From patchwork Wed Oct 30 02:21:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ping-Ke Shih X-Patchwork-Id: 839846 Received: from rtits2.realtek.com.tw (rtits2.realtek.com [211.75.126.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 662533EA69 for ; Wed, 30 Oct 2024 02:22:09 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=211.75.126.72 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730254934; cv=none; b=QbFacmfQ4X5VOdedw/n1aaMG9FwZUkC/Zt2y6YiBkBZu/IEVdRxJHoOIMJIBW78ceVYgdos695uFeLhROxA5SEKN+3PbdEBKGFt/er/kW5BgryZW5Tpm2Dvz5nCjH99uyZr74NWnG/VmudMW3Juan72nw6VXZy10iOLGuOCZ+Cs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730254934; c=relaxed/simple; bh=Zq+4C8WBA2vHSTBl1eVIA3NLN8Tz00awbV0tNwkCEyw=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=apaoL6A9NYw8pCBBgdr589jC6PBphzOomQPp6rw2ODZqRtAH6mQW9hKjkWiGXfTPRjJM49JzAmmCru6FEg8X6FQfU1p4J+J3gki4cFJyHFjSmacPDssK38JtGI8iZWcwGku2Vjq8E5dc0mkNtSOc664zQbeLqkP3wAn6RNdHAfQ= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=realtek.com; spf=pass smtp.mailfrom=realtek.com; dkim=temperror (0-bit key) header.d=realtek.com header.i=@realtek.com header.b=jwl7Xobe; arc=none smtp.client-ip=211.75.126.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=realtek.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=realtek.com Authentication-Results: smtp.subspace.kernel.org; dkim=temperror (0-bit key) header.d=realtek.com header.i=@realtek.com header.b="jwl7Xobe" X-SpamFilter-By: ArmorX SpamTrap 5.78 with qID 49U2M8k143310572, This message is accepted by code: ctloc85258 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=realtek.com; s=dkim; t=1730254928; bh=Zq+4C8WBA2vHSTBl1eVIA3NLN8Tz00awbV0tNwkCEyw=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Transfer-Encoding:Content-Type; b=jwl7XobeJx+ywPfv37f5NgvMyReJlMgoTdHeLLOCGsNhz8JyU5H9eFEnIzFC4kN/2 1KnYdAgh5nkQsWSa6AfOreXUKqd9HA+FKotkby2hW1Pr2EFGEgFBhSx1ciEvV6xES3 uS53L2wb3sXgQjE2aaNzOA/2lo06w3hNndBZ98bccPTomGb1ShT+2ZA+3hRZ0tR6lR uGastjueyleTpcCyZjdWkWkZULuKVwxvQWz/fkNd/82CwkmqKKG094zxqsKW7uefq6 Yif2ZM6EGpIFDQ9+YQTOEty7CR+3N2bkMJido6vW/zylBePIBD54IO8Fu+hYlGewJi 9K0WtxFN0GmtA== Received: from mail.realtek.com (rtexh36506.realtek.com.tw[172.21.6.27]) by rtits2.realtek.com.tw (8.15.2/3.06/5.92) with ESMTPS id 49U2M8k143310572 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Wed, 30 Oct 2024 10:22:08 +0800 Received: from RTEXMBS04.realtek.com.tw (172.21.6.97) by RTEXH36506.realtek.com.tw (172.21.6.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.39; Wed, 30 Oct 2024 10:22:08 +0800 Received: from [127.0.1.1] (172.21.69.94) by RTEXMBS04.realtek.com.tw (172.21.6.97) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 30 Oct 2024 10:22:08 +0800 From: Ping-Ke Shih To: Subject: [PATCH 1/8] wifi: rtw89: efuse: move reading efuse of fw secure info to common Date: Wed, 30 Oct 2024 10:21:28 +0800 Message-ID: <20241030022135.11688-2-pkshih@realtek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241030022135.11688-1-pkshih@realtek.com> References: <20241030022135.11688-1-pkshih@realtek.com> Precedence: bulk X-Mailing-List: linux-wireless@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: RTEXMBS02.realtek.com.tw (172.21.6.95) To RTEXMBS04.realtek.com.tw (172.21.6.97) The secure key used by certain hardware module is programmed in efuse, so driver should read the information from efuse before downloading firmware. Originally only RTL8922AE can support firmware secure boot, and read efuse during chip power on. To extend to support all chips, move the caller to common power on flow and add separate functions to read efuse for WiFi 6 chips. No logic change at all. Signed-off-by: Ping-Ke Shih --- drivers/net/wireless/realtek/rtw89/efuse.c | 5 +++++ drivers/net/wireless/realtek/rtw89/efuse.h | 1 + drivers/net/wireless/realtek/rtw89/efuse_be.c | 1 - drivers/net/wireless/realtek/rtw89/mac.c | 5 +++++ drivers/net/wireless/realtek/rtw89/mac.h | 1 + drivers/net/wireless/realtek/rtw89/mac_be.c | 1 + drivers/net/wireless/realtek/rtw89/rtw8922a.c | 3 --- 7 files changed, 13 insertions(+), 4 deletions(-) diff --git a/drivers/net/wireless/realtek/rtw89/efuse.c b/drivers/net/wireless/realtek/rtw89/efuse.c index e1236079a84a..532623130c41 100644 --- a/drivers/net/wireless/realtek/rtw89/efuse.c +++ b/drivers/net/wireless/realtek/rtw89/efuse.c @@ -354,3 +354,8 @@ int rtw89_read_efuse_ver(struct