xref: /openbmc/qemu/hw/block/nand.c (revision 64552b6b)
1 /*
2  * Flash NAND memory emulation.  Based on "16M x 8 Bit NAND Flash
3  * Memory" datasheet for the KM29U128AT / K9F2808U0A chips from
4  * Samsung Electronic.
5  *
6  * Copyright (c) 2006 Openedhand Ltd.
7  * Written by Andrzej Zaborowski <balrog@zabor.org>
8  *
9  * Support for additional features based on "MT29F2G16ABCWP 2Gx16"
10  * datasheet from Micron Technology and "NAND02G-B2C" datasheet
11  * from ST Microelectronics.
12  *
13  * This code is licensed under the GNU GPL v2.
14  *
15  * Contributions after 2012-01-13 are licensed under the terms of the
16  * GNU GPL, version 2 or (at your option) any later version.
17  */
18 
19 #ifndef NAND_IO
20 
21 #include "qemu/osdep.h"
22 #include "hw/hw.h"
23 #include "hw/block/flash.h"
24 #include "sysemu/block-backend.h"
25 #include "hw/qdev.h"
26 #include "qapi/error.h"
27 #include "qemu/error-report.h"
28 #include "qemu/module.h"
29 
30 # define NAND_CMD_READ0		0x00
31 # define NAND_CMD_READ1		0x01
32 # define NAND_CMD_READ2		0x50
33 # define NAND_CMD_LPREAD2	0x30
34 # define NAND_CMD_NOSERIALREAD2	0x35
35 # define NAND_CMD_RANDOMREAD1	0x05
36 # define NAND_CMD_RANDOMREAD2	0xe0
37 # define NAND_CMD_READID	0x90
38 # define NAND_CMD_RESET		0xff
39 # define NAND_CMD_PAGEPROGRAM1	0x80
40 # define NAND_CMD_PAGEPROGRAM2	0x10
41 # define NAND_CMD_CACHEPROGRAM2	0x15
42 # define NAND_CMD_BLOCKERASE1	0x60
43 # define NAND_CMD_BLOCKERASE2	0xd0
44 # define NAND_CMD_READSTATUS	0x70
45 # define NAND_CMD_COPYBACKPRG1	0x85
46 
47 # define NAND_IOSTATUS_ERROR	(1 << 0)
48 # define NAND_IOSTATUS_PLANE0	(1 << 1)
49 # define NAND_IOSTATUS_PLANE1	(1 << 2)
50 # define NAND_IOSTATUS_PLANE2	(1 << 3)
51 # define NAND_IOSTATUS_PLANE3	(1 << 4)
52 # define NAND_IOSTATUS_READY    (1 << 6)
53 # define NAND_IOSTATUS_UNPROTCT	(1 << 7)
54 
55 # define MAX_PAGE		0x800
56 # define MAX_OOB		0x40
57 
58 typedef struct NANDFlashState NANDFlashState;
59 struct NANDFlashState {
60     DeviceState parent_obj;
61 
62     uint8_t manf_id, chip_id;
63     uint8_t buswidth; /* in BYTES */
64     int size, pages;
65     int page_shift, oob_shift, erase_shift, addr_shift;
66     uint8_t *storage;
67     BlockBackend *blk;
68     int mem_oob;
69 
70     uint8_t cle, ale, ce, wp, gnd;
71 
72     uint8_t io[MAX_PAGE + MAX_OOB + 0x400];
73     uint8_t *ioaddr;
74     int iolen;
75 
76     uint32_t cmd;
77     uint64_t addr;
78     int addrlen;
79     int status;
80     int offset;
81 
82     void (*blk_write)(NANDFlashState *s);
83     void (*blk_erase)(NANDFlashState *s);
84     void (*blk_load)(NANDFlashState *s, uint64_t addr, int offset);
85 
86     uint32_t ioaddr_vmstate;
87 };
88 
89 #define TYPE_NAND "nand"
90 
91 #define NAND(obj) \
92     OBJECT_CHECK(NANDFlashState, (obj), TYPE_NAND)
93 
94 static void mem_and(uint8_t *dest, const uint8_t *src, size_t n)
95 {
96     /* Like memcpy() but we logical-AND the data into the destination */
