1 /*
2  * Copyright (c) 2014 Redpine Signals Inc.
3  *
4  * Permission to use, copy, modify, and/or distribute this software for any
5  * purpose with or without fee is hereby granted, provided that the above
6  * copyright notice and this permission notice appear in all copies.
7  *
8  * THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
9  * WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
10  * MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR
11  * ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
12  * WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
13  * ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
14  * OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
15  */
16 
17 #include <linux/firmware.h>
18 #include <net/bluetooth/bluetooth.h>
19 #include "rsi_mgmt.h"
20 #include "rsi_hal.h"
21 #include "rsi_sdio.h"
22 #include "rsi_common.h"
23 
24 /* FLASH Firmware */
25 static struct ta_metadata metadata_flash_content[] = {
26 	{"flash_content", 0x00010000},
27 	{"rsi/rs9113_wlan_qspi.rps", 0x00010000},
28 	{"rsi/rs9113_wlan_bt_dual_mode.rps", 0x00010000},
29 	{"flash_content", 0x00010000},
30 	{"rsi/rs9113_ap_bt_dual_mode.rps", 0x00010000},
31 
32 };
33 
34 static struct ta_metadata metadata[] = {{"pmemdata_dummy", 0x00000000},
35 	{"rsi/rs9116_wlan.rps", 0x00000000},
36 	{"rsi/rs9116_wlan_bt_classic.rps", 0x00000000},
37 	{"rsi/pmemdata_dummy", 0x00000000},
38 	{"rsi/rs9116_wlan_bt_classic.rps", 0x00000000}
39 };
40 
rsi_send_pkt_to_bus(struct rsi_common * common,struct sk_buff * skb)41 int rsi_send_pkt_to_bus(struct rsi_common *common, struct sk_buff *skb)
42 {
43 	struct rsi_hw *adapter = common->priv;
44 	int status;
45 
46 	if (common->coex_mode > 1)
47 		mutex_lock(&common->tx_bus_mutex);
48 
49 	status = adapter->host_intf_ops->write_pkt(common->priv,
50 						   skb->data, skb->len);
51 
52 	if (common->coex_mode > 1)
53 		mutex_unlock(&common->tx_bus_mutex);
54 
55 	return status;
56 }
57 
rsi_prepare_mgmt_desc(struct rsi_common * common,struct sk_buff * skb)58 int rsi_prepare_mgmt_desc(struct rsi_common *common, struct sk_buff *skb)
59 {
60 	struct rsi_hw *adapter = common->priv;
61 	struct ieee80211_hdr *wh = NULL;
62 	struct ieee80211_tx_info *info;
63 	struct ieee80211_conf *conf = &adapter->hw->conf;
64 	struct ieee80211_vif *vif;
65 	struct rsi_mgmt_desc *mgmt_desc;
66 	struct skb_info *tx_params;
67 	struct rsi_xtended_desc *xtend_desc = NULL;
68 	u8 header_size;
69 	u32 dword_align_bytes = 0;
70 
71 	if (skb->len > MAX_MGMT_PKT_SIZE) {
72 		rsi_dbg(INFO_ZONE, "%s: Dropping mgmt pkt > 512\n", __func__);
73 		return -EINVAL;
74 	}
75 
76 	info = IEEE80211_SKB_CB(skb);
77 	tx_params = (struct skb_info *)info->driver_data;
78 	vif = tx_params->vif;
79 
80 	/* Update header size */
81 	header_size = FRAME_DESC_SZ + sizeof(struct rsi_xtended_desc);
82 	if (header_size > skb_headroom(skb)) {
83 		rsi_dbg(ERR_ZONE,
84 			"%s: Failed to add extended descriptor\n",
85 			__func__);
86 		return -ENOSPC;
87 	}
88 	skb_push(skb, header_size);
89 	dword_align_bytes = ((unsigned long)skb->data & 0x3f);
90 	if (dword_align_bytes > skb_headroom(skb)) {
91 		rsi_dbg(ERR_ZONE,
92 			"%s: Failed to add dword align\n", __func__);
93 		return -ENOSPC;
94 	}
95 	skb_push(skb, dword_align_bytes);
96 	header_size += dword_align_bytes;
97 
98 	tx_params->internal_hdr_size = header_size;
99 	memset(&skb->data[0], 0, header_size);
100 	wh = (struct ieee80211_hdr *)&skb->data[header_size];
101 
102 	mgmt_desc = (struct rsi_mgmt_desc *)skb->data;
103 	xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
104 
105 	rsi_set_len_qno(&mgmt_desc->len_qno, (skb->len - FRAME_DESC_SZ),
106 			RSI_WIFI_MGMT_Q);
107 	mgmt_desc->frame_type = TX_DOT11_MGMT;
108 	mgmt_desc->header_len = MIN_802_11_HDR_LEN;
109 	mgmt_desc->xtend_desc_size = header_size - FRAME_DESC_SZ;
110 
111 	if (ieee80211_is_probe_req(wh->frame_control))
112 		mgmt_desc->frame_info = cpu_to_le16(RSI_INSERT_SEQ_IN_FW);
113 	mgmt_desc->frame_info |= cpu_to_le16(RATE_INFO_ENABLE);
114 	if (is_broadcast_ether_addr(wh->addr1))
115 		mgmt_desc->frame_info |= cpu_to_le16(RSI_BROADCAST_PKT);
116 
117 	mgmt_desc->seq_ctrl =
118 		cpu_to_le16(IEEE80211_SEQ_TO_SN(le16_to_cpu(wh->seq_ctrl)));
119 	if ((common->band == NL80211_BAND_2GHZ) && !common->p2p_enabled)
120 		mgmt_desc->rate_info = cpu_to_le16(RSI_RATE_1);
121 	else
122 		mgmt_desc->rate_info = cpu_to_le16(RSI_RATE_6);
123 
124 	if (conf_is_ht40(conf))
125 		mgmt_desc->bbp_info = cpu_to_le16(FULL40M_ENABLE);
126 
127 	if (ieee80211_is_probe_resp(wh->frame_control)) {
128 		mgmt_desc->misc_flags |= (RSI_ADD_DELTA_TSF_VAP_ID |
129 					  RSI_FETCH_RETRY_CNT_FRM_HST);
130 #define PROBE_RESP_RETRY_CNT	3
131 		xtend_desc->retry_cnt = PROBE_RESP_RETRY_CNT;
