1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2005-2014, 2018-2024 Intel Corporation 4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH 5 * Copyright (C) 2016-2017 Intel Deutschland GmbH 6 */ 7 #include <linux/completion.h> 8 #include <linux/dma-mapping.h> 9 #include <linux/firmware.h> 10 #include <linux/module.h> 11 #include <linux/vmalloc.h> 12 13 #include "iwl-drv.h" 14 #include "iwl-csr.h" 15 #include "iwl-debug.h" 16 #include "iwl-trans.h" 17 #include "iwl-op-mode.h" 18 #include "iwl-agn-hw.h" 19 #include "fw/img.h" 20 #include "iwl-dbg-tlv.h" 21 #include "iwl-config.h" 22 #include "iwl-modparams.h" 23 #include "fw/api/alive.h" 24 #include "fw/api/mac.h" 25 #include "fw/api/mac-cfg.h" 26 27 /****************************************************************************** 28 * 29 * module boiler plate 30 * 31 ******************************************************************************/ 32 33 #define DRV_DESCRIPTION "Intel(R) Wireless WiFi driver for Linux" 34 MODULE_DESCRIPTION(DRV_DESCRIPTION); 35 MODULE_LICENSE("GPL"); 36 37 #ifdef CONFIG_IWLWIFI_DEBUGFS 38 static struct dentry *iwl_dbgfs_root; 39 #endif 40 41 /** 42 * struct iwl_drv - drv common data 43 * @list: list of drv structures using this opmode 44 * @fw: the iwl_fw structure 45 * @op_mode: the running op_mode 46 * @trans: transport layer 47 * @dev: for debug prints only 48 * @fw_index: firmware revision to try loading 49 * @firmware_name: composite filename of ucode file to load 50 * @request_firmware_complete: the firmware has been obtained from user space 51 * @dbgfs_drv: debugfs root directory entry 52 * @dbgfs_trans: debugfs transport directory entry 53 * @dbgfs_op_mode: debugfs op_mode directory entry 54 */ 55 struct iwl_drv { 56 struct list_head list; 57 struct iwl_fw fw; 58 59 struct iwl_op_mode *op_mode; 60 struct iwl_trans *trans; 61 struct device *dev; 62 63 int fw_index; /* firmware we're trying to load */ 64 char firmware_name[64]; /* name of firmware file to load */ 65 66 struct completion request_firmware_complete; 67 68 #ifdef CONFIG_IWLWIFI_DEBUGFS 69 struct dentry *dbgfs_drv; 70 struct dentry *dbgfs_trans; 71 struct dentry *dbgfs_op_mode; 72 #endif 73 }; 74 75 enum { 76 DVM_OP_MODE, 77 MVM_OP_MODE, 78 }; 79 80 /* Protects the table contents, i.e. the ops pointer & drv list */ 81 static DEFINE_MUTEX(iwlwifi_opmode_table_mtx); 82 static struct iwlwifi_opmode_table { 83 const char *name; /* name: iwldvm, iwlmvm, etc */ 84 const struct iwl_op_mode_ops *ops; /* pointer to op_mode ops */ 85 struct list_head drv; /* list of devices using this op_mode */ 86 } iwlwifi_opmode_table[] = { /* ops set when driver is initialized */ 87 [DVM_OP_MODE] = { .name = "iwldvm", .ops = NULL }, 88 [MVM_OP_MODE] = { .name = "iwlmvm", .ops = NULL }, 89 }; 90 91 #define IWL_DEFAULT_SCAN_CHANNELS 40 92 93 /* 94 * struct fw_sec: Just for the image parsing process. 95 * For the fw storage we are using struct fw_desc. 96 */ 97 struct fw_sec { 98 const void *data; /* the sec data */ 99 size_t size; /* section size */ 100 u32 offset; /* offset of writing in the device */ 101 }; 102 103 static void iwl_free_fw_desc(struct iwl_drv *drv, struct fw_desc *desc) 104 { 105 vfree(desc->data); 106 desc->data = NULL; 107 desc->len = 0; 108 } 109 110 static void iwl_free_fw_img(struct iwl_drv *drv, struct fw_img *img) 111 { 112 int i; 113 for (i = 0; i < img->num_sec; i++) 114 iwl_free_fw_desc(drv, &img->sec[i]); 115 kfree(img->sec); 116 } 117 118 static void iwl_dealloc_ucode(struct iwl_drv *drv) 119 { 120 int i; 121 122 kfree(drv->fw.dbg.dest_tlv); 123 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.conf_tlv); i++) 124 kfree(drv->fw.dbg.conf_tlv[i]); 125 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.trigger_tlv); i++) 126 kfree(drv->fw.dbg.trigger_tlv[i]); 127 kfree(drv->fw.dbg.mem_tlv); 128 kfree(drv->fw.iml); 129 kfree(drv->fw.ucode_capa.cmd_versions); 130 kfree(drv->fw.phy_integration_ver); 131 kfree(drv->trans->dbg.pc_data); 132 drv->trans->dbg.pc_data = NULL; 133 134 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++) 135 iwl_free_fw_img(drv, drv->fw.img + i); 136 137 /* clear the data for the aborted load case */ 138 memset(&drv->fw, 0, sizeof(drv->fw)); 139 } 140 141 static int iwl_alloc_fw_desc(struct fw_desc *desc, struct fw_sec *sec) 142 { 143 void *data; 144 145 desc->data = NULL; 146 147 if (!sec || !sec->size) 148 return -EINVAL; 149 150 data = vmalloc(sec->size); 151 if (!data) 152 return -ENOMEM; 153 154 desc->len = sec->size; 155 desc->offset = sec->offset; 156 memcpy(data, sec->data, desc->len); 157 desc->data = data; 158 159 return 0; 160 } 161 162 static inline char iwl_drv_get_step(int step) 163 { 164 if (step == SILICON_Z_STEP) 165 return 'z'; 166 if (step == SILICON_TC_STEP) 167 return 'a'; 168 return 'a' + step; 169 } 170 171 const char *iwl_drv_get_fwname_pre(struct iwl_trans *trans, char *buf) 172 { 173 char mac_step, rf_step; 174 const char *rf, *cdb; 175 176 if (trans->cfg->fw_name_pre) 177 return trans->cfg->fw_name_pre; 178 179 if (WARN_ON(!trans->cfg->fw_name_mac)) 180 return "unconfigured"; 181 182 mac_step = iwl_drv_get_step(trans->hw_rev_step); 183 184 rf_step = iwl_drv_get_step(CSR_HW_RFID_STEP(trans->hw_rf_id)); 185 186 switch (CSR_HW_RFID_TYPE(trans->hw_rf_id)) { 187 case IWL_CFG_RF_TYPE_HR1: 188 case IWL_CFG_RF_TYPE_HR2: 189 rf = "hr"; 190 rf_step = 'b'; 191 break; 192 case IWL_CFG_RF_TYPE_GF: 193 rf = "gf"; 194 break; 195 case IWL_CFG_RF_TYPE_FM: 196 rf = "fm"; 197 break; 198 case IWL_CFG_RF_TYPE_WH: 199 if (SILICON_Z_STEP == 200 CSR_HW_RFID_STEP(trans->hw_rf_id)) { 201 rf = "whtc"; 202 rf_step = 'a'; 203 } else { 204 rf = "wh"; 205 } 206 break; 207 default: 208 return "unknown-rf"; 209 } 210 211 cdb = CSR_HW_RFID_IS_CDB(trans->hw_rf_id) ? "4" : ""; 212 213 scnprintf(buf, FW_NAME_PRE_BUFSIZE, 214 "iwlwifi-%s-%c0-%s%s-%c0", 215 trans->cfg->fw_name_mac, mac_step, 216 rf, cdb, rf_step); 217 218 return buf; 219 } 220 IWL_EXPORT_SYMBOL(iwl_drv_get_fwname_pre); 221 222 static void iwl_req_fw_callback(const struct firmware *ucode_raw, 223 void *context); 224 225 static int iwl_request_firmware(struct iwl_drv *drv, bool first) 226 { 227 const struct iwl_cfg *cfg = drv->trans->cfg; 228 char _fw_name_pre[FW_NAME_PRE_BUFSIZE]; 229 const char *fw_name_pre; 230 231 if (drv->trans->trans_cfg->device_family == IWL_DEVICE_FAMILY_9000 && 232 (drv->trans->hw_rev_step != SILICON_B_STEP && 233 drv->trans->hw_rev_step != SILICON_C_STEP)) { 234 IWL_ERR(drv, 235 "Only HW steps B and C are currently supported (0x%0x)\n", 236 drv->trans->hw_rev); 237 return -EINVAL; 238 } 239 240 fw_name_pre = iwl_drv_get_fwname_pre(drv->trans, _fw_name_pre); 241 242 if (first) 243 drv->fw_index = cfg->ucode_api_max; 244 else 245 drv->fw_index--; 246 247 if (drv->fw_index < cfg->ucode_api_min) { 248 IWL_ERR(drv, "no suitable firmware found!\n"); 249 250 if (cfg->ucode_api_min == cfg->ucode_api_max) { 251 IWL_ERR(drv, "%s-%d is required\n", fw_name_pre, 252 cfg->ucode_api_max); 253 } else { 254 IWL_ERR(drv, "minimum version required: %s-%d\n", 255 fw_name_pre, cfg->ucode_api_min); 256 IWL_ERR(drv, "maximum version supported: %s-%d\n", 257 fw_name_pre, cfg->ucode_api_max); 258 } 259 260 IWL_ERR(drv, 261 "check git://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git\n"); 262 return -ENOENT; 263 } 264 265 snprintf(drv->firmware_name, sizeof(drv->firmware_name), "%s-%d.ucode", 266 fw_name_pre, drv->fw_index); 267 268 IWL_DEBUG_FW_INFO(drv, "attempting to load firmware '%s'\n", 269 drv->firmware_name); 270 271 return request_firmware_nowait(THIS_MODULE, 1, drv->firmware_name, 272 drv->trans->dev, 273 GFP_KERNEL, drv, iwl_req_fw_callback); 274 } 275 276 struct fw_img_parsing { 277 struct fw_sec *sec; 278 int sec_counter; 279 }; 280 281 /* 282 * struct fw_sec_parsing: to extract fw section and it's offset from tlv 283 */ 284 struct fw_sec_parsing { 285 __le32 offset; 286 const u8 data[]; 287 } __packed; 288 289 /** 290 * struct iwl_tlv_calib_data - parse the default calib data from TLV 291 * 292 * @ucode_type: the uCode to which the following default calib relates. 