1 /* 2 * Common Flash Interface support: 3 * AMD & Fujitsu Standard Vendor Command Set (ID 0x0002) 4 * 5 * Copyright (C) 2000 Crossnet Co. <info@crossnet.co.jp> 6 * Copyright (C) 2004 Arcom Control Systems Ltd <linux@arcom.com> 7 * Copyright (C) 2005 MontaVista Software Inc. <source@mvista.com> 8 * 9 * 2_by_8 routines added by Simon Munton 10 * 11 * 4_by_16 work by Carolyn J. Smith 12 * 13 * XIP support hooks by Vitaly Wool (based on code for Intel flash 14 * by Nicolas Pitre) 15 * 16 * 25/09/2008 Christopher Moore: TopBottom fixup for many Macronix with CFI V1.0 17 * 18 * Occasionally maintained by Thayne Harbaugh tharbaugh at lnxi dot com 19 * 20 * This code is GPL 21 */ 22 23 #include <linux/module.h> 24 #include <linux/types.h> 25 #include <linux/kernel.h> 26 #include <linux/sched.h> 27 #include <asm/io.h> 28 #include <asm/byteorder.h> 29 30 #include <linux/errno.h> 31 #include <linux/slab.h> 32 #include <linux/delay.h> 33 #include <linux/interrupt.h> 34 #include <linux/reboot.h> 35 #include <linux/of.h> 36 #include <linux/of_platform.h> 37 #include <linux/mtd/map.h> 38 #include <linux/mtd/mtd.h> 39 #include <linux/mtd/cfi.h> 40 #include <linux/mtd/xip.h> 41 42 #define AMD_BOOTLOC_BUG 43 #define FORCE_WORD_WRITE 0 44 45 #define MAX_RETRIES 3 46 47 #define SST49LF004B 0x0060 48 #define SST49LF040B 0x0050 49 #define SST49LF008A 0x005a 50 #define AT49BV6416 0x00d6 51 52 static int cfi_amdstd_read (struct mtd_info *, loff_t, size_t, size_t *, u_char *); 53 static int cfi_amdstd_write_words(struct mtd_info *, loff_t, size_t, size_t *, const u_char *); 54 static int cfi_amdstd_write_buffers(struct mtd_info *, loff_t, size_t, size_t *, const u_char *); 55 static int cfi_amdstd_erase_chip(struct mtd_info *, struct erase_info *); 56 static int cfi_amdstd_erase_varsize(struct mtd_info *, struct erase_info *); 57 static void cfi_amdstd_sync (struct mtd_info *); 58 static int cfi_amdstd_suspend (struct mtd_info *); 59 static void cfi_amdstd_resume (struct mtd_info *); 60 static int cfi_amdstd_reboot(struct notifier_block *, unsigned long, void *); 61 static int cfi_amdstd_get_fact_prot_info(struct mtd_info *, size_t, 62 size_t *, struct otp_info *); 63 static int cfi_amdstd_get_user_prot_info(struct mtd_info *, size_t, 64 size_t *, struct otp_info *); 65 static int cfi_amdstd_secsi_read (struct mtd_info *, loff_t, size_t, size_t *, u_char *); 66 static int cfi_amdstd_read_fact_prot_reg(struct mtd_info *, loff_t, size_t, 67 size_t *, u_char *); 68 static int cfi_amdstd_read_user_prot_reg(struct mtd_info *, loff_t, size_t, 69 size_t *, u_char *); 70 static int cfi_amdstd_write_user_prot_reg(struct mtd_info *, loff_t, size_t, 71 size_t *, u_char *); 72 static int cfi_amdstd_lock_user_prot_reg(struct mtd_info *, loff_t, size_t); 73 74 static int cfi_amdstd_panic_write(struct mtd_info *mtd, loff_t to, size_t len, 75 size_t *retlen, const u_char *buf); 76 77 static void cfi_amdstd_destroy(struct mtd_info *); 78 79 struct mtd_info *cfi_cmdset_0002(struct map_info *, int); 80 static struct mtd_info *cfi_amdstd_setup (struct mtd_info *); 81 82 static int get_chip(struct map_info *map, struct flchip *chip, unsigned long adr, int mode); 83 static void put_chip(struct map_info *map, struct flchip *chip, unsigned long adr); 84 #include "fwh_lock.h" 85 86 static int cfi_atmel_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len); 87 static int cfi_atmel_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len); 88 89 static int cfi_ppb_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len); 90 static int cfi_ppb_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len); 91 static int cfi_ppb_is_locked(struct mtd_info *mtd, loff_t ofs, uint64_t len); 92 93 static struct mtd_chip_driver cfi_amdstd_chipdrv = { 94 .probe = NULL, /* Not usable directly */ 95 .destroy = cfi_amdstd_destroy, 96 .name = "cfi_cmdset_0002", 97 .module = THIS_MODULE 98 }; 99 100 101 /* #define DEBUG_CFI_FEATURES */ 102 103 104 #ifdef DEBUG_CFI_FEATURES 105 static void cfi_tell_features(struct cfi_pri_amdstd *extp) 106 { 107 const char* erase_suspend[3] = { 108 "Not supported", "Read only", "Read/write" 109 }; 110 const char* top_bottom[6] = { 111 "No WP", "8x8KiB sectors at top & bottom, no WP", 112 "Bottom boot", "Top boot", 113 "Uniform, Bottom WP", "Uniform, Top WP" 114 }; 115 116 printk(" Silicon revision: %d\n", extp->SiliconRevision >> 1); 117 printk(" Address sensitive unlock: %s\n", 118 (extp->SiliconRevision & 1) ? "Not required" : "Required"); 119 120 if (extp->EraseSuspend < ARRAY_SIZE(erase_suspend)) 121 printk(" Erase Suspend: %s\n", erase_suspend[extp->EraseSuspend]); 122 else 123 printk(" Erase Suspend: Unknown value %d\n", extp->EraseSuspend); 124 125 if (extp->BlkProt == 0) 126 printk(" Block protection: Not supported\n"); 127 else 128 printk(" Block protection: %d sectors per group\n", extp->BlkProt); 129 130 131 printk(" Temporary block unprotect: %s\n", 132 extp->TmpBlkUnprotect ? "Supported" : "Not supported"); 133 printk(" Block protect/unprotect scheme: %d\n", extp->BlkProtUnprot); 134 printk(" Number of simultaneous operations: %d\n", extp->SimultaneousOps); 135 printk(" Burst mode: %s\n", 136 extp->BurstMode ? "Supported" : "Not supported"); 137 if (extp->PageMode == 0) 138 printk(" Page mode: Not supported\n"); 139 else 140 printk(" Page mode: %d word page\n", extp->PageMode << 2); 141 142 printk(" Vpp Supply Minimum Program/Erase Voltage: %d.%d V\n", 143 extp->VppMin >> 4, extp->VppMin & 0xf); 144 printk(" Vpp Supply Maximum Program/Erase Voltage: %d.%d V\n", 145 extp->VppMax >> 4, extp->VppMax & 0xf); 146 147 if (extp->TopBottom < ARRAY_SIZE(top_bottom)) 148 printk(" Top/Bottom Boot Block: %s\n", top_bottom[extp->TopBottom]); 149 else 150 printk(" Top/Bottom Boot Block: Unknown value %d\n", extp->TopBottom); 151 } 152 #endif 153 154 #ifdef AMD_BOOTLOC_BUG 155 /* Wheee. Bring me the head of someone at AMD. */ 156 static void fixup_amd_bootblock(struct mtd_info *mtd) 157 { 158 struct map_info *map = mtd->priv; 159 struct cfi_private *cfi = map->fldrv_priv; 160 struct cfi_pri_amdstd *extp = cfi->cmdset_priv; 161 __u8 major = extp->MajorVersion; 162 __u8 minor = extp->MinorVersion; 163 164 if (((major << 8) | minor) < 0x3131) { 165 /* CFI version 1.0 => don't trust bootloc */ 166 167 pr_debug("%s: JEDEC Vendor ID is 0x%02X Device ID is 0x%02X\n", 168 map->name, cfi->mfr, cfi->id); 169 170 /* AFAICS all 29LV400 with a bottom boot block have a device ID 171 * of 0x22BA in 16-bit mode and 0xBA in 8-bit mode. 172 * These were badly detected as they have the 0x80 bit set 173 * so treat them as a special case. 174 */ 175 if (((cfi->id == 0xBA) || (cfi->id == 0x22BA)) && 176 177 /* Macronix added CFI to their 2nd generation 178 * MX29LV400C B/T but AFAICS no other 29LV400 (AMD, 179 * Fujitsu, Spansion, EON, ESI and older Macronix) 180 * has CFI. 181 * 182 * Therefore also check the manufacturer. 183 * This reduces the risk of false detection due to 184 * the 8-bit device ID. 185 */ 186 (cfi->mfr == CFI_MFR_MACRONIX)) { 187 pr_debug("%s: Macronix MX29LV400C with bottom boot block" 188 " detected\n", map->name); 189 extp->TopBottom = 2; /* bottom boot */ 190 } else 191 if (cfi->id & 0x80) { 192 printk(KERN_WARNING "%s: JEDEC Device ID is 0x%02X. Assuming broken CFI table.\n", map->name, cfi->id); 193 extp->TopBottom = 3; /* top boot */ 194 } else { 195 extp->TopBottom = 2; /* bottom boot */ 196 } 197 198 pr_debug("%s: AMD CFI PRI V%c.%c has no boot block field;" 199 " deduced %s from Device ID\n", map->name, major, minor, 200 extp->TopBottom == 2 ? "bottom" : "top"); 201 } 202 } 203 #endif 204 205 static void fixup_use_write_buffers(struct mtd_info *mtd) 206 { 207 struct map_info *map = mtd->priv; 208 struct cfi_private *cfi = map->fldrv_priv; 209 if (cfi->cfiq->BufWriteTimeoutTyp) { 210 pr_debug("Using buffer write method\n"); 211 mtd->_write = cfi_amdstd_write_buffers; 212 } 213 } 214 215 /* Atmel chips don't use the same PRI format as AMD chips */ 216 static void fixup_convert_atmel_pri(struct mtd_info *mtd) 217 { 218 struct map_info *map = mtd->priv; 219 struct cfi_private *cfi = map->fldrv_priv; 220 struct cfi_pri_amdstd *extp = cfi->cmdset_priv; 221 struct cfi_pri_atmel atmel_pri; 222 223 memcpy(&atmel_pri, extp, sizeof(atmel_pri)); 224 memset((char *)extp + 5, 0, sizeof(*extp) - 5); 225 226 if (atmel_pri.Features & 0x02) 227 extp->EraseSuspend = 2; 228 229 /* Some chips got it backwards... */ 230 if (cfi->id == AT49BV6416) { 231 if (atmel_pri.BottomBoot) 232 extp->TopBottom = 3; 233 else 234 extp->TopBottom = 2; 235 } else { 236 if (atmel_pri.BottomBoot) 237 extp->TopBottom = 2; 238 else 239 extp->TopBottom = 3; 240 } 241 242 /* burst write mode not supported */ 243 cfi->cfiq->BufWriteTimeoutTyp = 0; 244 cfi->cfiq->BufWriteTimeoutMax = 0; 245 } 246 247 static void fixup_use_secsi(struct mtd_info *mtd) 248 { 249 /* Setup for chips with a secsi area */ 250 mtd->_read_user_prot_reg = cfi_amdstd_secsi_read; 251 mtd->_read_fact_prot_reg = cfi_amdstd_secsi_read; 252 } 253 254 static void fixup_use_erase_chip(struct mtd_info *mtd) 255 { 256 struct map_info *map = mtd->priv; 257 struct cfi_private *cfi = map->fldrv_priv; 258 if ((cfi->cfiq->NumEraseRegions == 1) && 259 ((cfi->cfiq->EraseRegionInfo[0] & 0xffff) == 0)) { 260 mtd->_erase = cfi_amdstd_erase_chip; 261 } 262 263 } 264 265 /* 266 * Some Atmel chips (e.g. the AT49BV6416) power-up with all sectors 267 * locked by default. 268 */ 269 static void fixup_use_atmel_lock(struct mtd_info *mtd) 270 { 271 mtd->_lock = cfi_atmel_lock; 272 mtd->_unlock = cfi_atmel_unlock; 273 mtd->flags |= MTD_POWERUP_LOCK; 274 } 275 276 static void fixup_old_sst_eraseregion(struct mtd_info *mtd) 277 { 278 struct map_info *map = mtd->priv; 279 struct cfi_private *cfi = map->fldrv_priv; 280 281 /* 282 * These flashes report two separate eraseblock regions based on the 283 * sector_erase-size and block_erase-size, although they both operate on the 284 * same memory. This is not allowed according to CFI, so we just pick the 285 * sector_erase-size. 286 */ 287 cfi->cfiq->NumEraseRegions = 1; 288 } 289 290 static void fixup_sst39vf(struct mtd_info *mtd) 291 { 292 struct map_info *map = mtd->priv; 293 struct cfi_private *cfi = map->fldrv_priv; 294 295 fixup_old_sst_eraseregion(mtd); 296 297 cfi->addr_unlock1 = 0x5555; 298 cfi->addr_unlock2 = 0x2AAA; 299 } 300 301 static void fixup_sst39vf_rev_b(struct mtd_info *mtd) 302 { 303 struct map_info *map = mtd->priv; 304 struct cfi_private *cfi = map->fldrv_priv; 305 306 fixup_old_sst_eraseregion(mtd); 307 308 cfi->addr_unlock1 = 0x555; 309 cfi->addr_unlock2 = 0x2AA; 310 311 cfi->sector_erase_cmd = CMD(0x50); 312 } 313 314 static void fixup_sst38vf640x_sectorsize(struct mtd_info *mtd) 315 { 316 struct map_info *map = mtd->priv; 317 struct cfi_private *cfi = map->fldrv_priv; 318 319 fixup_sst39vf_rev_b(mtd); 320 321 /* 322 * CFI reports 1024 sectors (0x03ff+1) of 64KBytes (0x0100*256) where 323 * it should report a size of 8KBytes (0x0020*256). 