1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32#include "hw/hw.h"
33#include "sysemu/block-backend.h"
34#include "hw/sd.h"
35#include "qemu/bitmap.h"
36
37
38
39#ifdef DEBUG_SD
40#define DPRINTF(fmt, ...) \
41do { fprintf(stderr, "SD: " fmt , ## __VA_ARGS__); } while (0)
42#else
43#define DPRINTF(fmt, ...) do {} while(0)
44#endif
45
46#define ACMD41_ENQUIRY_MASK 0x00ffffff
47
48typedef enum {
49 sd_r0 = 0,
50 sd_r1,
51 sd_r2_i,
52 sd_r2_s,
53 sd_r3,
54 sd_r6 = 6,
55 sd_r7,
56 sd_r1b = -1,
57 sd_illegal = -2,
58} sd_rsp_type_t;
59
60enum SDCardModes {
61 sd_inactive,
62 sd_card_identification_mode,
63 sd_data_transfer_mode,
64};
65
66enum SDCardStates {
67 sd_inactive_state = -1,
68 sd_idle_state = 0,
69 sd_ready_state,
70 sd_identification_state,
71 sd_standby_state,
72 sd_transfer_state,
73 sd_sendingdata_state,
74 sd_receivingdata_state,
75 sd_programming_state,
76 sd_disconnect_state,
77};
78
79struct SDState {
80 uint32_t mode;
81 int32_t state;
82 uint32_t ocr;
83 uint8_t scr[8];
84 uint8_t cid[16];
85 uint8_t csd[16];
86 uint16_t rca;
87 uint32_t card_status;
88 uint8_t sd_status[64];
89 uint32_t vhs;
90 bool wp_switch;
91 unsigned long *wp_groups;
92 int32_t wpgrps_size;
93 uint64_t size;
94 uint32_t blk_len;
95 uint32_t erase_start;
96 uint32_t erase_end;
97 uint8_t pwd[16];
98 uint32_t pwd_len;
99 uint8_t function_group[6];
100
101 bool spi;
102 uint8_t current_cmd;
103
104
105
106 bool expecting_acmd;
107 uint32_t blk_written;
108 uint64_t data_start;
109 uint32_t data_offset;
110 uint8_t data[512];
111 qemu_irq readonly_cb;
112 qemu_irq inserted_cb;
113 BlockBackend *blk;
114 uint8_t *buf;
115
116 bool enable;
117};
118
119static void sd_set_mode(SDState *sd)
120{
121 switch (sd->state) {
122 case sd_inactive_state:
123 sd->mode = sd_inactive;
124 break;
125
126 case sd_idle_state:
127 case sd_ready_state:
128 case sd_identification_state:
129 sd->mode = sd_card_identification_mode;
130 break;
131
132 case sd_standby_state:
133 case sd_transfer_state:
134 case sd_sendingdata_state:
135 case sd_receivingdata_state:
136 case sd_programming_state:
137 case sd_disconnect_state:
138 sd->mode = sd_data_transfer_mode;
139 break;
140 }
141}
142
143static const sd_cmd_type_t sd_cmd_type[64] = {
144 sd_bc, sd_none, sd_bcr, sd_bcr, sd_none, sd_none, sd_none, sd_ac,
145 sd_bcr, sd_ac, sd_ac, sd_adtc, sd_ac, sd_ac, sd_none, sd_ac,
146 sd_ac, sd_adtc, sd_adtc, sd_none, sd_none, sd_none, sd_none, sd_none,
147 sd_adtc, sd_adtc, sd_adtc, sd_adtc, sd_ac, sd_ac, sd_adtc, sd_none,
148 sd_ac, sd_ac, sd_none, sd_none, sd_none, sd_none, sd_ac, sd_none,
149 sd_none, sd_none, sd_bc, sd_none, sd_none, sd_none, sd_none, sd_none,
150 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_ac,
151 sd_adtc, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
152};
153
154static const int sd_cmd_class[64] = {
