1 // SPDX-License-Identifier: (GPL-2.0 OR MPL-1.1)
2 /* from src/prism2/download/prism2dl.c
4 * utility for downloading prism2 images moved into kernelspace
6 * Copyright (C) 1999 AbsoluteValue Systems, Inc. All Rights Reserved.
7 * --------------------------------------------------------------------
11 * --------------------------------------------------------------------
13 * Inquiries regarding the linux-wlan Open Source project can be
16 * AbsoluteValue Systems Inc.
18 * http://www.linux-wlan.com
20 * --------------------------------------------------------------------
22 * Portions of the development of this software were funded by
23 * Intersil Corporation as part of PRISM(R) chipset product development.
25 * --------------------------------------------------------------------
28 /*================================================================*/
30 #include <linux/ihex.h>
31 #include <linux/slab.h>
33 /*================================================================*/
36 #define PRISM2_USB_FWFILE "prism2_ru.fw"
37 MODULE_FIRMWARE(PRISM2_USB_FWFILE);
39 #define S3DATA_MAX 5000
40 #define S3PLUG_MAX 200
44 #define S3ADDR_PLUG (0xff000000UL)
45 #define S3ADDR_CRC (0xff100000UL)
46 #define S3ADDR_INFO (0xff200000UL)
47 #define S3ADDR_START (0xff400000UL)
49 #define CHUNKS_MAX 100
51 #define WRITESIZE_MAX 4096
53 /*================================================================*/
79 struct hfa384x_compident version;
80 struct hfa384x_caplevel compat;
82 struct hfa384x_compident platform;
87 u8 buf[HFA384x_PDA_LEN_MAX];
88 struct hfa384x_pdrec *rec[HFA384x_PDA_RECS_MAX];
93 u32 addr; /* start address */
94 u32 len; /* in bytes */
95 u16 crc; /* CRC value (if it falls at a chunk boundary) */
99 /*================================================================*/
100 /* Local Static Definitions */
102 /*----------------------------------------------------------------*/
103 /* s-record image processing */
106 static unsigned int ns3data;
107 static struct s3datarec *s3data;
110 static unsigned int ns3plug;
111 static struct s3plugrec s3plug[S3PLUG_MAX];
114 static unsigned int ns3crc;
115 static struct s3crcrec s3crc[S3CRC_MAX];
118 static unsigned int ns3info;
119 static struct s3inforec s3info[S3INFO_MAX];
121 /* S7 record (there _better_ be only one) */
122 static u32 startaddr;
124 /* Load image chunks */
125 static unsigned int nfchunks;
126 static struct imgchunk fchunk[CHUNKS_MAX];
128 /* Note that for the following pdrec_t arrays, the len and code */
129 /* fields are stored in HOST byte order. The mkpdrlist() function */
130 /* does the conversion. */
131 /*----------------------------------------------------------------*/
132 /* PDA, built from [card|newfile]+[addfile1+addfile2...] */
134 static struct pda pda;
135 static struct hfa384x_compident nicid;
136 static struct hfa384x_caplevel rfid;
137 static struct hfa384x_caplevel macid;
138 static struct hfa384x_caplevel priid;
140 /*================================================================*/
141 /* Local Function Declarations */
143 static int prism2_fwapply(const struct ihex_binrec *rfptr,
144 struct wlandevice *wlandev);
146 static int read_fwfile(const struct ihex_binrec *rfptr);
148 static int mkimage(struct imgchunk *clist, unsigned int *ccnt);
150 static int read_cardpda(struct pda *pda, struct wlandevice *wlandev);
152 static int mkpdrlist(struct pda *pda);
154 static int plugimage(struct imgchunk *fchunk, unsigned int nfchunks,
155 struct s3plugrec *s3plug, unsigned int ns3plug,
158 static int crcimage(struct imgchunk *fchunk, unsigned int nfchunks,
159 struct s3crcrec *s3crc, unsigned int ns3crc);
161 static int writeimage(struct wlandevice *wlandev, struct imgchunk *fchunk,
162 unsigned int nfchunks);
164 static void free_chunks(struct imgchunk *fchunk, unsigned int *nfchunks);
166 static void free_srecs(void);
168 static int validate_identity(void);
170 /*================================================================*/
171 /* Function Definitions */
173 /*----------------------------------------------------------------
176 * Try and get firmware into memory
179 * udev usb device structure
180 * wlandev wlan device structure
185 *----------------------------------------------------------------
187 static int prism2_fwtry(struct usb_device *udev, struct wlandevice *wlandev)