293 * @calib: default calibrations. 294 */ 295 struct iwl_tlv_calib_data { 296 __le32 ucode_type; 297 struct iwl_tlv_calib_ctrl calib; 298 } __packed; 299 300 struct iwl_firmware_pieces { 301 struct fw_img_parsing img[IWL_UCODE_TYPE_MAX]; 302 303 u32 init_evtlog_ptr, init_evtlog_size, init_errlog_ptr; 304 u32 inst_evtlog_ptr, inst_evtlog_size, inst_errlog_ptr; 305 306 /* FW debug data parsed for driver usage */ 307 bool dbg_dest_tlv_init; 308 const u8 *dbg_dest_ver; 309 union { 310 const struct iwl_fw_dbg_dest_tlv *dbg_dest_tlv; 311 const struct iwl_fw_dbg_dest_tlv_v1 *dbg_dest_tlv_v1; 312 }; 313 const struct iwl_fw_dbg_conf_tlv *dbg_conf_tlv[FW_DBG_CONF_MAX]; 314 size_t dbg_conf_tlv_len[FW_DBG_CONF_MAX]; 315 const struct iwl_fw_dbg_trigger_tlv *dbg_trigger_tlv[FW_DBG_TRIGGER_MAX]; 316 size_t dbg_trigger_tlv_len[FW_DBG_TRIGGER_MAX]; 317 struct iwl_fw_dbg_mem_seg_tlv *dbg_mem_tlv; 318 size_t n_mem_tlv; 319 }; 320 321 static void alloc_sec_data(struct iwl_firmware_pieces *pieces, 322 enum iwl_ucode_type type, 323 int sec) 324 { 325 struct fw_img_parsing *img = &pieces->img[type]; 326 struct fw_sec *sec_memory; 327 int size = sec + 1; 328 size_t alloc_size = sizeof(*img->sec) * size; 329 330 if (img->sec && img->sec_counter >= size) 331 return; 332 333 sec_memory = krealloc(img->sec, alloc_size, GFP_KERNEL); 334 if (!sec_memory) 335 return; 336 337 img->sec = sec_memory; 338 img->sec_counter = size; 339 } 340 341 static void set_sec_data(struct iwl_firmware_pieces *pieces, 342 enum iwl_ucode_type type, 343 int sec, 344 const void *data) 345 { 346 alloc_sec_data(pieces, type, sec); 347 348 pieces->img[type].sec[sec].data = data; 349 } 350 351 static void set_sec_size(struct iwl_firmware_pieces *pieces, 352 enum iwl_ucode_type type, 353 int sec, 354 size_t size) 355 { 356 alloc_sec_data(pieces, type, sec); 357 358 pieces->img[type].sec[sec].size = size; 359 } 360 361 static size_t get_sec_size(struct iwl_firmware_pieces *pieces, 362 enum iwl_ucode_type type, 363 int sec) 364 { 365 return pieces->img[type].sec[sec].size; 366 } 367 368 static void set_sec_offset(struct iwl_firmware_pieces *pieces, 369 enum iwl_ucode_type type, 370 int sec, 371 u32 offset) 372 { 373 alloc_sec_data(pieces, type, sec); 374 375 pieces->img[type].sec[sec].offset = offset; 376 } 377 378 /* 379 * Gets uCode section from tlv. 380 */ 381 static int iwl_store_ucode_sec(struct fw_img_parsing *img, 382 const void *data, int size) 383 { 384 struct fw_sec *sec; 385 const struct fw_sec_parsing *sec_parse; 386 size_t alloc_size; 387 388 if (WARN_ON(!img || !data)) 389 return -EINVAL; 390 391 sec_parse = (const struct fw_sec_parsing *)data; 392 393 alloc_size = sizeof(*img->sec) * (img->sec_counter + 1); 394 sec = krealloc(img->sec, alloc_size, GFP_KERNEL); 395 if (!sec) 396 return -ENOMEM; 397 img->sec = sec; 398 399 sec = &img->sec[img->sec_counter]; 400 401 sec->offset = le32_to_cpu(sec_parse->offset); 402 sec->data = sec_parse->data; 403 sec->size = size - sizeof(sec_parse->offset); 404 405 ++img->sec_counter; 406 407 return 0; 408 } 409 410 static int iwl_set_default_calib(struct iwl_drv *drv, const u8 *data) 411 { 412 const struct iwl_tlv_calib_data *def_calib = 413 (const struct iwl_tlv_calib_data *)data; 414 u32 ucode_type = le32_to_cpu(def_calib->ucode_type); 415 if (ucode_type >= IWL_UCODE_TYPE_MAX) { 416 IWL_ERR(drv, "Wrong ucode_type %u for default calibration.\n", 417 ucode_type); 418 return -EINVAL; 419 } 420 drv->fw.default_calib[ucode_type].flow_trigger = 421 def_calib->calib.flow_trigger; 422 drv->fw.default_calib[ucode_type].event_trigger = 423 def_calib->calib.event_trigger; 424 425 return 0; 426 } 427 428 static void iwl_set_ucode_api_flags(struct iwl_drv *drv, const u8 *data, 429 struct iwl_ucode_capabilities *capa) 430 { 431 const struct iwl_ucode_api *ucode_api = (const void *)data; 432 u32 api_index = le32_to_cpu(ucode_api->api_index); 433 u32 api_flags = le32_to_cpu(ucode_api->api_flags); 434 int i; 435 436 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_API, 32)) { 437 IWL_WARN(drv, 438 "api flags index %d larger than supported by driver\n", 439 api_index); 440 return; 441 } 442 443 for (i = 0; i < 32; i++) { 444 if (api_flags & BIT(i)) 445 __set_bit(i + 32 * api_index, capa->_api); 446 } 447 } 448 449 static void iwl_set_ucode_capabilities(struct iwl_drv *drv, const u8 *data, 450 struct iwl_ucode_capabilities *capa) 451 { 452 const struct iwl_ucode_capa *ucode_capa = (const void *)data; 453 u32 api_index = le32_to_cpu(ucode_capa->api_index); 454 u32 api_flags = le32_to_cpu(ucode_capa->api_capa); 455 int i; 456 457 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_CAPA, 32)) { 458 IWL_WARN(drv, 459 "capa flags index %d larger than supported by driver\n", 460 api_index); 461 return; 462 } 463 464 for (i = 0; i < 32; i++) { 465 if (api_flags & BIT(i)) 466 __set_bit(i + 32 * api_index, capa->_capa); 467 } 468 } 469 470 static const char *iwl_reduced_fw_name(struct iwl_drv *drv) 471 { 472 const char *name = drv->firmware_name; 473 474 if (strncmp(name, "iwlwifi-", 8) == 0) 475 name += 8; 476 477 return name; 478 } 479 480 static int iwl_parse_v1_v2_firmware(struct iwl_drv *drv, 481 const struct firmware *ucode_raw, 482 struct iwl_firmware_pieces *pieces) 483 { 484 const struct iwl_ucode_header *ucode = (const void *)ucode_raw->data; 485 u32 api_ver, hdr_size, build; 486 char buildstr[25]; 487 const u8 *src; 488 489 drv->fw.ucode_ver = le32_to_cpu(ucode->ver); 490 api_ver = IWL_UCODE_API(drv->fw.ucode_ver); 491 492 switch (api_ver) { 493 default: 494 hdr_size = 28; 495 if (ucode_raw->size < hdr_size) { 496 IWL_ERR(drv, "File size too small!\n"); 497 return -EINVAL; 498 } 499 build = le32_to_cpu(ucode->u.v2.build); 500 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 501 le32_to_cpu(ucode->u.v2.inst_size)); 502 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 503 le32_to_cpu(ucode->u.v2.data_size)); 504 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 505 le32_to_cpu(ucode->u.v2.init_size)); 506 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 507 le32_to_cpu(ucode->u.v2.init_data_size)); 508 src = ucode->u.v2.data; 509 break; 510 case 0: 511 case 1: 512 case 2: 513 hdr_size = 24; 514 if (ucode_raw->size < hdr_size) { 515 IWL_ERR(drv, "File size too small!\n"); 516 return -EINVAL; 517 } 518 build = 0; 519 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 520 le32_to_cpu(ucode->u.v1.inst_size)); 521 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 522 le32_to_cpu(ucode->u.v1.data_size)); 523 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 524 le32_to_cpu(ucode->u.v1.init_size)); 525 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 526 le32_to_cpu(ucode->u.v1.init_data_size)); 527 src = ucode->u.v1.data; 528 break; 529 } 530 531 if (build) 532 sprintf(buildstr, " build %u", build); 533 else 534 buildstr[0] = '\0'; 535 536 snprintf(drv->fw.fw_version, 537 sizeof(drv->fw.fw_version), 538 "%u.%u.%u.