155 0, 0, 0, 0, 0, 9, 10, 0, 0, 0, 0, 1, 0, 0, 0, 0,
156 2, 2, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 6, 6, 6, 6,
157 5, 5, 10, 10, 10, 10, 5, 9, 9, 9, 7, 7, 7, 7, 7, 7,
158 7, 7, 10, 7, 9, 9, 9, 8, 8, 10, 8, 8, 8, 8, 8, 8,
159};
160
161static uint8_t sd_crc7(void *message, size_t width)
162{
163 int i, bit;
164 uint8_t shift_reg = 0x00;
165 uint8_t *msg = (uint8_t *) message;
166
167 for (i = 0; i < width; i ++, msg ++)
168 for (bit = 7; bit >= 0; bit --) {
169 shift_reg <<= 1;
170 if ((shift_reg >> 7) ^ ((*msg >> bit) & 1))
171 shift_reg ^= 0x89;
172 }
173
174 return shift_reg;
175}
176
177static uint16_t sd_crc16(void *message, size_t width)
178{
179 int i, bit;
180 uint16_t shift_reg = 0x0000;
181 uint16_t *msg = (uint16_t *) message;
182 width <<= 1;
183
184 for (i = 0; i < width; i ++, msg ++)
185 for (bit = 15; bit >= 0; bit --) {
186 shift_reg <<= 1;
187 if ((shift_reg >> 15) ^ ((*msg >> bit) & 1))
188 shift_reg ^= 0x1011;
189 }
190
191 return shift_reg;
192}
193
194static void sd_set_ocr(SDState *sd)
195{
196
197 sd->ocr = 0x80ffff00;
198}
199
200static void sd_set_scr(SDState *sd)
201{
202 sd->scr[0] = 0x00;
203 sd->scr[1] = 0x2f;
204 sd->scr[2] = 0x00;
205 sd->scr[3] = 0x00;
206 sd->scr[4] = 0x00;
207 sd->scr[5] = 0x00;
208 sd->scr[6] = 0x00;
209 sd->scr[7] = 0x00;
210}
211
212#define MID 0xaa
213#define OID "XY"
214#define PNM "QEMU!"
215#define PRV 0x01
216#define MDT_YR 2006
217#define MDT_MON 2
218
219static void sd_set_cid(SDState *sd)
220{
221 sd->cid[0] = MID;
222 sd->cid[1] = OID[0];
223 sd->cid[2] = OID[1];
224 sd->cid[3] = PNM[0];
225 sd->cid[4] = PNM[1];
226 sd->cid[5] = PNM[2];
227 sd->cid[6] = PNM[3];
228 sd->cid[7] = PNM[4];
229 sd->cid[8] = PRV;
230 sd->cid[9] = 0xde;
231 sd->cid[10] = 0xad;
232 sd->cid[11] = 0xbe;
233 sd->cid[12] = 0xef;
234 sd->cid[13] = 0x00 |
235 ((MDT_YR - 2000) / 10);
236 sd->cid[14] = ((MDT_YR % 10) << 4) | MDT_MON;
237 sd->cid[15] = (sd_crc7(sd->cid, 15) << 1) | 1;
238}
239
240#define HWBLOCK_SHIFT 9
241#define SECTOR_SHIFT 5
242#define WPGROUP_SHIFT 7
243#define CMULT_SHIFT 9
244#define WPGROUP_SIZE (1 << (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT))
245
246static const uint8_t sd_csd_rw_mask[16] = {
247 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
248 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfc, 0xfe,
249};
250
251static void sd_set_csd(SDState *sd, uint64_t size)
252{
253 uint32_t csize = (size >> (CMULT_SHIFT + HWBLOCK_SHIFT)) - 1;
254 uint32_t sectsize = (1 << (SECTOR_SHIFT + 1)) - 1;
255 uint32_t wpsize = (1 << (WPGROUP_SHIFT + 1)) - 1;
256
257 if (size <= 0x40000000) {
258 sd->csd[0] = 0x00;
259 sd->csd[1] = 0x26;
260 sd->csd[2] = 0x00;
261 sd->csd[3] = 0x5a;
262 sd->csd[4] = 0x5f;
263 sd->csd[5] = 0x50 |
264 HWBLOCK_SHIFT;
265 sd->csd[6] = 0xe0 |
266 ((csize >> 10) & 0x03);
