1 2 /* 3 * linux/drivers/scsi/esas2r/esas2r_flash.c 4 * For use with ATTO ExpressSAS R6xx SAS/SATA RAID controllers 5 * 6 * Copyright (c) 2001-2013 ATTO Technology, Inc. 7 * (mailto:linuxdrivers@attotech.com) 8 * 9 * This program is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU General Public License 11 * as published by the Free Software Foundation; either version 2 12 * of the License, or (at your option) any later version. 13 * 14 * This program is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 17 * GNU General Public License for more details. 18 * 19 * NO WARRANTY 20 * THE PROGRAM IS PROVIDED ON AN "AS IS" BASIS, WITHOUT WARRANTIES OR 21 * CONDITIONS OF ANY KIND, EITHER EXPRESS OR IMPLIED INCLUDING, WITHOUT 22 * LIMITATION, ANY WARRANTIES OR CONDITIONS OF TITLE, NON-INFRINGEMENT, 23 * MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Each Recipient is 24 * solely responsible for determining the appropriateness of using and 25 * distributing the Program and assumes all risks associated with its 26 * exercise of rights under this Agreement, including but not limited to 27 * the risks and costs of program errors, damage to or loss of data, 28 * programs or equipment, and unavailability or interruption of operations. 29 * 30 * DISCLAIMER OF LIABILITY 31 * NEITHER RECIPIENT NOR ANY CONTRIBUTORS SHALL HAVE ANY LIABILITY FOR ANY 32 * DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 33 * DAMAGES (INCLUDING WITHOUT LIMITATION LOST PROFITS), HOWEVER CAUSED AND 34 * ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR 35 * TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE 36 * USE OR DISTRIBUTION OF THE PROGRAM OR THE EXERCISE OF ANY RIGHTS GRANTED 37 * HEREUNDER, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGES 38 * 39 * You should have received a copy of the GNU General Public License 40 * along with this program; if not, write to the Free Software 41 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, 42 * USA. 43 */ 44 45 #include "esas2r.h" 46 47 /* local macro defs */ 48 #define esas2r_nvramcalc_cksum(n) \ 49 (esas2r_calc_byte_cksum((u8 *)(n), sizeof(struct esas2r_sas_nvram), \ 50 SASNVR_CKSUM_SEED)) 51 #define esas2r_nvramcalc_xor_cksum(n) \ 52 (esas2r_calc_byte_xor_cksum((u8 *)(n), \ 53 sizeof(struct esas2r_sas_nvram), 0)) 54 55 #define ESAS2R_FS_DRVR_VER 2 56 57 static struct esas2r_sas_nvram default_sas_nvram = { 58 { 'E', 'S', 'A', 'S' }, /* signature */ 59 SASNVR_VERSION, /* version */ 60 0, /* checksum */ 61 31, /* max_lun_for_target */ 62 SASNVR_PCILAT_MAX, /* pci_latency */ 63 SASNVR1_BOOT_DRVR, /* options1 */ 64 SASNVR2_HEARTBEAT | SASNVR2_SINGLE_BUS /* options2 */ 65 | SASNVR2_SW_MUX_CTRL, 66 SASNVR_COAL_DIS, /* int_coalescing */ 67 SASNVR_CMDTHR_NONE, /* cmd_throttle */ 68 3, /* dev_wait_time */ 69 1, /* dev_wait_count */ 70 0, /* spin_up_delay */ 71 0, /* ssp_align_rate */ 72 { 0x50, 0x01, 0x08, 0x60, /* sas_addr */ 73 0x00, 0x00, 0x00, 0x00 }, 74 { SASNVR_SPEED_AUTO }, /* phy_speed */ 75 { SASNVR_MUX_DISABLED }, /* SAS multiplexing */ 76 { 0 }, /* phy_flags */ 77 SASNVR_SORT_SAS_ADDR, /* sort_type */ 78 3, /* dpm_reqcmd_lmt */ 79 3, /* dpm_stndby_time */ 80 0, /* dpm_active_time */ 81 { 0 }, /* phy_target_id */ 82 SASNVR_VSMH_DISABLED, /* virt_ses_mode */ 83 SASNVR_RWM_DEFAULT, /* read_write_mode */ 84 0, /* link down timeout */ 85 { 0 } /* reserved */ 86 }; 87 88 static u8 cmd_to_fls_func[] = { 89 0xFF, 90 VDA_FLASH_READ, 91 VDA_FLASH_BEGINW, 92 VDA_FLASH_WRITE, 93 VDA_FLASH_COMMIT, 94 VDA_FLASH_CANCEL 95 }; 96 97 static u8 esas2r_calc_byte_xor_cksum(u8 *addr, u32 len, u8 seed) 98 { 99 u32 cksum = seed; 100 u8 *p = (u8 *)&cksum; 101 102 while (len) { 103 if (((uintptr_t)addr & 3) == 0) 104 break; 105 106 cksum = cksum ^ *addr; 107 addr++; 108 len--; 109 } 110 while (len >= sizeof(u32)) { 111 cksum = cksum ^ *(u32 *)addr; 112 addr += 4; 113 len -= 4; 114 } 115 while (len--) { 116 cksum = cksum ^ *addr; 117 addr++; 118 } 119 return p[0] ^ p[1] ^ p[2] ^ p[3]; 120 } 121 122 static u8 esas2r_calc_byte_cksum(void *addr, u32 len, u8 seed) 123 { 124 u8 *p = (u8 *)addr; 125 u8 cksum = seed; 126 127 while (len--) 128 cksum = cksum + p[len]; 129 return cksum; 130 } 131 132 /* Interrupt callback to process FM API write requests. */ 133 static void esas2r_fmapi_callback(struct esas2r_adapter *a, 134 struct esas2r_request *rq) 135 { 136 struct atto_vda_flash_req *vrq = &rq->vrq->flash; 137 struct esas2r_flash_context *fc = 138 (struct esas2r_flash_context *)rq->interrupt_cx; 139 140 if (rq->req_stat == RS_SUCCESS) { 141 /* Last request was successful. See what to do now. */ 142 switch (vrq->sub_func) { 143 case VDA_FLASH_BEGINW: 144 if (fc->sgc.cur_offset == NULL) 145 goto commit; 146 147 vrq->sub_func = VDA_FLASH_WRITE; 148 rq->req_stat = RS_PENDING; 149 break; 150 151 case VDA_FLASH_WRITE: 152 commit: 153 vrq->sub_func = VDA_FLASH_COMMIT; 154 rq->req_stat = RS_PENDING; 155 rq->interrupt_cb = fc->interrupt_cb; 156 break; 157 158 default: 159 break; 160 } 161 } 162 163 if (rq->req_stat != RS_PENDING) 164 /* 165 * All done. call the real callback to complete the FM API 166 * request. We should only get here if a BEGINW or WRITE 167 * operation failed. 