1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2005-2014, 2018-2021 Intel Corporation 4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH 5 * Copyright (C) 2016-2017 Intel Deutschland GmbH 6 */ 7 #if defined(__FreeBSD__) 8 #define LINUXKPI_PARAM_PREFIX iwlwifi_ 9 #endif 10 #include <linux/completion.h> 11 #include <linux/dma-mapping.h> 12 #include <linux/firmware.h> 13 #include <linux/module.h> 14 #include <linux/vmalloc.h> 15 16 #include "iwl-drv.h" 17 #include "iwl-csr.h" 18 #include "iwl-debug.h" 19 #include "iwl-trans.h" 20 #include "iwl-op-mode.h" 21 #include "iwl-agn-hw.h" 22 #include "fw/img.h" 23 #include "iwl-dbg-tlv.h" 24 #include "iwl-config.h" 25 #include "iwl-modparams.h" 26 #include "fw/api/alive.h" 27 #include "fw/api/mac.h" 28 29 /****************************************************************************** 30 * 31 * module boiler plate 32 * 33 ******************************************************************************/ 34 35 #if defined(__linux__) 36 #define DRV_DESCRIPTION "Intel(R) Wireless WiFi driver for Linux" 37 MODULE_LICENSE("GPL"); 38 #elif defined(__FreeBSD__) 39 #define DRV_DESCRIPTION "Intel(R) Wireless WiFi based driver for FreeBSD" 40 MODULE_LICENSE("BSD"); 41 MODULE_VERSION(if_iwlwifi, 1); 42 MODULE_DEPEND(if_iwlwifi, linuxkpi, 1, 1, 1); 43 MODULE_DEPEND(if_iwlwifi, linuxkpi_wlan, 1, 1, 1); 44 #endif 45 MODULE_DESCRIPTION(DRV_DESCRIPTION); 46 47 #ifdef CONFIG_IWLWIFI_DEBUGFS 48 static struct dentry *iwl_dbgfs_root; 49 #endif 50 51 /** 52 * struct iwl_drv - drv common data 53 * @list: list of drv structures using this opmode 54 * @fw: the iwl_fw structure 55 * @op_mode: the running op_mode 56 * @trans: transport layer 57 * @dev: for debug prints only 58 * @fw_index: firmware revision to try loading 59 * @firmware_name: composite filename of ucode file to load 60 * @request_firmware_complete: the firmware has been obtained from user space 61 * @dbgfs_drv: debugfs root directory entry 62 * @dbgfs_trans: debugfs transport directory entry 63 * @dbgfs_op_mode: debugfs op_mode directory entry 64 */ 65 struct iwl_drv { 66 struct list_head list; 67 struct iwl_fw fw; 68 69 struct iwl_op_mode *op_mode; 70 struct iwl_trans *trans; 71 struct device *dev; 72 73 int fw_index; /* firmware we're trying to load */ 74 char firmware_name[64]; /* name of firmware file to load */ 75 76 struct completion request_firmware_complete; 77 78 #ifdef CONFIG_IWLWIFI_DEBUGFS 79 struct dentry *dbgfs_drv; 80 struct dentry *dbgfs_trans; 81 struct dentry *dbgfs_op_mode; 82 #endif 83 }; 84 85 enum { 86 DVM_OP_MODE, 87 MVM_OP_MODE, 88 }; 89 90 /* Protects the table contents, i.e. the ops pointer & drv list */ 91 static DEFINE_MUTEX(iwlwifi_opmode_table_mtx); 92 static struct iwlwifi_opmode_table { 93 const char *name; /* name: iwldvm, iwlmvm, etc */ 94 const struct iwl_op_mode_ops *ops; /* pointer to op_mode ops */ 95 struct list_head drv; /* list of devices using this op_mode */ 96 } iwlwifi_opmode_table[] = { /* ops set when driver is initialized */ 97 [DVM_OP_MODE] = { .name = "iwldvm", .ops = NULL }, 98 [MVM_OP_MODE] = { .name = "iwlmvm", .ops = NULL }, 99 }; 100 101 #define IWL_DEFAULT_SCAN_CHANNELS 40 102 103 /* 104 * struct fw_sec: Just for the image parsing process. 105 * For the fw storage we are using struct fw_desc. 106 */ 107 struct fw_sec { 108 const void *data; /* the sec data */ 109 size_t size; /* section size */ 110 u32 offset; /* offset of writing in the device */ 111 }; 112 113 static void iwl_free_fw_desc(struct iwl_drv *drv, struct fw_desc *desc) 114 { 115 vfree(desc->data); 116 desc->data = NULL; 117 desc->len = 0; 118 } 119 120 static void iwl_free_fw_img(struct iwl_drv *drv, struct fw_img *img) 121 { 122 int i; 123 for (i = 0; i < img->num_sec; i++) 124 iwl_free_fw_desc(drv, &img->sec[i]); 125 kfree(img->sec); 126 } 127 128 static void iwl_dealloc_ucode(struct iwl_drv *drv) 129 { 130 int i; 131 132 kfree(drv->fw.dbg.dest_tlv); 133 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.conf_tlv); i++) 134 kfree(drv->fw.dbg.conf_tlv[i]); 135 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.trigger_tlv); i++) 136 kfree(drv->fw.dbg.trigger_tlv[i]); 137 kfree(drv->fw.dbg.mem_tlv); 138 kfree(drv->fw.iml); 139 kfree(drv->fw.ucode_capa.cmd_versions); 140 kfree(drv->fw.phy_integration_ver); 141 142 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++) 143 iwl_free_fw_img(drv, drv->fw.img + i); 144 145 /* clear the data for the aborted load case */ 146 memset(&drv->fw, 0, sizeof(drv->fw)); 147 } 148 149 static int iwl_alloc_fw_desc(struct iwl_drv *drv, struct fw_desc *desc, 150 struct fw_sec *sec) 151 { 152 void *data; 153 154 desc->data = NULL; 155 156 if (!sec || !sec->size) 157 return -EINVAL; 158 159 data = vmalloc(sec->size); 160 if (!data) 161 return -ENOMEM; 162 163 desc->len = sec->size; 164 desc->offset = sec->offset; 165 memcpy(data, sec->data, desc->len); 166 desc->data = data; 167 168 return 0; 169 } 170 171 static void iwl_req_fw_callback(const struct firmware *ucode_raw, 172 void *context); 173 174 static int iwl_request_firmware(struct iwl_drv *drv, bool first) 175 { 176 const struct iwl_cfg *cfg = drv->trans->cfg; 177 char tag[8]; 178 179 if (drv->trans->trans_cfg->device_family == IWL_DEVICE_FAMILY_9000 && 180 (drv->trans->hw_rev_step != SILICON_B_STEP && 181 drv->trans->hw_rev_step != SILICON_C_STEP)) { 182 IWL_ERR(drv, 183 "Only HW steps B and C are currently supported (0x%0x)\n", 184 drv->trans->hw_rev); 185 return -EINVAL; 186 } 187 188 if (first) { 189 drv->fw_index = cfg->ucode_api_max; 190 sprintf(tag, "%d", drv->fw_index); 191 } else { 192 drv->fw_index--; 193 sprintf(tag, "%d", drv->fw_index); 194 } 195 196 if (drv->fw_index < cfg->ucode_api_min) { 197 IWL_ERR(drv, "no suitable firmware found!\n"); 198 199 if (cfg->ucode_api_min == cfg->ucode_api_max) { 200 IWL_ERR(drv, "%s%d is required\n", cfg->fw_name_pre, 201 cfg->ucode_api_max); 202 } else { 203 IWL_ERR(drv, "minimum version required: %s%d\n", 204 cfg->fw_name_pre, cfg->ucode_api_min); 205 IWL_ERR(drv, "maximum version supported: %s%d\n", 206 cfg->fw_name_pre, cfg->ucode_api_max); 207 } 208 209 IWL_ERR(drv, 210 "check git://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git\n"); 211 return -ENOENT; 212 } 213 214 snprintf(drv->firmware_name, sizeof(drv->firmware_name), "%s%s.ucode", 215 cfg->fw_name_pre, tag); 216 217 IWL_DEBUG_FW_INFO(drv, "attempting to load firmware '%s'\n", 218 drv->firmware_name); 219 220 return request_firmware_nowait(THIS_MODULE, 1, drv->firmware_name, 221 drv->trans->dev, 222 GFP_KERNEL, drv, iwl_req_fw_callback); 223 } 224 225 struct fw_img_parsing { 226 struct fw_sec *sec; 227 int sec_counter; 228 }; 229 230 /* 231 * struct fw_sec_parsing: to extract fw section and it's offset from tlv 232 */ 233 struct fw_sec_parsing { 234 __le32 offset; 235 const u8 data[]; 236 } __packed; 237 238 /** 239 * struct iwl_tlv_calib_data - parse the default calib data from TLV 240 * 241 * @ucode_type: the uCode to which the following default calib relates. 242 * @calib: default calibrations. 243 */ 244 struct iwl_tlv_calib_data { 245 __le32 ucode_type; 246 struct iwl_tlv_calib_ctrl calib; 247 } __packed; 248 249 struct iwl_firmware_pieces { 250 struct fw_img_parsing img[IWL_UCODE_TYPE_MAX]; 251 252 u32 init_evtlog_ptr, init_evtlog_size, init_errlog_ptr; 253 u32 inst_evtlog_ptr, inst_evtlog_size, inst_errlog_ptr; 254 255 /* FW debug data parsed for driver usage */ 256 bool dbg_dest_tlv_init; 257 const u8 *dbg_dest_ver; 258 union { 259 const struct iwl_fw_dbg_dest_tlv *dbg_dest_tlv; 260 const struct iwl_fw_dbg_dest_tlv_v1 *dbg_dest_tlv_v1; 261 }; 262 const struct iwl_fw_dbg_conf_tlv *dbg_conf_tlv[FW_DBG_CONF_MAX]; 263 size_t dbg_conf_tlv_len[FW_DBG_CONF_MAX]; 264 const struct iwl_fw_dbg_trigger_tlv *dbg_trigger_tlv[FW_DBG_TRIGGER_MAX]; 265 size_t dbg_trigger_tlv_len[FW_DBG_TRIGGER_MAX]; 266 struct iwl_fw_dbg_mem_seg_tlv *dbg_mem_tlv; 267 size_t n_mem_tlv; 268 }; 269 270 /* 271 * These functions are just to extract uCode section data from the pieces 272 * structure. 