1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2005-2014, 2018-2025 Intel Corporation 4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH 5 * Copyright (C) 2016-2017 Intel Deutschland GmbH 6 */ 7 #include <linux/completion.h> 8 #include <linux/dma-mapping.h> 9 #include <linux/firmware.h> 10 #include <linux/module.h> 11 #include <linux/vmalloc.h> 12 13 #include "iwl-drv.h" 14 #include "iwl-csr.h" 15 #include "iwl-debug.h" 16 #include "iwl-trans.h" 17 #include "iwl-op-mode.h" 18 #include "iwl-agn-hw.h" 19 #include "fw/img.h" 20 #include "iwl-dbg-tlv.h" 21 #include "iwl-config.h" 22 #include "iwl-modparams.h" 23 #include "fw/api/alive.h" 24 #include "fw/api/mac.h" 25 #include "fw/api/mac-cfg.h" 26 27 /****************************************************************************** 28 * 29 * module boiler plate 30 * 31 ******************************************************************************/ 32 33 #define DRV_DESCRIPTION "Intel(R) Wireless WiFi driver for Linux" 34 MODULE_DESCRIPTION(DRV_DESCRIPTION); 35 MODULE_LICENSE("GPL"); 36 37 #ifdef CONFIG_IWLWIFI_DEBUGFS 38 static struct dentry *iwl_dbgfs_root; 39 #endif 40 41 /** 42 * struct iwl_drv - drv common data 43 * @list: list of drv structures using this opmode 44 * @fw: the iwl_fw structure 45 * @op_mode: the running op_mode 46 * @trans: transport layer 47 * @dev: for debug prints only 48 * @fw_index: firmware revision to try loading 49 * @firmware_name: composite filename of ucode file to load 50 * @request_firmware_complete: the firmware has been obtained from user space 51 * @dbgfs_drv: debugfs root directory entry 52 * @dbgfs_trans: debugfs transport directory entry 53 * @dbgfs_op_mode: debugfs op_mode directory entry 54 */ 55 struct iwl_drv { 56 struct list_head list; 57 struct iwl_fw fw; 58 59 struct iwl_op_mode *op_mode; 60 struct iwl_trans *trans; 61 struct device *dev; 62 63 int fw_index; /* firmware we're trying to load */ 64 char firmware_name[64]; /* name of firmware file to load */ 65 66 struct completion request_firmware_complete; 67 68 #ifdef CONFIG_IWLWIFI_DEBUGFS 69 struct dentry *dbgfs_drv; 70 struct dentry *dbgfs_trans; 71 struct dentry *dbgfs_op_mode; 72 #endif 73 }; 74 75 enum { 76 DVM_OP_MODE, 77 MVM_OP_MODE, 78 #if IS_ENABLED(CONFIG_IWLMLD) 79 MLD_OP_MODE, 80 #endif 81 }; 82 83 /* Protects the table contents, i.e. the ops pointer & drv list */ 84 static DEFINE_MUTEX(iwlwifi_opmode_table_mtx); 85 static struct iwlwifi_opmode_table { 86 const char *name; /* name: iwldvm, iwlmvm, etc */ 87 const struct iwl_op_mode_ops *ops; /* pointer to op_mode ops */ 88 struct list_head drv; /* list of devices using this op_mode */ 89 } iwlwifi_opmode_table[] = { /* ops set when driver is initialized */ 90 [DVM_OP_MODE] = { .name = "iwldvm", .ops = NULL }, 91 [MVM_OP_MODE] = { .name = "iwlmvm", .ops = NULL }, 92 #if IS_ENABLED(CONFIG_IWLMLD) 93 [MLD_OP_MODE] = { .name = "iwlmld", .ops = NULL }, 94 #endif 95 }; 96 97 #define IWL_DEFAULT_SCAN_CHANNELS 40 98 99 /* 100 * struct fw_sec: Just for the image parsing process. 101 * For the fw storage we are using struct fw_desc. 102 */ 103 struct fw_sec { 104 const void *data; /* the sec data */ 105 size_t size; /* section size */ 106 u32 offset; /* offset of writing in the device */ 107 }; 108 109 static void iwl_free_fw_desc(struct iwl_drv *drv, struct fw_desc *desc) 110 { 111 vfree(desc->data); 112 desc->data = NULL; 113 desc->len = 0; 114 } 115 116 static void iwl_free_fw_img(struct iwl_drv *drv, struct fw_img *img) 117 { 118 int i; 119 for (i = 0; i < img->num_sec; i++) 120 iwl_free_fw_desc(drv, &img->sec[i]); 121 kfree(img->sec); 122 } 123 124 static void iwl_dealloc_ucode(struct iwl_drv *drv) 125 { 126 int i; 127 128 kfree(drv->fw.dbg.dest_tlv); 129 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.conf_tlv); i++) 130 kfree(drv->fw.dbg.conf_tlv[i]); 131 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.trigger_tlv); i++) 132 kfree(drv->fw.dbg.trigger_tlv[i]); 133 kfree(drv->fw.dbg.mem_tlv); 134 kfree(drv->fw.iml); 135 kfree(drv->fw.ucode_capa.cmd_versions); 136 kfree(drv->fw.phy_integration_ver); 137 kfree(drv->trans->dbg.pc_data); 138 drv->trans->dbg.pc_data = NULL; 139 kvfree(drv->fw.pnvm_data); 140 drv->fw.pnvm_data = NULL; 141 drv->fw.pnvm_size = 0; 142 143 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++) 144 iwl_free_fw_img(drv, drv->fw.img + i); 145 146 /* clear the data for the aborted load case */ 147 memset(&drv->fw, 0, sizeof(drv->fw)); 148 } 149 150 static int iwl_alloc_fw_desc(struct fw_desc *desc, struct fw_sec *sec) 151 { 152 void *data; 153 154 desc->data = NULL; 155 156 if (!sec || !sec->size) 157 return -EINVAL; 158 159 data = vmalloc(sec->size); 160 if (!data) 161 return -ENOMEM; 162 163 desc->len = sec->size; 164 desc->offset = sec->offset; 165 memcpy(data, sec->data, desc->len); 166 desc->data = data; 167 168 return 0; 169 } 170 171 static inline char iwl_drv_get_step(int step) 172 { 173 if (step == SILICON_Z_STEP) 174 return 'z'; 175 if (step == SILICON_TC_STEP) 176 return 'a'; 177 return 'a' + step; 178 } 179 180 static bool iwl_drv_is_wifi7_supported(struct iwl_trans *trans) 181 { 182 return CSR_HW_RFID_TYPE(trans->info.hw_rf_id) >= IWL_CFG_RF_TYPE_FM; 183 } 184 185 const char *iwl_drv_get_fwname_pre(struct iwl_trans *trans, char *buf) 186 { 187 char mac_step, rf_step; 188 const char *mac, *rf, *cdb; 189 190 if (trans->cfg->fw_name_pre) 191 return trans->cfg->fw_name_pre; 192 193 mac_step = iwl_drv_get_step(trans->info.hw_rev_step); 194 195 switch (CSR_HW_REV_TYPE(trans->info.hw_rev)) { 196 case IWL_CFG_MAC_TYPE_PU: 197 mac = "9000-pu"; 198 mac_step = 'b'; 199 break; 200 case IWL_CFG_MAC_TYPE_TH: 201 mac = "9260-th"; 202 mac_step = 'b'; 203 break; 204 case IWL_CFG_MAC_TYPE_QU: 205 mac = "Qu"; 206 break; 207 case IWL_CFG_MAC_TYPE_CC: 208 /* special case - no RF since it's fixed (discrete) */ 209 scnprintf(buf, FW_NAME_PRE_BUFSIZE, "iwlwifi-cc-a0"); 210 return buf; 211 case IWL_CFG_MAC_TYPE_QUZ: 212 mac = "QuZ"; 213 /* all QuZ use A0 firmware */ 214 mac_step = 'a'; 215 break; 216 case IWL_CFG_MAC_TYPE_SO: 217 case IWL_CFG_MAC_TYPE_SOF: 218 mac = "so"; 219 mac_step = 'a'; 220 break; 221 case IWL_CFG_MAC_TYPE_TY: 222 mac = "ty"; 223 mac_step = 'a'; 224 break; 225 case IWL_CFG_MAC_TYPE_MA: 226 mac = "ma"; 227 break; 228 case IWL_CFG_MAC_TYPE_BZ: 229 case IWL_CFG_MAC_TYPE_BZ_W: 230 mac = "bz"; 231 break; 232 case IWL_CFG_MAC_TYPE_GL: 233 mac = "gl"; 234 break; 235 case IWL_CFG_MAC_TYPE_SC: 236 mac = "sc"; 237 break; 238 case IWL_CFG_MAC_TYPE_SC2: 239 /* Uses the same firmware as SC2 */ 240 case IWL_CFG_MAC_TYPE_SC2F: 241 mac = "sc2"; 242 break; 243 case IWL_CFG_MAC_TYPE_BR: 244 mac = "br"; 245 break; 246 case IWL_CFG_MAC_TYPE_DR: 247 mac = "dr"; 248 break; 249 default: 250 return "unknown-mac"; 251 } 252 253 rf_step = iwl_drv_get_step(CSR_HW_RFID_STEP(trans->info.hw_rf_id)); 254 255 switch (CSR_HW_RFID_TYPE(trans->info.hw_rf_id)) { 256 case IWL_CFG_RF_TYPE_JF1: 257 case IWL_CFG_RF_TYPE_JF2: 258 rf = "jf"; 259 rf_step = 'b'; 260 break; 261 case IWL_CFG_RF_TYPE_HR1: 262 case IWL_CFG_RF_TYPE_HR2: 263 rf = "hr"; 264 rf_step = 'b'; 265 break; 266 case IWL_CFG_RF_TYPE_GF: 267 rf = "gf"; 268 rf_step = 'a'; 269 break; 270 case IWL_CFG_RF_TYPE_FM: 271 rf = "fm"; 272 break; 273 case IWL_CFG_RF_TYPE_WH: 274 rf = "wh"; 275 break; 276 case IWL_CFG_RF_TYPE_PE: 277 rf = "pe"; 278 break; 279 default: 280 return "unknown-rf"; 281 } 282 283 cdb = CSR_HW_RFID_IS_CDB(trans->info.hw_rf_id) ? "4" : ""; 284 285 scnprintf(buf, FW_NAME_PRE_BUFSIZE, 286 "iwlwifi-%s-%c0-%s%s-%c0", 287 mac, mac_step, rf, cdb, rf_step); 288 289 return buf; 290 } 291 IWL_EXPORT_SYMBOL(iwl_drv_get_fwname_pre); 292 293 static void iwl_req_fw_callback(const struct firmware *ucode_raw, 294 void *context); 295 296 static void iwl_get_ucode_api_versions(struct iwl_trans *trans, 297 unsigned int *api_min, 298 unsigned int *api_max) 299 { 300 const struct iwl_family_base_params *base = trans->mac_cfg->base; 301 const struct iwl_rf_cfg *cfg = trans->cfg; 302 303 /* if the MAC doesn't have range or if its range it higher than the RF's */ 304 if (!base->ucode_api_max || 305 (cfg->ucode_api_max && base->ucode_api_min > cfg->ucode_api_max)) { 306 *api_min = cfg->ucode_api_min; 307 *api_max = cfg->ucode_api_max; 