149ab747fSPaolo Bonzini /* 249ab747fSPaolo Bonzini * CFI parallel flash with AMD command set emulation 349ab747fSPaolo Bonzini * 449ab747fSPaolo Bonzini * Copyright (c) 2005 Jocelyn Mayer 549ab747fSPaolo Bonzini * 649ab747fSPaolo Bonzini * This library is free software; you can redistribute it and/or 749ab747fSPaolo Bonzini * modify it under the terms of the GNU Lesser General Public 849ab747fSPaolo Bonzini * License as published by the Free Software Foundation; either 93564a919SChetan Pant * version 2.1 of the License, or (at your option) any later version. 1049ab747fSPaolo Bonzini * 1149ab747fSPaolo Bonzini * This library is distributed in the hope that it will be useful, 1249ab747fSPaolo Bonzini * but WITHOUT ANY WARRANTY; without even the implied warranty of 1349ab747fSPaolo Bonzini * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 1449ab747fSPaolo Bonzini * Lesser General Public License for more details. 1549ab747fSPaolo Bonzini * 1649ab747fSPaolo Bonzini * You should have received a copy of the GNU Lesser General Public 1749ab747fSPaolo Bonzini * License along with this library; if not, see <http://www.gnu.org/licenses/>. 1849ab747fSPaolo Bonzini */ 1949ab747fSPaolo Bonzini 2049ab747fSPaolo Bonzini /* 2149ab747fSPaolo Bonzini * For now, this code can emulate flashes of 1, 2 or 4 bytes width. 2249ab747fSPaolo Bonzini * Supported commands/modes are: 2349ab747fSPaolo Bonzini * - flash read 2449ab747fSPaolo Bonzini * - flash write 2549ab747fSPaolo Bonzini * - flash ID read 2649ab747fSPaolo Bonzini * - sector erase 2749ab747fSPaolo Bonzini * - chip erase 2849ab747fSPaolo Bonzini * - unlock bypass command 2949ab747fSPaolo Bonzini * - CFI queries 3049ab747fSPaolo Bonzini * 3149ab747fSPaolo Bonzini * It does not support flash interleaving. 3249ab747fSPaolo Bonzini * It does not implement software data protection as found in many real chips 3349ab747fSPaolo Bonzini */ 3449ab747fSPaolo Bonzini 3580c71a24SPeter Maydell #include "qemu/osdep.h" 3606f15217SMarkus Armbruster #include "hw/block/block.h" 3749ab747fSPaolo Bonzini #include "hw/block/flash.h" 38a27bd6c7SMarkus Armbruster #include "hw/qdev-properties.h" 39ce35e229SEduardo Habkost #include "hw/qdev-properties-system.h" 40da34e65cSMarkus Armbruster #include "qapi/error.h" 411857b9dbSMansour Ahmadi #include "qemu/error-report.h" 42ddb6f225SStephen Checkoway #include "qemu/bitmap.h" 4349ab747fSPaolo Bonzini #include "qemu/timer.h" 444be74634SMarkus Armbruster #include "sysemu/block-backend.h" 4549ab747fSPaolo Bonzini #include "qemu/host-utils.h" 460b8fa32fSMarkus Armbruster #include "qemu/module.h" 4749ab747fSPaolo Bonzini #include "hw/sysbus.h" 48d6454270SMarkus Armbruster #include "migration/vmstate.h" 4913019f1fSPhilippe Mathieu-Daudé #include "trace.h" 5049ab747fSPaolo Bonzini 516536987fSPhilippe Mathieu-Daudé #define PFLASH_DEBUG false 5249ab747fSPaolo Bonzini #define DPRINTF(fmt, ...) \ 5349ab747fSPaolo Bonzini do { \ 546536987fSPhilippe Mathieu-Daudé if (PFLASH_DEBUG) { \ 5556f99ea1SAntony Pavlov fprintf(stderr, "PFLASH: " fmt, ## __VA_ARGS__); \ 566536987fSPhilippe Mathieu-Daudé } \ 5749ab747fSPaolo Bonzini } while (0) 5849ab747fSPaolo Bonzini 5949ab747fSPaolo Bonzini #define PFLASH_LAZY_ROMD_THRESHOLD 42 6049ab747fSPaolo Bonzini 6164659053SStephen Checkoway /* 6264659053SStephen Checkoway * The size of the cfi_table indirectly depends on this and the start of the 6364659053SStephen Checkoway * PRI table directly depends on it. 4 is the maximum size (and also what 6464659053SStephen Checkoway * seems common) without changing the PRT table address. 6564659053SStephen Checkoway */ 6664659053SStephen Checkoway #define PFLASH_MAX_ERASE_REGIONS 4 6764659053SStephen Checkoway 68aeaf6c20SPhilippe Mathieu-Daudé /* Special write cycles for CFI queries. */ 69aeaf6c20SPhilippe Mathieu-Daudé enum { 70aeaf6c20SPhilippe Mathieu-Daudé WCYCLE_CFI = 7, 7146fb7809SStephen Checkoway WCYCLE_AUTOSELECT_CFI = 8, 72aeaf6c20SPhilippe Mathieu-Daudé }; 73aeaf6c20SPhilippe Mathieu-Daudé 7416434065SMarkus Armbruster struct PFlashCFI02 { 753509c396SHu Tao /*< private >*/ 763509c396SHu Tao SysBusDevice parent_obj; 773509c396SHu Tao /*< public >*/ 783509c396SHu Tao 794be74634SMarkus Armbruster BlockBackend *blk; 8064659053SStephen Checkoway uint32_t uniform_nb_blocs; 8164659053SStephen Checkoway uint32_t uniform_sector_len; 82ddb6f225SStephen Checkoway uint32_t total_sectors; 8364659053SStephen Checkoway uint32_t nb_blocs[PFLASH_MAX_ERASE_REGIONS]; 8464659053SStephen Checkoway uint32_t sector_len[PFLASH_MAX_ERASE_REGIONS]; 8549ab747fSPaolo Bonzini uint32_t chip_len; 8649ab747fSPaolo Bonzini uint8_t mappings; 8749ab747fSPaolo Bonzini uint8_t width; 8849ab747fSPaolo Bonzini uint8_t be; 8949ab747fSPaolo Bonzini int wcycle; /* if 0, the flash is read normally */ 9049ab747fSPaolo Bonzini int bypass; 9149ab747fSPaolo Bonzini int ro; 9249ab747fSPaolo Bonzini uint8_t cmd; 9349ab747fSPaolo Bonzini uint8_t status; 9449ab747fSPaolo Bonzini /* FIXME: implement array device properties */ 9549ab747fSPaolo Bonzini uint16_t ident0; 9649ab747fSPaolo Bonzini uint16_t ident1; 9749ab747fSPaolo Bonzini uint16_t ident2; 9849ab747fSPaolo Bonzini uint16_t ident3; 9949ab747fSPaolo Bonzini uint16_t unlock_addr0; 10049ab747fSPaolo Bonzini uint16_t unlock_addr1; 10164659053SStephen Checkoway uint8_t cfi_table[0x4d]; 102d80cf1ebSStephen Checkoway QEMUTimer timer; 103ccd8014bSPhilippe Mathieu-Daudé /* 104ccd8014bSPhilippe Mathieu-Daudé * The device replicates the flash memory across its memory space. Emulate 10549ab747fSPaolo Bonzini * that by having a container (.mem) filled with an array of aliases 10649ab747fSPaolo Bonzini * (.mem_mappings) pointing to the flash memory (.orig_mem). 10749ab747fSPaolo Bonzini */ 10849ab747fSPaolo Bonzini MemoryRegion mem; 10949ab747fSPaolo Bonzini MemoryRegion *mem_mappings; /* array; one per mapping */ 11049ab747fSPaolo Bonzini MemoryRegion orig_mem; 111326d02c3SPhilippe Mathieu-Daudé bool rom_mode; 11249ab747fSPaolo Bonzini int read_counter; /* used for lazy switch-back to rom mode */ 113a50547acSStephen Checkoway int sectors_to_erase; 114ddb6f225SStephen Checkoway uint64_t erase_time_remaining; 115ddb6f225SStephen Checkoway unsigned long *sector_erase_map; 11649ab747fSPaolo Bonzini char *name; 11749ab747fSPaolo Bonzini void *storage; 11849ab747fSPaolo Bonzini }; 11949ab747fSPaolo Bonzini 12049ab747fSPaolo Bonzini /* 1211d311e73SPhilippe Mathieu-Daudé * Toggle status bit DQ7. 1221d311e73SPhilippe Mathieu-Daudé */ 1231d311e73SPhilippe Mathieu-Daudé static inline void toggle_dq7(PFlashCFI02 *pfl) 1241d311e73SPhilippe Mathieu-Daudé { 1251d311e73SPhilippe Mathieu-Daudé pfl->status ^= 0x80; 1261d311e73SPhilippe Mathieu-Daudé } 1271d311e73SPhilippe Mathieu-Daudé 1281d311e73SPhilippe Mathieu-Daudé /* 1291d311e73SPhilippe Mathieu-Daudé * Set status bit DQ7 to bit 7 of value. 1301d311e73SPhilippe Mathieu-Daudé */ 1311d311e73SPhilippe Mathieu-Daudé static inline void set_dq7(PFlashCFI02 *pfl, uint8_t value) 1321d311e73SPhilippe Mathieu-Daudé { 1331d311e73SPhilippe Mathieu-Daudé pfl->status &= 0x7F; 1341d311e73SPhilippe Mathieu-Daudé pfl->status |= value & 0x80; 1351d311e73SPhilippe Mathieu-Daudé } 1361d311e73SPhilippe Mathieu-Daudé 1371d311e73SPhilippe Mathieu-Daudé /* 1381d311e73SPhilippe Mathieu-Daudé * Toggle status bit DQ6. 