273 */ 274 static struct fw_sec *get_sec(struct iwl_firmware_pieces *pieces, 275 enum iwl_ucode_type type, 276 int sec) 277 { 278 return &pieces->img[type].sec[sec]; 279 } 280 281 static void alloc_sec_data(struct iwl_firmware_pieces *pieces, 282 enum iwl_ucode_type type, 283 int sec) 284 { 285 struct fw_img_parsing *img = &pieces->img[type]; 286 struct fw_sec *sec_memory; 287 int size = sec + 1; 288 size_t alloc_size = sizeof(*img->sec) * size; 289 290 if (img->sec && img->sec_counter >= size) 291 return; 292 293 sec_memory = krealloc(img->sec, alloc_size, GFP_KERNEL); 294 if (!sec_memory) 295 return; 296 297 img->sec = sec_memory; 298 img->sec_counter = size; 299 } 300 301 static void set_sec_data(struct iwl_firmware_pieces *pieces, 302 enum iwl_ucode_type type, 303 int sec, 304 const void *data) 305 { 306 alloc_sec_data(pieces, type, sec); 307 308 pieces->img[type].sec[sec].data = data; 309 } 310 311 static void set_sec_size(struct iwl_firmware_pieces *pieces, 312 enum iwl_ucode_type type, 313 int sec, 314 size_t size) 315 { 316 alloc_sec_data(pieces, type, sec); 317 318 pieces->img[type].sec[sec].size = size; 319 } 320 321 static size_t get_sec_size(struct iwl_firmware_pieces *pieces, 322 enum iwl_ucode_type type, 323 int sec) 324 { 325 return pieces->img[type].sec[sec].size; 326 } 327 328 static void set_sec_offset(struct iwl_firmware_pieces *pieces, 329 enum iwl_ucode_type type, 330 int sec, 331 u32 offset) 332 { 333 alloc_sec_data(pieces, type, sec); 334 335 pieces->img[type].sec[sec].offset = offset; 336 } 337 338 static int iwl_store_cscheme(struct iwl_fw *fw, const u8 *data, const u32 len) 339 { 340 int i, j; 341 const struct iwl_fw_cscheme_list *l = 342 (const struct iwl_fw_cscheme_list *)data; 343 const struct iwl_fw_cipher_scheme *fwcs; 344 345 if (len < sizeof(*l) || 346 len < sizeof(l->size) + l->size * sizeof(l->cs[0])) 347 return -EINVAL; 348 349 for (i = 0, j = 0; i < IWL_UCODE_MAX_CS && i < l->size; i++) { 350 fwcs = &l->cs[j]; 351 352 /* we skip schemes with zero cipher suite selector */ 353 if (!fwcs->cipher) 354 continue; 355 356 fw->cs[j++] = *fwcs; 357 } 358 359 return 0; 360 } 361 362 /* 363 * Gets uCode section from tlv. 364 */ 365 static int iwl_store_ucode_sec(struct iwl_firmware_pieces *pieces, 366 const void *data, enum iwl_ucode_type type, 367 int size) 368 { 369 struct fw_img_parsing *img; 370 struct fw_sec *sec; 371 const struct fw_sec_parsing *sec_parse; 372 size_t alloc_size; 373 374 if (WARN_ON(!pieces || !data || type >= IWL_UCODE_TYPE_MAX)) 375 return -1; 376 377 sec_parse = (const struct fw_sec_parsing *)data; 378 379 img = &pieces->img[type]; 380 381 alloc_size = sizeof(*img->sec) * (img->sec_counter + 1); 382 sec = krealloc(img->sec, alloc_size, GFP_KERNEL); 383 if (!sec) 384 return -ENOMEM; 385 img->sec = sec; 386 387 sec = &img->sec[img->sec_counter]; 388 389 sec->offset = le32_to_cpu(sec_parse->offset); 390 sec->data = sec_parse->data; 391 sec->size = size - sizeof(sec_parse->offset); 392 393 ++img->sec_counter; 394 395 return 0; 396 } 397 398 static int iwl_set_default_calib(struct iwl_drv *drv, const u8 *data) 399 { 400 const struct iwl_tlv_calib_data *def_calib = 401 (const struct iwl_tlv_calib_data *)data; 402 u32 ucode_type = le32_to_cpu(def_calib->ucode_type); 403 if (ucode_type >= IWL_UCODE_TYPE_MAX) { 404 IWL_ERR(drv, "Wrong ucode_type %u for default calibration.\n", 405 ucode_type); 406 return -EINVAL; 407 } 408 drv->fw.default_calib[ucode_type].flow_trigger = 409 def_calib->calib.flow_trigger; 410 drv->fw.default_calib[ucode_type].event_trigger = 411 def_calib->calib.event_trigger; 412 413 return 0; 414 } 415 416 static void iwl_set_ucode_api_flags(struct iwl_drv *drv, const u8 *data, 417 struct iwl_ucode_capabilities *capa) 418 { 419 const struct iwl_ucode_api *ucode_api = (const void *)data; 420 u32 api_index = le32_to_cpu(ucode_api->api_index); 421 u32 api_flags = le32_to_cpu(ucode_api->api_flags); 422 int i; 423 424 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_API, 32)) { 425 IWL_WARN(drv, 426 "api flags index %d larger than supported by driver\n", 427 api_index); 428 return; 429 } 430 431 for (i = 0; i < 32; i++) { 432 if (api_flags & BIT(i)) 433 __set_bit(i + 32 * api_index, capa->_api); 434 } 435 } 436 437 static void iwl_set_ucode_capabilities(struct iwl_drv *drv, const u8 *data, 438 struct iwl_ucode_capabilities *capa) 439 { 440 const struct iwl_ucode_capa *ucode_capa = (const void *)data; 441 u32 api_index = le32_to_cpu(ucode_capa->api_index); 442 u32 api_flags = le32_to_cpu(ucode_capa->api_capa); 443 int i; 444 445 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_CAPA, 32)) { 446 IWL_WARN(drv, 447 "capa flags index %d larger than supported by driver\n", 448 api_index); 449 return; 450 } 451 452 for (i = 0; i < 32; i++) { 453 if (api_flags & BIT(i)) 454 __set_bit(i + 32 * api_index, capa->_capa); 455 } 456 } 457 458 static const char *iwl_reduced_fw_name(struct iwl_drv *drv) 459 { 460 const char *name = drv->firmware_name; 461 462 if (strncmp(name, "iwlwifi-", 8) == 0) 463 name += 8; 464 465 return name; 466 } 467 468 static int iwl_parse_v1_v2_firmware(struct iwl_drv *drv, 469 const struct firmware *ucode_raw, 470 struct iwl_firmware_pieces *pieces) 471 { 472 const struct iwl_ucode_header *ucode = (const void *)ucode_raw->data; 473 u32 api_ver, hdr_size, build; 474 char buildstr[25]; 475 const u8 *src; 476 477 drv->fw.ucode_ver = le32_to_cpu(ucode->ver); 478 api_ver = IWL_UCODE_API(drv->fw.ucode_ver); 479 480 switch (api_ver) { 481 default: 482 hdr_size = 28; 483 if (ucode_raw->size < hdr_size) { 484 IWL_ERR(drv, "File size too small!\n"); 485 return -EINVAL; 486 } 487 build = le32_to_cpu(ucode->u.v2.build); 488 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 489 le32_to_cpu(ucode->u.v2.inst_size)); 490 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 491 le32_to_cpu(ucode->u.v2.data_size)); 492 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 493 le32_to_cpu(ucode->u.v2.init_size)); 494 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 495 le32_to_cpu(ucode->u.v2.init_data_size)); 496 src = ucode->u.v2.data; 497 break; 498 case 0: 499 case 1: 500 case 2: 501 hdr_size = 24; 502 if (ucode_raw->size < hdr_size) { 503 IWL_ERR(drv, "File size too small!\n"); 504 return -EINVAL; 505 } 506 build = 0; 507 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 508 le32_to_cpu(ucode->u.v1.inst_size)); 509 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 510 le32_to_cpu(ucode->u.v1.data_size)); 511 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 512 le32_to_cpu(ucode->u.v1.init_size)); 513 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 514 le32_to_cpu(ucode->u.v1.init_data_size)); 515 src = ucode->u.v1.data; 516 break; 517 } 518 519 if (build) 520 sprintf(buildstr, " build %u", build); 521 else 522 buildstr[0] = '\0'; 523 524 snprintf(drv->fw.fw_version, 525 sizeof(drv->fw.fw_version), 526 "%u.%u.%u.