168 */ 169 (*fc->interrupt_cb)(a, rq); 170 } 171 172 /* 173 * Build a flash request based on the flash context. The request status 174 * is filled in on an error. 175 */ 176 static void build_flash_msg(struct esas2r_adapter *a, 177 struct esas2r_request *rq) 178 { 179 struct esas2r_flash_context *fc = 180 (struct esas2r_flash_context *)rq->interrupt_cx; 181 struct esas2r_sg_context *sgc = &fc->sgc; 182 u8 cksum = 0; 183 184 /* calculate the checksum */ 185 if (fc->func == VDA_FLASH_BEGINW) { 186 if (sgc->cur_offset) 187 cksum = esas2r_calc_byte_xor_cksum(sgc->cur_offset, 188 sgc->length, 189 0); 190 rq->interrupt_cb = esas2r_fmapi_callback; 191 } else { 192 rq->interrupt_cb = fc->interrupt_cb; 193 } 194 esas2r_build_flash_req(a, 195 rq, 196 fc->func, 197 cksum, 198 fc->flsh_addr, 199 sgc->length); 200 201 esas2r_rq_free_sg_lists(rq, a); 202 203 /* 204 * remember the length we asked for. we have to keep track of 205 * the current amount done so we know how much to compare when 206 * doing the verification phase. 207 */ 208 fc->curr_len = fc->sgc.length; 209 210 if (sgc->cur_offset) { 211 /* setup the S/G context to build the S/G table */ 212 esas2r_sgc_init(sgc, a, rq, &rq->vrq->flash.data.sge[0]); 213 214 if (!esas2r_build_sg_list(a, rq, sgc)) { 215 rq->req_stat = RS_BUSY; 216 return; 217 } 218 } else { 219 fc->sgc.length = 0; 220 } 221 222 /* update the flsh_addr to the next one to write to */ 223 fc->flsh_addr += fc->curr_len; 224 } 225 226 /* determine the method to process the flash request */ 227 static bool load_image(struct esas2r_adapter *a, struct esas2r_request *rq) 228 { 229 /* 230 * assume we have more to do. if we return with the status set to 231 * RS_PENDING, FM API tasks will continue. 232 */ 233 rq->req_stat = RS_PENDING; 234 if (a->flags & AF_DEGRADED_MODE) 235 /* not suppported for now */; 236 else 237 build_flash_msg(a, rq); 238 239 return rq->req_stat == RS_PENDING; 240 } 241 242 /* boot image fixer uppers called before downloading the image. */ 243 static void fix_bios(struct esas2r_adapter *a, struct esas2r_flash_img *fi) 244 { 245 struct esas2r_component_header *ch = &fi->cmp_hdr[CH_IT_BIOS]; 246 struct esas2r_pc_image *pi; 247 struct esas2r_boot_header *bh; 248 249 pi = (struct esas2r_pc_image *)((u8 *)fi + ch->image_offset); 250 bh = 251 (struct esas2r_boot_header *)((u8 *)pi + 252 le16_to_cpu(pi->header_offset)); 253 bh->device_id = cpu_to_le16(a->pcid->device); 254 255 /* Recalculate the checksum in the PNP header if there */ 256 if (pi->pnp_offset) { 257 u8 *pnp_header_bytes = 258 ((u8 *)pi + le16_to_cpu(pi->pnp_offset)); 259 260 /* Identifier - dword that starts at byte 10 */ 261 *((u32 *)&pnp_header_bytes[10]) = 262 cpu_to_le32(MAKEDWORD(a->pcid->subsystem_vendor, 263 a->pcid->subsystem_device)); 264 265 /* Checksum - byte 9 */ 266 pnp_header_bytes[9] -= esas2r_calc_byte_cksum(pnp_header_bytes, 267 32, 0); 268 } 269 270 /* Recalculate the checksum needed by the PC */ 271 pi->checksum = pi->checksum - 272 esas2r_calc_byte_cksum((u8 *)pi, ch->length, 0); 273 } 274 275 static void fix_efi(struct esas2r_adapter *a, struct esas2r_flash_img *fi) 276 { 277 struct esas2r_component_header *ch = &fi->cmp_hdr[CH_IT_EFI]; 278 u32 len = ch->length; 279 u32 offset = ch->image_offset; 280 struct esas2r_efi_image *ei; 281 struct esas2r_boot_header *bh; 282 283 while (len) { 284 u32 thislen; 285 286 ei = (struct esas2r_efi_image *)((u8 *)fi + offset); 287 bh = (struct esas2r_boot_header *)((u8 *)ei + 288 le16_to_cpu( 289 ei->header_offset)); 290 bh->device_id = cpu_to_le16(a->pcid->device); 291 thislen = (u32)le16_to_cpu(bh->image_length) * 512; 292 293 if (thislen > len) 294 break; 295 296 len -= thislen; 297 offset += thislen; 298 } 299 } 300 301 /* Complete a FM API request with the specified status. */ 302 static bool complete_fmapi_req(struct esas2r_adapter *a, 303 struct esas2r_request *rq, u8 fi_stat) 304 { 305 struct esas2r_flash_context *fc = 306 (struct esas2r_flash_context *)rq->interrupt_cx; 307 struct esas2r_flash_img *fi = fc->fi; 308 309 fi->status = fi_stat; 310 fi->driver_error = rq->req_stat; 311 rq->interrupt_cb = NULL; 312 rq->req_stat = RS_SUCCESS; 313 314 if (fi_stat != FI_STAT_IMG_VER) 315 memset(fc->scratch, 0, FM_BUF_SZ); 316 317 esas2r_enable_heartbeat(a); 318 esas2r_lock_clear_flags(&a->flags, AF_FLASH_LOCK); 319 return false; 320 } 321 322 /* Process each phase of the flash download process. */ 323 static void fw_download_proc(struct esas2r_adapter *a, 324 struct esas2r_request *rq) 325 { 326 struct esas2r_flash_context *fc = 327 (struct esas2r_flash_context *)rq->interrupt_cx; 328 struct esas2r_flash_img *fi = fc->fi; 329 struct esas2r_component_header *ch; 330 u32 len; 331 u8 *p, *q; 332 333 /* If the previous operation failed, just return. */ 334 if (rq->req_stat != RS_SUCCESS) 335 goto error; 336 337 /* 338 * If an upload just completed and the compare length is non-zero, 339 * then we just read back part of the image we just wrote. verify the 340 * section and continue reading until the entire image is verified. 