rtw89_dev *rtwdev, u8 *ecv) return 0; } EXPORT_SYMBOL(rtw89_read_efuse_ver); + +int rtw89_efuse_read_fw_secure_ax(struct rtw89_dev *rtwdev) +{ + return 0; +} diff --git a/drivers/net/wireless/realtek/rtw89/efuse.h b/drivers/net/wireless/realtek/rtw89/efuse.h index 72416f56a071..a2f6f36e697f 100644 --- a/drivers/net/wireless/realtek/rtw89/efuse.h +++ b/drivers/net/wireless/realtek/rtw89/efuse.h @@ -23,6 +23,7 @@ int rtw89_parse_efuse_map_be(struct rtw89_dev *rtwdev); int rtw89_parse_phycap_map_be(struct rtw89_dev *rtwdev); int rtw89_cnv_efuse_state_be(struct rtw89_dev *rtwdev, bool idle); int rtw89_read_efuse_ver(struct rtw89_dev *rtwdev, u8 *efv); +int rtw89_efuse_read_fw_secure_ax(struct rtw89_dev *rtwdev); int rtw89_efuse_read_fw_secure_be(struct rtw89_dev *rtwdev); #endif diff --git a/drivers/net/wireless/realtek/rtw89/efuse_be.c b/drivers/net/wireless/realtek/rtw89/efuse_be.c index 0be26d5fdf7c..756aaf886af9 100644 --- a/drivers/net/wireless/realtek/rtw89/efuse_be.c +++ b/drivers/net/wireless/realtek/rtw89/efuse_be.c @@ -559,4 +559,3 @@ int rtw89_efuse_read_fw_secure_be(struct rtw89_dev *rtwdev) return 0; } -EXPORT_SYMBOL(rtw89_efuse_read_fw_secure_be); diff --git a/drivers/net/wireless/realtek/rtw89/mac.c b/drivers/net/wireless/realtek/rtw89/mac.c index 588e2b96bf43..7ed29bc69009 100644 --- a/drivers/net/wireless/realtek/rtw89/mac.c +++ b/drivers/net/wireless/realtek/rtw89/mac.c @@ -1444,6 +1444,7 @@ void rtw89_mac_notify_wake(struct rtw89_dev *rtwdev) static int rtw89_mac_power_switch(struct rtw89_dev *rtwdev, bool on) { #define PWR_ACT 1 + const struct rtw89_mac_gen_def *mac = rtwdev->chip->mac_def; const struct rtw89_chip_info *chip = rtwdev->chip; const struct rtw89_pwr_cfg * const *cfg_seq; int (*cfg_func)(struct rtw89_dev *rtwdev); @@ -1472,6 +1473,9 @@ static int rtw89_mac_power_switch(struct rtw89_dev *rtwdev, bool on) return ret; if (on) { + if (!test_bit(RTW89_FLAG_PROBE_DONE, rtwdev->flags)) + mac->efuse_read_fw_secure(rtwdev); + set_bit(RTW89_FLAG_POWERON, rtwdev->flags); set_bit(RTW89_FLAG_DMAC_FUNC, rtwdev->flags); set_bit(RTW89_FLAG_CMAC0_FUNC, rtwdev->flags); @@ -6673,6 +6677,7 @@ const struct rtw89_mac_gen_def rtw89_mac_gen_ax = { .parse_efuse_map = rtw89_parse_efuse_map_ax, .parse_phycap_map = rtw89_parse_phycap_map_ax, .cnv_efuse_state = rtw89_cnv_efuse_state_ax, + .efuse_read_fw_secure = rtw89_efuse_read_fw_secure_ax, .cfg_plt = rtw89_mac_cfg_plt_ax, .get_plt_cnt = rtw89_mac_get_plt_cnt_ax, diff --git a/drivers/net/wireless/realtek/rtw89/mac.h b/drivers/net/wireless/realtek/rtw89/mac.h index 721fa3b4f82b..4d4b505e3bc9 100644 --- a/drivers/net/wireless/realtek/rtw89/mac.h +++ b/drivers/net/wireless/realtek/rtw89/mac.h @@ -988,6 +988,7 @@ struct rtw89_mac_gen_def { int (*parse_efuse_map)(struct rtw89_dev *rtwdev); int (*parse_phycap_map)(struct rtw89_dev *rtwdev); int (*cnv_efuse_state)(struct rtw89_dev *rtwdev, bool idle); + int (*efuse_read_fw_secure)(struct rtw89_dev *rtwdev); int (*cfg_plt)(struct rtw89_dev *rtwdev, struct rtw89_mac_ax_plt *plt); u16 (*get_plt_cnt)(struct rtw89_dev *rtwdev, u8 band); diff --git a/drivers/net/wireless/realtek/rtw89/mac_be.c b/drivers/net/wireless/realtek/rtw89/mac_be.c index 30943462640f..e0d7cf9fd7ee 100644 --- a/drivers/net/wireless/realtek/rtw89/mac_be.c +++ b/drivers/net/wireless/realtek/rtw89/mac_be.c @@ -2603,6 +2603,7 @@ const struct rtw89_mac_gen_def rtw89_mac_gen_be = { .parse_efuse_map = rtw89_parse_efuse_map_be, .parse_phycap_map = rtw89_parse_phycap_map_be, .cnv_efuse_state = rtw89_cnv_efuse_state_be, + .efuse_read_fw_secure = rtw89_efuse_read_fw_secure_be, .cfg_plt = rtw89_mac_cfg_plt_be, .get_plt_cnt = rtw89_mac_get_plt_cnt_be, diff --git a/drivers/net/wireless/realtek/rtw89/rtw8922a.c b/drivers/net/wireless/realtek/rtw89/rtw8922a.c index 27069a55e368..f17cb1204f80 100644 --- a/drivers/net/wireless/realtek/rtw89/rtw8922a.c +++ b/drivers/net/wireless/realtek/rtw89/rtw8922a.c @@ -399,9 +399,6 @@ static int rtw8922a_pwr_on_func(struct rtw89_dev *rtwdev) rtw89_write32_set(rtwdev, R_BE_FEN_RST_ENABLE, B_BE_FEN_BB_IP_RSTN | B_BE_FEN_BBPLAT_RSTB); - if (!test_bit(RTW89_FLAG_PROBE_DONE, rtwdev->flags)) - rtw89_efuse_read_fw_secure_be(rtwdev); - return 0; } From patchwork Wed Oct 30 02:21:30 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ping-Ke Shih X-Patchwork-Id: 839845 Received: from rtits2.realtek.com.tw (rtits2.realtek.com [211.75.126.