m25p80.c (56529B)
1 /* 2 * ST M25P80 emulator. Emulate all SPI flash devices based on the m25p80 command 3 * set. Known devices table current as of Jun/2012 and taken from linux. 4 * See drivers/mtd/devices/m25p80.c. 5 * 6 * Copyright (C) 2011 Edgar E. Iglesias <edgar.iglesias@gmail.com> 7 * Copyright (C) 2012 Peter A. G. Crosthwaite <peter.crosthwaite@petalogix.com> 8 * Copyright (C) 2012 PetaLogix 9 * 10 * This program is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU General Public License as 12 * published by the Free Software Foundation; either version 2 or 13 * (at your option) a later version of the License. 14 * 15 * This program is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU General Public License for more details. 19 * 20 * You should have received a copy of the GNU General Public License along 21 * with this program; if not, see <http://www.gnu.org/licenses/>. 22 */ 23 24 #include "qemu/osdep.h" 25 #include "qemu/units.h" 26 #include "sysemu/block-backend.h" 27 #include "hw/qdev-properties.h" 28 #include "hw/qdev-properties-system.h" 29 #include "hw/ssi/ssi.h" 30 #include "migration/vmstate.h" 31 #include "qemu/bitops.h" 32 #include "qemu/log.h" 33 #include "qemu/module.h" 34 #include "qemu/error-report.h" 35 #include "qapi/error.h" 36 #include "trace.h" 37 #include "qom/object.h" 38 #include "m25p80_sfdp.h" 39 40 /* 16 MiB max in 3 byte address mode */ 41 #define MAX_3BYTES_SIZE 0x1000000 42 #define SPI_NOR_MAX_ID_LEN 6 43 44 /* Fields for FlashPartInfo->flags */ 45 enum spi_flash_option_flags { 46 ER_4K = BIT(0), 47 ER_32K = BIT(1), 48 EEPROM = BIT(2), 49 HAS_SR_TB = BIT(3), 50 HAS_SR_BP3_BIT6 = BIT(4), 51 }; 52 53 typedef struct FlashPartInfo { 54 const char *part_name; 55 /* 56 * This array stores the ID bytes. 57 * The first three bytes are the JEDIC ID. 58 * JEDEC ID zero means "no ID" (mostly older chips). 59 */ 60 uint8_t id[SPI_NOR_MAX_ID_LEN]; 61 uint8_t id_len; 62 /* there is confusion between manufacturers as to what a sector is. In this 63 * device model, a "sector" is the size that is erased by the ERASE_SECTOR 64 * command (opcode 0xd8). 65 */ 66 uint32_t sector_size; 67 uint32_t n_sectors; 68 uint32_t page_size; 69 uint16_t flags; 70 /* 71 * Big sized spi nor are often stacked devices, thus sometime 72 * replace chip erase with die erase. 73 * This field inform how many die is in the chip. 74 */ 75 uint8_t die_cnt; 76 uint8_t (*sfdp_read)(uint32_t sfdp_addr); 77 } FlashPartInfo; 78 79 /* adapted from linux */ 80 /* Used when the "_ext_id" is two bytes at most */ 81 #define INFO(_part_name, _jedec_id, _ext_id, _sector_size, _n_sectors, _flags)\ 82 .part_name = _part_name,\ 83 .id = {\ 84 ((_jedec_id) >> 16) & 0xff,\ 85 ((_jedec_id) >> 8) & 0xff,\ 86 (_jedec_id) & 0xff,\ 87 ((_ext_id) >> 8) & 0xff,\ 88 (_ext_id) & 0xff,\ 89 },\ 90 .id_len = (!(_jedec_id) ? 0 : (3 + ((_ext_id) ? 2 : 0))),\ 91 .sector_size = (_sector_size),\ 92 .n_sectors = (_n_sectors),\ 93 .page_size = 256,\ 94 .flags = (_flags),\ 95 .die_cnt = 0 96 97 #define INFO6(_part_name, _jedec_id, _ext_id, _sector_size, _n_sectors, _flags)\ 98 .part_name = _part_name,\ 99 .id = {\ 100 ((_jedec_id) >> 16) & 0xff,\ 101 ((_jedec_id) >> 8) & 0xff,\ 102 (_jedec_id) & 0xff,\ 103 ((_ext_id) >> 16) & 0xff,\ 104 ((_ext_id) >> 8) & 0xff,\ 105 (_ext_id) & 0xff,\ 106 },\ 107 .id_len = 6,\ 108 .sector_size = (_sector_size),\ 109 .n_sectors = (_n_sectors),\ 110 .page_size = 256,\ 111 .flags = (_flags),\ 112 .die_cnt = 0 113 114 #define INFO_STACKED(_part_name, _jedec_id, _ext_id, _sector_size, _n_sectors,\ 115 _flags, _die_cnt)\ 116 .part_name = _part_name,\ 117 .id = {\ 118 ((_jedec_id) >> 16) & 0xff,\ 119 ((_jedec_id) >> 8) & 0xff,\ 120 (_jedec_id) & 0xff,\ 121 ((_ext_id) >> 8) & 0xff,\ 122 (_ext_id) & 0xff,\ 123 },\ 124 .id_len = (!(_jedec_id) ? 0 : (3 + ((_ext_id) ? 2 : 0))),\ 125 .sector_size = (_sector_size),\ 126 .n_sectors = (_n_sectors),\ 127 .page_size = 256,\ 128 .flags = (_flags),\ 129 .die_cnt = _die_cnt 130 131 #define JEDEC_NUMONYX 0x20 132 #define JEDEC_WINBOND 0xEF 133 #define JEDEC_SPANSION 0x01 134 135 /* Numonyx (Micron) Configuration register macros */ 136 #define VCFG_DUMMY 0x1 137 #define VCFG_WRAP_SEQUENTIAL 0x2 138 #define NVCFG_XIP_MODE_DISABLED (7 << 9) 139 #define NVCFG_XIP_MODE_MASK (7 << 9) 140 #define VCFG_XIP_MODE_DISABLED (1 << 3) 141 #define CFG_DUMMY_CLK_LEN 4 142 #define NVCFG_DUMMY_CLK_POS 12 143 #define VCFG_DUMMY_CLK_POS 4 144 #define EVCFG_OUT_DRIVER_STRENGTH_DEF 7 145 #define EVCFG_VPP_ACCELERATOR (1 << 3) 146 #define EVCFG_RESET_HOLD_ENABLED (1 << 4) 147 #define NVCFG_DUAL_IO_MASK (1 << 2) 148 #define EVCFG_DUAL_IO_DISABLED (1 << 6) 149 #define NVCFG_QUAD_IO_MASK (1 << 3) 150 #define EVCFG_QUAD_IO_DISABLED (1 << 7) 151 #define NVCFG_4BYTE_ADDR_MASK (1 << 0) 152 #define NVCFG_LOWER_SEGMENT_MASK (1 << 1) 153 154 /* Numonyx (Micron) Flag Status Register macros */ 155 #define FSR_4BYTE_ADDR_MODE_ENABLED 0x1 156 #define FSR_FLASH_READY (1 << 7) 157 158 /* Spansion configuration registers macros. */ 159 #define SPANSION_QUAD_CFG_POS 0 160 #define SPANSION_QUAD_CFG_LEN 1 161 #define SPANSION_DUMMY_CLK_POS 0 162 #define SPANSION_DUMMY_CLK_LEN 4 163 #define SPANSION_ADDR_LEN_POS 7 164 #define SPANSION_ADDR_LEN_LEN 1 165 166 /* 167 * Spansion read mode command length in bytes, 168 * the mode is currently not supported. 169 */ 170 171 #define SPANSION_CONTINUOUS_READ_MODE_CMD_LEN 1 172 #define WINBOND_CONTINUOUS_READ_MODE_CMD_LEN 1 173 174 static const FlashPartInfo known_devices[] = { 175 /* Atmel -- some are (confusingly) marketed as "DataFlash" */ 176 { INFO("at25fs010", 0x1f6601, 0, 32 << 10, 4, ER_4K) }, 177 { INFO("at25fs040", 0x1f6604, 0, 64 << 10, 8, ER_4K) }, 178 179 { INFO("at25df041a", 0x1f4401, 0, 64 << 10, 8, ER_4K) }, 180 { INFO("at25df321a", 0x1f4701, 0, 64 << 10, 64, ER_4K) }, 181 { INFO("at25df641", 0x1f4800, 0, 64 << 10, 128, ER_4K) }, 182 183 { INFO("at26f004", 0x1f0400, 0, 64 << 10, 8, ER_4K) }, 184 { INFO("at26df081a", 0x1f4501, 0, 64 << 10, 16, ER_4K) }, 185 { INFO("at26df161a", 0x1f4601, 0, 64 << 10, 32, ER_4K) }, 186 { INFO("at26df321", 0x1f4700, 0, 64 << 10, 64, ER_4K) }, 187 188 { INFO("at45db081d", 0x1f2500, 0, 64 << 10, 16, ER_4K) }, 189 190 /* Atmel EEPROMS - it is assumed, that don't care bit in command 191 * is set to 0. Block protection is not supported. 