132 	}
133 
134 	if (((vif->type == NL80211_IFTYPE_AP) ||
135 	     (vif->type == NL80211_IFTYPE_P2P_GO)) &&
136 	    (ieee80211_is_action(wh->frame_control))) {
137 		struct rsi_sta *rsta = rsi_find_sta(common, wh->addr1);
138 
139 		if (rsta)
140 			mgmt_desc->sta_id = tx_params->sta_id;
141 		else
142 			return -EINVAL;
143 	}
144 	mgmt_desc->rate_info |=
145 		cpu_to_le16((tx_params->vap_id << RSI_DESC_VAP_ID_OFST) &
146 			    RSI_DESC_VAP_ID_MASK);
147 
148 	return 0;
149 }
150 
151 /* This function prepares descriptor for given data packet */
rsi_prepare_data_desc(struct rsi_common * common,struct sk_buff * skb)152 int rsi_prepare_data_desc(struct rsi_common *common, struct sk_buff *skb)
153 {
154 	struct rsi_hw *adapter = common->priv;
155 	struct ieee80211_vif *vif;
156 	struct ieee80211_hdr *wh = NULL;
157 	struct ieee80211_tx_info *info;
158 	struct skb_info *tx_params;
159 	struct rsi_data_desc *data_desc;
160 	struct rsi_xtended_desc *xtend_desc;
161 	u8 ieee80211_size = MIN_802_11_HDR_LEN;
162 	u8 header_size;
163 	u8 vap_id = 0;
164 	u8 dword_align_bytes;
165 	u16 seq_num;
166 
167 	info = IEEE80211_SKB_CB(skb);
168 	vif = info->control.vif;
169 	tx_params = (struct skb_info *)info->driver_data;
170 
171 	header_size = FRAME_DESC_SZ + sizeof(struct rsi_xtended_desc);
172 	if (header_size > skb_headroom(skb)) {
173 		rsi_dbg(ERR_ZONE, "%s: Unable to send pkt\n", __func__);
174 		return -ENOSPC;
175 	}
176 	skb_push(skb, header_size);
177 	dword_align_bytes = ((unsigned long)skb->data & 0x3f);
178 	if (header_size > skb_headroom(skb)) {
179 		rsi_dbg(ERR_ZONE, "%s: Not enough headroom\n", __func__);
180 		return -ENOSPC;
181 	}
182 	skb_push(skb, dword_align_bytes);
183 	header_size += dword_align_bytes;
184 
185 	tx_params->internal_hdr_size = header_size;
186 	data_desc = (struct rsi_data_desc *)skb->data;
187 	memset(data_desc, 0, header_size);
188 
189 	xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
190 	wh = (struct ieee80211_hdr *)&skb->data[header_size];
191 	seq_num = IEEE80211_SEQ_TO_SN(le16_to_cpu(wh->seq_ctrl));
192 
193 	data_desc->xtend_desc_size = header_size - FRAME_DESC_SZ;
194 
195 	if (ieee80211_is_data_qos(wh->frame_control)) {
196 		ieee80211_size += 2;
197 		data_desc->mac_flags |= cpu_to_le16(RSI_QOS_ENABLE);
198 	}
199 
200 	if (((vif->type == NL80211_IFTYPE_STATION) ||
201 	     (vif->type == NL80211_IFTYPE_P2P_CLIENT)) &&
202 	    (adapter->ps_state == PS_ENABLED))
203 		wh->frame_control |= cpu_to_le16(RSI_SET_PS_ENABLE);
204 
205 	if ((!(info->flags & IEEE80211_TX_INTFL_DONT_ENCRYPT)) &&
206 	    tx_params->have_key) {
207 		if (rsi_is_cipher_wep(common))
208 			ieee80211_size += 4;
209 		else
210 			ieee80211_size += 8;
211 		data_desc->mac_flags |= cpu_to_le16(RSI_ENCRYPT_PKT);
212 	}
213 	rsi_set_len_qno(&data_desc->len_qno, (skb->len - FRAME_DESC_SZ),
214 			RSI_WIFI_DATA_Q);
215 	data_desc->header_len = ieee80211_size;
216 
217 	if (common->rate_config[common->band].fixed_enabled) {
218 		/* Send fixed rate */
219 		u16 fixed_rate = common->rate_config[common->band].fixed_hw_rate;
220 
221 		data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
222 		data_desc->rate_info = cpu_to_le16(fixed_rate);
223 
224 		if (conf_is_ht40(&common->priv->hw->conf))
225 			data_desc->bbp_info = cpu_to_le16(FULL40M_ENABLE);
226 
227 		if (common->vif_info[0].sgi && (fixed_rate & 0x100)) {
228 		       /* Only MCS rates */
229 			data_desc->rate_info |=
230 				cpu_to_le16(ENABLE_SHORTGI_RATE);
231 		}
232 	}
233 
234 	if (skb->protocol == cpu_to_be16(ETH_P_PAE)) {
235 		rsi_dbg(INFO_ZONE, "*** Tx EAPOL ***\n");
236 
237 		data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
238 		if (common->band == NL80211_BAND_5GHZ)
239 			data_desc->rate_info = cpu_to_le16(RSI_RATE_6);
240 		else
241 			data_desc->rate_info = cpu_to_le16(RSI_RATE_1);
242 		data_desc->mac_flags |= cpu_to_le16(RSI_REKEY_PURPOSE);
243 		data_desc->misc_flags |= RSI_FETCH_RETRY_CNT_FRM_HST;
244 #define EAPOL_RETRY_CNT 15
245 		xtend_desc->retry_cnt = EAPOL_RETRY_CNT;
246 
247 		if (common->eapol4_confirm)
248 			skb->priority = VO_Q;
249 		else
250 			rsi_set_len_qno(&data_desc->len_qno,
251 					(skb->len - FRAME_DESC_SZ),
252 					RSI_WIFI_MGMT_Q);
253 		if (((skb->len - header_size) == EAPOL4_PACKET_LEN) ||
254 		    ((skb->len - header_size) == EAPOL4_PACKET_LEN - 2)) {
255 			data_desc->misc_flags |=
256 				RSI_DESC_REQUIRE_CFM_TO_HOST;
257 			xtend_desc->confirm_frame_type = EAPOL4_CONFIRM;
258 		}
259 	}
260 
261 	data_desc->mac_flags |= cpu_to_le16(seq_num & 0xfff);
262 	data_desc->qid_tid = ((skb->priority & 0xf) |
263 			      ((tx_params->tid & 0xf) << 4));
264 	data_desc->sta_id = tx_params->sta_id;
265 