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 5E4C5194C9D for ; Wed, 30 Oct 2024 02:22:15 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=211.75.126.72 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730254939; cv=none; b=h27Po0PrJbUEtPlUlbgrD9bRZjOf5rXvfL6lba16ZRv5MMz40WqnaF0gAryKX7sNlNky5HnOC+yAg+t6CsxIDWU+nCZdC4axfJWUfdfp1aGrwyxq8v9/6DQWAYZzSIyEEmhPqgE05kPCc2OQWQ8IJVQ+QvtkUT744fYRrrKU+nA= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730254939; c=relaxed/simple; bh=DNKY0IYgldnjYjNegYbj4hXZR1xxt7HysA5Msp3yxkc=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=HsEj7bFThvpRzsl32MsE9udrRUnzCpLMYIH58PtaTOvp22Nxry0APtVCHDKf8BJgmC1LSQbX0ZbVMjGS9Hr+3TudipLHxAJqOm3Tzmi4662CyM/flhkthYTvU5pcA9OUvpnfQqc8UaejoyRgtrQV86P3oQwOp4Op3YtXd4p/Ij8= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=realtek.com; spf=pass smtp.mailfrom=realtek.com; dkim=temperror (0-bit key) header.d=realtek.com header.i=@realtek.com header.b=HjccAN+Q; arc=none smtp.client-ip=211.75.126.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=realtek.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=realtek.com Authentication-Results: smtp.subspace.kernel.org; dkim=temperror (0-bit key) header.d=realtek.com header.i=@realtek.com header.b="HjccAN+Q" X-SpamFilter-By: ArmorX SpamTrap 5.78 with qID 49U2MEMB03310598, This message is accepted by code: ctloc85258 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=realtek.com; s=dkim; t=1730254934; bh=DNKY0IYgldnjYjNegYbj4hXZR1xxt7HysA5Msp3yxkc=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Transfer-Encoding:Content-Type; b=HjccAN+Qa1a/p5JwuNc2mnqrWBdExdjRZsbosoRKXAamDbm/u7vJOsT64EZrghBSR zTMqPOn2frXYvVAjpizg/FrLn5dhSpsQ/9BTvoF4R5Hxddg5aYV8TyZr5B6L2hQe2r 9TWrKOj5F9NhgSjp8Rn5u8J30EA24XVuN4+EAO3WAYl6+X1RK9QaLK+VJN3bEU3IQa xcHoeWCDa4mjrsALppbFp6f5vHIBId7wZtlD+IG0bU5gJNjWGFRDBJY3XgseC9sKJc 27wvuVND+MWdA8fZKnOgr9LiI05bzgZ8GF6fZyWnbW8hwvVplDqFnxPWxHwrAUCO7R WGBwcL9p5ryYw== Received: from mail.realtek.com (rtexh36506.realtek.com.tw[172.21.6.27]) by rtits2.realtek.com.tw (8.15.2/3.06/5.92) with ESMTPS id 49U2MEMB03310598 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Wed, 30 Oct 2024 10:22:14 +0800 Received: from RTEXMBS04.realtek.com.tw (172.21.6.97) by RTEXH36506.realtek.com.tw (172.21.6.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.39; Wed, 30 Oct 2024 10:22:14 +0800 Received: from [127.0.1.1] (172.21.69.94) by RTEXMBS04.realtek.com.tw (172.21.6.97) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 30 Oct 2024 10:22:13 +0800 From: Ping-Ke Shih To: Subject: [PATCH 3/8] wifi: rtw89: efuse: read firmware secure info v0 from efuse for WiFi 6 chips Date: Wed, 30 Oct 2024 10:21:30 +0800 Message-ID: <20241030022135.11688-4-pkshih@realtek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241030022135.11688-1-pkshih@realtek.com> References: <20241030022135.11688-1-pkshih@realtek.com> Precedence: bulk X-Mailing-List: linux-wireless@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: RTEXMBS02.realtek.com.tw (172.21.6.95) To RTEXMBS04.realtek.com.tw (172.21.6.97) WiFi 6 chips could program secure information in v0 or v1 format. Use existing v1 parser or newly added v0 parser to recognize firmware key that is going to be used. Signed-off-by: Ping-Ke Shih --- drivers/net/wireless/realtek/rtw89/core.h | 5 +- drivers/net/wireless/realtek/rtw89/efuse.c | 86 ++++++++++++++++++++++ 2 files changed, 90 insertions(+), 1 deletion(-) diff --git a/drivers/net/wireless/realtek/rtw89/core.h b/drivers/net/wireless/realtek/rtw89/core.h index 5fa59cd138c1..ccee011c9975 100644 --- a/drivers/net/wireless/realtek/rtw89/core.h +++ b/drivers/net/wireless/realtek/rtw89/core.h @@ -4516,11 +4516,14 @@ enum rtw89_fw_mss_dev_type { }; struct rtw89_fw_secure { - bool secure_boot; + bool secure_boot: 1; + bool can_mss_v1: 1; + bool can_mss_v0: 1; u32 sb_sel_mgn; u8 mss_dev_type; u8 mss_cust_idx; u8 mss_key_num; + u8 mss_idx; /* v0 */ }; struct rtw89_fw_info { diff --git a/drivers/net/wireless/realtek/rtw89/efuse.c b/drivers/net/wireless/realtek/rtw89/efuse.c index a02b04eecd05..6c6c763510af 100644 --- a/drivers/net/wireless/realtek/rtw89/efuse.c +++ b/drivers/net/wireless/realtek/rtw89/efuse.c @@ -16,6 +16,20 @@ #define EFUSE_B2_MSSKEYNUM_MASK GENMASK(3, 0) #define EFUSE_B2_MSSCUSTIDX1_MASK BIT(6) +#define EFUSE_EXTERNALPN_ADDR_AX 0x5EC +#define EFUSE_CUSTOMER_ADDR_AX 