%u%s %s", 539 IWL_UCODE_MAJOR(drv->fw.ucode_ver), 540 IWL_UCODE_MINOR(drv->fw.ucode_ver), 541 IWL_UCODE_API(drv->fw.ucode_ver), 542 IWL_UCODE_SERIAL(drv->fw.ucode_ver), 543 buildstr, iwl_reduced_fw_name(drv)); 544 545 /* Verify size of file vs. image size info in file's header */ 546 547 if (ucode_raw->size != hdr_size + 548 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) + 549 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) + 550 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) + 551 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA)) { 552 553 IWL_ERR(drv, 554 "uCode file size %d does not match expected size\n", 555 (int)ucode_raw->size); 556 return -EINVAL; 557 } 558 559 560 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, src); 561 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST); 562 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 563 IWLAGN_RTC_INST_LOWER_BOUND); 564 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, src); 565 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA); 566 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 567 IWLAGN_RTC_DATA_LOWER_BOUND); 568 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, src); 569 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST); 570 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 571 IWLAGN_RTC_INST_LOWER_BOUND); 572 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, src); 573 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA); 574 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 575 IWLAGN_RTC_DATA_LOWER_BOUND); 576 return 0; 577 } 578 579 static void iwl_drv_set_dump_exclude(struct iwl_drv *drv, 580 enum iwl_ucode_tlv_type tlv_type, 581 const void *tlv_data, u32 tlv_len) 582 { 583 const struct iwl_fw_dump_exclude *fw = tlv_data; 584 struct iwl_dump_exclude *excl; 585 586 if (tlv_len < sizeof(*fw)) 587 return; 588 589 if (tlv_type == IWL_UCODE_TLV_SEC_TABLE_ADDR) { 590 excl = &drv->fw.dump_excl[0]; 591 592 /* second time we find this, it's for WoWLAN */ 593 if (excl->addr) 594 excl = &drv->fw.dump_excl_wowlan[0]; 595 } else if (fw_has_capa(&drv->fw.ucode_capa, 596 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG)) { 597 /* IWL_UCODE_TLV_D3_KEK_KCK_ADDR is regular image */ 598 excl = &drv->fw.dump_excl[0]; 599 } else { 600 /* IWL_UCODE_TLV_D3_KEK_KCK_ADDR is WoWLAN image */ 601 excl = &drv->fw.dump_excl_wowlan[0]; 602 } 603 604 if (excl->addr) 605 excl++; 606 607 if (excl->addr) { 608 IWL_DEBUG_FW_INFO(drv, "found too many excludes in fw file\n"); 609 return; 610 } 611 612 excl->addr = le32_to_cpu(fw->addr) & ~FW_ADDR_CACHE_CONTROL; 613 excl->size = le32_to_cpu(fw->size); 614 } 615 616 static void iwl_parse_dbg_tlv_assert_tables(struct iwl_drv *drv, 617 const struct iwl_ucode_tlv *tlv) 618 { 619 const struct iwl_fw_ini_region_tlv *region; 620 u32 length = le32_to_cpu(tlv->length); 621 u32 addr; 622 623 if (length < offsetof(typeof(*region), special_mem) + 624 sizeof(region->special_mem)) 625 return; 626 627 region = (const void *)tlv->data; 628 addr = le32_to_cpu(region->special_mem.base_addr); 629 addr += le32_to_cpu(region->special_mem.offset); 630 addr &= ~FW_ADDR_CACHE_CONTROL; 631 632 if (region->type != IWL_FW_INI_REGION_SPECIAL_DEVICE_MEMORY) 633 return; 634 635 switch (region->sub_type) { 636 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_UMAC_ERROR_TABLE: 637 drv->trans->dbg.umac_error_event_table = addr; 638 drv->trans->dbg.error_event_table_tlv_status |= 639 IWL_ERROR_EVENT_TABLE_UMAC; 640 break; 641 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_LMAC_1_ERROR_TABLE: 642 drv->trans->dbg.lmac_error_event_table[0] = addr; 643 drv->trans->dbg.error_event_table_tlv_status |= 644 IWL_ERROR_EVENT_TABLE_LMAC1; 645 break; 646 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_LMAC_2_ERROR_TABLE: 647 drv->trans->dbg.lmac_error_event_table[1] = addr; 648 drv->trans->dbg.error_event_table_tlv_status |= 649 IWL_ERROR_EVENT_TABLE_LMAC2; 650 break; 651 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_TCM_1_ERROR_TABLE: 652 drv->trans->dbg.tcm_error_event_table[0] = addr; 653 drv->trans->dbg.error_event_table_tlv_status |= 654 IWL_ERROR_EVENT_TABLE_TCM1; 655 break; 656 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_TCM_2_ERROR_TABLE: 657 drv->trans->dbg.tcm_error_event_table[1] = addr; 658 drv->trans->dbg.error_event_table_tlv_status |= 659 IWL_ERROR_EVENT_TABLE_TCM2; 660 break; 661 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_RCM_1_ERROR_TABLE: 662 drv->trans->dbg.rcm_error_event_table[0] = addr; 663 drv->trans->dbg.error_event_table_tlv_status |= 664 IWL_ERROR_EVENT_TABLE_RCM1; 665 break; 666 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_RCM_2_ERROR_TABLE: 667 drv->trans->dbg.rcm_error_event_table[1] = addr; 668 drv->trans->dbg.error_event_table_tlv_status |= 669 IWL_ERROR_EVENT_TABLE_RCM2; 670 break; 671 default: 672 break; 673 } 674 } 675 676 static int iwl_parse_tlv_firmware(struct iwl_drv *drv, 677 const struct firmware *ucode_raw, 678 struct iwl_firmware_pieces *pieces, 679 struct iwl_ucode_capabilities *capa, 680 bool *usniffer_images) 681 { 682 const struct iwl_tlv_ucode_header *ucode = (const void *)ucode_raw->data; 683 const struct iwl_ucode_tlv *tlv; 684 size_t len = ucode_raw->size; 685 const u8 *data; 686 u32 tlv_len; 687 u32 usniffer_img; 688 enum iwl_ucode_tlv_type tlv_type; 689 const u8 *tlv_data; 690 char buildstr[25]; 691 u32 build, paging_mem_size; 692 int num_of_cpus; 693 bool usniffer_req = false; 694 695 if (len < sizeof(*ucode)) { 696 IWL_ERR(drv, "uCode has invalid length: %zd\n", len); 697 return -EINVAL; 698 } 699 700 if (ucode->magic != cpu_to_le32(IWL_TLV_UCODE_MAGIC)) { 701 IWL_ERR(drv, "invalid uCode magic: 0X%x\n", 702 le32_to_cpu(ucode->magic)); 703 return -EINVAL; 704 } 705 706 drv->fw.ucode_ver = le32_to_cpu(ucode->ver); 707 memcpy(drv->fw.human_readable, ucode->human_readable, 708 sizeof(drv->fw.human_readable)); 709 build = le32_to_cpu(ucode->build); 710 711 if (build) 712 sprintf(buildstr, " build %u", build); 713 else 714 buildstr[0] = '\0'; 715 716 snprintf(drv->fw.fw_version, 717 sizeof(drv->fw.fw_version), 718 "%u.%u.%u.%u%s %s", 719 IWL_UCODE_MAJOR(drv->fw.ucode_ver), 720 IWL_UCODE_MINOR(drv->fw.ucode_ver), 721 IWL_UCODE_API(drv->fw.ucode_ver), 722 IWL_UCODE_SERIAL(drv->fw.ucode_ver), 723 buildstr, iwl_reduced_fw_name(drv)); 724 725 data = ucode->data; 726 727 len -= sizeof(*ucode); 728 729 while (len >= sizeof(*tlv)) { 730 len -= sizeof(*tlv); 731 732 tlv = (const void *)data; 733 tlv_len = le32_to_cpu(tlv->length); 734 tlv_type = le32_to_cpu(tlv->type); 735 tlv_data = tlv->data; 736 737 if (len < tlv_len) { 738 IWL_ERR(drv, "invalid TLV len: %zd/%u\n", 739 len, tlv_len); 740 return -EINVAL; 741 } 742 len -= ALIGN(tlv_len, 4); 743 data += sizeof(*tlv) + ALIGN(tlv_len, 4); 744 745 switch (tlv_type) { 746 case IWL_UCODE_TLV_INST: 747 set_sec_data(pieces, IWL_UCODE_REGULAR, 748 IWL_UCODE_SECTION_INST, tlv_data); 749 set_sec_size(pieces, IWL_UCODE_REGULAR, 750 IWL_UCODE_SECTION_INST, tlv_len); 751 set_sec_offset(pieces, IWL_UCODE_REGULAR, 752 IWL_UCODE_SECTION_INST, 753 IWLAGN_RTC_INST_LOWER_BOUND); 754 break; 755 case IWL_UCODE_TLV_DATA: 756 set_sec_data(pieces, IWL_UCODE_REGULAR, 757 IWL_UCODE_SECTION_DATA, tlv_data); 758 set_sec_size(pieces, IWL_UCODE_REGULAR, 759 IWL_UCODE_SECTION_DATA, tlv_len); 760 set_sec_offset(pieces, IWL_UCODE_REGULAR, 761 IWL_UCODE_SECTION_DATA, 762 IWLAGN_RTC_DATA_LOWER_BOUND); 763 break; 764 case IWL_UCODE_TLV_INIT: 765 set_sec_data(pieces, IWL_UCODE_INIT, 766 IWL_UCODE_SECTION_INST, tlv_data); 767 set_sec_size(pieces, IWL_UCODE_INIT, 768 IWL_UCODE_SECTION_INST, tlv_len); 769 set_sec_offset(pieces, IWL_UCODE_INIT, 770 IWL_UCODE_SECTION_INST, 771 IWLAGN_RTC_INST_LOWER_BOUND); 772 break; 773 case IWL_UCODE_TLV_INIT_DATA: 774 set_sec_data(pieces, IWL_UCODE_INIT, 775 IWL_UCODE_SECTION_DATA, tlv_data); 776 set_sec_size(pieces, IWL_UCODE_INIT, 777 IWL_UCODE_SECTION_DATA, tlv_len); 778 set_sec_offset(pieces, IWL_UCODE_INIT, 779 IWL_UCODE_SECTION_DATA, 780 IWLAGN_RTC_DATA_LOWER_BOUND); 781 break; 782 case IWL_UCODE_TLV_BOOT: 783 IWL_ERR(drv, "Found unexpected BOOT ucode\n"); 784 break; 785 case IWL_UCODE_TLV_PROBE_MAX_LEN: 786 if (tlv_len != sizeof(u32)) 787 goto invalid_tlv_len; 788 capa->max_probe_length = 789 le32_to_cpup((const __le32 *)tlv_data); 790 break; 791 case IWL_UCODE_TLV_PAN: 792 if (tlv_len) 793 goto invalid_tlv_len; 794 capa->flags |= IWL_UCODE_TLV_FLAGS_PAN; 795 break; 796 case IWL_UCODE_TLV_FLAGS: 797 /* must be at least one u32 */ 798 if (tlv_len < sizeof(u32)) 799 goto invalid_tlv_len; 800 /* and a proper number of u32s */ 801 if (tlv_len % sizeof(u32)) 802 goto invalid_tlv_len; 803 /* 804 * This driver only reads the first u32 as 805 * right now no more features are defined, 806 * if that changes then either the driver 807 * will not work with the new firmware, or 808 * it'll not take advantage of new features. 