189 const struct firmware *fw_entry = NULL;
191 netdev_info(wlandev->netdev, "prism2_usb: Checking for firmware %s\n",
193 if (request_ihex_firmware(&fw_entry,
194 PRISM2_USB_FWFILE, &udev->dev) != 0) {
195 netdev_info(wlandev->netdev,
196 "prism2_usb: Firmware not available, but not essential\n");
197 netdev_info(wlandev->netdev,
198 "prism2_usb: can continue to use card anyway.\n");
202 netdev_info(wlandev->netdev,
203 "prism2_usb: %s will be processed, size %zu\n",
204 PRISM2_USB_FWFILE, fw_entry->size);
205 prism2_fwapply((const struct ihex_binrec *)fw_entry->data, wlandev);
207 release_firmware(fw_entry);
211 /*----------------------------------------------------------------
214 * Apply the firmware loaded into memory
217 * rfptr firmware image in kernel memory
223 *----------------------------------------------------------------
225 static int prism2_fwapply(const struct ihex_binrec *rfptr,
226 struct wlandevice *wlandev)
228 signed int result = 0;
229 struct p80211msg_dot11req_mibget getmsg;
230 struct p80211itemd *item;
233 /* Initialize the data structures */
235 s3data = kcalloc(S3DATA_MAX, sizeof(*s3data), GFP_KERNEL);
242 memset(s3plug, 0, sizeof(s3plug));
244 memset(s3crc, 0, sizeof(s3crc));
246 memset(s3info, 0, sizeof(s3info));
250 memset(fchunk, 0, sizeof(fchunk));
251 memset(&nicid, 0, sizeof(nicid));
252 memset(&rfid, 0, sizeof(rfid));
253 memset(&macid, 0, sizeof(macid));
254 memset(&priid, 0, sizeof(priid));
256 /* clear the pda and add an initial END record */
257 memset(&pda, 0, sizeof(pda));
258 pda.rec[0] = (struct hfa384x_pdrec *)pda.buf;
259 pda.rec[0]->len = cpu_to_le16(2); /* len in words */
260 pda.rec[0]->code = cpu_to_le16(HFA384x_PDR_END_OF_PDA);
263 /*-----------------------------------------------------*/
264 /* Put card into fwload state */
265 prism2sta_ifstate(wlandev, P80211ENUM_ifstate_fwload);
267 /* Build the PDA we're going to use. */
268 if (read_cardpda(&pda, wlandev)) {
269 netdev_err(wlandev->netdev, "load_cardpda failed, exiting.\n");
274 /* read the card's PRI-SUP */
275 memset(&getmsg, 0, sizeof(getmsg));
276 getmsg.msgcode = DIDMSG_DOT11REQ_MIBGET;
277 getmsg.msglen = sizeof(getmsg);
278 strscpy(getmsg.devname, wlandev->name, sizeof(getmsg.devname));
280 getmsg.mibattribute.did = DIDMSG_DOT11REQ_MIBGET_MIBATTRIBUTE;
281 getmsg.mibattribute.status = P80211ENUM_msgitem_status_data_ok;
282 getmsg.resultcode.did = DIDMSG_DOT11REQ_MIBGET_RESULTCODE;
283 getmsg.resultcode.status = P80211ENUM_msgitem_status_no_value;
285 item = (struct p80211itemd *)getmsg.mibattribute.data;
286 item->did = DIDMIB_P2_NIC_PRISUPRANGE;
287 item->status = P80211ENUM_msgitem_status_no_value;
289 data = (u32 *)item->data;
291 /* DIDmsg_dot11req_mibget */
292 prism2mgmt_mibset_mibget(wlandev, &getmsg);
293 if (getmsg.resultcode.data != P80211ENUM_resultcode_success)
294 netdev_err(wlandev->netdev, "Couldn't fetch PRI-SUP info\n");
296 /* Already in host order */
297 priid.role = *data++;
299 priid.variant = *data++;
300 priid.bottom = *data++;
303 /* Read the S3 file */
304 result = read_fwfile(rfptr);
306 netdev_err(wlandev->netdev,
307 "Failed to read the data exiting.\n");
311 result = validate_identity();
313 netdev_err(wlandev->netdev, "Incompatible firmware image.\n");
317 if (startaddr == 0x00000000) {
318 netdev_err(wlandev->netdev,
319 "Can't RAM download a Flash image!\n");
324 /* Make the image chunks */
325 result = mkimage(fchunk, &nfchunks);
327 netdev_err(wlandev->netdev, "Failed to make image chunk.\n");
331 /* Do any plugging */
332 result = plugimage(fchunk, nfchunks, s3plug, ns3plug, &pda);
334 netdev_err(wlandev->netdev, "Failed to plug data.\n");
338 /* Insert any CRCs */
339 result = crcimage(fchunk, nfchunks, s3crc, ns3crc);
341 netdev_err(wlandev->netdev, "Failed to insert all CRCs\n");
345 /* Write the image */
346 result = writeimage(wlandev, fchunk, nfchunks);
348 netdev_err(wlandev->netdev, "Failed to ramwrite image data.\n");
352 netdev_info(wlandev->netdev, "prism2_usb: firmware loading finished.\n");
355 /* clear any allocated memory */
356 free_chunks(fchunk, &nfchunks);
363 /*----------------------------------------------------------------
366 * Adds a CRC16 in the two bytes prior to each block identified by
367 * an S3 CRC record. Currently, we don't actually do a CRC we just
368 * insert the value 0xC0DE in hfa384x order.