308 return; 309 } 310 311 /* if the RF doesn't have range or if its range it higher than the MAC's */ 312 if (!cfg->ucode_api_max || 313 (base->ucode_api_max && cfg->ucode_api_min > base->ucode_api_max)) { 314 *api_min = base->ucode_api_min; 315 *api_max = base->ucode_api_max; 316 return; 317 } 318 319 *api_min = max(cfg->ucode_api_min, base->ucode_api_min); 320 *api_max = min(cfg->ucode_api_max, base->ucode_api_max); 321 } 322 323 static int iwl_request_firmware(struct iwl_drv *drv, bool first) 324 { 325 char _fw_name_pre[FW_NAME_PRE_BUFSIZE]; 326 unsigned int ucode_api_max, ucode_api_min; 327 const char *fw_name_pre; 328 329 iwl_get_ucode_api_versions(drv->trans, &ucode_api_min, &ucode_api_max); 330 331 if (drv->trans->mac_cfg->device_family == IWL_DEVICE_FAMILY_9000 && 332 (drv->trans->info.hw_rev_step != SILICON_B_STEP && 333 drv->trans->info.hw_rev_step != SILICON_C_STEP)) { 334 IWL_ERR(drv, 335 "Only HW steps B and C are currently supported (0x%0x)\n", 336 drv->trans->info.hw_rev); 337 return -EINVAL; 338 } 339 340 fw_name_pre = iwl_drv_get_fwname_pre(drv->trans, _fw_name_pre); 341 342 if (first) 343 drv->fw_index = ucode_api_max; 344 else 345 drv->fw_index--; 346 347 if (drv->fw_index < ucode_api_min) { 348 IWL_ERR(drv, "no suitable firmware found!\n"); 349 350 if (ucode_api_min == ucode_api_max) { 351 IWL_ERR(drv, "%s-%d is required\n", fw_name_pre, 352 ucode_api_max); 353 } else { 354 IWL_ERR(drv, "minimum version required: %s-%d\n", 355 fw_name_pre, ucode_api_min); 356 IWL_ERR(drv, "maximum version supported: %s-%d\n", 357 fw_name_pre, ucode_api_max); 358 } 359 360 IWL_ERR(drv, 361 "check git://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git\n"); 362 return -ENOENT; 363 } 364 365 snprintf(drv->firmware_name, sizeof(drv->firmware_name), "%s-%d.ucode", 366 fw_name_pre, drv->fw_index); 367 368 IWL_DEBUG_FW_INFO(drv, "attempting to load firmware '%s'\n", 369 drv->firmware_name); 370 371 return request_firmware_nowait(THIS_MODULE, 1, drv->firmware_name, 372 drv->trans->dev, 373 GFP_KERNEL, drv, iwl_req_fw_callback); 374 } 375 376 struct fw_img_parsing { 377 struct fw_sec *sec; 378 int sec_counter; 379 }; 380 381 /* 382 * struct fw_sec_parsing: to extract fw section and it's offset from tlv 383 */ 384 struct fw_sec_parsing { 385 __le32 offset; 386 const u8 data[]; 387 } __packed; 388 389 /** 390 * struct iwl_tlv_calib_data - parse the default calib data from TLV 391 * 392 * @ucode_type: the uCode to which the following default calib relates. 393 * @calib: default calibrations. 394 */ 395 struct iwl_tlv_calib_data { 396 __le32 ucode_type; 397 struct iwl_tlv_calib_ctrl calib; 398 } __packed; 399 400 struct iwl_firmware_pieces { 401 struct fw_img_parsing img[IWL_UCODE_TYPE_MAX]; 402 403 u32 init_evtlog_ptr, init_evtlog_size, init_errlog_ptr; 404 u32 inst_evtlog_ptr, inst_evtlog_size, inst_errlog_ptr; 405 406 /* FW debug data parsed for driver usage */ 407 bool dbg_dest_tlv_init; 408 const u8 *dbg_dest_ver; 409 union { 410 const struct iwl_fw_dbg_dest_tlv *dbg_dest_tlv; 411 const struct iwl_fw_dbg_dest_tlv_v1 *dbg_dest_tlv_v1; 412 }; 413 const struct iwl_fw_dbg_conf_tlv *dbg_conf_tlv[FW_DBG_CONF_MAX]; 414 size_t dbg_conf_tlv_len[FW_DBG_CONF_MAX]; 415 const struct iwl_fw_dbg_trigger_tlv *dbg_trigger_tlv[FW_DBG_TRIGGER_MAX]; 416 size_t dbg_trigger_tlv_len[FW_DBG_TRIGGER_MAX]; 417 struct iwl_fw_dbg_mem_seg_tlv *dbg_mem_tlv; 418 size_t n_mem_tlv; 419 u32 major; 420 }; 421 422 static void alloc_sec_data(struct iwl_firmware_pieces *pieces, 423 enum iwl_ucode_type type, 424 int sec) 425 { 426 struct fw_img_parsing *img = &pieces->img[type]; 427 struct fw_sec *sec_memory; 428 int size = sec + 1; 429 size_t alloc_size = sizeof(*img->sec) * size; 430 431 if (img->sec && img->sec_counter >= size) 432 return; 433 434 sec_memory = krealloc(img->sec, alloc_size, GFP_KERNEL); 435 if (!sec_memory) 436 return; 437 438 img->sec = sec_memory; 439 img->sec_counter = size; 440 } 441 442 static void set_sec_data(struct iwl_firmware_pieces *pieces, 443 enum iwl_ucode_type type, 444 int sec, 445 const void *data) 446 { 447 alloc_sec_data(pieces, type, sec); 448 449 pieces->img[type].sec[sec].data = data; 450 } 451 452 static void set_sec_size(struct iwl_firmware_pieces *pieces, 453 enum iwl_ucode_type type, 454 int sec, 455 size_t size) 456 { 457 alloc_sec_data(pieces, type, sec); 458 459 pieces->img[type].sec[sec].size = size; 460 } 461 462 static size_t get_sec_size(struct iwl_firmware_pieces *pieces, 463 enum iwl_ucode_type type, 464 int sec) 465 { 466 return pieces->img[type].sec[sec].size; 467 } 468 469 static void set_sec_offset(struct iwl_firmware_pieces *pieces, 470 enum iwl_ucode_type type, 471 int sec, 472 u32 offset) 473 { 474 alloc_sec_data(pieces, type, sec); 475 476 pieces->img[type].sec[sec].offset = offset; 477 } 478 479 /* 480 * Gets uCode section from tlv. 481 */ 482 static int iwl_store_ucode_sec(struct fw_img_parsing *img, 483 const void *data, int size) 484 { 485 struct fw_sec *sec; 486 const struct fw_sec_parsing *sec_parse; 487 size_t alloc_size; 488 489 if (WARN_ON(!img || !data)) 490 return -EINVAL; 491 492 sec_parse = (const struct fw_sec_parsing *)data; 493 494 alloc_size = sizeof(*img->sec) * (img->sec_counter + 1); 495 sec = krealloc(img->sec, alloc_size, GFP_KERNEL); 496 if (!sec) 497 return -ENOMEM; 498 img->sec = sec; 499 500 sec = &img->sec[img->sec_counter]; 501 502 sec->offset = le32_to_cpu(sec_parse->offset); 503 sec->data = sec_parse->data; 504 sec->size = size - sizeof(sec_parse->offset); 505 506 ++img->sec_counter; 507 508 return 0; 509 } 510 511 static int iwl_set_default_calib(struct iwl_drv *drv, const u8 *data) 512 { 513 const struct iwl_tlv_calib_data *def_calib = 514 (const struct iwl_tlv_calib_data *)data; 515 u32 ucode_type = le32_to_cpu(def_calib->ucode_type); 516 if (ucode_type >= IWL_UCODE_TYPE_MAX) { 517 IWL_ERR(drv, "Wrong ucode_type %u for default calibration.\n", 518 ucode_type); 519 return -EINVAL; 520 } 521 drv->fw.default_calib[ucode_type].flow_trigger = 522 def_calib->calib.flow_trigger; 523 drv->fw.default_calib[ucode_type].event_trigger = 524 def_calib->calib.event_trigger; 525 526 return 0; 527 } 528 529 static void iwl_set_ucode_api_flags(struct iwl_drv *drv, const u8 *data, 530 struct iwl_ucode_capabilities *capa) 531 { 532 const struct iwl_ucode_api *ucode_api = (const void *)data; 533 u32 api_index = le32_to_cpu(ucode_api->api_index); 534 u32 api_flags = le32_to_cpu(ucode_api->api_flags); 535 int i; 536 537 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_API, 32)) { 538 IWL_WARN(drv, 539 "api flags index %d larger than supported by driver\n", 540 api_index); 541 return; 542 } 543 544 for (i = 0; i < 32; i++) { 545 if (api_flags & BIT(i)) 546 __set_bit(i + 32 * api_index, capa->_api); 547 } 548 } 549 550 static void iwl_set_ucode_capabilities(struct iwl_drv *drv, const u8 *data, 551 struct iwl_ucode_capabilities *capa) 552 { 553 const struct iwl_ucode_capa *ucode_capa = (const void *)data; 554 u32 api_index = le32_to_cpu(ucode_capa->api_index); 555 u32 api_flags = le32_to_cpu(ucode_capa->api_capa); 556 int i; 557 558 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_CAPA, 32)) { 559 IWL_WARN(drv, 560 "capa flags index %d larger than supported by driver\n", 561 api_index); 562 return; 563 } 564 565 for (i = 0; i < 32; i++) { 566 if (api_flags & BIT(i)) 567 __set_bit(i + 32 * api_index, capa->_capa); 568 } 569 } 570 571 static const char *iwl_reduced_fw_name(struct iwl_drv *drv) 572 { 573 const char *name = drv->firmware_name; 574 575 if (strncmp(name, "iwlwifi-", 8) == 0) 576 name += 8; 577 578 return name; 579 } 580 581 static int iwl_parse_v1_v2_firmware(struct iwl_drv *drv, 582 const struct firmware *ucode_raw, 583 struct iwl_firmware_pieces *pieces) 584 { 585 const struct iwl_ucode_header *ucode = (const void *)ucode_raw->data; 586 u32 api_ver, hdr_size, build; 587 char buildstr[25]; 588 const u8 *src; 589 590 drv->fw.ucode_ver = le32_to_cpu(ucode->ver); 591 api_ver = IWL_UCODE_API(drv->fw.ucode_ver); 592 593 switch (api_ver) { 594 default: 595 hdr_size = 28; 596 if (ucode_raw->size < hdr_size) { 597 IWL_ERR(drv, "File size too small!