%u%s %s", 527 IWL_UCODE_MAJOR(drv->fw.ucode_ver), 528 IWL_UCODE_MINOR(drv->fw.ucode_ver), 529 IWL_UCODE_API(drv->fw.ucode_ver), 530 IWL_UCODE_SERIAL(drv->fw.ucode_ver), 531 buildstr, iwl_reduced_fw_name(drv)); 532 533 /* Verify size of file vs. image size info in file's header */ 534 535 if (ucode_raw->size != hdr_size + 536 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) + 537 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) + 538 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) + 539 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA)) { 540 541 IWL_ERR(drv, 542 "uCode file size %d does not match expected size\n", 543 (int)ucode_raw->size); 544 return -EINVAL; 545 } 546 547 548 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, src); 549 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST); 550 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 551 IWLAGN_RTC_INST_LOWER_BOUND); 552 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, src); 553 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA); 554 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 555 IWLAGN_RTC_DATA_LOWER_BOUND); 556 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, src); 557 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST); 558 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 559 IWLAGN_RTC_INST_LOWER_BOUND); 560 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, src); 561 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA); 562 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 563 IWLAGN_RTC_DATA_LOWER_BOUND); 564 return 0; 565 } 566 567 static void iwl_drv_set_dump_exclude(struct iwl_drv *drv, 568 enum iwl_ucode_tlv_type tlv_type, 569 const void *tlv_data, u32 tlv_len) 570 { 571 const struct iwl_fw_dump_exclude *fw = tlv_data; 572 struct iwl_dump_exclude *excl; 573 574 if (tlv_len < sizeof(*fw)) 575 return; 576 577 if (tlv_type == IWL_UCODE_TLV_SEC_TABLE_ADDR) { 578 excl = &drv->fw.dump_excl[0]; 579 580 /* second time we find this, it's for WoWLAN */ 581 if (excl->addr) 582 excl = &drv->fw.dump_excl_wowlan[0]; 583 } else if (fw_has_capa(&drv->fw.ucode_capa, 584 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG)) { 585 /* IWL_UCODE_TLV_D3_KEK_KCK_ADDR is regular image */ 586 excl = &drv->fw.dump_excl[0]; 587 } else { 588 /* IWL_UCODE_TLV_D3_KEK_KCK_ADDR is WoWLAN image */ 589 excl = &drv->fw.dump_excl_wowlan[0]; 590 } 591 592 if (excl->addr) 593 excl++; 594 595 if (excl->addr) { 596 IWL_DEBUG_FW_INFO(drv, "found too many excludes in fw file\n"); 597 return; 598 } 599 600 excl->addr = le32_to_cpu(fw->addr) & ~FW_ADDR_CACHE_CONTROL; 601 excl->size = le32_to_cpu(fw->size); 602 } 603 604 static void iwl_parse_dbg_tlv_assert_tables(struct iwl_drv *drv, 605 const struct iwl_ucode_tlv *tlv) 606 { 607 const struct iwl_fw_ini_region_tlv *region; 608 u32 length = le32_to_cpu(tlv->length); 609 u32 addr; 610 611 if (length < offsetof(typeof(*region), special_mem) + 612 sizeof(region->special_mem)) 613 return; 614 615 region = (const void *)tlv->data; 616 addr = le32_to_cpu(region->special_mem.base_addr); 617 addr += le32_to_cpu(region->special_mem.offset); 618 addr &= ~FW_ADDR_CACHE_CONTROL; 619 620 if (region->type != IWL_FW_INI_REGION_SPECIAL_DEVICE_MEMORY) 621 return; 622 623 switch (region->sub_type) { 624 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_UMAC_ERROR_TABLE: 625 drv->trans->dbg.umac_error_event_table = addr; 626 drv->trans->dbg.error_event_table_tlv_status |= 627 IWL_ERROR_EVENT_TABLE_UMAC; 628 break; 629 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_LMAC_1_ERROR_TABLE: 630 drv->trans->dbg.lmac_error_event_table[0] = addr; 631 drv->trans->dbg.error_event_table_tlv_status |= 632 IWL_ERROR_EVENT_TABLE_LMAC1; 633 break; 634 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_LMAC_2_ERROR_TABLE: 635 drv->trans->dbg.lmac_error_event_table[1] = addr; 636 drv->trans->dbg.error_event_table_tlv_status |= 637 IWL_ERROR_EVENT_TABLE_LMAC2; 638 break; 639 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_TCM_1_ERROR_TABLE: 640 drv->trans->dbg.tcm_error_event_table[0] = addr; 641 drv->trans->dbg.error_event_table_tlv_status |= 642 IWL_ERROR_EVENT_TABLE_TCM1; 643 break; 644 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_TCM_2_ERROR_TABLE: 645 drv->trans->dbg.tcm_error_event_table[1] = addr; 646 drv->trans->dbg.error_event_table_tlv_status |= 647 IWL_ERROR_EVENT_TABLE_TCM2; 648 break; 649 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_RCM_1_ERROR_TABLE: 650 drv->trans->dbg.rcm_error_event_table[0] = addr; 651 drv->trans->dbg.error_event_table_tlv_status |= 652 IWL_ERROR_EVENT_TABLE_RCM1; 653 break; 654 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_RCM_2_ERROR_TABLE: 655 drv->trans->dbg.rcm_error_event_table[1] = addr; 656 drv->trans->dbg.error_event_table_tlv_status |= 657 IWL_ERROR_EVENT_TABLE_RCM2; 658 break; 659 default: 660 break; 661 } 662 } 663 664 static int iwl_parse_tlv_firmware(struct iwl_drv *drv, 665 const struct firmware *ucode_raw, 666 struct iwl_firmware_pieces *pieces, 667 struct iwl_ucode_capabilities *capa, 668 bool *usniffer_images) 669 { 670 const struct iwl_tlv_ucode_header *ucode = (const void *)ucode_raw->data; 671 const struct iwl_ucode_tlv *tlv; 672 size_t len = ucode_raw->size; 673 const u8 *data; 674 u32 tlv_len; 675 u32 usniffer_img; 676 enum iwl_ucode_tlv_type tlv_type; 677 const u8 *tlv_data; 678 char buildstr[25]; 679 u32 build, paging_mem_size; 680 int num_of_cpus; 681 bool usniffer_req = false; 682 683 if (len < sizeof(*ucode)) { 684 IWL_ERR(drv, "uCode has invalid length: %zd\n", len); 685 return -EINVAL; 686 } 687 688 if (ucode->magic != cpu_to_le32(IWL_TLV_UCODE_MAGIC)) { 689 IWL_ERR(drv, "invalid uCode magic: 0X%x\n", 690 le32_to_cpu(ucode->magic)); 691 return -EINVAL; 692 } 693 694 drv->fw.ucode_ver = le32_to_cpu(ucode->ver); 695 memcpy(drv->fw.human_readable, ucode->human_readable, 696 sizeof(drv->fw.human_readable)); 697 build = le32_to_cpu(ucode->build); 698 699 if (build) 700 sprintf(buildstr, " build %u", build); 701 else 702 buildstr[0] = '\0'; 703 704 snprintf(drv->fw.fw_version, 705 sizeof(drv->fw.fw_version), 706 "%u.%u.%u.%u%s %s", 707 IWL_UCODE_MAJOR(drv->fw.ucode_ver), 708 IWL_UCODE_MINOR(drv->fw.ucode_ver), 709 IWL_UCODE_API(drv->fw.ucode_ver), 710 IWL_UCODE_SERIAL(drv->fw.ucode_ver), 711 buildstr, iwl_reduced_fw_name(drv)); 712 713 data = ucode->data; 714 715 len -= sizeof(*ucode); 716 717 while (len >= sizeof(*tlv)) { 718 len -= sizeof(*tlv); 719 720 tlv = (const void *)data; 721 tlv_len = le32_to_cpu(tlv->length); 722 tlv_type = le32_to_cpu(tlv->type); 723 tlv_data = tlv->data; 724 725 if (len < tlv_len) { 726 IWL_ERR(drv, "invalid TLV len: %zd/%u\n", 727 len, tlv_len); 728 return -EINVAL; 729 } 730 len -= ALIGN(tlv_len, 4); 731 data += sizeof(*tlv) + ALIGN(tlv_len, 4); 732 733 switch (tlv_type) { 734 case IWL_UCODE_TLV_INST: 735 set_sec_data(pieces, IWL_UCODE_REGULAR, 736 IWL_UCODE_SECTION_INST, tlv_data); 737 set_sec_size(pieces, IWL_UCODE_REGULAR, 738 IWL_UCODE_SECTION_INST, tlv_len); 739 set_sec_offset(pieces, IWL_UCODE_REGULAR, 740 IWL_UCODE_SECTION_INST, 741 IWLAGN_RTC_INST_LOWER_BOUND); 742 break; 743 case IWL_UCODE_TLV_DATA: 744 set_sec_data(pieces, IWL_UCODE_REGULAR, 745 IWL_UCODE_SECTION_DATA, tlv_data); 746 set_sec_size(pieces, IWL_UCODE_REGULAR, 747 IWL_UCODE_SECTION_DATA, tlv_len); 748 set_sec_offset(pieces, IWL_UCODE_REGULAR, 749 IWL_UCODE_SECTION_DATA, 750 IWLAGN_RTC_DATA_LOWER_BOUND); 751 break; 752 case IWL_UCODE_TLV_INIT: 753 set_sec_data(pieces, IWL_UCODE_INIT, 754 IWL_UCODE_SECTION_INST, tlv_data); 755 set_sec_size(pieces, IWL_UCODE_INIT, 756 IWL_UCODE_SECTION_INST, tlv_len); 757 set_sec_offset(pieces, IWL_UCODE_INIT, 758 IWL_UCODE_SECTION_INST, 759 IWLAGN_RTC_INST_LOWER_BOUND); 760 break; 761 case IWL_UCODE_TLV_INIT_DATA: 762 set_sec_data(pieces, IWL_UCODE_INIT, 763 IWL_UCODE_SECTION_DATA, tlv_data); 764 set_sec_size(pieces, IWL_UCODE_INIT, 765 IWL_UCODE_SECTION_DATA, tlv_len); 766 set_sec_offset(pieces, IWL_UCODE_INIT, 767 IWL_UCODE_SECTION_DATA, 768 IWLAGN_RTC_DATA_LOWER_BOUND); 769 break; 770 case IWL_UCODE_TLV_BOOT: 771 IWL_ERR(drv, "Found unexpected BOOT ucode\n"); 772 break; 773 case IWL_UCODE_TLV_PROBE_MAX_LEN: 774 if (tlv_len != sizeof(u32)) 775 goto invalid_tlv_len; 776 capa->max_probe_length = 777 le32_to_cpup((const __le32 *)tlv_data); 778 break; 779 case IWL_UCODE_TLV_PAN: 780 if (tlv_len) 781 goto invalid_tlv_len; 782 capa->flags |= IWL_UCODE_TLV_FLAGS_PAN; 783 break; 784 case IWL_UCODE_TLV_FLAGS: 785 /* must be at least one u32 */ 786 if (tlv_len < sizeof(u32)) 787 goto invalid_tlv_len; 788 /* and a proper number of u32s */ 789 if (tlv_len % sizeof(u32)) 790 goto invalid_tlv_len; 791 /* 792 * This driver only reads the first u32 as 793 * right now no more features are defined, 794 * if that changes then either the driver 795 * will not work with the new firmware, or 796 * it'll not take advantage of new features. 