341 */ 342 if (fc->func == VDA_FLASH_READ 343 && fc->cmp_len) { 344 ch = &fi->cmp_hdr[fc->comp_typ]; 345 346 p = fc->scratch; 347 q = (u8 *)fi /* start of the whole gob */ 348 + ch->image_offset /* start of the current image */ 349 + ch->length /* end of the current image */ 350 - fc->cmp_len; /* where we are now */ 351 352 /* 353 * NOTE - curr_len is the exact count of bytes for the read 354 * even when the end is read and its not a full buffer 355 */ 356 for (len = fc->curr_len; len; len--) 357 if (*p++ != *q++) 358 goto error; 359 360 fc->cmp_len -= fc->curr_len; /* # left to compare */ 361 362 /* Update fc and determine the length for the next upload */ 363 if (fc->cmp_len > FM_BUF_SZ) 364 fc->sgc.length = FM_BUF_SZ; 365 else 366 fc->sgc.length = fc->cmp_len; 367 368 fc->sgc.cur_offset = fc->sgc_offset + 369 ((u8 *)fc->scratch - (u8 *)fi); 370 } 371 372 /* 373 * This code uses a 'while' statement since the next component may 374 * have a length = zero. This can happen since some components are 375 * not required. At the end of this 'while' we set up the length 376 * for the next request and therefore sgc.length can be = 0. 377 */ 378 while (fc->sgc.length == 0) { 379 ch = &fi->cmp_hdr[fc->comp_typ]; 380 381 switch (fc->task) { 382 case FMTSK_ERASE_BOOT: 383 /* the BIOS image is written next */ 384 ch = &fi->cmp_hdr[CH_IT_BIOS]; 385 if (ch->length == 0) 386 goto no_bios; 387 388 fc->task = FMTSK_WRTBIOS; 389 fc->func = VDA_FLASH_BEGINW; 390 fc->comp_typ = CH_IT_BIOS; 391 fc->flsh_addr = FLS_OFFSET_BOOT; 392 fc->sgc.length = ch->length; 393 fc->sgc.cur_offset = fc->sgc_offset + 394 ch->image_offset; 395 break; 396 397 case FMTSK_WRTBIOS: 398 /* 399 * The BIOS image has been written - read it and 400 * verify it 401 */ 402 fc->task = FMTSK_READBIOS; 403 fc->func = VDA_FLASH_READ; 404 fc->flsh_addr = FLS_OFFSET_BOOT; 405 fc->cmp_len = ch->length; 406 fc->sgc.length = FM_BUF_SZ; 407 fc->sgc.cur_offset = fc->sgc_offset 408 + ((u8 *)fc->scratch - 409 (u8 *)fi); 410 break; 411 412 case FMTSK_READBIOS: 413 no_bios: 414 /* 415 * Mark the component header status for the image 416 * completed 417 */ 418 ch->status = CH_STAT_SUCCESS; 419 420 /* The MAC image is written next */ 421 ch = &fi->cmp_hdr[CH_IT_MAC]; 422 if (ch->length == 0) 423 goto no_mac; 424 425 fc->task = FMTSK_WRTMAC; 426 fc->func = VDA_FLASH_BEGINW; 427 fc->comp_typ = CH_IT_MAC; 428 fc->flsh_addr = FLS_OFFSET_BOOT 429 + fi->cmp_hdr[CH_IT_BIOS].length; 430 fc->sgc.length = ch->length; 431 fc->sgc.cur_offset = fc->sgc_offset + 432 ch->image_offset; 433 break; 434 435 case FMTSK_WRTMAC: 436 /* The MAC image has been written - read and verify */ 437 fc->task = FMTSK_READMAC; 438 fc->func = VDA_FLASH_READ; 439 fc->flsh_addr -= ch->length; 440 fc->cmp_len = ch->length; 441 fc->sgc.length = FM_BUF_SZ; 442 fc->sgc.cur_offset = fc->sgc_offset 443 + ((u8 *)fc->scratch - 444 (u8 *)fi); 445 break; 446 447 case FMTSK_READMAC: 448 no_mac: 449 /* 450 * Mark the component header status for the image 451 * completed 452 */ 453 ch->status = CH_STAT_SUCCESS; 454 455 /* The EFI image is written next */ 456 ch = &fi->cmp_hdr[CH_IT_EFI]; 457 if (ch->length == 0) 458 goto no_efi; 459 460 fc->task = FMTSK_WRTEFI; 461 fc->func = VDA_FLASH_BEGINW; 462 fc->comp_typ = CH_IT_EFI; 463 fc->flsh_addr = FLS_OFFSET_BOOT 464 + fi->cmp_hdr[CH_IT_BIOS].length 465 + fi->cmp_hdr[CH_IT_MAC].length; 466 fc->sgc.length = ch->length; 467 fc->sgc.cur_offset = fc->sgc_offset + 468 ch->image_offset; 469 break; 470 471 case FMTSK_WRTEFI: 472 /* The EFI image has been written - read and verify */ 473 fc->task = FMTSK_READEFI; 474 fc->func = VDA_FLASH_READ; 475 fc->flsh_addr -= ch->length; 476 fc->cmp_len = ch->length; 477 fc->sgc.length = FM_BUF_SZ; 478 fc->sgc.cur_offset = fc->sgc_offset 479 + ((u8 *)fc->scratch - 480 (u8 *)fi); 481 break; 482 483 case FMTSK_READEFI: 484 no_efi: 485 /* 486 * Mark the component header status for the image 487 * completed 488 */ 489 ch->status = CH_STAT_SUCCESS; 490 491 /* The CFG image is written next */ 492 ch = &fi->cmp_hdr[CH_IT_CFG]; 493 494 if (ch->length == 0) 495 goto no_cfg; 496 fc->task = FMTSK_WRTCFG; 497 fc->func = VDA_FLASH_BEGINW; 498 fc->comp_typ = CH_IT_CFG; 499 fc->flsh_addr = FLS_OFFSET_CPYR - ch->length; 500 fc->sgc.length = ch->length; 501 fc->sgc.cur_offset = fc->sgc_offset + 502 ch->image_offset; 503 break; 504 505 case FMTSK_WRTCFG: 506 /* The CFG image has been written - read and verify */ 507 fc->task = FMTSK_READCFG; 508 fc->func = VDA_FLASH_READ; 509 fc->flsh_addr = FLS_OFFSET_CPYR - ch->length; 510 fc->cmp_len = ch->length; 511 fc->sgc.length = FM_BUF_SZ; 512 fc->sgc.cur_offset = fc->sgc_offset 513 + ((u8 *)fc->scratch - 514 (u8 *)fi); 515 break; 516 517 case FMTSK_READCFG: 518 no_cfg: 519 /* 520 * Mark the component header status for the image 521 * completed 522 */ 523 ch->status = CH_STAT_SUCCESS; 524 525 /* 526 * The download is complete. If in degraded mode, 527 * attempt a chip reset. 