gpio: rcar: Fix runtime PM imbalance on error
[linux/fpc-iii.git] / drivers / net / wireless / ath / carl9170 / fw.c
blob51934d191f33917f3eb14cd60002885bd210a46f
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3 * Atheros CARL9170 driver
5 * firmware parser
7 * Copyright 2009, 2010, Christian Lamparter <chunkeey@googlemail.com>
8 */
10 #include <linux/kernel.h>
11 #include <linux/firmware.h>
12 #include <linux/crc32.h>
13 #include <linux/module.h>
14 #include "carl9170.h"
15 #include "fwcmd.h"
16 #include "version.h"
18 static const u8 otus_magic[4] = { OTUS_MAGIC };
20 static const void *carl9170_fw_find_desc(struct ar9170 *ar, const u8 descid[4],
21 const unsigned int len, const u8 compatible_revision)
23 const struct carl9170fw_desc_head *iter;
25 carl9170fw_for_each_hdr(iter, ar->fw.desc) {
26 if (carl9170fw_desc_cmp(iter, descid, len,
27 compatible_revision))
28 return (void *)iter;
31 /* needed to find the LAST desc */
32 if (carl9170fw_desc_cmp(iter, descid, len,
33 compatible_revision))
34 return (void *)iter;
36 return NULL;
39 static int carl9170_fw_verify_descs(struct ar9170 *ar,
40 const struct carl9170fw_desc_head *head, unsigned int max_len)
42 const struct carl9170fw_desc_head *pos;
43 unsigned long pos_addr, end_addr;
44 unsigned int pos_length;
46 if (max_len < sizeof(*pos))
47 return -ENODATA;
49 max_len = min_t(unsigned int, CARL9170FW_DESC_MAX_LENGTH, max_len);
51 pos = head;
52 pos_addr = (unsigned long) pos;
53 end_addr = pos_addr + max_len;
55 while (pos_addr < end_addr) {
56 if (pos_addr + sizeof(*head) > end_addr)
57 return -E2BIG;
59 pos_length = le16_to_cpu(pos->length);
61 if (pos_length < sizeof(*head))
62 return -EBADMSG;
64 if (pos_length > max_len)
65 return -EOVERFLOW;
67 if (pos_addr + pos_length > end_addr)
68 return -EMSGSIZE;
70 if (carl9170fw_desc_cmp(pos, LAST_MAGIC,
71 CARL9170FW_LAST_DESC_SIZE,
72 CARL9170FW_LAST_DESC_CUR_VER))
73 return 0;
75 pos_addr += pos_length;
76 pos = (void *)pos_addr;
77 max_len -= pos_length;
79 return -EINVAL;
82 static void carl9170_fw_info(struct ar9170 *ar)
84 const struct carl9170fw_motd_desc *motd_desc;
85 unsigned int str_ver_len;
86 u32 fw_date;
88 dev_info(&ar->udev->dev, "driver API: %s 2%03d-%02d-%02d [%d-%d]\n",
89 CARL9170FW_VERSION_GIT, CARL9170FW_VERSION_YEAR,
90 CARL9170FW_VERSION_MONTH, CARL9170FW_VERSION_DAY,
91 CARL9170FW_API_MIN_VER, CARL9170FW_API_MAX_VER);
93 motd_desc = carl9170_fw_find_desc(ar, MOTD_MAGIC,
94 sizeof(*motd_desc), CARL9170FW_MOTD_DESC_CUR_VER);
96 if (motd_desc) {
97 str_ver_len = strnlen(motd_desc->release,
98 CARL9170FW_MOTD_RELEASE_LEN);
100 fw_date = le32_to_cpu(motd_desc->fw_year_month_day);
102 dev_info(&ar->udev->dev, "firmware API: %.*s 2%03d-%02d-%02d\n",
103 str_ver_len, motd_desc->release,
104 CARL9170FW_GET_YEAR(fw_date),
105 CARL9170FW_GET_MONTH(fw_date),
106 CARL9170FW_GET_DAY(fw_date));
