npcx: Fix response size

max_response_packet_size was incorrectly set to response_size + SPI header/footer, leading to the command handler to return EC_RES_OVERFLOW when the response buffer size was set by the host to a larger size then response_size. It is happening since flashrom does not limit itself to 128 bytes command since cl/264034. The SHI repsone buffer is laid out as follow: ,.... out_msg_padded / | |< SHI_OUT_START_PAD >|< SHI_MAX_RESPONSE_SIZE >|< SHI_OUT_END_PAD >| +---+-----------------+-------------------------+-------------------+ | | | | | +---+-----------------+-------------------------+-------------------+ | \ | ------- | \ | EC_SPI_FRAME_START_LENGTH | \..... out_msg BUG=b:35571522,chromium:725580 BRANCH=gru TEST=Before flashrom would fail: cros_ec_set_max_size: sending protoinfo command cros_ec_set_max_size: rc:12 cros_ec_set_max_size: max_write:536 max_read:163 ... Reading flash... __cros_ec_command_dev_v2(): Command 0x11 returned result: 11 Ater, flashrom works: cros_ec_set_max_size: sending protoinfo command cros_ec_set_max_size: rc:12 cros_ec_set_max_size: max_write:536 max_read:160 ... Reading flash... done.SUCCESS Verified that cros_ec.c/cros_ec_spi.c set some space for header and footer in addition to max_response_packet_size. Change-Id: I0de7ee5e8109e9277692113f2bb1d4a4758be9f6 Signed-off-by: Gwendal Grignou <gwendal@chromium.org> Reviewed-on: https://chromium-review.googlesource.com/520585 Reviewed-by: Aseda Aboagye <aaboagye@chromium.org>
2026-01-08 16:41:55 +00:00 · 2017-05-31 17:05:30 -07:00
parent b04aacb260
commit 9bdde3e766
1 changed files with 14 additions and 7 deletions
--- a/chip/npcx/shi.c
+++ b/chip/npcx/shi.c
@@ -111,14 +111,17 @@
 /*
 * Max data size for a version 3 request/response packet.  This is big enough
 * to handle a request/response header, flash write offset/size, and 512 bytes
- * of flash data.
+ * of flash data:
+ *  sizeof(ec_host_request):          8
+ *  sizoef(ec_params_flash_write):    8
+ *  payload                         512
+ *
 */
 #define SHI_MAX_REQUEST_SIZE 0x220

 #ifdef NPCX_SHI_BYPASS_OVER_256B
 /* Make sure SHI_MAX_RESPONSE_SIZE won't exceed 256 bytes */
-#define SHI_MAX_RESPONSE_SIZE (160 + EC_SPI_PAST_END_LENGTH + \
-		EC_SPI_FRAME_START_LENGTH + sizeof(struct ec_host_response))
+#define SHI_MAX_RESPONSE_SIZE (160 + sizeof(struct ec_host_response))
 BUILD_ASSERT(SHI_MAX_RESPONSE_SIZE <= SHI_BYPASS_BOUNDARY);
 #else
 #define SHI_MAX_RESPONSE_SIZE 0x220
@@ -129,9 +132,13 @@ BUILD_ASSERT(SHI_MAX_RESPONSE_SIZE <= SHI_BYPASS_BOUNDARY);
 * message, including protocol overhead.  The pointers after the protocol
 * overhead, as passed to the host command handler, must be 32-bit aligned.
 */
-#define SHI_OUT_PAD ((4 - EC_SPI_FRAME_START_LENGTH) % 4)
-static uint8_t out_msg_padded[SHI_OUT_PAD + SHI_MAX_RESPONSE_SIZE] __aligned(4);
-static uint8_t * const out_msg = out_msg_padded + SHI_OUT_PAD;
+#define SHI_OUT_START_PAD (4 * (EC_SPI_FRAME_START_LENGTH / 4 + 1))
+#define SHI_OUT_END_PAD (4 * (EC_SPI_PAST_END_LENGTH / 4 + 1))
+static uint8_t out_msg_padded[SHI_OUT_START_PAD +
+			      SHI_MAX_RESPONSE_SIZE +
+			      SHI_OUT_END_PAD] __aligned(4);
+static uint8_t * const out_msg =
+	out_msg_padded + SHI_OUT_START_PAD - EC_SPI_FRAME_START_LENGTH;
 static uint8_t in_msg[SHI_MAX_REQUEST_SIZE] __aligned(4);

 /* Parameters used by host protocols */
@@ -285,7 +292,7 @@ void shi_handle_host_package(void)
 	shi_packet.response = out_msg + EC_SPI_FRAME_START_LENGTH;

 	/* Reserve space for frame start and trailing past-end byte */
-	shi_packet.response_max = SHI_MAX_RESPONSE_SIZE - SHI_PROTO3_OVERHEAD;
+	shi_packet.response_max = SHI_MAX_RESPONSE_SIZE;
 	shi_packet.response_size = 0;
 	shi_packet.driver_result = EC_RES_SUCCESS;