\n"); 598 return -EINVAL; 599 } 600 build = le32_to_cpu(ucode->u.v2.build); 601 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 602 le32_to_cpu(ucode->u.v2.inst_size)); 603 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 604 le32_to_cpu(ucode->u.v2.data_size)); 605 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 606 le32_to_cpu(ucode->u.v2.init_size)); 607 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 608 le32_to_cpu(ucode->u.v2.init_data_size)); 609 src = ucode->u.v2.data; 610 break; 611 case 0: 612 case 1: 613 case 2: 614 hdr_size = 24; 615 if (ucode_raw->size < hdr_size) { 616 IWL_ERR(drv, "File size too small!\n"); 617 return -EINVAL; 618 } 619 build = 0; 620 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 621 le32_to_cpu(ucode->u.v1.inst_size)); 622 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 623 le32_to_cpu(ucode->u.v1.data_size)); 624 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 625 le32_to_cpu(ucode->u.v1.init_size)); 626 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 627 le32_to_cpu(ucode->u.v1.init_data_size)); 628 src = ucode->u.v1.data; 629 break; 630 } 631 632 if (build) 633 sprintf(buildstr, " build %u", build); 634 else 635 buildstr[0] = '\0'; 636 637 snprintf(drv->fw.fw_version, 638 sizeof(drv->fw.fw_version), 639 "%u.%u.%u.%u%s %s", 640 IWL_UCODE_MAJOR(drv->fw.ucode_ver), 641 IWL_UCODE_MINOR(drv->fw.ucode_ver), 642 IWL_UCODE_API(drv->fw.ucode_ver), 643 IWL_UCODE_SERIAL(drv->fw.ucode_ver), 644 buildstr, iwl_reduced_fw_name(drv)); 645 646 /* Verify size of file vs. image size info in file's header */ 647 648 if (ucode_raw->size != hdr_size + 649 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) + 650 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) + 651 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) + 652 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA)) { 653 654 IWL_ERR(drv, 655 "uCode file size %d does not match expected size\n", 656 (int)ucode_raw->size); 657 return -EINVAL; 658 } 659 660 661 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, src); 662 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST); 663 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 664 IWLAGN_RTC_INST_LOWER_BOUND); 665 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, src); 666 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA); 667 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 668 IWLAGN_RTC_DATA_LOWER_BOUND); 669 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, src); 670 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST); 671 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 672 IWLAGN_RTC_INST_LOWER_BOUND); 673 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, src); 674 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA); 675 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 676 IWLAGN_RTC_DATA_LOWER_BOUND); 677 return 0; 678 } 679 680 static void iwl_drv_set_dump_exclude(struct iwl_drv *drv, 681 enum iwl_ucode_tlv_type tlv_type, 682 const void *tlv_data, u32 tlv_len) 683 { 684 const struct iwl_fw_dump_exclude *fw = tlv_data; 685 struct iwl_dump_exclude *excl; 686 687 if (tlv_len < sizeof(*fw)) 688 return; 689 690 if (tlv_type == IWL_UCODE_TLV_SEC_TABLE_ADDR) { 691 excl = &drv->fw.dump_excl[0]; 692 693 /* second time we find this, it's for WoWLAN */ 694 if (excl->addr) 695 excl = &drv->fw.dump_excl_wowlan[0]; 696 } else if (fw_has_capa(&drv->fw.ucode_capa, 697 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG)) { 698 /* IWL_UCODE_TLV_D3_KEK_KCK_ADDR is regular image */ 699 excl = &drv->fw.dump_excl[0]; 700 } else { 701 /* IWL_UCODE_TLV_D3_KEK_KCK_ADDR is WoWLAN image */ 702 excl = &drv->fw.dump_excl_wowlan[0]; 703 } 704 705 if (excl->addr) 706 excl++; 707 708 if (excl->addr) { 709 IWL_DEBUG_FW_INFO(drv, "found too many excludes in fw file\n"); 710 return; 711 } 712 713 excl->addr = le32_to_cpu(fw->addr) & ~FW_ADDR_CACHE_CONTROL; 714 excl->size = le32_to_cpu(fw->size); 715 } 716 717 static void iwl_parse_dbg_tlv_assert_tables(struct iwl_drv *drv, 718 const struct iwl_ucode_tlv *tlv) 719 { 720 const struct iwl_fw_ini_region_tlv *region; 721 u32 length = le32_to_cpu(tlv->length); 722 u32 addr; 723 724 if (length < offsetof(typeof(*region), special_mem) + 725 sizeof(region->special_mem)) 726 return; 727 728 region = (const void *)tlv->data; 729 addr = le32_to_cpu(region->special_mem.base_addr); 730 addr += le32_to_cpu(region->special_mem.offset); 731 addr &= ~FW_ADDR_CACHE_CONTROL; 732 733 if (region->type != IWL_FW_INI_REGION_SPECIAL_DEVICE_MEMORY) 734 return; 735 736 switch (region->sub_type) { 737 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_UMAC_ERROR_TABLE: 738 drv->trans->dbg.umac_error_event_table = addr; 739 drv->trans->dbg.error_event_table_tlv_status |= 740 IWL_ERROR_EVENT_TABLE_UMAC; 741 break; 742 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_LMAC_1_ERROR_TABLE: 743 drv->trans->dbg.lmac_error_event_table[0] = addr; 744 drv->trans->dbg.error_event_table_tlv_status |= 745 IWL_ERROR_EVENT_TABLE_LMAC1; 746 break; 747 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_LMAC_2_ERROR_TABLE: 748 drv->trans->dbg.lmac_error_event_table[1] = addr; 749 drv->trans->dbg.error_event_table_tlv_status |= 750 IWL_ERROR_EVENT_TABLE_LMAC2; 751 break; 752 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_TCM_1_ERROR_TABLE: 753 drv->trans->dbg.tcm_error_event_table[0] = addr; 754 drv->trans->dbg.error_event_table_tlv_status |= 755 IWL_ERROR_EVENT_TABLE_TCM1; 756 break; 757 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_TCM_2_ERROR_TABLE: 758 drv->trans->dbg.tcm_error_event_table[1] = addr; 759 drv->trans->dbg.error_event_table_tlv_status |= 760 IWL_ERROR_EVENT_TABLE_TCM2; 761 break; 762 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_RCM_1_ERROR_TABLE: 763 drv->trans->dbg.rcm_error_event_table[0] = addr; 764 drv->trans->dbg.error_event_table_tlv_status |= 765 IWL_ERROR_EVENT_TABLE_RCM1; 766 break; 767 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_RCM_2_ERROR_TABLE: 768 drv->trans->dbg.rcm_error_event_table[1] = addr; 769 drv->trans->dbg.error_event_table_tlv_status |= 770 IWL_ERROR_EVENT_TABLE_RCM2; 771 break; 772 default: 773 break; 774 } 775 } 776 777 static int iwl_parse_tlv_firmware(struct iwl_drv *drv, 778 const struct firmware *ucode_raw, 779 struct iwl_firmware_pieces *pieces, 780 struct iwl_ucode_capabilities *capa, 781 bool *usniffer_images) 782 { 783 const struct iwl_tlv_ucode_header *ucode = (const void *)ucode_raw->data; 784 const struct iwl_ucode_tlv *tlv; 785 size_t len = ucode_raw->size; 786 const u8 *data; 787 u32 tlv_len; 788 u32 usniffer_img; 789 enum iwl_ucode_tlv_type tlv_type; 790 const u8 *tlv_data; 791 char buildstr[25]; 792 u32 build, paging_mem_size; 793 int num_of_cpus; 794 bool usniffer_req = false; 795 796 if (len < sizeof(*ucode)) { 797 IWL_ERR(drv, "uCode has invalid length: %zd\n", len); 798 return -EINVAL; 799 } 800 801 if (ucode->magic != cpu_to_le32(IWL_TLV_UCODE_MAGIC)) { 802 IWL_ERR(drv, "invalid uCode magic: 0X%x\n", 803 le32_to_cpu(ucode->magic)); 804 return -EINVAL; 805 } 806 807 drv->fw.ucode_ver = le32_to_cpu(ucode->ver); 808 memcpy(drv->fw.human_readable, ucode->human_readable, 809 sizeof(drv->fw.human_readable)); 810 build = le32_to_cpu(ucode->build); 811 812 if (build) 813 sprintf(buildstr, " build %u", build); 814 else 815 buildstr[0] = '\0'; 816 817 snprintf(drv->fw.fw_version, 818 sizeof(drv->fw.fw_version), 819 "%u.%u.%u.