267 sd->csd[7] = 0x00 |
268 ((csize >> 2) & 0xff);
269 sd->csd[8] = 0x3f |
270 ((csize << 6) & 0xc0);
271 sd->csd[9] = 0xfc |
272 ((CMULT_SHIFT - 2) >> 1);
273 sd->csd[10] = 0x40 |
274 (((CMULT_SHIFT - 2) << 7) & 0x80) | (sectsize >> 1);
275 sd->csd[11] = 0x00 |
276 ((sectsize << 7) & 0x80) | wpsize;
277 sd->csd[12] = 0x90 |
278 (HWBLOCK_SHIFT >> 2);
279 sd->csd[13] = 0x20 |
280 ((HWBLOCK_SHIFT << 6) & 0xc0);
281 sd->csd[14] = 0x00;
282 sd->csd[15] = (sd_crc7(sd->csd, 15) << 1) | 1;
283 } else {
284 size /= 512 * 1024;
285 size -= 1;
286 sd->csd[0] = 0x40;
287 sd->csd[1] = 0x0e;
288 sd->csd[2] = 0x00;
289 sd->csd[3] = 0x32;
290 sd->csd[4] = 0x5b;
291 sd->csd[5] = 0x59;
292 sd->csd[6] = 0x00;
293 sd->csd[7] = (size >> 16) & 0xff;
294 sd->csd[8] = (size >> 8) & 0xff;
295 sd->csd[9] = (size & 0xff);
296 sd->csd[10] = 0x7f;
297 sd->csd[11] = 0x80;
298 sd->csd[12] = 0x0a;
299 sd->csd[13] = 0x40;
300 sd->csd[14] = 0x00;
301 sd->csd[15] = 0x00;
302 sd->ocr |= 1 << 30;
303 }
304}
305
306static void sd_set_rca(SDState *sd)
307{
308 sd->rca += 0x4567;
309}
310
311
312
313
314
315
316#define CARD_STATUS_A 0x02004100
317#define CARD_STATUS_B 0x00c01e00
318#define CARD_STATUS_C 0xfd39a028
319
320static void sd_set_cardstatus(SDState *sd)
321{
322 sd->card_status = 0x00000100;
323}
324
325static void sd_set_sdstatus(SDState *sd)
326{
327 memset(sd->sd_status, 0, 64);
328}
329
330static int sd_req_crc_validate(SDRequest *req)
331{
332 uint8_t buffer[5];
333 buffer[0] = 0x40 | req->cmd;
334 buffer[1] = (req->arg >> 24) & 0xff;
335 buffer[2] = (req->arg >> 16) & 0xff;
336 buffer[3] = (req->arg >> 8) & 0xff;
337 buffer[4] = (req->arg >> 0) & 0xff;
338 return 0;
339 return sd_crc7(buffer, 5) != req->crc;
340}
341
342static void sd_response_r1_make(SDState *sd, uint8_t *response)
343{
344 uint32_t status = sd->card_status;
345
346 sd->card_status &= ~CARD_STATUS_C;
347
348 response[0] = (status >> 24) & 0xff;
349 response[1] = (status >> 16) & 0xff;
350 response[2] = (status >> 8) & 0xff;
351 response[3] = (status >> 0) & 0xff;
352}
353
354static void sd_response_r3_make(SDState *sd, uint8_t *response)
355{
356 response[0] = (sd->ocr >> 24) & 0xff;
357 response[1] = (sd->ocr >> 16) & 0xff;
358 response[2] = (sd->ocr >> 8) & 0xff;
359 response[3] = (sd->ocr >> 0) & 0xff;
360}
361
362static void sd_response_r6_make(SDState *sd, uint8_t *response)
363{
364 uint16_t arg;
365 uint16_t status;
366
367 arg = sd->rca;
368 status = ((sd->card_status >> 8) & 0xc000) |
369 ((sd->card_status >> 6) & 0x2000) |
370 (sd->card_status & 0x1fff);
371 sd->card_status &= ~(CARD_STATUS_C & 0xc81fff);
372
373 response[0] = (arg >> 8) & 0xff;
374 response[1] = arg & 0xff;
375 response[2] = (status >> 8) & 0xff;
376 response[3] = status & 0xff;
377}
378
379static void sd_response_r7_make(SDState *sd, uint8_t *response)