97     int i;
98     for (i = 0; i < n; i++) {
99         dest[i] &= src[i];
100     }
101 }
102 
103 # define NAND_NO_AUTOINCR	0x00000001
104 # define NAND_BUSWIDTH_16	0x00000002
105 # define NAND_NO_PADDING	0x00000004
106 # define NAND_CACHEPRG		0x00000008
107 # define NAND_COPYBACK		0x00000010
108 # define NAND_IS_AND		0x00000020
109 # define NAND_4PAGE_ARRAY	0x00000040
110 # define NAND_NO_READRDY	0x00000100
111 # define NAND_SAMSUNG_LP	(NAND_NO_PADDING | NAND_COPYBACK)
112 
113 # define NAND_IO
114 
115 # define PAGE(addr)		((addr) >> ADDR_SHIFT)
116 # define PAGE_START(page)	(PAGE(page) * (PAGE_SIZE + OOB_SIZE))
117 # define PAGE_MASK		((1 << ADDR_SHIFT) - 1)
118 # define OOB_SHIFT		(PAGE_SHIFT - 5)
119 # define OOB_SIZE		(1 << OOB_SHIFT)
120 # define SECTOR(addr)		((addr) >> (9 + ADDR_SHIFT - PAGE_SHIFT))
121 # define SECTOR_OFFSET(addr)	((addr) & ((511 >> PAGE_SHIFT) << 8))
122 
123 # define PAGE_SIZE		256
124 # define PAGE_SHIFT		8
125 # define PAGE_SECTORS		1
126 # define ADDR_SHIFT		8
127 # include "nand.c"
128 # define PAGE_SIZE		512
129 # define PAGE_SHIFT		9
130 # define PAGE_SECTORS		1
131 # define ADDR_SHIFT		8
132 # include "nand.c"
133 # define PAGE_SIZE		2048
134 # define PAGE_SHIFT		11
135 # define PAGE_SECTORS		4
136 # define ADDR_SHIFT		16
137 # include "nand.c"
138 
139 /* Information based on Linux drivers/mtd/nand/nand_ids.c */
140 static const struct {
141     int size;
142     int width;
143     int page_shift;
144     int erase_shift;
145     uint32_t options;
146 } nand_flash_ids[0x100] = {
147     [0 ... 0xff] = { 0 },
148 
149     [0x6e] = { 1,	8,	8, 4, 0 },
150     [0x64] = { 2,	8,	8, 4, 0 },
151     [0x6b] = { 4,	8,	9, 4, 0 },
152     [0xe8] = { 1,	8,	8, 4, 0 },
153     [0xec] = { 1,	8,	8, 4, 0 },
154     [0xea] = { 2,	8,	8, 4, 0 },
155     [0xd5] = { 4,	8,	9, 4, 0 },
156     [0xe3] = { 4,	8,	9, 4, 0 },
157     [0xe5] = { 4,	8,	9, 4, 0 },
158     [0xd6] = { 8,	8,	9, 4, 0 },
159 
160     [0x39] = { 8,	8,	9, 4, 0 },
161     [0xe6] = { 8,	8,	9, 4, 0 },
162     [0x49] = { 8,	16,	9, 4, NAND_BUSWIDTH_16 },
163     [0x59] = { 8,	16,	9, 4, NAND_BUSWIDTH_16 },
164 
165     [0x33] = { 16,	8,	9, 5, 0 },
166     [0x73] = { 16,	8,	9, 5, 0 },
167     [0x43] = { 16,	16,	9, 5, NAND_BUSWIDTH_16 },
168     [0x53] = { 16,	16,	9, 5, NAND_BUSWIDTH_16 },
169 
170     [0x35] = { 32,	8,	9, 5, 0 },
171     [0x75] = { 32,	8,	9, 5, 0 },
172     [0x45] = { 32,	16,	9, 5, NAND_BUSWIDTH_16 },
173     [0x55] = { 32,	16,	9, 5, NAND_BUSWIDTH_16 },
174 
175     [0x36] = { 64,	8,	9, 5, 0 },
176     [0x76] = { 64,	8,	9, 5, 0 },
177     [0x46] = { 64,	16,	9, 5, NAND_BUSWIDTH_16 },
178     [0x56] = { 64,	16,	9, 5, NAND_BUSWIDTH_16 },
179 
180     [0x78] = { 128,	8,	9, 5, 0 },
181     [0x39] = { 128,	8,	9, 5, 0 },
182     [0x79] = { 128,	8,	9, 5, 0 },
183     [0x72] = { 128,	16,	9, 5, NAND_BUSWIDTH_16 },
184     [0x49] = { 128,	16,	9, 5, NAND_BUSWIDTH_16 },
