1 /*
2 * Flash NAND memory emulation. Based on "16M x 8 Bit NAND Flash
3 * Memory" datasheet for the KM29U128AT / K9F2808U0A chips from
4 * Samsung Electronic.
5 *
6 * Copyright (c) 2006 Openedhand Ltd.
7 * Written by Andrzej Zaborowski <balrog@zabor.org>
8 *
9 * Support for additional features based on "MT29F2G16ABCWP 2Gx16"
10 * datasheet from Micron Technology and "NAND02G-B2C" datasheet
11 * from ST Microelectronics.
12 *
13 * This code is licensed under the GNU GPL v2.
14 *
15 * Contributions after 2012-01-13 are licensed under the terms of the
16 * GNU GPL, version 2 or (at your option) any later version.
17 */
18
19 #ifndef NAND_IO
20
21 #include "qemu/osdep.h"
22 #include "hw/hw.h"
23 #include "hw/qdev-properties.h"
24 #include "hw/qdev-properties-system.h"
25 #include "hw/block/flash.h"
26 #include "sysemu/block-backend.h"
27 #include "migration/vmstate.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/module.h"
31 #include "qom/object.h"
32
33 # define NAND_CMD_READ0 0x00
34 # define NAND_CMD_READ1 0x01
35 # define NAND_CMD_READ2 0x50
36 # define NAND_CMD_LPREAD2 0x30
37 # define NAND_CMD_NOSERIALREAD2 0x35
38 # define NAND_CMD_RANDOMREAD1 0x05
39 # define NAND_CMD_RANDOMREAD2 0xe0
40 # define NAND_CMD_READID 0x90
41 # define NAND_CMD_RESET 0xff
42 # define NAND_CMD_PAGEPROGRAM1 0x80
43 # define NAND_CMD_PAGEPROGRAM2 0x10
44 # define NAND_CMD_CACHEPROGRAM2 0x15
45 # define NAND_CMD_BLOCKERASE1 0x60
46 # define NAND_CMD_BLOCKERASE2 0xd0
47 # define NAND_CMD_READSTATUS 0x70
48 # define NAND_CMD_COPYBACKPRG1 0x85
49
50 # define NAND_IOSTATUS_ERROR (1 << 0)
51 # define NAND_IOSTATUS_PLANE0 (1 << 1)
52 # define NAND_IOSTATUS_PLANE1 (1 << 2)
53 # define NAND_IOSTATUS_PLANE2 (1 << 3)
54 # define NAND_IOSTATUS_PLANE3 (1 << 4)
55 # define NAND_IOSTATUS_READY (1 << 6)
56 # define NAND_IOSTATUS_UNPROTCT (1 << 7)
57
58 # define MAX_PAGE 0x800
59 # define MAX_OOB 0x40
60
61 typedef struct NANDFlashState NANDFlashState;
62 struct NANDFlashState {
63 DeviceState parent_obj;
64
65 uint8_t manf_id, chip_id;
66 uint8_t buswidth; /* in BYTES */
67 int size, pages;
68 int page_shift, oob_shift, erase_shift, addr_shift;
69 uint8_t *storage;
70 BlockBackend *blk;
71 int mem_oob;
72
73 uint8_t cle, ale, ce, wp, gnd;
74
75 uint8_t io[MAX_PAGE + MAX_OOB + 0x400];
76 uint8_t *ioaddr;
77 int iolen;
78
79 uint32_t cmd;
80 uint64_t addr;
81 int addrlen;
82 int status;
83 int offset;
84
85 void (*blk_write)(NANDFlashState *s);
86 void (*blk_erase)(NANDFlashState *s);
87 /*
88 * Returns %true when block containing (@addr + @offset) is
89 * successfully loaded, otherwise %false.
