/* Download either STA or AP firmware into the card. */
static int
orinoco_dl_firmware(struct orinoco_private *priv,
const struct fw_info *fw,
int ap)
{
/* Plug Data Area (PDA) */
__le16 *pda;
struct hermes *hw = &priv->hw;
const struct firmware *fw_entry;
const struct orinoco_fw_header *hdr;
const unsigned char *first_block;
const void *end;
const char *firmware;
const char *fw_err;
struct device *dev = priv->dev;
int err = 0;
pda = kzalloc(fw->pda_size, GFP_KERNEL);
if (!pda)
return -ENOMEM;
if (ap)
firmware = fw->ap_fw;
else
firmware = fw->sta_fw;
dev_dbg(dev, "Attempting to download firmware %s\n", firmware);
/* Read current plug data */
err = hw->ops->read_pda_h(hw, pda, fw->pda_addr, fw->pda_size);
dev_dbg(dev, "Read PDA returned %d\n", err);
if (err)
goto free;
if (!orinoco_cached_fw_get(priv, false)) {
err = request_firmware(&fw_entry, firmware, priv->dev);
if (err) {
dev_err(dev, "Cannot find firmware %s\n", firmware);
err = -ENOENT;
goto free;
}
} else
fw_entry = orinoco_cached_fw_get(priv, false);
hdr = (const struct orinoco_fw_header *) fw_entry->data;
fw_err = validate_fw(hdr, fw_entry->size);
if (fw_err) {
dev_warn(dev, "Invalid firmware image detected (%s). "
"Aborting download\n", fw_err);
err = -EINVAL;
goto abort;
}
/* Enable aux port to allow programming */
err = hw->ops->program_init(hw, le32_to_cpu(hdr->entry_point));
dev_dbg(dev, "Program init returned %d\n", err);
if (err != 0)
goto abort;
/* Program data */
first_block = (fw_entry->data +
le16_to_cpu(hdr->headersize) +
le32_to_cpu(hdr->block_offset));
end = fw_entry->data + fw_entry->size;
err = hermes_program(hw, first_block, end);
dev_dbg(dev, "Program returned %d\n", err);
if (err != 0)
goto abort;
/* Update production data */
first_block = (fw_entry->data +
le16_to_cpu(hdr->headersize) +
le32_to_cpu(hdr->pdr_offset));
err = hermes_apply_pda_with_defaults(hw, first_block, end, pda,
&pda[fw->pda_size / sizeof(*pda)]);
dev_dbg(dev, "Apply PDA returned %d\n", err);
if (err)
goto abort;
/* Tell card we've finished */
err = hw->ops->program_end(hw);
dev_dbg(dev, "Program end returned %d\n", err);
if (err != 0)
goto abort;
/* Check if we're running */
dev_dbg(dev, "hermes_present returned %d\n", hermes_present(hw));
abort:
/* If we requested the firmware, release it. */
if (!orinoco_cached_fw_get(priv, false))
release_firmware(fw_entry);
free:
kfree(pda);
return err;
}
int get_command(pState state){
//magic len command subcommand data checkval
//message is len + 8 (2 magic, 2 len, 4 checkval)
//magic = 0xa55a, short len, short command, var subcommand, var data, int checkval
// unsigned char *buf = malloc(MAX_MESSAGE_LEN+8);
unsigned char buf[MAX_MESSAGE_LEN+8];
unsigned int checkval = 0;
unsigned int calc_checkval = 0;
unsigned short magic = 0;
unsigned short len = 0;
unsigned short command = 0xaa;
unsigned short subcommand = 0xffff;
unsigned short sensorID = 0xffff;
unsigned int sensor_address = 0xffff;
unsigned int coefficient = 0xffff;
unsigned short temp = 0xffff;
unsigned short numSteps = 0xffff;
unsigned short *tempP = NULL;
unsigned short seconds = 0;
pStep steps = NULL;
int ret = -1;
unsigned int fw = 0;
bzero(buf,MAX_MESSAGE_LEN+8);
//get magic
get_bytes(buf ,2);
magic = get_short(buf);
if (magic != MAGIC){
prime_buf(buf);
send(buf,12);
//free(buf);
return 1;
}
//get len
get_bytes(buf+2,2);
len = get_short(buf+2);
//check len
if (len > MAX_MESSAGE_LEN){
prime_buf(buf);
send(buf,12);
//free(buf);
return 1;
}
//get the rest of message except checkval
get_bytes(buf+4, len);
//get checkval
checkval = get_int(buf+len);
//compare to calculated from message
calc_checkval = check_val( buf, len);
if ( checkval != calc_checkval ){
//bad check_val
prime_buf(buf);
send(buf,12);
//free(buf);
return 1;
}
//get command