185     [0x74] = { 128,	16,	9, 5, NAND_BUSWIDTH_16 },
186     [0x59] = { 128,	16,	9, 5, NAND_BUSWIDTH_16 },
187 
188     [0x71] = { 256,	8,	9, 5, 0 },
189 
190     /*
191      * These are the new chips with large page size. The pagesize and the
192      * erasesize is determined from the extended id bytes
193      */
194 # define LP_OPTIONS	(NAND_SAMSUNG_LP | NAND_NO_READRDY | NAND_NO_AUTOINCR)
195 # define LP_OPTIONS16	(LP_OPTIONS | NAND_BUSWIDTH_16)
196 
197     /* 512 Megabit */
198     [0xa2] = { 64,	8,	0, 0, LP_OPTIONS },
199     [0xf2] = { 64,	8,	0, 0, LP_OPTIONS },
200     [0xb2] = { 64,	16,	0, 0, LP_OPTIONS16 },
201     [0xc2] = { 64,	16,	0, 0, LP_OPTIONS16 },
202 
203     /* 1 Gigabit */
204     [0xa1] = { 128,	8,	0, 0, LP_OPTIONS },
205     [0xf1] = { 128,	8,	0, 0, LP_OPTIONS },
206     [0xb1] = { 128,	16,	0, 0, LP_OPTIONS16 },
207     [0xc1] = { 128,	16,	0, 0, LP_OPTIONS16 },
208 
209     /* 2 Gigabit */
210     [0xaa] = { 256,	8,	0, 0, LP_OPTIONS },
211     [0xda] = { 256,	8,	0, 0, LP_OPTIONS },
212     [0xba] = { 256,	16,	0, 0, LP_OPTIONS16 },
213     [0xca] = { 256,	16,	0, 0, LP_OPTIONS16 },
214 
215     /* 4 Gigabit */
216     [0xac] = { 512,	8,	0, 0, LP_OPTIONS },
217     [0xdc] = { 512,	8,	0, 0, LP_OPTIONS },
218     [0xbc] = { 512,	16,	0, 0, LP_OPTIONS16 },
219     [0xcc] = { 512,	16,	0, 0, LP_OPTIONS16 },
220 
221     /* 8 Gigabit */
222     [0xa3] = { 1024,	8,	0, 0, LP_OPTIONS },
223     [0xd3] = { 1024,	8,	0, 0, LP_OPTIONS },
224     [0xb3] = { 1024,	16,	0, 0, LP_OPTIONS16 },
225     [0xc3] = { 1024,	16,	0, 0, LP_OPTIONS16 },
226 
227     /* 16 Gigabit */
228     [0xa5] = { 2048,	8,	0, 0, LP_OPTIONS },
229     [0xd5] = { 2048,	8,	0, 0, LP_OPTIONS },
230     [0xb5] = { 2048,	16,	0, 0, LP_OPTIONS16 },
231     [0xc5] = { 2048,	16,	0, 0, LP_OPTIONS16 },
232 };
233 
234 static void nand_reset(DeviceState *dev)
235 {
236     NANDFlashState *s = NAND(dev);
237     s->cmd = NAND_CMD_READ0;
238     s->addr = 0;
239     s->addrlen = 0;
240     s->iolen = 0;
241     s->offset = 0;
242     s->status &= NAND_IOSTATUS_UNPROTCT;
243     s->status |= NAND_IOSTATUS_READY;
244 }
245 
246 static inline void nand_pushio_byte(NANDFlashState *s, uint8_t value)
247 {
248     s->ioaddr[s->iolen++] = value;
249     for (value = s->buswidth; --value;) {
250         s->ioaddr[s->iolen++] = 0;
251     }
252 }
253 
254 static void nand_command(NANDFlashState *s)
255 {
256     unsigned int offset;
257     switch (s->cmd) {
258     case NAND_CMD_READ0:
259         s->iolen = 0;
260         break;
261 
262     case NAND_CMD_READID:
263         s->ioaddr = s->io;
264         s->iolen = 0;
265         nand_pushio_byte(s, s->manf_id);
266         nand_pushio_byte(s, s->chip_id);
267         nand_pushio_byte(s, 'Q'); /* Don't-care byte (often 0xa5) */
268         if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) {
269             /* Page Size, Block Size, Spare Size; bit 6 indicates
270              * 8 vs 16 bit width NAND.
