]> git.proxmox.com Git - mirror_qemu.git/blame_incremental - hw/block/pflash_cfi01.c
projects / mirror_qemu.git / blame_incremental
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (non-incremental) | history | HEAD
block: Clean up includes
[mirror_qemu.git] / hw / block / pflash_cfi01.c
... / ...
CommitLineData
1/*
2 * CFI parallel flash with Intel command set emulation
3 *
4 * Copyright (c) 2006 Thorsten Zitterell
5 * Copyright (c) 2005 Jocelyn Mayer
6 *
7 * This library is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU Lesser General Public
9 * License as published by the Free Software Foundation; either
10 * version 2 of the License, or (at your option) any later version.
11 *
12 * This library is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
15 * Lesser General Public License for more details.
16 *
17 * You should have received a copy of the GNU Lesser General Public
18 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
19 */
20
21/*
22 * For now, this code can emulate flashes of 1, 2 or 4 bytes width.
23 * Supported commands/modes are:
24 * - flash read
25 * - flash write
26 * - flash ID read
27 * - sector erase
28 * - CFI queries
29 *
30 * It does not support timings
31 * It does not support flash interleaving
32 * It does not implement software data protection as found in many real chips
33 * It does not implement erase suspend/resume commands
34 * It does not implement multiple sectors erase
35 *
36 * It does not implement much more ...
37 */
38
39#include "qemu/osdep.h"
40#include "hw/hw.h"
41#include "hw/block/flash.h"
42#include "sysemu/block-backend.h"
43#include "qemu/timer.h"
44#include "qemu/bitops.h"
45#include "exec/address-spaces.h"
46#include "qemu/host-utils.h"
47#include "hw/sysbus.h"
48
49#define PFLASH_BUG(fmt, ...) \
50do { \
51 fprintf(stderr, "PFLASH: Possible BUG - " fmt, ## __VA_ARGS__); \
52 exit(1); \
53} while(0)
54
55/* #define PFLASH_DEBUG */
56#ifdef PFLASH_DEBUG
57#define DPRINTF(fmt, ...) \
58do { \
59 fprintf(stderr, "PFLASH: " fmt , ## __VA_ARGS__); \
60} while (0)
61#else
62#define DPRINTF(fmt, ...) do { } while (0)
63#endif
64
65#define TYPE_CFI_PFLASH01 "cfi.pflash01"
66#define CFI_PFLASH01(obj) OBJECT_CHECK(pflash_t, (obj), TYPE_CFI_PFLASH01)
67
68#define PFLASH_BE 0
69#define PFLASH_SECURE 1
70
71struct pflash_t {
72 /*< private >*/
73 SysBusDevice parent_obj;
74 /*< public >*/
75
76 BlockBackend *blk;
77 uint32_t nb_blocs;
78 uint64_t sector_len;
79 uint8_t bank_width;
80 uint8_t device_width; /* If 0, device width not specified. */
81 uint8_t max_device_width; /* max device width in bytes */
82 uint32_t features;
83 uint8_t wcycle; /* if 0, the flash is read normally */
84 int ro;
85 uint8_t cmd;
86 uint8_t status;
87 uint16_t ident0;
88 uint16_t ident1;
89 uint16_t ident2;
90 uint16_t ident3;
91 uint8_t cfi_len;
92 uint8_t cfi_table[0x52];
93 uint64_t counter;
94 unsigned int writeblock_size;
95 QEMUTimer *timer;
96 MemoryRegion mem;
97 char *name;
98 void *storage;
99};
100
101static int pflash_post_load(void *opaque, int version_id);
102
103static const VMStateDescription vmstate_pflash = {
104 .name = "pflash_cfi01",
105 .version_id = 1,
106 .minimum_version_id = 1,
107 .post_load = pflash_post_load,
108 .fields = (VMStateField[]) {
109 VMSTATE_UINT8(wcycle, pflash_t),
110 VMSTATE_UINT8(cmd, pflash_t),
111 VMSTATE_UINT8(status, pflash_t),
112 VMSTATE_UINT64(counter, pflash_t),
113 VMSTATE_END_OF_LIST()
114 }
115};
116
117static void pflash_timer (void *opaque)
118{
119 pflash_t *pfl = opaque;
120
121 DPRINTF("%s: command %02x done\n", __func__, pfl->cmd);
122 /* Reset flash */
123 pfl->status ^= 0x80;
124 memory_region_rom_device_set_romd(&pfl->mem, true);
125 pfl->wcycle = 0;
126 pfl->cmd = 0;
127}
128
129/* Perform a CFI query based on the bank width of the flash.
