1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause 2 /* 3 * Copyright (C) 2005-2014, 2018-2024 Intel Corporation 4 * Copyright (C) 2013-2015 Intel Mobile Communications GmbH 5 * Copyright (C) 2016-2017 Intel Deutschland GmbH 6 */ 7 #include <linux/completion.h> 8 #include <linux/dma-mapping.h> 9 #include <linux/firmware.h> 10 #include <linux/module.h> 11 #include <linux/vmalloc.h> 12 13 #include "iwl-drv.h" 14 #include "iwl-csr.h" 15 #include "iwl-debug.h" 16 #include "iwl-trans.h" 17 #include "iwl-op-mode.h" 18 #include "iwl-agn-hw.h" 19 #include "fw/img.h" 20 #include "iwl-dbg-tlv.h" 21 #include "iwl-config.h" 22 #include "iwl-modparams.h" 23 #include "fw/api/alive.h" 24 #include "fw/api/mac.h" 25 26 /****************************************************************************** 27 * 28 * module boiler plate 29 * 30 ******************************************************************************/ 31 32 #define DRV_DESCRIPTION "Intel(R) Wireless WiFi driver for Linux" 33 MODULE_DESCRIPTION(DRV_DESCRIPTION); 34 MODULE_LICENSE("GPL"); 35 36 #ifdef CONFIG_IWLWIFI_DEBUGFS 37 static struct dentry *iwl_dbgfs_root; 38 #endif 39 40 /** 41 * struct iwl_drv - drv common data 42 * @list: list of drv structures using this opmode 43 * @fw: the iwl_fw structure 44 * @op_mode: the running op_mode 45 * @trans: transport layer 46 * @dev: for debug prints only 47 * @fw_index: firmware revision to try loading 48 * @firmware_name: composite filename of ucode file to load 49 * @request_firmware_complete: the firmware has been obtained from user space 50 * @dbgfs_drv: debugfs root directory entry 51 * @dbgfs_trans: debugfs transport directory entry 52 * @dbgfs_op_mode: debugfs op_mode directory entry 53 */ 54 struct iwl_drv { 55 struct list_head list; 56 struct iwl_fw fw; 57 58 struct iwl_op_mode *op_mode; 59 struct iwl_trans *trans; 60 struct device *dev; 61 62 int fw_index; /* firmware we're trying to load */ 63 char firmware_name[64]; /* name of firmware file to load */ 64 65 struct completion request_firmware_complete; 66 67 #ifdef CONFIG_IWLWIFI_DEBUGFS 68 struct dentry *dbgfs_drv; 69 struct dentry *dbgfs_trans; 70 struct dentry *dbgfs_op_mode; 71 #endif 72 }; 73 74 enum { 75 DVM_OP_MODE, 76 MVM_OP_MODE, 77 }; 78 79 /* Protects the table contents, i.e. the ops pointer & drv list */ 80 static DEFINE_MUTEX(iwlwifi_opmode_table_mtx); 81 static struct iwlwifi_opmode_table { 82 const char *name; /* name: iwldvm, iwlmvm, etc */ 83 const struct iwl_op_mode_ops *ops; /* pointer to op_mode ops */ 84 struct list_head drv; /* list of devices using this op_mode */ 85 } iwlwifi_opmode_table[] = { /* ops set when driver is initialized */ 86 [DVM_OP_MODE] = { .name = "iwldvm", .ops = NULL }, 87 [MVM_OP_MODE] = { .name = "iwlmvm", .ops = NULL }, 88 }; 89 90 #define IWL_DEFAULT_SCAN_CHANNELS 40 91 92 /* 93 * struct fw_sec: Just for the image parsing process. 94 * For the fw storage we are using struct fw_desc. 95 */ 96 struct fw_sec { 97 const void *data; /* the sec data */ 98 size_t size; /* section size */ 99 u32 offset; /* offset of writing in the device */ 100 }; 101 102 static void iwl_free_fw_desc(struct iwl_drv *drv, struct fw_desc *desc) 103 { 104 vfree(desc->data); 105 desc->data = NULL; 106 desc->len = 0; 107 } 108 109 static void iwl_free_fw_img(struct iwl_drv *drv, struct fw_img *img) 110 { 111 int i; 112 for (i = 0; i < img->num_sec; i++) 113 iwl_free_fw_desc(drv, &img->sec[i]); 114 kfree(img->sec); 115 } 116 117 static void iwl_dealloc_ucode(struct iwl_drv *drv) 118 { 119 int i; 120 121 kfree(drv->fw.dbg.dest_tlv); 122 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.conf_tlv); i++) 123 kfree(drv->fw.dbg.conf_tlv[i]); 124 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.trigger_tlv); i++) 125 kfree(drv->fw.dbg.trigger_tlv[i]); 126 kfree(drv->fw.dbg.mem_tlv); 127 kfree(drv->fw.iml); 128 kfree(drv->fw.ucode_capa.cmd_versions); 129 kfree(drv->fw.phy_integration_ver); 130 kfree(drv->trans->dbg.pc_data); 131 drv->trans->dbg.pc_data = NULL; 132 133 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++) 134 iwl_free_fw_img(drv, drv->fw.img + i); 135 136 /* clear the data for the aborted load case */ 137 memset(&drv->fw, 0, sizeof(drv->fw)); 138 } 139 140 static int iwl_alloc_fw_desc(struct iwl_drv *drv, struct fw_desc *desc, 141 struct fw_sec *sec) 142 { 143 void *data; 144 145 desc->data = NULL; 146 147 if (!sec || !sec->size) 148 return -EINVAL; 149 150 data = vmalloc(sec->size); 151 if (!data) 152 return -ENOMEM; 153 154 desc->len = sec->size; 155 desc->offset = sec->offset; 156 memcpy(data, sec->data, desc->len); 157 desc->data = data; 158 159 return 0; 160 } 161 162 static inline char iwl_drv_get_step(int step) 163 { 164 if (step == SILICON_Z_STEP) 165 return 'z'; 166 if (step == SILICON_TC_STEP) 167 return 'a'; 168 return 'a' + step; 169 } 170 171 const char *iwl_drv_get_fwname_pre(struct iwl_trans *trans, char *buf) 172 { 173 char mac_step, rf_step; 174 const char *rf, *cdb; 175 176 if (trans->cfg->fw_name_pre) 177 return trans->cfg->fw_name_pre; 178 179 if (WARN_ON(!trans->cfg->fw_name_mac)) 180 return "unconfigured"; 181 182 mac_step = iwl_drv_get_step(trans->hw_rev_step); 183 184 rf_step = iwl_drv_get_step(CSR_HW_RFID_STEP(trans->hw_rf_id)); 185 186 switch (CSR_HW_RFID_TYPE(trans->hw_rf_id)) { 187 case IWL_CFG_RF_TYPE_HR1: 188 case IWL_CFG_RF_TYPE_HR2: 189 rf = "hr"; 190 rf_step = 'b'; 191 break; 192 case IWL_CFG_RF_TYPE_GF: 193 rf = "gf"; 194 break; 195 case IWL_CFG_RF_TYPE_MR: 196 rf = "mr"; 197 break; 198 case IWL_CFG_RF_TYPE_MS: 199 rf = "ms"; 200 break; 201 case IWL_CFG_RF_TYPE_FM: 202 rf = "fm"; 203 break; 204 case IWL_CFG_RF_TYPE_WH: 205 if (SILICON_Z_STEP == 206 CSR_HW_RFID_STEP(trans->hw_rf_id)) { 207 rf = "whtc"; 208 rf_step = 'a'; 209 } else { 210 rf = "wh"; 211 } 212 break; 213 default: 214 return "unknown-rf"; 215 } 216 217 cdb = CSR_HW_RFID_IS_CDB(trans->hw_rf_id) ? "4" : ""; 218 219 scnprintf(buf, FW_NAME_PRE_BUFSIZE, 220 "iwlwifi-%s-%c0-%s%s-%c0", 221 trans->cfg->fw_name_mac, mac_step, 222 rf, cdb, rf_step); 223 224 return buf; 225 } 226 IWL_EXPORT_SYMBOL(iwl_drv_get_fwname_pre); 227 228 static void iwl_req_fw_callback(const struct firmware *ucode_raw, 229 void *context); 230 231 static int iwl_request_firmware(struct iwl_drv *drv, bool first) 232 { 233 const struct iwl_cfg *cfg = drv->trans->cfg; 234 char _fw_name_pre[FW_NAME_PRE_BUFSIZE]; 235 const char *fw_name_pre; 236 237 if (drv->trans->trans_cfg->device_family == IWL_DEVICE_FAMILY_9000 && 238 (drv->trans->hw_rev_step != SILICON_B_STEP && 239 drv->trans->hw_rev_step != SILICON_C_STEP)) { 240 IWL_ERR(drv, 241 "Only HW steps B and C are currently supported (0x%0x)\n", 242 drv->trans->hw_rev); 243 return -EINVAL; 244 } 245 246 fw_name_pre = iwl_drv_get_fwname_pre(drv->trans, _fw_name_pre); 247 248 if (first) 249 drv->fw_index = cfg->ucode_api_max; 250 else 251 drv->fw_index--; 252 253 if (drv->fw_index < cfg->ucode_api_min) { 254 IWL_ERR(drv, "no suitable firmware found!\n"); 255 256 if (cfg->ucode_api_min == cfg->ucode_api_max) { 257 IWL_ERR(drv, "%s-%d is required\n", fw_name_pre, 258 cfg->ucode_api_max); 259 } else { 260 IWL_ERR(drv, "minimum version required: %s-%d\n", 261 fw_name_pre, cfg->ucode_api_min); 262 IWL_ERR(drv, "maximum version supported: %s-%d\n", 263 fw_name_pre, cfg->ucode_api_max); 264 } 265 266 IWL_ERR(drv, 267 "check git://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git\n"); 268 return -ENOENT; 269 } 270 271 snprintf(drv->firmware_name, sizeof(drv->firmware_name), "%s-%d.ucode", 272 fw_name_pre, drv->fw_index); 273 274 IWL_DEBUG_FW_INFO(drv, "attempting to load firmware '%s'\n", 275 drv->firmware_name); 276 277 return request_firmware_nowait(THIS_MODULE, 1, drv->firmware_name, 278 drv->trans->dev, 279 GFP_KERNEL, drv, iwl_req_fw_callback); 280 } 281 282 struct fw_img_parsing { 283 struct fw_sec *sec; 284 int sec_counter; 285 }; 286 287 /* 288 * struct fw_sec_parsing: to extract fw section and it's offset from tlv 289 */ 290 struct fw_sec_parsing { 291 __le32 offset; 292 const u8 data[]; 293 } __packed; 294 295 /** 296 * struct iwl_tlv_calib_data - parse the default calib data from TLV 297 * 298 * @ucode_type: the uCode to which the following default calib relates. 