1 /* 2 * ST M25P80 emulator. Emulate all SPI flash devices based on the m25p80 command 3 * set. Known devices table current as of Jun/2012 and taken from linux. 4 * See drivers/mtd/devices/m25p80.c. 5 * 6 * Copyright (C) 2011 Edgar E. Iglesias <edgar.iglesias@gmail.com> 7 * Copyright (C) 2012 Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com> 8 * Copyright (C) 2012 PetaLogix 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License as 12 * published by the Free Software Foundation; either version 2 or 13 * (at your option) a later version of the License. 14 * 15 * This program is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License along 21 * with this program; if not, see <http://www.gnu.org/licenses/>. 22 */ 23 24 #include "hw/hw.h" 25 #include "sysemu/blockdev.h" 26 #include "hw/ssi.h" 27 28 #ifndef M25P80_ERR_DEBUG 29 #define M25P80_ERR_DEBUG 0 30 #endif 31 32 #define DB_PRINT_L(level, ...) do { \ 33 if (M25P80_ERR_DEBUG > (level)) { \ 34 fprintf(stderr, ": %s: ", __func__); \ 35 fprintf(stderr, ## __VA_ARGS__); \ 36 } \ 37 } while (0); 38 39 /* Fields for FlashPartInfo->flags */ 40 41 /* erase capabilities */ 42 #define ER_4K 1 43 #define ER_32K 2 44 /* set to allow the page program command to write 0s back to 1. Useful for 45 * modelling EEPROM with SPI flash command set 46 */ 47 #define WR_1 0x100 48 49 typedef struct FlashPartInfo { 50 const char *part_name; 51 /* jedec code. (jedec >> 16) & 0xff is the 1st byte, >> 8 the 2nd etc */ 52 uint32_t jedec; 53 /* extended jedec code */ 54 uint16_t ext_jedec; 55 /* there is confusion between manufacturers as to what a sector is. In this 56 * device model, a "sector" is the size that is erased by the ERASE_SECTOR 57 * command (opcode 0xd8). 58 */ 59 uint32_t sector_size; 60 uint32_t n_sectors; 61 uint32_t page_size; 62 uint8_t flags; 63 } FlashPartInfo; 64 65 /* adapted from linux */ 66 67 #define INFO(_part_name, _jedec, _ext_jedec, _sector_size, _n_sectors, _flags)\ 68 .part_name = (_part_name),\ 69 .jedec = (_jedec),\ 70 .ext_jedec = (_ext_jedec),\ 71 .sector_size = (_sector_size),\ 72 .n_sectors = (_n_sectors),\ 73 .page_size = 256,\ 74 .flags = (_flags),\ 75 76 #define JEDEC_NUMONYX 0x20 77 #define JEDEC_WINBOND 0xEF 78 #define JEDEC_SPANSION 0x01 79 80 static const FlashPartInfo known_devices[] = { 81 /* Atmel -- some are (confusingly) marketed as "DataFlash" */ 82 { INFO("at25fs010", 0x1f6601, 0, 32 << 10, 4, ER_4K) }, 83 { INFO("at25fs040", 0x1f6604, 0, 64 << 10, 8, ER_4K) }, 84 85 { INFO("at25df041a", 0x1f4401, 0, 64 << 10, 8, ER_4K) }, 86 { INFO("at25df321a", 0x1f4701, 0, 64 << 10, 64, ER_4K) }, 87 { INFO("at25df641", 0x1f4800, 0, 64 << 10, 128, ER_4K) }, 88 89 { INFO("at26f004", 0x1f0400, 0, 64 << 10, 8, ER_4K) }, 90 { INFO("at26df081a", 0x1f4501, 0, 64 << 10, 16, ER_4K) }, 91 { INFO("at26df161a", 0x1f4601, 0, 64 << 10, 32, ER_4K) }, 92 { INFO("at26df321", 