]> git.proxmox.com Git - qemu.git/blob - hw/block/onenand.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
hw: move block devices to hw/block/, configure via default-configs/
[qemu.git] / hw / block / onenand.c
1 /*
2 * OneNAND flash memories emulation.
3 *
4 * Copyright (C) 2008 Nokia Corporation
5 * Written by Andrzej Zaborowski <andrew@openedhand.com>
6 *
7 * This program is free software; you can redistribute it and/or
8 * modify it under the terms of the GNU General Public License as
9 * published by the Free Software Foundation; either version 2 or
10 * (at your option) version 3 of the License.
11 *
12 * This program is distributed in the hope that it will be useful,
13 * but WITHOUT ANY WARRANTY; without even the implied warranty of
14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 * GNU General Public License for more details.
16 *
17 * You should have received a copy of the GNU General Public License along
18 * with this program; if not, see <http://www.gnu.org/licenses/>.
19 */
20
21 #include "qemu-common.h"
22 #include "hw/hw.h"
23 #include "hw/block/flash.h"
24 #include "hw/irq.h"
25 #include "sysemu/blockdev.h"
26 #include "exec/memory.h"
27 #include "exec/address-spaces.h"
28 #include "hw/sysbus.h"
29 #include "qemu/error-report.h"
30
31 /* 11 for 2kB-page OneNAND ("2nd generation") and 10 for 1kB-page chips */
32 #define PAGE_SHIFT 11
33
34 /* Fixed */
35 #define BLOCK_SHIFT (PAGE_SHIFT + 6)
36
37 typedef struct {
38 SysBusDevice busdev;
39 struct {
40 uint16_t man;
41 uint16_t dev;
42 uint16_t ver;
43 } id;
44 int shift;
45 hwaddr base;
46 qemu_irq intr;
47 qemu_irq rdy;
48 BlockDriverState *bdrv;
49 BlockDriverState *bdrv_cur;
50 uint8_t *image;
51 uint8_t *otp;
52 uint8_t *current;
53 MemoryRegion ram;
54 MemoryRegion mapped_ram;
55 uint8_t current_direction;
56 uint8_t *boot[2];
57 uint8_t *data[2][2];
58 MemoryRegion iomem;
59 MemoryRegion container;
60 int cycle;
61 int otpmode;
62
63 uint16_t addr[8];
64 uint16_t unladdr[8];
65 int bufaddr;
66 int count;
67 uint16_t command;
68 uint16_t config[2];
69 uint16_t status;
70 uint16_t intstatus;
71 uint16_t wpstatus;
72
73 ECCState ecc;
74
75 int density_mask;
76 int secs;
77 int secs_cur;
78 int blocks;
79 uint8_t *blockwp;
80 } OneNANDState;
81
82 enum {
83 ONEN_BUF_BLOCK = 0,
84 ONEN_BUF_BLOCK2 = 1,
85 ONEN_BUF_DEST_BLOCK = 2,
86 ONEN_BUF_DEST_PAGE = 3,
87 ONEN_BUF_PAGE = 7,
88 };
89
90 enum {
91 ONEN_ERR_CMD = 1 << 10,
92 ONEN_ERR_ERASE = 1 << 11,
93 ONEN_ERR_PROG = 1 << 12,
94 ONEN_ERR_LOAD = 1 << 13,
95 };
96
97 enum {
98 ONEN_INT_RESET = 1 << 4,
99 ONEN_INT_ERASE = 1 << 5,
100 ONEN_INT_PROG = 1 << 6,
101 ONEN_INT_LOAD = 1 << 7,
102 ONEN_INT = 1 << 15,
103 };
104
105 enum {
106 ONEN_LOCK_LOCKTIGHTEN = 1 << 0,
107 ONEN_LOCK_LOCKED = 1 << 1,
108 ONEN_LOCK_UNLOCKED = 1 << 2,
109 };
110
111 static void onenand_mem_setup(OneNANDState *s)
112 {
113 /* XXX: We should use IO_MEM_ROMD but we broke it earlier...