130 * If this code is called we know we have a device_width set for
131 * this flash.
132 */
133static uint32_t pflash_cfi_query(pflash_t *pfl, hwaddr offset)
134{
135 int i;
136 uint32_t resp = 0;
137 hwaddr boff;
138
139 /* Adjust incoming offset to match expected device-width
140 * addressing. CFI query addresses are always specified in terms of
141 * the maximum supported width of the device. This means that x8
142 * devices and x8/x16 devices in x8 mode behave differently. For
143 * devices that are not used at their max width, we will be
144 * provided with addresses that use higher address bits than
145 * expected (based on the max width), so we will shift them lower
146 * so that they will match the addresses used when
147 * device_width==max_device_width.
148 */
149 boff = offset >> (ctz32(pfl->bank_width) +
150 ctz32(pfl->max_device_width) - ctz32(pfl->device_width));
151
152 if (boff > pfl->cfi_len) {
153 return 0;
154 }
155 /* Now we will construct the CFI response generated by a single
156 * device, then replicate that for all devices that make up the
157 * bus. For wide parts used in x8 mode, CFI query responses
158 * are different than native byte-wide parts.
159 */
160 resp = pfl->cfi_table[boff];
161 if (pfl->device_width != pfl->max_device_width) {
162 /* The only case currently supported is x8 mode for a
163 * wider part.
164 */
165 if (pfl->device_width != 1 || pfl->bank_width > 4) {
166 DPRINTF("%s: Unsupported device configuration: "
167 "device_width=%d, max_device_width=%d\n",
168 __func__, pfl->device_width,
169 pfl->max_device_width);
170 return 0;
171 }
172 /* CFI query data is repeated, rather than zero padded for
173 * wide devices used in x8 mode.
174 */
175 for (i = 1; i < pfl->max_device_width; i++) {
176 resp = deposit32(resp, 8 * i, 8, pfl->cfi_table[boff]);
177 }
178 }
179 /* Replicate responses for each device in bank. */
180 if (pfl->device_width < pfl->bank_width) {
181 for (i = pfl->device_width;
182 i < pfl->bank_width; i += pfl->device_width) {
183 resp = deposit32(resp, 8 * i, 8 * pfl->device_width, resp);
184 }
185 }
186
187 return resp;
188}
189
190
191
192/* Perform a device id query based on the bank width of the flash. */
193static uint32_t pflash_devid_query(pflash_t *pfl, hwaddr offset)
194{
195 int i;
196 uint32_t resp;
197 hwaddr boff;
198
199 /* Adjust incoming offset to match expected device-width
200 * addressing. Device ID read addresses are always specified in
201 * terms of the maximum supported width of the device. This means
202 * that x8 devices and x8/x16 devices in x8 mode behave
203 * differently. For devices that are not used at their max width,
204 * we will be provided with addresses that use higher address bits
205 * than expected (based on the max width), so we will shift them
206 * lower so that they will match the addresses used when
207 * device_width==max_device_width.
208 */
209 boff = offset >> (ctz32(pfl->bank_width) +
210 ctz32(pfl->max_device_width) - ctz32(pfl->device_width));
211
212 /* Mask off upper bits which may be used in to query block
213 * or sector lock status at other addresses.
214 * Offsets 2/3 are block lock status, is not emulated.