266 	if ((is_broadcast_ether_addr(wh->addr1)) ||
267 	    (is_multicast_ether_addr(wh->addr1))) {
268 		data_desc->frame_info = cpu_to_le16(RATE_INFO_ENABLE);
269 		data_desc->frame_info |= cpu_to_le16(RSI_BROADCAST_PKT);
270 		data_desc->sta_id = vap_id;
271 
272 		if ((vif->type == NL80211_IFTYPE_AP) ||
273 		    (vif->type == NL80211_IFTYPE_P2P_GO)) {
274 			if (common->band == NL80211_BAND_5GHZ)
275 				data_desc->rate_info = cpu_to_le16(RSI_RATE_6);
276 			else
277 				data_desc->rate_info = cpu_to_le16(RSI_RATE_1);
278 		}
279 	}
280 	if (((vif->type == NL80211_IFTYPE_AP) ||
281 	     (vif->type == NL80211_IFTYPE_P2P_GO)) &&
282 	    (ieee80211_has_moredata(wh->frame_control)))
283 		data_desc->frame_info |= cpu_to_le16(MORE_DATA_PRESENT);
284 
285 	data_desc->rate_info |=
286 		cpu_to_le16((tx_params->vap_id << RSI_DESC_VAP_ID_OFST) &
287 			    RSI_DESC_VAP_ID_MASK);
288 
289 	return 0;
290 }
291 
292 /* This function sends received data packet from driver to device */
rsi_send_data_pkt(struct rsi_common * common,struct sk_buff * skb)293 int rsi_send_data_pkt(struct rsi_common *common, struct sk_buff *skb)
294 {
295 	struct rsi_hw *adapter = common->priv;
296 	struct ieee80211_vif *vif;
297 	struct ieee80211_tx_info *info;
298 	struct ieee80211_bss_conf *bss;
299 	int status = -EINVAL;
300 
301 	if (!skb)
302 		return 0;
303 	if (common->iface_down)
304 		goto err;
305 
306 	info = IEEE80211_SKB_CB(skb);
307 	if (!info->control.vif)
308 		goto err;
309 	vif = info->control.vif;
310 	bss = &vif->bss_conf;
311 
312 	if (((vif->type == NL80211_IFTYPE_STATION) ||
313 	     (vif->type == NL80211_IFTYPE_P2P_CLIENT)) &&
314 	    (!bss->assoc))
315 		goto err;
316 
317 	status = rsi_send_pkt_to_bus(common, skb);
318 	if (status)
319 		rsi_dbg(ERR_ZONE, "%s: Failed to write pkt\n", __func__);
320 
321 err:
322 	++common->tx_stats.total_tx_pkt_freed[skb->priority];
323 	rsi_indicate_tx_status(adapter, skb, status);
324 	return status;
325 }
326 
327 /**
328  * rsi_send_mgmt_pkt() - This functions sends the received management packet
329  *			 from driver to device.
330  * @common: Pointer to the driver private structure.
331  * @skb: Pointer to the socket buffer structure.
332  *
333  * Return: status: 0 on success, -1 on failure.
334  */
rsi_send_mgmt_pkt(struct rsi_common * common,struct sk_buff * skb)335 int rsi_send_mgmt_pkt(struct rsi_common *common,
336 		      struct sk_buff *skb)
337 {
338 	struct rsi_hw *adapter = common->priv;
339 	struct ieee80211_bss_conf *bss;
340 	struct ieee80211_hdr *wh;
341 	struct ieee80211_tx_info *info;
342 	struct skb_info *tx_params;
343 	struct rsi_mgmt_desc *mgmt_desc;
344 	struct rsi_xtended_desc *xtend_desc;
345 	int status = -E2BIG;
346 	u8 header_size;
347 
348 	info = IEEE80211_SKB_CB(skb);
349 	tx_params = (struct skb_info *)info->driver_data;
350 	header_size = tx_params->internal_hdr_size;
351 
352 	if (tx_params->flags & INTERNAL_MGMT_PKT) {
353 		status = adapter->host_intf_ops->write_pkt(common->priv,
354 							   (u8 *)skb->data,
355 							   skb->len);
356 		if (status) {
357 			rsi_dbg(ERR_ZONE,
358 				"%s: Failed to write the packet\n", __func__);
359 		}
360 		dev_kfree_skb(skb);
361 		return status;
362 	}
363 
364 	bss = &info->control.vif->bss_conf;
365 	wh = (struct ieee80211_hdr *)&skb->data[header_size];
366 	mgmt_desc = (struct rsi_mgmt_desc *)skb->data;
367 	xtend_desc = (struct rsi_xtended_desc *)&skb->data[FRAME_DESC_SZ];
368 
369 	/* Indicate to firmware to give cfm for probe */
370 	if (ieee80211_is_probe_req(wh->frame_control) && !bss->assoc) {
371 		rsi_dbg(INFO_ZONE,
372 			"%s: blocking mgmt queue\n", __func__);
373 		mgmt_desc->misc_flags = RSI_DESC_REQUIRE_CFM_TO_HOST;
374 		xtend_desc->confirm_frame_type = PROBEREQ_CONFIRM;
375 		common->mgmt_q_block = true;
376 		rsi_dbg(INFO_ZONE, "Mgmt queue blocked\n");
377 	}
378 
379 	status = rsi_send_pkt_to_bus(common, skb);
380 	if (status)
381 		rsi_dbg(ERR_ZONE, "%s: Failed to write the packet\n", __func__);
382 
383 	rsi_indicate_tx_status(common->priv, skb, status);
384 	return status;
385 }
386 
rsi_send_bt_pkt(struct rsi_common * common,struct sk_buff * skb)387 int rsi_send_bt_pkt(struct rsi_common *common, struct sk_buff *skb)
388 {
389 	int status = -EINVAL;
390 	u8 header_size = 0;
391 	struct rsi_bt_desc *bt_desc;
392 	u8 queueno = ((skb->data[1] >> 4) & 0xf);
393 
394 	if (queueno == RSI_BT_MGMT_Q) {
395 		status = rsi_send_pkt_to_bus(common, skb);
396 		if (status)
397 			rsi_dbg(ERR_ZONE, "%s: Failed to write bt mgmt pkt\n",
398 				__func__);
399 		goto out;
400 	}
401 	header_size = FRAME_DESC_SZ;
402 	if (header_size > skb_headroom(skb)) {
403 		rsi_dbg(ERR_ZONE, "%s: Not enough headroom\n", __func__);
404 		status = -ENOSPC;
405 		goto out;