528 */ 529 if (a->flags & AF_DEGRADED_MODE) 530 esas2r_local_reset_adapter(a); 531 532 a->flash_ver = fi->cmp_hdr[CH_IT_BIOS].version; 533 esas2r_print_flash_rev(a); 534 535 /* Update the type of boot image on the card */ 536 memcpy(a->image_type, fi->rel_version, 537 sizeof(fi->rel_version)); 538 complete_fmapi_req(a, rq, FI_STAT_SUCCESS); 539 return; 540 } 541 542 /* If verifying, don't try reading more than what's there */ 543 if (fc->func == VDA_FLASH_READ 544 && fc->sgc.length > fc->cmp_len) 545 fc->sgc.length = fc->cmp_len; 546 } 547 548 /* Build the request to perform the next action */ 549 if (!load_image(a, rq)) { 550 error: 551 if (fc->comp_typ < fi->num_comps) { 552 ch = &fi->cmp_hdr[fc->comp_typ]; 553 ch->status = CH_STAT_FAILED; 554 } 555 556 complete_fmapi_req(a, rq, FI_STAT_FAILED); 557 } 558 } 559 560 /* Determine the flash image adaptyp for this adapter */ 561 static u8 get_fi_adap_type(struct esas2r_adapter *a) 562 { 563 u8 type; 564 565 /* use the device ID to get the correct adap_typ for this HBA */ 566 switch (a->pcid->device) { 567 case ATTO_DID_INTEL_IOP348: 568 type = FI_AT_SUN_LAKE; 569 break; 570 571 case ATTO_DID_MV_88RC9580: 572 case ATTO_DID_MV_88RC9580TS: 573 case ATTO_DID_MV_88RC9580TSE: 574 case ATTO_DID_MV_88RC9580TL: 575 type = FI_AT_MV_9580; 576 break; 577 578 default: 579 type = FI_AT_UNKNWN; 580 break; 581 } 582 583 return type; 584 } 585 586 /* Size of config + copyright + flash_ver images, 0 for failure. */ 587 static u32 chk_cfg(u8 *cfg, u32 length, u32 *flash_ver) 588 { 589 u16 *pw = (u16 *)cfg - 1; 590 u32 sz = 0; 591 u32 len = length; 592 593 if (len == 0) 594 len = FM_BUF_SZ; 595 596 if (flash_ver) 597 *flash_ver = 0; 598 599 while (true) { 600 u16 type; 601 u16 size; 602 603 type = le16_to_cpu(*pw--); 604 size = le16_to_cpu(*pw--); 605 606 if (type != FBT_CPYR 607 && type != FBT_SETUP 608 && type != FBT_FLASH_VER) 609 break; 610 611 if (type == FBT_FLASH_VER 612 && flash_ver) 613 *flash_ver = le32_to_cpu(*(u32 *)(pw - 1)); 614 615 sz += size + (2 * sizeof(u16)); 616 pw -= size / sizeof(u16); 617 618 if (sz > len - (2 * sizeof(u16))) 619 break; 620 } 621 622 /* See if we are comparing the size to the specified length */ 623 if (length && sz != length) 624 return 0; 625 626 return sz; 627 } 628 629 /* Verify that the boot image is valid */ 630 static u8 chk_boot(u8 *boot_img, u32 length) 631 { 632 struct esas2r_boot_image *bi = (struct esas2r_boot_image *)boot_img; 633 u16 hdroffset = le16_to_cpu(bi->header_offset); 634 struct esas2r_boot_header *bh; 635 636 if (bi->signature != le16_to_cpu(0xaa55) 637 || (long)hdroffset > 638 (long)(65536L - sizeof(struct esas2r_boot_header)) 639 || (hdroffset & 3) 640 || (hdroffset < sizeof(struct esas2r_boot_image)) 641 || ((u32)hdroffset + sizeof(struct esas2r_boot_header) > length)) 642 return 0xff; 643 644 bh = (struct esas2r_boot_header *)((char *)bi + hdroffset); 645 646 if (bh->signature[0] != 'P' 647 || bh->signature[1] != 'C' 648 || bh->signature[2] != 'I' 649 || bh->signature[3] != 'R' 650 || le16_to_cpu(bh->struct_length) < 651 (u16)sizeof(struct esas2r_boot_header) 652 || bh->class_code[2] != 0x01 653 || bh->class_code[1] != 0x04 654 || bh->class_code[0] != 0x00 655 || (bh->code_type != CODE_TYPE_PC 656 && bh->code_type != CODE_TYPE_OPEN 657 && bh->code_type != CODE_TYPE_EFI)) 658 return 0xff; 659 660 return bh->code_type; 661 } 662 663 /* The sum of all the WORDS of the image */ 664 static u16 calc_fi_checksum(struct esas2r_flash_context *fc) 665 { 666 struct esas2r_flash_img *fi = fc->fi; 667 u16 cksum; 668 u32 len; 669 u16 *pw; 670 671 for (len = (fi->length - fc->fi_hdr_len) / 2, 672 pw = (u16 *)((u8 *)fi + fc->fi_hdr_len), 673 cksum = 0; 674 len; 675 len--, pw++) 676 cksum = cksum + le16_to_cpu(*pw); 677 678 return cksum; 679 } 680 681 /* 682 * Verify the flash image structure. The following verifications will 683 * be performed: 684 * 1) verify the fi_version is correct 685 * 2) verify the checksum of the entire image. 686 * 3) validate the adap_typ, action and length fields. 687 * 4) valdiate each component header. check the img_type and 688 * length fields 689 * 5) valdiate each component image. validate signatures and 690 * local checksums 691 */ 692 static bool verify_fi(struct esas2r_adapter *a, 693 struct esas2r_flash_context *fc) 694 { 695 struct esas2r_flash_img *fi = fc->fi; 696 u8 type; 697 bool imgerr; 698 u16 i; 699 u32 len; 700 struct esas2r_component_header *ch; 701 702 /* Verify the length - length must even since we do a word checksum */ 703 len = fi->length; 704 705 if ((len & 1) 706 || len < fc->fi_hdr_len) { 707 fi->status = FI_STAT_LENGTH; 708 return false; 709 } 710 711 /* Get adapter type and verify type in flash image */ 712 type = get_fi_adap_type(a); 713 if ((type == FI_AT_UNKNWN) || (fi->adap_typ != type)) { 714 fi->status = FI_STAT_ADAPTYP; 715 return false; 716 } 717 718 /* 719 * Loop through each component and verify the img_type and length 720 * fields. Keep a running count of the sizes sooze we can verify total 721 * size to additive size. 722 */ 723 imgerr = false; 724 725 for (i = 0, len = 0, ch = fi->cmp_hdr; 726 i < fi->num_comps; 727 i++, ch++) { 728 bool cmperr = false; 729 730 /* 