797 */ 798 capa->flags = le32_to_cpup((const __le32 *)tlv_data); 799 break; 800 case IWL_UCODE_TLV_API_CHANGES_SET: 801 if (tlv_len != sizeof(struct iwl_ucode_api)) 802 goto invalid_tlv_len; 803 iwl_set_ucode_api_flags(drv, tlv_data, capa); 804 break; 805 case IWL_UCODE_TLV_ENABLED_CAPABILITIES: 806 if (tlv_len != sizeof(struct iwl_ucode_capa)) 807 goto invalid_tlv_len; 808 iwl_set_ucode_capabilities(drv, tlv_data, capa); 809 break; 810 case IWL_UCODE_TLV_INIT_EVTLOG_PTR: 811 if (tlv_len != sizeof(u32)) 812 goto invalid_tlv_len; 813 pieces->init_evtlog_ptr = 814 le32_to_cpup((const __le32 *)tlv_data); 815 break; 816 case IWL_UCODE_TLV_INIT_EVTLOG_SIZE: 817 if (tlv_len != sizeof(u32)) 818 goto invalid_tlv_len; 819 pieces->init_evtlog_size = 820 le32_to_cpup((const __le32 *)tlv_data); 821 break; 822 case IWL_UCODE_TLV_INIT_ERRLOG_PTR: 823 if (tlv_len != sizeof(u32)) 824 goto invalid_tlv_len; 825 pieces->init_errlog_ptr = 826 le32_to_cpup((const __le32 *)tlv_data); 827 break; 828 case IWL_UCODE_TLV_RUNT_EVTLOG_PTR: 829 if (tlv_len != sizeof(u32)) 830 goto invalid_tlv_len; 831 pieces->inst_evtlog_ptr = 832 le32_to_cpup((const __le32 *)tlv_data); 833 break; 834 case IWL_UCODE_TLV_RUNT_EVTLOG_SIZE: 835 if (tlv_len != sizeof(u32)) 836 goto invalid_tlv_len; 837 pieces->inst_evtlog_size = 838 le32_to_cpup((const __le32 *)tlv_data); 839 break; 840 case IWL_UCODE_TLV_RUNT_ERRLOG_PTR: 841 if (tlv_len != sizeof(u32)) 842 goto invalid_tlv_len; 843 pieces->inst_errlog_ptr = 844 le32_to_cpup((const __le32 *)tlv_data); 845 break; 846 case IWL_UCODE_TLV_ENHANCE_SENS_TBL: 847 if (tlv_len) 848 goto invalid_tlv_len; 849 drv->fw.enhance_sensitivity_table = true; 850 break; 851 case IWL_UCODE_TLV_WOWLAN_INST: 852 set_sec_data(pieces, IWL_UCODE_WOWLAN, 853 IWL_UCODE_SECTION_INST, tlv_data); 854 set_sec_size(pieces, IWL_UCODE_WOWLAN, 855 IWL_UCODE_SECTION_INST, tlv_len); 856 set_sec_offset(pieces, IWL_UCODE_WOWLAN, 857 IWL_UCODE_SECTION_INST, 858 IWLAGN_RTC_INST_LOWER_BOUND); 859 break; 860 case IWL_UCODE_TLV_WOWLAN_DATA: 861 set_sec_data(pieces, IWL_UCODE_WOWLAN, 862 IWL_UCODE_SECTION_DATA, tlv_data); 863 set_sec_size(pieces, IWL_UCODE_WOWLAN, 864 IWL_UCODE_SECTION_DATA, tlv_len); 865 set_sec_offset(pieces, IWL_UCODE_WOWLAN, 866 IWL_UCODE_SECTION_DATA, 867 IWLAGN_RTC_DATA_LOWER_BOUND); 868 break; 869 case IWL_UCODE_TLV_PHY_CALIBRATION_SIZE: 870 if (tlv_len != sizeof(u32)) 871 goto invalid_tlv_len; 872 capa->standard_phy_calibration_size = 873 le32_to_cpup((const __le32 *)tlv_data); 874 break; 875 case IWL_UCODE_TLV_SEC_RT: 876 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_REGULAR, 877 tlv_len); 878 drv->fw.type = IWL_FW_MVM; 879 break; 880 case IWL_UCODE_TLV_SEC_INIT: 881 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_INIT, 882 tlv_len); 883 drv->fw.type = IWL_FW_MVM; 884 break; 885 case IWL_UCODE_TLV_SEC_WOWLAN: 886 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_WOWLAN, 887 tlv_len); 888 drv->fw.type = IWL_FW_MVM; 889 break; 890 case IWL_UCODE_TLV_DEF_CALIB: 891 if (tlv_len != sizeof(struct iwl_tlv_calib_data)) 892 goto invalid_tlv_len; 893 if (iwl_set_default_calib(drv, tlv_data)) 894 goto tlv_error; 895 break; 896 case IWL_UCODE_TLV_PHY_SKU: 897 if (tlv_len != sizeof(u32)) 898 goto invalid_tlv_len; 899 drv->fw.phy_config = le32_to_cpup((const __le32 *)tlv_data); 900 drv->fw.valid_tx_ant = (drv->fw.phy_config & 901 FW_PHY_CFG_TX_CHAIN) >> 902 FW_PHY_CFG_TX_CHAIN_POS; 903 drv->fw.valid_rx_ant = (drv->fw.phy_config & 904 FW_PHY_CFG_RX_CHAIN) >> 905 FW_PHY_CFG_RX_CHAIN_POS; 906 break; 907 case IWL_UCODE_TLV_SECURE_SEC_RT: 908 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_REGULAR, 909 tlv_len); 910 drv->fw.type = IWL_FW_MVM; 911 break; 912 case IWL_UCODE_TLV_SECURE_SEC_INIT: 913 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_INIT, 914 tlv_len); 915 drv->fw.type = IWL_FW_MVM; 916 break; 917 case IWL_UCODE_TLV_SECURE_SEC_WOWLAN: 918 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_WOWLAN, 919 tlv_len); 920 drv->fw.type = IWL_FW_MVM; 921 break; 922 case IWL_UCODE_TLV_NUM_OF_CPU: 923 if (tlv_len != sizeof(u32)) 924 goto invalid_tlv_len; 925 num_of_cpus = 926 le32_to_cpup((const __le32 *)tlv_data); 927 928 if (num_of_cpus == 2) { 929 drv->fw.img[IWL_UCODE_REGULAR].is_dual_cpus = 930 true; 931 drv->fw.img[IWL_UCODE_INIT].is_dual_cpus = 932 true; 933 drv->fw.img[IWL_UCODE_WOWLAN].is_dual_cpus = 934 true; 935 } else if ((num_of_cpus > 2) || (num_of_cpus < 1)) { 936 IWL_ERR(drv, "Driver support upto 2 CPUs\n"); 937 return -EINVAL; 938 } 939 break; 940 case IWL_UCODE_TLV_CSCHEME: 941 if (iwl_store_cscheme(&drv->fw, tlv_data, tlv_len)) 942 goto invalid_tlv_len; 943 break; 944 case IWL_UCODE_TLV_N_SCAN_CHANNELS: 945 if (tlv_len != sizeof(u32)) 946 goto invalid_tlv_len; 947 capa->n_scan_channels = 948 le32_to_cpup((const __le32 *)tlv_data); 949 break; 950 case IWL_UCODE_TLV_FW_VERSION: { 951 const __le32 *ptr = (const void *)tlv_data; 952 u32 major, minor; 953 u8 local_comp; 954 955 if (tlv_len != sizeof(u32) * 3) 956 goto invalid_tlv_len; 957 958 major = le32_to_cpup(ptr++); 959 minor = le32_to_cpup(ptr++); 960 local_comp = le32_to_cpup(ptr); 961 962 if (major >= 35) 963 snprintf(drv->fw.fw_version, 964 sizeof(drv->fw.fw_version), 965 "%u.%08x.%u %s", major, minor, 966 local_comp, iwl_reduced_fw_name(drv)); 967 else 968 snprintf(drv->fw.fw_version, 969 sizeof(drv->fw.fw_version), 970 "%u.%u.%u %s", major, minor, 971 local_comp, iwl_reduced_fw_name(drv)); 972 break; 973 } 974 case IWL_UCODE_TLV_FW_DBG_DEST: { 975 const struct iwl_fw_dbg_dest_tlv *dest = NULL; 976 const struct iwl_fw_dbg_dest_tlv_v1 *dest_v1 = NULL; 977 u8 mon_mode; 978 979 pieces->dbg_dest_ver = (const u8 *)tlv_data; 980 if (*pieces->dbg_dest_ver == 1) { 981 dest = (const void *)tlv_data; 982 } else if (*pieces->dbg_dest_ver == 0) { 983 dest_v1 = (const void *)tlv_data; 984 } else { 985 IWL_ERR(drv, 986 "The version is %d, and it is invalid\n", 987 *pieces->dbg_dest_ver); 988 break; 989 } 990 991 if (pieces->dbg_dest_tlv_init) { 992 IWL_ERR(drv, 993 "dbg destination ignored, already exists\n"); 994 break; 995 } 996 997 pieces->dbg_dest_tlv_init = true; 998 999 if (dest_v1) { 1000 pieces->dbg_dest_tlv_v1 = dest_v1; 1001 mon_mode = dest_v1->monitor_mode; 1002 } else { 1003 pieces->dbg_dest_tlv = dest; 1004 mon_mode = dest->monitor_mode; 1005 } 1006 1007 IWL_INFO(drv, "Found debug destination: %s\n", 1008 get_fw_dbg_mode_string(mon_mode)); 1009 1010 drv->fw.dbg.n_dest_reg = (dest_v1) ? 