1 // SPDX-License-Identifier: GPL-2.0 OR BSD-3-Clause
2 /* Copyright(c) 2019-2020 Realtek Corporation
3 */
4
5 #include <linux/devcoredump.h>
6
7 #include "cam.h"
8 #include "chan.h"
9 #include "debug.h"
10 #include "fw.h"
11 #include "mac.h"
12 #include "ps.h"
13 #include "reg.h"
14 #include "ser.h"
15 #include "util.h"
16
17 #define SER_RECFG_TIMEOUT 1000
18
19 enum ser_evt {
20 SER_EV_NONE,
21 SER_EV_STATE_IN,
22 SER_EV_STATE_OUT,
23 SER_EV_L1_RESET_PREPARE, /* pre-M0 */
24 SER_EV_L1_RESET, /* M1 */
25 SER_EV_DO_RECOVERY, /* M3 */
26 SER_EV_MAC_RESET_DONE, /* M5 */
27 SER_EV_L2_RESET,
28 SER_EV_L2_RECFG_DONE,
29 SER_EV_L2_RECFG_TIMEOUT,
30 SER_EV_M1_TIMEOUT,
31 SER_EV_M3_TIMEOUT,
32 SER_EV_FW_M5_TIMEOUT,
33 SER_EV_L0_RESET,
34 SER_EV_MAXX
35 };
36
37 enum ser_state {
38 SER_IDLE_ST,
39 SER_L1_RESET_PRE_ST,
40 SER_RESET_TRX_ST,
41 SER_DO_HCI_ST,
42 SER_L2_RESET_ST,
43 SER_ST_MAX_ST
44 };
45
46 struct ser_msg {
47 struct list_head list;
48 u8 event;
49 };
50
51 struct state_ent {
52 u8 state;
53 char *name;
54 void (*st_func)(struct rtw89_ser *ser, u8 event);
55 };
56
57 struct event_ent {
58 u8 event;
59 char *name;
60 };
61
ser_ev_name(struct rtw89_ser * ser,u8 event)62 static char *ser_ev_name(struct rtw89_ser *ser, u8 event)
63 {
64 if (event < SER_EV_MAXX)
65 return ser->ev_tbl[event].name;
66
67 return "err_ev_name";
68 }
69
ser_st_name(struct rtw89_ser * ser)70 static char *ser_st_name(struct rtw89_ser *ser)
71 {
72 if (ser->state < SER_ST_MAX_ST)
73 return ser->st_tbl[ser->state].name;
74
75 return "err_st_name";
76 }
77
78 #define RTW89_DEF_SER_CD_TYPE(_name, _type, _size) \
79 struct ser_cd_ ## _name { \
80 u32 type; \
81 u32 type_size; \
82 u64 padding; \
83 u8 data[_size]; \
84 } __packed; \
85 static void ser_cd_ ## _name ## _init(struct ser_cd_ ## _name *p) \
86 { \
87 p->type = _type; \
88 p->type_size = sizeof(p->data); \
89 p->padding = 0x0123456789abcdef; \
90 }
91
92 enum rtw89_ser_cd_type {
93 RTW89_SER_CD_FW_RSVD_PLE = 0,
94 RTW89_SER_CD_FW_BACKTRACE = 1,
95 };
96
97 RTW89_DEF_SER_CD_TYPE(fw_rsvd_ple,
98 RTW89_SER_CD_FW_RSVD_PLE,
99 RTW89_FW_RSVD_PLE_SIZE);
100
101 RTW89_DEF_SER_CD_TYPE(fw_backtrace,
102 RTW89_SER_CD_FW_BACKTRACE,
103 RTW89_FW_BACKTRACE_MAX_SIZE);
104
105 struct rtw89_ser_cd_buffer {
106 struct ser_cd_fw_rsvd_ple fwple;
107 struct ser_cd_fw_backtrace fwbt;
108 } __packed;
109
rtw89_ser_cd_prep(struct rtw89_dev * rtwdev)110 static struct rtw89_ser_cd_buffer *rtw89_ser_cd_prep(struct rtw89_dev *rtwdev)
111 {
112 struct rtw89_ser_cd_buffer *buf;
113
114 buf = vzalloc(sizeof(*buf));
115 if (!buf)
116 return NULL;
117
118 ser_cd_fw_rsvd_ple_init(&buf->fwple);
119 ser_cd_fw_backtrace_init(&buf->fwbt);
120
121 return buf;
122 }
123
rtw89_ser_cd_send(struct rtw89_dev * rtwdev,struct rtw89_ser_cd_buffer * buf)124 static void rtw89_ser_cd_send(struct rtw89_dev *rtwdev,
125 struct rtw89_ser_cd_buffer *buf)
126 {
127 rtw89_debug(rtwdev, RTW89_DBG_SER, "SER sends core dump\n");
128
129 /* After calling dev_coredump, buf's lifetime is supposed to be
130 * handled by the device coredump framework. Note that a new dump
131 * will be discarded if a previous one hasn't been released by
132 * framework yet.