0x1f4700, 0, 64 << 10, 64, ER_4K) }, 93 94 { INFO("at45db081d", 0x1f2500, 0, 64 << 10, 16, ER_4K) }, 95 96 /* EON -- en25xxx */ 97 { INFO("en25f32", 0x1c3116, 0, 64 << 10, 64, ER_4K) }, 98 { INFO("en25p32", 0x1c2016, 0, 64 << 10, 64, 0) }, 99 { INFO("en25q32b", 0x1c3016, 0, 64 << 10, 64, 0) }, 100 { INFO("en25p64", 0x1c2017, 0, 64 << 10, 128, 0) }, 101 { INFO("en25q64", 0x1c3017, 0, 64 << 10, 128, ER_4K) }, 102 103 /* GigaDevice */ 104 { INFO("gd25q32", 0xc84016, 0, 64 << 10, 64, ER_4K) }, 105 { INFO("gd25q64", 0xc84017, 0, 64 << 10, 128, ER_4K) }, 106 107 /* Intel/Numonyx -- xxxs33b */ 108 { INFO("160s33b", 0x898911, 0, 64 << 10, 32, 0) }, 109 { INFO("320s33b", 0x898912, 0, 64 << 10, 64, 0) }, 110 { INFO("640s33b", 0x898913, 0, 64 << 10, 128, 0) }, 111 { INFO("n25q064", 0x20ba17, 0, 64 << 10, 128, 0) }, 112 113 /* Macronix */ 114 { INFO("mx25l2005a", 0xc22012, 0, 64 << 10, 4, ER_4K) }, 115 { INFO("mx25l4005a", 0xc22013, 0, 64 << 10, 8, ER_4K) }, 116 { INFO("mx25l8005", 0xc22014, 0, 64 << 10, 16, 0) }, 117 { INFO("mx25l1606e", 0xc22015, 0, 64 << 10, 32, ER_4K) }, 118 { INFO("mx25l3205d", 0xc22016, 0, 64 << 10, 64, 0) }, 119 { INFO("mx25l6405d", 0xc22017, 0, 64 << 10, 128, 0) }, 120 { INFO("mx25l12805d", 0xc22018, 0, 64 << 10, 256, 0) }, 121 { INFO("mx25l12855e", 0xc22618, 0, 64 << 10, 256, 0) }, 122 { INFO("mx25l25635e", 0xc22019, 0, 64 << 10, 512, 0) }, 123 { INFO("mx25l25655e", 0xc22619, 0, 64 << 10, 512, 0) }, 124 125 /* Micron */ 126 { INFO("n25q032a11", 0x20bb16, 0, 64 << 10, 64, ER_4K) }, 127 { INFO("n25q032a13", 0x20ba16, 0, 64 << 10, 64, ER_4K) }, 128 { INFO("n25q064a11", 0x20bb17, 0, 64 << 10, 128, ER_4K) }, 129 { INFO("n25q064a13", 0x20ba17, 0, 64 << 10, 128, ER_4K) }, 130 { INFO("n25q128a11", 0x20bb18, 0, 64 << 10, 256, ER_4K) }, 131 { INFO("n25q128a13", 0x20ba18, 0, 64 << 10, 256, ER_4K) }, 132 { INFO("n25q256a11", 0x20bb19, 0, 64 << 10, 512, ER_4K) }, 133 { INFO("n25q256a13", 0x20ba19, 0, 64 << 10, 512, ER_4K) }, 134 135 /* Spansion -- single (large) sector size only, at least 136 * for the chips listed here (without boot sectors). 137 */ 138 { INFO("s25sl032p", 0x010215, 0x4d00, 64 << 10, 64, ER_4K) }, 139 { INFO("s25sl064p", 0x010216, 0x4d00, 64 << 10, 128, ER_4K) }, 140 { INFO("s25fl256s0", 0x010219, 0x4d00, 256 << 10, 128, 0) }, 141 { INFO("s25fl256s1", 0x010219, 0x4d01, 64 << 10, 512, 0) }, 142 { INFO("s25fl512s", 0x010220, 0x4d00, 256 << 10, 256, 0) }, 143 { INFO("s70fl01gs", 0x010221, 0x4d00, 256 << 10, 256, 0) }, 144 { INFO("s25sl12800", 0x012018, 0x0300, 256 << 10, 64, 0) }, 145 { INFO("s25sl12801", 0x012018, 0x0301, 64 << 10, 256, 0) }, 146 { INFO("s25fl129p0", 0x012018, 0x4d00, 256 << 10, 64, 0) }, 147 { INFO("s25fl129p1", 0x012018, 0x4d01, 64 << 10, 256, 0) }, 148 { INFO("s25sl004a", 0x010212, 0, 64 << 10, 8, 0) }, 149 { INFO("s25sl008a", 0x010213, 0, 64 << 10, 16, 0) }, 150 { INFO("s25sl016a", 0x010214, 0, 64 << 