0x5ED +#define EFUSE_SERIALNUM_ADDR_AX 0x5ED + +#define EFUSE_B1_EXTERNALPN_MASK GENMASK(7, 0) +#define EFUSE_B2_CUSTOMER_MASK GENMASK(3, 0) +#define EFUSE_B2_SERIALNUM_MASK GENMASK(6, 4) + +#define OTP_KEY_INFO_NUM 2 + +static const u8 otp_key_info_externalPN[OTP_KEY_INFO_NUM] = {0x0, 0x0}; +static const u8 otp_key_info_customer[OTP_KEY_INFO_NUM] = {0x0, 0x1}; +static const u8 otp_key_info_serialNum[OTP_KEY_INFO_NUM] = {0x0, 0x1}; + enum rtw89_efuse_bank { RTW89_EFUSE_BANK_WIFI, RTW89_EFUSE_BANK_BT, @@ -397,24 +411,96 @@ static u8 get_mss_dev_type_idx(struct rtw89_dev *rtwdev, u8 mss_dev_type) int rtw89_efuse_recognize_mss_info_v1(struct rtw89_dev *rtwdev, u8 b1, u8 b2) { + const struct rtw89_chip_info *chip = rtwdev->chip; struct rtw89_fw_secure *sec = &rtwdev->fw.sec; u8 mss_dev_type; + if (chip->chip_id == RTL8852B && b1 == 0xFF && b2 == 0x6E) { + mss_dev_type = MSS_DEV_TYPE_FWSEC_NONLIN_INBOX_NON_COB; + sec->mss_cust_idx = 0; + sec->mss_key_num = 0; + + goto mss_dev_type; + } + mss_dev_type = u8_get_bits(b1, EFUSE_B1_MSSDEVTYPE_MASK); sec->mss_cust_idx = 0x1F - (u8_get_bits(b1, EFUSE_B1_MSSCUSTIDX0_MASK) | u8_get_bits(b2, EFUSE_B2_MSSCUSTIDX1_MASK) << 4); sec->mss_key_num = 0xF - u8_get_bits(b2, EFUSE_B2_MSSKEYNUM_MASK); +mss_dev_type: sec->mss_dev_type = get_mss_dev_type_idx(rtwdev, mss_dev_type); if (sec->mss_dev_type == RTW89_FW_MSS_DEV_TYPE_FWSEC_INV) { rtw89_warn(rtwdev, "invalid mss_dev_type %d\n", mss_dev_type); return -ENOENT; } + sec->can_mss_v1 = true; + return 0; } +static +int rtw89_efuse_recognize_mss_index_v0(struct rtw89_dev *rtwdev, u8 b1, u8 b2) +{ + struct rtw89_fw_secure *sec = &rtwdev->fw.sec; + u8 externalPN; + u8 serialNum; + u8 customer; + u8 i; + + externalPN = 0xFF - u8_get_bits(b1, EFUSE_B1_EXTERNALPN_MASK); + customer = 0xF - u8_get_bits(b2, EFUSE_B2_CUSTOMER_MASK); + serialNum = 0x7 - u8_get_bits(b2, EFUSE_B2_SERIALNUM_MASK); + + for (i = 0; i < OTP_KEY_INFO_NUM; i++) { + if (externalPN == otp_key_info_externalPN[i] && + customer == otp_key_info_customer[i] && + serialNum == otp_key_info_serialNum[i]) { + sec->mss_idx = i; + sec->can_mss_v0 = true; + return 0; + } + } + + return -ENOENT; +} + int rtw89_efuse_read_fw_secure_ax(struct rtw89_dev *rtwdev) { + struct rtw89_fw_secure *sec = &rtwdev->fw.sec; + u32 sec_addr = EFUSE_EXTERNALPN_ADDR_AX; + u32 sec_size = 2; + u8 sec_map[2]; + u8 b1, b2; + int ret; + + ret = rtw89_dump_physical_efuse_map(rtwdev, sec_map, + sec_addr, sec_size, false); + if (ret) { + rtw89_warn(rtwdev, "failed to dump secsel map\n"); + return ret; + } + + b1 = sec_map[0]; + b2 = sec_map[1]; + + if (b1 == 0xFF && b2 == 0xFF) + return 0; + + rtw89_efuse_recognize_mss_index_v0(rtwdev, b1, b2); + rtw89_efuse_recognize_mss_info_v1(rtwdev, b1, b2); + if (!sec->can_mss_v1 && !sec->can_mss_v0) + goto out; + + sec->secure_boot = true; + +out: + rtw89_debug(rtwdev, RTW89_DBG_FW, + "MSS secure_boot=%d(%d/%d) dev_type=%d cust_idx=%d key_num=%d mss_index=%d\n", + sec->secure_boot, sec->can_mss_v0, sec->can_mss_v1, + sec->mss_dev_type, sec->mss_cust_idx, + sec->mss_key_num, sec->mss_idx); + return 0; } From patchwork Wed Oct 30 02:21:32 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ping-Ke Shih X-Patchwork-Id: 839844 Received: from rtits2.realtek.com.tw (rtits2.realtek.com [211.75.126.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3329A199385 for ; Wed, 30 Oct 2024 02:22:22 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=211.75.126.72 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730254944; cv=none; b=Zu0LH37ivsAzo+Llu+bzZFWxhmPtqoQSN5TwLomH9/zL9b54eyJjZ6SAwrbHoglkLT4l8hFB75nIxDb9bnf1J9gehpdARC7Hq8Hh90NOOvgugfVdsvn3zJU90LVGWXy8kC+ioYnvHN4q5cRZr+JEI9uAdARs9WGUt5EBeHmyNAc= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730254944; c=relaxed/simple; bh=xjm6UDYOibqFsQb4645RGcN0B/lZHEDj2fle07zwuFU=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=AhpqyFC07cT1mACsRM0cUGNWMQDb9tBSRPVbeS010IZrdzgG1RnfL9Xy7UMlECR/y7PPB+YMMfcljxA2GYW7F3W9CLX8nFgRc1+tj9kSOURaE0ERkZGanJlDzFep8LRZ7J2AFTf4k9i3pAl4xmtZ8VjLC2cP1zBO5Gpo0XLCT48= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=realtek.com; spf=pass smtp.mailfrom=realtek.com; dkim=temperror (0-bit key) header.d=realtek.com header.i=@realtek.com header.b=TxsUOq+3; arc=none smtp.client-ip=211.75.126.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=realtek.