299 * @calib: default calibrations. 300 */ 301 struct iwl_tlv_calib_data { 302 __le32 ucode_type; 303 struct iwl_tlv_calib_ctrl calib; 304 } __packed; 305 306 struct iwl_firmware_pieces { 307 struct fw_img_parsing img[IWL_UCODE_TYPE_MAX]; 308 309 u32 init_evtlog_ptr, init_evtlog_size, init_errlog_ptr; 310 u32 inst_evtlog_ptr, inst_evtlog_size, inst_errlog_ptr; 311 312 /* FW debug data parsed for driver usage */ 313 bool dbg_dest_tlv_init; 314 const u8 *dbg_dest_ver; 315 union { 316 const struct iwl_fw_dbg_dest_tlv *dbg_dest_tlv; 317 const struct iwl_fw_dbg_dest_tlv_v1 *dbg_dest_tlv_v1; 318 }; 319 const struct iwl_fw_dbg_conf_tlv *dbg_conf_tlv[FW_DBG_CONF_MAX]; 320 size_t dbg_conf_tlv_len[FW_DBG_CONF_MAX]; 321 const struct iwl_fw_dbg_trigger_tlv *dbg_trigger_tlv[FW_DBG_TRIGGER_MAX]; 322 size_t dbg_trigger_tlv_len[FW_DBG_TRIGGER_MAX]; 323 struct iwl_fw_dbg_mem_seg_tlv *dbg_mem_tlv; 324 size_t n_mem_tlv; 325 }; 326 327 /* 328 * These functions are just to extract uCode section data from the pieces 329 * structure. 330 */ 331 static struct fw_sec *get_sec(struct iwl_firmware_pieces *pieces, 332 enum iwl_ucode_type type, 333 int sec) 334 { 335 return &pieces->img[type].sec[sec]; 336 } 337 338 static void alloc_sec_data(struct iwl_firmware_pieces *pieces, 339 enum iwl_ucode_type type, 340 int sec) 341 { 342 struct fw_img_parsing *img = &pieces->img[type]; 343 struct fw_sec *sec_memory; 344 int size = sec + 1; 345 size_t alloc_size = sizeof(*img->sec) * size; 346 347 if (img->sec && img->sec_counter >= size) 348 return; 349 350 sec_memory = krealloc(img->sec, alloc_size, GFP_KERNEL); 351 if (!sec_memory) 352 return; 353 354 img->sec = sec_memory; 355 img->sec_counter = size; 356 } 357 358 static void set_sec_data(struct iwl_firmware_pieces *pieces, 359 enum iwl_ucode_type type, 360 int sec, 361 const void *data) 362 { 363 alloc_sec_data(pieces, type, sec); 364 365 pieces->img[type].sec[sec].data = data; 366 } 367 368 static void set_sec_size(struct iwl_firmware_pieces *pieces, 369 enum iwl_ucode_type type, 370 int sec, 371 size_t size) 372 { 373 alloc_sec_data(pieces, type, sec); 374 375 pieces->img[type].sec[sec].size = size; 376 } 377 378 static size_t get_sec_size(struct iwl_firmware_pieces *pieces, 379 enum iwl_ucode_type type, 380 int sec) 381 { 382 return pieces->img[type].sec[sec].size; 383 } 384 385 static void set_sec_offset(struct iwl_firmware_pieces *pieces, 386 enum iwl_ucode_type type, 387 int sec, 388 u32 offset) 389 { 390 alloc_sec_data(pieces, type, sec); 391 392 pieces->img[type].sec[sec].offset = offset; 393 } 394 395 /* 396 * Gets uCode section from tlv. 397 */ 398 static int iwl_store_ucode_sec(struct iwl_firmware_pieces *pieces, 399 const void *data, enum iwl_ucode_type type, 400 int size) 401 { 402 struct fw_img_parsing *img; 403 struct fw_sec *sec; 404 const struct fw_sec_parsing *sec_parse; 405 size_t alloc_size; 406 407 if (WARN_ON(!pieces || !data || type >= IWL_UCODE_TYPE_MAX)) 408 return -1; 409 410 sec_parse = (const struct fw_sec_parsing *)data; 411 412 img = &pieces->img[type]; 413 414 alloc_size = sizeof(*img->sec) * (img->sec_counter + 1); 415 sec = krealloc(img->sec, alloc_size, GFP_KERNEL); 416 if (!sec) 417 return -ENOMEM; 418 img->sec = sec; 419 420 sec = &img->sec[img->sec_counter]; 421 422 sec->offset = le32_to_cpu(sec_parse->offset); 423 sec->data = sec_parse->data; 424 sec->size = size - sizeof(sec_parse->offset); 425 426 ++img->sec_counter; 427 428 return 0; 429 } 430 431 static int iwl_set_default_calib(struct iwl_drv *drv, const u8 *data) 432 { 433 const struct iwl_tlv_calib_data *def_calib = 434 (const struct iwl_tlv_calib_data *)data; 435 u32 ucode_type = le32_to_cpu(def_calib->ucode_type); 436 if (ucode_type >= IWL_UCODE_TYPE_MAX) { 437 IWL_ERR(drv, "Wrong ucode_type %u for default calibration.\n", 438 ucode_type); 439 return -EINVAL; 440 } 441 drv->fw.default_calib[ucode_type].flow_trigger = 442 def_calib->calib.flow_trigger; 443 drv->fw.default_calib[ucode_type].event_trigger = 444 def_calib->calib.event_trigger; 445 446 return 0; 447 } 448 449 static void iwl_set_ucode_api_flags(struct iwl_drv *drv, const u8 *data, 450 struct iwl_ucode_capabilities *capa) 451 { 452 const struct iwl_ucode_api *ucode_api = (const void *)data; 453 u32 api_index = le32_to_cpu(ucode_api->api_index); 454 u32 api_flags = le32_to_cpu(ucode_api->api_flags); 455 int i; 456 457 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_API, 32)) { 458 IWL_WARN(drv, 459 "api flags index %d larger than supported by driver\n", 460 api_index); 461 return; 462 } 463 464 for (i = 0; i < 32; i++) { 465 if (api_flags & BIT(i)) 466 __set_bit(i + 32 * api_index, capa->_api); 467 } 468 } 469 470 static void iwl_set_ucode_capabilities(struct iwl_drv *drv, const u8 *data, 471 struct iwl_ucode_capabilities *capa) 472 { 473 const struct iwl_ucode_capa *ucode_capa = (const void *)data; 474 u32 api_index = le32_to_cpu(ucode_capa->api_index); 475 u32 api_flags = le32_to_cpu(ucode_capa->api_capa); 476 int i; 477 478 if (api_index >= DIV_ROUND_UP(NUM_IWL_UCODE_TLV_CAPA, 32)) { 479 IWL_WARN(drv, 480 "capa flags index %d larger than supported by driver\n", 481 api_index); 482 return; 483 } 484 485 for (i = 0; i < 32; i++) { 486 if (api_flags & BIT(i)) 487 __set_bit(i + 32 * api_index, capa->_capa); 488 } 489 } 490 491 static const char *iwl_reduced_fw_name(struct iwl_drv *drv) 492 { 493 const char *name = drv->firmware_name; 494 495 if (strncmp(name, "iwlwifi-", 8) == 0) 496 name += 8; 497 498 return name; 499 } 500 501 static int iwl_parse_v1_v2_firmware(struct iwl_drv *drv, 502 const struct firmware *ucode_raw, 503 struct iwl_firmware_pieces *pieces) 504 { 505 const struct iwl_ucode_header *ucode = (const void *)ucode_raw->data; 506 u32 api_ver, hdr_size, build; 507 char buildstr[25]; 508 const u8 *src; 509 510 drv->fw.ucode_ver = le32_to_cpu(ucode->ver); 511 api_ver = IWL_UCODE_API(drv->fw.ucode_ver); 512 513 switch (api_ver) { 514 default: 515 hdr_size = 28; 516 if (ucode_raw->size < hdr_size) { 517 IWL_ERR(drv, "File size too small!\n"); 518 return -EINVAL; 519 } 520 build = le32_to_cpu(ucode->u.v2.build); 521 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 522 le32_to_cpu(ucode->u.v2.inst_size)); 523 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 524 le32_to_cpu(ucode->u.v2.data_size)); 525 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 526 le32_to_cpu(ucode->u.v2.init_size)); 527 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 528 le32_to_cpu(ucode->u.v2.init_data_size)); 529 src = ucode->u.v2.data; 530 break; 531 case 0: 532 case 1: 533 case 2: 534 hdr_size = 24; 535 if (ucode_raw->size < hdr_size) { 536 IWL_ERR(drv, "File size too small!\n"); 537 return -EINVAL; 538 } 539 build = 0; 540 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 541 le32_to_cpu(ucode->u.v1.inst_size)); 542 set_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 543 le32_to_cpu(ucode->u.v1.data_size)); 544 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 545 le32_to_cpu(ucode->u.v1.init_size)); 546 set_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 547 le32_to_cpu(ucode->u.v1.init_data_size)); 548 src = ucode->u.v1.data; 549 break; 550 } 551 552 if (build) 553 sprintf(buildstr, " build %u", build); 554 else 555 buildstr[0] = '\0'; 556 557 snprintf(drv->fw.fw_version, 558 sizeof(drv->fw.fw_version), 559 "%u.%u.%u.