90 */
91 bool (*blk_load)(NANDFlashState *s, uint64_t addr, unsigned offset);
92
93 uint32_t ioaddr_vmstate;
94 };
95
96 #define TYPE_NAND "nand"
97
OBJECT_DECLARE_SIMPLE_TYPE(NANDFlashState,NAND)98 OBJECT_DECLARE_SIMPLE_TYPE(NANDFlashState, NAND)
99
100 static void mem_and(uint8_t *dest, const uint8_t *src, size_t n)
101 {
102 /* Like memcpy() but we logical-AND the data into the destination */
103 int i;
104 for (i = 0; i < n; i++) {
105 dest[i] &= src[i];
106 }
107 }
108
109 # define NAND_NO_AUTOINCR 0x00000001
110 # define NAND_BUSWIDTH_16 0x00000002
111 # define NAND_NO_PADDING 0x00000004
112 # define NAND_CACHEPRG 0x00000008
113 # define NAND_COPYBACK 0x00000010
114 # define NAND_IS_AND 0x00000020
115 # define NAND_4PAGE_ARRAY 0x00000040
116 # define NAND_NO_READRDY 0x00000100
117 # define NAND_SAMSUNG_LP (NAND_NO_PADDING | NAND_COPYBACK)
118
119 # define NAND_IO
120
121 # define PAGE(addr) ((addr) >> ADDR_SHIFT)
122 # define PAGE_START(page) (PAGE(page) * (NAND_PAGE_SIZE + OOB_SIZE))
123 # define PAGE_MASK ((1 << ADDR_SHIFT) - 1)
124 # define OOB_SHIFT (PAGE_SHIFT - 5)
125 # define OOB_SIZE (1 << OOB_SHIFT)
126 # define SECTOR(addr) ((addr) >> (9 + ADDR_SHIFT - PAGE_SHIFT))
127 # define SECTOR_OFFSET(addr) ((addr) & ((511 >> PAGE_SHIFT) << 8))
128
129 # define NAND_PAGE_SIZE 256
130 # define PAGE_SHIFT 8
131 # define PAGE_SECTORS 1
132 # define ADDR_SHIFT 8
133 # include "nand.c"
134 # define NAND_PAGE_SIZE 512
135 # define PAGE_SHIFT 9
136 # define PAGE_SECTORS 1
137 # define ADDR_SHIFT 8
138 # include "nand.c"
139 # define NAND_PAGE_SIZE 2048
140 # define PAGE_SHIFT 11
141 # define PAGE_SECTORS 4
142 # define ADDR_SHIFT 16
143 # include "nand.c"
144
145 /* Information based on Linux drivers/mtd/nand/raw/nand_ids.c */
146 static const struct {
147 int size;
148 int width;
149 int page_shift;
150 int erase_shift;
151 uint32_t options;
152 } nand_flash_ids[0x100] = {
153 [0 ... 0xff] = { 0 },
154
155 [0x6b] = { 4, 8, 9, 4, 0 },
156 [0xe3] = { 4, 8, 9, 4, 0 },
157 [0xe5] = { 4, 8, 9, 4, 0 },
158 [0xd6] = { 8, 8, 9, 4, 0 },
159 [0xe6] = { 8, 8, 9, 4, 0 },
160
161 [0x33] = { 16, 8, 9, 5, 0 },
162 [0x73] = { 16, 8, 9, 5, 0 },
163 [0x43] = { 16, 16, 9, 5, NAND_BUSWIDTH_16 },
164 [0x53] = { 16, 16, 9, 5, NAND_BUSWIDTH_16 },
165
166 [0x35] = { 32, 8, 9, 5, 0 },
167 [0x75] = { 32, 8, 9, 5, 0 },
168 [0x45] = { 32, 16, 9, 5, NAND_BUSWIDTH_16 },
169 [0x55] = { 32, 16, 9, 5, NAND_BUSWIDTH_16 },
170
171 [0x36] = { 64, 8, 9, 5, 0 },
172 [0x76] = { 64, 8, 9, 5, 0 },
173 [0x46] = { 64, 16, 9, 5, NAND_BUSWIDTH_16 },
174 [0x56] = { 64, 16, 9, 5, NAND_BUSWIDTH_16 },
175
176 [0x78] = { 128, 8, 9, 5, 0 },
177 [0x39] = { 128, 8, 9, 5, 0 },
178 [0x79] = { 128, 8, 9, 5, 0 },
179 [0x72] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 },
180 [0x49] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 },
181 [0x74] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 },
182 [0x59] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 },
183
184 [0x71] = { 256, 8, 9, 5, 0 },
185
186 /*
187 * These are the new chips with large page size. The pagesize and the