371 * fchunk Array of image chunks
372 * nfchunks Number of image chunks
373 * s3crc Array of crc records
374 * ns3crc Number of crc records
379 *----------------------------------------------------------------
381 static int crcimage(struct imgchunk *fchunk, unsigned int nfchunks,
382 struct s3crcrec *s3crc, unsigned int ns3crc)
393 for (i = 0; i < ns3crc; i++) {
394 if (!s3crc[i].dowrite)
396 crcstart = s3crc[i].addr;
398 for (c = 0; c < nfchunks; c++) {
399 cstart = fchunk[c].addr;
400 cend = fchunk[c].addr + fchunk[c].len;
401 /* the line below does an address & len match search */
402 /* unfortunately, I've found that the len fields of */
403 /* some crc records don't match with the length of */
404 /* the actual data, so we're not checking right now */
405 /* if (crcstart-2 >= cstart && crcend <= cend) break; */
407 /* note the -2 below, it's to make sure the chunk has */
408 /* space for the CRC value */
409 if (crcstart - 2 >= cstart && crcstart < cend)
413 pr_err("Failed to find chunk for crcrec[%d], addr=0x%06x len=%d , aborting crc.\n",
414 i, s3crc[i].addr, s3crc[i].len);
419 pr_debug("Adding crc @ 0x%06x\n", s3crc[i].addr - 2);
420 chunkoff = crcstart - cstart - 2;
421 dest = fchunk[c].data + chunkoff;
428 /*----------------------------------------------------------------
431 * Clears the chunklist data structures in preparation for a new file.
438 *----------------------------------------------------------------
440 static void free_chunks(struct imgchunk *fchunk, unsigned int *nfchunks)
444 for (i = 0; i < *nfchunks; i++)
445 kfree(fchunk[i].data);
448 memset(fchunk, 0, sizeof(*fchunk));
451 /*----------------------------------------------------------------
454 * Clears the srec data structures in preparation for a new file.
461 *----------------------------------------------------------------
463 static void free_srecs(void)
468 memset(s3plug, 0, sizeof(s3plug));
470 memset(s3crc, 0, sizeof(s3crc));
472 memset(s3info, 0, sizeof(s3info));
476 /*----------------------------------------------------------------
479 * Scans the currently loaded set of S records for data residing
480 * in contiguous memory regions. Each contiguous region is then
481 * made into a 'chunk'. This function assumes that we're building
482 * a new chunk list. Assumes the s3data items are in sorted order.