1391d311e73SPhilippe Mathieu-Daudé */ 1401d311e73SPhilippe Mathieu-Daudé static inline void toggle_dq6(PFlashCFI02 *pfl) 1411d311e73SPhilippe Mathieu-Daudé { 1421d311e73SPhilippe Mathieu-Daudé pfl->status ^= 0x40; 1431d311e73SPhilippe Mathieu-Daudé } 1441d311e73SPhilippe Mathieu-Daudé 1451d311e73SPhilippe Mathieu-Daudé /* 146a50547acSStephen Checkoway * Turn on DQ3. 147a50547acSStephen Checkoway */ 148a50547acSStephen Checkoway static inline void assert_dq3(PFlashCFI02 *pfl) 149a50547acSStephen Checkoway { 150a50547acSStephen Checkoway pfl->status |= 0x08; 151a50547acSStephen Checkoway } 152a50547acSStephen Checkoway 153a50547acSStephen Checkoway /* 154a50547acSStephen Checkoway * Turn off DQ3. 155a50547acSStephen Checkoway */ 156a50547acSStephen Checkoway static inline void reset_dq3(PFlashCFI02 *pfl) 157a50547acSStephen Checkoway { 158a50547acSStephen Checkoway pfl->status &= ~0x08; 159a50547acSStephen Checkoway } 160a50547acSStephen Checkoway 161a50547acSStephen Checkoway /* 162ddb6f225SStephen Checkoway * Toggle status bit DQ2. 163ddb6f225SStephen Checkoway */ 164ddb6f225SStephen Checkoway static inline void toggle_dq2(PFlashCFI02 *pfl) 165ddb6f225SStephen Checkoway { 166ddb6f225SStephen Checkoway pfl->status ^= 0x04; 167ddb6f225SStephen Checkoway } 168ddb6f225SStephen Checkoway 169ddb6f225SStephen Checkoway /* 17049ab747fSPaolo Bonzini * Set up replicated mappings of the same region. 17149ab747fSPaolo Bonzini */ 17216434065SMarkus Armbruster static void pflash_setup_mappings(PFlashCFI02 *pfl) 17349ab747fSPaolo Bonzini { 17449ab747fSPaolo Bonzini unsigned i; 17549ab747fSPaolo Bonzini hwaddr size = memory_region_size(&pfl->orig_mem); 17649ab747fSPaolo Bonzini 1772d256e6fSPaolo Bonzini memory_region_init(&pfl->mem, OBJECT(pfl), "pflash", pfl->mappings * size); 17849ab747fSPaolo Bonzini pfl->mem_mappings = g_new(MemoryRegion, pfl->mappings); 17949ab747fSPaolo Bonzini for (i = 0; i < pfl->mappings; ++i) { 1802d256e6fSPaolo Bonzini memory_region_init_alias(&pfl->mem_mappings[i], OBJECT(pfl), 1812d256e6fSPaolo Bonzini "pflash-alias", &pfl->orig_mem, 0, size); 18249ab747fSPaolo Bonzini memory_region_add_subregion(&pfl->mem, i * size, &pfl->mem_mappings[i]); 18349ab747fSPaolo Bonzini } 184326d02c3SPhilippe Mathieu-Daudé pfl->rom_mode = true; 18549ab747fSPaolo Bonzini } 18649ab747fSPaolo Bonzini 18716434065SMarkus Armbruster static void pflash_register_memory(PFlashCFI02 *pfl, int rom_mode) 18849ab747fSPaolo Bonzini { 1895f9a5ea1SJan Kiszka memory_region_rom_device_set_romd(&pfl->orig_mem, rom_mode); 190326d02c3SPhilippe Mathieu-Daudé pfl->rom_mode = !!rom_mode; 19149ab747fSPaolo Bonzini } 19249ab747fSPaolo Bonzini 193102f0f79SPhilippe Mathieu-Daudé static size_t pflash_regions_count(PFlashCFI02 *pfl) 194102f0f79SPhilippe Mathieu-Daudé { 195102f0f79SPhilippe Mathieu-Daudé return pfl->cfi_table[0x2c]; 196102f0f79SPhilippe Mathieu-Daudé } 197102f0f79SPhilippe Mathieu-Daudé 198ddb6f225SStephen Checkoway /* 199ddb6f225SStephen Checkoway * Returns the time it takes to erase the number of sectors scheduled for 200ddb6f225SStephen Checkoway * erasure based on CFI address 0x21 which is "Typical timeout per individual 201ddb6f225SStephen Checkoway * block erase 2^N ms." 202ddb6f225SStephen Checkoway */ 203ddb6f225SStephen Checkoway static uint64_t pflash_erase_time(PFlashCFI02 *pfl) 204ddb6f225SStephen Checkoway { 205ddb6f225SStephen Checkoway /* 206ddb6f225SStephen Checkoway * If there are no sectors to erase (which can happen if all of the sectors 207ddb6f225SStephen Checkoway * to be erased are protected), then erase takes 100 us. Protected sectors 208ddb6f225SStephen Checkoway * aren't supported so this should never happen. 209ddb6f225SStephen Checkoway */ 210ddb6f225SStephen Checkoway return ((1ULL << pfl->cfi_table[0x21]) * pfl->sectors_to_erase) * SCALE_US; 211ddb6f225SStephen Checkoway } 212ddb6f225SStephen Checkoway 213ddb6f225SStephen Checkoway /* 214ddb6f225SStephen Checkoway * Returns true if the device is currently in erase suspend mode. 215ddb6f225SStephen Checkoway */ 216ddb6f225SStephen Checkoway static inline bool pflash_erase_suspend_mode(PFlashCFI02 *pfl) 217ddb6f225SStephen Checkoway { 218ddb6f225SStephen Checkoway return pfl->erase_time_remaining > 0; 219ddb6f225SStephen Checkoway } 220ddb6f225SStephen Checkoway 22149ab747fSPaolo Bonzini static void pflash_timer(void *opaque) 22249ab747fSPaolo Bonzini { 22316434065SMarkus Armbruster PFlashCFI02 *pfl = opaque; 22449ab747fSPaolo Bonzini 22513019f1fSPhilippe Mathieu-Daudé trace_pflash_timer_expired(pfl->cmd); 226a50547acSStephen Checkoway if (pfl->cmd == 0x30) { 227a50547acSStephen Checkoway /* 228a50547acSStephen Checkoway * Sector erase. If DQ3 is 0 when the timer expires, then the 50 229a50547acSStephen Checkoway * us erase timeout has expired so we need to start the timer for the 230a50547acSStephen Checkoway * sector erase algorithm. Otherwise, the erase completed and we should 231a50547acSStephen Checkoway * go back to read array mode. 232a50547acSStephen Checkoway */ 233a50547acSStephen Checkoway if ((pfl->status & 0x08) == 0) { 234a50547acSStephen Checkoway assert_dq3(pfl); 235ddb6f225SStephen Checkoway uint64_t timeout = pflash_erase_time(pfl); 236a50547acSStephen Checkoway timer_mod(&pfl->timer, 237a50547acSStephen Checkoway qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + timeout); 238a50547acSStephen Checkoway DPRINTF("%s: erase timeout fired; erasing %d sectors\n", 239a50547acSStephen Checkoway __func__, pfl->sectors_to_erase); 240a50547acSStephen Checkoway return; 241a50547acSStephen Checkoway } 242a50547acSStephen Checkoway DPRINTF("%s: sector erase complete\n", __func__); 243ddb6f225SStephen Checkoway bitmap_zero(pfl->sector_erase_map, pfl->total_sectors); 244a50547acSStephen Checkoway pfl->sectors_to_erase = 0; 245a50547acSStephen Checkoway reset_dq3(pfl); 246a50547acSStephen Checkoway } 247a50547acSStephen Checkoway 24849ab747fSPaolo Bonzini /* Reset flash */ 2491d311e73SPhilippe Mathieu-Daudé toggle_dq7(pfl); 25049ab747fSPaolo Bonzini if (pfl->bypass) { 25149ab747fSPaolo Bonzini pfl->wcycle = 2; 25249ab747fSPaolo Bonzini } else { 25349ab747fSPaolo Bonzini pflash_register_memory(pfl, 1); 25449ab747fSPaolo Bonzini pfl->wcycle = 0; 25549ab747fSPaolo Bonzini } 25649ab747fSPaolo Bonzini pfl->cmd = 0; 25749ab747fSPaolo Bonzini } 25849ab747fSPaolo Bonzini 25906e8b8e3SPhilippe Mathieu-Daudé /* 26006e8b8e3SPhilippe Mathieu-Daudé * Read data from flash. 26106e8b8e3SPhilippe Mathieu-Daudé */ 26206e8b8e3SPhilippe Mathieu-Daudé static uint64_t pflash_data_read(PFlashCFI02 *pfl, hwaddr offset, 26306e8b8e3SPhilippe Mathieu-Daudé unsigned int width) 26406e8b8e3SPhilippe Mathieu-Daudé { 26506e8b8e3SPhilippe Mathieu-Daudé uint8_t *p = (uint8_t *)pfl->storage + offset; 26606e8b8e3SPhilippe Mathieu-Daudé uint64_t ret = pfl->be ? ldn_be_p(p, width) : ldn_le_p(p, width); 26710f9f1fbSPhilippe Mathieu-Daudé trace_pflash_data_read(offset, width, ret); 26806e8b8e3SPhilippe Mathieu-Daudé return ret; 26906e8b8e3SPhilippe Mathieu-Daudé } 27006e8b8e3SPhilippe Mathieu-Daudé 271ddb6f225SStephen Checkoway typedef struct { 272ddb6f225SStephen Checkoway uint32_t len; 273ddb6f225SStephen Checkoway uint32_t num; 274ddb6f225SStephen Checkoway } SectorInfo; 275ddb6f225SStephen Checkoway 27664659053SStephen Checkoway /* 27764659053SStephen Checkoway * offset should be a byte offset of the QEMU device and _not_ a device 27864659053SStephen Checkoway * offset. 