Lines Matching +full:1 +full:- +full:sd
2 * SD Memory Card emulation as defined in the "SD Memory Card Physical
5 * eMMC emulation defined in "JEDEC Standard No. 84-A43"
9 * Copyright (c) 2018 Philippe Mathieu-Daudé <f4bug@amsat.org>
15 * 1. Redistributions of source code must retain the above copyright
40 #include "sysemu/block-backend.h"
41 #include "hw/sd/sd.h"
42 #include "hw/sd/sdcard_legacy.h"
46 #include "hw/qdev-properties.h"
47 #include "hw/qdev-properties-system.h"
48 #include "qemu/error-report.h"
51 #include "qemu/guest-random.h"
53 #include "sdmmc-internal.h"
56 //#define DEBUG_SD 1
70 sd_r1b = -1,
71 sd_illegal = -2,
76 sd_bc, /* broadcast -- no response */
78 sd_ac, /* addressed -- no data transfer */
89 sd_waitirq_state = -2, /* emmc */
90 sd_inactive_state = -1,
93 sd_ready_state = 1,
103 sd_io_state = 15 /* sd */
108 typedef sd_rsp_type_t (*sd_cmd_handler)(SDState *sd, SDRequest req);
123 /* If true, created by sd_init() for a non-qdevified caller */
127 /* SD Memory Card Registers */
193 static bool sd_is_spi(SDState *sd) in sd_is_spi() argument
195 return sd->proto == &sd_proto_spi; in sd_is_spi()
198 static bool sd_is_emmc(SDState *sd) in sd_is_emmc() argument
200 return sd->proto == &sd_proto_emmc; in sd_is_emmc()
236 [sd_bus_test_state] = "bus-test", in sd_state_name()
247 return "wait-irq"; in sd_state_name()
257 [sd_r1] = "RESP#1 (normal cmd)", in sd_response_name()
274 static const char *sd_cmd_name(SDState *sd, uint8_t cmd) in sd_cmd_name() argument
280 const SDProto *sdp = sd->proto; in sd_cmd_name()
282 if (sdp->cmd[cmd].handler) { in sd_cmd_name()
284 return sdp->cmd[cmd].name; in sd_cmd_name()
289 static const char *sd_acmd_name(SDState *sd, uint8_t cmd) in sd_acmd_name() argument
291 const SDProto *sdp = sd->proto; in sd_acmd_name()
293 if (sdp->acmd[cmd].handler) { in sd_acmd_name()
294 return sdp->acmd[cmd].name; in sd_acmd_name()
300 static uint8_t sd_get_dat_lines(SDState *sd) in sd_get_dat_lines() argument
302 return sd->enable ? sd->dat_lines : 0; in sd_get_dat_lines()
305 static bool sd_get_cmd_line(SDState *sd) in sd_get_cmd_line() argument
307 return sd->enable ? sd->cmd_line : false; in sd_get_cmd_line()
310 static void sd_set_voltage(SDState *sd, uint16_t millivolts) in sd_set_voltage() argument
319 qemu_log_mask(LOG_GUEST_ERROR, "SD card voltage not supported: %.3fV", in sd_set_voltage()
324 static void sd_set_mode(SDState *sd) in sd_set_mode() argument
326 switch (sd->state) { in sd_set_mode()
328 sd->mode = sd_inactive; in sd_set_mode()
334 sd->mode = sd_card_identification_mode; in sd_set_mode()
343 sd->mode = sd_data_transfer_mode; in sd_set_mode()
355 for (bit = 7; bit >= 0; bit --) { in sd_crc7()
356 shift_reg <<= 1; in sd_crc7()
357 if ((shift_reg >> 7) ^ ((*msg >> bit) & 1)) in sd_crc7()
370 FIELD(OCR, DUAL_VOLTAGE_CARD, 7, 1)
372 FIELD(OCR, ACCEPT_SWITCH_1V8, 24, 1) /* Only UHS-I */
373 FIELD(OCR, UHS_II_CARD, 29, 1) /* Only UHS-II */
374 FIELD(OCR, CARD_CAPACITY, 30, 1) /* 0:SDSC, 1:SDHC/SDXC */
375 FIELD(OCR, CARD_POWER_UP, 31, 1)
386 SDState *sd = opaque; in sd_ocr_powerup() local
389 assert(!FIELD_EX32(sd->ocr, OCR, CARD_POWER_UP)); in sd_ocr_powerup()
391 /* card power-up OK */ in sd_ocr_powerup()
392 sd->ocr = FIELD_DP32(sd->ocr, OCR, CARD_POWER_UP, 1); in sd_ocr_powerup()
394 if (sd->size > SDSC_MAX_CAPACITY) { in sd_ocr_powerup()
395 sd->ocr = FIELD_DP32(sd->ocr, OCR, CARD_CAPACITY, 1); in sd_ocr_powerup()
399 static void sd_set_ocr(SDState *sd) in sd_set_ocr() argument
402 sd->ocr = R_OCR_VDD_VOLTAGE_WIN_HI_MASK; in sd_set_ocr()
404 if (sd_is_spi(sd)) { in sd_set_ocr()
406 * We don't need to emulate power up sequence in SPI-mode. in sd_set_ocr()
407 * Thus, the card's power up status bit should be set to 1 when reset. in sd_set_ocr()
408 * The card's capacity status bit should also be set if SD card size in sd_set_ocr()
411 sd_ocr_powerup(sd); in sd_set_ocr()
415 /* SD Configuration register */
417 static void sd_set_scr(SDState *sd) in sd_set_scr() argument
419 sd->scr[0] = 0 << 4; /* SCR structure version 1.0 */ in sd_set_scr()
420 if (sd->spec_version == SD_PHY_SPECv1_10_VERS) { in sd_set_scr()
421 sd->scr[0] |= 1; /* Spec Version 1.10 */ in sd_set_scr()
423 sd->scr[0] |= 2; /* Spec Version 2.00 or Version 3.0X */ in sd_set_scr()
425 sd->scr[1] = (2 << 4) /* SDSC Card (Security Version 1.01) */ in sd_set_scr()
426 | 0b0101; /* 1-bit or 4-bit width bus modes */ in sd_set_scr()
427 sd->scr[2] = 0x00; /* Extended Security is not supported. */ in sd_set_scr()
428 if (sd->spec_version >= SD_PHY_SPECv3_01_VERS) { in sd_set_scr()
429 sd->scr[2] |= 1 << 7; /* Spec Version 3.0X */ in sd_set_scr()
431 sd->scr[3] = 0x00; in sd_set_scr()
433 sd->scr[4] = 0x00; in sd_set_scr()
434 sd->scr[5] = 0x00; in sd_set_scr()
435 sd->scr[6] = 0x00; in sd_set_scr()
436 sd->scr[7] = 0x00; in sd_set_scr()
448 static void sd_set_cid(SDState *sd) in sd_set_cid() argument
450 sd->cid[0] = MID; /* Fake card manufacturer ID (MID) */ in sd_set_cid()
451 sd->cid[1] = OID[0]; /* OEM/Application ID (OID) */ in sd_set_cid()
452 sd->cid[2] = OID[1]; in sd_set_cid()
453 sd->cid[3] = PNM[0]; /* Fake product name (PNM) */ in sd_set_cid()
454 sd->cid[4] = PNM[1]; in sd_set_cid()
455 sd->cid[5] = PNM[2]; in sd_set_cid()
456 sd->cid[6] = PNM[3]; in sd_set_cid()
457 sd->cid[7] = PNM[4]; in sd_set_cid()
458 sd->cid[8] = PRV; /* Fake product revision (PRV) */ in sd_set_cid()
459 stl_be_p(&sd->cid[9], 0xdeadbeef); /* Fake serial number (PSN) */ in sd_set_cid()
460 sd->cid[13] = 0x00 | /* Manufacture date (MDT) */ in sd_set_cid()
461 ((MDT_YR - 2000) / 10); in sd_set_cid()
462 sd->cid[14] = ((MDT_YR % 10) << 4) | MDT_MON; in sd_set_cid()
463 sd->cid[15] = (sd_crc7(sd->cid, 15) << 1) | 1; in sd_set_cid()
466 static void emmc_set_cid(SDState *sd) in emmc_set_cid() argument
468 sd->cid[0] = MID; /* Fake card manufacturer ID (MID) */ in emmc_set_cid()
469 sd->cid[1] = 0b01; /* CBX: soldered BGA */ in emmc_set_cid()
470 sd->cid[2] = OID[0]; /* OEM/Application ID (OID) */ in emmc_set_cid()
471 sd->cid[3] = PNM[0]; /* Fake product name (PNM) */ in emmc_set_cid()
472 sd->cid[4] = PNM[1]; in emmc_set_cid()
473 sd->cid[5] = PNM[2]; in emmc_set_cid()
474 sd->cid[6] = PNM[3]; in emmc_set_cid()
475 sd->cid[7] = PNM[4]; in emmc_set_cid()
476 sd->cid[8] = PNM[4]; in emmc_set_cid()
477 sd->cid[9] = PRV; /* Fake product revision (PRV) */ in emmc_set_cid()
478 stl_be_p(&sd->cid[10], 0xdeadbeef); /* Fake serial number (PSN) */ in emmc_set_cid()
479 sd->cid[14] = (MDT_MON << 4) | (MDT_YR - 1997); /* Manufacture date (MDT) */ in emmc_set_cid()
480 sd->cid[15] = (sd_crc7(sd->cid, 15) << 1) | 1; in emmc_set_cid()
483 /* Card-Specific Data register */
489 #define WPGROUP_SIZE (1 << (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT))
496 static void emmc_set_ext_csd(SDState *sd, uint64_t size) in emmc_set_ext_csd() argument
500 memset(sd->ext_csd, 0, sizeof(sd->ext_csd)); /* FIXME only RW at reset */ in emmc_set_ext_csd()
503 sd->ext_csd[EXT_CSD_S_CMD_SET] = 0b1; /* supported command sets */ in emmc_set_ext_csd()