215 */
216 switch (boff & 0xFF) {
217 case 0:
218 resp = pfl->ident0;
219 DPRINTF("%s: Manufacturer Code %04x\n", __func__, resp);
220 break;
221 case 1:
222 resp = pfl->ident1;
223 DPRINTF("%s: Device ID Code %04x\n", __func__, resp);
224 break;
225 default:
226 DPRINTF("%s: Read Device Information offset=%x\n", __func__,
227 (unsigned)offset);
228 return 0;
229 break;
230 }
231 /* Replicate responses for each device in bank. */
232 if (pfl->device_width < pfl->bank_width) {
233 for (i = pfl->device_width;
234 i < pfl->bank_width; i += pfl->device_width) {
235 resp = deposit32(resp, 8 * i, 8 * pfl->device_width, resp);
236 }
237 }
238
239 return resp;
240}
241
242static uint32_t pflash_data_read(pflash_t *pfl, hwaddr offset,
243 int width, int be)
244{
245 uint8_t *p;
246 uint32_t ret;
247
248 p = pfl->storage;
249 switch (width) {
250 case 1:
251 ret = p[offset];
252 DPRINTF("%s: data offset " TARGET_FMT_plx " %02x\n",
253 __func__, offset, ret);
254 break;
255 case 2:
256 if (be) {
257 ret = p[offset] << 8;
258 ret |= p[offset + 1];
259 } else {
260 ret = p[offset];
261 ret |= p[offset + 1] << 8;
262 }
263 DPRINTF("%s: data offset " TARGET_FMT_plx " %04x\n",
264 __func__, offset, ret);
265 break;
266 case 4:
267 if (be) {
268 ret = p[offset] << 24;
269 ret |= p[offset + 1] << 16;
270 ret |= p[offset + 2] << 8;
271 ret |= p[offset + 3];
272 } else {
273 ret = p[offset];
274 ret |= p[offset + 1] << 8;
275 ret |= p[offset + 2] << 16;
276 ret |= p[offset + 3] << 24;
277 }
278 DPRINTF("%s: data offset " TARGET_FMT_plx " %08x\n",
279 __func__, offset, ret);
280 break;
281 default:
282 DPRINTF("BUG in %s\n", __func__);
283 abort();
284 }
285 return ret;
286}
287
288static uint32_t pflash_read (pflash_t *pfl, hwaddr offset,
289 int width, int be)
290{
291 hwaddr boff;
292 uint32_t ret;
293
294 ret = -1;
295
296#if 0
297 DPRINTF("%s: reading offset " TARGET_FMT_plx " under cmd %02x width %d\n",
298 __func__, offset, pfl->cmd, width);
299#endif
300 switch (pfl->cmd) {
301 default:
302 /* This should never happen : reset state & treat it as a read */
303 DPRINTF("%s: unknown command state: %x\n", __func__, pfl->cmd);
304 pfl->wcycle = 0;
305 pfl->cmd = 0;
306 /* fall through to read code */
307 case 0x00:
308 /* Flash area read */
309 ret = pflash_data_read(pfl, offset, width, be);
310 break;
311 case 0x10: /* Single byte program */
312 case 0x20: /* Block erase */
313 case 0x28: /* Block erase */
314 case 0x40: /* single byte program */
315 case 0x50: /* Clear status register */
316 case 0x60: /* Block /un)lock */
317 case 0x70: /* Status Register */
318 case 0xe8: /* Write block */
319 /* Status register read. Return status from each device in
320 * bank.
321 */
322 ret = pfl->status;
323 if (pfl->device_width && width > pfl->device_width) {
324 int shift = pfl->device_width * 8;
325 while (shift + pfl->device_width * 8 <= width * 8) {
326 ret |= pfl->status << shift;
327 shift += pfl->device_width * 8;
328 }
329 } else if (!pfl->device_width && width > 2) {
330 /* Handle 32 bit flash cases where device width is not
331 * set. (Existing behavior before device width added.)
332 */
333 ret |= pfl->status << 16;
334 }
335 DPRINTF("%s: status %x\n", __func__, ret);
336 break;
337 case 0x90:
338 if (!pfl->device_width) {
339 /* Preserve old behavior if device width not specified */
340 boff = offset & 0xFF;
341 if (pfl->bank_width == 2) {
342 boff = boff >> 1;
343 } else if (pfl->bank_width == 4) {
344 boff = boff >> 2;
345 }
346
347 switch (boff) {
348 case 0:
349 ret = pfl->ident0 << 8 | pfl->ident1;
350 DPRINTF("%s: Manufacturer Code %04x\n", __func__, ret);
351 break;
352 case 1:
353 ret = pfl->ident2 << 8 | pfl->ident3;
354 DPRINTF("%s: Device ID Code %04x\n", __func__, ret);
355 break;
356 default:
357 DPRINTF("%s: Read Device Information boff=%x\n", __func__,
358 (unsigned)boff);
359 ret = 0;
360 break;
361 }
362 } else {
363 /* If we have a read larger than the bank_width, combine multiple
364 * manufacturer/device ID queries into a single response.
