->fw_index);
272
273 IWL_DEBUG_FW_INFO(drv, "attempting to load firmware '%s'\n",
274 drv->firmware_name);
275
276 return request_firmware_nowait(THIS_MODULE, 1, drv->firmware_name,
277 drv->trans->dev,
278 GFP_KERNEL, drv, iwl_req_fw_callback);
279}
280
281struct fw_img_parsing {
282 struct fw_sec *sec;
283 int sec_counter;
284};
285
286/*
287 * struct fw_sec_parsing: to extract fw section and it's offset from tlv
288 */
289struct fw_sec_parsing {
290 __le32 offset;
291 const u8 data[];
292} __packed;
293
294/**
295 * struct iwl_tlv_calib_data - parse the default calib data from TLV
296 *
297 * @ucode_type: the uCode to which the following default calib relates.
298 * @calib: default calibrations.
299 */
300struct iwl_tlv_calib_data {
301 __le32 ucode_type;
302 struct iwl_tlv_calib_ctrl calib;
303} __packed;
304
305struct iwl_firmware_pieces {
306 struct fw_img_parsing img[IWL_UCODE_TYPE_MAX];
307
308 u32 init_evtlog_ptr, init_evtlog_size, init_errlog_ptr;
309 u32 inst_evtlog_ptr, inst_evtlog_size, inst_errlog_ptr;
310
311 /* FW debug data parsed for driver usage */
312 bool dbg_dest_tlv_init;
313 const u8 *dbg_dest_ver;
314 union {
315 const struct iwl_fw_dbg_dest_tlv *dbg_dest_tlv;
316 const struct iwl_fw_dbg_dest_tlv_v1 *dbg_dest_tlv_v1;
317 };
318 const struct iwl_fw_dbg_conf_tlv *dbg_conf_tlv[FW_DBG_CONF_MAX];
319 size_t dbg_conf_tlv_len[FW_DBG_CONF_MAX];
320 const struct iwl_fw_dbg_trigger_tlv *dbg_trigger_tlv[FW_DBG_TRIGGER_MAX];
321 size_t dbg_trigger_tlv_len[FW_DBG_TRIGGER_MAX];
322 struct iwl_fw_dbg_mem_seg_tlv *dbg_mem_tlv;
323 size_t n_mem_tlv;
324};
325
326/*
327 * These functions are just to extract uCode section data from the pieces
328 * structure.
329 */
330static struct fw_sec *get_sec(struct iwl_firmware_pieces *pieces,
331 enum iwl_ucode_type type,
332 int sec)
333{
334 return &pieces->img[type].sec[sec];
335}
336
337static void alloc_sec_data(struct iwl_firmware_pieces *pieces,
338 enum iwl_ucode_type type,
339 int sec)
340{
341 struct fw_img_parsing *img = &pieces->img[type];
342 struct fw_sec *sec_memory;
343 int size = sec + 1;
344 size_t alloc_size = sizeof(*img->sec) * size;
345
346 if (img->sec && img->sec_counter >= size)
347 return;
348
349 sec_memory = krealloc(img->sec, alloc_size, GFP_KERNEL);
350 if (!sec_memory)
351 return;
352
353 img->sec = sec_memory;
354 img->sec_counter = size;
355}
356
357static void set_sec_data(struct iwl_firmware_pieces *pieces,
358 enum iwl_ucode_type type,
359 int sec,
360 const void *data)
361{
362 alloc_sec_data(pieces, type, sec);
363
364 pieces->img[type].sec[sec].data = data;
365}
366
367static void set_sec_size(struct iwl_firmware_pieces *pieces,
368 enum iwl_ucode_type type,
369 int sec,
370 size_t size)
371{
372 alloc_sec_data(pieces, type, sec);
373
374 pieces->img[type].sec[sec].size = size;
375}
376
377static size_t get_sec_size(struct iwl_firmware_pieces *pieces,
378 enum iwl_ucode_type type,
379 int sec)
380{
381 return pieces->img[type].sec[sec].size;
382}
383
384static void set_sec_offset(struct iwl_firmware_pieces *pieces,
385 enum iwl_ucode_type type,
386 int sec,
387 u32 offset)
388{
389 alloc_sec_data(pieces, type, sec);
390
391 pieces->img[type].sec[sec].offset = offset;
392}
393
394/*
395 * Gets uCode section from tlv.
396 */
397static int iwl_store_ucode_sec(struct iwl_firmware_pieces *pieces,
398 const void *data, enum iwl_ucode_type type,
399 int size)
400{
401 struct fw_img_parsing *img;
402 struct fw_sec *sec;
403 const struct fw_sec_parsing *sec_parse;
404 size_t alloc_size;
405
406 if (WARN_ON(!pieces || !data || type >= IWL_UCODE_TYPE_MAX))
407 return -1;
408
409 sec_parse = (const struct fw_sec_parsing *)data;
410
411 img = &pieces->img[type];
412
413 alloc_size = sizeof(*img->sec) * (img->sec_counter + 1);
414 sec = krealloc(img->sec, alloc_size, GFP_KERNEL);
415 if (!sec)
416 return -ENOMEM;
417 img->sec = sec;
418
419 sec = &img->sec[img->sec_counter];
420
421 sec->offset = le32_to_cpu(sec_parse->offset);
422 sec->data = sec_parse->data;
423 sec->size = size - sizeof(sec_parse->offset);
424
425 ++img->sec_counter;
426
427 return 0;
428}
429
430static int iwl_set_default_calib(struct iwl_drv *drv, const u8 *data)
431{
432 const struct iwl_tlv_calib_data *def_calib =
433 (const struct iwl_tlv_calib_data *)data;
434 u32 ucode_type = le32_to_cpu(def_calib->ucode_type);
435 if (ucode_type >= IWL_UCODE_TYPE_MAX) {
436 IWL_ERR(drv, "Wrong ucode_type %u for default calibration.\n",
437 ucode_type);
438 return -EINVAL;
439 }
440 drv->fw.default_calib[ucode_type].flow_trigger =
441 def_calib->calib.flow_trigger;
442 drv->fw.default_calib[ucode_type].event_trigger =
443 def_calib->calib.event_trigger;
444
445 return 0;
446}
447
448static void iwl_set_ucode_api_flags(struct iwl_drv *drv, const u8 *data,
449 struct iwl_ucode_capabilities *capa)
450{
451 const struct iwl_ucode_api *ucode_api = (const void *)data;
452 u32 api_index = le32_to_cpu(ucode_api->api_index);
453 u32 api_flags = le32_to_cpu(ucode_api->api_flags);
454 int i;
455
456 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_API, 32)) {
457 IWL_WARN(drv,
458 "api flags index %d larger than supported by driver\n",
459 api_index);
460 return;
461 }
462
463 for (i = 0; i < 32; i++) {
464 if (api_flags & BIT(i))
465 __set_bit(i + 32 * api_index, capa->_api);
466 }
467}
468
469static void iwl_set_ucode_capabilities(struct iwl_drv *drv, const u8 *data,
470 struct iwl_ucode_capabilities *capa)
471{
472 const struct iwl_ucode_capa *ucode_capa = (const void *)data;
473 u32 api_index = le32_to_cpu(ucode_capa->api_index);
474 u32 api_flags = le32_to_cpu(ucode_capa->api_capa);
475 int i;
476
477 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_CAPA, 32)) {
478 IWL_WARN(drv,
479 "capa flags index %d larger than supported by driver\n",
480 api_index);
481 return;
482 }
483
484 for (i = 0; i < 32; i++) {
485 if (api_flags & BIT(i))
486 __set_bit(i + 32 * api_index, capa->_capa);
487 }
488}
489
490static const char *iwl_reduced_fw_name(struct iwl_drv *drv)
491{
492 const char *name = drv->firmware_name;
493
494 if (strncmp(name, "iwlwifi-", 8) == 0)
495 name += 8;
496
497 return name;
498}
499
500static int iwl_parse_v1_v2_firmware(struct iwl_drv *drv,
501 const struct firmware *ucode_raw,
502 struct iwl_firmware_pieces *pieces)
503{
504 const struct iwl_ucode_header *ucode = (const void *)ucode_raw->data;
505 u32 api_ver, hdr_size, build;
506 char buildstr[25];
507 const u8 *src;
508
509 drv->fw.ucode_ver = le32_to_cpu(ucode->ver);
510 api_ver = IWL_UCODE_API(drv->fw.ucode_ver);
511
512 switch (api_ver) {
513 default:
514 hdr_size = 28;
515 if (ucode_raw->size < hdr_size) {
516 IWL_ERR(drv, "File size too small!\n");
517 return -EINVAL;
518 }
519 build = le32_to_cpu(ucode->u.v2.build);
520 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST,
521 le32_to_cpu(ucode->u.v2.inst_size));
522 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA,
523 le32_to_cpu(ucode->u.v2.data_size));
524 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST,
525 le32_to_cpu(ucode->u.v2.init_size));
526 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA,
527 le32_to_cpu(ucode->u.v2.init_data_size));
528 src = ucode->u.v2.data;
529 break;
530 case 0:
531 case 1:
532 case 2:
533 hdr_size = 24;
534 if (ucode_raw->size < hdr_size) {
535 IWL_ERR(drv, "File size too small!\n");
536 return -EINVAL;
537 }
538 build = 0;
539 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST,
540 le32_to_cpu(ucode->u.v1.inst_size));
541 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA,
542 le32_to_cpu(ucode->u.v1.data_size));
543 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST,
544 le32_to_cpu(ucode->u.v1.init_size));
545 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA,
546 le32_to_cpu(ucode->u.v1.init_data_size));
547 src = ucode->u.v1.data;
548 break;
549 }
550
551 if (build)
552 sprintf(buildstr, " build %u", build);
553 else
554 buildstr[0] = '\0';
555
556 snprintf(drv->fw.fw_version,
557 sizeof(drv->fw.fw_version),
558 "%u.%u.%u.%u%s %s",
559 IWL_UCODE_MAJOR(drv->fw.ucode_ver),
560 IWL_UCODE_MINOR(drv->fw.ucode_ver),
561 IWL_UCODE_API(drv->fw.ucode_ver),
562 IWL_UCODE_SERIAL(drv->fw.ucode_ver),
563 buildstr, iwl_reduced_fw_name(drv));
564
565 /* Verify size of file vs. image size info in file's header */
566
567 if (ucode_raw->size != hdr_size +
568 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) +
569 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) +
570 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) +
571 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA)) {
572
573 IWL_ERR(drv,
574 "uCode file size %d does not match expected size\n",
575 (int)ucode_raw->size);
576 return -EINVAL;
577 }
578
579
580 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, src);
581 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST);
582 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST,
583 IWLAGN_RTC_INST_LOWER_BOUND);
584 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, src);
585 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA);
586 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA,
587 IWLAGN_RTC_DATA_LOWER_BOUND);
588 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, src);
589 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST);
590 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST,
591 IWLAGN_RTC_INST_LOWER_BOUND);
592 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, src);
593 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA);
594 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA,
595 IWLAGN_RTC_DATA_LOWER_BOUND);
596 return 0;
597}
598
599static void iwl_drv_set_dump_exclude(struct iwl_drv *drv,
600 enum iwl_ucode_tlv_type tlv_type,
601 const void *tlv_data, u32 tlv_len)
602{
603 const struct iwl_fw_dump_exclude *fw = tlv_data;
604 struct iwl_dump_exclude *excl;
605
606 if (tlv_len < sizeof(*fw))
607 return;
608
609 if (tlv_type == IWL_UCODE_TLV_SEC_TABLE_ADDR) {
610 excl = &drv->fw.dump_excl[0];
611
612 /* second time we find this, it's for WoWLAN */
613 if (excl->addr)
614 excl = &drv->fw.dump_excl_wowlan[0];
615 } else if (fw_has_capa(&drv->fw.ucode_capa,
616 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG)) {
617 /* IWL_UCODE_TLV_D3_KEK_KCK_ADDR is regular image */
618 excl = &drv->fw.dump_excl[0];
619 } else {
620 /* IWL_UCODE_TLV_D3_KEK_KCK_ADDR is WoWLAN image */
621 excl = &drv->fw.dump_excl_wowlan[0];
622 }
623
624 if (excl->addr)
625 excl++;
626
627 if (excl->addr) {
628 IWL_DEBUG_FW_INFO(drv, "found too many excludes in fw file\n");
629 return;
630 }
631
632 excl->addr = le32_to_cpu(fw->addr) & ~FW_ADDR_CACHE_CONTROL;
633 excl->size = le32_to_cpu(fw->size);
634}
635
636static void iwl_parse_dbg_tlv_assert_tables(struct iwl_drv *drv,
637 const struct iwl_ucode_tlv *tlv)
638{
639 const struct iwl_fw_ini_region_tlv *region;
640 u32 length = le32_to_cpu(tlv->length);
641 u32 addr;
642
643 if (length < offsetof(typeof(*region), special_mem) +
644 sizeof(region->special_mem))
645 return;
646
647 region = (const void *)tlv->data;
648 addr = le32_to_cpu(region->special_mem.base_addr);
649 addr += le32_to_cpu(region->special_mem.offset);
650 addr &= ~FW_ADDR_CACHE_CONTROL;
651
652 if (region->type != IWL_FW_INI_REGION_SPECIAL_DEVICE_MEMORY)
653 return;
654
655 switch (region->sub_type) {
656 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_UMAC_ERROR_TABLE:
657 drv->trans->dbg.umac_error_event_table = addr;
658 drv->trans->dbg.error_event_table_tlv_status |=
659 IWL_ERROR_EVENT_TABLE_UMAC;
660 break;
661 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_LMAC_1_ERROR_TABLE:
662 drv->trans->dbg.lmac_error_event_table[0] = addr;
663 drv->trans->dbg.error_event_table_tlv_status |=
664 IWL_ERROR_EVENT_TABLE_LMAC1;
665 break;
666 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_LMAC_2_ERROR_TABLE:
667 drv->trans->dbg.lmac_error_event_table[1] = addr;
668 drv->trans->dbg.error_event_table_tlv_status |=
669 IWL_ERROR_EVENT_TABLE_LMAC2;
670 break;
671 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_TCM_1_ERROR_TABLE:
672 drv->trans->dbg.tcm_error_event_table[0] = addr;
673 drv->trans->dbg.error_event_table_tlv_status |=
674 IWL_ERROR_EVENT_TABLE_TCM1;
675 break;
676 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_TCM_2_ERROR_TABLE:
677 drv->trans->dbg.tcm_error_event_table[1] = addr;
678 drv->trans->dbg.error_event_table_tlv_status |=
679 IWL_ERROR_EVENT_TABLE_TCM2;
680 break;
681 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_RCM_1_ERROR_TABLE:
682 drv->trans->dbg.rcm_error_event_table[0] = addr;
683 drv->trans->dbg.error_event_table_tlv_status |=
684 IWL_ERROR_EVENT_TABLE_RCM1;
685 break;
686 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_RCM_2_ERROR_TABLE:
687 drv->trans->dbg.rcm_error_event_table[1] = addr;
688 drv->trans->dbg.error_event_table_tlv_status |=
689 IWL_ERROR_EVENT_TABLE_RCM2;
690 break;
691 default:
692 break;
693 }
694}
695
696static int iwl_parse_tlv_firmware(struct iwl_drv *drv,
697 const struct firmware *ucode_raw,
698 struct iwl_firmware_pieces *pieces,
699 struct iwl_ucode_capabilities *capa,
700 bool *usniffer_images)
701{
702 const struct iwl_tlv_ucode_header *ucode = (const void *)ucode_raw->data;
703 const struct iwl_ucode_tlv *tlv;
704 size_t len = ucode_raw->size;
705 const u8 *data;
706 u32 tlv_len;
707 u32 usniffer_img;
708 enum iwl_ucode_tlv_type tlv_type;
709 const u8 *tlv_data;
710 char buildstr[25];
711 u32 build, paging_mem_size;
712 int num_of_cpus;
713 bool usniffer_req = false;
714
715 if (len < sizeof(*ucode)) {
716 IWL_ERR(drv, "uCode has invalid length: %zd\n", len);
717 return -EINVAL;
718 }
719
720 if (ucode->magic != cpu_to_le32(IWL_TLV_UCODE_MAGIC)) {
721 IWL_ERR(drv, "invalid uCode magic: 0X%x\n",
722 le32_to_cpu(ucode->magic));
723 return -EINVAL;
724 }
725
726 drv->fw.ucode_ver = le32_to_cpu(ucode->ver);
727 memcpy(drv->fw.human_readable, ucode->human_readable,
728 sizeof(drv->fw.human_readable));
729 build = le32_to_cpu(ucode->build);
730
731 if (build)
732 sprintf(buildstr, " build %u", build);
733 else
734 buildstr[0] = '\0';
735
736 snprintf(drv->fw.fw_version,
737 sizeof(drv->fw.fw_version),
738 "%u.%u.%u.%u%s %s",
739 IWL_UCODE_MAJOR(drv->fw.ucode_ver),
740 IWL_UCODE_MINOR(drv->fw.ucode_ver),
741 IWL_UCODE_API(drv->fw.ucode_ver),
742 IWL_UCODE_SERIAL(drv->fw.ucode_ver),
743 buildstr, iwl_reduced_fw_name(drv));
744
745 data = ucode->data;
746
747 len -= sizeof(*ucode);
748
749 while (len >= sizeof(*tlv)) {
750 len -= sizeof(*tlv);
751
752 tlv = (const void *)data;
753 tlv_len = le32_to_cpu(tlv->length);
754 tlv_type = le32_to_cpu(tlv->type);
755 tlv_data = tlv->data;
756
757 if (len < tlv_len) {
758 IWL_ERR(drv, "invalid TLV len: %zd/%u\n",
759 len, tlv_len);
760 return -EINVAL;
761 }
762 len -= ALIGN(tlv_len, 4);
763 data += sizeof(*tlv) + ALIGN(tlv_len, 4);
764
765 switch (tlv_type) {
766 case IWL_UCODE_TLV_INST:
767 set_sec_data(pieces, IWL_UCODE_REGULAR,
768 IWL_UCODE_SECTION_INST, tlv_data);
769 set_sec_size(pieces, IWL_UCODE_REGULAR,
770 IWL_UCODE_SECTION_INST, tlv_len);
771 set_sec_offset(pieces, IWL_UCODE_REGULAR,
772 IWL_UCODE_SECTION_INST,
773 IWLAGN_RTC_INST_LOWER_BOUND);
774 break;
775 case IWL_UCODE_TLV_DATA:
776 set_sec_data(pieces, IWL_UCODE_REGULAR,
777 IWL_UCODE_SECTION_DATA, tlv_data);
778 set_sec_size(pieces, IWL_UCODE_REGULAR,
779 IWL_UCODE_SECTION_DATA, tlv_len);
780 set_sec_offset(pieces, IWL_UCODE_REGULAR,
781 IWL_UCODE_SECTION_DATA,
782 IWLAGN_RTC_DATA_LOWER_BOUND);
783 break;
784 case IWL_UCODE_TLV_INIT:
785 set_sec_data(pieces, IWL_UCODE_INIT,
786 IWL_UCODE_SECTION_INST, tlv_data);
787 set_sec_size(pieces, IWL_UCODE_INIT,
788 IWL_UCODE_SECTION_INST, tlv_len);
789 set_sec_offset(pieces, IWL_UCODE_INIT,
790 IWL_UCODE_SECTION_INST,
791 IWLAGN_RTC_INST_LOWER_BOUND);
792 break;
793 case IWL_UCODE_TLV_INIT_DATA:
794 set_sec_data(pieces, IWL_UCODE_INIT,
795 IWL_UCODE_SECTION_DATA, tlv_data);
796 set_sec_size(pieces, IWL_UCODE_INIT,
797 IWL_UCODE_SECTION_DATA, tlv_len);
798 set_sec_offset(pieces, IWL_UCODE_INIT,
799 IWL_UCODE_SECTION_DATA,
800 IWLAGN_RTC_DATA_LOWER_BOUND);
801 break;
802 case IWL_UCODE_TLV_BOOT:
803 IWL_ERR(drv, "Found unexpected BOOT ucode\n");
804 break;
805 case IWL_UCODE_TLV_PROBE_MAX_LEN:
806 if (tlv_len != sizeof(u32))
807 goto invalid_tlv_len;
808 capa->max_probe_length =
809 le32_to_cpup((const __le32 *)tlv_data);
810 break;
811 case IWL_UCODE_TLV_PAN:
812 if (tlv_len)
813 goto invalid_tlv_len;
814 capa->flags |= IWL_UCODE_TLV_FLAGS_PAN;
815 break;
816 case IWL_UCODE_TLV_FLAGS:
817 /* must be at least one u32 */
818 if (tlv_len < sizeof(u32))
819 goto invalid_tlv_len;
820 /* and a proper number of u32s */
821 if (tlv_len % sizeof(u32))
822 goto invalid_tlv_len;
823 /*
824 * This driver only reads the first u32 as
825 * right now no more features are defined,
826 * if that changes then either the driver
827 * will not work with the new firmware, or
828 * it'll not take advantage of new features.