%u%s %s", 820 IWL_UCODE_MAJOR(drv->fw.ucode_ver), 821 IWL_UCODE_MINOR(drv->fw.ucode_ver), 822 IWL_UCODE_API(drv->fw.ucode_ver), 823 IWL_UCODE_SERIAL(drv->fw.ucode_ver), 824 buildstr, iwl_reduced_fw_name(drv)); 825 826 data = ucode->data; 827 828 len -= sizeof(*ucode); 829 830 while (len >= sizeof(*tlv)) { 831 len -= sizeof(*tlv); 832 833 tlv = (const void *)data; 834 tlv_len = le32_to_cpu(tlv->length); 835 tlv_type = le32_to_cpu(tlv->type); 836 tlv_data = tlv->data; 837 838 if (len < tlv_len) { 839 IWL_ERR(drv, "invalid TLV len: %zd/%u\n", 840 len, tlv_len); 841 return -EINVAL; 842 } 843 len -= ALIGN(tlv_len, 4); 844 data += sizeof(*tlv) + ALIGN(tlv_len, 4); 845 846 switch (tlv_type) { 847 case IWL_UCODE_TLV_INST: 848 set_sec_data(pieces, IWL_UCODE_REGULAR, 849 IWL_UCODE_SECTION_INST, tlv_data); 850 set_sec_size(pieces, IWL_UCODE_REGULAR, 851 IWL_UCODE_SECTION_INST, tlv_len); 852 set_sec_offset(pieces, IWL_UCODE_REGULAR, 853 IWL_UCODE_SECTION_INST, 854 IWLAGN_RTC_INST_LOWER_BOUND); 855 break; 856 case IWL_UCODE_TLV_DATA: 857 set_sec_data(pieces, IWL_UCODE_REGULAR, 858 IWL_UCODE_SECTION_DATA, tlv_data); 859 set_sec_size(pieces, IWL_UCODE_REGULAR, 860 IWL_UCODE_SECTION_DATA, tlv_len); 861 set_sec_offset(pieces, IWL_UCODE_REGULAR, 862 IWL_UCODE_SECTION_DATA, 863 IWLAGN_RTC_DATA_LOWER_BOUND); 864 break; 865 case IWL_UCODE_TLV_INIT: 866 set_sec_data(pieces, IWL_UCODE_INIT, 867 IWL_UCODE_SECTION_INST, tlv_data); 868 set_sec_size(pieces, IWL_UCODE_INIT, 869 IWL_UCODE_SECTION_INST, tlv_len); 870 set_sec_offset(pieces, IWL_UCODE_INIT, 871 IWL_UCODE_SECTION_INST, 872 IWLAGN_RTC_INST_LOWER_BOUND); 873 break; 874 case IWL_UCODE_TLV_INIT_DATA: 875 set_sec_data(pieces, IWL_UCODE_INIT, 876 IWL_UCODE_SECTION_DATA, tlv_data); 877 set_sec_size(pieces, IWL_UCODE_INIT, 878 IWL_UCODE_SECTION_DATA, tlv_len); 879 set_sec_offset(pieces, IWL_UCODE_INIT, 880 IWL_UCODE_SECTION_DATA, 881 IWLAGN_RTC_DATA_LOWER_BOUND); 882 break; 883 case IWL_UCODE_TLV_BOOT: 884 IWL_ERR(drv, "Found unexpected BOOT ucode\n"); 885 break; 886 case IWL_UCODE_TLV_PROBE_MAX_LEN: 887 if (tlv_len != sizeof(u32)) 888 goto invalid_tlv_len; 889 capa->max_probe_length = 890 le32_to_cpup((const __le32 *)tlv_data); 891 break; 892 case IWL_UCODE_TLV_PAN: 893 if (tlv_len) 894 goto invalid_tlv_len; 895 capa->flags |= IWL_UCODE_TLV_FLAGS_PAN; 896 break; 897 case IWL_UCODE_TLV_FLAGS: 898 /* must be at least one u32 */ 899 if (tlv_len < sizeof(u32)) 900 goto invalid_tlv_len; 901 /* and a proper number of u32s */ 902 if (tlv_len % sizeof(u32)) 903 goto invalid_tlv_len; 904 /* 905 * This driver only reads the first u32 as 906 * right now no more features are defined, 907 * if that changes then either the driver 908 * will not work with the new firmware, or 909 * it'll not take advantage of new features. 910 */ 911 capa->flags = le32_to_cpup((const __le32 *)tlv_data); 912 break; 913 case IWL_UCODE_TLV_API_CHANGES_SET: 914 if (tlv_len != sizeof(struct iwl_ucode_api)) 915 goto invalid_tlv_len; 916 iwl_set_ucode_api_flags(drv, tlv_data, capa); 917 break; 918 case IWL_UCODE_TLV_ENABLED_CAPABILITIES: 919 if (tlv_len != sizeof(struct iwl_ucode_capa)) 920 goto invalid_tlv_len; 921 iwl_set_ucode_capabilities(drv, tlv_data, capa); 922 break; 923 case IWL_UCODE_TLV_INIT_EVTLOG_PTR: 924 if (tlv_len != sizeof(u32)) 925 goto invalid_tlv_len; 926 pieces->init_evtlog_ptr = 927 le32_to_cpup((const __le32 *)tlv_data); 928 break; 929 case IWL_UCODE_TLV_INIT_EVTLOG_SIZE: 930 if (tlv_len != sizeof(u32)) 931 goto invalid_tlv_len; 932 pieces->init_evtlog_size = 933 le32_to_cpup((const __le32 *)tlv_data); 934 break; 935 case IWL_UCODE_TLV_INIT_ERRLOG_PTR: 936 if (tlv_len != sizeof(u32)) 937 goto invalid_tlv_len; 938 pieces->init_errlog_ptr = 939 le32_to_cpup((const __le32 *)tlv_data); 940 break; 941 case IWL_UCODE_TLV_RUNT_EVTLOG_PTR: 942 if (tlv_len != sizeof(u32)) 943 goto invalid_tlv_len; 944 pieces->inst_evtlog_ptr = 945 le32_to_cpup((const __le32 *)tlv_data); 946 break; 947 case IWL_UCODE_TLV_RUNT_EVTLOG_SIZE: 948 if (tlv_len != sizeof(u32)) 949 goto invalid_tlv_len; 950 pieces->inst_evtlog_size = 951 le32_to_cpup((const __le32 *)tlv_data); 952 break; 953 case IWL_UCODE_TLV_RUNT_ERRLOG_PTR: 954 if (tlv_len != sizeof(u32)) 955 goto invalid_tlv_len; 956 pieces->inst_errlog_ptr = 957 le32_to_cpup((const __le32 *)tlv_data); 958 break; 959 case IWL_UCODE_TLV_ENHANCE_SENS_TBL: 960 if (tlv_len) 961 goto invalid_tlv_len; 962 drv->fw.enhance_sensitivity_table = true; 963 break; 964 case IWL_UCODE_TLV_WOWLAN_INST: 965 set_sec_data(pieces, IWL_UCODE_WOWLAN, 966 IWL_UCODE_SECTION_INST, tlv_data); 967 set_sec_size(pieces, IWL_UCODE_WOWLAN, 968 IWL_UCODE_SECTION_INST, tlv_len); 969 set_sec_offset(pieces, IWL_UCODE_WOWLAN, 970 IWL_UCODE_SECTION_INST, 971 IWLAGN_RTC_INST_LOWER_BOUND); 972 break; 973 case IWL_UCODE_TLV_WOWLAN_DATA: 974 set_sec_data(pieces, IWL_UCODE_WOWLAN, 975 IWL_UCODE_SECTION_DATA, tlv_data); 976 set_sec_size(pieces, IWL_UCODE_WOWLAN, 977 IWL_UCODE_SECTION_DATA, tlv_len); 978 set_sec_offset(pieces, IWL_UCODE_WOWLAN, 979 IWL_UCODE_SECTION_DATA, 980 IWLAGN_RTC_DATA_LOWER_BOUND); 981 break; 982 case IWL_UCODE_TLV_PHY_CALIBRATION_SIZE: 983 if (tlv_len != sizeof(u32)) 984 goto invalid_tlv_len; 985 capa->standard_phy_calibration_size = 986 le32_to_cpup((const __le32 *)tlv_data); 987 break; 988 case IWL_UCODE_TLV_SEC_RT: 989 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_REGULAR], 990 tlv_data, tlv_len); 991 drv->fw.type = IWL_FW_MVM; 992 break; 993 case IWL_UCODE_TLV_SEC_INIT: 994 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_INIT], 995 tlv_data, tlv_len); 996 drv->fw.type = IWL_FW_MVM; 997 break; 998 case IWL_UCODE_TLV_SEC_WOWLAN: 999 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_WOWLAN], 1000 tlv_data, tlv_len); 1001 drv->fw.type = IWL_FW_MVM; 1002 break; 1003 case IWL_UCODE_TLV_DEF_CALIB: 1004 if (tlv_len != sizeof(struct iwl_tlv_calib_data)) 1005 goto invalid_tlv_len; 1006 if (iwl_set_default_calib(drv, tlv_data)) 1007 goto tlv_error; 1008 break; 1009 case IWL_UCODE_TLV_PHY_SKU: 1010 if (tlv_len != sizeof(u32)) 1011 goto invalid_tlv_len; 1012 drv->fw.phy_config = le32_to_cpup((const __le32 *)tlv_data); 1013 drv->fw.valid_tx_ant = (drv->fw.phy_config & 1014 FW_PHY_CFG_TX_CHAIN) >> 1015 FW_PHY_CFG_TX_CHAIN_POS; 1016 drv->fw.valid_rx_ant = (drv->fw.phy_config & 1017 FW_PHY_CFG_RX_CHAIN) >> 1018 FW_PHY_CFG_RX_CHAIN_POS; 1019 break; 1020 case IWL_UCODE_TLV_SECURE_SEC_RT: 1021 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_REGULAR], 1022 tlv_data, tlv_len); 1023 drv->fw.type = IWL_FW_MVM; 1024 break; 1025 case IWL_UCODE_TLV_SECURE_SEC_INIT: 1026 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_INIT], 1027 tlv_data, tlv_len); 1028 drv->fw.type = IWL_FW_MVM; 1029 break; 1030 case IWL_UCODE_TLV_SECURE_SEC_WOWLAN: 1031 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_WOWLAN], 1032 tlv_data, tlv_len); 1033 drv->fw.type = IWL_FW_MVM; 1034 break; 1035 case IWL_UCODE_TLV_NUM_OF_CPU: 1036 if (tlv_len != sizeof(u32)) 1037 goto invalid_tlv_len; 1038 num_of_cpus = 1039 le32_to_cpup((const __le32 *)tlv_data); 1040 1041 if (num_of_cpus == 2) { 1042 drv->fw.img[IWL_UCODE_REGULAR].is_dual_cpus = 1043 true; 1044 drv->fw.img[IWL_UCODE_INIT].is_dual_cpus = 1045 true; 1046 drv->fw.img[IWL_UCODE_WOWLAN].is_dual_cpus = 1047 true; 1048 } else if ((num_of_cpus > 2) || (num_of_cpus < 1)) { 1049 IWL_ERR(drv, "Driver support up to 2 CPUs\n"); 1050 return -EINVAL; 1051 } 1052 break; 1053 case IWL_UCODE_TLV_N_SCAN_CHANNELS: 1054 if (tlv_len != sizeof(u32)) 1055 goto invalid_tlv_len; 1056 capa->n_scan_channels = 1057 le32_to_cpup((const __le32 *)tlv_data); 1058 break; 1059 case IWL_UCODE_TLV_FW_VERSION: { 1060 const __le32 *ptr = (const void *)tlv_data; 1061 u32 minor; 1062 u8 local_comp; 1063 1064 if (tlv_len != sizeof(u32) * 3) 1065 goto invalid_tlv_len; 1066 1067 pieces->major = le32_to_cpup(ptr++); 1068 minor = le32_to_cpup(ptr++); 1069 local_comp = le32_to_cpup(ptr); 1070 1071 snprintf(drv->fw.fw_version, 1072 sizeof(drv->fw.fw_version), 1073 "%u.%08x.%u %s", pieces->major, minor, 1074 local_comp, iwl_reduced_fw_name(drv)); 1075 break; 1076 } 1077 case IWL_UCODE_TLV_FW_DBG_DEST: { 1078 const struct iwl_fw_dbg_dest_tlv *dest = NULL; 1079 const struct iwl_fw_dbg_dest_tlv_v1 *dest_v1 = NULL; 1080 u8 mon_mode; 1081 1082 pieces->dbg_dest_ver = (const u8 *)tlv_data; 1083 if (*pieces->dbg_dest_ver == 1) { 1084 dest = (const void *)tlv_data; 1085 } else if (*pieces->dbg_dest_ver == 0) { 1086 dest_v1 = (const void *)tlv_data; 1087 } else { 1088 IWL_ERR(drv, 1089 "The version is %d, and it is invalid\n", 1090 *pieces->dbg_dest_ver); 1091 break; 1092 } 1093 1094 if (pieces->dbg_dest_tlv_init) { 1095 IWL_ERR(drv, 1096 "dbg destination ignored, already exists\n"); 1097 break; 1098 } 1099 1100 pieces->dbg_dest_tlv_init = true; 1101 1102 if (dest_v1) { 1103 pieces->dbg_dest_tlv_v1 = dest_v1; 1104 mon_mode = dest_v1->monitor_mode; 1105 } else { 1106 pieces->dbg_dest_tlv = dest; 1107 mon_mode = dest->monitor_mode; 1108 } 1109 1110 IWL_INFO(drv, "Found debug destination: %s\n", 1111 get_fw_dbg_mode_string(mon_mode)); 1112 1113 drv->fw.dbg.n_dest_reg = (dest_v1) ? 