380{
381 response[0] = (sd->vhs >> 24) & 0xff;
382 response[1] = (sd->vhs >> 16) & 0xff;
383 response[2] = (sd->vhs >> 8) & 0xff;
384 response[3] = (sd->vhs >> 0) & 0xff;
385}
386
387static inline uint64_t sd_addr_to_wpnum(uint64_t addr)
388{
389 return addr >> (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT);
390}
391
392static void sd_reset(SDState *sd, BlockBackend *blk)
393{
394 uint64_t size;
395 uint64_t sect;
396
397 if (blk) {
398 blk_get_geometry(blk, §);
399 } else {
400 sect = 0;
401 }
402 size = sect << 9;
403
404 sect = sd_addr_to_wpnum(size) + 1;
405
406 sd->state = sd_idle_state;
407 sd->rca = 0x0000;
408 sd_set_ocr(sd);
409 sd_set_scr(sd);
410 sd_set_cid(sd);
411 sd_set_csd(sd, size);
412 sd_set_cardstatus(sd);
413 sd_set_sdstatus(sd);
414
415 sd->blk = blk;
416
417 if (sd->wp_groups)
418 g_free(sd->wp_groups);
419 sd->wp_switch = blk ? blk_is_read_only(blk) : false;
420 sd->wpgrps_size = sect;
421 sd->wp_groups = bitmap_new(sd->wpgrps_size);
422 memset(sd->function_group, 0, sizeof(sd->function_group));
423 sd->erase_start = 0;
424 sd->erase_end = 0;
425 sd->size = size;
426 sd->blk_len = 0x200;
427 sd->pwd_len = 0;
428 sd->expecting_acmd = false;
429}
430
431static void sd_cardchange(void *opaque, bool load)
432{
433 SDState *sd = opaque;
434
435 qemu_set_irq(sd->inserted_cb, blk_is_inserted(sd->blk));
436 if (blk_is_inserted(sd->blk)) {
437 sd_reset(sd, sd->blk);
438 qemu_set_irq(sd->readonly_cb, sd->wp_switch);
439 }
440}
441
442static const BlockDevOps sd_block_ops = {
443 .change_media_cb = sd_cardchange,
444};
445
446static const VMStateDescription sd_vmstate = {
447 .name = "sd-card",
448 .version_id = 1,
449 .minimum_version_id = 1,
450 .fields = (VMStateField[]) {
451 VMSTATE_UINT32(mode, SDState),
452 VMSTATE_INT32(state, SDState),
453 VMSTATE_UINT8_ARRAY(cid, SDState, 16),
454 VMSTATE_UINT8_ARRAY(csd, SDState, 16),
455 VMSTATE_UINT16(rca, SDState),
456 VMSTATE_UINT32(card_status, SDState),
457 VMSTATE_PARTIAL_BUFFER(sd_status, SDState, 1),
458 VMSTATE_UINT32(vhs, SDState),
459 VMSTATE_BITMAP(wp_groups, SDState, 0, wpgrps_size),
460 VMSTATE_UINT32(blk_len, SDState),
461 VMSTATE_UINT32(erase_start, SDState),
462 VMSTATE_UINT32(erase_end, SDState),
463 VMSTATE_UINT8_ARRAY(pwd, SDState, 16),
464 VMSTATE_UINT32(pwd_len, SDState),
465 VMSTATE_UINT8_ARRAY(function_group, SDState, 6),
466 VMSTATE_UINT8(current_cmd, SDState),
467 VMSTATE_BOOL(expecting_acmd, SDState),
468 VMSTATE_UINT32(blk_written, SDState),
469 VMSTATE_UINT64(data_start, SDState),
470 VMSTATE_UINT32(data_offset, SDState),
471 VMSTATE_UINT8_ARRAY(data, SDState, 512),
472 VMSTATE_BUFFER_POINTER_UNSAFE(buf, SDState, 1, 512),
473 VMSTATE_BOOL(enable, SDState),
474 VMSTATE_END_OF_LIST()
475 }
476};
477
478
479
480
481
482SDState *sd_init(BlockBackend *blk, bool is_spi)
483{
484 SDState *sd;
485
