1 /* 2 * Flash NAND memory emulation. Based on "16M x 8 Bit NAND Flash 3 * Memory" datasheet for the KM29U128AT / K9F2808U0A chips from 4 * Samsung Electronic. 5 * 6 * Copyright (c) 2006 Openedhand Ltd. 7 * Written by Andrzej Zaborowski <balrog@zabor.org> 8 * 9 * Support for additional features based on "MT29F2G16ABCWP 2Gx16" 10 * datasheet from Micron Technology and "NAND02G-B2C" datasheet 11 * from ST Microelectronics. 12 * 13 * This code is licensed under the GNU GPL v2. 14 * 15 * Contributions after 2012-01-13 are licensed under the terms of the 16 * GNU GPL, version 2 or (at your option) any later version. 17 */ 18 19 #ifndef NAND_IO 20 21 #include "qemu/osdep.h" 22 #include "hw/hw.h" 23 #include "hw/qdev-properties.h" 24 #include "hw/qdev-properties-system.h" 25 #include "hw/block/flash.h" 26 #include "sysemu/block-backend.h" 27 #include "migration/vmstate.h" 28 #include "qapi/error.h" 29 #include "qemu/error-report.h" 30 #include "qemu/module.h" 31 #include "qom/object.h" 32 33 # define NAND_CMD_READ0 0x00 34 # define NAND_CMD_READ1 0x01 35 # define NAND_CMD_READ2 0x50 36 # define NAND_CMD_LPREAD2 0x30 37 # define NAND_CMD_NOSERIALREAD2 0x35 38 # define NAND_CMD_RANDOMREAD1 0x05 39 # define NAND_CMD_RANDOMREAD2 0xe0 40 # define NAND_CMD_READID 0x90 41 # define NAND_CMD_RESET 0xff 42 # define NAND_CMD_PAGEPROGRAM1 0x80 43 # define NAND_CMD_PAGEPROGRAM2 0x10 44 # define NAND_CMD_CACHEPROGRAM2 0x15 45 # define NAND_CMD_BLOCKERASE1 0x60 46 # define NAND_CMD_BLOCKERASE2 0xd0 47 # define NAND_CMD_READSTATUS 0x70 48 # define NAND_CMD_COPYBACKPRG1 0x85 49 50 # define NAND_IOSTATUS_ERROR (1 << 0) 51 # define NAND_IOSTATUS_PLANE0 (1 << 1) 52 # define NAND_IOSTATUS_PLANE1 (1 << 2) 53 # define NAND_IOSTATUS_PLANE2 (1 << 3) 54 # define NAND_IOSTATUS_PLANE3 (1 << 4) 55 # define NAND_IOSTATUS_READY (1 << 6) 56 # define NAND_IOSTATUS_UNPROTCT (1 << 7) 57 58 # define MAX_PAGE 0x800 59 # define MAX_OOB 0x40 60 61 typedef struct NANDFlashState NANDFlashState; 62 struct NANDFlashState { 63 DeviceState parent_obj; 64 65 uint8_t manf_id, chip_id; 66 uint8_t buswidth; /* in BYTES */ 67 int size, pages; 68 int page_shift, oob_shift, erase_shift, addr_shift; 69 uint8_t *storage; 70 BlockBackend *blk; 71 int mem_oob; 72 73 uint8_t cle, ale, ce, wp, gnd; 74 75 uint8_t io[MAX_PAGE + MAX_OOB + 0x400]; 76 uint8_t *ioaddr; 77 int iolen; 78 79 uint32_t cmd; 80 uint64_t addr; 81 int addrlen; 82 int status; 83 int offset; 84 85 void (*blk_write)(NANDFlashState *s); 86 void (*blk_erase)(NANDFlashState *s); 87 /* 88 * Returns %true when block containing (@addr + @offset) is 89 * successfully loaded, otherwise %false. 