504 sd->ext_csd[EXT_CSD_BOOT_INFO] = 0x0; /* Boot information */ in emmc_set_ext_csd()
506 sd->ext_csd[EXT_CSD_BOOT_MULT] = sd->boot_part_size / (128 * KiB); in emmc_set_ext_csd()
507 sd->ext_csd[EXT_CSD_ACC_SIZE] = 0x1; /* Access size */ in emmc_set_ext_csd()
508 sd->ext_csd[EXT_CSD_HC_ERASE_GRP_SIZE] = 0x01; /* HC Erase unit size */ in emmc_set_ext_csd()
509 sd->ext_csd[EXT_CSD_ERASE_TIMEOUT_MULT] = 0x01; /* HC erase timeout */ in emmc_set_ext_csd()
510 sd->ext_csd[EXT_CSD_REL_WR_SEC_C] = 0x1; /* Reliable write sector count */ in emmc_set_ext_csd()
511 sd->ext_csd[EXT_CSD_HC_WP_GRP_SIZE] = 0x01; /* HC write protect group size */ in emmc_set_ext_csd()
512 sd->ext_csd[EXT_CSD_S_C_VCC] = 0x01; /* Sleep current VCC */ in emmc_set_ext_csd()
513 sd->ext_csd[EXT_CSD_S_C_VCCQ] = 0x01; /* Sleep current VCCQ */ in emmc_set_ext_csd()
514 sd->ext_csd[EXT_CSD_S_A_TIMEOUT] = 0x01; /* Sleep/Awake timeout */ in emmc_set_ext_csd()
515 stl_le_p(&sd->ext_csd[EXT_CSD_SEC_CNT], sectcount); /* Sector count */ in emmc_set_ext_csd()
516 sd->ext_csd[210] = 0x46; /* Min write perf for 8bit@52Mhz */ in emmc_set_ext_csd()
517 sd->ext_csd[209] = 0x46; /* Min read perf for 8bit@52Mhz */ in emmc_set_ext_csd()
518 sd->ext_csd[208] = 0x46; /* Min write perf for 4bit@52Mhz */ in emmc_set_ext_csd()
519 sd->ext_csd[207] = 0x46; /* Min read perf for 4bit@52Mhz */ in emmc_set_ext_csd()
520 sd->ext_csd[206] = 0x46; /* Min write perf for 4bit@26Mhz */ in emmc_set_ext_csd()
521 sd->ext_csd[205] = 0x46; /* Min read perf for 4bit@26Mhz */ in emmc_set_ext_csd()
522 sd->ext_csd[EXT_CSD_CARD_TYPE] = 0b11; in emmc_set_ext_csd()
523 sd->ext_csd[EXT_CSD_STRUCTURE] = 2; in emmc_set_ext_csd()
524 sd->ext_csd[EXT_CSD_REV] = 3; in emmc_set_ext_csd()
527 sd->ext_csd[EXT_CSD_PART_CONFIG] = sd->boot_config; in emmc_set_ext_csd()
530 static void emmc_set_csd(SDState *sd, uint64_t size) in emmc_set_csd() argument
533 uint32_t sectsize = (1 << (SECTOR_SHIFT + 1)) - 1; in emmc_set_csd()
534 uint32_t wpsize = (1 << (WPGROUP_SHIFT + 1)) - 1; in emmc_set_csd()
536 sd->csd[0] = (3 << 6) | (4 << 2); /* Spec v4.3 with EXT_CSD */ in emmc_set_csd()
537 sd->csd[1] = (1 << 3) | 6; /* Asynchronous data access time: 1ms */ in emmc_set_csd()
538 sd->csd[2] = 0x00; in emmc_set_csd()
539 sd->csd[3] = (1 << 3) | 3;; /* Maximum bus clock frequency: 100MHz */ in emmc_set_csd()
540 sd->csd[4] = 0x0f; in emmc_set_csd()
542 /* use 1k blocks */ in emmc_set_csd()
543 uint32_t csize1k = (size >> (CMULT_SHIFT + 10)) - 1; in emmc_set_csd()
544 sd->csd[5] = 0x5a; in emmc_set_csd()
545 sd->csd[6] = 0x80 | ((csize1k >> 10) & 0xf); in emmc_set_csd()
546 sd->csd[7] = (csize1k >> 2) & 0xff; in emmc_set_csd()
548 sd->csd[5] = 0x59; in emmc_set_csd()
549 sd->csd[6] = 0x8f; in emmc_set_csd()
550 sd->csd[7] = 0xff; in emmc_set_csd()
551 sd->ocr = FIELD_DP32(sd->ocr, OCR, CARD_CAPACITY, 1); in emmc_set_csd()
553 sd->csd[8] = 0xff; in emmc_set_csd()
554 sd->csd[9] = 0xfc | /* Max. write current */ in emmc_set_csd()
555 ((CMULT_SHIFT - 2) >> 1); in emmc_set_csd()
556 sd->csd[10] = 0x40 | /* Erase sector size */ in emmc_set_csd()
557 (((CMULT_SHIFT - 2) << 7) & 0x80) | (sectsize >> 1); in emmc_set_csd()
558 sd->csd[11] = 0x00 | /* Write protect group size */ in emmc_set_csd()
560 sd->csd[12] = 0x90 | /* Write speed factor */ in emmc_set_csd()
562 sd->csd[13] = 0x20 | /* Max. write data block length */ in emmc_set_csd()
564 sd->csd[14] = 0x00; in emmc_set_csd()
565 sd->csd[15] = (sd_crc7(sd->csd, 15) << 1) | 1; in emmc_set_csd()
566 emmc_set_ext_csd(sd, size); in emmc_set_csd()
569 static void sd_set_csd(SDState *sd, uint64_t size) in sd_set_csd() argument
573 uint32_t sectsize = (1 << (SECTOR_SHIFT + 1)) - 1; in sd_set_csd()
574 uint32_t wpsize = (1 << (WPGROUP_SHIFT + 1)) - 1; in sd_set_csd()
578 hwblock_shift += 1; in sd_set_csd()
580 csize = (size >> (CMULT_SHIFT + hwblock_shift)) - 1; in sd_set_csd()
582 if (size <= SDSC_MAX_CAPACITY) { /* Standard Capacity SD */ in sd_set_csd()
583 sd->csd[0] = 0x00; /* CSD structure */ in sd_set_csd()
584 sd->csd[1] = 0x26; /* Data read access-time-1 */ in sd_set_csd()
585 sd->csd[2] = 0x00; /* Data read access-time-2 */ in sd_set_csd()
586 sd->csd[3] = 0x32; /* Max. data transfer rate: 25 MHz */ in sd_set_csd()
587 sd->csd[4] = 0x5f; /* Card Command Classes */ in sd_set_csd()
588 sd->csd[5] = 0x50 | /* Max. read data block length */ in sd_set_csd()
590 sd->csd[6] = 0xe0 | /* Partial block for read allowed */ in sd_set_csd()
592 sd->csd[7] = 0x00 | /* Device size */ in sd_set_csd()
594 sd->csd[8] = 0x3f | /* Max. read current */ in sd_set_csd()
596 sd->csd[9] = 0xfc | /* Max. write current */ in sd_set_csd()
597 ((CMULT_SHIFT - 2) >> 1); in sd_set_csd()
598 sd->csd[10] = 0x40 | /* Erase sector size */ in sd_set_csd()
599 (((CMULT_SHIFT - 2) << 7) & 0x80) | (sectsize >> 1); in sd_set_csd()
600 sd->csd[11] = 0x00 | /* Write protect group size */ in sd_set_csd()
602 sd->csd[12] = 0x90 | /* Write speed factor */ in sd_set_csd()
604 sd->csd[13] = 0x20 | /* Max. write data block length */ in sd_set_csd()
606 sd->csd[14] = 0x00; /* File format group */ in sd_set_csd()
609 size -= 1; in sd_set_csd()
610 sd->csd[0] = 0x40; in sd_set_csd()
611 sd->csd[1] = 0x0e; in sd_set_csd()
612 sd->csd[2] = 0x00; in sd_set_csd()
613 sd->csd[3] = 0x32; in sd_set_csd()
614 sd->csd[4] = 0x5b; in sd_set_csd()
615 sd->csd[5] = 0x59; in sd_set_csd()
616 sd->csd[6] = 0x00; in sd_set_csd()
617 st24_be_p(&sd->csd[7], size); in sd_set_csd()
618 sd->csd[10] = 0x7f; in sd_set_csd()
619 sd->csd[11] = 0x80; in sd_set_csd()
620 sd->csd[12] = 0x0a; in sd_set_csd()
621 sd->csd[13] = 0x40; in sd_set_csd()
622 sd->csd[14] = 0x00; in sd_set_csd()
624 sd->csd[15] = (sd_crc7(sd->csd, 15) << 1) | 1; in sd_set_csd()
629 static void sd_set_rca(SDState *sd, uint16_t value) in sd_set_rca() argument
632 sd->rca = value; in sd_set_rca()
637 switch (s->proto->cmd[req.cmd].type) { in sd_req_get_rca()
649 return sd_req_get_rca(s, req) == s->rca; in sd_req_rca_same()
654 FIELD(CSR, AKE_SEQ_ERROR, 3, 1)
655 FIELD(CSR, APP_CMD, 5, 1)
656 FIELD(CSR, FX_EVENT, 6, 1)
657 FIELD(CSR, SWITCH_ERROR, 7, 1)
658 FIELD(CSR, READY_FOR_DATA, 8, 1)
660 FIELD(CSR, ERASE_RESET, 13, 1)
661 FIELD(CSR, CARD_ECC_DISABLED, 14, 1)
662 FIELD(CSR, WP_ERASE_SKIP, 15, 1)
663 FIELD(CSR, CSD_OVERWRITE, 16, 1)
664 FIELD(CSR, DEFERRED_RESPONSE, 17, 1)
665 FIELD(CSR, ERROR, 19, 1)
666 FIELD(CSR, CC_ERROR, 20, 1)
667 FIELD(CSR, CARD_ECC_FAILED, 21, 1)
668 FIELD(CSR, ILLEGAL_COMMAND, 22, 1)
669 FIELD(CSR, COM_CRC_ERROR, 23, 1)
670 FIELD(CSR, LOCK_UNLOCK_FAILED, 24, 1)
671 FIELD(CSR, CARD_IS_LOCKED, 25, 1)
672 FIELD(CSR, WP_VIOLATION, 26, 1)
673 FIELD(CSR, ERASE_PARAM, 27, 1)
674 FIELD(CSR, ERASE_SEQ_ERROR, 28, 1)
675 FIELD(CSR, BLOCK_LEN_ERROR, 29, 1)
676 FIELD(CSR, ADDRESS_ERROR, 30, 1)
677 FIELD(CSR, OUT_OF_RANGE, 31, 1)
706 static void sd_set_cardstatus(SDState *sd) in sd_set_cardstatus() argument
708 sd->card_status = READY_FOR_DATA; in sd_set_cardstatus()
711 static void sd_set_sdstatus(SDState *sd) in sd_set_sdstatus() argument
713 memset(sd->sd_status, 0, 64); in sd_set_sdstatus()
719 * Table 4-2.