324 */ 325 cfi->cfiq->EraseRegionInfo[0] = 0x002003ff; 326 pr_warn("%s: Bad 38VF640x CFI data; adjusting sector size from 64 to 8KiB\n", 327 mtd->name); 328 } 329 330 static void fixup_s29gl064n_sectors(struct mtd_info *mtd) 331 { 332 struct map_info *map = mtd->priv; 333 struct cfi_private *cfi = map->fldrv_priv; 334 335 if ((cfi->cfiq->EraseRegionInfo[0] & 0xffff) == 0x003f) { 336 cfi->cfiq->EraseRegionInfo[0] |= 0x0040; 337 pr_warn("%s: Bad S29GL064N CFI data; adjust from 64 to 128 sectors\n", 338 mtd->name); 339 } 340 } 341 342 static void fixup_s29gl032n_sectors(struct mtd_info *mtd) 343 { 344 struct map_info *map = mtd->priv; 345 struct cfi_private *cfi = map->fldrv_priv; 346 347 if ((cfi->cfiq->EraseRegionInfo[1] & 0xffff) == 0x007e) { 348 cfi->cfiq->EraseRegionInfo[1] &= ~0x0040; 349 pr_warn("%s: Bad S29GL032N CFI data; adjust from 127 to 63 sectors\n", 350 mtd->name); 351 } 352 } 353 354 static void fixup_s29ns512p_sectors(struct mtd_info *mtd) 355 { 356 struct map_info *map = mtd->priv; 357 struct cfi_private *cfi = map->fldrv_priv; 358 359 /* 360 * S29NS512P flash uses more than 8bits to report number of sectors, 361 * which is not permitted by CFI. 362 */ 363 cfi->cfiq->EraseRegionInfo[0] = 0x020001ff; 364 pr_warn("%s: Bad S29NS512P CFI data; adjust to 512 sectors\n", 365 mtd->name); 366 } 367 368 /* Used to fix CFI-Tables of chips without Extended Query Tables */ 369 static struct cfi_fixup cfi_nopri_fixup_table[] = { 370 { CFI_MFR_SST, 0x234a, fixup_sst39vf }, /* SST39VF1602 */ 371 { CFI_MFR_SST, 0x234b, fixup_sst39vf }, /* SST39VF1601 */ 372 { CFI_MFR_SST, 0x235a, fixup_sst39vf }, /* SST39VF3202 */ 373 { CFI_MFR_SST, 0x235b, fixup_sst39vf }, /* SST39VF3201 */ 374 { CFI_MFR_SST, 0x235c, fixup_sst39vf_rev_b }, /* SST39VF3202B */ 375 { CFI_MFR_SST, 0x235d, fixup_sst39vf_rev_b }, /* SST39VF3201B */ 376 { CFI_MFR_SST, 0x236c, fixup_sst39vf_rev_b }, /* SST39VF6402B */ 377 { CFI_MFR_SST, 0x236d, fixup_sst39vf_rev_b }, /* SST39VF6401B */ 378 { 0, 0, NULL } 379 }; 380 381 static struct cfi_fixup cfi_fixup_table[] = { 382 { CFI_MFR_ATMEL, CFI_ID_ANY, fixup_convert_atmel_pri }, 383 #ifdef AMD_BOOTLOC_BUG 384 { CFI_MFR_AMD, CFI_ID_ANY, fixup_amd_bootblock }, 385 { CFI_MFR_AMIC, CFI_ID_ANY, fixup_amd_bootblock }, 386 { CFI_MFR_MACRONIX, CFI_ID_ANY, fixup_amd_bootblock }, 387 #endif 388 { CFI_MFR_AMD, 0x0050, fixup_use_secsi }, 389 { CFI_MFR_AMD, 0x0053, fixup_use_secsi }, 390 { CFI_MFR_AMD, 0x0055, fixup_use_secsi }, 391 { CFI_MFR_AMD, 0x0056, fixup_use_secsi }, 392 { CFI_MFR_AMD, 0x005C, fixup_use_secsi }, 393 { CFI_MFR_AMD, 0x005F, fixup_use_secsi }, 394 { CFI_MFR_AMD, 0x0c01, fixup_s29gl064n_sectors }, 395 { CFI_MFR_AMD, 0x1301, fixup_s29gl064n_sectors }, 396 { CFI_MFR_AMD, 0x1a00, fixup_s29gl032n_sectors }, 397 { CFI_MFR_AMD, 0x1a01, fixup_s29gl032n_sectors }, 398 { CFI_MFR_AMD, 0x3f00, fixup_s29ns512p_sectors }, 399 { CFI_MFR_SST, 0x536a, fixup_sst38vf640x_sectorsize }, /* SST38VF6402 */ 400 { CFI_MFR_SST, 0x536b, fixup_sst38vf640x_sectorsize }, /* SST38VF6401 */ 401 { CFI_MFR_SST, 0x536c, fixup_sst38vf640x_sectorsize }, /* SST38VF6404 */ 402 { CFI_MFR_SST, 0x536d, fixup_sst38vf640x_sectorsize }, /* SST38VF6403 */ 403 #if !FORCE_WORD_WRITE 404 { CFI_MFR_ANY, CFI_ID_ANY, fixup_use_write_buffers }, 405 #endif 406 { 0, 0, NULL } 407 }; 408 static struct cfi_fixup jedec_fixup_table[] = { 409 { CFI_MFR_SST, SST49LF004B, fixup_use_fwh_lock }, 410 { CFI_MFR_SST, SST49LF040B, fixup_use_fwh_lock }, 411 { CFI_MFR_SST, SST49LF008A, fixup_use_fwh_lock }, 412 { 0, 0, NULL } 413 }; 414 415 static struct cfi_fixup fixup_table[] = { 416 /* The CFI vendor ids and the JEDEC vendor IDs appear 417 * to be common. It is like the devices id's are as 418 * well. This table is to pick all cases where 419 * we know that is the case. 420 */ 421 { CFI_MFR_ANY, CFI_ID_ANY, fixup_use_erase_chip }, 422 { CFI_MFR_ATMEL, AT49BV6416, fixup_use_atmel_lock }, 423 { 0, 0, NULL } 424 }; 425 426 427 static void cfi_fixup_major_minor(struct cfi_private *cfi, 428 struct cfi_pri_amdstd *extp) 429 { 430 if (cfi->mfr == CFI_MFR_SAMSUNG) { 431 if ((extp->MajorVersion == '0' && extp->MinorVersion == '0') || 432 (extp->MajorVersion == '3' && extp->MinorVersion == '3')) { 433 /* 434 * Samsung K8P2815UQB and K8D6x16UxM chips 435 * report major=0 / minor=0. 436 * K8D3x16UxC chips report major=3 / minor=3. 437 */ 438 printk(KERN_NOTICE " Fixing Samsung's Amd/Fujitsu" 439 " Extended Query version to 1.%c\n", 440 extp->MinorVersion); 441 extp->MajorVersion = '1'; 442 } 443 } 444 445 /* 446 * SST 38VF640x chips report major=0xFF / minor=0xFF. 447 */ 448 if (cfi->mfr == CFI_MFR_SST && (cfi->id >> 4) == 0x0536) { 449 extp->MajorVersion = '1'; 450 extp->MinorVersion = '0'; 451 } 452 } 453 454 static int is_m29ew(struct cfi_private *cfi) 455 { 456 if (cfi->mfr == CFI_MFR_INTEL && 457 ((cfi->device_type == CFI_DEVICETYPE_X8 && (cfi->id & 0xff) == 0x7e) || 458 (cfi->device_type == CFI_DEVICETYPE_X16 && cfi->id == 0x227e))) 459 return 1; 460 return 0; 461 } 462 463 /* 464 * From TN-13-07: Patching the Linux Kernel and U-Boot for M29 Flash, page 20: 465 * Some revisions of the M29EW suffer from erase suspend hang ups. In 466 * particular, it can occur when the sequence 467 * Erase Confirm -> Suspend -> Program -> Resume 468 * causes a lockup due to internal timing issues. The consequence is that the 469 * erase cannot be resumed without inserting a dummy command after programming 470 * and prior to resuming. [...] The work-around is to issue a dummy write cycle 471 * that writes an F0 command code before the RESUME command. 472 */ 473 static void cfi_fixup_m29ew_erase_suspend(struct map_info *map, 474 unsigned long adr) 475 { 476 struct cfi_private *cfi = map->fldrv_priv; 477 /* before resume, insert a dummy 0xF0 cycle for Micron M29EW devices */ 478 if (is_m29ew(cfi)) 479 map_write(map, CMD(0xF0), adr); 480 } 481 482 /* 483 * From TN-13-07: Patching the Linux Kernel and U-Boot for M29 Flash, page 22: 484 * 485 * Some revisions of the M29EW (for example, A1 and A2 step revisions) 486 * are affected by a problem that could cause a hang up when an ERASE SUSPEND 487 * command is issued after an ERASE RESUME operation without waiting for a 488 * minimum delay. The result is that once the ERASE seems to be completed 489 * (no bits are toggling), the contents of the Flash memory block on which 490 * the erase was ongoing could be inconsistent with the expected values 491 * (typically, the array value is stuck to the 0xC0, 0xC4, 0x80, or 0x84 492 * values), causing a consequent failure of the ERASE operation. 493 * The occurrence of this issue could be high, especially when file system 494 * operations on the Flash are intensive. As a result, it is recommended 495 * that a patch be applied. Intensive file system operations can cause many 496 * calls to the garbage routine to free Flash space (also by erasing physical 497 * Flash blocks) and as a result, many consecutive SUSPEND and RESUME 498 * commands can occur. The problem disappears when a delay is inserted after 499 * the RESUME command by using the udelay() function available in Linux. 500 * The DELAY value must be tuned based on the customer's platform. 501 * The maximum value that fixes the problem in all cases is 500us. 502 * But, in our experience, a delay of 30 µs to 50 µs is sufficient 503 * in most cases. 504 * We have chosen 500µs because this latency is acceptable. 505 */ 506 static void cfi_fixup_m29ew_delay_after_resume(struct cfi_private *cfi) 507 { 508 /* 509 * Resolving the Delay After Resume Issue see Micron TN-13-07 510 * Worst case delay must be 500µs but 30-50µs should be ok as well 511 */ 512 if (is_m29ew(cfi)) 513 cfi_udelay(500); 514 } 515 516 struct mtd_info *cfi_cmdset_0002(struct map_info *map, int primary) 517 { 518 struct cfi_private *cfi = map->fldrv_priv; 519 struct device_node __maybe_unused *np = map->device_node; 520 struct mtd_info *mtd; 521 int i; 522 523 mtd = kzalloc(sizeof(*mtd), GFP_KERNEL); 524 if (!mtd) 525 return NULL; 526 mtd->priv = map; 527 mtd->type = MTD_NORFLASH; 528 529 /* Fill in the default mtd operations */ 530 mtd->_erase = cfi_amdstd_erase_varsize; 531 mtd->_write = cfi_amdstd_write_words; 532 mtd->_read = cfi_amdstd_read; 533 mtd->_sync = cfi_amdstd_sync; 534 mtd->_suspend = cfi_amdstd_suspend; 535 mtd->_resume = cfi_amdstd_resume; 536 mtd->_read_user_prot_reg = cfi_amdstd_read_user_prot_reg; 537 mtd->_read_fact_prot_reg = cfi_amdstd_read_fact_prot_reg; 538 mtd->_get_fact_prot_info = cfi_amdstd_get_fact_prot_info; 539 mtd->_get_user_prot_info = cfi_amdstd_get_user_prot_info; 540 mtd->_write_user_prot_reg = cfi_amdstd_write_user_prot_reg; 541 mtd->_lock_user_prot_reg = cfi_amdstd_lock_user_prot_reg; 542 mtd->flags = MTD_CAP_NORFLASH; 543 mtd->name = map->name; 544 mtd->writesize = 1; 545 mtd->writebufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize; 546 547 pr_debug("MTD %s(): write buffer size %d\n", __func__, 548 mtd->writebufsize); 549 550 mtd->_panic_write = cfi_amdstd_panic_write; 551 mtd->reboot_notifier.notifier_call = cfi_amdstd_reboot; 552 553 if (cfi->cfi_mode==CFI_MODE_CFI){ 554 unsigned char bootloc; 555 __u16 adr = primary?cfi->cfiq->P_ADR:cfi->cfiq->A_ADR; 556 struct cfi_pri_amdstd *extp; 557 558 extp = (struct cfi_pri_amdstd*)cfi_read_pri(map, adr, sizeof(*extp), "Amd/Fujitsu"); 559 if (extp) { 560 /* 561 * It's a real CFI chip, not one for which the probe 562 * routine faked a CFI structure. 563 */ 564 cfi_fixup_major_minor(cfi, extp); 565 566 /* 567 * Valid primary extension versions are: 1.0, 1.1, 1.2, 1.3, 1.4, 1.5 568 * see: http://cs.ozerki.net/zap/pub/axim-x5/docs/cfi_r20.pdf, page 19 569 * http://www.spansion.com/Support/AppNotes/cfi_100_20011201.pdf 570 * http://www.spansion.com/Support/Datasheets/s29ws-p_00_a12_e.pdf 571 * http://www.spansion.com/Support/Datasheets/S29GL_128S_01GS_00_02_e.pdf 572 */ 573 if (extp->MajorVersion != '1' || 574 (extp->MajorVersion == '1' && (extp->MinorVersion < '0' || extp->MinorVersion > '5'))) { 575 printk(KERN_ERR " Unknown Amd/Fujitsu Extended Query " 576 "version %c.%c (%#02x/%#02x).\n", 577 extp->MajorVersion, extp->MinorVersion, 578 extp->MajorVersion, extp->MinorVersion); 579 kfree(extp); 580 kfree(mtd); 581 return NULL; 582 } 583 584 printk(KERN_INFO " Amd/Fujitsu Extended Query version %c.%c.\n", 585 extp->MajorVersion, extp->MinorVersion); 586 587 /* Install our own private info structure */ 588 cfi->cmdset_priv = extp; 589 590 /* Apply cfi device specific fixups */ 591 cfi_fixup(mtd, cfi_fixup_table); 592 593 #ifdef DEBUG_CFI_FEATURES 594 /* Tell the user about it in lots of lovely detail */ 595 cfi_tell_features(extp); 596 #endif 597 598 #ifdef CONFIG_OF 599 if (np && of_property_read_bool( 600 np, "use-advanced-sector-protection") 601 && extp->BlkProtUnprot == 8) { 602 printk(KERN_INFO " Advanced Sector Protection (PPB Locking) supported\n"); 603 mtd->_lock = cfi_ppb_lock; 604 mtd->_unlock = cfi_ppb_unlock; 605 mtd->_is_locked = cfi_ppb_is_locked; 606 } 607 #endif 608 609 bootloc = extp->TopBottom; 610 if ((bootloc < 2) || (bootloc > 5)) { 611 printk(KERN_WARNING "%s: CFI contains unrecognised boot " 612 "bank location (%d). Assuming bottom.