1 /* 2 * ST M25P80 emulator. Emulate all SPI flash devices based on the m25p80 command 3 * set. Known devices table current as of Jun/2012 and taken from linux. 4 * See drivers/mtd/devices/m25p80.c. 5 * 6 * Copyright (C) 2011 Edgar E. Iglesias <edgar.iglesias@gmail.com> 7 * Copyright (C) 2012 Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com> 8 * Copyright (C) 2012 PetaLogix 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License as 12 * published by the Free Software Foundation; either version 2 or 13 * (at your option) a later version of the License. 14 * 15 * This program is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License along 21 * with this program; if not, see <http://www.gnu.org/licenses/>. 22 */ 23 24 #include "hw/hw.h" 25 #include "sysemu/blockdev.h" 26 #include "hw/ssi.h" 27 28 #ifndef M25P80_ERR_DEBUG 29 #define M25P80_ERR_DEBUG 0 30 #endif 31 32 #define DB_PRINT_L(level, ...) do { \ 33 if (M25P80_ERR_DEBUG > (level)) { \ 34 fprintf(stderr, ": %s: ", __func__); \ 35 fprintf(stderr, ## __VA_ARGS__); \ 36 } \ 37 } while (0); 38 39 /* Fields for FlashPartInfo->flags */ 40 41 /* erase capabilities */ 42 #define ER_4K 1 43 #define ER_32K 2 44 /* set to allow the page program command to write 0s back to 1. Useful for 45 * modelling EEPROM with SPI flash command set 46 */ 47 #define WR_1 0x100 48 49 typedef struct FlashPartInfo { 50 const char *part_name; 51 /* jedec code. (jedec >> 16) & 0xff is the 1st byte, >> 8 the 2nd etc */ 52 uint32_t jedec; 53 /* extended jedec code */ 54 uint16_t ext_jedec; 55 /* there is confusion between manufacturers as to what a sector is. In this 56 * device model, a "sector" is the size that is erased by the ERASE_SECTOR 57 * command (opcode 0xd8). 58 */ 59 uint32_t sector_size; 60 uint32_t n_sectors; 61 uint32_t page_size; 62 uint8_t flags; 63 } FlashPartInfo; 64 65 /* adapted from linux */ 66 67 #define INFO(_part_name, _jedec, _ext_jedec, _sector_size, _n_sectors, _flags)\ 68 .part_name = (_part_name),\ 69 .jedec = (_jedec),\ 70 .ext_jedec = (_ext_jedec),\ 71 .sector_size = (_sector_size),\ 72 .n_sectors = (_n_sectors),\ 73 .page_size = 256,\ 74 .flags = (_flags),\ 75 76 #define JEDEC_NUMONYX 0x20 77 #define JEDEC_WINBOND 0xEF 78 #define JEDEC_SPANSION 0x01 79 80 static const FlashPartInfo known_devices[] = { 81 /* Atmel -- some are (confusingly) marketed as "DataFlash" */ 82 { INFO("at25fs010", 0x1f6601, 0, 32 << 10, 4, ER_4K) }, 83 { INFO("at25fs040", 0x1f6604, 0, 64 << 10, 8, ER_4K) }, 84 85 { INFO("at25df041a", 0x1f4401, 0, 64 << 10, 8, ER_4K) }, 86 { INFO("at25df321a", 0x1f4701, 0, 64 << 10, 64, ER_4K) }, 87 { INFO("at25df641", 0x1f4800, 0, 64 << 10, 128, ER_4K) }, 88 89 { INFO("at26f004", 0x1f0400, 0, 64 << 10, 8, ER_4K) }, 90 { INFO("at26df081a", 0x1f4501, 0, 64 << 10, 16, ER_4K) }, 91 { INFO("at26df161a", 0x1f4601, 0, 64 << 10, 32, ER_4K) }, 92 { INFO("at26df321", 