114 * Both 0x0000 ... 0x01ff and 0x8000 ... 0x800f can be used to
115 * write boot commands. Also take note of the BWPS bit. */
116 memory_region_init(&s->container, "onenand", 0x10000 << s->shift);
117 memory_region_add_subregion(&s->container, 0, &s->iomem);
118 memory_region_init_alias(&s->mapped_ram, "onenand-mapped-ram",
119 &s->ram, 0x0200 << s->shift,
120 0xbe00 << s->shift);
121 memory_region_add_subregion_overlap(&s->container,
122 0x0200 << s->shift,
123 &s->mapped_ram,
124 1);
125 }
126
127 static void onenand_intr_update(OneNANDState *s)
128 {
129 qemu_set_irq(s->intr, ((s->intstatus >> 15) ^ (~s->config[0] >> 6)) & 1);
130 }
131
132 static void onenand_pre_save(void *opaque)
133 {
134 OneNANDState *s = opaque;
135 if (s->current == s->otp) {
136 s->current_direction = 1;
137 } else if (s->current == s->image) {
138 s->current_direction = 2;
139 } else {
140 s->current_direction = 0;
141 }
142 }
143
144 static int onenand_post_load(void *opaque, int version_id)
145 {
146 OneNANDState *s = opaque;
147 switch (s->current_direction) {
148 case 0:
149 break;
150 case 1:
151 s->current = s->otp;
152 break;
153 case 2:
154 s->current = s->image;
155 break;
156 default:
157 return -1;
158 }
159 onenand_intr_update(s);
160 return 0;
161 }
162
163 static const VMStateDescription vmstate_onenand = {
164 .name = "onenand",
165 .version_id = 1,
166 .minimum_version_id = 1,
167 .minimum_version_id_old = 1,
168 .pre_save = onenand_pre_save,
169 .post_load = onenand_post_load,
170 .fields = (VMStateField[]) {
171 VMSTATE_UINT8(current_direction, OneNANDState),
172 VMSTATE_INT32(cycle, OneNANDState),
173 VMSTATE_INT32(otpmode, OneNANDState),
174 VMSTATE_UINT16_ARRAY(addr, OneNANDState, 8),
175 VMSTATE_UINT16_ARRAY(unladdr, OneNANDState, 8),
176 VMSTATE_INT32(bufaddr, OneNANDState),
177 VMSTATE_INT32(count, OneNANDState),
178 VMSTATE_UINT16(command, OneNANDState),
179 VMSTATE_UINT16_ARRAY(config, OneNANDState, 2),
180 VMSTATE_UINT16(status, OneNANDState),
181 VMSTATE_UINT16(intstatus, OneNANDState),
182 VMSTATE_UINT16(wpstatus, OneNANDState),
183 VMSTATE_INT32(secs_cur, OneNANDState),
184 VMSTATE_PARTIAL_VBUFFER(blockwp, OneNANDState, blocks),
185 VMSTATE_UINT8(ecc.cp, OneNANDState),
186 VMSTATE_UINT16_ARRAY(ecc.lp, OneNANDState, 2),
187 VMSTATE_UINT16(ecc.count, OneNANDState),
188 VMSTATE_BUFFER_POINTER_UNSAFE(otp, OneNANDState, 0,
189 ((64 + 2) << PAGE_SHIFT)),
190 VMSTATE_END_OF_LIST()
191 }
192 };
193
194 /* Hot reset (Reset OneNAND command) or warm reset (RP pin low) */
195 static void onenand_reset(OneNANDState *s, int cold)
196 {
197 memset(&s->addr, 0, sizeof(s->addr));
198 s->command = 0;
199 s->count = 1;
200 s->bufaddr = 0;
201 s->config[0] = 0x40c0;
202 s->config[1] = 0x0000;
203 onenand_intr_update(s);
204 qemu_irq_raise(s->rdy);
205 s->status = 0x0000;
206 s->intstatus = cold ? 0x8080 : 0x8010;