734 buffer[0] = 0x40 | req->cmd; in sd_req_crc_validate()
735 stl_be_p(&buffer[1], req->arg); in sd_req_crc_validate()
737 return sd_crc7(buffer, 5) != req->crc; /* TODO */ in sd_req_crc_validate()
740 static void sd_response_r1_make(SDState *sd, uint8_t *response) in sd_response_r1_make() argument
742 stl_be_p(response, sd->card_status); in sd_response_r1_make()
745 sd->card_status &= ~CARD_STATUS_C; in sd_response_r1_make()
748 static void sd_response_r3_make(SDState *sd, uint8_t *response) in sd_response_r3_make() argument
750 stl_be_p(response, sd->ocr & ACMD41_R3_MASK); in sd_response_r3_make()
753 static void sd_response_r6_make(SDState *sd, uint8_t *response) in sd_response_r6_make() argument
757 status = ((sd->card_status >> 8) & 0xc000) | in sd_response_r6_make()
758 ((sd->card_status >> 6) & 0x2000) | in sd_response_r6_make()
759 (sd->card_status & 0x1fff); in sd_response_r6_make()
760 sd->card_status &= ~(CARD_STATUS_C & 0xc81fff); in sd_response_r6_make()
761 stw_be_p(response + 0, sd->rca); in sd_response_r6_make()
765 static void sd_response_r7_make(SDState *sd, uint8_t *response) in sd_response_r7_make() argument
767 stl_be_p(response, sd->vhs); in sd_response_r7_make()
770 static uint32_t sd_blk_len(SDState *sd) in sd_blk_len() argument
772 if (FIELD_EX32(sd->ocr, OCR, CARD_CAPACITY)) { in sd_blk_len()
773 return 1 << HWBLOCK_SHIFT; in sd_blk_len()
775 return sd->blk_len; in sd_blk_len()
780 * beginning of it. The size of the boot partitions is the "boot-size"
783 static uint32_t sd_bootpart_offset(SDState *sd) in sd_bootpart_offset() argument
787 if (!sd->boot_part_size || !sd_is_emmc(sd)) { in sd_bootpart_offset()
791 partition_access = sd->ext_csd[EXT_CSD_PART_CONFIG] in sd_bootpart_offset()
795 return sd->boot_part_size * 2; in sd_bootpart_offset()
798 case EXT_CSD_PART_CONFIG_ACC_BOOT0 + 1: in sd_bootpart_offset()
799 return sd->boot_part_size * 1; in sd_bootpart_offset()
805 static uint64_t sd_req_get_address(SDState *sd, SDRequest req) in sd_req_get_address() argument
809 if (FIELD_EX32(sd->ocr, OCR, CARD_CAPACITY)) { in sd_req_get_address()
825 SDState *sd = SDMMC_COMMON(dev); in sd_reset() local
826 SDCardClass *sc = SDMMC_COMMON_GET_CLASS(sd); in sd_reset()
831 if (sd->blk) { in sd_reset()
832 blk_get_geometry(sd->blk, §); in sd_reset()
837 if (sd_is_emmc(sd)) { in sd_reset()
838 size -= sd->boot_part_size * 2; in sd_reset()
841 sect = sd_addr_to_wpnum(size) + 1; in sd_reset()
843 sd->state = sd_idle_state; in sd_reset()
846 sd->rca = sd_is_emmc(sd) ? 0x0001 : 0x0000; in sd_reset()
847 sd->size = size; in sd_reset()
848 sd_set_ocr(sd); in sd_reset()
849 sd_set_scr(sd); in sd_reset()
850 sc->set_cid(sd); in sd_reset()
851 sc->set_csd(sd, size); in sd_reset()
852 sd_set_cardstatus(sd); in sd_reset()
853 sd_set_sdstatus(sd); in sd_reset()
855 g_free(sd->wp_group_bmap); in sd_reset()
856 sd->wp_switch = sd->blk ? !blk_is_writable(sd->blk) : false; in sd_reset()
857 sd->wp_group_bits = sect; in sd_reset()
858 sd->wp_group_bmap = bitmap_new(sd->wp_group_bits); in sd_reset()
859 memset(sd->function_group, 0, sizeof(sd->function_group)); in sd_reset()
860 sd->erase_start = INVALID_ADDRESS; in sd_reset()
861 sd->erase_end = INVALID_ADDRESS; in sd_reset()
862 sd->blk_len = 0x200; in sd_reset()
863 sd->pwd_len = 0; in sd_reset()
864 sd->expecting_acmd = false; in sd_reset()
865 sd->dat_lines = 0xf; in sd_reset()
866 sd->cmd_line = true; in sd_reset()
867 sd->multi_blk_cnt = 0; in sd_reset()
870 static bool sd_get_inserted(SDState *sd) in sd_get_inserted() argument
872 return sd->blk && blk_is_inserted(sd->blk); in sd_get_inserted()
875 static bool sd_get_readonly(SDState *sd) in sd_get_readonly() argument
877 return sd->wp_switch; in sd_get_readonly()
882 SDState *sd = opaque; in sd_cardchange() local
883 DeviceState *dev = DEVICE(sd); in sd_cardchange()
885 bool inserted = sd_get_inserted(sd); in sd_cardchange()
886 bool readonly = sd_get_readonly(sd); in sd_cardchange()
895 if (sd->me_no_qdev_me_kill_mammoth_with_rocks) { in sd_cardchange()
896 qemu_set_irq(sd->inserted_cb, inserted); in sd_cardchange()
898 qemu_set_irq(sd->readonly_cb, readonly); in sd_cardchange()
915 SDState *sd = opaque; in sd_ocr_vmstate_needed() local
918 return !FIELD_EX32(sd->ocr, OCR, CARD_POWER_UP); in sd_ocr_vmstate_needed()
922 .name = "sd-card/ocr-state",
923 .version_id = 1,
924 .minimum_version_id = 1,
935 SDState *sd = opaque; in vmstate_needed_for_emmc() local
937 return sd_is_emmc(sd); in vmstate_needed_for_emmc()
941 .name = "sd-card/ext_csd_modes-state",
942 .version_id = 1,
943 .minimum_version_id = 1,
953 SDState *sd = opaque; in sd_vmstate_pre_load() local
959 sd_ocr_powerup(sd); in sd_vmstate_pre_load()
965 .name = "sd-card",
976 VMSTATE_PARTIAL_BUFFER(sd_status, SDState, 1),
992 VMSTATE_UNUSED_V(1, 512),
1003 /* Legacy initialization function for use by non-qdevified callers */
1008 SDState *sd; in sd_init() local
1021 * appropriate bus. That's a no-no. Hide the device from in sd_init()
1032 sd = SD_CARD(dev); in sd_init()
1033 sd->me_no_qdev_me_kill_mammoth_with_rocks = true; in sd_init()
1034 return sd; in sd_init()
1037 void sd_set_cb(SDState *sd, qemu_irq readonly, qemu_irq insert) in sd_set_cb() argument
1039 sd->readonly_cb = readonly; in sd_set_cb()
1040 sd->inserted_cb = insert; in sd_set_cb()
1041 qemu_set_irq(readonly, sd->blk ? !blk_is_writable(sd->blk) : 0); in sd_set_cb()
1042 qemu_set_irq(insert, sd->blk ? blk_is_inserted(sd->blk) : 0); in sd_set_cb()
1045 static void sd_blk_read(SDState *sd, uint64_t addr, uint32_t len) in sd_blk_read() argument
1048 addr += sd_bootpart_offset(sd); in sd_blk_read()
1049 if (!sd->blk || blk_pread(sd->blk, addr, len, sd->data, 0) < 0) { in sd_blk_read()
1054 static void sd_blk_write(SDState *sd, uint64_t addr, uint32_t len) in sd_blk_write() argument
1057 addr += sd_bootpart_offset(sd); in sd_blk_write()
1058 if (!sd->blk || blk_pwrite(sd->blk, addr, len, sd->data, 0) < 0) { in sd_blk_write()
1063 static void sd_erase(SDState *sd) in sd_erase() argument
1065 uint64_t erase_start = sd->erase_start; in sd_erase()
1066 uint64_t erase_end = sd->erase_end; in sd_erase()
1070 int erase_len = 1 << HWBLOCK_SHIFT; in sd_erase()
1072 trace_sdcard_erase(sd->erase_start, sd->erase_end); in sd_erase()
1073 if (sd->erase_start == INVALID_ADDRESS in sd_erase()
1074 || sd->erase_end == INVALID_ADDRESS) { in sd_erase()
1075 sd->card_status |= ERASE_SEQ_ERROR; in sd_erase()
1076 sd->erase_start = INVALID_ADDRESS; in sd_erase()
1077 sd->erase_end = INVALID_ADDRESS; in sd_erase()
1081 if (FIELD_EX32(sd->ocr, OCR, CARD_CAPACITY)) { in sd_erase()
1088 if (erase_start > sd->size || erase_end > sd->size) { in sd_erase()
1089 sd->card_status |= OUT_OF_RANGE; in sd_erase()
1090 sd->erase_start = INVALID_ADDRESS; in sd_erase()
1091 sd->erase_end = INVALID_ADDRESS; in sd_erase()
1095 sd->erase_start = INVALID_ADDRESS; in sd_erase()
1096 sd->erase_end = INVALID_ADDRESS; in sd_erase()
1097 sd->csd[14] |= 0x40; in sd_erase()
1099 memset(sd->data, 0xff, erase_len); in sd_erase()
1105 assert(wpnum < sd->wp_group_bits); in sd_erase()
1106 if (test_bit(wpnum, sd->wp_group_bmap)) { in sd_erase()
1107 sd->card_status |= WP_ERASE_SKIP; in sd_erase()
1111 sd_blk_write(sd, erase_addr, erase_len); in sd_erase()
1115 static uint32_t sd_wpbits(SDState *sd, uint64_t addr) in sd_wpbits() argument
1123 if (addr >= sd->size) { in sd_wpbits()
1130 assert(wpnum < sd->wp_group_bits); in sd_wpbits()
1131 if (test_bit(wpnum, sd->wp_group_bmap)) { in sd_wpbits()
1132 ret |= (1 << i); in sd_wpbits()
1141 EXT_CSD_ACCESS_MODE_SET_BITS = 1,
1146 static void emmc_function_switch(SDState *sd, uint32_t arg) in emmc_function_switch() argument
1151 uint8_t b = sd->ext_csd[index]; in emmc_function_switch()
1157 sd->card_status |= R_CSR_SWITCH_ERROR_MASK; in emmc_function_switch()
1176 trace_sdcard_ext_csd_update(index, sd->ext_csd[index], b); in emmc_function_switch()
