1 /*
2 * Flash NAND memory emulation. Based on "16M x 8 Bit NAND Flash
3 * Memory" datasheet for the KM29U128AT / K9F2808U0A chips from
4 * Samsung Electronic.
5 *
6 * Copyright (c) 2006 Openedhand Ltd.
7 * Written by Andrzej Zaborowski <balrog@zabor.org>
8 *
9 * Support for additional features based on "MT29F2G16ABCWP 2Gx16"
10 * datasheet from Micron Technology and "NAND02G-B2C" datasheet
11 * from ST Microelectronics.
12 *
13 * This code is licensed under the GNU GPL v2.
14 *
15 * Contributions after 2012-01-13 are licensed under the terms of the
16 * GNU GPL, version 2 or (at your option) any later version.
17 */
18
19 #ifndef NAND_IO
20
21 #include "qemu/osdep.h"
22 #include "hw/hw.h"
23 #include "hw/qdev-properties.h"
24 #include "hw/qdev-properties-system.h"
25 #include "hw/block/flash.h"
26 #include "system/block-backend.h"
27 #include "migration/vmstate.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/module.h"
31 #include "qom/object.h"
32
33 # define NAND_CMD_READ0 0x00
34 # define NAND_CMD_READ1 0x01
35 # define NAND_CMD_READ2 0x50
36 # define NAND_CMD_LPREAD2 0x30
37 # define NAND_CMD_NOSERIALREAD2 0x35
38 # define NAND_CMD_RANDOMREAD1 0x05
39 # define NAND_CMD_RANDOMREAD2 0xe0
40 # define NAND_CMD_READID 0x90
41 # define NAND_CMD_RESET 0xff
42 # define NAND_CMD_PAGEPROGRAM1 0x80
43 # define NAND_CMD_PAGEPROGRAM2 0x10
44 # define NAND_CMD_CACHEPROGRAM2 0x15
45 # define NAND_CMD_BLOCKERASE1 0x60
46 # define NAND_CMD_BLOCKERASE2 0xd0
47 # define NAND_CMD_READSTATUS 0x70
48 # define NAND_CMD_COPYBACKPRG1 0x85
49
50 # define NAND_IOSTATUS_ERROR (1 << 0)
51 # define NAND_IOSTATUS_PLANE0 (1 << 1)
52 # define NAND_IOSTATUS_PLANE1 (1 << 2)
53 # define NAND_IOSTATUS_PLANE2 (1 << 3)
54 # define NAND_IOSTATUS_PLANE3 (1 << 4)
55 # define NAND_IOSTATUS_READY (1 << 6)
56 # define NAND_IOSTATUS_UNPROTCT (1 << 7)
57
58 # define MAX_PAGE 0x800
59 # define MAX_OOB 0x40
60
61 typedef struct NANDFlashState NANDFlashState;
62 struct NANDFlashState {
63 DeviceState parent_obj;
64
65 uint8_t manf_id, chip_id;
66 uint8_t buswidth; /* in BYTES */
67 int size, pages;
68 int page_shift, oob_shift, erase_shift, addr_shift;
69 uint8_t *storage;
70 BlockBackend *blk;
71 int mem_oob;
72
73 uint8_t cle, ale, ce, wp, gnd;
74
75 uint8_t io[MAX_PAGE + MAX_OOB + 0x400];
76 uint8_t *ioaddr;
77 int iolen;
78
79 uint32_t cmd;
80 uint64_t addr;
81 int addrlen;
82 int status;
83 int offset;
84
85 void (*blk_write)(NANDFlashState *s);
86 void (*blk_erase)(NANDFlashState *s);
87 /*
88 * Returns %true when block containing (@addr + @offset) is
89 * successfully loaded, otherwise %false.