809 */ 810 capa->flags = le32_to_cpup((const __le32 *)tlv_data); 811 break; 812 case IWL_UCODE_TLV_API_CHANGES_SET: 813 if (tlv_len != sizeof(struct iwl_ucode_api)) 814 goto invalid_tlv_len; 815 iwl_set_ucode_api_flags(drv, tlv_data, capa); 816 break; 817 case IWL_UCODE_TLV_ENABLED_CAPABILITIES: 818 if (tlv_len != sizeof(struct iwl_ucode_capa)) 819 goto invalid_tlv_len; 820 iwl_set_ucode_capabilities(drv, tlv_data, capa); 821 break; 822 case IWL_UCODE_TLV_INIT_EVTLOG_PTR: 823 if (tlv_len != sizeof(u32)) 824 goto invalid_tlv_len; 825 pieces->init_evtlog_ptr = 826 le32_to_cpup((const __le32 *)tlv_data); 827 break; 828 case IWL_UCODE_TLV_INIT_EVTLOG_SIZE: 829 if (tlv_len != sizeof(u32)) 830 goto invalid_tlv_len; 831 pieces->init_evtlog_size = 832 le32_to_cpup((const __le32 *)tlv_data); 833 break; 834 case IWL_UCODE_TLV_INIT_ERRLOG_PTR: 835 if (tlv_len != sizeof(u32)) 836 goto invalid_tlv_len; 837 pieces->init_errlog_ptr = 838 le32_to_cpup((const __le32 *)tlv_data); 839 break; 840 case IWL_UCODE_TLV_RUNT_EVTLOG_PTR: 841 if (tlv_len != sizeof(u32)) 842 goto invalid_tlv_len; 843 pieces->inst_evtlog_ptr = 844 le32_to_cpup((const __le32 *)tlv_data); 845 break; 846 case IWL_UCODE_TLV_RUNT_EVTLOG_SIZE: 847 if (tlv_len != sizeof(u32)) 848 goto invalid_tlv_len; 849 pieces->inst_evtlog_size = 850 le32_to_cpup((const __le32 *)tlv_data); 851 break; 852 case IWL_UCODE_TLV_RUNT_ERRLOG_PTR: 853 if (tlv_len != sizeof(u32)) 854 goto invalid_tlv_len; 855 pieces->inst_errlog_ptr = 856 le32_to_cpup((const __le32 *)tlv_data); 857 break; 858 case IWL_UCODE_TLV_ENHANCE_SENS_TBL: 859 if (tlv_len) 860 goto invalid_tlv_len; 861 drv->fw.enhance_sensitivity_table = true; 862 break; 863 case IWL_UCODE_TLV_WOWLAN_INST: 864 set_sec_data(pieces, IWL_UCODE_WOWLAN, 865 IWL_UCODE_SECTION_INST, tlv_data); 866 set_sec_size(pieces, IWL_UCODE_WOWLAN, 867 IWL_UCODE_SECTION_INST, tlv_len); 868 set_sec_offset(pieces, IWL_UCODE_WOWLAN, 869 IWL_UCODE_SECTION_INST, 870 IWLAGN_RTC_INST_LOWER_BOUND); 871 break; 872 case IWL_UCODE_TLV_WOWLAN_DATA: 873 set_sec_data(pieces, IWL_UCODE_WOWLAN, 874 IWL_UCODE_SECTION_DATA, tlv_data); 875 set_sec_size(pieces, IWL_UCODE_WOWLAN, 876 IWL_UCODE_SECTION_DATA, tlv_len); 877 set_sec_offset(pieces, IWL_UCODE_WOWLAN, 878 IWL_UCODE_SECTION_DATA, 879 IWLAGN_RTC_DATA_LOWER_BOUND); 880 break; 881 case IWL_UCODE_TLV_PHY_CALIBRATION_SIZE: 882 if (tlv_len != sizeof(u32)) 883 goto invalid_tlv_len; 884 capa->standard_phy_calibration_size = 885 le32_to_cpup((const __le32 *)tlv_data); 886 break; 887 case IWL_UCODE_TLV_SEC_RT: 888 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_REGULAR], 889 tlv_data, tlv_len); 890 drv->fw.type = IWL_FW_MVM; 891 break; 892 case IWL_UCODE_TLV_SEC_INIT: 893 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_INIT], 894 tlv_data, tlv_len); 895 drv->fw.type = IWL_FW_MVM; 896 break; 897 case IWL_UCODE_TLV_SEC_WOWLAN: 898 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_WOWLAN], 899 tlv_data, tlv_len); 900 drv->fw.type = IWL_FW_MVM; 901 break; 902 case IWL_UCODE_TLV_DEF_CALIB: 903 if (tlv_len != sizeof(struct iwl_tlv_calib_data)) 904 goto invalid_tlv_len; 905 if (iwl_set_default_calib(drv, tlv_data)) 906 goto tlv_error; 907 break; 908 case IWL_UCODE_TLV_PHY_SKU: 909 if (tlv_len != sizeof(u32)) 910 goto invalid_tlv_len; 911 drv->fw.phy_config = le32_to_cpup((const __le32 *)tlv_data); 912 drv->fw.valid_tx_ant = (drv->fw.phy_config & 913 FW_PHY_CFG_TX_CHAIN) >> 914 FW_PHY_CFG_TX_CHAIN_POS; 915 drv->fw.valid_rx_ant = (drv->fw.phy_config & 916 FW_PHY_CFG_RX_CHAIN) >> 917 FW_PHY_CFG_RX_CHAIN_POS; 918 break; 919 case IWL_UCODE_TLV_SECURE_SEC_RT: 920 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_REGULAR], 921 tlv_data, tlv_len); 922 drv->fw.type = IWL_FW_MVM; 923 break; 924 case IWL_UCODE_TLV_SECURE_SEC_INIT: 925 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_INIT], 926 tlv_data, tlv_len); 927 drv->fw.type = IWL_FW_MVM; 928 break; 929 case IWL_UCODE_TLV_SECURE_SEC_WOWLAN: 930 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_WOWLAN], 931 tlv_data, tlv_len); 932 drv->fw.type = IWL_FW_MVM; 933 break; 934 case IWL_UCODE_TLV_NUM_OF_CPU: 935 if (tlv_len != sizeof(u32)) 936 goto invalid_tlv_len; 937 num_of_cpus = 938 le32_to_cpup((const __le32 *)tlv_data); 939 940 if (num_of_cpus == 2) { 941 drv->fw.img[IWL_UCODE_REGULAR].is_dual_cpus = 942 true; 943 drv->fw.img[IWL_UCODE_INIT].is_dual_cpus = 944 true; 945 drv->fw.img[IWL_UCODE_WOWLAN].is_dual_cpus = 946 true; 947 } else if ((num_of_cpus > 2) || (num_of_cpus < 1)) { 948 IWL_ERR(drv, "Driver support up to 2 CPUs\n"); 949 return -EINVAL; 950 } 951 break; 952 case IWL_UCODE_TLV_N_SCAN_CHANNELS: 953 if (tlv_len != sizeof(u32)) 954 goto invalid_tlv_len; 955 capa->n_scan_channels = 956 le32_to_cpup((const __le32 *)tlv_data); 957 break; 958 case IWL_UCODE_TLV_FW_VERSION: { 959 const __le32 *ptr = (const void *)tlv_data; 960 u32 major, minor; 961 u8 local_comp; 962 963 if (tlv_len != sizeof(u32) * 3) 964 goto invalid_tlv_len; 965 966 major = le32_to_cpup(ptr++); 967 minor = le32_to_cpup(ptr++); 968 local_comp = le32_to_cpup(ptr); 969 970 snprintf(drv->fw.fw_version, 971 sizeof(drv->fw.fw_version), 972 "%u.%08x.%u %s", major, minor, 973 local_comp, iwl_reduced_fw_name(drv)); 974 break; 975 } 976 case IWL_UCODE_TLV_FW_DBG_DEST: { 977 const struct iwl_fw_dbg_dest_tlv *dest = NULL; 978 const struct iwl_fw_dbg_dest_tlv_v1 *dest_v1 = NULL; 979 u8 mon_mode; 980 981 pieces->dbg_dest_ver = (const u8 *)tlv_data; 982 if (*pieces->dbg_dest_ver == 1) { 983 dest = (const void *)tlv_data; 984 } else if (*pieces->dbg_dest_ver == 0) { 985 dest_v1 = (const void *)tlv_data; 986 } else { 987 IWL_ERR(drv, 988 "The version is %d, and it is invalid\n", 989 *pieces->dbg_dest_ver); 990 break; 991 } 992 993 if (pieces->dbg_dest_tlv_init) { 994 IWL_ERR(drv, 995 "dbg destination ignored, already exists\n"); 996 break; 997 } 998 999 pieces->dbg_dest_tlv_init = true; 1000 1001 if (dest_v1) { 1002 pieces->dbg_dest_tlv_v1 = dest_v1; 1003 mon_mode = dest_v1->monitor_mode; 1004 } else { 1005 pieces->dbg_dest_tlv = dest; 1006 mon_mode = dest->monitor_mode; 1007 } 1008 1009 IWL_INFO(drv, "Found debug destination: %s\n", 1010 get_fw_dbg_mode_string(mon_mode)); 1011 1012 drv->fw.dbg.n_dest_reg = (dest_v1) ? 