188 * erasesize is determined from the extended id bytes
189 */
190 # define LP_OPTIONS (NAND_SAMSUNG_LP | NAND_NO_READRDY | NAND_NO_AUTOINCR)
191 # define LP_OPTIONS16 (LP_OPTIONS | NAND_BUSWIDTH_16)
192
193 /* 512 Megabit */
194 [0xa2] = { 64, 8, 0, 0, LP_OPTIONS },
195 [0xf2] = { 64, 8, 0, 0, LP_OPTIONS },
196 [0xb2] = { 64, 16, 0, 0, LP_OPTIONS16 },
197 [0xc2] = { 64, 16, 0, 0, LP_OPTIONS16 },
198
199 /* 1 Gigabit */
200 [0xa1] = { 128, 8, 0, 0, LP_OPTIONS },
201 [0xf1] = { 128, 8, 0, 0, LP_OPTIONS },
202 [0xb1] = { 128, 16, 0, 0, LP_OPTIONS16 },
203 [0xc1] = { 128, 16, 0, 0, LP_OPTIONS16 },
204
205 /* 2 Gigabit */
206 [0xaa] = { 256, 8, 0, 0, LP_OPTIONS },
207 [0xda] = { 256, 8, 0, 0, LP_OPTIONS },
208 [0xba] = { 256, 16, 0, 0, LP_OPTIONS16 },
209 [0xca] = { 256, 16, 0, 0, LP_OPTIONS16 },
210
211 /* 4 Gigabit */
212 [0xac] = { 512, 8, 0, 0, LP_OPTIONS },
213 [0xdc] = { 512, 8, 0, 0, LP_OPTIONS },
214 [0xbc] = { 512, 16, 0, 0, LP_OPTIONS16 },
215 [0xcc] = { 512, 16, 0, 0, LP_OPTIONS16 },
216
217 /* 8 Gigabit */
218 [0xa3] = { 1024, 8, 0, 0, LP_OPTIONS },
219 [0xd3] = { 1024, 8, 0, 0, LP_OPTIONS },
220 [0xb3] = { 1024, 16, 0, 0, LP_OPTIONS16 },
221 [0xc3] = { 1024, 16, 0, 0, LP_OPTIONS16 },
222
223 /* 16 Gigabit */
224 [0xa5] = { 2048, 8, 0, 0, LP_OPTIONS },
225 [0xd5] = { 2048, 8, 0, 0, LP_OPTIONS },
226 [0xb5] = { 2048, 16, 0, 0, LP_OPTIONS16 },
227 [0xc5] = { 2048, 16, 0, 0, LP_OPTIONS16 },
228 };
229
nand_reset(DeviceState * dev)230 static void nand_reset(DeviceState *dev)
231 {
232 NANDFlashState *s = NAND(dev);
233 s->cmd = NAND_CMD_READ0;
234 s->addr = 0;
235 s->addrlen = 0;
236 s->iolen = 0;
237 s->offset = 0;
238 s->status &= NAND_IOSTATUS_UNPROTCT;
239 s->status |= NAND_IOSTATUS_READY;
240 }
241
nand_pushio_byte(NANDFlashState * s,uint8_t value)242 static inline void nand_pushio_byte(NANDFlashState *s, uint8_t value)
243 {
244 s->ioaddr[s->iolen++] = value;
245 for (value = s->buswidth; --value;) {
246 s->ioaddr[s->iolen++] = 0;
247 }
248 }
249
250 /*
251 * nand_load_block: Load block containing (s->addr + @offset).
252 * Returns length of data available at @offset in this block.
253 */
nand_load_block(NANDFlashState * s,unsigned offset)254 static unsigned nand_load_block(NANDFlashState *s, unsigned offset)
255 {
256 unsigned iolen;
257
258 if (!s->blk_load(s, s->addr, offset)) {
259 return 0;
260 }
261
262 iolen = (1 << s->page_shift);
263 if (s->gnd) {
264 iolen += 1 << s->oob_shift;
265 }
266 assert(offset <= iolen);
267 iolen -= offset;
268
269 return iolen;
270 }
271
nand_command(NANDFlashState * s)272 static void nand_command(NANDFlashState *s)
273 {
274 switch (s->cmd) {
275 case NAND_CMD_READ0:
276 s->iolen = 0;
277 break;
278
279 case NAND_CMD_READID:
280 s->ioaddr = s->io;
281 s->iolen = 0;
282 nand_pushio_byte(s, s->manf_id);
283 nand_pushio_byte(s, s->chip_id);
284 nand_pushio_byte(s, 'Q'); /* Don't-care byte (often 0xa5) */
285 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) {
286 /* Page Size, Block Size, Spare Size; bit 6 indicates
287 * 8 vs 16 bit width NAND.