27964659053SStephen Checkoway */ 280ddb6f225SStephen Checkoway static SectorInfo pflash_sector_info(PFlashCFI02 *pfl, hwaddr offset) 28164659053SStephen Checkoway { 28264659053SStephen Checkoway assert(offset < pfl->chip_len); 28364659053SStephen Checkoway hwaddr addr = 0; 284ddb6f225SStephen Checkoway uint32_t sector_num = 0; 285102f0f79SPhilippe Mathieu-Daudé for (int i = 0; i < pflash_regions_count(pfl); ++i) { 28664659053SStephen Checkoway uint64_t region_size = (uint64_t)pfl->nb_blocs[i] * pfl->sector_len[i]; 28764659053SStephen Checkoway if (addr <= offset && offset < addr + region_size) { 288ddb6f225SStephen Checkoway return (SectorInfo) { 289ddb6f225SStephen Checkoway .len = pfl->sector_len[i], 290ddb6f225SStephen Checkoway .num = sector_num + (offset - addr) / pfl->sector_len[i], 291ddb6f225SStephen Checkoway }; 29264659053SStephen Checkoway } 293ddb6f225SStephen Checkoway sector_num += pfl->nb_blocs[i]; 29464659053SStephen Checkoway addr += region_size; 29564659053SStephen Checkoway } 29664659053SStephen Checkoway abort(); 29764659053SStephen Checkoway } 29864659053SStephen Checkoway 299ddb6f225SStephen Checkoway /* 300ddb6f225SStephen Checkoway * Returns true if the offset refers to a flash sector that is currently being 301ddb6f225SStephen Checkoway * erased. 302ddb6f225SStephen Checkoway */ 303ddb6f225SStephen Checkoway static bool pflash_sector_is_erasing(PFlashCFI02 *pfl, hwaddr offset) 304ddb6f225SStephen Checkoway { 305ddb6f225SStephen Checkoway long sector_num = pflash_sector_info(pfl, offset).num; 306ddb6f225SStephen Checkoway return test_bit(sector_num, pfl->sector_erase_map); 307ddb6f225SStephen Checkoway } 308ddb6f225SStephen Checkoway 309aff498cfSPhilippe Mathieu-Daudé static uint64_t pflash_read(void *opaque, hwaddr offset, unsigned int width) 31049ab747fSPaolo Bonzini { 311aff498cfSPhilippe Mathieu-Daudé PFlashCFI02 *pfl = opaque; 31249ab747fSPaolo Bonzini hwaddr boff; 313aff498cfSPhilippe Mathieu-Daudé uint64_t ret; 31449ab747fSPaolo Bonzini 31549ab747fSPaolo Bonzini /* Lazy reset to ROMD mode after a certain amount of read accesses */ 31649ab747fSPaolo Bonzini if (!pfl->rom_mode && pfl->wcycle == 0 && 31749ab747fSPaolo Bonzini ++pfl->read_counter > PFLASH_LAZY_ROMD_THRESHOLD) { 31849ab747fSPaolo Bonzini pflash_register_memory(pfl, 1); 31949ab747fSPaolo Bonzini } 32049ab747fSPaolo Bonzini offset &= pfl->chip_len - 1; 32149ab747fSPaolo Bonzini boff = offset & 0xFF; 32264659053SStephen Checkoway if (pfl->width == 2) { 32349ab747fSPaolo Bonzini boff = boff >> 1; 32451500d37SPhilippe Mathieu-Daudé } else if (pfl->width == 4) { 32551500d37SPhilippe Mathieu-Daudé boff = boff >> 2; 32664659053SStephen Checkoway } 32749ab747fSPaolo Bonzini switch (pfl->cmd) { 32849ab747fSPaolo Bonzini default: 32949ab747fSPaolo Bonzini /* This should never happen : reset state & treat it as a read*/ 33049ab747fSPaolo Bonzini DPRINTF("%s: unknown command state: %x\n", __func__, pfl->cmd); 33149ab747fSPaolo Bonzini pfl->wcycle = 0; 33249ab747fSPaolo Bonzini pfl->cmd = 0; 33349ab747fSPaolo Bonzini /* fall through to the read code */ 334b0349937SPhilippe Mathieu-Daudé case 0x80: /* Erase (unlock) */ 33549ab747fSPaolo Bonzini /* We accept reads during second unlock sequence... */ 33649ab747fSPaolo Bonzini case 0x00: 337ddb6f225SStephen Checkoway if (pflash_erase_suspend_mode(pfl) && 338ddb6f225SStephen Checkoway pflash_sector_is_erasing(pfl, offset)) { 339ddb6f225SStephen Checkoway /* Toggle bit 2, but not 6. */ 340ddb6f225SStephen Checkoway toggle_dq2(pfl); 341ddb6f225SStephen Checkoway /* Status register read */ 342ddb6f225SStephen Checkoway ret = pfl->status; 343ddb6f225SStephen Checkoway DPRINTF("%s: status %" PRIx64 "\n", __func__, ret); 344ddb6f225SStephen Checkoway break; 345ddb6f225SStephen Checkoway } 34649ab747fSPaolo Bonzini /* Flash area read */ 34706e8b8e3SPhilippe Mathieu-Daudé ret = pflash_data_read(pfl, offset, width); 34849ab747fSPaolo Bonzini break; 349b0349937SPhilippe Mathieu-Daudé case 0x90: /* flash ID read */ 35049ab747fSPaolo Bonzini switch (boff) { 35149ab747fSPaolo Bonzini case 0x00: 35249ab747fSPaolo Bonzini case 0x01: 35349ab747fSPaolo Bonzini ret = boff & 0x01 ? pfl->ident1 : pfl->ident0; 35449ab747fSPaolo Bonzini break; 35549ab747fSPaolo Bonzini case 0x02: 35649ab747fSPaolo Bonzini ret = 0x00; /* Pretend all sectors are unprotected */ 35749ab747fSPaolo Bonzini break; 35849ab747fSPaolo Bonzini case 0x0E: 35949ab747fSPaolo Bonzini case 0x0F: 36049ab747fSPaolo Bonzini ret = boff & 0x01 ? pfl->ident3 : pfl->ident2; 3617f7bdcafSPhilippe Mathieu-Daudé if (ret != (uint8_t)-1) { 36249ab747fSPaolo Bonzini break; 3637f7bdcafSPhilippe Mathieu-Daudé } 3647f7bdcafSPhilippe Mathieu-Daudé /* Fall through to data read. */ 36549ab747fSPaolo Bonzini default: 36606e8b8e3SPhilippe Mathieu-Daudé ret = pflash_data_read(pfl, offset, width); 36749ab747fSPaolo Bonzini } 368aff498cfSPhilippe Mathieu-Daudé DPRINTF("%s: ID " TARGET_FMT_plx " %" PRIx64 "\n", __func__, boff, ret); 36949ab747fSPaolo Bonzini break; 370b0349937SPhilippe Mathieu-Daudé case 0x10: /* Chip Erase */ 371b0349937SPhilippe Mathieu-Daudé case 0x30: /* Sector Erase */ 372ddb6f225SStephen Checkoway /* Toggle bit 2 during erase, but not program. */ 373ddb6f225SStephen Checkoway toggle_dq2(pfl); 3742658594fSPhilippe Mathieu-Daudé /* fall through */ 375b0349937SPhilippe Mathieu-Daudé case 0xA0: /* Program */ 376ddb6f225SStephen Checkoway /* Toggle bit 6 */ 377ddb6f225SStephen Checkoway toggle_dq6(pfl); 37849ab747fSPaolo Bonzini /* Status register read */ 37949ab747fSPaolo Bonzini ret = pfl->status; 380aff498cfSPhilippe Mathieu-Daudé DPRINTF("%s: status %" PRIx64 "\n", __func__, ret); 38149ab747fSPaolo Bonzini break; 38249ab747fSPaolo Bonzini case 0x98: 38349ab747fSPaolo Bonzini /* CFI query mode */ 38407c13a71SPhilippe Mathieu-Daudé if (boff < sizeof(pfl->cfi_table)) { 38549ab747fSPaolo Bonzini ret = pfl->cfi_table[boff]; 38607c13a71SPhilippe Mathieu-Daudé } else { 38707c13a71SPhilippe Mathieu-Daudé ret = 0; 38807c13a71SPhilippe Mathieu-Daudé } 38949ab747fSPaolo Bonzini break; 39049ab747fSPaolo Bonzini } 39110f9f1fbSPhilippe Mathieu-Daudé trace_pflash_io_read(offset, width, ret, pfl->cmd, pfl->wcycle); 39249ab747fSPaolo Bonzini 39349ab747fSPaolo Bonzini return ret; 39449ab747fSPaolo Bonzini } 39549ab747fSPaolo Bonzini 39649ab747fSPaolo Bonzini /* update flash content on disk */ 397aff498cfSPhilippe Mathieu-Daudé static void pflash_update(PFlashCFI02 *pfl, int offset, int size) 39849ab747fSPaolo Bonzini { 39949ab747fSPaolo Bonzini int offset_end; 4001857b9dbSMansour Ahmadi int ret; 4014be74634SMarkus Armbruster if (pfl->blk) { 40249ab747fSPaolo Bonzini offset_end = offset + size; 403098e732dSEric Blake /* widen to sector boundaries */ 404098e732dSEric Blake offset = QEMU_ALIGN_DOWN(offset, BDRV_SECTOR_SIZE); 405098e732dSEric Blake offset_end = QEMU_ALIGN_UP(offset_end, BDRV_SECTOR_SIZE); 4061857b9dbSMansour Ahmadi ret = blk_pwrite(pfl->blk, offset, pfl->storage + offset, 