829 */
830 capa->flags = le32_to_cpup((const __le32 *)tlv_data);
831 break;
832 case IWL_UCODE_TLV_API_CHANGES_SET:
833 if (tlv_len != sizeof(struct iwl_ucode_api))
834 goto invalid_tlv_len;
835 iwl_set_ucode_api_flags(drv, tlv_data, capa);
836 break;
837 case IWL_UCODE_TLV_ENABLED_CAPABILITIES:
838 if (tlv_len != sizeof(struct iwl_ucode_capa))
839 goto invalid_tlv_len;
840 iwl_set_ucode_capabilities(drv, tlv_data, capa);
841 break;
842 case IWL_UCODE_TLV_INIT_EVTLOG_PTR:
843 if (tlv_len != sizeof(u32))
844 goto invalid_tlv_len;
845 pieces->init_evtlog_ptr =
846 le32_to_cpup((const __le32 *)tlv_data);
847 break;
848 case IWL_UCODE_TLV_INIT_EVTLOG_SIZE:
849 if (tlv_len != sizeof(u32))
850 goto invalid_tlv_len;
851 pieces->init_evtlog_size =
852 le32_to_cpup((const __le32 *)tlv_data);
853 break;
854 case IWL_UCODE_TLV_INIT_ERRLOG_PTR:
855 if (tlv_len != sizeof(u32))
856 goto invalid_tlv_len;
857 pieces->init_errlog_ptr =
858 le32_to_cpup((const __le32 *)tlv_data);
859 break;
860 case IWL_UCODE_TLV_RUNT_EVTLOG_PTR:
861 if (tlv_len != sizeof(u32))
862 goto invalid_tlv_len;
863 pieces->inst_evtlog_ptr =
864 le32_to_cpup((const __le32 *)tlv_data);
865 break;
866 case IWL_UCODE_TLV_RUNT_EVTLOG_SIZE:
867 if (tlv_len != sizeof(u32))
868 goto invalid_tlv_len;
869 pieces->inst_evtlog_size =
870 le32_to_cpup((const __le32 *)tlv_data);
871 break;
872 case IWL_UCODE_TLV_RUNT_ERRLOG_PTR:
873 if (tlv_len != sizeof(u32))
874 goto invalid_tlv_len;
875 pieces->inst_errlog_ptr =
876 le32_to_cpup((const __le32 *)tlv_data);
877 break;
878 case IWL_UCODE_TLV_ENHANCE_SENS_TBL:
879 if (tlv_len)
880 goto invalid_tlv_len;
881 drv->fw.enhance_sensitivity_table = true;
882 break;
883 case IWL_UCODE_TLV_WOWLAN_INST:
884 set_sec_data(pieces, IWL_UCODE_WOWLAN,
885 IWL_UCODE_SECTION_INST, tlv_data);
886 set_sec_size(pieces, IWL_UCODE_WOWLAN,
887 IWL_UCODE_SECTION_INST, tlv_len);
888 set_sec_offset(pieces, IWL_UCODE_WOWLAN,
889 IWL_UCODE_SECTION_INST,
890 IWLAGN_RTC_INST_LOWER_BOUND);
891 break;
892 case IWL_UCODE_TLV_WOWLAN_DATA:
893 set_sec_data(pieces, IWL_UCODE_WOWLAN,
894 IWL_UCODE_SECTION_DATA, tlv_data);
895 set_sec_size(pieces, IWL_UCODE_WOWLAN,
896 IWL_UCODE_SECTION_DATA, tlv_len);
897 set_sec_offset(pieces, IWL_UCODE_WOWLAN,
898 IWL_UCODE_SECTION_DATA,
899 IWLAGN_RTC_DATA_LOWER_BOUND);
900 break;
901 case IWL_UCODE_TLV_PHY_CALIBRATION_SIZE:
902 if (tlv_len != sizeof(u32))
903 goto invalid_tlv_len;
904 capa->standard_phy_calibration_size =
905 le32_to_cpup((const __le32 *)tlv_data);
906 break;
907 case IWL_UCODE_TLV_SEC_RT:
908 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_REGULAR,
909 tlv_len);
910 drv->fw.type = IWL_FW_MVM;
911 break;
912 case IWL_UCODE_TLV_SEC_INIT:
913 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_INIT,
914 tlv_len);
915 drv->fw.type = IWL_FW_MVM;
916 break;
917 case IWL_UCODE_TLV_SEC_WOWLAN:
918 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_WOWLAN,
919 tlv_len);
920 drv->fw.type = IWL_FW_MVM;
921 break;
922 case IWL_UCODE_TLV_DEF_CALIB:
923 if (tlv_len != sizeof(struct iwl_tlv_calib_data))
924 goto invalid_tlv_len;
925 if (iwl_set_default_calib(drv, tlv_data))
926 goto tlv_error;
927 break;
928 case IWL_UCODE_TLV_PHY_SKU:
929 if (tlv_len != sizeof(u32))
930 goto invalid_tlv_len;
931 drv->fw.phy_config = le32_to_cpup((const __le32 *)tlv_data);
932 drv->fw.valid_tx_ant = (drv->fw.phy_config &
933 FW_PHY_CFG_TX_CHAIN) >>
934 FW_PHY_CFG_TX_CHAIN_POS;
935 drv->fw.valid_rx_ant = (drv->fw.phy_config &
936 FW_PHY_CFG_RX_CHAIN) >>
937 FW_PHY_CFG_RX_CHAIN_POS;
938 break;
939 case IWL_UCODE_TLV_SECURE_SEC_RT:
940 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_REGULAR,
941 tlv_len);
942 drv->fw.type = IWL_FW_MVM;
943 break;
944 case IWL_UCODE_TLV_SECURE_SEC_INIT:
945 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_INIT,
946 tlv_len);
947 drv->fw.type = IWL_FW_MVM;
948 break;
949 case IWL_UCODE_TLV_SECURE_SEC_WOWLAN:
950 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_WOWLAN,
951 tlv_len);
952 drv->fw.type = IWL_FW_MVM;
953 break;
954 case IWL_UCODE_TLV_NUM_OF_CPU:
955 if (tlv_len != sizeof(u32))
956 goto invalid_tlv_len;
957 num_of_cpus =
958 le32_to_cpup((const __le32 *)tlv_data);
959
960 if (num_of_cpus == 2) {
961 drv->fw.img[IWL_UCODE_REGULAR].is_dual_cpus =
962 true;
963 drv->fw.img[IWL_UCODE_INIT].is_dual_cpus =
964 true;
965 drv->fw.img[IWL_UCODE_WOWLAN].is_dual_cpus =
966 true;
967 } else if ((num_of_cpus > 2) || (num_of_cpus < 1)) {
968 IWL_ERR(drv, "Driver support up to 2 CPUs\n");
969 return -EINVAL;
970 }
971 break;
972 case IWL_UCODE_TLV_N_SCAN_CHANNELS:
973 if (tlv_len != sizeof(u32))
974 goto invalid_tlv_len;
975 capa->n_scan_channels =
976 le32_to_cpup((const __le32 *)tlv_data);
977 break;
978 case IWL_UCODE_TLV_FW_VERSION: {
979 const __le32 *ptr = (const void *)tlv_data;
980 u32 major, minor;
981 u8 local_comp;
982
983 if (tlv_len != sizeof(u32) * 3)
984 goto invalid_tlv_len;
985
986 major = le32_to_cpup(ptr++);
987 minor = le32_to_cpup(ptr++);
988 local_comp = le32_to_cpup(ptr);
989
990 if (major >= 35)
991 snprintf(drv->fw.fw_version,
992 sizeof(drv->fw.fw_version),
993 "%u.%08x.%u %s", major, minor,
994 local_comp, iwl_reduced_fw_name(drv));
995 else
996 snprintf(drv->fw.fw_version,
997 sizeof(drv->fw.fw_version),
998 "%u.%u.%u %s", major, minor,
999 local_comp, iwl_reduced_fw_name(drv));
1000 break;
1001 }
1002 case IWL_UCODE_TLV_FW_DBG_DEST: {
1003 const struct iwl_fw_dbg_dest_tlv *dest = NULL;
1004 const struct iwl_fw_dbg_dest_tlv_v1 *dest_v1 = NULL;
1005 u8 mon_mode;
1006
1007 pieces->dbg_dest_ver = (const u8 *)tlv_data;
1008 if (*pieces->dbg_dest_ver == 1) {
1009 dest = (const void *)tlv_data;
1010 } else if (*pieces->dbg_dest_ver == 0) {
1011 dest_v1 = (const void *)tlv_data;
1012 } else {
1013 IWL_ERR(drv,
1014 "The version is %d, and it is invalid\n",
1015 *pieces->dbg_dest_ver);
1016 break;
1017 }
1018
1019 if (pieces->dbg_dest_tlv_init) {
1020 IWL_ERR(drv,
1021 "dbg destination ignored, already exists\n");
1022 break;
1023 }
1024
1025 pieces->dbg_dest_tlv_init = true;
1026
1027 if (dest_v1) {
1028 pieces->dbg_dest_tlv_v1 = dest_v1;
1029 mon_mode = dest_v1->monitor_mode;
1030 } else {
1031 pieces->dbg_dest_tlv = dest;
1032 mon_mode = dest->monitor_mode;
1033 }
1034
1035 IWL_INFO(drv, "Found debug destination: %s\n",
1036 get_fw_dbg_mode_string(mon_mode));
1037
1038 drv->fw.dbg.n_dest_reg = (dest_v1) ?
1039 tlv_len -
1040 offsetof(struct iwl_fw_dbg_dest_tlv_v1,
1041 reg_ops) :
1042 tlv_len -
1043 offsetof(struct iwl_fw_dbg_dest_tlv,
1044 reg_ops);
1045
1046 drv->fw.dbg.n_dest_reg /=
1047 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]);
1048
1049 break;
1050 }
1051 case IWL_UCODE_TLV_FW_DBG_CONF: {
1052 const struct iwl_fw_dbg_conf_tlv *conf =
1053 (const void *)tlv_data;
1054
1055 if (!pieces->dbg_dest_tlv_init) {
1056 IWL_ERR(drv,
1057 "Ignore dbg config %d - no destination configured\n",
1058 conf->id);
1059 break;
1060 }
1061
1062 if (conf->id >= ARRAY_SIZE(drv->fw.dbg.conf_tlv)) {
1063 IWL_ERR(drv,
1064 "Skip unknown configuration: %d\n",
1065 conf->id);
1066 break;
1067 }
1068
1069 if (pieces->dbg_conf_tlv[conf->id]) {
1070 IWL_ERR(drv,
1071 "Ignore duplicate dbg config %d\n",
1072 conf->id);
1073 break;
1074 }
1075
1076 if (conf->usniffer)
1077 usniffer_req = true;
1078
1079 IWL_INFO(drv, "Found debug configuration: %d\n",
1080 conf->id);
1081
1082 pieces->dbg_conf_tlv[conf->id] = conf;
1083 pieces->dbg_conf_tlv_len[conf->id] = tlv_len;
1084 break;
1085 }
1086 case IWL_UCODE_TLV_FW_DBG_TRIGGER: {
1087 const struct iwl_fw_dbg_trigger_tlv *trigger =
1088 (const void *)tlv_data;
1089 u32 trigger_id = le32_to_cpu(trigger->id);
1090
1091 if (trigger_id >= ARRAY_SIZE(drv->fw.dbg.trigger_tlv)) {
1092 IWL_ERR(drv,
1093 "Skip unknown trigger: %u\n",
1094 trigger->id);
1095 break;
1096 }
1097
1098 if (pieces->dbg_trigger_tlv[trigger_id]) {
1099 IWL_ERR(drv,
1100 "Ignore duplicate dbg trigger %u\n",
1101 trigger->id);
1102 break;
1103 }
1104
1105 IWL_INFO(drv, "Found debug trigger: %u\n", trigger->id);
1106
1107 pieces->dbg_trigger_tlv[trigger_id] = trigger;
1108 pieces->dbg_trigger_tlv_len[trigger_id] = tlv_len;
1109 break;
1110 }
1111 case IWL_UCODE_TLV_FW_DBG_DUMP_LST: {
1112 if (tlv_len != sizeof(u32)) {
1113 IWL_ERR(drv,
1114 "dbg lst mask size incorrect, skip\n");
1115 break;
1116 }
1117
1118 drv->fw.dbg.dump_mask =
1119 le32_to_cpup((const __le32 *)tlv_data);
1120 break;
1121 }
1122 case IWL_UCODE_TLV_SEC_RT_USNIFFER:
1123 *usniffer_images = true;
1124 iwl_store_ucode_sec(pieces, tlv_data,
1125 IWL_UCODE_REGULAR_USNIFFER,
1126 tlv_len);
1127 break;
1128 case IWL_UCODE_TLV_PAGING:
1129 if (tlv_len != sizeof(u32))
1130 goto invalid_tlv_len;
1131 paging_mem_size = le32_to_cpup((const __le32 *)tlv_data);
1132
1133 IWL_DEBUG_FW(drv,
1134 "Paging: paging enabled (size = %u bytes)\n",
1135 paging_mem_size);
1136
1137 if (paging_mem_size > MAX_PAGING_IMAGE_SIZE) {
1138 IWL_ERR(drv,
1139 "Paging: driver supports up to %lu bytes for paging image\n",
1140 MAX_PAGING_IMAGE_SIZE);
1141 return -EINVAL;
1142 }
1143
1144 if (paging_mem_size & (FW_PAGING_SIZE - 1)) {
1145 IWL_ERR(drv,
1146 "Paging: image isn't multiple %lu\n",
1147 FW_PAGING_SIZE);
1148 return -EINVAL;
1149 }
1150
1151 drv->fw.img[IWL_UCODE_REGULAR].paging_mem_size =
1152 paging_mem_size;
1153 usniffer_img = IWL_UCODE_REGULAR_USNIFFER;
1154 drv->fw.img[usniffer_img].paging_mem_size =
1155 paging_mem_size;
1156 break;
1157 case IWL_UCODE_TLV_FW_GSCAN_CAPA:
1158 /* ignored */
1159 break;
1160 case IWL_UCODE_TLV_FW_MEM_SEG: {
1161 const struct iwl_fw_dbg_mem_seg_tlv *dbg_mem =
1162 (const void *)tlv_data;
1163 size_t size;
1164 struct iwl_fw_dbg_mem_seg_tlv *n;
1165
1166 if (tlv_len != (sizeof(*dbg_mem)))
1167 goto invalid_tlv_len;
1168
1169 IWL_DEBUG_INFO(drv, "Found debug memory segment: %u\n",
1170 dbg_mem->data_type);
1171
1172 size = sizeof(*pieces->dbg_mem_tlv) *
1173 (pieces->n_mem_tlv + 1);
1174 n = krealloc(pieces->dbg_mem_tlv, size, GFP_KERNEL);
1175 if (!n)
1176 return -ENOMEM;
1177 pieces->dbg_mem_tlv = n;
1178 pieces->dbg_mem_tlv[pieces->n_mem_tlv] = *dbg_mem;
1179 pieces->n_mem_tlv++;
1180 break;
1181 }
1182 case IWL_UCODE_TLV_IML: {
1183 drv->fw.iml_len = tlv_len;
1184 drv->fw.iml = kmemdup(tlv_data, tlv_len, GFP_KERNEL);
1185 if (!drv->fw.iml)
1186 return -ENOMEM;
1187 break;
1188 }
1189 case IWL_UCODE_TLV_FW_RECOVERY_INFO: {
1190 const struct {
1191 __le32 buf_addr;
1192 __le32 buf_size;
1193 } *recov_info = (const void *)tlv_data;
1194
1195 if (tlv_len != sizeof(*recov_info))
1196 goto invalid_tlv_len;
1197 capa->error_log_addr =
1198 le32_to_cpu(recov_info->buf_addr);
1199 capa->error_log_size =
1200 le32_to_cpu(recov_info->buf_size);
1201 }
1202 break;
1203 case IWL_UCODE_TLV_FW_FSEQ_VERSION: {
1204 const struct {
1205 u8 version[32];
1206 u8 sha1[20];
1207 } *fseq_ver = (const void *)tlv_data;
1208
1209 if (tlv_len != sizeof(*fseq_ver))
1210 goto invalid_tlv_len;
1211 IWL_INFO(drv, "TLV_FW_FSEQ_VERSION: %s\n",