133 */
134 dev_coredumpv(rtwdev->dev, buf, sizeof(*buf), GFP_KERNEL);
135 }
136
rtw89_ser_cd_free(struct rtw89_dev * rtwdev,struct rtw89_ser_cd_buffer * buf,bool free_self)137 static void rtw89_ser_cd_free(struct rtw89_dev *rtwdev,
138 struct rtw89_ser_cd_buffer *buf, bool free_self)
139 {
140 if (!free_self)
141 return;
142
143 rtw89_debug(rtwdev, RTW89_DBG_SER, "SER frees core dump by self\n");
144
145 /* When some problems happen during filling data of core dump,
146 * we won't send it to device coredump framework. Instead, we
147 * free buf by ourselves.
148 */
149 vfree(buf);
150 }
151
ser_state_run(struct rtw89_ser * ser,u8 evt)152 static void ser_state_run(struct rtw89_ser *ser, u8 evt)
153 {
154 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
155
156 rtw89_debug(rtwdev, RTW89_DBG_SER, "ser: %s receive %s\n",
157 ser_st_name(ser), ser_ev_name(ser, evt));
158
159 wiphy_lock(rtwdev->hw->wiphy);
160 mutex_lock(&rtwdev->mutex);
161 rtw89_leave_lps(rtwdev);
162 mutex_unlock(&rtwdev->mutex);
163 wiphy_unlock(rtwdev->hw->wiphy);
164
165 ser->st_tbl[ser->state].st_func(ser, evt);
166 }
167
ser_state_goto(struct rtw89_ser * ser,u8 new_state)168 static void ser_state_goto(struct rtw89_ser *ser, u8 new_state)
169 {
170 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
171
172 if (ser->state == new_state || new_state >= SER_ST_MAX_ST)
173 return;
174 ser_state_run(ser, SER_EV_STATE_OUT);
175
176 rtw89_debug(rtwdev, RTW89_DBG_SER, "ser: %s goto -> %s\n",
177 ser_st_name(ser), ser->st_tbl[new_state].name);
178
179 ser->state = new_state;
180 ser_state_run(ser, SER_EV_STATE_IN);
181 }
182
__rtw89_ser_dequeue_msg(struct rtw89_ser * ser)183 static struct ser_msg *__rtw89_ser_dequeue_msg(struct rtw89_ser *ser)
184 {
185 struct ser_msg *msg;
186
187 spin_lock_irq(&ser->msg_q_lock);
188 msg = list_first_entry_or_null(&ser->msg_q, struct ser_msg, list);
189 if (msg)
190 list_del(&msg->list);
191 spin_unlock_irq(&ser->msg_q_lock);
192
193 return msg;
194 }
195
rtw89_ser_hdl_work(struct work_struct * work)196 static void rtw89_ser_hdl_work(struct work_struct *work)
197 {
198 struct ser_msg *msg;
199 struct rtw89_ser *ser = container_of(work, struct rtw89_ser,
200 ser_hdl_work);
201
202 while ((msg = __rtw89_ser_dequeue_msg(ser))) {
203 ser_state_run(ser, msg->event);
204 kfree(msg);
205 }
206 }
207
ser_send_msg(struct rtw89_ser * ser,u8 event)208 static int ser_send_msg(struct rtw89_ser *ser, u8 event)
209 {
210 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
211 struct ser_msg *msg = NULL;
212
213 if (test_bit(RTW89_SER_DRV_STOP_RUN, ser->flags))
214 return -EIO;
215
216 msg = kmalloc(sizeof(*msg), GFP_ATOMIC);
217 if (!msg)
218 return -ENOMEM;
219
220 msg->event = event;
221
222 spin_lock_irq(&ser->msg_q_lock);
223 list_add(&msg->list, &ser->msg_q);
224 spin_unlock_irq(&ser->msg_q_lock);
225
226 ieee80211_queue_work(rtwdev->hw, &ser->ser_hdl_work);
227 return 0;
228 }
229
rtw89_ser_alarm_work(struct work_struct * work)230 static void rtw89_ser_alarm_work(struct work_struct *work)
231 {