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=realtek.com Authentication-Results: smtp.subspace.kernel.org; dkim=temperror (0-bit key) header.d=realtek.com header.i=@realtek.com header.b="TxsUOq+3" X-SpamFilter-By: ArmorX SpamTrap 5.78 with qID 49U2MKAl83310645, This message is accepted by code: ctloc85258 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=realtek.com; s=dkim; t=1730254940; bh=xjm6UDYOibqFsQb4645RGcN0B/lZHEDj2fle07zwuFU=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Transfer-Encoding:Content-Type; b=TxsUOq+34MDTxU5tizBKhPB5o9gnYLxWB/y85ghWUx88yZn0dgzj7+4l51YBCjgLj F3lnEr9lPH/Y4DYPB3dr6msUd1dO54asrBD6jPuRdRt6P+n0NN7YxxpZ6T65txRZsb If/LvK6vAZHxey9QzmANldAZEyFekDX8HcJKTdZTOOrBd1193/k93c1q75lbiYcHLe I3r5CusHMtMjDLTsOB95l+Gkt9LMYruhcCqRaKysUsUr8toD9msBz7cwNnggQo35RT l8QK0XnJZnJ8sMdM8U1ZcxPoZhYtw0kpaK1c6lRQmn27ydoZn/ed96B5FHWXadA7Zg xlvK6tLYOmp5w== Received: from mail.realtek.com (rtexh36505.realtek.com.tw[172.21.6.25]) by rtits2.realtek.com.tw (8.15.2/3.06/5.92) with ESMTPS id 49U2MKAl83310645 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Wed, 30 Oct 2024 10:22:20 +0800 Received: from RTEXMBS04.realtek.com.tw (172.21.6.97) by RTEXH36505.realtek.com.tw (172.21.6.25) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.39; Wed, 30 Oct 2024 10:22:20 +0800 Received: from [127.0.1.1] (172.21.69.94) by RTEXMBS04.realtek.com.tw (172.21.6.97) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 30 Oct 2024 10:22:20 +0800 From: Ping-Ke Shih To: Subject: [PATCH 5/8] wifi: rtw89: fw: set recorded IDMEM share mode in firmware header to register Date: Wed, 30 Oct 2024 10:21:32 +0800 Message-ID: <20241030022135.11688-6-pkshih@realtek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241030022135.11688-1-pkshih@realtek.com> References: <20241030022135.11688-1-pkshih@realtek.com> Precedence: bulk X-Mailing-List: linux-wireless@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: RTEXMBS02.realtek.com.tw (172.21.6.95) To RTEXMBS04.realtek.com.tw (172.21.6.97) For WiFi 6 chips, firmware secure boot will run on a IDMEM mode specified in firmware header. Retrieve the mode from firmware, and set to registers accordingly. Signed-off-by: Ping-Ke Shih --- drivers/net/wireless/realtek/rtw89/fw.c | 4 ++++ drivers/net/wireless/realtek/rtw89/fw.h | 3 +++ drivers/net/wireless/realtek/rtw89/mac.c | 15 +++++++++++++++ drivers/net/wireless/realtek/rtw89/mac.h | 11 +++++++++++ drivers/net/wireless/realtek/rtw89/mac_be.c | 1 + drivers/net/wireless/realtek/rtw89/reg.h | 2 ++ 6 files changed, 36 insertions(+) diff --git a/drivers/net/wireless/realtek/rtw89/fw.c b/drivers/net/wireless/realtek/rtw89/fw.c index 0af0e539e976..0b2987bd662e 100644 --- a/drivers/net/wireless/realtek/rtw89/fw.c +++ b/drivers/net/wireless/realtek/rtw89/fw.c @@ -141,6 +141,7 @@ static int rtw89_fw_hdr_parser_v0(struct rtw89_dev *rtwdev, const u8 *fw, u32 le info->section_num = le32_get_bits(fw_hdr->w6, FW_HDR_W6_SEC_NUM); base_hdr_len = struct_size(fw_hdr, sections, info->section_num); info->dynamic_hdr_en = le32_get_bits(fw_hdr->w7, FW_HDR_W7_DYN_HDR); + info->idmem_share_mode = le32_get_bits(fw_hdr->w7, FW_HDR_W7_IDMEM_SHARE_MODE); if (info->dynamic_hdr_en) { info->hdr_len = le32_get_bits(fw_hdr->w3, FW_HDR_W3_LEN); @@ -366,6 +367,7 @@ static int rtw89_fw_hdr_parser_v1(struct rtw89_dev *rtwdev, const u8 *fw, u32 le info->dsp_checksum = le32_get_bits(fw_hdr->w6, FW_HDR_V1_W6_DSP_CHKSUM); base_hdr_len = struct_size(fw_hdr, sections, info->section_num); info->dynamic_hdr_en = le32_get_bits(fw_hdr->w7, FW_HDR_V1_W7_DYN_HDR); + info->idmem_share_mode = le32_get_bits(fw_hdr->w7, FW_HDR_V1_W7_IDMEM_SHARE_MODE); if (info->dynamic_hdr_en) { info->hdr_len = le32_get_bits(fw_hdr->w5, FW_HDR_V1_W5_HDR_SIZE); @@ -1455,6 +1457,8 @@ static int rtw89_fw_download_suit(struct rtw89_dev *rtwdev, return ret; } + rtw89_fwdl_secure_idmem_share_mode(rtwdev, info.idmem_share_mode); + if (rtwdev->chip->chip_id == RTL8922A && (fw_suit->type == RTW89_FW_NORMAL || fw_suit->type == RTW89_FW_WOWLAN)) rtw89_write32(rtwdev, R_BE_SECURE_BOOT_MALLOC_INFO, 0x20248000); diff --git a/drivers/net/wireless/realtek/rtw89/fw.h b/drivers/net/wireless/realtek/rtw89/fw.h index 83fcd5edc057..bd7680264849 100644 --- a/drivers/net/wireless/realtek/rtw89/fw.h +++ b/drivers/net/wireless/realtek/rtw89/fw.h @@ -276,6 +276,7 @@ struct rtw89_fw_bin_info { u32 hdr_len; bool dynamic_hdr_en; u32 dynamic_hdr_len; + u8 