288 */
289 nand_pushio_byte(s, (s->buswidth == 2) ? 0x55 : 0x15);
290 } else {
291 nand_pushio_byte(s, 0xc0); /* Multi-plane */
292 }
293 break;
294
295 case NAND_CMD_RANDOMREAD2:
296 case NAND_CMD_NOSERIALREAD2:
297 if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP))
298 break;
299 s->iolen = nand_load_block(s, s->addr & ((1 << s->addr_shift) - 1));
300 break;
301
302 case NAND_CMD_RESET:
303 nand_reset(DEVICE(s));
304 break;
305
306 case NAND_CMD_PAGEPROGRAM1:
307 s->ioaddr = s->io;
308 s->iolen = 0;
309 break;
310
311 case NAND_CMD_PAGEPROGRAM2:
312 if (s->wp) {
313 s->blk_write(s);
314 }
315 break;
316
317 case NAND_CMD_BLOCKERASE1:
318 break;
319
320 case NAND_CMD_BLOCKERASE2:
321 s->addr &= (1ull << s->addrlen * 8) - 1;
322 s->addr <<= nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP ?
323 16 : 8;
324
325 if (s->wp) {
326 s->blk_erase(s);
327 }
328 break;
329
330 case NAND_CMD_READSTATUS:
331 s->ioaddr = s->io;
332 s->iolen = 0;
333 nand_pushio_byte(s, s->status);
334 break;
335
336 default:
337 printf("%s: Unknown NAND command 0x%02x\n", __func__, s->cmd);
338 }
339 }
340
nand_pre_save(void * opaque)341 static int nand_pre_save(void *opaque)
342 {
343 NANDFlashState *s = NAND(opaque);
344
345 s->ioaddr_vmstate = s->ioaddr - s->io;
346
347 return 0;
348 }
349
nand_post_load(void * opaque,int version_id)350 static int nand_post_load(void *opaque, int version_id)
351 {
352 NANDFlashState *s = NAND(opaque);
353
354 if (s->ioaddr_vmstate > sizeof(s->io)) {
355 return -EINVAL;
356 }
357 s->ioaddr = s->io + s->ioaddr_vmstate;
358
359 return 0;
360 }
361
362 static const VMStateDescription vmstate_nand = {
363 .name = "nand",
364 .version_id = 1,
365 .minimum_version_id = 1,
366 .pre_save = nand_pre_save,
367 .post_load = nand_post_load,
368 .fields = (const VMStateField[]) {
369 VMSTATE_UINT8(cle, NANDFlashState),
370 VMSTATE_UINT8(ale, NANDFlashState),
371 VMSTATE_UINT8(ce, NANDFlashState),
372 VMSTATE_UINT8(wp, NANDFlashState),
373 VMSTATE_UINT8(gnd, NANDFlashState),
374 VMSTATE_BUFFER(io, NANDFlashState),
375 VMSTATE_UINT32(ioaddr_vmstate, NANDFlashState),
376 VMSTATE_INT32(iolen, NANDFlashState),
377 VMSTATE_UINT32(cmd, NANDFlashState),
378 VMSTATE_UINT64(addr, NANDFlashState),
379 VMSTATE_INT32(addrlen, NANDFlashState),
380 VMSTATE_INT32(status, NANDFlashState),
381 VMSTATE_INT32(offset, NANDFlashState),
382 /* XXX: do we want to save s->storage too? */
383 VMSTATE_END_OF_LIST()
384 }
385 };
386
nand_realize(DeviceState * dev,Error ** errp)387 static void nand_realize(DeviceState *dev, Error **errp)
388 {
389 int pagesize;
390 NANDFlashState *s = NAND(dev);
391 int ret;
392
393
394 s->buswidth = nand_flash_ids[s->chip_id].width >> 3;
395 s->size = nand_flash_ids[s->chip_id].size << 20;
396 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) {
397 s->page_shift = 11;
398 s->erase_shift = 6;
399 } else {
400 s->page_shift = nand_flash_ids[s->chip_id].page_shift;
401 s->erase_shift = nand_flash_ids[s->chip_id].erase_shift;
402 }
403
404 switch (1 << s->page_shift) {
405 case 256:
406 nand_init_256(s);
407 break;
408 case 512:
409 nand_init_512(s);
410 break;
411 case 2048:
412 nand_init_2048(s);