\n", 613 map->name, bootloc); 614 bootloc = 2; 615 } 616 617 if (bootloc == 3 && cfi->cfiq->NumEraseRegions > 1) { 618 printk(KERN_WARNING "%s: Swapping erase regions for top-boot CFI table.\n", map->name); 619 620 for (i=0; i<cfi->cfiq->NumEraseRegions / 2; i++) { 621 int j = (cfi->cfiq->NumEraseRegions-1)-i; 622 623 swap(cfi->cfiq->EraseRegionInfo[i], 624 cfi->cfiq->EraseRegionInfo[j]); 625 } 626 } 627 /* Set the default CFI lock/unlock addresses */ 628 cfi->addr_unlock1 = 0x555; 629 cfi->addr_unlock2 = 0x2aa; 630 } 631 cfi_fixup(mtd, cfi_nopri_fixup_table); 632 633 if (!cfi->addr_unlock1 || !cfi->addr_unlock2) { 634 kfree(mtd); 635 return NULL; 636 } 637 638 } /* CFI mode */ 639 else if (cfi->cfi_mode == CFI_MODE_JEDEC) { 640 /* Apply jedec specific fixups */ 641 cfi_fixup(mtd, jedec_fixup_table); 642 } 643 /* Apply generic fixups */ 644 cfi_fixup(mtd, fixup_table); 645 646 for (i=0; i< cfi->numchips; i++) { 647 cfi->chips[i].word_write_time = 1<<cfi->cfiq->WordWriteTimeoutTyp; 648 cfi->chips[i].buffer_write_time = 1<<cfi->cfiq->BufWriteTimeoutTyp; 649 cfi->chips[i].erase_time = 1<<cfi->cfiq->BlockEraseTimeoutTyp; 650 /* 651 * First calculate the timeout max according to timeout field 652 * of struct cfi_ident that probed from chip's CFI aera, if 653 * available. Specify a minimum of 2000us, in case the CFI data 654 * is wrong. 655 */ 656 if (cfi->cfiq->BufWriteTimeoutTyp && 657 cfi->cfiq->BufWriteTimeoutMax) 658 cfi->chips[i].buffer_write_time_max = 659 1 << (cfi->cfiq->BufWriteTimeoutTyp + 660 cfi->cfiq->BufWriteTimeoutMax); 661 else 662 cfi->chips[i].buffer_write_time_max = 0; 663 664 cfi->chips[i].buffer_write_time_max = 665 max(cfi->chips[i].buffer_write_time_max, 2000); 666 667 cfi->chips[i].ref_point_counter = 0; 668 init_waitqueue_head(&(cfi->chips[i].wq)); 669 } 670 671 map->fldrv = &cfi_amdstd_chipdrv; 672 673 return cfi_amdstd_setup(mtd); 674 } 675 struct mtd_info *cfi_cmdset_0006(struct map_info *map, int primary) __attribute__((alias("cfi_cmdset_0002"))); 676 struct mtd_info *cfi_cmdset_0701(struct map_info *map, int primary) __attribute__((alias("cfi_cmdset_0002"))); 677 EXPORT_SYMBOL_GPL(cfi_cmdset_0002); 678 EXPORT_SYMBOL_GPL(cfi_cmdset_0006); 679 EXPORT_SYMBOL_GPL(cfi_cmdset_0701); 680 681 static struct mtd_info *cfi_amdstd_setup(struct mtd_info *mtd) 682 { 683 struct map_info *map = mtd->priv; 684 struct cfi_private *cfi = map->fldrv_priv; 685 unsigned long devsize = (1<<cfi->cfiq->DevSize) * cfi->interleave; 686 unsigned long offset = 0; 687 int i,j; 688 689 printk(KERN_NOTICE "number of %s chips: %d\n", 690 (cfi->cfi_mode == CFI_MODE_CFI)?"CFI":"JEDEC",cfi->numchips); 691 /* Select the correct geometry setup */ 692 mtd->size = devsize * cfi->numchips; 693 694 mtd->numeraseregions = cfi->cfiq->NumEraseRegions * cfi->numchips; 695 mtd->eraseregions = kmalloc_array(mtd->numeraseregions, 696 sizeof(struct mtd_erase_region_info), 697 GFP_KERNEL); 698 if (!mtd->eraseregions) 699 goto setup_err; 700 701 for (i=0; i<cfi->cfiq->NumEraseRegions; i++) { 702 unsigned long ernum, ersize; 703 ersize = ((cfi->cfiq->EraseRegionInfo[i] >> 8) & ~0xff) * cfi->interleave; 704 ernum = (cfi->cfiq->EraseRegionInfo[i] & 0xffff) + 1; 705 706 if (mtd->erasesize < ersize) { 707 mtd->erasesize = ersize; 708 } 709 for (j=0; j<cfi->numchips; j++) { 710 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].offset = (j*devsize)+offset; 711 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].erasesize = ersize; 712 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].numblocks = ernum; 713 } 714 offset += (ersize * ernum); 715 } 716 if (offset != devsize) { 717 /* Argh */ 718 printk(KERN_WARNING "Sum of regions (%lx) != total size of set of interleaved chips (%lx)\n", offset, devsize); 719 goto setup_err; 720 } 721 722 __module_get(THIS_MODULE); 723 register_reboot_notifier(&mtd->reboot_notifier); 724 return mtd; 725 726 setup_err: 727 kfree(mtd->eraseregions); 728 kfree(mtd); 729 kfree(cfi->cmdset_priv); 730 kfree(cfi->cfiq); 731 return NULL; 732 } 733 734 /* 735 * Return true if the chip is ready. 736 * 737 * Ready is one of: read mode, query mode, erase-suspend-read mode (in any 738 * non-suspended sector) and is indicated by no toggle bits toggling. 739 * 740 * Note that anything more complicated than checking if no bits are toggling 741 * (including checking DQ5 for an error status) is tricky to get working 742 * correctly and is therefore not done (particularly with interleaved chips 743 * as each chip must be checked independently of the others). 744 */ 745 static int __xipram chip_ready(struct map_info *map, unsigned long addr) 746 { 747 map_word d, t; 748 749 d = map_read(map, addr); 750 t = map_read(map, addr); 751 752 return map_word_equal(map, d, t); 753 } 754 755 /* 756 * Return true if the chip is ready and has the correct value. 757 * 758 * Ready is one of: read mode, query mode, erase-suspend-read mode (in any 759 * non-suspended sector) and it is indicated by no bits toggling. 760 * 761 * Error are indicated by toggling bits or bits held with the wrong value, 762 * or with bits toggling. 763 * 764 * Note that anything more complicated than checking if no bits are toggling 765 * (including checking DQ5 for an error status) is tricky to get working 766 * correctly and is therefore not done (particularly with interleaved chips 767 * as each chip must be checked independently of the others). 768 * 769 */ 770 static int __xipram chip_good(struct map_info *map, unsigned long addr, map_word expected) 771 { 772 map_word oldd, curd; 773 774 oldd = map_read(map, addr); 775 curd = map_read(map, addr); 776 777 return map_word_equal(map, oldd, curd) && 778 map_word_equal(map, curd, expected); 779 } 780 781 static int get_chip(struct map_info *map, struct flchip *chip, unsigned long adr, int mode) 782 { 783 DECLARE_WAITQUEUE(wait, current); 784 struct cfi_private *cfi = map->fldrv_priv; 785 unsigned long timeo; 786 struct cfi_pri_amdstd *cfip = (struct cfi_pri_amdstd *)cfi->cmdset_priv; 787 788 resettime: 789 timeo = jiffies + HZ; 790 retry: 791 switch (chip->state) { 792 793 case FL_STATUS: 794 for (;;) { 795 if (chip_ready(map, adr)) 796 break; 797 798 if (time_after(jiffies, timeo)) { 799 printk(KERN_ERR "Waiting for chip to be ready timed out.\n"); 800 return -EIO; 801 } 802 mutex_unlock(&chip->mutex); 803 cfi_udelay(1); 804 mutex_lock(&chip->mutex); 805 /* Someone else might have been playing with it. */ 806 goto retry; 807 } 808 809 case FL_READY: 810 case FL_CFI_QUERY: 811 case FL_JEDEC_QUERY: 812 return 0; 813 814 case FL_ERASING: 815 if (!cfip || !(cfip->EraseSuspend & (0x1|0x2)) || 816 !(mode == FL_READY || mode == FL_POINT || 817 (mode == FL_WRITING && (cfip->EraseSuspend & 0x2)))) 818 goto sleep; 819 820 /* Do not allow suspend iff read/write to EB address */ 821 if ((adr & chip->in_progress_block_mask) == 822 chip->in_progress_block_addr) 823 goto sleep; 824 825 /* Erase suspend */ 826 /* It's harmless to issue the Erase-Suspend and Erase-Resume 827 * commands when the erase algorithm isn't in progress. */ 828 map_write(map, CMD(0xB0), chip->in_progress_block_addr); 829 chip->oldstate = FL_ERASING; 830 chip->state = FL_ERASE_SUSPENDING; 831 chip->erase_suspended = 1; 832 for (;;) { 833 if (chip_ready(map, adr)) 834 break; 835 836 if (time_after(jiffies, timeo)) { 837 /* Should have suspended the erase by now. 838 * Send an Erase-Resume command as either 839 * there was an error (so leave the erase 840 * routine to recover from it) or we trying to 841 * use the erase-in-progress sector. */ 842 put_chip(map, chip, adr); 843 printk(KERN_ERR "MTD %s(): chip not ready after erase suspend\n", __func__); 844 return -EIO; 845 } 846 847 mutex_unlock(&chip->mutex); 848 cfi_udelay(1); 849 mutex_lock(&chip->mutex); 850 /* Nobody will touch it while it's in state FL_ERASE_SUSPENDING. 851 So we can just loop here. */ 852 } 853 chip->state = FL_READY; 854 return 0; 855 856 case FL_XIP_WHILE_ERASING: 857 if (mode != FL_READY && mode != FL_POINT && 858 (!cfip || !(cfip->EraseSuspend&2))) 859 goto sleep; 860 chip->oldstate = chip->state; 861 chip->state = FL_READY; 862 return 0; 863 864 case FL_SHUTDOWN: 865 /* The machine is rebooting */ 866 return -EIO; 867 868 case FL_POINT: 869 /* Only if there's no operation suspended... */ 870 if (mode == FL_READY && chip->oldstate == FL_READY) 871 return 0; 872 /* fall through */ 873 874 default: 875 sleep: 876 set_current_state(TASK_UNINTERRUPTIBLE); 877 add_wait_queue(&chip->wq, &wait); 878 mutex_unlock(&chip->mutex); 879 schedule(); 880 remove_wait_queue(&chip->wq, &wait); 881 mutex_lock(&chip->mutex); 882 goto resettime; 883 } 884 } 885 886 887 static void put_chip(struct map_info *map, struct flchip *chip, unsigned long adr) 888 { 889 struct cfi_private *cfi = map->fldrv_priv; 890 891 switch(chip->oldstate) { 892 case FL_ERASING: 893 cfi_fixup_m29ew_erase_suspend(map, 894 chip->in_progress_block_addr); 895 map_write(map, cfi->sector_erase_cmd, chip->in_progress_block_addr); 896 cfi_fixup_m29ew_delay_after_resume(cfi); 897 chip->oldstate = FL_READY; 898 chip->state = FL_ERASING; 899 break; 900 901 case FL_XIP_WHILE_ERASING: 902 chip->state = chip->oldstate; 903 chip->oldstate = FL_READY; 904 break; 905 906 case FL_READY: 907 case FL_STATUS: 908 break; 909 default: 910 printk(KERN_ERR "MTD: put_chip() called with oldstate %d!!\n", chip->oldstate); 911 } 912 wake_up(&chip->wq); 913 } 914 915 #ifdef CONFIG_MTD_XIP 916 917 /* 918 * No interrupt what so ever can be serviced while the flash isn't in array 919 * mode. This is ensured by the xip_disable() and xip_enable() functions 920 * enclosing any code path where the flash is known not to be in array mode. 921 * And within a XIP disabled code path, only functions marked with __xipram 922 * may be called and nothing else (it's a good thing to inspect generated 923 * assembly to make sure inline functions were actually inlined and that gcc 924 * didn't emit calls to its own support functions). Also configuring MTD CFI 925 * support to a single buswidth and a single interleave is also recommended. 926 */ 927 928 static void xip_disable(struct map_info *map, struct flchip *chip, 929 unsigned long adr) 930 { 931 /* TODO: chips with no XIP use should ignore and return */ 932 (void) map_read(map, adr); /* ensure mmu mapping is up to date */ 933 local_irq_disable(); 934 } 935 936 static void __xipram xip_enable(struct map_info *map, struct flchip *chip, 937 unsigned long adr) 938 { 939 struct cfi_private *cfi = map->fldrv_priv; 940 941 if (chip->state != FL_POINT && chip->state != FL_READY) { 942 map_write(map, CMD(0xf0), adr); 943 chip->state = FL_READY; 944 } 945 (void) map_read(map, adr); 946 xip_iprefetch(); 947 local_irq_enable(); 948 } 949 950 /* 951 * When a delay is required for the flash operation to complete, the 952 * xip_udelay() function is polling for both the given timeout and pending 953 * (but still masked) hardware interrupts. Whenever there is an interrupt 954 * pending then the flash erase operation is suspended, array mode restored 955 * and interrupts unmasked. Task scheduling might also happen at that 956 * point. The CPU eventually returns from the interrupt or the call to 957 * schedule() and the suspended flash operation is resumed for the remaining 958 * of the delay period. 