1 2 /* 3 * Copyright (c) 2011 Atheros Communications Inc. 4 * Copyright (c) 2011-2012 Qualcomm Atheros, Inc. 5 * 6 * Permission to use, copy, modify, and/or distribute this software for any 7 * purpose with or without fee is hereby granted, provided that the above 8 * copyright notice and this permission notice appear in all copies. 9 * 10 * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES 11 * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF 12 * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR 13 * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES 14 * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN 15 * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF 16 * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE. 17 */ 18 19 #define pr_fmt(fmt) KBUILD_MODNAME ": " fmt 20 21 #include <linux/moduleparam.h> 22 #include <linux/errno.h> 23 #include <linux/export.h> 24 #include <linux/of.h> 25 #include <linux/mmc/sdio_func.h> 26 #include <linux/vmalloc.h> 27 28 #include "core.h" 29 #include "cfg80211.h" 30 #include "target.h" 31 #include "debug.h" 32 #include "hif-ops.h" 33 #include "htc-ops.h" 34 35 static const struct ath6kl_hw hw_list[] = { 36 { 37 .id = AR6003_HW_2_0_VERSION, 38 .name = "ar6003 hw 2.0", 39 .dataset_patch_addr = 0x57e884, 40 .app_load_addr = 0x543180, 41 .board_ext_data_addr = 0x57e500, 42 .reserved_ram_size = 6912, 43 .refclk_hz = 26000000, 44 .uarttx_pin = 8, 45 .flags = 0, 46 47 /* hw2.0 needs override address hardcoded */ 48 .app_start_override_addr = 0x944C00, 49 50 .fw = { 51 .dir = AR6003_HW_2_0_FW_DIR, 52 .otp = AR6003_HW_2_0_OTP_FILE, 53 .fw = AR6003_HW_2_0_FIRMWARE_FILE, 54 .tcmd = AR6003_HW_2_0_TCMD_FIRMWARE_FILE, 55 .patch = AR6003_HW_2_0_PATCH_FILE, 56 }, 57 58 .fw_board = AR6003_HW_2_0_BOARD_DATA_FILE, 59 .fw_default_board = AR6003_HW_2_0_DEFAULT_BOARD_DATA_FILE, 60 }, 61 { 62 .id = AR6003_HW_2_1_1_VERSION, 63 .name = "ar6003 hw 2.1.1", 64 .dataset_patch_addr = 0x57ff74, 65 .app_load_addr = 0x1234, 66 .board_ext_data_addr = 0x542330, 67 .reserved_ram_size = 512, 68 .refclk_hz = 26000000, 69 .uarttx_pin = 8, 70 .testscript_addr = 0x57ef74, 71 .flags = 0, 72 73 .fw = { 74 .dir = AR6003_HW_2_1_1_FW_DIR, 75 .otp = AR6003_HW_2_1_1_OTP_FILE, 76 .fw = AR6003_HW_2_1_1_FIRMWARE_FILE, 77 .tcmd = AR6003_HW_2_1_1_TCMD_FIRMWARE_FILE, 78 .patch = AR6003_HW_2_1_1_PATCH_FILE, 79 .utf = AR6003_HW_2_1_1_UTF_FIRMWARE_FILE, 80 .testscript = AR6003_HW_2_1_1_TESTSCRIPT_FILE, 81 }, 82 83 .fw_board = AR6003_HW_2_1_1_BOARD_DATA_FILE, 84 .fw_default_board = AR6003_HW_2_1_1_DEFAULT_BOARD_DATA_FILE, 85 }, 86 { 87 .id = AR6004_HW_1_0_VERSION, 88 .name = "ar6004 hw 1.0", 89 .dataset_patch_addr = 0x57e884, 90 .app_load_addr = 0x1234, 91 .board_ext_data_addr = 0x437000, 92 .reserved_ram_size = 19456, 93 .board_addr = 0x433900, 94 .refclk_hz = 26000000, 95 .uarttx_pin = 11, 96 .flags = ATH6KL_HW_FLAG_64BIT_RATES, 97 98 .fw = { 99 .dir = AR6004_HW_1_0_FW_DIR, 100 .fw = AR6004_HW_1_0_FIRMWARE_FILE, 101 }, 102 103 .fw_board = AR6004_HW_1_0_BOARD_DATA_FILE, 104 .fw_default_board = AR6004_HW_1_0_DEFAULT_BOARD_DATA_FILE, 105 }, 106 { 107 .id = AR6004_HW_1_1_VERSION, 108 .name = "ar6004 hw 1.1", 109 .dataset_patch_addr = 0x57e884, 110 .app_load_addr = 0x1234, 111 .board_ext_data_addr = 0x437000, 112 .reserved_ram_size = 11264, 113 .board_addr = 0x43d400, 114 .refclk_hz = 40000000, 115 .uarttx_pin = 11, 116 .flags = ATH6KL_HW_FLAG_64BIT_RATES, 117 118 .fw = { 119 .dir = AR6004_HW_1_1_FW_DIR, 120 .fw = AR6004_HW_1_1_FIRMWARE_FILE, 121 }, 122 123 .fw_board = AR6004_HW_1_1_BOARD_DATA_FILE, 124 .fw_default_board = AR6004_HW_1_1_DEFAULT_BOARD_DATA_FILE, 125 }, 126 { 127 .id = AR6004_HW_1_2_VERSION, 128 .name = "ar6004 hw 1.2", 129 .dataset_patch_addr = 0x436ecc, 130 .app_load_addr = 0x1234, 131 .board_ext_data_addr = 0x437000, 132 .reserved_ram_size = 9216, 133 .board_addr = 0x435c00, 134 .refclk_hz = 40000000, 135 .uarttx_pin = 11, 136 .flags = ATH6KL_HW_FLAG_64BIT_RATES, 137 138 .fw = { 139 .dir = AR6004_HW_1_2_FW_DIR, 140 .fw = AR6004_HW_1_2_FIRMWARE_FILE, 141 }, 142 .fw_board = AR6004_HW_1_2_BOARD_DATA_FILE, 143 .fw_default_board = AR6004_HW_1_2_DEFAULT_BOARD_DATA_FILE, 144 }, 145 }; 146 147 /* 148 * Include definitions here that can be used to tune the WLAN module 149 * behavior. Different customers can tune the behavior as per their needs, 150 * here. 151 */ 152 153 /* 154 * This configuration item enable/disable keepalive support. 155 * Keepalive support: In the absence of any data traffic to AP, null 156 * frames will be sent to the AP at periodic interval, to keep the association 157 * active. This configuration item defines the periodic interval. 158 * Use value of zero to disable keepalive support 159 * Default: 60 seconds 160 */ 161 #define WLAN_CONFIG_KEEP_ALIVE_INTERVAL 60 162 163 /* 164 * This configuration item sets the value of disconnect timeout 165 * Firmware delays sending the disconnec event to the host for this 166 * timeout after is gets disconnected from the current AP. 167 * If the firmware successly roams within the disconnect timeout 168 * it sends a new connect event 169 */ 170 #define WLAN_CONFIG_DISCONNECT_TIMEOUT 10 171 172 173 #define ATH6KL_DATA_OFFSET 64 174 struct sk_buff *ath6kl_buf_alloc(int size) 175 { 176 struct sk_buff *skb; 177 u16 reserved; 178 179 /* Add chacheline space at front and back of buffer */ 180 reserved = (2 * L1_CACHE_BYTES) + ATH6KL_DATA_OFFSET + 181 sizeof(struct htc_packet) + ATH6KL_HTC_ALIGN_BYTES; 182 skb = dev_alloc_skb(size + reserved); 183 184 if (skb) 185 skb_reserve(skb, reserved - L1_CACHE_BYTES); 186 return skb; 187 } 188 189 void ath6kl_init_profile_info(struct ath6kl_vif *vif) 190 { 191 vif->ssid_len = 0; 192 memset(vif->ssid, 0, sizeof(vif->ssid)); 193 194 vif->dot11_auth_mode = OPEN_AUTH; 195 vif->auth_mode = NONE_AUTH; 196 vif->prwise_crypto = NONE_CRYPT; 197 vif->prwise_crypto_len = 0; 198 vif->grp_crypto = NONE_CRYPT; 199 vif->grp_crypto_len = 0; 200 memset(vif->wep_key_list, 0, sizeof(vif->wep_key_list)); 201 memset(vif->req_bssid, 0, sizeof(vif->req_bssid)); 202 memset(vif->bssid, 0, sizeof(vif->bssid)); 203 vif->bss_ch = 0; 204 } 205 206 static int ath6kl_set_host_app_area(struct ath6kl *ar) 207 { 208 u32 address, data; 209 struct host_app_area host_app_area; 210 211 /* Fetch the address of the host_app_area_s 212 * instance in the host interest area */ 213 address = ath6kl_get_hi_item_addr(ar, HI_ITEM(hi_app_host_interest)); 214 address = TARG_VTOP(ar->target_type, address); 215 216 if (ath6kl_diag_read32(ar, address, &data)) 217 return -EIO; 218 219 address = TARG_VTOP(ar->target_type, data); 220 host_app_area.wmi_protocol_ver = cpu_to_le32(WMI_PROTOCOL_VERSION); 221 if (ath6kl_diag_write(ar, address, (u8 *) &host_app_area, 222 sizeof(struct host_app_area))) 223 return -EIO; 224 225 return 0; 226 } 227 228 static inline void set_ac2_ep_map(struct ath6kl *ar, 229 u8 ac, 230 enum htc_endpoint_id ep) 231 { 232 ar->ac2ep_map[ac] = ep; 233 ar->ep2ac_map[ep] = ac; 234 } 235 236 /* connect to a service */ 237 static int ath6kl_connectservice(struct ath6kl *ar, 238 struct htc_service_connect_req *con_req, 239 char *desc) 240 { 241 int status; 242 struct htc_service_connect_resp response; 243 244 memset(&response, 0, sizeof(response)); 245 246 status = ath6kl_htc_conn_service(ar->htc_target, con_req, &response); 247 if (status) { 248 ath6kl_err("failed to connect to %s service status:%d\n", 249 desc, status); 250 return status; 251 } 252 253 switch (con_req->svc_id) { 254 case WMI_CONTROL_SVC: 255 if (test_bit(WMI_ENABLED, &ar->flag)) 256 ath6kl_wmi_set_control_ep(ar->wmi, response.endpoint); 257 ar->ctrl_ep = response.endpoint; 258 break; 259 case WMI_DATA_BE_SVC: 260 set_ac2_ep_map(ar, WMM_AC_BE, response.endpoint); 261 break; 262 case WMI_DATA_BK_SVC: 263 set_ac2_ep_map(ar, WMM_AC_BK, response.endpoint); 264 break; 265 case WMI_DATA_VI_SVC: 266 set_ac2_ep_map(ar, WMM_AC_VI, response.endpoint); 267 break; 268 case WMI_DATA_VO_SVC: 269 set_ac2_ep_map(ar, WMM_AC_VO, response.endpoint); 270 break; 271 default: 272 ath6kl_err("service id is not mapped %d\n", con_req->svc_id); 273 return -EINVAL; 274 } 275 276 return 0; 277 } 278 279 static int ath6kl_init_service_ep(struct ath6kl *ar) 280 { 281 struct htc_service_connect_req connect; 282 283 memset(&connect, 0, sizeof(connect)); 284 285 /* these fields are the same for all service endpoints */ 286 connect.ep_cb.tx_comp_multi = ath6kl_tx_complete; 287 connect.ep_cb.rx = ath6kl_rx; 288 connect.ep_cb.rx_refill = ath6kl_rx_refill; 289 connect.ep_cb.tx_full = ath6kl_tx_queue_full; 290 291 /* 292 * Set the max queue depth so that our ath6kl_tx_queue_full handler 293 * gets called. 294 */ 295 connect.max_txq_depth = MAX_DEFAULT_SEND_QUEUE_DEPTH; 296 connect.ep_cb.rx_refill_thresh = ATH6KL_MAX_RX_BUFFERS / 4; 297 if (!connect.ep_cb.rx_refill_thresh) 298 connect.ep_cb.rx_refill_thresh++; 299 300 /* connect to control service */ 301 connect.svc_id = WMI_CONTROL_SVC; 302 if (ath6kl_connectservice(ar, &connect, "WMI CONTROL")) 303 return -EIO; 304 305 connect.flags |= HTC_FLGS_TX_BNDL_PAD_EN; 306 307 /* 308 * Limit the HTC message size on the send path, although e can 309 * receive A-MSDU frames of 4K, we will only send ethernet-sized 310 * (802.3) frames on the send path. 311 */ 312 connect.max_rxmsg_sz = WMI_MAX_TX_DATA_FRAME_LENGTH; 313 314 /* 315 * To reduce the amount of committed memory for larger A_MSDU 316 * frames, use the recv-alloc threshold mechanism for larger 317 * packets. 318 */ 319 connect.ep_cb.rx_alloc_thresh = ATH6KL_BUFFER_SIZE; 320 connect.ep_cb.rx_allocthresh = ath6kl_alloc_amsdu_rxbuf; 321 322 /* 323 * For the remaining data services set the connection flag to 324 * reduce dribbling, if configured to do so. 325 */ 326 connect.conn_flags |= HTC_CONN_FLGS_REDUCE_CRED_DRIB; 327 connect.conn_flags &= ~HTC_CONN_FLGS_THRESH_MASK; 328 connect.conn_flags |= HTC_CONN_FLGS_THRESH_LVL_HALF; 329 330 connect.svc_id = WMI_DATA_BE_SVC; 331 332 if (ath6kl_connectservice(ar, &connect, "WMI DATA BE")) 333 return -EIO; 334 335 /* connect to back-ground map this to WMI LOW_PRI */ 336 connect.svc_id = WMI_DATA_BK_SVC; 337 if (ath6kl_connectservice(ar, &connect, "WMI DATA BK")) 338 return -EIO; 339 340 /* connect to Video service, map this to to HI PRI */ 341 connect.svc_id = WMI_DATA_VI_SVC; 342 if (ath6kl_connectservice(ar, &connect, "WMI DATA VI")) 343 return -EIO; 344 345 /* 346 * Connect to VO service, this is currently not mapped to a WMI 347 * priority stream due to historical reasons. WMI originally 348 * defined 3 priorities over 3 mailboxes We can change this when 349 * WMI is reworked so that priorities are not dependent on 350 * mailboxes. 351 */ 352 connect.svc_id = WMI_DATA_VO_SVC; 353 if (ath6kl_connectservice(ar, &connect, "WMI DATA VO")) 354 return -EIO; 355 356 return 0; 357 } 358 359 void ath6kl_init_control_info(struct ath6kl_vif *vif) 360 { 361 ath6kl_init_profile_info(vif); 362 vif->def_txkey_index = 0; 363 memset(vif->wep_key_list, 0, sizeof(vif->wep_key_list)); 364 vif->ch_hint = 0; 365 } 366 367 /* 368 * Set HTC/Mbox operational parameters, this can only be called when the 369 * target is in the BMI phase. 