1011 tlv_len - 1012 offsetof(struct iwl_fw_dbg_dest_tlv_v1, 1013 reg_ops) : 1014 tlv_len - 1015 offsetof(struct iwl_fw_dbg_dest_tlv, 1016 reg_ops); 1017 1018 drv->fw.dbg.n_dest_reg /= 1019 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]); 1020 1021 break; 1022 } 1023 case IWL_UCODE_TLV_FW_DBG_CONF: { 1024 const struct iwl_fw_dbg_conf_tlv *conf = 1025 (const void *)tlv_data; 1026 1027 if (!pieces->dbg_dest_tlv_init) { 1028 IWL_ERR(drv, 1029 "Ignore dbg config %d - no destination configured\n", 1030 conf->id); 1031 break; 1032 } 1033 1034 if (conf->id >= ARRAY_SIZE(drv->fw.dbg.conf_tlv)) { 1035 IWL_ERR(drv, 1036 "Skip unknown configuration: %d\n", 1037 conf->id); 1038 break; 1039 } 1040 1041 if (pieces->dbg_conf_tlv[conf->id]) { 1042 IWL_ERR(drv, 1043 "Ignore duplicate dbg config %d\n", 1044 conf->id); 1045 break; 1046 } 1047 1048 if (conf->usniffer) 1049 usniffer_req = true; 1050 1051 IWL_INFO(drv, "Found debug configuration: %d\n", 1052 conf->id); 1053 1054 pieces->dbg_conf_tlv[conf->id] = conf; 1055 pieces->dbg_conf_tlv_len[conf->id] = tlv_len; 1056 break; 1057 } 1058 case IWL_UCODE_TLV_FW_DBG_TRIGGER: { 1059 const struct iwl_fw_dbg_trigger_tlv *trigger = 1060 (const void *)tlv_data; 1061 u32 trigger_id = le32_to_cpu(trigger->id); 1062 1063 if (trigger_id >= ARRAY_SIZE(drv->fw.dbg.trigger_tlv)) { 1064 IWL_ERR(drv, 1065 "Skip unknown trigger: %u\n", 1066 trigger->id); 1067 break; 1068 } 1069 1070 if (pieces->dbg_trigger_tlv[trigger_id]) { 1071 IWL_ERR(drv, 1072 "Ignore duplicate dbg trigger %u\n", 1073 trigger->id); 1074 break; 1075 } 1076 1077 IWL_INFO(drv, "Found debug trigger: %u\n", trigger->id); 1078 1079 pieces->dbg_trigger_tlv[trigger_id] = trigger; 1080 pieces->dbg_trigger_tlv_len[trigger_id] = tlv_len; 1081 break; 1082 } 1083 case IWL_UCODE_TLV_FW_DBG_DUMP_LST: { 1084 if (tlv_len != sizeof(u32)) { 1085 IWL_ERR(drv, 1086 "dbg lst mask size incorrect, skip\n"); 1087 break; 1088 } 1089 1090 drv->fw.dbg.dump_mask = 1091 le32_to_cpup((const __le32 *)tlv_data); 1092 break; 1093 } 1094 case IWL_UCODE_TLV_SEC_RT_USNIFFER: 1095 *usniffer_images = true; 1096 iwl_store_ucode_sec(pieces, tlv_data, 1097 IWL_UCODE_REGULAR_USNIFFER, 1098 tlv_len); 1099 break; 1100 case IWL_UCODE_TLV_PAGING: 1101 if (tlv_len != sizeof(u32)) 1102 goto invalid_tlv_len; 1103 paging_mem_size = le32_to_cpup((const __le32 *)tlv_data); 1104 1105 IWL_DEBUG_FW(drv, 1106 "Paging: paging enabled (size = %u bytes)\n", 1107 paging_mem_size); 1108 1109 if (paging_mem_size > MAX_PAGING_IMAGE_SIZE) { 1110 IWL_ERR(drv, 1111 "Paging: driver supports up to %lu bytes for paging image\n", 1112 MAX_PAGING_IMAGE_SIZE); 1113 return -EINVAL; 1114 } 1115 1116 if (paging_mem_size & (FW_PAGING_SIZE - 1)) { 1117 IWL_ERR(drv, 1118 "Paging: image isn't multiple %lu\n", 1119 FW_PAGING_SIZE); 1120 return -EINVAL; 1121 } 1122 1123 drv->fw.img[IWL_UCODE_REGULAR].paging_mem_size = 1124 paging_mem_size; 1125 usniffer_img = IWL_UCODE_REGULAR_USNIFFER; 1126 drv->fw.img[usniffer_img].paging_mem_size = 1127 paging_mem_size; 1128 break; 1129 case IWL_UCODE_TLV_FW_GSCAN_CAPA: 1130 /* ignored */ 1131 break; 1132 case IWL_UCODE_TLV_FW_MEM_SEG: { 1133 const struct iwl_fw_dbg_mem_seg_tlv *dbg_mem = 1134 (const void *)tlv_data; 1135 size_t size; 1136 struct iwl_fw_dbg_mem_seg_tlv *n; 1137 1138 if (tlv_len != (sizeof(*dbg_mem))) 1139 goto invalid_tlv_len; 1140 1141 IWL_DEBUG_INFO(drv, "Found debug memory segment: %u\n", 1142 dbg_mem->data_type); 1143 1144 size = sizeof(*pieces->dbg_mem_tlv) * 1145 (pieces->n_mem_tlv + 1); 1146 n = krealloc(pieces->dbg_mem_tlv, size, GFP_KERNEL); 1147 if (!n) 1148 return -ENOMEM; 1149 pieces->dbg_mem_tlv = n; 1150 pieces->dbg_mem_tlv[pieces->n_mem_tlv] = *dbg_mem; 1151 pieces->n_mem_tlv++; 1152 break; 1153 } 1154 case IWL_UCODE_TLV_IML: { 1155 drv->fw.iml_len = tlv_len; 1156 drv->fw.iml = kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1157 if (!drv->fw.iml) 1158 return -ENOMEM; 1159 break; 1160 } 1161 case IWL_UCODE_TLV_FW_RECOVERY_INFO: { 1162 const struct { 1163 __le32 buf_addr; 1164 __le32 buf_size; 1165 } *recov_info = (const void *)tlv_data; 1166 1167 if (tlv_len != sizeof(*recov_info)) 1168 goto invalid_tlv_len; 1169 capa->error_log_addr = 1170 le32_to_cpu(recov_info->buf_addr); 1171 capa->error_log_size = 1172 le32_to_cpu(recov_info->buf_size); 1173 } 1174 break; 1175 case IWL_UCODE_TLV_FW_FSEQ_VERSION: { 1176 const struct { 1177 u8 version[32]; 1178 u8 sha1[20]; 1179 } *fseq_ver = (const void *)tlv_data; 1180 1181 if (tlv_len != sizeof(*fseq_ver)) 1182 goto invalid_tlv_len; 1183 IWL_INFO(drv, "TLV_FW_FSEQ_VERSION: %s\n", 1184 fseq_ver->version); 1185 } 1186 break; 1187 case IWL_UCODE_TLV_FW_NUM_STATIONS: 1188 if (tlv_len != sizeof(u32)) 1189 goto invalid_tlv_len; 1190 if (le32_to_cpup((const __le32 *)tlv_data) > 1191 IWL_MVM_STATION_COUNT_MAX) { 1192 IWL_ERR(drv, 1193 "%d is an invalid number of station\n", 1194 le32_to_cpup((const __le32 *)tlv_data)); 1195 goto tlv_error; 1196 } 1197 capa->num_stations = 1198 le32_to_cpup((const __le32 *)tlv_data); 1199 break; 1200 case IWL_UCODE_TLV_UMAC_DEBUG_ADDRS: { 1201 const struct iwl_umac_debug_addrs *dbg_ptrs = 1202 (const void *)tlv_data; 1203 1204 if (tlv_len != sizeof(*dbg_ptrs)) 1205 goto invalid_tlv_len; 1206 if (drv->trans->trans_cfg->device_family < 1207 IWL_DEVICE_FAMILY_22000) 1208 break; 1209 drv->trans->dbg.umac_error_event_table = 1210 le32_to_cpu(dbg_ptrs->error_info_addr) & 1211 ~FW_ADDR_CACHE_CONTROL; 1212 drv->trans->dbg.error_event_table_tlv_status |= 1213 IWL_ERROR_EVENT_TABLE_UMAC; 1214 break; 1215 } 1216 case IWL_UCODE_TLV_LMAC_DEBUG_ADDRS: { 1217 const struct iwl_lmac_debug_addrs *dbg_ptrs = 1218 (const void *)tlv_data; 1219 1220 if (tlv_len != sizeof(*dbg_ptrs)) 1221 goto invalid_tlv_len; 1222 if (drv->trans->trans_cfg->device_family < 1223 IWL_DEVICE_FAMILY_22000) 1224 break; 1225 drv->trans->dbg.lmac_error_event_table[0] = 1226 le32_to_cpu(dbg_ptrs->error_event_table_ptr) & 1227 ~FW_ADDR_CACHE_CONTROL; 1228 drv->trans->dbg.error_event_table_tlv_status |= 1229 IWL_ERROR_EVENT_TABLE_LMAC1; 1230 break; 1231 } 1232 case IWL_UCODE_TLV_TYPE_REGIONS: 1233 iwl_parse_dbg_tlv_assert_tables(drv, tlv); 1234 fallthrough; 1235 case IWL_UCODE_TLV_TYPE_DEBUG_INFO: 1236 case IWL_UCODE_TLV_TYPE_BUFFER_ALLOCATION: 1237 case IWL_UCODE_TLV_TYPE_HCMD: 1238 case IWL_UCODE_TLV_TYPE_TRIGGERS: 1239 case IWL_UCODE_TLV_TYPE_CONF_SET: 1240 if (iwlwifi_mod_params.enable_ini) 1241 iwl_dbg_tlv_alloc(drv->trans, tlv, false); 1242 break; 1243 case IWL_UCODE_TLV_CMD_VERSIONS: 1244 if (tlv_len % sizeof(struct iwl_fw_cmd_version)) { 1245 IWL_ERR(drv, 1246 "Invalid length for command versions: %u\n", 1247 tlv_len); 1248 tlv_len /= sizeof(struct iwl_fw_cmd_version); 1249 tlv_len *= sizeof(struct iwl_fw_cmd_version); 1250 } 1251 if (WARN_ON(capa->cmd_versions)) 1252 return -EINVAL; 1253 capa->cmd_versions = kmemdup(tlv_data, tlv_len, 1254 GFP_KERNEL); 1255 if (!capa->cmd_versions) 1256 return -ENOMEM; 1257 capa->n_cmd_versions = 1258 tlv_len / sizeof(struct iwl_fw_cmd_version); 1259 break; 1260 case IWL_UCODE_TLV_PHY_INTEGRATION_VERSION: 1261 if (drv->fw.phy_integration_ver) { 1262 IWL_ERR(drv, 1263 "phy integration str ignored, already exists\n"); 1264 break; 1265 } 1266 1267 drv->fw.phy_integration_ver = 1268 kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1269 if (!drv->fw.phy_integration_ver) 1270 return -ENOMEM; 1271 drv->fw.phy_integration_ver_len = tlv_len; 1272 break; 1273 case IWL_UCODE_TLV_SEC_TABLE_ADDR: 1274 case IWL_UCODE_TLV_D3_KEK_KCK_ADDR: 1275 iwl_drv_set_dump_exclude(drv, tlv_type, 1276 tlv_data, tlv_len); 1277 break; 1278 default: 1279 IWL_DEBUG_INFO(drv, "unknown TLV: %d\n", tlv_type); 1280 break; 1281 } 1282 } 1283 1284 if (!fw_has_capa(capa, IWL_UCODE_TLV_CAPA_USNIFFER_UNIFIED) && 1285 usniffer_req && !