959 * 960 * Warning: this function _will_ fool interrupt latency tracing tools. 961 */ 962 963 static void __xipram xip_udelay(struct map_info *map, struct flchip *chip, 964 unsigned long adr, int usec) 965 { 966 struct cfi_private *cfi = map->fldrv_priv; 967 struct cfi_pri_amdstd *extp = cfi->cmdset_priv; 968 map_word status, OK = CMD(0x80); 969 unsigned long suspended, start = xip_currtime(); 970 flstate_t oldstate; 971 972 do { 973 cpu_relax(); 974 if (xip_irqpending() && extp && 975 ((chip->state == FL_ERASING && (extp->EraseSuspend & 2))) && 976 (cfi_interleave_is_1(cfi) || chip->oldstate == FL_READY)) { 977 /* 978 * Let's suspend the erase operation when supported. 979 * Note that we currently don't try to suspend 980 * interleaved chips if there is already another 981 * operation suspended (imagine what happens 982 * when one chip was already done with the current 983 * operation while another chip suspended it, then 984 * we resume the whole thing at once). Yes, it 985 * can happen! 986 */ 987 map_write(map, CMD(0xb0), adr); 988 usec -= xip_elapsed_since(start); 989 suspended = xip_currtime(); 990 do { 991 if (xip_elapsed_since(suspended) > 100000) { 992 /* 993 * The chip doesn't want to suspend 994 * after waiting for 100 msecs. 995 * This is a critical error but there 996 * is not much we can do here. 997 */ 998 return; 999 } 1000 status = map_read(map, adr); 1001 } while (!map_word_andequal(map, status, OK, OK)); 1002 1003 /* Suspend succeeded */ 1004 oldstate = chip->state; 1005 if (!map_word_bitsset(map, status, CMD(0x40))) 1006 break; 1007 chip->state = FL_XIP_WHILE_ERASING; 1008 chip->erase_suspended = 1; 1009 map_write(map, CMD(0xf0), adr); 1010 (void) map_read(map, adr); 1011 xip_iprefetch(); 1012 local_irq_enable(); 1013 mutex_unlock(&chip->mutex); 1014 xip_iprefetch(); 1015 cond_resched(); 1016 1017 /* 1018 * We're back. However someone else might have 1019 * decided to go write to the chip if we are in 1020 * a suspended erase state. If so let's wait 1021 * until it's done. 1022 */ 1023 mutex_lock(&chip->mutex); 1024 while (chip->state != FL_XIP_WHILE_ERASING) { 1025 DECLARE_WAITQUEUE(wait, current); 1026 set_current_state(TASK_UNINTERRUPTIBLE); 1027 add_wait_queue(&chip->wq, &wait); 1028 mutex_unlock(&chip->mutex); 1029 schedule(); 1030 remove_wait_queue(&chip->wq, &wait); 1031 mutex_lock(&chip->mutex); 1032 } 1033 /* Disallow XIP again */ 1034 local_irq_disable(); 1035 1036 /* Correct Erase Suspend Hangups for M29EW */ 1037 cfi_fixup_m29ew_erase_suspend(map, adr); 1038 /* Resume the write or erase operation */ 1039 map_write(map, cfi->sector_erase_cmd, adr); 1040 chip->state = oldstate; 1041 start = xip_currtime(); 1042 } else if (usec >= 1000000/HZ) { 1043 /* 1044 * Try to save on CPU power when waiting delay 1045 * is at least a system timer tick period. 1046 * No need to be extremely accurate here. 1047 */ 1048 xip_cpu_idle(); 1049 } 1050 status = map_read(map, adr); 1051 } while (!map_word_andequal(map, status, OK, OK) 1052 && xip_elapsed_since(start) < usec); 1053 } 1054 1055 #define UDELAY(map, chip, adr, usec) xip_udelay(map, chip, adr, usec) 1056 1057 /* 1058 * The INVALIDATE_CACHED_RANGE() macro is normally used in parallel while 1059 * the flash is actively programming or erasing since we have to poll for 1060 * the operation to complete anyway. We can't do that in a generic way with 1061 * a XIP setup so do it before the actual flash operation in this case 1062 * and stub it out from INVALIDATE_CACHE_UDELAY. 1063 */ 1064 #define XIP_INVAL_CACHED_RANGE(map, from, size) \ 1065 INVALIDATE_CACHED_RANGE(map, from, size) 1066 1067 #define INVALIDATE_CACHE_UDELAY(map, chip, adr, len, usec) \ 1068 UDELAY(map, chip, adr, usec) 1069 1070 /* 1071 * Extra notes: 1072 * 1073 * Activating this XIP support changes the way the code works a bit. For 1074 * example the code to suspend the current process when concurrent access 1075 * happens is never executed because xip_udelay() will always return with the 1076 * same chip state as it was entered with. This is why there is no care for 1077 * the presence of add_wait_queue() or schedule() calls from within a couple 1078 * xip_disable()'d areas of code, like in do_erase_oneblock for example. 1079 * The queueing and scheduling are always happening within xip_udelay(). 1080 * 1081 * Similarly, get_chip() and put_chip() just happen to always be executed 1082 * with chip->state set to FL_READY (or FL_XIP_WHILE_*) where flash state 1083 * is in array mode, therefore never executing many cases therein and not 1084 * causing any problem with XIP. 1085 */ 1086 1087 #else 1088 1089 #define xip_disable(map, chip, adr) 1090 #define xip_enable(map, chip, adr) 1091 #define XIP_INVAL_CACHED_RANGE(x...) 1092 1093 #define UDELAY(map, chip, adr, usec) \ 1094 do { \ 1095 mutex_unlock(&chip->mutex); \ 1096 cfi_udelay(usec); \ 1097 mutex_lock(&chip->mutex); \ 1098 } while (0) 1099 1100 #define INVALIDATE_CACHE_UDELAY(map, chip, adr, len, usec) \ 1101 do { \ 1102 mutex_unlock(&chip->mutex); \ 1103 INVALIDATE_CACHED_RANGE(map, adr, len); \ 1104 cfi_udelay(usec); \ 1105 mutex_lock(&chip->mutex); \ 1106 } while (0) 1107 1108 #endif 1109 1110 static inline int do_read_onechip(struct map_info *map, struct flchip *chip, loff_t adr, size_t len, u_char *buf) 1111 { 1112 unsigned long cmd_addr; 1113 struct cfi_private *cfi = map->fldrv_priv; 1114 int ret; 1115 1116 adr += chip->start; 1117 1118 /* Ensure cmd read/writes are aligned. */ 1119 cmd_addr = adr & ~(map_bankwidth(map)-1); 1120 1121 mutex_lock(&chip->mutex); 1122 ret = get_chip(map, chip, cmd_addr, FL_READY); 1123 if (ret) { 1124 mutex_unlock(&chip->mutex); 1125 return ret; 1126 } 1127 1128 if (chip->state != FL_POINT && chip->state != FL_READY) { 1129 map_write(map, CMD(0xf0), cmd_addr); 1130 chip->state = FL_READY; 1131 } 1132 1133 map_copy_from(map, buf, adr, len); 1134 1135 put_chip(map, chip, cmd_addr); 1136 1137 mutex_unlock(&chip->mutex); 1138 return 0; 1139 } 1140 1141 1142 static int cfi_amdstd_read (struct mtd_info *mtd, loff_t from, size_t len, size_t *retlen, u_char *buf) 1143 { 1144 struct map_info *map = mtd->priv; 1145 struct cfi_private *cfi = map->fldrv_priv; 1146 unsigned long ofs; 1147 int chipnum; 1148 int ret = 0; 1149 1150 /* ofs: offset within the first chip that the first read should start */ 1151 chipnum = (from >> cfi->chipshift); 1152 ofs = from - (chipnum << cfi->chipshift); 1153 1154 while (len) { 1155 unsigned long thislen; 1156 1157 if (chipnum >= cfi->numchips) 1158 break; 1159 1160 if ((len + ofs -1) >> cfi->chipshift) 1161 thislen = (1<<cfi->chipshift) - ofs; 1162 else 1163 thislen = len; 1164 1165 ret = do_read_onechip(map, &cfi->chips[chipnum], ofs, thislen, buf); 1166 if (ret) 1167 break; 1168 1169 *retlen += thislen; 1170 len -= thislen; 1171 buf += thislen; 1172 1173 ofs = 0; 1174 chipnum++; 1175 } 1176 return ret; 1177 } 1178 1179 typedef int (*otp_op_t)(struct map_info *map, struct flchip *chip, 1180 loff_t adr, size_t len, u_char *buf, size_t grouplen); 1181 1182 static inline void otp_enter(struct map_info *map, struct flchip *chip, 1183 loff_t adr, size_t len) 1184 { 1185 struct cfi_private *cfi = map->fldrv_priv; 1186 1187 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, 1188 cfi->device_type, NULL); 1189 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, 1190 cfi->device_type, NULL); 1191 cfi_send_gen_cmd(0x88, cfi->addr_unlock1, chip->start, map, cfi, 1192 cfi->device_type, NULL); 1193 1194 INVALIDATE_CACHED_RANGE(map, chip->start + adr, len); 1195 } 1196 1197 static inline void otp_exit(struct map_info *map, struct flchip *chip, 1198 loff_t adr, size_t len) 1199 { 1200 struct cfi_private *cfi = map->fldrv_priv; 1201 1202 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, 1203 cfi->device_type, NULL); 1204 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, 1205 cfi->device_type, NULL); 1206 cfi_send_gen_cmd(0x90, cfi->addr_unlock1, chip->start, map, cfi, 1207 cfi->device_type, NULL); 1208 cfi_send_gen_cmd(0x00, cfi->addr_unlock1, chip->start, map, cfi, 1209 cfi->device_type, NULL); 1210 1211 INVALIDATE_CACHED_RANGE(map, chip->start + adr, len); 1212 } 1213 1214 static inline int do_read_secsi_onechip(struct map_info *map, 1215 struct flchip *chip, loff_t adr, 1216 size_t len, u_char *buf, 1217 size_t grouplen) 1218 { 1219 DECLARE_WAITQUEUE(wait, current); 1220 1221 retry: 1222 mutex_lock(&chip->mutex); 1223 1224 if (chip->state != FL_READY){ 1225 set_current_state(TASK_UNINTERRUPTIBLE); 1226 add_wait_queue(&chip->wq, &wait); 1227 1228 mutex_unlock(&chip->mutex); 1229 1230 schedule(); 1231 remove_wait_queue(&chip->wq, &wait); 1232 1233 goto retry; 1234 } 1235 1236 adr += chip->start; 1237 1238 chip->state = FL_READY; 1239 1240 otp_enter(map, chip, adr, len); 1241 map_copy_from(map, buf, adr, len); 1242 otp_exit(map, chip, adr, len); 1243 1244 wake_up(&chip->wq); 1245 mutex_unlock(&chip->mutex); 1246 1247 return 0; 1248 } 1249 1250 static int cfi_amdstd_secsi_read (struct mtd_info *mtd, loff_t from, size_t len, size_t *retlen, u_char *buf) 1251 { 1252 struct map_info *map = mtd->priv; 1253 struct cfi_private *cfi = map->fldrv_priv; 1254 unsigned long ofs; 1255 int chipnum; 1256 int ret = 0; 1257 1258 /* ofs: offset within the first chip that the first read should start */ 1259 /* 8 secsi bytes per chip */ 1260 chipnum=from>>3; 1261 ofs=from & 7; 1262 1263 while (len) { 1264 unsigned long thislen; 1265 1266 if (chipnum >= cfi->numchips) 1267 break; 1268 1269 if ((len + ofs -1) >> 3) 1270 thislen = (1<<3) - ofs; 1271 else 1272 thislen = len; 1273 1274 ret = do_read_secsi_onechip(map, &cfi->chips[chipnum], ofs, 1275 thislen, buf, 0); 1276 if (ret) 1277 break; 1278 1279 *retlen += thislen; 1280 len -= thislen; 1281 buf += thislen; 1282 1283 ofs = 0; 1284 chipnum++; 1285 } 1286 return ret; 1287 } 1288 1289 static int __xipram do_write_oneword(struct map_info *map, struct flchip *chip, 1290 unsigned long adr, map_word datum, 1291 int mode); 1292 1293 static int do_otp_write(struct map_info *map, struct flchip *chip, loff_t adr, 1294 size_t len, u_char *buf, size_t grouplen) 1295 { 1296 int ret; 1297 while (len) { 1298 unsigned long bus_ofs = adr & ~(map_bankwidth(map)-1); 1299 int gap = adr - bus_ofs; 1300 int n = min_t(int, len, map_bankwidth(map) - gap); 1301 map_word datum = map_word_ff(map); 1302 1303 if (n != map_bankwidth(map)) { 1304 /* partial write of a word, load old contents */ 1305 otp_enter(map, chip, bus_ofs, map_bankwidth(map)); 1306 datum = map_read(map, bus_ofs); 1307 otp_exit(map, chip, bus_ofs, map_bankwidth(map)); 1308 } 1309 1310 datum = map_word_load_partial(map, datum, buf, gap, n); 1311 ret = do_write_oneword(map, chip, bus_ofs, datum, FL_OTP_WRITE); 1312 if (ret) 1313 return ret; 1314 1315 adr += n; 1316 buf += n; 1317 len -= n; 1318 } 1319 1320 return 0; 1321 } 1322 1323 static int do_otp_lock(struct map_info *map, struct flchip *chip, loff_t adr, 1324 size_t len, u_char *buf, size_t grouplen) 1325 { 1326 struct cfi_private *cfi = map->fldrv_priv; 1327 uint8_t lockreg; 1328 unsigned long timeo; 1329 int ret; 1330 1331 /* make sure area matches group boundaries */ 1332 if ((adr != 0) || (len != grouplen)) 1333 return -EINVAL; 1334 1335 mutex_lock(&chip->mutex); 1336 ret = get_chip(map, chip, chip->start, FL_LOCKING); 1337 if (ret) { 1338 mutex_unlock(&chip->mutex); 1339 return ret; 1340 } 1341 chip->state = FL_LOCKING; 1342 1343 /* Enter lock register command */ 1344 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, 1345 cfi->device_type, NULL); 1346 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, 1347 cfi->device_type, NULL); 1348 cfi_send_gen_cmd(0x40, cfi->addr_unlock1, chip->start, map, cfi, 1349 cfi->device_type, NULL); 1350 1351 /* read lock register */ 1352 lockreg = cfi_read_query(map, 0); 1353 1354 /* set bit 0 to protect extended memory block */ 1355 lockreg &= ~0x01; 1356 1357 /* set bit 0 to protect extended memory block */ 1358 /* write lock register */ 1359 map_write(map, CMD(0xA0), chip->start); 1360 map_write(map, CMD(lockreg), chip->start); 1361 1362 /* wait for chip to become ready */ 1363 timeo = jiffies + msecs_to_jiffies(2); 1364 for (;;) { 1365 if (chip_ready(map, adr)) 1366 break; 1367 1368 if (time_after(jiffies, timeo)) { 1369 pr_err("Waiting for chip to be ready timed out.