1177 sd->ext_csd[index] = b; in emmc_function_switch()
1180 static void sd_function_switch(SDState *sd, uint32_t arg) in sd_function_switch() argument
1185 sd->data[0] = 0x00; /* Maximum current consumption */ in sd_function_switch()
1186 sd->data[1] = 0x01; in sd_function_switch()
1187 sd->data[2] = 0x80; /* Supported group 6 functions */ in sd_function_switch()
1188 sd->data[3] = 0x01; in sd_function_switch()
1189 sd->data[4] = 0x80; /* Supported group 5 functions */ in sd_function_switch()
1190 sd->data[5] = 0x01; in sd_function_switch()
1191 sd->data[6] = 0x80; /* Supported group 4 functions */ in sd_function_switch()
1192 sd->data[7] = 0x01; in sd_function_switch()
1193 sd->data[8] = 0x80; /* Supported group 3 functions */ in sd_function_switch()
1194 sd->data[9] = 0x01; in sd_function_switch()
1195 sd->data[10] = 0x80; /* Supported group 2 functions */ in sd_function_switch()
1196 sd->data[11] = 0x43; in sd_function_switch()
1197 sd->data[12] = 0x80; /* Supported group 1 functions */ in sd_function_switch()
1198 sd->data[13] = 0x03; in sd_function_switch()
1200 memset(&sd->data[14], 0, 3); in sd_function_switch()
1204 sd->function_group[i] = new_func; in sd_function_switch()
1205 sd->data[16 - (i >> 1)] |= new_func << ((i % 2) * 4); in sd_function_switch()
1207 memset(&sd->data[17], 0, 47); in sd_function_switch()
1210 static inline bool sd_wp_addr(SDState *sd, uint64_t addr) in sd_wp_addr() argument
1212 return test_bit(sd_addr_to_wpnum(addr), sd->wp_group_bmap); in sd_wp_addr()
1215 static void sd_lock_command(SDState *sd) in sd_lock_command() argument
1218 erase = !!(sd->data[0] & 0x08); in sd_lock_command()
1219 lock = sd->data[0] & 0x04; in sd_lock_command()
1220 clr_pwd = sd->data[0] & 0x02; in sd_lock_command()
1221 set_pwd = sd->data[0] & 0x01; in sd_lock_command()
1223 if (sd->blk_len > 1) in sd_lock_command()
1224 pwd_len = sd->data[1]; in sd_lock_command()
1234 if (!(sd->card_status & CARD_IS_LOCKED) || sd->blk_len > 1 || in sd_lock_command()
1235 set_pwd || clr_pwd || lock || sd->wp_switch || in sd_lock_command()
1236 (sd->csd[14] & 0x20)) { in sd_lock_command()
1237 sd->card_status |= LOCK_UNLOCK_FAILED; in sd_lock_command()
1240 bitmap_zero(sd->wp_group_bmap, sd->wp_group_bits); in sd_lock_command()
1241 sd->csd[14] &= ~0x10; in sd_lock_command()
1242 sd->card_status &= ~CARD_IS_LOCKED; in sd_lock_command()
1243 sd->pwd_len = 0; in sd_lock_command()
1245 fprintf(stderr, "SD: Card force-erased by CMD42\n"); in sd_lock_command()
1249 if (sd->blk_len < 2 + pwd_len || in sd_lock_command()
1250 pwd_len <= sd->pwd_len || in sd_lock_command()
1251 pwd_len > sd->pwd_len + 16) { in sd_lock_command()
1252 sd->card_status |= LOCK_UNLOCK_FAILED; in sd_lock_command()
1256 if (sd->pwd_len && memcmp(sd->pwd, sd->data + 2, sd->pwd_len)) { in sd_lock_command()
1257 sd->card_status |= LOCK_UNLOCK_FAILED; in sd_lock_command()
1261 pwd_len -= sd->pwd_len; in sd_lock_command()
1264 (lock && !sd->pwd_len && !set_pwd) || in sd_lock_command()
1266 (((sd->card_status & CARD_IS_LOCKED) && lock) || in sd_lock_command()
1267 (!(sd->card_status & CARD_IS_LOCKED) && !lock)))) { in sd_lock_command()
1268 sd->card_status |= LOCK_UNLOCK_FAILED; in sd_lock_command()
1273 memcpy(sd->pwd, sd->data + 2 + sd->pwd_len, pwd_len); in sd_lock_command()
1274 sd->pwd_len = pwd_len; in sd_lock_command()
1278 sd->pwd_len = 0; in sd_lock_command()
1282 sd->card_status |= CARD_IS_LOCKED; in sd_lock_command()
1284 sd->card_status &= ~CARD_IS_LOCKED; in sd_lock_command()
1287 static bool address_in_range(SDState *sd, const char *desc, in address_in_range() argument
1290 if (addr + length > sd->size) { in address_in_range()
1293 desc, addr, sd->size, length); in address_in_range()
1294 sd->card_status |= ADDRESS_ERROR; in address_in_range()
1300 static sd_rsp_type_t sd_invalid_state_for_cmd(SDState *sd, SDRequest req) in sd_invalid_state_for_cmd() argument
1303 sd->proto->name, req.cmd, sd_state_name(sd->state), in sd_invalid_state_for_cmd()
1304 sd_version_str(sd->spec_version)); in sd_invalid_state_for_cmd()
1309 static sd_rsp_type_t sd_invalid_mode_for_cmd(SDState *sd, SDRequest req) in sd_invalid_mode_for_cmd() argument
1312 sd->proto->name, req.cmd, sd_mode_name(sd->mode), in sd_invalid_mode_for_cmd()
1313 sd_version_str(sd->spec_version)); in sd_invalid_mode_for_cmd()
1318 static sd_rsp_type_t sd_cmd_illegal(SDState *sd, SDRequest req) in sd_cmd_illegal() argument
1321 sd->proto->name, req.cmd, in sd_cmd_illegal()
1322 sd_version_str(sd->spec_version)); in sd_cmd_illegal()
1328 static sd_rsp_type_t sd_cmd_unimplemented(SDState *sd, SDRequest req) in sd_cmd_unimplemented() argument
1331 sd->proto->name, req.cmd); in sd_cmd_unimplemented()
1336 static sd_rsp_type_t sd_cmd_optional(SDState *sd, SDRequest req) in sd_cmd_optional() argument
1339 sd->proto->name, req.cmd); in sd_cmd_optional()
1345 static sd_rsp_type_t sd_cmd_to_receivingdata(SDState *sd, SDRequest req, in sd_cmd_to_receivingdata() argument
1348 if (sd->state != sd_transfer_state) { in sd_cmd_to_receivingdata()
1349 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_to_receivingdata()
1351 sd->state = sd_receivingdata_state; in sd_cmd_to_receivingdata()
1352 sd->data_start = start; in sd_cmd_to_receivingdata()
1353 sd->data_offset = 0; in sd_cmd_to_receivingdata()
1354 /* sd->data[] used as receive buffer */ in sd_cmd_to_receivingdata()
1355 sd->data_size = size ?: sizeof(sd->data); in sd_cmd_to_receivingdata()
1360 static sd_rsp_type_t sd_cmd_to_sendingdata(SDState *sd, SDRequest req, in sd_cmd_to_sendingdata() argument
1364 if (sd->state != sd_transfer_state) { in sd_cmd_to_sendingdata()
1365 sd_invalid_state_for_cmd(sd, req); in sd_cmd_to_sendingdata()
1368 sd->state = sd_sendingdata_state; in sd_cmd_to_sendingdata()
1369 sd->data_start = start; in sd_cmd_to_sendingdata()
1370 sd->data_offset = 0; in sd_cmd_to_sendingdata()
1372 assert(size > 0 && size <= sizeof(sd->data)); in sd_cmd_to_sendingdata()
1373 memcpy(sd->data, data, size); in sd_cmd_to_sendingdata()
1376 sd->data_size = size; in sd_cmd_to_sendingdata()
1382 static sd_rsp_type_t sd_cmd_GO_IDLE_STATE(SDState *sd, SDRequest req) in sd_cmd_GO_IDLE_STATE() argument
1384 if (sd->state == sd_sleep_state) { in sd_cmd_GO_IDLE_STATE()
1393 if (sd->state != sd_inactive_state) { in sd_cmd_GO_IDLE_STATE()
1394 sd->state = sd_idle_state; in sd_cmd_GO_IDLE_STATE()
1395 sd_reset(DEVICE(sd)); in sd_cmd_GO_IDLE_STATE()
1398 return sd_is_spi(sd) ? sd_r1 : sd_r0; in sd_cmd_GO_IDLE_STATE()
1402 static sd_rsp_type_t spi_cmd_SEND_OP_COND(SDState *sd, SDRequest req) in spi_cmd_SEND_OP_COND() argument
1404 sd->state = sd_transfer_state; in spi_cmd_SEND_OP_COND()
1410 static sd_rsp_type_t sd_cmd_ALL_SEND_CID(SDState *sd, SDRequest req) in sd_cmd_ALL_SEND_CID() argument
1412 switch (sd->state) { in sd_cmd_ALL_SEND_CID()
1414 sd->state = sd_identification_state; in sd_cmd_ALL_SEND_CID()
1417 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_ALL_SEND_CID()
1422 static sd_rsp_type_t sd_cmd_SEND_RELATIVE_ADDR(SDState *sd, SDRequest req) in sd_cmd_SEND_RELATIVE_ADDR() argument
1426 switch (sd->state) { in sd_cmd_SEND_RELATIVE_ADDR()
1429 sd->state = sd_standby_state; in sd_cmd_SEND_RELATIVE_ADDR()
1431 sd_set_rca(sd, random_rca); in sd_cmd_SEND_RELATIVE_ADDR()
1435 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SEND_RELATIVE_ADDR()
1439 static sd_rsp_type_t emmc_cmd_SET_RELATIVE_ADDR(SDState *sd, SDRequest req) in emmc_cmd_SET_RELATIVE_ADDR() argument
1441 switch (sd->state) { in emmc_cmd_SET_RELATIVE_ADDR()
1444 sd->state = sd_standby_state; in emmc_cmd_SET_RELATIVE_ADDR()
1445 sd_set_rca(sd, req.arg >> 16); in emmc_cmd_SET_RELATIVE_ADDR()
1449 return sd_invalid_state_for_cmd(sd, req); in emmc_cmd_SET_RELATIVE_ADDR()
1454 static sd_rsp_type_t emmc_cmd_sleep_awake(SDState *sd, SDRequest req) in emmc_cmd_sleep_awake() argument
1456 bool do_sleep = extract32(req.arg, 15, 1); in emmc_cmd_sleep_awake()