365 */
366 int i;
367 for (i = 0; i < width; i += pfl->bank_width) {
368 ret = deposit32(ret, i * 8, pfl->bank_width * 8,
369 pflash_devid_query(pfl,
370 offset + i * pfl->bank_width));
371 }
372 }
373 break;
374 case 0x98: /* Query mode */
375 if (!pfl->device_width) {
376 /* Preserve old behavior if device width not specified */
377 boff = offset & 0xFF;
378 if (pfl->bank_width == 2) {
379 boff = boff >> 1;
380 } else if (pfl->bank_width == 4) {
381 boff = boff >> 2;
382 }
383
384 if (boff > pfl->cfi_len) {
385 ret = 0;
386 } else {
387 ret = pfl->cfi_table[boff];
388 }
389 } else {
390 /* If we have a read larger than the bank_width, combine multiple
391 * CFI queries into a single response.
392 */
393 int i;
394 for (i = 0; i < width; i += pfl->bank_width) {
395 ret = deposit32(ret, i * 8, pfl->bank_width * 8,
396 pflash_cfi_query(pfl,
397 offset + i * pfl->bank_width));
398 }
399 }
400
401 break;
402 }
403 return ret;
404}
405
406/* update flash content on disk */
407static void pflash_update(pflash_t *pfl, int offset,
408 int size)
409{
410 int offset_end;
411 if (pfl->blk) {
412 offset_end = offset + size;
413 /* round to sectors */
414 offset = offset >> 9;
415 offset_end = (offset_end + 511) >> 9;
416 blk_write(pfl->blk, offset, pfl->storage + (offset << 9),
417 offset_end - offset);
418 }
419}
420
421static inline void pflash_data_write(pflash_t *pfl, hwaddr offset,
422 uint32_t value, int width, int be)
423{
424 uint8_t *p = pfl->storage;
425
426 DPRINTF("%s: block write offset " TARGET_FMT_plx
427 " value %x counter %016" PRIx64 "\n",
428 __func__, offset, value, pfl->counter);
429 switch (width) {
430 case 1:
431 p[offset] = value;
432 break;
433 case 2:
434 if (be) {
435 p[offset] = value >> 8;
436 p[offset + 1] = value;
437 } else {
438 p[offset] = value;
439 p[offset + 1] = value >> 8;
440 }
441 break;
442 case 4:
443 if (be) {
444 p[offset] = value >> 24;
445 p[offset + 1] = value >> 16;
446 p[offset + 2] = value >> 8;
447 p[offset + 3] = value;
448 } else {
449 p[offset] = value;
450 p[offset + 1] = value >> 8;
451 p[offset + 2] = value >> 16;
452 p[offset + 3] = value >> 24;
453 }
454 break;
455 }
456
457}
458
459static void pflash_write(pflash_t *pfl, hwaddr offset,
460 uint32_t value, int width, int be)
461{
462 uint8_t *p;
463 uint8_t cmd;
464
465 cmd = value;
466
467 DPRINTF("%s: writing offset " TARGET_FMT_plx " value %08x width %d wcycle 0x%x\n",
468 __func__, offset, value, width, pfl->wcycle);
469
470 if (!pfl->wcycle) {
471 /* Set the device in I/O access mode */
472 memory_region_rom_device_set_romd(&pfl->mem, false);
473 }
474
475 switch (pfl->wcycle) {
476 case 0:
477 /* read mode */
478 switch (cmd) {
479 case 0x00: /* ??? */
480 goto reset_flash;
481 case 0x10: /* Single Byte Program */
482 case 0x40: /* Single Byte Program */
483 DPRINTF("%s: Single Byte Program\n", __func__);
484 break;
485 case 0x20: /* Block erase */
486 p = pfl->storage;
487 offset &= ~(pfl->sector_len - 1);
488
489 DPRINTF("%s: block erase at " TARGET_FMT_plx " bytes %x\n",
490 __func__, offset, (unsigned)pfl->sector_len);
491
492 if (!pfl->ro) {
493 memset(p + offset, 0xff, pfl->sector_len);
494 pflash_update(pfl, offset, pfl->sector_len);
495 } else {
496 pfl->status |= 0x20; /* Block erase error */
497 }
498 pfl->status |= 0x80; /* Ready! */
499 break;
500 case 0x50: /* Clear status bits */
501 DPRINTF("%s: Clear status bits\n", __func__);