%u%s %s", 560 IWL_UCODE_MAJOR(drv->fw.ucode_ver), 561 IWL_UCODE_MINOR(drv->fw.ucode_ver), 562 IWL_UCODE_API(drv->fw.ucode_ver), 563 IWL_UCODE_SERIAL(drv->fw.ucode_ver), 564 buildstr, iwl_reduced_fw_name(drv)); 565 566 /* Verify size of file vs. image size info in file's header */ 567 568 if (ucode_raw->size != hdr_size + 569 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) + 570 get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) + 571 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) + 572 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA)) { 573 574 IWL_ERR(drv, 575 "uCode file size %d does not match expected size\n", 576 (int)ucode_raw->size); 577 return -EINVAL; 578 } 579 580 581 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, src); 582 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST); 583 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST, 584 IWLAGN_RTC_INST_LOWER_BOUND); 585 set_sec_data(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, src); 586 src += get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA); 587 set_sec_offset(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA, 588 IWLAGN_RTC_DATA_LOWER_BOUND); 589 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, src); 590 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST); 591 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST, 592 IWLAGN_RTC_INST_LOWER_BOUND); 593 set_sec_data(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, src); 594 src += get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA); 595 set_sec_offset(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA, 596 IWLAGN_RTC_DATA_LOWER_BOUND); 597 return 0; 598 } 599 600 static void iwl_drv_set_dump_exclude(struct iwl_drv *drv, 601 enum iwl_ucode_tlv_type tlv_type, 602 const void *tlv_data, u32 tlv_len) 603 { 604 const struct iwl_fw_dump_exclude *fw = tlv_data; 605 struct iwl_dump_exclude *excl; 606 607 if (tlv_len < sizeof(*fw)) 608 return; 609 610 if (tlv_type == IWL_UCODE_TLV_SEC_TABLE_ADDR) { 611 excl = &drv->fw.dump_excl[0]; 612 613 /* second time we find this, it's for WoWLAN */ 614 if (excl->addr) 615 excl = &drv->fw.dump_excl_wowlan[0]; 616 } else if (fw_has_capa(&drv->fw.ucode_capa, 617 IWL_UCODE_TLV_CAPA_CNSLDTD_D3_D0_IMG)) { 618 /* IWL_UCODE_TLV_D3_KEK_KCK_ADDR is regular image */ 619 excl = &drv->fw.dump_excl[0]; 620 } else { 621 /* IWL_UCODE_TLV_D3_KEK_KCK_ADDR is WoWLAN image */ 622 excl = &drv->fw.dump_excl_wowlan[0]; 623 } 624 625 if (excl->addr) 626 excl++; 627 628 if (excl->addr) { 629 IWL_DEBUG_FW_INFO(drv, "found too many excludes in fw file\n"); 630 return; 631 } 632 633 excl->addr = le32_to_cpu(fw->addr) & ~FW_ADDR_CACHE_CONTROL; 634 excl->size = le32_to_cpu(fw->size); 635 } 636 637 static void iwl_parse_dbg_tlv_assert_tables(struct iwl_drv *drv, 638 const struct iwl_ucode_tlv *tlv) 639 { 640 const struct iwl_fw_ini_region_tlv *region; 641 u32 length = le32_to_cpu(tlv->length); 642 u32 addr; 643 644 if (length < offsetof(typeof(*region), special_mem) + 645 sizeof(region->special_mem)) 646 return; 647 648 region = (const void *)tlv->data; 649 addr = le32_to_cpu(region->special_mem.base_addr); 650 addr += le32_to_cpu(region->special_mem.offset); 651 addr &= ~FW_ADDR_CACHE_CONTROL; 652 653 if (region->type != IWL_FW_INI_REGION_SPECIAL_DEVICE_MEMORY) 654 return; 655 656 switch (region->sub_type) { 657 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_UMAC_ERROR_TABLE: 658 drv->trans->dbg.umac_error_event_table = addr; 659 drv->trans->dbg.error_event_table_tlv_status |= 660 IWL_ERROR_EVENT_TABLE_UMAC; 661 break; 662 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_LMAC_1_ERROR_TABLE: 663 drv->trans->dbg.lmac_error_event_table[0] = addr; 664 drv->trans->dbg.error_event_table_tlv_status |= 665 IWL_ERROR_EVENT_TABLE_LMAC1; 666 break; 667 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_LMAC_2_ERROR_TABLE: 668 drv->trans->dbg.lmac_error_event_table[1] = addr; 669 drv->trans->dbg.error_event_table_tlv_status |= 670 IWL_ERROR_EVENT_TABLE_LMAC2; 671 break; 672 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_TCM_1_ERROR_TABLE: 673 drv->trans->dbg.tcm_error_event_table[0] = addr; 674 drv->trans->dbg.error_event_table_tlv_status |= 675 IWL_ERROR_EVENT_TABLE_TCM1; 676 break; 677 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_TCM_2_ERROR_TABLE: 678 drv->trans->dbg.tcm_error_event_table[1] = addr; 679 drv->trans->dbg.error_event_table_tlv_status |= 680 IWL_ERROR_EVENT_TABLE_TCM2; 681 break; 682 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_RCM_1_ERROR_TABLE: 683 drv->trans->dbg.rcm_error_event_table[0] = addr; 684 drv->trans->dbg.error_event_table_tlv_status |= 685 IWL_ERROR_EVENT_TABLE_RCM1; 686 break; 687 case IWL_FW_INI_REGION_DEVICE_MEMORY_SUBTYPE_RCM_2_ERROR_TABLE: 688 drv->trans->dbg.rcm_error_event_table[1] = addr; 689 drv->trans->dbg.error_event_table_tlv_status |= 690 IWL_ERROR_EVENT_TABLE_RCM2; 691 break; 692 default: 693 break; 694 } 695 } 696 697 static int iwl_parse_tlv_firmware(struct iwl_drv *drv, 698 const struct firmware *ucode_raw, 699 struct iwl_firmware_pieces *pieces, 700 struct iwl_ucode_capabilities *capa, 701 bool *usniffer_images) 702 { 703 const struct iwl_tlv_ucode_header *ucode = (const void *)ucode_raw->data; 704 const struct iwl_ucode_tlv *tlv; 705 size_t len = ucode_raw->size; 706 const u8 *data; 707 u32 tlv_len; 708 u32 usniffer_img; 709 enum iwl_ucode_tlv_type tlv_type; 710 const u8 *tlv_data; 711 char buildstr[25]; 712 u32 build, paging_mem_size; 713 int num_of_cpus; 714 bool usniffer_req = false; 715 716 if (len < sizeof(*ucode)) { 717 IWL_ERR(drv, "uCode has invalid length: %zd\n", len); 718 return -EINVAL; 719 } 720 721 if (ucode->magic != cpu_to_le32(IWL_TLV_UCODE_MAGIC)) { 722 IWL_ERR(drv, "invalid uCode magic: 0X%x\n", 723 le32_to_cpu(ucode->magic)); 724 return -EINVAL; 725 } 726 727 drv->fw.ucode_ver = le32_to_cpu(ucode->ver); 728 memcpy(drv->fw.human_readable, ucode->human_readable, 729 sizeof(drv->fw.human_readable)); 730 build = le32_to_cpu(ucode->build); 731 732 if (build) 733 sprintf(buildstr, " build %u", build); 734 else 735 buildstr[0] = '\0'; 736 737 snprintf(drv->fw.fw_version, 738 sizeof(drv->fw.fw_version), 739 "%u.%u.%u.%u%s %s", 740 IWL_UCODE_MAJOR(drv->fw.ucode_ver), 741 IWL_UCODE_MINOR(drv->fw.ucode_ver), 742 IWL_UCODE_API(drv->fw.ucode_ver), 743 IWL_UCODE_SERIAL(drv->fw.ucode_ver), 744 buildstr, iwl_reduced_fw_name(drv)); 745 746 data = ucode->data; 747 748 len -= sizeof(*ucode); 749 750 while (len >= sizeof(*tlv)) { 751 len -= sizeof(*tlv); 752 753 tlv = (const void *)data; 754 tlv_len = le32_to_cpu(tlv->length); 755 tlv_type = le32_to_cpu(tlv->type); 756 tlv_data = tlv->data; 757 758 if (len < tlv_len) { 759 IWL_ERR(drv, "invalid TLV len: %zd/%u\n", 760 len, tlv_len); 761 return -EINVAL; 762 } 763 len -= ALIGN(tlv_len, 4); 764 data += sizeof(*tlv) + ALIGN(tlv_len, 4); 765 766 switch (tlv_type) { 767 case IWL_UCODE_TLV_INST: 768 set_sec_data(pieces, IWL_UCODE_REGULAR, 769 IWL_UCODE_SECTION_INST, tlv_data); 770 set_sec_size(pieces, IWL_UCODE_REGULAR, 771 IWL_UCODE_SECTION_INST, tlv_len); 772 set_sec_offset(pieces, IWL_UCODE_REGULAR, 773 IWL_UCODE_SECTION_INST, 774 IWLAGN_RTC_INST_LOWER_BOUND); 775 break; 776 case IWL_UCODE_TLV_DATA: 777 set_sec_data(pieces, IWL_UCODE_REGULAR, 778 IWL_UCODE_SECTION_DATA, tlv_data); 779 set_sec_size(pieces, IWL_UCODE_REGULAR, 780 IWL_UCODE_SECTION_DATA, tlv_len); 781 set_sec_offset(pieces, IWL_UCODE_REGULAR, 782 IWL_UCODE_SECTION_DATA, 783 IWLAGN_RTC_DATA_LOWER_BOUND); 784 break; 785 case IWL_UCODE_TLV_INIT: 786 set_sec_data(pieces, IWL_UCODE_INIT, 787 IWL_UCODE_SECTION_INST, tlv_data); 788 set_sec_size(pieces, IWL_UCODE_INIT, 789 IWL_UCODE_SECTION_INST, tlv_len); 790 set_sec_offset(pieces, IWL_UCODE_INIT, 791 IWL_UCODE_SECTION_INST, 792 IWLAGN_RTC_INST_LOWER_BOUND); 793 break; 794 case IWL_UCODE_TLV_INIT_DATA: 795 set_sec_data(pieces, IWL_UCODE_INIT, 796 IWL_UCODE_SECTION_DATA, tlv_data); 797 set_sec_size(pieces, IWL_UCODE_INIT, 798 IWL_UCODE_SECTION_DATA, tlv_len); 799 set_sec_offset(pieces, IWL_UCODE_INIT, 800 IWL_UCODE_SECTION_DATA, 801 IWLAGN_RTC_DATA_LOWER_BOUND); 802 break; 803 case IWL_UCODE_TLV_BOOT: 804 IWL_ERR(drv, "Found unexpected BOOT ucode\n"); 805 break; 806 case IWL_UCODE_TLV_PROBE_MAX_LEN: 807 if (tlv_len != sizeof(u32)) 808 goto invalid_tlv_len; 809 capa->max_probe_length = 810 le32_to_cpup((const __le32 *)tlv_data); 811 break; 812 case IWL_UCODE_TLV_PAN: 813 if (tlv_len) 814 goto invalid_tlv_len; 815 capa->flags |= IWL_UCODE_TLV_FLAGS_PAN; 816 break; 817 case IWL_UCODE_TLV_FLAGS: 818 /* must be at least one u32 */ 819 if (tlv_len < sizeof(u32)) 820 goto invalid_tlv_len; 821 /* and a proper number of u32s */ 822 if (tlv_len % sizeof(u32)) 823 goto invalid_tlv_len; 824 /* 825 * This driver only reads the first u32 as 826 * right now no more features are defined, 827 * if that changes then either the driver 828 * will not work with the new firmware, or 829 * it'll not take advantage of new features. 