731 * Verify that the component header has the same index as the 732 * image type. The headers must be ordered correctly 733 */ 734 if (i != ch->img_type) { 735 imgerr = true; 736 ch->status = CH_STAT_INVALID; 737 continue; 738 } 739 740 switch (ch->img_type) { 741 case CH_IT_BIOS: 742 type = CODE_TYPE_PC; 743 break; 744 745 case CH_IT_MAC: 746 type = CODE_TYPE_OPEN; 747 break; 748 749 case CH_IT_EFI: 750 type = CODE_TYPE_EFI; 751 break; 752 } 753 754 switch (ch->img_type) { 755 case CH_IT_FW: 756 case CH_IT_NVR: 757 break; 758 759 case CH_IT_BIOS: 760 case CH_IT_MAC: 761 case CH_IT_EFI: 762 if (ch->length & 0x1ff) 763 cmperr = true; 764 765 /* Test if component image is present */ 766 if (ch->length == 0) 767 break; 768 769 /* Image is present - verify the image */ 770 if (chk_boot((u8 *)fi + ch->image_offset, ch->length) 771 != type) 772 cmperr = true; 773 774 break; 775 776 case CH_IT_CFG: 777 778 /* Test if component image is present */ 779 if (ch->length == 0) { 780 cmperr = true; 781 break; 782 } 783 784 /* Image is present - verify the image */ 785 if (!chk_cfg((u8 *)fi + ch->image_offset + ch->length, 786 ch->length, NULL)) 787 cmperr = true; 788 789 break; 790 791 default: 792 793 fi->status = FI_STAT_UNKNOWN; 794 return false; 795 } 796 797 if (cmperr) { 798 imgerr = true; 799 ch->status = CH_STAT_INVALID; 800 } else { 801 ch->status = CH_STAT_PENDING; 802 len += ch->length; 803 } 804 } 805 806 if (imgerr) { 807 fi->status = FI_STAT_MISSING; 808 return false; 809 } 810 811 /* Compare fi->length to the sum of ch->length fields */ 812 if (len != fi->length - fc->fi_hdr_len) { 813 fi->status = FI_STAT_LENGTH; 814 return false; 815 } 816 817 /* Compute the checksum - it should come out zero */ 818 if (fi->checksum != calc_fi_checksum(fc)) { 819 fi->status = FI_STAT_CHKSUM; 820 return false; 821 } 822 823 return true; 824 } 825 826 /* Fill in the FS IOCTL response data from a completed request. */ 827 static void esas2r_complete_fs_ioctl(struct esas2r_adapter *a, 828 struct esas2r_request *rq) 829 { 830 struct esas2r_ioctl_fs *fs = 831 (struct esas2r_ioctl_fs *)rq->interrupt_cx; 832 833 if (rq->vrq->flash.sub_func == VDA_FLASH_COMMIT) 834 esas2r_enable_heartbeat(a); 835 836 fs->driver_error = rq->req_stat; 837 838 if (fs->driver_error == RS_SUCCESS) 839 fs->status = ATTO_STS_SUCCESS; 840 else 841 fs->status = ATTO_STS_FAILED; 842 } 843 844 /* Prepare an FS IOCTL request to be sent to the firmware. */ 845 bool esas2r_process_fs_ioctl(struct esas2r_adapter *a, 846 struct esas2r_ioctl_fs *fs, 847 struct esas2r_request *rq, 848 struct esas2r_sg_context *sgc) 849 { 850 u8 cmdcnt = (u8)ARRAY_SIZE(cmd_to_fls_func); 851 struct esas2r_ioctlfs_command *fsc = &fs->command; 852 u8 func = 0; 853 u32 datalen; 854 855 fs->status = ATTO_STS_FAILED; 856 fs->driver_error = RS_PENDING; 857 858 if (fs->version > ESAS2R_FS_VER) { 859 fs->status = ATTO_STS_INV_VERSION; 860 return false; 861 } 862 863 func = cmd_to_fls_func[fsc->command]; 864 if (fsc->command >= cmdcnt || func == 0xFF) { 865 fs->status = ATTO_STS_INV_FUNC; 866 return false; 867 } 868 869 if (fsc->command != ESAS2R_FS_CMD_CANCEL) { 870 if ((a->pcid->device != ATTO_DID_MV_88RC9580 871 || fs->adap_type != ESAS2R_FS_AT_ESASRAID2) 872 && (a->pcid->device != ATTO_DID_MV_88RC9580TS 873 || fs->adap_type != ESAS2R_FS_AT_TSSASRAID2) 874 && (a->pcid->device != ATTO_DID_MV_88RC9580TSE 875 || fs->adap_type != ESAS2R_FS_AT_TSSASRAID2E) 876 && (a->pcid->device != ATTO_DID_MV_88RC9580TL 877 || fs->adap_type != ESAS2R_FS_AT_TLSASHBA)) { 878 fs->status = ATTO_STS_INV_ADAPTER; 879 return false; 880 } 881 882 if (fs->driver_ver > ESAS2R_FS_DRVR_VER) { 883 fs->status = ATTO_STS_INV_DRVR_VER; 884 return false; 885 } 886 } 887 888 if (a->flags & AF_DEGRADED_MODE) { 889 fs->status = ATTO_STS_DEGRADED; 890 return false; 891 } 892 893 rq->interrupt_cb = esas2r_complete_fs_ioctl; 894 rq->interrupt_cx = fs; 895 datalen = le32_to_cpu(fsc->length); 896 esas2r_build_flash_req(a, 897 rq, 898 func, 899 fsc->checksum, 900 le32_to_cpu(fsc->flash_addr), 901 datalen); 902 903 if (func == VDA_FLASH_WRITE 904 || func == VDA_FLASH_READ) { 905 if (datalen == 0) { 906 fs->status = ATTO_STS_INV_FUNC; 907 return false; 908 } 909 910 esas2r_sgc_init(sgc, a, rq, rq->vrq->flash.data.sge); 911 sgc->length = datalen; 912 913 if (!esas2r_build_sg_list(a, rq, sgc)) { 914 fs->status = ATTO_STS_OUT_OF_RSRC; 915 return false; 916 } 917 } 918 919 if (func == VDA_FLASH_COMMIT) 920 esas2r_disable_heartbeat(a); 921 922 esas2r_start_request(a, rq); 923 924 return true; 925 } 926 927 static bool esas2r_flash_access(struct esas2r_adapter *a, u32 function) 928 { 929 u32 starttime; 930 u32 timeout; 931 u32 intstat; 932 u32 doorbell; 933 934 /* Disable chip interrupts awhile */ 935 if (function == DRBL_FLASH_REQ) 936 esas2r_disable_chip_interrupts(a); 937 938 /* Issue the request to the firmware */ 939 esas2r_write_register_dword(a, MU_DOORBELL_IN, function); 940 941 /* Now wait for the firmware to process it */ 942 starttime = jiffies_to_msecs(jiffies); 943 timeout = a->flags & 944 (AF_CHPRST_PENDING | AF_DISC_PENDING) ? 