1212 fseq_ver->version);
1213 }
1214 break;
1215 case IWL_UCODE_TLV_FW_NUM_STATIONS:
1216 if (tlv_len != sizeof(u32))
1217 goto invalid_tlv_len;
1218 if (le32_to_cpup((const __le32 *)tlv_data) >
1219 IWL_MVM_STATION_COUNT_MAX) {
1220 IWL_ERR(drv,
1221 "%d is an invalid number of station\n",
1222 le32_to_cpup((const __le32 *)tlv_data));
1223 goto tlv_error;
1224 }
1225 capa->num_stations =
1226 le32_to_cpup((const __le32 *)tlv_data);
1227 break;
1228 case IWL_UCODE_TLV_FW_NUM_BEACONS:
1229 if (tlv_len != sizeof(u32))
1230 goto invalid_tlv_len;
1231 capa->num_beacons =
1232 le32_to_cpup((const __le32 *)tlv_data);
1233 break;
1234 case IWL_UCODE_TLV_UMAC_DEBUG_ADDRS: {
1235 const struct iwl_umac_debug_addrs *dbg_ptrs =
1236 (const void *)tlv_data;
1237
1238 if (tlv_len != sizeof(*dbg_ptrs))
1239 goto invalid_tlv_len;
1240 if (drv->trans->trans_cfg->device_family <
1241 IWL_DEVICE_FAMILY_22000)
1242 break;
1243 drv->trans->dbg.umac_error_event_table =
1244 le32_to_cpu(dbg_ptrs->error_info_addr) &
1245 ~FW_ADDR_CACHE_CONTROL;
1246 drv->trans->dbg.error_event_table_tlv_status |=
1247 IWL_ERROR_EVENT_TABLE_UMAC;
1248 break;
1249 }
1250 case IWL_UCODE_TLV_LMAC_DEBUG_ADDRS: {
1251 const struct iwl_lmac_debug_addrs *dbg_ptrs =
1252 (const void *)tlv_data;
1253
1254 if (tlv_len != sizeof(*dbg_ptrs))
1255 goto invalid_tlv_len;
1256 if (drv->trans->trans_cfg->device_family <
1257 IWL_DEVICE_FAMILY_22000)
1258 break;
1259 drv->trans->dbg.lmac_error_event_table[0] =
1260 le32_to_cpu(dbg_ptrs->error_event_table_ptr) &
1261 ~FW_ADDR_CACHE_CONTROL;
1262 drv->trans->dbg.error_event_table_tlv_status |=
1263 IWL_ERROR_EVENT_TABLE_LMAC1;
1264 break;
1265 }
1266 case IWL_UCODE_TLV_TYPE_REGIONS:
1267 iwl_parse_dbg_tlv_assert_tables(drv, tlv);
1268 fallthrough;
1269 case IWL_UCODE_TLV_TYPE_DEBUG_INFO:
1270 case IWL_UCODE_TLV_TYPE_BUFFER_ALLOCATION:
1271 case IWL_UCODE_TLV_TYPE_HCMD:
1272 case IWL_UCODE_TLV_TYPE_TRIGGERS:
1273 case IWL_UCODE_TLV_TYPE_CONF_SET:
1274 if (iwlwifi_mod_params.enable_ini)
1275 iwl_dbg_tlv_alloc(drv->trans, tlv, false);
1276 break;
1277 case IWL_UCODE_TLV_CMD_VERSIONS:
1278 if (tlv_len % sizeof(struct iwl_fw_cmd_version)) {
1279 IWL_ERR(drv,
1280 "Invalid length for command versions: %u\n",
1281 tlv_len);
1282 tlv_len /= sizeof(struct iwl_fw_cmd_version);
1283 tlv_len *= sizeof(struct iwl_fw_cmd_version);
1284 }
1285 if (WARN_ON(capa->cmd_versions))
1286 return -EINVAL;
1287 capa->cmd_versions = kmemdup(tlv_data, tlv_len,
1288 GFP_KERNEL);
1289 if (!capa->cmd_versions)
1290 return -ENOMEM;
1291 capa->n_cmd_versions =
1292 tlv_len / sizeof(struct iwl_fw_cmd_version);
1293 break;
1294 case IWL_UCODE_TLV_PHY_INTEGRATION_VERSION:
1295 if (drv->fw.phy_integration_ver) {
1296 IWL_ERR(drv,
1297 "phy integration str ignored, already exists\n");
1298 break;
1299 }
1300
1301 drv->fw.phy_integration_ver =
1302 kmemdup(tlv_data, tlv_len, GFP_KERNEL);
1303 if (!drv->fw.phy_integration_ver)
1304 return -ENOMEM;
1305 drv->fw.phy_integration_ver_len = tlv_len;
1306 break;
1307 case IWL_UCODE_TLV_SEC_TABLE_ADDR:
1308 case IWL_UCODE_TLV_D3_KEK_KCK_ADDR:
1309 iwl_drv_set_dump_exclude(drv, tlv_type,
1310 tlv_data, tlv_len);
1311 break;
1312 case IWL_UCODE_TLV_CURRENT_PC:
1313 if (tlv_len < sizeof(struct iwl_pc_data))
1314 goto invalid_tlv_len;
1315 drv->trans->dbg.pc_data =
1316 kmemdup(tlv_data, tlv_len, GFP_KERNEL);
1317 if (!drv->trans->dbg.pc_data)
1318 return -ENOMEM;
1319 drv->trans->dbg.num_pc =
1320 tlv_len / sizeof(struct iwl_pc_data);
1321 break;
1322 default:
1323 IWL_DEBUG_INFO(drv, "unknown TLV: %d\n", tlv_type);
1324 break;
1325 }
1326 }
1327
1328 if (!fw_has_capa(capa, IWL_UCODE_TLV_CAPA_USNIFFER_UNIFIED) &&
1329 usniffer_req && !*usniffer_images) {
1330 IWL_ERR(drv,
1331 "user selected to work with usniffer but usniffer image isn't available in ucode package\n");
1332 return -EINVAL;
1333 }
1334
1335 if (len) {
1336 IWL_ERR(drv, "invalid TLV after parsing: %zd\n", len);
1337 iwl_print_hex_dump(drv, IWL_DL_FW, data, len);
1338 return -EINVAL;
1339 }
1340
1341 return 0;
1342
1343 invalid_tlv_len:
1344 IWL_ERR(drv, "TLV %d has invalid size: %u\n", tlv_type, tlv_len);
1345 tlv_error:
1346 iwl_print_hex_dump(drv, IWL_DL_FW, tlv_data, tlv_len);
1347
1348 return -EINVAL;
1349}
1350
1351static int iwl_alloc_ucode(struct iwl_drv *drv,
1352 struct iwl_firmware_pieces *pieces,
1353 enum iwl_ucode_type type)
1354{
1355 int i;
1356 struct fw_desc *sec;
1357
1358 sec = kcalloc(pieces->img[type].sec_counter, sizeof(*sec), GFP_KERNEL);
1359 if (!sec)
1360 return -ENOMEM;
1361 drv->fw.img[type].sec = sec;
1362 drv->fw.img[type].num_sec = pieces->img[type].sec_counter;
1363
1364 for (i = 0; i < pieces->img[type].sec_counter; i++)
1365 if (iwl_alloc_fw_desc(drv, &sec[i], get_sec(pieces, type, i)))
1366 return -ENOMEM;
1367
1368 return 0;
1369}
1370
1371static int validate_sec_sizes(struct iwl_drv *drv,
1372 struct iwl_firmware_pieces *pieces,
1373 const struct iwl_cfg *cfg)
1374{
1375 IWL_DEBUG_INFO(drv, "f/w package hdr runtime inst size = %zd\n",
1376 get_sec_size(pieces, IWL_UCODE_REGULAR,
1377 IWL_UCODE_SECTION_INST));
1378 IWL_DEBUG_INFO(drv, "f/w package hdr runtime data size = %zd\n",
1379 get_sec_size(pieces, IWL_UCODE_REGULAR,
1380 IWL_UCODE_SECTION_DATA));
1381 IWL_DEBUG_INFO(drv, "f/w package hdr init inst size = %zd\n",
1382 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST));
1383 IWL_DEBUG_INFO(drv, "f/w package hdr init data size = %zd\n",
1384 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA));
1385
1386 /* Verify that uCode images will fit in card's SRAM. */
1387 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) >
1388 cfg->max_inst_size) {
1389 IWL_ERR(drv, "uCode instr len %zd too large to fit in\n",
1390 get_sec_size(pieces, IWL_UCODE_REGULAR,
1391 IWL_UCODE_SECTION_INST));
1392 return -1;
1393 }
1394
1395 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) >
1396 cfg->max_data_size) {
1397 IWL_ERR(drv, "uCode data len %zd too large to fit in\n",
1398 get_sec_size(pieces, IWL_UCODE_REGULAR,
1399 IWL_UCODE_SECTION_DATA));
1400 return -1;
1401 }
1402
1403 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) >
1404 cfg->max_inst_size) {
1405 IWL_ERR(drv, "uCode init instr len %zd too large to fit in\n",
1406 get_sec_size(pieces, IWL_UCODE_INIT,
1407 IWL_UCODE_SECTION_INST));
1408 return -1;
1409 }
1410
1411 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA) >
1412 cfg->max_data_size) {
1413 IWL_ERR(drv, "uCode init data len %zd too large to fit in\n",
1414 get_sec_size(pieces, IWL_UCODE_REGULAR,
1415 IWL_UCODE_SECTION_DATA));
1416 return -1;
1417 }
1418 return 0;
1419}
1420
1421static struct iwl_op_mode *
1422_iwl_op_mode_start(struct iwl_drv *drv, struct iwlwifi_opmode_table *op)
1423{
1424 const struct iwl_op_mode_ops *ops = op->ops;
1425 struct dentry *dbgfs_dir = NULL;
1426 struct iwl_op_mode *op_mode = NULL;
1427 int retry, max_retry = !!iwlwifi_mod_params.fw_restart * IWL_MAX_INIT_RETRY;
1428
1429 /* also protects start/stop from racing against each other */
1430 lockdep_assert_held(&iwlwifi_opmode_table_mtx);
1431
1432 for (retry = 0; retry <= max_retry; retry++) {
1433
1434#ifdef CONFIG_IWLWIFI_DEBUGFS
1435 drv->dbgfs_op_mode = debugfs_create_dir(op->name,
1436 drv->dbgfs_drv);
1437 dbgfs_dir = drv->dbgfs_op_mode;
1438#endif
1439
1440 op_mode = ops->start(drv->trans, drv->trans->cfg,
1441 &drv->fw, dbgfs_dir);
1442
1443 if (op_mode)
1444 return op_mode;
1445
1446 if (test_bit(STATUS_TRANS_DEAD, &drv->trans->status))
1447 break;
1448
1449 IWL_ERR(drv, "retry init count %d\n", retry);
1450
1451#ifdef CONFIG_IWLWIFI_DEBUGFS
1452 debugfs_remove_recursive(drv->dbgfs_op_mode);
1453 drv->dbgfs_op_mode = NULL;
1454#endif
1455 }
1456
1457 return NULL;
1458}
1459
1460static void _iwl_op_mode_stop(struct iwl_drv *drv)
1461{
1462 /* also protects start/stop from racing against each other */
1463 lockdep_assert_held(&iwlwifi_opmode_table_mtx);
1464
1465 /* op_mode can be NULL if its start failed */
1466 if (drv->op_mode) {
1467 iwl_op_mode_stop(drv->op_mode);
1468 drv->op_mode = NULL;
1469
1470#ifdef CONFIG_IWLWIFI_DEBUGFS
1471 debugfs_remove_recursive(drv->dbgfs_op_mode);
1472 drv->dbgfs_op_mode = NULL;
1473#endif
1474 }
1475}
1476
1477/*
1478 * iwl_req_fw_callback - callback when firmware was loaded
1479 *
1480 * If loaded successfully, copies the firmware into buffers
1481 * for the card to fetch (via DMA).
1482 */
1483static void iwl_req_fw_callback(const struct firmware *ucode_raw, void *context)
1484{
1485 struct iwl_drv *drv = context;
1486 struct iwl_fw *fw = &drv->fw;
1487 const struct iwl_ucode_header *ucode;
1488 struct iwlwifi_opmode_table *op;
1489 int err;
1490 struct iwl_firmware_pieces *pieces;
1491 const unsigned int api_max = drv->trans->cfg->ucode_api_max;
1492 const unsigned int api_min = drv->trans->cfg->ucode_api_min;
1493 size_t trigger_tlv_sz[FW_DBG_TRIGGER_MAX];
1494 u32 api_ver;
1495 int i;
1496 bool load_module = false;
1497 bool usniffer_images = false;
1498 bool failure = true;
1499
1500 fw->ucode_capa.max_probe_length = IWL_DEFAULT_MAX_PROBE_LENGTH;
1501 fw->ucode_capa.standard_phy_calibration_size =
1502 IWL_DEFAULT_STANDARD_PHY_CALIBRATE_TBL_SIZE;
1503 fw->ucode_capa.n_scan_channels = IWL_DEFAULT_SCAN_CHANNELS;
1504 fw->ucode_capa.num_stations = IWL_MVM_STATION_COUNT_MAX;
1505 fw->ucode_capa.num_beacons = 1;
1506 /* dump all fw memory areas by default */
1507 fw->dbg.dump_mask = 0xffffffff;
1508
1509 pieces = kzalloc(sizeof(*pieces), GFP_KERNEL);
1510 if (!pieces)
1511 goto out_free_fw;
1512
1513 if (!ucode_raw)
1514 goto try_again;
1515
1516 IWL_DEBUG_FW_INFO(drv, "Loaded firmware file '%s' (%zd bytes).\n",
1517 drv->firmware_name, ucode_raw->size);
1518
1519 /* Make sure that we got at least the API version number */
1520 if (ucode_raw->size < 4) {
1521 IWL_ERR(drv, "File size way too small!\n");
1522 goto try_again;
1523 }
1524
1525 /* Data from ucode file: header followed by uCode images */
1526 ucode = (const struct iwl_ucode_header *)ucode_raw->data;
1527
1528 if (ucode->ver)
1529 err = iwl_parse_v1_v2_firmware(drv, ucode_raw, pieces);
1530 else
1531 err = iwl_parse_tlv_firmware(drv, ucode_raw, pieces,
1532 &fw->ucode_capa, &usniffer_images);
1533
1534 if (err)
1535 goto try_again;
1536
1537 if (fw_has_api(&drv->fw.ucode_capa, IWL_UCODE_TLV_API_NEW_VERSION))
1538 api_ver = drv->fw.ucode_ver;
1539 else
1540 api_ver = IWL_UCODE_API(drv->fw.ucode_ver);
1541
1542 /*
1543 * api_ver should match the api version forming part of the
1544 * firmware filename ... but we don't check for that and only rely
1545 * on the API version read from firmware header from here on forward
1546 */
1547 if (api_ver < api_min || api_ver > api_max) {
1548 IWL_ERR(drv,
1549 "Driver unable to support your firmware API. "
1550 "Driver supports v%u, firmware is v%u.\n",
1551 api_max, api_ver);
1552 goto try_again;
1553 }
1554
1555 /*
1556 * In mvm uCode there is no difference between data and instructions
1557 * sections.