192 */ 193 { INFO("at25128a-nonjedec", 0x0, 0, 1, 131072, EEPROM) }, 194 { INFO("at25256a-nonjedec", 0x0, 0, 1, 262144, EEPROM) }, 195 196 /* EON -- en25xxx */ 197 { INFO("en25f32", 0x1c3116, 0, 64 << 10, 64, ER_4K) }, 198 { INFO("en25p32", 0x1c2016, 0, 64 << 10, 64, 0) }, 199 { INFO("en25q32b", 0x1c3016, 0, 64 << 10, 64, 0) }, 200 { INFO("en25p64", 0x1c2017, 0, 64 << 10, 128, 0) }, 201 { INFO("en25q64", 0x1c3017, 0, 64 << 10, 128, ER_4K) }, 202 203 /* GigaDevice */ 204 { INFO("gd25q32", 0xc84016, 0, 64 << 10, 64, ER_4K) }, 205 { INFO("gd25q64", 0xc84017, 0, 64 << 10, 128, ER_4K) }, 206 207 /* Intel/Numonyx -- xxxs33b */ 208 { INFO("160s33b", 0x898911, 0, 64 << 10, 32, 0) }, 209 { INFO("320s33b", 0x898912, 0, 64 << 10, 64, 0) }, 210 { INFO("640s33b", 0x898913, 0, 64 << 10, 128, 0) }, 211 { INFO("n25q064", 0x20ba17, 0, 64 << 10, 128, 0) }, 212 213 /* ISSI */ 214 { INFO("is25lq040b", 0x9d4013, 0, 64 << 10, 8, ER_4K) }, 215 { INFO("is25lp080d", 0x9d6014, 0, 64 << 10, 16, ER_4K) }, 216 { INFO("is25lp016d", 0x9d6015, 0, 64 << 10, 32, ER_4K) }, 217 { INFO("is25lp032", 0x9d6016, 0, 64 << 10, 64, ER_4K) }, 218 { INFO("is25lp064", 0x9d6017, 0, 64 << 10, 128, ER_4K) }, 219 { INFO("is25lp128", 0x9d6018, 0, 64 << 10, 256, ER_4K) }, 220 { INFO("is25lp256", 0x9d6019, 0, 64 << 10, 512, ER_4K) }, 221 { INFO("is25wp032", 0x9d7016, 0, 64 << 10, 64, ER_4K) }, 222 { INFO("is25wp064", 0x9d7017, 0, 64 << 10, 128, ER_4K) }, 223 { INFO("is25wp128", 0x9d7018, 0, 64 << 10, 256, ER_4K) }, 224 { INFO("is25wp256", 0x9d7019, 0, 64 << 10, 512, ER_4K) }, 225 226 /* Macronix */ 227 { INFO("mx25l2005a", 0xc22012, 0, 64 << 10, 4, ER_4K) }, 228 { INFO("mx25l4005a", 0xc22013, 0, 64 << 10, 8, ER_4K) }, 229 { INFO("mx25l8005", 0xc22014, 0, 64 << 10, 16, 0) }, 230 { INFO("mx25l1606e", 0xc22015, 0, 64 << 10, 32, ER_4K) }, 231 { INFO("mx25l3205d", 0xc22016, 0, 64 << 10, 64, 0) }, 232 { INFO("mx25l6405d", 0xc22017, 0, 64 << 10, 128, 0) }, 233 { INFO("mx25l12805d", 0xc22018, 0, 64 << 10, 256, 0) }, 234 { INFO("mx25l12855e", 0xc22618, 0, 64 << 10, 256, 0) }, 235 { INFO6("mx25l25635e", 0xc22019, 0xc22019, 64 << 10, 512, 236 ER_4K | ER_32K), .sfdp_read = m25p80_sfdp_mx25l25635e }, 237 { INFO6("mx25l25635f", 0xc22019, 0xc22019, 64 << 10, 512, 238 ER_4K | ER_32K), .sfdp_read = m25p80_sfdp_mx25l25635f }, 239 { INFO("mx25l25655e", 0xc22619, 0, 64 << 10, 512, 0) }, 240 { INFO("mx66l51235f", 0xc2201a, 0, 64 << 10, 1024, ER_4K | ER_32K) }, 241 { INFO("mx66u51235f", 0xc2253a, 0, 64 << 10, 1024, ER_4K | ER_32K) }, 242 { INFO("mx66u1g45g", 0xc2253b, 0, 64 << 10, 2048, ER_4K | ER_32K) }, 243 { INFO("mx66l1g45g", 0xc2201b, 0, 64 << 10, 2048, ER_4K | ER_32K), 244 .sfdp_read = m25p80_sfdp_mx66l1g45g }, 245 246 /* Micron */ 247 { INFO("n25q032a11", 0x20bb16, 0, 64 << 10, 64, ER_4K) }, 248 { INFO("n25q032a13", 0x20ba16, 0, 64 << 10, 64, ER_4K) }, 249 { INFO("n25q064a11", 0x20bb17, 0, 64 << 10, 128, ER_4K) }, 250 { INFO("n25q064a13", 0x20ba17, 0, 64 << 10, 128, ER_4K) }, 251 { INFO("n25q128a11", 0x20bb18, 0, 64 << 10, 256, ER_4K) }, 252 { INFO("n25q128a13", 0x20ba18, 0, 64 << 10, 256, ER_4K) }, 253 { INFO("n25q256a11", 0x20bb19, 0, 64 << 10, 512, ER_4K) }, 254 { INFO("n25q256a13", 0x20ba19, 0, 64 << 10, 512, ER_4K), 255 .sfdp_read = m25p80_sfdp_n25q256a }, 256 { INFO("n25q512a11", 0x20bb20, 0, 64 << 10, 1024, ER_4K) }, 257 { INFO("n25q512a13", 0x20ba20, 0, 64 << 10, 1024, ER_4K) }, 258 { INFO("n25q128", 0x20ba18, 0, 64 << 10, 256, 0) }, 259 { INFO("n25q256a", 0x20ba19, 0, 64 << 10, 512, 260 ER_4K | HAS_SR_BP3_BIT6 | HAS_SR_TB), 261 .sfdp_read = m25p80_sfdp_n25q256a }, 262 { INFO("n25q512a", 0x20ba20, 0, 64 << 10, 1024, ER_4K) }, 263 { INFO("n25q512ax3", 0x20ba20, 0x1000, 64 << 10, 1024, ER_4K) }, 264 { INFO("mt25ql512ab", 0x20ba20, 0x1044, 64 << 10, 1024, ER_4K | ER_32K) }, 265 { INFO_STACKED("mt35xu01g", 0x2c5b1b, 0x104100, 128 << 10, 1024, 266 ER_4K | ER_32K, 2) }, 267 { INFO_STACKED("n25q00", 0x20ba21, 0x1000, 64 << 10, 2048, ER_4K, 4) }, 268 { INFO_STACKED("n25q00a", 0x20bb21, 0x1000, 64 << 10, 2048, ER_4K, 4) }, 269 { INFO_STACKED("mt25ql01g", 0x20ba21, 0x1040, 64 << 10, 2048, ER_4K, 2) }, 270 { INFO_STACKED("mt25qu01g", 0x20bb21, 0x1040, 64 << 10, 2048, ER_4K, 2) }, 271 { INFO_STACKED("mt25ql02g", 0x20ba22, 0x1040, 64 << 10, 4096, ER_4K | ER_32K, 2) }, 272 { INFO_STACKED("mt25qu02g", 0x20bb22, 0x1040, 64 << 10, 4096, ER_4K | ER_32K, 2) }, 273 274 /* Spansion -- single (large) sector size only, at least 275 * for the chips listed here (without boot sectors). 276 */ 277 { INFO("s25sl032p", 0x010215, 0x4d00, 64 << 10, 64, ER_4K) }, 278 { INFO("s25sl064p", 0x010216, 0x4d00, 64 << 10, 128, ER_4K) }, 279 { INFO("s25fl256s0", 0x010219, 0x4d00, 256 << 10, 128, 0) }, 280 { INFO("s25fl256s1", 0x010219, 0x4d01, 64 << 10, 512, 0) }, 281 { INFO6("s25fl512s", 0x010220, 0x4d0080, 256 << 10, 256, 0) }, 282 { INFO6("s70fl01gs", 0x010221, 0x4d0080, 256 << 10, 512, 0) }, 283 { INFO("s25sl12800", 0x012018, 0x0300, 256 << 10, 64, 0) }, 284 { INFO("s25sl12801", 0x012018, 0x0301, 64 << 10, 256, 0) }, 285 { INFO("s25fl129p0", 0x012018, 0x4d00, 256 << 10, 64, 0) }, 286 { INFO("s25fl129p1", 0x012018, 0x4d01, 64 << 10, 256, 0) }, 287 { INFO("s25sl004a", 0x010212, 0, 64 << 10, 8, 0) }, 288 { INFO("s25sl008a", 0x010213, 0, 64 << 10, 16, 0) }, 289 { INFO("s25sl016a", 0x010214, 0, 64 << 10, 32, 0) }, 290 { INFO("s25sl032a", 0x010215, 0, 64 << 10, 64, 0) }, 291 { INFO("s25sl064a", 0x010216, 0, 64 << 10, 128, 0) }, 292 { INFO("s25fl016k", 0xef4015, 0, 64 << 10, 32, ER_4K | ER_32K) }, 293 { INFO("s25fl064k", 0xef4017, 0, 64 << 10, 128, ER_4K | ER_32K) }, 294 295 /* Spansion -- boot sectors support */ 296 { INFO6("s25fs512s", 0x010220, 0x4d0081, 256 << 10, 256, 0) }, 297 { INFO6("s70fs01gs", 0x010221, 0x4d0081, 256 << 10, 512, 0) }, 298 299 /* SST -- large erase sizes are "overlays", "sectors" are 4<< 10 */ 300 { INFO("sst25vf040b", 0xbf258d, 0, 64 << 10, 8, ER_4K) }, 301 { INFO("sst25vf080b", 0xbf258e, 0, 64 << 10, 16, ER_4K) }, 302 { INFO("sst25vf016b", 0xbf2541, 0, 64 << 10, 32, ER_4K) }, 303 { INFO("sst25vf032b", 0xbf254a, 0, 64 << 10, 64, ER_4K) }, 304 { INFO("sst25wf512", 0xbf2501, 0, 64 << 10, 1, ER_4K) }, 305 { INFO("sst25wf010", 0xbf2502, 0, 64 << 10, 2, ER_4K) }, 306 { INFO("sst25wf020", 0xbf2503, 0, 64 << 10, 4, ER_4K) }, 307 { INFO("sst25wf040", 0xbf2504, 0, 64 << 10, 8, ER_4K) }, 308 { INFO("sst25wf080", 0xbf2505, 0, 64 << 10, 16, ER_4K) }, 309 310 /* ST Microelectronics -- newer production may have feature updates */ 311 { INFO("m25p05", 0x202010, 0, 32 << 10, 2, 0) }, 312 { INFO("m25p10", 0x202011, 0, 32 << 10, 4, 0) }, 313 { INFO("m25p20", 0x202012, 0, 64 << 10, 4, 0) }, 314 { INFO("m25p40", 0x202013, 0, 64 << 10, 8, 0) }, 315 { INFO("m25p80", 0x202014, 0, 64 << 10, 16, 0) }, 316 { INFO("m25p16", 