271              */
272             nand_pushio_byte(s, (s->buswidth == 2) ? 0x55 : 0x15);
273         } else {
274             nand_pushio_byte(s, 0xc0); /* Multi-plane */
275         }
276         break;
277 
278     case NAND_CMD_RANDOMREAD2:
279     case NAND_CMD_NOSERIALREAD2:
280         if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP))
281             break;
282         offset = s->addr & ((1 << s->addr_shift) - 1);
283         s->blk_load(s, s->addr, offset);
284         if (s->gnd)
285             s->iolen = (1 << s->page_shift) - offset;
286         else
287             s->iolen = (1 << s->page_shift) + (1 << s->oob_shift) - offset;
288         break;
289 
290     case NAND_CMD_RESET:
291         nand_reset(DEVICE(s));
292         break;
293 
294     case NAND_CMD_PAGEPROGRAM1:
295         s->ioaddr = s->io;
296         s->iolen = 0;
297         break;
298 
299     case NAND_CMD_PAGEPROGRAM2:
300         if (s->wp) {
301             s->blk_write(s);
302         }
303         break;
304 
305     case NAND_CMD_BLOCKERASE1:
306         break;
307 
308     case NAND_CMD_BLOCKERASE2:
309         s->addr &= (1ull << s->addrlen * 8) - 1;
310         s->addr <<= nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP ?
311                                                                     16 : 8;
312 
313         if (s->wp) {
314             s->blk_erase(s);
315         }
316         break;
317 
318     case NAND_CMD_READSTATUS:
319         s->ioaddr = s->io;
320         s->iolen = 0;
321         nand_pushio_byte(s, s->status);
322         break;
323 
324     default:
325         printf("%s: Unknown NAND command 0x%02x\n", __func__, s->cmd);
326     }
327 }
328 
329 static int nand_pre_save(void *opaque)
330 {
331     NANDFlashState *s = NAND(opaque);
332 
333     s->ioaddr_vmstate = s->ioaddr - s->io;
334 
335     return 0;
336 }
337 
338 static int nand_post_load(void *opaque, int version_id)
339 {
340     NANDFlashState *s = NAND(opaque);
341 
342     if (s->ioaddr_vmstate > sizeof(s->io)) {
343         return -EINVAL;
344     }
345     s->ioaddr = s->io + s->ioaddr_vmstate;
346 
347     return 0;
348 }
349 
350 static const VMStateDescription vmstate_nand = {
351     .name = "nand",
352     .version_id = 1,
353     .minimum_version_id = 1,
354     .pre_save = nand_pre_save,
355     .post_load = nand_post_load,
356     .fields = (VMStateField[]) {
357         VMSTATE_UINT8(cle, NANDFlashState),
358         VMSTATE_UINT8(ale, NANDFlashState),
359         VMSTATE_UINT8(ce, NANDFlashState),
360         VMSTATE_UINT8(wp, NANDFlashState),
361         VMSTATE_UINT8(gnd, NANDFlashState),
362         VMSTATE_BUFFER(io, NANDFlashState),
363         VMSTATE_UINT32(ioaddr_vmstate, NANDFlashState),
364         VMSTATE_INT32(iolen, NANDFlashState),
365         VMSTATE_UINT32(cmd, NANDFlashState),
366         VMSTATE_UINT64(addr, NANDFlashState),
367         VMSTATE_INT32(addrlen, NANDFlashState),
368         VMSTATE_INT32(status, NANDFlashState),
369         VMSTATE_INT32(offset, NANDFlashState),
370         /* XXX: do we want to save s->storage too? */
371         VMSTATE_END_OF_LIST()
372     }
373 };
374 
375 static void nand_realize(DeviceState *dev, Error **errp)
376 {
377     int pagesize;
378     NANDFlashState *s = NAND(dev);
379     int ret;
380 
381 
382     s->buswidth = nand_flash_ids[s->chip_id].width >> 3;
383     s->size = nand_flash_ids[s->chip_id].size << 20;
384     if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) {
385         s->page_shift = 11;
386         s->erase_shift = 6;
387     } else {
388         s->page_shift = nand_flash_ids[s->chip_id].page_shift;
389         s->erase_shift = nand_flash_ids[s->chip_id].erase_shift;
390     }
391 
392     switch (1 << s->page_shift) {
393     case 256:
394         nand_init_256(s);
395         break;