830 */ 831 capa->flags = le32_to_cpup((const __le32 *)tlv_data); 832 break; 833 case IWL_UCODE_TLV_API_CHANGES_SET: 834 if (tlv_len != sizeof(struct iwl_ucode_api)) 835 goto invalid_tlv_len; 836 iwl_set_ucode_api_flags(drv, tlv_data, capa); 837 break; 838 case IWL_UCODE_TLV_ENABLED_CAPABILITIES: 839 if (tlv_len != sizeof(struct iwl_ucode_capa)) 840 goto invalid_tlv_len; 841 iwl_set_ucode_capabilities(drv, tlv_data, capa); 842 break; 843 case IWL_UCODE_TLV_INIT_EVTLOG_PTR: 844 if (tlv_len != sizeof(u32)) 845 goto invalid_tlv_len; 846 pieces->init_evtlog_ptr = 847 le32_to_cpup((const __le32 *)tlv_data); 848 break; 849 case IWL_UCODE_TLV_INIT_EVTLOG_SIZE: 850 if (tlv_len != sizeof(u32)) 851 goto invalid_tlv_len; 852 pieces->init_evtlog_size = 853 le32_to_cpup((const __le32 *)tlv_data); 854 break; 855 case IWL_UCODE_TLV_INIT_ERRLOG_PTR: 856 if (tlv_len != sizeof(u32)) 857 goto invalid_tlv_len; 858 pieces->init_errlog_ptr = 859 le32_to_cpup((const __le32 *)tlv_data); 860 break; 861 case IWL_UCODE_TLV_RUNT_EVTLOG_PTR: 862 if (tlv_len != sizeof(u32)) 863 goto invalid_tlv_len; 864 pieces->inst_evtlog_ptr = 865 le32_to_cpup((const __le32 *)tlv_data); 866 break; 867 case IWL_UCODE_TLV_RUNT_EVTLOG_SIZE: 868 if (tlv_len != sizeof(u32)) 869 goto invalid_tlv_len; 870 pieces->inst_evtlog_size = 871 le32_to_cpup((const __le32 *)tlv_data); 872 break; 873 case IWL_UCODE_TLV_RUNT_ERRLOG_PTR: 874 if (tlv_len != sizeof(u32)) 875 goto invalid_tlv_len; 876 pieces->inst_errlog_ptr = 877 le32_to_cpup((const __le32 *)tlv_data); 878 break; 879 case IWL_UCODE_TLV_ENHANCE_SENS_TBL: 880 if (tlv_len) 881 goto invalid_tlv_len; 882 drv->fw.enhance_sensitivity_table = true; 883 break; 884 case IWL_UCODE_TLV_WOWLAN_INST: 885 set_sec_data(pieces, IWL_UCODE_WOWLAN, 886 IWL_UCODE_SECTION_INST, tlv_data); 887 set_sec_size(pieces, IWL_UCODE_WOWLAN, 888 IWL_UCODE_SECTION_INST, tlv_len); 889 set_sec_offset(pieces, IWL_UCODE_WOWLAN, 890 IWL_UCODE_SECTION_INST, 891 IWLAGN_RTC_INST_LOWER_BOUND); 892 break; 893 case IWL_UCODE_TLV_WOWLAN_DATA: 894 set_sec_data(pieces, IWL_UCODE_WOWLAN, 895 IWL_UCODE_SECTION_DATA, tlv_data); 896 set_sec_size(pieces, IWL_UCODE_WOWLAN, 897 IWL_UCODE_SECTION_DATA, tlv_len); 898 set_sec_offset(pieces, IWL_UCODE_WOWLAN, 899 IWL_UCODE_SECTION_DATA, 900 IWLAGN_RTC_DATA_LOWER_BOUND); 901 break; 902 case IWL_UCODE_TLV_PHY_CALIBRATION_SIZE: 903 if (tlv_len != sizeof(u32)) 904 goto invalid_tlv_len; 905 capa->standard_phy_calibration_size = 906 le32_to_cpup((const __le32 *)tlv_data); 907 break; 908 case IWL_UCODE_TLV_SEC_RT: 909 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_REGULAR, 910 tlv_len); 911 drv->fw.type = IWL_FW_MVM; 912 break; 913 case IWL_UCODE_TLV_SEC_INIT: 914 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_INIT, 915 tlv_len); 916 drv->fw.type = IWL_FW_MVM; 917 break; 918 case IWL_UCODE_TLV_SEC_WOWLAN: 919 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_WOWLAN, 920 tlv_len); 921 drv->fw.type = IWL_FW_MVM; 922 break; 923 case IWL_UCODE_TLV_DEF_CALIB: 924 if (tlv_len != sizeof(struct iwl_tlv_calib_data)) 925 goto invalid_tlv_len; 926 if (iwl_set_default_calib(drv, tlv_data)) 927 goto tlv_error; 928 break; 929 case IWL_UCODE_TLV_PHY_SKU: 930 if (tlv_len != sizeof(u32)) 931 goto invalid_tlv_len; 932 drv->fw.phy_config = le32_to_cpup((const __le32 *)tlv_data); 933 drv->fw.valid_tx_ant = (drv->fw.phy_config & 934 FW_PHY_CFG_TX_CHAIN) >> 935 FW_PHY_CFG_TX_CHAIN_POS; 936 drv->fw.valid_rx_ant = (drv->fw.phy_config & 937 FW_PHY_CFG_RX_CHAIN) >> 938 FW_PHY_CFG_RX_CHAIN_POS; 939 break; 940 case IWL_UCODE_TLV_SECURE_SEC_RT: 941 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_REGULAR, 942 tlv_len); 943 drv->fw.type = IWL_FW_MVM; 944 break; 945 case IWL_UCODE_TLV_SECURE_SEC_INIT: 946 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_INIT, 947 tlv_len); 948 drv->fw.type = IWL_FW_MVM; 949 break; 950 case IWL_UCODE_TLV_SECURE_SEC_WOWLAN: 951 iwl_store_ucode_sec(pieces, tlv_data, IWL_UCODE_WOWLAN, 952 tlv_len); 953 drv->fw.type = IWL_FW_MVM; 954 break; 955 case IWL_UCODE_TLV_NUM_OF_CPU: 956 if (tlv_len != sizeof(u32)) 957 goto invalid_tlv_len; 958 num_of_cpus = 959 le32_to_cpup((const __le32 *)tlv_data); 960 961 if (num_of_cpus == 2) { 962 drv->fw.img[IWL_UCODE_REGULAR].is_dual_cpus = 963 true; 964 drv->fw.img[IWL_UCODE_INIT].is_dual_cpus = 965 true; 966 drv->fw.img[IWL_UCODE_WOWLAN].is_dual_cpus = 967 true; 968 } else if ((num_of_cpus > 2) || (num_of_cpus < 1)) { 969 IWL_ERR(drv, "Driver support up to 2 CPUs\n"); 970 return -EINVAL; 971 } 972 break; 973 case IWL_UCODE_TLV_N_SCAN_CHANNELS: 974 if (tlv_len != sizeof(u32)) 975 goto invalid_tlv_len; 976 capa->n_scan_channels = 977 le32_to_cpup((const __le32 *)tlv_data); 978 break; 979 case IWL_UCODE_TLV_FW_VERSION: { 980 const __le32 *ptr = (const void *)tlv_data; 981 u32 major, minor; 982 u8 local_comp; 983 984 if (tlv_len != sizeof(u32) * 3) 985 goto invalid_tlv_len; 986 987 major = le32_to_cpup(ptr++); 988 minor = le32_to_cpup(ptr++); 989 local_comp = le32_to_cpup(ptr); 990 991 if (major >= 35) 992 snprintf(drv->fw.fw_version, 993 sizeof(drv->fw.fw_version), 994 "%u.%08x.%u %s", major, minor, 995 local_comp, iwl_reduced_fw_name(drv)); 996 else 997 snprintf(drv->fw.fw_version, 998 sizeof(drv->fw.fw_version), 999 "%u.%u.%u %s", major, minor, 1000 local_comp, iwl_reduced_fw_name(drv)); 1001 break; 1002 } 1003 case IWL_UCODE_TLV_FW_DBG_DEST: { 1004 const struct iwl_fw_dbg_dest_tlv *dest = NULL; 1005 const struct iwl_fw_dbg_dest_tlv_v1 *dest_v1 = NULL; 1006 u8 mon_mode; 1007 1008 pieces->dbg_dest_ver = (const u8 *)tlv_data; 1009 if (*pieces->dbg_dest_ver == 1) { 1010 dest = (const void *)tlv_data; 1011 } else if (*pieces->dbg_dest_ver == 0) { 1012 dest_v1 = (const void *)tlv_data; 1013 } else { 1014 IWL_ERR(drv, 1015 "The version is %d, and it is invalid\n", 1016 *pieces->dbg_dest_ver); 1017 break; 1018 } 1019 1020 if (pieces->dbg_dest_tlv_init) { 1021 IWL_ERR(drv, 1022 "dbg destination ignored, already exists\n"); 1023 break; 1024 } 1025 1026 pieces->dbg_dest_tlv_init = true; 1027 1028 if (dest_v1) { 1029 pieces->dbg_dest_tlv_v1 = dest_v1; 1030 mon_mode = dest_v1->monitor_mode; 1031 } else { 1032 pieces->dbg_dest_tlv = dest; 1033 mon_mode = dest->monitor_mode; 1034 } 1035 1036 IWL_INFO(drv, "Found debug destination: %s\n", 1037 get_fw_dbg_mode_string(mon_mode)); 1038 1039 drv->fw.dbg.n_dest_reg = (dest_v1) ? 