40000 : 5000; 945 946 while (true) { 947 intstat = esas2r_read_register_dword(a, MU_INT_STATUS_OUT); 948 949 if (intstat & MU_INTSTAT_DRBL) { 950 /* Got a doorbell interrupt. Check for the function */ 951 doorbell = 952 esas2r_read_register_dword(a, MU_DOORBELL_OUT); 953 esas2r_write_register_dword(a, MU_DOORBELL_OUT, 954 doorbell); 955 if (doorbell & function) 956 break; 957 } 958 959 schedule_timeout_interruptible(msecs_to_jiffies(100)); 960 961 if ((jiffies_to_msecs(jiffies) - starttime) > timeout) { 962 /* 963 * Iimeout. If we were requesting flash access, 964 * indicate we are done so the firmware knows we gave 965 * up. If this was a REQ, we also need to re-enable 966 * chip interrupts. 967 */ 968 if (function == DRBL_FLASH_REQ) { 969 esas2r_hdebug("flash access timeout"); 970 esas2r_write_register_dword(a, MU_DOORBELL_IN, 971 DRBL_FLASH_DONE); 972 esas2r_enable_chip_interrupts(a); 973 } else { 974 esas2r_hdebug("flash release timeout"); 975 } 976 977 return false; 978 } 979 } 980 981 /* if we're done, re-enable chip interrupts */ 982 if (function == DRBL_FLASH_DONE) 983 esas2r_enable_chip_interrupts(a); 984 985 return true; 986 } 987 988 #define WINDOW_SIZE ((signed int)MW_DATA_WINDOW_SIZE) 989 990 bool esas2r_read_flash_block(struct esas2r_adapter *a, 991 void *to, 992 u32 from, 993 u32 size) 994 { 995 u8 *end = (u8 *)to; 996 997 /* Try to acquire access to the flash */ 998 if (!esas2r_flash_access(a, DRBL_FLASH_REQ)) 999 return false; 1000 1001 while (size) { 1002 u32 len; 1003 u32 offset; 1004 u32 iatvr; 1005 1006 if (a->flags2 & AF2_SERIAL_FLASH) 1007 iatvr = MW_DATA_ADDR_SER_FLASH + (from & -WINDOW_SIZE); 1008 else 1009 iatvr = MW_DATA_ADDR_PAR_FLASH + (from & -WINDOW_SIZE); 1010 1011 esas2r_map_data_window(a, iatvr); 1012 offset = from & (WINDOW_SIZE - 1); 1013 len = size; 1014 1015 if (len > WINDOW_SIZE - offset) 1016 len = WINDOW_SIZE - offset; 1017 1018 from += len; 1019 size -= len; 1020 1021 while (len--) { 1022 *end++ = esas2r_read_data_byte(a, offset); 1023 offset++; 1024 } 1025 } 1026 1027 /* Release flash access */ 1028 esas2r_flash_access(a, DRBL_FLASH_DONE); 1029 return true; 1030 } 1031 1032 bool esas2r_read_flash_rev(struct esas2r_adapter *a) 1033 { 1034 u8 bytes[256]; 1035 u16 *pw; 1036 u16 *pwstart; 1037 u16 type; 1038 u16 size; 1039 u32 sz; 1040 1041 sz = sizeof(bytes); 1042 pw = (u16 *)(bytes + sz); 1043 pwstart = (u16 *)bytes + 2; 1044 1045 if (!esas2r_read_flash_block(a, bytes, FLS_OFFSET_CPYR - sz, sz)) 1046 goto invalid_rev; 1047 1048 while (pw >= pwstart) { 1049 pw--; 1050 type = le16_to_cpu(*pw); 1051 pw--; 1052 size = le16_to_cpu(*pw); 1053 pw -= size / 2; 1054 1055 if (type == FBT_CPYR 1056 || type == FBT_SETUP 1057 || pw < pwstart) 1058 continue; 1059 1060 if (type == FBT_FLASH_VER) 1061 a->flash_ver = le32_to_cpu(*(u32 *)pw); 1062 1063 break; 1064 } 1065 1066 invalid_rev: 1067 return esas2r_print_flash_rev(a); 1068 } 1069 1070 bool esas2r_print_flash_rev(struct esas2r_adapter *a) 1071 { 1072 u16 year = LOWORD(a->flash_ver); 1073 u8 day = LOBYTE(HIWORD(a->flash_ver)); 1074 u8 month = HIBYTE(HIWORD(a->flash_ver)); 1075 1076 if (day == 0 1077 || month == 0 1078 || day > 31 1079 || month > 12 1080 || year < 2006 1081 || year > 9999) { 1082 strcpy(a->flash_rev, "not found"); 1083 a->flash_ver = 0; 1084 return false; 1085 } 1086 1087 sprintf(a->flash_rev, "%02d/%02d/%04d", month, day, year); 1088 esas2r_hdebug("flash version: %s", a->flash_rev); 1089 return true; 1090 } 1091 1092 /* 1093 * Find the type of boot image type that is currently in the flash. 1094 * The chip only has a 64 KB PCI-e expansion ROM 1095 * size so only one image can be flashed at a time. 1096 */ 1097 bool esas2r_read_image_type(struct esas2r_adapter *a) 1098 { 1099 u8 bytes[256]; 1100 struct esas2r_boot_image *bi; 1101 struct esas2r_boot_header *bh; 1102 u32 sz; 1103 u32 len; 1104 u32 offset; 1105 1106 /* Start at the base of the boot images and look for a valid image */ 1107 sz = sizeof(bytes); 1108 len = FLS_LENGTH_BOOT; 1109 offset = 0; 1110 1111 while (true) { 1112 if (!esas2r_read_flash_block(a, bytes, FLS_OFFSET_BOOT + 1113 offset, 1114 sz)) 1115 goto invalid_rev; 1116 1117 bi = (struct esas2r_boot_image *)bytes; 1118 bh = (struct esas2r_boot_header *)((u8 *)bi + 1119 le16_to_cpu( 1120 bi->header_offset)); 1121 if (bi->signature != cpu_to_le16(0xAA55)) 1122 goto invalid_rev; 1123 1124 if (bh->code_type == CODE_TYPE_PC) { 1125 strcpy(a->image_type, "BIOS"); 1126 1127 return true; 1128 } else if (bh->code_type == CODE_TYPE_EFI) { 1129 struct esas2r_efi_image *ei; 1130 1131 /* 1132 * So we have an EFI image. There are several types 1133 * so see which architecture we have. 1134 */ 1135 ei = (struct esas2r_efi_image *)bytes; 1136 1137 switch (le16_to_cpu(ei->machine_type)) { 1138 case EFI_MACHINE_IA32: 1139 strcpy(a->image_type, "EFI 32-bit"); 1140 return true; 1141 1142 case EFI_MACHINE_IA64: 1143 strcpy(a->image_type, "EFI itanium"); 1144 return true; 1145 1146 case EFI_MACHINE_X64: 1147 strcpy(a->image_type, "EFI 64-bit"); 1148 return true; 1149 1150 case EFI_MACHINE_EBC: 1151 strcpy(a->image_type, "EFI EBC"); 1152 return true; 1153 1154 default: 1155 goto invalid_rev; 1156 } 1157 } else { 1158 u32 thislen; 1159 1160 /* jump to the next image */ 1161 thislen = (u32)le16_to_cpu(bh->image_length) * 512; 1162 if (thislen == 0 1163 || thislen + offset > len 1164 || bh->indicator == INDICATOR_LAST) 1165 break; 1166 1167 offset += thislen; 1168 } 1169 } 1170 1171 invalid_rev: 1172 strcpy(a->image_type, "no boot images"); 1173 return false; 1174 } 1175 1176 /* 1177 * Read and validate current NVRAM parameters by accessing 1178 * physical NVRAM directly. if currently stored parameters are 1179 * invalid, use the defaults. 