1458 switch (sd->state) { in emmc_cmd_sleep_awake()
1462 sd->state = sd_standby_state; in emmc_cmd_sleep_awake()
1468 sd->state = sd_sleep_state; in emmc_cmd_sleep_awake()
1473 return sd_invalid_state_for_cmd(sd, req); in emmc_cmd_sleep_awake()
1478 static sd_rsp_type_t sd_cmd_SWITCH_FUNCTION(SDState *sd, SDRequest req) in sd_cmd_SWITCH_FUNCTION() argument
1480 if (sd->mode != sd_data_transfer_mode) { in sd_cmd_SWITCH_FUNCTION()
1481 return sd_invalid_mode_for_cmd(sd, req); in sd_cmd_SWITCH_FUNCTION()
1483 if (sd->state != sd_transfer_state) { in sd_cmd_SWITCH_FUNCTION()
1484 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SWITCH_FUNCTION()
1487 sd_function_switch(sd, req.arg); in sd_cmd_SWITCH_FUNCTION()
1488 return sd_cmd_to_sendingdata(sd, req, 0, NULL, 64); in sd_cmd_SWITCH_FUNCTION()
1491 static sd_rsp_type_t emmc_cmd_SWITCH(SDState *sd, SDRequest req) in emmc_cmd_SWITCH() argument
1493 switch (sd->state) { in emmc_cmd_SWITCH()
1495 sd->state = sd_programming_state; in emmc_cmd_SWITCH()
1496 emmc_function_switch(sd, req.arg); in emmc_cmd_SWITCH()
1497 sd->state = sd_transfer_state; in emmc_cmd_SWITCH()
1500 return sd_invalid_state_for_cmd(sd, req); in emmc_cmd_SWITCH()
1505 static sd_rsp_type_t sd_cmd_DE_SELECT_CARD(SDState *sd, SDRequest req) in sd_cmd_DE_SELECT_CARD() argument
1507 bool same_rca = sd_req_rca_same(sd, req); in sd_cmd_DE_SELECT_CARD()
1509 switch (sd->state) { in sd_cmd_DE_SELECT_CARD()
1514 sd->state = sd_transfer_state; in sd_cmd_DE_SELECT_CARD()
1522 sd->state = sd_standby_state; in sd_cmd_DE_SELECT_CARD()
1529 sd->state = sd_programming_state; in sd_cmd_DE_SELECT_CARD()
1536 sd->state = sd_disconnect_state; in sd_cmd_DE_SELECT_CARD()
1542 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_DE_SELECT_CARD()
1546 static sd_rsp_type_t sd_cmd_SEND_IF_COND(SDState *sd, SDRequest req) in sd_cmd_SEND_IF_COND() argument
1548 if (sd->spec_version < SD_PHY_SPECv2_00_VERS) { in sd_cmd_SEND_IF_COND()
1549 return sd_cmd_illegal(sd, req); in sd_cmd_SEND_IF_COND()
1551 if (sd->state != sd_idle_state) { in sd_cmd_SEND_IF_COND()
1552 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SEND_IF_COND()
1554 sd->vhs = 0; in sd_cmd_SEND_IF_COND()
1557 if (!(req.arg >> 8) || (req.arg >> (ctz32(req.arg & ~0xff) + 1))) { in sd_cmd_SEND_IF_COND()
1558 return sd_is_spi(sd) ? sd_r7 : sd_r0; in sd_cmd_SEND_IF_COND()
1562 sd->vhs = req.arg; in sd_cmd_SEND_IF_COND()
1567 static sd_rsp_type_t emmc_cmd_SEND_EXT_CSD(SDState *sd, SDRequest req) in emmc_cmd_SEND_EXT_CSD() argument
1569 if (sd->state != sd_transfer_state) { in emmc_cmd_SEND_EXT_CSD()
1570 return sd_invalid_state_for_cmd(sd, req); in emmc_cmd_SEND_EXT_CSD()
1573 return sd_cmd_to_sendingdata(sd, req, sd_req_get_address(sd, req), in emmc_cmd_SEND_EXT_CSD()
1574 sd->ext_csd, sizeof(sd->ext_csd)); in emmc_cmd_SEND_EXT_CSD()
1578 static sd_rsp_type_t spi_cmd_SEND_CSD(SDState *sd, SDRequest req) in spi_cmd_SEND_CSD() argument
1580 if (sd->state != sd_standby_state) { in spi_cmd_SEND_CSD()
1581 return sd_invalid_state_for_cmd(sd, req); in spi_cmd_SEND_CSD()
1583 return sd_cmd_to_sendingdata(sd, req, sd_req_get_address(sd, req), in spi_cmd_SEND_CSD()
1584 sd->csd, 16); in spi_cmd_SEND_CSD()
1587 static sd_rsp_type_t sd_cmd_SEND_CSD(SDState *sd, SDRequest req) in sd_cmd_SEND_CSD() argument
1589 if (sd->state != sd_standby_state) { in sd_cmd_SEND_CSD()
1590 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SEND_CSD()
1593 return sd_req_rca_same(sd, req) ? sd_r2_s : sd_r0; in sd_cmd_SEND_CSD()
1597 static sd_rsp_type_t spi_cmd_SEND_CID(SDState *sd, SDRequest req) in spi_cmd_SEND_CID() argument
1599 if (sd->state != sd_standby_state) { in spi_cmd_SEND_CID()
1600 return sd_invalid_state_for_cmd(sd, req); in spi_cmd_SEND_CID()
1602 return sd_cmd_to_sendingdata(sd, req, sd_req_get_address(sd, req), in spi_cmd_SEND_CID()
1603 sd->cid, 16); in spi_cmd_SEND_CID()
1606 static sd_rsp_type_t sd_cmd_SEND_CID(SDState *sd, SDRequest req) in sd_cmd_SEND_CID() argument
1608 if (sd->state != sd_standby_state) { in sd_cmd_SEND_CID()
1609 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SEND_CID()
1612 return sd_req_rca_same(sd, req) ? sd_r2_i : sd_r0; in sd_cmd_SEND_CID()
1616 static sd_rsp_type_t sd_cmd_STOP_TRANSMISSION(SDState *sd, SDRequest req) in sd_cmd_STOP_TRANSMISSION() argument
1618 switch (sd->state) { in sd_cmd_STOP_TRANSMISSION()
1620 sd->state = sd_transfer_state; in sd_cmd_STOP_TRANSMISSION()
1623 sd->state = sd_programming_state; in sd_cmd_STOP_TRANSMISSION()
1625 sd->state = sd_transfer_state; in sd_cmd_STOP_TRANSMISSION()
1628 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_STOP_TRANSMISSION()
1633 static sd_rsp_type_t sd_cmd_SEND_STATUS(SDState *sd, SDRequest req) in sd_cmd_SEND_STATUS() argument
1635 if (sd->mode != sd_data_transfer_mode) { in sd_cmd_SEND_STATUS()
1636 return sd_invalid_mode_for_cmd(sd, req); in sd_cmd_SEND_STATUS()
1639 switch (sd->state) { in sd_cmd_SEND_STATUS()
1648 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SEND_STATUS()
1651 if (sd_is_spi(sd)) { in sd_cmd_SEND_STATUS()
1655 return sd_req_rca_same(sd, req) ? sd_r1 : sd_r0; in sd_cmd_SEND_STATUS()
1659 static sd_rsp_type_t sd_cmd_GO_INACTIVE_STATE(SDState *sd, SDRequest req) in sd_cmd_GO_INACTIVE_STATE() argument
1661 if (sd->mode != sd_data_transfer_mode) { in sd_cmd_GO_INACTIVE_STATE()
1662 return sd_invalid_mode_for_cmd(sd, req); in sd_cmd_GO_INACTIVE_STATE()
1664 switch (sd->state) { in sd_cmd_GO_INACTIVE_STATE()
1673 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_GO_INACTIVE_STATE()
1675 if (sd_req_rca_same(sd, req)) { in sd_cmd_GO_INACTIVE_STATE()
1676 sd->state = sd_inactive_state; in sd_cmd_GO_INACTIVE_STATE()
1683 static sd_rsp_type_t sd_cmd_SET_BLOCKLEN(SDState *sd, SDRequest req) in sd_cmd_SET_BLOCKLEN() argument
1685 if (sd->state != sd_transfer_state) { in sd_cmd_SET_BLOCKLEN()
1686 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SET_BLOCKLEN()
1688 if (req.arg > (1 << HWBLOCK_SHIFT)) { in sd_cmd_SET_BLOCKLEN()
1689 sd->card_status |= BLOCK_LEN_ERROR; in sd_cmd_SET_BLOCKLEN()
1692 sd->blk_len = req.arg; in sd_cmd_SET_BLOCKLEN()
1699 static sd_rsp_type_t sd_cmd_READ_SINGLE_BLOCK(SDState *sd, SDRequest req) in sd_cmd_READ_SINGLE_BLOCK() argument
1703 if (sd->state != sd_transfer_state) { in sd_cmd_READ_SINGLE_BLOCK()
1704 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_READ_SINGLE_BLOCK()
1707 addr = sd_req_get_address(sd, req); in sd_cmd_READ_SINGLE_BLOCK()
1708 if (!address_in_range(sd, "READ_SINGLE_BLOCK", addr, sd->blk_len)) { in sd_cmd_READ_SINGLE_BLOCK()
1712 sd_blk_read(sd, addr, sd->blk_len); in sd_cmd_READ_SINGLE_BLOCK()
1713 return sd_cmd_to_sendingdata(sd, req, addr, NULL, sd->blk_len); in sd_cmd_READ_SINGLE_BLOCK()
1717 static sd_rsp_type_t sd_cmd_SEND_TUNING_BLOCK(SDState *sd, SDRequest req) in sd_cmd_SEND_TUNING_BLOCK() argument
1719 if (sd->spec_version < SD_PHY_SPECv3_01_VERS) { in sd_cmd_SEND_TUNING_BLOCK()
1720 return sd_cmd_illegal(sd, req); in sd_cmd_SEND_TUNING_BLOCK()
1723 return sd_cmd_to_sendingdata(sd, req, 0, in sd_cmd_SEND_TUNING_BLOCK()
1729 static sd_rsp_type_t sd_cmd_SET_BLOCK_COUNT(SDState *sd, SDRequest req) in sd_cmd_SET_BLOCK_COUNT() argument
1731 if (sd->spec_version < SD_PHY_SPECv3_01_VERS) { in sd_cmd_SET_BLOCK_COUNT()
1732 return sd_cmd_illegal(sd, req); in sd_cmd_SET_BLOCK_COUNT()
1735 if (sd->state != sd_transfer_state) { in sd_cmd_SET_BLOCK_COUNT()
1736 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SET_BLOCK_COUNT()
1739 sd->multi_blk_cnt = req.arg; in sd_cmd_SET_BLOCK_COUNT()
1740 if (sd_is_emmc(sd)) { in sd_cmd_SET_BLOCK_COUNT()
1741 sd->multi_blk_cnt &= 0xffff; in sd_cmd_SET_BLOCK_COUNT()
1743 trace_sdcard_set_block_count(sd->multi_blk_cnt); in sd_cmd_SET_BLOCK_COUNT()
1749 static sd_rsp_type_t sd_cmd_WRITE_SINGLE_BLOCK(SDState *sd, SDRequest req) in sd_cmd_WRITE_SINGLE_BLOCK() argument
1753 if (sd->state != sd_transfer_state) { in sd_cmd_WRITE_SINGLE_BLOCK()