502 pfl->status = 0x0;
503 goto reset_flash;
504 case 0x60: /* Block (un)lock */
505 DPRINTF("%s: Block unlock\n", __func__);
506 break;
507 case 0x70: /* Status Register */
508 DPRINTF("%s: Read status register\n", __func__);
509 pfl->cmd = cmd;
510 return;
511 case 0x90: /* Read Device ID */
512 DPRINTF("%s: Read Device information\n", __func__);
513 pfl->cmd = cmd;
514 return;
515 case 0x98: /* CFI query */
516 DPRINTF("%s: CFI query\n", __func__);
517 break;
518 case 0xe8: /* Write to buffer */
519 DPRINTF("%s: Write to buffer\n", __func__);
520 pfl->status |= 0x80; /* Ready! */
521 break;
522 case 0xf0: /* Probe for AMD flash */
523 DPRINTF("%s: Probe for AMD flash\n", __func__);
524 goto reset_flash;
525 case 0xff: /* Read array mode */
526 DPRINTF("%s: Read array mode\n", __func__);
527 goto reset_flash;
528 default:
529 goto error_flash;
530 }
531 pfl->wcycle++;
532 pfl->cmd = cmd;
533 break;
534 case 1:
535 switch (pfl->cmd) {
536 case 0x10: /* Single Byte Program */
537 case 0x40: /* Single Byte Program */
538 DPRINTF("%s: Single Byte Program\n", __func__);
539 if (!pfl->ro) {
540 pflash_data_write(pfl, offset, value, width, be);
541 pflash_update(pfl, offset, width);
542 } else {
543 pfl->status |= 0x10; /* Programming error */
544 }
545 pfl->status |= 0x80; /* Ready! */
546 pfl->wcycle = 0;
547 break;
548 case 0x20: /* Block erase */
549 case 0x28:
550 if (cmd == 0xd0) { /* confirm */
551 pfl->wcycle = 0;
552 pfl->status |= 0x80;
553 } else if (cmd == 0xff) { /* read array mode */
554 goto reset_flash;
555 } else
556 goto error_flash;
557
558 break;
559 case 0xe8:
560 /* Mask writeblock size based on device width, or bank width if
561 * device width not specified.
562 */
563 if (pfl->device_width) {
564 value = extract32(value, 0, pfl->device_width * 8);
565 } else {
566 value = extract32(value, 0, pfl->bank_width * 8);
567 }
568 DPRINTF("%s: block write of %x bytes\n", __func__, value);
569 pfl->counter = value;
570 pfl->wcycle++;
571 break;
572 case 0x60:
573 if (cmd == 0xd0) {
574 pfl->wcycle = 0;
575 pfl->status |= 0x80;
576 } else if (cmd == 0x01) {
577 pfl->wcycle = 0;
578 pfl->status |= 0x80;
579 } else if (cmd == 0xff) {
580 goto reset_flash;
581 } else {
582 DPRINTF("%s: Unknown (un)locking command\n", __func__);
583 goto reset_flash;
584 }
585 break;
586 case 0x98:
587 if (cmd == 0xff) {
588 goto reset_flash;
589 } else {
590 DPRINTF("%s: leaving query mode\n", __func__);
591 }
592 break;
593 default:
594 goto error_flash;
595 }
596 break;
597 case 2:
598 switch (pfl->cmd) {
599 case 0xe8: /* Block write */
600 if (!pfl->ro) {
601 pflash_data_write(pfl, offset, value, width, be);
602 } else {
603 pfl->status |= 0x10; /* Programming error */
604 }
605
606 pfl->status |= 0x80;
607
608 if (!pfl->counter) {
609 hwaddr mask = pfl->writeblock_size - 1;
610 mask = ~mask;
611
612 DPRINTF("%s: block write finished\n", __func__);
613 pfl->wcycle++;
614 if (!pfl->ro) {
615 /* Flush the entire write buffer onto backing storage. */
616 pflash_update(pfl, offset & mask, pfl->writeblock_size);
617 } else {
618 pfl->status |= 0x10; /* Programming error */
619 }
620 }
621
622 pfl->counter--;
623 break;
624 default:
625 goto error_flash;
626 }
627 break;
628 case 3: /* Confirm mode */
629 switch (pfl->cmd) {
630 case 0xe8: /* Block write */
631 if (cmd == 0xd0) {
632 pfl->wcycle = 0;
633 pfl->status |= 0x80;
634 } else {