90 */
91 bool (*blk_load)(NANDFlashState *s, uint64_t addr, unsigned offset);
92
93 uint32_t ioaddr_vmstate;
94 };
95
96 #define TYPE_NAND "nand"
97
OBJECT_DECLARE_SIMPLE_TYPE(NANDFlashState,NAND)98 OBJECT_DECLARE_SIMPLE_TYPE(NANDFlashState, NAND)
99
100 static void mem_and(uint8_t *dest, const uint8_t *src, size_t n)
101 {
102 /* Like memcpy() but we logical-AND the data into the destination */
103 int i;
104 for (i = 0; i < n; i++) {
105 dest[i] &= src[i];
106 }
107 }
108
109 # define NAND_NO_AUTOINCR 0x00000001
110 # define NAND_BUSWIDTH_16 0x00000002
111 # define NAND_NO_PADDING 0x00000004
112 # define NAND_CACHEPRG 0x00000008
113 # define NAND_COPYBACK 0x00000010
114 # define NAND_IS_AND 0x00000020
115 # define NAND_4PAGE_ARRAY 0x00000040
116 # define NAND_NO_READRDY 0x00000100
117 # define NAND_SAMSUNG_LP (NAND_NO_PADDING | NAND_COPYBACK)
118
119 # define NAND_IO
120
121 # define PAGE(addr) ((addr) >> ADDR_SHIFT)
122 # define PAGE_START(page) (PAGE(page) * (NAND_PAGE_SIZE + OOB_SIZE))
123 # define PAGE_MASK ((1 << ADDR_SHIFT) - 1)
124 # define OOB_SHIFT (PAGE_SHIFT - 5)
125 # define OOB_SIZE (1 << OOB_SHIFT)
126 # define SECTOR(addr) ((addr) >> (9 + ADDR_SHIFT - PAGE_SHIFT))
127 # define SECTOR_OFFSET(addr) ((addr) & ((511 >> PAGE_SHIFT) << 8))
128
129 # define NAND_PAGE_SIZE 256
130 # define PAGE_SHIFT 8
131 # define PAGE_SECTORS 1
132 # define ADDR_SHIFT 8
133 # include "nand.c"
134 # define NAND_PAGE_SIZE 512
135 # define PAGE_SHIFT 9
136 # define PAGE_SECTORS 1
137 # define ADDR_SHIFT 8
138 # include "nand.c"
139 # define NAND_PAGE_SIZE 2048
140 # define PAGE_SHIFT 11
141 # define PAGE_SECTORS 4
142 # define ADDR_SHIFT 16
143 # include "nand.c"
144
145 /* Information based on Linux drivers/mtd/nand/raw/nand_ids.c */
146 static const struct {
147 int size;
148 int width;
149 int page_shift;
150 int erase_shift;
151 uint32_t options;
152 } nand_flash_ids[0x100] = {
153 [0 ... 0xff] = { 0 },
154
155 [0x6b] = { 4, 8, 9, 4, 0 },
156 [0xe3] = { 4, 8, 9, 4, 0 },
157 [0xe5] = { 4, 8, 9, 4, 0 },
158 [0xd6] = { 8, 8, 9, 4, 0 },
159 [0xe6] = { 8, 8, 9, 4, 0 },
160
161 [0x33] = { 16, 8, 9, 5, 0 },
162 [0x73] = { 16, 8, 9, 5, 0 },
163 [0x43] = { 16, 16, 9, 5, NAND_BUSWIDTH_16 },
164 [0x53] = { 16, 16, 9, 5, NAND_BUSWIDTH_16 },
165
166 [0x35] = { 32, 8, 9, 5, 0 },
167 [0x75] = { 32, 8, 9, 5, 0 },
168 [0x45] = { 32, 16, 9, 5, NAND_BUSWIDTH_16 },
169 [0x55] = { 32, 16, 9, 5, NAND_BUSWIDTH_16 },
170
171 [0x36] = { 64, 8, 9, 5, 0 },
172 [0x76] = { 64, 8, 9, 5, 0 },
173 [0x46] = { 64, 16, 9, 5, NAND_BUSWIDTH_16 },
174 [0x56] = { 64, 16, 9, 5, NAND_BUSWIDTH_16 },
175
176 [0x78] = { 128, 8, 9, 5, 0 },
177 [0x39] = { 128, 8, 9, 5, 0 },
178 [0x79] = { 128, 8, 9, 5, 0 },
179 [0x72] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 },
180 [0x49] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 },
181 [0x74] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 },
182 [0x59] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 },
183
184 [0x71] = { 256, 8, 9, 5, 0 },
185
186 /*
187 * These are the new chips with large page size. The pagesize and the