1180 */ 1181 bool esas2r_nvram_read_direct(struct esas2r_adapter *a) 1182 { 1183 bool result; 1184 1185 if (down_interruptible(&a->nvram_semaphore)) 1186 return false; 1187 1188 if (!esas2r_read_flash_block(a, a->nvram, FLS_OFFSET_NVR, 1189 sizeof(struct esas2r_sas_nvram))) { 1190 esas2r_hdebug("NVRAM read failed, using defaults"); 1191 return false; 1192 } 1193 1194 result = esas2r_nvram_validate(a); 1195 1196 up(&a->nvram_semaphore); 1197 1198 return result; 1199 } 1200 1201 /* Interrupt callback to process NVRAM completions. */ 1202 static void esas2r_nvram_callback(struct esas2r_adapter *a, 1203 struct esas2r_request *rq) 1204 { 1205 struct atto_vda_flash_req *vrq = &rq->vrq->flash; 1206 1207 if (rq->req_stat == RS_SUCCESS) { 1208 /* last request was successful. see what to do now. */ 1209 1210 switch (vrq->sub_func) { 1211 case VDA_FLASH_BEGINW: 1212 vrq->sub_func = VDA_FLASH_WRITE; 1213 rq->req_stat = RS_PENDING; 1214 break; 1215 1216 case VDA_FLASH_WRITE: 1217 vrq->sub_func = VDA_FLASH_COMMIT; 1218 rq->req_stat = RS_PENDING; 1219 break; 1220 1221 case VDA_FLASH_READ: 1222 esas2r_nvram_validate(a); 1223 break; 1224 1225 case VDA_FLASH_COMMIT: 1226 default: 1227 break; 1228 } 1229 } 1230 1231 if (rq->req_stat != RS_PENDING) { 1232 /* update the NVRAM state */ 1233 if (rq->req_stat == RS_SUCCESS) 1234 esas2r_lock_set_flags(&a->flags, AF_NVR_VALID); 1235 else 1236 esas2r_lock_clear_flags(&a->flags, AF_NVR_VALID); 1237 1238 esas2r_enable_heartbeat(a); 1239 1240 up(&a->nvram_semaphore); 1241 } 1242 } 1243 1244 /* 1245 * Write the contents of nvram to the adapter's physical NVRAM. 1246 * The cached copy of the NVRAM is also updated. 1247 */ 1248 bool esas2r_nvram_write(struct esas2r_adapter *a, struct esas2r_request *rq, 1249 struct esas2r_sas_nvram *nvram) 1250 { 1251 struct esas2r_sas_nvram *n = nvram; 1252 u8 sas_address_bytes[8]; 1253 u32 *sas_address_dwords = (u32 *)&sas_address_bytes[0]; 1254 struct atto_vda_flash_req *vrq = &rq->vrq->flash; 1255 1256 if (a->flags & AF_DEGRADED_MODE) 1257 return false; 1258 1259 if (down_interruptible(&a->nvram_semaphore)) 1260 return false; 1261 1262 if (n == NULL) 1263 n = a->nvram; 1264 1265 /* check the validity of the settings */ 1266 if (n->version > SASNVR_VERSION) { 1267 up(&a->nvram_semaphore); 1268 return false; 1269 } 1270 1271 memcpy(&sas_address_bytes[0], n->sas_addr, 8); 1272 1273 if (sas_address_bytes[0] != 0x50 1274 || sas_address_bytes[1] != 0x01 1275 || sas_address_bytes[2] != 0x08 1276 || (sas_address_bytes[3] & 0xF0) != 0x60 1277 || ((sas_address_bytes[3] & 0x0F) | sas_address_dwords[1]) == 0) { 1278 up(&a->nvram_semaphore); 1279 return false; 1280 } 1281 1282 if (n->spin_up_delay > SASNVR_SPINUP_MAX) 1283 n->spin_up_delay = SASNVR_SPINUP_MAX; 1284 1285 n->version = SASNVR_VERSION; 1286 n->checksum = n->checksum - esas2r_nvramcalc_cksum(n); 1287 memcpy(a->nvram, n, sizeof(struct esas2r_sas_nvram)); 1288 1289 /* write the NVRAM */ 1290 n = a->nvram; 1291 esas2r_disable_heartbeat(a); 1292 1293 esas2r_build_flash_req(a, 1294 rq, 1295 VDA_FLASH_BEGINW, 1296 esas2r_nvramcalc_xor_cksum(n), 1297 FLS_OFFSET_NVR, 1298 sizeof(struct esas2r_sas_nvram)); 1299 1300 if (a->flags & AF_LEGACY_SGE_MODE) { 1301 1302 vrq->data.sge[0].length = 1303 cpu_to_le32(SGE_LAST | 1304 sizeof(struct esas2r_sas_nvram)); 1305 vrq->data.sge[0].address = cpu_to_le64( 1306 a->uncached_phys + (u64)((u8 *)n - a->uncached)); 1307 } else { 1308 vrq->data.prde[0].ctl_len = 1309 cpu_to_le32(sizeof(struct esas2r_sas_nvram)); 1310 vrq->data.prde[0].address = cpu_to_le64( 1311 a->uncached_phys 1312 + (u64)((u8 *)n - a->uncached)); 1313 } 1314 rq->interrupt_cb = esas2r_nvram_callback; 1315 esas2r_start_request(a, rq); 1316 return true; 1317 } 1318 1319 /* Validate the cached NVRAM. if the NVRAM is invalid, load the defaults. */ 1320 bool esas2r_nvram_validate(struct esas2r_adapter *a) 1321 { 1322 struct esas2r_sas_nvram *n = a->nvram; 1323 bool rslt = false; 1324 1325 if (n->signature[0] != 'E' 1326 || n->signature[1] != 'S' 1327 || n->signature[2] != 'A' 1328 || n->signature[3] != 'S') { 1329 esas2r_hdebug("invalid NVRAM signature"); 1330 } else if (esas2r_nvramcalc_cksum(n)) { 1331 esas2r_hdebug("invalid NVRAM checksum"); 1332 } else if (n->version > SASNVR_VERSION) { 1333 esas2r_hdebug("invalid NVRAM version"); 1334 } else { 1335 esas2r_lock_set_flags(&a->flags, AF_NVR_VALID); 1336 rslt = true; 1337 } 1338 1339 if (rslt == false) { 1340 esas2r_hdebug("using defaults"); 1341 esas2r_nvram_set_defaults(a); 1342 } 1343 1344 return rslt; 1345 } 1346 1347 /* 1348 * Set the cached NVRAM to defaults. note that this function sets the default 1349 * NVRAM when it has been determined that the physical NVRAM is invalid. 