90 */ 91 bool (*blk_load)(NANDFlashState *s, uint64_t addr, unsigned offset); 92 93 uint32_t ioaddr_vmstate; 94 }; 95 96 #define TYPE_NAND "nand" 97 OBJECT_DECLARE_SIMPLE_TYPE(NANDFlashState,NAND)98 OBJECT_DECLARE_SIMPLE_TYPE(NANDFlashState, NAND) 99 100 static void mem_and(uint8_t *dest, const uint8_t *src, size_t n) 101 { 102 /* Like memcpy() but we logical-AND the data into the destination */ 103 int i; 104 for (i = 0; i < n; i++) { 105 dest[i] &= src[i]; 106 } 107 } 108 109 # define NAND_NO_AUTOINCR 0x00000001 110 # define NAND_BUSWIDTH_16 0x00000002 111 # define NAND_NO_PADDING 0x00000004 112 # define NAND_CACHEPRG 0x00000008 113 # define NAND_COPYBACK 0x00000010 114 # define NAND_IS_AND 0x00000020 115 # define NAND_4PAGE_ARRAY 0x00000040 116 # define NAND_NO_READRDY 0x00000100 117 # define NAND_SAMSUNG_LP (NAND_NO_PADDING | NAND_COPYBACK) 118 119 # define NAND_IO 120 121 # define PAGE(addr) ((addr) >> ADDR_SHIFT) 122 # define PAGE_START(page) (PAGE(page) * (NAND_PAGE_SIZE + OOB_SIZE)) 123 # define PAGE_MASK ((1 << ADDR_SHIFT) - 1) 124 # define OOB_SHIFT (PAGE_SHIFT - 5) 125 # define OOB_SIZE (1 << OOB_SHIFT) 126 # define SECTOR(addr) ((addr) >> (9 + ADDR_SHIFT - PAGE_SHIFT)) 127 # define SECTOR_OFFSET(addr) ((addr) & ((511 >> PAGE_SHIFT) << 8)) 128 129 # define NAND_PAGE_SIZE 256 130 # define PAGE_SHIFT 8 131 # define PAGE_SECTORS 1 132 # define ADDR_SHIFT 8 133 # include "nand.c" 134 # define NAND_PAGE_SIZE 512 135 # define PAGE_SHIFT 9 136 # define PAGE_SECTORS 1 137 # define ADDR_SHIFT 8 138 # include "nand.c" 139 # define NAND_PAGE_SIZE 2048 140 # define PAGE_SHIFT 11 141 # define PAGE_SECTORS 4 142 # define ADDR_SHIFT 16 143 # include "nand.c" 144 145 /* Information based on Linux drivers/mtd/nand/raw/nand_ids.c */ 146 static const struct { 147 int size; 148 int width; 149 int page_shift; 150 int erase_shift; 151 uint32_t options; 152 } nand_flash_ids[0x100] = { 153 [0 ... 0xff] = { 0 }, 154 155 [0x6b] = { 4, 8, 9, 4, 0 }, 156 [0xe3] = { 4, 8, 9, 4, 0 }, 157 [0xe5] = { 4, 8, 9, 4, 0 }, 158 [0xd6] = { 8, 8, 9, 4, 0 }, 159 [0xe6] = { 8, 8, 9, 4, 0 }, 160 161 [0x33] = { 16, 8, 9, 5, 0 }, 162 [0x73] = { 16, 8, 9, 5, 0 }, 163 [0x43] = { 16, 16, 9, 5, NAND_BUSWIDTH_16 }, 164 [0x53] = { 16, 16, 9, 5, NAND_BUSWIDTH_16 }, 165 166 [0x35] = { 32, 8, 9, 5, 0 }, 167 [0x75] = { 32, 8, 9, 5, 0 }, 168 [0x45] = { 32, 16, 9, 5, NAND_BUSWIDTH_16 }, 169 [0x55] = { 32, 16, 9, 5, NAND_BUSWIDTH_16 }, 170 171 [0x36] = { 64, 8, 9, 5, 0 }, 172 [0x76] = { 64, 8, 9, 5, 0 }, 173 [0x46] = { 64, 16, 9, 5, NAND_BUSWIDTH_16 }, 174 [0x56] = { 64, 16, 9, 5, NAND_BUSWIDTH_16 }, 175 176 [0x78] = { 128, 8, 9, 5, 0 }, 177 [0x39] = { 128, 8, 9, 5, 0 }, 178 [0x79] = { 128, 8, 9, 5, 0 }, 179 [0x72] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, 180 [0x49] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, 181 [0x74] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, 182 [0x59] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, 183 184 [0x71] = { 256, 8, 9, 5, 0 }, 185 186 /* 187 * These are the new chips with large page size. The pagesize and the 188 * erasesize is determined from the extended id bytes 189 */ 190 # define LP_OPTIONS (NAND_SAMSUNG_LP | NAND_NO_READRDY | NAND_NO_AUTOINCR) 191 # define LP_OPTIONS16 (LP_OPTIONS | NAND_BUSWIDTH_16) 192 193 /* 512 Megabit */ 194 [0xa2] = { 64, 8, 0, 0, LP_OPTIONS }, 195 [0xf2] = { 64, 8, 0, 0, LP_OPTIONS }, 196 [0xb2] = { 64, 16, 0, 0, LP_OPTIONS16 }, 197 [0xc2] = { 64, 16, 0, 0, LP_OPTIONS16 }, 198 199 /* 1 Gigabit */ 200 [0xa1] = { 128, 8, 0, 0, LP_OPTIONS }, 201 [0xf1] = { 128, 8, 0, 0, LP_OPTIONS }, 202 [0xb1] = { 128, 16, 0, 0, LP_OPTIONS16 }, 203 [0xc1] = { 128, 16, 0, 0, LP_OPTIONS16 }, 204 205 /* 2 Gigabit */ 206 [0xaa] = { 256, 8, 0, 0, LP_OPTIONS }, 207 [0xda] = { 256, 8, 0, 0, LP_OPTIONS }, 208 [0xba] = { 256, 16, 0, 0, LP_OPTIONS16 }, 209 [0xca] = { 256, 16, 0, 0, LP_OPTIONS16 }, 210 211 /* 4 Gigabit */ 212 [0xac] = { 512, 8, 0, 0, LP_OPTIONS }, 213 [0xdc] = { 512, 8, 0, 0, LP_OPTIONS }, 214 [0xbc] = { 512, 16, 0, 0, LP_OPTIONS16 }, 215 [0xcc] = { 512, 16, 0, 0, LP_OPTIONS16 }, 216 217 /* 8 Gigabit */ 218 [0xa3] = { 1024, 8, 0, 0, LP_OPTIONS }, 219 [0xd3] = { 1024, 8, 0, 0, LP_OPTIONS }, 220 [0xb3] = { 1024, 16, 0, 0, LP_OPTIONS16 }, 221 [0xc3] = { 1024, 16, 0, 0, LP_OPTIONS16 }, 222 223 /* 16 Gigabit */ 224 [0xa5] = { 2048, 8, 0, 0, LP_OPTIONS }, 225 [0xd5] = { 2048, 8, 0, 0, LP_OPTIONS }, 226 [0xb5] = { 2048, 16, 0, 0, LP_OPTIONS16 }, 227 [0xc5] = { 2048, 16, 0, 0, LP_OPTIONS16 }, 228 }; 229 nand_reset(DeviceState * dev)230 static void nand_reset(DeviceState *dev) 231 { 232 NANDFlashState *s = NAND(dev); 233 s->cmd = NAND_CMD_READ0; 234 s->addr = 0; 235 s->addrlen = 0; 236 s->iolen = 0; 237 s->offset = 0; 238 s->status &= NAND_IOSTATUS_UNPROTCT; 239 s->status |= NAND_IOSTATUS_READY; 240 } 241 nand_pushio_byte(NANDFlashState * s,uint8_t value)242 static inline void nand_pushio_byte(NANDFlashState *s, uint8_t value) 243 { 244 s->ioaddr[s->iolen++] = value; 245 for (value = s->buswidth; --value;) { 246 s->ioaddr[s->iolen++] = 0; 247 } 248 } 249 250 /* 251 * nand_load_block: Load block containing (s->addr + @offset). 252 * Returns length of data available at @offset in this block. 253 */ nand_load_block(NANDFlashState * s,unsigned offset)254 static unsigned nand_load_block(NANDFlashState *s, unsigned offset) 255 { 256 unsigned iolen; 257 258 if (!s->blk_load(s, s->addr, offset)) { 259 return 0; 260 } 261 262 iolen = (1 << s->page_shift); 263 if (s->gnd) { 264 iolen += 1 << s->oob_shift; 265 } 266 assert(offset <= iolen); 267 iolen -= offset; 268 269 return iolen; 270 } 271 nand_command(NANDFlashState * s)272 static void nand_command(NANDFlashState *s) 273 { 274 switch (s->cmd) { 275 case NAND_CMD_READ0: 276 s->iolen = 0; 277 break; 278 279 case NAND_CMD_READID: 280 s->ioaddr = s->io; 281 s->iolen = 0; 282 nand_pushio_byte(s, s->manf_id); 283 nand_pushio_byte(s, s->chip_id); 284 nand_pushio_byte(s, 'Q'); /* Don't-care byte (often 0xa5) */ 285 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) { 286 /* Page Size, Block Size, Spare Size; bit 6 indicates 287 * 8 vs 16 bit width NAND. 288 */ 289 nand_pushio_byte(s, (s->buswidth == 2) ? 