232 struct rtw89_ser *ser = container_of(work, struct rtw89_ser,
233 ser_alarm_work.work);
234
235 ser_send_msg(ser, ser->alarm_event);
236 ser->alarm_event = SER_EV_NONE;
237 }
238
ser_set_alarm(struct rtw89_ser * ser,u32 ms,u8 event)239 static void ser_set_alarm(struct rtw89_ser *ser, u32 ms, u8 event)
240 {
241 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
242
243 if (test_bit(RTW89_SER_DRV_STOP_RUN, ser->flags))
244 return;
245
246 ser->alarm_event = event;
247 ieee80211_queue_delayed_work(rtwdev->hw, &ser->ser_alarm_work,
248 msecs_to_jiffies(ms));
249 }
250
ser_del_alarm(struct rtw89_ser * ser)251 static void ser_del_alarm(struct rtw89_ser *ser)
252 {
253 cancel_delayed_work(&ser->ser_alarm_work);
254 ser->alarm_event = SER_EV_NONE;
255 }
256
257 /* driver function */
drv_stop_tx(struct rtw89_ser * ser)258 static void drv_stop_tx(struct rtw89_ser *ser)
259 {
260 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
261
262 ieee80211_stop_queues(rtwdev->hw);
263 set_bit(RTW89_SER_DRV_STOP_TX, ser->flags);
264 }
265
drv_stop_rx(struct rtw89_ser * ser)266 static void drv_stop_rx(struct rtw89_ser *ser)
267 {
268 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
269
270 clear_bit(RTW89_FLAG_RUNNING, rtwdev->flags);
271 set_bit(RTW89_SER_DRV_STOP_RX, ser->flags);
272 }
273
drv_trx_reset(struct rtw89_ser * ser)274 static void drv_trx_reset(struct rtw89_ser *ser)
275 {
276 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
277
278 rtw89_hci_reset(rtwdev);
279 }
280
drv_resume_tx(struct rtw89_ser * ser)281 static void drv_resume_tx(struct rtw89_ser *ser)
282 {
283 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
284
285 if (!test_bit(RTW89_SER_DRV_STOP_TX, ser->flags))
286 return;
287
288 ieee80211_wake_queues(rtwdev->hw);
289 clear_bit(RTW89_SER_DRV_STOP_TX, ser->flags);
290 }
291
drv_resume_rx(struct rtw89_ser * ser)292 static void drv_resume_rx(struct rtw89_ser *ser)
293 {
294 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
295
296 if (!test_bit(RTW89_SER_DRV_STOP_RX, ser->flags))
297 return;
298
299 set_bit(RTW89_FLAG_RUNNING, rtwdev->flags);
300 clear_bit(RTW89_SER_DRV_STOP_RX, ser->flags);
301 }
302
ser_reset_vif(struct rtw89_dev * rtwdev,struct rtw89_vif * rtwvif)303 static void ser_reset_vif(struct rtw89_dev *rtwdev, struct rtw89_vif *rtwvif)
304 {
305 struct rtw89_vif_link *rtwvif_link;
306 unsigned int link_id;
307
308 rtwvif->tdls_peer = 0;
309
310 rtw89_vif_for_each_link(rtwvif, rtwvif_link, link_id) {
311 rtw89_core_release_bit_map(rtwdev->hw_port, rtwvif_link->port);
312 rtwvif_link->net_type = RTW89_NET_TYPE_NO_LINK;
313 rtwvif_link->trigger = false;
314 }
315 }
316
ser_sta_deinit_cam_iter(void * data,struct ieee80211_sta * sta)317 static void ser_sta_deinit_cam_iter(void *data, struct ieee80211_sta *sta)
318 {
319 struct rtw89_vif *target_rtwvif = (struct rtw89_vif *)data;
320 struct rtw89_sta *rtwsta = sta_to_rtwsta(sta);
321 struct rtw89_vif *rtwvif = rtwsta->rtwvif;
322 struct rtw89_dev *rtwdev = rtwvif->rtwdev;
323 struct rtw89_vif_link *rtwvif_link;