command = get_short(buf+4);
switch (command) {
case 1:{ //set power state
subcommand = get_short(buf+6);
prime_buf(buf);
if (subcommand == 0x0000){
power_off(state);
}
if (subcommand == 0x0001){
power_on(state);
}
if (subcommand > 0x0001){
//bad subcommand
}
send(buf, 12);
break;
}
case 2:{//set temp
temp = get_short(buf+6);
prime_buf(buf);
if (set_temp(state,temp) == 2){
buf[6] = 1;
}
send(buf, 12);
break;
}
case 3:{ //add sensor
sensorID = get_short(buf+6);
sensor_address = get_int(buf+8);
coefficient = get_int(buf+12);
unsigned int sensorTemp = get_int(buf+16);
//check count < 10 buf[6] = 0x08, sensor_ID is unique/not in use buf[6] = 0x07,
ret = add_sensor(state, sensorID, sensor_address, coefficient, sensorTemp);
prime_buf(buf);
if (ret == 2){buf[6]=0x07;}
if (ret == 3){buf[6]=0x08;}
send(buf, 12);
break;
}
case 4:{ //remove sensor
sensorID = get_short(buf+6);
ret = remove_sensor(state,sensorID);
prime_buf(buf);
if (ret == 1){buf[6]=0x06;}
send(buf, 12);
break;
}
case 5:{ //set smoke sensor
subcommand = get_short(buf+6);
prime_buf(buf);
if (subcommand == 0x0000){
smoke_off(state);
}
if (subcommand == 0x0001){
smoke_on(state);
}
if (subcommand > 0x0001){
//bad subcommand
//no response
}
send(buf, 12);
break;
}
case 6:{ //set program
numSteps = get_short(buf+6);
steps = (pStep)(buf+8) ;
ret = add_steps(state,numSteps,steps);
prime_buf(buf);
if (ret == 3){buf[6]=3;}
if (ret == 2){buf[6]=2;}
if (ret == 1){buf[6]=1;}
send(buf, 12);
break;
}
case 7:{//get program
prime_buf(buf);
unsigned int lenz = 0;
unsigned int program[30];
bzero(program,120);
buf[4]=1;
buf[6]=7;
get_program(state, &lenz, program);
lenz = lenz*3*sizeof(int);
cgc_memcpy(buf+8,&lenz,sizeof(int));
cgc_memcpy(buf+12,program,lenz);
send(buf,lenz + 12);
break;
}
case 8:{//get status
prime_buf(buf);
buf[4]=1;
buf[6]=8;
unsigned int status[6];
int len = 24;
ret = get_status(state,status);
cgc_memcpy(buf+8,&len,sizeof(int));
cgc_memcpy(buf+12,status,24);
send(buf,36);
break;
}
case 9:{//simulate seconds
seconds = get_short(buf+6);
prime_buf(buf);
unsigned int bufsize = 12;
unsigned int histSize = 0;
ret = simulate_seconds(state, seconds);
unsigned int currentTime = state->currentTime;
unsigned int setTemp = state->setTemp;
if (ret == 0 ){
buf[6] = 9;
cgc_memcpy(buf+8, ¤tTime ,sizeof(int));
send(buf,12);
}
if(ret == 2){
buf[4] = 1;
buf[6] = 0xc;
histSize = state->historyPosition*sizeof(int);
unsigned int *pHistoryList = state->history;
unsigned int historyListSize = state->historyPosition;
unsigned int ambientTemp = state->ambientTemp;
new_state(state);
if (historyListSize > 0){
cgc_memcpy(buf+8, &historyListSize, sizeof(historyListSize));
cgc_memcpy(buf+12, pHistoryList, histSize);
bufsize = histSize + 12;
}
cgc_memcpy(buf+bufsize, &ambientTemp, sizeof(unsigned int));
bufsize+=4;
cgc_memcpy(buf+bufsize, &setTemp, sizeof(unsigned int));
bufsize+=4;
send(buf, bufsize);
//new_state(state);
}
break;
}
case 0xa:{ //validate firmware
unsigned int fw = validate_fw(state);
prime_buf(buf);
buf[4]=1;
buf[6]=0xa;
buf[8]=4;
cgc_memcpy(buf+12, &fw,sizeof(int) );
send(buf, 16);
break;
}
case 0xb:{//cgc_read sensor list
prime_buf(buf);
int len = 0;
buf[4]=1;
buf[6]=0xb;
len = state->sensorCount * (sizeof(int)*4);
//buff is filled with sensor bytes
unsigned int sensorList[40*sizeof(int)];
get_sensors(state,sensorList);
cgc_memcpy(buf+8,&len,sizeof(int));
cgc_memcpy(buf+12,sensorList,len);
send(buf, len+12);
break;
}
case 0xc:{//set ambient temp
int ambientTemp = get_signed_int(buf+6);
prime_buf(buf);
if (set_ambient_temp(state,ambientTemp) == 2){
buf[6] = 1;
}
send(buf, 12);
break;
}
case 0xff:{
//free(buf);
exit_normal();
break;
}
default:{
//bad command
prime_buf(buf);
buf[6]=5;
send(buf,12);
break;
}
}
// free(buf);
return 0;
}