1754 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_WRITE_SINGLE_BLOCK()
1757 addr = sd_req_get_address(sd, req); in sd_cmd_WRITE_SINGLE_BLOCK()
1758 if (!address_in_range(sd, "WRITE_SINGLE_BLOCK", addr, sd->blk_len)) { in sd_cmd_WRITE_SINGLE_BLOCK()
1762 if (sd->size <= SDSC_MAX_CAPACITY) { in sd_cmd_WRITE_SINGLE_BLOCK()
1763 if (sd_wp_addr(sd, addr)) { in sd_cmd_WRITE_SINGLE_BLOCK()
1764 sd->card_status |= WP_VIOLATION; in sd_cmd_WRITE_SINGLE_BLOCK()
1767 if (sd->csd[14] & 0x30) { in sd_cmd_WRITE_SINGLE_BLOCK()
1768 sd->card_status |= WP_VIOLATION; in sd_cmd_WRITE_SINGLE_BLOCK()
1771 sd->blk_written = 0; in sd_cmd_WRITE_SINGLE_BLOCK()
1772 return sd_cmd_to_receivingdata(sd, req, addr, sd->blk_len); in sd_cmd_WRITE_SINGLE_BLOCK()
1776 static sd_rsp_type_t emmc_cmd_PROGRAM_CID(SDState *sd, SDRequest req) in emmc_cmd_PROGRAM_CID() argument
1778 return sd_cmd_to_receivingdata(sd, req, 0, sizeof(sd->cid)); in emmc_cmd_PROGRAM_CID()
1782 static sd_rsp_type_t sd_cmd_PROGRAM_CSD(SDState *sd, SDRequest req) in sd_cmd_PROGRAM_CSD() argument
1784 return sd_cmd_to_receivingdata(sd, req, 0, sizeof(sd->csd)); in sd_cmd_PROGRAM_CSD()
1787 static sd_rsp_type_t sd_cmd_SET_CLR_WRITE_PROT(SDState *sd, SDRequest req, in sd_cmd_SET_CLR_WRITE_PROT() argument
1792 if (sd->size > SDSC_MAX_CAPACITY) { in sd_cmd_SET_CLR_WRITE_PROT()
1796 if (sd->state != sd_transfer_state) { in sd_cmd_SET_CLR_WRITE_PROT()
1797 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SET_CLR_WRITE_PROT()
1800 addr = sd_req_get_address(sd, req); in sd_cmd_SET_CLR_WRITE_PROT()
1801 if (!address_in_range(sd, is_write ? "SET_WRITE_PROT" : "CLR_WRITE_PROT", in sd_cmd_SET_CLR_WRITE_PROT()
1802 addr, 1)) { in sd_cmd_SET_CLR_WRITE_PROT()
1806 sd->state = sd_programming_state; in sd_cmd_SET_CLR_WRITE_PROT()
1808 set_bit(sd_addr_to_wpnum(addr), sd->wp_group_bmap); in sd_cmd_SET_CLR_WRITE_PROT()
1810 clear_bit(sd_addr_to_wpnum(addr), sd->wp_group_bmap); in sd_cmd_SET_CLR_WRITE_PROT()
1813 sd->state = sd_transfer_state; in sd_cmd_SET_CLR_WRITE_PROT()
1818 static sd_rsp_type_t sd_cmd_SET_WRITE_PROT(SDState *sd, SDRequest req) in sd_cmd_SET_WRITE_PROT() argument
1820 return sd_cmd_SET_CLR_WRITE_PROT(sd, req, true); in sd_cmd_SET_WRITE_PROT()
1824 static sd_rsp_type_t sd_cmd_CLR_WRITE_PROT(SDState *sd, SDRequest req) in sd_cmd_CLR_WRITE_PROT() argument
1826 return sd_cmd_SET_CLR_WRITE_PROT(sd, req, false); in sd_cmd_CLR_WRITE_PROT()
1830 static sd_rsp_type_t sd_cmd_SEND_WRITE_PROT(SDState *sd, SDRequest req) in sd_cmd_SEND_WRITE_PROT() argument
1835 if (sd->size > SDSC_MAX_CAPACITY) { in sd_cmd_SEND_WRITE_PROT()
1839 if (sd->state != sd_transfer_state) { in sd_cmd_SEND_WRITE_PROT()
1840 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SEND_WRITE_PROT()
1843 addr = sd_req_get_address(sd, req); in sd_cmd_SEND_WRITE_PROT()
1844 if (!address_in_range(sd, "SEND_WRITE_PROT", addr, sd->blk_len)) { in sd_cmd_SEND_WRITE_PROT()
1848 data = sd_wpbits(sd, req.arg); in sd_cmd_SEND_WRITE_PROT()
1849 return sd_cmd_to_sendingdata(sd, req, addr, &data, sizeof(data)); in sd_cmd_SEND_WRITE_PROT()
1853 static sd_rsp_type_t sd_cmd_ERASE_WR_BLK_START(SDState *sd, SDRequest req) in sd_cmd_ERASE_WR_BLK_START() argument
1855 if (sd->state != sd_transfer_state) { in sd_cmd_ERASE_WR_BLK_START()
1856 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_ERASE_WR_BLK_START()
1858 sd->erase_start = req.arg; in sd_cmd_ERASE_WR_BLK_START()
1863 static sd_rsp_type_t sd_cmd_ERASE_WR_BLK_END(SDState *sd, SDRequest req) in sd_cmd_ERASE_WR_BLK_END() argument
1865 if (sd->state != sd_transfer_state) { in sd_cmd_ERASE_WR_BLK_END()
1866 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_ERASE_WR_BLK_END()
1868 sd->erase_end = req.arg; in sd_cmd_ERASE_WR_BLK_END()
1873 static sd_rsp_type_t sd_cmd_ERASE(SDState *sd, SDRequest req) in sd_cmd_ERASE() argument
1875 if (sd->state != sd_transfer_state) { in sd_cmd_ERASE()
1876 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_ERASE()
1878 if (sd->csd[14] & 0x30) { in sd_cmd_ERASE()
1879 sd->card_status |= WP_VIOLATION; in sd_cmd_ERASE()
1883 sd->state = sd_programming_state; in sd_cmd_ERASE()
1884 sd_erase(sd); in sd_cmd_ERASE()
1886 sd->state = sd_transfer_state; in sd_cmd_ERASE()
1891 static sd_rsp_type_t sd_cmd_LOCK_UNLOCK(SDState *sd, SDRequest req) in sd_cmd_LOCK_UNLOCK() argument
1893 return sd_cmd_to_receivingdata(sd, req, 0, 0); in sd_cmd_LOCK_UNLOCK()
1897 static sd_rsp_type_t sd_cmd_APP_CMD(SDState *sd, SDRequest req) in sd_cmd_APP_CMD() argument
1899 switch (sd->state) { in sd_cmd_APP_CMD()
1904 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_APP_CMD()
1906 if (!sd_is_spi(sd) && sd_req_get_rca(sd, req) != 0x0000) { in sd_cmd_APP_CMD()
1908 "SD: illegal RCA 0x%04x for APP_CMD\n", req.cmd); in sd_cmd_APP_CMD()
1910 /* fall-through */ in sd_cmd_APP_CMD()
1914 if (!sd_is_spi(sd) && !sd_req_rca_same(sd, req)) { in sd_cmd_APP_CMD()
1917 sd->expecting_acmd = true; in sd_cmd_APP_CMD()
1918 sd->card_status |= APP_CMD; in sd_cmd_APP_CMD()
1924 static sd_rsp_type_t sd_cmd_GEN_CMD(SDState *sd, SDRequest req) in sd_cmd_GEN_CMD() argument
1926 if (sd->state != sd_transfer_state) { in sd_cmd_GEN_CMD()
1927 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_GEN_CMD()
1931 if (req.arg & 1) { in sd_cmd_GEN_CMD()
1932 memset(sd->data, 0, sizeof(sd->data)); in sd_cmd_GEN_CMD()
1933 return sd_cmd_to_sendingdata(sd, req, 0, NULL, 0); in sd_cmd_GEN_CMD()
1935 return sd_cmd_to_receivingdata(sd, req, 0, 0); in sd_cmd_GEN_CMD()
1940 static sd_rsp_type_t spi_cmd_READ_OCR(SDState *sd, SDRequest req) in spi_cmd_READ_OCR() argument
1946 static sd_rsp_type_t spi_cmd_CRC_ON_OFF(SDState *sd, SDRequest req) in spi_cmd_CRC_ON_OFF() argument
1952 static sd_rsp_type_t sd_acmd_SET_BUS_WIDTH(SDState *sd, SDRequest req) in sd_acmd_SET_BUS_WIDTH() argument
1954 if (sd->state != sd_transfer_state) { in sd_acmd_SET_BUS_WIDTH()
1955 return sd_invalid_state_for_cmd(sd, req); in sd_acmd_SET_BUS_WIDTH()
1958 sd->sd_status[0] &= 0x3f; in sd_acmd_SET_BUS_WIDTH()
1959 sd->sd_status[0] |= (req.arg & 0x03) << 6; in sd_acmd_SET_BUS_WIDTH()
1964 static sd_rsp_type_t sd_acmd_SD_STATUS(SDState *sd, SDRequest req) in sd_acmd_SD_STATUS() argument
1966 return sd_cmd_to_sendingdata(sd, req, 0, in sd_acmd_SD_STATUS()
1967 sd->sd_status, sizeof(sd->sd_status)); in sd_acmd_SD_STATUS()
1971 static sd_rsp_type_t sd_acmd_SEND_NUM_WR_BLOCKS(SDState *sd, SDRequest req) in sd_acmd_SEND_NUM_WR_BLOCKS() argument
1973 return sd_cmd_to_sendingdata(sd, req, 0, in sd_acmd_SEND_NUM_WR_BLOCKS()
1974 &sd->blk_written, sizeof(sd->blk_written)); in sd_acmd_SEND_NUM_WR_BLOCKS()
1978 static sd_rsp_type_t sd_acmd_SET_WR_BLK_ERASE_COUNT(SDState *sd, SDRequest req) in sd_acmd_SET_WR_BLK_ERASE_COUNT() argument
1980 if (sd->state != sd_transfer_state) { in sd_acmd_SET_WR_BLK_ERASE_COUNT()
1981 return sd_invalid_state_for_cmd(sd, req); in sd_acmd_SET_WR_BLK_ERASE_COUNT()
1987 static sd_rsp_type_t sd_cmd_SEND_OP_COND(SDState *sd, SDRequest req) in sd_cmd_SEND_OP_COND() argument
1989 if (sd->state != sd_idle_state) { in sd_cmd_SEND_OP_COND()
1990 return sd_invalid_state_for_cmd(sd, req); in sd_cmd_SEND_OP_COND()
2003 if (!FIELD_EX32(sd->ocr, OCR, CARD_POWER_UP)) { in sd_cmd_SEND_OP_COND()
2005 timer_del(sd->ocr_power_timer); in sd_cmd_SEND_OP_COND()
2006 sd_ocr_powerup(sd); in sd_cmd_SEND_OP_COND()
2009 if (!timer_pending(sd->ocr_power_timer)) { in sd_cmd_SEND_OP_COND()
2010 timer_mod_ns(sd->ocr_power_timer, in sd_cmd_SEND_OP_COND()
2017 if (FIELD_EX32(sd->ocr & req.arg, OCR, VDD_VOLTAGE_WINDOW)) { in sd_cmd_SEND_OP_COND()
2024 sd->state = sd_ready_state; in sd_cmd_SEND_OP_COND()
2031 static sd_rsp_type_t sd_acmd_SET_CLR_CARD_DETECT(SDState *sd, SDRequest req) in sd_acmd_SET_CLR_CARD_DETECT() argument
2033 if (sd->state != sd_transfer_state) { in sd_acmd_SET_CLR_CARD_DETECT()
2034 return sd_invalid_state_for_cmd(sd, req); in sd_acmd_SET_CLR_CARD_DETECT()
