1 // SPDX-License-Identifier: GPL-2.0-or-later
3 * NCI based driver for Samsung S3FWRN5 NFC chip
5 * Copyright (C) 2015 Samsung Electrnoics
6 * Robert Baldyga <r.baldyga@samsung.com>
9 #include <linux/completion.h>
10 #include <linux/firmware.h>
11 #include <crypto/hash.h>
12 #include <crypto/sha.h>
17 struct s3fwrn5_fw_version {
24 static int s3fwrn5_fw_send_msg(struct s3fwrn5_fw_info *fw_info,
25 struct sk_buff *msg, struct sk_buff **rsp)
27 struct s3fwrn5_info *info =
28 container_of(fw_info, struct s3fwrn5_info, fw_info);
31 reinit_completion(&fw_info->completion);
33 ret = s3fwrn5_write(info, msg);
37 ret = wait_for_completion_interruptible_timeout(
38 &fw_info->completion, msecs_to_jiffies(1000));
53 static int s3fwrn5_fw_prep_msg(struct s3fwrn5_fw_info *fw_info,
54 struct sk_buff **msg, u8 type, u8 code, const void *data, u16 len)
56 struct s3fwrn5_fw_header hdr;
59 hdr.type = type | fw_info->parity;
60 fw_info->parity ^= 0x80;
64 skb = alloc_skb(S3FWRN5_FW_HDR_SIZE + len, GFP_KERNEL);
68 skb_put_data(skb, &hdr, S3FWRN5_FW_HDR_SIZE);
70 skb_put_data(skb, data, len);
77 static int s3fwrn5_fw_get_bootinfo(struct s3fwrn5_fw_info *fw_info,
78 struct s3fwrn5_fw_cmd_get_bootinfo_rsp *bootinfo)
80 struct sk_buff *msg, *rsp = NULL;
81 struct s3fwrn5_fw_header *hdr;
84 /* Send GET_BOOTINFO command */
86 ret = s3fwrn5_fw_prep_msg(fw_info, &msg, S3FWRN5_FW_MSG_CMD,
87 S3FWRN5_FW_CMD_GET_BOOTINFO, NULL, 0);
91 ret = s3fwrn5_fw_send_msg(fw_info, msg, &rsp);
96 hdr = (struct s3fwrn5_fw_header *) rsp->data;
97 if (hdr->code != S3FWRN5_FW_RET_SUCCESS) {
102 memcpy(bootinfo, rsp->data + S3FWRN5_FW_HDR_SIZE, 10);
109 static int s3fwrn5_fw_enter_update_mode(struct s3fwrn5_fw_info *fw_info,
110 const void *hash_data, u16 hash_size,
111 const void *sig_data, u16 sig_size)
113 struct s3fwrn5_fw_cmd_enter_updatemode args;
114 struct sk_buff *msg, *rsp = NULL;
115 struct s3fwrn5_fw_header *hdr;
118 /* Send ENTER_UPDATE_MODE command */
120 args.hashcode_size = hash_size;
121 args.signature_size = sig_size;
123 ret = s3fwrn5_fw_prep_msg(fw_info, &msg, S3FWRN5_FW_MSG_CMD,
124 S3FWRN5_FW_CMD_ENTER_UPDATE_MODE, &args, sizeof(args));
128 ret = s3fwrn5_fw_send_msg(fw_info, msg, &rsp);
133 hdr = (struct s3fwrn5_fw_header *) rsp->data;
134 if (hdr->code != S3FWRN5_FW_RET_SUCCESS) {
141 /* Send hashcode data */
143 ret = s3fwrn5_fw_prep_msg(fw_info, &msg, S3FWRN5_FW_MSG_DATA, 0,
144 hash_data, hash_size);
148 ret = s3fwrn5_fw_send_msg(fw_info, msg, &rsp);
153 hdr = (struct s3fwrn5_fw_header *) rsp->data;
154 if (hdr->code != S3FWRN5_FW_RET_SUCCESS) {
161 /* Send signature data */
163 ret = s3fwrn5_fw_prep_msg(fw_info, &msg, S3FWRN5_FW_MSG_DATA, 0,
168 ret = s3fwrn5_fw_send_msg(fw_info, msg, &rsp);
173 hdr = (struct s3fwrn5_fw_header *) rsp->data;
174 if (hdr->code != S3FWRN5_FW_RET_SUCCESS)
182 static int s3fwrn5_fw_update_sector(struct s3fwrn5_fw_info *fw_info,
183 u32 base_addr, const void *data)
185 struct s3fwrn5_fw_cmd_update_sector args;
186 struct sk_buff *msg, *rsp = NULL;
187 struct s3fwrn5_fw_header *hdr;
190 /* Send UPDATE_SECTOR command */
192 args.base_address = base_addr;
194 ret = s3fwrn5_fw_prep_msg(fw_info, &msg, S3FWRN5_FW_MSG_CMD,
195 S3FWRN5_FW_CMD_UPDATE_SECTOR, &args, sizeof(args));
199 ret = s3fwrn5_fw_send_msg(fw_info, msg, &rsp);
204 hdr = (struct s3fwrn5_fw_header *) rsp->data;
205 if (hdr->code != S3FWRN5_FW_RET_SUCCESS) {
212 /* Send data split into 256-byte packets */
214 for (i = 0; i < 16; ++i) {
215 ret = s3fwrn5_fw_prep_msg(fw_info, &msg,