\n"); 1370 ret = -EIO; 1371 break; 1372 } 1373 UDELAY(map, chip, 0, 1); 1374 } 1375 1376 /* exit protection commands */ 1377 map_write(map, CMD(0x90), chip->start); 1378 map_write(map, CMD(0x00), chip->start); 1379 1380 chip->state = FL_READY; 1381 put_chip(map, chip, chip->start); 1382 mutex_unlock(&chip->mutex); 1383 1384 return ret; 1385 } 1386 1387 static int cfi_amdstd_otp_walk(struct mtd_info *mtd, loff_t from, size_t len, 1388 size_t *retlen, u_char *buf, 1389 otp_op_t action, int user_regs) 1390 { 1391 struct map_info *map = mtd->priv; 1392 struct cfi_private *cfi = map->fldrv_priv; 1393 int ofs_factor = cfi->interleave * cfi->device_type; 1394 unsigned long base; 1395 int chipnum; 1396 struct flchip *chip; 1397 uint8_t otp, lockreg; 1398 int ret; 1399 1400 size_t user_size, factory_size, otpsize; 1401 loff_t user_offset, factory_offset, otpoffset; 1402 int user_locked = 0, otplocked; 1403 1404 *retlen = 0; 1405 1406 for (chipnum = 0; chipnum < cfi->numchips; chipnum++) { 1407 chip = &cfi->chips[chipnum]; 1408 factory_size = 0; 1409 user_size = 0; 1410 1411 /* Micron M29EW family */ 1412 if (is_m29ew(cfi)) { 1413 base = chip->start; 1414 1415 /* check whether secsi area is factory locked 1416 or user lockable */ 1417 mutex_lock(&chip->mutex); 1418 ret = get_chip(map, chip, base, FL_CFI_QUERY); 1419 if (ret) { 1420 mutex_unlock(&chip->mutex); 1421 return ret; 1422 } 1423 cfi_qry_mode_on(base, map, cfi); 1424 otp = cfi_read_query(map, base + 0x3 * ofs_factor); 1425 cfi_qry_mode_off(base, map, cfi); 1426 put_chip(map, chip, base); 1427 mutex_unlock(&chip->mutex); 1428 1429 if (otp & 0x80) { 1430 /* factory locked */ 1431 factory_offset = 0; 1432 factory_size = 0x100; 1433 } else { 1434 /* customer lockable */ 1435 user_offset = 0; 1436 user_size = 0x100; 1437 1438 mutex_lock(&chip->mutex); 1439 ret = get_chip(map, chip, base, FL_LOCKING); 1440 if (ret) { 1441 mutex_unlock(&chip->mutex); 1442 return ret; 1443 } 1444 1445 /* Enter lock register command */ 1446 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, 1447 chip->start, map, cfi, 1448 cfi->device_type, NULL); 1449 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, 1450 chip->start, map, cfi, 1451 cfi->device_type, NULL); 1452 cfi_send_gen_cmd(0x40, cfi->addr_unlock1, 1453 chip->start, map, cfi, 1454 cfi->device_type, NULL); 1455 /* read lock register */ 1456 lockreg = cfi_read_query(map, 0); 1457 /* exit protection commands */ 1458 map_write(map, CMD(0x90), chip->start); 1459 map_write(map, CMD(0x00), chip->start); 1460 put_chip(map, chip, chip->start); 1461 mutex_unlock(&chip->mutex); 1462 1463 user_locked = ((lockreg & 0x01) == 0x00); 1464 } 1465 } 1466 1467 otpsize = user_regs ? user_size : factory_size; 1468 if (!otpsize) 1469 continue; 1470 otpoffset = user_regs ? user_offset : factory_offset; 1471 otplocked = user_regs ? user_locked : 1; 1472 1473 if (!action) { 1474 /* return otpinfo */ 1475 struct otp_info *otpinfo; 1476 len -= sizeof(*otpinfo); 1477 if (len <= 0) 1478 return -ENOSPC; 1479 otpinfo = (struct otp_info *)buf; 1480 otpinfo->start = from; 1481 otpinfo->length = otpsize; 1482 otpinfo->locked = otplocked; 1483 buf += sizeof(*otpinfo); 1484 *retlen += sizeof(*otpinfo); 1485 from += otpsize; 1486 } else if ((from < otpsize) && (len > 0)) { 1487 size_t size; 1488 size = (len < otpsize - from) ? len : otpsize - from; 1489 ret = action(map, chip, otpoffset + from, size, buf, 1490 otpsize); 1491 if (ret < 0) 1492 return ret; 1493 1494 buf += size; 1495 len -= size; 1496 *retlen += size; 1497 from = 0; 1498 } else { 1499 from -= otpsize; 1500 } 1501 } 1502 return 0; 1503 } 1504 1505 static int cfi_amdstd_get_fact_prot_info(struct mtd_info *mtd, size_t len, 1506 size_t *retlen, struct otp_info *buf) 1507 { 1508 return cfi_amdstd_otp_walk(mtd, 0, len, retlen, (u_char *)buf, 1509 NULL, 0); 1510 } 1511 1512 static int cfi_amdstd_get_user_prot_info(struct mtd_info *mtd, size_t len, 1513 size_t *retlen, struct otp_info *buf) 1514 { 1515 return cfi_amdstd_otp_walk(mtd, 0, len, retlen, (u_char *)buf, 1516 NULL, 1); 1517 } 1518 1519 static int cfi_amdstd_read_fact_prot_reg(struct mtd_info *mtd, loff_t from, 1520 size_t len, size_t *retlen, 1521 u_char *buf) 1522 { 1523 return cfi_amdstd_otp_walk(mtd, from, len, retlen, 1524 buf, do_read_secsi_onechip, 0); 1525 } 1526 1527 static int cfi_amdstd_read_user_prot_reg(struct mtd_info *mtd, loff_t from, 1528 size_t len, size_t *retlen, 1529 u_char *buf) 1530 { 1531 return cfi_amdstd_otp_walk(mtd, from, len, retlen, 1532 buf, do_read_secsi_onechip, 1); 1533 } 1534 1535 static int cfi_amdstd_write_user_prot_reg(struct mtd_info *mtd, loff_t from, 1536 size_t len, size_t *retlen, 1537 u_char *buf) 1538 { 1539 return cfi_amdstd_otp_walk(mtd, from, len, retlen, buf, 1540 do_otp_write, 1); 1541 } 1542 1543 static int cfi_amdstd_lock_user_prot_reg(struct mtd_info *mtd, loff_t from, 1544 size_t len) 1545 { 1546 size_t retlen; 1547 return cfi_amdstd_otp_walk(mtd, from, len, &retlen, NULL, 1548 do_otp_lock, 1); 1549 } 1550 1551 static int __xipram do_write_oneword(struct map_info *map, struct flchip *chip, 1552 unsigned long adr, map_word datum, 1553 int mode) 1554 { 1555 struct cfi_private *cfi = map->fldrv_priv; 1556 unsigned long timeo = jiffies + HZ; 1557 /* 1558 * We use a 1ms + 1 jiffies generic timeout for writes (most devices 1559 * have a max write time of a few hundreds usec). However, we should 1560 * use the maximum timeout value given by the chip at probe time 1561 * instead. Unfortunately, struct flchip does have a field for 1562 * maximum timeout, only for typical which can be far too short 1563 * depending of the conditions. The ' + 1' is to avoid having a 1564 * timeout of 0 jiffies if HZ is smaller than 1000. 1565 */ 1566 unsigned long uWriteTimeout = (HZ / 1000) + 1; 1567 int ret = 0; 1568 map_word oldd; 1569 int retry_cnt = 0; 1570 1571 adr += chip->start; 1572 1573 mutex_lock(&chip->mutex); 1574 ret = get_chip(map, chip, adr, mode); 1575 if (ret) { 1576 mutex_unlock(&chip->mutex); 1577 return ret; 1578 } 1579 1580 pr_debug("MTD %s(): WRITE 0x%.8lx(0x%.8lx)\n", 1581 __func__, adr, datum.x[0]); 1582 1583 if (mode == FL_OTP_WRITE) 1584 otp_enter(map, chip, adr, map_bankwidth(map)); 1585 1586 /* 1587 * Check for a NOP for the case when the datum to write is already 1588 * present - it saves time and works around buggy chips that corrupt 1589 * data at other locations when 0xff is written to a location that 1590 * already contains 0xff. 1591 */ 1592 oldd = map_read(map, adr); 1593 if (map_word_equal(map, oldd, datum)) { 1594 pr_debug("MTD %s(): NOP\n", 1595 __func__); 1596 goto op_done; 1597 } 1598 1599 XIP_INVAL_CACHED_RANGE(map, adr, map_bankwidth(map)); 1600 ENABLE_VPP(map); 1601 xip_disable(map, chip, adr); 1602 1603 retry: 1604 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 1605 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL); 1606 cfi_send_gen_cmd(0xA0, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 1607 map_write(map, datum, adr); 1608 chip->state = mode; 1609 1610 INVALIDATE_CACHE_UDELAY(map, chip, 1611 adr, map_bankwidth(map), 1612 chip->word_write_time); 1613 1614 /* See comment above for timeout value. */ 1615 timeo = jiffies + uWriteTimeout; 1616 for (;;) { 1617 if (chip->state != mode) { 1618 /* Someone's suspended the write. Sleep */ 1619 DECLARE_WAITQUEUE(wait, current); 1620 1621 set_current_state(TASK_UNINTERRUPTIBLE); 1622 add_wait_queue(&chip->wq, &wait); 1623 mutex_unlock(&chip->mutex); 1624 schedule(); 1625 remove_wait_queue(&chip->wq, &wait); 1626 timeo = jiffies + (HZ / 2); /* FIXME */ 1627 mutex_lock(&chip->mutex); 1628 continue; 1629 } 1630 1631 if (time_after(jiffies, timeo) && !chip_ready(map, adr)){ 1632 xip_enable(map, chip, adr); 1633 printk(KERN_WARNING "MTD %s(): software timeout\n", __func__); 1634 xip_disable(map, chip, adr); 1635 break; 1636 } 1637 1638 if (chip_ready(map, adr)) 1639 break; 1640 1641 /* Latency issues. Drop the lock, wait a while and retry */ 1642 UDELAY(map, chip, adr, 1); 1643 } 1644 /* Did we succeed? */ 1645 if (!chip_good(map, adr, datum)) { 1646 /* reset on all failures. */ 1647 map_write(map, CMD(0xF0), chip->start); 1648 /* FIXME - should have reset delay before continuing */ 1649 1650 if (++retry_cnt <= MAX_RETRIES) 1651 goto retry; 1652 1653 ret = -EIO; 1654 } 1655 xip_enable(map, chip, adr); 1656 op_done: 1657 if (mode == FL_OTP_WRITE) 1658 otp_exit(map, chip, adr, map_bankwidth(map)); 1659 chip->state = FL_READY; 1660 DISABLE_VPP(map); 1661 put_chip(map, chip, adr); 1662 mutex_unlock(&chip->mutex); 1663 1664 return ret; 1665 } 1666 1667 1668 static int cfi_amdstd_write_words(struct mtd_info *mtd, loff_t to, size_t len, 1669 size_t *retlen, const u_char *buf) 1670 { 1671 struct map_info *map = mtd->priv; 1672 struct cfi_private *cfi = map->fldrv_priv; 1673 int ret = 0; 1674 int chipnum; 1675 unsigned long ofs, chipstart; 1676 DECLARE_WAITQUEUE(wait, current); 1677 1678 chipnum = to >> cfi->chipshift; 1679 ofs = to - (chipnum << cfi->chipshift); 1680 chipstart = cfi->chips[chipnum].start; 1681 1682 /* If it's not bus-aligned, do the first byte write */ 1683 if (ofs & (map_bankwidth(map)-1)) { 1684 unsigned long bus_ofs = ofs & ~(map_bankwidth(map)-1); 1685 int i = ofs - bus_ofs; 1686 int n = 0; 1687 map_word tmp_buf; 1688 1689 retry: 1690 mutex_lock(&cfi->chips[chipnum].mutex); 1691 1692 if (cfi->chips[chipnum].state != FL_READY) { 1693 set_current_state(TASK_UNINTERRUPTIBLE); 1694 add_wait_queue(&cfi->chips[chipnum].wq, &wait); 1695 1696 mutex_unlock(&cfi->chips[chipnum].mutex); 1697 1698 schedule(); 1699 remove_wait_queue(&cfi->chips[chipnum].wq, &wait); 1700 goto retry; 1701 } 1702 1703 /* Load 'tmp_buf' with old contents of flash */ 1704 tmp_buf = map_read(map, bus_ofs+chipstart); 