1 /* 2 * Flash NAND memory emulation. Based on "16M x 8 Bit NAND Flash 3 * Memory" datasheet for the KM29U128AT / K9F2808U0A chips from 4 * Samsung Electronic. 5 * 6 * Copyright (c) 2006 Openedhand Ltd. 7 * Written by Andrzej Zaborowski <balrog@zabor.org> 8 * 9 * Support for additional features based on "MT29F2G16ABCWP 2Gx16" 10 * datasheet from Micron Technology and "NAND02G-B2C" datasheet 11 * from ST Microelectronics. 12 * 13 * This code is licensed under the GNU GPL v2. 14 * 15 * Contributions after 2012-01-13 are licensed under the terms of the 16 * GNU GPL, version 2 or (at your option) any later version. 17 */ 18 19 #ifndef NAND_IO 20 21 #include "qemu/osdep.h" 22 #include "hw/hw.h" 23 #include "hw/qdev-properties.h" 24 #include "hw/qdev-properties-system.h" 25 #include "hw/block/flash.h" 26 #include "sysemu/block-backend.h" 27 #include "migration/vmstate.h" 28 #include "qapi/error.h" 29 #include "qemu/error-report.h" 30 #include "qemu/module.h" 31 #include "qom/object.h" 32 33 # define NAND_CMD_READ0 0x00 34 # define NAND_CMD_READ1 0x01 35 # define NAND_CMD_READ2 0x50 36 # define NAND_CMD_LPREAD2 0x30 37 # define NAND_CMD_NOSERIALREAD2 0x35 38 # define NAND_CMD_RANDOMREAD1 0x05 39 # define NAND_CMD_RANDOMREAD2 0xe0 40 # define NAND_CMD_READID 0x90 41 # define NAND_CMD_RESET 0xff 42 # define NAND_CMD_PAGEPROGRAM1 0x80 43 # define NAND_CMD_PAGEPROGRAM2 0x10 44 # define NAND_CMD_CACHEPROGRAM2 0x15 45 # define NAND_CMD_BLOCKERASE1 0x60 46 # define NAND_CMD_BLOCKERASE2 0xd0 47 # define NAND_CMD_READSTATUS 0x70 48 # define NAND_CMD_COPYBACKPRG1 0x85 49 50 # define NAND_IOSTATUS_ERROR (1 << 0) 51 # define NAND_IOSTATUS_PLANE0 (1 << 1) 52 # define NAND_IOSTATUS_PLANE1 (1 << 2) 53 # define NAND_IOSTATUS_PLANE2 (1 << 3) 54 # define NAND_IOSTATUS_PLANE3 (1 << 4) 55 # define NAND_IOSTATUS_READY (1 << 6) 56 # define NAND_IOSTATUS_UNPROTCT (1 << 7) 57 58 # define MAX_PAGE 0x800 59 # define MAX_OOB 0x40 60 61 typedef struct NANDFlashState NANDFlashState; 62 struct NANDFlashState { 63 DeviceState parent_obj; 64 65 uint8_t manf_id, chip_id; 66 uint8_t buswidth; /* in BYTES */ 67 int size, pages; 68 int page_shift, oob_shift, erase_shift, addr_shift; 69 uint8_t *storage; 70 BlockBackend *blk; 71 int mem_oob; 72 73 uint8_t cle, ale, ce, wp, gnd; 74 75 uint8_t io[MAX_PAGE + MAX_OOB + 0x400]; 76 uint8_t *ioaddr; 77 int iolen; 78 79 uint32_t cmd; 80 uint64_t addr; 81 int addrlen; 82 int status; 83 int offset; 84 85 void (*blk_write)(NANDFlashState *s); 86 void (*blk_erase)(NANDFlashState *s); 87 void (*blk_load)(NANDFlashState *s, uint64_t addr, int offset); 88 89 uint32_t ioaddr_vmstate; 90 }; 91 92 #define TYPE_NAND "nand" 93 94 OBJECT_DECLARE_SIMPLE_TYPE(NANDFlashState, NAND) 95 96 static void mem_and(uint8_t *dest, const uint8_t *src, size_t n) 97 { 98 /* Like memcpy() but we logical-AND the data into the destination */ 99 int i; 100 for (i = 0; i < n; i++) { 101 dest[i] &= src[i]; 102 } 103 } 104 105 # define NAND_NO_AUTOINCR 0x00000001 106 # define NAND_BUSWIDTH_16 0x00000002 107 # define NAND_NO_PADDING 0x00000004 108 # define NAND_CACHEPRG 0x00000008 109 # define NAND_COPYBACK 0x00000010 110 # define NAND_IS_AND 0x00000020 111 # define NAND_4PAGE_ARRAY 0x00000040 112 # define NAND_NO_READRDY 0x00000100 113 # define NAND_SAMSUNG_LP (NAND_NO_PADDING | NAND_COPYBACK) 114 115 # define NAND_IO 116 117 # define PAGE(addr) ((addr) >> ADDR_SHIFT) 118 # define PAGE_START(page) (PAGE(page) * (PAGE_SIZE + OOB_SIZE)) 119 # define PAGE_MASK ((1 << ADDR_SHIFT) - 1) 120 # define OOB_SHIFT (PAGE_SHIFT - 5) 121 # define OOB_SIZE (1 << OOB_SHIFT) 122 # define SECTOR(addr) ((addr) >> (9 + ADDR_SHIFT - PAGE_SHIFT)) 123 # define SECTOR_OFFSET(addr) ((addr) & ((511 >> PAGE_SHIFT) << 8)) 124 125 # define PAGE_SIZE 256 126 # define PAGE_SHIFT 8 127 # define PAGE_SECTORS 1 128 # define ADDR_SHIFT 8 129 # include "nand.c" 130 # define PAGE_SIZE 512 131 # define PAGE_SHIFT 9 132 # define PAGE_SECTORS 1 133 # define ADDR_SHIFT 8 134 # include "nand.c" 135 # define PAGE_SIZE 2048 136 # define PAGE_SHIFT 11 137 # define PAGE_SECTORS 4 138 # define ADDR_SHIFT 16 139 # include "nand.c" 140 141 /* Information based on Linux drivers/mtd/nand/nand_ids.c */ 142 static const struct { 143 int size; 144 int width; 145 int page_shift; 146 int erase_shift; 147 uint32_t options; 148 } nand_flash_ids[0x100] = { 149 [0 ... 0xff] = { 0 }, 150 151 [0x6e] = { 1, 8, 8, 4, 0 }, 152 [0x64] = { 2, 8, 8, 4, 0 }, 153 [0x6b] = { 4, 8, 9, 4, 0 }, 154 [0xe8] = { 1, 8, 8, 4, 0 }, 155 [0xec] = { 1, 8, 8, 4, 0 }, 156 [0xea] = { 2, 8, 8, 4, 0 }, 157 [0xd5] = { 4, 8, 9, 4, 0 }, 158 [0xe3] = { 4, 8, 9, 4, 0 }, 159 [0xe5] = { 4, 8, 9, 4, 0 }, 160 [0xd6] = { 8, 8, 9, 4, 0 }, 161 162 [0x39] = { 8, 8, 9, 4, 0 }, 163 [0xe6] = { 8, 8, 9, 4, 0 }, 164 [0x49] = { 8, 16, 9, 4, NAND_BUSWIDTH_16 }, 165 [0x59] = { 8, 16, 9, 4, NAND_BUSWIDTH_16 }, 166 167 [0x33] = { 16, 8, 9, 5, 0 }, 168 [0x73] = { 16, 8, 9, 5, 0 }, 169 [0x43] = { 16, 16, 9, 5, NAND_BUSWIDTH_16 }, 170 [0x53] = { 16, 16, 9, 5, NAND_BUSWIDTH_16 }, 171 172 [0x35] = { 32, 8, 9, 5, 0 }, 173 [0x75] = { 32, 8, 9, 5, 0 }, 174 [0x45] = { 32, 16, 9, 5, NAND_BUSWIDTH_16 }, 175 [0x55] = { 32, 16, 9, 5, NAND_BUSWIDTH_16 }, 176 177 [0x36] = { 64, 8, 9, 5, 0 }, 178 [0x76] = { 64, 8, 9, 5, 0 }, 179 [0x46] = { 64, 16, 9, 5, NAND_BUSWIDTH_16 }, 180 [0x56] = { 64, 16, 9, 5, NAND_BUSWIDTH_16 }, 181 182 [0x78] = { 128, 8, 9, 5, 0 }, 183 [0x39] = { 128, 8, 9, 5, 0 }, 184 [0x79] = { 128, 8, 9, 5, 0 }, 185 [0x72] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, 186 [0x49] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, 187 [0x74] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, 188 [0x59] = { 128, 16, 9, 5, NAND_BUSWIDTH_16 }, 189 190 [0x71] = { 256, 8, 9, 5, 0 }, 191 192 /* 193 * These are the new chips with large page size. The pagesize and the 194 * erasesize is determined from the extended id bytes 195 */ 196 # define LP_OPTIONS (NAND_SAMSUNG_LP | NAND_NO_READRDY | NAND_NO_AUTOINCR) 197 # define LP_OPTIONS16 (LP_OPTIONS | NAND_BUSWIDTH_16) 198 199 /* 512 Megabit */ 200 [0xa2] = { 64, 8, 0, 0, LP_OPTIONS }, 201 [0xf2] = { 64, 8, 0, 0, LP_OPTIONS }, 202 [0xb2] = { 64, 16, 0, 0, LP_OPTIONS16 }, 203 [0xc2] = { 64, 16, 0, 0, LP_OPTIONS16 }, 204 205 /* 1 Gigabit */ 206 [0xa1] = { 128, 8, 0, 0, LP_OPTIONS }, 207 [0xf1] = { 128, 8, 0, 0, LP_OPTIONS }, 208 [0xb1] = { 128, 16, 0, 0, LP_OPTIONS16 }, 209 [0xc1] = { 128, 16, 0, 0, LP_OPTIONS16 }, 210 211 /* 2 Gigabit */ 212 [0xaa] = { 256, 8, 0, 0, LP_OPTIONS }, 213 [0xda] = { 256, 8, 0, 0, LP_OPTIONS }, 214 [0xba] = { 256, 16, 0, 0, LP_OPTIONS16 }, 215 [0xca] = { 256, 16, 0, 0, LP_OPTIONS16 }, 216 217 /* 4 Gigabit */ 218 [0xac] = { 512, 8, 0, 0, LP_OPTIONS }, 219 [0xdc] = { 512, 8, 0, 0, LP_OPTIONS }, 220 [0xbc] = { 512, 16, 0, 0, LP_OPTIONS16 }, 221 [0xcc] = { 512, 16, 0, 0, LP_OPTIONS16 }, 222 223 /* 8 Gigabit */ 224 [0xa3] = { 1024, 8, 0, 0, LP_OPTIONS }, 225 [0xd3] = { 1024, 8, 0, 0, LP_OPTIONS }, 226 [0xb3] = { 1024, 16, 0, 0, LP_OPTIONS16 }, 227 [0xc3] = { 1024, 16, 0, 0, LP_OPTIONS16 }, 228 229 /* 16 Gigabit */ 230 [0xa5] = { 2048, 8, 0, 0, LP_OPTIONS }, 231 [0xd5] = { 2048, 8, 0, 0, LP_OPTIONS }, 232 [0xb5] = { 2048, 16, 0, 0, LP_OPTIONS16 }, 233 [0xc5] = { 2048, 16, 0, 0, LP_OPTIONS16 }, 234 }; 235 236 static void nand_reset(DeviceState *dev) 237 { 238 NANDFlashState *s = NAND(dev); 239 s->cmd = NAND_CMD_READ0; 240 s->addr = 0; 241 s->addrlen = 0; 242 s->iolen = 0; 243 s->offset = 0; 244 s->status &= NAND_IOSTATUS_UNPROTCT; 245 s->status |= NAND_IOSTATUS_READY; 246 } 247 248 static inline void nand_pushio_byte(NANDFlashState *s, uint8_t value) 249 { 250 s->ioaddr[s->iolen++] = value; 251 for (value = s->buswidth; --value;) { 252 s->ioaddr[s->iolen++] = 0; 253 } 254 } 255 256 static void nand_command(NANDFlashState *s) 257 { 258 unsigned int offset; 259 switch (s->cmd) { 260 case NAND_CMD_READ0: 261 s->iolen = 0; 262 break; 263 264 case NAND_CMD_READID: 265 s->ioaddr = s->io; 266 s->iolen = 0; 267 nand_pushio_byte(s, s->manf_id); 268 nand_pushio_byte(s, s->chip_id); 269 nand_pushio_byte(s, 'Q'); /* Don't-care byte (often 0xa5) */ 270 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) { 271 /* Page Size, Block Size, Spare Size; bit 6 indicates 272 * 8 vs 16 bit width NAND. 273 */ 274 nand_pushio_byte(s, (s->buswidth == 2) ? 0x55 : 0x15); 275 } else { 276 nand_pushio_byte(s, 0xc0); /* Multi-plane */ 277 } 278 break; 279 280 case NAND_CMD_RANDOMREAD2: 281 case NAND_CMD_NOSERIALREAD2: 282 if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP)) 283 break; 284 offset = s->addr & ((1 << s->addr_shift) - 1); 285 s->blk_load(s, s->addr, offset); 286 if (s->gnd) 287 s->iolen = (1 << s->page_shift) - offset; 288 else 289 s->iolen = (1 << s->page_shift) + (1 << s->oob_shift) - offset; 290 break; 291 292 case NAND_CMD_RESET: 293 nand_reset(DEVICE(s)); 294 break; 295 296 case NAND_CMD_PAGEPROGRAM1: 297 s->ioaddr = s->io; 298 s->iolen = 0; 299 break; 300 301 case NAND_CMD_PAGEPROGRAM2: 302 if (s->wp) { 303 s->blk_write(s); 304 } 305 break; 306 307 case NAND_CMD_BLOCKERASE1: 308 break; 309 310 case NAND_CMD_BLOCKERASE2: 311 s->addr &= (1ull << s->addrlen * 8) - 1; 312 s->addr <<= nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP ? 