1114 tlv_len - 1115 offsetof(struct iwl_fw_dbg_dest_tlv_v1, 1116 reg_ops) : 1117 tlv_len - 1118 offsetof(struct iwl_fw_dbg_dest_tlv, 1119 reg_ops); 1120 1121 drv->fw.dbg.n_dest_reg /= 1122 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]); 1123 1124 break; 1125 } 1126 case IWL_UCODE_TLV_FW_DBG_CONF: { 1127 const struct iwl_fw_dbg_conf_tlv *conf = 1128 (const void *)tlv_data; 1129 1130 if (!pieces->dbg_dest_tlv_init) { 1131 IWL_ERR(drv, 1132 "Ignore dbg config %d - no destination configured\n", 1133 conf->id); 1134 break; 1135 } 1136 1137 if (conf->id >= ARRAY_SIZE(drv->fw.dbg.conf_tlv)) { 1138 IWL_ERR(drv, 1139 "Skip unknown configuration: %d\n", 1140 conf->id); 1141 break; 1142 } 1143 1144 if (pieces->dbg_conf_tlv[conf->id]) { 1145 IWL_ERR(drv, 1146 "Ignore duplicate dbg config %d\n", 1147 conf->id); 1148 break; 1149 } 1150 1151 if (conf->usniffer) 1152 usniffer_req = true; 1153 1154 IWL_INFO(drv, "Found debug configuration: %d\n", 1155 conf->id); 1156 1157 pieces->dbg_conf_tlv[conf->id] = conf; 1158 pieces->dbg_conf_tlv_len[conf->id] = tlv_len; 1159 break; 1160 } 1161 case IWL_UCODE_TLV_FW_DBG_TRIGGER: { 1162 const struct iwl_fw_dbg_trigger_tlv *trigger = 1163 (const void *)tlv_data; 1164 u32 trigger_id = le32_to_cpu(trigger->id); 1165 1166 if (trigger_id >= ARRAY_SIZE(drv->fw.dbg.trigger_tlv)) { 1167 IWL_ERR(drv, 1168 "Skip unknown trigger: %u\n", 1169 trigger->id); 1170 break; 1171 } 1172 1173 if (pieces->dbg_trigger_tlv[trigger_id]) { 1174 IWL_ERR(drv, 1175 "Ignore duplicate dbg trigger %u\n", 1176 trigger->id); 1177 break; 1178 } 1179 1180 IWL_INFO(drv, "Found debug trigger: %u\n", trigger->id); 1181 1182 pieces->dbg_trigger_tlv[trigger_id] = trigger; 1183 pieces->dbg_trigger_tlv_len[trigger_id] = tlv_len; 1184 break; 1185 } 1186 case IWL_UCODE_TLV_FW_DBG_DUMP_LST: { 1187 if (tlv_len != sizeof(u32)) { 1188 IWL_ERR(drv, 1189 "dbg lst mask size incorrect, skip\n"); 1190 break; 1191 } 1192 1193 drv->fw.dbg.dump_mask = 1194 le32_to_cpup((const __le32 *)tlv_data); 1195 break; 1196 } 1197 case IWL_UCODE_TLV_SEC_RT_USNIFFER: 1198 *usniffer_images = true; 1199 iwl_store_ucode_sec(&pieces->img[IWL_UCODE_REGULAR_USNIFFER], 1200 tlv_data, tlv_len); 1201 break; 1202 case IWL_UCODE_TLV_PAGING: 1203 if (tlv_len != sizeof(u32)) 1204 goto invalid_tlv_len; 1205 paging_mem_size = le32_to_cpup((const __le32 *)tlv_data); 1206 1207 IWL_DEBUG_FW(drv, 1208 "Paging: paging enabled (size = %u bytes)\n", 1209 paging_mem_size); 1210 1211 if (paging_mem_size > MAX_PAGING_IMAGE_SIZE) { 1212 IWL_ERR(drv, 1213 "Paging: driver supports up to %lu bytes for paging image\n", 1214 MAX_PAGING_IMAGE_SIZE); 1215 return -EINVAL; 1216 } 1217 1218 if (paging_mem_size & (FW_PAGING_SIZE - 1)) { 1219 IWL_ERR(drv, 1220 "Paging: image isn't multiple %lu\n", 1221 FW_PAGING_SIZE); 1222 return -EINVAL; 1223 } 1224 1225 drv->fw.img[IWL_UCODE_REGULAR].paging_mem_size = 1226 paging_mem_size; 1227 usniffer_img = IWL_UCODE_REGULAR_USNIFFER; 1228 drv->fw.img[usniffer_img].paging_mem_size = 1229 paging_mem_size; 1230 break; 1231 case IWL_UCODE_TLV_FW_GSCAN_CAPA: 1232 /* ignored */ 1233 break; 1234 case IWL_UCODE_TLV_FW_MEM_SEG: { 1235 const struct iwl_fw_dbg_mem_seg_tlv *dbg_mem = 1236 (const void *)tlv_data; 1237 size_t size; 1238 struct iwl_fw_dbg_mem_seg_tlv *n; 1239 1240 if (tlv_len != (sizeof(*dbg_mem))) 1241 goto invalid_tlv_len; 1242 1243 IWL_DEBUG_INFO(drv, "Found debug memory segment: %u\n", 1244 dbg_mem->data_type); 1245 1246 size = sizeof(*pieces->dbg_mem_tlv) * 1247 (pieces->n_mem_tlv + 1); 1248 n = krealloc(pieces->dbg_mem_tlv, size, GFP_KERNEL); 1249 if (!n) 1250 return -ENOMEM; 1251 pieces->dbg_mem_tlv = n; 1252 pieces->dbg_mem_tlv[pieces->n_mem_tlv] = *dbg_mem; 1253 pieces->n_mem_tlv++; 1254 break; 1255 } 1256 case IWL_UCODE_TLV_IML: { 1257 drv->fw.iml_len = tlv_len; 1258 drv->fw.iml = kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1259 if (!drv->fw.iml) 1260 return -ENOMEM; 1261 break; 1262 } 1263 case IWL_UCODE_TLV_FW_RECOVERY_INFO: { 1264 const struct { 1265 __le32 buf_addr; 1266 __le32 buf_size; 1267 } *recov_info = (const void *)tlv_data; 1268 1269 if (tlv_len != sizeof(*recov_info)) 1270 goto invalid_tlv_len; 1271 capa->error_log_addr = 1272 le32_to_cpu(recov_info->buf_addr); 1273 capa->error_log_size = 1274 le32_to_cpu(recov_info->buf_size); 1275 } 1276 break; 1277 case IWL_UCODE_TLV_FW_FSEQ_VERSION: { 1278 const struct { 1279 u8 version[32]; 1280 u8 sha1[20]; 1281 } *fseq_ver = (const void *)tlv_data; 1282 1283 if (tlv_len != sizeof(*fseq_ver)) 1284 goto invalid_tlv_len; 1285 IWL_DEBUG_INFO(drv, "TLV_FW_FSEQ_VERSION: %.32s\n", 1286 fseq_ver->version); 1287 } 1288 break; 1289 case IWL_UCODE_TLV_FW_NUM_STATIONS: 1290 if (tlv_len != sizeof(u32)) 1291 goto invalid_tlv_len; 1292 if (le32_to_cpup((const __le32 *)tlv_data) > 1293 IWL_STATION_COUNT_MAX) { 1294 IWL_ERR(drv, 1295 "%d is an invalid number of station\n", 1296 le32_to_cpup((const __le32 *)tlv_data)); 1297 goto tlv_error; 1298 } 1299 capa->num_stations = 1300 le32_to_cpup((const __le32 *)tlv_data); 1301 break; 1302 case IWL_UCODE_TLV_FW_NUM_LINKS: 1303 if (tlv_len != sizeof(u32)) 1304 goto invalid_tlv_len; 1305 if (le32_to_cpup((const __le32 *)tlv_data) > 1306 IWL_FW_MAX_LINK_ID + 1) { 1307 IWL_ERR(drv, 1308 "%d is an invalid number of links\n", 1309 le32_to_cpup((const __le32 *)tlv_data)); 1310 goto tlv_error; 1311 } 1312 capa->num_links = 1313 le32_to_cpup((const __le32 *)tlv_data); 1314 break; 1315 case IWL_UCODE_TLV_FW_NUM_BEACONS: 1316 if (tlv_len != sizeof(u32)) 1317 goto invalid_tlv_len; 1318 capa->num_beacons = 1319 le32_to_cpup((const __le32 *)tlv_data); 1320 break; 1321 case IWL_UCODE_TLV_UMAC_DEBUG_ADDRS: { 1322 const struct iwl_umac_debug_addrs *dbg_ptrs = 1323 (const void *)tlv_data; 1324 1325 if (tlv_len != sizeof(*dbg_ptrs)) 1326 goto invalid_tlv_len; 1327 if (drv->trans->mac_cfg->device_family < 1328 IWL_DEVICE_FAMILY_22000) 1329 break; 1330 drv->trans->dbg.umac_error_event_table = 1331 le32_to_cpu(dbg_ptrs->error_info_addr) & 1332 ~FW_ADDR_CACHE_CONTROL; 1333 drv->trans->dbg.error_event_table_tlv_status |= 1334 IWL_ERROR_EVENT_TABLE_UMAC; 1335 break; 1336 } 1337 case IWL_UCODE_TLV_LMAC_DEBUG_ADDRS: { 1338 const struct iwl_lmac_debug_addrs *dbg_ptrs = 1339 (const void *)tlv_data; 1340 1341 if (tlv_len != sizeof(*dbg_ptrs)) 1342 goto invalid_tlv_len; 1343 if (drv->trans->mac_cfg->device_family < 1344 IWL_DEVICE_FAMILY_22000) 1345 break; 1346 drv->trans->dbg.lmac_error_event_table[0] = 1347 le32_to_cpu(dbg_ptrs->error_event_table_ptr) & 1348 ~FW_ADDR_CACHE_CONTROL; 1349 drv->trans->dbg.error_event_table_tlv_status |= 1350 IWL_ERROR_EVENT_TABLE_LMAC1; 1351 break; 1352 } 1353 case IWL_UCODE_TLV_TYPE_REGIONS: 1354 iwl_parse_dbg_tlv_assert_tables(drv, tlv); 1355 fallthrough; 1356 case IWL_UCODE_TLV_TYPE_DEBUG_INFO: 1357 case IWL_UCODE_TLV_TYPE_BUFFER_ALLOCATION: 1358 case IWL_UCODE_TLV_TYPE_HCMD: 1359 case IWL_UCODE_TLV_TYPE_TRIGGERS: 1360 case IWL_UCODE_TLV_TYPE_CONF_SET: 1361 if (iwlwifi_mod_params.enable_ini) 1362 iwl_dbg_tlv_alloc(drv->trans, tlv, false); 1363 break; 1364 case IWL_UCODE_TLV_CMD_VERSIONS: 1365 if (tlv_len % sizeof(struct iwl_fw_cmd_version)) { 1366 IWL_ERR(drv, 1367 "Invalid length for command versions: %u\n", 1368 tlv_len); 1369 tlv_len /= sizeof(struct iwl_fw_cmd_version); 1370 tlv_len *= sizeof(struct iwl_fw_cmd_version); 1371 } 1372 if (WARN_ON(capa->cmd_versions)) 1373 return -EINVAL; 1374 capa->cmd_versions = kmemdup(tlv_data, tlv_len, 1375 GFP_KERNEL); 1376 if (!capa->cmd_versions) 1377 return -ENOMEM; 1378 capa->n_cmd_versions = 1379 tlv_len / sizeof(struct iwl_fw_cmd_version); 1380 break; 1381 case IWL_UCODE_TLV_PHY_INTEGRATION_VERSION: 1382 if (drv->fw.phy_integration_ver) { 1383 IWL_ERR(drv, 1384 "phy integration str ignored, already exists\n"); 1385 break; 1386 } 1387 1388 drv->fw.phy_integration_ver = 1389 kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1390 if (!drv->fw.phy_integration_ver) 1391 return -ENOMEM; 1392 drv->fw.phy_integration_ver_len = tlv_len; 1393 break; 1394 case IWL_UCODE_TLV_SEC_TABLE_ADDR: 1395 case IWL_UCODE_TLV_D3_KEK_KCK_ADDR: 1396 iwl_drv_set_dump_exclude(drv, tlv_type, 1397 tlv_data, tlv_len); 1398 break; 1399 case IWL_UCODE_TLV_CURRENT_PC: 1400 if (tlv_len < sizeof(struct iwl_pc_data)) 1401 goto invalid_tlv_len; 1402 drv->trans->dbg.pc_data = 1403 kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1404 if (!drv->trans->dbg.pc_data) 1405 return -ENOMEM; 1406 drv->trans->dbg.num_pc = 1407 tlv_len / sizeof(struct iwl_pc_data); 1408 break; 1409 case IWL_UCODE_TLV_PNVM_DATA: 1410 if (drv->fw.pnvm_data) 1411 break; 1412 drv->fw.pnvm_data = 1413 kvmemdup(tlv_data, tlv_len, GFP_KERNEL); 1414 if (!drv->fw.pnvm_data) 1415 return -ENOMEM; 1416 drv->fw.pnvm_size = tlv_len; 1417 break; 1418 default: 1419 IWL_DEBUG_INFO(drv, "unknown TLV: %d\n", tlv_type); 1420 break; 1421 } 1422 } 1423 1424 if (!fw_has_capa(capa, IWL_UCODE_TLV_CAPA_USNIFFER_UNIFIED) && 1425 usniffer_req && !