*usniffer_images) { 1286 IWL_ERR(drv, 1287 "user selected to work with usniffer but usniffer image isn't available in ucode package\n"); 1288 return -EINVAL; 1289 } 1290 1291 if (len) { 1292 IWL_ERR(drv, "invalid TLV after parsing: %zd\n", len); 1293 #if defined(__linux__) 1294 iwl_print_hex_dump(drv, IWL_DL_FW, data, len); 1295 #elif defined(__FreeBSD__) 1296 #ifdef CONFIG_IWLWIFI_DEBUGFS 1297 iwl_print_hex_dump(drv, IWL_DL_FW, "TLV ", data, len); 1298 #endif 1299 #endif 1300 return -EINVAL; 1301 } 1302 1303 return 0; 1304 1305 invalid_tlv_len: 1306 IWL_ERR(drv, "TLV %d has invalid size: %u\n", tlv_type, tlv_len); 1307 tlv_error: 1308 #if defined(__linux__) 1309 iwl_print_hex_dump(drv, IWL_DL_FW, tlv_data, tlv_len); 1310 #elif defined(__FreeBSD__) 1311 #ifdef CONFIG_IWLWIFI_DEBUGFS 1312 iwl_print_hex_dump(drv, IWL_DL_FW, "TLV ", tlv_data, tlv_len); 1313 #endif 1314 #endif 1315 1316 return -EINVAL; 1317 } 1318 1319 static int iwl_alloc_ucode(struct iwl_drv *drv, 1320 struct iwl_firmware_pieces *pieces, 1321 enum iwl_ucode_type type) 1322 { 1323 int i; 1324 struct fw_desc *sec; 1325 1326 sec = kcalloc(pieces->img[type].sec_counter, sizeof(*sec), GFP_KERNEL); 1327 if (!sec) 1328 return -ENOMEM; 1329 drv->fw.img[type].sec = sec; 1330 drv->fw.img[type].num_sec = pieces->img[type].sec_counter; 1331 1332 for (i = 0; i < pieces->img[type].sec_counter; i++) 1333 if (iwl_alloc_fw_desc(drv, &sec[i], get_sec(pieces, type, i))) 1334 return -ENOMEM; 1335 1336 return 0; 1337 } 1338 1339 static int validate_sec_sizes(struct iwl_drv *drv, 1340 struct iwl_firmware_pieces *pieces, 1341 const struct iwl_cfg *cfg) 1342 { 1343 IWL_DEBUG_INFO(drv, "f/w package hdr runtime inst size = %zd\n", 1344 get_sec_size(pieces, IWL_UCODE_REGULAR, 1345 IWL_UCODE_SECTION_INST)); 1346 IWL_DEBUG_INFO(drv, "f/w package hdr runtime data size = %zd\n", 1347 get_sec_size(pieces, IWL_UCODE_REGULAR, 1348 IWL_UCODE_SECTION_DATA)); 1349 IWL_DEBUG_INFO(drv, "f/w package hdr init inst size = %zd\n", 1350 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST)); 1351 IWL_DEBUG_INFO(drv, "f/w package hdr init data size = %zd\n", 1352 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA)); 1353 1354 /* Verify that uCode images will fit in card's SRAM. */ 1355 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) > 1356 cfg->max_inst_size) { 1357 IWL_ERR(drv, "uCode instr len %zd too large to fit in\n", 1358 get_sec_size(pieces, IWL_UCODE_REGULAR, 1359 IWL_UCODE_SECTION_INST)); 1360 return -1; 1361 } 1362 1363 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) > 1364 cfg->max_data_size) { 1365 IWL_ERR(drv, "uCode data len %zd too large to fit in\n", 1366 get_sec_size(pieces, IWL_UCODE_REGULAR, 1367 IWL_UCODE_SECTION_DATA)); 1368 return -1; 1369 } 1370 1371 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) > 1372 cfg->max_inst_size) { 1373 IWL_ERR(drv, "uCode init instr len %zd too large to fit in\n", 1374 get_sec_size(pieces, IWL_UCODE_INIT, 1375 IWL_UCODE_SECTION_INST)); 1376 return -1; 1377 } 1378 1379 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA) > 1380 cfg->max_data_size) { 1381 IWL_ERR(drv, "uCode init data len %zd too large to fit in\n", 1382 get_sec_size(pieces, IWL_UCODE_REGULAR, 1383 IWL_UCODE_SECTION_DATA)); 1384 return -1; 1385 } 1386 return 0; 1387 } 1388 1389 static struct iwl_op_mode * 1390 _iwl_op_mode_start(struct iwl_drv *drv, struct iwlwifi_opmode_table *op) 1391 { 1392 const struct iwl_op_mode_ops *ops = op->ops; 1393 struct dentry *dbgfs_dir = NULL; 1394 struct iwl_op_mode *op_mode = NULL; 1395 int retry, max_retry = !!iwlwifi_mod_params.fw_restart * IWL_MAX_INIT_RETRY; 1396 1397 for (retry = 0; retry <= max_retry; retry++) { 1398 1399 #ifdef CONFIG_IWLWIFI_DEBUGFS 1400 drv->dbgfs_op_mode = debugfs_create_dir(op->name, 1401 drv->dbgfs_drv); 1402 dbgfs_dir = drv->dbgfs_op_mode; 1403 #endif 1404 1405 op_mode = ops->start(drv->trans, drv->trans->cfg, 1406 &drv->fw, dbgfs_dir); 1407 1408 if (op_mode) 1409 return op_mode; 1410 1411 IWL_ERR(drv, "retry init count %d\n", retry); 1412 1413 #ifdef CONFIG_IWLWIFI_DEBUGFS 1414 debugfs_remove_recursive(drv->dbgfs_op_mode); 1415 drv->dbgfs_op_mode = NULL; 1416 #endif 1417 } 1418 1419 return NULL; 1420 } 1421 1422 static void _iwl_op_mode_stop(struct iwl_drv *drv) 1423 { 1424 /* op_mode can be NULL if its start failed */ 1425 if (drv->op_mode) { 1426 iwl_op_mode_stop(drv->op_mode); 1427 drv->op_mode = NULL; 1428 1429 #ifdef CONFIG_IWLWIFI_DEBUGFS 1430 debugfs_remove_recursive(drv->dbgfs_op_mode); 1431 drv->dbgfs_op_mode = NULL; 1432 #endif 1433 } 1434 } 1435 1436 /* 1437 * iwl_req_fw_callback - callback when firmware was loaded 1438 * 1439 * If loaded successfully, copies the firmware into buffers 1440 * for the card to fetch (via DMA). 1441 */ 1442 static void iwl_req_fw_callback(const struct firmware *ucode_raw, void *context) 1443 { 1444 struct iwl_drv *drv = context; 1445 struct iwl_fw *fw = &drv->fw; 1446 const struct iwl_ucode_header *ucode; 1447 struct iwlwifi_opmode_table *op; 1448 int err; 1449 struct iwl_firmware_pieces *pieces; 1450 const unsigned int api_max = drv->trans->cfg->ucode_api_max; 1451 const unsigned int api_min = drv->trans->cfg->ucode_api_min; 1452 size_t trigger_tlv_sz[FW_DBG_TRIGGER_MAX]; 1453 u32 api_ver; 1454 int i; 1455 bool load_module = false; 1456 bool usniffer_images = false; 1457 bool failure = true; 1458 1459 fw->ucode_capa.max_probe_length = IWL_DEFAULT_MAX_PROBE_LENGTH; 1460 fw->ucode_capa.standard_phy_calibration_size = 1461 IWL_DEFAULT_STANDARD_PHY_CALIBRATE_TBL_SIZE; 1462 fw->ucode_capa.n_scan_channels = IWL_DEFAULT_SCAN_CHANNELS; 1463 fw->ucode_capa.num_stations = IWL_MVM_STATION_COUNT_MAX; 1464 /* dump all fw memory areas by default */ 1465 fw->dbg.dump_mask = 0xffffffff; 1466 1467 pieces = kzalloc(sizeof(*pieces), GFP_KERNEL); 1468 if (!pieces) 1469 goto out_free_fw; 1470 1471 if (!ucode_raw) 1472 goto try_again; 1473 1474 IWL_DEBUG_FW_INFO(drv, "Loaded firmware file '%s' (%zd bytes).\n", 1475 drv->firmware_name, ucode_raw->size); 1476 1477 /* Make sure that we got at least the API version number */ 1478 if (ucode_raw->size < 4) { 1479 IWL_ERR(drv, "File size way too small!\n"); 1480 goto try_again; 1481 } 1482 1483 /* Data from ucode file: header followed by uCode images */ 1484 ucode = (const struct iwl_ucode_header *)ucode_raw->data; 1485 1486 if (ucode->ver) 1487 err = iwl_parse_v1_v2_firmware(drv, ucode_raw, pieces); 1488 else 1489 err = iwl_parse_tlv_firmware(drv, ucode_raw, pieces, 1490 &fw->ucode_capa, &usniffer_images); 1491 1492 if (err) 1493 goto try_again; 1494 1495 if (fw_has_api(&drv->fw.ucode_capa, IWL_UCODE_TLV_API_NEW_VERSION)) 1496 api_ver = drv->fw.ucode_ver; 1497 else 1498 api_ver = IWL_UCODE_API(drv->fw.ucode_ver); 1499 1500 /* 1501 * api_ver should match the api version forming part of the 1502 * firmware filename ... but we don't check for that and only rely 1503 * on the API version read from firmware header from here on forward 1504 */ 1505 if (api_ver < api_min || api_ver > api_max) { 1506 IWL_ERR(drv, 1507 "Driver unable to support your firmware API. " 1508 "Driver supports v%u, firmware is v%u.\n", 1509 api_max, api_ver); 1510 goto try_again; 1511 } 1512 1513 /* 1514 * In mvm uCode there is no difference between data and instructions 1515 * sections. 