406 	}
407 	skb_push(skb, header_size);
408 	memset(skb->data, 0, header_size);
409 	bt_desc = (struct rsi_bt_desc *)skb->data;
410 
411 	rsi_set_len_qno(&bt_desc->len_qno, (skb->len - FRAME_DESC_SZ),
412 			RSI_BT_DATA_Q);
413 	bt_desc->bt_pkt_type = cpu_to_le16(bt_cb(skb)->pkt_type);
414 
415 	status = rsi_send_pkt_to_bus(common, skb);
416 	if (status)
417 		rsi_dbg(ERR_ZONE, "%s: Failed to write bt pkt\n", __func__);
418 
419 out:
420 	dev_kfree_skb(skb);
421 	return status;
422 }
423 
rsi_prepare_beacon(struct rsi_common * common,struct sk_buff * skb)424 int rsi_prepare_beacon(struct rsi_common *common, struct sk_buff *skb)
425 {
426 	struct rsi_hw *adapter = (struct rsi_hw *)common->priv;
427 	struct rsi_data_desc *bcn_frm;
428 	struct ieee80211_hw *hw = common->priv->hw;
429 	struct ieee80211_conf *conf = &hw->conf;
430 	struct ieee80211_vif *vif;
431 	struct sk_buff *mac_bcn;
432 	u8 vap_id = 0, i;
433 	u16 tim_offset = 0;
434 
435 	for (i = 0; i < RSI_MAX_VIFS; i++) {
436 		vif = adapter->vifs[i];
437 		if (!vif)
438 			continue;
439 		if ((vif->type == NL80211_IFTYPE_AP) ||
440 		    (vif->type == NL80211_IFTYPE_P2P_GO))
441 			break;
442 	}
443 	if (!vif)
444 		return -EINVAL;
445 	mac_bcn = ieee80211_beacon_get_tim(adapter->hw,
446 					   vif,
447 					   &tim_offset, NULL);
448 	if (!mac_bcn) {
449 		rsi_dbg(ERR_ZONE, "Failed to get beacon from mac80211\n");
450 		return -EINVAL;
451 	}
452 
453 	common->beacon_cnt++;
454 	bcn_frm = (struct rsi_data_desc *)skb->data;
455 	rsi_set_len_qno(&bcn_frm->len_qno, mac_bcn->len, RSI_WIFI_DATA_Q);
456 	bcn_frm->header_len = MIN_802_11_HDR_LEN;
457 	bcn_frm->frame_info = cpu_to_le16(RSI_DATA_DESC_MAC_BBP_INFO |
458 					  RSI_DATA_DESC_NO_ACK_IND |
459 					  RSI_DATA_DESC_BEACON_FRAME |
460 					  RSI_DATA_DESC_INSERT_TSF |
461 					  RSI_DATA_DESC_INSERT_SEQ_NO |
462 					  RATE_INFO_ENABLE);
463 	bcn_frm->rate_info = cpu_to_le16(vap_id << 14);
464 	bcn_frm->qid_tid = BEACON_HW_Q;
465 
466 	if (conf_is_ht40_plus(conf)) {
467 		bcn_frm->bbp_info = cpu_to_le16(LOWER_20_ENABLE);
468 		bcn_frm->bbp_info |= cpu_to_le16(LOWER_20_ENABLE >> 12);
469 	} else if (conf_is_ht40_minus(conf)) {
470 		bcn_frm->bbp_info = cpu_to_le16(UPPER_20_ENABLE);
471 		bcn_frm->bbp_info |= cpu_to_le16(UPPER_20_ENABLE >> 12);
472 	}
473 
474 	if (common->band == NL80211_BAND_2GHZ)
475 		bcn_frm->rate_info |= cpu_to_le16(RSI_RATE_1);
476 	else
477 		bcn_frm->rate_info |= cpu_to_le16(RSI_RATE_6);
478 
479 	if (mac_bcn->data[tim_offset + 2] == 0)
480 		bcn_frm->frame_info |= cpu_to_le16(RSI_DATA_DESC_DTIM_BEACON);
481 
482 	memcpy(&skb->data[FRAME_DESC_SZ], mac_bcn->data, mac_bcn->len);
483 	skb_put(skb, mac_bcn->len + FRAME_DESC_SZ);
484 
485 	dev_kfree_skb(mac_bcn);
486 
487 	return 0;
488 }
489 
bl_cmd_timeout(struct timer_list * t)490 static void bl_cmd_timeout(struct timer_list *t)
491 {
492 	struct rsi_hw *adapter = from_timer(adapter, t, bl_cmd_timer);
493 
494 	adapter->blcmd_timer_expired = true;
495 	del_timer(&adapter->bl_cmd_timer);
496 }
497 
bl_start_cmd_timer(struct rsi_hw * adapter,u32 timeout)498 static int bl_start_cmd_timer(struct rsi_hw *adapter, u32 timeout)
499 {
500 	timer_setup(&adapter->bl_cmd_timer, bl_cmd_timeout, 0);
501 	adapter->bl_cmd_timer.expires = (msecs_to_jiffies(timeout) + jiffies);
502 
503 	adapter->blcmd_timer_expired = false;
504 	add_timer(&adapter->bl_cmd_timer);
505 
506 	return 0;
507 }
508 
bl_stop_cmd_timer(struct rsi_hw * adapter)509 static int bl_stop_cmd_timer(struct rsi_hw *adapter)
510 {
511 	adapter->blcmd_timer_expired = false;
512 	if (timer_pending(&adapter->bl_cmd_timer))
513 		del_timer(&adapter->bl_cmd_timer);
514 
515 	return 0;
516 }
517 
bl_write_cmd(struct rsi_hw * adapter,u8 cmd,u8 exp_resp,u16 * cmd_resp)518 static int bl_write_cmd(struct rsi_hw *adapter, u8 cmd, u8 exp_resp,
519 			u16 *cmd_resp)
520 {
521 	struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
522 	u32 regin_val = 0, regout_val = 0;
523 	u32 regin_input = 0;
524 	u8 output = 0;
525 	int status;
526 
527 	regin_input = (REGIN_INPUT | adapter->priv->coex_mode);
528 
529 	while (!adapter->blcmd_timer_expired) {
530 		regin_val = 0;
531 		status = hif_ops->master_reg_read(adapter, SWBL_REGIN,
532 						  &regin_val, 2);
533 		if (status < 0) {
534 			rsi_dbg(ERR_ZONE,
535 				"%s: Command %0x REGIN reading failed..\n",
536 				__func__, cmd);
537 			return status;
538 		}
539 		mdelay(1);
540 		if ((regin_val >> 12) != REGIN_VALID)
541 			break;
542 	}
543 	if (adapter->blcmd_timer_expired) {
544 		rsi_dbg(ERR_ZONE,
545 			"%s: Command %0x REGIN reading timed out..\n",
546 			__func__, cmd);
547 		return -ETIMEDOUT;
548 	}
549 
550 	rsi_dbg(INFO_ZONE,
551 		"Issuing write to Regin val:%0x sending cmd:%0x\n",