488 * ~0 - failure (probably an errno)
489 *----------------------------------------------------------------
491 static int mkimage(struct imgchunk *clist, unsigned int *ccnt)
504 /* There may already be data in the chunklist */
507 /* Establish the location and size of each chunk */
508 for (i = 0; i < ns3data; i++) {
509 if (s3data[i].addr == nextaddr) {
510 /* existing chunk, grow it */
511 clist[currchunk].len += s3data[i].len;
512 nextaddr += s3data[i].len;
516 currchunk = *ccnt - 1;
517 clist[currchunk].addr = s3data[i].addr;
518 clist[currchunk].len = s3data[i].len;
519 nextaddr = s3data[i].addr + s3data[i].len;
520 /* Expand the chunk if there is a CRC record at */
521 /* their beginning bound */
522 for (j = 0; j < ns3crc; j++) {
523 if (s3crc[j].dowrite &&
524 s3crc[j].addr == clist[currchunk].addr) {
525 clist[currchunk].addr -= 2;
526 clist[currchunk].len += 2;
532 /* We're currently assuming there aren't any overlapping chunks */
533 /* if this proves false, we'll need to add code to coalesce. */
535 /* Allocate buffer space for chunks */
536 for (i = 0; i < *ccnt; i++) {
537 clist[i].data = kzalloc(clist[i].len, GFP_KERNEL);
541 pr_debug("chunk[%d]: addr=0x%06x len=%d\n",
542 i, clist[i].addr, clist[i].len);
545 /* Copy srec data to chunks */
546 for (i = 0; i < ns3data; i++) {
547 s3start = s3data[i].addr;
548 s3end = s3start + s3data[i].len - 1;
549 for (j = 0; j < *ccnt; j++) {
550 cstart = clist[j].addr;
551 cend = cstart + clist[j].len - 1;
552 if (s3start >= cstart && s3end <= cend)
555 if (((unsigned int)j) >= (*ccnt)) {
556 pr_err("s3rec(a=0x%06x,l=%d), no chunk match, exiting.\n",
557 s3start, s3data[i].len);
560 coffset = s3start - cstart;
561 memcpy(clist[j].data + coffset, s3data[i].data, s3data[i].len);
567 /*----------------------------------------------------------------
570 * Reads a raw PDA and builds an array of pdrec_t structures.
573 * pda buffer containing raw PDA bytes
574 * pdrec ptr to an array of pdrec_t's. Will be filled on exit.
575 * nrec ptr to a variable that will contain the count of PDRs
579 * ~0 - failure (probably an errno)
580 *----------------------------------------------------------------
582 static int mkpdrlist(struct pda *pda)
584 __le16 *pda16 = (__le16 *)pda->buf;
585 int curroff; /* in 'words' */
589 while (curroff < (HFA384x_PDA_LEN_MAX / 2 - 1) &&
590 le16_to_cpu(pda16[curroff + 1]) != HFA384x_PDR_END_OF_PDA) {
591 pda->rec[pda->nrec] = (struct hfa384x_pdrec *)&pda16[curroff];
593 if (le16_to_cpu(pda->rec[pda->nrec]->code) ==
595 memcpy(&nicid, &pda->rec[pda->nrec]->data.nicid,
597 le16_to_cpus(&nicid.id);
598 le16_to_cpus(&nicid.variant);
599 le16_to_cpus(&nicid.major);
600 le16_to_cpus(&nicid.minor);
602 if (le16_to_cpu(pda->rec[pda->nrec]->code) ==
603 HFA384x_PDR_MFISUPRANGE) {
604 memcpy(&rfid, &pda->rec[pda->nrec]->data.mfisuprange,
606 le16_to_cpus(&rfid.id);
607 le16_to_cpus(&rfid.variant);
608 le16_to_cpus(&rfid.bottom);
609 le16_to_cpus(&rfid.top);
611 if (le16_to_cpu(pda->rec[pda->nrec]->code) ==
612 HFA384x_PDR_CFISUPRANGE) {
613 memcpy(&macid, &pda->rec[pda->nrec]->data.cfisuprange,
615 le16_to_cpus(&macid.id);
616 le16_to_cpus(&macid.variant);
617 le16_to_cpus(&macid.bottom);
618 le16_to_cpus(&macid.top);
622 curroff += le16_to_cpu(pda16[curroff]) + 1;
624 if (curroff >= (HFA384x_PDA_LEN_MAX / 2 - 1)) {
625 pr_err("no end record found or invalid lengths in PDR data, exiting. %x %d\n",
629 pda->rec[pda->nrec] = (struct hfa384x_pdrec *)&pda16[curroff];
634 /*----------------------------------------------------------------
637 * Plugs the given image using the given plug records from the given
641 * fchunk Array of image chunks
642 * nfchunks Number of image chunks
643 * s3plug Array of plug records
644 * ns3plug Number of plug records
645 * pda Current pda data
650 *----------------------------------------------------------------
652 static int plugimage(struct imgchunk *fchunk, unsigned int nfchunks,
653 struct s3plugrec *s3plug, unsigned int ns3plug,
657 int i; /* plug index */
658 int j; /* index of PDR or -1 if fname plug */
659 int c; /* chunk index */
667 /* for each plug record */
668 for (i = 0; i < ns3plug; i++) {
669 pstart = s3plug[i].addr;
670 pend = s3plug[i].addr + s3plug[i].len;
672 /* find the matching PDR (or filename) */
673 if (s3plug[i].itemcode != 0xffffffffUL) { /* not filename */
674 for (j = 0; j < pda->nrec; j++) {
675 if (s3plug[i].itemcode ==
676 le16_to_cpu(pda->rec[j]->code))
680 if (j >= pda->nrec && j != -1) { /* if no matching PDR, fail */
681 pr_warn("warning: Failed to find PDR for plugrec 0x%04x.\n",
683 continue; /* and move on to the next PDR */
685 /* MSM: They swear that unless it's the MAC address,
686 * the serial number, or the TX calibration records,
687 * then there's reasonable defaults in the f/w
688 * image. Therefore, missing PDRs in the card
689 * should only be a warning, not fatal.