207 s->unladdr[0] = 0;
208 s->unladdr[1] = 0;
209 s->wpstatus = 0x0002;
210 s->cycle = 0;
211 s->otpmode = 0;
212 s->bdrv_cur = s->bdrv;
213 s->current = s->image;
214 s->secs_cur = s->secs;
215
216 if (cold) {
217 /* Lock the whole flash */
218 memset(s->blockwp, ONEN_LOCK_LOCKED, s->blocks);
219
220 if (s->bdrv_cur && bdrv_read(s->bdrv_cur, 0, s->boot[0], 8) < 0) {
221 hw_error("%s: Loading the BootRAM failed.\n", __func__);
222 }
223 }
224 }
225
226 static void onenand_system_reset(DeviceState *dev)
227 {
228 onenand_reset(FROM_SYSBUS(OneNANDState, SYS_BUS_DEVICE(dev)), 1);
229 }
230
231 static inline int onenand_load_main(OneNANDState *s, int sec, int secn,
232 void *dest)
233 {
234 if (s->bdrv_cur)
235 return bdrv_read(s->bdrv_cur, sec, dest, secn) < 0;
236 else if (sec + secn > s->secs_cur)
237 return 1;
238
239 memcpy(dest, s->current + (sec << 9), secn << 9);
240
241 return 0;
242 }
243
244 static inline int onenand_prog_main(OneNANDState *s, int sec, int secn,
245 void *src)
246 {
247 int result = 0;
248
249 if (secn > 0) {
250 uint32_t size = (uint32_t)secn * 512;
251 const uint8_t *sp = (const uint8_t *)src;
252 uint8_t *dp = 0;
253 if (s->bdrv_cur) {
254 dp = g_malloc(size);
255 if (!dp || bdrv_read(s->bdrv_cur, sec, dp, secn) < 0) {
256 result = 1;
257 }
258 } else {
259 if (sec + secn > s->secs_cur) {
260 result = 1;
261 } else {
262 dp = (uint8_t *)s->current + (sec << 9);
263 }
264 }
265 if (!result) {
266 uint32_t i;
267 for (i = 0; i < size; i++) {
268 dp[i] &= sp[i];
269 }
270 if (s->bdrv_cur) {
271 result = bdrv_write(s->bdrv_cur, sec, dp, secn) < 0;
272 }
273 }
274 if (dp && s->bdrv_cur) {
275 g_free(dp);
276 }
277 }
278
279 return result;
280 }
281
282 static inline int onenand_load_spare(OneNANDState *s, int sec, int secn,
283 void *dest)
284 {
285 uint8_t buf[512];
286
287 if (s->bdrv_cur) {
288 if (bdrv_read(s->bdrv_cur, s->secs_cur + (sec >> 5), buf, 1) < 0)
289 return 1;
290 memcpy(dest, buf + ((sec & 31) << 4), secn << 4);
291 } else if (sec + secn > s->secs_cur)
292 return 1;
293 else
294 memcpy(dest, s->current + (s->secs_cur << 9) + (sec << 4), secn << 4);
295
296 return 0;
297 }
298
299 static inline int onenand_prog_spare(OneNANDState *s, int sec, int secn,
300 void *src)
301 {
302 int result = 0;
303 if (secn > 0) {
304 const uint8_t *sp = (const uint8_t *)src;
305 uint8_t *dp = 0, *dpp = 0;
306 if (s->bdrv_cur) {
307 dp = g_malloc(512);
308 if (!dp || bdrv_read(s->bdrv_cur,
309 s->secs_cur + (sec >> 5),
310 dp, 1) < 0) {
311 result = 1;
312 } else {
313 dpp = dp + ((sec & 31) << 4);
314 }
315 } else {
316 if (sec + secn > s->secs_cur) {
317 result = 1;
318 } else {
319 dpp = s->current + (s->secs_cur << 9) + (sec << 4);
320 }
321 }
322 if (!result) {
323 uint32_t i;
324 for (i = 0; i < (secn << 4); i++) {
325 dpp[i] &= sp[i];
326 }
327 if (s->bdrv_cur) {