108 strlcpy(ar->hw->wiphy->fw_version, motd_desc->release,
109 sizeof(ar->hw->wiphy->fw_version));
113 static bool valid_dma_addr(const u32 address)
115 if (address >= AR9170_SRAM_OFFSET &&
116 address < (AR9170_SRAM_OFFSET + AR9170_SRAM_SIZE))
117 return true;
119 return false;
122 static bool valid_cpu_addr(const u32 address)
124 if (valid_dma_addr(address) || (address >= AR9170_PRAM_OFFSET &&
125 address < (AR9170_PRAM_OFFSET + AR9170_PRAM_SIZE)))
126 return true;
128 return false;
131 static int carl9170_fw_checksum(struct ar9170 *ar, const __u8 *data,
132 size_t len)
134 const struct carl9170fw_otus_desc *otus_desc;
135 const struct carl9170fw_last_desc *last_desc;
136 const struct carl9170fw_chk_desc *chk_desc;
137 unsigned long fin, diff;
138 unsigned int dsc_len;
139 u32 crc32;
141 last_desc = carl9170_fw_find_desc(ar, LAST_MAGIC,
142 sizeof(*last_desc), CARL9170FW_LAST_DESC_CUR_VER);
143 if (!last_desc)
144 return -EINVAL;
146 otus_desc = carl9170_fw_find_desc(ar, OTUS_MAGIC,
147 sizeof(*otus_desc), CARL9170FW_OTUS_DESC_CUR_VER);
148 if (!otus_desc) {
149 dev_err(&ar->udev->dev, "failed to find compatible firmware "
150 "descriptor.\n");
151 return -ENODATA;
154 chk_desc = carl9170_fw_find_desc(ar, CHK_MAGIC,
155 sizeof(*chk_desc), CARL9170FW_CHK_DESC_CUR_VER);
157 if (!chk_desc) {
158 dev_warn(&ar->udev->dev, "Unprotected firmware image.\n");
159 return 0;
162 dsc_len = min_t(unsigned int, len,
163 (unsigned long)chk_desc - (unsigned long)otus_desc);
165 fin = (unsigned long) last_desc + sizeof(*last_desc);
166 diff = fin - (unsigned long) otus_desc;
168 if (diff < len)
169 len -= diff;
171 if (len < 256)
172 return -EIO;
174 crc32 = crc32_le(~0, data, len);
175 if (cpu_to_le32(crc32) != chk_desc->fw_crc32) {
176 dev_err(&ar->udev->dev, "fw checksum test failed.\n");
177 return -ENOEXEC;
180 crc32 = crc32_le(crc32, (void *)otus_desc, dsc_len);
181 if (cpu_to_le32(crc32) != chk_desc->hdr_crc32) {
182 dev_err(&ar->udev->dev, "descriptor check failed.\n");
183 return -EINVAL;
185 return 0;
188 static int carl9170_fw_tx_sequence(struct ar9170 *ar)
190 const struct carl9170fw_txsq_desc *txsq_desc;
192 txsq_desc = carl9170_fw_find_desc(ar, TXSQ_MAGIC, sizeof(*txsq_desc),
193 CARL9170FW_TXSQ_DESC_CUR_VER);
194 if (txsq_desc) {
195 ar->fw.tx_seq_table = le32_to_cpu(txsq_desc->seq_table_addr);
196 if (!valid_cpu_addr(ar->fw.tx_seq_table))
197 return -EINVAL;
198 } else {
199 ar->fw.tx_seq_table = 0;
202 return 0;
205 static void carl9170_fw_set_if_combinations(struct ar9170 *ar,
206 u16 if_comb_types)
208 if (ar->fw.vif_num < 2)
209 return;
211 ar->if_comb_limits[0].max = ar->fw.vif_num;
212 ar->if_comb_limits[0].types = if_comb_types;
214 ar->if_combs[0].num_different_channels = 1;
215 ar->if_combs[0].max_interfaces = ar->fw.vif_num;
216 ar->if_combs[0].limits = ar->if_comb_limits;
217 ar->if_combs[0].n_limits = ARRAY_SIZE(ar->if_comb_limits);