188 * erasesize is determined from the extended id bytes
189 */
190 # define LP_OPTIONS (NAND_SAMSUNG_LP | NAND_NO_READRDY | NAND_NO_AUTOINCR)
191 # define LP_OPTIONS16 (LP_OPTIONS | NAND_BUSWIDTH_16)
192
193 /* 512 Megabit */
194 [0xa2] = { 64, 8, 0, 0, LP_OPTIONS },
195 [0xf2] = { 64, 8, 0, 0, LP_OPTIONS },
196 [0xb2] = { 64, 16, 0, 0, LP_OPTIONS16 },
197 [0xc2] = { 64, 16, 0, 0, LP_OPTIONS16 },
198
199 /* 1 Gigabit */
200 [0xa1] = { 128, 8, 0, 0, LP_OPTIONS },
201 [0xf1] = { 128, 8, 0, 0, LP_OPTIONS },
202 [0xb1] = { 128, 16, 0, 0, LP_OPTIONS16 },
203 [0xc1] = { 128, 16, 0, 0, LP_OPTIONS16 },
204
205 /* 2 Gigabit */
206 [0xaa] = { 256, 8, 0, 0, LP_OPTIONS },
207 [0xda] = { 256, 8, 0, 0, LP_OPTIONS },
208 [0xba] = { 256, 16, 0, 0, LP_OPTIONS16 },
209 [0xca] = { 256, 16, 0, 0, LP_OPTIONS16 },
210
211 /* 4 Gigabit */
212 [0xac] = { 512, 8, 0, 0, LP_OPTIONS },
213 [0xdc] = { 512, 8, 0, 0, LP_OPTIONS },
214 [0xbc] = { 512, 16, 0, 0, LP_OPTIONS16 },
215 [0xcc] = { 512, 16, 0, 0, LP_OPTIONS16 },
216
217 /* 8 Gigabit */
218 [0xa3] = { 1024, 8, 0, 0, LP_OPTIONS },
219 [0xd3] = { 1024, 8, 0, 0, LP_OPTIONS },
220 [0xb3] = { 1024, 16, 0, 0, LP_OPTIONS16 },
221 [0xc3] = { 1024, 16, 0, 0, LP_OPTIONS16 },
222
223 /* 16 Gigabit */
224 [0xa5] = { 2048, 8, 0, 0, LP_OPTIONS },
225 [0xd5] = { 2048, 8, 0, 0, LP_OPTIONS },
226 [0xb5] = { 2048, 16, 0, 0, LP_OPTIONS16 },
227 [0xc5] = { 2048, 16, 0, 0, LP_OPTIONS16 },
228 };
229
nand_reset(DeviceState * dev)230 static void nand_reset(DeviceState *dev)
231 {
232 NANDFlashState *s = NAND(dev);
233 s->cmd = NAND_CMD_READ0;
234 s->addr = 0;
235 s->addrlen = 0;
236 s->iolen = 0;
237 s->offset = 0;
238 s->status &= NAND_IOSTATUS_UNPROTCT;
239 s->status |= NAND_IOSTATUS_READY;
240 }
241
nand_pushio_byte(NANDFlashState * s,uint8_t value)242 static inline void nand_pushio_byte(NANDFlashState *s, uint8_t value)
243 {
244 s->ioaddr[s->iolen++] = value;
245 for (value = s->buswidth; --value;) {
246 s->ioaddr[s->iolen++] = 0;
247 }
248 }
249
250 /*
251 * nand_load_block: Load block containing (s->addr + @offset).
252 * Returns length of data available at @offset in this block.
253 */
nand_load_block(NANDFlashState * s,unsigned offset)254 static unsigned nand_load_block(NANDFlashState *s, unsigned offset)
255 {
256 unsigned iolen;
257
258 if (!s->blk_load(s, s->addr, offset)) {
259 return 0;
260 }
261
262 iolen = (1 << s->page_shift);
263 if (s->gnd) {
264 iolen += 1 << s->oob_shift;
265 }
266 assert(offset <= iolen);
267 iolen -= offset;
268
269 return iolen;
270 }
271
nand_command(NANDFlashState * s)272 static void nand_command(NANDFlashState *s)
273 {
274 switch (s->cmd) {
275 case NAND_CMD_READ0:
276 s->iolen = 0;
277 break;
278
279 case NAND_CMD_READID:
280 s->ioaddr = s->io;
281 s->iolen = 0;
282 nand_pushio_byte(s, s->manf_id);
283 nand_pushio_byte(s, s->chip_id);
284 nand_pushio_byte(s, 'Q'); /* Don't-care byte (often 0xa5) */
285 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) {
286 /* Page Size, Block Size, Spare Size; bit 6 indicates
287 * 8 vs 16 bit width NAND.