635 DPRINTF("%s: unknown command for \"write block\"\n", __func__);
636 PFLASH_BUG("Write block confirm");
637 goto reset_flash;
638 }
639 break;
640 default:
641 goto error_flash;
642 }
643 break;
644 default:
645 /* Should never happen */
646 DPRINTF("%s: invalid write state\n", __func__);
647 goto reset_flash;
648 }
649 return;
650
651 error_flash:
652 qemu_log_mask(LOG_UNIMP, "%s: Unimplemented flash cmd sequence "
653 "(offset " TARGET_FMT_plx ", wcycle 0x%x cmd 0x%x value 0x%x)"
654 "\n", __func__, offset, pfl->wcycle, pfl->cmd, value);
655
656 reset_flash:
657 memory_region_rom_device_set_romd(&pfl->mem, true);
658
659 pfl->wcycle = 0;
660 pfl->cmd = 0;
661}
662
663
664static MemTxResult pflash_mem_read_with_attrs(void *opaque, hwaddr addr, uint64_t *value,
665 unsigned len, MemTxAttrs attrs)
666{
667 pflash_t *pfl = opaque;
668 bool be = !!(pfl->features & (1 << PFLASH_BE));
669
670 if ((pfl->features & (1 << PFLASH_SECURE)) && !attrs.secure) {
671 *value = pflash_data_read(opaque, addr, len, be);
672 } else {
673 *value = pflash_read(opaque, addr, len, be);
674 }
675 return MEMTX_OK;
676}
677
678static MemTxResult pflash_mem_write_with_attrs(void *opaque, hwaddr addr, uint64_t value,
679 unsigned len, MemTxAttrs attrs)
680{
681 pflash_t *pfl = opaque;
682 bool be = !!(pfl->features & (1 << PFLASH_BE));
683
684 if ((pfl->features & (1 << PFLASH_SECURE)) && !attrs.secure) {
685 return MEMTX_ERROR;
686 } else {
687 pflash_write(opaque, addr, value, len, be);
688 return MEMTX_OK;
689 }
690}
691
692static const MemoryRegionOps pflash_cfi01_ops = {
693 .read_with_attrs = pflash_mem_read_with_attrs,
694 .write_with_attrs = pflash_mem_write_with_attrs,
695 .endianness = DEVICE_NATIVE_ENDIAN,
696};
697
698static void pflash_cfi01_realize(DeviceState *dev, Error **errp)
699{
700 pflash_t *pfl = CFI_PFLASH01(dev);
701 uint64_t total_len;
702 int ret;
703 uint64_t blocks_per_device, device_len;
704 int num_devices;
705 Error *local_err = NULL;
706
707 total_len = pfl->sector_len * pfl->nb_blocs;
708
709 /* These are only used to expose the parameters of each device
710 * in the cfi_table[].
711 */
712 num_devices = pfl->device_width ? (pfl->bank_width / pfl->device_width) : 1;
713 blocks_per_device = pfl->nb_blocs / num_devices;
714 device_len = pfl->sector_len * blocks_per_device;
715
716 /* XXX: to be fixed */
717#if 0
718 if (total_len != (8 * 1024 * 1024) && total_len != (16 * 1024 * 1024) &&
719 total_len != (32 * 1024 * 1024) && total_len != (64 * 1024 * 1024))
720 return NULL;
721#endif
722
723 memory_region_init_rom_device(
724 &pfl->mem, OBJECT(dev),
725 &pflash_cfi01_ops,
726 pfl,
727 pfl->name, total_len, &local_err);
728 if (local_err) {
729 error_propagate(errp, local_err);
730 return;
731 }
732
733 vmstate_register_ram(&pfl->mem, DEVICE(pfl));
734 pfl->storage = memory_region_get_ram_ptr(&pfl->mem);
735 sysbus_init_mmio(SYS_BUS_DEVICE(dev), &pfl->mem);
736
737 if (pfl->blk) {
738 /* read the initial flash content */
739 ret = blk_read(pfl->blk, 0, pfl->storage, total_len >> 9);
740
741 if (ret < 0) {
742 vmstate_unregister_ram(&pfl->mem, DEVICE(pfl));
743 error_setg(errp, "failed to read the initial flash content");
744 return;
745 }
746 }
747
748 if (pfl->blk) {
749 pfl->ro = blk_is_read_only(pfl->blk);
750 } else {
751 pfl->ro = 0;
752 }
753
754 /* Default to devices being used at their maximum device width. This was
755 * assumed before the device_width support was added.