328 result = bdrv_write(s->bdrv_cur, s->secs_cur + (sec >> 5),
329 dp, 1) < 0;
330 }
331 }
332 if (dp) {
333 g_free(dp);
334 }
335 }
336 return result;
337 }
338
339 static inline int onenand_erase(OneNANDState *s, int sec, int num)
340 {
341 uint8_t *blankbuf, *tmpbuf;
342 blankbuf = g_malloc(512);
343 if (!blankbuf) {
344 return 1;
345 }
346 tmpbuf = g_malloc(512);
347 if (!tmpbuf) {
348 g_free(blankbuf);
349 return 1;
350 }
351 memset(blankbuf, 0xff, 512);
352 for (; num > 0; num--, sec++) {
353 if (s->bdrv_cur) {
354 int erasesec = s->secs_cur + (sec >> 5);
355 if (bdrv_write(s->bdrv_cur, sec, blankbuf, 1) < 0) {
356 goto fail;
357 }
358 if (bdrv_read(s->bdrv_cur, erasesec, tmpbuf, 1) < 0) {
359 goto fail;
360 }
361 memcpy(tmpbuf + ((sec & 31) << 4), blankbuf, 1 << 4);
362 if (bdrv_write(s->bdrv_cur, erasesec, tmpbuf, 1) < 0) {
363 goto fail;
364 }
365 } else {
366 if (sec + 1 > s->secs_cur) {
367 goto fail;
368 }
369 memcpy(s->current + (sec << 9), blankbuf, 512);
370 memcpy(s->current + (s->secs_cur << 9) + (sec << 4),
371 blankbuf, 1 << 4);
372 }
373 }
374
375 g_free(tmpbuf);
376 g_free(blankbuf);
377 return 0;
378
379 fail:
380 g_free(tmpbuf);
381 g_free(blankbuf);
382 return 1;
383 }
384
385 static void onenand_command(OneNANDState *s)
386 {
387 int b;
388 int sec;
389 void *buf;
390 #define SETADDR(block, page) \
391 sec = (s->addr[page] & 3) + \
392 ((((s->addr[page] >> 2) & 0x3f) + \
393 (((s->addr[block] & 0xfff) | \
394 (s->addr[block] >> 15 ? \
395 s->density_mask : 0)) << 6)) << (PAGE_SHIFT - 9));
396 #define SETBUF_M() \
397 buf = (s->bufaddr & 8) ? \
398 s->data[(s->bufaddr >> 2) & 1][0] : s->boot[0]; \
399 buf += (s->bufaddr & 3) << 9;
400 #define SETBUF_S() \
401 buf = (s->bufaddr & 8) ? \
402 s->data[(s->bufaddr >> 2) & 1][1] : s->boot[1]; \
403 buf += (s->bufaddr & 3) << 4;
404
405 switch (s->command) {
406 case 0x00: /* Load single/multiple sector data unit into buffer */
407 SETADDR(ONEN_BUF_BLOCK, ONEN_BUF_PAGE)
408
409 SETBUF_M()
410 if (onenand_load_main(s, sec, s->count, buf))
411 s->status |= ONEN_ERR_CMD | ONEN_ERR_LOAD;
412
413 #if 0
414 SETBUF_S()
415 if (onenand_load_spare(s, sec, s->count, buf))
416 s->status |= ONEN_ERR_CMD | ONEN_ERR_LOAD;
417 #endif
418
419 /* TODO: if (s->bufaddr & 3) + s->count was > 4 (2k-pages)
420 * or if (s->bufaddr & 1) + s->count was > 2 (1k-pages)
421 * then we need two split the read/write into two chunks.
422 */
423 s->intstatus |= ONEN_INT | ONEN_INT_LOAD;
424 break;
425 case 0x13: /* Load single/multiple spare sector into buffer */
426 SETADDR(ONEN_BUF_BLOCK, ONEN_BUF_PAGE)
427
428 SETBUF_S()
429 if (onenand_load_spare(s, sec, s->count, buf))
430 s->status |= ONEN_ERR_CMD | ONEN_ERR_LOAD;
431
432 /* TODO: if (s->bufaddr & 3) + s->count was > 4 (2k-pages)
433 * or if (s->bufaddr & 1) + s->count was > 2 (1k-pages)
434 * then we need two split the read/write into two chunks.