413 break;
414 default:
415 error_setg(errp, "Unsupported NAND block size %#x",
416 1 << s->page_shift);
417 return;
418 }
419
420 pagesize = 1 << s->oob_shift;
421 s->mem_oob = 1;
422 if (s->blk) {
423 if (!blk_supports_write_perm(s->blk)) {
424 error_setg(errp, "Can't use a read-only drive");
425 return;
426 }
427 ret = blk_set_perm(s->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE,
428 BLK_PERM_ALL, errp);
429 if (ret < 0) {
430 return;
431 }
432 if (blk_getlength(s->blk) >=
433 (s->pages << s->page_shift) + (s->pages << s->oob_shift)) {
434 pagesize = 0;
435 s->mem_oob = 0;
436 }
437 } else {
438 pagesize += 1 << s->page_shift;
439 }
440 if (pagesize) {
441 s->storage = (uint8_t *) memset(g_malloc(s->pages * pagesize),
442 0xff, s->pages * pagesize);
443 }
444 /* Give s->ioaddr a sane value in case we save state before it is used. */
445 s->ioaddr = s->io;
446 }
447
448 static Property nand_properties[] = {
449 DEFINE_PROP_UINT8("manufacturer_id", NANDFlashState, manf_id, 0),
450 DEFINE_PROP_UINT8("chip_id", NANDFlashState, chip_id, 0),
451 DEFINE_PROP_DRIVE("drive", NANDFlashState, blk),
452 DEFINE_PROP_END_OF_LIST(),
453 };
454
nand_class_init(ObjectClass * klass,void * data)455 static void nand_class_init(ObjectClass *klass, void *data)
456 {
457 DeviceClass *dc = DEVICE_CLASS(klass);
458
459 dc->realize = nand_realize;
460 device_class_set_legacy_reset(dc, nand_reset);
461 dc->vmsd = &vmstate_nand;
462 device_class_set_props(dc, nand_properties);
463 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
464 }
465
466 static const TypeInfo nand_info = {
467 .name = TYPE_NAND,
468 .parent = TYPE_DEVICE,
469 .instance_size = sizeof(NANDFlashState),
470 .class_init = nand_class_init,
471 };
472
nand_register_types(void)473 static void nand_register_types(void)
474 {
475 type_register_static(&nand_info);
476 }
477
478 /*
479 * Chip inputs are CLE, ALE, CE, WP, GND and eight I/O pins. Chip
480 * outputs are R/B and eight I/O pins.
481 *
482 * CE, WP and R/B are active low.
483 */
nand_setpins(DeviceState * dev,uint8_t cle,uint8_t ale,uint8_t ce,uint8_t wp,uint8_t gnd)484 void nand_setpins(DeviceState *dev, uint8_t cle, uint8_t ale,
485 uint8_t ce, uint8_t wp, uint8_t gnd)
486 {
487 NANDFlashState *s = NAND(dev);
488
489 s->cle = cle;
490 s->ale = ale;
491 s->ce = ce;
492 s->wp = wp;
493 s->gnd = gnd;
494 if (wp) {
495 s->status |= NAND_IOSTATUS_UNPROTCT;
496 } else {
497 s->status &= ~NAND_IOSTATUS_UNPROTCT;
498 }
499 }
500
nand_getpins(DeviceState * dev,int * rb)501 void nand_getpins(DeviceState *dev, int *rb)
502 {
503 *rb = 1;
504 }
505
nand_setio(DeviceState * dev,uint32_t value)506 void nand_setio(DeviceState *dev, uint32_t value)
507 {
508 int i;
509 NANDFlashState *s = NAND(dev);
510
511 if (!s->ce && s->cle) {
512 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) {
513 if (s->cmd == NAND_CMD_READ0 && value == NAND_CMD_LPREAD2)
514 return;
515 if (value == NAND_CMD_RANDOMREAD1) {
516 s->addr &= ~((1 << s->addr_shift) - 1);
517 s->addrlen = 0;
518 return;
519 }
520 }
521 if (value == NAND_CMD_READ0) {
522 s->offset = 0;
523 } else if (value == NAND_CMD_READ1) {
524 s->offset = 0x100;