10, 32, 0) }, 151 { INFO("s25sl032a", 0x010215, 0, 64 << 10, 64, 0) }, 152 { INFO("s25sl064a", 0x010216, 0, 64 << 10, 128, 0) }, 153 { INFO("s25fl016k", 0xef4015, 0, 64 << 10, 32, ER_4K | ER_32K) }, 154 { INFO("s25fl064k", 0xef4017, 0, 64 << 10, 128, ER_4K | ER_32K) }, 155 156 /* SST -- large erase sizes are "overlays", "sectors" are 4<< 10 */ 157 { INFO("sst25vf040b", 0xbf258d, 0, 64 << 10, 8, ER_4K) }, 158 { INFO("sst25vf080b", 0xbf258e, 0, 64 << 10, 16, ER_4K) }, 159 { INFO("sst25vf016b", 0xbf2541, 0, 64 << 10, 32, ER_4K) }, 160 { INFO("sst25vf032b", 0xbf254a, 0, 64 << 10, 64, ER_4K) }, 161 { INFO("sst25wf512", 0xbf2501, 0, 64 << 10, 1, ER_4K) }, 162 { INFO("sst25wf010", 0xbf2502, 0, 64 << 10, 2, ER_4K) }, 163 { INFO("sst25wf020", 0xbf2503, 0, 64 << 10, 4, ER_4K) }, 164 { INFO("sst25wf040", 0xbf2504, 0, 64 << 10, 8, ER_4K) }, 165 166 /* ST Microelectronics -- newer production may have feature updates */ 167 { INFO("m25p05", 0x202010, 0, 32 << 10, 2, 0) }, 168 { INFO("m25p10", 0x202011, 0, 32 << 10, 4, 0) }, 169 { INFO("m25p20", 0x202012, 0, 64 << 10, 4, 0) }, 170 { INFO("m25p40", 0x202013, 0, 64 << 10, 8, 0) }, 171 { INFO("m25p80", 0x202014, 0, 64 << 10, 16, 0) }, 172 { INFO("m25p16", 0x202015, 0, 64 << 10, 32, 0) }, 173 { INFO("m25p32", 0x202016, 0, 64 << 10, 64, 0) }, 174 { INFO("m25p64", 0x202017, 0, 64 << 10, 128, 0) }, 175 { INFO("m25p128", 0x202018, 0, 256 << 10, 64, 0) }, 176 { INFO("n25q032", 0x20ba16, 0, 64 << 10, 64, 0) }, 177 178 { INFO("m45pe10", 0x204011, 0, 64 << 10, 2, 0) }, 179 { INFO("m45pe80", 0x204014, 0, 64 << 10, 16, 0) }, 180 { INFO("m45pe16", 0x204015, 0, 64 << 10, 32, 0) }, 181 182 { INFO("m25pe20", 0x208012, 0, 64 << 10, 4, 0) }, 183 { INFO("m25pe80", 0x208014, 0, 64 << 10, 16, 0) }, 184 { INFO("m25pe16", 0x208015, 0, 64 << 10, 32, ER_4K) }, 185 186 { INFO("m25px32", 0x207116, 0, 64 << 10, 64, ER_4K) }, 187 { INFO("m25px32-s0", 0x207316, 0, 64 << 10, 64, ER_4K) }, 188 { INFO("m25px32-s1", 0x206316, 0, 64 << 10, 64, ER_4K) }, 189 { INFO("m25px64", 0x207117, 0, 64 << 10, 128, 0) }, 190 191 /* Winbond -- w25x "blocks" are 64k, "sectors" are 4KiB */ 192 { INFO("w25x10", 0xef3011, 0, 64 << 10, 2, ER_4K) }, 193 { INFO("w25x20", 0xef3012, 0, 64 << 10, 4, ER_4K) }, 194 { INFO("w25x40", 0xef3013, 0, 64 << 10, 8, ER_4K) }, 195 { INFO("w25x80", 0xef3014, 0, 64 << 10, 16, ER_4K) }, 196 { INFO("w25x16", 0xef3015, 0, 64 << 10, 32, ER_4K) }, 197 { INFO("w25x32", 0xef3016, 0, 64 << 10, 64, ER_4K) }, 198 { INFO("w25q32", 0xef4016, 0, 64 << 10, 64, ER_4K) }, 199 { INFO("w25q32dw", 0xef6016, 0, 64 << 10, 64, ER_4K) }, 200 { INFO("w25x64", 0xef3017, 0, 64 << 10, 128, ER_4K) }, 201 { INFO("w25q64", 0xef4017, 0, 64 << 10, 128, ER_4K) }, 202 { INFO("w25q80", 0xef5014, 0, 64 << 10, 16, ER_4K) }, 203 { INFO("w25q80bl", 0xef4014, 0, 64 << 10, 16, ER_4K) }, 204 { INFO("w25q256", 0xef4019, 0, 64 << 10, 512, ER_4K) }, 205 206 /* Numonyx -- n25q128 */ 207 { INFO("n25q128", 0x20ba18, 0, 64 << 10, 256, 0) }, 208 }; 209 210 typedef enum { 211 NOP = 0, 212 WRSR = 0x1, 213 WRDI = 0x4, 214 RDSR = 0x5, 215 WREN = 0x6, 216 JEDEC_READ = 0x9f, 217 BULK_ERASE = 0xc7, 218 219 READ = 0x3, 220 FAST_READ = 0xb, 221 DOR = 0x3b, 222 QOR = 0x6b, 223 DIOR = 0xbb, 224 QIOR = 0xeb, 225 226 PP = 0x2, 227 DPP = 0xa2, 228 QPP = 0x32, 229 230 ERASE_4K = 0x20, 231 ERASE_32K = 0x52, 232 ERASE_SECTOR = 0xd8, 233 } FlashCMD; 234 235 typedef enum { 236 STATE_IDLE, 237 STATE_PAGE_PROGRAM, 238 STATE_READ, 239 STATE_COLLECTING_DATA, 240 STATE_READING_DATA, 241 } CMDState; 242 243 typedef struct Flash { 244 SSISlave ssidev; 245 uint32_t r; 246 247 BlockDriverState *bdrv; 248 249 uint8_t *storage; 250 uint32_t size; 251 int page_size; 252 253 uint8_t state; 254 uint8_t data[16]; 255 uint32_t len; 256 uint32_t pos; 257 uint8_t needed_bytes; 258 uint8_t cmd_in_progress; 259 uint64_t cur_addr; 260 bool write_enable; 261 262 int64_t dirty_page; 263 264 const FlashPartInfo *pi; 265 266 } Flash; 267 268 typedef struct M25P80Class { 269 SSISlaveClass parent_class; 270 FlashPartInfo *pi; 271 } M25P80Class; 272 273 #define TYPE_M25P80 "m25p80-generic" 274 #define M25P80(obj) \ 275 OBJECT_CHECK(Flash, (obj), TYPE_M25P80) 276 #define M25P80_CLASS(klass) \ 277 OBJECT_CLASS_CHECK(M25P80Class, (klass), TYPE_M25P80) 278 #define M25P80_GET_CLASS(obj) \ 279 OBJECT_GET_CLASS(M25P80Class, (obj), TYPE_M25P80) 280 281 static void bdrv_sync_complete(void *opaque, int ret) 282 { 283 /* do nothing. Masters do not directly interact with the backing store, 284 * only the working copy so no mutexing required. 285 */ 286 } 287 288 static void flash_sync_page(Flash *s, int page) 289 { 290 if (s->bdrv) { 291 int bdrv_sector, nb_sectors; 292 QEMUIOVector iov; 293 294 bdrv_sector = (page * s->pi->page_size) / BDRV_SECTOR_SIZE; 295 nb_sectors = DIV_ROUND_UP(s->pi->page_size, BDRV_SECTOR_SIZE); 296 qemu_iovec_init(&iov, 1); 297 qemu_iovec_add(&iov, s->storage + bdrv_sector * BDRV_SECTOR_SIZE, 298 nb_sectors * BDRV_SECTOR_SIZE); 299 bdrv_aio_writev(s->bdrv, bdrv_sector, &iov, nb_sectors, 300 bdrv_sync_complete, NULL); 301 } 302 } 303 304 static inline void flash_sync_area(Flash *s, int64_t off, int64_t len) 305 { 306 int64_t start, end, nb_sectors; 307 QEMUIOVector iov; 308 309 if (!s->bdrv) { 310 return; 311 } 312 313 assert(!(len % BDRV_SECTOR_SIZE)); 314 start = off / BDRV_SECTOR_SIZE; 315 end = (off + len) / BDRV_SECTOR_SIZE; 316 nb_sectors = end - start; 317 qemu_iovec_init(&iov, 1); 318 qemu_iovec_add(&iov, s->storage + (start * BDRV_SECTOR_SIZE), 319 nb_sectors * BDRV_SECTOR_SIZE); 320 bdrv_aio_writev(s->bdrv, start, &iov, nb_sectors, bdrv_sync_complete, NULL); 321 } 322 323 static void flash_erase(Flash *s, int offset, FlashCMD cmd) 324 { 325 uint32_t len; 326 uint8_t capa_to_assert = 0; 327 328 switch (cmd) { 329 case ERASE_4K: 