288 */
289 nand_pushio_byte(s, (s->buswidth == 2) ? 0x55 : 0x15);
290 } else {
291 nand_pushio_byte(s, 0xc0); /* Multi-plane */
292 }
293 break;
294
295 case NAND_CMD_RANDOMREAD2:
296 case NAND_CMD_NOSERIALREAD2:
297 if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP))
298 break;
299 s->iolen = nand_load_block(s, s->addr & ((1 << s->addr_shift) - 1));
300 break;
301
302 case NAND_CMD_RESET:
303 nand_reset(DEVICE(s));
304 break;
305
306 case NAND_CMD_PAGEPROGRAM1:
307 s->ioaddr = s->io;
308 s->iolen = 0;
309 break;
310
311 case NAND_CMD_PAGEPROGRAM2:
312 if (s->wp) {
313 s->blk_write(s);
314 }
315 break;
316
317 case NAND_CMD_BLOCKERASE1:
318 break;
319
320 case NAND_CMD_BLOCKERASE2:
321 s->addr &= (1ull << s->addrlen * 8) - 1;
322 s->addr <<= nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP ?
323 16 : 8;
324
325 if (s->wp) {
326 s->blk_erase(s);
327 }
328 break;
329
330 case NAND_CMD_READSTATUS:
331 s->ioaddr = s->io;
332 s->iolen = 0;
333 nand_pushio_byte(s, s->status);
334 break;
335
336 default:
337 printf("%s: Unknown NAND command 0x%02x\n", __func__, s->cmd);
338 }
339 }
340
nand_pre_save(void * opaque)341 static int nand_pre_save(void *opaque)
342 {
343 NANDFlashState *s = NAND(opaque);
344
345 s->ioaddr_vmstate = s->ioaddr - s->io;
346
347 return 0;
348 }
349
nand_post_load(void * opaque,int version_id)350 static int nand_post_load(void *opaque, int version_id)
351 {
352 NANDFlashState *s = NAND(opaque);
353
354 if (s->ioaddr_vmstate > sizeof(s->io)) {
355 return -EINVAL;
356 }
357 s->ioaddr = s->io + s->ioaddr_vmstate;
358
359 return 0;
360 }
361
362 static const VMStateDescription vmstate_nand = {
363 .name = "nand",
364 .version_id = 1,
365 .minimum_version_id = 1,
366 .pre_save = nand_pre_save,
367 .post_load = nand_post_load,
368 .fields = (const VMStateField[]) {
369 VMSTATE_UINT8(cle, NANDFlashState),
370 VMSTATE_UINT8(ale, NANDFlashState),
371 VMSTATE_UINT8(ce, NANDFlashState),
372 VMSTATE_UINT8(wp, NANDFlashState),
373 VMSTATE_UINT8(gnd, NANDFlashState),
374 VMSTATE_BUFFER(io, NANDFlashState),
375 VMSTATE_UINT32(ioaddr_vmstate, NANDFlashState),
376 VMSTATE_INT32(iolen, NANDFlashState),
377 VMSTATE_UINT32(cmd, NANDFlashState),
378 VMSTATE_UINT64(addr, NANDFlashState),
379 VMSTATE_INT32(addrlen, NANDFlashState),
380 VMSTATE_INT32(status, NANDFlashState),
381 VMSTATE_INT32(offset, NANDFlashState),
382 /* XXX: do we want to save s->storage too? */
383 VMSTATE_END_OF_LIST()
384 }
385 };
386
nand_realize(DeviceState * dev,Error ** errp)387 static void nand_realize(DeviceState *dev, Error **errp)
388 {
389 int pagesize;
390 NANDFlashState *s = NAND(dev);
391 int ret;
392
393
394 s->buswidth = nand_flash_ids[s->chip_id].width >> 3;
395 s->size = nand_flash_ids[s->chip_id].size << 20;
396 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) {
397 s->page_shift = 11;
398 s->erase_shift = 6;
399 } else {
400 s->page_shift = nand_flash_ids[s->chip_id].page_shift;
401 s->erase_shift = nand_flash_ids[s->chip_id].erase_shift;
402 }
403
404 switch (1 << s->page_shift) {
405 case 256:
406 nand_init_256(s);
407 break;
408 case 512:
409 nand_init_512(s);
410 break;
411 case 2048:
412 nand_init_2048(s);