525 value = NAND_CMD_READ0;
526 } else if (value == NAND_CMD_READ2) {
527 s->offset = 1 << s->page_shift;
528 value = NAND_CMD_READ0;
529 }
530
531 s->cmd = value;
532
533 if (s->cmd == NAND_CMD_READSTATUS ||
534 s->cmd == NAND_CMD_PAGEPROGRAM2 ||
535 s->cmd == NAND_CMD_BLOCKERASE1 ||
536 s->cmd == NAND_CMD_BLOCKERASE2 ||
537 s->cmd == NAND_CMD_NOSERIALREAD2 ||
538 s->cmd == NAND_CMD_RANDOMREAD2 ||
539 s->cmd == NAND_CMD_RESET) {
540 nand_command(s);
541 }
542
543 if (s->cmd != NAND_CMD_RANDOMREAD2) {
544 s->addrlen = 0;
545 }
546 }
547
548 if (s->ale) {
549 unsigned int shift = s->addrlen * 8;
550 uint64_t mask = ~(0xffull << shift);
551 uint64_t v = (uint64_t)value << shift;
552
553 s->addr = (s->addr & mask) | v;
554 s->addrlen ++;
555
556 switch (s->addrlen) {
557 case 1:
558 if (s->cmd == NAND_CMD_READID) {
559 nand_command(s);
560 }
561 break;
562 case 2: /* fix cache address as a byte address */
563 s->addr <<= (s->buswidth - 1);
564 break;
565 case 3:
566 if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) &&
567 (s->cmd == NAND_CMD_READ0 ||
568 s->cmd == NAND_CMD_PAGEPROGRAM1)) {
569 nand_command(s);
570 }
571 break;
572 case 4:
573 if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) &&
574 nand_flash_ids[s->chip_id].size < 256 && /* 1Gb or less */
575 (s->cmd == NAND_CMD_READ0 ||
576 s->cmd == NAND_CMD_PAGEPROGRAM1)) {
577 nand_command(s);
578 }
579 break;
580 case 5:
581 if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) &&
582 nand_flash_ids[s->chip_id].size >= 256 && /* 2Gb or more */
583 (s->cmd == NAND_CMD_READ0 ||
584 s->cmd == NAND_CMD_PAGEPROGRAM1)) {
585 nand_command(s);
586 }
587 break;
588 default:
589 break;
590 }
591 }
592
593 if (!s->cle && !s->ale && s->cmd == NAND_CMD_PAGEPROGRAM1) {
594 if (s->iolen < (1 << s->page_shift) + (1 << s->oob_shift)) {
595 for (i = s->buswidth; i--; value >>= 8) {
596 s->io[s->iolen ++] = (uint8_t) (value & 0xff);
597 }
598 }
599 } else if (!s->cle && !s->ale && s->cmd == NAND_CMD_COPYBACKPRG1) {
600 if ((s->addr & ((1 << s->addr_shift) - 1)) <
601 (1 << s->page_shift) + (1 << s->oob_shift)) {
602 for (i = s->buswidth; i--; s->addr++, value >>= 8) {
603 s->io[s->iolen + (s->addr & ((1 << s->addr_shift) - 1))] =
604 (uint8_t) (value & 0xff);
605 }
606 }
607 }
608 }
609
nand_getio(DeviceState * dev)610 uint32_t nand_getio(DeviceState *dev)
611 {
612 int offset;
613 uint32_t x = 0;
614 NANDFlashState *s = NAND(dev);
615
616 /* Allow sequential reading */
617 if (!s->iolen && s->cmd == NAND_CMD_READ0) {
618 offset = (int) (s->addr & ((1 << s->addr_shift) - 1)) + s->offset;
619 s->offset = 0;
620 s->iolen = nand_load_block(s, offset);
621 }
622
623 if (s->ce || s->iolen <= 0) {
624 return 0;
625 }
626
627 for (offset = s->buswidth; offset--;) {
628 x |= s->ioaddr[offset] << (offset << 3);
629 }
630 /* after receiving READ STATUS command all subsequent reads will
631 * return the status register value until another command is issued
632 */
633 if (s->cmd != NAND_CMD_READSTATUS) {
634 s->addr += s->buswidth;
635 s->ioaddr += s->buswidth;
636 s->iolen -= s->buswidth;
637 }
638 return x;
639 }
640
nand_getbuswidth(DeviceState * dev)641 uint32_t nand_getbuswidth(DeviceState *dev)