396     case 512:
397         nand_init_512(s);
398         break;
399     case 2048:
400         nand_init_2048(s);
401         break;
402     default:
403         error_setg(errp, "Unsupported NAND block size %#x",
404                    1 << s->page_shift);
405         return;
406     }
407 
408     pagesize = 1 << s->oob_shift;
409     s->mem_oob = 1;
410     if (s->blk) {
411         if (blk_is_read_only(s->blk)) {
412             error_setg(errp, "Can't use a read-only drive");
413             return;
414         }
415         ret = blk_set_perm(s->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE,
416                            BLK_PERM_ALL, errp);
417         if (ret < 0) {
418             return;
419         }
420         if (blk_getlength(s->blk) >=
421                 (s->pages << s->page_shift) + (s->pages << s->oob_shift)) {
422             pagesize = 0;
423             s->mem_oob = 0;
424         }
425     } else {
426         pagesize += 1 << s->page_shift;
427     }
428     if (pagesize) {
429         s->storage = (uint8_t *) memset(g_malloc(s->pages * pagesize),
430                         0xff, s->pages * pagesize);
431     }
432     /* Give s->ioaddr a sane value in case we save state before it is used. */
433     s->ioaddr = s->io;
434 }
435 
436 static Property nand_properties[] = {
437     DEFINE_PROP_UINT8("manufacturer_id", NANDFlashState, manf_id, 0),
438     DEFINE_PROP_UINT8("chip_id", NANDFlashState, chip_id, 0),
439     DEFINE_PROP_DRIVE("drive", NANDFlashState, blk),
440     DEFINE_PROP_END_OF_LIST(),
441 };
442 
443 static void nand_class_init(ObjectClass *klass, void *data)
444 {
445     DeviceClass *dc = DEVICE_CLASS(klass);
446 
447     dc->realize = nand_realize;
448     dc->reset = nand_reset;
449     dc->vmsd = &vmstate_nand;
450     dc->props = nand_properties;
451 }
452 
453 static const TypeInfo nand_info = {
454     .name          = TYPE_NAND,
455     .parent        = TYPE_DEVICE,
456     .instance_size = sizeof(NANDFlashState),
457     .class_init    = nand_class_init,
458 };
459 
460 static void nand_register_types(void)
461 {
462     type_register_static(&nand_info);
463 }
464 
465 /*
466  * Chip inputs are CLE, ALE, CE, WP, GND and eight I/O pins.  Chip
467  * outputs are R/B and eight I/O pins.
468  *
469  * CE, WP and R/B are active low.
470  */
471 void nand_setpins(DeviceState *dev, uint8_t cle, uint8_t ale,
472                   uint8_t ce, uint8_t wp, uint8_t gnd)
473 {
474     NANDFlashState *s = NAND(dev);
475 
476     s->cle = cle;
477     s->ale = ale;
478     s->ce = ce;
479     s->wp = wp;
480     s->gnd = gnd;
481     if (wp) {
482         s->status |= NAND_IOSTATUS_UNPROTCT;
483     } else {
484         s->status &= ~NAND_IOSTATUS_UNPROTCT;
485     }
486 }
487 
488 void nand_getpins(DeviceState *dev, int *rb)
489 {
490     *rb = 1;
491 }
492 
493 void nand_setio(DeviceState *dev, uint32_t value)
494 {
495     int i;
496     NANDFlashState *s = NAND(dev);
497 
498     if (!s->ce && s->cle) {
499         if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) {
500             if (s->cmd == NAND_CMD_READ0 && value == NAND_CMD_LPREAD2)
501                 return;
502             if (value == NAND_CMD_RANDOMREAD1) {
503                 s->addr &= ~((1 << s->addr_shift) - 1);
504                 s->addrlen = 0;
505                 return;
506             }
507         }
508         if (value == NAND_CMD_READ0) {
509             s->offset = 0;
510         } else if (value == NAND_CMD_READ1) {
511             s->offset = 0x100;
512             value = NAND_CMD_READ0;
513         } else if (value == NAND_CMD_READ2) {
514             s->offset = 1 << s->page_shift;
515             value = NAND_CMD_READ0;
516         }
517 
518         s->cmd = value;
519 
520         if (s->cmd == NAND_CMD_READSTATUS ||