413 break;
414 default:
415 error_setg(errp, "Unsupported NAND block size %#x",
416 1 << s->page_shift);
417 return;
418 }
419
420 pagesize = 1 << s->oob_shift;
421 s->mem_oob = 1;
422 if (s->blk) {
423 if (!blk_supports_write_perm(s->blk)) {
424 error_setg(errp, "Can't use a read-only drive");
425 return;
426 }
427 ret = blk_set_perm(s->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE,
428 BLK_PERM_ALL, errp);
429 if (ret < 0) {
430 return;
431 }
432 if (blk_getlength(s->blk) >=
433 (s->pages << s->page_shift) + (s->pages << s->oob_shift)) {
434 pagesize = 0;
435 s->mem_oob = 0;
436 }
437 } else {
438 pagesize += 1 << s->page_shift;
439 }
440 if (pagesize) {
441 s->storage = (uint8_t *) memset(g_malloc(s->pages * pagesize),
442 0xff, s->pages * pagesize);
443 }
444 /* Give s->ioaddr a sane value in case we save state before it is used. */
445 s->ioaddr = s->io;
446 }
447
448 static const Property nand_properties[] = {
449 DEFINE_PROP_UINT8("manufacturer_id", NANDFlashState, manf_id, 0),
450 DEFINE_PROP_UINT8("chip_id", NANDFlashState, chip_id, 0),
451 DEFINE_PROP_DRIVE("drive", NANDFlashState, blk),
452 };
453
nand_class_init(ObjectClass * klass,void * data)454 static void nand_class_init(ObjectClass *klass, void *data)
455 {
456 DeviceClass *dc = DEVICE_CLASS(klass);
457
458 dc->realize = nand_realize;
459 device_class_set_legacy_reset(dc, nand_reset);
460 dc->vmsd = &vmstate_nand;
461 device_class_set_props(dc, nand_properties);
462 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
463 }
464
465 static const TypeInfo nand_info = {
466 .name = TYPE_NAND,
467 .parent = TYPE_DEVICE,
468 .instance_size = sizeof(NANDFlashState),
469 .class_init = nand_class_init,
470 };
471
nand_register_types(void)472 static void nand_register_types(void)
473 {
474 type_register_static(&nand_info);
475 }
476
477 /*
478 * Chip inputs are CLE, ALE, CE, WP, GND and eight I/O pins. Chip
479 * outputs are R/B and eight I/O pins.
480 *
481 * CE, WP and R/B are active low.
482 */
nand_setpins(DeviceState * dev,uint8_t cle,uint8_t ale,uint8_t ce,uint8_t wp,uint8_t gnd)483 void nand_setpins(DeviceState *dev, uint8_t cle, uint8_t ale,
484 uint8_t ce, uint8_t wp, uint8_t gnd)
485 {
486 NANDFlashState *s = NAND(dev);
487
488 s->cle = cle;
489 s->ale = ale;
490 s->ce = ce;
491 s->wp = wp;
492 s->gnd = gnd;
493 if (wp) {
494 s->status |= NAND_IOSTATUS_UNPROTCT;
495 } else {
496 s->status &= ~NAND_IOSTATUS_UNPROTCT;
497 }
498 }
499
nand_getpins(DeviceState * dev,int * rb)500 void nand_getpins(DeviceState *dev, int *rb)
501 {
502 *rb = 1;
503 }
504
nand_setio(DeviceState * dev,uint32_t value)505 void nand_setio(DeviceState *dev, uint32_t value)
506 {
507 int i;
508 NANDFlashState *s = NAND(dev);
509
510 if (!s->ce && s->cle) {
511 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) {
512 if (s->cmd == NAND_CMD_READ0 && value == NAND_CMD_LPREAD2)
513 return;
514 if (value == NAND_CMD_RANDOMREAD1) {
515 s->addr &= ~((1 << s->addr_shift) - 1);
516 s->addrlen = 0;
517 return;
518 }
519 }
520 if (value == NAND_CMD_READ0) {
521 s->offset = 0;
522 } else if (value == NAND_CMD_READ1) {
523 s->offset = 0x100;
524 value = NAND_CMD_READ0;