1705 1706 mutex_unlock(&cfi->chips[chipnum].mutex); 1707 1708 /* Number of bytes to copy from buffer */ 1709 n = min_t(int, len, map_bankwidth(map)-i); 1710 1711 tmp_buf = map_word_load_partial(map, tmp_buf, buf, i, n); 1712 1713 ret = do_write_oneword(map, &cfi->chips[chipnum], 1714 bus_ofs, tmp_buf, FL_WRITING); 1715 if (ret) 1716 return ret; 1717 1718 ofs += n; 1719 buf += n; 1720 (*retlen) += n; 1721 len -= n; 1722 1723 if (ofs >> cfi->chipshift) { 1724 chipnum ++; 1725 ofs = 0; 1726 if (chipnum == cfi->numchips) 1727 return 0; 1728 } 1729 } 1730 1731 /* We are now aligned, write as much as possible */ 1732 while(len >= map_bankwidth(map)) { 1733 map_word datum; 1734 1735 datum = map_word_load(map, buf); 1736 1737 ret = do_write_oneword(map, &cfi->chips[chipnum], 1738 ofs, datum, FL_WRITING); 1739 if (ret) 1740 return ret; 1741 1742 ofs += map_bankwidth(map); 1743 buf += map_bankwidth(map); 1744 (*retlen) += map_bankwidth(map); 1745 len -= map_bankwidth(map); 1746 1747 if (ofs >> cfi->chipshift) { 1748 chipnum ++; 1749 ofs = 0; 1750 if (chipnum == cfi->numchips) 1751 return 0; 1752 chipstart = cfi->chips[chipnum].start; 1753 } 1754 } 1755 1756 /* Write the trailing bytes if any */ 1757 if (len & (map_bankwidth(map)-1)) { 1758 map_word tmp_buf; 1759 1760 retry1: 1761 mutex_lock(&cfi->chips[chipnum].mutex); 1762 1763 if (cfi->chips[chipnum].state != FL_READY) { 1764 set_current_state(TASK_UNINTERRUPTIBLE); 1765 add_wait_queue(&cfi->chips[chipnum].wq, &wait); 1766 1767 mutex_unlock(&cfi->chips[chipnum].mutex); 1768 1769 schedule(); 1770 remove_wait_queue(&cfi->chips[chipnum].wq, &wait); 1771 goto retry1; 1772 } 1773 1774 tmp_buf = map_read(map, ofs + chipstart); 1775 1776 mutex_unlock(&cfi->chips[chipnum].mutex); 1777 1778 tmp_buf = map_word_load_partial(map, tmp_buf, buf, 0, len); 1779 1780 ret = do_write_oneword(map, &cfi->chips[chipnum], 1781 ofs, tmp_buf, FL_WRITING); 1782 if (ret) 1783 return ret; 1784 1785 (*retlen) += len; 1786 } 1787 1788 return 0; 1789 } 1790 1791 1792 /* 1793 * FIXME: interleaved mode not tested, and probably not supported! 1794 */ 1795 static int __xipram do_write_buffer(struct map_info *map, struct flchip *chip, 1796 unsigned long adr, const u_char *buf, 1797 int len) 1798 { 1799 struct cfi_private *cfi = map->fldrv_priv; 1800 unsigned long timeo = jiffies + HZ; 1801 /* 1802 * Timeout is calculated according to CFI data, if available. 1803 * See more comments in cfi_cmdset_0002(). 1804 */ 1805 unsigned long uWriteTimeout = 1806 usecs_to_jiffies(chip->buffer_write_time_max); 1807 int ret = -EIO; 1808 unsigned long cmd_adr; 1809 int z, words; 1810 map_word datum; 1811 1812 adr += chip->start; 1813 cmd_adr = adr; 1814 1815 mutex_lock(&chip->mutex); 1816 ret = get_chip(map, chip, adr, FL_WRITING); 1817 if (ret) { 1818 mutex_unlock(&chip->mutex); 1819 return ret; 1820 } 1821 1822 datum = map_word_load(map, buf); 1823 1824 pr_debug("MTD %s(): WRITE 0x%.8lx(0x%.8lx)\n", 1825 __func__, adr, datum.x[0]); 1826 1827 XIP_INVAL_CACHED_RANGE(map, adr, len); 1828 ENABLE_VPP(map); 1829 xip_disable(map, chip, cmd_adr); 1830 1831 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 1832 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL); 1833 1834 /* Write Buffer Load */ 1835 map_write(map, CMD(0x25), cmd_adr); 1836 1837 chip->state = FL_WRITING_TO_BUFFER; 1838 1839 /* Write length of data to come */ 1840 words = len / map_bankwidth(map); 1841 map_write(map, CMD(words - 1), cmd_adr); 1842 /* Write data */ 1843 z = 0; 1844 while(z < words * map_bankwidth(map)) { 1845 datum = map_word_load(map, buf); 1846 map_write(map, datum, adr + z); 1847 1848 z += map_bankwidth(map); 1849 buf += map_bankwidth(map); 1850 } 1851 z -= map_bankwidth(map); 1852 1853 adr += z; 1854 1855 /* Write Buffer Program Confirm: GO GO GO */ 1856 map_write(map, CMD(0x29), cmd_adr); 1857 chip->state = FL_WRITING; 1858 1859 INVALIDATE_CACHE_UDELAY(map, chip, 1860 adr, map_bankwidth(map), 1861 chip->word_write_time); 1862 1863 timeo = jiffies + uWriteTimeout; 1864 1865 for (;;) { 1866 if (chip->state != FL_WRITING) { 1867 /* Someone's suspended the write. Sleep */ 1868 DECLARE_WAITQUEUE(wait, current); 1869 1870 set_current_state(TASK_UNINTERRUPTIBLE); 1871 add_wait_queue(&chip->wq, &wait); 1872 mutex_unlock(&chip->mutex); 1873 schedule(); 1874 remove_wait_queue(&chip->wq, &wait); 1875 timeo = jiffies + (HZ / 2); /* FIXME */ 1876 mutex_lock(&chip->mutex); 1877 continue; 1878 } 1879 1880 /* 1881 * We check "time_after" and "!chip_good" before checking "chip_good" to avoid 1882 * the failure due to scheduling. 1883 */ 1884 if (time_after(jiffies, timeo) && !chip_good(map, adr, datum)) 1885 break; 1886 1887 if (chip_good(map, adr, datum)) { 1888 xip_enable(map, chip, adr); 1889 goto op_done; 1890 } 1891 1892 /* Latency issues. Drop the lock, wait a while and retry */ 1893 UDELAY(map, chip, adr, 1); 1894 } 1895 1896 /* 1897 * Recovery from write-buffer programming failures requires 1898 * the write-to-buffer-reset sequence. Since the last part 1899 * of the sequence also works as a normal reset, we can run 1900 * the same commands regardless of why we are here. 1901 * See e.g. 1902 * http://www.spansion.com/Support/Application%20Notes/MirrorBit_Write_Buffer_Prog_Page_Buffer_Read_AN.pdf 1903 */ 1904 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, 1905 cfi->device_type, NULL); 1906 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, 1907 cfi->device_type, NULL); 1908 cfi_send_gen_cmd(0xF0, cfi->addr_unlock1, chip->start, map, cfi, 1909 cfi->device_type, NULL); 1910 xip_enable(map, chip, adr); 1911 /* FIXME - should have reset delay before continuing */ 1912 1913 printk(KERN_WARNING "MTD %s(): software timeout, address:0x%.8lx.\n", 1914 __func__, adr); 1915 1916 ret = -EIO; 1917 op_done: 1918 chip->state = FL_READY; 1919 DISABLE_VPP(map); 1920 put_chip(map, chip, adr); 1921 mutex_unlock(&chip->mutex); 1922 1923 return ret; 1924 } 1925 1926 1927 static int cfi_amdstd_write_buffers(struct mtd_info *mtd, loff_t to, size_t len, 1928 size_t *retlen, const u_char *buf) 1929 { 1930 struct map_info *map = mtd->priv; 1931 struct cfi_private *cfi = map->fldrv_priv; 1932 int wbufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize; 1933 int ret = 0; 1934 int chipnum; 1935 unsigned long ofs; 1936 1937 chipnum = to >> cfi->chipshift; 1938 ofs = to - (chipnum << cfi->chipshift); 1939 1940 /* If it's not bus-aligned, do the first word write */ 1941 if (ofs & (map_bankwidth(map)-1)) { 1942 size_t local_len = (-ofs)&(map_bankwidth(map)-1); 1943 if (local_len > len) 1944 local_len = len; 1945 ret = cfi_amdstd_write_words(mtd, ofs + (chipnum<<cfi->chipshift), 1946 local_len, retlen, buf); 1947 if (ret) 1948 return ret; 1949 ofs += local_len; 1950 buf += local_len; 1951 len -= local_len; 1952 1953 if (ofs >> cfi->chipshift) { 1954 chipnum ++; 1955 ofs = 0; 1956 if (chipnum == cfi->numchips) 1957 return 0; 1958 } 1959 } 1960 1961 /* Write buffer is worth it only if more than one word to write... */ 1962 while (len >= map_bankwidth(map) * 2) { 1963 /* We must not cross write block boundaries */ 1964 int size = wbufsize - (ofs & (wbufsize-1)); 1965 1966 if (size > len) 1967 size = len; 1968 if (size % map_bankwidth(map)) 1969 size -= size % map_bankwidth(map); 1970 1971 ret = do_write_buffer(map, &cfi->chips[chipnum], 1972 ofs, buf, size); 1973 if (ret) 1974 return ret; 1975 1976 ofs += size; 1977 buf += size; 1978 (*retlen) += size; 1979 len -= size; 1980 1981 if (ofs >> cfi->chipshift) { 1982 chipnum ++; 1983 ofs = 0; 1984 if (chipnum == cfi->numchips) 1985 return 0; 1986 } 1987 } 1988 1989 if (len) { 1990 size_t retlen_dregs = 0; 1991 1992 ret = cfi_amdstd_write_words(mtd, ofs + (chipnum<<cfi->chipshift), 1993 len, &retlen_dregs, buf); 1994 1995 *retlen += retlen_dregs; 1996 return ret; 1997 } 1998 1999 return 0; 2000 } 2001 2002 /* 2003 * Wait for the flash chip to become ready to write data 2004 * 2005 * This is only called during the panic_write() path. When panic_write() 2006 * is called, the kernel is in the process of a panic, and will soon be 2007 * dead. Therefore we don't take any locks, and attempt to get access 2008 * to the chip as soon as possible. 2009 */ 2010 static int cfi_amdstd_panic_wait(struct map_info *map, struct flchip *chip, 2011 unsigned long adr) 2012 { 2013 struct cfi_private *cfi = map->fldrv_priv; 2014 int retries = 10; 2015 int i; 2016 2017 /* 2018 * If the driver thinks the chip is idle, and no toggle bits 2019 * are changing, then the chip is actually idle for sure. 2020 */ 2021 if (chip->state == FL_READY && chip_ready(map, adr)) 2022 return 0; 2023 2024 /* 2025 * Try several times to reset the chip and then wait for it 2026 * to become idle. The upper limit of a few milliseconds of 2027 * delay isn't a big problem: the kernel is dying anyway. It 2028 * is more important to save the messages. 2029 */ 2030 while (retries > 0) { 2031 const unsigned long timeo = (HZ / 1000) + 1; 2032 2033 /* send the reset command */ 2034 map_write(map, CMD(0xF0), chip->start); 2035 2036 /* wait for the chip to become ready */ 2037 for (i = 0; i < jiffies_to_usecs(timeo); i++) { 2038 if (chip_ready(map, adr)) 2039 return 0; 2040 2041 udelay(1); 2042 } 2043 2044 retries--; 2045 } 2046 2047 /* the chip never became ready */ 2048 return -EBUSY; 2049 } 2050 2051 /* 2052 * Write out one word of data to a single flash chip during a kernel panic 2053 * 2054 * This is only called during the panic_write() path. When panic_write() 2055 * is called, the kernel is in the process of a panic, and will soon be 2056 * dead. Therefore we don't take any locks, and attempt to get access 2057 * to the chip as soon as possible. 2058 * 2059 * The implementation of this routine is intentionally similar to 2060 * do_write_oneword(), in order to ease code maintenance. 2061 */ 2062 static int do_panic_write_oneword(struct map_info *map, struct flchip *chip, 2063 unsigned long adr, map_word datum) 2064 { 2065 const unsigned long uWriteTimeout = (HZ / 1000) + 1; 2066 struct cfi_private *cfi = map->fldrv_priv; 2067 int retry_cnt = 0; 2068 map_word oldd; 2069 int ret = 0; 2070 int i; 2071 2072 adr += chip->start; 2073 2074 ret = cfi_amdstd_panic_wait(map, chip, adr); 2075 if (ret) 2076 return ret; 2077 2078 pr_debug("MTD %s(): PANIC WRITE 0x%.8lx(0x%.8lx)\n", 2079 __func__, adr, datum.x[0]); 2080 2081 /* 2082 * Check for a NOP for the case when the datum to write is already 2083 * present - it saves time and works around buggy chips that corrupt 2084 * data at other locations when 0xff is written to a location that 2085 * already contains 0xff. 2086 */ 2087 oldd = map_read(map, adr); 2088 if (map_word_equal(map, oldd, datum)) { 2089 pr_debug("MTD %s(): NOP\n", __func__); 2090 goto op_done; 2091 } 2092 2093 ENABLE_VPP(map); 2094 2095 retry: 2096 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 2097 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL); 2098 cfi_send_gen_cmd(0xA0, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 2099 map_write(map, datum, adr); 2100 2101 for (i = 0; i < jiffies_to_usecs(uWriteTimeout); i++) { 2102 if (chip_ready(map, adr)) 2103 break; 2104 2105 udelay(1); 2106 } 2107 2108 if (!chip_good(map, adr, datum)) { 2109 /* reset on all failures. */ 2110 map_write(map, CMD(0xF0), chip->start); 2111 /* FIXME - should have reset delay before continuing */ 2112 2113 if (++retry_cnt <= MAX_RETRIES) 2114 goto retry; 2115 2116 ret = -EIO; 2117 } 2118 2119 op_done: 2120 DISABLE_VPP(map); 2121 return ret; 2122 } 2123 2124 /* 2125 * Write out some data during a kernel panic 2126 * 2127 * This is used by the mtdoops driver to save the dying messages from a 2128 * kernel which has panic'd. 2129 * 2130 * This routine ignores all of the locking used throughout the rest of the 2131 * driver, in order to ensure that the data gets written out no matter what 2132 * state this driver (and the flash chip itself) was in when the kernel crashed. 