1558 */
1559 if (fw->type == IWL_FW_DVM && validate_sec_sizes(drv, pieces,
1560 drv->trans->cfg))
1561 goto try_again;
1562
1563 /* Allocate ucode buffers for card's bus-master loading ... */
1564
1565 /* Runtime instructions and 2 copies of data:
1566 * 1) unmodified from disk
1567 * 2) backup cache for save/restore during power-downs
1568 */
1569 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++)
1570 if (iwl_alloc_ucode(drv, pieces, i))
1571 goto out_free_fw;
1572
1573 if (pieces->dbg_dest_tlv_init) {
1574 size_t dbg_dest_size = sizeof(*drv->fw.dbg.dest_tlv) +
1575 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]) *
1576 drv->fw.dbg.n_dest_reg;
1577
1578 drv->fw.dbg.dest_tlv = kmalloc(dbg_dest_size, GFP_KERNEL);
1579
1580 if (!drv->fw.dbg.dest_tlv)
1581 goto out_free_fw;
1582
1583 if (*pieces->dbg_dest_ver == 0) {
1584 memcpy(drv->fw.dbg.dest_tlv, pieces->dbg_dest_tlv_v1,
1585 dbg_dest_size);
1586 } else {
1587 struct iwl_fw_dbg_dest_tlv_v1 *dest_tlv =
1588 drv->fw.dbg.dest_tlv;
1589
1590 dest_tlv->version = pieces->dbg_dest_tlv->version;
1591 dest_tlv->monitor_mode =
1592 pieces->dbg_dest_tlv->monitor_mode;
1593 dest_tlv->size_power =
1594 pieces->dbg_dest_tlv->size_power;
1595 dest_tlv->wrap_count =
1596 pieces->dbg_dest_tlv->wrap_count;
1597 dest_tlv->write_ptr_reg =
1598 pieces->dbg_dest_tlv->write_ptr_reg;
1599 dest_tlv->base_shift =
1600 pieces->dbg_dest_tlv->base_shift;
1601 memcpy(dest_tlv->reg_ops,
1602 pieces->dbg_dest_tlv->reg_ops,
1603 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]) *
1604 drv->fw.dbg.n_dest_reg);
1605
1606 /* In version 1 of the destination tlv, which is
1607 * relevant for internal buffer exclusively,
1608 * the base address is part of given with the length
1609 * of the buffer, and the size shift is give instead of
1610 * end shift. We now store these values in base_reg,
1611 * and end shift, and when dumping the data we'll
1612 * manipulate it for extracting both the length and
1613 * base address */
1614 dest_tlv->base_reg = pieces->dbg_dest_tlv->cfg_reg;
1615 dest_tlv->end_shift =
1616 pieces->dbg_dest_tlv->size_shift;
1617 }
1618 }
1619
1620 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.conf_tlv); i++) {
1621 if (pieces->dbg_conf_tlv[i]) {
1622 drv->fw.dbg.conf_tlv[i] =
1623 kmemdup(pieces->dbg_conf_tlv[i],
1624 pieces->dbg_conf_tlv_len[i],
1625 GFP_KERNEL);
1626 if (!drv->fw.dbg.conf_tlv[i])
1627 goto out_free_fw;
1628 }
1629 }
1630
1631 memset(&trigger_tlv_sz, 0xff, sizeof(trigger_tlv_sz));
1632
1633 trigger_tlv_sz[FW_DBG_TRIGGER_MISSED_BEACONS] =
1634 sizeof(struct iwl_fw_dbg_trigger_missed_bcon);
1635 trigger_tlv_sz[FW_DBG_TRIGGER_CHANNEL_SWITCH] = 0;
1636 trigger_tlv_sz[FW_DBG_TRIGGER_FW_NOTIF] =
1637 sizeof(struct iwl_fw_dbg_trigger_cmd);
1638 trigger_tlv_sz[FW_DBG_TRIGGER_MLME] =
1639 sizeof(struct iwl_fw_dbg_trigger_mlme);
1640 trigger_tlv_sz[FW_DBG_TRIGGER_STATS] =
1641 sizeof(struct iwl_fw_dbg_trigger_stats);
1642 trigger_tlv_sz[FW_DBG_TRIGGER_RSSI] =
1643 sizeof(struct iwl_fw_dbg_trigger_low_rssi);
1644 trigger_tlv_sz[FW_DBG_TRIGGER_TXQ_TIMERS] =
1645 sizeof(struct iwl_fw_dbg_trigger_txq_timer);
1646 trigger_tlv_sz[FW_DBG_TRIGGER_TIME_EVENT] =
1647 sizeof(struct iwl_fw_dbg_trigger_time_event);
1648 trigger_tlv_sz[FW_DBG_TRIGGER_BA] =
1649 sizeof(struct iwl_fw_dbg_trigger_ba);
1650 trigger_tlv_sz[FW_DBG_TRIGGER_TDLS] =
1651 sizeof(struct iwl_fw_dbg_trigger_tdls);
1652
1653 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.trigger_tlv); i++) {
1654 if (pieces->dbg_trigger_tlv[i]) {
1655 /*
1656 * If the trigger isn't long enough, WARN and exit.
1657 * Someone is trying to debug something and he won't
1658 * be able to catch the bug he is trying to chase.
1659 * We'd better be noisy to be sure he knows what's
1660 * going on.
1661 */
1662 if (WARN_ON(pieces->dbg_trigger_tlv_len[i] <
1663 (trigger_tlv_sz[i] +
1664 sizeof(struct iwl_fw_dbg_trigger_tlv))))
1665 goto out_free_fw;
1666 drv->fw.dbg.trigger_tlv_len[i] =
1667 pieces->dbg_trigger_tlv_len[i];
1668 drv->fw.dbg.trigger_tlv[i] =
1669 kmemdup(pieces->dbg_trigger_tlv[i],
1670 drv->fw.dbg.trigger_tlv_len[i],
1671 GFP_KERNEL);
1672 if (!drv->fw.dbg.trigger_tlv[i])
1673 goto out_free_fw;
1674 }
1675 }
1676
1677 /* Now that we can no longer fail, copy information */
1678
1679 drv->fw.dbg.mem_tlv = pieces->dbg_mem_tlv;
1680 pieces->dbg_mem_tlv = NULL;
1681 drv->fw.dbg.n_mem_tlv = pieces->n_mem_tlv;
1682
1683 /*
1684 * The (size - 16) / 12 formula is based on the information recorded
1685 * for each event, which is of mode 1 (including timestamp) for all
1686 * new microcodes that include this information.
1687 */
1688 fw->init_evtlog_ptr = pieces->init_evtlog_ptr;
1689 if (pieces->init_evtlog_size)
1690 fw->init_evtlog_size = (pieces->init_evtlog_size - 16)/12;
1691 else
1692 fw->init_evtlog_size =
1693 drv->trans->trans_cfg->base_params->max_event_log_size;
1694 fw->init_errlog_ptr = pieces->init_errlog_ptr;
1695 fw->inst_evtlog_ptr = pieces->inst_evtlog_ptr;
1696 if (pieces->inst_evtlog_size)
1697 fw->inst_evtlog_size = (pieces->inst_evtlog_size - 16)/12;
1698 else
1699 fw->inst_evtlog_size =
1700 drv->trans->trans_cfg->base_params->max_event_log_size;
1701 fw->inst_errlog_ptr = pieces->inst_errlog_ptr;
1702
1703 /*
1704 * figure out the offset of chain noise reset and gain commands
1705 * base on the size of standard phy calibration commands table size
1706 */
1707 if (fw->ucode_capa.standard_phy_calibration_size >
1708 IWL_MAX_PHY_CALIBRATE_TBL_SIZE)
1709 fw->ucode_capa.standard_phy_calibration_size =
1710 IWL_MAX_STANDARD_PHY_CALIBRATE_TBL_SIZE;
1711
1712 /* We have our copies now, allow OS release its copies */
1713 release_firmware(ucode_raw);
1714
1715 iwl_dbg_tlv_load_bin(drv->trans->dev, drv->trans);
1716
1717 mutex_lock(&iwlwifi_opmode_table_mtx);
1718 switch (fw->type) {
1719 case IWL_FW_DVM:
1720 op = &iwlwifi_opmode_table[DVM_OP_MODE];
1721 break;
1722 default:
1723 WARN(1, "Invalid fw type %d\n", fw->type);
1724 fallthrough;
1725 case IWL_FW_MVM:
1726 op = &iwlwifi_opmode_table[MVM_OP_MODE];
1727 break;
1728 }
1729
1730 IWL_INFO(drv, "loaded firmware version %s op_mode %s\n",
1731 drv->fw.fw_version, op->name);
1732
1733 /* add this device to the list of devices using this op_mode */
1734 list_add_tail(&drv->list, &op->drv);
1735
1736 if (op->ops) {
1737 drv->op_mode = _iwl_op_mode_start(drv, op);
1738
1739 if (!drv->op_mode) {
1740 mutex_unlock(&iwlwifi_opmode_table_mtx);
1741 goto out_unbind;
1742 }
1743 } else {
1744 load_module = true;
1745 }
1746 mutex_unlock(&iwlwifi_opmode_table_mtx);
1747
1748 complete(&drv->request_firmware_complete);
1749
1750 /*
1751 * Load the module last so we don't block anything
1752 * else from proceeding if the module fails to load
1753 * or hangs loading.
1754 */
1755 if (load_module)
1756 request_module("%s", op->name);
1757 failure = false;
1758 goto free;
1759
1760 try_again:
1761 /* try next, if any */
1762 release_firmware(ucode_raw);
1763 if (iwl_request_firmware(drv, false))
1764 goto out_unbind;
1765 goto free;
1766
1767 out_free_fw:
1768 release_firmware(ucode_raw);
1769 out_unbind:
1770 complete(&drv->request_firmware_complete);
1771 device_release_driver(drv->trans->dev);
1772 /* drv has just been freed by the release */
1773 failure = false;
1774 free:
1775 if (failure)
1776 iwl_dealloc_ucode(drv);
1777
1778 if (pieces) {
1779 for (i = 0; i < ARRAY_SIZE(pieces->img); i++)
1780 kfree(pieces->img[i].sec);
1781 kfree(pieces->dbg_mem_tlv);
1782 kfree(pieces);
1783 }
1784}
1785
1786struct iwl_drv *iwl_drv_start(struct iwl_trans *trans)
1787{
1788 struct iwl_drv *drv;
1789 int ret;
1790
1791 drv = kzalloc(sizeof(*drv), GFP_KERNEL);
1792 if (!drv) {
1793 ret = -ENOMEM;
1794 goto err;
1795 }
1796
1797 drv->trans = trans;
1798 drv->dev = trans->dev;
1799
1800 init_completion(&drv->request_firmware_complete);
1801 INIT_LIST_HEAD(&drv->list);
1802
1803#ifdef CONFIG_IWLWIFI_DEBUGFS
1804 /* Create the device debugfs entries. */
1805 drv->dbgfs_drv = debugfs_create_dir(dev_name(trans->dev),
1806 iwl_dbgfs_root);
1807
1808 /* Create transport layer debugfs dir */
1809 drv->trans->dbgfs_dir = debugfs_create_dir("trans", drv->dbgfs_drv);
1810#endif
1811
1812 drv->trans->dbg.domains_bitmap = IWL_TRANS_FW_DBG_DOMAIN(drv->trans);
1813 if (iwlwifi_mod_params.enable_ini != ENABLE_INI) {
1814 /* We have a non-default value in the module parameter,
1815 * take its value
1816 */
1817 drv->trans->dbg.domains_bitmap &= 0xffff;
1818 if (iwlwifi_mod_params.enable_ini != IWL_FW_INI_PRESET_DISABLE) {
1819 if (iwlwifi_mod_params.enable_ini > ENABLE_INI) {
1820 IWL_ERR(trans,
1821 "invalid enable_ini module parameter value: max = %d, using 0 instead\n",
1822 ENABLE_INI);
1823 iwlwifi_mod_params.enable_ini = 0;
1824 }
1825 drv->trans->dbg.domains_bitmap =
1826 BIT(IWL_FW_DBG_DOMAIN_POS + iwlwifi_mod_params.enable_ini);
1827 }
1828 }
1829
1830 ret = iwl_request_firmware(drv, true);
1831 if (ret) {
1832 IWL_ERR(trans, "Couldn't request the fw\n");
1833 goto err_fw;
1834 }
1835
1836 return drv;
1837
1838err_fw:
1839#ifdef CONFIG_IWLWIFI_DEBUGFS
1840 debugfs_remove_recursive(drv->dbgfs_drv);
1841 iwl_dbg_tlv_free(drv->trans);
1842#endif
1843 kfree(drv);
1844err:
1845 return ERR_PTR(ret);
1846}
1847
1848void iwl_drv_stop(struct iwl_drv *drv)
1849{
1850 wait_for_completion(&drv->request_firmware_complete);
1851
1852 mutex_lock(&iwlwifi_opmode_table_mtx);
1853
1854 _iwl_op_mode_stop(drv);
1855
1856 iwl_dealloc_ucode(drv);
1857
1858 /*
1859 * List is empty (this item wasn't added)
1860 * when firmware loading failed -- in that
1861 * case we can't remove it from any list.
1862 */
1863 if (!list_empty(&drv->list))
1864 list_del(&drv->list);
1865 mutex_unlock(&iwlwifi_opmode_table_mtx);
1866
1867#ifdef CONFIG_IWLWIFI_DEBUGFS
1868 drv->trans->ops->debugfs_cleanup(drv->trans);
1869
1870 debugfs_remove_recursive(drv->dbgfs_drv);
1871#endif
1872
1873 iwl_dbg_tlv_free(drv->trans);
1874
1875 kfree(drv);
1876}
1877
1878/* shared module parameters */
1879struct iwl_mod_params iwlwifi_mod_params = {
1880 .fw_restart = true,
1881 .bt_coex_active = true,
1882 .power_level = IWL_POWER_INDEX_1,
1883 .uapsd_disable = IWL_DISABLE_UAPSD_BSS | IWL_DISABLE_UAPSD_P2P_CLIENT,
1884 .enable_ini = ENABLE_INI,
1885 /* the rest are 0 by default */
1886};
1887IWL_EXPORT_SYMBOL(iwlwifi_mod_params);
1888
1889int iwl_opmode_register(const char *name, const struct iwl_op_mode_ops *ops)
1890{
1891 int i;
1892 struct iwl_drv *drv;
1893 struct iwlwifi_opmode_table *op;
1894
1895 mutex_lock(&iwlwifi_opmode_table_mtx);
1896 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) {
1897 op = &iwlwifi_opmode_table[i];
1898 if (strcmp(op->name, name))
1899 continue;
1900 op->ops = ops;
1901 /* TODO: need to handle exceptional case */
1902 list_for_each_entry(drv, &op->drv, list)
1903 drv->op_mode = _iwl_op_mode_start(drv, op);
1904
1905 mutex_unlock(&iwlwifi_opmode_table_mtx);
1906 return 0;
1907 }
1908 mutex_unlock(&iwlwifi_opmode_table_mtx);
1909 return -EIO;
1910}
1911IWL_EXPORT_SYMBOL(iwl_opmode_register);
1912
1913void iwl_opmode_deregister(const char *name)
1914{
1915 int i;
1916 struct iwl_drv *drv;
1917
1918 mutex_lock(&iwlwifi_opmode_table_mtx);
1919 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) {
1920 if (strcmp(iwlwifi_opmode_table[i].name, name))
1921 continue;
1922 iwlwifi_opmode_table[i].ops = NULL;
1923
1924 /* call the stop routine for all devices */
1925 list_for_each_entry(drv, &iwlwifi_opmode_table[i].drv, list)
1926 _iwl_op_mode_stop(drv);
1927
1928 mutex_unlock(&iwlwifi_opmode_table_mtx);
1929 return;
1930 }
1931 mutex_unlock(&iwlwifi_opmode_table_mtx);
1932}
1933IWL_EXPORT_SYMBOL(iwl_opmode_deregister);
1934
1935static int __init iwl_drv_init(void)
1936{
1937 int i, err;
1938
1939 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++)
1940 INIT_LIST_HEAD(&iwlwifi_opmode_table[i].drv);
1941
1942 pr_info(DRV_DESCRIPTION "\n");
1943
1944#ifdef CONFIG_IWLWIFI_DEBUGFS
1945 /* Create the root of iwlwifi debugfs subsystem. */
1946 iwl_dbgfs_root = debugfs_create_dir(DRV_NAME, NULL);
1947#endif
1948
1949 err = iwl_pci_register_driver();
1950 if (err)
1951 goto cleanup_debugfs;
1952
1953 return 0;
1954
1955cleanup_debugfs:
1956#ifdef CONFIG_IWLWIFI_DEBUGFS
1957 debugfs_remove_recursive(iwl_dbgfs_root);
1958#endif
1959 return err;
1960}
1961module_init(iwl_drv_init);
1962
1963static void __exit iwl_drv_exit(void)
1964{
1965 iwl_pci_unregister_driver();
1966
1967#ifdef CONFIG_IWLWIFI_DEBUGFS
1968 debugfs_remove_recursive(iwl_dbgfs_root);
1969#endif
1970}
1971module_exit(iwl_drv_exit);
1972
1973#ifdef CONFIG_IWLWIFI_DEBUG
1974module_param_named(debug, iwlwifi_mod_params.debug_level, uint, 0644);
1975MODULE_PARM_DESC(debug, "debug output mask");
1976#endif
1977
1978module_param_named(swcrypto, iwlwifi_mod_params.swcrypto, int, 0444);
1979MODULE_PARM_DESC(swcrypto, "using crypto in software (default 0 [hardware])");
1980module_param_named(11n_disable, iwlwifi_mod_params.disable_11n, uint, 0444);
1981MODULE_PARM_DESC(11n_disable,
1982 "disable 11n functionality, bitmap: 1: full, 2: disable agg TX, 4: disable agg RX, 8 enable agg TX");
1983module_param_named(amsdu_size, iwlwifi_mod_params.amsdu_size, int, 0444);
1984MODULE_PARM_DESC(amsdu_size,
1985 "amsdu size 0: 12K for multi Rx queue devices, 2K for AX210 devices, "
1986 "4K for other devices 1:4K 2:8K 3:12K (16K buffers) 4: 2K (default 0)");
1987module_param_named(fw_restart, iwlwifi_mod_params.fw_restart, bool, 0444);
1988MODULE_PARM_DESC(fw_restart, "restart firmware in case of error (default true)");
1989
1990module_param_named(nvm_file, iwlwifi_mod_params.nvm_file, charp, 0444);
1991MODULE_PARM_DESC(nvm_file, "NVM file name");
1992
1993module_param_named(uapsd_disable, iwlwifi_mod_params.uapsd_disable, uint, 0644);
1994MODULE_PARM_DESC(uapsd_disable,
1995 "disable U-APSD functionality bitmap 1: BSS 2: P2P Client (default: 3)");
1996
1997module_param_named(enable_ini, iwlwifi_mod_params.enable_ini, uint, 0444);
1998MODULE_PARM_DESC(enable_ini,
1999 "0:disable, 1-15:FW_DBG_PRESET Values, 16:enabled without preset value defined,"
2000 "Debug INI TLV FW debug infrastructure (default: 16)");
2001
2002/*
2003 * set bt_coex_active to true, uCode will do kill/defer
2004 * every time the priority line is asserted (BT is sending signals on the
2005 * priority line in the PCIx).