330 len = 4 << 10; 331 capa_to_assert = ER_4K; 332 break; 333 case ERASE_32K: 334 len = 32 << 10; 335 capa_to_assert = ER_32K; 336 break; 337 case ERASE_SECTOR: 338 len = s->pi->sector_size; 339 break; 340 case BULK_ERASE: 341 len = s->size; 342 break; 343 default: 344 abort(); 345 } 346 347 DB_PRINT_L(0, "offset = %#x, len = %d\n", offset, len); 348 if ((s->pi->flags & capa_to_assert) != capa_to_assert) { 349 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: %d erase size not supported by" 350 " device\n", len); 351 } 352 353 if (!s->write_enable) { 354 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: erase with write protect!\n"); 355 return; 356 } 357 memset(s->storage + offset, 0xff, len); 358 flash_sync_area(s, offset, len); 359 } 360 361 static inline void flash_sync_dirty(Flash *s, int64_t newpage) 362 { 363 if (s->dirty_page >= 0 && s->dirty_page != newpage) { 364 flash_sync_page(s, s->dirty_page); 365 s->dirty_page = newpage; 366 } 367 } 368 369 static inline 370 void flash_write8(Flash *s, uint64_t addr, uint8_t data) 371 { 372 int64_t page = addr / s->pi->page_size; 373 uint8_t prev = s->storage[s->cur_addr]; 374 375 if (!s->write_enable) { 376 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: write with write protect!\n"); 377 } 378 379 if ((prev ^ data) & data) { 380 DB_PRINT_L(1, "programming zero to one! addr=%" PRIx64 " %" PRIx8 381 " -> %" PRIx8 "\n", addr, prev, data); 382 } 383 384 if (s->pi->flags & WR_1) { 385 s->storage[s->cur_addr] = data; 386 } else { 387 s->storage[s->cur_addr] &= data; 388 } 389 390 flash_sync_dirty(s, page); 391 s->dirty_page = page; 392 } 393 394 static void complete_collecting_data(Flash *s) 395 { 396 s->cur_addr = s->data[0] << 16; 397 s->cur_addr |= s->data[1] << 8; 398 s->cur_addr |= s->data[2]; 399 400 s->state = STATE_IDLE; 401 402 switch (s->cmd_in_progress) { 403 case DPP: 404 case QPP: 405 case PP: 406 s->state = STATE_PAGE_PROGRAM; 407 break; 408 case READ: 409 case FAST_READ: 410 case DOR: 411 case QOR: 412 case DIOR: 413 case QIOR: 414 s->state = STATE_READ; 415 break; 416 case ERASE_4K: 417 case ERASE_32K: 418 case ERASE_SECTOR: 419 flash_erase(s, s->cur_addr, s->cmd_in_progress); 420 break; 421 case WRSR: 422 if (s->write_enable) { 423 s->write_enable = false; 424 } 425 break; 426 default: 427 break; 428 } 429 } 430 431 static void decode_new_cmd(Flash *s, uint32_t value) 432 { 433 s->cmd_in_progress = value; 434 DB_PRINT_L(0, "decoded new command:%x\n", value); 435 436 switch (value) { 437 438 case ERASE_4K: 439 case ERASE_32K: 440 case ERASE_SECTOR: 441 case READ: 442 case DPP: 443 case QPP: 444 case PP: 445 s->needed_bytes = 3; 446 s->pos = 0; 447 s->len = 0; 448 s->state = STATE_COLLECTING_DATA; 449 break; 450 451 case FAST_READ: 452 case DOR: 453 case QOR: 454 s->needed_bytes = 4; 455 s->pos = 0; 456 s->len = 0; 457 s->state = STATE_COLLECTING_DATA; 458 