370 */ 371 static int ath6kl_set_htc_params(struct ath6kl *ar, u32 mbox_isr_yield_val, 372 u8 htc_ctrl_buf) 373 { 374 int status; 375 u32 blk_size; 376 377 blk_size = ar->mbox_info.block_size; 378 379 if (htc_ctrl_buf) 380 blk_size |= ((u32)htc_ctrl_buf) << 16; 381 382 /* set the host interest area for the block size */ 383 status = ath6kl_bmi_write_hi32(ar, hi_mbox_io_block_sz, blk_size); 384 if (status) { 385 ath6kl_err("bmi_write_memory for IO block size failed\n"); 386 goto out; 387 } 388 389 ath6kl_dbg(ATH6KL_DBG_TRC, "block size set: %d (target addr:0x%X)\n", 390 blk_size, 391 ath6kl_get_hi_item_addr(ar, HI_ITEM(hi_mbox_io_block_sz))); 392 393 if (mbox_isr_yield_val) { 394 /* set the host interest area for the mbox ISR yield limit */ 395 status = ath6kl_bmi_write_hi32(ar, hi_mbox_isr_yield_limit, 396 mbox_isr_yield_val); 397 if (status) { 398 ath6kl_err("bmi_write_memory for yield limit failed\n"); 399 goto out; 400 } 401 } 402 403 out: 404 return status; 405 } 406 407 static int ath6kl_target_config_wlan_params(struct ath6kl *ar, int idx) 408 { 409 int ret; 410 411 /* 412 * Configure the device for rx dot11 header rules. "0,0" are the 413 * default values. Required if checksum offload is needed. Set 414 * RxMetaVersion to 2. 415 */ 416 ret = ath6kl_wmi_set_rx_frame_format_cmd(ar->wmi, idx, 417 ar->rx_meta_ver, 0, 0); 418 if (ret) { 419 ath6kl_err("unable to set the rx frame format: %d\n", ret); 420 return ret; 421 } 422 423 if (ar->conf_flags & ATH6KL_CONF_IGNORE_PS_FAIL_EVT_IN_SCAN) { 424 ret = ath6kl_wmi_pmparams_cmd(ar->wmi, idx, 0, 1, 0, 0, 1, 425 IGNORE_PS_FAIL_DURING_SCAN); 426 if (ret) { 427 ath6kl_err("unable to set power save fail event policy: %d\n", 428 ret); 429 return ret; 430 } 431 } 432 433 if (!(ar->conf_flags & ATH6KL_CONF_IGNORE_ERP_BARKER)) { 434 ret = ath6kl_wmi_set_lpreamble_cmd(ar->wmi, idx, 0, 435 WMI_FOLLOW_BARKER_IN_ERP); 436 if (ret) { 437 ath6kl_err("unable to set barker preamble policy: %d\n", 438 ret); 439 return ret; 440 } 441 } 442 443 ret = ath6kl_wmi_set_keepalive_cmd(ar->wmi, idx, 444 WLAN_CONFIG_KEEP_ALIVE_INTERVAL); 445 if (ret) { 446 ath6kl_err("unable to set keep alive interval: %d\n", ret); 447 return ret; 448 } 449 450 ret = ath6kl_wmi_disctimeout_cmd(ar->wmi, idx, 451 WLAN_CONFIG_DISCONNECT_TIMEOUT); 452 if (ret) { 453 ath6kl_err("unable to set disconnect timeout: %d\n", ret); 454 return ret; 455 } 456 457 if (!(ar->conf_flags & ATH6KL_CONF_ENABLE_TX_BURST)) { 458 ret = ath6kl_wmi_set_wmm_txop(ar->wmi, idx, WMI_TXOP_DISABLED); 459 if (ret) { 460 ath6kl_err("unable to set txop bursting: %d\n", ret); 461 return ret; 462 } 463 } 464 465 if (ar->p2p && (ar->vif_max == 1 || idx)) { 466 ret = ath6kl_wmi_info_req_cmd(ar->wmi, idx, 467 P2P_FLAG_CAPABILITIES_REQ | 468 P2P_FLAG_MACADDR_REQ | 469 P2P_FLAG_HMODEL_REQ); 470 if (ret) { 471 ath6kl_dbg(ATH6KL_DBG_TRC, 472 "failed to request P2P capabilities (%d) - assuming P2P not supported\n", 473 ret); 474 ar->p2p = false; 475 } 476 } 477 478 if (ar->p2p && (ar->vif_max == 1 || idx)) { 479 /* Enable Probe Request reporting for P2P */ 480 ret = ath6kl_wmi_probe_report_req_cmd(ar->wmi, idx, true); 481 if (ret) { 482 ath6kl_dbg(ATH6KL_DBG_TRC, 483 "failed to enable Probe Request reporting (%d)\n", 484 ret); 485 } 486 } 487 488 return ret; 489 } 490 491 int ath6kl_configure_target(struct ath6kl *ar) 492 { 493 u32 param, ram_reserved_size; 494 u8 fw_iftype, fw_mode = 0, fw_submode = 0; 495 int i, status; 496 497 param = !!(ar->conf_flags & ATH6KL_CONF_UART_DEBUG); 498 if (ath6kl_bmi_write_hi32(ar, hi_serial_enable, param)) { 499 ath6kl_err("bmi_write_memory for uart debug failed\n"); 500 return -EIO; 501 } 502 503 /* 504 * Note: Even though the firmware interface type is 505 * chosen as BSS_STA for all three interfaces, can 506 * be configured to IBSS/AP as long as the fw submode 507 * remains normal mode (0 - AP, STA and IBSS). But 508 * due to an target assert in firmware only one interface is 509 * configured for now. 510 */ 511 fw_iftype = HI_OPTION_FW_MODE_BSS_STA; 512 513 for (i = 0; i < ar->vif_max; i++) 514 fw_mode |= fw_iftype << (i * HI_OPTION_FW_MODE_BITS); 515 516 /* 517 * Submodes when fw does not support dynamic interface 518 * switching: 519 * vif[0] - AP/STA/IBSS 520 * vif[1] - "P2P dev"/"P2P GO"/"P2P Client" 521 * vif[2] - "P2P dev"/"P2P GO"/"P2P Client" 522 * Otherwise, All the interface are initialized to p2p dev. 523 */ 524 525 if (test_bit(ATH6KL_FW_CAPABILITY_STA_P2PDEV_DUPLEX, 526 ar->fw_capabilities)) { 527 for (i = 0; i < ar->vif_max; i++) 528 fw_submode |= HI_OPTION_FW_SUBMODE_P2PDEV << 529 (i * HI_OPTION_FW_SUBMODE_BITS); 530 } else { 531 for (i = 0; i < ar->max_norm_iface; i++) 532 fw_submode |= HI_OPTION_FW_SUBMODE_NONE << 533 (i * HI_OPTION_FW_SUBMODE_BITS); 534 535 for (i = ar->max_norm_iface; i < ar->vif_max; i++) 536 fw_submode |= HI_OPTION_FW_SUBMODE_P2PDEV << 537 (i * HI_OPTION_FW_SUBMODE_BITS); 538 539 if (ar->p2p && ar->vif_max == 1) 540 fw_submode = HI_OPTION_FW_SUBMODE_P2PDEV; 541 } 542 543 if (ath6kl_bmi_write_hi32(ar, hi_app_host_interest, 544 HTC_PROTOCOL_VERSION) != 0) { 545 ath6kl_err("bmi_write_memory for htc version failed\n"); 546 return -EIO; 547 } 548 549 /* set the firmware mode to STA/IBSS/AP */ 550 param = 0; 551 552 if (ath6kl_bmi_read_hi32(ar, hi_option_flag, ¶m) != 0) { 553 ath6kl_err("bmi_read_memory for setting fwmode failed\n"); 554 return -EIO; 555 } 556 557 param |= (ar->vif_max << HI_OPTION_NUM_DEV_SHIFT); 558 param |= fw_mode << HI_OPTION_FW_MODE_SHIFT; 559 param |= fw_submode << HI_OPTION_FW_SUBMODE_SHIFT; 560 561 param |= (0 << HI_OPTION_MAC_ADDR_METHOD_SHIFT); 562 param |= (0 << HI_OPTION_FW_BRIDGE_SHIFT); 563 564 if (ath6kl_bmi_write_hi32(ar, hi_option_flag, param) != 0) { 565 ath6kl_err("bmi_write_memory for setting fwmode failed\n"); 566 return -EIO; 567 } 568 569 ath6kl_dbg(ATH6KL_DBG_TRC, "firmware mode set\n"); 570 571 /* 572 * Hardcode the address use for the extended board data 573 * Ideally this should be pre-allocate by the OS at boot time 574 * But since it is a new feature and board data is loaded 575 * at init time, we have to workaround this from host. 576 * It is difficult to patch the firmware boot code, 577 * but possible in theory. 