1040 tlv_len - 1041 offsetof(struct iwl_fw_dbg_dest_tlv_v1, 1042 reg_ops) : 1043 tlv_len - 1044 offsetof(struct iwl_fw_dbg_dest_tlv, 1045 reg_ops); 1046 1047 drv->fw.dbg.n_dest_reg /= 1048 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]); 1049 1050 break; 1051 } 1052 case IWL_UCODE_TLV_FW_DBG_CONF: { 1053 const struct iwl_fw_dbg_conf_tlv *conf = 1054 (const void *)tlv_data; 1055 1056 if (!pieces->dbg_dest_tlv_init) { 1057 IWL_ERR(drv, 1058 "Ignore dbg config %d - no destination configured\n", 1059 conf->id); 1060 break; 1061 } 1062 1063 if (conf->id >= ARRAY_SIZE(drv->fw.dbg.conf_tlv)) { 1064 IWL_ERR(drv, 1065 "Skip unknown configuration: %d\n", 1066 conf->id); 1067 break; 1068 } 1069 1070 if (pieces->dbg_conf_tlv[conf->id]) { 1071 IWL_ERR(drv, 1072 "Ignore duplicate dbg config %d\n", 1073 conf->id); 1074 break; 1075 } 1076 1077 if (conf->usniffer) 1078 usniffer_req = true; 1079 1080 IWL_INFO(drv, "Found debug configuration: %d\n", 1081 conf->id); 1082 1083 pieces->dbg_conf_tlv[conf->id] = conf; 1084 pieces->dbg_conf_tlv_len[conf->id] = tlv_len; 1085 break; 1086 } 1087 case IWL_UCODE_TLV_FW_DBG_TRIGGER: { 1088 const struct iwl_fw_dbg_trigger_tlv *trigger = 1089 (const void *)tlv_data; 1090 u32 trigger_id = le32_to_cpu(trigger->id); 1091 1092 if (trigger_id >= ARRAY_SIZE(drv->fw.dbg.trigger_tlv)) { 1093 IWL_ERR(drv, 1094 "Skip unknown trigger: %u\n", 1095 trigger->id); 1096 break; 1097 } 1098 1099 if (pieces->dbg_trigger_tlv[trigger_id]) { 1100 IWL_ERR(drv, 1101 "Ignore duplicate dbg trigger %u\n", 1102 trigger->id); 1103 break; 1104 } 1105 1106 IWL_INFO(drv, "Found debug trigger: %u\n", trigger->id); 1107 1108 pieces->dbg_trigger_tlv[trigger_id] = trigger; 1109 pieces->dbg_trigger_tlv_len[trigger_id] = tlv_len; 1110 break; 1111 } 1112 case IWL_UCODE_TLV_FW_DBG_DUMP_LST: { 1113 if (tlv_len != sizeof(u32)) { 1114 IWL_ERR(drv, 1115 "dbg lst mask size incorrect, skip\n"); 1116 break; 1117 } 1118 1119 drv->fw.dbg.dump_mask = 1120 le32_to_cpup((const __le32 *)tlv_data); 1121 break; 1122 } 1123 case IWL_UCODE_TLV_SEC_RT_USNIFFER: 1124 *usniffer_images = true; 1125 iwl_store_ucode_sec(pieces, tlv_data, 1126 IWL_UCODE_REGULAR_USNIFFER, 1127 tlv_len); 1128 break; 1129 case IWL_UCODE_TLV_PAGING: 1130 if (tlv_len != sizeof(u32)) 1131 goto invalid_tlv_len; 1132 paging_mem_size = le32_to_cpup((const __le32 *)tlv_data); 1133 1134 IWL_DEBUG_FW(drv, 1135 "Paging: paging enabled (size = %u bytes)\n", 1136 paging_mem_size); 1137 1138 if (paging_mem_size > MAX_PAGING_IMAGE_SIZE) { 1139 IWL_ERR(drv, 1140 "Paging: driver supports up to %lu bytes for paging image\n", 1141 MAX_PAGING_IMAGE_SIZE); 1142 return -EINVAL; 1143 } 1144 1145 if (paging_mem_size & (FW_PAGING_SIZE - 1)) { 1146 IWL_ERR(drv, 1147 "Paging: image isn't multiple %lu\n", 1148 FW_PAGING_SIZE); 1149 return -EINVAL; 1150 } 1151 1152 drv->fw.img[IWL_UCODE_REGULAR].paging_mem_size = 1153 paging_mem_size; 1154 usniffer_img = IWL_UCODE_REGULAR_USNIFFER; 1155 drv->fw.img[usniffer_img].paging_mem_size = 1156 paging_mem_size; 1157 break; 1158 case IWL_UCODE_TLV_FW_GSCAN_CAPA: 1159 /* ignored */ 1160 break; 1161 case IWL_UCODE_TLV_FW_MEM_SEG: { 1162 const struct iwl_fw_dbg_mem_seg_tlv *dbg_mem = 1163 (const void *)tlv_data; 1164 size_t size; 1165 struct iwl_fw_dbg_mem_seg_tlv *n; 1166 1167 if (tlv_len != (sizeof(*dbg_mem))) 1168 goto invalid_tlv_len; 1169 1170 IWL_DEBUG_INFO(drv, "Found debug memory segment: %u\n", 1171 dbg_mem->data_type); 1172 1173 size = sizeof(*pieces->dbg_mem_tlv) * 1174 (pieces->n_mem_tlv + 1); 1175 n = krealloc(pieces->dbg_mem_tlv, size, GFP_KERNEL); 1176 if (!n) 1177 return -ENOMEM; 1178 pieces->dbg_mem_tlv = n; 1179 pieces->dbg_mem_tlv[pieces->n_mem_tlv] = *dbg_mem; 1180 pieces->n_mem_tlv++; 1181 break; 1182 } 1183 case IWL_UCODE_TLV_IML: { 1184 drv->fw.iml_len = tlv_len; 1185 drv->fw.iml = kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1186 if (!drv->fw.iml) 1187 return -ENOMEM; 1188 break; 1189 } 1190 case IWL_UCODE_TLV_FW_RECOVERY_INFO: { 1191 const struct { 1192 __le32 buf_addr; 1193 __le32 buf_size; 1194 } *recov_info = (const void *)tlv_data; 1195 1196 if (tlv_len != sizeof(*recov_info)) 1197 goto invalid_tlv_len; 1198 capa->error_log_addr = 1199 le32_to_cpu(recov_info->buf_addr); 1200 capa->error_log_size = 1201 le32_to_cpu(recov_info->buf_size); 1202 } 1203 break; 1204 case IWL_UCODE_TLV_FW_FSEQ_VERSION: { 1205 const struct { 1206 u8 version[32]; 1207 u8 sha1[20]; 1208 } *fseq_ver = (const void *)tlv_data; 1209 1210 if (tlv_len != sizeof(*fseq_ver)) 1211 goto invalid_tlv_len; 1212 IWL_INFO(drv, "TLV_FW_FSEQ_VERSION: %s\n", 1213 fseq_ver->version); 1214 } 1215 break; 1216 case IWL_UCODE_TLV_FW_NUM_STATIONS: 1217 if (tlv_len != sizeof(u32)) 1218 goto invalid_tlv_len; 1219 if (le32_to_cpup((const __le32 *)tlv_data) > 1220 IWL_MVM_STATION_COUNT_MAX) { 1221 IWL_ERR(drv, 1222 "%d is an invalid number of station\n", 1223 le32_to_cpup((const __le32 *)tlv_data)); 1224 goto tlv_error; 1225 } 1226 capa->num_stations = 1227 le32_to_cpup((const __le32 *)tlv_data); 1228 break; 1229 case IWL_UCODE_TLV_FW_NUM_BEACONS: 1230 if (tlv_len != sizeof(u32)) 1231 goto invalid_tlv_len; 1232 capa->num_beacons = 1233 le32_to_cpup((const __le32 *)tlv_data); 1234 break; 1235 case IWL_UCODE_TLV_UMAC_DEBUG_ADDRS: { 1236 const struct iwl_umac_debug_addrs *dbg_ptrs = 1237 (const void *)tlv_data; 1238 1239 if (tlv_len != sizeof(*dbg_ptrs)) 1240 goto invalid_tlv_len; 1241 if (drv->trans->trans_cfg->device_family < 1242 IWL_DEVICE_FAMILY_22000) 1243 break; 1244 drv->trans->dbg.umac_error_event_table = 1245 le32_to_cpu(dbg_ptrs->error_info_addr) & 1246 ~FW_ADDR_CACHE_CONTROL; 1247 drv->trans->dbg.error_event_table_tlv_status |= 1248 IWL_ERROR_EVENT_TABLE_UMAC; 1249 break; 1250 } 1251 case IWL_UCODE_TLV_LMAC_DEBUG_ADDRS: { 1252 const struct iwl_lmac_debug_addrs *dbg_ptrs = 1253 (const void *)tlv_data; 1254 1255 if (tlv_len != sizeof(*dbg_ptrs)) 1256 goto invalid_tlv_len; 1257 if (drv->trans->trans_cfg->device_family < 1258 IWL_DEVICE_FAMILY_22000) 1259 break; 1260 drv->trans->dbg.lmac_error_event_table[0] = 1261 le32_to_cpu(dbg_ptrs->error_event_table_ptr) & 1262 ~FW_ADDR_CACHE_CONTROL; 1263 drv->trans->dbg.error_event_table_tlv_status |= 1264 IWL_ERROR_EVENT_TABLE_LMAC1; 1265 break; 1266 } 1267 case IWL_UCODE_TLV_TYPE_REGIONS: 1268 iwl_parse_dbg_tlv_assert_tables(drv, tlv); 1269 fallthrough; 1270 case IWL_UCODE_TLV_TYPE_DEBUG_INFO: 1271 case IWL_UCODE_TLV_TYPE_BUFFER_ALLOCATION: 1272 case IWL_UCODE_TLV_TYPE_HCMD: 1273 case IWL_UCODE_TLV_TYPE_TRIGGERS: 1274 case IWL_UCODE_TLV_TYPE_CONF_SET: 1275 if (iwlwifi_mod_params.enable_ini) 1276 iwl_dbg_tlv_alloc(drv->trans, tlv, false); 1277 break; 1278 case IWL_UCODE_TLV_CMD_VERSIONS: 1279 if (tlv_len % sizeof(struct iwl_fw_cmd_version)) { 1280 IWL_ERR(drv, 1281 "Invalid length for command versions: %u\n", 1282 tlv_len); 1283 tlv_len /= sizeof(struct iwl_fw_cmd_version); 1284 tlv_len *= sizeof(struct iwl_fw_cmd_version); 1285 } 1286 if (WARN_ON(capa->cmd_versions)) 1287 return -EINVAL; 1288 capa->cmd_versions = kmemdup(tlv_data, tlv_len, 1289 GFP_KERNEL); 1290 if (!capa->cmd_versions) 1291 return -ENOMEM; 1292 capa->n_cmd_versions = 1293 tlv_len / sizeof(struct iwl_fw_cmd_version); 1294 break; 1295 case IWL_UCODE_TLV_PHY_INTEGRATION_VERSION: 1296 if (drv->fw.phy_integration_ver) { 1297 IWL_ERR(drv, 1298 "phy integration str ignored, already exists\n"); 1299 break; 1300 } 1301 1302 drv->fw.phy_integration_ver = 1303 kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1304 if (!drv->fw.phy_integration_ver) 1305 return -ENOMEM; 1306 drv->fw.phy_integration_ver_len = tlv_len; 1307 break; 1308 case IWL_UCODE_TLV_SEC_TABLE_ADDR: 1309 case IWL_UCODE_TLV_D3_KEK_KCK_ADDR: 1310 iwl_drv_set_dump_exclude(drv, tlv_type, 1311 tlv_data, tlv_len); 1312 break; 1313 case IWL_UCODE_TLV_CURRENT_PC: 1314 if (tlv_len < sizeof(struct iwl_pc_data)) 1315 goto invalid_tlv_len; 1316 drv->trans->dbg.pc_data = 1317 kmemdup(tlv_data, tlv_len, GFP_KERNEL); 1318 if (!drv->trans->dbg.pc_data) 1319 return -ENOMEM; 1320 drv->trans->dbg.num_pc = 1321 tlv_len / sizeof(struct iwl_pc_data); 1322 break; 1323 default: 1324 IWL_DEBUG_INFO(drv, "unknown TLV: %d\n", tlv_type); 1325 break; 1326 } 1327 } 1328 1329 if (!fw_has_capa(capa, IWL_UCODE_TLV_CAPA_USNIFFER_UNIFIED) && 1330 usniffer_req && !