break; 459 460 case DIOR: 461 switch ((s->pi->jedec >> 16) & 0xFF) { 462 case JEDEC_WINBOND: 463 case JEDEC_SPANSION: 464 s->needed_bytes = 4; 465 break; 466 case JEDEC_NUMONYX: 467 default: 468 s->needed_bytes = 5; 469 } 470 s->pos = 0; 471 s->len = 0; 472 s->state = STATE_COLLECTING_DATA; 473 break; 474 475 case QIOR: 476 switch ((s->pi->jedec >> 16) & 0xFF) { 477 case JEDEC_WINBOND: 478 case JEDEC_SPANSION: 479 s->needed_bytes = 6; 480 break; 481 case JEDEC_NUMONYX: 482 default: 483 s->needed_bytes = 8; 484 } 485 s->pos = 0; 486 s->len = 0; 487 s->state = STATE_COLLECTING_DATA; 488 break; 489 490 case WRSR: 491 if (s->write_enable) { 492 s->needed_bytes = 1; 493 s->pos = 0; 494 s->len = 0; 495 s->state = STATE_COLLECTING_DATA; 496 } 497 break; 498 499 case WRDI: 500 s->write_enable = false; 501 break; 502 case WREN: 503 s->write_enable = true; 504 break; 505 506 case RDSR: 507 s->data[0] = (!!s->write_enable) << 1; 508 s->pos = 0; 509 s->len = 1; 510 s->state = STATE_READING_DATA; 511 break; 512 513 case JEDEC_READ: 514 DB_PRINT_L(0, "populated jedec code\n"); 515 s->data[0] = (s->pi->jedec >> 16) & 0xff; 516 s->data[1] = (s->pi->jedec >> 8) & 0xff; 517 s->data[2] = s->pi->jedec & 0xff; 518 if (s->pi->ext_jedec) { 519 s->data[3] = (s->pi->ext_jedec >> 8) & 0xff; 520 s->data[4] = s->pi->ext_jedec & 0xff; 521 s->len = 5; 522 } else { 523 s->len = 3; 524 } 525 s->pos = 0; 526 s->state = STATE_READING_DATA; 527 break; 528 529 case BULK_ERASE: 530 if (s->write_enable) { 531 DB_PRINT_L(0, "chip erase\n"); 532 flash_erase(s, 0, BULK_ERASE); 533 } else { 534 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: chip erase with write " 535 "protect!\n"); 536 } 537 break; 538 case NOP: 539 break; 540 default: 541 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Unknown cmd %x\n", value); 542 break; 543 } 544 } 545 546 static int m25p80_cs(SSISlave *ss, bool select) 547 { 548 Flash *s = FROM_SSI_SLAVE(Flash, ss); 549 550 if (select) { 551 s->len = 0; 552 s->pos = 0; 553 s->state = STATE_IDLE; 554 flash_sync_dirty(s, -1); 555 } 556 557 DB_PRINT_L(0, "%sselect\n", select ? "de" : ""); 558 559 return 0; 560 } 561 562 static uint32_t m25p80_transfer8(SSISlave *ss, uint32_t tx) 563 { 564 Flash *s = FROM_SSI_SLAVE(Flash, ss); 565 uint32_t r = 0; 566 567 switch (s->state) { 568 569 case STATE_PAGE_PROGRAM: 570 DB_PRINT_L(1, "page program cur_addr=%#" PRIx64 " data=%" PRIx8 "\n", 571 s->cur_addr, (uint8_t)tx); 572 flash_write8(s, s->cur_addr, (uint8_t)tx); 573 s->cur_addr++; 574 break; 575 576 case STATE_READ: 577 r = s->storage[s->cur_addr]; 578 DB_PRINT_L(1, "READ 0x%" PRIx64 "=%" PRIx8 "\n", s->cur_addr, 579 (uint8_t)r); 580 s->cur_addr = (s->cur_addr + 1) % s->size; 581 break; 582 583 case STATE_COLLECTING_DATA: 584 s->data[s->len] = (uint8_t)tx; 585 s->len++; 586 587 if (s->len == s->needed_bytes) { 588 complete_collecting_data(s); 589 } 590 