idmem_share_mode; bool dsp_checksum; bool secure_section_exist; struct rtw89_fw_hdr_section_info section_info[FWDL_SECTION_MAX_NUM]; @@ -564,6 +565,7 @@ struct rtw89_fw_hdr { #define FW_HDR_W6_SEC_NUM GENMASK(15, 8) #define FW_HDR_W7_PART_SIZE GENMASK(15, 0) #define FW_HDR_W7_DYN_HDR BIT(16) +#define FW_HDR_W7_IDMEM_SHARE_MODE GENMASK(21, 18) #define FW_HDR_W7_CMD_VERSERION GENMASK(31, 24) struct rtw89_fw_hdr_section_v1 { @@ -616,6 +618,7 @@ struct rtw89_fw_hdr_v1 { #define FW_HDR_V1_W6_DSP_CHKSUM BIT(24) #define FW_HDR_V1_W7_PART_SIZE GENMASK(15, 0) #define FW_HDR_V1_W7_DYN_HDR BIT(16) +#define FW_HDR_V1_W7_IDMEM_SHARE_MODE GENMASK(21, 18) enum rtw89_fw_mss_pool_rmp_tbl_type { MSS_POOL_RMP_TBL_BITMASK = 0x0, diff --git a/drivers/net/wireless/realtek/rtw89/mac.c b/drivers/net/wireless/realtek/rtw89/mac.c index 7ed29bc69009..8985bd8fa38f 100644 --- a/drivers/net/wireless/realtek/rtw89/mac.c +++ b/drivers/net/wireless/realtek/rtw89/mac.c @@ -6621,6 +6621,20 @@ int rtw89_fwdl_check_path_ready_ax(struct rtw89_dev *rtwdev, rtwdev, R_AX_WCPU_FW_CTRL); } +static +void rtw89_fwdl_secure_idmem_share_mode_ax(struct rtw89_dev *rtwdev, u8 mode) +{ + struct rtw89_fw_secure *sec = &rtwdev->fw.sec; + + if (!sec->secure_boot) + return; + + rtw89_write32_mask(rtwdev, R_AX_WCPU_FW_CTRL, + B_AX_IDMEM_SHARE_MODE_RECORD_MASK, mode); + rtw89_write32_set(rtwdev, R_AX_WCPU_FW_CTRL, + B_AX_IDMEM_SHARE_MODE_RECORD_VALID); +} + const struct rtw89_mac_gen_def rtw89_mac_gen_ax = { .band1_offset = RTW89_MAC_AX_BAND_REG_OFFSET, .filter_model_addr = R_AX_FILTER_MODEL_ADDR, @@ -6674,6 +6688,7 @@ const struct rtw89_mac_gen_def rtw89_mac_gen_ax = { .fwdl_enable_wcpu = rtw89_mac_enable_cpu_ax, .fwdl_get_status = rtw89_fw_get_rdy_ax, .fwdl_check_path_ready = rtw89_fwdl_check_path_ready_ax, + .fwdl_secure_idmem_share_mode = rtw89_fwdl_secure_idmem_share_mode_ax, .parse_efuse_map = rtw89_parse_efuse_map_ax, .parse_phycap_map = rtw89_parse_phycap_map_ax, .cnv_efuse_state = rtw89_cnv_efuse_state_ax, diff --git a/drivers/net/wireless/realtek/rtw89/mac.h b/drivers/net/wireless/realtek/rtw89/mac.h index 4d4b505e3bc9..18579c020548 100644 --- a/drivers/net/wireless/realtek/rtw89/mac.h +++ b/drivers/net/wireless/realtek/rtw89/mac.h @@ -985,6 +985,7 @@ struct rtw89_mac_gen_def { bool dlfw, bool include_bb); u8 (*fwdl_get_status)(struct rtw89_dev *rtwdev, enum rtw89_fwdl_check_type type); int (*fwdl_check_path_ready)(struct rtw89_dev *rtwdev, bool h2c_or_fwdl); + void (*fwdl_secure_idmem_share_mode)(struct rtw89_dev *rtwdev, u8 mode); int (*parse_efuse_map)(struct rtw89_dev *rtwdev); int (*parse_phycap_map)(struct rtw89_dev *rtwdev); int (*cnv_efuse_state)(struct rtw89_dev *rtwdev, bool idle); @@ -1495,4 +1496,14 @@ int rtw89_mac_get_dle_rsvd_qt_cfg(struct rtw89_dev *rtwdev, struct rtw89_mac_dle_rsvd_qt_cfg *cfg); int rtw89_mac_cpu_io_rx(struct rtw89_dev *rtwdev, bool wow_enable); +static inline +void rtw89_fwdl_secure_idmem_share_mode(struct rtw89_dev *rtwdev, u8 mode) +{ + const struct rtw89_mac_gen_def *mac = rtwdev->chip->mac_def; + + if (!mac->fwdl_secure_idmem_share_mode) + return; + + return mac->fwdl_secure_idmem_share_mode(rtwdev, mode); +} #endif diff --git a/drivers/net/wireless/realtek/rtw89/mac_be.c b/drivers/net/wireless/realtek/rtw89/mac_be.c index e0d7cf9fd7ee..f7a396c8a3cd 100644 --- a/drivers/net/wireless/realtek/rtw89/mac_be.c +++ b/drivers/net/wireless/realtek/rtw89/mac_be.c @@ -2600,6 +2600,7 @@ const struct rtw89_mac_gen_def rtw89_mac_gen_be = { .fwdl_enable_wcpu = rtw89_mac_fwdl_enable_wcpu_be, .fwdl_get_status = fwdl_get_status_be, .fwdl_check_path_ready = rtw89_fwdl_check_path_ready_be, + .fwdl_secure_idmem_share_mode = NULL, .parse_efuse_map = rtw89_parse_efuse_map_be, .parse_phycap_map = rtw89_parse_phycap_map_be, .cnv_efuse_state = rtw89_cnv_efuse_state_be, diff --git a/drivers/net/wireless/realtek/rtw89/reg.h b/drivers/net/wireless/realtek/rtw89/reg.h index 69678eab2309..18ec7c0252fb 100644 --- a/drivers/net/wireless/realtek/rtw89/reg.h +++ b/drivers/net/wireless/realtek/rtw89/reg.h @@ -196,6 +196,8 @@ #define R_AX_HALT_C2H 0x016C #define R_AX_WCPU_FW_CTRL 0x01E0 +#define B_AX_IDMEM_SHARE_MODE_RECORD_MASK GENMASK(27, 24) +#define B_AX_IDMEM_SHARE_MODE_RECORD_VALID BIT(23) #define B_AX_WCPU_FWDL_STS_MASK GENMASK(7, 5) #define B_AX_FWDL_PATH_RDY BIT(2) #define B_AX_H2C_PATH_RDY BIT(1) From patchwork Wed Oct 30 