0x55 : 0x15); 290 } else { 291 nand_pushio_byte(s, 0xc0); /* Multi-plane */ 292 } 293 break; 294 295 case NAND_CMD_RANDOMREAD2: 296 case NAND_CMD_NOSERIALREAD2: 297 if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP)) 298 break; 299 s->iolen = nand_load_block(s, s->addr & ((1 << s->addr_shift) - 1)); 300 break; 301 302 case NAND_CMD_RESET: 303 nand_reset(DEVICE(s)); 304 break; 305 306 case NAND_CMD_PAGEPROGRAM1: 307 s->ioaddr = s->io; 308 s->iolen = 0; 309 break; 310 311 case NAND_CMD_PAGEPROGRAM2: 312 if (s->wp) { 313 s->blk_write(s); 314 } 315 break; 316 317 case NAND_CMD_BLOCKERASE1: 318 break; 319 320 case NAND_CMD_BLOCKERASE2: 321 s->addr &= (1ull << s->addrlen * 8) - 1; 322 s->addr <<= nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP ? 323 16 : 8; 324 325 if (s->wp) { 326 s->blk_erase(s); 327 } 328 break; 329 330 case NAND_CMD_READSTATUS: 331 s->ioaddr = s->io; 332 s->iolen = 0; 333 nand_pushio_byte(s, s->status); 334 break; 335 336 default: 337 printf("%s: Unknown NAND command 0x%02x\n", __func__, s->cmd); 338 } 339 } 340 nand_pre_save(void * opaque)341 static int nand_pre_save(void *opaque) 342 { 343 NANDFlashState *s = NAND(opaque); 344 345 s->ioaddr_vmstate = s->ioaddr - s->io; 346 347 return 0; 348 } 349 nand_post_load(void * opaque,int version_id)350 static int nand_post_load(void *opaque, int version_id) 351 { 352 NANDFlashState *s = NAND(opaque); 353 354 if (s->ioaddr_vmstate > sizeof(s->io)) { 355 return -EINVAL; 356 } 357 s->ioaddr = s->io + s->ioaddr_vmstate; 358 359 return 0; 360 } 361 362 static const VMStateDescription vmstate_nand = { 363 .name = "nand", 364 .version_id = 1, 365 .minimum_version_id = 1, 366 .pre_save = nand_pre_save, 367 .post_load = nand_post_load, 368 .fields = (const VMStateField[]) { 369 VMSTATE_UINT8(cle, NANDFlashState), 370 VMSTATE_UINT8(ale, NANDFlashState), 371 VMSTATE_UINT8(ce, NANDFlashState), 372 VMSTATE_UINT8(wp, NANDFlashState), 373 VMSTATE_UINT8(gnd, NANDFlashState), 374 VMSTATE_BUFFER(io, NANDFlashState), 375 VMSTATE_UINT32(ioaddr_vmstate, NANDFlashState), 376 VMSTATE_INT32(iolen, NANDFlashState), 377 VMSTATE_UINT32(cmd, NANDFlashState), 378 VMSTATE_UINT64(addr, NANDFlashState), 379 VMSTATE_INT32(addrlen, NANDFlashState), 380 VMSTATE_INT32(status, NANDFlashState), 381 VMSTATE_INT32(offset, NANDFlashState), 382 /* XXX: do we want to save s->storage too? */ 383 VMSTATE_END_OF_LIST() 384 } 385 }; 386 nand_realize(DeviceState * dev,Error ** errp)387 static void nand_realize(DeviceState *dev, Error **errp) 388 { 389 int pagesize; 390 NANDFlashState *s = NAND(dev); 391 int ret; 392 393 394 s->buswidth = nand_flash_ids[s->chip_id].width >> 3; 395 s->size = nand_flash_ids[s->chip_id].size << 20; 396 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) { 397 s->page_shift = 11; 398 s->erase_shift = 6; 399 } else { 400 s->page_shift = nand_flash_ids[s->chip_id].page_shift; 401 s->erase_shift = nand_flash_ids[s->chip_id].erase_shift; 402 } 403 404 switch (1 << s->page_shift) { 405 case 256: 406 nand_init_256(s); 407 break; 408 case 512: 409 nand_init_512(s); 410 break; 411 case 2048: 412 nand_init_2048(s); 413 break; 414 default: 415 error_setg(errp, "Unsupported NAND block size %#x", 416 1 << s->page_shift); 417 return; 418 } 419 420 pagesize = 1 << s->oob_shift; 421 s->mem_oob = 1; 422 if (s->blk) { 423 if (!blk_supports_write_perm(s->blk)) { 424 error_setg(errp, "Can't use a read-only drive"); 425 return; 426 } 427 