216 S3FWRN5_FW_MSG_DATA, 0, data+256*i, 256);
220 ret = s3fwrn5_fw_send_msg(fw_info, msg, &rsp);
225 hdr = (struct s3fwrn5_fw_header *) rsp->data;
226 if (hdr->code != S3FWRN5_FW_RET_SUCCESS) {
241 static int s3fwrn5_fw_complete_update_mode(struct s3fwrn5_fw_info *fw_info)
243 struct sk_buff *msg, *rsp = NULL;
244 struct s3fwrn5_fw_header *hdr;
247 /* Send COMPLETE_UPDATE_MODE command */
249 ret = s3fwrn5_fw_prep_msg(fw_info, &msg, S3FWRN5_FW_MSG_CMD,
250 S3FWRN5_FW_CMD_COMPLETE_UPDATE_MODE, NULL, 0);
254 ret = s3fwrn5_fw_send_msg(fw_info, msg, &rsp);
259 hdr = (struct s3fwrn5_fw_header *) rsp->data;
260 if (hdr->code != S3FWRN5_FW_RET_SUCCESS)
269 * Firmware header stucture:
271 * 0x00 - 0x0B : Date and time string (w/o NUL termination)
272 * 0x10 - 0x13 : Firmware version
273 * 0x14 - 0x17 : Signature address
274 * 0x18 - 0x1B : Signature size
275 * 0x1C - 0x1F : Firmware image address
276 * 0x20 - 0x23 : Firmware sectors count
277 * 0x24 - 0x27 : Custom signature address
278 * 0x28 - 0x2B : Custom signature size
281 #define S3FWRN5_FW_IMAGE_HEADER_SIZE 44
283 static int s3fwrn5_fw_request_firmware(struct s3fwrn5_fw_info *fw_info)
285 struct s3fwrn5_fw_image *fw = &fw_info->fw;
291 ret = reject_firmware(&fw->fw, fw_info->fw_name,
292 &fw_info->ndev->nfc_dev->dev);
296 if (fw->fw->size < S3FWRN5_FW_IMAGE_HEADER_SIZE)
299 memcpy(fw->date, fw->fw->data + 0x00, 12);
302 memcpy(&fw->version, fw->fw->data + 0x10, 4);
304 memcpy(&sig_off, fw->fw->data + 0x14, 4);
305 fw->sig = fw->fw->data + sig_off;
306 memcpy(&fw->sig_size, fw->fw->data + 0x18, 4);
308 memcpy(&image_off, fw->fw->data + 0x1C, 4);
309 fw->image = fw->fw->data + image_off;
310 memcpy(&fw->image_sectors, fw->fw->data + 0x20, 4);
312 memcpy(&custom_sig_off, fw->fw->data + 0x24, 4);
313 fw->custom_sig = fw->fw->data + custom_sig_off;
314 memcpy(&fw->custom_sig_size, fw->fw->data + 0x28, 4);
319 static void s3fwrn5_fw_release_firmware(struct s3fwrn5_fw_info *fw_info)
321 release_firmware(fw_info->fw.fw);
324 static int s3fwrn5_fw_get_base_addr(
325 struct s3fwrn5_fw_cmd_get_bootinfo_rsp *bootinfo, u32 *base_addr)
328 static const struct {
332 {{0x05, 0x00, 0x00, 0x00}, 0x00005000},
333 {{0x05, 0x00, 0x00, 0x01}, 0x00003000},
334 {{0x05, 0x00, 0x00, 0x02}, 0x00003000},
335 {{0x05, 0x00, 0x00, 0x03}, 0x00003000},
336 {{0x05, 0x00, 0x00, 0x05}, 0x00003000}
339 for (i = 0; i < ARRAY_SIZE(match); ++i)
340 if (bootinfo->hw_version[0] == match[i].version[0] &&
341 bootinfo->hw_version[1] == match[i].version[1] &&
342 bootinfo->hw_version[3] == match[i].version[3]) {
343 *base_addr = match[i].base_addr;
351 s3fwrn5_fw_is_custom(struct s3fwrn5_fw_cmd_get_bootinfo_rsp *bootinfo)
353 return !!bootinfo->hw_version[2];
356 int s3fwrn5_fw_setup(struct s3fwrn5_fw_info *fw_info)
358 struct s3fwrn5_fw_cmd_get_bootinfo_rsp bootinfo;
361 /* Get firmware data */
363 ret = s3fwrn5_fw_request_firmware(fw_info);
365 dev_err(&fw_info->ndev->nfc_dev->dev,
366 "Failed to get fw file, ret=%02x\n", ret);
370 /* Get bootloader info */
372 ret = s3fwrn5_fw_get_bootinfo(fw_info, &bootinfo);
374 dev_err(&fw_info->ndev->nfc_dev->dev,
375 "Failed to get bootinfo, ret=%02x\n", ret);
379 /* Match hardware version to obtain firmware base address */
381 ret = s3fwrn5_fw_get_base_addr(&bootinfo, &fw_info->base_addr);
383 dev_err(&fw_info->ndev->nfc_dev->dev,
384 "Unknown hardware version\n");
388 fw_info->sector_size = bootinfo.sector_size;
390 fw_info->sig_size = s3fwrn5_fw_is_custom(&bootinfo) ?