*usniffer_images) { 1426 IWL_ERR(drv, 1427 "user selected to work with usniffer but usniffer image isn't available in ucode package\n"); 1428 return -EINVAL; 1429 } 1430 1431 if (len) { 1432 IWL_ERR(drv, "invalid TLV after parsing: %zd\n", len); 1433 iwl_print_hex_dump(drv, IWL_DL_FW, data, len); 1434 return -EINVAL; 1435 } 1436 1437 return 0; 1438 1439 invalid_tlv_len: 1440 IWL_ERR(drv, "TLV %d has invalid size: %u\n", tlv_type, tlv_len); 1441 tlv_error: 1442 iwl_print_hex_dump(drv, IWL_DL_FW, tlv_data, tlv_len); 1443 1444 return -EINVAL; 1445 } 1446 1447 static int iwl_alloc_ucode_mem(struct fw_img *out, struct fw_img_parsing *img) 1448 { 1449 struct fw_desc *sec; 1450 1451 sec = kcalloc(img->sec_counter, sizeof(*sec), GFP_KERNEL); 1452 if (!sec) 1453 return -ENOMEM; 1454 1455 out->sec = sec; 1456 out->num_sec = img->sec_counter; 1457 1458 for (int i = 0; i < out->num_sec; i++) 1459 if (iwl_alloc_fw_desc(&sec[i], &img->sec[i])) 1460 return -ENOMEM; 1461 1462 return 0; 1463 } 1464 1465 static int iwl_alloc_ucode(struct iwl_drv *drv, 1466 struct iwl_firmware_pieces *pieces, 1467 enum iwl_ucode_type type) 1468 { 1469 return iwl_alloc_ucode_mem(&drv->fw.img[type], &pieces->img[type]); 1470 } 1471 1472 static int validate_sec_sizes(struct iwl_drv *drv, 1473 struct iwl_firmware_pieces *pieces, 1474 const struct iwl_rf_cfg *cfg) 1475 { 1476 IWL_DEBUG_INFO(drv, "f/w package hdr runtime inst size = %zd\n", 1477 get_sec_size(pieces, IWL_UCODE_REGULAR, 1478 IWL_UCODE_SECTION_INST)); 1479 IWL_DEBUG_INFO(drv, "f/w package hdr runtime data size = %zd\n", 1480 get_sec_size(pieces, IWL_UCODE_REGULAR, 1481 IWL_UCODE_SECTION_DATA)); 1482 IWL_DEBUG_INFO(drv, "f/w package hdr init inst size = %zd\n", 1483 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST)); 1484 IWL_DEBUG_INFO(drv, "f/w package hdr init data size = %zd\n", 1485 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA)); 1486 1487 /* Verify that uCode images will fit in card's SRAM. */ 1488 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) > 1489 cfg->max_inst_size) { 1490 IWL_ERR(drv, "uCode instr len %zd too large to fit in\n", 1491 get_sec_size(pieces, IWL_UCODE_REGULAR, 1492 IWL_UCODE_SECTION_INST)); 1493 return -1; 1494 } 1495 1496 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) > 1497 cfg->max_data_size) { 1498 IWL_ERR(drv, "uCode data len %zd too large to fit in\n", 1499 get_sec_size(pieces, IWL_UCODE_REGULAR, 1500 IWL_UCODE_SECTION_DATA)); 1501 return -1; 1502 } 1503 1504 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) > 1505 cfg->max_inst_size) { 1506 IWL_ERR(drv, "uCode init instr len %zd too large to fit in\n", 1507 get_sec_size(pieces, IWL_UCODE_INIT, 1508 IWL_UCODE_SECTION_INST)); 1509 return -1; 1510 } 1511 1512 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA) > 1513 cfg->max_data_size) { 1514 IWL_ERR(drv, "uCode init data len %zd too large to fit in\n", 1515 get_sec_size(pieces, IWL_UCODE_REGULAR, 1516 IWL_UCODE_SECTION_DATA)); 1517 return -1; 1518 } 1519 return 0; 1520 } 1521 1522 static struct iwl_op_mode * 1523 _iwl_op_mode_start(struct iwl_drv *drv, struct iwlwifi_opmode_table *op) 1524 { 1525 const struct iwl_op_mode_ops *ops = op->ops; 1526 struct dentry *dbgfs_dir = NULL; 1527 struct iwl_op_mode *op_mode = NULL; 1528 int retry, max_retry = !!iwlwifi_mod_params.fw_restart * IWL_MAX_INIT_RETRY; 1529 1530 /* also protects start/stop from racing against each other */ 1531 lockdep_assert_held(&iwlwifi_opmode_table_mtx); 1532 1533 for (retry = 0; retry <= max_retry; retry++) { 1534 1535 #ifdef CONFIG_IWLWIFI_DEBUGFS 1536 drv->dbgfs_op_mode = debugfs_create_dir(op->name, 1537 drv->dbgfs_drv); 1538 dbgfs_dir = drv->dbgfs_op_mode; 1539 #endif 1540 1541 op_mode = ops->start(drv->trans, drv->trans->cfg, 1542 &drv->fw, dbgfs_dir); 1543 1544 if (!IS_ERR(op_mode)) 1545 return op_mode; 1546 1547 if (iwl_trans_is_dead(drv->trans)) 1548 break; 1549 1550 #ifdef CONFIG_IWLWIFI_DEBUGFS 1551 debugfs_remove_recursive(drv->dbgfs_op_mode); 1552 drv->dbgfs_op_mode = NULL; 1553 #endif 1554 1555 if (PTR_ERR(op_mode) != -ETIMEDOUT) 1556 break; 1557 1558 IWL_ERR(drv, "retry init count %d\n", retry); 1559 } 1560 1561 return NULL; 1562 } 1563 1564 static void _iwl_op_mode_stop(struct iwl_drv *drv) 1565 { 1566 /* also protects start/stop from racing against each other */ 1567 lockdep_assert_held(&iwlwifi_opmode_table_mtx); 1568 1569 /* op_mode can be NULL if its start failed */ 1570 if (drv->op_mode) { 1571 iwl_op_mode_stop(drv->op_mode); 1572 drv->op_mode = NULL; 1573 1574 #ifdef CONFIG_IWLWIFI_DEBUGFS 1575 debugfs_remove_recursive(drv->dbgfs_op_mode); 1576 drv->dbgfs_op_mode = NULL; 1577 #endif 1578 } 1579 } 1580 1581 #define IWL_MLD_SUPPORTED_FW_VERSION 97 1582 1583 /* 1584 * iwl_req_fw_callback - callback when firmware was loaded 1585 * 1586 * If loaded successfully, copies the firmware into buffers 1587 * for the card to fetch (via DMA). 1588 */ 1589 static void iwl_req_fw_callback(const struct firmware *ucode_raw, void *context) 1590 { 1591 struct iwl_drv *drv = context; 1592 struct iwl_fw *fw = &drv->fw; 1593 const struct iwl_ucode_header *ucode; 1594 struct iwlwifi_opmode_table *op; 1595 int err; 1596 struct iwl_firmware_pieces *pieces; 1597 unsigned int api_min, api_max; 1598 size_t trigger_tlv_sz[FW_DBG_TRIGGER_MAX]; 1599 u32 api_ver; 1600 int i; 1601 bool usniffer_images = false; 1602 bool failure = true; 1603 1604 iwl_get_ucode_api_versions(drv->trans, &api_min, &api_max); 1605 1606 fw->ucode_capa.max_probe_length = IWL_DEFAULT_MAX_PROBE_LENGTH; 1607 fw->ucode_capa.standard_phy_calibration_size = 1608 IWL_DEFAULT_STANDARD_PHY_CALIBRATE_TBL_SIZE; 1609 fw->ucode_capa.n_scan_channels = IWL_DEFAULT_SCAN_CHANNELS; 1610 fw->ucode_capa.num_stations = IWL_STATION_COUNT_MAX; 1611 fw->ucode_capa.num_beacons = 1; 1612 /* dump all fw memory areas by default */ 1613 fw->dbg.dump_mask = 0xffffffff; 1614 1615 pieces = kzalloc(sizeof(*pieces), GFP_KERNEL); 1616 if (!pieces) 1617 goto out_free_fw; 1618 1619 if (!ucode_raw) 1620 goto try_again; 1621 1622 IWL_DEBUG_FW_INFO(drv, "Loaded firmware file '%s' (%zd bytes).\n", 1623 drv->firmware_name, ucode_raw->size); 1624 1625 /* Make sure that we got at least the API version number */ 1626 if (ucode_raw->size < 4) { 1627 IWL_ERR(drv, "File size way too small!\n"); 1628 goto try_again; 1629 } 1630 1631 /* Data from ucode file: header followed by uCode images */ 1632 ucode = (const struct iwl_ucode_header *)ucode_raw->data; 1633 1634 if (ucode->ver) 1635 err = iwl_parse_v1_v2_firmware(drv, ucode_raw, pieces); 1636 else 1637 err = iwl_parse_tlv_firmware(drv, ucode_raw, pieces, 1638 &fw->ucode_capa, &usniffer_images); 1639 1640 if (err) 1641 goto try_again; 1642 1643 if (fw_has_api(&drv->fw.ucode_capa, IWL_UCODE_TLV_API_NEW_VERSION)) 1644 api_ver = drv->fw.ucode_ver; 1645 else 1646 api_ver = IWL_UCODE_API(drv->fw.ucode_ver); 1647 1648 /* 1649 * api_ver should match the api version forming part of the 1650 * firmware filename ... but we don't check for that and only rely 1651 * on the API version read from firmware header from here on forward 1652 */ 1653 if (api_ver < api_min || api_ver > api_max) { 1654 IWL_ERR(drv, 1655 "Driver unable to support your firmware API. " 1656 "Driver supports v%u, firmware is v%u.\n", 1657 api_max, api_ver); 1658 goto try_again; 1659 } 1660 1661 /* 1662 * In mvm uCode there is no difference between data and instructions 1663 * sections. 