435 */
436 s->intstatus |= ONEN_INT | ONEN_INT_LOAD;
437 break;
438 case 0x80: /* Program single/multiple sector data unit from buffer */
439 SETADDR(ONEN_BUF_BLOCK, ONEN_BUF_PAGE)
440
441 SETBUF_M()
442 if (onenand_prog_main(s, sec, s->count, buf))
443 s->status |= ONEN_ERR_CMD | ONEN_ERR_PROG;
444
445 #if 0
446 SETBUF_S()
447 if (onenand_prog_spare(s, sec, s->count, buf))
448 s->status |= ONEN_ERR_CMD | ONEN_ERR_PROG;
449 #endif
450
451 /* TODO: if (s->bufaddr & 3) + s->count was > 4 (2k-pages)
452 * or if (s->bufaddr & 1) + s->count was > 2 (1k-pages)
453 * then we need two split the read/write into two chunks.
454 */
455 s->intstatus |= ONEN_INT | ONEN_INT_PROG;
456 break;
457 case 0x1a: /* Program single/multiple spare area sector from buffer */
458 SETADDR(ONEN_BUF_BLOCK, ONEN_BUF_PAGE)
459
460 SETBUF_S()
461 if (onenand_prog_spare(s, sec, s->count, buf))
462 s->status |= ONEN_ERR_CMD | ONEN_ERR_PROG;
463
464 /* TODO: if (s->bufaddr & 3) + s->count was > 4 (2k-pages)
465 * or if (s->bufaddr & 1) + s->count was > 2 (1k-pages)
466 * then we need two split the read/write into two chunks.
467 */
468 s->intstatus |= ONEN_INT | ONEN_INT_PROG;
469 break;
470 case 0x1b: /* Copy-back program */
471 SETBUF_S()
472
473 SETADDR(ONEN_BUF_BLOCK, ONEN_BUF_PAGE)
474 if (onenand_load_main(s, sec, s->count, buf))
475 s->status |= ONEN_ERR_CMD | ONEN_ERR_PROG;
476
477 SETADDR(ONEN_BUF_DEST_BLOCK, ONEN_BUF_DEST_PAGE)
478 if (onenand_prog_main(s, sec, s->count, buf))
479 s->status |= ONEN_ERR_CMD | ONEN_ERR_PROG;
480
481 /* TODO: spare areas */
482
483 s->intstatus |= ONEN_INT | ONEN_INT_PROG;
484 break;
485
486 case 0x23: /* Unlock NAND array block(s) */
487 s->intstatus |= ONEN_INT;
488
489 /* XXX the previous (?) area should be locked automatically */
490 for (b = s->unladdr[0]; b <= s->unladdr[1]; b ++) {
491 if (b >= s->blocks) {
492 s->status |= ONEN_ERR_CMD;
493 break;
494 }
495 if (s->blockwp[b] == ONEN_LOCK_LOCKTIGHTEN)
496 break;
497
498 s->wpstatus = s->blockwp[b] = ONEN_LOCK_UNLOCKED;
499 }
500 break;
501 case 0x27: /* Unlock All NAND array blocks */
502 s->intstatus |= ONEN_INT;
503
504 for (b = 0; b < s->blocks; b ++) {
505 if (b >= s->blocks) {
506 s->status |= ONEN_ERR_CMD;
507 break;
508 }
509 if (s->blockwp[b] == ONEN_LOCK_LOCKTIGHTEN)
510 break;
511
512 s->wpstatus = s->blockwp[b] = ONEN_LOCK_UNLOCKED;
513 }
514 break;
515
516 case 0x2a: /* Lock NAND array block(s) */
517 s->intstatus |= ONEN_INT;
518
519 for (b = s->unladdr[0]; b <= s->unladdr[1]; b ++) {
520 if (b >= s->blocks) {
521 s->status |= ONEN_ERR_CMD;
522 break;
523 }
524 if (s->blockwp[b] == ONEN_LOCK_LOCKTIGHTEN)
525 break;
526
527 s->wpstatus = s->blockwp[b] = ONEN_LOCK_LOCKED;
528 }
529 break;
530 case 0x2c: /* Lock-tight NAND array block(s) */
531 s->intstatus |= ONEN_INT;
532
533 for (b = s->unladdr[0]; b <= s->unladdr[1]; b ++) {
534 if (b >= s->blocks) {
535 s->status |= ONEN_ERR_CMD;
536 break;
537 }
538 if (s->blockwp[b] == ONEN_LOCK_UNLOCKED)