578 */ 579 580 if (ar->target_type == TARGET_TYPE_AR6003) { 581 param = ar->hw.board_ext_data_addr; 582 ram_reserved_size = ar->hw.reserved_ram_size; 583 584 if (ath6kl_bmi_write_hi32(ar, hi_board_ext_data, param) != 0) { 585 ath6kl_err("bmi_write_memory for hi_board_ext_data failed\n"); 586 return -EIO; 587 } 588 589 if (ath6kl_bmi_write_hi32(ar, hi_end_ram_reserve_sz, 590 ram_reserved_size) != 0) { 591 ath6kl_err("bmi_write_memory for hi_end_ram_reserve_sz failed\n"); 592 return -EIO; 593 } 594 } 595 596 /* set the block size for the target */ 597 if (ath6kl_set_htc_params(ar, MBOX_YIELD_LIMIT, 0)) 598 /* use default number of control buffers */ 599 return -EIO; 600 601 /* Configure GPIO AR600x UART */ 602 status = ath6kl_bmi_write_hi32(ar, hi_dbg_uart_txpin, 603 ar->hw.uarttx_pin); 604 if (status) 605 return status; 606 607 /* Configure target refclk_hz */ 608 status = ath6kl_bmi_write_hi32(ar, hi_refclk_hz, ar->hw.refclk_hz); 609 if (status) 610 return status; 611 612 return 0; 613 } 614 615 /* firmware upload */ 616 static int ath6kl_get_fw(struct ath6kl *ar, const char *filename, 617 u8 **fw, size_t *fw_len) 618 { 619 const struct firmware *fw_entry; 620 int ret; 621 622 ret = request_firmware(&fw_entry, filename, ar->dev); 623 if (ret) 624 return ret; 625 626 *fw_len = fw_entry->size; 627 *fw = kmemdup(fw_entry->data, fw_entry->size, GFP_KERNEL); 628 629 if (*fw == NULL) 630 ret = -ENOMEM; 631 632 release_firmware(fw_entry); 633 634 return ret; 635 } 636 637 #ifdef CONFIG_OF 638 /* 639 * Check the device tree for a board-id and use it to construct 640 * the pathname to the firmware file. Used (for now) to find a 641 * fallback to the "bdata.bin" file--typically a symlink to the 642 * appropriate board-specific file. 643 */ 644 static bool check_device_tree(struct ath6kl *ar) 645 { 646 static const char *board_id_prop = "atheros,board-id"; 647 struct device_node *node; 648 char board_filename[64]; 649 const char *board_id; 650 int ret; 651 652 for_each_compatible_node(node, NULL, "atheros,ath6kl") { 653 board_id = of_get_property(node, board_id_prop, NULL); 654 if (board_id == NULL) { 655 ath6kl_warn("No \"%s\" property on %s node.\n", 656 board_id_prop, node->name); 657 continue; 658 } 659 snprintf(board_filename, sizeof(board_filename), 660 "%s/bdata.%s.bin", ar->hw.fw.dir, board_id); 661 662 ret = ath6kl_get_fw(ar, board_filename, &ar->fw_board, 663 &ar->fw_board_len); 664 if (ret) { 665 ath6kl_err("Failed to get DT board file %s: %d\n", 666 board_filename, ret); 667 continue; 668 } 669 return true; 670 } 671 return false; 672 } 673 #else 674 static bool check_device_tree(struct ath6kl *ar) 675 { 676 return false; 677 } 678 #endif /* CONFIG_OF */ 679 680 static int ath6kl_fetch_board_file(struct ath6kl *ar) 681 { 682 const char *filename; 683 int ret; 684 685 if (ar->fw_board != NULL) 686 return 0; 687 688 if (WARN_ON(ar->hw.fw_board == NULL)) 689 return -EINVAL; 690 691 filename = ar->hw.fw_board; 692 693 ret = ath6kl_get_fw(ar, filename, &ar->fw_board, 694 &ar->fw_board_len); 695 if (ret == 0) { 696 /* managed to get proper board file */ 697 return 0; 698 } 699 700 if (check_device_tree(ar)) { 701 /* got board file from device tree */ 702 return 0; 703 } 704 705 /* there was no proper board file, try to use default instead */ 706 ath6kl_warn("Failed to get board file %s (%d), trying to find default board file.\n", 707 filename, ret); 708 709 filename = ar->hw.fw_default_board; 710 711 ret = ath6kl_get_fw(ar, filename, &ar->fw_board, 712 &ar->fw_board_len); 713 if (ret) { 714 ath6kl_err("Failed to get default board file %s: %d\n", 715 filename, ret); 716 return ret; 717 } 718 719 ath6kl_warn("WARNING! No proper board file was not found, instead using a default board file.\n"); 720 ath6kl_warn("Most likely your hardware won't work as specified. Install correct board file!\n"); 721 722 return 0; 723 } 724 725 static int ath6kl_fetch_otp_file(struct ath6kl *ar) 726 { 727 char filename[100]; 728 int ret; 729 730 if (ar->fw_otp != NULL) 731 return 0; 732 733 if (ar->hw.fw.otp == NULL) { 734 ath6kl_dbg(ATH6KL_DBG_BOOT, 735 "no OTP file configured for this hw\n"); 736 return 0; 737 } 738 739 snprintf(filename, sizeof(filename), "%s/%s", 740 ar->hw.fw.dir, ar->hw.fw.otp); 741 742 ret = ath6kl_get_fw(ar, filename, &ar->fw_otp, 743 &ar->fw_otp_len); 744 if (ret) { 745 ath6kl_err("Failed to get OTP file %s: %d\n", 746 filename, ret); 747 return ret; 748 } 749 750 return 0; 751 } 752 753 static int ath6kl_fetch_testmode_file(struct ath6kl *ar) 754 { 755 char filename[100]; 756 int ret; 757 758 if (ar->testmode == 0) 759 return 0; 760 761 ath6kl_dbg(ATH6KL_DBG_BOOT, "testmode %d\n", ar->testmode); 762 763 if (ar->testmode == 2) { 764 if (ar->hw.fw.utf == NULL) { 765 ath6kl_warn("testmode 2 not supported\n"); 766 return -EOPNOTSUPP; 767 } 768 769 snprintf(filename, sizeof(filename), "%s/%s", 770 ar->hw.fw.dir, ar->hw.fw.utf); 771 } else { 772 if (ar->hw.fw.tcmd == NULL) { 773 ath6kl_warn("testmode 1 not supported\n"); 774 return -EOPNOTSUPP; 775 } 776 777 snprintf(filename, sizeof(filename), "%s/%s", 778 ar->hw.fw.dir, ar->hw.fw.tcmd); 779 } 780 781 set_bit(TESTMODE, &ar->flag); 782 783 ret = ath6kl_get_fw(ar, filename, &ar->fw, &ar->fw_len); 784 if (ret) { 785 ath6kl_err("Failed to get testmode %d firmware file %s: %d\n", 786 ar->testmode, filename, ret); 787 return ret; 788 } 789 790 return 0; 791 } 792 793 static int ath6kl_fetch_fw_file(struct ath6kl *ar) 794 { 795 char filename[100]; 796 int ret; 797 798 if (ar->fw != NULL) 799 return 0; 800 801 /* FIXME: remove WARN_ON() as we won't support FW API 1 for long */ 802 if (WARN_ON(ar->hw.fw.fw == NULL)) 803 return -EINVAL; 804 805 snprintf(filename, sizeof(filename), "%s/%s", 806 ar->hw.fw.dir, ar->hw.fw.fw); 807 808 ret = ath6kl_get_fw(ar, filename, &ar->fw, &ar->fw_len); 809 if (ret) { 810 ath6kl_err("Failed to get firmware file %s: %d\n", 811 filename, ret); 812 return ret; 813 } 814 815 return 0; 816 } 817 818 static int ath6kl_fetch_patch_file(struct ath6kl *ar) 819 { 820 char filename[100]; 821 int ret; 822 823 if (ar->fw_patch != NULL) 824 return 