break; 591 592 case STATE_READING_DATA: 593 r = s->data[s->pos]; 594 s->pos++; 595 if (s->pos == s->len) { 596 s->pos = 0; 597 s->state = STATE_IDLE; 598 } 599 break; 600 601 default: 602 case STATE_IDLE: 603 decode_new_cmd(s, (uint8_t)tx); 604 break; 605 } 606 607 return r; 608 } 609 610 static int m25p80_init(SSISlave *ss) 611 { 612 DriveInfo *dinfo; 613 Flash *s = FROM_SSI_SLAVE(Flash, ss); 614 M25P80Class *mc = M25P80_GET_CLASS(s); 615 616 s->pi = mc->pi; 617 618 s->size = s->pi->sector_size * s->pi->n_sectors; 619 s->dirty_page = -1; 620 s->storage = qemu_blockalign(s->bdrv, s->size); 621 622 dinfo = drive_get_next(IF_MTD); 623 624 if (dinfo && dinfo->bdrv) { 625 DB_PRINT_L(0, "Binding to IF_MTD drive\n"); 626 s->bdrv = dinfo->bdrv; 627 if (bdrv_is_read_only(s->bdrv)) { 628 fprintf(stderr, "Can't use a read-only drive"); 629 return 1; 630 } 631 632 /* FIXME: Move to late init */ 633 if (bdrv_read(s->bdrv, 0, s->storage, DIV_ROUND_UP(s->size, 634 BDRV_SECTOR_SIZE))) { 635 fprintf(stderr, "Failed to initialize SPI flash!\n"); 636 return 1; 637 } 638 } else { 639 DB_PRINT_L(0, "No BDRV - binding to RAM\n"); 640 memset(s->storage, 0xFF, s->size); 641 } 642 643 return 0; 644 } 645 646 static void m25p80_pre_save(void *opaque) 647 { 648 flash_sync_dirty((Flash *)opaque, -1); 649 } 650 651 static const VMStateDescription vmstate_m25p80 = { 652 .name = "xilinx_spi", 653 .version_id = 1, 654 .minimum_version_id = 1, 655 .minimum_version_id_old = 1, 656 .pre_save = m25p80_pre_save, 657 .fields = (VMStateField[]) { 658 VMSTATE_UINT8(state, Flash), 659 VMSTATE_UINT8_ARRAY(data, Flash, 16), 660 VMSTATE_UINT32(len, Flash), 661 VMSTATE_UINT32(pos, Flash), 662 VMSTATE_UINT8(needed_bytes, Flash), 663 VMSTATE_UINT8(cmd_in_progress, Flash), 664 VMSTATE_UINT64(cur_addr, Flash), 665 VMSTATE_BOOL(write_enable, Flash), 666 VMSTATE_END_OF_LIST() 667 } 668 }; 669 670 static void m25p80_class_init(ObjectClass *klass, void *data) 671 { 672 DeviceClass *dc = DEVICE_CLASS(klass); 673 SSISlaveClass *k = SSI_SLAVE_CLASS(klass); 674 M25P80Class *mc = M25P80_CLASS(klass); 675 676 k->init = m25p80_init; 677 k->transfer = m25p80_transfer8; 678 k->set_cs = m25p80_cs; 679 k->cs_polarity = SSI_CS_LOW; 680 dc->vmsd = &vmstate_m25p80; 681 mc->pi = data; 682 } 683 684 static const TypeInfo m25p80_info = { 685 .name = TYPE_M25P80, 686 .parent = TYPE_SSI_SLAVE, 687 .instance_size = sizeof(Flash), 688 .class_size = sizeof(M25P80Class), 689 .abstract = true, 690 }; 691 692 static void m25p80_register_types(void) 693 { 694 int i; 695 696 type_register_static(&m25p80_info); 697 for (i = 0; i < ARRAY_SIZE(known_devices); ++i) { 698 TypeInfo ti = { 699 .name = known_devices[i].part_name, 700 .parent = TYPE_M25P80, 701 .class_init = m25p80_class_init, 702 .class_data = (void *)&known_devices[i], 703 }; 704 type_register(&ti); 705 } 706 } 707 708 type_init(m25p80_register_types) 709