521                 s->cmd == NAND_CMD_PAGEPROGRAM2 ||
522                 s->cmd == NAND_CMD_BLOCKERASE1 ||
523                 s->cmd == NAND_CMD_BLOCKERASE2 ||
524                 s->cmd == NAND_CMD_NOSERIALREAD2 ||
525                 s->cmd == NAND_CMD_RANDOMREAD2 ||
526                 s->cmd == NAND_CMD_RESET) {
527             nand_command(s);
528         }
529 
530         if (s->cmd != NAND_CMD_RANDOMREAD2) {
531             s->addrlen = 0;
532         }
533     }
534 
535     if (s->ale) {
536         unsigned int shift = s->addrlen * 8;
537         uint64_t mask = ~(0xffull << shift);
538         uint64_t v = (uint64_t)value << shift;
539 
540         s->addr = (s->addr & mask) | v;
541         s->addrlen ++;
542 
543         switch (s->addrlen) {
544         case 1:
545             if (s->cmd == NAND_CMD_READID) {
546                 nand_command(s);
547             }
548             break;
549         case 2: /* fix cache address as a byte address */
550             s->addr <<= (s->buswidth - 1);
551             break;
552         case 3:
553             if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) &&
554                     (s->cmd == NAND_CMD_READ0 ||
555                      s->cmd == NAND_CMD_PAGEPROGRAM1)) {
556                 nand_command(s);
557             }
558             break;
559         case 4:
560             if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) &&
561                     nand_flash_ids[s->chip_id].size < 256 && /* 1Gb or less */
562                     (s->cmd == NAND_CMD_READ0 ||
563                      s->cmd == NAND_CMD_PAGEPROGRAM1)) {
564                 nand_command(s);
565             }
566             break;
567         case 5:
568             if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) &&
569                     nand_flash_ids[s->chip_id].size >= 256 && /* 2Gb or more */
570                     (s->cmd == NAND_CMD_READ0 ||
571                      s->cmd == NAND_CMD_PAGEPROGRAM1)) {
572                 nand_command(s);
573             }
574             break;
575         default:
576             break;
577         }
578     }
579 
580     if (!s->cle && !s->ale && s->cmd == NAND_CMD_PAGEPROGRAM1) {
581         if (s->iolen < (1 << s->page_shift) + (1 << s->oob_shift)) {
582             for (i = s->buswidth; i--; value >>= 8) {
583                 s->io[s->iolen ++] = (uint8_t) (value & 0xff);
584             }
585         }
586     } else if (!s->cle && !s->ale && s->cmd == NAND_CMD_COPYBACKPRG1) {
587         if ((s->addr & ((1 << s->addr_shift) - 1)) <
588                 (1 << s->page_shift) + (1 << s->oob_shift)) {
589             for (i = s->buswidth; i--; s->addr++, value >>= 8) {
590                 s->io[s->iolen + (s->addr & ((1 << s->addr_shift) - 1))] =
591                     (uint8_t) (value & 0xff);
592             }
593         }
594     }
595 }
596 
597 uint32_t nand_getio(DeviceState *dev)
598 {
599     int offset;
600     uint32_t x = 0;
601     NANDFlashState *s = NAND(dev);
602 
603     /* Allow sequential reading */
604     if (!s->iolen && s->cmd == NAND_CMD_READ0) {
605         offset = (int) (s->addr & ((1 << s->addr_shift) - 1)) + s->offset;
606         s->offset = 0;
607 
608         s->blk_load(s, s->addr, offset);
609         if (s->gnd)
610             s->iolen = (1 << s->page_shift) - offset;
611         else
612             s->iolen = (1 << s->page_shift) + (1 << s->oob_shift) - offset;
613     }
614 
615     if (s->ce || s->iolen <= 0) {
616         return 0;
617     }
618 
619     for (offset = s->buswidth; offset--;) {
620         x |= s->ioaddr[offset] << (offset << 3);
621     }
622     /* after receiving READ STATUS command all subsequent reads will
623      * return the status register value until another command is issued
624      */