0; 825 826 if (ar->hw.fw.patch == NULL) 827 return 0; 828 829 snprintf(filename, sizeof(filename), "%s/%s", 830 ar->hw.fw.dir, ar->hw.fw.patch); 831 832 ret = ath6kl_get_fw(ar, filename, &ar->fw_patch, 833 &ar->fw_patch_len); 834 if (ret) { 835 ath6kl_err("Failed to get patch file %s: %d\n", 836 filename, ret); 837 return ret; 838 } 839 840 return 0; 841 } 842 843 static int ath6kl_fetch_testscript_file(struct ath6kl *ar) 844 { 845 char filename[100]; 846 int ret; 847 848 if (ar->testmode != 2) 849 return 0; 850 851 if (ar->fw_testscript != NULL) 852 return 0; 853 854 if (ar->hw.fw.testscript == NULL) 855 return 0; 856 857 snprintf(filename, sizeof(filename), "%s/%s", 858 ar->hw.fw.dir, ar->hw.fw.testscript); 859 860 ret = ath6kl_get_fw(ar, filename, &ar->fw_testscript, 861 &ar->fw_testscript_len); 862 if (ret) { 863 ath6kl_err("Failed to get testscript file %s: %d\n", 864 filename, ret); 865 return ret; 866 } 867 868 return 0; 869 } 870 871 static int ath6kl_fetch_fw_api1(struct ath6kl *ar) 872 { 873 int ret; 874 875 ret = ath6kl_fetch_otp_file(ar); 876 if (ret) 877 return ret; 878 879 ret = ath6kl_fetch_fw_file(ar); 880 if (ret) 881 return ret; 882 883 ret = ath6kl_fetch_patch_file(ar); 884 if (ret) 885 return ret; 886 887 ret = ath6kl_fetch_testscript_file(ar); 888 if (ret) 889 return ret; 890 891 return 0; 892 } 893 894 static int ath6kl_fetch_fw_apin(struct ath6kl *ar, const char *name) 895 { 896 size_t magic_len, len, ie_len; 897 const struct firmware *fw; 898 struct ath6kl_fw_ie *hdr; 899 char filename[100]; 900 const u8 *data; 901 int ret, ie_id, i, index, bit; 902 __le32 *val; 903 904 snprintf(filename, sizeof(filename), "%s/%s", ar->hw.fw.dir, name); 905 906 ret = request_firmware(&fw, filename, ar->dev); 907 if (ret) 908 return ret; 909 910 data = fw->data; 911 len = fw->size; 912 913 /* magic also includes the null byte, check that as well */ 914 magic_len = strlen(ATH6KL_FIRMWARE_MAGIC) + 1; 915 916 if (len < magic_len) { 917 ret = -EINVAL; 918 goto out; 919 } 920 921 if (memcmp(data, ATH6KL_FIRMWARE_MAGIC, magic_len) != 0) { 922 ret = -EINVAL; 923 goto out; 924 } 925 926 len -= magic_len; 927 data += magic_len; 928 929 /* loop elements */ 930 while (len > sizeof(struct ath6kl_fw_ie)) { 931 /* hdr is unaligned! */ 932 hdr = (struct ath6kl_fw_ie *) data; 933 934 ie_id = le32_to_cpup(&hdr->id); 935 ie_len = le32_to_cpup(&hdr->len); 936 937 len -= sizeof(*hdr); 938 data += sizeof(*hdr); 939 940 if (len < ie_len) { 941 ret = -EINVAL; 942 goto out; 943 } 944 945 switch (ie_id) { 946 case ATH6KL_FW_IE_FW_VERSION: 947 strlcpy(ar->wiphy->fw_version, data, 948 sizeof(ar->wiphy->fw_version)); 949 950 ath6kl_dbg(ATH6KL_DBG_BOOT, 951 "found fw version %s\n", 952 ar->wiphy->fw_version); 953 break; 954 case ATH6KL_FW_IE_OTP_IMAGE: 955 ath6kl_dbg(ATH6KL_DBG_BOOT, "found otp image ie (%zd B)\n", 956 ie_len); 957 958 ar->fw_otp = kmemdup(data, ie_len, GFP_KERNEL); 959 960 if (ar->fw_otp == NULL) { 961 ret = -ENOMEM; 962 goto out; 963 } 964 965 ar->fw_otp_len = ie_len; 966 break; 967 case ATH6KL_FW_IE_FW_IMAGE: 968 ath6kl_dbg(ATH6KL_DBG_BOOT, "found fw image ie (%zd B)\n", 969 ie_len); 970 971 /* in testmode we already might have a fw file */ 972 if (ar->fw != NULL) 973 break; 974 975 ar->fw = vmalloc(ie_len); 976 977 if (ar->fw == NULL) { 978 ret = -ENOMEM; 979 goto out; 980 } 981 982 memcpy(ar->fw, data, ie_len); 983 ar->fw_len = ie_len; 984 break; 985 case ATH6KL_FW_IE_PATCH_IMAGE: 986 ath6kl_dbg(ATH6KL_DBG_BOOT, "found patch image ie (%zd B)\n", 987 ie_len); 988 989 ar->fw_patch = kmemdup(data, ie_len, GFP_KERNEL); 990 991 if (ar->fw_patch == NULL) { 992 ret = -ENOMEM; 993 goto out; 994 } 995 996 ar->fw_patch_len = ie_len; 997 break; 998 case ATH6KL_FW_IE_RESERVED_RAM_SIZE: 999 val = (__le32 *) data; 1000 ar->hw.reserved_ram_size = le32_to_cpup(val); 1001 1002 ath6kl_dbg(ATH6KL_DBG_BOOT, 1003 "found reserved ram size ie 0x%d\n", 1004 ar->hw.reserved_ram_size); 1005 break; 1006 case ATH6KL_FW_IE_CAPABILITIES: 1007 ath6kl_dbg(ATH6KL_DBG_BOOT, 1008 "found firmware capabilities ie (%zd B)\n", 1009 ie_len); 1010 1011 for (i = 0; i < ATH6KL_FW_CAPABILITY_MAX; i++) { 1012 index = i / 8; 1013 bit = i % 8; 1014 1015 if (index == ie_len) 1016 break; 1017 1018 if (data[index] & (1 << bit)) 1019 __set_bit(i, ar->fw_capabilities); 1020 } 1021 1022 ath6kl_dbg_dump(ATH6KL_DBG_BOOT, "capabilities", "", 1023 ar->fw_capabilities, 1024 sizeof(ar->fw_capabilities)); 1025 break; 1026 case ATH6KL_FW_IE_PATCH_ADDR: 1027 if (ie_len != sizeof(*val)) 1028 break; 1029 1030 val = (__le32 *) data; 1031 ar->hw.dataset_patch_addr = le32_to_cpup(val); 1032 1033 ath6kl_dbg(ATH6KL_DBG_BOOT, 1034 "found patch address ie 0x%x\n", 1035 ar->hw.dataset_patch_addr); 1036 break; 1037 case ATH6KL_FW_IE_BOARD_ADDR: 1038 if (ie_len != sizeof(*val)) 1039 break; 1040 1041 val = (__le32 *) data; 1042 ar->hw.board_addr = le32_to_cpup(val); 1043 1044 ath6kl_dbg(ATH6KL_DBG_BOOT, 1045 "found board address ie 0x%x\n", 1046 ar->hw.board_addr); 1047 break; 1048 case ATH6KL_FW_IE_VIF_MAX: 1049 if (ie_len != sizeof(*val)) 1050 break; 1051 1052 val = (__le32 *) data; 1053 ar->vif_max = min_t(unsigned int, le32_to_cpup(val), 1054 ATH6KL_VIF_MAX); 1055 1056 if (ar->vif_max > 1 && !ar->p2p) 1057 ar->max_norm_iface = 2; 1058 1059 ath6kl_dbg(ATH6KL_DBG_BOOT, 1060 "found vif max ie %d\n", ar->vif_max); 1061 break; 1062 default: 1063 ath6kl_dbg(ATH6KL_DBG_BOOT, "Unknown fw ie: %u\n", 1064 le32_to_cpup(&hdr->id)); 1065 break; 1066 } 1067 1068 len -= ie_len; 1069 data += ie_len; 1070 }; 1071 1072 ret = 0; 1073 out: 1074 release_firmware(fw); 1075 1076 return ret; 1077 } 1078 1079 int ath6kl_init_fetch_firmwares(struct ath6kl *ar) 1080 { 1081 int ret; 1082 1083 ret = ath6kl_fetch_board_file(ar); 1084 if (ret) 1085 return ret; 1086 1087 ret = ath6kl_fetch_testmode_file(ar); 1088 if (ret) 1089 return ret; 1090 1091 ret = ath6kl_fetch_fw_apin(ar, ATH6KL_FW_API3_FILE); 1092 if (ret == 0) { 1093 ar->fw_api = 3; 1094 goto out; 1095 } 1096 1097 ret = ath6kl_fetch_fw_apin(ar, ATH6KL_FW_API2_FILE); 1098 if (ret == 0) { 1099 ar->fw_api = 2; 1100 goto out; 1101 } 1102 1103 ret = ath6kl_fetch_fw_api1(ar); 1104 if (ret) 1105 return ret; 1106 1107 ar->fw_api = 1; 1108 1109 out: 1110 ath6kl_dbg(ATH6KL_DBG_BOOT, "using fw api %d\n", ar->fw_api); 1111 1112 return 0; 1113 } 1114 1115 static int ath6kl_upload_board_file(struct ath6kl *ar) 1116 { 1117 u32 board_address, board_ext_address, param; 1118 u32 board_data_size, board_ext_data_size; 1119 int ret; 1120 1121 if (WARN_ON(ar->fw_board == NULL)) 1122 return -ENOENT; 1123 1124 /* 1125 * Determine where in Target RAM to write Board Data. 1126 * For AR6004, host determine Target RAM address for 1127 * writing board data. 1128 */ 1129 if (ar->hw.board_addr != 0) { 1130 board_address = ar->hw.board_addr; 1131 ath6kl_bmi_write_hi32(ar, hi_board_data, 1132 board_address); 1133 } else { 1134 ath6kl_bmi_read_hi32(ar, hi_board_data, &board_address); 1135 } 1136 1137 /* determine where in target ram to write extended board data */ 1138 ath6kl_bmi_read_hi32(ar, hi_board_ext_data, &board_ext_address); 1139 1140 if (ar->target_type == TARGET_TYPE_AR6003 && 1141 board_ext_address == 0) { 1142 ath6kl_err("Failed to get board file target address.\n"); 1143 return -EINVAL; 1144 } 1145 1146 switch (ar->target_type) { 1147 case TARGET_TYPE_AR6003: 1148 board_data_size = AR6003_BOARD_DATA_SZ; 1149 board_ext_data_size = AR6003_BOARD_EXT_DATA_SZ; 1150 if (ar->fw_board_len > (board_data_size + board_ext_data_size)) 1151 board_ext_data_size = AR6003_BOARD_EXT_DATA_SZ_V2; 1152 break; 1153 case TARGET_TYPE_AR6004: 1154 board_data_size = AR6004_BOARD_DATA_SZ; 1155 board_ext_data_size = AR6004_BOARD_EXT_DATA_SZ; 1156 break; 1157 default: 1158 WARN_ON(1); 1159 return -EINVAL; 1160 break; 1161 } 1162 1163 if (board_ext_address && 1164 ar->fw_board_len == (board_data_size + board_ext_data_size)) { 1165 1166 /* write extended board data */ 1167 ath6kl_dbg(ATH6KL_DBG_BOOT, 1168 "writing extended board data to 0x%x (%d B)\n", 1169 board_ext_address, board_ext_data_size); 1170 1171 ret = ath6kl_bmi_write(ar, board_ext_address, 1172 ar->fw_board + board_data_size, 1173 board_ext_data_size); 1174 if (ret) { 1175 ath6kl_err("Failed to write extended board data: %d\n", 1176 ret); 1177 return ret; 1178 } 1179 1180 /* record that extended board data is initialized */ 1181 param = (board_ext_data_size << 16) | 1; 1182 1183 ath6kl_bmi_write_hi32(ar, hi_board_ext_data_config, param); 1184 } 1185 1186 if (ar->fw_board_len < board_data_size) { 1187 ath6kl_err("Too small board file: %zu\n", ar->fw_board_len); 1188 ret = -EINVAL; 1189 return ret; 1190 } 1191 1192 ath6kl_dbg(ATH6KL_DBG_BOOT, "writing board file to 0x%x (%d B)\n", 1193 board_address, board_data_size); 1194 1195 ret = ath6kl_bmi_write(ar, board_address, ar->fw_board, 1196 board_data_size); 1197 1198 if (ret) { 1199 ath6kl_err("Board file bmi write failed: %d\n", ret); 1200 return ret; 1201 } 1202 1203 /* record the fact that Board Data IS initialized */ 1204 ath6kl_bmi_write_hi32(ar, hi_board_data_initialized, 1); 1205 1206 return ret; 1207 } 1208 1209 static int ath6kl_upload_otp(struct ath6kl *ar) 1210 { 1211 u32 address, param; 1212 bool from_hw = false; 1213 int ret; 1214 1215 if (ar->fw_otp == NULL) 1216 return 0; 1217 1218 address = ar->hw.app_load_addr; 1219 1220 ath6kl_dbg(ATH6KL_DBG_BOOT, "writing otp to 0x%x (%zd B)\n", address, 1221 ar->fw_otp_len); 1222 1223 ret = ath6kl_bmi_fast_download(ar, address, ar->fw_otp, 1224 ar->fw_otp_len); 1225 if (ret) { 1226 ath6kl_err("Failed to upload OTP file: %d\n", ret); 1227 return ret; 1228 } 1229 1230 /* read firmware start address */ 1231 ret = ath6kl_bmi_read_hi32(ar, hi_app_start, &address); 1232 1233 if (ret) { 1234 ath6kl_err("Failed to read hi_app_start: %d\n", ret); 1235 return ret; 1236 } 1237 1238 if (ar->hw.app_start_override_addr == 0) { 1239 ar->hw.app_start_override_addr = address; 1240 from_hw = true; 1241 } 1242 1243 ath6kl_dbg(ATH6KL_DBG_BOOT, "app_start_override_addr%s 0x%x\n", 1244 from_hw ? " (from hw)" : "", 1245 ar->hw.app_start_override_addr); 1246 1247 /* execute the OTP code */ 1248 ath6kl_dbg(ATH6KL_DBG_BOOT, "executing OTP at 0x%x\n", 1249 ar->hw.app_start_override_addr); 1250 param = 0; 1251 ath6kl_bmi_execute(ar, ar->hw.app_start_override_addr, ¶m); 1252 1253 return ret; 1254 } 1255 1256 static int ath6kl_upload_firmware(struct ath6kl *ar) 1257 { 1258 u32 address; 1259 int ret; 1260 1261 if (WARN_ON(ar->fw == NULL)) 1262 return 0; 1263 1264 address = ar->hw.app_load_addr; 1265 1266 ath6kl_dbg(ATH6KL_DBG_BOOT, "writing firmware to 0x%x (%zd B)\n", 1267 address, ar->fw_len); 1268 1269 ret = ath6kl_bmi_fast_download(ar, address, ar->fw, ar->fw_len); 1270 1271 if (ret) { 1272 ath6kl_err("Failed to write firmware: %d\n", ret); 1273 return ret; 1274 } 1275 1276 /* 1277 * Set starting address for firmware 1278 * Don't need to setup app_start override addr on AR6004 1279 */ 1280 if (ar->target_type != TARGET_TYPE_AR6004) { 1281 address = ar->hw.app_start_override_addr; 1282 ath6kl_bmi_set_app_start(ar, address); 1283 } 1284 return ret; 1285 } 1286 1287 static int ath6kl_upload_patch(struct ath6kl *ar) 1288 { 1289 u32 address; 1290 int ret; 1291 1292 if (ar->fw_patch == NULL) 1293 return 0; 1294 1295 address = ar->hw.dataset_patch_addr; 1296 1297 ath6kl_dbg(ATH6KL_DBG_BOOT, "writing patch to 0x%x (%zd B)\n", 1298 address, ar->fw_patch_len); 1299 1300 ret = ath6kl_bmi_write(ar, address, ar->fw_patch, ar->fw_patch_len); 1301 if (ret) { 1302 ath6kl_err("Failed to write patch file: %d\n", ret); 1303 return ret; 1304 } 1305 1306 ath6kl_bmi_write_hi32(ar, hi_dset_list_head, address); 1307 1308 return 0; 1309 } 1310 1311 static int ath6kl_upload_testscript(struct ath6kl *ar) 