219 ar->hw->wiphy->iface_combinations = ar->if_combs;
220 ar->hw->wiphy->n_iface_combinations = ARRAY_SIZE(ar->if_combs);
223 static int carl9170_fw(struct ar9170 *ar, const __u8 *data, size_t len)
225 const struct carl9170fw_otus_desc *otus_desc;
226 int err;
227 u16 if_comb_types;
229 err = carl9170_fw_checksum(ar, data, len);
230 if (err)
231 return err;
233 otus_desc = carl9170_fw_find_desc(ar, OTUS_MAGIC,
234 sizeof(*otus_desc), CARL9170FW_OTUS_DESC_CUR_VER);
235 if (!otus_desc) {
236 return -ENODATA;
239 #define SUPP(feat) \
240 (carl9170fw_supports(otus_desc->feature_set, feat))
242 if (!SUPP(CARL9170FW_DUMMY_FEATURE)) {
243 dev_err(&ar->udev->dev, "invalid firmware descriptor "
244 "format detected.\n");
245 return -EINVAL;
248 ar->fw.api_version = otus_desc->api_ver;
250 if (ar->fw.api_version < CARL9170FW_API_MIN_VER ||
251 ar->fw.api_version > CARL9170FW_API_MAX_VER) {
252 dev_err(&ar->udev->dev, "unsupported firmware api version.\n");
253 return -EINVAL;
256 if (!SUPP(CARL9170FW_COMMAND_PHY) || SUPP(CARL9170FW_UNUSABLE) ||
257 !SUPP(CARL9170FW_HANDLE_BACK_REQ)) {
258 dev_err(&ar->udev->dev, "firmware does support "
259 "mandatory features.\n");
260 return -ECANCELED;
263 if (ilog2(le32_to_cpu(otus_desc->feature_set)) >=
264 __CARL9170FW_FEATURE_NUM) {
265 dev_warn(&ar->udev->dev, "driver does not support all "
266 "firmware features.\n");
269 if (!SUPP(CARL9170FW_COMMAND_CAM)) {
270 dev_info(&ar->udev->dev, "crypto offloading is disabled "
271 "by firmware.\n");
272 ar->fw.disable_offload_fw = true;
275 if (SUPP(CARL9170FW_PSM) && SUPP(CARL9170FW_FIXED_5GHZ_PSM))
276 ieee80211_hw_set(ar->hw, SUPPORTS_PS);
278 if (!SUPP(CARL9170FW_USB_INIT_FIRMWARE)) {
279 dev_err(&ar->udev->dev, "firmware does not provide "
280 "mandatory interfaces.\n");
281 return -EINVAL;
284 if (SUPP(CARL9170FW_MINIBOOT))
285 ar->fw.offset = le16_to_cpu(otus_desc->miniboot_size);
286 else
287 ar->fw.offset = 0;
289 if (SUPP(CARL9170FW_USB_DOWN_STREAM)) {
290 ar->hw->extra_tx_headroom += sizeof(struct ar9170_stream);
291 ar->fw.tx_stream = true;
294 if (SUPP(CARL9170FW_USB_UP_STREAM))
295 ar->fw.rx_stream = true;
297 if (SUPP(CARL9170FW_RX_FILTER)) {
298 ar->fw.rx_filter = true;
299 ar->rx_filter_caps = FIF_FCSFAIL | FIF_PLCPFAIL |
300 FIF_CONTROL | FIF_PSPOLL | FIF_OTHER_BSS;
303 if (SUPP(CARL9170FW_HW_COUNTERS))
304 ar->fw.hw_counters = true;
306 if (SUPP(CARL9170FW_WOL))
307 device_set_wakeup_enable(&ar->udev->dev, true);
309 if (SUPP(CARL9170FW_RX_BA_FILTER))
310 ar->fw.ba_filter = true;
312 if_comb_types = BIT(NL80211_IFTYPE_STATION) |
313 BIT(NL80211_IFTYPE_P2P_CLIENT);
315 ar->fw.vif_num = otus_desc->vif_num;
316 ar->fw.cmd_bufs = otus_desc->cmd_bufs;
317 ar->fw.address = le32_to_cpu(otus_desc->fw_address);
318 ar->fw.rx_size = le16_to_cpu(otus_desc->rx_max_frame_len);
319 ar->fw.mem_blocks = min_t(unsigned int, otus_desc->tx_descs, 0xfe);
320 atomic_set(&ar->mem_free_blocks, ar->fw.mem_blocks);