407098e732dSEric Blake offset_end - offset, 0); 4081857b9dbSMansour Ahmadi if (ret < 0) { 4091857b9dbSMansour Ahmadi /* TODO set error bit in status */ 4101857b9dbSMansour Ahmadi error_report("Could not update PFLASH: %s", strerror(-ret)); 4111857b9dbSMansour Ahmadi } 41249ab747fSPaolo Bonzini } 41349ab747fSPaolo Bonzini } 41449ab747fSPaolo Bonzini 415a50547acSStephen Checkoway static void pflash_sector_erase(PFlashCFI02 *pfl, hwaddr offset) 416a50547acSStephen Checkoway { 417ddb6f225SStephen Checkoway SectorInfo sector_info = pflash_sector_info(pfl, offset); 418ddb6f225SStephen Checkoway uint64_t sector_len = sector_info.len; 419a50547acSStephen Checkoway offset &= ~(sector_len - 1); 420a50547acSStephen Checkoway DPRINTF("%s: start sector erase at %0*" PRIx64 "-%0*" PRIx64 "\n", 421a50547acSStephen Checkoway __func__, pfl->width * 2, offset, 422a50547acSStephen Checkoway pfl->width * 2, offset + sector_len - 1); 423a50547acSStephen Checkoway if (!pfl->ro) { 424a50547acSStephen Checkoway uint8_t *p = pfl->storage; 425a50547acSStephen Checkoway memset(p + offset, 0xff, sector_len); 426a50547acSStephen Checkoway pflash_update(pfl, offset, sector_len); 427a50547acSStephen Checkoway } 428a50547acSStephen Checkoway set_dq7(pfl, 0x00); 429a50547acSStephen Checkoway ++pfl->sectors_to_erase; 430ddb6f225SStephen Checkoway set_bit(sector_info.num, pfl->sector_erase_map); 431a50547acSStephen Checkoway /* Set (or reset) the 50 us timer for additional erase commands. */ 432a50547acSStephen Checkoway timer_mod(&pfl->timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 50000); 433a50547acSStephen Checkoway } 434a50547acSStephen Checkoway 435aff498cfSPhilippe Mathieu-Daudé static void pflash_write(void *opaque, hwaddr offset, uint64_t value, 436aff498cfSPhilippe Mathieu-Daudé unsigned int width) 43749ab747fSPaolo Bonzini { 438aff498cfSPhilippe Mathieu-Daudé PFlashCFI02 *pfl = opaque; 43949ab747fSPaolo Bonzini hwaddr boff; 44049ab747fSPaolo Bonzini uint8_t *p; 44149ab747fSPaolo Bonzini uint8_t cmd; 44249ab747fSPaolo Bonzini 44310f9f1fbSPhilippe Mathieu-Daudé trace_pflash_io_write(offset, width, value, pfl->wcycle); 44449ab747fSPaolo Bonzini cmd = value; 4458a508e70SPhilippe Mathieu-Daudé if (pfl->cmd != 0xA0) { 446a9791042SStephen Checkoway /* Reset does nothing during chip erase and sector erase. */ 447a9791042SStephen Checkoway if (cmd == 0xF0 && pfl->cmd != 0x10 && pfl->cmd != 0x30) { 44846fb7809SStephen Checkoway if (pfl->wcycle == WCYCLE_AUTOSELECT_CFI) { 44946fb7809SStephen Checkoway /* Return to autoselect mode. */ 45046fb7809SStephen Checkoway pfl->wcycle = 3; 45146fb7809SStephen Checkoway pfl->cmd = 0x90; 45246fb7809SStephen Checkoway return; 45346fb7809SStephen Checkoway } 45449ab747fSPaolo Bonzini goto reset_flash; 45549ab747fSPaolo Bonzini } 4568a508e70SPhilippe Mathieu-Daudé } 45749ab747fSPaolo Bonzini offset &= pfl->chip_len - 1; 45849ab747fSPaolo Bonzini 4596682bc1eSStephen Checkoway boff = offset; 46064659053SStephen Checkoway if (pfl->width == 2) { 46149ab747fSPaolo Bonzini boff = boff >> 1; 46251500d37SPhilippe Mathieu-Daudé } else if (pfl->width == 4) { 46351500d37SPhilippe Mathieu-Daudé boff = boff >> 2; 46464659053SStephen Checkoway } 4656682bc1eSStephen Checkoway /* Only the least-significant 11 bits are used in most cases. */ 4666682bc1eSStephen Checkoway boff &= 0x7FF; 46749ab747fSPaolo Bonzini switch (pfl->wcycle) { 46849ab747fSPaolo Bonzini case 0: 46949ab747fSPaolo Bonzini /* Set the device in I/O access mode if required */ 470*cadf25cfSPhilippe Mathieu-Daudé if (pfl->rom_mode) { 471*cadf25cfSPhilippe Mathieu-Daudé pfl->rom_mode = false; 472*cadf25cfSPhilippe Mathieu-Daudé memory_region_rom_device_set_romd(&pfl->orig_mem, false); 473*cadf25cfSPhilippe Mathieu-Daudé } 47449ab747fSPaolo Bonzini pfl->read_counter = 0; 47549ab747fSPaolo Bonzini /* We're in read mode */ 47649ab747fSPaolo Bonzini check_unlock0: 47749ab747fSPaolo Bonzini if (boff == 0x55 && cmd == 0x98) { 47849ab747fSPaolo Bonzini /* Enter CFI query mode */ 479aeaf6c20SPhilippe Mathieu-Daudé pfl->wcycle = WCYCLE_CFI; 48049ab747fSPaolo Bonzini pfl->cmd = 0x98; 48149ab747fSPaolo Bonzini return; 48249ab747fSPaolo Bonzini } 483ddb6f225SStephen Checkoway /* Handle erase resume in erase suspend mode, otherwise reset. */ 484b0349937SPhilippe Mathieu-Daudé if (cmd == 0x30) { /* Erase Resume */ 485ddb6f225SStephen Checkoway if (pflash_erase_suspend_mode(pfl)) { 486ddb6f225SStephen Checkoway /* Resume the erase. */ 487ddb6f225SStephen Checkoway timer_mod(&pfl->timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 488ddb6f225SStephen Checkoway pfl->erase_time_remaining); 489ddb6f225SStephen Checkoway pfl->erase_time_remaining = 0; 490ddb6f225SStephen Checkoway pfl->wcycle = 6; 491ddb6f225SStephen Checkoway pfl->cmd = 0x30; 492ddb6f225SStephen Checkoway set_dq7(pfl, 0x00); 493ddb6f225SStephen Checkoway assert_dq3(pfl); 494ddb6f225SStephen Checkoway return; 495ddb6f225SStephen Checkoway } 496ddb6f225SStephen Checkoway goto reset_flash; 497ddb6f225SStephen Checkoway } 498ddb6f225SStephen Checkoway /* Ignore erase suspend. */ 499b0349937SPhilippe Mathieu-Daudé if (cmd == 0xB0) { /* Erase Suspend */ 500ddb6f225SStephen Checkoway return; 501ddb6f225SStephen Checkoway } 50249ab747fSPaolo Bonzini if (boff != pfl->unlock_addr0 || cmd != 0xAA) { 50349ab747fSPaolo Bonzini DPRINTF("%s: unlock0 failed " TARGET_FMT_plx " %02x %04x\n", 50449ab747fSPaolo Bonzini __func__, boff, cmd, pfl->unlock_addr0); 50549ab747fSPaolo Bonzini goto reset_flash; 50649ab747fSPaolo Bonzini } 50749ab747fSPaolo Bonzini DPRINTF("%s: unlock sequence started\n", __func__); 50849ab747fSPaolo Bonzini break; 50949ab747fSPaolo Bonzini case 1: 51049ab747fSPaolo Bonzini /* We started an unlock sequence */ 51149ab747fSPaolo Bonzini check_unlock1: 51249ab747fSPaolo Bonzini if (boff != pfl->unlock_addr1 || cmd != 0x55) { 51349ab747fSPaolo Bonzini DPRINTF("%s: unlock1 failed " TARGET_FMT_plx " %02x\n", __func__, 51449ab747fSPaolo Bonzini boff, cmd); 51549ab747fSPaolo Bonzini goto reset_flash; 51649ab747fSPaolo Bonzini } 51749ab747fSPaolo Bonzini DPRINTF("%s: unlock sequence done\n", __func__); 51849ab747fSPaolo Bonzini break; 51949ab747fSPaolo Bonzini case 2: 52049ab747fSPaolo Bonzini /* We finished an unlock sequence */ 52149ab747fSPaolo Bonzini if (!pfl->bypass && boff != pfl->unlock_addr0) { 52249ab747fSPaolo Bonzini DPRINTF("%s: command failed " TARGET_FMT_plx " %02x\n", __func__, 52349ab747fSPaolo Bonzini boff, cmd); 52449ab747fSPaolo Bonzini goto reset_flash; 52549ab747fSPaolo Bonzini } 52649ab747fSPaolo Bonzini switch (cmd) { 52749ab747fSPaolo Bonzini case 0x20: 52849ab747fSPaolo Bonzini pfl->bypass = 1; 52949ab747fSPaolo Bonzini goto do_bypass; 530b0349937SPhilippe Mathieu-Daudé case 0x80: /* Erase */ 531b0349937SPhilippe Mathieu-Daudé case 0x90: /* Autoselect */ 532b0349937SPhilippe Mathieu-Daudé case 0xA0: /* Program */ 53349ab747fSPaolo Bonzini pfl->cmd = cmd; 53449ab747fSPaolo Bonzini DPRINTF("%s: starting command %02x\n", __func__, cmd); 53549ab747fSPaolo Bonzini break; 53649ab747fSPaolo Bonzini default: 53749ab747fSPaolo Bonzini DPRINTF("%s: unknown command %02x\n", __func__, cmd); 53849ab747fSPaolo Bonzini goto reset_flash; 53949ab747fSPaolo Bonzini } 54049ab747fSPaolo