525 } else if (value == NAND_CMD_READ2) {
526 s->offset = 1 << s->page_shift;
527 value = NAND_CMD_READ0;
528 }
529
530 s->cmd = value;
531
532 if (s->cmd == NAND_CMD_READSTATUS ||
533 s->cmd == NAND_CMD_PAGEPROGRAM2 ||
534 s->cmd == NAND_CMD_BLOCKERASE1 ||
535 s->cmd == NAND_CMD_BLOCKERASE2 ||
536 s->cmd == NAND_CMD_NOSERIALREAD2 ||
537 s->cmd == NAND_CMD_RANDOMREAD2 ||
538 s->cmd == NAND_CMD_RESET) {
539 nand_command(s);
540 }
541
542 if (s->cmd != NAND_CMD_RANDOMREAD2) {
543 s->addrlen = 0;
544 }
545 }
546
547 if (s->ale) {
548 unsigned int shift = s->addrlen * 8;
549 uint64_t mask = ~(0xffull << shift);
550 uint64_t v = (uint64_t)value << shift;
551
552 s->addr = (s->addr & mask) | v;
553 s->addrlen ++;
554
555 switch (s->addrlen) {
556 case 1:
557 if (s->cmd == NAND_CMD_READID) {
558 nand_command(s);
559 }
560 break;
561 case 2: /* fix cache address as a byte address */
562 s->addr <<= (s->buswidth - 1);
563 break;
564 case 3:
565 if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) &&
566 (s->cmd == NAND_CMD_READ0 ||
567 s->cmd == NAND_CMD_PAGEPROGRAM1)) {
568 nand_command(s);
569 }
570 break;
571 case 4:
572 if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) &&
573 nand_flash_ids[s->chip_id].size < 256 && /* 1Gb or less */
574 (s->cmd == NAND_CMD_READ0 ||
575 s->cmd == NAND_CMD_PAGEPROGRAM1)) {
576 nand_command(s);
577 }
578 break;
579 case 5:
580 if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) &&
581 nand_flash_ids[s->chip_id].size >= 256 && /* 2Gb or more */
582 (s->cmd == NAND_CMD_READ0 ||
583 s->cmd == NAND_CMD_PAGEPROGRAM1)) {
584 nand_command(s);
585 }
586 break;
587 default:
588 break;
589 }
590 }
591
592 if (!s->cle && !s->ale && s->cmd == NAND_CMD_PAGEPROGRAM1) {
593 if (s->iolen < (1 << s->page_shift) + (1 << s->oob_shift)) {
594 for (i = s->buswidth; i--; value >>= 8) {
595 s->io[s->iolen ++] = (uint8_t) (value & 0xff);
596 }
597 }
598 } else if (!s->cle && !s->ale && s->cmd == NAND_CMD_COPYBACKPRG1) {
599 if ((s->addr & ((1 << s->addr_shift) - 1)) <
600 (1 << s->page_shift) + (1 << s->oob_shift)) {
601 for (i = s->buswidth; i--; s->addr++, value >>= 8) {
602 s->io[s->iolen + (s->addr & ((1 << s->addr_shift) - 1))] =
603 (uint8_t) (value & 0xff);
604 }
605 }
606 }
607 }
608
nand_getio(DeviceState * dev)609 uint32_t nand_getio(DeviceState *dev)
610 {
611 int offset;
612 uint32_t x = 0;
613 NANDFlashState *s = NAND(dev);
614
615 /* Allow sequential reading */
616 if (!s->iolen && s->cmd == NAND_CMD_READ0) {
617 offset = (int) (s->addr & ((1 << s->addr_shift) - 1)) + s->offset;
618 s->offset = 0;
619 s->iolen = nand_load_block(s, offset);
620 }
621
622 if (s->ce || s->iolen <= 0) {
623 return 0;
624 }
625
626 for (offset = s->buswidth; offset--;) {
627 x |= s->ioaddr[offset] << (offset << 3);
628 }
629 /* after receiving READ STATUS command all subsequent reads will
630 * return the status register value until another command is issued
631 */
632 if (s->cmd != NAND_CMD_READSTATUS) {
633 s->addr += s->buswidth;
634 s->ioaddr += s->buswidth;
635 s->iolen -= s->buswidth;
636 }
637 return x;
638 }
639
nand_getbuswidth(DeviceState * dev)640 uint32_t nand_getbuswidth(DeviceState *dev)
641 {