0x1f4700, 0, 64 << 10, 64, ER_4K) }, 93 94 { INFO("at45db081d", 0x1f2500, 0, 64 << 10, 16, ER_4K) }, 95 96 /* EON -- en25xxx */ 97 { INFO("en25f32", 0x1c3116, 0, 64 << 10, 64, ER_4K) }, 98 { INFO("en25p32", 0x1c2016, 0, 64 << 10, 64, 0) }, 99 { INFO("en25q32b", 0x1c3016, 0, 64 << 10, 64, 0) }, 100 { INFO("en25p64", 0x1c2017, 0, 64 << 10, 128, 0) }, 101 { INFO("en25q64", 0x1c3017, 0, 64 << 10, 128, ER_4K) }, 102 103 /* GigaDevice */ 104 { INFO("gd25q32", 0xc84016, 0, 64 << 10, 64, ER_4K) }, 105 { INFO("gd25q64", 0xc84017, 0, 64 << 10, 128, ER_4K) }, 106 107 /* Intel/Numonyx -- xxxs33b */ 108 { INFO("160s33b", 0x898911, 0, 64 << 10, 32, 0) }, 109 { INFO("320s33b", 0x898912, 0, 64 << 10, 64, 0) }, 110 { INFO("640s33b", 0x898913, 0, 64 << 10, 128, 0) }, 111 { INFO("n25q064", 0x20ba17, 0, 64 << 10, 128, 0) }, 112 113 /* Macronix */ 114 { INFO("mx25l2005a", 0xc22012, 0, 64 << 10, 4, ER_4K) }, 115 { INFO("mx25l4005a", 0xc22013, 0, 64 << 10, 8, ER_4K) }, 116 { INFO("mx25l8005", 0xc22014, 0, 64 << 10, 16, 0) }, 117 { INFO("mx25l1606e", 0xc22015, 0, 64 << 10, 32, ER_4K) }, 118 { INFO("mx25l3205d", 0xc22016, 0, 64 << 10, 64, 0) }, 119 { INFO("mx25l6405d", 0xc22017, 0, 64 << 10, 128, 0) }, 120 { INFO("mx25l12805d", 0xc22018, 0, 64 << 10, 256, 0) }, 121 { INFO("mx25l12855e", 0xc22618, 0, 64 << 10, 256, 0) }, 122 { INFO("mx25l25635e", 0xc22019, 0, 64 << 10, 512, 0) }, 123 { INFO("mx25l25655e", 0xc22619, 0, 64 << 10, 512, 0) }, 124 125 /* Micron */ 126 { INFO("n25q032a11", 0x20bb16, 0, 64 << 10, 64, ER_4K) }, 127 { INFO("n25q032a13", 0x20ba16, 0, 64 << 10, 64, ER_4K) }, 128 { INFO("n25q064a11", 0x20bb17, 0, 64 << 10, 128, ER_4K) }, 129 { INFO("n25q064a13", 0x20ba17, 0, 64 << 10, 128, ER_4K) }, 130 { INFO("n25q128a11", 0x20bb18, 0, 64 << 10, 256, ER_4K) }, 131 { INFO("n25q128a13", 0x20ba18, 0, 64 << 10, 256, ER_4K) }, 132 { INFO("n25q256a11", 0x20bb19, 0, 64 << 10, 512, ER_4K) }, 133 { INFO("n25q256a13", 0x20ba19, 0, 64 << 10, 512, ER_4K) }, 134 135 /* Spansion -- single (large) sector size only, at least 136 * for the chips listed here (without boot sectors). 137 */ 138 { INFO("s25sl032p", 0x010215, 0x4d00, 64 << 10, 64, ER_4K) }, 139 { INFO("s25sl064p", 0x010216, 0x4d00, 64 << 10, 128, ER_4K) }, 140 { INFO("s25fl256s0", 0x010219, 0x4d00, 256 << 10, 128, 0) }, 141 { INFO("s25fl256s1", 0x010219, 0x4d01, 64 << 10, 512, 0) }, 142 { INFO("s25fl512s", 0x010220, 0x4d00, 256 << 10, 256, 0) }, 143 { INFO("s70fl01gs", 0x010221, 0x4d00, 256 << 10, 256, 0) }, 144 { INFO("s25sl12800", 0x012018, 0x0300, 256 << 10, 64, 0) }, 145 { INFO("s25sl12801", 0x012018, 0x0301, 64 << 10, 256, 0) }, 146 { INFO("s25fl129p0", 0x012018, 0x4d00, 256 << 10, 64, 0) }, 147 { INFO("s25fl129p1", 0x012018, 0x4d01, 64 << 10, 256, 0) }, 148 { INFO("s25sl004a", 0x010212, 0, 64 << 10, 8, 0) }, 149 { INFO("s25sl008a", 0x010213, 0, 64 << 10, 16, 0) }, 150 { INFO("s25sl016a", 0x010214, 