324 struct rtw89_sta_link *rtwsta_link;
325 unsigned int link_id;
326
327 if (rtwvif != target_rtwvif)
328 return;
329
330 rtw89_sta_for_each_link(rtwsta, rtwsta_link, link_id) {
331 rtwvif_link = rtwsta_link->rtwvif_link;
332
333 if (rtwvif_link->net_type == RTW89_NET_TYPE_AP_MODE || sta->tdls)
334 rtw89_cam_deinit_addr_cam(rtwdev, &rtwsta_link->addr_cam);
335 if (sta->tdls)
336 rtw89_cam_deinit_bssid_cam(rtwdev, &rtwsta_link->bssid_cam);
337
338 INIT_LIST_HEAD(&rtwsta_link->ba_cam_list);
339 }
340 }
341
ser_deinit_cam(struct rtw89_dev * rtwdev,struct rtw89_vif * rtwvif)342 static void ser_deinit_cam(struct rtw89_dev *rtwdev, struct rtw89_vif *rtwvif)
343 {
344 struct rtw89_vif_link *rtwvif_link;
345 unsigned int link_id;
346
347 ieee80211_iterate_stations_atomic(rtwdev->hw,
348 ser_sta_deinit_cam_iter,
349 rtwvif);
350
351 rtw89_vif_for_each_link(rtwvif, rtwvif_link, link_id)
352 rtw89_cam_deinit(rtwdev, rtwvif_link);
353
354 bitmap_zero(rtwdev->cam_info.ba_cam_map, RTW89_MAX_BA_CAM_NUM);
355 }
356
ser_reset_mac_binding(struct rtw89_dev * rtwdev)357 static void ser_reset_mac_binding(struct rtw89_dev *rtwdev)
358 {
359 struct rtw89_vif *rtwvif;
360
361 rtw89_cam_reset_keys(rtwdev);
362 rtw89_for_each_rtwvif(rtwdev, rtwvif)
363 ser_deinit_cam(rtwdev, rtwvif);
364
365 rtw89_core_release_all_bits_map(rtwdev->mac_id_map, RTW89_MAX_MAC_ID_NUM);
366 rtw89_for_each_rtwvif(rtwdev, rtwvif)
367 ser_reset_vif(rtwdev, rtwvif);
368
369 rtwdev->total_sta_assoc = 0;
370 }
371
372 /* hal function */
hal_enable_dma(struct rtw89_ser * ser)373 static int hal_enable_dma(struct rtw89_ser *ser)
374 {
375 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
376 int ret;
377
378 if (!test_bit(RTW89_SER_HAL_STOP_DMA, ser->flags))
379 return 0;
380
381 if (!rtwdev->hci.ops->mac_lv1_rcvy)
382 return -EIO;
383
384 ret = rtwdev->hci.ops->mac_lv1_rcvy(rtwdev, RTW89_LV1_RCVY_STEP_2);
385 if (!ret)
386 clear_bit(RTW89_SER_HAL_STOP_DMA, ser->flags);
387 else
388 rtw89_debug(rtwdev, RTW89_DBG_SER,
389 "lv1 rcvy fail to start dma: %d\n", ret);
390
391 return ret;
392 }
393
hal_stop_dma(struct rtw89_ser * ser)394 static int hal_stop_dma(struct rtw89_ser *ser)
395 {
396 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
397 int ret;
398
399 if (!rtwdev->hci.ops->mac_lv1_rcvy)
400 return -EIO;
401
402 ret = rtwdev->hci.ops->mac_lv1_rcvy(rtwdev, RTW89_LV1_RCVY_STEP_1);
403 if (!ret)
404 set_bit(RTW89_SER_HAL_STOP_DMA, ser->flags);
405 else
406 rtw89_debug(rtwdev, RTW89_DBG_SER,
407 "lv1 rcvy fail to stop dma: %d\n", ret);
408
409 return ret;
410 }
411
hal_send_post_m0_event(struct rtw89_ser * ser)412 static void hal_send_post_m0_event(struct rtw89_ser *ser)
413 {
414 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
415
416 rtw89_mac_set_err_status(rtwdev, MAC_AX_ERR_L1_RESET_START_DMAC);
417 }
418
hal_send_m2_event(struct rtw89_ser * ser)419 static void hal_send_m2_event(struct rtw89_ser *ser)
420 {
421 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
422
423 rtw89_mac_set_err_status(rtwdev, MAC_AX_ERR_L1_DISABLE_EN);
424 }