Bonzini break; 54149ab747fSPaolo Bonzini case 3: 54249ab747fSPaolo Bonzini switch (pfl->cmd) { 543b0349937SPhilippe Mathieu-Daudé case 0x80: /* Erase */ 54449ab747fSPaolo Bonzini /* We need another unlock sequence */ 54549ab747fSPaolo Bonzini goto check_unlock0; 546b0349937SPhilippe Mathieu-Daudé case 0xA0: /* Program */ 547ddb6f225SStephen Checkoway if (pflash_erase_suspend_mode(pfl) && 548ddb6f225SStephen Checkoway pflash_sector_is_erasing(pfl, offset)) { 549ddb6f225SStephen Checkoway /* Ignore writes to erasing sectors. */ 550ddb6f225SStephen Checkoway if (pfl->bypass) { 551ddb6f225SStephen Checkoway goto do_bypass; 552ddb6f225SStephen Checkoway } 553ddb6f225SStephen Checkoway goto reset_flash; 554ddb6f225SStephen Checkoway } 55510f9f1fbSPhilippe Mathieu-Daudé trace_pflash_data_write(offset, width, value, 0); 55649ab747fSPaolo Bonzini if (!pfl->ro) { 557c3d25271SPhilippe Mathieu-Daudé p = (uint8_t *)pfl->storage + offset; 558c3d25271SPhilippe Mathieu-Daudé if (pfl->be) { 559c3d25271SPhilippe Mathieu-Daudé uint64_t current = ldn_be_p(p, width); 560c3d25271SPhilippe Mathieu-Daudé stn_be_p(p, width, current & value); 56149ab747fSPaolo Bonzini } else { 562c3d25271SPhilippe Mathieu-Daudé uint64_t current = ldn_le_p(p, width); 563c3d25271SPhilippe Mathieu-Daudé stn_le_p(p, width, current & value); 56449ab747fSPaolo Bonzini } 565c3d25271SPhilippe Mathieu-Daudé pflash_update(pfl, offset, width); 56649ab747fSPaolo Bonzini } 5671d311e73SPhilippe Mathieu-Daudé /* 5681d311e73SPhilippe Mathieu-Daudé * While programming, status bit DQ7 should hold the opposite 5691d311e73SPhilippe Mathieu-Daudé * value from how it was programmed. 5701d311e73SPhilippe Mathieu-Daudé */ 5711d311e73SPhilippe Mathieu-Daudé set_dq7(pfl, ~value); 57249ab747fSPaolo Bonzini /* Let's pretend write is immediate */ 57349ab747fSPaolo Bonzini if (pfl->bypass) 57449ab747fSPaolo Bonzini goto do_bypass; 57549ab747fSPaolo Bonzini goto reset_flash; 576b0349937SPhilippe Mathieu-Daudé case 0x90: /* Autoselect */ 57749ab747fSPaolo Bonzini if (pfl->bypass && cmd == 0x00) { 57849ab747fSPaolo Bonzini /* Unlock bypass reset */ 57949ab747fSPaolo Bonzini goto reset_flash; 58049ab747fSPaolo Bonzini } 58146fb7809SStephen Checkoway /* 58246fb7809SStephen Checkoway * We can enter CFI query mode from autoselect mode, but we must 58346fb7809SStephen Checkoway * return to autoselect mode after a reset. 58446fb7809SStephen Checkoway */ 58546fb7809SStephen Checkoway if (boff == 0x55 && cmd == 0x98) { 58646fb7809SStephen Checkoway /* Enter autoselect CFI query mode */ 58746fb7809SStephen Checkoway pfl->wcycle = WCYCLE_AUTOSELECT_CFI; 58846fb7809SStephen Checkoway pfl->cmd = 0x98; 58946fb7809SStephen Checkoway return; 59046fb7809SStephen Checkoway } 591124e4cfaSPhilippe Mathieu-Daudé /* fall through */ 59249ab747fSPaolo Bonzini default: 59349ab747fSPaolo Bonzini DPRINTF("%s: invalid write for command %02x\n", 59449ab747fSPaolo Bonzini __func__, pfl->cmd); 59549ab747fSPaolo Bonzini goto reset_flash; 59649ab747fSPaolo Bonzini } 59749ab747fSPaolo Bonzini case 4: 59849ab747fSPaolo Bonzini switch (pfl->cmd) { 599b0349937SPhilippe Mathieu-Daudé case 0xA0: /* Program */ 60049ab747fSPaolo Bonzini /* Ignore writes while flash data write is occurring */ 60149ab747fSPaolo Bonzini /* As we suppose write is immediate, this should never happen */ 60249ab747fSPaolo Bonzini return; 603b0349937SPhilippe Mathieu-Daudé case 0x80: /* Erase */ 60449ab747fSPaolo Bonzini goto check_unlock1; 60549ab747fSPaolo Bonzini default: 60649ab747fSPaolo Bonzini /* Should never happen */ 60749ab747fSPaolo Bonzini DPRINTF("%s: invalid command state %02x (wc 4)\n", 60849ab747fSPaolo Bonzini __func__, pfl->cmd); 60949ab747fSPaolo Bonzini goto reset_flash; 61049ab747fSPaolo Bonzini } 61149ab747fSPaolo Bonzini break; 61249ab747fSPaolo Bonzini case 5: 613ddb6f225SStephen Checkoway if (pflash_erase_suspend_mode(pfl)) { 614ddb6f225SStephen Checkoway /* Erasing is not supported in erase suspend mode. */ 615ddb6f225SStephen Checkoway goto reset_flash; 616ddb6f225SStephen Checkoway } 61749ab747fSPaolo Bonzini switch (cmd) { 618b0349937SPhilippe Mathieu-Daudé case 0x10: /* Chip Erase */ 61949ab747fSPaolo Bonzini if (boff != pfl->unlock_addr0) { 62049ab747fSPaolo Bonzini DPRINTF("%s: chip erase: invalid address " TARGET_FMT_plx "\n", 62149ab747fSPaolo Bonzini __func__, offset); 62249ab747fSPaolo Bonzini goto reset_flash; 62349ab747fSPaolo Bonzini } 62449ab747fSPaolo Bonzini /* Chip erase */ 62549ab747fSPaolo Bonzini DPRINTF("%s: start chip erase\n", __func__); 62649ab747fSPaolo Bonzini if (!pfl->ro) { 6271eb27d69SPhilippe Mathieu-Daudé memset(pfl->storage, 0xff, pfl->chip_len); 62849ab747fSPaolo Bonzini pflash_update(pfl, 0, pfl->chip_len); 62949ab747fSPaolo Bonzini } 6301d311e73SPhilippe Mathieu-Daudé set_dq7(pfl, 0x00); 63180f2c625SStephen Checkoway /* Wait the time specified at CFI address 0x22. */ 632d80cf1ebSStephen Checkoway timer_mod(&pfl->timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 63380f2c625SStephen Checkoway (1ULL << pfl->cfi_table[0x22]) * SCALE_MS); 63449ab747fSPaolo Bonzini break; 635b0349937SPhilippe Mathieu-Daudé case 0x30: /* Sector erase */ 636a50547acSStephen Checkoway pflash_sector_erase(pfl, offset); 63749ab747fSPaolo Bonzini break; 63849ab747fSPaolo Bonzini default: 63949ab747fSPaolo Bonzini DPRINTF("%s: invalid command %02x (wc 5)\n", __func__, cmd); 64049ab747fSPaolo Bonzini goto reset_flash; 64149ab747fSPaolo Bonzini } 64249ab747fSPaolo Bonzini pfl->cmd = cmd; 64349ab747fSPaolo Bonzini break; 64449ab747fSPaolo Bonzini case 6: 64549ab747fSPaolo Bonzini switch (pfl->cmd) { 646b0349937SPhilippe Mathieu-Daudé case 0x10: /* Chip Erase */ 64749ab747fSPaolo Bonzini /* Ignore writes during chip erase */ 64849ab747fSPaolo Bonzini return; 649b0349937SPhilippe Mathieu-Daudé case 0x30: /* Sector erase */ 650ddb6f225SStephen Checkoway if (cmd == 0xB0) { 651ddb6f225SStephen Checkoway /* 652ddb6f225SStephen Checkoway * If erase suspend happens during the erase timeout (so DQ3 is 653ddb6f225SStephen Checkoway * 0), then the device suspends erasing immediately. Set the 654ddb6f225SStephen Checkoway * remaining time to be the total time to erase. Otherwise, 655ddb6f225SStephen Checkoway * there is a maximum amount of time it can take to enter 656ddb6f225SStephen Checkoway * suspend mode. Let's ignore that and suspend immediately and 657ddb6f225SStephen Checkoway * set the remaining time to the actual time remaining on the 658ddb6f225SStephen Checkoway * timer. 659ddb6f225SStephen Checkoway */ 660ddb6f225SStephen Checkoway if ((pfl->status & 0x08) == 0) { 661ddb6f225SStephen Checkoway pfl->erase_time_remaining = pflash_erase_time(pfl); 662ddb6f225SStephen Checkoway } else { 663ddb6f225SStephen Checkoway int64_t delta = timer_expire_time_ns(&pfl->timer) - 664ddb6f225SStephen Checkoway qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL); 665ddb6f225SStephen Checkoway /* Make sure we have a positive time remaining. */ 666ddb6f225SStephen Checkoway pfl->erase_time_remaining = delta <= 0 ? 