0, 64 << 10, 32, 0) }, 151 { INFO("s25sl032a", 0x010215, 0, 64 << 10, 64, 0) }, 152 { INFO("s25sl064a", 0x010216, 0, 64 << 10, 128, 0) }, 153 { INFO("s25fl016k", 0xef4015, 0, 64 << 10, 32, ER_4K | ER_32K) }, 154 { INFO("s25fl064k", 0xef4017, 0, 64 << 10, 128, ER_4K | ER_32K) }, 155 156 /* SST -- large erase sizes are "overlays", "sectors" are 4<< 10 */ 157 { INFO("sst25vf040b", 0xbf258d, 0, 64 << 10, 8, ER_4K) }, 158 { INFO("sst25vf080b", 0xbf258e, 0, 64 << 10, 16, ER_4K) }, 159 { INFO("sst25vf016b", 0xbf2541, 0, 64 << 10, 32, ER_4K) }, 160 { INFO("sst25vf032b", 0xbf254a, 0, 64 << 10, 64, ER_4K) }, 161 { INFO("sst25wf512", 0xbf2501, 0, 64 << 10, 1, ER_4K) }, 162 { INFO("sst25wf010", 0xbf2502, 0, 64 << 10, 2, ER_4K) }, 163 { INFO("sst25wf020", 0xbf2503, 0, 64 << 10, 4, ER_4K) }, 164 { INFO("sst25wf040", 0xbf2504, 0, 64 << 10, 8, ER_4K) }, 165 166 /* ST Microelectronics -- newer production may have feature updates */ 167 { INFO("m25p05", 0x202010, 0, 32 << 10, 2, 0) }, 168 { INFO("m25p10", 0x202011, 0, 32 << 10, 4, 0) }, 169 { INFO("m25p20", 0x202012, 0, 64 << 10, 4, 0) }, 170 { INFO("m25p40", 0x202013, 0, 64 << 10, 8, 0) }, 171 { INFO("m25p80", 0x202014, 0, 64 << 10, 16, 0) }, 172 { INFO("m25p16", 0x202015, 0, 64 << 10, 32, 0) }, 173 { INFO("m25p32", 0x202016, 0, 64 << 10, 64, 0) }, 174 { INFO("m25p64", 0x202017, 0, 64 << 10, 128, 0) }, 175 { INFO("m25p128", 0x202018, 0, 256 << 10, 64, 0) }, 176 { INFO("n25q032", 0x20ba16, 0, 64 << 10, 64, 0) }, 177 178 { INFO("m45pe10", 0x204011, 0, 64 << 10, 2, 0) }, 179 { INFO("m45pe80", 0x204014, 0, 64 << 10, 16, 0) }, 180 { INFO("m45pe16", 0x204015, 0, 64 << 10, 32, 0) }, 181 182 { INFO("m25pe20", 0x208012, 0, 64 << 10, 4, 0) }, 183 { INFO("m25pe80", 0x208014, 0, 64 << 10, 16, 0) }, 184 { INFO("m25pe16", 0x208015, 0, 64 << 10, 32, ER_4K) }, 185 186 { INFO("m25px32", 0x207116, 0, 64 << 10, 64, ER_4K) }, 187 { INFO("m25px32-s0", 0x207316, 0, 64 << 10, 64, ER_4K) }, 188 { INFO("m25px32-s1", 0x206316, 0, 64 << 10, 64, ER_4K) }, 189 { INFO("m25px64", 0x207117, 0, 64 << 10, 128, 0) }, 190 191 /* Winbond -- w25x "blocks" are 64k, "sectors" are 4KiB */ 192 { INFO("w25x10", 0xef3011, 0, 64 << 10, 2, ER_4K) }, 193 { INFO("w25x20", 0xef3012, 0, 64 << 10, 4, ER_4K) }, 194 { INFO("w25x40", 0xef3013, 0, 64 << 10, 8, ER_4K) }, 195 { INFO("w25x80", 0xef3014, 0, 64 << 10, 16, ER_4K) }, 196 { INFO("w25x16", 0xef3015, 0, 64 << 10, 32, ER_4K) }, 197 { INFO("w25x32", 0xef3016, 0, 64 << 10, 64, ER_4K) }, 198 { INFO("w25q32", 0xef4016, 0, 64 << 10, 64, ER_4K) }, 199 { INFO("w25q32dw", 0xef6016, 0, 64 << 10, 64, ER_4K) }, 200 { INFO("w25x64", 0xef3017, 0, 64 << 10, 128, ER_4K) }, 201 { INFO("w25q64", 0xef4017, 0, 64 << 10, 128, ER_4K) }, 202 { INFO("w25q80", 0xef5014, 0, 64 << 10, 16, ER_4K) }, 203 { INFO("w25q80bl", 0xef4014, 0, 64 << 10, 16, ER_4K) }, 204 { INFO("w25q256", 0xef4019, 0, 64 << 10, 512, ER_4K) }, 