425
hal_send_m4_event(struct rtw89_ser * ser)426 static void hal_send_m4_event(struct rtw89_ser *ser)
427 {
428 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
429
430 rtw89_mac_set_err_status(rtwdev, MAC_AX_ERR_L1_RCVY_EN);
431 }
432
433 /* state handler */
ser_idle_st_hdl(struct rtw89_ser * ser,u8 evt)434 static void ser_idle_st_hdl(struct rtw89_ser *ser, u8 evt)
435 {
436 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
437
438 switch (evt) {
439 case SER_EV_STATE_IN:
440 rtw89_hci_recovery_complete(rtwdev);
441 clear_bit(RTW89_FLAG_SER_HANDLING, rtwdev->flags);
442 clear_bit(RTW89_FLAG_CRASH_SIMULATING, rtwdev->flags);
443 break;
444 case SER_EV_L1_RESET_PREPARE:
445 ser_state_goto(ser, SER_L1_RESET_PRE_ST);
446 break;
447 case SER_EV_L1_RESET:
448 ser_state_goto(ser, SER_RESET_TRX_ST);
449 break;
450 case SER_EV_L2_RESET:
451 ser_state_goto(ser, SER_L2_RESET_ST);
452 break;
453 case SER_EV_STATE_OUT:
454 set_bit(RTW89_FLAG_SER_HANDLING, rtwdev->flags);
455 rtw89_hci_recovery_start(rtwdev);
456 break;
457 default:
458 break;
459 }
460 }
461
ser_l1_reset_pre_st_hdl(struct rtw89_ser * ser,u8 evt)462 static void ser_l1_reset_pre_st_hdl(struct rtw89_ser *ser, u8 evt)
463 {
464 switch (evt) {
465 case SER_EV_STATE_IN:
466 ser->prehandle_l1 = true;
467 hal_send_post_m0_event(ser);
468 ser_set_alarm(ser, 1000, SER_EV_M1_TIMEOUT);
469 break;
470 case SER_EV_L1_RESET:
471 ser_state_goto(ser, SER_RESET_TRX_ST);
472 break;
473 case SER_EV_M1_TIMEOUT:
474 ser_state_goto(ser, SER_L2_RESET_ST);
475 break;
476 case SER_EV_STATE_OUT:
477 ser_del_alarm(ser);
478 break;
479 default:
480 break;
481 }
482 }
483
ser_reset_trx_st_hdl(struct rtw89_ser * ser,u8 evt)484 static void ser_reset_trx_st_hdl(struct rtw89_ser *ser, u8 evt)
485 {
486 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
487 struct wiphy *wiphy = rtwdev->hw->wiphy;
488
489 switch (evt) {
490 case SER_EV_STATE_IN:
491 cancel_delayed_work_sync(&rtwdev->track_work);
492 drv_stop_tx(ser);
493
494 if (hal_stop_dma(ser)) {
495 ser_state_goto(ser, SER_L2_RESET_ST);
496 break;
497 }
498
499 drv_stop_rx(ser);
500 wiphy_lock(wiphy);
501 drv_trx_reset(ser);
502 wiphy_unlock(wiphy);
503
504 /* wait m3 */
505 hal_send_m2_event(ser);
506
507 /* set alarm to prevent FW response timeout */
508 ser_set_alarm(ser, 1000, SER_EV_M3_TIMEOUT);
509 break;
510
511 case SER_EV_DO_RECOVERY:
512 ser_state_goto(ser, SER_DO_HCI_ST);
513 break;
514
515 case SER_EV_M3_TIMEOUT:
516 ser_state_goto(ser, SER_L2_RESET_ST);
517 break;
518
519 case SER_EV_STATE_OUT:
520 ser_del_alarm(ser);
521 hal_enable_dma(ser);
522 drv_resume_rx(ser);
523 drv_resume_tx(ser);
524 ieee80211_queue_delayed_work(rtwdev->hw, &rtwdev->track_work,
525 RTW89_TRACK_WORK_PERIOD);
526 break;
527
528 default:
529 break;
530 }
531 }
532
ser_do_hci_st_hdl(struct rtw89_ser * ser,u8 evt)533 static void ser_do_hci_st_hdl(struct rtw89_ser *ser, u8 evt)
534 {
535 switch (evt) {
536 case SER_EV_STATE_IN:
537 /* wait m5 */
538 hal_send_m4_event(ser);
539
540 /* prevent FW response timeout */