1312 { 1313 u32 address; 1314 int ret; 1315 1316 if (ar->testmode != 2) 1317 return 0; 1318 1319 if (ar->fw_testscript == NULL) 1320 return 0; 1321 1322 address = ar->hw.testscript_addr; 1323 1324 ath6kl_dbg(ATH6KL_DBG_BOOT, "writing testscript to 0x%x (%zd B)\n", 1325 address, ar->fw_testscript_len); 1326 1327 ret = ath6kl_bmi_write(ar, address, ar->fw_testscript, 1328 ar->fw_testscript_len); 1329 if (ret) { 1330 ath6kl_err("Failed to write testscript file: %d\n", ret); 1331 return ret; 1332 } 1333 1334 ath6kl_bmi_write_hi32(ar, hi_ota_testscript, address); 1335 ath6kl_bmi_write_hi32(ar, hi_end_ram_reserve_sz, 4096); 1336 ath6kl_bmi_write_hi32(ar, hi_test_apps_related, 1); 1337 1338 return 0; 1339 } 1340 1341 static int ath6kl_init_upload(struct ath6kl *ar) 1342 { 1343 u32 param, options, sleep, address; 1344 int status = 0; 1345 1346 if (ar->target_type != TARGET_TYPE_AR6003 && 1347 ar->target_type != TARGET_TYPE_AR6004) 1348 return -EINVAL; 1349 1350 /* temporarily disable system sleep */ 1351 address = MBOX_BASE_ADDRESS + LOCAL_SCRATCH_ADDRESS; 1352 status = ath6kl_bmi_reg_read(ar, address, ¶m); 1353 if (status) 1354 return status; 1355 1356 options = param; 1357 1358 param |= ATH6KL_OPTION_SLEEP_DISABLE; 1359 status = ath6kl_bmi_reg_write(ar, address, param); 1360 if (status) 1361 return status; 1362 1363 address = RTC_BASE_ADDRESS + SYSTEM_SLEEP_ADDRESS; 1364 status = ath6kl_bmi_reg_read(ar, address, ¶m); 1365 if (status) 1366 return status; 1367 1368 sleep = param; 1369 1370 param |= SM(SYSTEM_SLEEP_DISABLE, 1); 1371 status = ath6kl_bmi_reg_write(ar, address, param); 1372 if (status) 1373 return status; 1374 1375 ath6kl_dbg(ATH6KL_DBG_TRC, "old options: %d, old sleep: %d\n", 1376 options, sleep); 1377 1378 /* program analog PLL register */ 1379 /* no need to control 40/44MHz clock on AR6004 */ 1380 if (ar->target_type != TARGET_TYPE_AR6004) { 1381 status = ath6kl_bmi_reg_write(ar, ATH6KL_ANALOG_PLL_REGISTER, 1382 0xF9104001); 1383 1384 if (status) 1385 return status; 1386 1387 /* Run at 80/88MHz by default */ 1388 param = SM(CPU_CLOCK_STANDARD, 1); 1389 1390 address = RTC_BASE_ADDRESS + CPU_CLOCK_ADDRESS; 1391 status = ath6kl_bmi_reg_write(ar, address, param); 1392 if (status) 1393 return status; 1394 } 1395 1396 param = 0; 1397 address = RTC_BASE_ADDRESS + LPO_CAL_ADDRESS; 1398 param = SM(LPO_CAL_ENABLE, 1); 1399 status = ath6kl_bmi_reg_write(ar, address, param); 1400 if (status) 1401 return status; 1402 1403 /* WAR to avoid SDIO CRC err */ 1404 if (ar->version.target_ver == AR6003_HW_2_0_VERSION || 1405 ar->version.target_ver == AR6003_HW_2_1_1_VERSION) { 1406 ath6kl_err("temporary war to avoid sdio crc error\n"); 1407 1408 param = 0x28; 1409 address = GPIO_BASE_ADDRESS + GPIO_PIN9_ADDRESS; 1410 status = ath6kl_bmi_reg_write(ar, address, param); 1411 if (status) 1412 return status; 1413 1414 param = 0x20; 1415 1416 address = GPIO_BASE_ADDRESS + GPIO_PIN10_ADDRESS; 1417 status = ath6kl_bmi_reg_write(ar, address, param); 1418 if (status) 1419 return status; 1420 1421 address = GPIO_BASE_ADDRESS + GPIO_PIN11_ADDRESS; 1422 status = ath6kl_bmi_reg_write(ar, address, param); 1423 if (status) 1424 return status; 1425 1426 address = GPIO_BASE_ADDRESS + GPIO_PIN12_ADDRESS; 1427 status = ath6kl_bmi_reg_write(ar, address, param); 1428 if (status) 1429 return status; 1430 1431 address = GPIO_BASE_ADDRESS + GPIO_PIN13_ADDRESS; 1432 status = ath6kl_bmi_reg_write(ar, address, param); 1433 if (status) 1434 return status; 1435 } 1436 1437 /* write EEPROM data to Target RAM */ 1438 status = ath6kl_upload_board_file(ar); 1439 if (status) 1440 return status; 1441 1442 /* transfer One time Programmable data */ 1443 status = ath6kl_upload_otp(ar); 1444 if (status) 1445 return status; 1446 1447 /* Download Target firmware */ 1448 status = ath6kl_upload_firmware(ar); 1449 if (status) 1450 return status; 1451 1452 status = ath6kl_upload_patch(ar); 1453 if (status) 1454 return status; 1455 1456 /* Download the test script */ 1457 status = ath6kl_upload_testscript(ar); 1458 if (status) 1459 return status; 1460 1461 /* Restore system sleep */ 1462 address = RTC_BASE_ADDRESS + SYSTEM_SLEEP_ADDRESS; 1463 status = ath6kl_bmi_reg_write(ar, address, sleep); 1464 if (status) 1465 return status; 1466 1467 address = MBOX_BASE_ADDRESS + LOCAL_SCRATCH_ADDRESS; 1468 param = options | 0x20; 1469 status = ath6kl_bmi_reg_write(ar, address, param); 1470 if (status) 1471 return status; 1472 1473 return status; 1474 } 1475 1476 int ath6kl_init_hw_params(struct ath6kl *ar) 1477 { 1478 const struct ath6kl_hw *uninitialized_var(hw); 1479 int i; 1480 1481 for (i = 0; i < ARRAY_SIZE(hw_list); i++) { 1482 hw = &hw_list[i]; 1483 1484 if (hw->id == ar->version.target_ver) 1485 break; 1486 } 1487 1488 if (i == ARRAY_SIZE(hw_list)) { 1489 ath6kl_err("Unsupported hardware version: 0x%x\n", 1490 ar->version.target_ver); 1491 return -EINVAL; 1492 } 1493 1494 ar->hw = *hw; 1495 1496 ath6kl_dbg(ATH6KL_DBG_BOOT, 1497 "target_ver 0x%x target_type 0x%x dataset_patch 0x%x app_load_addr 0x%x\n", 1498 ar->version.target_ver, ar->target_type, 1499 ar->hw.dataset_patch_addr, ar->hw.app_load_addr); 1500 ath6kl_dbg(ATH6KL_DBG_BOOT, 1501 "app_start_override_addr 0x%x board_ext_data_addr 0x%x reserved_ram_size 0x%x", 1502 ar->hw.app_start_override_addr, ar->hw.board_ext_data_addr, 1503 ar->hw.reserved_ram_size); 1504 ath6kl_dbg(ATH6KL_DBG_BOOT, 1505 "refclk_hz %d uarttx_pin %d", 1506 ar->hw.refclk_hz, ar->hw.uarttx_pin); 1507 1508 return 0; 1509 } 1510 1511 static const char *ath6kl_init_get_hif_name(enum ath6kl_hif_type type) 1512 { 1513 switch (type) { 1514 case ATH6KL_HIF_TYPE_SDIO: 1515 return "sdio"; 1516 case ATH6KL_HIF_TYPE_USB: 1517 return "usb"; 1518 } 1519 1520 return NULL; 1521 } 1522 1523 int ath6kl_init_hw_start(struct ath6kl *ar) 1524 { 1525 long timeleft; 1526 int ret, i; 1527 1528 ath6kl_dbg(ATH6KL_DBG_BOOT, "hw