2133 * 2134 * The implementation of this routine is intentionally similar to 2135 * cfi_amdstd_write_words(), in order to ease code maintenance. 2136 */ 2137 static int cfi_amdstd_panic_write(struct mtd_info *mtd, loff_t to, size_t len, 2138 size_t *retlen, const u_char *buf) 2139 { 2140 struct map_info *map = mtd->priv; 2141 struct cfi_private *cfi = map->fldrv_priv; 2142 unsigned long ofs, chipstart; 2143 int ret = 0; 2144 int chipnum; 2145 2146 chipnum = to >> cfi->chipshift; 2147 ofs = to - (chipnum << cfi->chipshift); 2148 chipstart = cfi->chips[chipnum].start; 2149 2150 /* If it's not bus aligned, do the first byte write */ 2151 if (ofs & (map_bankwidth(map) - 1)) { 2152 unsigned long bus_ofs = ofs & ~(map_bankwidth(map) - 1); 2153 int i = ofs - bus_ofs; 2154 int n = 0; 2155 map_word tmp_buf; 2156 2157 ret = cfi_amdstd_panic_wait(map, &cfi->chips[chipnum], bus_ofs); 2158 if (ret) 2159 return ret; 2160 2161 /* Load 'tmp_buf' with old contents of flash */ 2162 tmp_buf = map_read(map, bus_ofs + chipstart); 2163 2164 /* Number of bytes to copy from buffer */ 2165 n = min_t(int, len, map_bankwidth(map) - i); 2166 2167 tmp_buf = map_word_load_partial(map, tmp_buf, buf, i, n); 2168 2169 ret = do_panic_write_oneword(map, &cfi->chips[chipnum], 2170 bus_ofs, tmp_buf); 2171 if (ret) 2172 return ret; 2173 2174 ofs += n; 2175 buf += n; 2176 (*retlen) += n; 2177 len -= n; 2178 2179 if (ofs >> cfi->chipshift) { 2180 chipnum++; 2181 ofs = 0; 2182 if (chipnum == cfi->numchips) 2183 return 0; 2184 } 2185 } 2186 2187 /* We are now aligned, write as much as possible */ 2188 while (len >= map_bankwidth(map)) { 2189 map_word datum; 2190 2191 datum = map_word_load(map, buf); 2192 2193 ret = do_panic_write_oneword(map, &cfi->chips[chipnum], 2194 ofs, datum); 2195 if (ret) 2196 return ret; 2197 2198 ofs += map_bankwidth(map); 2199 buf += map_bankwidth(map); 2200 (*retlen) += map_bankwidth(map); 2201 len -= map_bankwidth(map); 2202 2203 if (ofs >> cfi->chipshift) { 2204 chipnum++; 2205 ofs = 0; 2206 if (chipnum == cfi->numchips) 2207 return 0; 2208 2209 chipstart = cfi->chips[chipnum].start; 2210 } 2211 } 2212 2213 /* Write the trailing bytes if any */ 2214 if (len & (map_bankwidth(map) - 1)) { 2215 map_word tmp_buf; 2216 2217 ret = cfi_amdstd_panic_wait(map, &cfi->chips[chipnum], ofs); 2218 if (ret) 2219 return ret; 2220 2221 tmp_buf = map_read(map, ofs + chipstart); 2222 2223 tmp_buf = map_word_load_partial(map, tmp_buf, buf, 0, len); 2224 2225 ret = do_panic_write_oneword(map, &cfi->chips[chipnum], 2226 ofs, tmp_buf); 2227 if (ret) 2228 return ret; 2229 2230 (*retlen) += len; 2231 } 2232 2233 return 0; 2234 } 2235 2236 2237 /* 2238 * Handle devices with one erase region, that only implement 2239 * the chip erase command. 2240 */ 2241 static int __xipram do_erase_chip(struct map_info *map, struct flchip *chip) 2242 { 2243 struct cfi_private *cfi = map->fldrv_priv; 2244 unsigned long timeo = jiffies + HZ; 2245 unsigned long int adr; 2246 DECLARE_WAITQUEUE(wait, current); 2247 int ret = 0; 2248 int retry_cnt = 0; 2249 2250 adr = cfi->addr_unlock1; 2251 2252 mutex_lock(&chip->mutex); 2253 ret = get_chip(map, chip, adr, FL_WRITING); 2254 if (ret) { 2255 mutex_unlock(&chip->mutex); 2256 return ret; 2257 } 2258 2259 pr_debug("MTD %s(): ERASE 0x%.8lx\n", 2260 __func__, chip->start); 2261 2262 XIP_INVAL_CACHED_RANGE(map, adr, map->size); 2263 ENABLE_VPP(map); 2264 xip_disable(map, chip, adr); 2265 2266 retry: 2267 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 2268 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL); 2269 cfi_send_gen_cmd(0x80, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 2270 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 2271 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL); 2272 cfi_send_gen_cmd(0x10, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 2273 2274 chip->state = FL_ERASING; 2275 chip->erase_suspended = 0; 2276 chip->in_progress_block_addr = adr; 2277 chip->in_progress_block_mask = ~(map->size - 1); 2278 2279 INVALIDATE_CACHE_UDELAY(map, chip, 2280 adr, map->size, 2281 chip->erase_time*500); 2282 2283 timeo = jiffies + (HZ*20); 2284 2285 for (;;) { 2286 if (chip->state != FL_ERASING) { 2287 /* Someone's suspended the erase. Sleep */ 2288 set_current_state(TASK_UNINTERRUPTIBLE); 2289 add_wait_queue(&chip->wq, &wait); 2290 mutex_unlock(&chip->mutex); 2291 schedule(); 2292 remove_wait_queue(&chip->wq, &wait); 2293 mutex_lock(&chip->mutex); 2294 continue; 2295 } 2296 if (chip->erase_suspended) { 2297 /* This erase was suspended and resumed. 2298 Adjust the timeout */ 2299 timeo = jiffies + (HZ*20); /* FIXME */ 2300 chip->erase_suspended = 0; 2301 } 2302 2303 if (chip_good(map, adr, map_word_ff(map))) 2304 break; 2305 2306 if (time_after(jiffies, timeo)) { 2307 printk(KERN_WARNING "MTD %s(): software timeout\n", 2308 __func__); 2309 ret = -EIO; 2310 break; 2311 } 2312 2313 /* Latency issues. Drop the lock, wait a while and retry */ 2314 UDELAY(map, chip, adr, 1000000/HZ); 2315 } 2316 /* Did we succeed? */ 2317 if (ret) { 2318 /* reset on all failures. */ 2319 map_write(map, CMD(0xF0), chip->start); 2320 /* FIXME - should have reset delay before continuing */ 2321 2322 if (++retry_cnt <= MAX_RETRIES) { 2323 ret = 0; 2324 goto retry; 2325 } 2326 } 2327 2328 chip->state = FL_READY; 2329 xip_enable(map, chip, adr); 2330 DISABLE_VPP(map); 2331 put_chip(map, chip, adr); 2332 mutex_unlock(&chip->mutex); 2333 2334 return ret; 2335 } 2336 2337 2338 static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip, unsigned long adr, int len, void *thunk) 2339 { 2340 struct cfi_private *cfi = map->fldrv_priv; 2341 unsigned long timeo = jiffies + HZ; 2342 DECLARE_WAITQUEUE(wait, current); 2343 int ret = 0; 2344 int retry_cnt = 0; 2345 2346 adr += chip->start; 2347 2348 mutex_lock(&chip->mutex); 2349 ret = get_chip(map, chip, adr, FL_ERASING); 2350 if (ret) { 2351 mutex_unlock(&chip->mutex); 2352 return ret; 2353 } 2354 2355 pr_debug("MTD %s(): ERASE 0x%.8lx\n", 2356 __func__, adr); 2357 2358 XIP_INVAL_CACHED_RANGE(map, adr, len); 2359 ENABLE_VPP(map); 2360 xip_disable(map, chip, adr); 2361 2362 retry: 2363 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 2364 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL); 2365 cfi_send_gen_cmd(0x80, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 2366 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL); 2367 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL); 2368 map_write(map, cfi->sector_erase_cmd, adr); 2369 2370 chip->state = FL_ERASING; 2371 chip->erase_suspended = 0; 2372 chip->in_progress_block_addr = adr; 2373 chip->in_progress_block_mask = ~(len - 1); 2374 2375 INVALIDATE_CACHE_UDELAY(map, chip, 2376 adr, len, 2377 chip->erase_time*500); 2378 2379 timeo = jiffies + (HZ*20); 2380 2381 for (;;) { 2382 if (chip->state != FL_ERASING) { 2383 /* Someone's suspended the erase. Sleep */ 2384 set_current_state(TASK_UNINTERRUPTIBLE); 2385 add_wait_queue(&chip->wq, &wait); 2386 mutex_unlock(&chip->mutex); 2387 schedule(); 2388 remove_wait_queue(&chip->wq, &wait); 2389 mutex_lock(&chip->mutex); 2390 continue; 2391 } 2392 if (chip->erase_suspended) { 2393 /* This erase was suspended and resumed. 2394 Adjust the timeout */ 2395 timeo = jiffies + (HZ*20); /* FIXME */ 2396 chip->erase_suspended = 0; 2397 } 2398 2399 if (chip_good(map, adr, map_word_ff(map))) 2400 break; 2401 2402 if (time_after(jiffies, timeo)) { 2403 printk(KERN_WARNING "MTD %s(): software timeout\n", 2404 __func__); 2405 ret = -EIO; 2406 break; 2407 } 2408 2409 /* Latency issues. Drop the lock, wait a while and retry */ 2410 UDELAY(map, chip, adr, 1000000/HZ); 2411 } 2412 /* Did we succeed? */ 2413 if (ret) { 2414 /* reset on all failures. */ 2415 map_write(map, CMD(0xF0), chip->start); 2416 /* FIXME - should have reset delay before continuing */ 2417 2418 if (++retry_cnt <= MAX_RETRIES) { 2419 ret = 0; 2420 goto retry; 2421 } 2422 } 2423 2424 chip->state = FL_READY; 2425 xip_enable(map, chip, adr); 2426 DISABLE_VPP(map); 2427 put_chip(map, chip, adr); 2428 mutex_unlock(&chip->mutex); 2429 return ret; 2430 } 2431 2432 2433 static int cfi_amdstd_erase_varsize(struct mtd_info *mtd, struct erase_info *instr) 2434 { 2435 return cfi_varsize_frob(mtd, do_erase_oneblock, instr->addr, 2436 instr->len, NULL); 2437 } 2438 2439 2440 static int cfi_amdstd_erase_chip(struct mtd_info *mtd, struct erase_info *instr) 2441 { 2442 struct map_info *map = mtd->priv; 2443 struct cfi_private *cfi = map->fldrv_priv; 2444 2445 if (instr->addr != 0) 2446 return -EINVAL; 2447 2448 if (instr->len != mtd->size) 2449 return -EINVAL; 2450 2451 return do_erase_chip(map, &cfi->chips[0]); 2452 } 2453 2454 static int do_atmel_lock(struct map_info *map, struct flchip *chip, 2455 unsigned long adr, int len, void *thunk) 2456 { 2457 struct cfi_private *cfi = map->fldrv_priv; 2458 int ret; 2459 2460 mutex_lock(&chip->mutex); 2461 ret = get_chip(map, chip, adr + chip->start, FL_LOCKING); 2462 if (ret) 2463 goto out_unlock; 2464 chip->state = FL_LOCKING; 2465 2466 pr_debug("MTD %s(): LOCK 0x%08lx len %d\n", __func__, adr, len); 2467 2468 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, 2469 cfi->device_type, NULL); 2470 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, 2471 cfi->device_type, NULL); 2472 cfi_send_gen_cmd(0x80, cfi->addr_unlock1, chip->start, map, cfi, 2473 cfi->device_type, NULL); 2474 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, 2475 cfi->device_type, NULL); 2476 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, 2477 cfi->device_type, NULL); 2478 map_write(map, CMD(0x40), chip->start + adr); 2479 2480 chip->state = FL_READY; 2481 put_chip(map, chip, adr + chip->start); 2482 ret = 0; 2483 2484 out_unlock: 2485 mutex_unlock(&chip->mutex); 2486 return ret; 2487 } 2488 2489 static int do_atmel_unlock(struct map_info *map, struct flchip *chip, 2490 unsigned long adr, int len, void *thunk) 2491 { 2492 struct cfi_private *cfi = map->fldrv_priv; 2493 int ret; 2494 2495 mutex_lock(&chip->mutex); 2496 ret = get_chip(map, chip, adr + chip->start, FL_UNLOCKING); 2497 if (ret) 2498 goto out_unlock; 2499 chip->state = FL_UNLOCKING; 2500 2501 pr_debug("MTD %s(): LOCK 0x%08lx len %d\n", __func__, adr, len); 2502 2503 