391 fw_info->fw.custom_sig_size : fw_info->fw.sig_size;
392 fw_info->sig = s3fwrn5_fw_is_custom(&bootinfo) ?
393 fw_info->fw.custom_sig : fw_info->fw.sig;
398 s3fwrn5_fw_release_firmware(fw_info);
402 bool s3fwrn5_fw_check_version(struct s3fwrn5_fw_info *fw_info, u32 version)
404 struct s3fwrn5_fw_version *new = (void *) &fw_info->fw.version;
405 struct s3fwrn5_fw_version *old = (void *) &version;
407 if (new->major > old->major)
409 if (new->build1 > old->build1)
411 if (new->build2 > old->build2)
417 int s3fwrn5_fw_download(struct s3fwrn5_fw_info *fw_info)
419 struct s3fwrn5_fw_image *fw = &fw_info->fw;
420 u8 hash_data[SHA1_DIGEST_SIZE];
421 struct crypto_shash *tfm;
425 image_size = fw_info->sector_size * fw->image_sectors;
427 /* Compute SHA of firmware data */
429 tfm = crypto_alloc_shash("sha1", 0, 0);
432 dev_err(&fw_info->ndev->nfc_dev->dev,
433 "Cannot allocate shash (code=%d)\n", ret);
438 SHASH_DESC_ON_STACK(desc, tfm);
442 ret = crypto_shash_digest(desc, fw->image, image_size,
444 shash_desc_zero(desc);
447 crypto_free_shash(tfm);
449 dev_err(&fw_info->ndev->nfc_dev->dev,
450 "Cannot compute hash (code=%d)\n", ret);
454 /* Firmware update process */
456 dev_info(&fw_info->ndev->nfc_dev->dev,
457 "Firmware update: %s\n", fw_info->fw_name);
459 ret = s3fwrn5_fw_enter_update_mode(fw_info, hash_data,
460 SHA1_DIGEST_SIZE, fw_info->sig, fw_info->sig_size);
462 dev_err(&fw_info->ndev->nfc_dev->dev,
463 "Unable to enter update mode\n");
467 for (off = 0; off < image_size; off += fw_info->sector_size) {
468 ret = s3fwrn5_fw_update_sector(fw_info,
469 fw_info->base_addr + off, fw->image + off);
471 dev_err(&fw_info->ndev->nfc_dev->dev,
472 "Firmware update error (code=%d)\n", ret);
477 ret = s3fwrn5_fw_complete_update_mode(fw_info);
479 dev_err(&fw_info->ndev->nfc_dev->dev,
480 "Unable to complete update mode\n");
484 dev_info(&fw_info->ndev->nfc_dev->dev,
485 "Firmware update: success\n");
491 void s3fwrn5_fw_init(struct s3fwrn5_fw_info *fw_info, const char *fw_name)
493 fw_info->parity = 0x00;
495 fw_info->fw.fw = NULL;
496 strcpy(fw_info->fw_name, fw_name);
497 init_completion(&fw_info->completion);
500 void s3fwrn5_fw_cleanup(struct s3fwrn5_fw_info *fw_info)
502 s3fwrn5_fw_release_firmware(fw_info);
505 int s3fwrn5_fw_recv_frame(struct nci_dev *ndev, struct sk_buff *skb)
507 struct s3fwrn5_info *info = nci_get_drvdata(ndev);
508 struct s3fwrn5_fw_info *fw_info = &info->fw_info;
510 BUG_ON(fw_info->rsp);
514 complete(&fw_info->completion);
projects / librecmc / linux-libre.git / blob