2006 * set bt_coex_active to false, uCode will ignore the BT activity and
2007 * perform the normal operation
2008 *
2009 * User might experience transmit issue on some platform due to WiFi/BT
2010 * co-exist problem. The possible behaviors are:
2011 * Able to scan and finding all the available AP
2012 * Not able to associate with any AP
2013 * On those platforms, WiFi communication can be restored by set
2014 * "bt_coex_active" module parameter to "false"
2015 *
2016 * default: bt_coex_active = true (BT_COEX_ENABLE)
2017 */
2018module_param_named(bt_coex_active, iwlwifi_mod_params.bt_coex_active,
2019 bool, 0444);
2020MODULE_PARM_DESC(bt_coex_active, "enable wifi/bt co-exist (default: enable)");
2021
2022module_param_named(led_mode, iwlwifi_mod_params.led_mode, int, 0444);
2023MODULE_PARM_DESC(led_mode, "0=system default, "
2024 "1=On(RF On)/Off(RF Off), 2=blinking, 3=Off (default: 0)");
2025
2026module_param_named(power_save, iwlwifi_mod_params.power_save, bool, 0444);
2027MODULE_PARM_DESC(power_save,
2028 "enable WiFi power management (default: disable)");
2029
2030module_param_named(power_level, iwlwifi_mod_params.power_level, int, 0444);
2031MODULE_PARM_DESC(power_level,
2032 "default power save level (range from 1 - 5, default: 1)");
2033
2034module_param_named(disable_11ac, iwlwifi_mod_params.disable_11ac, bool, 0444);
2035MODULE_PARM_DESC(disable_11ac, "Disable VHT capabilities (default: false)");
2036
2037module_param_named(remove_when_gone,
2038 iwlwifi_mod_params.remove_when_gone, bool,
2039 0444);
2040MODULE_PARM_DESC(remove_when_gone,
2041 "Remove dev from PCIe bus if it is deemed inaccessible (default: false)");
2042
2043module_param_named(disable_11ax, iwlwifi_mod_params.disable_11ax, bool,
2044 S_IRUGO);
2045MODULE_PARM_DESC(disable_11ax, "Disable HE capabilities (default: false)");
2046
2047module_param_named(disable_11be, iwlwifi_mod_params.disable_11be, bool, 0444);
2048MODULE_PARM_DESC(disable_11be, "Disable EHT capabilities (default: false)");
1/******************************************************************************
2 *
3 * This file is provided under a dual BSD/GPLv2 license. When using or
4 * redistributing this file, you may do so under either license.
5 *
6 * GPL LICENSE SUMMARY
7 *
8 * Copyright(c) 2007 - 2014 Intel Corporation. All rights reserved.
9 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
10 * Copyright(c) 2016 Intel Deutschland GmbH
11 *
12 * This program is free software; you can redistribute it and/or modify
13 * it under the terms of version 2 of the GNU General Public License as
14 * published by the Free Software Foundation.
15 *
16 * This program is distributed in the hope that it will be useful, but
17 * WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 * General Public License for more details.
20 *
21 * You should have received a copy of the GNU General Public License
22 * along with this program; if not, write to the Free Software
23 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110,
24 * USA
25 *
26 * The full GNU General Public License is included in this distribution
27 * in the file called COPYING.
28 *
29 * Contact Information:
30 * Intel Linux Wireless <linuxwifi@intel.com>
31 * Intel Corporation, 5200 N.E. Elam Young Parkway, Hillsboro, OR 97124-6497
32 *
33 * BSD LICENSE
34 *
35 * Copyright(c) 2005 - 2014 Intel Corporation. All rights reserved.
36 * Copyright(c) 2013 - 2015 Intel Mobile Communications GmbH
37 * Copyright(c) 2016 Intel Deutschland GmbH
38 * All rights reserved.
39 *
40 * Redistribution and use in source and binary forms, with or without
41 * modification, are permitted provided that the following conditions
42 * are met:
43 *
44 * * Redistributions of source code must retain the above copyright
45 * notice, this list of conditions and the following disclaimer.
46 * * Redistributions in binary form must reproduce the above copyright
47 * notice, this list of conditions and the following disclaimer in
48 * the documentation and/or other materials provided with the
49 * distribution.
50 * * Neither the name Intel Corporation nor the names of its
51 * contributors may be used to endorse or promote products derived
52 * from this software without specific prior written permission.
53 *
54 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
55 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
56 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
57 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
58 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
59 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
60 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
61 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
62 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
63 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
64 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
65 *
66 *****************************************************************************/
67#include <linux/completion.h>
68#include <linux/dma-mapping.h>
69#include <linux/firmware.h>
70#include <linux/module.h>
71#include <linux/vmalloc.h>
72
73#include "iwl-drv.h"
74#include "iwl-csr.h"
75#include "iwl-debug.h"
76#include "iwl-trans.h"
77#include "iwl-op-mode.h"
78#include "iwl-agn-hw.h"
79#include "iwl-fw.h"
80#include "iwl-config.h"
81#include "iwl-modparams.h"
82
83/******************************************************************************
84 *
85 * module boiler plate
86 *
87 ******************************************************************************/
88
89#define DRV_DESCRIPTION "Intel(R) Wireless WiFi driver for Linux"
90MODULE_DESCRIPTION(DRV_DESCRIPTION);
91MODULE_AUTHOR(DRV_COPYRIGHT " " DRV_AUTHOR);
92MODULE_LICENSE("GPL");
93
94#ifdef CONFIG_IWLWIFI_DEBUGFS
95static struct dentry *iwl_dbgfs_root;
96#endif
97
98/**
99 * struct iwl_drv - drv common data
100 * @list: list of drv structures using this opmode
101 * @fw: the iwl_fw structure
102 * @op_mode: the running op_mode
103 * @trans: transport layer
104 * @dev: for debug prints only
105 * @cfg: configuration struct
106 * @fw_index: firmware revision to try loading
107 * @firmware_name: composite filename of ucode file to load
108 * @request_firmware_complete: the firmware has been obtained from user space
109 */
110struct iwl_drv {
111 struct list_head list;
112 struct iwl_fw fw;
113
114 struct iwl_op_mode *op_mode;
115 struct iwl_trans *trans;
116 struct device *dev;
117 const struct iwl_cfg *cfg;
118
119 int fw_index; /* firmware we're trying to load */
120 char firmware_name[32]; /* name of firmware file to load */
121
122 struct completion request_firmware_complete;
123
124#ifdef CONFIG_IWLWIFI_DEBUGFS
125 struct dentry *dbgfs_drv;
126 struct dentry *dbgfs_trans;
127 struct dentry *dbgfs_op_mode;
128#endif
129};
130
131enum {
132 DVM_OP_MODE = 0,
133 MVM_OP_MODE = 1,
134};
135
136/* Protects the table contents, i.e. the ops pointer & drv list */
137static struct mutex iwlwifi_opmode_table_mtx;
138static struct iwlwifi_opmode_table {
139 const char *name; /* name: iwldvm, iwlmvm, etc */
140 const struct iwl_op_mode_ops *ops; /* pointer to op_mode ops */
141 struct list_head drv; /* list of devices using this op_mode */
142} iwlwifi_opmode_table[] = { /* ops set when driver is initialized */
143 [DVM_OP_MODE] = { .name = "iwldvm", .ops = NULL },
144 [MVM_OP_MODE] = { .name = "iwlmvm", .ops = NULL },
145};
146
147#define IWL_DEFAULT_SCAN_CHANNELS 40
148
149/*
150 * struct fw_sec: Just for the image parsing process.
151 * For the fw storage we are using struct fw_desc.
152 */
153struct fw_sec {
154 const void *data; /* the sec data */
155 size_t size; /* section size */
156 u32 offset; /* offset of writing in the device */
157};
158
159static void iwl_free_fw_desc(struct iwl_drv *drv, struct fw_desc *desc)
160{
161 vfree(desc->data);
162 desc->data = NULL;
163 desc->len = 0;
164}
165
166static void iwl_free_fw_img(struct iwl_drv *drv, struct fw_img *img)
167{
168 int i;
169 for (i = 0; i < IWL_UCODE_SECTION_MAX; i++)
170 iwl_free_fw_desc(drv, &img->sec[i]);
171}
172
173static void iwl_dealloc_ucode(struct iwl_drv *drv)
174{
175 int i;
176
177 kfree(drv->fw.dbg_dest_tlv);
178 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg_conf_tlv); i++)
179 kfree(drv->fw.dbg_conf_tlv[i]);
180 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg_trigger_tlv); i++)
181 kfree(drv->fw.dbg_trigger_tlv[i]);
182
183 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++)
184 iwl_free_fw_img(drv, drv->fw.img + i);
185}
186
187static int iwl_alloc_fw_desc(struct iwl_drv *drv, struct fw_desc *desc,
188 struct fw_sec *sec)
189{
190 void *data;
191
192 desc->data = NULL;
193
194 if (!sec || !sec->size)
195 return -EINVAL;
196
197 data = vmalloc(sec->size);
198 if (!data)
199 return -ENOMEM;
200
201 desc->len = sec->size;
202 desc->offset = sec->offset;
203 memcpy(data, sec->data, desc->len);
204 desc->data = data;
205
206 return 0;
207}
208
209static void iwl_req_fw_callback(const struct firmware *ucode_raw,
210 void *context);
211
212#define UCODE_EXPERIMENTAL_INDEX 100
213#define UCODE_EXPERIMENTAL_TAG "exp"
214
215static int iwl_request_firmware(struct iwl_drv *drv, bool first)
216{
217 const char *name_pre = drv->cfg->fw_name_pre;
218 char tag[8];
219
220 if (first) {
221#ifdef CONFIG_IWLWIFI_DEBUG_EXPERIMENTAL_UCODE
222 drv->fw_index = UCODE_EXPERIMENTAL_INDEX;
223 strcpy(tag, UCODE_EXPERIMENTAL_TAG);
224 } else if (drv->fw_index == UCODE_EXPERIMENTAL_INDEX) {
225#endif
226 drv->fw_index = drv->cfg->ucode_api_max;
227 sprintf(tag, "%d", drv->fw_index);
228 } else {
229 drv->fw_index--;
230 sprintf(tag, "%d", drv->fw_index);
231 }
232
233 if (drv->fw_index < drv->cfg->ucode_api_min) {
234 IWL_ERR(drv, "no suitable firmware found!\n");
235 return -ENOENT;
236 }
237
238 snprintf(drv->firmware_name, sizeof(drv->firmware_name), "%s%s.ucode",
239 name_pre, tag);
240
241 IWL_DEBUG_INFO(drv, "attempting to load firmware %s'%s'\n",
242 (drv->fw_index == UCODE_EXPERIMENTAL_INDEX)
243 ? "EXPERIMENTAL " : "",
244 drv->firmware_name);
245
246 return request_firmware_nowait(THIS_MODULE, 1, drv->firmware_name,
247 drv->trans->dev,
248 GFP_KERNEL, drv, iwl_req_fw_callback);
249}
250
251struct fw_img_parsing {
252 struct fw_sec sec[IWL_UCODE_SECTION_MAX];
253 int sec_counter;
254};
255
256/*
257 * struct fw_sec_parsing: to extract fw section and it's offset from tlv
258 */
259struct fw_sec_parsing {
260 __le32 offset;
261 const u8 data[];
262} __packed;
263
264/**
265 * struct iwl_tlv_calib_data - parse the default calib data from TLV
266 *
267 * @ucode_type: the uCode to which the following default calib relates.
268 * @calib: default calibrations.
269 */
270struct iwl_tlv_calib_data {
271 __le32 ucode_type;
272 struct iwl_tlv_calib_ctrl calib;
273} __packed;
274
275struct iwl_firmware_pieces {
276 struct fw_img_parsing img[IWL_UCODE_TYPE_MAX];
277
278 u32 init_evtlog_ptr, init_evtlog_size, init_errlog_ptr;
279 u32 inst_evtlog_ptr, inst_evtlog_size, inst_errlog_ptr;
280
281 /* FW debug data parsed for driver usage */
282 struct iwl_fw_dbg_dest_tlv *dbg_dest_tlv;
283 struct iwl_fw_dbg_conf_tlv *dbg_conf_tlv[FW_DBG_CONF_MAX];
284 size_t dbg_conf_tlv_len[FW_DBG_CONF_MAX];
285 struct iwl_fw_dbg_trigger_tlv *dbg_trigger_tlv[FW_DBG_TRIGGER_MAX];
286 size_t dbg_trigger_tlv_len[FW_DBG_TRIGGER_MAX];
287};
288
289/*
290 * These functions are just to extract uCode section data from the pieces
291 * structure.
292 */
293static struct fw_sec *get_sec(struct iwl_firmware_pieces *pieces,
294 enum iwl_ucode_type type,
295 int sec)
296{
297 return &pieces->img[type].sec[sec];
298}
299
300static void set_sec_data(struct iwl_firmware_pieces *pieces,
301 enum iwl_ucode_type type,
302 int sec,
303 const void *data)
304{
305 pieces->img[type].sec[sec].data = data;
306}
307
308static void set_sec_size(struct iwl_firmware_pieces *pieces,
309 enum iwl_ucode_type type,
310 int sec,
311 size_t size)
312{
313 pieces->img[type].sec[sec].size = size;
314}
315
316static size_t get_sec_size(struct iwl_firmware_pieces *pieces,
317 enum iwl_ucode_type type,
318 int sec)
319{
320 return pieces->img[type].sec[sec].size;
321}
322
323static void set_sec_offset(struct iwl_firmware_pieces *pieces,
324 enum iwl_ucode_type type,
325 int sec,
326 u32 offset)
327{
328 pieces->img[type].sec[sec].offset = offset;
329}
330
331static int iwl_store_cscheme(struct iwl_fw *fw, const u8 *data, const u32 len)
332{
333 int i, j;
334 struct iwl_fw_cscheme_list *l = (struct iwl_fw_cscheme_list *)data;
335 struct iwl_fw_cipher_scheme *fwcs;
336 struct ieee80211_cipher_scheme *cs;
337 u32 cipher;
338
339 if (len < sizeof(*l) ||
340 len < sizeof(l->size) + l->size * sizeof(l->cs[0]))
341 return -EINVAL;
342
343 for (i = 0, j = 0; i < IWL_UCODE_MAX_CS && i < l->size; i++) {
344 fwcs = &l->cs[j];
345 cipher = le32_to_cpu(fwcs->cipher);
346
347 /* we skip schemes with zero cipher suite selector */
348 if (!cipher)
349 continue;
350
351 cs = &fw->cs[j++];
352 cs->cipher = cipher;
353 cs->iftype = BIT(NL80211_IFTYPE_STATION);
354 cs->hdr_len = fwcs->hdr_len;
355 cs->pn_len = fwcs->pn_len;
356 cs->pn_off = fwcs->pn_off;
357 cs->key_idx_off = fwcs->key_idx_off;
358 cs->key_idx_mask = fwcs->key_idx_mask;
359 cs->key_idx_shift = fwcs->key_idx_shift;
360 cs->mic_len = fwcs->mic_len;
361 }
362
363 return 0;
364}
365
366static void iwl_store_gscan_capa(struct iwl_fw *fw, const u8 *data,
367 const u32 len)
368{
369 struct iwl_fw_gscan_capabilities *fw_capa = (void *)data;
370 struct iwl_gscan_capabilities *capa = &fw->gscan_capa;
371
372 capa->max_scan_cache_size = le32_to_cpu(fw_capa->max_scan_cache_size);
373 capa->max_scan_buckets = le32_to_cpu(fw_capa->max_scan_buckets);
374 capa->max_ap_cache_per_scan =
375 le32_to_cpu(fw_capa->max_ap_cache_per_scan);
376 capa->max_rssi_sample_size = le32_to_cpu(fw_capa->max_rssi_sample_size);
377 capa->max_scan_reporting_threshold =
378 le32_to_cpu(fw_capa->max_scan_reporting_threshold);
379 capa->max_hotlist_aps = le32_to_cpu(fw_capa->max_hotlist_aps);
380 capa->max_significant_change_aps =
381 le32_to_cpu(fw_capa->max_significant_change_aps);
382 capa->max_bssid_history_entries =
383 le32_to_cpu(fw_capa->max_bssid_history_entries);
384 capa->max_hotlist_ssids = le32_to_cpu(fw_capa->max_hotlist_ssids);
385 capa->max_number_epno_networks =
386 le32_to_cpu(fw_capa->max_number_epno_networks);
387 capa->max_number_epno_networks_by_ssid =
388 le32_to_cpu(fw_capa->max_number_epno_networks_by_ssid);
389 capa->max_number_of_white_listed_ssid =
390 le32_to_cpu(fw_capa->max_number_of_white_listed_ssid);
391 capa->max_number_of_black_listed_ssid =
392 le32_to_cpu(fw_capa->max_number_of_black_listed_ssid);
393}
394
395/*
396 * Gets uCode section from tlv.