1 : delta; 667ddb6f225SStephen Checkoway } 668ddb6f225SStephen Checkoway reset_dq3(pfl); 669ddb6f225SStephen Checkoway timer_del(&pfl->timer); 670ddb6f225SStephen Checkoway pfl->wcycle = 0; 671ddb6f225SStephen Checkoway pfl->cmd = 0; 672ddb6f225SStephen Checkoway return; 673ddb6f225SStephen Checkoway } 674a50547acSStephen Checkoway /* 675a50547acSStephen Checkoway * If DQ3 is 0, additional sector erase commands can be 676a50547acSStephen Checkoway * written and anything else (other than an erase suspend) resets 677a50547acSStephen Checkoway * the device. 678a50547acSStephen Checkoway */ 679a50547acSStephen Checkoway if ((pfl->status & 0x08) == 0) { 680a50547acSStephen Checkoway if (cmd == 0x30) { 681a50547acSStephen Checkoway pflash_sector_erase(pfl, offset); 682a50547acSStephen Checkoway } else { 683a50547acSStephen Checkoway goto reset_flash; 684a50547acSStephen Checkoway } 685a50547acSStephen Checkoway } 686a50547acSStephen Checkoway /* Ignore writes during the actual erase. */ 68749ab747fSPaolo Bonzini return; 68849ab747fSPaolo Bonzini default: 68949ab747fSPaolo Bonzini /* Should never happen */ 69049ab747fSPaolo Bonzini DPRINTF("%s: invalid command state %02x (wc 6)\n", 69149ab747fSPaolo Bonzini __func__, pfl->cmd); 69249ab747fSPaolo Bonzini goto reset_flash; 69349ab747fSPaolo Bonzini } 69449ab747fSPaolo Bonzini break; 695aeaf6c20SPhilippe Mathieu-Daudé /* Special values for CFI queries */ 696aeaf6c20SPhilippe Mathieu-Daudé case WCYCLE_CFI: 69746fb7809SStephen Checkoway case WCYCLE_AUTOSELECT_CFI: 69849ab747fSPaolo Bonzini DPRINTF("%s: invalid write in CFI query mode\n", __func__); 69949ab747fSPaolo Bonzini goto reset_flash; 70049ab747fSPaolo Bonzini default: 70149ab747fSPaolo Bonzini /* Should never happen */ 70249ab747fSPaolo Bonzini DPRINTF("%s: invalid write state (wc 7)\n", __func__); 70349ab747fSPaolo Bonzini goto reset_flash; 70449ab747fSPaolo Bonzini } 70549ab747fSPaolo Bonzini pfl->wcycle++; 70649ab747fSPaolo Bonzini 70749ab747fSPaolo Bonzini return; 70849ab747fSPaolo Bonzini 70949ab747fSPaolo Bonzini /* Reset flash */ 71049ab747fSPaolo Bonzini reset_flash: 71113019f1fSPhilippe Mathieu-Daudé trace_pflash_reset(); 71249ab747fSPaolo Bonzini pfl->bypass = 0; 71349ab747fSPaolo Bonzini pfl->wcycle = 0; 71449ab747fSPaolo Bonzini pfl->cmd = 0; 71549ab747fSPaolo Bonzini return; 71649ab747fSPaolo Bonzini 71749ab747fSPaolo Bonzini do_bypass: 71849ab747fSPaolo Bonzini pfl->wcycle = 2; 71949ab747fSPaolo Bonzini pfl->cmd = 0; 72049ab747fSPaolo Bonzini } 72149ab747fSPaolo Bonzini 722aff498cfSPhilippe Mathieu-Daudé static const MemoryRegionOps pflash_cfi02_ops = { 723aff498cfSPhilippe Mathieu-Daudé .read = pflash_read, 724aff498cfSPhilippe Mathieu-Daudé .write = pflash_write, 725a4afb28dSPeter Maydell .valid.min_access_size = 1, 726a4afb28dSPeter Maydell .valid.max_access_size = 4, 72749ab747fSPaolo Bonzini .endianness = DEVICE_NATIVE_ENDIAN, 72849ab747fSPaolo Bonzini }; 72949ab747fSPaolo Bonzini 7304586c2e5SPhilippe Mathieu-Daudé static void pflash_cfi02_fill_cfi_table(PFlashCFI02 *pfl, int nb_regions) 7314586c2e5SPhilippe Mathieu-Daudé { 7324586c2e5SPhilippe Mathieu-Daudé /* Hardcoded CFI table (mostly from SG29 Spansion flash) */ 7334586c2e5SPhilippe Mathieu-Daudé const uint16_t pri_ofs = 0x40; 7344586c2e5SPhilippe Mathieu-Daudé /* Standard "QRY" string */ 7354586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x10] = 'Q'; 7364586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x11] = 'R'; 7374586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x12] = 'Y'; 7384586c2e5SPhilippe Mathieu-Daudé /* Command set (AMD/Fujitsu) */ 7394586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x13] = 0x02; 7404586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x14] = 0x00; 7414586c2e5SPhilippe Mathieu-Daudé /* Primary extended table address */ 7424586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x15] = pri_ofs; 7434586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x16] = pri_ofs >> 8; 7444586c2e5SPhilippe Mathieu-Daudé /* Alternate command set (none) */ 7454586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x17] = 0x00; 7464586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x18] = 0x00; 7474586c2e5SPhilippe Mathieu-Daudé /* Alternate extended table (none) */ 7484586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x19] = 0x00; 7494586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x1A] = 0x00; 7504586c2e5SPhilippe Mathieu-Daudé /* Vcc min */ 7514586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x1B] = 0x27; 7524586c2e5SPhilippe Mathieu-Daudé /* Vcc max */ 7534586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x1C] = 0x36; 7544586c2e5SPhilippe Mathieu-Daudé /* Vpp min (no Vpp pin) */ 7554586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x1D] = 0x00; 7564586c2e5SPhilippe Mathieu-Daudé /* Vpp max (no Vpp pin) */ 7574586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x1E] = 0x00; 7584586c2e5SPhilippe Mathieu-Daudé /* Timeout per single byte/word write (128 ms) */ 7594586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x1F] = 0x07; 7604586c2e5SPhilippe Mathieu-Daudé /* Timeout for min size buffer write (NA) */ 7614586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x20] = 0x00; 7624586c2e5SPhilippe Mathieu-Daudé /* Typical timeout for block erase (512 ms) */ 7634586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x21] = 0x09; 7644586c2e5SPhilippe Mathieu-Daudé /* Typical timeout for full chip erase (4096 ms) */ 7654586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x22] = 0x0C; 7664586c2e5SPhilippe Mathieu-Daudé /* Reserved */ 7674586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x23] = 0x01; 7684586c2e5SPhilippe Mathieu-Daudé /* Max timeout for buffer write (NA) */ 7694586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x24] = 0x00; 7704586c2e5SPhilippe Mathieu-Daudé /* Max timeout for block erase */ 7714586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x25] = 0x0A; 7724586c2e5SPhilippe Mathieu-Daudé /* Max timeout for chip erase */ 7734586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x26] = 0x0D; 7744586c2e5SPhilippe Mathieu-Daudé /* Device size */ 7754586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x27] = ctz32(pfl->chip_len); 7764586c2e5SPhilippe Mathieu-Daudé /* Flash device interface (8 & 16 bits) */ 7774586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x28] = 0x02; 7784586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x29] = 0x00; 7794586c2e5SPhilippe Mathieu-Daudé /* Max number of bytes in multi-bytes write */ 7804586c2e5SPhilippe Mathieu-Daudé /* 7814586c2e5SPhilippe Mathieu-Daudé * XXX: disable buffered write as it's not supported 7824586c2e5SPhilippe Mathieu-Daudé * pfl->cfi_table[0x2A] = 0x05; 7834586c2e5SPhilippe Mathieu-Daudé */ 7844586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x2A] = 0x00; 7854586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x2B] = 0x00; 7864586c2e5SPhilippe Mathieu-Daudé /* Number of erase block regions */ 7874586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x2c] = nb_regions; 7884586c2e5SPhilippe Mathieu-Daudé /* Erase block regions */ 7894586c2e5SPhilippe Mathieu-Daudé for (int i = 0; i < nb_regions; ++i) { 7904586c2e5SPhilippe Mathieu-Daudé uint32_t sector_len_per_device = pfl->sector_len[i]; 7914586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x2d + 4 * i] = pfl->nb_blocs[i] - 1; 