ret = blk_set_perm(s->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE, 428 BLK_PERM_ALL, errp); 429 if (ret < 0) { 430 return; 431 } 432 if (blk_getlength(s->blk) >= 433 (s->pages << s->page_shift) + (s->pages << s->oob_shift)) { 434 pagesize = 0; 435 s->mem_oob = 0; 436 } 437 } else { 438 pagesize += 1 << s->page_shift; 439 } 440 if (pagesize) { 441 s->storage = (uint8_t *) memset(g_malloc(s->pages * pagesize), 442 0xff, s->pages * pagesize); 443 } 444 /* Give s->ioaddr a sane value in case we save state before it is used. */ 445 s->ioaddr = s->io; 446 } 447 448 static Property nand_properties[] = { 449 DEFINE_PROP_UINT8("manufacturer_id", NANDFlashState, manf_id, 0), 450 DEFINE_PROP_UINT8("chip_id", NANDFlashState, chip_id, 0), 451 DEFINE_PROP_DRIVE("drive", NANDFlashState, blk), 452 DEFINE_PROP_END_OF_LIST(), 453 }; 454 nand_class_init(ObjectClass * klass,void * data)455 static void nand_class_init(ObjectClass *klass, void *data) 456 { 457 DeviceClass *dc = DEVICE_CLASS(klass); 458 459 dc->realize = nand_realize; 460 device_class_set_legacy_reset(dc, nand_reset); 461 dc->vmsd = &vmstate_nand; 462 device_class_set_props(dc, nand_properties); 463 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); 464 } 465 466 static const TypeInfo nand_info = { 467 .name = TYPE_NAND, 468 .parent = TYPE_DEVICE, 469 .instance_size = sizeof(NANDFlashState), 470 .class_init = nand_class_init, 471 }; 472 nand_register_types(void)473 static void nand_register_types(void) 474 { 475 type_register_static(&nand_info); 476 } 477 478 /* 479 * Chip inputs are CLE, ALE, CE, WP, GND and eight I/O pins. Chip 480 * outputs are R/B and eight I/O pins. 481 * 482 * CE, WP and R/B are active low. 483 */ nand_setpins(DeviceState * dev,uint8_t cle,uint8_t ale,uint8_t ce,uint8_t wp,uint8_t gnd)484 void nand_setpins(DeviceState *dev, uint8_t cle, uint8_t ale, 485 uint8_t ce, uint8_t wp, uint8_t gnd) 486 { 487 NANDFlashState *s = NAND(dev); 488 489 s->cle = cle; 490 s->ale = ale; 491 s->ce = ce; 492 s->wp = wp; 493 s->gnd = gnd; 494 if (wp) { 495 s->status |= NAND_IOSTATUS_UNPROTCT; 496 } else { 497 s->status &= ~NAND_IOSTATUS_UNPROTCT; 498 } 499 } 500 nand_getpins(DeviceState * dev,int * rb)501 void nand_getpins(DeviceState *dev, int *rb) 502 { 503 *rb = 1; 504 } 505 nand_setio(DeviceState * dev,uint32_t value)506 void nand_setio(DeviceState *dev, uint32_t value) 507 { 508 int i; 509 NANDFlashState *s = NAND(dev); 510 511 if (!s->ce && s->cle) { 512 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) { 513 if (s->cmd == NAND_CMD_READ0 && value == NAND_CMD_LPREAD2) 514 return; 515 if (value == NAND_CMD_RANDOMREAD1) { 516 s->addr &= ~((1 << s->addr_shift) - 1); 517 s->addrlen = 0; 518 return; 519 } 520 } 521 if (value == NAND_CMD_READ0) { 522 s->offset = 0; 523 } else if (value == NAND_CMD_READ1) { 524 s->offset = 0x100; 525 value = NAND_CMD_READ0; 526 } else if (value == NAND_CMD_READ2) { 527 s->offset = 1 << s->page_shift; 528 value = NAND_CMD_READ0; 529 } 530 531 s->cmd = value; 532 533 if (s->cmd == NAND_CMD_READSTATUS || 534 s->cmd == NAND_CMD_PAGEPROGRAM2 || 535 s->cmd == NAND_CMD_BLOCKERASE1 || 536 s->cmd == NAND_CMD_BLOCKERASE2 || 537 s->cmd == NAND_CMD_NOSERIALREAD2 || 538 s->cmd == NAND_CMD_RANDOMREAD2 || 539 s->cmd == NAND_CMD_RESET) { 540 nand_command(s); 541 } 542 543 if (s->cmd != NAND_CMD_RANDOMREAD2) { 544 s->addrlen = 0; 545 } 546 } 547 548 if (s->ale) { 549 unsigned int shift = s->addrlen * 8; 550 uint64_t mask = ~(0xffull << shift); 551 uint64_t v = (uint64_t)value << shift; 552 553 s->addr = (s->addr & mask) | v; 554 s->addrlen ++; 555 556 switch (s->addrlen) { 557 case 1: 558 if (s->cmd == NAND_CMD_READID) { 559 nand_command(s); 560 } 561 break; 562 case 2: /* fix cache address as a byte address */ 563 s->addr <<= (s->buswidth - 1); 564 break; 565 case 3: 566 if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) && 567 (s->cmd == NAND_CMD_READ0 || 568 s->cmd == NAND_CMD_PAGEPROGRAM1)) { 569 nand_command(s); 570 } 571 break; 572 case 4: 573 if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) && 574 nand_flash_ids[s->chip_id].size < 256 && /* 1Gb or less */ 575 (s->cmd == NAND_CMD_READ0 || 576 s->cmd == NAND_CMD_PAGEPROGRAM1)) { 577 nand_command(s); 578 } 579 break; 580 case 5: 581 if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) && 582 nand_flash_ids[s->chip_id].size >= 256 && /* 2Gb or more */ 583 (s->cmd == NAND_CMD_READ0 || 584 s->cmd == NAND_CMD_PAGEPROGRAM1)) { 585 nand_command(s); 586 } 587 break; 588 default: 589 break; 590 } 591 } 592 593 if (!s->cle && !s->ale && s->cmd == NAND_CMD_PAGEPROGRAM1) { 594 if (s->iolen < (1 << s->page_shift) + (1 << s->oob_shift)) { 595 for (i = s->buswidth; i--; value >>= 8) { 596 s->io[s->iolen ++] = (uint8_t) (value & 0xff); 597 } 598 } 599 } else if (!s->cle && !s->ale && s->cmd == NAND_CMD_COPYBACKPRG1) { 600 if ((s->addr & ((1 << s->addr_shift) - 1)) < 601 (1 << s->page_shift) + (1 << s->oob_shift)) { 602 for (i = s->buswidth; i--; s->addr++, value >>= 8) { 603 s->io[s->iolen + (s->addr & ((1 << s->addr_shift) - 1))] = 604 (uint8_t) (value & 0xff); 605 } 606 } 607 } 608 } 609 nand_getio(DeviceState * dev)610 uint32_t nand_getio(DeviceState *dev) 611 { 612 int offset; 613 uint32_t x = 0; 614 NANDFlashState *s = NAND(dev); 615 616 /* Allow sequential reading */ 617 if (!s->iolen && s->cmd == NAND_CMD_READ0) { 618 offset = (int) (s->addr & ((1 << s->addr_shift) - 1)) + s->offset; 619 s->offset = 0; 620 s->iolen = nand_load_block(s, offset); 621 } 622 623 if (s->ce || s->iolen <= 0) { 624 return 0; 625 } 626 627 for (offset = s->buswidth; offset--;) { 628 x |= s->ioaddr[offset] << (offset << 3); 629 } 630 /* after receiving READ STATUS command all subsequent reads will 631 * return the status register value until another command is issued 632 */ 633 if (s->cmd != NAND_CMD_READSTATUS) { 634 s->addr += s->buswidth; 635 s->ioaddr += s->buswidth; 636 s->iolen -= s->buswidth; 637 } 638 return x; 639 } 640 nand_getbuswidth(DeviceState * dev)641 uint32_t nand_getbuswidth(DeviceState *dev) 642 { 643 NANDFlashState *s = (NANDFlashState *) dev; 644 return s->buswidth << 3; 645 } 646 nand_init(BlockBackend * blk,int manf_id,int chip_id)647 DeviceState *nand_init(BlockBackend *blk, int manf_id, int chip_id) 648 { 649 DeviceState *dev; 650 651 if (nand_flash_ids[chip_id].size == 0) { 652 hw_error("%s: Unsupported NAND chip ID.