642 NANDFlashState *s = (NANDFlashState *) dev;
643 return s->buswidth << 3;
644 }
645
nand_init(BlockBackend * blk,int manf_id,int chip_id)646 DeviceState *nand_init(BlockBackend *blk, int manf_id, int chip_id)
647 {
648 DeviceState *dev;
649
650 if (nand_flash_ids[chip_id].size == 0) {
651 hw_error("%s: Unsupported NAND chip ID.\n", __func__);
652 }
653 dev = qdev_new(TYPE_NAND);
654 qdev_prop_set_uint8(dev, "manufacturer_id", manf_id);
655 qdev_prop_set_uint8(dev, "chip_id", chip_id);
656 if (blk) {
657 qdev_prop_set_drive_err(dev, "drive", blk, &error_fatal);
658 }
659
660 qdev_realize(dev, NULL, &error_fatal);
661 return dev;
662 }
663
664 type_init(nand_register_types)
665
666 #else
667
668 /* Program a single page */
669 static void glue(nand_blk_write_, NAND_PAGE_SIZE)(NANDFlashState *s)
670 {
671 uint64_t off, page, sector, soff;
672 uint8_t iobuf[(PAGE_SECTORS + 2) * 0x200];
673 if (PAGE(s->addr) >= s->pages)
674 return;
675
676 if (!s->blk) {
677 mem_and(s->storage + PAGE_START(s->addr) + (s->addr & PAGE_MASK) +
678 s->offset, s->io, s->iolen);
679 } else if (s->mem_oob) {
680 sector = SECTOR(s->addr);
681 off = (s->addr & PAGE_MASK) + s->offset;
682 soff = SECTOR_OFFSET(s->addr);
683 if (blk_pread(s->blk, sector << BDRV_SECTOR_BITS,
684 PAGE_SECTORS << BDRV_SECTOR_BITS, iobuf, 0) < 0) {
685 printf("%s: read error in sector %" PRIu64 "\n", __func__, sector);
686 return;
687 }
688
689 mem_and(iobuf + (soff | off), s->io, MIN(s->iolen, NAND_PAGE_SIZE - off));
690 if (off + s->iolen > NAND_PAGE_SIZE) {
691 page = PAGE(s->addr);
692 mem_and(s->storage + (page << OOB_SHIFT), s->io + NAND_PAGE_SIZE - off,
693 MIN(OOB_SIZE, off + s->iolen - NAND_PAGE_SIZE));
694 }
695
696 if (blk_pwrite(s->blk, sector << BDRV_SECTOR_BITS,
697 PAGE_SECTORS << BDRV_SECTOR_BITS, iobuf, 0) < 0) {
698 printf("%s: write error in sector %" PRIu64 "\n", __func__, sector);
699 }
700 } else {
701 off = PAGE_START(s->addr) + (s->addr & PAGE_MASK) + s->offset;
702 sector = off >> 9;
703 soff = off & 0x1ff;
704 if (blk_pread(s->blk, sector << BDRV_SECTOR_BITS,
705 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, iobuf, 0) < 0) {
706 printf("%s: read error in sector %" PRIu64 "\n", __func__, sector);
707 return;
708 }
709
710 mem_and(iobuf + soff, s->io, s->iolen);
711
712 if (blk_pwrite(s->blk, sector << BDRV_SECTOR_BITS,
713 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, iobuf, 0) < 0) {
714 printf("%s: write error in sector %" PRIu64 "\n", __func__, sector);
715 }
716 }
717 s->offset = 0;
718 }
719
720 /* Erase a single block */
721 static void glue(nand_blk_erase_, NAND_PAGE_SIZE)(NANDFlashState *s)
722 {
723 uint64_t i, page, addr;
724 uint8_t iobuf[0x200] = { [0 ... 0x1ff] = 0xff, };
725 addr = s->addr & ~((1 << (ADDR_SHIFT + s->erase_shift)) - 1);
726
727 if (PAGE(addr) >= s->pages) {
728 return;
729 }
730
731 if (!s->blk) {
732 memset(s->storage + PAGE_START(addr),
733 0xff, (NAND_PAGE_SIZE + OOB_SIZE) << s->erase_shift);
734 } else if (s->mem_oob) {
735 memset(s->storage + (PAGE(addr) << OOB_SHIFT),
736 0xff, OOB_SIZE << s->erase_shift);
737 i = SECTOR(addr);
738 page = SECTOR(addr + (1 << (ADDR_SHIFT + s->erase_shift)));