690 * TODO: add fatals for the PDRs mentioned above.
694 /* Validate plug len against PDR len */
695 if (j != -1 && s3plug[i].len < le16_to_cpu(pda->rec[j]->len)) {
696 pr_err("error: Plug vs. PDR len mismatch for plugrec 0x%04x, abort plugging.\n",
703 * Validate plug address against
704 * chunk data and identify chunk
706 for (c = 0; c < nfchunks; c++) {
707 cstart = fchunk[c].addr;
708 cend = fchunk[c].addr + fchunk[c].len;
709 if (pstart >= cstart && pend <= cend)
713 pr_err("error: Failed to find image chunk for plugrec 0x%04x.\n",
720 chunkoff = pstart - cstart;
721 dest = fchunk[c].data + chunkoff;
722 pr_debug("Plugging item 0x%04x @ 0x%06x, len=%d, cnum=%d coff=0x%06x\n",
723 s3plug[i].itemcode, pstart, s3plug[i].len,
726 if (j == -1) { /* plug the filename */
727 memset(dest, 0, s3plug[i].len);
728 strncpy(dest, PRISM2_USB_FWFILE, s3plug[i].len - 1);
729 } else { /* plug a PDR */
730 memcpy(dest, &pda->rec[j]->data, s3plug[i].len);
736 /*----------------------------------------------------------------
739 * Sends the command for the driver to read the pda from the card
740 * named in the device variable. Upon success, the card pda is
741 * stored in the "cardpda" variables. Note that the pda structure
742 * is considered 'well formed' after this function. That means
743 * that the nrecs is valid, the rec array has been set up, and there's
744 * a valid PDAEND record in the raw PDA data.
752 * ~0 - failure (probably an errno)
753 *----------------------------------------------------------------
755 static int read_cardpda(struct pda *pda, struct wlandevice *wlandev)
758 struct p80211msg_p2req_readpda *msg;
760 msg = kzalloc(sizeof(*msg), GFP_KERNEL);
765 msg->msgcode = DIDMSG_P2REQ_READPDA;
766 msg->msglen = sizeof(msg);
767 strscpy(msg->devname, wlandev->name, sizeof(msg->devname));
768 msg->pda.did = DIDMSG_P2REQ_READPDA_PDA;
769 msg->pda.len = HFA384x_PDA_LEN_MAX;
770 msg->pda.status = P80211ENUM_msgitem_status_no_value;
771 msg->resultcode.did = DIDMSG_P2REQ_READPDA_RESULTCODE;
772 msg->resultcode.len = sizeof(u32);
773 msg->resultcode.status = P80211ENUM_msgitem_status_no_value;
775 if (prism2mgmt_readpda(wlandev, msg) != 0) {
776 /* prism2mgmt_readpda prints an errno if appropriate */
778 } else if (msg->resultcode.data == P80211ENUM_resultcode_success) {
779 memcpy(pda->buf, msg->pda.data, HFA384x_PDA_LEN_MAX);
780 result = mkpdrlist(pda);
782 /* resultcode must've been something other than success */
790 /*----------------------------------------------------------------
793 * Reads the given fw file which should have been compiled from an srec
794 * file. Each record in the fw file will either be a plain data record,
795 * a start address record, or other records used for plugging.
797 * Note that data records are expected to be sorted into
798 * ascending address order in the fw file.
800 * Note also that the start address record, originally an S7 record in
801 * the srec file, is expected in the fw file to be like a data record but
802 * with a certain address to make it identifiable.