756 */
757 if (!pfl->max_device_width) {
758 pfl->max_device_width = pfl->device_width;
759 }
760
761 pfl->timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, pflash_timer, pfl);
762 pfl->wcycle = 0;
763 pfl->cmd = 0;
764 pfl->status = 0;
765 /* Hardcoded CFI table */
766 pfl->cfi_len = 0x52;
767 /* Standard "QRY" string */
768 pfl->cfi_table[0x10] = 'Q';
769 pfl->cfi_table[0x11] = 'R';
770 pfl->cfi_table[0x12] = 'Y';
771 /* Command set (Intel) */
772 pfl->cfi_table[0x13] = 0x01;
773 pfl->cfi_table[0x14] = 0x00;
774 /* Primary extended table address (none) */
775 pfl->cfi_table[0x15] = 0x31;
776 pfl->cfi_table[0x16] = 0x00;
777 /* Alternate command set (none) */
778 pfl->cfi_table[0x17] = 0x00;
779 pfl->cfi_table[0x18] = 0x00;
780 /* Alternate extended table (none) */
781 pfl->cfi_table[0x19] = 0x00;
782 pfl->cfi_table[0x1A] = 0x00;
783 /* Vcc min */
784 pfl->cfi_table[0x1B] = 0x45;
785 /* Vcc max */
786 pfl->cfi_table[0x1C] = 0x55;
787 /* Vpp min (no Vpp pin) */
788 pfl->cfi_table[0x1D] = 0x00;
789 /* Vpp max (no Vpp pin) */
790 pfl->cfi_table[0x1E] = 0x00;
791 /* Reserved */
792 pfl->cfi_table[0x1F] = 0x07;
793 /* Timeout for min size buffer write */
794 pfl->cfi_table[0x20] = 0x07;
795 /* Typical timeout for block erase */
796 pfl->cfi_table[0x21] = 0x0a;
797 /* Typical timeout for full chip erase (4096 ms) */
798 pfl->cfi_table[0x22] = 0x00;
799 /* Reserved */
800 pfl->cfi_table[0x23] = 0x04;
801 /* Max timeout for buffer write */
802 pfl->cfi_table[0x24] = 0x04;
803 /* Max timeout for block erase */
804 pfl->cfi_table[0x25] = 0x04;
805 /* Max timeout for chip erase */
806 pfl->cfi_table[0x26] = 0x00;
807 /* Device size */
808 pfl->cfi_table[0x27] = ctz32(device_len); /* + 1; */
809 /* Flash device interface (8 & 16 bits) */
810 pfl->cfi_table[0x28] = 0x02;
811 pfl->cfi_table[0x29] = 0x00;
812 /* Max number of bytes in multi-bytes write */
813 if (pfl->bank_width == 1) {
814 pfl->cfi_table[0x2A] = 0x08;
815 } else {
816 pfl->cfi_table[0x2A] = 0x0B;
817 }
818 pfl->writeblock_size = 1 << pfl->cfi_table[0x2A];
819
820 pfl->cfi_table[0x2B] = 0x00;
821 /* Number of erase block regions (uniform) */
822 pfl->cfi_table[0x2C] = 0x01;
823 /* Erase block region 1 */
824 pfl->cfi_table[0x2D] = blocks_per_device - 1;
825 pfl->cfi_table[0x2E] = (blocks_per_device - 1) >> 8;
826 pfl->cfi_table[0x2F] = pfl->sector_len >> 8;
827 pfl->cfi_table[0x30] = pfl->sector_len >> 16;
828
829 /* Extended */
830 pfl->cfi_table[0x31] = 'P';
831 pfl->cfi_table[0x32] = 'R';
832 pfl->cfi_table[0x33] = 'I';
833
834 pfl->cfi_table[0x34] = '1';
835 pfl->cfi_table[0x35] = '0';
836
837 pfl->cfi_table[0x36] = 0x00;
838 pfl->cfi_table[0x37] = 0x00;
839 pfl->cfi_table[0x38] = 0x00;
840 pfl->cfi_table[0x39] = 0x00;
841
842 pfl->cfi_table[0x3a] = 0x00;
843
844 pfl->cfi_table[0x3b] = 0x00;
845 pfl->cfi_table[0x3c] = 0x00;
846
847 pfl->cfi_table[0x3f] = 0x01; /* Number of protection fields */
848}
849
850static Property pflash_cfi01_properties[] = {
851 DEFINE_PROP_DRIVE("drive", struct pflash_t, blk),
852 /* num-blocks is the number of blocks actually visible to the guest,
853 * ie the total size of the device divided by the sector length.
854 * If we're emulating flash devices wired in parallel the actual
855 * number of blocks per indvidual device will differ.
856 */
857 DEFINE_PROP_UINT32("num-blocks", struct pflash_t, nb_blocs, 0),
858 DEFINE_PROP_UINT64("sector-length", struct pflash_t, sector_len, 0),
859 /* width here is the overall width of this QEMU device in bytes.