0x202015, 0, 64 << 10, 32, 0) }, 317 { INFO("m25p32", 0x202016, 0, 64 << 10, 64, 0) }, 318 { INFO("m25p64", 0x202017, 0, 64 << 10, 128, 0) }, 319 { INFO("m25p128", 0x202018, 0, 256 << 10, 64, 0) }, 320 { INFO("n25q032", 0x20ba16, 0, 64 << 10, 64, 0) }, 321 322 { INFO("m45pe10", 0x204011, 0, 64 << 10, 2, 0) }, 323 { INFO("m45pe80", 0x204014, 0, 64 << 10, 16, 0) }, 324 { INFO("m45pe16", 0x204015, 0, 64 << 10, 32, 0) }, 325 326 { INFO("m25pe20", 0x208012, 0, 64 << 10, 4, 0) }, 327 { INFO("m25pe80", 0x208014, 0, 64 << 10, 16, 0) }, 328 { INFO("m25pe16", 0x208015, 0, 64 << 10, 32, ER_4K) }, 329 330 { INFO("m25px32", 0x207116, 0, 64 << 10, 64, ER_4K) }, 331 { INFO("m25px32-s0", 0x207316, 0, 64 << 10, 64, ER_4K) }, 332 { INFO("m25px32-s1", 0x206316, 0, 64 << 10, 64, ER_4K) }, 333 { INFO("m25px64", 0x207117, 0, 64 << 10, 128, 0) }, 334 335 /* Winbond -- w25x "blocks" are 64k, "sectors" are 4KiB */ 336 { INFO("w25x10", 0xef3011, 0, 64 << 10, 2, ER_4K) }, 337 { INFO("w25x20", 0xef3012, 0, 64 << 10, 4, ER_4K) }, 338 { INFO("w25x40", 0xef3013, 0, 64 << 10, 8, ER_4K) }, 339 { INFO("w25x80", 0xef3014, 0, 64 << 10, 16, ER_4K) }, 340 { INFO("w25x16", 0xef3015, 0, 64 << 10, 32, ER_4K) }, 341 { INFO("w25x32", 0xef3016, 0, 64 << 10, 64, ER_4K) }, 342 { INFO("w25q32", 0xef4016, 0, 64 << 10, 64, ER_4K) }, 343 { INFO("w25q32dw", 0xef6016, 0, 64 << 10, 64, ER_4K) }, 344 { INFO("w25x64", 0xef3017, 0, 64 << 10, 128, ER_4K) }, 345 { INFO("w25q64", 0xef4017, 0, 64 << 10, 128, ER_4K) }, 346 { INFO("w25q80", 0xef5014, 0, 64 << 10, 16, ER_4K) }, 347 { INFO("w25q80bl", 0xef4014, 0, 64 << 10, 16, ER_4K) }, 348 { INFO("w25q256", 0xef4019, 0, 64 << 10, 512, ER_4K), 349 .sfdp_read = m25p80_sfdp_w25q256 }, 350 { INFO("w25q512jv", 0xef4020, 0, 64 << 10, 1024, ER_4K), 351 .sfdp_read = m25p80_sfdp_w25q512jv }, 352 { INFO("w25q01jvq", 0xef4021, 0, 64 << 10, 2048, ER_4K), 353 .sfdp_read = m25p80_sfdp_w25q01jvq }, 354 }; 355 356 typedef enum { 357 NOP = 0, 358 WRSR = 0x1, 359 WRDI = 0x4, 360 RDSR = 0x5, 361 WREN = 0x6, 362 BRRD = 0x16, 363 BRWR = 0x17, 364 JEDEC_READ = 0x9f, 365 BULK_ERASE_60 = 0x60, 366 BULK_ERASE = 0xc7, 367 READ_FSR = 0x70, 368 RDCR = 0x15, 369 RDSFDP = 0x5a, 370 371 READ = 0x03, 372 READ4 = 0x13, 373 FAST_READ = 0x0b, 374 FAST_READ4 = 0x0c, 375 DOR = 0x3b, 376 DOR4 = 0x3c, 377 QOR = 0x6b, 378 QOR4 = 0x6c, 379 DIOR = 0xbb, 380 DIOR4 = 0xbc, 381 QIOR = 0xeb, 382 QIOR4 = 0xec, 383 384 PP = 0x02, 385 PP4 = 0x12, 386 PP4_4 = 0x3e, 387 DPP = 0xa2, 388 QPP = 0x32, 389 QPP_4 = 0x34, 390 RDID_90 = 0x90, 391 RDID_AB = 0xab, 392 AAI_WP = 0xad, 393 394 ERASE_4K = 0x20, 395 ERASE4_4K = 0x21, 396 ERASE_32K = 0x52, 397 ERASE4_32K = 0x5c, 398 ERASE_SECTOR = 0xd8, 399 ERASE4_SECTOR = 0xdc, 400 401 EN_4BYTE_ADDR = 0xB7, 402 EX_4BYTE_ADDR = 0xE9, 403 404 EXTEND_ADDR_READ = 0xC8, 405 EXTEND_ADDR_WRITE = 0xC5, 406 407 RESET_ENABLE = 0x66, 408 RESET_MEMORY = 0x99, 409 410 /* 411 * Micron: 0x35 - enable QPI 412 * Spansion: 0x35 - read control register 413 */ 414 RDCR_EQIO = 0x35, 415 RSTQIO = 0xf5, 416 417 RNVCR = 0xB5, 418 WNVCR = 0xB1, 419 420 RVCR = 0x85, 421 WVCR = 0x81, 422 423 REVCR = 0x65, 424 WEVCR = 0x61, 425 426 DIE_ERASE = 0xC4, 427 } FlashCMD; 428 429 typedef enum { 430 STATE_IDLE, 431 STATE_PAGE_PROGRAM, 432 STATE_READ, 433 STATE_COLLECTING_DATA, 434 STATE_COLLECTING_VAR_LEN_DATA, 435 STATE_READING_DATA, 436 STATE_READING_SFDP, 437 } CMDState; 438 439 typedef enum { 440 MAN_SPANSION, 441 MAN_MACRONIX, 442 MAN_NUMONYX, 443 MAN_WINBOND, 444 MAN_SST, 445 MAN_ISSI, 446 MAN_GENERIC, 447 } Manufacturer; 448 449 typedef enum { 450 MODE_STD = 0, 451 MODE_DIO = 1, 452 MODE_QIO = 2 453 } SPIMode; 454 455 #define M25P80_INTERNAL_DATA_BUFFER_SZ 16 456 457 struct Flash { 458 SSIPeripheral parent_obj; 459 460 BlockBackend *blk; 461 462 uint8_t *storage; 463 uint32_t size; 464 int page_size; 465 466 uint8_t state; 467 uint8_t data[M25P80_INTERNAL_DATA_BUFFER_SZ]; 468 uint32_t len; 469 uint32_t pos; 470 bool data_read_loop; 471 uint8_t needed_bytes; 472 uint8_t cmd_in_progress; 473 uint32_t cur_addr; 474 uint32_t nonvolatile_cfg; 475 /* Configuration register for Macronix */ 476 uint32_t volatile_cfg; 477 uint32_t enh_volatile_cfg; 478 /* Spansion cfg registers. */ 479 uint8_t spansion_cr1nv; 480 uint8_t spansion_cr2nv; 481 uint8_t spansion_cr3nv; 482 uint8_t spansion_cr4nv; 483 uint8_t spansion_cr1v; 484 uint8_t spansion_cr2v; 485 uint8_t spansion_cr3v; 486 uint8_t spansion_cr4v; 487 bool wp_level; 488 bool write_enable; 489 bool four_bytes_address_mode; 490 bool reset_enable; 491 bool quad_enable; 492 bool aai_enable; 493 bool block_protect0; 494 bool block_protect1; 495 bool block_protect2; 496 bool block_protect3; 497 bool top_bottom_bit; 498 bool status_register_write_disabled; 499 uint8_t ear; 500 501 int64_t dirty_page; 502 503 const FlashPartInfo *pi; 504 505 }; 506 507 struct M25P80Class { 508 SSIPeripheralClass parent_class; 509 FlashPartInfo *pi; 510 }; 511 512 #define TYPE_M25P80 "m25p80-generic" 513 OBJECT_DECLARE_TYPE(Flash, M25P80Class, M25P80) 514 515 static inline Manufacturer get_man(Flash *s) 516 { 517 switch (s->pi->id[0]) { 518 case 0x20: 519 return MAN_NUMONYX; 520 case 0xEF: 521 return MAN_WINBOND; 522 case 0x01: 523 return MAN_SPANSION; 524 case 0xC2: 525 return MAN_MACRONIX; 526 case 0xBF: 527 return MAN_SST; 528 case 0x9D: 529 return MAN_ISSI; 530 default: 531 return MAN_GENERIC; 532 } 533 } 534 535 static void blk_sync_complete(void *opaque, int ret) 536 { 537 QEMUIOVector *iov = opaque; 538 539 qemu_iovec_destroy(iov); 540 g_free(iov); 541 542 /* do nothing. Masters do not directly interact with the backing store, 543 * only the working copy so no mutexing required. 544 */ 545 } 546 547 static void flash_sync_page(Flash *s, int page) 548 { 549 QEMUIOVector *iov; 550 551 if (!s->blk || !blk_is_writable(s->blk)) { 552 return; 553 } 554 555 iov = g_new(QEMUIOVector, 1); 556 qemu_iovec_init(iov, 1); 557 qemu_iovec_add(iov, s->storage + page * s->pi->page_size, 558 s->pi->page_size); 559 blk_aio_pwritev(s->blk, page * s->pi->page_size, iov, 0, 560 blk_sync_complete, iov); 561 } 562 563 static inline void flash_sync_area(Flash *s, int64_t off, int64_t len) 564 { 565 QEMUIOVector *iov; 566 567 if (!s->blk || !blk_is_writable(s->blk)) { 568 return; 569 } 570 571 assert(!