1516 */ 1517 if (fw->type == IWL_FW_DVM && validate_sec_sizes(drv, pieces, 1518 drv->trans->cfg)) 1519 goto try_again; 1520 1521 /* Allocate ucode buffers for card's bus-master loading ... */ 1522 1523 /* Runtime instructions and 2 copies of data: 1524 * 1) unmodified from disk 1525 * 2) backup cache for save/restore during power-downs 1526 */ 1527 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++) 1528 if (iwl_alloc_ucode(drv, pieces, i)) 1529 goto out_free_fw; 1530 1531 if (pieces->dbg_dest_tlv_init) { 1532 size_t dbg_dest_size = sizeof(*drv->fw.dbg.dest_tlv) + 1533 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]) * 1534 drv->fw.dbg.n_dest_reg; 1535 1536 drv->fw.dbg.dest_tlv = kmalloc(dbg_dest_size, GFP_KERNEL); 1537 1538 if (!drv->fw.dbg.dest_tlv) 1539 goto out_free_fw; 1540 1541 if (*pieces->dbg_dest_ver == 0) { 1542 memcpy(drv->fw.dbg.dest_tlv, pieces->dbg_dest_tlv_v1, 1543 dbg_dest_size); 1544 } else { 1545 struct iwl_fw_dbg_dest_tlv_v1 *dest_tlv = 1546 drv->fw.dbg.dest_tlv; 1547 1548 dest_tlv->version = pieces->dbg_dest_tlv->version; 1549 dest_tlv->monitor_mode = 1550 pieces->dbg_dest_tlv->monitor_mode; 1551 dest_tlv->size_power = 1552 pieces->dbg_dest_tlv->size_power; 1553 dest_tlv->wrap_count = 1554 pieces->dbg_dest_tlv->wrap_count; 1555 dest_tlv->write_ptr_reg = 1556 pieces->dbg_dest_tlv->write_ptr_reg; 1557 dest_tlv->base_shift = 1558 pieces->dbg_dest_tlv->base_shift; 1559 memcpy(dest_tlv->reg_ops, 1560 pieces->dbg_dest_tlv->reg_ops, 1561 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]) * 1562 drv->fw.dbg.n_dest_reg); 1563 1564 /* In version 1 of the destination tlv, which is 1565 * relevant for internal buffer exclusively, 1566 * the base address is part of given with the length 1567 * of the buffer, and the size shift is give instead of 1568 * end shift. We now store these values in base_reg, 1569 * and end shift, and when dumping the data we'll 1570 * manipulate it for extracting both the length and 1571 * base address */ 1572 dest_tlv->base_reg = pieces->dbg_dest_tlv->cfg_reg; 1573 dest_tlv->end_shift = 1574 pieces->dbg_dest_tlv->size_shift; 1575 } 1576 } 1577 1578 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.conf_tlv); i++) { 1579 if (pieces->dbg_conf_tlv[i]) { 1580 drv->fw.dbg.conf_tlv[i] = 1581 kmemdup(pieces->dbg_conf_tlv[i], 1582 pieces->dbg_conf_tlv_len[i], 1583 GFP_KERNEL); 1584 if (!drv->fw.dbg.conf_tlv[i]) 1585 goto out_free_fw; 1586 } 1587 } 1588 1589 memset(&trigger_tlv_sz, 0xff, sizeof(trigger_tlv_sz)); 1590 1591 trigger_tlv_sz[FW_DBG_TRIGGER_MISSED_BEACONS] = 1592 sizeof(struct iwl_fw_dbg_trigger_missed_bcon); 1593 trigger_tlv_sz[FW_DBG_TRIGGER_CHANNEL_SWITCH] = 0; 1594 trigger_tlv_sz[FW_DBG_TRIGGER_FW_NOTIF] = 1595 sizeof(struct iwl_fw_dbg_trigger_cmd); 1596 trigger_tlv_sz[FW_DBG_TRIGGER_MLME] = 1597 sizeof(struct iwl_fw_dbg_trigger_mlme); 1598 trigger_tlv_sz[FW_DBG_TRIGGER_STATS] = 1599 sizeof(struct iwl_fw_dbg_trigger_stats); 1600 trigger_tlv_sz[FW_DBG_TRIGGER_RSSI] = 1601 sizeof(struct iwl_fw_dbg_trigger_low_rssi); 1602 trigger_tlv_sz[FW_DBG_TRIGGER_TXQ_TIMERS] = 1603 sizeof(struct iwl_fw_dbg_trigger_txq_timer); 1604 trigger_tlv_sz[FW_DBG_TRIGGER_TIME_EVENT] = 1605 sizeof(struct iwl_fw_dbg_trigger_time_event); 1606 trigger_tlv_sz[FW_DBG_TRIGGER_BA] = 1607 sizeof(struct iwl_fw_dbg_trigger_ba); 1608 trigger_tlv_sz[FW_DBG_TRIGGER_TDLS] = 1609 sizeof(struct iwl_fw_dbg_trigger_tdls); 1610 1611 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.trigger_tlv); i++) { 1612 if (pieces->dbg_trigger_tlv[i]) { 1613 /* 1614 * If the trigger isn't long enough, WARN and exit. 1615 * Someone is trying to debug something and he won't 1616 * be able to catch the bug he is trying to chase. 1617 * We'd better be noisy to be sure he knows what's 1618 * going on. 1619 */ 1620 if (WARN_ON(pieces->dbg_trigger_tlv_len[i] < 1621 (trigger_tlv_sz[i] + 1622 sizeof(struct iwl_fw_dbg_trigger_tlv)))) 1623 goto out_free_fw; 1624 drv->fw.dbg.trigger_tlv_len[i] = 1625 pieces->dbg_trigger_tlv_len[i]; 1626 drv->fw.dbg.trigger_tlv[i] = 1627 kmemdup(pieces->dbg_trigger_tlv[i], 1628 drv->fw.dbg.trigger_tlv_len[i], 1629 GFP_KERNEL); 1630 if (!drv->fw.dbg.trigger_tlv[i]) 1631 goto out_free_fw; 1632 } 1633 } 1634 1635 /* Now that we can no longer fail, copy information */ 1636 1637 drv->fw.dbg.mem_tlv = pieces->dbg_mem_tlv; 1638 pieces->dbg_mem_tlv = NULL; 1639 drv->fw.dbg.n_mem_tlv = pieces->n_mem_tlv; 1640 1641 /* 1642 * The (size - 16) / 12 formula is based on the information recorded 1643 * for each event, which is of mode 1 (including timestamp) for all 1644 * new microcodes that include this information. 1645 */ 1646 fw->init_evtlog_ptr = pieces->init_evtlog_ptr; 1647 if (pieces->init_evtlog_size) 1648 fw->init_evtlog_size = (pieces->init_evtlog_size - 16)/12; 1649 else 1650 fw->init_evtlog_size = 1651 drv->trans->trans_cfg->base_params->max_event_log_size; 1652 fw->init_errlog_ptr = pieces->init_errlog_ptr; 1653 fw->inst_evtlog_ptr = pieces->inst_evtlog_ptr; 1654 if (pieces->inst_evtlog_size) 1655 fw->inst_evtlog_size = (pieces->inst_evtlog_size - 16)/12; 1656 else 1657 fw->inst_evtlog_size = 1658 drv->trans->trans_cfg->base_params->max_event_log_size; 1659 fw->inst_errlog_ptr = pieces->inst_errlog_ptr; 1660 1661 /* 1662 * figure out the offset of chain noise reset and gain commands 1663 * base on the size of standard phy calibration commands table size 1664 */ 1665 if (fw->ucode_capa.standard_phy_calibration_size > 1666 IWL_MAX_PHY_CALIBRATE_TBL_SIZE) 1667 fw->ucode_capa.standard_phy_calibration_size = 1668 IWL_MAX_STANDARD_PHY_CALIBRATE_TBL_SIZE; 1669 1670 /* We have our copies now, allow OS release its copies */ 1671 release_firmware(ucode_raw); 1672 1673 iwl_dbg_tlv_load_bin(drv->trans->dev, drv->trans); 1674 1675 mutex_lock(&iwlwifi_opmode_table_mtx); 1676 switch (fw->type) { 1677 case IWL_FW_DVM: 1678 op = &iwlwifi_opmode_table[DVM_OP_MODE]; 1679 break; 1680 default: 1681 WARN(1, "Invalid fw type %d\n", fw->type); 1682 fallthrough; 1683 case IWL_FW_MVM: 1684 op = &iwlwifi_opmode_table[MVM_OP_MODE]; 1685 break; 1686 } 1687 1688 IWL_INFO(drv, "loaded firmware version %s op_mode %s\n", 1689 drv->fw.fw_version, op->name); 1690 1691 /* add this device to the list of devices using this op_mode */ 1692 list_add_tail(&drv->list, &op->drv); 1693 1694 if (op->ops) { 1695 drv->op_mode = _iwl_op_mode_start(drv, op); 1696 1697 if (!drv->op_mode) { 1698 mutex_unlock(&iwlwifi_opmode_table_mtx); 1699 goto out_unbind; 1700 } 1701 } else { 1702 load_module = true; 1703 } 1704 mutex_unlock(&iwlwifi_opmode_table_mtx); 1705 1706 /* 1707 * Complete the firmware request last so that 1708 * a driver unbind (stop) doesn't run while we 1709 * are doing the start() above. 1710 */ 1711 complete(&drv->request_firmware_complete); 1712 1713 /* 1714 * Load the module last so we don't block anything 1715 * else from proceeding if the module fails to load 1716 * or hangs loading. 1717 */ 1718 if (load_module) 1719 request_module("%s", op->name); 1720 failure = false; 1721 goto free; 1722 1723 try_again: 1724 /* try next, if any */ 1725 release_firmware(ucode_raw); 1726 if (iwl_request_firmware(drv, false)) 1727 goto out_unbind; 1728 goto free; 1729 1730 out_free_fw: 1731 release_firmware(ucode_raw); 1732 out_unbind: 1733 complete(&drv->request_firmware_complete); 1734 device_release_driver(drv->trans->dev); 1735 free: 1736 if (failure) 1737 iwl_dealloc_ucode(drv); 1738 1739 if (pieces) { 1740 for (i = 0; i < ARRAY_SIZE(pieces->img); i++) 1741 kfree(pieces->img[i].sec); 1742 kfree(pieces->dbg_mem_tlv); 1743 kfree(pieces); 1744 } 1745 } 1746 1747 struct iwl_drv *iwl_drv_start(struct iwl_trans *trans) 1748 { 1749 struct iwl_drv *drv; 1750 int ret; 1751 1752 drv = kzalloc(sizeof(*drv), GFP_KERNEL); 1753 if (!drv) { 1754 ret = -ENOMEM; 1755 goto err; 1756 } 1757 1758 drv->trans = trans; 1759 drv->dev = trans->dev; 1760 1761 init_completion(&drv->request_firmware_complete); 1762 INIT_LIST_HEAD(&drv->list); 1763 1764 #ifdef CONFIG_IWLWIFI_DEBUGFS 1765 /* Create the device debugfs entries. */ 1766 drv->dbgfs_drv = debugfs_create_dir(dev_name(trans->dev), 1767 