804 * Here's the SREC format that the fw should have come from:
805 * S[37]nnaaaaaaaaddd...dddcc
807 * nn - number of bytes starting with the address field
808 * aaaaaaaa - address in readable (or big endian) format
809 * dd....dd - 0-245 data bytes (two chars per byte)
812 * The S7 record's (there should be only one) address value gets
813 * converted to an S3 record with address of 0xff400000, with the
814 * start address being stored as a 4 byte data word. That address is
815 * the start execution address used for RAM downloads.
817 * The S3 records have a collection of subformats indicated by the
819 * 0xff000000 - Plug record, data field format:
820 * xxxxxxxxaaaaaaaassssssss
821 * x - PDR code number (little endian)
822 * a - Address in load image to plug (little endian)
823 * s - Length of plug data area (little endian)
825 * 0xff100000 - CRC16 generation record, data field format:
826 * aaaaaaaassssssssbbbbbbbb
827 * a - Start address for CRC calculation (little endian)
828 * s - Length of data to calculate over (little endian)
829 * b - Boolean, true=write crc, false=don't write
831 * 0xff200000 - Info record, data field format:
833 * s - Size in words (little endian)
834 * t - Info type (little endian), see #defines and
835 * struct s3inforec for details about types.
836 * d - (s - 1) little endian words giving the contents of
837 * the given info type.
839 * 0xff400000 - Start address record, data field format:
841 * a - Address in load image to plug (little endian)
844 * record firmware image (ihex record structure) in kernel memory
848 * ~0 - failure (probably an errno)
849 *----------------------------------------------------------------
851 static int read_fwfile(const struct ihex_binrec *record)
857 u32 *ptr32, len, addr;
859 pr_debug("Reading fw file ...\n");
864 len = be16_to_cpu(record->len);
865 addr = be32_to_cpu(record->addr);
867 /* Point into data for different word lengths */
868 ptr32 = (u32 *)record->data;
869 ptr16 = (u16 *)record->data;
871 /* parse what was an S3 srec and put it in the right array */
875 pr_debug(" S7 start addr, record=%d addr=0x%08x\n",
880 s3plug[ns3plug].itemcode = *ptr32;
881 s3plug[ns3plug].addr = *(ptr32 + 1);
882 s3plug[ns3plug].len = *(ptr32 + 2);
884 pr_debug(" S3 plugrec, record=%d itemcode=0x%08x addr=0x%08x len=%d\n",
886 s3plug[ns3plug].itemcode,
887 s3plug[ns3plug].addr,
888 s3plug[ns3plug].len);
891 if (ns3plug == S3PLUG_MAX) {
892 pr_err("S3 plugrec limit reached - aborting\n");
897 s3crc[ns3crc].addr = *ptr32;
898 s3crc[ns3crc].len = *(ptr32 + 1);
899 s3crc[ns3crc].dowrite = *(ptr32 + 2);
901 pr_debug(" S3 crcrec, record=%d addr=0x%08x len=%d write=0x%08x\n",
905 s3crc[ns3crc].dowrite);
907 if (ns3crc == S3CRC_MAX) {
908 pr_err("S3 crcrec limit reached - aborting\n");
913 s3info[ns3info].len = *ptr16;
914 s3info[ns3info].type = *(ptr16 + 1);
916 pr_debug(" S3 inforec, record=%d len=0x%04x type=0x%04x\n",
919 s3info[ns3info].type);
920 if (((s3info[ns3info].len - 1) * sizeof(u16)) >
921 sizeof(s3info[ns3info].info)) {
922 pr_err("S3 inforec length too long - aborting\n");
926 tmpinfo = (u16 *)&s3info[ns3info].info.version;
928 for (i = 0; i < s3info[ns3info].len - 1; i++) {
929 tmpinfo[i] = *(ptr16 + 2 + i);
930 pr_debug("%04x ", tmpinfo[i]);
935 if (ns3info == S3INFO_MAX) {
936 pr_err("S3 inforec limit reached - aborting\n");
940 default: /* Data record */
941 s3data[ns3data].addr = addr;
942 s3data[ns3data].len = len;
943 s3data[ns3data].data = (uint8_t *)record->data;
945 if (ns3data == S3DATA_MAX) {
946 pr_err("S3 datarec limit reached - aborting\n");
951 record = ihex_next_binrec(record);
956 /*----------------------------------------------------------------
959 * Takes the chunks, builds p80211 messages and sends them down
960 * to the driver for writing to the card.