313 16 : 8; 314 315 if (s->wp) { 316 s->blk_erase(s); 317 } 318 break; 319 320 case NAND_CMD_READSTATUS: 321 s->ioaddr = s->io; 322 s->iolen = 0; 323 nand_pushio_byte(s, s->status); 324 break; 325 326 default: 327 printf("%s: Unknown NAND command 0x%02x\n", __func__, s->cmd); 328 } 329 } 330 331 static int nand_pre_save(void *opaque) 332 { 333 NANDFlashState *s = NAND(opaque); 334 335 s->ioaddr_vmstate = s->ioaddr - s->io; 336 337 return 0; 338 } 339 340 static int nand_post_load(void *opaque, int version_id) 341 { 342 NANDFlashState *s = NAND(opaque); 343 344 if (s->ioaddr_vmstate > sizeof(s->io)) { 345 return -EINVAL; 346 } 347 s->ioaddr = s->io + s->ioaddr_vmstate; 348 349 return 0; 350 } 351 352 static const VMStateDescription vmstate_nand = { 353 .name = "nand", 354 .version_id = 1, 355 .minimum_version_id = 1, 356 .pre_save = nand_pre_save, 357 .post_load = nand_post_load, 358 .fields = (VMStateField[]) { 359 VMSTATE_UINT8(cle, NANDFlashState), 360 VMSTATE_UINT8(ale, NANDFlashState), 361 VMSTATE_UINT8(ce, NANDFlashState), 362 VMSTATE_UINT8(wp, NANDFlashState), 363 VMSTATE_UINT8(gnd, NANDFlashState), 364 VMSTATE_BUFFER(io, NANDFlashState), 365 VMSTATE_UINT32(ioaddr_vmstate, NANDFlashState), 366 VMSTATE_INT32(iolen, NANDFlashState), 367 VMSTATE_UINT32(cmd, NANDFlashState), 368 VMSTATE_UINT64(addr, NANDFlashState), 369 VMSTATE_INT32(addrlen, NANDFlashState), 370 VMSTATE_INT32(status, NANDFlashState), 371 VMSTATE_INT32(offset, NANDFlashState), 372 /* XXX: do we want to save s->storage too? */ 373 VMSTATE_END_OF_LIST() 374 } 375 }; 376 377 static void nand_realize(DeviceState *dev, Error **errp) 378 { 379 int pagesize; 380 NANDFlashState *s = NAND(dev); 381 int ret; 382 383 384 s->buswidth = nand_flash_ids[s->chip_id].width >> 3; 385 s->size = nand_flash_ids[s->chip_id].size << 20; 386 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) { 387 s->page_shift = 11; 388 s->erase_shift = 6; 389 } else { 390 s->page_shift = nand_flash_ids[s->chip_id].page_shift; 391 s->erase_shift = nand_flash_ids[s->chip_id].erase_shift; 392 } 393 394 switch (1 << s->page_shift) { 395 case 256: 396 nand_init_256(s); 397 break; 398 case 512: 399 nand_init_512(s); 400 break; 401 case 2048: 402 nand_init_2048(s); 403 break; 404 default: 405 error_setg(errp, "Unsupported NAND block size %#x", 406 1 << s->page_shift); 407 return; 408 } 409 410 pagesize = 1 << s->oob_shift; 411 s->mem_oob = 1; 412 if (s->blk) { 413 if (blk_is_read_only(s->blk)) { 414 error_setg(errp, "Can't use a read-only drive"); 415 return; 416 } 417 ret = blk_set_perm(s->blk, BLK_PERM_CONSISTENT_READ | BLK_PERM_WRITE, 418 BLK_PERM_ALL, errp); 419 if (ret < 0) { 420 return; 421 } 422 if (blk_getlength(s->blk) >= 423 (s->pages << s->page_shift) + (s->pages << s->oob_shift)) { 424 pagesize = 0; 425 s->mem_oob = 0; 426 } 427 } else { 428 pagesize += 1 << s->page_shift; 429 } 430 if (pagesize) { 431 s->storage = (uint8_t *) memset(g_malloc(s->pages * pagesize), 432 0xff, s->pages * pagesize); 433 } 434 /* Give s->ioaddr a sane value in case we save state before it is used. */ 435 s->ioaddr = s->io; 436 } 437 438 static Property nand_properties[] = { 439 DEFINE_PROP_UINT8("manufacturer_id", NANDFlashState, manf_id, 0), 440 DEFINE_PROP_UINT8("chip_id", NANDFlashState, chip_id, 0), 441 DEFINE_PROP_DRIVE("drive", NANDFlashState, blk), 442 DEFINE_PROP_END_OF_LIST(), 443 }; 444 445 static void nand_class_init(ObjectClass *klass, void *data) 446 { 447 DeviceClass *dc = DEVICE_CLASS(klass); 448 449 dc->realize = nand_realize; 450 dc->reset = nand_reset; 451 dc->vmsd = &vmstate_nand; 452 device_class_set_props(dc, nand_properties); 453 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); 454 } 455 456 static const TypeInfo nand_info = { 457 .name = TYPE_NAND, 458 .parent = TYPE_DEVICE, 459 .instance_size = sizeof(NANDFlashState), 460 .class_init = nand_class_init, 461 }; 462 463 static void nand_register_types(void) 464 { 465 type_register_static(&nand_info); 466 } 467 468 /* 469 * Chip inputs are CLE, ALE, CE, WP, GND and eight I/O pins. Chip 470 * outputs are R/B and eight I/O pins. 471 * 472 * CE, WP and R/B are active low. 473 */ 474 void nand_setpins(DeviceState *dev, uint8_t cle, uint8_t ale, 475 uint8_t ce, uint8_t wp, uint8_t gnd) 476 { 477 NANDFlashState *s = NAND(dev); 478 479 s->cle = cle; 480 s->ale = ale; 481 s->ce = ce; 482 s->wp = wp; 483 s->gnd = gnd; 484 if (wp) { 485 s->status |= NAND_IOSTATUS_UNPROTCT; 486 } else { 487 s->status &= ~NAND_IOSTATUS_UNPROTCT; 488 } 489 } 490 491 void nand_getpins(DeviceState *dev, int *rb) 492 { 493 *rb = 1; 494 } 495 496 void nand_setio(DeviceState *dev, uint32_t value) 497 { 498 int i; 499 NANDFlashState *s = NAND(dev); 500 501 if (!s->ce && s->cle) { 502 if (nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) { 503 if (s->cmd == NAND_CMD_READ0 && value == NAND_CMD_LPREAD2) 504 return; 505 if (value == NAND_CMD_RANDOMREAD1) { 506 s->addr &= ~((1 << s->addr_shift) - 1); 507 s->addrlen = 0; 508 return; 509 } 510 } 511 if (value == NAND_CMD_READ0) { 512 s->offset = 0; 513 } else if (value == NAND_CMD_READ1) { 514 s->offset = 0x100; 515 value = NAND_CMD_READ0; 516 } else if (value == NAND_CMD_READ2) { 517 s->offset = 1 << s->page_shift; 518 value = NAND_CMD_READ0; 519 } 520 521 s->cmd = value; 522 523 if (s->cmd == NAND_CMD_READSTATUS || 524 s->cmd == NAND_CMD_PAGEPROGRAM2 || 525 s->cmd == NAND_CMD_BLOCKERASE1 || 526 s->cmd == NAND_CMD_BLOCKERASE2 || 527 s->cmd == NAND_CMD_NOSERIALREAD2 || 528 s->cmd == NAND_CMD_RANDOMREAD2 || 529 s->cmd == NAND_CMD_RESET) { 530 nand_command(s); 531 } 532 533 if (s->cmd != NAND_CMD_RANDOMREAD2) { 534 s->addrlen = 0; 535 } 536 } 537 538 if (s->ale) { 539 unsigned int shift = s->addrlen * 8; 540 uint64_t mask = ~(0xffull << shift); 541 uint64_t v = (uint64_t)value << shift; 542 543 s->addr = (s->addr & mask) | v; 544 s->addrlen ++; 545 546 switch (s->addrlen) { 547 case 1: 548 if (s->cmd == NAND_CMD_READID) { 549 nand_command(s); 550 } 551 break; 552 case 2: /* fix cache address as a byte address */ 553 s->addr <<= (s->buswidth - 1); 554 break; 555 case 3: 556 if (!(nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) && 557 (s->cmd == NAND_CMD_READ0 || 558 s->cmd == NAND_CMD_PAGEPROGRAM1)) { 559 nand_command(s); 560 } 561 break; 562 case 4: 563 if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) && 564 nand_flash_ids[s->chip_id].size < 256 && /* 1Gb or less */ 565 (s->cmd == NAND_CMD_READ0 || 566 s->cmd == NAND_CMD_PAGEPROGRAM1)) { 567 nand_command(s); 568 } 569 break; 570 case 5: 571 if ((nand_flash_ids[s->chip_id].options & NAND_SAMSUNG_LP) && 572 nand_flash_ids[s->chip_id].size >= 256 && /* 2Gb or more */ 573 (s->cmd == NAND_CMD_READ0 || 574 s->cmd == NAND_CMD_PAGEPROGRAM1)) { 575 nand_command(s); 576 } 577 break; 578 default: 579 break; 580 } 581 } 582 583 if (!s->cle && !s->ale && s->cmd == NAND_CMD_PAGEPROGRAM1) { 584 if (s->iolen < (1 << s->page_shift) + (1 << s->oob_shift)) { 585 for (i = s->buswidth; i--; value >>= 8) { 586 s->io[s->iolen ++] = (uint8_t) (value & 0xff); 587 } 588 } 589 } else if (!s->cle && !s->ale && s->cmd == NAND_CMD_COPYBACKPRG1) { 590 if ((s->addr & ((1 << s->addr_shift) - 1)) < 591 (1 << s->page_shift) + (1 << s->oob_shift)) { 592 for (i = s->buswidth; i--; s->addr++, value >>= 8) { 593 s->io[s->iolen + (s->addr & ((1 << s->addr_shift) - 1))] = 594 (uint8_t) (value & 0xff); 595 } 596 } 597 } 598 } 599 600 uint32_t nand_getio(DeviceState *dev) 601 { 602 int offset; 603 uint32_t x = 0; 604 NANDFlashState *s = NAND(dev); 605 606 /* Allow sequential reading */ 607 if (!s->iolen && s->cmd == NAND_CMD_READ0) { 608 offset = (int) (s->addr & ((1 << s->addr_shift) - 1)) + s->offset; 609 s->offset = 0; 610 611 s->blk_load(s, s->addr, offset); 612 if (s->gnd) 613 s->iolen = (1 << s->page_shift) - offset; 614 else 615 s->iolen = (1 << s->page_shift) + (1 << s->oob_shift) - offset; 616 } 617 618 if (s->ce || s->iolen <= 0) { 619 return 0; 620 } 621 622 for (offset = s->buswidth; offset--;) { 623 x |= s->ioaddr[offset] << (offset << 3); 624 } 625 /* after receiving READ STATUS command all subsequent reads will 626 * return the status register value until another command is issued 627 */ 628 if (s->cmd != NAND_CMD_READSTATUS) { 629 s->addr += s->buswidth; 630 s->ioaddr += s->buswidth; 631 s->iolen -= s->buswidth; 632 } 633 return x; 634 } 635 636 uint32_t nand_getbuswidth(DeviceState *dev) 637 { 638 NANDFlashState *s = (NANDFlashState *) dev; 639 return s->buswidth << 3; 640 } 641 642 DeviceState *nand_init(BlockBackend *blk, int manf_id, int chip_id) 643 { 644 DeviceState *dev; 645 646 if (nand_flash_ids[chip_id].size == 0) { 647 hw_error("%s: Unsupported NAND chip ID.