205 206 /* Numonyx -- n25q128 */ 207 { INFO("n25q128", 0x20ba18, 0, 64 << 10, 256, 0) }, 208 }; 209 210 typedef enum { 211 NOP = 0, 212 WRSR = 0x1, 213 WRDI = 0x4, 214 RDSR = 0x5, 215 WREN = 0x6, 216 JEDEC_READ = 0x9f, 217 BULK_ERASE = 0xc7, 218 219 READ = 0x3, 220 FAST_READ = 0xb, 221 DOR = 0x3b, 222 QOR = 0x6b, 223 DIOR = 0xbb, 224 QIOR = 0xeb, 225 226 PP = 0x2, 227 DPP = 0xa2, 228 QPP = 0x32, 229 230 ERASE_4K = 0x20, 231 ERASE_32K = 0x52, 232 ERASE_SECTOR = 0xd8, 233 } FlashCMD; 234 235 typedef enum { 236 STATE_IDLE, 237 STATE_PAGE_PROGRAM, 238 STATE_READ, 239 STATE_COLLECTING_DATA, 240 STATE_READING_DATA, 241 } CMDState; 242 243 typedef struct Flash { 244 SSISlave parent_obj; 245 246 uint32_t r; 247 248 BlockDriverState *bdrv; 249 250 uint8_t *storage; 251 uint32_t size; 252 int page_size; 253 254 uint8_t state; 255 uint8_t data[16]; 256 uint32_t len; 257 uint32_t pos; 258 uint8_t needed_bytes; 259 uint8_t cmd_in_progress; 260 uint64_t cur_addr; 261 bool write_enable; 262 263 int64_t dirty_page; 264 265 const FlashPartInfo *pi; 266 267 } Flash; 268 269 typedef struct M25P80Class { 270 SSISlaveClass parent_class; 271 FlashPartInfo *pi; 272 } M25P80Class; 273 274 #define TYPE_M25P80 "m25p80-generic" 275 #define M25P80(obj) \ 276 OBJECT_CHECK(Flash, (obj), TYPE_M25P80) 277 #define M25P80_CLASS(klass) \ 278 OBJECT_CLASS_CHECK(M25P80Class, (klass), TYPE_M25P80) 279 #define M25P80_GET_CLASS(obj) \ 280 OBJECT_GET_CLASS(M25P80Class, (obj), TYPE_M25P80) 281 282 static void bdrv_sync_complete(void *opaque, int ret) 283 { 284 /* do nothing. Masters do not directly interact with the backing store, 285 * only the working copy so no mutexing required. 286 */ 287 } 288 289 static void flash_sync_page(Flash *s, int page) 290 { 291 if (s->bdrv) { 292 int bdrv_sector, nb_sectors; 293 QEMUIOVector iov; 294 295 bdrv_sector = (page * s->pi->page_size) / BDRV_SECTOR_SIZE; 296 nb_sectors = DIV_ROUND_UP(s->pi->page_size, BDRV_SECTOR_SIZE); 297 qemu_iovec_init(&iov, 1); 298 qemu_iovec_add(&iov, s->storage + bdrv_sector * BDRV_SECTOR_SIZE, 299 nb_sectors * BDRV_SECTOR_SIZE); 300 bdrv_aio_writev(s->bdrv, bdrv_sector, &iov, nb_sectors, 301 bdrv_sync_complete, NULL); 302 } 303 } 304 305 static inline void flash_sync_area(Flash *s, int64_t off, int64_t len) 306 { 307 int64_t start, end, nb_sectors; 308 QEMUIOVector iov; 309 310 if (!s->bdrv) { 311 return; 312 } 313 314 assert(!(len % BDRV_SECTOR_SIZE)); 315 start = off / BDRV_SECTOR_SIZE; 316 end = (off + len) / BDRV_SECTOR_SIZE; 317 nb_sectors = end - start; 318 qemu_iovec_init(&iov, 1); 319 qemu_iovec_add(&iov, s->storage + (start * BDRV_SECTOR_SIZE), 320 nb_sectors * BDRV_SECTOR_SIZE); 321 bdrv_aio_writev(s->bdrv, start, &iov, nb_sectors, bdrv_sync_complete, NULL); 322 } 323 324 static void flash_erase(Flash *s, int offset, FlashCMD cmd) 325 { 326 uint32_t len; 327 uint8_t capa_to_assert = 0; 328 329 switch (cmd) { 330 case ERASE_4K: 331 len = 4 << 10; 332 capa_to_assert = ER_4K; 333 break; 334 case ERASE_32K: 335 len = 32 << 10; 336 capa_to_assert = ER_32K; 337 break; 338 case ERASE_SECTOR: 339 len = s->pi->sector_size; 340 break; 341 case BULK_ERASE: 342 len = s->size; 343 break; 344 default: 345 abort(); 346 } 347 348 DB_PRINT_L(0, "offset = %#x, len = %d\n", offset, len); 349 if ((s->pi->flags & capa_to_assert) != capa_to_assert) { 350 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: %d erase size not supported by" 351 " device\n", len); 352 } 353 354 if (!s->write_enable) { 355 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: erase with write protect!\n"); 356 return; 357 } 358 memset(s->storage + offset, 0xff, len); 359 flash_sync_area(s, offset, len); 360 } 361 362 static inline void flash_sync_dirty(Flash *s, int64_t newpage) 363 { 364 if (s->dirty_page >= 0 && s->dirty_page != newpage) { 365 flash_sync_page(s, s->dirty_page); 366 s->dirty_page = newpage; 367 } 368 } 369 370 static inline 371 void flash_write8(Flash *s, uint64_t addr, uint8_t data) 372 { 373 int64_t page = addr / s->pi->page_size; 374 uint8_t prev = s->storage[s->cur_addr]; 375 376 if (!s->write_enable) { 377 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: write with write protect!\n"); 378 } 379 380 if ((prev ^ data) & data) { 381 DB_PRINT_L(1, "programming zero to one! addr=%" PRIx64 " %" PRIx8 382 " -> %" PRIx8 "\n", addr, prev, data); 383 } 384 385 if (s->pi->flags & WR_1) { 386 s->storage[s->cur_addr] = data; 387 } else { 388 s->storage[s->cur_addr] &= data; 389 } 390 391 flash_sync_dirty(s, page); 392 s->dirty_page = page; 393 } 394 395 static void complete_collecting_data(Flash *s) 396 { 397 s->cur_addr = s->data[0] << 16; 398 s->cur_addr |= s->data[1] << 8; 399 s->cur_addr |= s->data[2]; 400 401 s->state = STATE_IDLE; 402 403 switch (s->cmd_in_progress) { 404 case DPP: 405 case QPP: 406 case PP: 407 s->state = STATE_PAGE_PROGRAM; 408 break; 409 case READ: 410 case FAST_READ: 411 case DOR: 412 case QOR: 413 case DIOR: 414 case QIOR: 415 s->state = STATE_READ; 416 break; 417 case ERASE_4K: 418 case ERASE_32K: 419 case ERASE_SECTOR: 420 flash_erase(s, s->cur_addr, s->cmd_in_progress); 421 break; 422 case WRSR: 423 if (s->write_enable) { 424 s->write_enable = false; 425 } 426 break; 427 default: 428 break; 429 } 430 } 431 432 static void decode_new_cmd(Flash *s, uint32_t value) 433 { 434 s->cmd_in_progress = value; 435 DB_PRINT_L(0, "decoded new command:%x\n", value); 436 437 switch (value) { 438 439 case ERASE_4K: 440 case ERASE_32K: 441 case ERASE_SECTOR: 442 case READ: 443 case DPP: 444 case QPP: 445 case PP: 446 s->needed_bytes = 3; 447 s->pos = 0; 448 s->len = 0; 449 s->state = STATE_COLLECTING_DATA; 450 break; 451 452 case FAST_READ: 453 case DOR: 454 case QOR: 455 s->needed_bytes = 4; 456 s->pos = 0; 457 s->len = 0; 458 s->state = STATE_COLLECTING_DATA; 459 break; 460 461 case DIOR: 462 switch ((s->pi->jedec >> 16) & 0xFF) { 463 case JEDEC_WINBOND: 464 case JEDEC_SPANSION: 465 s->needed_bytes = 4; 466 break; 467 case JEDEC_NUMONYX: 468 default: 469 s->needed_bytes = 5; 470 } 471 s->pos = 0; 472 s->len = 0; 473 s->state = STATE_COLLECTING_DATA; 474 break; 475 476 case QIOR: 477 switch ((s->pi->jedec >> 16) & 0xFF) { 478 case JEDEC_WINBOND: 479 case JEDEC_SPANSION: 480 s->needed_bytes = 6; 481 break; 482 case JEDEC_NUMONYX: 483 default: 484 s->needed_bytes = 8; 485 } 486 s->pos = 0; 487 s->len = 0; 488 s->state = STATE_COLLECTING_DATA; 489 break; 490 491 case WRSR: 492 if (s->write_enable) { 493 s->needed_bytes = 1; 494 s->pos = 0; 495 s->len = 0; 496 s->state = STATE_COLLECTING_DATA; 497 } 498 break; 499 500 case WRDI: 501 s->write_enable = false; 502 break; 503 case WREN: 504 s->write_enable = true; 505 break; 506 507 case RDSR: 508 s->data[0] = (!!s->write_enable) << 1; 509 s->pos = 0; 510 s->len = 1; 511 s->state = STATE_READING_DATA; 512 break; 513 514 case JEDEC_READ: 515 DB_PRINT_L(0, "populated jedec code\n"); 516 s->data[0] = (s->pi->jedec >> 16) & 0xff; 517 s->data[1] = (s->pi->jedec >> 8) & 0xff; 518 s->data[2] = s->pi->jedec & 0xff; 519 if (s->pi->ext_jedec) { 520 s->data[3] = (s->pi->ext_jedec >> 8) & 0xff; 521 s->data[4] = s->pi->ext_jedec & 0xff; 522 s->len = 5; 523 } else { 524 s->len = 3; 525 } 526 s->pos = 0; 527 s->state = STATE_READING_DATA; 528 break; 529 530 case BULK_ERASE: 531 if (s->write_enable) { 532 DB_PRINT_L(0, "chip erase\n"); 533 flash_erase(s, 0, BULK_ERASE); 534 } else { 535 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: chip erase with write " 536 "protect!\n"); 537 } 538 break; 539 case NOP: 540 break; 541 default: 542 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Unknown cmd %x\n", value); 543 break; 544 } 545 } 546 547 static int m25p80_cs(SSISlave *ss, bool select) 548 { 549 Flash *s = M25P80(ss); 550 551 if (select) { 552 s->len = 0; 553 s->pos = 0; 554 s->state = STATE_IDLE; 555 flash_sync_dirty(s, -1); 556 } 557 558 DB_PRINT_L(0, "%sselect\n", select ? "de" : ""); 559 560 return 0; 561 } 562 563 static uint32_t m25p80_transfer8(SSISlave *ss, uint32_t tx) 564 { 565 Flash *s = M25P80(ss); 566 uint32_t r = 0; 567 568 switch (s->state) { 569 570 case STATE_PAGE_PROGRAM: 571 DB_PRINT_L(1, "page program cur_addr=%#" PRIx64 " data=%" PRIx8 "\n", 572 s->cur_addr, (uint8_t)tx); 573 flash_write8(s, s->cur_addr, (uint8_t)tx); 574 s->cur_addr++; 575 break; 576 577 case STATE_READ: 578 r = s->storage[s->cur_addr]; 579 DB_PRINT_L(1, "READ 0x%" PRIx64 "=%" PRIx8 "\n", s->cur_addr, 580 (uint8_t)r); 581 s->cur_addr = (s->cur_addr + 1) % s->size; 582 break; 583 584 case STATE_COLLECTING_DATA: 585 s->data[s->len] = (uint8_t)tx; 586 s->len++; 587 588 if (s->len == s->needed_bytes) { 589 complete_collecting_data(s); 