*usniffer_images) { 1331 IWL_ERR(drv, 1332 "user selected to work with usniffer but usniffer image isn't available in ucode package\n"); 1333 return -EINVAL; 1334 } 1335 1336 if (len) { 1337 IWL_ERR(drv, "invalid TLV after parsing: %zd\n", len); 1338 iwl_print_hex_dump(drv, IWL_DL_FW, data, len); 1339 return -EINVAL; 1340 } 1341 1342 return 0; 1343 1344 invalid_tlv_len: 1345 IWL_ERR(drv, "TLV %d has invalid size: %u\n", tlv_type, tlv_len); 1346 tlv_error: 1347 iwl_print_hex_dump(drv, IWL_DL_FW, tlv_data, tlv_len); 1348 1349 return -EINVAL; 1350 } 1351 1352 static int iwl_alloc_ucode(struct iwl_drv *drv, 1353 struct iwl_firmware_pieces *pieces, 1354 enum iwl_ucode_type type) 1355 { 1356 int i; 1357 struct fw_desc *sec; 1358 1359 sec = kcalloc(pieces->img[type].sec_counter, sizeof(*sec), GFP_KERNEL); 1360 if (!sec) 1361 return -ENOMEM; 1362 drv->fw.img[type].sec = sec; 1363 drv->fw.img[type].num_sec = pieces->img[type].sec_counter; 1364 1365 for (i = 0; i < pieces->img[type].sec_counter; i++) 1366 if (iwl_alloc_fw_desc(drv, &sec[i], get_sec(pieces, type, i))) 1367 return -ENOMEM; 1368 1369 return 0; 1370 } 1371 1372 static int validate_sec_sizes(struct iwl_drv *drv, 1373 struct iwl_firmware_pieces *pieces, 1374 const struct iwl_cfg *cfg) 1375 { 1376 IWL_DEBUG_INFO(drv, "f/w package hdr runtime inst size = %zd\n", 1377 get_sec_size(pieces, IWL_UCODE_REGULAR, 1378 IWL_UCODE_SECTION_INST)); 1379 IWL_DEBUG_INFO(drv, "f/w package hdr runtime data size = %zd\n", 1380 get_sec_size(pieces, IWL_UCODE_REGULAR, 1381 IWL_UCODE_SECTION_DATA)); 1382 IWL_DEBUG_INFO(drv, "f/w package hdr init inst size = %zd\n", 1383 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST)); 1384 IWL_DEBUG_INFO(drv, "f/w package hdr init data size = %zd\n", 1385 get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA)); 1386 1387 /* Verify that uCode images will fit in card's SRAM. */ 1388 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_INST) > 1389 cfg->max_inst_size) { 1390 IWL_ERR(drv, "uCode instr len %zd too large to fit in\n", 1391 get_sec_size(pieces, IWL_UCODE_REGULAR, 1392 IWL_UCODE_SECTION_INST)); 1393 return -1; 1394 } 1395 1396 if (get_sec_size(pieces, IWL_UCODE_REGULAR, IWL_UCODE_SECTION_DATA) > 1397 cfg->max_data_size) { 1398 IWL_ERR(drv, "uCode data len %zd too large to fit in\n", 1399 get_sec_size(pieces, IWL_UCODE_REGULAR, 1400 IWL_UCODE_SECTION_DATA)); 1401 return -1; 1402 } 1403 1404 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_INST) > 1405 cfg->max_inst_size) { 1406 IWL_ERR(drv, "uCode init instr len %zd too large to fit in\n", 1407 get_sec_size(pieces, IWL_UCODE_INIT, 1408 IWL_UCODE_SECTION_INST)); 1409 return -1; 1410 } 1411 1412 if (get_sec_size(pieces, IWL_UCODE_INIT, IWL_UCODE_SECTION_DATA) > 1413 cfg->max_data_size) { 1414 IWL_ERR(drv, "uCode init data len %zd too large to fit in\n", 1415 get_sec_size(pieces, IWL_UCODE_REGULAR, 1416 IWL_UCODE_SECTION_DATA)); 1417 return -1; 1418 } 1419 return 0; 1420 } 1421 1422 static struct iwl_op_mode * 1423 _iwl_op_mode_start(struct iwl_drv *drv, struct iwlwifi_opmode_table *op) 1424 { 1425 const struct iwl_op_mode_ops *ops = op->ops; 1426 struct dentry *dbgfs_dir = NULL; 1427 struct iwl_op_mode *op_mode = NULL; 1428 1429 /* also protects start/stop from racing against each other */ 1430 lockdep_assert_held(&iwlwifi_opmode_table_mtx); 1431 1432 #ifdef CONFIG_IWLWIFI_DEBUGFS 1433 drv->dbgfs_op_mode = debugfs_create_dir(op->name, 1434 drv->dbgfs_drv); 1435 dbgfs_dir = drv->dbgfs_op_mode; 1436 #endif 1437 1438 op_mode = ops->start(drv->trans, drv->trans->cfg, 1439 &drv->fw, dbgfs_dir); 1440 if (op_mode) 1441 return op_mode; 1442 1443 #ifdef CONFIG_IWLWIFI_DEBUGFS 1444 debugfs_remove_recursive(drv->dbgfs_op_mode); 1445 drv->dbgfs_op_mode = NULL; 1446 #endif 1447 1448 return NULL; 1449 } 1450 1451 static void _iwl_op_mode_stop(struct iwl_drv *drv) 1452 { 1453 /* also protects start/stop from racing against each other */ 1454 lockdep_assert_held(&iwlwifi_opmode_table_mtx); 1455 1456 /* op_mode can be NULL if its start failed */ 1457 if (drv->op_mode) { 1458 iwl_op_mode_stop(drv->op_mode); 1459 drv->op_mode = NULL; 1460 1461 #ifdef CONFIG_IWLWIFI_DEBUGFS 1462 debugfs_remove_recursive(drv->dbgfs_op_mode); 1463 drv->dbgfs_op_mode = NULL; 1464 #endif 1465 } 1466 } 1467 1468 /* 1469 * iwl_req_fw_callback - callback when firmware was loaded 1470 * 1471 * If loaded successfully, copies the firmware into buffers 1472 * for the card to fetch (via DMA). 1473 */ 1474 static void iwl_req_fw_callback(const struct firmware *ucode_raw, void *context) 1475 { 1476 struct iwl_drv *drv = context; 1477 struct iwl_fw *fw = &drv->fw; 1478 const struct iwl_ucode_header *ucode; 1479 struct iwlwifi_opmode_table *op; 1480 int err; 1481 struct iwl_firmware_pieces *pieces; 1482 const unsigned int api_max = drv->trans->cfg->ucode_api_max; 1483 const unsigned int api_min = drv->trans->cfg->ucode_api_min; 1484 size_t trigger_tlv_sz[FW_DBG_TRIGGER_MAX]; 1485 u32 api_ver; 1486 int i; 1487 bool load_module = false; 1488 bool usniffer_images = false; 1489 bool failure = true; 1490 1491 fw->ucode_capa.max_probe_length = IWL_DEFAULT_MAX_PROBE_LENGTH; 1492 fw->ucode_capa.standard_phy_calibration_size = 1493 IWL_DEFAULT_STANDARD_PHY_CALIBRATE_TBL_SIZE; 1494 fw->ucode_capa.n_scan_channels = IWL_DEFAULT_SCAN_CHANNELS; 1495 fw->ucode_capa.num_stations = IWL_MVM_STATION_COUNT_MAX; 1496 fw->ucode_capa.num_beacons = 1; 1497 /* dump all fw memory areas by default */ 1498 fw->dbg.dump_mask = 0xffffffff; 1499 1500 pieces = kzalloc(sizeof(*pieces), GFP_KERNEL); 1501 if (!pieces) 1502 goto out_free_fw; 1503 1504 if (!ucode_raw) 1505 goto try_again; 1506 1507 IWL_DEBUG_FW_INFO(drv, "Loaded firmware file '%s' (%zd bytes).\n", 1508 drv->firmware_name, ucode_raw->size); 1509 1510 /* Make sure that we got at least the API version number */ 1511 if (ucode_raw->size < 4) { 1512 IWL_ERR(drv, "File size way too small!\n"); 1513 goto try_again; 1514 } 1515 1516 /* Data from ucode file: header followed by uCode images */ 1517 ucode = (const struct iwl_ucode_header *)ucode_raw->data; 1518 1519 if (ucode->ver) 1520 err = iwl_parse_v1_v2_firmware(drv, ucode_raw, pieces); 1521 else 1522 err = iwl_parse_tlv_firmware(drv, ucode_raw, pieces, 1523 &fw->ucode_capa, &usniffer_images); 1524 1525 if (err) 1526 goto try_again; 1527 1528 if (fw_has_api(&drv->fw.ucode_capa, IWL_UCODE_TLV_API_NEW_VERSION)) 1529 api_ver = drv->fw.ucode_ver; 1530 else 1531 api_ver = IWL_UCODE_API(drv->fw.ucode_ver); 1532 1533 /* 1534 * api_ver should match the api version forming part of the 1535 * firmware filename ... but we don't check for that and only rely 1536 * on the API version read from firmware header from here on forward 1537 */ 1538 if (api_ver < api_min || api_ver > api_max) { 1539 IWL_ERR(drv, 1540 "Driver unable to support your firmware API. " 1541 "Driver supports v%u, firmware is v%u.\n", 1542 api_max, api_ver); 1543 goto try_again; 1544 } 1545 1546 /* 1547 * In mvm uCode there is no difference between data and instructions 1548 * sections. 