552 		regin_val, (cmd | regin_input << 8));
553 	status = hif_ops->master_reg_write(adapter, SWBL_REGIN,
554 					   (cmd | regin_input << 8), 2);
555 	if (status < 0)
556 		return status;
557 	mdelay(1);
558 
559 	if (cmd == LOAD_HOSTED_FW || cmd == JUMP_TO_ZERO_PC) {
560 		/* JUMP_TO_ZERO_PC doesn't expect
561 		 * any response. So return from here
562 		 */
563 		return 0;
564 	}
565 
566 	while (!adapter->blcmd_timer_expired) {
567 		regout_val = 0;
568 		status = hif_ops->master_reg_read(adapter, SWBL_REGOUT,
569 					     &regout_val, 2);
570 		if (status < 0) {
571 			rsi_dbg(ERR_ZONE,
572 				"%s: Command %0x REGOUT reading failed..\n",
573 				__func__, cmd);
574 			return status;
575 		}
576 		mdelay(1);
577 		if ((regout_val >> 8) == REGOUT_VALID)
578 			break;
579 	}
580 	if (adapter->blcmd_timer_expired) {
581 		rsi_dbg(ERR_ZONE,
582 			"%s: Command %0x REGOUT reading timed out..\n",
583 			__func__, cmd);
584 		return status;
585 	}
586 
587 	*cmd_resp = ((u16 *)&regout_val)[0] & 0xffff;
588 
589 	output = ((u8 *)&regout_val)[0] & 0xff;
590 
591 	status = hif_ops->master_reg_write(adapter, SWBL_REGOUT,
592 					   (cmd | REGOUT_INVALID << 8), 2);
593 	if (status < 0) {
594 		rsi_dbg(ERR_ZONE,
595 			"%s: Command %0x REGOUT writing failed..\n",
596 			__func__, cmd);
597 		return status;
598 	}
599 	mdelay(1);
600 
601 	if (output != exp_resp) {
602 		rsi_dbg(ERR_ZONE,
603 			"%s: Recvd resp %x for cmd %0x\n",
604 			__func__, output, cmd);
605 		return -EINVAL;
606 	}
607 	rsi_dbg(INFO_ZONE,
608 		"%s: Recvd Expected resp %x for cmd %0x\n",
609 		__func__, output, cmd);
610 
611 	return 0;
612 }
613 
bl_cmd(struct rsi_hw * adapter,u8 cmd,u8 exp_resp,char * str)614 static int bl_cmd(struct rsi_hw *adapter, u8 cmd, u8 exp_resp, char *str)
615 {
616 	u16 regout_val = 0;
617 	u32 timeout;
618 	int status;
619 
620 	if ((cmd == EOF_REACHED) || (cmd == PING_VALID) || (cmd == PONG_VALID))
621 		timeout = BL_BURN_TIMEOUT;
622 	else
623 		timeout = BL_CMD_TIMEOUT;
624 
625 	bl_start_cmd_timer(adapter, timeout);
626 	status = bl_write_cmd(adapter, cmd, exp_resp, &regout_val);
627 	if (status < 0) {
628 		bl_stop_cmd_timer(adapter);
629 		rsi_dbg(ERR_ZONE,
630 			"%s: Command %s (%0x) writing failed..\n",
631 			__func__, str, cmd);
632 		return status;
633 	}
634 	bl_stop_cmd_timer(adapter);
635 	return 0;
636 }
637 
638 #define CHECK_SUM_OFFSET 20
639 #define LEN_OFFSET 8
640 #define ADDR_OFFSET 16
bl_write_header(struct rsi_hw * adapter,u8 * flash_content,u32 content_size)641 static int bl_write_header(struct rsi_hw *adapter, u8 *flash_content,
642 			   u32 content_size)
643 {
644 	struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
645 	struct bl_header *bl_hdr;
646 	u32 write_addr, write_len;
647 	int status;
648 
649 	bl_hdr = kzalloc(sizeof(*bl_hdr), GFP_KERNEL);
650 	if (!bl_hdr)
651 		return -ENOMEM;
652 
653 	bl_hdr->flags = 0;
654 	bl_hdr->image_no = cpu_to_le32(adapter->priv->coex_mode);
655 	bl_hdr->check_sum =
656 		cpu_to_le32(*(u32 *)&flash_content[CHECK_SUM_OFFSET]);
657 	bl_hdr->flash_start_address =
658 		cpu_to_le32(*(u32 *)&flash_content[ADDR_OFFSET]);
659 	bl_hdr->flash_len = cpu_to_le32(*(u32 *)&flash_content[LEN_OFFSET]);
660 	write_len = sizeof(struct bl_header);
661 
662 	if (adapter->rsi_host_intf == RSI_HOST_INTF_USB) {
663 		write_addr = PING_BUFFER_ADDRESS;
664 		status = hif_ops->write_reg_multiple(adapter, write_addr,
665 						 (u8 *)bl_hdr, write_len);
666 		if (status < 0) {
667 			rsi_dbg(ERR_ZONE,
668 				"%s: Failed to load Version/CRC structure\n",
669 				__func__);
670 			goto fail;
671 		}
672 	} else {
673 		write_addr = PING_BUFFER_ADDRESS >> 16;
674 		status = hif_ops->master_access_msword(adapter, write_addr);
675 		if (status < 0) {
676 			rsi_dbg(ERR_ZONE,
677 				"%s: Unable to set ms word to common reg\n",
678 				__func__);
679 			goto fail;
680 		}
681 		write_addr = RSI_SD_REQUEST_MASTER |
682 			     (PING_BUFFER_ADDRESS & 0xFFFF);
683 		status = hif_ops->write_reg_multiple(adapter, write_addr,
684 						 (u8 *)bl_hdr, write_len);
685 		if (status < 0) {
686 			rsi_dbg(ERR_ZONE,
687 				"%s: Failed to load Version/CRC structure\n",
688 				__func__);
689 			goto fail;
690 		}
691 	}
692 	status = 0;
693 fail:
694 	kfree(bl_hdr);
695 	return status;
696 }
697 
read_flash_capacity(struct rsi_hw * adapter)698 static u32 read_flash_capacity(struct rsi_hw *adapter)
699 {
700 	u32 flash_sz = 0;
701 
702 	if ((adapter->host_intf_ops->master_reg_read(adapter, FLASH_SIZE_ADDR,
703 						     &flash_sz, 2)) < 0) {
704 		rsi_dbg(ERR_ZONE,
705 			"%s: Flash size reading failed..\n",
706 			__func__);
707 		return 0;
708 	}
709 	rsi_dbg(INIT_ZONE, "Flash capacity: %d KiloBytes\n", flash_sz);
710 