539 continue;
540
541 s->wpstatus = s->blockwp[b] = ONEN_LOCK_LOCKTIGHTEN;
542 }
543 break;
544
545 case 0x71: /* Erase-Verify-Read */
546 s->intstatus |= ONEN_INT;
547 break;
548 case 0x95: /* Multi-block erase */
549 qemu_irq_pulse(s->intr);
550 /* Fall through. */
551 case 0x94: /* Block erase */
552 sec = ((s->addr[ONEN_BUF_BLOCK] & 0xfff) |
553 (s->addr[ONEN_BUF_BLOCK] >> 15 ? s->density_mask : 0))
554 << (BLOCK_SHIFT - 9);
555 if (onenand_erase(s, sec, 1 << (BLOCK_SHIFT - 9)))
556 s->status |= ONEN_ERR_CMD | ONEN_ERR_ERASE;
557
558 s->intstatus |= ONEN_INT | ONEN_INT_ERASE;
559 break;
560 case 0xb0: /* Erase suspend */
561 break;
562 case 0x30: /* Erase resume */
563 s->intstatus |= ONEN_INT | ONEN_INT_ERASE;
564 break;
565
566 case 0xf0: /* Reset NAND Flash core */
567 onenand_reset(s, 0);
568 break;
569 case 0xf3: /* Reset OneNAND */
570 onenand_reset(s, 0);
571 break;
572
573 case 0x65: /* OTP Access */
574 s->intstatus |= ONEN_INT;
575 s->bdrv_cur = NULL;
576 s->current = s->otp;
577 s->secs_cur = 1 << (BLOCK_SHIFT - 9);
578 s->addr[ONEN_BUF_BLOCK] = 0;
579 s->otpmode = 1;
580 break;
581
582 default:
583 s->status |= ONEN_ERR_CMD;
584 s->intstatus |= ONEN_INT;
585 fprintf(stderr, "%s: unknown OneNAND command %x\n",
586 __func__, s->command);
587 }
588
589 onenand_intr_update(s);
590 }
591
592 static uint64_t onenand_read(void *opaque, hwaddr addr,
593 unsigned size)
594 {
595 OneNANDState *s = (OneNANDState *) opaque;
596 int offset = addr >> s->shift;
597
598 switch (offset) {
599 case 0x0000 ... 0xc000:
600 return lduw_le_p(s->boot[0] + addr);
601
602 case 0xf000: /* Manufacturer ID */
603 return s->id.man;
604 case 0xf001: /* Device ID */
605 return s->id.dev;
606 case 0xf002: /* Version ID */
607 return s->id.ver;
608 /* TODO: get the following values from a real chip! */
609 case 0xf003: /* Data Buffer size */
610 return 1 << PAGE_SHIFT;
611 case 0xf004: /* Boot Buffer size */
612 return 0x200;
613 case 0xf005: /* Amount of buffers */
614 return 1 | (2 << 8);
615 case 0xf006: /* Technology */
616 return 0;
617
618 case 0xf100 ... 0xf107: /* Start addresses */
619 return s->addr[offset - 0xf100];
620
621 case 0xf200: /* Start buffer */
622 return (s->bufaddr << 8) | ((s->count - 1) & (1 << (PAGE_SHIFT - 10)));
623
624 case 0xf220: /* Command */
625 return s->command;
626 case 0xf221: /* System Configuration 1 */
627 return s->config[0] & 0xffe0;
628 case 0xf222: /* System Configuration 2 */
629 return s->config[1];
630
631 case 0xf240: /* Controller Status */
632 return s->status;
633 case 0xf241: /* Interrupt */
634 return s->intstatus;
635 case 0xf24c: /* Unlock Start Block Address */
636 return s->unladdr[0];
637 case 0xf24d: /* Unlock End Block Address */
638 return s->unladdr[1];
639 case 0xf24e: /* Write Protection Status */
640 return s->wpstatus;
641
642 case 0xff00: /* ECC Status */
643 return 0x00;
644 case 0xff01: /* ECC Result of main area data */