start\n"); 1529 1530 ret = ath6kl_hif_power_on(ar); 1531 if (ret) 1532 return ret; 1533 1534 ret = ath6kl_configure_target(ar); 1535 if (ret) 1536 goto err_power_off; 1537 1538 ret = ath6kl_init_upload(ar); 1539 if (ret) 1540 goto err_power_off; 1541 1542 /* Do we need to finish the BMI phase */ 1543 /* FIXME: return error from ath6kl_bmi_done() */ 1544 if (ath6kl_bmi_done(ar)) { 1545 ret = -EIO; 1546 goto err_power_off; 1547 } 1548 1549 /* 1550 * The reason we have to wait for the target here is that the 1551 * driver layer has to init BMI in order to set the host block 1552 * size. 1553 */ 1554 if (ath6kl_htc_wait_target(ar->htc_target)) { 1555 ret = -EIO; 1556 goto err_power_off; 1557 } 1558 1559 if (ath6kl_init_service_ep(ar)) { 1560 ret = -EIO; 1561 goto err_cleanup_scatter; 1562 } 1563 1564 /* setup credit distribution */ 1565 ath6kl_htc_credit_setup(ar->htc_target, &ar->credit_state_info); 1566 1567 /* start HTC */ 1568 ret = ath6kl_htc_start(ar->htc_target); 1569 if (ret) { 1570 /* FIXME: call this */ 1571 ath6kl_cookie_cleanup(ar); 1572 goto err_cleanup_scatter; 1573 } 1574 1575 /* Wait for Wmi event to be ready */ 1576 timeleft = wait_event_interruptible_timeout(ar->event_wq, 1577 test_bit(WMI_READY, 1578 &ar->flag), 1579 WMI_TIMEOUT); 1580 1581 ath6kl_dbg(ATH6KL_DBG_BOOT, "firmware booted\n"); 1582 1583 1584 if (test_and_clear_bit(FIRST_BOOT, &ar->flag)) { 1585 ath6kl_info("%s %s fw %s api %d%s\n", 1586 ar->hw.name, 1587 ath6kl_init_get_hif_name(ar->hif_type), 1588 ar->wiphy->fw_version, 1589 ar->fw_api, 1590 test_bit(TESTMODE, &ar->flag) ? " testmode" : ""); 1591 } 1592 1593 if (ar->version.abi_ver != ATH6KL_ABI_VERSION) { 1594 ath6kl_err("abi version mismatch: host(0x%x), target(0x%x)\n", 1595 ATH6KL_ABI_VERSION, ar->version.abi_ver); 1596 ret = -EIO; 1597 goto err_htc_stop; 1598 } 1599 1600 if (!timeleft || signal_pending(current)) { 1601 ath6kl_err("wmi is not ready or wait was interrupted\n"); 1602 ret = -EIO; 1603 goto err_htc_stop; 1604 } 1605 1606 ath6kl_dbg(ATH6KL_DBG_TRC, "%s: wmi is ready\n", __func__); 1607 1608 /* communicate the wmi protocol verision to the target */ 1609 /* FIXME: return error */ 1610 if ((ath6kl_set_host_app_area(ar)) != 0) 1611 ath6kl_err("unable to set the host app area\n"); 1612 1613 for (i = 0; i < ar->vif_max; i++) { 1614 ret = ath6kl_target_config_wlan_params(ar, i); 1615 if (ret) 1616 goto err_htc_stop; 1617 } 1618 1619 ar->state = ATH6KL_STATE_ON; 1620 1621 return 0; 1622 1623 err_htc_stop: 1624 ath6kl_htc_stop(ar->htc_target); 1625 err_cleanup_scatter: 1626 ath6kl_hif_cleanup_scatter(ar); 1627 err_power_off: 1628 ath6kl_hif_power_off(ar); 1629 1630 return ret; 1631 } 1632 1633 int ath6kl_init_hw_stop(struct ath6kl *ar) 1634 { 1635 int ret; 1636 1637 ath6kl_dbg(ATH6KL_DBG_BOOT, "hw stop\n"); 1638 1639 ath6kl_htc_stop(ar->htc_target); 1640 1641 ath6kl_hif_stop(ar); 1642 1643 ath6kl_bmi_reset(ar); 1644 1645 ret = ath6kl_hif_power_off(ar); 1646 if (ret) 1647 ath6kl_warn("failed to power off hif: %d\n", ret); 1648 1649 ar->state = ATH6KL_STATE_OFF; 1650 1651 return 0; 1652 } 1653 1654 /* FIXME: move this to cfg80211.c and rename to ath6kl_cfg80211_vif_stop() */ 1655 void ath6kl_cleanup_vif(struct ath6kl_vif *vif, bool wmi_ready) 1656 { 1657 static u8 bcast_mac[] = {0xff, 0xff, 0xff, 0xff, 0xff, 0xff}; 1658 bool discon_issued; 1659 1660 netif_stop_queue(vif->ndev); 1661 1662 clear_bit(WLAN_ENABLED, &vif->flags); 1663 1664 if (wmi_ready) { 1665 discon_issued = test_bit(CONNECTED, &vif->flags) || 1666 test_bit(CONNECT_PEND, &vif->flags); 1667 ath6kl_disconnect(vif); 1668 del_timer(&vif->disconnect_timer); 1669 1670 if (discon_issued) 1671 ath6kl_disconnect_event(vif, DISCONNECT_CMD, 1672 (vif->nw_type & AP_NETWORK) ? 1673 bcast_mac : vif->bssid, 1674 0, NULL, 0); 1675 } 1676 1677 if (vif->scan_req) { 1678 cfg80211_scan_done(vif->scan_req, true); 1679 vif->scan_req = NULL; 1680 } 1681 1682 /* need to clean up enhanced bmiss detection fw state */ 1683 ath6kl_cfg80211_sta_bmiss_enhance(vif, false); 1684 } 1685 1686 void ath6kl_stop_txrx(struct ath6kl *ar) 1687 { 1688 struct ath6kl_vif *vif, *tmp_vif; 1689 int i; 1690 1691 set_bit(DESTROY_IN_PROGRESS, &ar->flag); 1692 1693 if (down_interruptible(&ar->sem)) { 1694 ath6kl_err("down_interruptible failed\n"); 1695 return; 1696 } 1697 1698 for (i = 0; i < AP_MAX_NUM_STA; i++) 1699 aggr_reset_state(ar->sta_list[i].aggr_conn); 1700 1701 spin_lock_bh(&ar->list_lock); 1702 list_for_each_entry_safe(vif, tmp_vif, &ar->vif_list, list) { 1703 list_del(&vif->list); 1704 spin_unlock_bh(&ar->list_lock); 1705 ath6kl_cleanup_vif(vif, test_bit(WMI_READY, &ar->flag)); 1706 rtnl_lock(); 1707 ath6kl_cfg80211_vif_cleanup(vif); 1708 rtnl_unlock(); 1709 spin_lock_bh(&ar->list_lock); 1710 } 1711 spin_unlock_bh(&ar->list_lock); 1712 1713 clear_bit(WMI_READY, &ar->flag); 1714 1715 /* 1716 * After wmi_shudown all WMI events will be dropped. We 1717 * need to cleanup the buffers allocated in AP mode and 1718 * give disconnect notification to stack, which usually 1719 * happens in the disconnect_event. Simulate the disconnect 1720 * event by calling the function directly. Sometimes 1721 * disconnect_event will be received when the debug logs 1722 * are collected. 1723 */ 1724 ath6kl_wmi_shutdown(ar->wmi); 1725 1726 clear_bit(WMI_ENABLED, &ar->flag); 1727 if (ar->htc_target) { 1728 ath6kl_dbg(ATH6KL_DBG_TRC, "%s: shut down htc\n", __func__); 1729 ath6kl_htc_stop(ar->htc_target); 1730 } 1731 1732 /* 1733 * Try to reset the device if we can. The driver may have been 1734 * configure NOT to reset the target during a debug session. 1735 */ 1736 ath6kl_dbg(ATH6KL_DBG_TRC, 1737 "attempting to reset target on instance destroy\n"); 1738 ath6kl_reset_device(ar, ar->target_type, true, true); 1739 1740 clear_bit(WLAN_ENABLED, &ar->flag); 1741 1742 up(&ar->sem); 1743 } 1744 EXPORT_SYMBOL(ath6kl_stop_txrx); 1745