711 	return (flash_sz * 1024); /* Return size in kbytes */
712 }
713 
ping_pong_write(struct rsi_hw * adapter,u8 cmd,u8 * addr,u32 size)714 static int ping_pong_write(struct rsi_hw *adapter, u8 cmd, u8 *addr, u32 size)
715 {
716 	struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
717 	u32 block_size = adapter->block_size;
718 	u32 cmd_addr;
719 	u16 cmd_resp, cmd_req;
720 	u8 *str;
721 	int status;
722 
723 	if (cmd == PING_WRITE) {
724 		cmd_addr = PING_BUFFER_ADDRESS;
725 		cmd_resp = PONG_AVAIL;
726 		cmd_req = PING_VALID;
727 		str = "PING_VALID";
728 	} else {
729 		cmd_addr = PONG_BUFFER_ADDRESS;
730 		cmd_resp = PING_AVAIL;
731 		cmd_req = PONG_VALID;
732 		str = "PONG_VALID";
733 	}
734 
735 	status = hif_ops->load_data_master_write(adapter, cmd_addr, size,
736 					    block_size, addr);
737 	if (status) {
738 		rsi_dbg(ERR_ZONE, "%s: Unable to write blk at addr %0x\n",
739 			__func__, *addr);
740 		return status;
741 	}
742 
743 	status = bl_cmd(adapter, cmd_req, cmd_resp, str);
744 	if (status)
745 		return status;
746 
747 	return 0;
748 }
749 
auto_fw_upgrade(struct rsi_hw * adapter,u8 * flash_content,u32 content_size)750 static int auto_fw_upgrade(struct rsi_hw *adapter, u8 *flash_content,
751 			   u32 content_size)
752 {
753 	u8 cmd;
754 	u32 temp_content_size, num_flash, index;
755 	u32 flash_start_address;
756 	int status;
757 
758 	if (content_size > MAX_FLASH_FILE_SIZE) {
759 		rsi_dbg(ERR_ZONE,
760 			"%s: Flash Content size is more than 400K %u\n",
761 			__func__, MAX_FLASH_FILE_SIZE);
762 		return -EINVAL;
763 	}
764 
765 	flash_start_address = *(u32 *)&flash_content[FLASH_START_ADDRESS];
766 	rsi_dbg(INFO_ZONE, "flash start address: %08x\n", flash_start_address);
767 
768 	if (flash_start_address < FW_IMAGE_MIN_ADDRESS) {
769 		rsi_dbg(ERR_ZONE,
770 			"%s: Fw image Flash Start Address is less than 64K\n",
771 			__func__);
772 		return -EINVAL;
773 	}
774 
775 	if (flash_start_address % FLASH_SECTOR_SIZE) {
776 		rsi_dbg(ERR_ZONE,
777 			"%s: Flash Start Address is not multiple of 4K\n",
778 			__func__);
779 		return -EINVAL;
780 	}
781 
782 	if ((flash_start_address + content_size) > adapter->flash_capacity) {
783 		rsi_dbg(ERR_ZONE,
784 			"%s: Flash Content will cross max flash size\n",
785 			__func__);
786 		return -EINVAL;
787 	}
788 
789 	temp_content_size  = content_size;
790 	num_flash = content_size / FLASH_WRITE_CHUNK_SIZE;
791 
792 	rsi_dbg(INFO_ZONE, "content_size: %d, num_flash: %d\n",
793 		content_size, num_flash);
794 
795 	for (index = 0; index <= num_flash; index++) {
796 		rsi_dbg(INFO_ZONE, "flash index: %d\n", index);
797 		if (index != num_flash) {
798 			content_size = FLASH_WRITE_CHUNK_SIZE;
799 			rsi_dbg(INFO_ZONE, "QSPI content_size:%d\n",
800 				content_size);
801 		} else {
802 			content_size =
803 				temp_content_size % FLASH_WRITE_CHUNK_SIZE;
804 			rsi_dbg(INFO_ZONE,
805 				"Writing last sector content_size:%d\n",
806 				content_size);
807 			if (!content_size) {
808 				rsi_dbg(INFO_ZONE, "instruction size zero\n");
809 				break;
810 			}
811 		}
812 
813 		if (index % 2)
814 			cmd = PING_WRITE;
815 		else
816 			cmd = PONG_WRITE;
817 
818 		status = ping_pong_write(adapter, cmd, flash_content,
819 					 content_size);
820 		if (status) {
821 			rsi_dbg(ERR_ZONE, "%s: Unable to load %d block\n",
822 				__func__, index);
823 			return status;
824 		}
825 
826 		rsi_dbg(INFO_ZONE,
827 			"%s: Successfully loaded %d instructions\n",
828 			__func__, index);
829 		flash_content += content_size;
830 	}
831 
832 	status = bl_cmd(adapter, EOF_REACHED, FW_LOADING_SUCCESSFUL,
833 			"EOF_REACHED");
834 	if (status)
835 		return status;
836 
837 	rsi_dbg(INFO_ZONE, "FW loading is done and FW is running..\n");
838 	return 0;
839 }
840 
rsi_hal_prepare_fwload(struct rsi_hw * adapter)841 static int rsi_hal_prepare_fwload(struct rsi_hw *adapter)
842 {
843 	struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
844 	u32 regout_val = 0;
845 	int status;
846 
847 	bl_start_cmd_timer(adapter, BL_CMD_TIMEOUT);
848 
849 	while (!adapter->blcmd_timer_expired) {
850 		status = hif_ops->master_reg_read(adapter, SWBL_REGOUT,
851 						  &regout_val,
852 						  RSI_COMMON_REG_SIZE);
853 		if (status < 0) {
854 			bl_stop_cmd_timer(adapter);
855 			rsi_dbg(ERR_ZONE,
856 				"%s: REGOUT read failed\n", __func__);
857 			return status;
858 		}
859 		mdelay(1);
860 		if ((regout_val >> 8) == REGOUT_VALID)
861 			break;
862 	}
863 	if (adapter->blcmd_timer_expired) {
864 		rsi_dbg(ERR_ZONE, "%s: REGOUT read timedout\n", __func__);
865 		rsi_dbg(ERR_ZONE,
866 			"%s: Soft boot loader not present\n", __func__);
867 		return -ETIMEDOUT;
868 	}
869 	bl_stop_cmd_timer(adapter);
870 
871 	rsi_dbg(INFO_ZONE, "Received Board Version Number: %x\n",