645 case 0xff02: /* ECC Result of spare area data */
646 case 0xff03: /* ECC Result of main area data */
647 case 0xff04: /* ECC Result of spare area data */
648 hw_error("%s: imeplement ECC\n", __FUNCTION__);
649 return 0x0000;
650 }
651
652 fprintf(stderr, "%s: unknown OneNAND register %x\n",
653 __FUNCTION__, offset);
654 return 0;
655 }
656
657 static void onenand_write(void *opaque, hwaddr addr,
658 uint64_t value, unsigned size)
659 {
660 OneNANDState *s = (OneNANDState *) opaque;
661 int offset = addr >> s->shift;
662 int sec;
663
664 switch (offset) {
665 case 0x0000 ... 0x01ff:
666 case 0x8000 ... 0x800f:
667 if (s->cycle) {
668 s->cycle = 0;
669
670 if (value == 0x0000) {
671 SETADDR(ONEN_BUF_BLOCK, ONEN_BUF_PAGE)
672 onenand_load_main(s, sec,
673 1 << (PAGE_SHIFT - 9), s->data[0][0]);
674 s->addr[ONEN_BUF_PAGE] += 4;
675 s->addr[ONEN_BUF_PAGE] &= 0xff;
676 }
677 break;
678 }
679
680 switch (value) {
681 case 0x00f0: /* Reset OneNAND */
682 onenand_reset(s, 0);
683 break;
684
685 case 0x00e0: /* Load Data into Buffer */
686 s->cycle = 1;
687 break;
688
689 case 0x0090: /* Read Identification Data */
690 memset(s->boot[0], 0, 3 << s->shift);
691 s->boot[0][0 << s->shift] = s->id.man & 0xff;
692 s->boot[0][1 << s->shift] = s->id.dev & 0xff;
693 s->boot[0][2 << s->shift] = s->wpstatus & 0xff;
694 break;
695
696 default:
697 fprintf(stderr, "%s: unknown OneNAND boot command %"PRIx64"\n",
698 __FUNCTION__, value);
699 }
700 break;
701
702 case 0xf100 ... 0xf107: /* Start addresses */
703 s->addr[offset - 0xf100] = value;
704 break;
705
706 case 0xf200: /* Start buffer */
707 s->bufaddr = (value >> 8) & 0xf;
708 if (PAGE_SHIFT == 11)
709 s->count = (value & 3) ?: 4;
710 else if (PAGE_SHIFT == 10)
711 s->count = (value & 1) ?: 2;
712 break;
713
714 case 0xf220: /* Command */
715 if (s->intstatus & (1 << 15))
716 break;
717 s->command = value;
718 onenand_command(s);
719 break;
720 case 0xf221: /* System Configuration 1 */
721 s->config[0] = value;
722 onenand_intr_update(s);
723 qemu_set_irq(s->rdy, (s->config[0] >> 7) & 1);
724 break;
725 case 0xf222: /* System Configuration 2 */
726 s->config[1] = value;
727 break;
728
729 case 0xf241: /* Interrupt */
730 s->intstatus &= value;
731 if ((1 << 15) & ~s->intstatus)
732 s->status &= ~(ONEN_ERR_CMD | ONEN_ERR_ERASE |
733 ONEN_ERR_PROG | ONEN_ERR_LOAD);
734 onenand_intr_update(s);
735 break;
736 case 0xf24c: /* Unlock Start Block Address */
737 s->unladdr[0] = value & (s->blocks - 1);
738 /* For some reason we have to set the end address to by default
739 * be same as start because the software forgets to write anything
740 * in there. */
741 s->unladdr[1] = value & (s->blocks - 1);
742 break;
743 case 0xf24d: /* Unlock End Block Address */
744 s->unladdr[1] = value & (s->blocks - 1);
745 break;
746
747 default:
748 fprintf(stderr, "%s: unknown OneNAND register %x\n",
749 __FUNCTION__, offset);
750 }
751 }
752
753 static const MemoryRegionOps onenand_ops = {
754 .read = onenand_read,