02:21:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Ping-Ke Shih X-Patchwork-Id: 839843 Received: from rtits2.realtek.com.tw (rtits2.realtek.com [211.75.126.72]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 6DA961C3F0E for ; Wed, 30 Oct 2024 02:22:28 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=211.75.126.72 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730254951; cv=none; b=t4m53tRgzIf0aTjyRr7ANCXG/+ivHKlgMN9nydprzFn5v3AA/4uv0W7/HvgZayBxio3boRYaxbhP0GMRVFMj28svJaeHoFdlmHCHNxvUnzK0CYKW4sh2jNa7GiAHOE/bO9nhNMD5DTBUyBvfxuPMT7kXYlB/RiWK41QQ0HfOjp8= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1730254951; c=relaxed/simple; bh=XZTUvMw2l2n+sK3BClZ3FYDOBZYSgRJhN2eBLe7BF9A=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Ts8Z+5J6W+6ze4UU1XLPFrp3KfHHAW0JLIjLLfSORXcMnNpZpFWWONjnVS86J3TRsQFT4pY6taIdXVNOhc5v4KpPLY4D5xcJZYpYtVgaK4KQeZ9jHgPdyFx6JVphhBknmoFgrgUKsPKMMPYtHASThMecW/IWvUPaPcvDrXeFjzY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=realtek.com; spf=pass smtp.mailfrom=realtek.com; dkim=temperror (0-bit key) header.d=realtek.com header.i=@realtek.com header.b=l/R9hW9+; arc=none smtp.client-ip=211.75.126.72 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=realtek.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=realtek.com Authentication-Results: smtp.subspace.kernel.org; dkim=temperror (0-bit key) header.d=realtek.com header.i=@realtek.com header.b="l/R9hW9+" X-SpamFilter-By: ArmorX SpamTrap 5.78 with qID 49U2MRZz83310671, This message is accepted by code: ctloc85258 DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=realtek.com; s=dkim; t=1730254947; bh=XZTUvMw2l2n+sK3BClZ3FYDOBZYSgRJhN2eBLe7BF9A=; h=From:To:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Transfer-Encoding:Content-Type; b=l/R9hW9+0iKa+rePw+cjwQm0WbPFYQwJqCFMR1htdCXfhRikLX8tkaC8IB3uxf0u/ nUauVgFxdL2olxaELqrlaNn3+J7RxoEqqdwEM5dXCnovcFaKKrZLi0EF9MuEl7db58 TGfe6jpzA+LsV7qx+WoTJz6i1mzzDfJtC/JTbkNJmdHRL3C0iUScUBry6gAlpVT/Ey y8ky5HmzH2igd3xSRKkunggDfstfHwI5eLwgDRBE1KKbazZ3UGBVl+v9bqfy+I4+5j 49yiPJ/1nRoS5Sn9YOAtd8zh1CEEXBszexlTdVnNbOj7QnYd9Y4RsABOSGVJR6FJkX r6burQV0SBcyg== Received: from mail.realtek.com (rtexh36506.realtek.com.tw[172.21.6.27]) by rtits2.realtek.com.tw (8.15.2/3.06/5.92) with ESMTPS id 49U2MRZz83310671 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK) for ; Wed, 30 Oct 2024 10:22:27 +0800 Received: from RTEXMBS04.realtek.com.tw (172.21.6.97) by RTEXH36506.realtek.com.tw (172.21.6.27) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.39; Wed, 30 Oct 2024 10:22:27 +0800 Received: from [127.0.1.1] (172.21.69.94) by RTEXMBS04.realtek.com.tw (172.21.6.97) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.1.2507.35; Wed, 30 Oct 2024 10:22:26 +0800 From: Ping-Ke Shih To: Subject: [PATCH 7/8] wifi: rtw89: fw: use common function to parse security section for WiFi 6 chips Date: Wed, 30 Oct 2024 10:21:34 +0800 Message-ID: <20241030022135.11688-8-pkshih@realtek.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: <20241030022135.11688-1-pkshih@realtek.com> References: <20241030022135.11688-1-pkshih@realtek.com> Precedence: bulk X-Mailing-List: linux-wireless@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 X-ClientProxiedBy: RTEXMBS02.realtek.com.tw (172.21.6.95) To RTEXMBS04.realtek.com.tw (172.21.6.97) The MSSC (multiple security section count) can be regular number (shown in below figure) or 0xFF (supported already). For WiFi 7 or newer WiFi 6 chips, the MSSC will be 0xFF. But early WiFi 6 chip such as RTL8852B could be either one of the cases. Extend __parse_security_section() to support both with/without secure boot mode accordingly. +---------------------------+ -\ | firmware header | | | | | | +-----------------------+ | | | | section type/size * N | | | | +-----------------------+ | | +---------------------------+ -/ : : +---------------------------+ -\ | secure section type (ID:9)| | | | | +----|-> [ security key data ] | | | +---------------------------+ -/ | |MSS Pool for above section | | | [ security key data 1 ] | +----|- [ security key data 2 ] | by mss_idx | [ security key data 3 ] | | ... M | * M = MSSC (MSSC != 0xFF) +---------------------------+ Signed-off-by: Ping-Ke Shih --- drivers/net/wireless/realtek/rtw89/fw.c | 57 +++++++++++++++++++------ drivers/net/wireless/realtek/rtw89/fw.h | 1 + 2 files changed, 46 insertions(+), 12 deletions(-) diff --git a/drivers/net/wireless/realtek/rtw89/fw.c b/drivers/net/wireless/realtek/rtw89/fw.c index 4229065e07e8..538622c29e42 100644 --- a/drivers/net/wireless/realtek/rtw89/fw.c +++ b/drivers/net/wireless/realtek/rtw89/fw.c @@ -56,6 +56,11 @@ static void rtw89_fw_c2h_cmd_handle(struct rtw89_dev *rtwdev, struct sk_buff *skb); static int rtw89_h2c_tx_and_wait(struct rtw89_dev *rtwdev, struct sk_buff *skb, struct rtw89_wait_info *wait, unsigned int cond); +static int __parse_security_section(struct rtw89_dev *rtwdev, + struct rtw89_fw_bin_info *info, + struct rtw89_fw_hdr_section_info *section_info, + const void *content, + u32 *mssc_len); static struct sk_buff *rtw89_fw_h2c_alloc_skb(struct rtw89_dev *rtwdev, u32 len, bool header) @@ -132,7 +137,8 @@ static int rtw89_fw_hdr_parser_v0(struct rtw89_dev *rtwdev, const u8 *fw, u32 le const u8 *fw_end = fw + len; const u8 *bin; u32 base_hdr_len; - u32 mssc_len = 0; + u32 mssc_len; + int ret; u32 i; if (!info) @@ -164,29 +170,47 @@ static int rtw89_fw_hdr_parser_v0(struct rtw89_dev *rtwdev, const u8 *fw, u32 le section = &fw_hdr->sections[i]; section_info->type = le32_get_bits(section->w1, FWSECTION_HDR_W1_SECTIONTYPE); + section_info->len = le32_get_bits(section->w1, FWSECTION_HDR_W1_SEC_SIZE); + + if (le32_get_bits(section->w1, FWSECTION_HDR_W1_CHECKSUM)) + section_info->len += FWDL_SECTION_CHKSUM_LEN; + section_info->redl = le32_get_bits(section->w1, FWSECTION_HDR_W1_REDL); + section_info->dladdr = + le32_get_bits(section->w0, FWSECTION_HDR_W0_DL_ADDR) & 0x1fffffff; + section_info->addr = bin; + if (section_info->type == FWDL_SECURITY_SECTION_TYPE) { section_info->mssc = le32_get_bits(section->w2, FWSECTION_HDR_W2_MSSC); - mssc_len += section_info->mssc * FWDL_SECURITY_SIGLEN; + + ret = __parse_security_section(rtwdev, info, section_info, + bin, &mssc_len); + if (ret) + return ret; if (sec->secure_boot && chip->chip_id == RTL8852B) section_info->len_override = 960; } else { section_info->mssc = 0; + mssc_len = 0; } - section_info->len = le32_get_bits(section->w1, FWSECTION_HDR_W1_SEC_SIZE); - if (le32_get_bits(section->w1, FWSECTION_HDR_W1_CHECKSUM)) - section_info->len += FWDL_SECTION_CHKSUM_LEN; - section_info->redl = le32_get_bits(section->w1, FWSECTION_HDR_W1_REDL); - section_info->dladdr = - le32_get_bits(section->w0, FWSECTION_HDR_W0_DL_ADDR) & 0x1fffffff; - section_info->addr = bin; - bin += section_info->len; + rtw89_debug(rtwdev, RTW89_DBG_FW, + "section[%d] type=%d len=0x%-6x mssc=%d mssc_len=%d addr=%tx\n", + i, section_info->type, section_info->len, + section_info->mssc, mssc_len, bin - fw); + rtw89_debug(rtwdev, RTW89_DBG_FW, + " ignore=%d key_addr=%p (0x%tx) key_len=%d key_idx=%d\n", + section_info->ignore, section_info->key_addr, + section_info->key_addr ? + section_info->key_addr - section_info->addr : 0, + section_info->key_len, section_info->key_idx); + + bin += section_info->len + mssc_len; section_info++; } - if (fw_end != bin + mssc_len) { + if (fw_end != bin) { rtw89_err(rtwdev, "[ERR]fw bin size\n"); return -EINVAL; } @@ -326,9 +350,10 @@ static int __parse_security_section(struct rtw89_dev *rtwdev, const void *content, u32 *mssc_len) { + struct rtw89_fw_secure *sec = &rtwdev->fw.sec; int ret; - if (section_info->mssc == FORMATTED_MSSC) { + if ((section_info->mssc & FORMATTED_MSSC_MASK) == FORMATTED_MSSC) { ret = __parse_formatted_mssc(rtwdev, info, section_info, content, mssc_len); if (ret) @@ -338,6 +363,14 @@ static int __parse_security_section(struct rtw89_dev *rtwdev, if (info->dsp_checksum) *mssc_len += section_info->mssc * FWDL_SECURITY_CHKSUM_LEN; + if (sec->secure_boot) { + if (sec->mss_idx >= section_info->mssc) + return -EFAULT; + section_info->key_addr = content + section_info->len + + sec->mss_idx * FWDL_SECURITY_SIGLEN; + section_info->key_len = FWDL_SECURITY_SIGLEN; + } + info->secure_section_exist = true; } diff --git a/drivers/net/wireless/realtek/rtw89/fw.h b/drivers/net/wireless/realtek/rtw89/fw.h index bd7680264849..efa63d444821 100644 --- a/drivers/net/wireless/realtek/rtw89/fw.h +++ b/drivers/net/wireless/realtek/rtw89/fw.h @@ -583,6 +583,7 @@ struct rtw89_fw_hdr_section_v1 { #define FWSECTION_HDR_V1_W1_REDL BIT(29) #define FWSECTION_HDR_V1_W2_MSSC GENMASK(7, 0) #define FORMATTED_MSSC 0xFF +#define FORMATTED_MSSC_MASK GENMASK(7, 0) #define FWSECTION_HDR_V1_W2_BBMCU_IDX GENMASK(27, 24) struct rtw89_fw_hdr_v1 {