(len % BDRV_SECTOR_SIZE)); 572 iov = g_new(QEMUIOVector, 1); 573 qemu_iovec_init(iov, 1); 574 qemu_iovec_add(iov, s->storage + off, len); 575 blk_aio_pwritev(s->blk, off, iov, 0, blk_sync_complete, iov); 576 } 577 578 static void flash_erase(Flash *s, int offset, FlashCMD cmd) 579 { 580 uint32_t len; 581 uint8_t capa_to_assert = 0; 582 583 switch (cmd) { 584 case ERASE_4K: 585 case ERASE4_4K: 586 len = 4 * KiB; 587 capa_to_assert = ER_4K; 588 break; 589 case ERASE_32K: 590 case ERASE4_32K: 591 len = 32 * KiB; 592 capa_to_assert = ER_32K; 593 break; 594 case ERASE_SECTOR: 595 case ERASE4_SECTOR: 596 len = s->pi->sector_size; 597 break; 598 case BULK_ERASE: 599 len = s->size; 600 break; 601 case DIE_ERASE: 602 if (s->pi->die_cnt) { 603 len = s->size / s->pi->die_cnt; 604 offset = offset & (~(len - 1)); 605 } else { 606 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: die erase is not supported" 607 " by device\n"); 608 return; 609 } 610 break; 611 default: 612 abort(); 613 } 614 615 trace_m25p80_flash_erase(s, offset, len); 616 617 if ((s->pi->flags & capa_to_assert) != capa_to_assert) { 618 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: %d erase size not supported by" 619 " device\n", len); 620 } 621 622 if (!s->write_enable) { 623 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: erase with write protect!\n"); 624 return; 625 } 626 memset(s->storage + offset, 0xff, len); 627 flash_sync_area(s, offset, len); 628 } 629 630 static inline void flash_sync_dirty(Flash *s, int64_t newpage) 631 { 632 if (s->dirty_page >= 0 && s->dirty_page != newpage) { 633 flash_sync_page(s, s->dirty_page); 634 s->dirty_page = newpage; 635 } 636 } 637 638 static inline 639 void flash_write8(Flash *s, uint32_t addr, uint8_t data) 640 { 641 uint32_t page = addr / s->pi->page_size; 642 uint8_t prev = s->storage[s->cur_addr]; 643 uint32_t block_protect_value = (s->block_protect3 << 3) | 644 (s->block_protect2 << 2) | 645 (s->block_protect1 << 1) | 646 (s->block_protect0 << 0); 647 648 if (!s->write_enable) { 649 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: write with write protect!\n"); 650 return; 651 } 652 653 if (block_protect_value > 0) { 654 uint32_t num_protected_sectors = 1 << (block_protect_value - 1); 655 uint32_t sector = addr / s->pi->sector_size; 656 657 /* top_bottom_bit == 0 means TOP */ 658 if (!s->top_bottom_bit) { 659 if (s->pi->n_sectors <= sector + num_protected_sectors) { 660 qemu_log_mask(LOG_GUEST_ERROR, 661 "M25P80: write with write protect!\n"); 662 return; 663 } 664 } else { 665 if (sector < num_protected_sectors) { 666 qemu_log_mask(LOG_GUEST_ERROR, 667 "M25P80: write with write protect!\n"); 668 return; 669 } 670 } 671 } 672 673 if ((prev ^ data) & data) { 674 trace_m25p80_programming_zero_to_one(s, addr, prev, data); 675 } 676 677 if (s->pi->flags & EEPROM) { 678 s->storage[s->cur_addr] = data; 679 } else { 680 s->storage[s->cur_addr] &= data; 681 } 682 683 flash_sync_dirty(s, page); 684 s->dirty_page = page; 685 } 686 687 static inline int get_addr_length(Flash *s) 688 { 689 /* check if eeprom is in use */ 690 if (s->pi->flags == EEPROM) { 691 return 2; 692 } 693 694 switch (s->cmd_in_progress) { 695 case RDSFDP: 696 return 3; 697 case PP4: 698 case PP4_4: 699 case QPP_4: 700 case READ4: 701 case QIOR4: 702 case ERASE4_4K: 703 case ERASE4_32K: 704 case ERASE4_SECTOR: 705 case FAST_READ4: 706 case DOR4: 707 case QOR4: 708 case DIOR4: 709 return 4; 710 default: 711 return s->four_bytes_address_mode ? 4 : 3; 712 } 713 } 714 715 static void complete_collecting_data(Flash *s) 716 { 717 int i, n; 718 719 n = get_addr_length(s); 720 s->cur_addr = (n == 3 ? s->ear : 0); 721 for (i = 0; i < n; ++i) { 722 s->cur_addr <<= 8; 723 s->cur_addr |= s->data[i]; 724 } 725 726 s->cur_addr &= s->size - 1; 727 728 s->state = STATE_IDLE; 729 730 trace_m25p80_complete_collecting(s, s->cmd_in_progress, n, s->ear, 731 s->cur_addr); 732 733 switch (s->cmd_in_progress) { 734 case DPP: 735 case QPP: 736 case QPP_4: 737 case PP: 738 case PP4: 739 case PP4_4: 740 s->state = STATE_PAGE_PROGRAM; 741 break; 742 case AAI_WP: 743 /* AAI programming starts from the even address */ 744 s->cur_addr &= ~BIT(0); 745 s->state = STATE_PAGE_PROGRAM; 746 break; 747 case READ: 748 case READ4: 749 case FAST_READ: 750 case FAST_READ4: 751 case DOR: 752 case DOR4: 753 case QOR: 754 case QOR4: 755 case DIOR: 756 case DIOR4: 757 case QIOR: 758 case QIOR4: 759 s->state = STATE_READ; 760 break; 761 case ERASE_4K: 762 case ERASE4_4K: 763 case ERASE_32K: 764 case ERASE4_32K: 765 case ERASE_SECTOR: 766 case ERASE4_SECTOR: 767 case DIE_ERASE: 768 flash_erase(s, s->cur_addr, s->cmd_in_progress); 769 break; 770 case WRSR: 771 s->status_register_write_disabled = extract32(s->data[0], 7, 1); 772 s->block_protect0 = extract32(s->data[0], 2, 1); 773 s->block_protect1 = extract32(s->data[0], 3, 1); 774 s->block_protect2 = extract32(s->data[0], 4, 1); 775 if (s->pi->flags & HAS_SR_TB) { 776 s->top_bottom_bit = extract32(s->data[0], 5, 1); 777 } 778 if (s->pi->flags & HAS_SR_BP3_BIT6) { 779 s->block_protect3 = extract32(s->data[0], 6, 1); 780 } 781 782 switch (get_man(s)) { 783 case MAN_SPANSION: 784 s->quad_enable = !!(s->data[1] & 0x02); 785 break; 786 case MAN_ISSI: 787 s->quad_enable = extract32(s->data[0], 6, 1); 788 break; 789 case MAN_MACRONIX: 790 s->quad_enable = extract32(s->data[0], 6, 1); 791 if (s->len > 1) { 792 s->volatile_cfg = s->data[1]; 793 s->four_bytes_address_mode = extract32(s->data[1], 5, 1); 794 } 795 break; 796 default: 797 break; 798 } 799 if (s->write_enable) { 800 s->write_enable = false; 801 } 802 break; 803 case BRWR: 804 case EXTEND_ADDR_WRITE: 805 s->ear = s->data[0]; 806 break; 807 case WNVCR: 808 s->nonvolatile_cfg = s->data[0] | (s->data[1] << 8); 809 break; 810 case WVCR: 811 s->volatile_cfg = s->data[0]; 812 break; 813 case WEVCR: 814 s->enh_volatile_cfg = s->data[0]; 815 break; 816 case RDID_90: 817 case RDID_AB: 818 if (get_man(s) == MAN_SST) { 819 if (s->cur_addr <= 1) { 820 if (s->cur_addr) { 821 s->data[0] = s->pi->id[2]; 822 s->data[1] = s->pi->id[0]; 823 } else { 824 s->data[0] = s->pi->id[0]; 825 s->data[1] = s->pi->id[2]; 826 } 827 s->pos = 0; 828 s->len = 2; 829 s->data_read_loop = true; 830 s->state = STATE_READING_DATA; 831 } else { 832 qemu_log_mask(LOG_GUEST_ERROR, 833 "M25P80: Invalid read id address\n"); 834 } 835 } else { 836 qemu_log_mask(LOG_GUEST_ERROR, 837 "M25P80: Read id (command 0x90/0xAB) is not supported" 838 " by device\n"); 839 } 840 break; 841 842 case RDSFDP: 843 s->state = STATE_READING_SFDP; 844 break; 845 846 default: 847 break; 848 } 849 } 850 851 static void reset_memory(Flash *s) 852 { 853 s->cmd_in_progress = NOP; 854 s->cur_addr = 0; 855 s->ear = 0; 856 s->four_bytes_address_mode = false; 857 s->len = 0; 858 s->needed_bytes = 0; 859 s->pos = 0; 860 s->state = STATE_IDLE; 861 s->write_enable = false; 862 s->reset_enable = false; 863 s->quad_enable = false; 864 s->aai_enable = false; 865 866 switch (get_man(s)) { 867 case MAN_NUMONYX: 868 s->volatile_cfg = 0; 869 s->volatile_cfg |= VCFG_DUMMY; 870 s->volatile_cfg |= VCFG_WRAP_SEQUENTIAL; 871 if ((s->nonvolatile_cfg & NVCFG_XIP_MODE_MASK) 872 == NVCFG_XIP_MODE_DISABLED) { 873 s->volatile_cfg |= VCFG_XIP_MODE_DISABLED; 874 } 875 s->volatile_cfg |= deposit32(s->volatile_cfg, 876 VCFG_DUMMY_CLK_POS, 877 CFG_DUMMY_CLK_LEN, 878 extract32(s->nonvolatile_cfg, 879 NVCFG_DUMMY_CLK_POS, 880 CFG_DUMMY_CLK_LEN) 881 ); 882 883 s->enh_volatile_cfg = 0; 884 s->enh_volatile_cfg |= EVCFG_OUT_DRIVER_STRENGTH_DEF; 885 s->enh_volatile_cfg |= EVCFG_VPP_ACCELERATOR; 886 s->enh_volatile_cfg |= EVCFG_RESET_HOLD_ENABLED; 887 if (s->nonvolatile_cfg & NVCFG_DUAL_IO_MASK) { 888 s->enh_volatile_cfg |= EVCFG_DUAL_IO_DISABLED; 889 } 890 if (s->nonvolatile_cfg & NVCFG_QUAD_IO_MASK) { 891 s->enh_volatile_cfg |= EVCFG_QUAD_IO_DISABLED; 892 } 893 if (!(s->nonvolatile_cfg & NVCFG_4BYTE_ADDR_MASK)) { 894 s->four_bytes_address_mode = true; 895 } 896 if (!(s->nonvolatile_cfg & NVCFG_LOWER_SEGMENT_MASK)) { 897 s->ear = s->size / MAX_3BYTES_SIZE - 1; 898 } 899 break; 900 case MAN_MACRONIX: 901 s->volatile_cfg = 0x7; 902 break; 903 case MAN_SPANSION: 904 s->spansion_cr1v = s->spansion_cr1nv; 905 s->spansion_cr2v = s->spansion_cr2nv; 906 s->spansion_cr3v = s->spansion_cr3nv; 907 s->spansion_cr4v = s->spansion_cr4nv; 908 s->quad_enable = extract32(s->spansion_cr1v, 909 SPANSION_QUAD_CFG_POS, 910 SPANSION_QUAD_CFG_LEN 911 ); 912 s->four_bytes_address_mode = extract32(s->spansion_cr2v, 913 SPANSION_ADDR_LEN_POS, 914 SPANSION_ADDR_LEN_LEN 915 ); 916 break; 917 default: 918 break; 919 } 920 921 trace_m25p80_reset_done(s); 922 } 923 924 static uint8_t numonyx_mode(Flash *s) 925 { 926 if (!(s->enh_volatile_cfg & EVCFG_QUAD_IO_DISABLED)) { 927 return MODE_QIO; 928 } else if (!(s->enh_volatile_cfg & EVCFG_DUAL_IO_DISABLED)) { 929 return MODE_DIO; 930 } else { 931 return MODE_STD; 932 } 933 } 934 935 static uint8_t numonyx_extract_cfg_num_dummies(Flash *s) 936 { 937 uint8_t num_dummies; 938 uint8_t mode; 939 assert(get_man(s) == MAN_NUMONYX); 940 941 mode = numonyx_mode(s); 942 num_dummies = extract32(s->volatile_cfg, 4, 4); 943 944 if (num_dummies == 0x0 || num_dummies == 0xf) { 945 switch (s->cmd_in_progress) { 946 case QIOR: 947 case QIOR4: 948 num_dummies = 10; 949 break; 950 default: 951 num_dummies = (mode == MODE_QIO) ? 10 : 8; 952 break; 953 } 954 } 955 956 return num_dummies; 957 } 958 959 static void decode_fast_read_cmd(Flash *s) 960 { 961 s->needed_bytes = get_addr_length(s); 962 switch (get_man(s)) { 963 /* Dummy cycles - modeled with bytes writes instead of bits */ 964 case MAN_SST: 965 s->needed_bytes += 1; 966 break; 967 case MAN_WINBOND: 968 s->needed_bytes += 8; 969 break; 970 case MAN_NUMONYX: 971 s->needed_bytes += numonyx_extract_cfg_num_dummies(s); 972 break; 973 case MAN_MACRONIX: 974 if (extract32(s->volatile_cfg, 6, 2) == 1) { 975 s->needed_bytes += 6; 976 } else { 977 s->needed_bytes += 8; 978 } 979 break; 980 case MAN_SPANSION: 981 s->needed_bytes += extract32(s->spansion_cr2v, 982 SPANSION_DUMMY_CLK_POS, 983 SPANSION_DUMMY_CLK_LEN 984 ); 985 break; 986 case MAN_ISSI: 987 /* 988 * The Fast Read instruction code is followed by address bytes and 989 * dummy cycles, transmitted via the SI line. 990 * 991 * The number of dummy cycles is configurable but this is currently 992 * unmodeled, hence the default value 8 is used. 993 * 994 * QPI (Quad Peripheral Interface) mode has different default value 995 * of dummy cycles, but this is unsupported at the time being. 996 */ 997 s->needed_bytes += 1; 998 break; 999 default: 1000 break; 1001 } 1002 s->pos = 0; 1003 s->len = 0; 1004 s->state = STATE_COLLECTING_DATA; 1005 } 1006 1007 static void decode_dio_read_cmd(Flash *s) 1008 { 1009 s->needed_bytes = get_addr_length(s); 1010 /* Dummy cycles modeled with bytes writes instead of bits */ 1011 switch (get_man(s)) { 1012 case MAN_WINBOND: 1013 s->needed_bytes += WINBOND_CONTINUOUS_READ_MODE_CMD_LEN; 1014 break; 1015 case MAN_SPANSION: 1016 s->needed_bytes += SPANSION_CONTINUOUS_READ_MODE_CMD_LEN; 1017 s->needed_bytes += extract32(s->spansion_cr2v, 1018 SPANSION_DUMMY_CLK_POS, 1019 SPANSION_DUMMY_CLK_LEN 1020 ); 1021 break; 1022 case MAN_NUMONYX: 1023 s->needed_bytes += numonyx_extract_cfg_num_dummies(s); 1024 break; 1025 case MAN_MACRONIX: 1026 switch (extract32(s->volatile_cfg, 6, 2)) { 1027 case 1: 1028 s->needed_bytes += 6; 1029 break; 1030 case 2: 1031 s->needed_bytes += 8; 1032 break; 1033 default: 1034 s->needed_bytes += 4; 1035 break; 1036 } 1037 break; 1038 case MAN_ISSI: 1039 /* 1040 * The Fast Read Dual I/O instruction code is followed by address bytes 1041 * and dummy cycles, transmitted via the IO1 and IO0 line. 1042 * 1043 * The number of dummy cycles is configurable but this is currently 1044 * unmodeled, hence the default value 4 is used. 1045 */ 1046 s->needed_bytes += 1; 1047 break; 1048 default: 1049 break; 1050 } 1051 s->pos = 0; 1052 s->len = 0; 1053 s->state = STATE_COLLECTING_DATA; 1054 } 1055 1056 static void decode_qio_read_cmd(Flash *s) 1057 { 1058 s->needed_bytes = get_addr_length(s); 1059 /* Dummy cycles modeled with bytes writes instead of bits */ 1060 switch (get_man(s)) { 1061 case MAN_WINBOND: 1062 s->needed_bytes += WINBOND_CONTINUOUS_READ_MODE_CMD_LEN; 1063 s->needed_bytes += 4; 1064 break; 1065 case MAN_SPANSION: 1066 s->needed_bytes += SPANSION_CONTINUOUS_READ_MODE_CMD_LEN; 1067 s->needed_bytes += extract32(s->spansion_cr2v, 1068 SPANSION_DUMMY_CLK_POS, 1069 SPANSION_DUMMY_CLK_LEN 1070 ); 1071 break; 1072 case MAN_NUMONYX: 1073 s->needed_bytes += numonyx_extract_cfg_num_dummies(s); 1074 break; 1075 case MAN_MACRONIX: 1076 switch (extract32(s->volatile_cfg, 6, 2)) { 1077 case 1: 1078 s->needed_bytes += 4; 1079 break; 1080 case 2: 1081 s->needed_bytes += 8; 1082 break; 1083 default: 1084 s->needed_bytes += 6; 1085 break; 1086 } 1087 break; 1088 case MAN_ISSI: 1089 /* 1090 * The Fast Read Quad I/O instruction code is followed by address bytes 1091 * and dummy cycles, transmitted via the IO3, IO2, IO1 and IO0 line. 1092 * 1093 * The number of dummy cycles is configurable but this is currently 1094 * unmodeled, hence the default value 6 is used. 1095 * 1096 * QPI (Quad Peripheral Interface) mode has different default value 1097 * of dummy cycles, but this is unsupported at the time being. 