755 .write = onenand_write,
756 .endianness = DEVICE_NATIVE_ENDIAN,
757 };
758
759 static int onenand_initfn(SysBusDevice *dev)
760 {
761 OneNANDState *s = (OneNANDState *)dev;
762 uint32_t size = 1 << (24 + ((s->id.dev >> 4) & 7));
763 void *ram;
764 s->base = (hwaddr)-1;
765 s->rdy = NULL;
766 s->blocks = size >> BLOCK_SHIFT;
767 s->secs = size >> 9;
768 s->blockwp = g_malloc(s->blocks);
769 s->density_mask = (s->id.dev & 0x08)
770 ? (1 << (6 + ((s->id.dev >> 4) & 7))) : 0;
771 memory_region_init_io(&s->iomem, &onenand_ops, s, "onenand",
772 0x10000 << s->shift);
773 if (!s->bdrv) {
774 s->image = memset(g_malloc(size + (size >> 5)),
775 0xff, size + (size >> 5));
776 } else {
777 if (bdrv_is_read_only(s->bdrv)) {
778 error_report("Can't use a read-only drive");
779 return -1;
780 }
781 s->bdrv_cur = s->bdrv;
782 }
783 s->otp = memset(g_malloc((64 + 2) << PAGE_SHIFT),
784 0xff, (64 + 2) << PAGE_SHIFT);
785 memory_region_init_ram(&s->ram, "onenand.ram", 0xc000 << s->shift);
786 vmstate_register_ram_global(&s->ram);
787 ram = memory_region_get_ram_ptr(&s->ram);
788 s->boot[0] = ram + (0x0000 << s->shift);
789 s->boot[1] = ram + (0x8000 << s->shift);
790 s->data[0][0] = ram + ((0x0200 + (0 << (PAGE_SHIFT - 1))) << s->shift);
791 s->data[0][1] = ram + ((0x8010 + (0 << (PAGE_SHIFT - 6))) << s->shift);
792 s->data[1][0] = ram + ((0x0200 + (1 << (PAGE_SHIFT - 1))) << s->shift);
793 s->data[1][1] = ram + ((0x8010 + (1 << (PAGE_SHIFT - 6))) << s->shift);
794 onenand_mem_setup(s);
795 sysbus_init_irq(dev, &s->intr);
796 sysbus_init_mmio(dev, &s->container);
797 vmstate_register(&dev->qdev,
798 ((s->shift & 0x7f) << 24)
799 | ((s->id.man & 0xff) << 16)
800 | ((s->id.dev & 0xff) << 8)
801 | (s->id.ver & 0xff),
802 &vmstate_onenand, s);
803 return 0;
804 }
805
806 static Property onenand_properties[] = {
807 DEFINE_PROP_UINT16("manufacturer_id", OneNANDState, id.man, 0),
808 DEFINE_PROP_UINT16("device_id", OneNANDState, id.dev, 0),
809 DEFINE_PROP_UINT16("version_id", OneNANDState, id.ver, 0),
810 DEFINE_PROP_INT32("shift", OneNANDState, shift, 0),
811 DEFINE_PROP_DRIVE("drive", OneNANDState, bdrv),
812 DEFINE_PROP_END_OF_LIST(),
813 };
814
815 static void onenand_class_init(ObjectClass *klass, void *data)
816 {
817 DeviceClass *dc = DEVICE_CLASS(klass);
818 SysBusDeviceClass *k = SYS_BUS_DEVICE_CLASS(klass);
819
820 k->init = onenand_initfn;
821 dc->reset = onenand_system_reset;
822 dc->props = onenand_properties;
823 }
824
825 static const TypeInfo onenand_info = {
826 .name = "onenand",
827 .parent = TYPE_SYS_BUS_DEVICE,
828 .instance_size = sizeof(OneNANDState),
829 .class_init = onenand_class_init,
830 };
831
832 static void onenand_register_types(void)
833 {
834 type_register_static(&onenand_info);
835 }
836
837 void *onenand_raw_otp(DeviceState *onenand_device)
838 {
839 return FROM_SYSBUS(OneNANDState, SYS_BUS_DEVICE(onenand_device))->otp;
840 }
841
842 type_init(onenand_register_types)
Qemu copy for testing