541 ser_set_alarm(ser, 1000, SER_EV_FW_M5_TIMEOUT);
542 break;
543
544 case SER_EV_FW_M5_TIMEOUT:
545 ser_state_goto(ser, SER_L2_RESET_ST);
546 break;
547
548 case SER_EV_MAC_RESET_DONE:
549 ser_state_goto(ser, SER_IDLE_ST);
550 break;
551
552 case SER_EV_STATE_OUT:
553 ser_del_alarm(ser);
554 break;
555
556 default:
557 break;
558 }
559 }
560
ser_mac_mem_dump(struct rtw89_dev * rtwdev,u8 * buf,u8 sel,u32 start_addr,u32 len)561 static void ser_mac_mem_dump(struct rtw89_dev *rtwdev, u8 *buf,
562 u8 sel, u32 start_addr, u32 len)
563 {
564 const struct rtw89_mac_gen_def *mac = rtwdev->chip->mac_def;
565 u32 filter_model_addr = mac->filter_model_addr;
566 u32 indir_access_addr = mac->indir_access_addr;
567 u32 *ptr = (u32 *)buf;
568 u32 base_addr, start_page, residue;
569 u32 cnt = 0;
570 u32 i;
571
572 start_page = start_addr / MAC_MEM_DUMP_PAGE_SIZE;
573 residue = start_addr % MAC_MEM_DUMP_PAGE_SIZE;
574 base_addr = mac->mem_base_addrs[sel];
575 base_addr += start_page * MAC_MEM_DUMP_PAGE_SIZE;
576
577 while (cnt < len) {
578 rtw89_write32(rtwdev, filter_model_addr, base_addr);
579
580 for (i = indir_access_addr + residue;
581 i < indir_access_addr + MAC_MEM_DUMP_PAGE_SIZE;
582 i += 4, ptr++) {
583 *ptr = rtw89_read32(rtwdev, i);
584 cnt += 4;
585 if (cnt >= len)
586 break;
587 }
588
589 residue = 0;
590 base_addr += MAC_MEM_DUMP_PAGE_SIZE;
591 }
592 }
593
rtw89_ser_fw_rsvd_ple_dump(struct rtw89_dev * rtwdev,u8 * buf)594 static void rtw89_ser_fw_rsvd_ple_dump(struct rtw89_dev *rtwdev, u8 *buf)
595 {
596 u32 start_addr = rtwdev->chip->rsvd_ple_ofst;
597
598 rtw89_debug(rtwdev, RTW89_DBG_SER,
599 "dump mem for fw rsvd payload engine (start addr: 0x%x)\n",
600 start_addr);
601 ser_mac_mem_dump(rtwdev, buf, RTW89_MAC_MEM_SHARED_BUF, start_addr,
602 RTW89_FW_RSVD_PLE_SIZE);
603 }
604
605 struct __fw_backtrace_entry {
606 u32 wcpu_addr;
607 u32 size;
608 u32 key;
609 } __packed;
610
611 struct __fw_backtrace_info {
612 u32 ra;
613 u32 sp;
614 } __packed;
615
616 static_assert(RTW89_FW_BACKTRACE_INFO_SIZE ==
617 sizeof(struct __fw_backtrace_info));
618
convert_addr_from_wcpu(u32 wcpu_addr)619 static u32 convert_addr_from_wcpu(u32 wcpu_addr)
620 {
621 if (wcpu_addr < 0x30000000)
622 return wcpu_addr;
623
624 return wcpu_addr & GENMASK(28, 0);
625 }
626
rtw89_ser_fw_backtrace_dump(struct rtw89_dev * rtwdev,u8 * buf,const struct __fw_backtrace_entry * ent)627 static int rtw89_ser_fw_backtrace_dump(struct rtw89_dev *rtwdev, u8 *buf,
628 const struct __fw_backtrace_entry *ent)
629 {
630 struct __fw_backtrace_info *ptr = (struct __fw_backtrace_info *)buf;
631 const struct rtw89_mac_gen_def *mac = rtwdev->chip->mac_def;
632 u32 filter_model_addr = mac->filter_model_addr;
633 u32 indir_access_addr = mac->indir_access_addr;
634 u32 fwbt_addr = convert_addr_from_wcpu(ent->wcpu_addr);
635 u32 fwbt_size = ent->size;
636 u32 fwbt_key = ent->key;
637 u32 i;
638
639 if (fwbt_addr == 0) {
640 rtw89_warn(rtwdev, "FW backtrace invalid address: 0x%x\n",
641 fwbt_addr);
642 return -EINVAL;
643 }
644
645 if (fwbt_key != RTW89_FW_BACKTRACE_KEY) {