\n", __func__); 648 } 649 dev = qdev_new(TYPE_NAND); 650 qdev_prop_set_uint8(dev, "manufacturer_id", manf_id); 651 qdev_prop_set_uint8(dev, "chip_id", chip_id); 652 if (blk) { 653 qdev_prop_set_drive_err(dev, "drive", blk, &error_fatal); 654 } 655 656 qdev_realize(dev, NULL, &error_fatal); 657 return dev; 658 } 659 660 type_init(nand_register_types) 661 662 #else 663 664 /* Program a single page */ 665 static void glue(nand_blk_write_, PAGE_SIZE)(NANDFlashState *s) 666 { 667 uint64_t off, page, sector, soff; 668 uint8_t iobuf[(PAGE_SECTORS + 2) * 0x200]; 669 if (PAGE(s->addr) >= s->pages) 670 return; 671 672 if (!s->blk) { 673 mem_and(s->storage + PAGE_START(s->addr) + (s->addr & PAGE_MASK) + 674 s->offset, s->io, s->iolen); 675 } else if (s->mem_oob) { 676 sector = SECTOR(s->addr); 677 off = (s->addr & PAGE_MASK) + s->offset; 678 soff = SECTOR_OFFSET(s->addr); 679 if (blk_pread(s->blk, sector << BDRV_SECTOR_BITS, iobuf, 680 PAGE_SECTORS << BDRV_SECTOR_BITS) < 0) { 681 printf("%s: read error in sector %" PRIu64 "\n", __func__, sector); 682 return; 683 } 684 685 mem_and(iobuf + (soff | off), s->io, MIN(s->iolen, PAGE_SIZE - off)); 686 if (off + s->iolen > PAGE_SIZE) { 687 page = PAGE(s->addr); 688 mem_and(s->storage + (page << OOB_SHIFT), s->io + PAGE_SIZE - off, 689 MIN(OOB_SIZE, off + s->iolen - PAGE_SIZE)); 690 } 691 692 if (blk_pwrite(s->blk, sector << BDRV_SECTOR_BITS, iobuf, 693 PAGE_SECTORS << BDRV_SECTOR_BITS, 0) < 0) { 694 printf("%s: write error in sector %" PRIu64 "\n", __func__, sector); 695 } 696 } else { 697 off = PAGE_START(s->addr) + (s->addr & PAGE_MASK) + s->offset; 698 sector = off >> 9; 699 soff = off & 0x1ff; 700 if (blk_pread(s->blk, sector << BDRV_SECTOR_BITS, iobuf, 701 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS) < 0) { 702 printf("%s: read error in sector %" PRIu64 "\n", __func__, sector); 703 return; 704 } 705 706 mem_and(iobuf + soff, s->io, s->iolen); 707 708 if (blk_pwrite(s->blk, sector << BDRV_SECTOR_BITS, iobuf, 709 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS, 0) < 0) { 710 printf("%s: write error in sector %" PRIu64 "\n", __func__, sector); 711 } 712 } 713 s->offset = 0; 714 } 715 716 /* Erase a single block */ 717 static void glue(nand_blk_erase_, PAGE_SIZE)(NANDFlashState *s) 718 { 719 uint64_t i, page, addr; 720 uint8_t iobuf[0x200] = { [0 ... 