1098 */ 1099 s->needed_bytes += 3; 1100 break; 1101 default: 1102 break; 1103 } 1104 s->pos = 0; 1105 s->len = 0; 1106 s->state = STATE_COLLECTING_DATA; 1107 } 1108 1109 static bool is_valid_aai_cmd(uint32_t cmd) 1110 { 1111 return cmd == AAI_WP || cmd == WRDI || cmd == RDSR; 1112 } 1113 1114 static void decode_new_cmd(Flash *s, uint32_t value) 1115 { 1116 int i; 1117 1118 s->cmd_in_progress = value; 1119 trace_m25p80_command_decoded(s, value); 1120 1121 if (value != RESET_MEMORY) { 1122 s->reset_enable = false; 1123 } 1124 1125 if (get_man(s) == MAN_SST && s->aai_enable && !is_valid_aai_cmd(value)) { 1126 qemu_log_mask(LOG_GUEST_ERROR, 1127 "M25P80: Invalid cmd within AAI programming sequence"); 1128 } 1129 1130 switch (value) { 1131 1132 case ERASE_4K: 1133 case ERASE4_4K: 1134 case ERASE_32K: 1135 case ERASE4_32K: 1136 case ERASE_SECTOR: 1137 case ERASE4_SECTOR: 1138 case PP: 1139 case PP4: 1140 case DIE_ERASE: 1141 case RDID_90: 1142 case RDID_AB: 1143 s->needed_bytes = get_addr_length(s); 1144 s->pos = 0; 1145 s->len = 0; 1146 s->state = STATE_COLLECTING_DATA; 1147 break; 1148 case READ: 1149 case READ4: 1150 if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) == MODE_STD) { 1151 s->needed_bytes = get_addr_length(s); 1152 s->pos = 0; 1153 s->len = 0; 1154 s->state = STATE_COLLECTING_DATA; 1155 } else { 1156 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in " 1157 "DIO or QIO mode\n", s->cmd_in_progress); 1158 } 1159 break; 1160 case DPP: 1161 if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_QIO) { 1162 s->needed_bytes = get_addr_length(s); 1163 s->pos = 0; 1164 s->len = 0; 1165 s->state = STATE_COLLECTING_DATA; 1166 } else { 1167 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in " 1168 "QIO mode\n", s->cmd_in_progress); 1169 } 1170 break; 1171 case QPP: 1172 case QPP_4: 1173 case PP4_4: 1174 if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_DIO) { 1175 s->needed_bytes = get_addr_length(s); 1176 s->pos = 0; 1177 s->len = 0; 1178 s->state = STATE_COLLECTING_DATA; 1179 } else { 1180 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in " 1181 "DIO mode\n", s->cmd_in_progress); 1182 } 1183 break; 1184 1185 case FAST_READ: 1186 case FAST_READ4: 1187 decode_fast_read_cmd(s); 1188 break; 1189 case DOR: 1190 case DOR4: 1191 if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_QIO) { 1192 decode_fast_read_cmd(s); 1193 } else { 1194 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in " 1195 "QIO mode\n", s->cmd_in_progress); 1196 } 1197 break; 1198 case QOR: 1199 case QOR4: 1200 if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_DIO) { 1201 decode_fast_read_cmd(s); 1202 } else { 1203 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in " 1204 "DIO mode\n", s->cmd_in_progress); 1205 } 1206 break; 1207 1208 case DIOR: 1209 case DIOR4: 1210 if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_QIO) { 1211 decode_dio_read_cmd(s); 1212 } else { 1213 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in " 1214 "QIO mode\n", s->cmd_in_progress); 1215 } 1216 break; 1217 1218 case QIOR: 1219 case QIOR4: 1220 if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) != MODE_DIO) { 1221 decode_qio_read_cmd(s); 1222 } else { 1223 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute cmd %x in " 1224 "DIO mode\n", s->cmd_in_progress); 1225 } 1226 break; 1227 1228 case WRSR: 1229 /* 1230 * If WP# is low and status_register_write_disabled is high, 1231 * status register writes are disabled. 1232 * This is also called "hardware protected mode" (HPM). All other 1233 * combinations of the two states are called "software protected mode" 1234 * (SPM), and status register writes are permitted. 1235 */ 1236 if ((s->wp_level == 0 && s->status_register_write_disabled) 1237 || !s->write_enable) { 1238 qemu_log_mask(LOG_GUEST_ERROR, 1239 "M25P80: Status register write is disabled!\n"); 1240 break; 1241 } 1242 1243 switch (get_man(s)) { 1244 case MAN_SPANSION: 1245 s->needed_bytes = 2; 1246 s->state = STATE_COLLECTING_DATA; 1247 break; 1248 case MAN_MACRONIX: 1249 s->needed_bytes = 2; 1250 s->state = STATE_COLLECTING_VAR_LEN_DATA; 1251 break; 1252 default: 1253 s->needed_bytes = 1; 1254 s->state = STATE_COLLECTING_DATA; 1255 } 1256 s->pos = 0; 1257 break; 1258 1259 case WRDI: 1260 s->write_enable = false; 1261 if (get_man(s) == MAN_SST) { 1262 s->aai_enable = false; 1263 } 1264 break; 1265 case WREN: 1266 s->write_enable = true; 1267 break; 1268 1269 case RDSR: 1270 s->data[0] = (!!s->write_enable) << 1; 1271 s->data[0] |= (!!s->status_register_write_disabled) << 7; 1272 s->data[0] |= (!!s->block_protect0) << 2; 1273 s->data[0] |= (!!s->block_protect1) << 3; 1274 s->data[0] |= (!!s->block_protect2) << 4; 1275 if (s->pi->flags & HAS_SR_TB) { 1276 s->data[0] |= (!!s->top_bottom_bit) << 5; 1277 } 1278 if (s->pi->flags & HAS_SR_BP3_BIT6) { 1279 s->data[0] |= (!!s->block_protect3) << 6; 1280 } 1281 1282 if (get_man(s) == MAN_MACRONIX || get_man(s) == MAN_ISSI) { 1283 s->data[0] |= (!!s->quad_enable) << 6; 1284 } 1285 if (get_man(s) == MAN_SST) { 1286 s->data[0] |= (!!s->aai_enable) << 6; 1287 } 1288 1289 s->pos = 0; 1290 s->len = 1; 1291 s->data_read_loop = true; 1292 s->state = STATE_READING_DATA; 1293 break; 1294 1295 case READ_FSR: 1296 s->data[0] = FSR_FLASH_READY; 1297 if (s->four_bytes_address_mode) { 1298 s->data[0] |= FSR_4BYTE_ADDR_MODE_ENABLED; 1299 } 1300 s->pos = 0; 1301 s->len = 1; 1302 s->data_read_loop = true; 1303 s->state = STATE_READING_DATA; 1304 break; 1305 1306 case JEDEC_READ: 1307 if (get_man(s) != MAN_NUMONYX || numonyx_mode(s) == MODE_STD) { 1308 trace_m25p80_populated_jedec(s); 1309 for (i = 0; i < s->pi->id_len; i++) { 1310 s->data[i] = s->pi->id[i]; 1311 } 1312 for (; i < SPI_NOR_MAX_ID_LEN; i++) { 1313 s->data[i] = 0; 1314 } 1315 1316 s->len = SPI_NOR_MAX_ID_LEN; 1317 s->pos = 0; 1318 s->state = STATE_READING_DATA; 1319 } else { 1320 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Cannot execute JEDEC read " 1321 "in DIO or QIO mode\n"); 1322 } 1323 break; 1324 1325 case RDCR: 1326 s->data[0] = s->volatile_cfg & 0xFF; 1327 s->data[0] |= (!!s->four_bytes_address_mode) << 5; 1328 s->pos = 0; 1329 s->len = 1; 1330 s->state = STATE_READING_DATA; 1331 break; 1332 1333 case BULK_ERASE_60: 1334 case BULK_ERASE: 1335 if (s->write_enable) { 1336 trace_m25p80_chip_erase(s); 1337 flash_erase(s, 0, BULK_ERASE); 1338 } else { 1339 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: chip erase with write " 1340 "protect!