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, 2504 cfi->device_type, NULL); 2505 map_write(map, CMD(0x70), adr); 2506 2507 chip->state = FL_READY; 2508 put_chip(map, chip, adr + chip->start); 2509 ret = 0; 2510 2511 out_unlock: 2512 mutex_unlock(&chip->mutex); 2513 return ret; 2514 } 2515 2516 static int cfi_atmel_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len) 2517 { 2518 return cfi_varsize_frob(mtd, do_atmel_lock, ofs, len, NULL); 2519 } 2520 2521 static int cfi_atmel_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len) 2522 { 2523 return cfi_varsize_frob(mtd, do_atmel_unlock, ofs, len, NULL); 2524 } 2525 2526 /* 2527 * Advanced Sector Protection - PPB (Persistent Protection Bit) locking 2528 */ 2529 2530 struct ppb_lock { 2531 struct flchip *chip; 2532 unsigned long adr; 2533 int locked; 2534 }; 2535 2536 #define MAX_SECTORS 512 2537 2538 #define DO_XXLOCK_ONEBLOCK_LOCK ((void *)1) 2539 #define DO_XXLOCK_ONEBLOCK_UNLOCK ((void *)2) 2540 #define DO_XXLOCK_ONEBLOCK_GETLOCK ((void *)3) 2541 2542 static int __maybe_unused do_ppb_xxlock(struct map_info *map, 2543 struct flchip *chip, 2544 unsigned long adr, int len, void *thunk) 2545 { 2546 struct cfi_private *cfi = map->fldrv_priv; 2547 unsigned long timeo; 2548 int ret; 2549 2550 adr += chip->start; 2551 mutex_lock(&chip->mutex); 2552 ret = get_chip(map, chip, adr, FL_LOCKING); 2553 if (ret) { 2554 mutex_unlock(&chip->mutex); 2555 return ret; 2556 } 2557 2558 pr_debug("MTD %s(): XXLOCK 0x%08lx len %d\n", __func__, adr, len); 2559 2560 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, 2561 cfi->device_type, NULL); 2562 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, 2563 cfi->device_type, NULL); 2564 /* PPB entry command */ 2565 cfi_send_gen_cmd(0xC0, cfi->addr_unlock1, chip->start, map, cfi, 2566 cfi->device_type, NULL); 2567 2568 if (thunk == DO_XXLOCK_ONEBLOCK_LOCK) { 2569 chip->state = FL_LOCKING; 2570 map_write(map, CMD(0xA0), adr); 2571 map_write(map, CMD(0x00), adr); 2572 } else if (thunk == DO_XXLOCK_ONEBLOCK_UNLOCK) { 2573 /* 2574 * Unlocking of one specific sector is not supported, so we 2575 * have to unlock all sectors of this device instead 2576 */ 2577 chip->state = FL_UNLOCKING; 2578 map_write(map, CMD(0x80), chip->start); 2579 map_write(map, CMD(0x30), chip->start); 2580 } else if (thunk == DO_XXLOCK_ONEBLOCK_GETLOCK) { 2581 chip->state = FL_JEDEC_QUERY; 2582 /* Return locked status: 0->locked, 1->unlocked */ 2583 ret = !cfi_read_query(map, adr); 2584 } else 2585 BUG(); 2586 2587 /* 2588 * Wait for some time as unlocking of all sectors takes quite long 2589 */ 2590 timeo = jiffies + msecs_to_jiffies(2000); /* 2s max (un)locking */ 2591 for (;;) { 2592 if (chip_ready(map, adr)) 2593 break; 2594 2595 if (time_after(jiffies, timeo)) { 2596 printk(KERN_ERR "Waiting for chip to be ready timed out.\n"); 2597 ret = -EIO; 2598 break; 2599 } 2600 2601 UDELAY(map, chip, adr, 1); 2602 } 2603 2604 /* Exit BC commands */ 2605 map_write(map, CMD(0x90), chip->start); 2606 map_write(map, CMD(0x00), chip->start); 2607 2608 chip->state = FL_READY; 2609 put_chip(map, chip, adr); 2610 mutex_unlock(&chip->mutex); 2611 2612 return ret; 2613 } 2614 2615 static int __maybe_unused cfi_ppb_lock(struct mtd_info *mtd, loff_t ofs, 2616 uint64_t len) 2617 { 2618 return cfi_varsize_frob(mtd, do_ppb_xxlock, ofs, len, 2619 DO_XXLOCK_ONEBLOCK_LOCK); 2620 } 2621 2622 static int __maybe_unused cfi_ppb_unlock(struct mtd_info *mtd, loff_t ofs, 2623 uint64_t len) 2624 { 2625 struct mtd_erase_region_info *regions = mtd->eraseregions; 2626 struct map_info *map = mtd->priv; 2627 struct cfi_private *cfi = map->fldrv_priv; 2628 struct ppb_lock *sect; 2629 unsigned long adr; 2630 loff_t offset; 2631 uint64_t length; 2632 int chipnum; 2633 int i; 2634 int sectors; 2635 int ret; 2636 2637 /* 2638 * PPB unlocking always unlocks all sectors of the flash chip. 2639 * We need to re-lock all previously locked sectors. So lets 2640 * first check the locking status of all sectors and save 2641 * it for future use. 2642 */ 2643 sect = kcalloc(MAX_SECTORS, sizeof(struct ppb_lock), GFP_KERNEL); 2644 if (!sect) 2645 return -ENOMEM; 2646 2647 /* 2648 * This code to walk all sectors is a slightly modified version 2649 * of the cfi_varsize_frob() code. 2650 */ 2651 i = 0; 2652 chipnum = 0; 2653 adr = 0; 2654 sectors = 0; 2655 offset = 0; 2656 length = mtd->size; 2657 2658 while (length) { 2659 int size = regions[i].erasesize; 2660 2661 /* 2662 * Only test sectors that shall not be unlocked. The other 2663 * sectors shall be unlocked, so lets keep their locking 2664 * status at "unlocked" (locked=0) for the final re-locking. 2665 */ 2666 if ((offset < ofs) || (offset >= (ofs + len))) { 2667 sect[sectors].chip = &cfi->chips[chipnum]; 2668 sect[sectors].adr = adr; 2669 sect[sectors].locked = do_ppb_xxlock( 2670 map, &cfi->chips[chipnum], adr, 0, 2671 DO_XXLOCK_ONEBLOCK_GETLOCK); 2672 } 2673 2674 adr += size; 2675 offset += size; 2676 length -= size; 2677 2678 if (offset == regions[i].offset + size * regions[i].numblocks) 2679 i++; 2680 2681 if (adr >> cfi->chipshift) { 2682 if (offset >= (ofs + len)) 2683 break; 2684 adr = 0; 2685 chipnum++; 2686 2687 if (chipnum >= cfi->numchips) 2688 break; 2689 } 2690 2691 sectors++; 2692 if (sectors >= MAX_SECTORS) { 2693 printk(KERN_ERR "Only %d sectors for PPB locking supported!\n", 2694 MAX_SECTORS); 2695 kfree(sect); 2696 return -EINVAL; 2697 } 2698 } 2699 2700 /* Now unlock the whole chip */ 2701 ret = cfi_varsize_frob(mtd, do_ppb_xxlock, ofs, len, 2702 DO_XXLOCK_ONEBLOCK_UNLOCK); 2703 if (ret) { 2704 kfree(sect); 2705 return ret; 2706 } 2707 2708 /* 2709 * PPB unlocking always unlocks all sectors of the flash chip. 2710 * We need to re-lock all previously locked sectors. 2711 */ 2712 for (i = 0; i < sectors; i++) { 2713 if (sect[i].locked) 2714 do_ppb_xxlock(map, sect[i].chip, sect[i].adr, 0, 2715 DO_XXLOCK_ONEBLOCK_LOCK); 2716 } 2717 2718 kfree(sect); 2719 return ret; 2720 } 2721 2722 static int __maybe_unused cfi_ppb_is_locked(struct mtd_info *mtd, loff_t ofs, 2723 uint64_t len) 2724 { 2725 return cfi_varsize_frob(mtd, do_ppb_xxlock, ofs, len, 2726 DO_XXLOCK_ONEBLOCK_GETLOCK) ? 1 : 0; 2727 } 2728 2729 static void cfi_amdstd_sync (struct mtd_info *mtd) 2730 { 2731 struct map_info *map = mtd->priv; 2732 struct cfi_private *cfi = map->fldrv_priv; 2733 int i; 2734 struct flchip *chip; 2735 int ret = 0; 2736 DECLARE_WAITQUEUE(wait, current); 2737 2738 for (i=0; !ret && i<cfi->numchips; i++) { 2739 chip = &cfi->chips[i]; 2740 2741 retry: 2742 mutex_lock(&chip->mutex); 2743 2744 switch(chip->state) { 2745 case FL_READY: 2746 case FL_STATUS: 2747 case FL_CFI_QUERY: 2748 case FL_JEDEC_QUERY: 2749 chip->oldstate = chip->state; 2750 chip->state = FL_SYNCING; 2751 /* No need to wake_up() on this state change - 2752 * as the whole point is that nobody can do anything 2753 * with the chip now anyway. 2754 */ 2755 /* fall through */ 2756 case FL_SYNCING: 2757 mutex_unlock(&chip->mutex); 2758 break; 2759 2760 default: 2761 /* Not an idle state */ 2762 set_current_state(TASK_UNINTERRUPTIBLE); 2763 add_wait_queue(&chip->wq, &wait); 2764 2765 mutex_unlock(&chip->mutex); 2766 2767 schedule(); 2768 2769 remove_wait_queue(&chip->wq, &wait); 2770 2771 goto retry; 2772 } 2773 } 2774 2775 /* Unlock the chips again */ 2776 2777 for (i--; i >=0; i--) { 2778 chip = &cfi->chips[i]; 2779 2780 mutex_lock(&chip->mutex); 2781 2782 if (chip->state == FL_SYNCING) { 2783 chip->state = chip->oldstate; 2784 wake_up(&chip->wq); 2785 } 2786 mutex_unlock(&chip->mutex); 2787 } 2788 } 2789 2790 2791 static int cfi_amdstd_suspend(struct mtd_info *mtd) 2792 { 2793 struct map_info *map = mtd->priv; 2794 struct cfi_private *cfi = map->fldrv_priv; 2795 int i; 2796 struct flchip *chip; 2797 int ret = 0; 2798 2799 for (i=0; !ret && i<cfi->numchips; i++) { 2800 chip = &cfi->chips[i]; 2801 2802 mutex_lock(&chip->mutex); 2803 2804 switch(chip->state) { 2805 case FL_READY: 2806 case FL_STATUS: 2807 case FL_CFI_QUERY: 2808 case FL_JEDEC_QUERY: 2809 chip->oldstate = chip->state; 2810 chip->state = FL_PM_SUSPENDED; 2811 /* No need to wake_up() on this state change - 2812 * as the whole point is that nobody can do anything 2813 * with the chip now anyway. 2814 */ 2815 case FL_PM_SUSPENDED: 2816 break; 2817 2818 default: 2819 ret = -EAGAIN; 2820 break; 2821 } 2822 mutex_unlock(&chip->mutex); 2823 } 2824 2825 /* Unlock the chips again */ 2826 2827 if (ret) { 2828 for (i--; i >=0; i--) { 2829 chip = &cfi->chips[i]; 2830 2831 mutex_lock(&chip->mutex); 2832 2833 if (chip->state == FL_PM_SUSPENDED) { 2834 chip->state = chip->oldstate; 2835 wake_up(&chip->wq); 2836 } 2837 mutex_unlock(&chip->mutex); 2838 } 2839 } 2840 2841 return ret; 2842 } 2843 2844 2845 static void cfi_amdstd_resume(struct mtd_info *mtd) 2846 { 2847 struct map_info *map = mtd->priv; 2848 struct cfi_private *cfi = map->fldrv_priv; 2849 int i; 2850 struct flchip *chip; 2851 2852 for (i=0; i<cfi->numchips; i++) { 2853 2854 chip = &cfi->chips[i]; 2855 2856 mutex_lock(&chip->mutex); 2857 2858 if (chip->state == FL_PM_SUSPENDED) { 2859 chip->state = FL_READY; 2860 map_write(map, CMD(0xF0), chip->start); 2861 wake_up(&chip->wq); 2862 } 2863 else 2864 printk(KERN_ERR "Argh. Chip not in PM_SUSPENDED state upon resume()\n"); 2865 2866 mutex_unlock(&chip->mutex); 2867 } 2868 } 2869 2870 2871 /* 2872 * Ensure that the flash device is put back into read array mode before 2873 * unloading the driver or rebooting. On some systems, rebooting while 2874 * the flash is in query/program/erase mode will prevent the CPU from 2875 * fetching the bootloader code, requiring a hard reset or power cycle. 2876 */ 2877 static int cfi_amdstd_reset(struct mtd_info *mtd) 2878 { 2879 struct map_info *map = mtd->priv; 2880 struct cfi_private *cfi = map->fldrv_priv; 2881 int i, ret; 2882 struct flchip *chip; 2883 2884 for (i = 0; i < cfi->numchips; i++) { 2885 2886 chip = &cfi->chips[i]; 2887 2888 mutex_lock(&chip->mutex); 2889 2890 ret = get_chip(map, chip, chip->start, FL_SHUTDOWN); 2891 if (!ret) { 2892 map_write(map, CMD(0xF0), chip->start); 2893 chip->state = FL_SHUTDOWN; 2894 put_chip(map, chip, chip->start); 2895 } 2896 2897 mutex_unlock(&chip->mutex); 2898 } 2899 2900 return 0; 2901 } 2902 2903 2904 static int cfi_amdstd_reboot(struct notifier_block *nb, unsigned long val, 2905 void *v) 2906 { 2907 struct mtd_info *mtd; 2908 2909 mtd = container_of(nb, struct mtd_info, reboot_notifier); 2910 cfi_amdstd_reset(mtd); 2911 return NOTIFY_DONE; 2912 } 2913 2914 2915 static void cfi_amdstd_destroy(struct mtd_info *mtd) 2916 { 2917 struct map_info *map = mtd->priv; 2918 struct cfi_private *cfi = map->fldrv_priv; 2919 2920 cfi_amdstd_reset(mtd); 2921 unregister_reboot_notifier(&mtd->reboot_notifier); 2922 kfree(cfi->cmdset_priv); 2923 kfree(cfi->cfiq); 2924 kfree(cfi); 2925 kfree(mtd->eraseregions); 2926 } 2927 2928 MODULE_LICENSE("GPL"); 2929 MODULE_AUTHOR("Crossnet Co. <info@crossnet.co.jp> et al."); 2930 MODULE_DESCRIPTION("MTD chip driver for AMD/Fujitsu flash chips"); 2931 MODULE_ALIAS("cfi_cmdset_0006"); 2932 MODULE_ALIAS("cfi_cmdset_0701"); 2933