2037 /* Bringing in the 50KOhm pull-up resistor... Done. */ in sd_acmd_SET_CLR_CARD_DETECT()
2042 static sd_rsp_type_t sd_acmd_SEND_SCR(SDState *sd, SDRequest req) in sd_acmd_SEND_SCR() argument
2044 return sd_cmd_to_sendingdata(sd, req, 0, sd->scr, sizeof(sd->scr)); in sd_acmd_SEND_SCR()
2047 static sd_rsp_type_t sd_normal_command(SDState *sd, SDRequest req) in sd_normal_command() argument
2051 sd->last_cmd_name = sd_cmd_name(sd, req.cmd); in sd_normal_command()
2055 if (req.cmd != 55 || sd->expecting_acmd) { in sd_normal_command()
2056 trace_sdcard_normal_command(sd->proto->name, in sd_normal_command()
2057 sd->last_cmd_name, req.cmd, in sd_normal_command()
2058 req.arg, sd_state_name(sd->state)); in sd_normal_command()
2062 sd->card_status &= ~APP_CMD; in sd_normal_command()
2066 if (sd->multi_blk_cnt != 0 && !(req.cmd == 18 || req.cmd == 25)) { in sd_normal_command()
2067 sd->multi_blk_cnt = 0; in sd_normal_command()
2070 if (sd->proto->cmd[req.cmd].class == 6 && FIELD_EX32(sd->ocr, OCR, in sd_normal_command()
2076 if (sd->proto->cmd[req.cmd].handler) { in sd_normal_command()
2077 return sd->proto->cmd[req.cmd].handler(sd, req); in sd_normal_command()
2083 addr = sd_req_get_address(sd, req); in sd_normal_command()
2084 switch (sd->state) { in sd_normal_command()
2087 if (!address_in_range(sd, "READ_BLOCK", addr, sd->blk_len)) { in sd_normal_command()
2091 sd->state = sd_sendingdata_state; in sd_normal_command()
2092 sd->data_start = addr; in sd_normal_command()
2093 sd->data_offset = 0; in sd_normal_command()
2103 addr = sd_req_get_address(sd, req); in sd_normal_command()
2104 switch (sd->state) { in sd_normal_command()
2107 if (!address_in_range(sd, "WRITE_BLOCK", addr, sd->blk_len)) { in sd_normal_command()
2111 sd->state = sd_receivingdata_state; in sd_normal_command()
2112 sd->data_start = addr; in sd_normal_command()
2113 sd->data_offset = 0; in sd_normal_command()
2114 sd->blk_written = 0; in sd_normal_command()
2116 if (sd->size <= SDSC_MAX_CAPACITY) { in sd_normal_command()
2117 if (sd_wp_addr(sd, sd->data_start)) { in sd_normal_command()
2118 sd->card_status |= WP_VIOLATION; in sd_normal_command()
2121 if (sd->csd[14] & 0x30) { in sd_normal_command()
2122 sd->card_status |= WP_VIOLATION; in sd_normal_command()
2132 qemu_log_mask(LOG_GUEST_ERROR, "SD: Unknown CMD%i\n", req.cmd); in sd_normal_command()
2136 return sd_invalid_state_for_cmd(sd, req); in sd_normal_command()
2139 static sd_rsp_type_t sd_app_command(SDState *sd, in sd_app_command() argument
2142 sd->last_cmd_name = sd_acmd_name(sd, req.cmd); in sd_app_command()
2143 trace_sdcard_app_command(sd->proto->name, sd->last_cmd_name, in sd_app_command()
2144 req.cmd, req.arg, sd_state_name(sd->state)); in sd_app_command()
2145 sd->card_status |= APP_CMD; in sd_app_command()
2147 if (sd->proto->acmd[req.cmd].handler) { in sd_app_command()
2148 return sd->proto->acmd[req.cmd].handler(sd, req); in sd_app_command()
2152 case 18: /* Reserved for SD security applications */ in sd_app_command()
2157 /* Refer to the "SD Specifications Part3 Security Specification" for in sd_app_command()
2158 * information about the SD Security Features. in sd_app_command()
2160 qemu_log_mask(LOG_UNIMP, "SD: CMD%i Security not implemented\n", in sd_app_command()
2166 return sd_normal_command(sd, req); in sd_app_command()
2169 qemu_log_mask(LOG_GUEST_ERROR, "SD: ACMD%i in a wrong state\n", req.cmd); in sd_app_command()
2173 static bool cmd_valid_while_locked(SDState *sd, unsigned cmd) in cmd_valid_while_locked() argument
2185 if (sd->expecting_acmd) { in cmd_valid_while_locked()
2191 if (!sd->proto->cmd[cmd].handler) { in cmd_valid_while_locked()
2194 cmd_class = sd->proto->cmd[cmd].class; in cmd_valid_while_locked()
2199 int sd_do_command(SDState *sd, SDRequest *req, in sd_do_command() argument
2205 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable) { in sd_do_command()
2209 if (sd->state == sd_inactive_state) { in sd_do_command()
2215 sd->card_status |= COM_CRC_ERROR; in sd_do_command()
2220 if (req->cmd >= SDMMC_CMD_MAX) { in sd_do_command()
2221 qemu_log_mask(LOG_GUEST_ERROR, "SD: incorrect command 0x%02x\n", in sd_do_command()
2222 req->cmd); in sd_do_command()
2223 req->cmd &= 0x3f; in sd_do_command()
2226 if (sd->state == sd_sleep_state && req->cmd) { in sd_do_command()
2227 qemu_log_mask(LOG_GUEST_ERROR, "SD: Card is sleeping\n"); in sd_do_command()
2232 if (sd->card_status & CARD_IS_LOCKED) { in sd_do_command()
2233 if (!cmd_valid_while_locked(sd, req->cmd)) { in sd_do_command()
2234 sd->card_status |= ILLEGAL_COMMAND; in sd_do_command()
2235 sd->expecting_acmd = false; in sd_do_command()
2236 qemu_log_mask(LOG_GUEST_ERROR, "SD: Card is locked\n"); in sd_do_command()
2242 last_state = sd->state; in sd_do_command()
2243 sd_set_mode(sd); in sd_do_command()
2245 if (sd->expecting_acmd) { in sd_do_command()
2246 sd->expecting_acmd = false; in sd_do_command()
2247 rtype = sd_app_command(sd, *req); in sd_do_command()
2249 rtype = sd_normal_command(sd, *req); in sd_do_command()
2253 sd->card_status |= ILLEGAL_COMMAND; in sd_do_command()
2258 sd->card_status = FIELD_DP32(sd->card_status, CSR, in sd_do_command()
2266 sd_response_r1_make(sd, response); in sd_do_command()
2271 memcpy(response, sd->cid, sizeof(sd->cid)); in sd_do_command()
2276 memcpy(response, sd->csd, sizeof(sd->csd)); in sd_do_command()
2281 sd_response_r3_make(sd, response); in sd_do_command()
2286 sd_response_r6_make(sd, response); in sd_do_command()
2291 sd_response_r7_make(sd, response); in sd_do_command()
2300 sd->data_start = 0; in sd_do_command()
2301 sd->data_offset = 0; in sd_do_command()
2302 /* fall-through */ in sd_do_command()
2315 sd->card_status &= ~CARD_STATUS_B; in sd_do_command()
2322 sd->current_cmd = rtype == sd_illegal ? 0 : req->cmd; in sd_do_command()
2328 static bool sd_generic_write_byte(SDState *sd, uint8_t value) in sd_generic_write_byte() argument
2330 sd->data[sd->data_offset] = value; in sd_generic_write_byte()
2332 if (++sd->data_offset >= sd->data_size) { in sd_generic_write_byte()
2333 sd->state = sd_transfer_state; in sd_generic_write_byte()
2340 static bool sd_generic_read_byte(SDState *sd, uint8_t *value) in sd_generic_read_byte() argument
2342 *value = sd->data[sd->data_offset]; in sd_generic_read_byte()
2344 if (++sd->data_offset >= sd->data_size) { in sd_generic_read_byte()
2345 sd->state = sd_transfer_state; in sd_generic_read_byte()
2352 void sd_write_byte(SDState *sd, uint8_t value) in sd_write_byte() argument
2356 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable) in sd_write_byte()
2359 if (sd->state != sd_receivingdata_state) { in sd_write_byte()
2361 "%s: not in Receiving-Data state\n", __func__); in sd_write_byte()
2365 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION)) in sd_write_byte()
2368 trace_sdcard_write_data(sd->proto->name, in sd_write_byte()
2369 sd->last_cmd_name, in sd_write_byte()
2370 sd->current_cmd, sd->data_offset, value); in sd_write_byte()
2371 switch (sd->current_cmd) { in sd_write_byte()
2373 if (sd_generic_write_byte(sd, value)) { in sd_write_byte()
2375 sd->state = sd_programming_state; in sd_write_byte()
2376 sd_blk_write(sd, sd->data_start, sd->data_offset); in sd_write_byte()
2377 sd->blk_written ++; in sd_write_byte()
2378 sd->csd[14] |= 0x40; in sd_write_byte()
2380 sd->state = sd_transfer_state; in sd_write_byte()
2385 if (sd->data_offset == 0) { in sd_write_byte()
2386 /* Start of the block - let's check the address is valid */ in sd_write_byte()
2387 if (!address_in_range(sd, "WRITE_MULTIPLE_BLOCK", in sd_write_byte()
2388 sd->data_start, sd->blk_len)) { in sd_write_byte()
2391 if (sd->size <= SDSC_MAX_CAPACITY) { in sd_write_byte()
2392 if (sd_wp_addr(sd, sd->data_start)) { in sd_write_byte()
2393 sd->card_status |= WP_VIOLATION; in sd_write_byte()
2398 sd->data[sd->data_offset++] = value; in sd_write_byte()
2399 if (sd->data_offset >= sd->blk_len) { in sd_write_byte()
2401 sd->state = sd_programming_state; in sd_write_byte()