646 rtw89_warn(rtwdev, "FW backtrace invalid key: 0x%x\n",
647 fwbt_key);
648 return -EINVAL;
649 }
650
651 if (fwbt_size == 0 || !RTW89_VALID_FW_BACKTRACE_SIZE(fwbt_size) ||
652 fwbt_size > RTW89_FW_BACKTRACE_MAX_SIZE) {
653 rtw89_warn(rtwdev, "FW backtrace invalid size: 0x%x\n",
654 fwbt_size);
655 return -EINVAL;
656 }
657
658 rtw89_debug(rtwdev, RTW89_DBG_SER, "dump fw backtrace start\n");
659 rtw89_write32(rtwdev, filter_model_addr, fwbt_addr);
660
661 for (i = indir_access_addr;
662 i < indir_access_addr + fwbt_size;
663 i += RTW89_FW_BACKTRACE_INFO_SIZE, ptr++) {
664 *ptr = (struct __fw_backtrace_info){
665 .ra = rtw89_read32(rtwdev, i),
666 .sp = rtw89_read32(rtwdev, i + 4),
667 };
668 rtw89_debug(rtwdev, RTW89_DBG_SER,
669 "next sp: 0x%x, next ra: 0x%x\n",
670 ptr->sp, ptr->ra);
671 }
672
673 rtw89_debug(rtwdev, RTW89_DBG_SER, "dump fw backtrace end\n");
674 return 0;
675 }
676
ser_l2_reset_st_pre_hdl(struct rtw89_ser * ser)677 static void ser_l2_reset_st_pre_hdl(struct rtw89_ser *ser)
678 {
679 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
680 struct rtw89_ser_cd_buffer *buf;
681 struct __fw_backtrace_entry fwbt_ent;
682 int ret = 0;
683
684 buf = rtw89_ser_cd_prep(rtwdev);
685 if (!buf) {
686 ret = -ENOMEM;
687 goto bottom;
688 }
689
690 rtw89_ser_fw_rsvd_ple_dump(rtwdev, buf->fwple.data);
691
692 fwbt_ent = *(struct __fw_backtrace_entry *)buf->fwple.data;
693 ret = rtw89_ser_fw_backtrace_dump(rtwdev, buf->fwbt.data, &fwbt_ent);
694 if (ret)
695 goto bottom;
696
697 rtw89_ser_cd_send(rtwdev, buf);
698
699 bottom:
700 rtw89_ser_cd_free(rtwdev, buf, !!ret);
701
702 ser_reset_mac_binding(rtwdev);
703 rtw89_core_stop(rtwdev);
704 rtw89_entity_init(rtwdev);
705 rtw89_fw_release_general_pkt_list(rtwdev, false);
706 INIT_LIST_HEAD(&rtwdev->rtwvifs_list);
707 }
708
ser_l2_reset_st_hdl(struct rtw89_ser * ser,u8 evt)709 static void ser_l2_reset_st_hdl(struct rtw89_ser *ser, u8 evt)
710 {
711 struct rtw89_dev *rtwdev = container_of(ser, struct rtw89_dev, ser);
712
713 switch (evt) {
714 case SER_EV_STATE_IN:
715 wiphy_lock(rtwdev->hw->wiphy);
716 mutex_lock(&rtwdev->mutex);
717 ser_l2_reset_st_pre_hdl(ser);
718 mutex_unlock(&rtwdev->mutex);
719 wiphy_unlock(rtwdev->hw->wiphy);
720
721 ieee80211_restart_hw(rtwdev->hw);
722 ser_set_alarm(ser, SER_RECFG_TIMEOUT, SER_EV_L2_RECFG_TIMEOUT);
723 break;
724
725 case SER_EV_L2_RECFG_TIMEOUT:
726 rtw89_info(rtwdev, "Err: ser L2 re-config timeout\n");
727 fallthrough;
728 case SER_EV_L2_RECFG_DONE:
729 ser_state_goto(ser, SER_IDLE_ST);
730 break;
731
732 case SER_EV_STATE_OUT:
733 ser_del_alarm(ser);
734 break;
735
736 default:
737 break;
738 }
739 }
740
741 static const struct event_ent ser_ev_tbl[] = {
742 {SER_EV_NONE, "SER_EV_NONE"},
743 {SER_EV_STATE_IN, "SER_EV_STATE_IN"},
744 {SER_EV_STATE_OUT, "SER_EV_STATE_OUT"},
745 {SER_EV_L1_RESET_PREPARE, "SER_EV_L1_RESET_PREPARE pre-m0"},
746 {SER_EV_L1_RESET, "SER_EV_L1_RESET m1"},
747 {SER_EV_DO_RECOVERY, "SER_EV_DO_RECOVERY m3"},
748 {SER_EV_MAC_RESET_DONE, "SER_EV_MAC_RESET_DONE m5"},