642 {
643 NANDFlashState *s = (NANDFlashState *) dev;
644 return s->buswidth << 3;
645 }
646
nand_init(BlockBackend * blk,int manf_id,int chip_id)647 DeviceState *nand_init(BlockBackend *blk, int manf_id, int chip_id)
648 {
649 DeviceState *dev;
650
651 if (nand_flash_ids[chip_id].size == 0) {
652 hw_error("%s: Unsupported NAND chip ID.\n", __func__);
653 }
654 dev = qdev_new(TYPE_NAND);
655 qdev_prop_set_uint8(dev, "manufacturer_id", manf_id);
656 qdev_prop_set_uint8(dev, "chip_id", chip_id);
657 if (blk) {
658 qdev_prop_set_drive_err(dev, "drive", blk, &error_fatal);
659 }
660
661 qdev_realize(dev, NULL, &error_fatal);
662 return dev;
663 }
664
665 type_init(nand_register_types)
666
667 #else
668
669 /* Program a single page */
670 static void glue(nand_blk_write_, NAND_PAGE_SIZE)(NANDFlashState *s)
671 {
672 uint64_t off, page, sector, soff;
673 uint8_t iobuf[(PAGE_SECTORS + 2) * 0x200];
674 if (PAGE(s->addr) >= s->pages)
675 return;
676
677 if (!s->blk) {
678 mem_and(s->storage + PAGE_START(s->addr) + (s->addr & PAGE_MASK) +
679 s->offset, s->io, s->iolen);
680 } else if (s->mem_oob) {
681 sector = SECTOR(s->addr);
682 off = (s->addr & PAGE_MASK) + s->offset;
683 soff = SECTOR_OFFSET(s->addr);
684 if (blk_pread(s->blk, sector << BDRV_SECTOR_BITS,
685 PAGE_SECTORS << BDRV_SECTOR_BITS, iobuf, 0) < 0) {
686 printf("%s: read error in sector %" PRIu64 "\n", __func__, sector);
687 return;
688 }
689
690 mem_and(iobuf + (soff | off), s->io, MIN(s->iolen, NAND_PAGE_SIZE - off));
691 if (off + s->iolen > NAND_PAGE_SIZE) {
692 page = PAGE(s->addr);
693 mem_and(s->storage + (page << OOB_SHIFT), s->io + NAND_PAGE_SIZE - off,
694 MIN(OOB_SIZE, off + s->iolen - NAND_PAGE_SIZE));
695 }
696
697 if (blk_pwrite(s->blk, sector << BDRV_SECTOR_BITS,
698 PAGE_SECTORS << BDRV_SECTOR_BITS, iobuf, 0) < 0) {
699 printf("%s: write error in sector %" PRIu64 "\n", __func__, sector);
700 }
701 } else {
702 off = PAGE_START(s->addr) + (s->addr & PAGE_MASK) + s->offset;
703 sector = off >> 9;
704 soff = off & 0x1ff;
705 if (blk_pread(s->blk, sector << BDRV_SECTOR_BITS,
706 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, iobuf, 0) < 0) {
707 printf("%s: read error in sector %" PRIu64 "\n", __func__, sector);
708 return;
709 }
710
711 mem_and(iobuf + soff, s->io, s->iolen);
712
713 if (blk_pwrite(s->blk, sector << BDRV_SECTOR_BITS,
714 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, iobuf, 0) < 0) {
715 printf("%s: write error in sector %" PRIu64 "\n", __func__, sector);
716 }
717 }
718 s->offset = 0;
719 }
720
721 /* Erase a single block */
722 static void glue(nand_blk_erase_, NAND_PAGE_SIZE)(NANDFlashState *s)
723 {
724 uint64_t i, page, addr;
725 uint8_t iobuf[0x200] = { [0 ... 0x1ff] = 0xff, };
726 addr = s->addr & ~((1 << (ADDR_SHIFT + s->erase_shift)) - 1);
727
728 if (PAGE(addr) >= s->pages) {
729 return;
730 }
731
732 if (!s->blk) {
733 memset(s->storage + PAGE_START(addr),
734 0xff, (NAND_PAGE_SIZE + OOB_SIZE) << s->erase_shift);
735 } else if (s->mem_oob) {
736 memset(s->storage + (PAGE(addr) << OOB_SHIFT),
737 0xff, OOB_SIZE << s->erase_shift);
738 i = SECTOR(addr);
739 page = SECTOR(addr + (1 << (ADDR_SHIFT + s->erase_shift)));