0x1ff] = 0xff, }; 721 addr = s->addr & ~((1 << (ADDR_SHIFT + s->erase_shift)) - 1); 722 723 if (PAGE(addr) >= s->pages) { 724 return; 725 } 726 727 if (!s->blk) { 728 memset(s->storage + PAGE_START(addr), 729 0xff, (PAGE_SIZE + OOB_SIZE) << s->erase_shift); 730 } else if (s->mem_oob) { 731 memset(s->storage + (PAGE(addr) << OOB_SHIFT), 732 0xff, OOB_SIZE << s->erase_shift); 733 i = SECTOR(addr); 734 page = SECTOR(addr + (1 << (ADDR_SHIFT + s->erase_shift))); 735 for (; i < page; i ++) 736 if (blk_pwrite(s->blk, i << BDRV_SECTOR_BITS, iobuf, 737 BDRV_SECTOR_SIZE, 0) < 0) { 738 printf("%s: write error in sector %" PRIu64 "\n", __func__, i); 739 } 740 } else { 741 addr = PAGE_START(addr); 742 page = addr >> 9; 743 if (blk_pread(s->blk, page << BDRV_SECTOR_BITS, iobuf, 744 BDRV_SECTOR_SIZE) < 0) { 745 printf("%s: read error in sector %" PRIu64 "\n", __func__, page); 746 } 747 memset(iobuf + (addr & 0x1ff), 0xff, (~addr & 0x1ff) + 1); 748 if (blk_pwrite(s->blk, page << BDRV_SECTOR_BITS, iobuf, 749 BDRV_SECTOR_SIZE, 0) < 0) { 750 printf("%s: write error in sector %" PRIu64 "\n", __func__, page); 751 } 752 753 memset(iobuf, 0xff, 0x200); 754 i = (addr & ~0x1ff) + 0x200; 755 for (addr += ((PAGE_SIZE + OOB_SIZE) << s->erase_shift) - 0x200; 756 i < addr; i += 0x200) { 757 if (blk_pwrite(s->blk, i, iobuf, BDRV_SECTOR_SIZE, 0) < 0) { 758 printf("%s: write error in sector %" PRIu64 "\n", 759 __func__, i >> 9); 760 } 761 } 762 763 page = i >> 9; 764 if (blk_pread(s->blk, page << BDRV_SECTOR_BITS, iobuf, 765 BDRV_SECTOR_SIZE) < 0) { 766 printf("%s: read error in sector %" PRIu64 "\n", __func__, page); 767 } 768 memset(iobuf, 0xff, ((addr - 1) & 0x1ff) + 1); 769 if (blk_pwrite(s->blk, page << BDRV_SECTOR_BITS, iobuf, 770 BDRV_SECTOR_SIZE, 0) < 0) { 771 printf("%s: write error in sector %" PRIu64 "\n", __func__, page); 772 } 773 } 774 } 775 776 static void glue(nand_blk_load_, PAGE_SIZE)(NANDFlashState *s, 777 uint64_t addr, int offset) 778 { 779 if (PAGE(addr) >= s->pages) { 780 return; 781 } 782 783 if (s->blk) { 784 if (s->mem_oob) { 785 if (blk_pread(s->blk, SECTOR(addr) << BDRV_SECTOR_BITS, s->io, 786 PAGE_SECTORS << BDRV_SECTOR_BITS) < 0) { 787 printf("%s: read error in sector %" PRIu64 "\n", 788 __func__, SECTOR(addr)); 789 } 790 memcpy(s->io + SECTOR_OFFSET(s->addr) + PAGE_SIZE, 791 s->storage + (PAGE(s->addr) << OOB_SHIFT), 792 OOB_SIZE); 793 s->ioaddr = s->io + SECTOR_OFFSET(s->addr) + offset; 794 } else { 795 if (blk_pread(s->blk, PAGE_START(addr), s->io, 796 (PAGE_SECTORS + 2) << BDRV_SECTOR_BITS) < 0) { 797 printf("%s: read error in sector %" PRIu64 "\n", 798 __func__, PAGE_START(addr) >> 9); 799 } 800 s->ioaddr = s->io + (PAGE_START(addr) & 0x1ff) + offset; 801 } 802 } else { 803 memcpy(s->io, s->storage + PAGE_START(s->addr) + 804 offset, PAGE_SIZE + OOB_SIZE - offset); 805 s->ioaddr = s->io; 806 } 807 } 808 809 static void glue(nand_init_, PAGE_SIZE)(NANDFlashState *s) 810 { 811 s->oob_shift = PAGE_SHIFT - 5; 812 s->pages = s->size >> PAGE_SHIFT; 813 s->addr_shift = ADDR_SHIFT; 814 815 s->blk_erase = glue(nand_blk_erase_, PAGE_SIZE); 816 s->blk_write = glue(nand_blk_write_, PAGE_SIZE); 817 s->blk_load = glue(nand_blk_load_, PAGE_SIZE); 818 } 819 820 # undef PAGE_SIZE 821 # undef PAGE_SHIFT 822 # undef PAGE_SECTORS 823 # undef ADDR_SHIFT 824 #endif /* NAND_IO */ 825