625     if (s->cmd != NAND_CMD_READSTATUS) {
626         s->addr   += s->buswidth;
627         s->ioaddr += s->buswidth;
628         s->iolen  -= s->buswidth;
629     }
630     return x;
631 }
632 
633 uint32_t nand_getbuswidth(DeviceState *dev)
634 {
635     NANDFlashState *s = (NANDFlashState *) dev;
636     return s->buswidth << 3;
637 }
638 
639 DeviceState *nand_init(BlockBackend *blk, int manf_id, int chip_id)
640 {
641     DeviceState *dev;
642 
643     if (nand_flash_ids[chip_id].size == 0) {
644         hw_error("%s: Unsupported NAND chip ID.\n", __func__);
645     }
646     dev = DEVICE(object_new(TYPE_NAND));
647     qdev_prop_set_uint8(dev, "manufacturer_id", manf_id);
648     qdev_prop_set_uint8(dev, "chip_id", chip_id);
649     if (blk) {
650         qdev_prop_set_drive(dev, "drive", blk, &error_fatal);
651     }
652 
653     qdev_init_nofail(dev);
654     return dev;
655 }
656 
657 type_init(nand_register_types)
658 
659 #else
660 
661 /* Program a single page */
662 static void glue(nand_blk_write_, PAGE_SIZE)(NANDFlashState *s)
663 {
664     uint64_t off, page, sector, soff;
665     uint8_t iobuf[(PAGE_SECTORS + 2) * 0x200];
666     if (PAGE(s->addr) >= s->pages)
667         return;
668 
669     if (!s->blk) {
670         mem_and(s->storage + PAGE_START(s->addr) + (s->addr & PAGE_MASK) +
671                         s->offset, s->io, s->iolen);
672     } else if (s->mem_oob) {
673         sector = SECTOR(s->addr);
674         off = (s->addr & PAGE_MASK) + s->offset;
675         soff = SECTOR_OFFSET(s->addr);
676         if (blk_pread(s->blk, sector << BDRV_SECTOR_BITS, iobuf,
677                       PAGE_SECTORS << BDRV_SECTOR_BITS) < 0) {
678             printf("%s: read error in sector %" PRIu64 "\n", __func__, sector);
679             return;
680         }
681 
682         mem_and(iobuf + (soff | off), s->io, MIN(s->iolen, PAGE_SIZE - off));
683         if (off + s->iolen > PAGE_SIZE) {
684             page = PAGE(s->addr);
685             mem_and(s->storage + (page << OOB_SHIFT), s->io + PAGE_SIZE - off,
686                             MIN(OOB_SIZE, off + s->iolen - PAGE_SIZE));
687         }
688 
689         if (blk_pwrite(s->blk, sector << BDRV_SECTOR_BITS, iobuf,
690                        PAGE_SECTORS << BDRV_SECTOR_BITS, 0) < 0) {
691             printf("%s: write error in sector %" PRIu64 "\n", __func__, sector);
692         }
693     } else {
694         off = PAGE_START(s->addr) + (s->addr & PAGE_MASK) + s->offset;
695         sector = off >> 9;
696         soff = off & 0x1ff;
697         if (blk_pread(s->blk, sector << BDRV_SECTOR_BITS, iobuf,
698                       (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS) < 0) {
699             printf("%s: read error in sector %" PRIu64 "\n", __func__, sector);
700             return;
701         }
702 
703         mem_and(iobuf + soff, s->io, s->iolen);
704 
705         if (blk_pwrite(s->blk, sector << BDRV_SECTOR_BITS, iobuf,
706                        (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, 0) < 0) {
707             printf("%s: write error in sector %" PRIu64 "\n", __func__, sector);
708         }
709     }
710     s->offset = 0;
711 }
712 
713 /* Erase a single block */
714 static void glue(nand_blk_erase_, PAGE_SIZE)(NANDFlashState *s)
715 {
716     uint64_t i, page, addr;
717     uint8_t iobuf[0x200] = { [0 ... 0x1ff] = 0xff, };
718     addr = s->addr & ~((1 << (ADDR_SHIFT + s->erase_shift)) - 1);
719 
720     if (PAGE(addr) >= s->pages) {
721         return;
722     }
723 
724     if (!s->blk) {
725         memset(s->storage + PAGE_START(addr),
726                         0xff, (PAGE_SIZE + OOB_SIZE) << s->erase_shift);
727     } else if (s->mem_oob) {
728         memset(s->storage + (PAGE(addr) << OOB_SHIFT),
729                         0xff, OOB_SIZE << s->erase_shift);