7924586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x2e + 4 * i] = (pfl->nb_blocs[i] - 1) >> 8; 7934586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x2f + 4 * i] = sector_len_per_device >> 8; 7944586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x30 + 4 * i] = sector_len_per_device >> 16; 7954586c2e5SPhilippe Mathieu-Daudé } 7964586c2e5SPhilippe Mathieu-Daudé assert(0x2c + 4 * nb_regions < pri_ofs); 7974586c2e5SPhilippe Mathieu-Daudé 7984586c2e5SPhilippe Mathieu-Daudé /* Extended */ 7994586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x00 + pri_ofs] = 'P'; 8004586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x01 + pri_ofs] = 'R'; 8014586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x02 + pri_ofs] = 'I'; 8024586c2e5SPhilippe Mathieu-Daudé 8034586c2e5SPhilippe Mathieu-Daudé /* Extended version 1.0 */ 8044586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x03 + pri_ofs] = '1'; 8054586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x04 + pri_ofs] = '0'; 8064586c2e5SPhilippe Mathieu-Daudé 8074586c2e5SPhilippe Mathieu-Daudé /* Address sensitive unlock required. */ 8084586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x05 + pri_ofs] = 0x00; 8094586c2e5SPhilippe Mathieu-Daudé /* Erase suspend to read/write. */ 8104586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x06 + pri_ofs] = 0x02; 8114586c2e5SPhilippe Mathieu-Daudé /* Sector protect not supported. */ 8124586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x07 + pri_ofs] = 0x00; 8134586c2e5SPhilippe Mathieu-Daudé /* Temporary sector unprotect not supported. */ 8144586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x08 + pri_ofs] = 0x00; 8154586c2e5SPhilippe Mathieu-Daudé 8164586c2e5SPhilippe Mathieu-Daudé /* Sector protect/unprotect scheme. */ 8174586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x09 + pri_ofs] = 0x00; 8184586c2e5SPhilippe Mathieu-Daudé 8194586c2e5SPhilippe Mathieu-Daudé /* Simultaneous operation not supported. */ 8204586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x0a + pri_ofs] = 0x00; 8214586c2e5SPhilippe Mathieu-Daudé /* Burst mode not supported. */ 8224586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x0b + pri_ofs] = 0x00; 8234586c2e5SPhilippe Mathieu-Daudé /* Page mode not supported. */ 8244586c2e5SPhilippe Mathieu-Daudé pfl->cfi_table[0x0c + pri_ofs] = 0x00; 8254586c2e5SPhilippe Mathieu-Daudé assert(0x0c + pri_ofs < ARRAY_SIZE(pfl->cfi_table)); 8264586c2e5SPhilippe Mathieu-Daudé } 8274586c2e5SPhilippe Mathieu-Daudé 828da3bd642SHu Tao static void pflash_cfi02_realize(DeviceState *dev, Error **errp) 82949ab747fSPaolo Bonzini { 83076612456SVladimir Sementsov-Ogievskiy ERRP_GUARD(); 831e7b62741SMarkus Armbruster PFlashCFI02 *pfl = PFLASH_CFI02(dev); 83249ab747fSPaolo Bonzini int ret; 83349ab747fSPaolo Bonzini 83464659053SStephen Checkoway if (pfl->uniform_sector_len == 0 && pfl->sector_len[0] == 0) { 8358929fc3aSZiyue Yang error_setg(errp, "attribute \"sector-length\" not specified or zero."); 8368929fc3aSZiyue Yang return; 8378929fc3aSZiyue Yang } 83864659053SStephen Checkoway if (pfl->uniform_nb_blocs == 0 && pfl->nb_blocs[0] == 0) { 8398929fc3aSZiyue Yang error_setg(errp, "attribute \"num-blocks\" not specified or zero."); 8408929fc3aSZiyue Yang return; 8418929fc3aSZiyue Yang } 8428929fc3aSZiyue Yang if (pfl->name == NULL) { 8438929fc3aSZiyue Yang error_setg(errp, "attribute \"name\" not specified."); 8448929fc3aSZiyue Yang return; 8458929fc3aSZiyue Yang } 8468929fc3aSZiyue Yang 84764659053SStephen Checkoway int nb_regions; 84864659053SStephen Checkoway pfl->chip_len = 0; 849ddb6f225SStephen Checkoway pfl->total_sectors = 0; 85064659053SStephen Checkoway for (nb_regions = 0; nb_regions < PFLASH_MAX_ERASE_REGIONS; ++nb_regions) { 85164659053SStephen Checkoway if (pfl->nb_blocs[nb_regions] == 0) { 85264659053SStephen Checkoway break; 85364659053SStephen Checkoway } 854ddb6f225SStephen Checkoway pfl->total_sectors += pfl->nb_blocs[nb_regions]; 85564659053SStephen Checkoway uint64_t sector_len_per_device = pfl->sector_len[nb_regions]; 85664659053SStephen Checkoway 85764659053SStephen Checkoway /* 85864659053SStephen Checkoway * The size of each flash sector must be a power of 2 and it must be 85964659053SStephen Checkoway * aligned at the same power of 2. 86064659053SStephen Checkoway */ 86164659053SStephen Checkoway if (sector_len_per_device & 0xff || 86264659053SStephen Checkoway sector_len_per_device >= (1 << 24) || 86364659053SStephen Checkoway !is_power_of_2(sector_len_per_device)) 86464659053SStephen Checkoway { 86564659053SStephen Checkoway error_setg(errp, "unsupported configuration: " 86664659053SStephen Checkoway "sector length[%d] per device = %" PRIx64 ".", 86764659053SStephen Checkoway nb_regions, sector_len_per_device); 86864659053SStephen Checkoway return; 86964659053SStephen Checkoway } 87064659053SStephen Checkoway if (pfl->chip_len & (sector_len_per_device - 1)) { 87164659053SStephen Checkoway error_setg(errp, "unsupported configuration: " 87264659053SStephen Checkoway "flash region %d not correctly aligned.", 87364659053SStephen Checkoway nb_regions); 87464659053SStephen Checkoway return; 87564659053SStephen Checkoway } 87664659053SStephen Checkoway 87764659053SStephen Checkoway pfl->chip_len += (uint64_t)pfl->sector_len[nb_regions] * 87864659053SStephen Checkoway pfl->nb_blocs[nb_regions]; 87964659053SStephen Checkoway } 88064659053SStephen Checkoway 88164659053SStephen Checkoway uint64_t uniform_len = (uint64_t)pfl->uniform_nb_blocs * 88264659053SStephen Checkoway pfl->uniform_sector_len; 88364659053SStephen Checkoway if (nb_regions == 0) { 88464659053SStephen Checkoway nb_regions = 1; 88564659053SStephen Checkoway pfl->nb_blocs[0] = pfl->uniform_nb_blocs; 88664659053SStephen Checkoway pfl->sector_len[0] = pfl->uniform_sector_len; 88764659053SStephen Checkoway pfl->chip_len = uniform_len; 888ddb6f225SStephen Checkoway pfl->total_sectors = pfl->uniform_nb_blocs; 88964659053SStephen Checkoway } else if (uniform_len != 0 && uniform_len != pfl->chip_len) { 89064659053SStephen Checkoway error_setg(errp, "\"num-blocks\"*\"sector-length\" " 89164659053SStephen Checkoway "different from \"num-blocks0\"*\'sector-length0\" + ... + " 89264659053SStephen Checkoway "\"num-blocks3\"*\"sector-length3\""); 89364659053SStephen Checkoway return; 89464659053SStephen Checkoway } 89549ab747fSPaolo Bonzini 896aff498cfSPhilippe Mathieu-Daudé memory_region_init_rom_device(&pfl->orig_mem, OBJECT(pfl), 897aff498cfSPhilippe Mathieu-Daudé &pflash_cfi02_ops, pfl, pfl->name, 89876612456SVladimir Sementsov-Ogievskiy pfl->chip_len, errp); 89976612456SVladimir Sementsov-Ogievskiy if (*errp) { 90033e0eb52SHu Tao return; 90133e0eb52SHu Tao } 90233e0eb52SHu Tao 90349ab747fSPaolo Bonzini pfl->storage = memory_region_get_ram_ptr(&pfl->orig_mem); 904a17c17a2SKevin Wolf 905a17c17a2SKevin Wolf if (pfl->blk) { 906a17c17a2SKevin Wolf uint64_t perm; 90786b1cf32SKevin Wolf pfl->ro = !blk_supports_write_perm(pfl->blk); 908a17c17a2SKevin Wolf perm = BLK_PERM_CONSISTENT_READ | (pfl->ro ? 