872 		(regout_val & 0xff));
873 
874 	status = hif_ops->master_reg_write(adapter, SWBL_REGOUT,
875 					   (REGOUT_INVALID |
876 					    REGOUT_INVALID << 8),
877 					   RSI_COMMON_REG_SIZE);
878 	if (status < 0)
879 		rsi_dbg(ERR_ZONE, "%s: REGOUT writing failed..\n", __func__);
880 	else
881 		rsi_dbg(INFO_ZONE,
882 			"===> Device is ready to load firmware <===\n");
883 
884 	return status;
885 }
886 
rsi_load_9113_firmware(struct rsi_hw * adapter)887 static int rsi_load_9113_firmware(struct rsi_hw *adapter)
888 {
889 	struct rsi_common *common = adapter->priv;
890 	const struct firmware *fw_entry = NULL;
891 	u32 content_size;
892 	u16 tmp_regout_val = 0;
893 	struct ta_metadata *metadata_p;
894 	int status;
895 
896 	status = bl_cmd(adapter, CONFIG_AUTO_READ_MODE, CMD_PASS,
897 			"AUTO_READ_CMD");
898 	if (status < 0)
899 		return status;
900 
901 	adapter->flash_capacity = read_flash_capacity(adapter);
902 	if (adapter->flash_capacity <= 0) {
903 		rsi_dbg(ERR_ZONE,
904 			"%s: Unable to read flash size from EEPROM\n",
905 			__func__);
906 		return -EINVAL;
907 	}
908 
909 	metadata_p = &metadata_flash_content[adapter->priv->coex_mode];
910 
911 	rsi_dbg(INIT_ZONE, "%s: Loading file %s\n", __func__, metadata_p->name);
912 	adapter->fw_file_name = metadata_p->name;
913 
914 	status = request_firmware(&fw_entry, metadata_p->name, adapter->device);
915 	if (status < 0) {
916 		rsi_dbg(ERR_ZONE, "%s: Failed to open file %s\n",
917 			__func__, metadata_p->name);
918 		return status;
919 	}
920 	content_size = fw_entry->size;
921 	rsi_dbg(INFO_ZONE, "FW Length = %d bytes\n", content_size);
922 
923 	/* Get the firmware version */
924 	common->lmac_ver.ver.info.fw_ver[0] =
925 		fw_entry->data[LMAC_VER_OFFSET_9113] & 0xFF;
926 	common->lmac_ver.ver.info.fw_ver[1] =
927 		fw_entry->data[LMAC_VER_OFFSET_9113 + 1] & 0xFF;
928 	common->lmac_ver.major =
929 		fw_entry->data[LMAC_VER_OFFSET_9113 + 2] & 0xFF;
930 	common->lmac_ver.release_num =
931 		fw_entry->data[LMAC_VER_OFFSET_9113 + 3] & 0xFF;
932 	common->lmac_ver.minor =
933 		fw_entry->data[LMAC_VER_OFFSET_9113 + 4] & 0xFF;
934 	common->lmac_ver.patch_num = 0;
935 	rsi_print_version(common);
936 
937 	status = bl_write_header(adapter, (u8 *)fw_entry->data, content_size);
938 	if (status) {
939 		rsi_dbg(ERR_ZONE,
940 			"%s: RPS Image header loading failed\n",
941 			__func__);
942 		goto fail;
943 	}
944 
945 	bl_start_cmd_timer(adapter, BL_CMD_TIMEOUT);
946 	status = bl_write_cmd(adapter, CHECK_CRC, CMD_PASS, &tmp_regout_val);
947 	if (status) {
948 		bl_stop_cmd_timer(adapter);
949 		rsi_dbg(ERR_ZONE,
950 			"%s: CHECK_CRC Command writing failed..\n",
951 			__func__);
952 		if ((tmp_regout_val & 0xff) == CMD_FAIL) {
953 			rsi_dbg(ERR_ZONE,
954 				"CRC Fail.. Proceeding to Upgrade mode\n");
955 			goto fw_upgrade;
956 		}
957 	}
958 	bl_stop_cmd_timer(adapter);
959 
960 	status = bl_cmd(adapter, POLLING_MODE, CMD_PASS, "POLLING_MODE");
961 	if (status)
962 		goto fail;
963 
964 load_image_cmd:
965 	status = bl_cmd(adapter, LOAD_HOSTED_FW, LOADING_INITIATED,
966 			"LOAD_HOSTED_FW");
967 	if (status)
968 		goto fail;
969 	rsi_dbg(INFO_ZONE, "Load Image command passed..\n");
970 	goto success;
971 
972 fw_upgrade:
973 	status = bl_cmd(adapter, BURN_HOSTED_FW, SEND_RPS_FILE, "FW_UPGRADE");
974 	if (status)
975 		goto fail;
976 
977 	rsi_dbg(INFO_ZONE, "Burn Command Pass.. Upgrading the firmware\n");
978 
979 	status = auto_fw_upgrade(adapter, (u8 *)fw_entry->data, content_size);
980 	if (status == 0) {
981 		rsi_dbg(ERR_ZONE, "Firmware upgradation Done\n");
982 		goto load_image_cmd;
983 	}
984 	rsi_dbg(ERR_ZONE, "Firmware upgrade failed\n");
985 
986 	status = bl_cmd(adapter, CONFIG_AUTO_READ_MODE, CMD_PASS,
987 			"AUTO_READ_MODE");
988 	if (status)
989 		goto fail;
990 
991 success:
992 	rsi_dbg(ERR_ZONE, "***** Firmware Loading successful *****\n");
993 	release_firmware(fw_entry);
994 	return 0;
995 
996 fail:
997 	rsi_dbg(ERR_ZONE, "##### Firmware loading failed #####\n");
998 	release_firmware(fw_entry);
999 	return status;
1000 }
1001 
rsi_load_9116_firmware(struct rsi_hw * adapter)1002 static int rsi_load_9116_firmware(struct rsi_hw *adapter)
1003 {
1004 	struct rsi_common *common = adapter->priv;
1005 	struct rsi_host_intf_ops *hif_ops = adapter->host_intf_ops;
1006 	const struct firmware *fw_entry;
1007 	struct ta_metadata *metadata_p;
1008 	u8 *ta_firmware, *fw_p;
1009 	struct bootload_ds bootload_ds;
1010 	u32 instructions_sz, base_address;
1011 	u16 block_size = adapter->block_size;
1012 	u32 dest, len;
1013 	int status, cnt;
1014 
1015 	rsi_dbg(INIT_ZONE, "***** Load 9116 TA Instructions *****\n");
1016 
1017 	if (adapter->rsi_host_intf == RSI_HOST_INTF_USB) {