739 for (; i < page; i ++)
740 if (blk_pwrite(s->blk, i << BDRV_SECTOR_BITS,
741 BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
742 printf("%s: write error in sector %" PRIu64 "\n", __func__, i);
743 }
744 } else {
745 addr = PAGE_START(addr);
746 page = addr >> 9;
747 if (blk_pread(s->blk, page << BDRV_SECTOR_BITS,
748 BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
749 printf("%s: read error in sector %" PRIu64 "\n", __func__, page);
750 }
751 memset(iobuf + (addr & 0x1ff), 0xff, (~addr & 0x1ff) + 1);
752 if (blk_pwrite(s->blk, page << BDRV_SECTOR_BITS,
753 BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
754 printf("%s: write error in sector %" PRIu64 "\n", __func__, page);
755 }
756
757 memset(iobuf, 0xff, 0x200);
758 i = (addr & ~0x1ff) + 0x200;
759 for (addr += ((NAND_PAGE_SIZE + OOB_SIZE) << s->erase_shift) - 0x200;
760 i < addr; i += 0x200) {
761 if (blk_pwrite(s->blk, i, BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
762 printf("%s: write error in sector %" PRIu64 "\n",
763 __func__, i >> 9);
764 }
765 }
766
767 page = i >> 9;
768 if (blk_pread(s->blk, page << BDRV_SECTOR_BITS,
769 BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
770 printf("%s: read error in sector %" PRIu64 "\n", __func__, page);
771 }
772 memset(iobuf, 0xff, ((addr - 1) & 0x1ff) + 1);
773 if (blk_pwrite(s->blk, page << BDRV_SECTOR_BITS,
774 BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
775 printf("%s: write error in sector %" PRIu64 "\n", __func__, page);
776 }
777 }
778 }
779
780 static bool glue(nand_blk_load_, NAND_PAGE_SIZE)(NANDFlashState *s,
781 uint64_t addr, unsigned offset)
782 {
783 if (PAGE(addr) >= s->pages) {
784 return false;
785 }
786
787 if (offset > NAND_PAGE_SIZE + OOB_SIZE) {
788 return false;
789 }
790
791 if (s->blk) {
792 if (s->mem_oob) {
793 if (blk_pread(s->blk, SECTOR(addr) << BDRV_SECTOR_BITS,
794 PAGE_SECTORS << BDRV_SECTOR_BITS, s->io, 0) < 0) {
795 printf("%s: read error in sector %" PRIu64 "\n",
796 __func__, SECTOR(addr));
797 }
798 memcpy(s->io + SECTOR_OFFSET(s->addr) + NAND_PAGE_SIZE,
799 s->storage + (PAGE(s->addr) << OOB_SHIFT),
800 OOB_SIZE);
801 s->ioaddr = s->io + SECTOR_OFFSET(s->addr) + offset;
802 } else {
803 if (blk_pread(s->blk, PAGE_START(addr),
804 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, s->io, 0)
805 < 0) {
806 printf("%s: read error in sector %" PRIu64 "\n",
807 __func__, PAGE_START(addr) >> 9);
808 }
809 s->ioaddr = s->io + (PAGE_START(addr) & 0x1ff) + offset;
810 }
811 } else {
812 memcpy(s->io, s->storage + PAGE_START(s->addr) +
813 offset, NAND_PAGE_SIZE + OOB_SIZE - offset);
814 s->ioaddr = s->io;
815 }
816
817 return true;
818 }
819
820 static void glue(nand_init_, NAND_PAGE_SIZE)(NANDFlashState *s)
821 {
822 s->oob_shift = PAGE_SHIFT - 5;
823 s->pages = s->size >> PAGE_SHIFT;
824 s->addr_shift = ADDR_SHIFT;
825
826 s->blk_erase = glue(nand_blk_erase_, NAND_PAGE_SIZE);
827 s->blk_write = glue(nand_blk_write_, NAND_PAGE_SIZE);
828 s->blk_load = glue(nand_blk_load_, NAND_PAGE_SIZE);
829 }
830
831 # undef NAND_PAGE_SIZE
832 # undef PAGE_SHIFT
833 # undef PAGE_SECTORS
834 # undef ADDR_SHIFT
835 #endif /* NAND_IO */
836