964 * fchunk Array of image chunks
965 * nfchunks Number of image chunks
970 *----------------------------------------------------------------
972 static int writeimage(struct wlandevice *wlandev, struct imgchunk *fchunk,
973 unsigned int nfchunks)
976 struct p80211msg_p2req_ramdl_state *rstmsg;
977 struct p80211msg_p2req_ramdl_write *rwrmsg;
981 unsigned int nwrites;
986 rstmsg = kzalloc(sizeof(*rstmsg), GFP_KERNEL);
987 rwrmsg = kzalloc(sizeof(*rwrmsg), GFP_KERNEL);
988 if (!rstmsg || !rwrmsg) {
989 netdev_err(wlandev->netdev,
990 "%s: no memory for firmware download, aborting download\n",
996 /* Initialize the messages */
997 strscpy(rstmsg->devname, wlandev->name, sizeof(rstmsg->devname));
998 rstmsg->msgcode = DIDMSG_P2REQ_RAMDL_STATE;
999 rstmsg->msglen = sizeof(*rstmsg);
1000 rstmsg->enable.did = DIDMSG_P2REQ_RAMDL_STATE_ENABLE;
1001 rstmsg->exeaddr.did = DIDMSG_P2REQ_RAMDL_STATE_EXEADDR;
1002 rstmsg->resultcode.did = DIDMSG_P2REQ_RAMDL_STATE_RESULTCODE;
1003 rstmsg->enable.status = P80211ENUM_msgitem_status_data_ok;
1004 rstmsg->exeaddr.status = P80211ENUM_msgitem_status_data_ok;
1005 rstmsg->resultcode.status = P80211ENUM_msgitem_status_no_value;
1006 rstmsg->enable.len = sizeof(u32);
1007 rstmsg->exeaddr.len = sizeof(u32);
1008 rstmsg->resultcode.len = sizeof(u32);
1010 strscpy(rwrmsg->devname, wlandev->name, sizeof(rwrmsg->devname));
1011 rwrmsg->msgcode = DIDMSG_P2REQ_RAMDL_WRITE;
1012 rwrmsg->msglen = sizeof(*rwrmsg);
1013 rwrmsg->addr.did = DIDMSG_P2REQ_RAMDL_WRITE_ADDR;
1014 rwrmsg->len.did = DIDMSG_P2REQ_RAMDL_WRITE_LEN;
1015 rwrmsg->data.did = DIDMSG_P2REQ_RAMDL_WRITE_DATA;
1016 rwrmsg->resultcode.did = DIDMSG_P2REQ_RAMDL_WRITE_RESULTCODE;
1017 rwrmsg->addr.status = P80211ENUM_msgitem_status_data_ok;
1018 rwrmsg->len.status = P80211ENUM_msgitem_status_data_ok;
1019 rwrmsg->data.status = P80211ENUM_msgitem_status_data_ok;
1020 rwrmsg->resultcode.status = P80211ENUM_msgitem_status_no_value;
1021 rwrmsg->addr.len = sizeof(u32);
1022 rwrmsg->len.len = sizeof(u32);
1023 rwrmsg->data.len = WRITESIZE_MAX;
1024 rwrmsg->resultcode.len = sizeof(u32);
1026 /* Send xxx_state(enable) */
1027 pr_debug("Sending dl_state(enable) message.\n");
1028 rstmsg->enable.data = P80211ENUM_truth_true;
1029 rstmsg->exeaddr.data = startaddr;
1031 result = prism2mgmt_ramdl_state(wlandev, rstmsg);
1033 netdev_err(wlandev->netdev,
1034 "%s state enable failed w/ result=%d, aborting download\n",
1038 resultcode = rstmsg->resultcode.data;
1039 if (resultcode != P80211ENUM_resultcode_success) {
1040 netdev_err(wlandev->netdev,
1041 "%s()->xxxdl_state msg indicates failure, w/ resultcode=%d, aborting download.\n",
1042 __func__, resultcode);
1047 /* Now, loop through the data chunks and send WRITESIZE_MAX data */
1048 for (i = 0; i < nfchunks; i++) {
1049 nwrites = fchunk[i].len / WRITESIZE_MAX;
1050 nwrites += (fchunk[i].len % WRITESIZE_MAX) ? 1 : 0;
1052 for (j = 0; j < nwrites; j++) {
1053 /* TODO Move this to a separate function */
1054 int lenleft = fchunk[i].len - (WRITESIZE_MAX * j);
1056 if (fchunk[i].len > WRITESIZE_MAX)
1057 currlen = WRITESIZE_MAX;
1060 curroff = j * WRITESIZE_MAX;
1061 currdaddr = fchunk[i].addr + curroff;
1062 /* Setup the message */
1063 rwrmsg->addr.data = currdaddr;
1064 rwrmsg->len.data = currlen;