397 */
398static int iwl_store_ucode_sec(struct iwl_firmware_pieces *pieces,
399 const void *data, enum iwl_ucode_type type,
400 int size)
401{
402 struct fw_img_parsing *img;
403 struct fw_sec *sec;
404 struct fw_sec_parsing *sec_parse;
405
406 if (WARN_ON(!pieces || !data || type >= IWL_UCODE_TYPE_MAX))
407 return -1;
408
409 sec_parse = (struct fw_sec_parsing *)data;
410
411 img = &pieces->img[type];
412 sec = &img->sec[img->sec_counter];
413
414 sec->offset = le32_to_cpu(sec_parse->offset);
415 sec->data = sec_parse->data;
416 sec->size = size - sizeof(sec_parse->offset);
417
418 ++img->sec_counter;
419
420 return 0;
421}
422
423static int iwl_set_default_calib(struct iwl_drv *drv, const u8 *data)
424{
425 struct iwl_tlv_calib_data *def_calib =
426 (struct iwl_tlv_calib_data *)data;
427 u32 ucode_type = le32_to_cpu(def_calib->ucode_type);
428 if (ucode_type >= IWL_UCODE_TYPE_MAX) {
429 IWL_ERR(drv, "Wrong ucode_type %u for default calibration.\n",
430 ucode_type);
431 return -EINVAL;
432 }
433 drv->fw.default_calib[ucode_type].flow_trigger =
434 def_calib->calib.flow_trigger;
435 drv->fw.default_calib[ucode_type].event_trigger =
436 def_calib->calib.event_trigger;
437
438 return 0;
439}
440
441static int iwl_set_ucode_api_flags(struct iwl_drv *drv, const u8 *data,
442 struct iwl_ucode_capabilities *capa)
443{
444 const struct iwl_ucode_api *ucode_api = (void *)data;
445 u32 api_index = le32_to_cpu(ucode_api->api_index);
446 u32 api_flags = le32_to_cpu(ucode_api->api_flags);
447 int i;
448
449 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_API, 32)) {
450 IWL_ERR(drv,
451 "api flags index %d larger than supported by driver\n",
452 api_index);
453 /* don't return an error so we can load FW that has more bits */
454 return 0;
455 }
456
457 for (i = 0; i < 32; i++) {
458 if (api_flags & BIT(i))
459 __set_bit(i + 32 * api_index, capa->_api);
460 }
461
462 return 0;
463}
464
465static int iwl_set_ucode_capabilities(struct iwl_drv *drv, const u8 *data,
466 struct iwl_ucode_capabilities *capa)
467{
468 const struct iwl_ucode_capa *ucode_capa = (void *)data;
469 u32 api_index = le32_to_cpu(ucode_capa->api_index);
470 u32 api_flags = le32_to_cpu(ucode_capa->api_capa);
471 int i;
472
473 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_CAPA, 32)) {
474 IWL_ERR(drv,
475 "capa flags index %d larger than supported by driver\n",
476 api_index);
477 /* don't return an error so we can load FW that has more bits */
478 return 0;
479 }
480
481 for (i = 0; i < 32; i++) {
482 if (api_flags & BIT(i))
483 __set_bit(i + 32 * api_index, capa->_capa);
484 }
485
486 return 0;
487}
488
489static int iwl_parse_v1_v2_firmware(struct iwl_drv *drv,
490 const struct firmware *ucode_raw,
491 struct iwl_firmware_pieces *pieces)
492{
493 struct iwl_ucode_header *ucode = (void *)ucode_raw->data;
494 u32 api_ver, hdr_size, build;
495 char buildstr[25];
496 const u8 *src;
497
498 drv->fw.ucode_ver = le32_to_cpu(ucode->ver);
499 api_ver = IWL_UCODE_API(drv->fw.ucode_ver);
500
501 switch (api_ver) {
502 default:
503 hdr_size = 28;
504 if (ucode_raw->size < hdr_size) {
505 IWL_ERR(drv, "File size too small!\n");
506 return -EINVAL;
507 }
508 build = le32_to_cpu(ucode->u.v2.build);
509 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST,
510 le32_to_cpu(ucode->u.v2.inst_size));
511 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA,
512 le32_to_cpu(ucode->u.v2.data_size));
513 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST,
514 le32_to_cpu(ucode->u.v2.init_size));
515 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA,
516 le32_to_cpu(ucode->u.v2.init_data_size));
517 src = ucode->u.v2.data;
518 break;
519 case 0:
520 case 1:
521 case 2:
522 hdr_size = 24;
523 if (ucode_raw->size < hdr_size) {
524 IWL_ERR(drv, "File size too small!\n");
525 return -EINVAL;
526 }
527 build = 0;
528 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST,
529 le32_to_cpu(ucode->u.v1.inst_size));
530 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA,
531 le32_to_cpu(ucode->u.v1.data_size));
532 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST,
533 le32_to_cpu(ucode->u.v1.init_size));
534 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA,
535 le32_to_cpu(ucode->u.v1.init_data_size));
536 src = ucode->u.v1.data;
537 break;
538 }
539
540 if (build)
541 sprintf(buildstr, " build %u%s", build,
542 (drv->fw_index == UCODE_EXPERIMENTAL_INDEX)
543 ? " (EXP)" : "");
544 else
545 buildstr[0] = '\0';
546
547 snprintf(drv->fw.fw_version,
548 sizeof(drv->fw.fw_version),
549 "%u.%u.%u.%u%s",
550 IWL_UCODE_MAJOR(drv->fw.ucode_ver),
551 IWL_UCODE_MINOR(drv->fw.ucode_ver),
552 IWL_UCODE_API(drv->fw.ucode_ver),
553 IWL_UCODE_SERIAL(drv->fw.ucode_ver),
554 buildstr);
555
556 /* Verify size of file vs. image size info in file's header */
557
558 if (ucode_raw->size != hdr_size +
559 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) +
560 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) +
561 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) +
562 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA)) {
563
564 IWL_ERR(drv,
565 "uCode file size %d does not match expected size\n",
566 (int)ucode_raw->size);
567 return -EINVAL;
568 }
569
570
571 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, src);
572 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST);
573 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST,
574 IWLAGN_RTC_INST_LOWER_BOUND);
575 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, src);
576 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA);
577 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA,
578 IWLAGN_RTC_DATA_LOWER_BOUND);
579 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, src);
580 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST);
581 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST,
582 IWLAGN_RTC_INST_LOWER_BOUND);
583 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, src);
584 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA);
585 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA,
586 IWLAGN_RTC_DATA_LOWER_BOUND);
587 return 0;
588}
589
590static int iwl_parse_tlv_firmware(struct iwl_drv *drv,
591 const struct firmware *ucode_raw,
592 struct iwl_firmware_pieces *pieces,
593 struct iwl_ucode_capabilities *capa,
594 bool *usniffer_images)
595{
596 struct iwl_tlv_ucode_header *ucode = (void *)ucode_raw->data;
597 struct iwl_ucode_tlv *tlv;
598 size_t len = ucode_raw->size;
599 const u8 *data;
600 u32 tlv_len;
601 u32 usniffer_img;
602 enum iwl_ucode_tlv_type tlv_type;
603 const u8 *tlv_data;
604 char buildstr[25];
605 u32 build, paging_mem_size;
606 int num_of_cpus;
607 bool usniffer_req = false;
608 bool gscan_capa = false;
609
610 if (len < sizeof(*ucode)) {
611 IWL_ERR(drv, "uCode has invalid length: %zd\n", len);
612 return -EINVAL;
613 }
614
615 if (ucode->magic != cpu_to_le32(IWL_TLV_UCODE_MAGIC)) {
616 IWL_ERR(drv, "invalid uCode magic: 0X%x\n",
617 le32_to_cpu(ucode->magic));
618 return -EINVAL;
619 }
620
621 drv->fw.ucode_ver = le32_to_cpu(ucode->ver);
622 memcpy(drv->fw.human_readable, ucode->human_readable,
623 sizeof(drv->fw.human_readable));
624 build = le32_to_cpu(ucode->build);
625
626 if (build)
627 sprintf(buildstr, " build %u%s", build,
628 (drv->fw_index == UCODE_EXPERIMENTAL_INDEX)
629 ? " (EXP)" : "");
630 else
631 buildstr[0] = '\0';
632
633 snprintf(drv->fw.fw_version,
634 sizeof(drv->fw.fw_version),
635 "%u.%u.%u.%u%s",
636 IWL_UCODE_MAJOR(drv->fw.ucode_ver),
637 IWL_UCODE_MINOR(drv->fw.ucode_ver),
638 IWL_UCODE_API(drv->fw.ucode_ver),
639 IWL_UCODE_SERIAL(drv->fw.ucode_ver),
640 buildstr);
641
642 data = ucode->data;
643
644 len -= sizeof(*ucode);
645
646 while (len >= sizeof(*tlv)) {
647 len -= sizeof(*tlv);
648 tlv = (void *)data;
649
650 tlv_len = le32_to_cpu(tlv->length);
651 tlv_type = le32_to_cpu(tlv->type);
652 tlv_data = tlv->data;
653
654 if (len < tlv_len) {
655 IWL_ERR(drv, "invalid TLV len: %zd/%u\n",
656 len, tlv_len);
657 return -EINVAL;
658 }
659 len -= ALIGN(tlv_len, 4);
660 data += sizeof(*tlv) + ALIGN(tlv_len, 4);
661
662 switch (tlv_type) {
663 case IWL_UCODE_TLV_INST:
664 set_sec_data(pieces, IWL_UCODE_REGULAR,
665 IWL_UCODE_SECTION_INST, tlv_data);
666 set_sec_size(pieces, IWL_UCODE_REGULAR,
667 IWL_UCODE_SECTION_INST, tlv_len);
668 set_sec_offset(pieces, IWL_UCODE_REGULAR,
669 IWL_UCODE_SECTION_INST,
670 IWLAGN_RTC_INST_LOWER_BOUND);
671 break;
672 case IWL_UCODE_TLV_DATA:
673 set_sec_data(pieces, IWL_UCODE_REGULAR,
674 IWL_UCODE_SECTION_DATA, tlv_data);
675 set_sec_size(pieces, IWL_UCODE_REGULAR,
676 IWL_UCODE_SECTION_DATA, tlv_len);
677 set_sec_offset(pieces, IWL_UCODE_REGULAR,
678 IWL_UCODE_SECTION_DATA,
679 IWLAGN_RTC_DATA_LOWER_BOUND);
680 break;
681 case IWL_UCODE_TLV_INIT:
682 set_sec_data(pieces, IWL_UCODE_INIT,
683 IWL_UCODE_SECTION_INST, tlv_data);
684 set_sec_size(pieces, IWL_UCODE_INIT,
685 IWL_UCODE_SECTION_INST, tlv_len);
686 set_sec_offset(pieces, IWL_UCODE_INIT,
687 IWL_UCODE_SECTION_INST,
688 IWLAGN_RTC_INST_LOWER_BOUND);
689 break;
690 case IWL_UCODE_TLV_INIT_DATA:
691 set_sec_data(pieces, IWL_UCODE_INIT,
692 IWL_UCODE_SECTION_DATA, tlv_data);
693 set_sec_size(pieces, IWL_UCODE_INIT,
694 IWL_UCODE_SECTION_DATA, tlv_len);
695 set_sec_offset(pieces, IWL_UCODE_INIT,
696 IWL_UCODE_SECTION_DATA,
697 IWLAGN_RTC_DATA_LOWER_BOUND);
698 break;
699 case IWL_UCODE_TLV_BOOT:
700 IWL_ERR(drv, "Found unexpected BOOT ucode\n");
701 break;
702 case IWL_UCODE_TLV_PROBE_MAX_LEN:
703 if (tlv_len != sizeof(u32))
704 goto invalid_tlv_len;
705 capa->max_probe_length =
706 le32_to_cpup((__le32 *)tlv_data);
707 break;
708 case IWL_UCODE_TLV_PAN:
709 if (tlv_len)
710 goto invalid_tlv_len;
711 capa->flags |= IWL_UCODE_TLV_FLAGS_PAN;
712 break;
713 case IWL_UCODE_TLV_FLAGS:
714 /* must be at least one u32 */
715 if (tlv_len < sizeof(u32))
716 goto invalid_tlv_len;
717 /* and a proper number of u32s */
718 if (tlv_len % sizeof(u32))
719 goto invalid_tlv_len;
720 /*
721 * This driver only reads the first u32 as
722 * right now no more features are defined,
723 * if that changes then either the driver
724 * will not work with the new firmware, or
725 * it'll not take advantage of new features.
726 */
727 capa->flags = le32_to_cpup((__le32 *)tlv_data);
728 break;
729 case IWL_UCODE_TLV_API_CHANGES_SET:
730 if (tlv_len != sizeof(struct iwl_ucode_api))
731 goto invalid_tlv_len;
732 if (iwl_set_ucode_api_flags(drv, tlv_data, capa))
733 goto tlv_error;
734 break;
735 case IWL_UCODE_TLV_ENABLED_CAPABILITIES:
736 if (tlv_len != sizeof(struct iwl_ucode_capa))
737 goto invalid_tlv_len;
738 if (iwl_set_ucode_capabilities(drv, tlv_data, capa))
739 goto tlv_error;
740 break;
741 case IWL_UCODE_TLV_INIT_EVTLOG_PTR:
742 if (tlv_len != sizeof(u32))
743 goto invalid_tlv_len;
744 pieces->init_evtlog_ptr =
745 le32_to_cpup((__le32 *)tlv_data);
746 break;
747 case IWL_UCODE_TLV_INIT_EVTLOG_SIZE:
748 if (tlv_len != sizeof(u32))
749 goto invalid_tlv_len;
750 pieces->init_evtlog_size =
751 le32_to_cpup((__le32 *)tlv_data);
752 break;
753 case IWL_UCODE_TLV_INIT_ERRLOG_PTR:
754 if (tlv_len != sizeof(u32))
755 goto invalid_tlv_len;
756 pieces->init_errlog_ptr =
757 le32_to_cpup((__le32 *)tlv_data);
758 break;
759 case IWL_UCODE_TLV_RUNT_EVTLOG_PTR:
760 if (tlv_len != sizeof(u32))
761 goto invalid_tlv_len;
762 pieces->inst_evtlog_ptr =
763 le32_to_cpup((__le32 *)tlv_data);
764 break;
765 case IWL_UCODE_TLV_RUNT_EVTLOG_SIZE:
766 if (tlv_len != sizeof(u32))
767 goto invalid_tlv_len;
768 pieces->inst_evtlog_size =
769 le32_to_cpup((__le32 *)tlv_data);
770 break;
771 case IWL_UCODE_TLV_RUNT_ERRLOG_PTR:
772 if (tlv_len != sizeof(u32))
773 goto invalid_tlv_len;
774 pieces->inst_errlog_ptr =
775 le32_to_cpup((__le32 *)tlv_data);
776 break;
777 case IWL_UCODE_TLV_ENHANCE_SENS_TBL:
778 if (tlv_len)
779 goto invalid_tlv_len;
780 drv->fw.enhance_sensitivity_table = true;
781 break;
782 case IWL_UCODE_TLV_WOWLAN_INST:
783 set_sec_data(pieces, IWL_UCODE_WOWLAN,
784 IWL_UCODE_SECTION_INST, tlv_data);
785 set_sec_size(pieces, IWL_UCODE_WOWLAN,
786 IWL_UCODE_SECTION_INST, tlv_len);
787 set_sec_offset(pieces, IWL_UCODE_WOWLAN,
788 IWL_UCODE_SECTION_INST,
789 IWLAGN_RTC_INST_LOWER_BOUND);
790 break;
791 case IWL_UCODE_TLV_WOWLAN_DATA:
792 set_sec_data(pieces, IWL_UCODE_WOWLAN,
793 IWL_UCODE_SECTION_DATA, tlv_data);
794 set_sec_size(pieces, IWL_UCODE_WOWLAN,
795 IWL_UCODE_SECTION_DATA, tlv_len);
796 set_sec_offset(pieces, IWL_UCODE_WOWLAN,
797 IWL_UCODE_SECTION_DATA,
798 IWLAGN_RTC_DATA_LOWER_BOUND);
799 break;
800 case IWL_UCODE_TLV_PHY_CALIBRATION_SIZE:
801 if (tlv_len != sizeof(u32))
802 goto invalid_tlv_len;
803 capa->standard_phy_calibration_size =
804 le32_to_cpup((__le32 *)tlv_data);
805 break;
806 case IWL_UCODE_TLV_SEC_RT:
807 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_REGULAR,
808 tlv_len);
809 drv->fw.mvm_fw = true;
810 break;
811 case IWL_UCODE_TLV_SEC_INIT:
812 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_INIT,
813 tlv_len);
814 drv->fw.mvm_fw = true;
815 break;
816 case IWL_UCODE_TLV_SEC_WOWLAN:
817 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_WOWLAN,
818 tlv_len);
819 drv->fw.mvm_fw = true;
820 break;
821 case IWL_UCODE_TLV_DEF_CALIB:
822 if (tlv_len != sizeof(struct iwl_tlv_calib_data))
823 goto invalid_tlv_len;
824 if (iwl_set_default_calib(drv, tlv_data))
825 goto tlv_error;
826 break;