1664 */ 1665 if (fw->type == IWL_FW_DVM && validate_sec_sizes(drv, pieces, 1666 drv->trans->cfg)) 1667 goto try_again; 1668 1669 /* Allocate ucode buffers for card's bus-master loading ... */ 1670 1671 /* Runtime instructions and 2 copies of data: 1672 * 1) unmodified from disk 1673 * 2) backup cache for save/restore during power-downs 1674 */ 1675 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++) 1676 if (iwl_alloc_ucode(drv, pieces, i)) 1677 goto out_free_fw; 1678 1679 if (pieces->dbg_dest_tlv_init) { 1680 size_t dbg_dest_size = sizeof(*drv->fw.dbg.dest_tlv) + 1681 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]) * 1682 drv->fw.dbg.n_dest_reg; 1683 1684 drv->fw.dbg.dest_tlv = kmalloc(dbg_dest_size, GFP_KERNEL); 1685 1686 if (!drv->fw.dbg.dest_tlv) 1687 goto out_free_fw; 1688 1689 if (*pieces->dbg_dest_ver == 0) { 1690 memcpy(drv->fw.dbg.dest_tlv, pieces->dbg_dest_tlv_v1, 1691 dbg_dest_size); 1692 } else { 1693 struct iwl_fw_dbg_dest_tlv_v1 *dest_tlv = 1694 drv->fw.dbg.dest_tlv; 1695 1696 dest_tlv->version = pieces->dbg_dest_tlv->version; 1697 dest_tlv->monitor_mode = 1698 pieces->dbg_dest_tlv->monitor_mode; 1699 dest_tlv->size_power = 1700 pieces->dbg_dest_tlv->size_power; 1701 dest_tlv->wrap_count = 1702 pieces->dbg_dest_tlv->wrap_count; 1703 dest_tlv->write_ptr_reg = 1704 pieces->dbg_dest_tlv->write_ptr_reg; 1705 dest_tlv->base_shift = 1706 pieces->dbg_dest_tlv->base_shift; 1707 memcpy(dest_tlv->reg_ops, 1708 pieces->dbg_dest_tlv->reg_ops, 1709 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]) * 1710 drv->fw.dbg.n_dest_reg); 1711 1712 /* In version 1 of the destination tlv, which is 1713 * relevant for internal buffer exclusively, 1714 * the base address is part of given with the length 1715 * of the buffer, and the size shift is give instead of 1716 * end shift. We now store these values in base_reg, 1717 * and end shift, and when dumping the data we'll 1718 * manipulate it for extracting both the length and 1719 * base address */ 1720 dest_tlv->base_reg = pieces->dbg_dest_tlv->cfg_reg; 1721 dest_tlv->end_shift = 1722 pieces->dbg_dest_tlv->size_shift; 1723 } 1724 } 1725 1726 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.conf_tlv); i++) { 1727 if (pieces->dbg_conf_tlv[i]) { 1728 drv->fw.dbg.conf_tlv[i] = 1729 kmemdup(pieces->dbg_conf_tlv[i], 1730 pieces->dbg_conf_tlv_len[i], 1731 GFP_KERNEL); 1732 if (!drv->fw.dbg.conf_tlv[i]) 1733 goto out_free_fw; 1734 } 1735 } 1736 1737 memset(&trigger_tlv_sz, 0xff, sizeof(trigger_tlv_sz)); 1738 1739 trigger_tlv_sz[FW_DBG_TRIGGER_MISSED_BEACONS] = 1740 sizeof(struct iwl_fw_dbg_trigger_missed_bcon); 1741 trigger_tlv_sz[FW_DBG_TRIGGER_CHANNEL_SWITCH] = 0; 1742 trigger_tlv_sz[FW_DBG_TRIGGER_FW_NOTIF] = 1743 sizeof(struct iwl_fw_dbg_trigger_cmd); 1744 trigger_tlv_sz[FW_DBG_TRIGGER_MLME] = 1745 sizeof(struct iwl_fw_dbg_trigger_mlme); 1746 trigger_tlv_sz[FW_DBG_TRIGGER_STATS] = 1747 sizeof(struct iwl_fw_dbg_trigger_stats); 1748 trigger_tlv_sz[FW_DBG_TRIGGER_RSSI] = 1749 sizeof(struct iwl_fw_dbg_trigger_low_rssi); 1750 trigger_tlv_sz[FW_DBG_TRIGGER_TXQ_TIMERS] = 1751 sizeof(struct iwl_fw_dbg_trigger_txq_timer); 1752 trigger_tlv_sz[FW_DBG_TRIGGER_TIME_EVENT] = 1753 sizeof(struct iwl_fw_dbg_trigger_time_event); 1754 trigger_tlv_sz[FW_DBG_TRIGGER_BA] = 1755 sizeof(struct iwl_fw_dbg_trigger_ba); 1756 trigger_tlv_sz[FW_DBG_TRIGGER_TDLS] = 1757 sizeof(struct iwl_fw_dbg_trigger_tdls); 1758 1759 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.trigger_tlv); i++) { 1760 if (pieces->dbg_trigger_tlv[i]) { 1761 /* 1762 * If the trigger isn't long enough, WARN and exit. 1763 * Someone is trying to debug something and he won't 1764 * be able to catch the bug he is trying to chase. 1765 * We'd better be noisy to be sure he knows what's 1766 * going on. 1767 */ 1768 if (WARN_ON(pieces->dbg_trigger_tlv_len[i] < 1769 (trigger_tlv_sz[i] + 1770 sizeof(struct iwl_fw_dbg_trigger_tlv)))) 1771 goto out_free_fw; 1772 drv->fw.dbg.trigger_tlv_len[i] = 1773 pieces->dbg_trigger_tlv_len[i]; 1774 drv->fw.dbg.trigger_tlv[i] = 1775 kmemdup(pieces->dbg_trigger_tlv[i], 1776 drv->fw.dbg.trigger_tlv_len[i], 1777 GFP_KERNEL); 1778 if (!drv->fw.dbg.trigger_tlv[i]) 1779 goto out_free_fw; 1780 } 1781 } 1782 1783 /* Now that we can no longer fail, copy information */ 1784 1785 drv->fw.dbg.mem_tlv = pieces->dbg_mem_tlv; 1786 pieces->dbg_mem_tlv = NULL; 1787 drv->fw.dbg.n_mem_tlv = pieces->n_mem_tlv; 1788 1789 /* 1790 * The (size - 16) / 12 formula is based on the information recorded 1791 * for each event, which is of mode 1 (including timestamp) for all 1792 * new microcodes that include this information. 1793 */ 1794 fw->init_evtlog_ptr = pieces->init_evtlog_ptr; 1795 if (pieces->init_evtlog_size) 1796 fw->init_evtlog_size = (pieces->init_evtlog_size - 16)/12; 1797 else 1798 fw->init_evtlog_size = 1799 drv->trans->mac_cfg->base->max_event_log_size; 1800 fw->init_errlog_ptr = pieces->init_errlog_ptr; 1801 fw->inst_evtlog_ptr = pieces->inst_evtlog_ptr; 1802 if (pieces->inst_evtlog_size) 1803 fw->inst_evtlog_size = (pieces->inst_evtlog_size - 16)/12; 1804 else 1805 fw->inst_evtlog_size = 1806 drv->trans->mac_cfg->base->max_event_log_size; 1807 fw->inst_errlog_ptr = pieces->inst_errlog_ptr; 1808 1809 /* 1810 * figure out the offset of chain noise reset and gain commands 1811 * base on the size of standard phy calibration commands table size 1812 */ 1813 if (fw->ucode_capa.standard_phy_calibration_size > 1814 IWL_MAX_PHY_CALIBRATE_TBL_SIZE) 1815 fw->ucode_capa.standard_phy_calibration_size = 1816 IWL_MAX_STANDARD_PHY_CALIBRATE_TBL_SIZE; 1817 1818 /* We have our copies now, allow OS release its copies */ 1819 release_firmware(ucode_raw); 1820 1821 iwl_dbg_tlv_load_bin(drv->trans->dev, drv->trans); 1822 1823 mutex_lock(&iwlwifi_opmode_table_mtx); 1824 switch (fw->type) { 1825 case IWL_FW_DVM: 1826 op = &iwlwifi_opmode_table[DVM_OP_MODE]; 1827 break; 1828 default: 1829 WARN(1, "Invalid fw type %d\n", fw->type); 1830 fallthrough; 1831 case IWL_FW_MVM: 1832 op = &iwlwifi_opmode_table[MVM_OP_MODE]; 1833 break; 1834 } 1835 1836 #if IS_ENABLED(CONFIG_IWLMLD) 1837 if (pieces->major >= IWL_MLD_SUPPORTED_FW_VERSION && 1838 iwl_drv_is_wifi7_supported(drv->trans)) 1839 op = &iwlwifi_opmode_table[MLD_OP_MODE]; 1840 #else 1841 if (pieces->major >= IWL_MLD_SUPPORTED_FW_VERSION && 1842 iwl_drv_is_wifi7_supported(drv->trans)) { 1843 IWL_ERR(drv, 1844 "IWLMLD needs to be compiled to support this firmware\n"); 1845 mutex_unlock(&iwlwifi_opmode_table_mtx); 1846 goto out_unbind; 1847 } 1848 #endif 1849 1850 IWL_INFO(drv, "loaded firmware version %s op_mode %s\n", 1851 drv->fw.fw_version, op->name); 1852 1853 /* add this device to the list of devices using this op_mode */ 1854 list_add_tail(&drv->list, &op->drv); 1855 1856 if (op->ops) { 1857 drv->op_mode = _iwl_op_mode_start(drv, op); 1858 1859 if (!drv->op_mode) { 1860 mutex_unlock(&iwlwifi_opmode_table_mtx); 1861 goto out_unbind; 1862 } 1863 } else { 1864 request_module_nowait("%s", op->name); 1865 } 1866 mutex_unlock(&iwlwifi_opmode_table_mtx); 1867 1868 complete(&drv->request_firmware_complete); 1869 1870 failure = false; 1871 goto free; 1872 1873 try_again: 1874 /* try next, if any */ 1875 release_firmware(ucode_raw); 1876 if (iwl_request_firmware(drv, false)) 1877 goto out_unbind; 1878 goto free; 1879 1880 out_free_fw: 1881 release_firmware(ucode_raw); 1882 out_unbind: 1883 complete(&drv->request_firmware_complete); 1884 device_release_driver(drv->trans->dev); 1885 /* drv has just been freed by the release */ 1886 failure = false; 1887 free: 1888 if (failure) 1889 iwl_dealloc_ucode(drv); 1890 1891 if (pieces) { 1892 for (i = 0; i < ARRAY_SIZE(pieces->img); i++) 1893 kfree(pieces->img[i].sec); 1894 kfree(pieces->dbg_mem_tlv); 1895 kfree(pieces); 1896 } 1897 } 1898 1899 struct iwl_drv *iwl_drv_start(struct iwl_trans *trans) 1900 { 1901 struct iwl_drv *drv; 1902 int ret; 1903 1904 drv = kzalloc(sizeof(*drv), GFP_KERNEL); 1905 if (!drv) { 1906 ret = -ENOMEM; 1907 goto err; 1908 } 1909 1910 drv->trans = trans; 1911 drv->dev = trans->dev; 1912 1913 init_completion(&drv->request_firmware_complete); 1914 INIT_LIST_HEAD(&drv->list); 1915 1916 #ifdef CONFIG_IWLWIFI_DEBUGFS 1917 /* Create the device debugfs entries. */ 1918 drv->dbgfs_drv = debugfs_create_dir(dev_name(trans->dev), 1919 iwl_dbgfs_root); 1920 1921 /* Create transport layer debugfs dir */ 1922 drv->trans->dbgfs_dir = debugfs_create_dir("trans", drv->dbgfs_drv); 1923 #endif 1924 1925 drv->trans->dbg.domains_bitmap = IWL_TRANS_FW_DBG_DOMAIN(drv->trans); 1926 if (iwlwifi_mod_params.enable_ini != ENABLE_INI) { 1927 /* We have a non-default value in the module parameter, 1928 * take its value 1929 */ 1930 drv->trans->dbg.domains_bitmap &= 0xffff; 1931 if (iwlwifi_mod_params.enable_ini != IWL_FW_INI_PRESET_DISABLE) { 1932 if (iwlwifi_mod_params.enable_ini > ENABLE_INI) { 1933 IWL_ERR(trans, 1934 "invalid enable_ini module parameter value: max = %d, using 0 instead\n", 1935 ENABLE_INI); 1936 iwlwifi_mod_params.enable_ini = 0; 1937 } 1938 drv->trans->dbg.domains_bitmap = 1939 BIT(IWL_FW_DBG_DOMAIN_POS + iwlwifi_mod_params.enable_ini); 1940 } 1941 } 1942 1943 ret = iwl_request_firmware(drv, true); 1944 if (ret) { 1945 IWL_ERR(trans, "Couldn't request the fw\n"); 1946 goto err_fw; 1947 } 1948 1949 return drv; 1950 1951 err_fw: 1952 #ifdef CONFIG_IWLWIFI_DEBUGFS 1953 debugfs_remove_recursive(drv->dbgfs_drv); 1954 #endif 1955 iwl_dbg_tlv_free(drv->trans); 1956 kfree(drv); 1957 err: 1958 return ERR_PTR(ret); 1959 } 1960 1961 void iwl_drv_stop(struct iwl_drv *drv) 1962 { 1963 wait_for_completion(&drv->request_firmware_complete); 1964 1965 mutex_lock(&iwlwifi_opmode_table_mtx); 1966 1967 _iwl_op_mode_stop(drv); 1968 1969 iwl_dealloc_ucode(drv); 1970 1971 /* 1972 * List is empty (this item wasn't added) 1973 * when firmware loading failed -- in that 1974 * case we can't remove it from any list. 1975 */ 1976 if (!list_empty(&drv->list)) 1977 list_del(&drv->list); 1978 mutex_unlock(&iwlwifi_opmode_table_mtx); 1979 1980 #ifdef CONFIG_IWLWIFI_DEBUGFS 1981 iwl_trans_debugfs_cleanup(drv->trans); 1982 1983 debugfs_remove_recursive(drv->dbgfs_drv); 1984 #endif 1985 1986 iwl_dbg_tlv_free(drv->trans); 1987 1988 kfree(drv); 1989 } 1990 1991 /* shared module parameters */ 1992 struct iwl_mod_params iwlwifi_mod_params = { 1993 .fw_restart = true, 1994 .bt_coex_active = true, 1995 .power_level = IWL_POWER_INDEX_1, 1996 .uapsd_disable = IWL_DISABLE_UAPSD_BSS | IWL_DISABLE_UAPSD_P2P_CLIENT, 1997 .enable_ini = ENABLE_INI, 1998 /* the rest are 0 by default */ 1999 }; 2000 IWL_EXPORT_SYMBOL(iwlwifi_mod_params); 2001 2002 int iwl_opmode_register(const char *name, const struct iwl_op_mode_ops *ops) 2003 { 2004 int i; 2005 struct iwl_drv *drv; 2006 struct iwlwifi_opmode_table *op; 2007 2008 mutex_lock(&iwlwifi_opmode_table_mtx); 2009 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) { 2010 op = &iwlwifi_opmode_table[i]; 2011 if (strcmp(op->name, name)) 2012 continue; 2013 op->ops = ops; 2014 /* TODO: need to handle exceptional case */ 2015 list_for_each_entry(drv, &op->drv, list) 2016 drv->op_mode = _iwl_op_mode_start(drv, op); 2017 2018 mutex_unlock(&iwlwifi_opmode_table_mtx); 2019 return 0; 2020 } 2021 mutex_unlock(&iwlwifi_opmode_table_mtx); 2022 return -EIO; 2023 } 2024 IWL_EXPORT_SYMBOL(iwl_opmode_register); 2025 2026 void iwl_opmode_deregister(const char *name) 2027 { 2028 int i; 2029 struct iwl_drv *drv; 2030 2031 mutex_lock(&iwlwifi_opmode_table_mtx); 2032 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) { 2033 if (strcmp(iwlwifi_opmode_table[i].name, name)) 2034 continue; 2035 iwlwifi_opmode_table[i].ops = NULL; 2036 2037 /* call the stop routine for all devices */ 2038 list_for_each_entry(drv, &iwlwifi_opmode_table[i].drv, list) 2039 _iwl_op_mode_stop(drv); 2040 2041 mutex_unlock(&iwlwifi_opmode_table_mtx); 2042 return; 2043 } 2044 mutex_unlock(&iwlwifi_opmode_table_mtx); 2045 } 2046 IWL_EXPORT_SYMBOL(iwl_opmode_deregister); 2047 2048 static int __init iwl_drv_init(void) 2049 { 2050 int i, err; 2051 2052 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) 2053 INIT_LIST_HEAD(&iwlwifi_opmode_table[i].drv); 2054 2055 #ifdef CONFIG_IWLWIFI_DEBUGFS 2056 /* Create the root of iwlwifi debugfs subsystem. */ 2057 iwl_dbgfs_root = debugfs_create_dir(DRV_NAME, NULL); 2058 #endif 2059 2060 err = iwl_pci_register_driver(); 2061 if (err) 2062 goto cleanup_debugfs; 2063 2064 return 0; 2065 2066 cleanup_debugfs: 2067 #ifdef CONFIG_IWLWIFI_DEBUGFS 2068 debugfs_remove_recursive(iwl_dbgfs_root); 2069 #endif 2070 return err; 2071 } 2072 module_init(iwl_drv_init); 2073 2074 static void __exit iwl_drv_exit(void) 2075 { 2076 iwl_pci_unregister_driver(); 2077 iwl_trans_free_restart_list(); 2078 2079 #ifdef CONFIG_IWLWIFI_DEBUGFS 2080 debugfs_remove_recursive(iwl_dbgfs_root); 2081 #endif 2082 } 2083 module_exit(iwl_drv_exit); 2084 2085 #ifdef CONFIG_IWLWIFI_DEBUG 2086 module_param_named(debug, iwlwifi_mod_params.debug_level, uint, 0644); 2087 MODULE_PARM_DESC(debug, "debug output mask"); 2088 #endif 2089 2090 module_param_named(swcrypto, iwlwifi_mod_params.swcrypto, int, 0444); 2091 MODULE_PARM_DESC(swcrypto, "using crypto in software (default 0 [hardware])"); 2092 module_param_named(11n_disable, iwlwifi_mod_params.disable_11n, uint, 0444); 2093 MODULE_PARM_DESC(11n_disable, 2094 "disable 11n functionality, bitmap: 1: full, 2: disable agg TX, 4: disable agg RX, 8 enable agg TX"); 2095 module_param_named(amsdu_size, iwlwifi_mod_params.amsdu_size, int, 0444); 2096 MODULE_PARM_DESC(amsdu_size, 2097 "amsdu size 0: 12K for multi Rx queue devices, 2K for AX210 devices, " 2098 "4K for other devices 1:4K 2:8K 3:12K (16K buffers) 4: 2K (default 0)"); 2099 module_param_named(fw_restart, iwlwifi_mod_params.fw_restart, bool, 0444); 2100 MODULE_PARM_DESC(fw_restart, "restart firmware in case of error (default true)"); 2101 2102 module_param_named(nvm_file, iwlwifi_mod_params.nvm_file, charp, 0444); 2103 MODULE_PARM_DESC(nvm_file, "NVM file name"); 2104 2105 module_param_named(uapsd_disable, iwlwifi_mod_params.uapsd_disable, uint, 0644); 2106 MODULE_PARM_DESC(uapsd_disable, 2107 "disable U-APSD functionality bitmap 1: BSS 2: P2P Client (default: 3)"); 2108 2109 module_param_named(enable_ini, iwlwifi_mod_params.enable_ini, uint, 0444); 2110 MODULE_PARM_DESC(enable_ini, 2111 "0:disable, 1-15:FW_DBG_PRESET Values, 16:enabled without preset value defined," 2112 "Debug INI TLV FW debug infrastructure (default: 16)"); 2113 2114 /* 2115 * set bt_coex_active to true, uCode will do kill/defer 2116 * every time the priority line is asserted (BT is sending signals on the 2117 * priority line in the PCIx). 2118 * set bt_coex_active to false, uCode will ignore the BT activity and 2119 * perform the normal operation 2120 * 2121 * User might experience transmit issue on some platform due to WiFi/BT 2122 * co-exist problem. The possible behaviors are: 2123 * Able to scan and finding all the available AP 2124 * Not able to associate with any AP 2125 * On those platforms, WiFi communication can be restored by set 2126 * "bt_coex_active" module parameter to "false" 2127 * 2128 * default: bt_coex_active = true (BT_COEX_ENABLE) 2129 */ 2130 module_param_named(bt_coex_active, iwlwifi_mod_params.bt_coex_active, 2131 bool, 0444); 2132 MODULE_PARM_DESC(bt_coex_active, "enable wifi/bt co-exist (default: enable)"); 2133 2134 module_param_named(led_mode, iwlwifi_mod_params.led_mode, int, 0444); 2135 MODULE_PARM_DESC(led_mode, "0=system default, " 2136 "1=On(RF On)/Off(RF Off), 2=blinking, 3=Off (default: 0)"); 2137 2138 module_param_named(power_save, iwlwifi_mod_params.power_save, bool, 0444); 2139 MODULE_PARM_DESC(power_save, 2140 "enable WiFi power management (default: disable)"); 2141 2142 module_param_named(power_level, iwlwifi_mod_params.power_level, int, 0444); 2143 MODULE_PARM_DESC(power_level, 2144 "default power save level (range from 1 - 5, default: 1)"); 2145 2146 module_param_named(disable_11ac, iwlwifi_mod_params.disable_11ac, bool, 0444); 2147 MODULE_PARM_DESC(disable_11ac, "Disable VHT capabilities (default: false)"); 2148 2149 module_param_named(remove_when_gone, 2150 iwlwifi_mod_params.remove_when_gone, bool, 2151 0444); 2152 MODULE_PARM_DESC(remove_when_gone, 2153 "Remove dev from PCIe bus if it is deemed inaccessible (default: false)"); 2154 2155 module_param_named(disable_11ax, iwlwifi_mod_params.disable_11ax, bool, 2156 S_IRUGO); 2157 MODULE_PARM_DESC(disable_11ax, "Disable HE capabilities (default: false)"); 2158 2159 module_param_named(disable_11be, iwlwifi_mod_params.disable_11be, bool, 0444); 2160 MODULE_PARM_DESC(disable_11be, "Disable EHT capabilities (default: false)"); 2161