1065 memcpy(rwrmsg->data.data,
1066 fchunk[i].data + curroff, currlen);
1068 /* Send flashdl_write(pda) */
1070 ("Sending xxxdl_write message addr=%06x len=%d.\n",
1071 currdaddr, currlen);
1073 result = prism2mgmt_ramdl_write(wlandev, rwrmsg);
1075 /* Check the results */
1077 netdev_err(wlandev->netdev,
1078 "%s chunk write failed w/ result=%d, aborting download\n",
1082 resultcode = rstmsg->resultcode.data;
1083 if (resultcode != P80211ENUM_resultcode_success) {
1084 pr_err("%s()->xxxdl_write msg indicates failure, w/ resultcode=%d, aborting download.\n",
1085 __func__, resultcode);
1092 /* Send xxx_state(disable) */
1093 pr_debug("Sending dl_state(disable) message.\n");
1094 rstmsg->enable.data = P80211ENUM_truth_false;
1095 rstmsg->exeaddr.data = 0;
1097 result = prism2mgmt_ramdl_state(wlandev, rstmsg);
1099 netdev_err(wlandev->netdev,
1100 "%s state disable failed w/ result=%d, aborting download\n",
1104 resultcode = rstmsg->resultcode.data;
1105 if (resultcode != P80211ENUM_resultcode_success) {
1106 netdev_err(wlandev->netdev,
1107 "%s()->xxxdl_state msg indicates failure, w/ resultcode=%d, aborting download.\n",
1108 __func__, resultcode);
1119 static int validate_identity(void)
1125 pr_debug("NIC ID: %#x v%d.%d.%d\n",
1126 nicid.id, nicid.major, nicid.minor, nicid.variant);
1127 pr_debug("MFI ID: %#x v%d %d->%d\n",
1128 rfid.id, rfid.variant, rfid.bottom, rfid.top);
1129 pr_debug("CFI ID: %#x v%d %d->%d\n",
1130 macid.id, macid.variant, macid.bottom, macid.top);
1131 pr_debug("PRI ID: %#x v%d %d->%d\n",
1132 priid.id, priid.variant, priid.bottom, priid.top);
1134 for (i = 0; i < ns3info; i++) {
1135 switch (s3info[i].type) {
1137 pr_debug("Version: ID %#x %d.%d.%d\n",
1138 s3info[i].info.version.id,
1139 s3info[i].info.version.major,
1140 s3info[i].info.version.minor,
1141 s3info[i].info.version.variant);
1144 pr_debug("Compat: Role %#x Id %#x v%d %d->%d\n",
1145 s3info[i].info.compat.role,
1146 s3info[i].info.compat.id,
1147 s3info[i].info.compat.variant,
1148 s3info[i].info.compat.bottom,
1149 s3info[i].info.compat.top);
1151 /* MAC compat range */
1152 if ((s3info[i].info.compat.role == 1) &&
1153 (s3info[i].info.compat.id == 2)) {
1154 if (s3info[i].info.compat.variant !=
1160 /* PRI compat range */
1161 if ((s3info[i].info.compat.role == 1) &&
1162 (s3info[i].info.compat.id == 3)) {
1163 if ((s3info[i].info.compat.bottom >
1165 (s3info[i].info.compat.top <
1170 /* SEC compat range */
1171 if ((s3info[i].info.compat.role == 1) &&
1172 (s3info[i].info.compat.id == 4)) {
1173 /* FIXME: isn't something missing here? */
1178 pr_debug("Seq: %#x\n", s3info[i].info.buildseq);
1182 pr_debug("Platform: ID %#x %d.%d.%d\n",
1183 s3info[i].info.version.id,
1184 s3info[i].info.version.major,
1185 s3info[i].info.version.minor,
1186 s3info[i].info.version.variant);
1188 if (nicid.id != s3info[i].info.version.id)
1190 if (nicid.major != s3info[i].info.version.major)
1192 if (nicid.minor != s3info[i].info.version.minor)
1194 if ((nicid.variant != s3info[i].info.version.variant) &&
1195 (nicid.id != 0x8008))
1201 pr_debug("name inforec len %d\n", s3info[i].len);
1205 pr_debug("Unknown inforec type %d\n", s3info[i].type);
1210 if (trump && (result != 2))
git.samba.org / sfrench / cifs-2.6.git / blob