740 for (; i < page; i ++)
741 if (blk_pwrite(s->blk, i << BDRV_SECTOR_BITS,
742 BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
743 printf("%s: write error in sector %" PRIu64 "\n", __func__, i);
744 }
745 } else {
746 addr = PAGE_START(addr);
747 page = addr >> 9;
748 if (blk_pread(s->blk, page << BDRV_SECTOR_BITS,
749 BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
750 printf("%s: read error in sector %" PRIu64 "\n", __func__, page);
751 }
752 memset(iobuf + (addr & 0x1ff), 0xff, (~addr & 0x1ff) + 1);
753 if (blk_pwrite(s->blk, page << BDRV_SECTOR_BITS,
754 BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
755 printf("%s: write error in sector %" PRIu64 "\n", __func__, page);
756 }
757
758 memset(iobuf, 0xff, 0x200);
759 i = (addr & ~0x1ff) + 0x200;
760 for (addr += ((NAND_PAGE_SIZE + OOB_SIZE) << s->erase_shift) - 0x200;
761 i < addr; i += 0x200) {
762 if (blk_pwrite(s->blk, i, BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
763 printf("%s: write error in sector %" PRIu64 "\n",
764 __func__, i >> 9);
765 }
766 }
767
768 page = i >> 9;
769 if (blk_pread(s->blk, page << BDRV_SECTOR_BITS,
770 BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
771 printf("%s: read error in sector %" PRIu64 "\n", __func__, page);
772 }
773 memset(iobuf, 0xff, ((addr - 1) & 0x1ff) + 1);
774 if (blk_pwrite(s->blk, page << BDRV_SECTOR_BITS,
775 BDRV_SECTOR_SIZE, iobuf, 0) < 0) {
776 printf("%s: write error in sector %" PRIu64 "\n", __func__, page);
777 }
778 }
779 }
780
781 static bool glue(nand_blk_load_, NAND_PAGE_SIZE)(NANDFlashState *s,
782 uint64_t addr, unsigned offset)
783 {
784 if (PAGE(addr) >= s->pages) {
785 return false;
786 }
787
788 if (offset > NAND_PAGE_SIZE + OOB_SIZE) {
789 return false;
790 }
791
792 if (s->blk) {
793 if (s->mem_oob) {
794 if (blk_pread(s->blk, SECTOR(addr) << BDRV_SECTOR_BITS,
795 PAGE_SECTORS << BDRV_SECTOR_BITS, s->io, 0) < 0) {
796 printf("%s: read error in sector %" PRIu64 "\n",
797 __func__, SECTOR(addr));
798 }
799 memcpy(s->io + SECTOR_OFFSET(s->addr) + NAND_PAGE_SIZE,
800 s->storage + (PAGE(s->addr) << OOB_SHIFT),
801 OOB_SIZE);
802 s->ioaddr = s->io + SECTOR_OFFSET(s->addr) + offset;
803 } else {
804 if (blk_pread(s->blk, PAGE_START(addr),
805 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, s->io, 0)
806 < 0) {
807 printf("%s: read error in sector %" PRIu64 "\n",
808 __func__, PAGE_START(addr) >> 9);
809 }
810 s->ioaddr = s->io + (PAGE_START(addr) & 0x1ff) + offset;
811 }
812 } else {
813 memcpy(s->io, s->storage + PAGE_START(s->addr) +
814 offset, NAND_PAGE_SIZE + OOB_SIZE - offset);
815 s->ioaddr = s->io;
816 }
817
818 return true;
819 }
820
821 static void glue(nand_init_, NAND_PAGE_SIZE)(NANDFlashState *s)
822 {
823 s->oob_shift = PAGE_SHIFT - 5;
824 s->pages = s->size >> PAGE_SHIFT;
825 s->addr_shift = ADDR_SHIFT;
826
827 s->blk_erase = glue(nand_blk_erase_, NAND_PAGE_SIZE);
828 s->blk_write = glue(nand_blk_write_, NAND_PAGE_SIZE);
829 s->blk_load = glue(nand_blk_load_, NAND_PAGE_SIZE);
830 }
831
832 # undef NAND_PAGE_SIZE
833 # undef PAGE_SHIFT
834 # undef PAGE_SECTORS
835 # undef ADDR_SHIFT
836 #endif /* NAND_IO */
837