827 case IWL_UCODE_TLV_PHY_SKU:
828 if (tlv_len != sizeof(u32))
829 goto invalid_tlv_len;
830 drv->fw.phy_config = le32_to_cpup((__le32 *)tlv_data);
831 drv->fw.valid_tx_ant = (drv->fw.phy_config &
832 FW_PHY_CFG_TX_CHAIN) >>
833 FW_PHY_CFG_TX_CHAIN_POS;
834 drv->fw.valid_rx_ant = (drv->fw.phy_config &
835 FW_PHY_CFG_RX_CHAIN) >>
836 FW_PHY_CFG_RX_CHAIN_POS;
837 break;
838 case IWL_UCODE_TLV_SECURE_SEC_RT:
839 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_REGULAR,
840 tlv_len);
841 drv->fw.mvm_fw = true;
842 break;
843 case IWL_UCODE_TLV_SECURE_SEC_INIT:
844 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_INIT,
845 tlv_len);
846 drv->fw.mvm_fw = true;
847 break;
848 case IWL_UCODE_TLV_SECURE_SEC_WOWLAN:
849 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_WOWLAN,
850 tlv_len);
851 drv->fw.mvm_fw = true;
852 break;
853 case IWL_UCODE_TLV_NUM_OF_CPU:
854 if (tlv_len != sizeof(u32))
855 goto invalid_tlv_len;
856 num_of_cpus =
857 le32_to_cpup((__le32 *)tlv_data);
858
859 if (num_of_cpus == 2) {
860 drv->fw.img[IWL_UCODE_REGULAR].is_dual_cpus =
861 true;
862 drv->fw.img[IWL_UCODE_INIT].is_dual_cpus =
863 true;
864 drv->fw.img[IWL_UCODE_WOWLAN].is_dual_cpus =
865 true;
866 } else if ((num_of_cpus > 2) || (num_of_cpus < 1)) {
867 IWL_ERR(drv, "Driver support upto 2 CPUs\n");
868 return -EINVAL;
869 }
870 break;
871 case IWL_UCODE_TLV_CSCHEME:
872 if (iwl_store_cscheme(&drv->fw, tlv_data, tlv_len))
873 goto invalid_tlv_len;
874 break;
875 case IWL_UCODE_TLV_N_SCAN_CHANNELS:
876 if (tlv_len != sizeof(u32))
877 goto invalid_tlv_len;
878 capa->n_scan_channels =
879 le32_to_cpup((__le32 *)tlv_data);
880 break;
881 case IWL_UCODE_TLV_FW_VERSION: {
882 __le32 *ptr = (void *)tlv_data;
883 u32 major, minor;
884 u8 local_comp;
885
886 if (tlv_len != sizeof(u32) * 3)
887 goto invalid_tlv_len;
888
889 major = le32_to_cpup(ptr++);
890 minor = le32_to_cpup(ptr++);
891 local_comp = le32_to_cpup(ptr);
892
893 snprintf(drv->fw.fw_version,
894 sizeof(drv->fw.fw_version), "%u.%u.%u",
895 major, minor, local_comp);
896 break;
897 }
898 case IWL_UCODE_TLV_FW_DBG_DEST: {
899 struct iwl_fw_dbg_dest_tlv *dest = (void *)tlv_data;
900
901 if (pieces->dbg_dest_tlv) {
902 IWL_ERR(drv,
903 "dbg destination ignored, already exists\n");
904 break;
905 }
906
907 pieces->dbg_dest_tlv = dest;
908 IWL_INFO(drv, "Found debug destination: %s\n",
909 get_fw_dbg_mode_string(dest->monitor_mode));
910
911 drv->fw.dbg_dest_reg_num =
912 tlv_len - offsetof(struct iwl_fw_dbg_dest_tlv,
913 reg_ops);
914 drv->fw.dbg_dest_reg_num /=
915 sizeof(drv->fw.dbg_dest_tlv->reg_ops[0]);
916
917 break;
918 }
919 case IWL_UCODE_TLV_FW_DBG_CONF: {
920 struct iwl_fw_dbg_conf_tlv *conf = (void *)tlv_data;
921
922 if (!pieces->dbg_dest_tlv) {
923 IWL_ERR(drv,
924 "Ignore dbg config %d - no destination configured\n",
925 conf->id);
926 break;
927 }
928
929 if (conf->id >= ARRAY_SIZE(drv->fw.dbg_conf_tlv)) {
930 IWL_ERR(drv,
931 "Skip unknown configuration: %d\n",
932 conf->id);
933 break;
934 }
935
936 if (pieces->dbg_conf_tlv[conf->id]) {
937 IWL_ERR(drv,
938 "Ignore duplicate dbg config %d\n",
939 conf->id);
940 break;
941 }
942
943 if (conf->usniffer)
944 usniffer_req = true;
945
946 IWL_INFO(drv, "Found debug configuration: %d\n",
947 conf->id);
948
949 pieces->dbg_conf_tlv[conf->id] = conf;
950 pieces->dbg_conf_tlv_len[conf->id] = tlv_len;
951 break;
952 }
953 case IWL_UCODE_TLV_FW_DBG_TRIGGER: {
954 struct iwl_fw_dbg_trigger_tlv *trigger =
955 (void *)tlv_data;
956 u32 trigger_id = le32_to_cpu(trigger->id);
957
958 if (trigger_id >= ARRAY_SIZE(drv->fw.dbg_trigger_tlv)) {
959 IWL_ERR(drv,
960 "Skip unknown trigger: %u\n",
961 trigger->id);
962 break;
963 }
964
965 if (pieces->dbg_trigger_tlv[trigger_id]) {
966 IWL_ERR(drv,
967 "Ignore duplicate dbg trigger %u\n",
968 trigger->id);
969 break;
970 }
971
972 IWL_INFO(drv, "Found debug trigger: %u\n", trigger->id);
973
974 pieces->dbg_trigger_tlv[trigger_id] = trigger;
975 pieces->dbg_trigger_tlv_len[trigger_id] = tlv_len;
976 break;
977 }
978 case IWL_UCODE_TLV_SEC_RT_USNIFFER:
979 *usniffer_images = true;
980 iwl_store_ucode_sec(pieces, tlv_data,
981 IWL_UCODE_REGULAR_USNIFFER,
982 tlv_len);
983 break;
984 case IWL_UCODE_TLV_PAGING:
985 if (tlv_len != sizeof(u32))
986 goto invalid_tlv_len;
987 paging_mem_size = le32_to_cpup((__le32 *)tlv_data);
988
989 IWL_DEBUG_FW(drv,
990 "Paging: paging enabled (size = %u bytes)\n",
991 paging_mem_size);
992
993 if (paging_mem_size > MAX_PAGING_IMAGE_SIZE) {
994 IWL_ERR(drv,
995 "Paging: driver supports up to %lu bytes for paging image\n",
996 MAX_PAGING_IMAGE_SIZE);
997 return -EINVAL;
998 }
999
1000 if (paging_mem_size & (FW_PAGING_SIZE - 1)) {
1001 IWL_ERR(drv,
1002 "Paging: image isn't multiple %lu\n",
1003 FW_PAGING_SIZE);
1004 return -EINVAL;
1005 }
1006
1007 drv->fw.img[IWL_UCODE_REGULAR].paging_mem_size =
1008 paging_mem_size;
1009 usniffer_img = IWL_UCODE_REGULAR_USNIFFER;
1010 drv->fw.img[usniffer_img].paging_mem_size =
1011 paging_mem_size;
1012 break;
1013 case IWL_UCODE_TLV_SDIO_ADMA_ADDR:
1014 if (tlv_len != sizeof(u32))
1015 goto invalid_tlv_len;
1016 drv->fw.sdio_adma_addr =
1017 le32_to_cpup((__le32 *)tlv_data);
1018 break;
1019 case IWL_UCODE_TLV_FW_GSCAN_CAPA:
1020 /*
1021 * Don't return an error in case of a shorter tlv_len
1022 * to enable loading of FW that has an old format
1023 * of GSCAN capabilities TLV.
1024 */
1025 if (tlv_len < sizeof(struct iwl_fw_gscan_capabilities))
1026 break;
1027
1028 iwl_store_gscan_capa(&drv->fw, tlv_data, tlv_len);
1029 gscan_capa = true;
1030 break;
1031 default:
1032 IWL_DEBUG_INFO(drv, "unknown TLV: %d\n", tlv_type);
1033 break;
1034 }
1035 }
1036
1037 if (!fw_has_capa(capa, IWL_UCODE_TLV_CAPA_USNIFFER_UNIFIED) &&
1038 usniffer_req && !*usniffer_images) {
1039 IWL_ERR(drv,
1040 "user selected to work with usniffer but usniffer image isn't available in ucode package\n");
1041 return -EINVAL;
1042 }
1043
1044 if (len) {
1045 IWL_ERR(drv, "invalid TLV after parsing: %zd\n", len);
1046 iwl_print_hex_dump(drv, IWL_DL_FW, (u8 *)data, len);
1047 return -EINVAL;
1048 }
1049
1050 /*
1051 * If ucode advertises that it supports GSCAN but GSCAN
1052 * capabilities TLV is not present, or if it has an old format,
1053 * warn and continue without GSCAN.
1054 */
1055 if (fw_has_capa(capa, IWL_UCODE_TLV_CAPA_GSCAN_SUPPORT) &&
1056 !gscan_capa) {
1057 IWL_DEBUG_INFO(drv,
1058 "GSCAN is supported but capabilities TLV is unavailable\n");
1059 __clear_bit((__force long)IWL_UCODE_TLV_CAPA_GSCAN_SUPPORT,
1060 capa->_capa);
1061 }
1062
1063 return 0;
1064
1065 invalid_tlv_len:
1066 IWL_ERR(drv, "TLV %d has invalid size: %u\n", tlv_type, tlv_len);
1067 tlv_error:
1068 iwl_print_hex_dump(drv, IWL_DL_FW, tlv_data, tlv_len);
1069
1070 return -EINVAL;
1071}
1072
1073static int iwl_alloc_ucode(struct iwl_drv *drv,
1074 struct iwl_firmware_pieces *pieces,
1075 enum iwl_ucode_type type)
1076{
1077 int i;
1078 for (i = 0;
1079 i < IWL_UCODE_SECTION_MAX && get_sec_size(pieces, type, i);
1080 i++)
1081 if (iwl_alloc_fw_desc(drv, &(drv->fw.img[type].sec[i]),
1082 get_sec(pieces, type, i)))
1083 return -ENOMEM;
1084 return 0;
1085}
1086
1087static int validate_sec_sizes(struct iwl_drv *drv,
1088 struct iwl_firmware_pieces *pieces,
1089 const struct iwl_cfg *cfg)
1090{
1091 IWL_DEBUG_INFO(drv, "f/w package hdr runtime inst size = %Zd\n",
1092 get_sec_size(pieces, IWL_UCODE_REGULAR,
1093 IWL_UCODE_SECTION_INST));
1094 IWL_DEBUG_INFO(drv, "f/w package hdr runtime data size = %Zd\n",
1095 get_sec_size(pieces, IWL_UCODE_REGULAR,
1096 IWL_UCODE_SECTION_DATA));
1097 IWL_DEBUG_INFO(drv, "f/w package hdr init inst size = %Zd\n",
1098 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST));
1099 IWL_DEBUG_INFO(drv, "f/w package hdr init data size = %Zd\n",
1100 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA));
1101
1102 /* Verify that uCode images will fit in card's SRAM. */
1103 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) >
1104 cfg->max_inst_size) {
1105 IWL_ERR(drv, "uCode instr len %Zd too large to fit in\n",
1106 get_sec_size(pieces, IWL_UCODE_REGULAR,
1107 IWL_UCODE_SECTION_INST));
1108 return -1;
1109 }
1110
1111 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) >
1112 cfg->max_data_size) {
1113 IWL_ERR(drv, "uCode data len %Zd too large to fit in\n",
1114 get_sec_size(pieces, IWL_UCODE_REGULAR,
1115 IWL_UCODE_SECTION_DATA));
1116 return -1;
1117 }
1118
1119 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) >
1120 cfg->max_inst_size) {
1121 IWL_ERR(drv, "uCode init instr len %Zd too large to fit in\n",
1122 get_sec_size(pieces, IWL_UCODE_INIT,
1123 IWL_UCODE_SECTION_INST));
1124 return -1;
1125 }
1126
1127 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA) >
1128 cfg->max_data_size) {
1129 IWL_ERR(drv, "uCode init data len %Zd too large to fit in\n",
1130 get_sec_size(pieces, IWL_UCODE_REGULAR,
1131 IWL_UCODE_SECTION_DATA));
1132 return -1;
1133 }
1134 return 0;
1135}
1136
1137static struct iwl_op_mode *
1138_iwl_op_mode_start(struct iwl_drv *drv, struct iwlwifi_opmode_table *op)
1139{
1140 const struct iwl_op_mode_ops *ops = op->ops;
1141 struct dentry *dbgfs_dir = NULL;
1142 struct iwl_op_mode *op_mode = NULL;
1143
1144#ifdef CONFIG_IWLWIFI_DEBUGFS
1145 drv->dbgfs_op_mode = debugfs_create_dir(op->name,
1146 drv->dbgfs_drv);
1147 if (!drv->dbgfs_op_mode) {
1148 IWL_ERR(drv,
1149 "failed to create opmode debugfs directory\n");
1150 return op_mode;
1151 }
1152 dbgfs_dir = drv->dbgfs_op_mode;
1153#endif
1154
1155 op_mode = ops->start(drv->trans, drv->cfg, &drv->fw, dbgfs_dir);
1156
1157#ifdef CONFIG_IWLWIFI_DEBUGFS
1158 if (!op_mode) {
1159 debugfs_remove_recursive(drv->dbgfs_op_mode);
1160 drv->dbgfs_op_mode = NULL;
1161 }
1162#endif
1163
1164 return op_mode;
1165}
1166
1167static void _iwl_op_mode_stop(struct iwl_drv *drv)
1168{
1169 /* op_mode can be NULL if its start failed */
1170 if (drv->op_mode) {
1171 iwl_op_mode_stop(drv->op_mode);
1172 drv->op_mode = NULL;
1173
1174#ifdef CONFIG_IWLWIFI_DEBUGFS
1175 debugfs_remove_recursive(drv->dbgfs_op_mode);
1176 drv->dbgfs_op_mode = NULL;
1177#endif
1178 }
1179}
1180
1181/**
1182 * iwl_req_fw_callback - callback when firmware was loaded
1183 *
1184 * If loaded successfully, copies the firmware into buffers
1185 * for the card to fetch (via DMA).
1186 */
1187static void iwl_req_fw_callback(const struct firmware *ucode_raw, void *context)
1188{
1189 struct iwl_drv *drv = context;
1190 struct iwl_fw *fw = &drv->fw;
1191 struct iwl_ucode_header *ucode;
1192 struct iwlwifi_opmode_table *op;
1193 int err;
1194 struct iwl_firmware_pieces *pieces;
1195 const unsigned int api_max = drv->cfg->ucode_api_max;
1196 unsigned int api_ok = drv->cfg->ucode_api_ok;
1197 const unsigned int api_min = drv->cfg->ucode_api_min;
1198 size_t trigger_tlv_sz[FW_DBG_TRIGGER_MAX];
1199 u32 api_ver;
1200 int i;
1201 bool load_module = false;
1202 bool usniffer_images = false;
1203
1204 fw->ucode_capa.max_probe_length = IWL_DEFAULT_MAX_PROBE_LENGTH;
1205 fw->ucode_capa.standard_phy_calibration_size =
1206 IWL_DEFAULT_STANDARD_PHY_CALIBRATE_TBL_SIZE;
1207 fw->ucode_capa.n_scan_channels = IWL_DEFAULT_SCAN_CHANNELS;
1208
1209 if (!api_ok)
1210 api_ok = api_max;
1211
1212 pieces = kzalloc(sizeof(*pieces), GFP_KERNEL);
1213 if (!pieces)
1214 return;
1215
1216 if (!ucode_raw) {
1217 if (drv->fw_index <= api_ok)
1218 IWL_ERR(drv,
1219 "request for firmware file '%s' failed.\n",
1220 drv->firmware_name);
1221 goto try_again;
1222 }
1223
1224 IWL_DEBUG_INFO(drv, "Loaded firmware file '%s' (%zd bytes).\n",
1225 drv->firmware_name, ucode_raw->size);
1226
1227 /* Make sure that we got at least the API version number */
1228 if (ucode_raw->size < 4) {
1229 IWL_ERR(drv, "File size way too small!\n");
1230 goto try_again;
1231 }
1232
1233 /* Data from ucode file: header followed by uCode images */
1234 ucode = (struct iwl_ucode_header *)ucode_raw->data;
1235
1236 if (ucode->ver)
1237 err = iwl_parse_v1_v2_firmware(drv, ucode_raw, pieces);
1238 else
1239 err = iwl_parse_tlv_firmware(drv, ucode_raw, pieces,
1240 &fw->ucode_capa, &usniffer_images);
1241
1242 if (err)
1243 goto try_again;
1244
1245 if (fw_has_api(&drv->fw.ucode_capa, IWL_UCODE_TLV_API_NEW_VERSION))
1246 api_ver = drv->fw.ucode_ver;
1247 else
1248 api_ver = IWL_UCODE_API(drv->fw.ucode_ver);
1249
1250 /*
1251 * api_ver should match the api version forming part of the
1252 * firmware filename ... but we don't check for that and only rely
1253 * on the API version read from firmware header from here on forward
1254 */
1255 /* no api version check required for experimental uCode */
1256 if (drv->fw_index != UCODE_EXPERIMENTAL_INDEX) {
1257 if (api_ver < api_min || api_ver > api_max) {
1258 IWL_ERR(drv,
1259 "Driver unable to support your firmware API. "
1260 "Driver supports v%u, firmware is v%u.\n",
1261 api_max, api_ver);
1262 goto try_again;
1263 }
1264
1265 if (api_ver < api_ok) {
1266 if (api_ok != api_max)
1267 IWL_ERR(drv, "Firmware has old API version, "
1268 "expected v%u through v%u, got v%u.\n",
1269 api_ok, api_max, api_ver);
1270 else
1271 IWL_ERR(drv, "Firmware has old API version, "
1272 "expected v%u, got v%u.\n",
1273 api_max, api_ver);
1274 IWL_ERR(drv, "New firmware can be obtained from "
1275 "http://www.intellinuxwireless.org/.\n");
1276 }
1277 }
1278
1279 /*
1280 * In mvm uCode there is no difference between data and instructions
1281 * sections.