1350 * In this case, the SAS address is fabricated. 1351 */ 1352 void esas2r_nvram_set_defaults(struct esas2r_adapter *a) 1353 { 1354 struct esas2r_sas_nvram *n = a->nvram; 1355 u32 time = jiffies_to_msecs(jiffies); 1356 1357 esas2r_lock_clear_flags(&a->flags, AF_NVR_VALID); 1358 memcpy(n, &default_sas_nvram, sizeof(struct esas2r_sas_nvram)); 1359 n->sas_addr[3] |= 0x0F; 1360 n->sas_addr[4] = HIBYTE(LOWORD(time)); 1361 n->sas_addr[5] = LOBYTE(LOWORD(time)); 1362 n->sas_addr[6] = a->pcid->bus->number; 1363 n->sas_addr[7] = a->pcid->devfn; 1364 } 1365 1366 void esas2r_nvram_get_defaults(struct esas2r_adapter *a, 1367 struct esas2r_sas_nvram *nvram) 1368 { 1369 u8 sas_addr[8]; 1370 1371 /* 1372 * in case we are copying the defaults into the adapter, copy the SAS 1373 * address out first. 1374 */ 1375 memcpy(&sas_addr[0], a->nvram->sas_addr, 8); 1376 memcpy(nvram, &default_sas_nvram, sizeof(struct esas2r_sas_nvram)); 1377 memcpy(&nvram->sas_addr[0], &sas_addr[0], 8); 1378 } 1379 1380 bool esas2r_fm_api(struct esas2r_adapter *a, struct esas2r_flash_img *fi, 1381 struct esas2r_request *rq, struct esas2r_sg_context *sgc) 1382 { 1383 struct esas2r_flash_context *fc = &a->flash_context; 1384 u8 j; 1385 struct esas2r_component_header *ch; 1386 1387 if (esas2r_lock_set_flags(&a->flags, AF_FLASH_LOCK) & AF_FLASH_LOCK) { 1388 /* flag was already set */ 1389 fi->status = FI_STAT_BUSY; 1390 return false; 1391 } 1392 1393 memcpy(&fc->sgc, sgc, sizeof(struct esas2r_sg_context)); 1394 sgc = &fc->sgc; 1395 fc->fi = fi; 1396 fc->sgc_offset = sgc->cur_offset; 1397 rq->req_stat = RS_SUCCESS; 1398 rq->interrupt_cx = fc; 1399 1400 switch (fi->fi_version) { 1401 case FI_VERSION_1: 1402 fc->scratch = ((struct esas2r_flash_img *)fi)->scratch_buf; 1403 fc->num_comps = FI_NUM_COMPS_V1; 1404 fc->fi_hdr_len = sizeof(struct esas2r_flash_img); 1405 break; 1406 1407 default: 1408 return complete_fmapi_req(a, rq, FI_STAT_IMG_VER); 1409 } 1410 1411 if (a->flags & AF_DEGRADED_MODE) 1412 return complete_fmapi_req(a, rq, FI_STAT_DEGRADED); 1413 1414 switch (fi->action) { 1415 case FI_ACT_DOWN: /* Download the components */ 1416 /* Verify the format of the flash image */ 1417 if (!verify_fi(a, fc)) 1418 return complete_fmapi_req(a, rq, fi->status); 1419 1420 /* Adjust the BIOS fields that are dependent on the HBA */ 1421 ch = &fi->cmp_hdr[CH_IT_BIOS]; 1422 1423 if (ch->length) 1424 fix_bios(a, fi); 1425 1426 /* Adjust the EFI fields that are dependent on the HBA */ 1427 ch = &fi->cmp_hdr[CH_IT_EFI]; 1428 1429 if (ch->length) 1430 fix_efi(a, fi); 1431 1432 /* 1433 * Since the image was just modified, compute the checksum on 1434 * the modified image. First update the CRC for the composite 1435 * expansion ROM image. 1436 */ 1437 fi->checksum = calc_fi_checksum(fc); 1438 1439 /* Disable the heartbeat */ 1440 esas2r_disable_heartbeat(a); 1441 1442 /* Now start up the download sequence */ 1443 fc->task = FMTSK_ERASE_BOOT; 1444 fc->func = VDA_FLASH_BEGINW; 1445 fc->comp_typ = CH_IT_CFG; 1446 fc->flsh_addr = FLS_OFFSET_BOOT; 1447 fc->sgc.length = FLS_LENGTH_BOOT; 1448 fc->sgc.cur_offset = NULL; 1449 1450 /* Setup the callback address */ 1451 fc->interrupt_cb = fw_download_proc; 1452 break; 1453 1454 case FI_ACT_UPSZ: /* Get upload sizes */ 1455 fi->adap_typ = get_fi_adap_type(a); 1456 fi->flags = 0; 1457 fi->num_comps = fc->num_comps; 1458 fi->length = fc->fi_hdr_len; 1459 1460 /* Report the type of boot image in the rel_version string */ 1461 memcpy(fi->rel_version, a->image_type, 1462 sizeof(fi->rel_version)); 1463 1464 /* Build the component headers */ 1465 for (j = 0, ch = fi->cmp_hdr; 1466 j < fi->num_comps; 1467 j++, ch++) { 1468 ch->img_type = j; 1469 ch->status = CH_STAT_PENDING; 1470 ch->length = 0; 1471 ch->version = 0xffffffff; 1472 ch->image_offset = 0; 1473 ch->pad[0] = 0; 1474 ch->pad[1] = 0; 1475 } 1476 1477 if (a->flash_ver != 0) { 1478 fi->cmp_hdr[CH_IT_BIOS].version = 1479 fi->cmp_hdr[CH_IT_MAC].version = 1480 fi->cmp_hdr[CH_IT_EFI].version = 1481 fi->cmp_hdr[CH_IT_CFG].version 1482 = a->flash_ver; 1483 1484 fi->cmp_hdr[CH_IT_BIOS].status = 1485 fi->cmp_hdr[CH_IT_MAC].status = 1486 fi->cmp_hdr[CH_IT_EFI].status = 1487 fi->cmp_hdr[CH_IT_CFG].status = 1488 CH_STAT_SUCCESS; 1489 1490 return complete_fmapi_req(a, rq, FI_STAT_SUCCESS); 1491 } 1492 1493 /* fall through */ 1494 1495 case FI_ACT_UP: /* Upload the components */ 1496 default: 1497 return complete_fmapi_req(a, rq, FI_STAT_INVALID); 1498 } 1499 1500 /* 1501 * If we make it here, fc has been setup to do the first task. Call 1502 * load_image to format the request, start it, and get out. The 1503 * interrupt code will call the callback when the first message is 1504 * complete. 1505 */ 1506 if (!load_image(a, rq)) 1507 return complete_fmapi_req(a, rq, FI_STAT_FAILED); 1508 1509 esas2r_start_request(a, rq); 1510 1511 return true; 1512 } 1513