1013 tlv_len - 1014 offsetof(struct iwl_fw_dbg_dest_tlv_v1, 1015 reg_ops) : 1016 tlv_len - 1017 offsetof(struct iwl_fw_dbg_dest_tlv, 1018 reg_ops); 1019 1020 drv->fw.dbg.n_dest_reg /= 1021 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]); 1022 1023 break; 1024 } 1025 case IWL_UCODE_TLV_FW_DBG_CONF: { 1026 const struct iwl_fw_dbg_conf_tlv *conf = 1027 (const void *)tlv_data; 1028 1029 if (!pieces->dbg_dest_tlv_init) { 1030 IWL_ERR(drv, 1031 "Ignore dbg config %d - no destination configured\n", 1032 conf->id); 1033 break; 1034 } 1035 1036 if (conf->id >= ARRAY_SIZE(drv->fw.dbg.conf_tlv)) { 1037 IWL_ERR(drv, 1038 "Skip unknown configuration: %d\n", 1039 conf->id); 1040 break; 1041 } 1042 1043 if (pieces->dbg_conf_tlv[conf->id]) { 1044 IWL_ERR(drv, 1045 "Ignore duplicate dbg config %d\n", 1046 conf->id); 1047 break; 1048 } 1049 1050 if (conf->usniffer) 1051 usniffer_req = true; 1052 1053 IWL_INFO(drv, "Found debug configuration: %d\n", 1054 conf->id); 1055 1056 pieces->dbg_conf_tlv[conf->id] = conf; 1057 pieces->dbg_conf_tlv_len[conf->id] = tlv_len; 1058 break; 1059 } 1060 case IWL_UCODE_TLV_FW_DBG_TRIGGER: { 1061 const struct iwl_fw_dbg_trigger_tlv *trigger = 1062 (const void *)tlv_data; 1063 u32 trigger_id = le32_to_cpu(trigger->id); 1064 1065 if (trigger_id >= ARRAY_SIZE(drv->fw.dbg.trigger_tlv)) { 1066 IWL_ERR(drv, 1067 "Skip unknown trigger: %u\n", 1068 trigger->id); 1069 break; 1070 } 1071 1072 if (pieces->dbg_trigger_tlv[trigger_id]) { 1073 IWL_ERR(drv, 1074 "Ignore duplicate dbg trigger %u\n", 1075 trigger->id); 1076 break; 1077 } 1078 1079 IWL_INFO(drv, "Found debug trigger: %u\n", trigger->id); 1080 1081 pieces->dbg_trigger_tlv[trigger_id] = trigger; 1082 pieces->dbg_trigger_tlv_len[trigger_id] = tlv_len; 1083 break; 1084 } 1085 case IWL_UCODE_TLV_FW_DBG_DUMP_LST: { 1086 if (tlv_len != sizeof(u32)) { 1087 IWL_ERR(drv, 1088 "dbg lst mask size incorrect, skip\n"); 1089 break; 1090 } 1091 1092 drv->fw.dbg.dump_mask = 1093 le32_to_cpup((const __le32 *)tlv_data); 1094 break; 1095 } 1096 case IWL_UCODE_TLV_SEC_RT_USNIFFER: 1097 *usniffer_images = true; 1098 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_REGULAR_USNIFFER], 1099 tlv_data, tlv_len); 1100 break; 1101 case IWL_UCODE_TLV_PAGING: 1102 if (tlv_len != sizeof(u32)) 1103 goto invalid_tlv_len; 1104 paging_mem_size = le32_to_cpup((const __le32 *)tlv_data); 1105 1106 IWL_DEBUG_FW(drv, 1107 "Paging: paging enabled (size = %u bytes)\n", 1108 paging_mem_size); 1109 1110 if (paging_mem_size > MAX_PAGING_IMAGE_SIZE) { 1111 IWL_ERR(drv, 1112 "Paging: driver supports up to %lu bytes for paging image\n", 1113 MAX_PAGING_IMAGE_SIZE); 1114 return -EINVAL; 1115 } 1116 1117 if (paging_mem_size & (FW_PAGING_SIZE - 1)) { 1118 IWL_ERR(drv, 1119 "Paging: image isn't multiple %lu\n", 1120 FW_PAGING_SIZE); 1121 return -EINVAL; 1122 } 1123 1124 drv->fw.img[IWL_UCODE_REGULAR].paging_mem_size = 1125 paging_mem_size; 1126 usniffer_img = IWL_UCODE_REGULAR_USNIFFER; 1127 drv->fw.img[usniffer_img].paging_mem_size = 1128 paging_mem_size; 1129 break; 1130 case IWL_UCODE_TLV_FW_GSCAN_CAPA: 1131 /* ignored */ 1132 break; 1133 case IWL_UCODE_TLV_FW_MEM_SEG: { 1134 const struct iwl_fw_dbg_mem_seg_tlv *dbg_mem = 1135 (const void *)tlv_data; 1136 size_t size; 1137 struct iwl_fw_dbg_mem_seg_tlv *n; 1138 1139 if (tlv_len != (sizeof(*dbg_mem))) 1140 goto invalid_tlv_len; 1141 1142 IWL_DEBUG_INFO(drv, "Found debug memory segment: %u\n", 1143 dbg_mem->data_type); 1144 1145 size = sizeof(*pieces->dbg_mem_tlv) * 1146 (pieces->n_mem_tlv + 1); 1147 n = krealloc(pieces->dbg_mem_tlv, size, GFP_KERNEL); 1148 if (!n) 1149 return -ENOMEM; 1150 pieces->dbg_mem_tlv = n; 1151 pieces->dbg_mem_tlv[pieces->n_mem_tlv] = *dbg_mem; 1152 pieces->n_mem_tlv++; 1153 break; 1154 } 1155 case IWL_UCODE_TLV_IML: { 1156 drv->fw.iml_len = tlv_len; 1157 drv->fw.iml = kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1158 if (!drv->fw.iml) 1159 return -ENOMEM; 1160 break; 1161 } 1162 case IWL_UCODE_TLV_FW_RECOVERY_INFO: { 1163 const struct { 1164 __le32 buf_addr; 1165 __le32 buf_size; 1166 } *recov_info = (const void *)tlv_data; 1167 1168 if (tlv_len != sizeof(*recov_info)) 1169 goto invalid_tlv_len; 1170 capa->error_log_addr = 1171 le32_to_cpu(recov_info->buf_addr); 1172 capa->error_log_size = 1173 le32_to_cpu(recov_info->buf_size); 1174 } 1175 break; 1176 case IWL_UCODE_TLV_FW_FSEQ_VERSION: { 1177 const struct { 1178 u8 version[32]; 1179 u8 sha1[20]; 1180 } *fseq_ver = (const void *)tlv_data; 1181 1182 if (tlv_len != sizeof(*fseq_ver)) 1183 goto invalid_tlv_len; 1184 IWL_INFO(drv, "TLV_FW_FSEQ_VERSION: %s\n", 1185 fseq_ver->version); 1186 } 1187 break; 1188 case IWL_UCODE_TLV_FW_NUM_STATIONS: 1189 if (tlv_len != sizeof(u32)) 1190 goto invalid_tlv_len; 1191 if (le32_to_cpup((const __le32 *)tlv_data) > 1192 IWL_STATION_COUNT_MAX) { 1193 IWL_ERR(drv, 1194 "%d is an invalid number of station\n", 1195 le32_to_cpup((const __le32 *)tlv_data)); 1196 goto tlv_error; 1197 } 1198 capa->num_stations = 1199 le32_to_cpup((const __le32 *)tlv_data); 1200 break; 1201 case IWL_UCODE_TLV_FW_NUM_LINKS: 1202 if (tlv_len != sizeof(u32)) 1203 goto invalid_tlv_len; 1204 if (le32_to_cpup((const __le32 *)tlv_data) > 1205 IWL_FW_MAX_LINK_ID + 1) { 1206 IWL_ERR(drv, 1207 "%d is an invalid number of links\n", 1208 le32_to_cpup((const __le32 *)tlv_data)); 1209 goto tlv_error; 1210 } 1211 capa->num_links = 1212 le32_to_cpup((const __le32 *)tlv_data); 1213 break; 1214 case IWL_UCODE_TLV_FW_NUM_BEACONS: 1215 if (tlv_len != sizeof(u32)) 1216 goto invalid_tlv_len; 1217 capa->num_beacons = 1218 le32_to_cpup((const __le32 *)tlv_data); 1219 break; 1220 case IWL_UCODE_TLV_UMAC_DEBUG_ADDRS: { 1221 const struct iwl_umac_debug_addrs *dbg_ptrs = 1222 (const void *)tlv_data; 1223 1224 if (tlv_len != sizeof(*dbg_ptrs)) 1225 goto invalid_tlv_len; 1226 if (drv->trans->trans_cfg->device_family < 1227 IWL_DEVICE_FAMILY_22000) 1228 break; 1229 drv->trans->dbg.umac_error_event_table = 1230 le32_to_cpu(dbg_ptrs->error_info_addr) & 1231 ~FW_ADDR_CACHE_CONTROL; 1232 drv->trans->dbg.error_event_table_tlv_status |= 1233 IWL_ERROR_EVENT_TABLE_UMAC; 1234 break; 1235 } 1236 case IWL_UCODE_TLV_LMAC_DEBUG_ADDRS: { 1237 const struct iwl_lmac_debug_addrs *dbg_ptrs = 1238 (const void *)tlv_data; 1239 1240 if (tlv_len != sizeof(*dbg_ptrs)) 1241 goto invalid_tlv_len; 1242 if (drv->trans->trans_cfg->device_family < 1243 IWL_DEVICE_FAMILY_22000) 1244 break; 1245 drv->trans->dbg.lmac_error_event_table[0] = 1246 le32_to_cpu(dbg_ptrs->error_event_table_ptr) & 1247 ~FW_ADDR_CACHE_CONTROL; 1248 drv->trans->dbg.error_event_table_tlv_status |= 1249 IWL_ERROR_EVENT_TABLE_LMAC1; 1250 break; 1251 } 1252 case IWL_UCODE_TLV_TYPE_REGIONS: 1253 iwl_parse_dbg_tlv_assert_tables(drv, tlv); 1254 fallthrough; 1255 case IWL_UCODE_TLV_TYPE_DEBUG_INFO: 1256 case IWL_UCODE_TLV_TYPE_BUFFER_ALLOCATION: 1257 case IWL_UCODE_TLV_TYPE_HCMD: 1258 case IWL_UCODE_TLV_TYPE_TRIGGERS: 1259 case IWL_UCODE_TLV_TYPE_CONF_SET: 1260 if (iwlwifi_mod_params.enable_ini) 1261 iwl_dbg_tlv_alloc(drv->trans, tlv, false); 1262 break; 1263 case IWL_UCODE_TLV_CMD_VERSIONS: 1264 if (tlv_len % sizeof(struct iwl_fw_cmd_version)) { 1265 IWL_ERR(drv, 1266 "Invalid length for command versions: %u\n", 1267 tlv_len); 1268 tlv_len /= sizeof(struct iwl_fw_cmd_version); 1269 tlv_len *= sizeof(struct iwl_fw_cmd_version); 1270 } 1271 if (WARN_ON(capa->cmd_versions)) 1272 return -EINVAL; 1273 capa->cmd_versions = kmemdup(tlv_data, tlv_len, 1274 GFP_KERNEL); 1275 if (!capa->cmd_versions) 1276 return -ENOMEM; 1277 capa->n_cmd_versions = 1278 tlv_len / sizeof(struct iwl_fw_cmd_version); 1279 break; 1280 case IWL_UCODE_TLV_PHY_INTEGRATION_VERSION: 1281 if (drv->fw.phy_integration_ver) { 1282 IWL_ERR(drv, 1283 "phy integration str ignored, already exists\n"); 1284 break; 1285 } 1286 1287 drv->fw.phy_integration_ver = 1288 kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1289 if (!drv->fw.phy_integration_ver) 1290 return -ENOMEM; 1291 drv->fw.phy_integration_ver_len = tlv_len; 1292 break; 1293 case IWL_UCODE_TLV_SEC_TABLE_ADDR: 1294 case IWL_UCODE_TLV_D3_KEK_KCK_ADDR: 1295 iwl_drv_set_dump_exclude(drv, tlv_type, 1296 tlv_data, tlv_len); 1297 break; 1298 case IWL_UCODE_TLV_CURRENT_PC: 1299 if (tlv_len < sizeof(struct iwl_pc_data)) 1300 goto invalid_tlv_len; 1301 drv->trans->dbg.pc_data = 1302 kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1303 if (!drv->trans->dbg.pc_data) 1304 return -ENOMEM; 1305 drv->trans->dbg.num_pc = 1306 tlv_len / sizeof(struct iwl_pc_data); 1307 break; 1308 default: 1309 IWL_DEBUG_INFO(drv, "unknown TLV: %d\n", tlv_type); 1310 break; 1311 } 1312 } 1313 1314 if (!fw_has_capa(capa, IWL_UCODE_TLV_CAPA_USNIFFER_UNIFIED) && 1315 usniffer_req && !