321 ar->fw.mem_block_size = le16_to_cpu(otus_desc->tx_frag_len);
323 if (ar->fw.vif_num >= AR9170_MAX_VIRTUAL_MAC || !ar->fw.vif_num ||
324 ar->fw.mem_blocks < 16 || !ar->fw.cmd_bufs ||
325 ar->fw.mem_block_size < 64 || ar->fw.mem_block_size > 512 ||
326 ar->fw.rx_size > 32768 || ar->fw.rx_size < 4096 ||
327 !valid_cpu_addr(ar->fw.address)) {
328 dev_err(&ar->udev->dev, "firmware shows obvious signs of "
329 "malicious tampering.\n");
330 return -EINVAL;
333 ar->fw.beacon_addr = le32_to_cpu(otus_desc->bcn_addr);
334 ar->fw.beacon_max_len = le16_to_cpu(otus_desc->bcn_len);
336 if (valid_dma_addr(ar->fw.beacon_addr) && ar->fw.beacon_max_len >=
337 AR9170_MAC_BCN_LENGTH_MAX) {
338 ar->hw->wiphy->interface_modes |= BIT(NL80211_IFTYPE_ADHOC);
340 if (SUPP(CARL9170FW_WLANTX_CAB)) {
341 if_comb_types |=
342 BIT(NL80211_IFTYPE_AP) |
343 BIT(NL80211_IFTYPE_P2P_GO);
345 #ifdef CONFIG_MAC80211_MESH
346 if_comb_types |=
347 BIT(NL80211_IFTYPE_MESH_POINT);
348 #endif /* CONFIG_MAC80211_MESH */
352 carl9170_fw_set_if_combinations(ar, if_comb_types);
354 ar->hw->wiphy->interface_modes |= if_comb_types;
356 ar->hw->wiphy->flags &= ~WIPHY_FLAG_PS_ON_BY_DEFAULT;
358 /* As IBSS Encryption is software-based, IBSS RSN is supported. */
359 ar->hw->wiphy->flags |= WIPHY_FLAG_HAS_REMAIN_ON_CHANNEL |
360 WIPHY_FLAG_IBSS_RSN | WIPHY_FLAG_SUPPORTS_TDLS;
362 #undef SUPPORTED
363 return carl9170_fw_tx_sequence(ar);
366 static struct carl9170fw_desc_head *
367 carl9170_find_fw_desc(struct ar9170 *ar, const __u8 *fw_data, const size_t len)
370 int scan = 0, found = 0;
372 if (!carl9170fw_size_check(len)) {
373 dev_err(&ar->udev->dev, "firmware size is out of bound.\n");
374 return NULL;
377 while (scan < len - sizeof(struct carl9170fw_desc_head)) {
378 if (fw_data[scan++] == otus_magic[found])
379 found++;
380 else
381 found = 0;
383 if (scan >= len)
384 break;
386 if (found == sizeof(otus_magic))
387 break;
390 if (found != sizeof(otus_magic))
391 return NULL;
393 return (void *)&fw_data[scan - found];
396 int carl9170_parse_firmware(struct ar9170 *ar)
398 const struct carl9170fw_desc_head *fw_desc = NULL;
399 const struct firmware *fw = ar->fw.fw;
400 unsigned long header_offset = 0;
401 int err;
403 if (WARN_ON(!fw))
404 return -EINVAL;
406 fw_desc = carl9170_find_fw_desc(ar, fw->data, fw->size);
408 if (!fw_desc) {
409 dev_err(&ar->udev->dev, "unsupported firmware.\n");
410 return -ENODATA;
413 header_offset = (unsigned long)fw_desc - (unsigned long)fw->data;
415 err = carl9170_fw_verify_descs(ar, fw_desc, fw->size - header_offset);
416 if (err) {
417 dev_err(&ar->udev->dev, "damaged firmware (%d).\n", err);
418 return err;
421 ar->fw.desc = fw_desc;
423 carl9170_fw_info(ar);
425 err = carl9170_fw(ar, fw->data, fw->size);
426 if (err) {
427 dev_err(&ar->udev->dev, "failed to parse firmware (%d).\n",
428 err);
429 return err;
432 return 0;