0 : BLK_PERM_WRITE); 909a17c17a2SKevin Wolf ret = blk_set_perm(pfl->blk, perm, BLK_PERM_ALL, errp); 910a17c17a2SKevin Wolf if (ret < 0) { 911a17c17a2SKevin Wolf return; 912a17c17a2SKevin Wolf } 913a17c17a2SKevin Wolf } else { 914a17c17a2SKevin Wolf pfl->ro = 0; 915a17c17a2SKevin Wolf } 916a17c17a2SKevin Wolf 9174be74634SMarkus Armbruster if (pfl->blk) { 9181eb27d69SPhilippe Mathieu-Daudé if (!blk_check_size_and_read_all(pfl->blk, pfl->storage, 9191eb27d69SPhilippe Mathieu-Daudé pfl->chip_len, errp)) { 920da3bd642SHu Tao vmstate_unregister_ram(&pfl->orig_mem, DEVICE(pfl)); 921da3bd642SHu Tao return; 92249ab747fSPaolo Bonzini } 92349ab747fSPaolo Bonzini } 92449ab747fSPaolo Bonzini 9256682bc1eSStephen Checkoway /* Only 11 bits are used in the comparison. */ 9266682bc1eSStephen Checkoway pfl->unlock_addr0 &= 0x7FF; 9276682bc1eSStephen Checkoway pfl->unlock_addr1 &= 0x7FF; 9286682bc1eSStephen Checkoway 929ddb6f225SStephen Checkoway /* Allocate memory for a bitmap for sectors being erased. */ 930ddb6f225SStephen Checkoway pfl->sector_erase_map = bitmap_new(pfl->total_sectors); 931ddb6f225SStephen Checkoway 93249ab747fSPaolo Bonzini pflash_setup_mappings(pfl); 933da3bd642SHu Tao sysbus_init_mmio(SYS_BUS_DEVICE(dev), &pfl->mem); 93449ab747fSPaolo Bonzini 935d80cf1ebSStephen Checkoway timer_init_ns(&pfl->timer, QEMU_CLOCK_VIRTUAL, pflash_timer, pfl); 93649ab747fSPaolo Bonzini pfl->wcycle = 0; 93749ab747fSPaolo Bonzini pfl->cmd = 0; 93849ab747fSPaolo Bonzini pfl->status = 0; 9399ac45b88SPhilippe Mathieu-Daudé 9404586c2e5SPhilippe Mathieu-Daudé pflash_cfi02_fill_cfi_table(pfl, nb_regions); 94149ab747fSPaolo Bonzini } 94249ab747fSPaolo Bonzini 94349ab747fSPaolo Bonzini static Property pflash_cfi02_properties[] = { 94416434065SMarkus Armbruster DEFINE_PROP_DRIVE("drive", PFlashCFI02, blk), 94564659053SStephen Checkoway DEFINE_PROP_UINT32("num-blocks", PFlashCFI02, uniform_nb_blocs, 0), 94664659053SStephen Checkoway DEFINE_PROP_UINT32("sector-length", PFlashCFI02, uniform_sector_len, 0), 94764659053SStephen Checkoway DEFINE_PROP_UINT32("num-blocks0", PFlashCFI02, nb_blocs[0], 0), 94864659053SStephen Checkoway DEFINE_PROP_UINT32("sector-length0", PFlashCFI02, sector_len[0], 0), 94964659053SStephen Checkoway DEFINE_PROP_UINT32("num-blocks1", PFlashCFI02, nb_blocs[1], 0), 95064659053SStephen Checkoway DEFINE_PROP_UINT32("sector-length1", PFlashCFI02, sector_len[1], 0), 95164659053SStephen Checkoway DEFINE_PROP_UINT32("num-blocks2", PFlashCFI02, nb_blocs[2], 0), 95264659053SStephen Checkoway DEFINE_PROP_UINT32("sector-length2", PFlashCFI02, sector_len[2], 0), 95364659053SStephen Checkoway DEFINE_PROP_UINT32("num-blocks3", PFlashCFI02, nb_blocs[3], 0), 95464659053SStephen Checkoway DEFINE_PROP_UINT32("sector-length3", PFlashCFI02, sector_len[3], 0), 95516434065SMarkus Armbruster DEFINE_PROP_UINT8("width", PFlashCFI02, width, 0), 95616434065SMarkus Armbruster DEFINE_PROP_UINT8("mappings", PFlashCFI02, mappings, 0), 95716434065SMarkus Armbruster DEFINE_PROP_UINT8("big-endian", PFlashCFI02, be, 0), 95816434065SMarkus Armbruster DEFINE_PROP_UINT16("id0", PFlashCFI02, ident0, 0), 95916434065SMarkus Armbruster DEFINE_PROP_UINT16("id1", PFlashCFI02, ident1, 0), 96016434065SMarkus Armbruster DEFINE_PROP_UINT16("id2", PFlashCFI02, ident2, 0), 96116434065SMarkus Armbruster DEFINE_PROP_UINT16("id3", PFlashCFI02, ident3, 0), 96216434065SMarkus Armbruster DEFINE_PROP_UINT16("unlock-addr0", PFlashCFI02, unlock_addr0, 0), 96316434065SMarkus Armbruster DEFINE_PROP_UINT16("unlock-addr1", PFlashCFI02, unlock_addr1, 0), 96416434065SMarkus Armbruster DEFINE_PROP_STRING("name", PFlashCFI02, name), 96549ab747fSPaolo Bonzini DEFINE_PROP_END_OF_LIST(), 96649ab747fSPaolo Bonzini }; 96749ab747fSPaolo Bonzini 968b69c3c21SMarkus Armbruster static void pflash_cfi02_unrealize(DeviceState *dev) 969d80cf1ebSStephen Checkoway { 970e7b62741SMarkus Armbruster PFlashCFI02 *pfl = PFLASH_CFI02(dev); 971d80cf1ebSStephen Checkoway timer_del(&pfl->timer); 972ddb6f225SStephen Checkoway g_free(pfl->sector_erase_map); 973d80cf1ebSStephen Checkoway } 974d80cf1ebSStephen Checkoway 97549ab747fSPaolo Bonzini static void pflash_cfi02_class_init(ObjectClass *klass, void *data) 97649ab747fSPaolo Bonzini { 97749ab747fSPaolo Bonzini DeviceClass *dc = DEVICE_CLASS(klass); 97849ab747fSPaolo Bonzini 979da3bd642SHu Tao dc->realize = pflash_cfi02_realize; 980d80cf1ebSStephen Checkoway dc->unrealize = pflash_cfi02_unrealize; 9814f67d30bSMarc-André Lureau device_class_set_props(dc, pflash_cfi02_properties); 982df6f9318SAntony Pavlov set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); 98349ab747fSPaolo Bonzini } 98449ab747fSPaolo Bonzini 98549ab747fSPaolo Bonzini static const TypeInfo pflash_cfi02_info = { 986e7b62741SMarkus Armbruster .name = TYPE_PFLASH_CFI02, 98749ab747fSPaolo Bonzini .parent = TYPE_SYS_BUS_DEVICE, 98816434065SMarkus Armbruster .instance_size = sizeof(PFlashCFI02), 98949ab747fSPaolo Bonzini .class_init = pflash_cfi02_class_init, 99049ab747fSPaolo Bonzini }; 99149ab747fSPaolo Bonzini 99249ab747fSPaolo Bonzini static void pflash_cfi02_register_types(void) 99349ab747fSPaolo Bonzini { 99449ab747fSPaolo Bonzini type_register_static(&pflash_cfi02_info); 99549ab747fSPaolo Bonzini } 99649ab747fSPaolo Bonzini 99749ab747fSPaolo Bonzini type_init(pflash_cfi02_register_types) 99849ab747fSPaolo Bonzini 99916434065SMarkus Armbruster PFlashCFI02 *pflash_cfi02_register(hwaddr base, 1000940d5b13SMarkus Armbruster const char *name, 100149ab747fSPaolo Bonzini hwaddr size, 100216434065SMarkus Armbruster BlockBackend *blk, 1003ce14710fSMarkus Armbruster uint32_t sector_len, 100416434065SMarkus Armbruster int nb_mappings, int width, 100549ab747fSPaolo Bonzini uint16_t id0, uint16_t id1, 100649ab747fSPaolo Bonzini uint16_t id2, uint16_t id3, 100716434065SMarkus Armbruster uint16_t unlock_addr0, 100816434065SMarkus Armbruster uint16_t unlock_addr1, 100949ab747fSPaolo Bonzini int be) 101049ab747fSPaolo Bonzini { 10113e80f690SMarkus Armbruster DeviceState *dev = qdev_new(TYPE_PFLASH_CFI02); 101249ab747fSPaolo Bonzini 10139b3d111aSMarkus Armbruster if (blk) { 1014934df912SMarkus Armbruster qdev_prop_set_drive(dev, "drive", blk); 101549ab747fSPaolo Bonzini } 10164cdd0a77SPhilippe Mathieu-Daudé assert(QEMU_IS_ALIGNED(size, sector_len)); 1017ce14710fSMarkus Armbruster qdev_prop_set_uint32(dev, "num-blocks", size / sector_len); 101849ab747fSPaolo Bonzini qdev_prop_set_uint32(dev, "sector-length", sector_len); 101949ab747fSPaolo Bonzini qdev_prop_set_uint8(dev, "width", width); 102049ab747fSPaolo Bonzini qdev_prop_set_uint8(dev, "mappings", nb_mappings); 102149ab747fSPaolo Bonzini qdev_prop_set_uint8(dev, "big-endian", !!be); 102249ab747fSPaolo Bonzini qdev_prop_set_uint16(dev, "id0", id0); 102349ab747fSPaolo Bonzini qdev_prop_set_uint16(dev, "id1", id1); 102449ab747fSPaolo Bonzini qdev_prop_set_uint16(dev, "id2", id2); 102549ab747fSPaolo Bonzini qdev_prop_set_uint16(dev, "id3", id3); 102649ab747fSPaolo Bonzini qdev_prop_set_uint16(dev, "unlock-addr0", unlock_addr0); 102749ab747fSPaolo Bonzini qdev_prop_set_uint16(dev, "unlock-addr1", unlock_addr1); 102849ab747fSPaolo Bonzini qdev_prop_set_string(dev, "name", name); 10293c6ef471SMarkus Armbruster sysbus_realize_and_unref(SYS_BUS_DEVICE(dev), &error_fatal); 103049ab747fSPaolo Bonzini 10313509c396SHu Tao sysbus_mmio_map(SYS_BUS_DEVICE(dev), 0, base); 1032e7b62741SMarkus Armbruster return PFLASH_CFI02(dev); 103349ab747fSPaolo Bonzini } 1034