1282 */
1283 if (!fw->mvm_fw && validate_sec_sizes(drv, pieces, drv->cfg))
1284 goto try_again;
1285
1286 /* Allocate ucode buffers for card's bus-master loading ... */
1287
1288 /* Runtime instructions and 2 copies of data:
1289 * 1) unmodified from disk
1290 * 2) backup cache for save/restore during power-downs */
1291 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++)
1292 if (iwl_alloc_ucode(drv, pieces, i))
1293 goto out_free_fw;
1294
1295 if (pieces->dbg_dest_tlv) {
1296 drv->fw.dbg_dest_tlv =
1297 kmemdup(pieces->dbg_dest_tlv,
1298 sizeof(*pieces->dbg_dest_tlv) +
1299 sizeof(pieces->dbg_dest_tlv->reg_ops[0]) *
1300 drv->fw.dbg_dest_reg_num, GFP_KERNEL);
1301
1302 if (!drv->fw.dbg_dest_tlv)
1303 goto out_free_fw;
1304 }
1305
1306 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg_conf_tlv); i++) {
1307 if (pieces->dbg_conf_tlv[i]) {
1308 drv->fw.dbg_conf_tlv_len[i] =
1309 pieces->dbg_conf_tlv_len[i];
1310 drv->fw.dbg_conf_tlv[i] =
1311 kmemdup(pieces->dbg_conf_tlv[i],
1312 drv->fw.dbg_conf_tlv_len[i],
1313 GFP_KERNEL);
1314 if (!drv->fw.dbg_conf_tlv[i])
1315 goto out_free_fw;
1316 }
1317 }
1318
1319 memset(&trigger_tlv_sz, 0xff, sizeof(trigger_tlv_sz));
1320
1321 trigger_tlv_sz[FW_DBG_TRIGGER_MISSED_BEACONS] =
1322 sizeof(struct iwl_fw_dbg_trigger_missed_bcon);
1323 trigger_tlv_sz[FW_DBG_TRIGGER_CHANNEL_SWITCH] = 0;
1324 trigger_tlv_sz[FW_DBG_TRIGGER_FW_NOTIF] =
1325 sizeof(struct iwl_fw_dbg_trigger_cmd);
1326 trigger_tlv_sz[FW_DBG_TRIGGER_MLME] =
1327 sizeof(struct iwl_fw_dbg_trigger_mlme);
1328 trigger_tlv_sz[FW_DBG_TRIGGER_STATS] =
1329 sizeof(struct iwl_fw_dbg_trigger_stats);
1330 trigger_tlv_sz[FW_DBG_TRIGGER_RSSI] =
1331 sizeof(struct iwl_fw_dbg_trigger_low_rssi);
1332 trigger_tlv_sz[FW_DBG_TRIGGER_TXQ_TIMERS] =
1333 sizeof(struct iwl_fw_dbg_trigger_txq_timer);
1334 trigger_tlv_sz[FW_DBG_TRIGGER_TIME_EVENT] =
1335 sizeof(struct iwl_fw_dbg_trigger_time_event);
1336 trigger_tlv_sz[FW_DBG_TRIGGER_BA] =
1337 sizeof(struct iwl_fw_dbg_trigger_ba);
1338 trigger_tlv_sz[FW_DBG_TRIGGER_TDLS] =
1339 sizeof(struct iwl_fw_dbg_trigger_tdls);
1340
1341 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg_trigger_tlv); i++) {
1342 if (pieces->dbg_trigger_tlv[i]) {
1343 /*
1344 * If the trigger isn't long enough, WARN and exit.
1345 * Someone is trying to debug something and he won't
1346 * be able to catch the bug he is trying to chase.
1347 * We'd better be noisy to be sure he knows what's
1348 * going on.
1349 */
1350 if (WARN_ON(pieces->dbg_trigger_tlv_len[i] <
1351 (trigger_tlv_sz[i] +
1352 sizeof(struct iwl_fw_dbg_trigger_tlv))))
1353 goto out_free_fw;
1354 drv->fw.dbg_trigger_tlv_len[i] =
1355 pieces->dbg_trigger_tlv_len[i];
1356 drv->fw.dbg_trigger_tlv[i] =
1357 kmemdup(pieces->dbg_trigger_tlv[i],
1358 drv->fw.dbg_trigger_tlv_len[i],
1359 GFP_KERNEL);
1360 if (!drv->fw.dbg_trigger_tlv[i])
1361 goto out_free_fw;
1362 }
1363 }
1364
1365 /* Now that we can no longer fail, copy information */
1366
1367 /*
1368 * The (size - 16) / 12 formula is based on the information recorded
1369 * for each event, which is of mode 1 (including timestamp) for all
1370 * new microcodes that include this information.
1371 */
1372 fw->init_evtlog_ptr = pieces->init_evtlog_ptr;
1373 if (pieces->init_evtlog_size)
1374 fw->init_evtlog_size = (pieces->init_evtlog_size - 16)/12;
1375 else
1376 fw->init_evtlog_size =
1377 drv->cfg->base_params->max_event_log_size;
1378 fw->init_errlog_ptr = pieces->init_errlog_ptr;
1379 fw->inst_evtlog_ptr = pieces->inst_evtlog_ptr;
1380 if (pieces->inst_evtlog_size)
1381 fw->inst_evtlog_size = (pieces->inst_evtlog_size - 16)/12;
1382 else
1383 fw->inst_evtlog_size =
1384 drv->cfg->base_params->max_event_log_size;
1385 fw->inst_errlog_ptr = pieces->inst_errlog_ptr;
1386
1387 /*
1388 * figure out the offset of chain noise reset and gain commands
1389 * base on the size of standard phy calibration commands table size
1390 */
1391 if (fw->ucode_capa.standard_phy_calibration_size >
1392 IWL_MAX_PHY_CALIBRATE_TBL_SIZE)
1393 fw->ucode_capa.standard_phy_calibration_size =
1394 IWL_MAX_STANDARD_PHY_CALIBRATE_TBL_SIZE;
1395
1396 /* We have our copies now, allow OS release its copies */
1397 release_firmware(ucode_raw);
1398
1399 mutex_lock(&iwlwifi_opmode_table_mtx);
1400 if (fw->mvm_fw)
1401 op = &iwlwifi_opmode_table[MVM_OP_MODE];
1402 else
1403 op = &iwlwifi_opmode_table[DVM_OP_MODE];
1404
1405 IWL_INFO(drv, "loaded firmware version %s op_mode %s\n",
1406 drv->fw.fw_version, op->name);
1407
1408 /* add this device to the list of devices using this op_mode */
1409 list_add_tail(&drv->list, &op->drv);
1410
1411 if (op->ops) {
1412 drv->op_mode = _iwl_op_mode_start(drv, op);
1413
1414 if (!drv->op_mode) {
1415 mutex_unlock(&iwlwifi_opmode_table_mtx);
1416 goto out_unbind;
1417 }
1418 } else {
1419 load_module = true;
1420 }
1421 mutex_unlock(&iwlwifi_opmode_table_mtx);
1422
1423 /*
1424 * Complete the firmware request last so that
1425 * a driver unbind (stop) doesn't run while we
1426 * are doing the start() above.
1427 */
1428 complete(&drv->request_firmware_complete);
1429
1430 /*
1431 * Load the module last so we don't block anything
1432 * else from proceeding if the module fails to load
1433 * or hangs loading.
1434 */
1435 if (load_module) {
1436 err = request_module("%s", op->name);
1437#ifdef CONFIG_IWLWIFI_OPMODE_MODULAR
1438 if (err)
1439 IWL_ERR(drv,
1440 "failed to load module %s (error %d), is dynamic loading enabled?\n",
1441 op->name, err);
1442#endif
1443 }
1444 kfree(pieces);
1445 return;
1446
1447 try_again:
1448 /* try next, if any */
1449 release_firmware(ucode_raw);
1450 if (iwl_request_firmware(drv, false))
1451 goto out_unbind;
1452 kfree(pieces);
1453 return;
1454
1455 out_free_fw:
1456 IWL_ERR(drv, "failed to allocate pci memory\n");
1457 iwl_dealloc_ucode(drv);
1458 release_firmware(ucode_raw);
1459 out_unbind:
1460 kfree(pieces);
1461 complete(&drv->request_firmware_complete);
1462 device_release_driver(drv->trans->dev);
1463}
1464
1465struct iwl_drv *iwl_drv_start(struct iwl_trans *trans,
1466 const struct iwl_cfg *cfg)
1467{
1468 struct iwl_drv *drv;
1469 int ret;
1470
1471 drv = kzalloc(sizeof(*drv), GFP_KERNEL);
1472 if (!drv) {
1473 ret = -ENOMEM;
1474 goto err;
1475 }
1476
1477 drv->trans = trans;
1478 drv->dev = trans->dev;
1479 drv->cfg = cfg;
1480
1481 init_completion(&drv->request_firmware_complete);
1482 INIT_LIST_HEAD(&drv->list);
1483
1484#ifdef CONFIG_IWLWIFI_DEBUGFS
1485 /* Create the device debugfs entries. */
1486 drv->dbgfs_drv = debugfs_create_dir(dev_name(trans->dev),
1487 iwl_dbgfs_root);
1488
1489 if (!drv->dbgfs_drv) {
1490 IWL_ERR(drv, "failed to create debugfs directory\n");
1491 ret = -ENOMEM;
1492 goto err_free_drv;
1493 }
1494
1495 /* Create transport layer debugfs dir */
1496 drv->trans->dbgfs_dir = debugfs_create_dir("trans", drv->dbgfs_drv);
1497
1498 if (!drv->trans->dbgfs_dir) {
1499 IWL_ERR(drv, "failed to create transport debugfs directory\n");
1500 ret = -ENOMEM;
1501 goto err_free_dbgfs;
1502 }
1503#endif
1504
1505 ret = iwl_request_firmware(drv, true);
1506 if (ret) {
1507 IWL_ERR(trans, "Couldn't request the fw\n");
1508 goto err_fw;
1509 }
1510
1511 return drv;
1512
1513err_fw:
1514#ifdef CONFIG_IWLWIFI_DEBUGFS
1515err_free_dbgfs:
1516 debugfs_remove_recursive(drv->dbgfs_drv);
1517err_free_drv:
1518#endif
1519 kfree(drv);
1520err:
1521 return ERR_PTR(ret);
1522}
1523
1524void iwl_drv_stop(struct iwl_drv *drv)
1525{
1526 wait_for_completion(&drv->request_firmware_complete);
1527
1528 _iwl_op_mode_stop(drv);
1529
1530 iwl_dealloc_ucode(drv);
1531
1532 mutex_lock(&iwlwifi_opmode_table_mtx);
1533 /*
1534 * List is empty (this item wasn't added)
1535 * when firmware loading failed -- in that
1536 * case we can't remove it from any list.
1537 */
1538 if (!list_empty(&drv->list))
1539 list_del(&drv->list);
1540 mutex_unlock(&iwlwifi_opmode_table_mtx);
1541
1542#ifdef CONFIG_IWLWIFI_DEBUGFS
1543 debugfs_remove_recursive(drv->dbgfs_drv);
1544#endif
1545
1546 kfree(drv);
1547}
1548
1549
1550/* shared module parameters */
1551struct iwl_mod_params iwlwifi_mod_params = {
1552 .restart_fw = true,
1553 .bt_coex_active = true,
1554 .power_level = IWL_POWER_INDEX_1,
1555 .d0i3_disable = true,
1556 .d0i3_entry_delay = 1000,
1557#ifndef CONFIG_IWLWIFI_UAPSD
1558 .uapsd_disable = true,
1559#endif /* CONFIG_IWLWIFI_UAPSD */
1560 /* the rest are 0 by default */
1561};
1562IWL_EXPORT_SYMBOL(iwlwifi_mod_params);
1563
1564int iwl_opmode_register(const char *name, const struct iwl_op_mode_ops *ops)
1565{
1566 int i;
1567 struct iwl_drv *drv;
1568 struct iwlwifi_opmode_table *op;
1569
1570 mutex_lock(&iwlwifi_opmode_table_mtx);
1571 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) {
1572 op = &iwlwifi_opmode_table[i];
1573 if (strcmp(op->name, name))
1574 continue;
1575 op->ops = ops;
1576 /* TODO: need to handle exceptional case */
1577 list_for_each_entry(drv, &op->drv, list)
1578 drv->op_mode = _iwl_op_mode_start(drv, op);
1579
1580 mutex_unlock(&iwlwifi_opmode_table_mtx);
1581 return 0;
1582 }
1583 mutex_unlock(&iwlwifi_opmode_table_mtx);
1584 return -EIO;
1585}
1586IWL_EXPORT_SYMBOL(iwl_opmode_register);
1587
1588void iwl_opmode_deregister(const char *name)
1589{
1590 int i;
1591 struct iwl_drv *drv;
1592
1593 mutex_lock(&iwlwifi_opmode_table_mtx);
1594 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) {
1595 if (strcmp(iwlwifi_opmode_table[i].name, name))
1596 continue;
1597 iwlwifi_opmode_table[i].ops = NULL;
1598
1599 /* call the stop routine for all devices */
1600 list_for_each_entry(drv, &iwlwifi_opmode_table[i].drv, list)
1601 _iwl_op_mode_stop(drv);
1602
1603 mutex_unlock(&iwlwifi_opmode_table_mtx);
1604 return;
1605 }
1606 mutex_unlock(&iwlwifi_opmode_table_mtx);
1607}
1608IWL_EXPORT_SYMBOL(iwl_opmode_deregister);
1609
1610static int __init iwl_drv_init(void)
1611{
1612 int i;
1613
1614 mutex_init(&iwlwifi_opmode_table_mtx);
1615
1616 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++)
1617 INIT_LIST_HEAD(&iwlwifi_opmode_table[i].drv);
1618
1619 pr_info(DRV_DESCRIPTION "\n");
1620 pr_info(DRV_COPYRIGHT "\n");
1621
1622#ifdef CONFIG_IWLWIFI_DEBUGFS
1623 /* Create the root of iwlwifi debugfs subsystem. */
1624 iwl_dbgfs_root = debugfs_create_dir(DRV_NAME, NULL);
1625
1626 if (!iwl_dbgfs_root)
1627 return -EFAULT;
1628#endif
1629
1630 return iwl_pci_register_driver();
1631}
1632module_init(iwl_drv_init);
1633
1634static void __exit iwl_drv_exit(void)
1635{
1636 iwl_pci_unregister_driver();
1637
1638#ifdef CONFIG_IWLWIFI_DEBUGFS
1639 debugfs_remove_recursive(iwl_dbgfs_root);
1640#endif
1641}
1642module_exit(iwl_drv_exit);
1643
1644#ifdef CONFIG_IWLWIFI_DEBUG
1645module_param_named(debug, iwlwifi_mod_params.debug_level, uint,
1646 S_IRUGO | S_IWUSR);
1647MODULE_PARM_DESC(debug, "debug output mask");
1648#endif
1649
1650module_param_named(swcrypto, iwlwifi_mod_params.sw_crypto, int, S_IRUGO);
1651MODULE_PARM_DESC(swcrypto, "using crypto in software (default 0 [hardware])");
1652module_param_named(11n_disable, iwlwifi_mod_params.disable_11n, uint, S_IRUGO);
1653MODULE_PARM_DESC(11n_disable,
1654 "disable 11n functionality, bitmap: 1: full, 2: disable agg TX, 4: disable agg RX, 8 enable agg TX");
1655module_param_named(amsdu_size, iwlwifi_mod_params.amsdu_size,
1656 int, S_IRUGO);
1657MODULE_PARM_DESC(amsdu_size, "amsdu size 0:4K 1:8K 2:12K (default 0)");
1658module_param_named(fw_restart, iwlwifi_mod_params.restart_fw, bool, S_IRUGO);
1659MODULE_PARM_DESC(fw_restart, "restart firmware in case of error (default true)");
1660
1661module_param_named(antenna_coupling, iwlwifi_mod_params.ant_coupling,
1662 int, S_IRUGO);
1663MODULE_PARM_DESC(antenna_coupling,
1664 "specify antenna coupling in dB (default: 0 dB)");
1665
1666module_param_named(nvm_file, iwlwifi_mod_params.nvm_file, charp, S_IRUGO);
1667MODULE_PARM_DESC(nvm_file, "NVM file name");
1668
1669module_param_named(d0i3_disable, iwlwifi_mod_params.d0i3_disable,
1670 bool, S_IRUGO);
1671MODULE_PARM_DESC(d0i3_disable, "disable d0i3 functionality (default: Y)");
1672
1673module_param_named(lar_disable, iwlwifi_mod_params.lar_disable,
1674 bool, S_IRUGO);
1675MODULE_PARM_DESC(lar_disable, "disable LAR functionality (default: N)");
1676
1677module_param_named(uapsd_disable, iwlwifi_mod_params.uapsd_disable,
1678 bool, S_IRUGO | S_IWUSR);
1679#ifdef CONFIG_IWLWIFI_UAPSD
1680MODULE_PARM_DESC(uapsd_disable, "disable U-APSD functionality (default: N)");
1681#else
1682MODULE_PARM_DESC(uapsd_disable, "disable U-APSD functionality (default: Y)");
1683#endif
1684
1685/*
1686 * set bt_coex_active to true, uCode will do kill/defer
1687 * every time the priority line is asserted (BT is sending signals on the
1688 * priority line in the PCIx).
1689 * set bt_coex_active to false, uCode will ignore the BT activity and
1690 * perform the normal operation
1691 *
1692 * User might experience transmit issue on some platform due to WiFi/BT
1693 * co-exist problem. The possible behaviors are:
1694 * Able to scan and finding all the available AP
1695 * Not able to associate with any AP
1696 * On those platforms, WiFi communication can be restored by set
1697 * "bt_coex_active" module parameter to "false"
1698 *
1699 * default: bt_coex_active = true (BT_COEX_ENABLE)
1700 */
1701module_param_named(bt_coex_active, iwlwifi_mod_params.bt_coex_active,
1702 bool, S_IRUGO);
1703MODULE_PARM_DESC(bt_coex_active, "enable wifi/bt co-exist (default: enable)");
1704
1705module_param_named(led_mode, iwlwifi_mod_params.led_mode, int, S_IRUGO);
1706MODULE_PARM_DESC(led_mode, "0=system default, "
1707 "1=On(RF On)/Off(RF Off), 2=blinking, 3=Off (default: 0)");
1708
1709module_param_named(power_save, iwlwifi_mod_params.power_save,
1710 bool, S_IRUGO);
1711MODULE_PARM_DESC(power_save,
1712 "enable WiFi power management (default: disable)");
1713
1714module_param_named(power_level, iwlwifi_mod_params.power_level,
1715 int, S_IRUGO);
1716MODULE_PARM_DESC(power_level,
1717 "default power save level (range from 1 - 5, default: 1)");
1718
1719module_param_named(fw_monitor, iwlwifi_mod_params.fw_monitor, bool, S_IRUGO);
1720MODULE_PARM_DESC(fw_monitor,
1721 "firmware monitor - to debug FW (default: false - needs lots of memory)");
1722
1723module_param_named(d0i3_timeout, iwlwifi_mod_params.d0i3_entry_delay,
1724 uint, S_IRUGO);
1725MODULE_PARM_DESC(d0i3_timeout, "Timeout to D0i3 entry when idle (ms)");
1726
1727module_param_named(disable_11ac, iwlwifi_mod_params.disable_11ac, bool,
1728 S_IRUGO);
1729MODULE_PARM_DESC(disable_11ac, "Disable VHT capabilities");