590 } 591 break; 592 593 case STATE_READING_DATA: 594 r = s->data[s->pos]; 595 s->pos++; 596 if (s->pos == s->len) { 597 s->pos = 0; 598 s->state = STATE_IDLE; 599 } 600 break; 601 602 default: 603 case STATE_IDLE: 604 decode_new_cmd(s, (uint8_t)tx); 605 break; 606 } 607 608 return r; 609 } 610 611 static int m25p80_init(SSISlave *ss) 612 { 613 DriveInfo *dinfo; 614 Flash *s = M25P80(ss); 615 M25P80Class *mc = M25P80_GET_CLASS(s); 616 617 s->pi = mc->pi; 618 619 s->size = s->pi->sector_size * s->pi->n_sectors; 620 s->dirty_page = -1; 621 s->storage = qemu_blockalign(s->bdrv, s->size); 622 623 dinfo = drive_get_next(IF_MTD); 624 625 if (dinfo && dinfo->bdrv) { 626 DB_PRINT_L(0, "Binding to IF_MTD drive\n"); 627 s->bdrv = dinfo->bdrv; 628 if (bdrv_is_read_only(s->bdrv)) { 629 fprintf(stderr, "Can't use a read-only drive"); 630 return 1; 631 } 632 633 /* FIXME: Move to late init */ 634 if (bdrv_read(s->bdrv, 0, s->storage, DIV_ROUND_UP(s->size, 635 BDRV_SECTOR_SIZE))) { 636 fprintf(stderr, "Failed to initialize SPI flash!\n"); 637 return 1; 638 } 639 } else { 640 DB_PRINT_L(0, "No BDRV - binding to RAM\n"); 641 memset(s->storage, 0xFF, s->size); 642 } 643 644 return 0; 645 } 646 647 static void m25p80_pre_save(void *opaque) 648 { 649 flash_sync_dirty((Flash *)opaque, -1); 650 } 651 652 static const VMStateDescription vmstate_m25p80 = { 653 .name = "xilinx_spi", 654 .version_id = 1, 655 .minimum_version_id = 1, 656 .minimum_version_id_old = 1, 657 .pre_save = m25p80_pre_save, 658 .fields = (VMStateField[]) { 659 VMSTATE_UINT8(state, Flash), 660 VMSTATE_UINT8_ARRAY(data, Flash, 16), 661 VMSTATE_UINT32(len, Flash), 662 VMSTATE_UINT32(pos, Flash), 663 VMSTATE_UINT8(needed_bytes, Flash), 664 VMSTATE_UINT8(cmd_in_progress, Flash), 665 VMSTATE_UINT64(cur_addr, Flash), 666 VMSTATE_BOOL(write_enable, Flash), 667 VMSTATE_END_OF_LIST() 668 } 669 }; 670 671 static void m25p80_class_init(ObjectClass *klass, void *data) 672 { 673 DeviceClass *dc = DEVICE_CLASS(klass); 674 SSISlaveClass *k = SSI_SLAVE_CLASS(klass); 675 M25P80Class *mc = M25P80_CLASS(klass); 676 677 k->init = m25p80_init; 678 k->transfer = m25p80_transfer8; 679 k->set_cs = m25p80_cs; 680 k->cs_polarity = SSI_CS_LOW; 681 dc->vmsd = &vmstate_m25p80; 682 mc->pi = data; 683 } 684 685 static const TypeInfo m25p80_info = { 686 .name = TYPE_M25P80, 687 .parent = TYPE_SSI_SLAVE, 688 .instance_size = sizeof(Flash), 689 .class_size = sizeof(M25P80Class), 690 .abstract = true, 691 }; 692 693 static void m25p80_register_types(void) 694 { 695 int i; 696 697 type_register_static(&m25p80_info); 698 for (i = 0; i < ARRAY_SIZE(known_devices); ++i) { 699 TypeInfo ti = { 700 .name = known_devices[i].part_name, 701 .parent = TYPE_M25P80, 702 .class_init = m25p80_class_init, 703 .class_data = (void *)&known_devices[i], 704 }; 705 type_register(&ti); 706 } 707 } 708 709 type_init(m25p80_register_types) 710