\n", __func__); 653 } 654 dev = qdev_new(TYPE_NAND); 655 qdev_prop_set_uint8(dev, "manufacturer_id", manf_id); 656 qdev_prop_set_uint8(dev, "chip_id", chip_id); 657 if (blk) { 658 qdev_prop_set_drive_err(dev, "drive", blk, &error_fatal); 659 } 660 661 qdev_realize(dev, NULL, &error_fatal); 662 return dev; 663 } 664 665 type_init(nand_register_types) 666 667 #else 668 669 /* Program a single page */ 670 static void glue(nand_blk_write_, NAND_PAGE_SIZE)(NANDFlashState *s) 671 { 672 uint64_t off, page, sector, soff; 673 uint8_t iobuf[(PAGE_SECTORS + 2) * 0x200]; 674 if (PAGE(s->addr) >= s->pages) 675 return; 676 677 if (!s->blk) { 678 mem_and(s->storage + PAGE_START(s->addr) + (s->addr & PAGE_MASK) + 679 s->offset, s->io, s->iolen); 680 } else if (s->mem_oob) { 681 sector = SECTOR(s->addr); 682 off = (s->addr & PAGE_MASK) + s->offset; 683 soff = SECTOR_OFFSET(s->addr); 684 if (blk_pread(s->blk, sector << BDRV_SECTOR_BITS, 685 PAGE_SECTORS << BDRV_SECTOR_BITS, iobuf, 0) < 0) { 686 printf("%s: read error in sector %" PRIu64 "\n", __func__, sector); 687 return; 688 } 689 690 mem_and(iobuf + (soff | off), s->io, MIN(s->iolen, NAND_PAGE_SIZE - off)); 691 if (off + s->iolen > NAND_PAGE_SIZE) { 692 page = PAGE(s->addr); 693 mem_and(s->storage + (page << OOB_SHIFT), s->io + NAND_PAGE_SIZE - off, 694 MIN(OOB_SIZE, off + s->iolen - NAND_PAGE_SIZE)); 695 } 696 697 if (blk_pwrite(s->blk, sector << BDRV_SECTOR_BITS, 698 PAGE_SECTORS << BDRV_SECTOR_BITS, iobuf, 0) < 0) { 699 printf("%s: write error in sector %" PRIu64 "\n", __func__, sector); 700 } 701 } else { 702 off = PAGE_START(s->addr) + (s->addr & PAGE_MASK) + s->offset; 703 sector = off >> 9; 704 soff = off & 0x1ff; 705 if (blk_pread(s->blk, sector << BDRV_SECTOR_BITS, 706 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, iobuf, 0) < 0) { 707 printf("%s: read error in sector %" PRIu64 "\n", __func__, sector); 708 return; 709 } 710 711 mem_and(iobuf + soff, s->io, s->iolen); 712 713 if (blk_pwrite(s->blk, sector << BDRV_SECTOR_BITS, 714 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, iobuf, 0) < 0) { 715 printf("%s: write error in sector %" PRIu64 "\n", __func__, sector); 716 } 717 } 718 s->offset = 0; 719 } 720 721 /* Erase a single block */ 722 static void glue(nand_blk_erase_, NAND_PAGE_SIZE)(NANDFlashState *s) 723 { 724 uint64_t i, page, addr; 725 uint8_t iobuf[0x200] = { [0 ... 