1018 		status = bl_cmd(adapter, POLLING_MODE, CMD_PASS,
1019 				"POLLING_MODE");
1020 		if (status < 0)
1021 			return status;
1022 	}
1023 
1024 	status = hif_ops->master_reg_write(adapter, MEM_ACCESS_CTRL_FROM_HOST,
1025 					   RAM_384K_ACCESS_FROM_TA,
1026 					   RSI_9116_REG_SIZE);
1027 	if (status < 0) {
1028 		rsi_dbg(ERR_ZONE, "%s: Unable to access full RAM memory\n",
1029 			__func__);
1030 		return status;
1031 	}
1032 
1033 	metadata_p = &metadata[adapter->priv->coex_mode];
1034 	rsi_dbg(INIT_ZONE, "%s: loading file %s\n", __func__, metadata_p->name);
1035 	status = request_firmware(&fw_entry, metadata_p->name, adapter->device);
1036 	if (status < 0) {
1037 		rsi_dbg(ERR_ZONE, "%s: Failed to open file %s\n",
1038 			__func__, metadata_p->name);
1039 		return status;
1040 	}
1041 
1042 	ta_firmware = kmemdup(fw_entry->data, fw_entry->size, GFP_KERNEL);
1043 	if (!ta_firmware) {
1044 		status = -ENOMEM;
1045 		goto fail_release_fw;
1046 	}
1047 	fw_p = ta_firmware;
1048 	instructions_sz = fw_entry->size;
1049 	rsi_dbg(INFO_ZONE, "FW Length = %d bytes\n", instructions_sz);
1050 
1051 	common->lmac_ver.major = ta_firmware[LMAC_VER_OFFSET_9116];
1052 	common->lmac_ver.minor = ta_firmware[LMAC_VER_OFFSET_9116 + 1];
1053 	common->lmac_ver.release_num = ta_firmware[LMAC_VER_OFFSET_9116 + 2];
1054 	common->lmac_ver.patch_num = ta_firmware[LMAC_VER_OFFSET_9116 + 3];
1055 	common->lmac_ver.ver.info.fw_ver[0] =
1056 		ta_firmware[LMAC_VER_OFFSET_9116 + 4];
1057 
1058 	if (instructions_sz % FW_ALIGN_SIZE)
1059 		instructions_sz +=
1060 			(FW_ALIGN_SIZE - (instructions_sz % FW_ALIGN_SIZE));
1061 	rsi_dbg(INFO_ZONE, "instructions_sz : %d\n", instructions_sz);
1062 
1063 	if (*(u16 *)fw_p == RSI_9116_FW_MAGIC_WORD) {
1064 		memcpy(&bootload_ds, fw_p, sizeof(struct bootload_ds));
1065 		fw_p += le16_to_cpu(bootload_ds.offset);
1066 		rsi_dbg(INFO_ZONE, "FW start = %x\n", *(u32 *)fw_p);
1067 
1068 		cnt = 0;
1069 		do {
1070 			rsi_dbg(ERR_ZONE, "%s: Loading chunk %d\n",
1071 				__func__, cnt);
1072 
1073 			dest = le32_to_cpu(bootload_ds.bl_entry[cnt].dst_addr);
1074 			len = le32_to_cpu(bootload_ds.bl_entry[cnt].control) &
1075 			      RSI_BL_CTRL_LEN_MASK;
1076 			rsi_dbg(INFO_ZONE, "length %d destination %x\n",
1077 				len, dest);
1078 
1079 			status = hif_ops->load_data_master_write(adapter, dest,
1080 								 len,
1081 								 block_size,
1082 								 fw_p);
1083 			if (status < 0) {
1084 				rsi_dbg(ERR_ZONE,
1085 					"Failed to load chunk %d\n", cnt);
1086 				break;
1087 			}
1088 			fw_p += len;
1089 			if (le32_to_cpu(bootload_ds.bl_entry[cnt].control) &
1090 			    RSI_BL_CTRL_LAST_ENTRY)
1091 				break;
1092 			cnt++;
1093 		} while (1);
1094 	} else {
1095 		base_address = metadata_p->address;
1096 		status = hif_ops->load_data_master_write(adapter,
1097 							 base_address,
1098 							 instructions_sz,
1099 							 block_size,
1100 							 ta_firmware);
1101 	}
1102 	if (status) {
1103 		rsi_dbg(ERR_ZONE,
1104 			"%s: Unable to load %s blk\n",
1105 			__func__, metadata_p->name);
1106 		goto fail_free_fw;
1107 	}
1108 
1109 	rsi_dbg(INIT_ZONE, "%s: Successfully loaded %s instructions\n",
1110 		__func__, metadata_p->name);
1111 
1112 	if (adapter->rsi_host_intf == RSI_HOST_INTF_SDIO) {
1113 		if (hif_ops->ta_reset(adapter))
1114 			rsi_dbg(ERR_ZONE, "Unable to put ta in reset\n");
1115 	} else {
1116 		if (bl_cmd(adapter, JUMP_TO_ZERO_PC,
1117 			   CMD_PASS, "JUMP_TO_ZERO") < 0)
1118 			rsi_dbg(INFO_ZONE, "Jump to zero command failed\n");
1119 		else
1120 			rsi_dbg(INFO_ZONE, "Jump to zero command successful\n");
1121 	}
1122 
1123 fail_free_fw:
1124 	kfree(ta_firmware);
1125 fail_release_fw:
1126 	release_firmware(fw_entry);
1127 
1128 	return status;
1129 }
1130 
rsi_hal_device_init(struct rsi_hw * adapter)1131 int rsi_hal_device_init(struct rsi_hw *adapter)
1132 {
1133 	struct rsi_common *common = adapter->priv;
1134 	int status;
1135 
1136 	switch (adapter->device_model) {
1137 	case RSI_DEV_9113:
1138 		status = rsi_hal_prepare_fwload(adapter);
1139 		if (status < 0)
1140 			return status;
1141 		if (rsi_load_9113_firmware(adapter)) {
1142 			rsi_dbg(ERR_ZONE,
1143 				"%s: Failed to load TA instructions\n",
1144 				__func__);
1145 			return -EINVAL;
1146 		}
1147 		break;
1148 	case RSI_DEV_9116:
1149 		status = rsi_hal_prepare_fwload(adapter);
1150 		if (status < 0)
1151 			return status;
1152 		if (rsi_load_9116_firmware(adapter)) {
1153 			rsi_dbg(ERR_ZONE,
1154 				"%s: Failed to load firmware to 9116 device\n",
1155 				__func__);
1156 			return -EINVAL;
1157 		}
1158 		break;
1159 	default:
1160 		return -EINVAL;
1161 	}
1162 	common->fsm_state = FSM_CARD_NOT_READY;
1163 
1164 	return 0;
1165 }
1166 EXPORT_SYMBOL_GPL(rsi_hal_device_init);
1167 
1168