749 {SER_EV_L2_RESET, "SER_EV_L2_RESET"},
750 {SER_EV_L2_RECFG_DONE, "SER_EV_L2_RECFG_DONE"},
751 {SER_EV_L2_RECFG_TIMEOUT, "SER_EV_L2_RECFG_TIMEOUT"},
752 {SER_EV_M1_TIMEOUT, "SER_EV_M1_TIMEOUT"},
753 {SER_EV_M3_TIMEOUT, "SER_EV_M3_TIMEOUT"},
754 {SER_EV_FW_M5_TIMEOUT, "SER_EV_FW_M5_TIMEOUT"},
755 {SER_EV_L0_RESET, "SER_EV_L0_RESET"},
756 {SER_EV_MAXX, "SER_EV_MAX"}
757 };
758
759 static const struct state_ent ser_st_tbl[] = {
760 {SER_IDLE_ST, "SER_IDLE_ST", ser_idle_st_hdl},
761 {SER_L1_RESET_PRE_ST, "SER_L1_RESET_PRE_ST", ser_l1_reset_pre_st_hdl},
762 {SER_RESET_TRX_ST, "SER_RESET_TRX_ST", ser_reset_trx_st_hdl},
763 {SER_DO_HCI_ST, "SER_DO_HCI_ST", ser_do_hci_st_hdl},
764 {SER_L2_RESET_ST, "SER_L2_RESET_ST", ser_l2_reset_st_hdl}
765 };
766
rtw89_ser_init(struct rtw89_dev * rtwdev)767 int rtw89_ser_init(struct rtw89_dev *rtwdev)
768 {
769 struct rtw89_ser *ser = &rtwdev->ser;
770
771 memset(ser, 0, sizeof(*ser));
772 INIT_LIST_HEAD(&ser->msg_q);
773 ser->state = SER_IDLE_ST;
774 ser->st_tbl = ser_st_tbl;
775 ser->ev_tbl = ser_ev_tbl;
776
777 bitmap_zero(ser->flags, RTW89_NUM_OF_SER_FLAGS);
778 spin_lock_init(&ser->msg_q_lock);
779 INIT_WORK(&ser->ser_hdl_work, rtw89_ser_hdl_work);
780 INIT_DELAYED_WORK(&ser->ser_alarm_work, rtw89_ser_alarm_work);
781 return 0;
782 }
783
rtw89_ser_deinit(struct rtw89_dev * rtwdev)784 int rtw89_ser_deinit(struct rtw89_dev *rtwdev)
785 {
786 struct rtw89_ser *ser = (struct rtw89_ser *)&rtwdev->ser;
787
788 set_bit(RTW89_SER_DRV_STOP_RUN, ser->flags);
789 cancel_delayed_work_sync(&ser->ser_alarm_work);
790 cancel_work_sync(&ser->ser_hdl_work);
791 clear_bit(RTW89_SER_DRV_STOP_RUN, ser->flags);
792 return 0;
793 }
794
rtw89_ser_recfg_done(struct rtw89_dev * rtwdev)795 void rtw89_ser_recfg_done(struct rtw89_dev *rtwdev)
796 {
797 ser_send_msg(&rtwdev->ser, SER_EV_L2_RECFG_DONE);
798 }
799
rtw89_ser_notify(struct rtw89_dev * rtwdev,u32 err)800 int rtw89_ser_notify(struct rtw89_dev *rtwdev, u32 err)
801 {
802 u8 event = SER_EV_NONE;
803
804 rtw89_info(rtwdev, "SER catches error: 0x%x\n", err);
805
806 switch (err) {
807 case MAC_AX_ERR_L1_PREERR_DMAC: /* pre-M0 */
808 event = SER_EV_L1_RESET_PREPARE;
809 break;
810 case MAC_AX_ERR_L1_ERR_DMAC:
811 case MAC_AX_ERR_L0_PROMOTE_TO_L1:
812 event = SER_EV_L1_RESET; /* M1 */
813 break;
814 case MAC_AX_ERR_L1_RESET_DISABLE_DMAC_DONE:
815 event = SER_EV_DO_RECOVERY; /* M3 */
816 break;
817 case MAC_AX_ERR_L1_RESET_RECOVERY_DONE:
818 event = SER_EV_MAC_RESET_DONE; /* M5 */
819 break;
820 case MAC_AX_ERR_L0_ERR_CMAC0:
821 case MAC_AX_ERR_L0_ERR_CMAC1:
822 case MAC_AX_ERR_L0_RESET_DONE:
823 event = SER_EV_L0_RESET;
824 break;
825 default:
826 if (err == MAC_AX_ERR_L1_PROMOTE_TO_L2 ||
827 (err >= MAC_AX_ERR_L2_ERR_AH_DMA &&
828 err <= MAC_AX_GET_ERR_MAX))
829 event = SER_EV_L2_RESET;
830 break;
831 }
832
833 if (event == SER_EV_NONE) {
834 rtw89_warn(rtwdev, "SER cannot recognize error: 0x%x\n", err);
835 return -EINVAL;
836 }
837
838 ser_send_msg(&rtwdev->ser, event);
839 return 0;
840 }
841 EXPORT_SYMBOL(rtw89_ser_notify);
842