2402 sd_blk_write(sd, sd->data_start, sd->data_offset); in sd_write_byte()
2403 sd->blk_written++; in sd_write_byte()
2404 sd->data_start += sd->blk_len; in sd_write_byte()
2405 sd->data_offset = 0; in sd_write_byte()
2406 sd->csd[14] |= 0x40; in sd_write_byte()
2409 if (sd->multi_blk_cnt != 0) { in sd_write_byte()
2410 if (--sd->multi_blk_cnt == 0) { in sd_write_byte()
2412 sd->state = sd_transfer_state; in sd_write_byte()
2417 sd->state = sd_receivingdata_state; in sd_write_byte()
2422 if (sd_generic_write_byte(sd, value)) { in sd_write_byte()
2424 sd->state = sd_programming_state; in sd_write_byte()
2425 for (i = 0; i < sizeof(sd->cid); i ++) in sd_write_byte()
2426 if ((sd->cid[i] | 0x00) != sd->data[i]) in sd_write_byte()
2427 sd->card_status |= CID_CSD_OVERWRITE; in sd_write_byte()
2429 if (!(sd->card_status & CID_CSD_OVERWRITE)) in sd_write_byte()
2430 for (i = 0; i < sizeof(sd->cid); i ++) { in sd_write_byte()
2431 sd->cid[i] |= 0x00; in sd_write_byte()
2432 sd->cid[i] &= sd->data[i]; in sd_write_byte()
2435 sd->state = sd_transfer_state; in sd_write_byte()
2440 if (sd_generic_write_byte(sd, value)) { in sd_write_byte()
2442 sd->state = sd_programming_state; in sd_write_byte()
2443 for (i = 0; i < sizeof(sd->csd); i ++) in sd_write_byte()
2444 if ((sd->csd[i] | sd_csd_rw_mask[i]) != in sd_write_byte()
2445 (sd->data[i] | sd_csd_rw_mask[i])) in sd_write_byte()
2446 sd->card_status |= CID_CSD_OVERWRITE; in sd_write_byte()
2449 if (sd->csd[14] & ~sd->data[14] & 0x60) in sd_write_byte()
2450 sd->card_status |= CID_CSD_OVERWRITE; in sd_write_byte()
2452 if (!(sd->card_status & CID_CSD_OVERWRITE)) in sd_write_byte()
2453 for (i = 0; i < sizeof(sd->csd); i ++) { in sd_write_byte()
2454 sd->csd[i] |= sd_csd_rw_mask[i]; in sd_write_byte()
2455 sd->csd[i] &= sd->data[i]; in sd_write_byte()
2458 sd->state = sd_transfer_state; in sd_write_byte()
2463 if (sd_generic_write_byte(sd, value)) { in sd_write_byte()
2465 sd->state = sd_programming_state; in sd_write_byte()
2466 sd_lock_command(sd); in sd_write_byte()
2468 sd->state = sd_transfer_state; in sd_write_byte()
2473 sd_generic_write_byte(sd, value); in sd_write_byte()
2481 uint8_t sd_read_byte(SDState *sd) in sd_read_byte() argument
2488 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable) in sd_read_byte()
2491 if (sd->state != sd_sendingdata_state) { in sd_read_byte()
2493 "%s: not in Sending-Data state\n", __func__); in sd_read_byte()
2497 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION)) { in sd_read_byte()
2501 io_len = sd_blk_len(sd); in sd_read_byte()
2503 trace_sdcard_read_data(sd->proto->name, in sd_read_byte()
2504 sd->last_cmd_name, sd->current_cmd, in sd_read_byte()
2505 sd->data_offset, sd->data_size, io_len); in sd_read_byte()
2506 switch (sd->current_cmd) { in sd_read_byte()
2513 case 19: /* CMD19: SEND_TUNING_BLOCK (SD) */ in sd_read_byte()
2518 sd_generic_read_byte(sd, &ret); in sd_read_byte()
2522 if (sd->data_offset == 0) { in sd_read_byte()
2523 if (!address_in_range(sd, "READ_MULTIPLE_BLOCK", in sd_read_byte()
2524 sd->data_start, io_len)) { in sd_read_byte()
2527 sd_blk_read(sd, sd->data_start, io_len); in sd_read_byte()
2529 ret = sd->data[sd->data_offset ++]; in sd_read_byte()
2531 if (sd->data_offset >= io_len) { in sd_read_byte()
2532 sd->data_start += io_len; in sd_read_byte()
2533 sd->data_offset = 0; in sd_read_byte()
2535 if (sd->multi_blk_cnt != 0) { in sd_read_byte()
2536 if (--sd->multi_blk_cnt == 0) { in sd_read_byte()
2538 sd->state = sd_transfer_state; in sd_read_byte()
2547 __func__, sd->last_cmd_name); in sd_read_byte()
2554 static bool sd_receive_ready(SDState *sd) in sd_receive_ready() argument
2556 return sd->state == sd_receivingdata_state; in sd_receive_ready()
2559 static bool sd_data_ready(SDState *sd) in sd_data_ready() argument
2561 return sd->state == sd_sendingdata_state; in sd_data_ready()
2564 void sd_enable(SDState *sd, bool enable) in sd_enable() argument
2566 sd->enable = enable; in sd_enable()
2573 [1] = {0, sd_spi, "SEND_OP_COND", spi_cmd_SEND_OP_COND},
2616 .name = "SD",
2650 [43] = {1, sd_ac, "Q_MANAGEMENT", sd_cmd_optional},
2651 [44] = {1, sd_ac, "Q_TASK_INFO_A", sd_cmd_optional},
2652 [45] = {1, sd_ac, "Q_TASK_INFO_B", sd_cmd_optional},
2653 [46] = {1, sd_adtc, "Q_RD_TASK", sd_cmd_optional},
2654 [47] = {1, sd_adtc, "Q_WR_TASK", sd_cmd_optional},
2655 [48] = {1, sd_adtc, "READ_EXTR_SINGLE", sd_cmd_optional},
2656 [49] = {1, sd_adtc, "WRITE_EXTR_SINGLE", sd_cmd_optional},
2682 [1] = {0, sd_bcr, "SEND_OP_COND", sd_cmd_SEND_OP_COND},
2692 [11] = {1, sd_adtc, "READ_DAT_UNTIL_STOP", sd_cmd_unimplemented},
2723 SDState *sd = SDMMC_COMMON(obj); in sd_instance_init() local
2724 SDCardClass *sc = SDMMC_COMMON_GET_CLASS(sd); in sd_instance_init()
2726 sd->proto = sc->proto; in sd_instance_init()
2727 sd->last_cmd_name = "UNSET"; in sd_instance_init()
2728 sd->enable = true; in sd_instance_init()
2729 sd->ocr_power_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sd_ocr_powerup, sd); in sd_instance_init()
2734 SDState *sd = SDMMC_COMMON(obj); in sd_instance_finalize() local
2736 timer_free(sd->ocr_power_timer); in sd_instance_finalize()
2741 SDState *sd = SDMMC_COMMON(dev); in sd_realize() local
2744 switch (sd->spec_version) { in sd_realize()
2749 error_setg(errp, "Invalid SD card Spec version: %u", sd->spec_version); in sd_realize()
2753 if (sd->blk) { in sd_realize()
2756 if (!blk_supports_write_perm(sd->blk)) { in sd_realize()
2757 error_setg(errp, "Cannot use read-only drive as SD card"); in sd_realize()
2761 blk_size = blk_getlength(sd->blk); in sd_realize()
2767 error_setg(errp, "Invalid SD card size: %s", blk_size_str); in sd_realize()
2772 "SD card size has to be a power of 2, e.g. %s.\n" in sd_realize()
2774 " 'qemu-img resize <imagefile> <new-size>'\n" in sd_realize()
2783 ret = blk_set_perm(sd->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE, in sd_realize()
2788 blk_set_dev_ops(sd->blk, &sd_block_ops, sd); in sd_realize()
2794 SDState *sd = SDMMC_COMMON(dev); in emmc_realize() local
2796 sd->spec_version = SD_PHY_SPECv3_01_VERS; /* Actually v4.3 */ in emmc_realize()
2813 DEFINE_PROP_UINT64("boot-partition-size", SDState, boot_part_size, 0),
2814 DEFINE_PROP_UINT8("boot-config", SDState, boot_config, 0x0),
2824 dc->vmsd = &sd_vmstate; in sdmmc_common_class_init()
2826 dc->bus_type = TYPE_SD_BUS; in sdmmc_common_class_init()
2827 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); in sdmmc_common_class_init()
2829 sc->set_voltage = sd_set_voltage; in sdmmc_common_class_init()
2830 sc->get_dat_lines = sd_get_dat_lines; in sdmmc_common_class_init()
2831 sc->get_cmd_line = sd_get_cmd_line; in sdmmc_common_class_init()
2832 sc->do_command = sd_do_command; in sdmmc_common_class_init()
2833 sc->write_byte = sd_write_byte; in sdmmc_common_class_init()
2834 sc->read_byte = sd_read_byte; in sdmmc_common_class_init()
2835 sc->receive_ready = sd_receive_ready; in sdmmc_common_class_init()
2836 sc->data_ready = sd_data_ready; in sdmmc_common_class_init()
2837 sc->enable = sd_enable; in sdmmc_common_class_init()
2838 sc->get_inserted = sd_get_inserted; in sdmmc_common_class_init()
2839 sc->get_readonly = sd_get_readonly; in sdmmc_common_class_init()
2847 dc->realize = sd_realize; in sd_class_init()
2850 sc->set_cid = sd_set_cid; in sd_class_init()
2851 sc->set_csd = sd_set_csd; in sd_class_init()
2852 sc->proto = &sd_proto_sd; in sd_class_init()
2857 * whether card should be in SSI or MMC/SD mode. It is also up to the
2866 dc->desc = "SD SPI"; in sd_spi_class_init()
2867 sc->proto = &sd_proto_spi; in sd_spi_class_init()
2875 dc->desc = "eMMC"; in emmc_class_init()
2876 dc->realize = emmc_realize; in emmc_class_init()
2879 dc->user_creatable = true; in emmc_class_init()
2881 sc->proto = &sd_proto_emmc; in emmc_class_init()
2883 sc->set_cid = emmc_set_cid; in emmc_class_init()
2884 sc->set_csd = emmc_set_csd; in emmc_class_init()