*usniffer_images) { 1316 IWL_ERR(drv, 1317 "user selected to work with usniffer but usniffer image isn't available in ucode package\n"); 1318 return -EINVAL; 1319 } 1320 1321 if (len) { 1322 IWL_ERR(drv, "invalid TLV after parsing: %zd\n", len); 1323 iwl_print_hex_dump(drv, IWL_DL_FW, data, len); 1324 return -EINVAL; 1325 } 1326 1327 return 0; 1328 1329 invalid_tlv_len: 1330 IWL_ERR(drv, "TLV %d has invalid size: %u\n", tlv_type, tlv_len); 1331 tlv_error: 1332 iwl_print_hex_dump(drv, IWL_DL_FW, tlv_data, tlv_len); 1333 1334 return -EINVAL; 1335 } 1336 1337 static int iwl_alloc_ucode_mem(struct fw_img *out, struct fw_img_parsing *img) 1338 { 1339 struct fw_desc *sec; 1340 1341 sec = kcalloc(img->sec_counter, sizeof(*sec), GFP_KERNEL); 1342 if (!sec) 1343 return -ENOMEM; 1344 1345 out->sec = sec; 1346 out->num_sec = img->sec_counter; 1347 1348 for (int i = 0; i < out->num_sec; i++) 1349 if (iwl_alloc_fw_desc(&sec[i], &img->sec[i])) 1350 return -ENOMEM; 1351 1352 return 0; 1353 } 1354 1355 static int iwl_alloc_ucode(struct iwl_drv *drv, 1356 struct iwl_firmware_pieces *pieces, 1357 enum iwl_ucode_type type) 1358 { 1359 return iwl_alloc_ucode_mem(&drv->fw.img[type], &pieces->img[type]); 1360 } 1361 1362 static int validate_sec_sizes(struct iwl_drv *drv, 1363 struct iwl_firmware_pieces *pieces, 1364 const struct iwl_cfg *cfg) 1365 { 1366 IWL_DEBUG_INFO(drv, "f/w package hdr runtime inst size = %zd\n", 1367 get_sec_size(pieces, IWL_UCODE_REGULAR, 1368 IWL_UCODE_SECTION_INST)); 1369 IWL_DEBUG_INFO(drv, "f/w package hdr runtime data size = %zd\n", 1370 get_sec_size(pieces, IWL_UCODE_REGULAR, 1371 IWL_UCODE_SECTION_DATA)); 1372 IWL_DEBUG_INFO(drv, "f/w package hdr init inst size = %zd\n", 1373 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST)); 1374 IWL_DEBUG_INFO(drv, "f/w package hdr init data size = %zd\n", 1375 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA)); 1376 1377 /* Verify that uCode images will fit in card's SRAM. */ 1378 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) > 1379 cfg->max_inst_size) { 1380 IWL_ERR(drv, "uCode instr len %zd too large to fit in\n", 1381 get_sec_size(pieces, IWL_UCODE_REGULAR, 1382 IWL_UCODE_SECTION_INST)); 1383 return -1; 1384 } 1385 1386 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) > 1387 cfg->max_data_size) { 1388 IWL_ERR(drv, "uCode data len %zd too large to fit in\n", 1389 get_sec_size(pieces, IWL_UCODE_REGULAR, 1390 IWL_UCODE_SECTION_DATA)); 1391 return -1; 1392 } 1393 1394 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) > 1395 cfg->max_inst_size) { 1396 IWL_ERR(drv, "uCode init instr len %zd too large to fit in\n", 1397 get_sec_size(pieces, IWL_UCODE_INIT, 1398 IWL_UCODE_SECTION_INST)); 1399 return -1; 1400 } 1401 1402 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA) > 1403 cfg->max_data_size) { 1404 IWL_ERR(drv, "uCode init data len %zd too large to fit in\n", 1405 get_sec_size(pieces, IWL_UCODE_REGULAR, 1406 IWL_UCODE_SECTION_DATA)); 1407 return -1; 1408 } 1409 return 0; 1410 } 1411 1412 static struct iwl_op_mode * 1413 _iwl_op_mode_start(struct iwl_drv *drv, struct iwlwifi_opmode_table *op) 1414 { 1415 const struct iwl_op_mode_ops *ops = op->ops; 1416 struct dentry *dbgfs_dir = NULL; 1417 struct iwl_op_mode *op_mode = NULL; 1418 int retry, max_retry = !!iwlwifi_mod_params.fw_restart * IWL_MAX_INIT_RETRY; 1419 1420 /* also protects start/stop from racing against each other */ 1421 lockdep_assert_held(&iwlwifi_opmode_table_mtx); 1422 1423 for (retry = 0; retry <= max_retry; retry++) { 1424 1425 #ifdef CONFIG_IWLWIFI_DEBUGFS 1426 drv->dbgfs_op_mode = debugfs_create_dir(op->name, 1427 drv->dbgfs_drv); 1428 dbgfs_dir = drv->dbgfs_op_mode; 1429 #endif 1430 1431 op_mode = ops->start(drv->trans, drv->trans->cfg, 1432 &drv->fw, dbgfs_dir); 1433 1434 if (!IS_ERR(op_mode)) 1435 return op_mode; 1436 1437 if (test_bit(STATUS_TRANS_DEAD, &drv->trans->status)) 1438 break; 1439 1440 #ifdef CONFIG_IWLWIFI_DEBUGFS 1441 debugfs_remove_recursive(drv->dbgfs_op_mode); 1442 drv->dbgfs_op_mode = NULL; 1443 #endif 1444 1445 if (PTR_ERR(op_mode) != -ETIMEDOUT) 1446 break; 1447 1448 IWL_ERR(drv, "retry init count %d\n", retry); 1449 } 1450 1451 return NULL; 1452 } 1453 1454 static void _iwl_op_mode_stop(struct iwl_drv *drv) 1455 { 1456 /* also protects start/stop from racing against each other */ 1457 lockdep_assert_held(&iwlwifi_opmode_table_mtx); 1458 1459 /* op_mode can be NULL if its start failed */ 1460 if (drv->op_mode) { 1461 iwl_op_mode_stop(drv->op_mode); 1462 drv->op_mode = NULL; 1463 1464 #ifdef CONFIG_IWLWIFI_DEBUGFS 1465 debugfs_remove_recursive(drv->dbgfs_op_mode); 1466 drv->dbgfs_op_mode = NULL; 1467 #endif 1468 } 1469 } 1470 1471 /* 1472 * iwl_req_fw_callback - callback when firmware was loaded 1473 * 1474 * If loaded successfully, copies the firmware into buffers 1475 * for the card to fetch (via DMA). 1476 */ 1477 static void iwl_req_fw_callback(const struct firmware *ucode_raw, void *context) 1478 { 1479 struct iwl_drv *drv = context; 1480 struct iwl_fw *fw = &drv->fw; 1481 const struct iwl_ucode_header *ucode; 1482 struct iwlwifi_opmode_table *op; 1483 int err; 1484 struct iwl_firmware_pieces *pieces; 1485 const unsigned int api_max = drv->trans->cfg->ucode_api_max; 1486 const unsigned int api_min = drv->trans->cfg->ucode_api_min; 1487 size_t trigger_tlv_sz[FW_DBG_TRIGGER_MAX]; 1488 u32 api_ver; 1489 int i; 1490 bool usniffer_images = false; 1491 bool failure = true; 1492 1493 fw->ucode_capa.max_probe_length = IWL_DEFAULT_MAX_PROBE_LENGTH; 1494 fw->ucode_capa.standard_phy_calibration_size = 1495 IWL_DEFAULT_STANDARD_PHY_CALIBRATE_TBL_SIZE; 1496 fw->ucode_capa.n_scan_channels = IWL_DEFAULT_SCAN_CHANNELS; 1497 fw->ucode_capa.num_stations = IWL_STATION_COUNT_MAX; 1498 fw->ucode_capa.num_beacons = 1; 1499 /* dump all fw memory areas by default */ 1500 fw->dbg.dump_mask = 0xffffffff; 1501 1502 pieces = kzalloc(sizeof(*pieces), GFP_KERNEL); 1503 if (!pieces) 1504 goto out_free_fw; 1505 1506 if (!ucode_raw) 1507 goto try_again; 1508 1509 IWL_DEBUG_FW_INFO(drv, "Loaded firmware file '%s' (%zd bytes).\n", 1510 drv->firmware_name, ucode_raw->size); 1511 1512 /* Make sure that we got at least the API version number */ 1513 if (ucode_raw->size < 4) { 1514 IWL_ERR(drv, "File size way too small!\n"); 1515 goto try_again; 1516 } 1517 1518 /* Data from ucode file: header followed by uCode images */ 1519 ucode = (const struct iwl_ucode_header *)ucode_raw->data; 1520 1521 if (ucode->ver) 1522 err = iwl_parse_v1_v2_firmware(drv, ucode_raw, pieces); 1523 else 1524 err = iwl_parse_tlv_firmware(drv, ucode_raw, pieces, 1525 &fw->ucode_capa, &usniffer_images); 1526 1527 if (err) 1528 goto try_again; 1529 1530 if (fw_has_api(&drv->fw.ucode_capa, IWL_UCODE_TLV_API_NEW_VERSION)) 1531 api_ver = drv->fw.ucode_ver; 1532 else 1533 api_ver = IWL_UCODE_API(drv->fw.ucode_ver); 1534 1535 /* 1536 * api_ver should match the api version forming part of the 1537 * firmware filename ... but we don't check for that and only rely 1538 * on the API version read from firmware header from here on forward 1539 */ 1540 if (api_ver < api_min || api_ver > api_max) { 1541 IWL_ERR(drv, 1542 "Driver unable to support your firmware API. " 1543 "Driver supports v%u, firmware is v%u.\n", 1544 api_max, api_ver); 1545 goto try_again; 1546 } 1547 1548 /* 1549 * In mvm uCode there is no difference between data and instructions 1550 * sections. 