iwl_dbgfs_root); 1768 1769 /* Create transport layer debugfs dir */ 1770 drv->trans->dbgfs_dir = debugfs_create_dir("trans", drv->dbgfs_drv); 1771 #endif 1772 1773 drv->trans->dbg.domains_bitmap = IWL_TRANS_FW_DBG_DOMAIN(drv->trans); 1774 1775 ret = iwl_request_firmware(drv, true); 1776 if (ret) { 1777 IWL_ERR(trans, "Couldn't request the fw\n"); 1778 goto err_fw; 1779 } 1780 1781 return drv; 1782 1783 err_fw: 1784 #ifdef CONFIG_IWLWIFI_DEBUGFS 1785 debugfs_remove_recursive(drv->dbgfs_drv); 1786 iwl_dbg_tlv_free(drv->trans); 1787 #endif 1788 kfree(drv); 1789 err: 1790 return ERR_PTR(ret); 1791 } 1792 1793 void iwl_drv_stop(struct iwl_drv *drv) 1794 { 1795 wait_for_completion(&drv->request_firmware_complete); 1796 1797 _iwl_op_mode_stop(drv); 1798 1799 iwl_dealloc_ucode(drv); 1800 1801 mutex_lock(&iwlwifi_opmode_table_mtx); 1802 /* 1803 * List is empty (this item wasn't added) 1804 * when firmware loading failed -- in that 1805 * case we can't remove it from any list. 1806 */ 1807 if (!list_empty(&drv->list)) 1808 list_del(&drv->list); 1809 mutex_unlock(&iwlwifi_opmode_table_mtx); 1810 1811 #ifdef CONFIG_IWLWIFI_DEBUGFS 1812 drv->trans->ops->debugfs_cleanup(drv->trans); 1813 1814 debugfs_remove_recursive(drv->dbgfs_drv); 1815 #endif 1816 1817 iwl_dbg_tlv_free(drv->trans); 1818 1819 kfree(drv); 1820 } 1821 1822 1823 /* shared module parameters */ 1824 struct iwl_mod_params iwlwifi_mod_params = { 1825 .fw_restart = true, 1826 .bt_coex_active = true, 1827 .power_level = IWL_POWER_INDEX_1, 1828 .uapsd_disable = IWL_DISABLE_UAPSD_BSS | IWL_DISABLE_UAPSD_P2P_CLIENT, 1829 .enable_ini = true, 1830 #if defined(__FreeBSD__) 1831 .disable_11n = 1, 1832 .disable_11ac = true, 1833 .disable_11ax = true, 1834 #endif 1835 /* the rest are 0 by default */ 1836 }; 1837 IWL_EXPORT_SYMBOL(iwlwifi_mod_params); 1838 1839 int iwl_opmode_register(const char *name, const struct iwl_op_mode_ops *ops) 1840 { 1841 int i; 1842 struct iwl_drv *drv; 1843 struct iwlwifi_opmode_table *op; 1844 1845 mutex_lock(&iwlwifi_opmode_table_mtx); 1846 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) { 1847 op = &iwlwifi_opmode_table[i]; 1848 if (strcmp(op->name, name)) 1849 continue; 1850 op->ops = ops; 1851 /* TODO: need to handle exceptional case */ 1852 list_for_each_entry(drv, &op->drv, list) 1853 drv->op_mode = _iwl_op_mode_start(drv, op); 1854 1855 mutex_unlock(&iwlwifi_opmode_table_mtx); 1856 return 0; 1857 } 1858 mutex_unlock(&iwlwifi_opmode_table_mtx); 1859 return -EIO; 1860 } 1861 IWL_EXPORT_SYMBOL(iwl_opmode_register); 1862 1863 void iwl_opmode_deregister(const char *name) 1864 { 1865 int i; 1866 struct iwl_drv *drv; 1867 1868 mutex_lock(&iwlwifi_opmode_table_mtx); 1869 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) { 1870 if (strcmp(iwlwifi_opmode_table[i].name, name)) 1871 continue; 1872 iwlwifi_opmode_table[i].ops = NULL; 1873 1874 /* call the stop routine for all devices */ 1875 list_for_each_entry(drv, &iwlwifi_opmode_table[i].drv, list) 1876 _iwl_op_mode_stop(drv); 1877 1878 mutex_unlock(&iwlwifi_opmode_table_mtx); 1879 return; 1880 } 1881 mutex_unlock(&iwlwifi_opmode_table_mtx); 1882 } 1883 IWL_EXPORT_SYMBOL(iwl_opmode_deregister); 1884 1885 static int __init iwl_drv_init(void) 1886 { 1887 int i, err; 1888 1889 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) 1890 INIT_LIST_HEAD(&iwlwifi_opmode_table[i].drv); 1891 1892 pr_info(DRV_DESCRIPTION "\n"); 1893 1894 #ifdef CONFIG_IWLWIFI_DEBUGFS 1895 /* Create the root of iwlwifi debugfs subsystem. */ 1896 iwl_dbgfs_root = debugfs_create_dir(DRV_NAME, NULL); 1897 #endif 1898 1899 err = iwl_pci_register_driver(); 1900 if (err) 1901 goto cleanup_debugfs; 1902 1903 return 0; 1904 1905 cleanup_debugfs: 1906 #ifdef CONFIG_IWLWIFI_DEBUGFS 1907 debugfs_remove_recursive(iwl_dbgfs_root); 1908 #endif 1909 return err; 1910 } 1911 module_init(iwl_drv_init); 1912 1913 static void __exit iwl_drv_exit(void) 1914 { 1915 iwl_pci_unregister_driver(); 1916 1917 #ifdef CONFIG_IWLWIFI_DEBUGFS 1918 debugfs_remove_recursive(iwl_dbgfs_root); 1919 #endif 1920 } 1921 module_exit(iwl_drv_exit); 1922 1923 #ifdef CONFIG_IWLWIFI_DEBUG 1924 module_param_named(debug, iwlwifi_mod_params.debug_level, uint, 0644); 1925 MODULE_PARM_DESC(debug, "debug output mask"); 1926 #endif 1927 1928 module_param_named(swcrypto, iwlwifi_mod_params.swcrypto, int, 0444); 1929 MODULE_PARM_DESC(swcrypto, "using crypto in software (default 0 [hardware])"); 1930 module_param_named(11n_disable, iwlwifi_mod_params.disable_11n, uint, 0444); 1931 MODULE_PARM_DESC(11n_disable, 1932 "disable 11n functionality, bitmap: 1: full, 2: disable agg TX, 4: disable agg RX, 8 enable agg TX"); 1933 module_param_named(amsdu_size, iwlwifi_mod_params.amsdu_size, int, 0444); 1934 MODULE_PARM_DESC(amsdu_size, 1935 "amsdu size 0: 12K for multi Rx queue devices, 2K for AX210 devices, " 1936 "4K for other devices 1:4K 2:8K 3:12K (16K buffers) 4: 2K (default 0)"); 1937 module_param_named(fw_restart, iwlwifi_mod_params.fw_restart, bool, 0444); 1938 MODULE_PARM_DESC(fw_restart, "restart firmware in case of error (default true)"); 1939 1940 module_param_named(nvm_file, iwlwifi_mod_params.nvm_file, charp, 0444); 1941 MODULE_PARM_DESC(nvm_file, "NVM file name"); 1942 1943 module_param_named(uapsd_disable, iwlwifi_mod_params.uapsd_disable, uint, 0644); 1944 MODULE_PARM_DESC(uapsd_disable, 1945 "disable U-APSD functionality bitmap 1: BSS 2: P2P Client (default: 3)"); 1946 module_param_named(enable_ini, iwlwifi_mod_params.enable_ini, 1947 bool, S_IRUGO | S_IWUSR); 1948 MODULE_PARM_DESC(enable_ini, 1949 "Enable debug INI TLV FW debug infrastructure (default: true"); 1950 1951 /* 1952 * set bt_coex_active to true, uCode will do kill/defer 1953 * every time the priority line is asserted (BT is sending signals on the 1954 * priority line in the PCIx). 1955 * set bt_coex_active to false, uCode will ignore the BT activity and 1956 * perform the normal operation 1957 * 1958 * User might experience transmit issue on some platform due to WiFi/BT 1959 * co-exist problem. The possible behaviors are: 1960 * Able to scan and finding all the available AP 1961 * Not able to associate with any AP 1962 * On those platforms, WiFi communication can be restored by set 1963 * "bt_coex_active" module parameter to "false" 1964 * 1965 * default: bt_coex_active = true (BT_COEX_ENABLE) 1966 */ 1967 module_param_named(bt_coex_active, iwlwifi_mod_params.bt_coex_active, 1968 bool, 0444); 1969 MODULE_PARM_DESC(bt_coex_active, "enable wifi/bt co-exist (default: enable)"); 1970 1971 module_param_named(led_mode, iwlwifi_mod_params.led_mode, int, 0444); 1972 MODULE_PARM_DESC(led_mode, "0=system default, " 1973 "1=On(RF On)/Off(RF Off), 2=blinking, 3=Off (default: 0)"); 1974 1975 module_param_named(power_save, iwlwifi_mod_params.power_save, bool, 0444); 1976 MODULE_PARM_DESC(power_save, 1977 "enable WiFi power management (default: disable)"); 1978 1979 module_param_named(power_level, iwlwifi_mod_params.power_level, int, 0444); 1980 MODULE_PARM_DESC(power_level, 1981 "default power save level (range from 1 - 5, default: 1)"); 1982 1983 module_param_named(disable_11ac, iwlwifi_mod_params.disable_11ac, bool, 0444); 1984 MODULE_PARM_DESC(disable_11ac, "Disable VHT capabilities (default: false)"); 1985 1986 module_param_named(remove_when_gone, 1987 iwlwifi_mod_params.remove_when_gone, bool, 1988 0444); 1989 MODULE_PARM_DESC(remove_when_gone, 1990 "Remove dev from PCIe bus if it is deemed inaccessible (default: false)"); 1991 1992 module_param_named(disable_11ax, iwlwifi_mod_params.disable_11ax, bool, 1993 S_IRUGO); 1994 MODULE_PARM_DESC(disable_11ax, "Disable HE capabilities (default: false)"); 1995