0x1ff] = 0xff, }; 726 addr = s->addr & ~((1 << (ADDR_SHIFT + s->erase_shift)) - 1); 727 728 if (PAGE(addr) >= s->pages) { 729 return; 730 } 731 732 if (!s->blk) { 733 memset(s->storage + PAGE_START(addr), 734 0xff, (NAND_PAGE_SIZE + OOB_SIZE) << s->erase_shift); 735 } else if (s->mem_oob) { 736 memset(s->storage + (PAGE(addr) << OOB_SHIFT), 737 0xff, OOB_SIZE << s->erase_shift); 738 i = SECTOR(addr); 739 page = SECTOR(addr + (1 << (ADDR_SHIFT + s->erase_shift))); 740 for (; i < page; i ++) 741 if (blk_pwrite(s->blk, i << BDRV_SECTOR_BITS, 742 BDRV_SECTOR_SIZE, iobuf, 0) < 0) { 743 printf("%s: write error in sector %" PRIu64 "\n", __func__, i); 744 } 745 } else { 746 addr = PAGE_START(addr); 747 page = addr >> 9; 748 if (blk_pread(s->blk, page << BDRV_SECTOR_BITS, 749 BDRV_SECTOR_SIZE, iobuf, 0) < 0) { 750 printf("%s: read error in sector %" PRIu64 "\n", __func__, page); 751 } 752 memset(iobuf + (addr & 0x1ff), 0xff, (~addr & 0x1ff) + 1); 753 if (blk_pwrite(s->blk, page << BDRV_SECTOR_BITS, 754 BDRV_SECTOR_SIZE, iobuf, 0) < 0) { 755 printf("%s: write error in sector %" PRIu64 "\n", __func__, page); 756 } 757 758 memset(iobuf, 0xff, 0x200); 759 i = (addr & ~0x1ff) + 0x200; 760 for (addr += ((NAND_PAGE_SIZE + OOB_SIZE) << s->erase_shift) - 0x200; 761 i < addr; i += 0x200) { 762 if (blk_pwrite(s->blk, i, BDRV_SECTOR_SIZE, iobuf, 0) < 0) { 763 printf("%s: write error in sector %" PRIu64 "\n", 764 __func__, i >> 9); 765 } 766 } 767 768 page = i >> 9; 769 if (blk_pread(s->blk, page << BDRV_SECTOR_BITS, 770 BDRV_SECTOR_SIZE, iobuf, 0) < 0) { 771 printf("%s: read error in sector %" PRIu64 "\n", __func__, page); 772 } 773 memset(iobuf, 0xff, ((addr - 1) & 0x1ff) + 1); 774 if (blk_pwrite(s->blk, page << BDRV_SECTOR_BITS, 775 BDRV_SECTOR_SIZE, iobuf, 0) < 0) { 776 printf("%s: write error in sector %" PRIu64 "\n", __func__, page); 777 } 778 } 779 } 780 781 static bool glue(nand_blk_load_, NAND_PAGE_SIZE)(NANDFlashState *s, 782 uint64_t addr, unsigned offset) 783 { 784 if (PAGE(addr) >= s->pages) { 785 return false; 786 } 787 788 if (offset > NAND_PAGE_SIZE + OOB_SIZE) { 789 return false; 790 } 791 792 if (s->blk) { 793 if (s->mem_oob) { 794 if (blk_pread(s->blk, SECTOR(addr) << BDRV_SECTOR_BITS, 795 PAGE_SECTORS << BDRV_SECTOR_BITS, s->io, 0) < 0) { 796 printf("%s: read error in sector %" PRIu64 "\n", 797 __func__, SECTOR(addr)); 798 } 799 memcpy(s->io + SECTOR_OFFSET(s->addr) + NAND_PAGE_SIZE, 800 s->storage + (PAGE(s->addr) << OOB_SHIFT), 801 OOB_SIZE); 802 s->ioaddr = s->io + SECTOR_OFFSET(s->addr) + offset; 803 } else { 804 if (blk_pread(s->blk, PAGE_START(addr), 805 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, s->io, 0) 806 < 0) { 807 printf("%s: read error in sector %" PRIu64 "\n", 808 __func__, PAGE_START(addr) >> 9); 809 } 810 s->ioaddr = s->io + (PAGE_START(addr) & 0x1ff) + offset; 811 } 812 } else { 813 memcpy(s->io, s->storage + PAGE_START(s->addr) + 814 offset, NAND_PAGE_SIZE + OOB_SIZE - offset); 815 s->ioaddr = s->io; 816 } 817 818 return true; 819 } 820 821 static void glue(nand_init_, NAND_PAGE_SIZE)(NANDFlashState *s) 822 { 823 s->oob_shift = PAGE_SHIFT - 5; 824 s->pages = s->size >> PAGE_SHIFT; 825 s->addr_shift = ADDR_SHIFT; 826 827 s->blk_erase = glue(nand_blk_erase_, NAND_PAGE_SIZE); 828 s->blk_write = glue(nand_blk_write_, NAND_PAGE_SIZE); 829 s->blk_load = glue(nand_blk_load_, NAND_PAGE_SIZE); 830 } 831 832 # undef NAND_PAGE_SIZE 833 # undef PAGE_SHIFT 834 # undef PAGE_SECTORS 835 # undef ADDR_SHIFT 836 #endif /* NAND_IO */ 837