1551 */ 1552 if (fw->type == IWL_FW_DVM && validate_sec_sizes(drv, pieces, 1553 drv->trans->cfg)) 1554 goto try_again; 1555 1556 /* Allocate ucode buffers for card's bus-master loading ... */ 1557 1558 /* Runtime instructions and 2 copies of data: 1559 * 1) unmodified from disk 1560 * 2) backup cache for save/restore during power-downs 1561 */ 1562 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++) 1563 if (iwl_alloc_ucode(drv, pieces, i)) 1564 goto out_free_fw; 1565 1566 if (pieces->dbg_dest_tlv_init) { 1567 size_t dbg_dest_size = sizeof(*drv->fw.dbg.dest_tlv) + 1568 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]) * 1569 drv->fw.dbg.n_dest_reg; 1570 1571 drv->fw.dbg.dest_tlv = kmalloc(dbg_dest_size, GFP_KERNEL); 1572 1573 if (!drv->fw.dbg.dest_tlv) 1574 goto out_free_fw; 1575 1576 if (*pieces->dbg_dest_ver == 0) { 1577 memcpy(drv->fw.dbg.dest_tlv, pieces->dbg_dest_tlv_v1, 1578 dbg_dest_size); 1579 } else { 1580 struct iwl_fw_dbg_dest_tlv_v1 *dest_tlv = 1581 drv->fw.dbg.dest_tlv; 1582 1583 dest_tlv->version = pieces->dbg_dest_tlv->version; 1584 dest_tlv->monitor_mode = 1585 pieces->dbg_dest_tlv->monitor_mode; 1586 dest_tlv->size_power = 1587 pieces->dbg_dest_tlv->size_power; 1588 dest_tlv->wrap_count = 1589 pieces->dbg_dest_tlv->wrap_count; 1590 dest_tlv->write_ptr_reg = 1591 pieces->dbg_dest_tlv->write_ptr_reg; 1592 dest_tlv->base_shift = 1593 pieces->dbg_dest_tlv->base_shift; 1594 memcpy(dest_tlv->reg_ops, 1595 pieces->dbg_dest_tlv->reg_ops, 1596 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]) * 1597 drv->fw.dbg.n_dest_reg); 1598 1599 /* In version 1 of the destination tlv, which is 1600 * relevant for internal buffer exclusively, 1601 * the base address is part of given with the length 1602 * of the buffer, and the size shift is give instead of 1603 * end shift. We now store these values in base_reg, 1604 * and end shift, and when dumping the data we'll 1605 * manipulate it for extracting both the length and 1606 * base address */ 1607 dest_tlv->base_reg = pieces->dbg_dest_tlv->cfg_reg; 1608 dest_tlv->end_shift = 1609 pieces->dbg_dest_tlv->size_shift; 1610 } 1611 } 1612 1613 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.conf_tlv); i++) { 1614 if (pieces->dbg_conf_tlv[i]) { 1615 drv->fw.dbg.conf_tlv[i] = 1616 kmemdup(pieces->dbg_conf_tlv[i], 1617 pieces->dbg_conf_tlv_len[i], 1618 GFP_KERNEL); 1619 if (!drv->fw.dbg.conf_tlv[i]) 1620 goto out_free_fw; 1621 } 1622 } 1623 1624 memset(&trigger_tlv_sz, 0xff, sizeof(trigger_tlv_sz)); 1625 1626 trigger_tlv_sz[FW_DBG_TRIGGER_MISSED_BEACONS] = 1627 sizeof(struct iwl_fw_dbg_trigger_missed_bcon); 1628 trigger_tlv_sz[FW_DBG_TRIGGER_CHANNEL_SWITCH] = 0; 1629 trigger_tlv_sz[FW_DBG_TRIGGER_FW_NOTIF] = 1630 sizeof(struct iwl_fw_dbg_trigger_cmd); 1631 trigger_tlv_sz[FW_DBG_TRIGGER_MLME] = 1632 sizeof(struct iwl_fw_dbg_trigger_mlme); 1633 trigger_tlv_sz[FW_DBG_TRIGGER_STATS] = 1634 sizeof(struct iwl_fw_dbg_trigger_stats); 1635 trigger_tlv_sz[FW_DBG_TRIGGER_RSSI] = 1636 sizeof(struct iwl_fw_dbg_trigger_low_rssi); 1637 trigger_tlv_sz[FW_DBG_TRIGGER_TXQ_TIMERS] = 1638 sizeof(struct iwl_fw_dbg_trigger_txq_timer); 1639 trigger_tlv_sz[FW_DBG_TRIGGER_TIME_EVENT] = 1640 sizeof(struct iwl_fw_dbg_trigger_time_event); 1641 trigger_tlv_sz[FW_DBG_TRIGGER_BA] = 1642 sizeof(struct iwl_fw_dbg_trigger_ba); 1643 trigger_tlv_sz[FW_DBG_TRIGGER_TDLS] = 1644 sizeof(struct iwl_fw_dbg_trigger_tdls); 1645 1646 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.trigger_tlv); i++) { 1647 if (pieces->dbg_trigger_tlv[i]) { 1648 /* 1649 * If the trigger isn't long enough, WARN and exit. 1650 * Someone is trying to debug something and he won't 1651 * be able to catch the bug he is trying to chase. 1652 * We'd better be noisy to be sure he knows what's 1653 * going on. 1654 */ 1655 if (WARN_ON(pieces->dbg_trigger_tlv_len[i] < 1656 (trigger_tlv_sz[i] + 1657 sizeof(struct iwl_fw_dbg_trigger_tlv)))) 1658 goto out_free_fw; 1659 drv->fw.dbg.trigger_tlv_len[i] = 1660 pieces->dbg_trigger_tlv_len[i]; 1661 drv->fw.dbg.trigger_tlv[i] = 1662 kmemdup(pieces->dbg_trigger_tlv[i], 1663 drv->fw.dbg.trigger_tlv_len[i], 1664 GFP_KERNEL); 1665 if (!drv->fw.dbg.trigger_tlv[i]) 1666 goto out_free_fw; 1667 } 1668 } 1669 1670 /* Now that we can no longer fail, copy information */ 1671 1672 drv->fw.dbg.mem_tlv = pieces->dbg_mem_tlv; 1673 pieces->dbg_mem_tlv = NULL; 1674 drv->fw.dbg.n_mem_tlv = pieces->n_mem_tlv; 1675 1676 /* 1677 * The (size - 16) / 12 formula is based on the information recorded 1678 * for each event, which is of mode 1 (including timestamp) for all 1679 * new microcodes that include this information. 1680 */ 1681 fw->init_evtlog_ptr = pieces->init_evtlog_ptr; 1682 if (pieces->init_evtlog_size) 1683 fw->init_evtlog_size = (pieces->init_evtlog_size - 16)/12; 1684 else 1685 fw->init_evtlog_size = 1686 drv->trans->trans_cfg->base_params->max_event_log_size; 1687 fw->init_errlog_ptr = pieces->init_errlog_ptr; 1688 fw->inst_evtlog_ptr = pieces->inst_evtlog_ptr; 1689 if (pieces->inst_evtlog_size) 1690 fw->inst_evtlog_size = (pieces->inst_evtlog_size - 16)/12; 1691 else 1692 fw->inst_evtlog_size = 1693 drv->trans->trans_cfg->base_params->max_event_log_size; 1694 fw->inst_errlog_ptr = pieces->inst_errlog_ptr; 1695 1696 /* 1697 * figure out the offset of chain noise reset and gain commands 1698 * base on the size of standard phy calibration commands table size 1699 */ 1700 if (fw->ucode_capa.standard_phy_calibration_size > 1701 IWL_MAX_PHY_CALIBRATE_TBL_SIZE) 1702 fw->ucode_capa.standard_phy_calibration_size = 1703 IWL_MAX_STANDARD_PHY_CALIBRATE_TBL_SIZE; 1704 1705 /* We have our copies now, allow OS release its copies */ 1706 release_firmware(ucode_raw); 1707 1708 iwl_dbg_tlv_load_bin(drv->trans->dev, drv->trans); 1709 1710 mutex_lock(&iwlwifi_opmode_table_mtx); 1711 switch (fw->type) { 1712 case IWL_FW_DVM: 1713 op = &iwlwifi_opmode_table[DVM_OP_MODE]; 1714 break; 1715 default: 1716 WARN(1, "Invalid fw type %d\n", fw->type); 1717 fallthrough; 1718 case IWL_FW_MVM: 1719 op = &iwlwifi_opmode_table[MVM_OP_MODE]; 1720 break; 1721 } 1722 1723 IWL_INFO(drv, "loaded firmware version %s op_mode %s\n", 1724 drv->fw.fw_version, op->name); 1725 1726 /* add this device to the list of devices using this op_mode */ 1727 list_add_tail(&drv->list, &op->drv); 1728 1729 if (op->ops) { 1730 drv->op_mode = _iwl_op_mode_start(drv, op); 1731 1732 if (!drv->op_mode) { 1733 mutex_unlock(&iwlwifi_opmode_table_mtx); 1734 goto out_unbind; 1735 } 1736 } else { 1737 request_module_nowait("%s", op->name); 1738 } 1739 mutex_unlock(&iwlwifi_opmode_table_mtx); 1740 1741 complete(&drv->request_firmware_complete); 1742 1743 failure = false; 1744 goto free; 1745 1746 try_again: 1747 /* try next, if any */ 1748 release_firmware(ucode_raw); 1749 if (iwl_request_firmware(drv, false)) 1750 goto out_unbind; 1751 goto free; 1752 1753 out_free_fw: 1754 release_firmware(ucode_raw); 1755 out_unbind: 1756 complete(&drv->request_firmware_complete); 1757 device_release_driver(drv->trans->dev); 1758 /* drv has just been freed by the release */ 1759 failure = false; 1760 free: 1761 if (failure) 1762 iwl_dealloc_ucode(drv); 1763 1764 if (pieces) { 1765 for (i = 0; i < ARRAY_SIZE(pieces->img); i++) 1766 kfree(pieces->img[i].sec); 1767 kfree(pieces->dbg_mem_tlv); 1768 kfree(pieces); 1769 } 1770 } 1771 1772 struct iwl_drv *iwl_drv_start(struct iwl_trans *trans) 1773 { 1774 struct iwl_drv *drv; 1775 int ret; 1776 1777 drv = kzalloc(sizeof(*drv), GFP_KERNEL); 1778 if (!drv) { 1779 ret = -ENOMEM; 1780 goto err; 1781 } 1782 1783 drv->trans = trans; 1784 drv->dev = trans->dev; 1785 1786 init_completion(&drv->request_firmware_complete); 1787 INIT_LIST_HEAD(&drv->list); 1788 1789 #ifdef CONFIG_IWLWIFI_DEBUGFS 1790 /* Create the device debugfs entries. */ 1791 drv->dbgfs_drv = debugfs_create_dir(dev_name(trans->dev), 1792 iwl_dbgfs_root); 1793 1794 /* Create transport layer debugfs dir */ 1795 drv->trans->dbgfs_dir = debugfs_create_dir("trans", drv->dbgfs_drv); 1796 #endif 1797 1798 drv->trans->dbg.domains_bitmap = IWL_TRANS_FW_DBG_DOMAIN(drv->trans); 1799 if (iwlwifi_mod_params.enable_ini != ENABLE_INI) { 1800 /* We have a non-default value in the module parameter, 1801 * take its value 1802 */ 1803 drv->trans->dbg.domains_bitmap &= 0xffff; 1804 if (iwlwifi_mod_params.enable_ini != IWL_FW_INI_PRESET_DISABLE) { 1805 if (iwlwifi_mod_params.enable_ini > ENABLE_INI) { 1806 IWL_ERR(trans, 1807 "invalid enable_ini module parameter value: max = %d, using 0 instead\n", 1808 ENABLE_INI); 1809 iwlwifi_mod_params.enable_ini = 0; 1810 } 1811 drv->trans->dbg.domains_bitmap = 1812 BIT(IWL_FW_DBG_DOMAIN_POS + iwlwifi_mod_params.enable_ini); 1813 } 1814 } 1815 1816 ret = iwl_request_firmware(drv, true); 1817 if (ret) { 1818 IWL_ERR(trans, "Couldn't request the fw\n"); 1819 goto err_fw; 1820 } 1821 1822 return drv; 1823 1824 err_fw: 1825 #ifdef CONFIG_IWLWIFI_DEBUGFS 1826 debugfs_remove_recursive(drv->dbgfs_drv); 1827 #endif 1828 iwl_dbg_tlv_free(drv->trans); 1829 kfree(drv); 1830 err: 1831 return ERR_PTR(ret); 1832 } 1833 1834 void iwl_drv_stop(struct iwl_drv *drv) 1835 { 1836 wait_for_completion(&drv->request_firmware_complete); 1837 1838 mutex_lock(&iwlwifi_opmode_table_mtx); 1839 1840 _iwl_op_mode_stop(drv); 1841 1842 iwl_dealloc_ucode(drv); 1843 1844 /* 1845 * List is empty (this item wasn't added) 1846 * when firmware loading failed -- in that 1847 * case we can't remove it from any list. 1848 */ 1849 if (!list_empty(&drv->list)) 1850 list_del(&drv->list); 1851 mutex_unlock(&iwlwifi_opmode_table_mtx); 1852 1853 #ifdef CONFIG_IWLWIFI_DEBUGFS 1854 iwl_trans_debugfs_cleanup(drv->trans); 1855 1856 debugfs_remove_recursive(drv->dbgfs_drv); 1857 #endif 1858 1859 iwl_dbg_tlv_free(drv->trans); 1860 1861 kfree(drv); 1862 } 1863 1864 /* shared module parameters */ 1865 struct iwl_mod_params iwlwifi_mod_params = { 1866 .fw_restart = true, 1867 .bt_coex_active = true, 1868 .power_level = IWL_POWER_INDEX_1, 1869 .uapsd_disable = IWL_DISABLE_UAPSD_BSS | IWL_DISABLE_UAPSD_P2P_CLIENT, 1870 .enable_ini = ENABLE_INI, 1871 /* the rest are 0 by default */ 1872 }; 1873 IWL_EXPORT_SYMBOL(iwlwifi_mod_params); 1874 1875 int iwl_opmode_register(const char *name, const struct iwl_op_mode_ops *ops) 1876 { 1877 int i; 1878 struct iwl_drv *drv; 1879 struct iwlwifi_opmode_table *op; 1880 1881 mutex_lock(&iwlwifi_opmode_table_mtx); 1882 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) { 1883 op = &iwlwifi_opmode_table[i]; 1884 if (strcmp(op->name, name)) 1885 continue; 1886 op->ops = ops; 1887 /* TODO: need to handle exceptional case */ 1888 list_for_each_entry(drv, &op->drv, list) 1889 drv->op_mode = _iwl_op_mode_start(drv, op); 1890 1891 mutex_unlock(&iwlwifi_opmode_table_mtx); 1892 return 0; 1893 } 1894 mutex_unlock(&iwlwifi_opmode_table_mtx); 1895 return -EIO; 1896 } 1897 IWL_EXPORT_SYMBOL(iwl_opmode_register); 1898 1899 void iwl_opmode_deregister(const char *name) 1900 { 1901 int i; 1902 struct iwl_drv *drv; 1903 1904 mutex_lock(&iwlwifi_opmode_table_mtx); 1905 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) { 1906 if (strcmp(iwlwifi_opmode_table[i].name, name)) 1907 continue; 1908 iwlwifi_opmode_table[i].ops = NULL; 1909 1910 /* call the stop routine for all devices */ 1911 list_for_each_entry(drv, &iwlwifi_opmode_table[i].drv, list) 1912 _iwl_op_mode_stop(drv); 1913 1914 mutex_unlock(&iwlwifi_opmode_table_mtx); 1915 return; 1916 } 1917 mutex_unlock(&iwlwifi_opmode_table_mtx); 1918 } 1919 IWL_EXPORT_SYMBOL(iwl_opmode_deregister); 1920 1921 static int __init iwl_drv_init(void) 1922 { 1923 int i, err; 1924 1925 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) 1926 INIT_LIST_HEAD(&iwlwifi_opmode_table[i].drv); 1927 1928 pr_info(DRV_DESCRIPTION "\n"); 1929 1930 #ifdef CONFIG_IWLWIFI_DEBUGFS 1931 /* Create the root of iwlwifi debugfs subsystem. */ 1932 iwl_dbgfs_root = debugfs_create_dir(DRV_NAME, NULL); 1933 #endif 1934 1935 err = iwl_pci_register_driver(); 1936 if (err) 1937 goto cleanup_debugfs; 1938 1939 return 0; 1940 1941 cleanup_debugfs: 1942 #ifdef CONFIG_IWLWIFI_DEBUGFS 1943 debugfs_remove_recursive(iwl_dbgfs_root); 1944 #endif 1945 return err; 1946 } 1947 module_init(iwl_drv_init); 1948 1949 static void __exit iwl_drv_exit(void) 1950 { 1951 iwl_pci_unregister_driver(); 1952 iwl_trans_free_restart_list(); 1953 1954 #ifdef CONFIG_IWLWIFI_DEBUGFS 1955 debugfs_remove_recursive(iwl_dbgfs_root); 1956 #endif 1957 } 1958 module_exit(iwl_drv_exit); 1959 1960 #ifdef CONFIG_IWLWIFI_DEBUG 1961 module_param_named(debug, iwlwifi_mod_params.debug_level, uint, 0644); 1962 MODULE_PARM_DESC(debug, "debug output mask"); 1963 #endif 1964 1965 module_param_named(swcrypto, iwlwifi_mod_params.swcrypto, int, 0444); 1966 MODULE_PARM_DESC(swcrypto, "using crypto in software (default 0 [hardware])"); 1967 module_param_named(11n_disable, iwlwifi_mod_params.disable_11n, uint, 0444); 1968 MODULE_PARM_DESC(11n_disable, 1969 "disable 11n functionality, bitmap: 1: full, 2: disable agg TX, 4: disable agg RX, 8 enable agg TX"); 1970 module_param_named(amsdu_size, iwlwifi_mod_params.amsdu_size, int, 0444); 1971 MODULE_PARM_DESC(amsdu_size, 1972 "amsdu size 0: 12K for multi Rx queue devices, 2K for AX210 devices, " 1973 "4K for other devices 1:4K 2:8K 3:12K (16K buffers) 4: 2K (default 0)"); 1974 module_param_named(fw_restart, iwlwifi_mod_params.fw_restart, bool, 0444); 1975 MODULE_PARM_DESC(fw_restart, "restart firmware in case of error (default true)"); 1976 1977 module_param_named(nvm_file, iwlwifi_mod_params.nvm_file, charp, 0444); 1978 MODULE_PARM_DESC(nvm_file, "NVM file name"); 1979 1980 module_param_named(uapsd_disable, iwlwifi_mod_params.uapsd_disable, uint, 0644); 1981 MODULE_PARM_DESC(uapsd_disable, 1982 "disable U-APSD functionality bitmap 1: BSS 2: P2P Client (default: 3)"); 1983 1984 module_param_named(enable_ini, iwlwifi_mod_params.enable_ini, uint, 0444); 1985 MODULE_PARM_DESC(enable_ini, 1986 "0:disable, 1-15:FW_DBG_PRESET Values, 16:enabled without preset value defined," 1987 "Debug INI TLV FW debug infrastructure (default: 16)"); 1988 1989 /* 1990 * set bt_coex_active to true, uCode will do kill/defer 1991 * every time the priority line is asserted (BT is sending signals on the 1992 * priority line in the PCIx). 1993 * set bt_coex_active to false, uCode will ignore the BT activity and 1994 * perform the normal operation 1995 * 1996 * User might experience transmit issue on some platform due to WiFi/BT 1997 * co-exist problem. The possible behaviors are: 1998 * Able to scan and finding all the available AP 1999 * Not able to associate with any AP 2000 * On those platforms, WiFi communication can be restored by set 2001 * "bt_coex_active" module parameter to "false" 2002 * 2003 * default: bt_coex_active = true (BT_COEX_ENABLE) 2004 */ 2005 module_param_named(bt_coex_active, iwlwifi_mod_params.bt_coex_active, 2006 bool, 0444); 2007 MODULE_PARM_DESC(bt_coex_active, "enable wifi/bt co-exist (default: enable)"); 2008 2009 module_param_named(led_mode, iwlwifi_mod_params.led_mode, int, 0444); 2010 MODULE_PARM_DESC(led_mode, "0=system default, " 2011 "1=On(RF On)/Off(RF Off), 2=blinking, 3=Off (default: 0)"); 2012 2013 module_param_named(power_save, iwlwifi_mod_params.power_save, bool, 0444); 2014 MODULE_PARM_DESC(power_save, 2015 "enable WiFi power management (default: disable)"); 2016 2017 module_param_named(power_level, iwlwifi_mod_params.power_level, int, 0444); 2018 MODULE_PARM_DESC(power_level, 2019 "default power save level (range from 1 - 5, default: 1)"); 2020 2021 module_param_named(disable_11ac, iwlwifi_mod_params.disable_11ac, bool, 0444); 2022 MODULE_PARM_DESC(disable_11ac, "Disable VHT capabilities (default: false)"); 2023 2024 module_param_named(remove_when_gone, 2025 iwlwifi_mod_params.remove_when_gone, bool, 2026 0444); 2027 MODULE_PARM_DESC(remove_when_gone, 2028 "Remove dev from PCIe bus if it is deemed inaccessible (default: false)"); 2029 2030 module_param_named(disable_11ax, iwlwifi_mod_params.disable_11ax, bool, 2031 S_IRUGO); 2032 MODULE_PARM_DESC(disable_11ax, "Disable HE capabilities (default: false)"); 2033 2034 module_param_named(disable_11be, iwlwifi_mod_params.disable_11be, bool, 0444); 2035 MODULE_PARM_DESC(disable_11be, "Disable EHT capabilities (default: false)"); 2036