\n"); 1341 } 1342 break; 1343 case NOP: 1344 break; 1345 case EN_4BYTE_ADDR: 1346 s->four_bytes_address_mode = true; 1347 break; 1348 case EX_4BYTE_ADDR: 1349 s->four_bytes_address_mode = false; 1350 break; 1351 case BRRD: 1352 case EXTEND_ADDR_READ: 1353 s->data[0] = s->ear; 1354 s->pos = 0; 1355 s->len = 1; 1356 s->state = STATE_READING_DATA; 1357 break; 1358 case BRWR: 1359 case EXTEND_ADDR_WRITE: 1360 if (s->write_enable) { 1361 s->needed_bytes = 1; 1362 s->pos = 0; 1363 s->len = 0; 1364 s->state = STATE_COLLECTING_DATA; 1365 } 1366 break; 1367 case RNVCR: 1368 s->data[0] = s->nonvolatile_cfg & 0xFF; 1369 s->data[1] = (s->nonvolatile_cfg >> 8) & 0xFF; 1370 s->pos = 0; 1371 s->len = 2; 1372 s->state = STATE_READING_DATA; 1373 break; 1374 case WNVCR: 1375 if (s->write_enable && get_man(s) == MAN_NUMONYX) { 1376 s->needed_bytes = 2; 1377 s->pos = 0; 1378 s->len = 0; 1379 s->state = STATE_COLLECTING_DATA; 1380 } 1381 break; 1382 case RVCR: 1383 s->data[0] = s->volatile_cfg & 0xFF; 1384 s->pos = 0; 1385 s->len = 1; 1386 s->state = STATE_READING_DATA; 1387 break; 1388 case WVCR: 1389 if (s->write_enable) { 1390 s->needed_bytes = 1; 1391 s->pos = 0; 1392 s->len = 0; 1393 s->state = STATE_COLLECTING_DATA; 1394 } 1395 break; 1396 case REVCR: 1397 s->data[0] = s->enh_volatile_cfg & 0xFF; 1398 s->pos = 0; 1399 s->len = 1; 1400 s->state = STATE_READING_DATA; 1401 break; 1402 case WEVCR: 1403 if (s->write_enable) { 1404 s->needed_bytes = 1; 1405 s->pos = 0; 1406 s->len = 0; 1407 s->state = STATE_COLLECTING_DATA; 1408 } 1409 break; 1410 case RESET_ENABLE: 1411 s->reset_enable = true; 1412 break; 1413 case RESET_MEMORY: 1414 if (s->reset_enable) { 1415 reset_memory(s); 1416 } 1417 break; 1418 case RDCR_EQIO: 1419 switch (get_man(s)) { 1420 case MAN_SPANSION: 1421 s->data[0] = (!!s->quad_enable) << 1; 1422 s->pos = 0; 1423 s->len = 1; 1424 s->state = STATE_READING_DATA; 1425 break; 1426 case MAN_MACRONIX: 1427 s->quad_enable = true; 1428 break; 1429 default: 1430 break; 1431 } 1432 break; 1433 case RSTQIO: 1434 s->quad_enable = false; 1435 break; 1436 case AAI_WP: 1437 if (get_man(s) == MAN_SST) { 1438 if (s->write_enable) { 1439 if (s->aai_enable) { 1440 s->state = STATE_PAGE_PROGRAM; 1441 } else { 1442 s->aai_enable = true; 1443 s->needed_bytes = get_addr_length(s); 1444 s->state = STATE_COLLECTING_DATA; 1445 } 1446 } else { 1447 qemu_log_mask(LOG_GUEST_ERROR, 1448 "M25P80: AAI_WP with write protect\n"); 1449 } 1450 } else { 1451 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Unknown cmd %x\n", value); 1452 } 1453 break; 1454 case RDSFDP: 1455 if (s->pi->sfdp_read) { 1456 s->needed_bytes = get_addr_length(s) + 1; /* SFDP addr + dummy */ 1457 s->pos = 0; 1458 s->len = 0; 1459 s->state = STATE_COLLECTING_DATA; 1460 break; 1461 } 1462 /* Fallthrough */ 1463 1464 default: 1465 s->pos = 0; 1466 s->len = 1; 1467 s->state = STATE_READING_DATA; 1468 s->data_read_loop = true; 1469 s->data[0] = 0; 1470 qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Unknown cmd %x\n", value); 1471 break; 1472 } 1473 } 1474 1475 static int m25p80_cs(SSIPeripheral *ss, bool select) 1476 { 1477 Flash *s = M25P80(ss); 1478 1479 if (select) { 1480 if (s->state == STATE_COLLECTING_VAR_LEN_DATA) { 1481 complete_collecting_data(s); 1482 } 1483 s->len = 0; 1484 s->pos = 0; 1485 s->state = STATE_IDLE; 1486 flash_sync_dirty(s, -1); 1487 s->data_read_loop = false; 1488 } 1489 1490 trace_m25p80_select(s, select ? "de" : ""); 1491 1492 return 0; 1493 } 1494 1495 static uint32_t m25p80_transfer8(SSIPeripheral *ss, uint32_t tx) 1496 { 1497 Flash *s = M25P80(ss); 1498 uint32_t r = 0; 1499 1500 trace_m25p80_transfer(s, s->state, s->len, s->needed_bytes, s->pos, 1501 s->cur_addr, (uint8_t)tx); 1502 1503 switch (s->state) { 1504 1505 case STATE_PAGE_PROGRAM: 1506 trace_m25p80_page_program(s, s->cur_addr, (uint8_t)tx); 1507 flash_write8(s, s->cur_addr, (uint8_t)tx); 1508 s->cur_addr = (s->cur_addr + 1) & (s->size - 1); 1509 1510 if (get_man(s) == MAN_SST && s->aai_enable && s->cur_addr == 0) { 1511 /* 1512 * There is no wrap mode during AAI programming once the highest 1513 * unprotected memory address is reached. The Write-Enable-Latch 1514 * bit is automatically reset, and AAI programming mode aborts. 1515 */ 1516 s->write_enable = false; 1517 s->aai_enable = false; 1518 } 1519 1520 break; 1521 1522 case STATE_READ: 1523 r = s->storage[s->cur_addr]; 1524 trace_m25p80_read_byte(s, s->cur_addr, (uint8_t)r); 1525 s->cur_addr = (s->cur_addr + 1) & (s->size - 1); 1526 break; 1527 1528 case STATE_COLLECTING_DATA: 1529 case STATE_COLLECTING_VAR_LEN_DATA: 1530 1531 if (s->len >= M25P80_INTERNAL_DATA_BUFFER_SZ) { 1532 qemu_log_mask(LOG_GUEST_ERROR, 1533 "M25P80: Write overrun internal data buffer. " 1534 "SPI controller (QEMU emulator or guest driver) " 1535 "is misbehaving\n"); 1536 s->len = s->pos = 0; 1537 s->state = STATE_IDLE; 1538 break; 1539 } 1540 1541 s->data[s->len] = (uint8_t)tx; 1542 s->len++; 1543 1544 if (s->len == s->needed_bytes) { 1545 complete_collecting_data(s); 1546 } 1547 break; 1548 1549 case STATE_READING_DATA: 1550 1551 if (s->pos >= M25P80_INTERNAL_DATA_BUFFER_SZ) { 1552 qemu_log_mask(LOG_GUEST_ERROR, 1553 "M25P80: Read overrun internal data buffer. " 1554 "SPI controller (QEMU emulator or guest driver) " 1555 "is misbehaving\n"); 1556 s->len = s->pos = 0; 1557 s->state = STATE_IDLE; 1558 break; 1559 } 1560 1561 r = s->data[s->pos]; 1562 trace_m25p80_read_data(s, s->pos, (uint8_t)r); 1563 s->pos++; 1564 if (s->pos == s->len) { 1565 s->pos = 0; 1566 if (!s->data_read_loop) { 1567 s->state = STATE_IDLE; 1568 } 1569 } 1570 break; 1571 case STATE_READING_SFDP: 1572 assert(s->pi->sfdp_read); 1573 r = s->pi->sfdp_read(s->cur_addr); 1574 trace_m25p80_read_sfdp(s, s->cur_addr, (uint8_t)r); 1575 s->cur_addr = (s->cur_addr + 1) & (M25P80_SFDP_MAX_SIZE - 1); 1576 break; 1577 1578 default: 1579 case STATE_IDLE: 1580 decode_new_cmd(s, (uint8_t)tx); 1581 break; 1582 } 1583 1584 return r; 1585 } 1586 1587 static void m25p80_write_protect_pin_irq_handler(void *opaque, int n, int level) 1588 { 1589 Flash *s = M25P80(opaque); 1590 /* WP# is just a single pin. */ 1591 assert(n == 0); 1592 s->wp_level = !!level; 1593 } 1594 1595 static void m25p80_realize(SSIPeripheral *ss, Error **errp) 1596 { 1597 Flash *s = M25P80(ss); 1598 M25P80Class *mc = M25P80_GET_CLASS(s); 1599 int ret; 1600 1601 s->pi = mc->pi; 1602 1603 s->size = s->pi->sector_size * s->pi->n_sectors; 1604 s->dirty_page = -1; 1605 1606 if (s->blk) { 1607 uint64_t perm = BLK_PERM_CONSISTENT_READ | 1608 (blk_supports_write_perm(s->blk) ? BLK_PERM_WRITE : 0); 1609 ret = blk_set_perm(s->blk, perm, BLK_PERM_ALL, errp); 1610 if (ret < 0) { 1611 return; 1612 } 1613 1614 trace_m25p80_binding(s); 1615 s->storage = blk_blockalign(s->blk, s->size); 1616 1617 if (blk_pread(s->blk, 0, s->size, s->storage, 0) < 0) { 1618 error_setg(errp, "failed to read the initial flash content"); 1619 return; 1620 } 1621 } else { 1622 trace_m25p80_binding_no_bdrv(s); 1623 s->storage = blk_blockalign(NULL, s->size); 1624 memset(s->storage, 0xFF, s->size); 1625 } 1626 1627 qdev_init_gpio_in_named(DEVICE(s), 1628 m25p80_write_protect_pin_irq_handler, "WP#", 1); 1629 } 1630 1631 static void m25p80_reset(DeviceState *d) 1632 { 1633 Flash *s = M25P80(d); 1634 1635 s->wp_level = true; 1636 s->status_register_write_disabled = false; 1637 s->block_protect0 = false; 1638 s->block_protect1 = false; 1639 s->block_protect2 = false; 1640 s->block_protect3 = false; 1641 s->top_bottom_bit = false; 1642 1643 reset_memory(s); 1644 } 1645 1646 static int m25p80_pre_save(void *opaque) 1647 { 1648 flash_sync_dirty((Flash *)opaque, -1); 1649 1650 return 0; 1651 } 1652 1653 static Property m25p80_properties[] = { 1654 /* This is default value for Micron flash */ 1655 DEFINE_PROP_BOOL("write-enable", Flash, write_enable, false), 1656 DEFINE_PROP_UINT32("nonvolatile-cfg", Flash, nonvolatile_cfg, 0x8FFF), 1657 DEFINE_PROP_UINT8("spansion-cr1nv", Flash, spansion_cr1nv, 0x0), 1658 DEFINE_PROP_UINT8("spansion-cr2nv", Flash, spansion_cr2nv, 0x8), 1659 DEFINE_PROP_UINT8("spansion-cr3nv", Flash, spansion_cr3nv, 0x2), 1660 DEFINE_PROP_UINT8("spansion-cr4nv", Flash, spansion_cr4nv, 0x10), 1661 DEFINE_PROP_DRIVE("drive", Flash, blk), 1662 DEFINE_PROP_END_OF_LIST(), 1663 }; 1664 1665 static int m25p80_pre_load(void *opaque) 1666 { 1667 Flash *s = (Flash *)opaque; 1668 1669 s->data_read_loop = false; 1670 return 0; 1671 } 1672 1673 static bool m25p80_data_read_loop_needed(void *opaque) 1674 { 1675 Flash *s = (Flash *)opaque; 1676 1677 return s->data_read_loop; 1678 } 1679 1680 static const VMStateDescription vmstate_m25p80_data_read_loop = { 1681 .name = "m25p80/data_read_loop", 1682 .version_id = 1, 1683 .minimum_version_id = 1, 1684 .needed = m25p80_data_read_loop_needed, 1685 .fields = (VMStateField[]) { 1686 VMSTATE_BOOL(data_read_loop, Flash), 1687 VMSTATE_END_OF_LIST() 1688 } 1689 }; 1690 1691 static bool m25p80_aai_enable_needed(void *opaque) 1692 { 1693 Flash *s = (Flash *)opaque; 1694 1695 return s->aai_enable; 1696 } 1697 1698 static const VMStateDescription vmstate_m25p80_aai_enable = { 1699 .name = "m25p80/aai_enable", 1700 .version_id = 1, 1701 .minimum_version_id = 1, 1702 .needed = m25p80_aai_enable_needed, 1703 .fields = (VMStateField[]) { 1704 VMSTATE_BOOL(aai_enable, Flash), 1705 VMSTATE_END_OF_LIST() 1706 } 1707 }; 1708 1709 static bool m25p80_wp_level_srwd_needed(void *opaque) 1710 { 1711 Flash *s = (Flash *)opaque; 1712 1713 return !s->wp_level || s->status_register_write_disabled; 1714 } 1715 1716 static const VMStateDescription vmstate_m25p80_write_protect = { 1717 .name = "m25p80/write_protect", 1718 .version_id = 1, 1719 .minimum_version_id = 1, 1720 .needed = m25p80_wp_level_srwd_needed, 1721 .fields = (VMStateField[]) { 1722 VMSTATE_BOOL(wp_level, Flash), 1723 VMSTATE_BOOL(status_register_write_disabled, Flash), 1724 VMSTATE_END_OF_LIST() 1725 } 1726 }; 1727 1728 static bool m25p80_block_protect_needed(void *opaque) 1729 { 1730 Flash *s = (Flash *)opaque; 1731 1732 return s->block_protect0 || 1733 s->block_protect1 || 1734 s->block_protect2 || 1735 s->block_protect3 || 1736 s->top_bottom_bit; 1737 } 1738 1739 static const VMStateDescription vmstate_m25p80_block_protect = { 1740 .name = "m25p80/block_protect", 1741 .version_id = 1, 1742 .minimum_version_id = 1, 1743 .needed = m25p80_block_protect_needed, 1744 .fields = (VMStateField[]) { 1745 VMSTATE_BOOL(block_protect0, Flash), 1746 VMSTATE_BOOL(block_protect1, Flash), 1747 VMSTATE_BOOL(block_protect2, Flash), 1748 VMSTATE_BOOL(block_protect3, Flash), 1749 VMSTATE_BOOL(top_bottom_bit, Flash), 1750 VMSTATE_END_OF_LIST() 1751 } 1752 }; 1753 1754 static const VMStateDescription vmstate_m25p80 = { 1755 .name = "m25p80", 1756 .version_id = 0, 1757 .minimum_version_id = 0, 1758 .pre_save = m25p80_pre_save, 1759 .pre_load = m25p80_pre_load, 1760 .fields = (VMStateField[]) { 1761 VMSTATE_UINT8(state, Flash), 1762 VMSTATE_UINT8_ARRAY(data, Flash, M25P80_INTERNAL_DATA_BUFFER_SZ), 1763 VMSTATE_UINT32(len, Flash), 1764 VMSTATE_UINT32(pos, Flash), 1765 VMSTATE_UINT8(needed_bytes, Flash), 1766 VMSTATE_UINT8(cmd_in_progress, Flash), 1767 VMSTATE_UINT32(cur_addr, Flash), 1768 VMSTATE_BOOL(write_enable, Flash), 1769 VMSTATE_BOOL(reset_enable, Flash), 1770 VMSTATE_UINT8(ear, Flash), 1771 VMSTATE_BOOL(four_bytes_address_mode, Flash), 1772 VMSTATE_UINT32(nonvolatile_cfg, Flash), 1773 VMSTATE_UINT32(volatile_cfg, Flash), 1774 VMSTATE_UINT32(enh_volatile_cfg, Flash), 1775 VMSTATE_BOOL(quad_enable, Flash), 1776 VMSTATE_UINT8(spansion_cr1nv, Flash), 1777 VMSTATE_UINT8(spansion_cr2nv, Flash), 1778 VMSTATE_UINT8(spansion_cr3nv, Flash), 1779 VMSTATE_UINT8(spansion_cr4nv, Flash), 1780 VMSTATE_END_OF_LIST() 1781 }, 1782 .subsections = (const VMStateDescription * []) { 1783 &vmstate_m25p80_data_read_loop, 1784 &vmstate_m25p80_aai_enable, 1785 &vmstate_m25p80_write_protect, 1786 &vmstate_m25p80_block_protect, 1787 NULL 1788 } 1789 }; 1790 1791 static void m25p80_class_init(ObjectClass *klass, void *data) 1792 { 1793 DeviceClass *dc = DEVICE_CLASS(klass); 1794 SSIPeripheralClass *k = SSI_PERIPHERAL_CLASS(klass); 1795 M25P80Class *mc = M25P80_CLASS(klass); 1796 1797 k->realize = m25p80_realize; 1798 k->transfer = m25p80_transfer8; 1799 k->set_cs = m25p80_cs; 1800 k->cs_polarity = SSI_CS_LOW; 1801 dc->vmsd = &vmstate_m25p80; 1802 device_class_set_props(dc, m25p80_properties); 1803 dc->reset = m25p80_reset; 1804 mc->pi = data; 1805 } 1806 1807 static const TypeInfo m25p80_info = { 1808 .name = TYPE_M25P80, 1809 .parent = TYPE_SSI_PERIPHERAL, 1810 .instance_size = sizeof(Flash), 1811 .class_size = sizeof(M25P80Class), 1812 .abstract = true, 1813 }; 1814 1815 static void m25p80_register_types(void) 1816 { 1817 int i; 1818 1819 type_register_static(&m25p80_info); 1820 for (i = 0; i < ARRAY_SIZE(known_devices); ++i) { 1821 TypeInfo ti = { 1822 .name = known_devices[i].part_name, 1823 .parent = TYPE_M25P80, 1824 .class_init = m25p80_class_init, 1825 .class_data = (void *)&known_devices[i], 1826 }; 1827 type_register(&ti); 1828 } 1829 } 1830 1831 type_init(m25p80_register_types)