1549 */ 1550 if (fw->type == IWL_FW_DVM && validate_sec_sizes(drv, pieces, 1551 drv->trans->cfg)) 1552 goto try_again; 1553 1554 /* Allocate ucode buffers for card's bus-master loading ... */ 1555 1556 /* Runtime instructions and 2 copies of data: 1557 * 1) unmodified from disk 1558 * 2) backup cache for save/restore during power-downs 1559 */ 1560 for (i = 0; i < IWL_UCODE_TYPE_MAX; i++) 1561 if (iwl_alloc_ucode(drv, pieces, i)) 1562 goto out_free_fw; 1563 1564 if (pieces->dbg_dest_tlv_init) { 1565 size_t dbg_dest_size = sizeof(*drv->fw.dbg.dest_tlv) + 1566 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]) * 1567 drv->fw.dbg.n_dest_reg; 1568 1569 drv->fw.dbg.dest_tlv = kmalloc(dbg_dest_size, GFP_KERNEL); 1570 1571 if (!drv->fw.dbg.dest_tlv) 1572 goto out_free_fw; 1573 1574 if (*pieces->dbg_dest_ver == 0) { 1575 memcpy(drv->fw.dbg.dest_tlv, pieces->dbg_dest_tlv_v1, 1576 dbg_dest_size); 1577 } else { 1578 struct iwl_fw_dbg_dest_tlv_v1 *dest_tlv = 1579 drv->fw.dbg.dest_tlv; 1580 1581 dest_tlv->version = pieces->dbg_dest_tlv->version; 1582 dest_tlv->monitor_mode = 1583 pieces->dbg_dest_tlv->monitor_mode; 1584 dest_tlv->size_power = 1585 pieces->dbg_dest_tlv->size_power; 1586 dest_tlv->wrap_count = 1587 pieces->dbg_dest_tlv->wrap_count; 1588 dest_tlv->write_ptr_reg = 1589 pieces->dbg_dest_tlv->write_ptr_reg; 1590 dest_tlv->base_shift = 1591 pieces->dbg_dest_tlv->base_shift; 1592 memcpy(dest_tlv->reg_ops, 1593 pieces->dbg_dest_tlv->reg_ops, 1594 sizeof(drv->fw.dbg.dest_tlv->reg_ops[0]) * 1595 drv->fw.dbg.n_dest_reg); 1596 1597 /* In version 1 of the destination tlv, which is 1598 * relevant for internal buffer exclusively, 1599 * the base address is part of given with the length 1600 * of the buffer, and the size shift is give instead of 1601 * end shift. We now store these values in base_reg, 1602 * and end shift, and when dumping the data we'll 1603 * manipulate it for extracting both the length and 1604 * base address */ 1605 dest_tlv->base_reg = pieces->dbg_dest_tlv->cfg_reg; 1606 dest_tlv->end_shift = 1607 pieces->dbg_dest_tlv->size_shift; 1608 } 1609 } 1610 1611 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.conf_tlv); i++) { 1612 if (pieces->dbg_conf_tlv[i]) { 1613 drv->fw.dbg.conf_tlv[i] = 1614 kmemdup(pieces->dbg_conf_tlv[i], 1615 pieces->dbg_conf_tlv_len[i], 1616 GFP_KERNEL); 1617 if (!drv->fw.dbg.conf_tlv[i]) 1618 goto out_free_fw; 1619 } 1620 } 1621 1622 memset(&trigger_tlv_sz, 0xff, sizeof(trigger_tlv_sz)); 1623 1624 trigger_tlv_sz[FW_DBG_TRIGGER_MISSED_BEACONS] = 1625 sizeof(struct iwl_fw_dbg_trigger_missed_bcon); 1626 trigger_tlv_sz[FW_DBG_TRIGGER_CHANNEL_SWITCH] = 0; 1627 trigger_tlv_sz[FW_DBG_TRIGGER_FW_NOTIF] = 1628 sizeof(struct iwl_fw_dbg_trigger_cmd); 1629 trigger_tlv_sz[FW_DBG_TRIGGER_MLME] = 1630 sizeof(struct iwl_fw_dbg_trigger_mlme); 1631 trigger_tlv_sz[FW_DBG_TRIGGER_STATS] = 1632 sizeof(struct iwl_fw_dbg_trigger_stats); 1633 trigger_tlv_sz[FW_DBG_TRIGGER_RSSI] = 1634 sizeof(struct iwl_fw_dbg_trigger_low_rssi); 1635 trigger_tlv_sz[FW_DBG_TRIGGER_TXQ_TIMERS] = 1636 sizeof(struct iwl_fw_dbg_trigger_txq_timer); 1637 trigger_tlv_sz[FW_DBG_TRIGGER_TIME_EVENT] = 1638 sizeof(struct iwl_fw_dbg_trigger_time_event); 1639 trigger_tlv_sz[FW_DBG_TRIGGER_BA] = 1640 sizeof(struct iwl_fw_dbg_trigger_ba); 1641 trigger_tlv_sz[FW_DBG_TRIGGER_TDLS] = 1642 sizeof(struct iwl_fw_dbg_trigger_tdls); 1643 1644 for (i = 0; i < ARRAY_SIZE(drv->fw.dbg.trigger_tlv); i++) { 1645 if (pieces->dbg_trigger_tlv[i]) { 1646 /* 1647 * If the trigger isn't long enough, WARN and exit. 1648 * Someone is trying to debug something and he won't 1649 * be able to catch the bug he is trying to chase. 1650 * We'd better be noisy to be sure he knows what's 1651 * going on. 1652 */ 1653 if (WARN_ON(pieces->dbg_trigger_tlv_len[i] < 1654 (trigger_tlv_sz[i] + 1655 sizeof(struct iwl_fw_dbg_trigger_tlv)))) 1656 goto out_free_fw; 1657 drv->fw.dbg.trigger_tlv_len[i] = 1658 pieces->dbg_trigger_tlv_len[i]; 1659 drv->fw.dbg.trigger_tlv[i] = 1660 kmemdup(pieces->dbg_trigger_tlv[i], 1661 drv->fw.dbg.trigger_tlv_len[i], 1662 GFP_KERNEL); 1663 if (!drv->fw.dbg.trigger_tlv[i]) 1664 goto out_free_fw; 1665 } 1666 } 1667 1668 /* Now that we can no longer fail, copy information */ 1669 1670 drv->fw.dbg.mem_tlv = pieces->dbg_mem_tlv; 1671 pieces->dbg_mem_tlv = NULL; 1672 drv->fw.dbg.n_mem_tlv = pieces->n_mem_tlv; 1673 1674 /* 1675 * The (size - 16) / 12 formula is based on the information recorded 1676 * for each event, which is of mode 1 (including timestamp) for all 1677 * new microcodes that include this information. 1678 */ 1679 fw->init_evtlog_ptr = pieces->init_evtlog_ptr; 1680 if (pieces->init_evtlog_size) 1681 fw->init_evtlog_size = (pieces->init_evtlog_size - 16)/12; 1682 else 1683 fw->init_evtlog_size = 1684 drv->trans->trans_cfg->base_params->max_event_log_size; 1685 fw->init_errlog_ptr = pieces->init_errlog_ptr; 1686 fw->inst_evtlog_ptr = pieces->inst_evtlog_ptr; 1687 if (pieces->inst_evtlog_size) 1688 fw->inst_evtlog_size = (pieces->inst_evtlog_size - 16)/12; 1689 else 1690 fw->inst_evtlog_size = 1691 drv->trans->trans_cfg->base_params->max_event_log_size; 1692 fw->inst_errlog_ptr = pieces->inst_errlog_ptr; 1693 1694 /* 1695 * figure out the offset of chain noise reset and gain commands 1696 * base on the size of standard phy calibration commands table size 1697 */ 1698 if (fw->ucode_capa.standard_phy_calibration_size > 1699 IWL_MAX_PHY_CALIBRATE_TBL_SIZE) 1700 fw->ucode_capa.standard_phy_calibration_size = 1701 IWL_MAX_STANDARD_PHY_CALIBRATE_TBL_SIZE; 1702 1703 /* We have our copies now, allow OS release its copies */ 1704 release_firmware(ucode_raw); 1705 1706 iwl_dbg_tlv_load_bin(drv->trans->dev, drv->trans); 1707 1708 mutex_lock(&iwlwifi_opmode_table_mtx); 1709 switch (fw->type) { 1710 case IWL_FW_DVM: 1711 op = &iwlwifi_opmode_table[DVM_OP_MODE]; 1712 break; 1713 default: 1714 WARN(1, "Invalid fw type %d\n", fw->type); 1715 fallthrough; 1716 case IWL_FW_MVM: 1717 op = &iwlwifi_opmode_table[MVM_OP_MODE]; 1718 break; 1719 } 1720 1721 IWL_INFO(drv, "loaded firmware version %s op_mode %s\n", 1722 drv->fw.fw_version, op->name); 1723 1724 /* add this device to the list of devices using this op_mode */ 1725 list_add_tail(&drv->list, &op->drv); 1726 1727 if (op->ops) { 1728 drv->op_mode = _iwl_op_mode_start(drv, op); 1729 1730 if (!drv->op_mode) { 1731 mutex_unlock(&iwlwifi_opmode_table_mtx); 1732 goto out_unbind; 1733 } 1734 } else { 1735 load_module = true; 1736 } 1737 mutex_unlock(&iwlwifi_opmode_table_mtx); 1738 1739 complete(&drv->request_firmware_complete); 1740 1741 /* 1742 * Load the module last so we don't block anything 1743 * else from proceeding if the module fails to load 1744 * or hangs loading. 1745 */ 1746 if (load_module) 1747 request_module("%s", op->name); 1748 failure = false; 1749 goto free; 1750 1751 try_again: 1752 /* try next, if any */ 1753 release_firmware(ucode_raw); 1754 if (iwl_request_firmware(drv, false)) 1755 goto out_unbind; 1756 goto free; 1757 1758 out_free_fw: 1759 release_firmware(ucode_raw); 1760 out_unbind: 1761 complete(&drv->request_firmware_complete); 1762 device_release_driver(drv->trans->dev); 1763 /* drv has just been freed by the release */ 1764 failure = false; 1765 free: 1766 if (failure) 1767 iwl_dealloc_ucode(drv); 1768 1769 if (pieces) { 1770 for (i = 0; i < ARRAY_SIZE(pieces->img); i++) 1771 kfree(pieces->img[i].sec); 1772 kfree(pieces->dbg_mem_tlv); 1773 kfree(pieces); 1774 } 1775 } 1776 1777 struct iwl_drv *iwl_drv_start(struct iwl_trans *trans) 1778 { 1779 struct iwl_drv *drv; 1780 int ret; 1781 1782 drv = kzalloc(sizeof(*drv), GFP_KERNEL); 1783 if (!drv) { 1784 ret = -ENOMEM; 1785 goto err; 1786 } 1787 1788 drv->trans = trans; 1789 drv->dev = trans->dev; 1790 1791 init_completion(&drv->request_firmware_complete); 1792 INIT_LIST_HEAD(&drv->list); 1793 1794 #ifdef CONFIG_IWLWIFI_DEBUGFS 1795 /* Create the device debugfs entries. */ 1796 drv->dbgfs_drv = debugfs_create_dir(dev_name(trans->dev), 1797 iwl_dbgfs_root); 1798 1799 /* Create transport layer debugfs dir */ 1800 drv->trans->dbgfs_dir = debugfs_create_dir("trans", drv->dbgfs_drv); 1801 #endif 1802 1803 drv->trans->dbg.domains_bitmap = IWL_TRANS_FW_DBG_DOMAIN(drv->trans); 1804 if (iwlwifi_mod_params.enable_ini != ENABLE_INI) { 1805 /* We have a non-default value in the module parameter, 1806 * take its value 1807 */ 1808 drv->trans->dbg.domains_bitmap &= 0xffff; 1809 if (iwlwifi_mod_params.enable_ini != IWL_FW_INI_PRESET_DISABLE) { 1810 if (iwlwifi_mod_params.enable_ini > ENABLE_INI) { 1811 IWL_ERR(trans, 1812 "invalid enable_ini module parameter value: max = %d, using 0 instead\n", 1813 ENABLE_INI); 1814 iwlwifi_mod_params.enable_ini = 0; 1815 } 1816 drv->trans->dbg.domains_bitmap = 1817 BIT(IWL_FW_DBG_DOMAIN_POS + iwlwifi_mod_params.enable_ini); 1818 } 1819 } 1820 1821 ret = iwl_request_firmware(drv, true); 1822 if (ret) { 1823 IWL_ERR(trans, "Couldn't request the fw\n"); 1824 goto err_fw; 1825 } 1826 1827 return drv; 1828 1829 err_fw: 1830 #ifdef CONFIG_IWLWIFI_DEBUGFS 1831 debugfs_remove_recursive(drv->dbgfs_drv); 1832 iwl_dbg_tlv_free(drv->trans); 1833 #endif 1834 kfree(drv); 1835 err: 1836 return ERR_PTR(ret); 1837 } 1838 1839 void iwl_drv_stop(struct iwl_drv *drv) 1840 { 1841 wait_for_completion(&drv->request_firmware_complete); 1842 1843 mutex_lock(&iwlwifi_opmode_table_mtx); 1844 1845 _iwl_op_mode_stop(drv); 1846 1847 iwl_dealloc_ucode(drv); 1848 1849 /* 1850 * List is empty (this item wasn't added) 1851 * when firmware loading failed -- in that 1852 * case we can't remove it from any list. 1853 */ 1854 if (!list_empty(&drv->list)) 1855 list_del(&drv->list); 1856 mutex_unlock(&iwlwifi_opmode_table_mtx); 1857 1858 #ifdef CONFIG_IWLWIFI_DEBUGFS 1859 drv->trans->ops->debugfs_cleanup(drv->trans); 1860 1861 debugfs_remove_recursive(drv->dbgfs_drv); 1862 #endif 1863 1864 iwl_dbg_tlv_free(drv->trans); 1865 1866 kfree(drv); 1867 } 1868 1869 /* shared module parameters */ 1870 struct iwl_mod_params iwlwifi_mod_params = { 1871 .fw_restart = true, 1872 .bt_coex_active = true, 1873 .power_level = IWL_POWER_INDEX_1, 1874 .uapsd_disable = IWL_DISABLE_UAPSD_BSS | IWL_DISABLE_UAPSD_P2P_CLIENT, 1875 .enable_ini = ENABLE_INI, 1876 /* the rest are 0 by default */ 1877 }; 1878 IWL_EXPORT_SYMBOL(iwlwifi_mod_params); 1879 1880 int iwl_opmode_register(const char *name, const struct iwl_op_mode_ops *ops) 1881 { 1882 int i; 1883 struct iwl_drv *drv; 1884 struct iwlwifi_opmode_table *op; 1885 1886 mutex_lock(&iwlwifi_opmode_table_mtx); 1887 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) { 1888 op = &iwlwifi_opmode_table[i]; 1889 if (strcmp(op->name, name)) 1890 continue; 1891 op->ops = ops; 1892 /* TODO: need to handle exceptional case */ 1893 list_for_each_entry(drv, &op->drv, list) 1894 drv->op_mode = _iwl_op_mode_start(drv, op); 1895 1896 mutex_unlock(&iwlwifi_opmode_table_mtx); 1897 return 0; 1898 } 1899 mutex_unlock(&iwlwifi_opmode_table_mtx); 1900 return -EIO; 1901 } 1902 IWL_EXPORT_SYMBOL(iwl_opmode_register); 1903 1904 void iwl_opmode_deregister(const char *name) 1905 { 1906 int i; 1907 struct iwl_drv *drv; 1908 1909 mutex_lock(&iwlwifi_opmode_table_mtx); 1910 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) { 1911 if (strcmp(iwlwifi_opmode_table[i].name, name)) 1912 continue; 1913 iwlwifi_opmode_table[i].ops = NULL; 1914 1915 /* call the stop routine for all devices */ 1916 list_for_each_entry(drv, &iwlwifi_opmode_table[i].drv, list) 1917 _iwl_op_mode_stop(drv); 1918 1919 mutex_unlock(&iwlwifi_opmode_table_mtx); 1920 return; 1921 } 1922 mutex_unlock(&iwlwifi_opmode_table_mtx); 1923 } 1924 IWL_EXPORT_SYMBOL(iwl_opmode_deregister); 1925 1926 static int __init iwl_drv_init(void) 1927 { 1928 int i, err; 1929 1930 for (i = 0; i < ARRAY_SIZE(iwlwifi_opmode_table); i++) 1931 INIT_LIST_HEAD(&iwlwifi_opmode_table[i].drv); 1932 1933 pr_info(DRV_DESCRIPTION "\n"); 1934 1935 #ifdef CONFIG_IWLWIFI_DEBUGFS 1936 /* Create the root of iwlwifi debugfs subsystem. */ 1937 iwl_dbgfs_root = debugfs_create_dir(DRV_NAME, NULL); 1938 #endif 1939 1940 err = iwl_pci_register_driver(); 1941 if (err) 1942 goto cleanup_debugfs; 1943 1944 return 0; 1945 1946 cleanup_debugfs: 1947 #ifdef CONFIG_IWLWIFI_DEBUGFS 1948 debugfs_remove_recursive(iwl_dbgfs_root); 1949 #endif 1950 return err; 1951 } 1952 module_init(iwl_drv_init); 1953 1954 static void __exit iwl_drv_exit(void) 1955 { 1956 iwl_pci_unregister_driver(); 1957 1958 #ifdef CONFIG_IWLWIFI_DEBUGFS 1959 debugfs_remove_recursive(iwl_dbgfs_root); 1960 #endif 1961 } 1962 module_exit(iwl_drv_exit); 1963 1964 #ifdef CONFIG_IWLWIFI_DEBUG 1965 module_param_named(debug, iwlwifi_mod_params.debug_level, uint, 0644); 1966 MODULE_PARM_DESC(debug, "debug output mask"); 1967 #endif 1968 1969 module_param_named(swcrypto, iwlwifi_mod_params.swcrypto, int, 0444); 1970 MODULE_PARM_DESC(swcrypto, "using crypto in software (default 0 [hardware])"); 1971 module_param_named(11n_disable, iwlwifi_mod_params.disable_11n, uint, 0444); 1972 MODULE_PARM_DESC(11n_disable, 1973 "disable 11n functionality, bitmap: 1: full, 2: disable agg TX, 4: disable agg RX, 8 enable agg TX"); 1974 module_param_named(amsdu_size, iwlwifi_mod_params.amsdu_size, int, 0444); 1975 MODULE_PARM_DESC(amsdu_size, 1976 "amsdu size 0: 12K for multi Rx queue devices, 2K for AX210 devices, " 1977 "4K for other devices 1:4K 2:8K 3:12K (16K buffers) 4: 2K (default 0)"); 1978 module_param_named(fw_restart, iwlwifi_mod_params.fw_restart, bool, 0444); 1979 MODULE_PARM_DESC(fw_restart, "restart firmware in case of error (default true)"); 1980 1981 module_param_named(nvm_file, iwlwifi_mod_params.nvm_file, charp, 0444); 1982 MODULE_PARM_DESC(nvm_file, "NVM file name"); 1983 1984 module_param_named(uapsd_disable, iwlwifi_mod_params.uapsd_disable, uint, 0644); 1985 MODULE_PARM_DESC(uapsd_disable, 1986 "disable U-APSD functionality bitmap 1: BSS 2: P2P Client (default: 3)"); 1987 1988 module_param_named(enable_ini, iwlwifi_mod_params.enable_ini, uint, 0444); 1989 MODULE_PARM_DESC(enable_ini, 1990 "0:disable, 1-15:FW_DBG_PRESET Values, 16:enabled without preset value defined," 1991 "Debug INI TLV FW debug infrastructure (default: 16)"); 1992 1993 /* 1994 * set bt_coex_active to true, uCode will do kill/defer 1995 * every time the priority line is asserted (BT is sending signals on the 1996 * priority line in the PCIx). 1997 * set bt_coex_active to false, uCode will ignore the BT activity and 1998 * perform the normal operation 1999 * 2000 * User might experience transmit issue on some platform due to WiFi/BT 2001 * co-exist problem. The possible behaviors are: 2002 * Able to scan and finding all the available AP 2003 * Not able to associate with any AP 2004 * On those platforms, WiFi communication can be restored by set 2005 * "bt_coex_active" module parameter to "false" 2006 * 2007 * default: bt_coex_active = true (BT_COEX_ENABLE) 2008 */ 2009 module_param_named(bt_coex_active, iwlwifi_mod_params.bt_coex_active, 2010 bool, 0444); 2011 MODULE_PARM_DESC(bt_coex_active, "enable wifi/bt co-exist (default: enable)"); 2012 2013 module_param_named(led_mode, iwlwifi_mod_params.led_mode, int, 0444); 2014 MODULE_PARM_DESC(led_mode, "0=system default, " 2015 "1=On(RF On)/Off(RF Off), 2=blinking, 3=Off (default: 0)"); 2016 2017 module_param_named(power_save, iwlwifi_mod_params.power_save, bool, 0444); 2018 MODULE_PARM_DESC(power_save, 2019 "enable WiFi power management (default: disable)"); 2020 2021 module_param_named(power_level, iwlwifi_mod_params.power_level, int, 0444); 2022 MODULE_PARM_DESC(power_level, 2023 "default power save level (range from 1 - 5, default: 1)"); 2024 2025 module_param_named(disable_11ac, iwlwifi_mod_params.disable_11ac, bool, 0444); 2026 MODULE_PARM_DESC(disable_11ac, "Disable VHT capabilities (default: false)"); 2027 2028 module_param_named(remove_when_gone, 2029 iwlwifi_mod_params.remove_when_gone, bool, 2030 0444); 2031 MODULE_PARM_DESC(remove_when_gone, 2032 "Remove dev from PCIe bus if it is deemed inaccessible (default: false)"); 2033 2034 module_param_named(disable_11ax, iwlwifi_mod_params.disable_11ax, bool, 2035 S_IRUGO); 2036 MODULE_PARM_DESC(disable_11ax, "Disable HE capabilities (default: false)"); 2037 2038 module_param_named(disable_11be, iwlwifi_mod_params.disable_11be, bool, 0444); 2039 MODULE_PARM_DESC(disable_11be, "Disable EHT capabilities (default: false)"); 2040