730         i = SECTOR(addr);
731         page = SECTOR(addr + (1 << (ADDR_SHIFT + s->erase_shift)));
732         for (; i < page; i ++)
733             if (blk_pwrite(s->blk, i << BDRV_SECTOR_BITS, iobuf,
734                            BDRV_SECTOR_SIZE, 0) < 0) {
735                 printf("%s: write error in sector %" PRIu64 "\n", __func__, i);
736             }
737     } else {
738         addr = PAGE_START(addr);
739         page = addr >> 9;
740         if (blk_pread(s->blk, page << BDRV_SECTOR_BITS, iobuf,
741                       BDRV_SECTOR_SIZE) < 0) {
742             printf("%s: read error in sector %" PRIu64 "\n", __func__, page);
743         }
744         memset(iobuf + (addr & 0x1ff), 0xff, (~addr & 0x1ff) + 1);
745         if (blk_pwrite(s->blk, page << BDRV_SECTOR_BITS, iobuf,
746                        BDRV_SECTOR_SIZE, 0) < 0) {
747             printf("%s: write error in sector %" PRIu64 "\n", __func__, page);
748         }
749 
750         memset(iobuf, 0xff, 0x200);
751         i = (addr & ~0x1ff) + 0x200;
752         for (addr += ((PAGE_SIZE + OOB_SIZE) << s->erase_shift) - 0x200;
753                         i < addr; i += 0x200) {
754             if (blk_pwrite(s->blk, i, iobuf, BDRV_SECTOR_SIZE, 0) < 0) {
755                 printf("%s: write error in sector %" PRIu64 "\n",
756                        __func__, i >> 9);
757             }
758         }
759 
760         page = i >> 9;
761         if (blk_pread(s->blk, page << BDRV_SECTOR_BITS, iobuf,
762                       BDRV_SECTOR_SIZE) < 0) {
763             printf("%s: read error in sector %" PRIu64 "\n", __func__, page);
764         }
765         memset(iobuf, 0xff, ((addr - 1) & 0x1ff) + 1);
766         if (blk_pwrite(s->blk, page << BDRV_SECTOR_BITS, iobuf,
767                        BDRV_SECTOR_SIZE, 0) < 0) {
768             printf("%s: write error in sector %" PRIu64 "\n", __func__, page);
769         }
770     }
771 }
772 
773 static void glue(nand_blk_load_, PAGE_SIZE)(NANDFlashState *s,
774                 uint64_t addr, int offset)
775 {
776     if (PAGE(addr) >= s->pages) {
777         return;
778     }
779 
780     if (s->blk) {
781         if (s->mem_oob) {
782             if (blk_pread(s->blk, SECTOR(addr) << BDRV_SECTOR_BITS, s->io,
783                           PAGE_SECTORS << BDRV_SECTOR_BITS) < 0) {
784                 printf("%s: read error in sector %" PRIu64 "\n",
785                                 __func__, SECTOR(addr));
786             }
787             memcpy(s->io + SECTOR_OFFSET(s->addr) + PAGE_SIZE,
788                             s->storage + (PAGE(s->addr) << OOB_SHIFT),
789                             OOB_SIZE);
790             s->ioaddr = s->io + SECTOR_OFFSET(s->addr) + offset;
791         } else {
792             if (blk_pread(s->blk, PAGE_START(addr), s->io,
793                           (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS) < 0) {
794                 printf("%s: read error in sector %" PRIu64 "\n",
795                                 __func__, PAGE_START(addr) >> 9);
796             }
797             s->ioaddr = s->io + (PAGE_START(addr) & 0x1ff) + offset;
798         }
799     } else {
800         memcpy(s->io, s->storage + PAGE_START(s->addr) +
801                         offset, PAGE_SIZE + OOB_SIZE - offset);
802         s->ioaddr = s->io;
803     }
804 }
805 
806 static void glue(nand_init_, PAGE_SIZE)(NANDFlashState *s)
807 {
808     s->oob_shift = PAGE_SHIFT - 5;
809     s->pages = s->size >> PAGE_SHIFT;
810     s->addr_shift = ADDR_SHIFT;
811 
812     s->blk_erase = glue(nand_blk_erase_, PAGE_SIZE);
813     s->blk_write = glue(nand_blk_write_, PAGE_SIZE);
814     s->blk_load = glue(nand_blk_load_, PAGE_SIZE);
815 }
816 
817 # undef PAGE_SIZE
818 # undef PAGE_SHIFT
819 # undef PAGE_SECTORS
820 # undef ADDR_SHIFT
821 #endif	/* NAND_IO */
822