860 * The QEMU device may be emulating a number of flash devices
861 * wired up in parallel; the width of each individual flash
862 * device should be specified via device-width. If the individual
863 * devices have a maximum width which is greater than the width
864 * they are being used for, this maximum width should be set via
865 * max-device-width (which otherwise defaults to device-width).
866 * So for instance a 32-bit wide QEMU flash device made from four
867 * 16-bit flash devices used in 8-bit wide mode would be configured
868 * with width = 4, device-width = 1, max-device-width = 2.
869 *
870 * If device-width is not specified we default to backwards
871 * compatible behaviour which is a bad emulation of two
872 * 16 bit devices making up a 32 bit wide QEMU device. This
873 * is deprecated for new uses of this device.
874 */
875 DEFINE_PROP_UINT8("width", struct pflash_t, bank_width, 0),
876 DEFINE_PROP_UINT8("device-width", struct pflash_t, device_width, 0),
877 DEFINE_PROP_UINT8("max-device-width", struct pflash_t, max_device_width, 0),
878 DEFINE_PROP_BIT("big-endian", struct pflash_t, features, PFLASH_BE, 0),
879 DEFINE_PROP_BIT("secure", struct pflash_t, features, PFLASH_SECURE, 0),
880 DEFINE_PROP_UINT16("id0", struct pflash_t, ident0, 0),
881 DEFINE_PROP_UINT16("id1", struct pflash_t, ident1, 0),
882 DEFINE_PROP_UINT16("id2", struct pflash_t, ident2, 0),
883 DEFINE_PROP_UINT16("id3", struct pflash_t, ident3, 0),
884 DEFINE_PROP_STRING("name", struct pflash_t, name),
885 DEFINE_PROP_END_OF_LIST(),
886};
887
888static void pflash_cfi01_class_init(ObjectClass *klass, void *data)
889{
890 DeviceClass *dc = DEVICE_CLASS(klass);
891
892 dc->realize = pflash_cfi01_realize;
893 dc->props = pflash_cfi01_properties;
894 dc->vmsd = &vmstate_pflash;
895 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
896}
897
898
899static const TypeInfo pflash_cfi01_info = {
900 .name = TYPE_CFI_PFLASH01,
901 .parent = TYPE_SYS_BUS_DEVICE,
902 .instance_size = sizeof(struct pflash_t),
903 .class_init = pflash_cfi01_class_init,
904};
905
906static void pflash_cfi01_register_types(void)
907{
908 type_register_static(&pflash_cfi01_info);
909}
910
911type_init(pflash_cfi01_register_types)
912
913pflash_t *pflash_cfi01_register(hwaddr base,
914 DeviceState *qdev, const char *name,
915 hwaddr size,
916 BlockBackend *blk,
917 uint32_t sector_len, int nb_blocs,
918 int bank_width, uint16_t id0, uint16_t id1,
919 uint16_t id2, uint16_t id3, int be)
920{
921 DeviceState *dev = qdev_create(NULL, TYPE_CFI_PFLASH01);
922
923 if (blk) {
924 qdev_prop_set_drive(dev, "drive", blk, &error_abort);
925 }
926 qdev_prop_set_uint32(dev, "num-blocks", nb_blocs);
927 qdev_prop_set_uint64(dev, "sector-length", sector_len);
928 qdev_prop_set_uint8(dev, "width", bank_width);
929 qdev_prop_set_bit(dev, "big-endian", !!be);
930 qdev_prop_set_uint16(dev, "id0", id0);
931 qdev_prop_set_uint16(dev, "id1", id1);
932 qdev_prop_set_uint16(dev, "id2", id2);
933 qdev_prop_set_uint16(dev, "id3", id3);
934 qdev_prop_set_string(dev, "name", name);
935 qdev_init_nofail(dev);
936
937 sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, base);
938 return CFI_PFLASH01(dev);
939}
940
941MemoryRegion *pflash_cfi01_get_memory(pflash_t *fl)
942{
943 return &fl->mem;
944}
945
946static int pflash_post_load(void *opaque, int version_id)
947{
948 pflash_t *pfl = opaque;
949
950 if (!pfl->ro) {
951 DPRINTF("%s: updating bdrv for %s\n", __func__, pfl->name);
952 pflash_update(pfl, 0, pfl->sector_len * pfl->nb_blocs);
953 }
954 return 0;
955}
QEMU mirror