486 if (blk && blk_is_read_only(blk)) {
487 fprintf(stderr, "sd_init: Cannot use read-only drive\n");
488 return NULL;
489 }
490
491 sd = (SDState *) g_malloc0(sizeof(SDState));
492 sd->buf = blk_blockalign(blk, 512);
493 sd->spi = is_spi;
494 sd->enable = true;
495 sd_reset(sd, blk);
496 if (sd->blk) {
497 blk_attach_dev_nofail(sd->blk, sd);
498 blk_set_dev_ops(sd->blk, &sd_block_ops, sd);
499 }
500 vmstate_register(NULL, -1, &sd_vmstate, sd);
501 return sd;
502}
503
504void sd_set_cb(SDState *sd, qemu_irq readonly, qemu_irq insert)
505{
506 sd->readonly_cb = readonly;
507 sd->inserted_cb = insert;
508 qemu_set_irq(readonly, sd->blk ? blk_is_read_only(sd->blk) : 0);
509 qemu_set_irq(insert, sd->blk ? blk_is_inserted(sd->blk) : 0);
510}
511
512static void sd_erase(SDState *sd)
513{
514 int i;
515 uint64_t erase_start = sd->erase_start;
516 uint64_t erase_end = sd->erase_end;
517
518 if (!sd->erase_start || !sd->erase_end) {
519 sd->card_status |= ERASE_SEQ_ERROR;
520 return;
521 }
522
523 if (extract32(sd->ocr, OCR_CCS_BITN, 1)) {
524
525 erase_start *= 512;
526 erase_end *= 512;
527 }
528
529 erase_start = sd_addr_to_wpnum(erase_start);
530 erase_end = sd_addr_to_wpnum(erase_end);
531 sd->erase_start = 0;
532 sd->erase_end = 0;
533 sd->csd[14] |= 0x40;
534
535 for (i = erase_start; i <= erase_end; i++) {
536 if (test_bit(i, sd->wp_groups)) {
537 sd->card_status |= WP_ERASE_SKIP;
538 }
539 }
540}
541
542static uint32_t sd_wpbits(SDState *sd, uint64_t addr)
543{
544 uint32_t i, wpnum;
545 uint32_t ret = 0;
546
547 wpnum = sd_addr_to_wpnum(addr);
548
549 for (i = 0; i < 32; i++, wpnum++, addr += WPGROUP_SIZE) {
550 if (addr < sd->size && test_bit(wpnum, sd->wp_groups)) {
551 ret |= (1 << i);
552 }
553 }
554
555 return ret;
556}
557
558static void sd_function_switch(SDState *sd, uint32_t arg)
559{
560 int i, mode, new_func, crc;
561 mode = !!(arg & 0x80000000);
562
563 sd->data[0] = 0x00;
564 sd->data[1] = 0x01;
565 sd->data[2] = 0x80;
566 sd->data[3] = 0x01;
567 sd->data[4] = 0x80;
568 sd->data[5] = 0x01;
569 sd->data[6] = 0x80;
570 sd->data[7] = 0x01;
571 sd->data[8] = 0x80;
572 sd->data[9] = 0x01;
573 sd->data[10] = 0x80;
574 sd->data[11] = 0x43;
575 sd->data[12] = 0x80;
576 sd->data[13] = 0x03;
577 for (i = 0; i < 6; i ++) {
578 new_func = (arg >> (i * 4)) & 0x0f;
579 if (mode && new_func != 0x0f)
580 sd->function_group[i] = new_func;
581 sd->data[14 + (i >> 1)] = new_func << ((i * 4) & 4);
582 }
583 memset(&sd->data[17], 0, 47);
584 crc = sd_crc16(sd->data, 64);
585 sd->data[65] = crc >> 8;
586 sd->data[66] = crc & 0xff;
587}
588
589static inline bool sd_wp_addr(SDState *sd, uint64_t addr)
590{
591 return test_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
592}
593
594static void sd_lock_command(SDState *sd)
595{
596 int erase, lock, clr_pwd, set_pwd, pwd_len;
597 erase = !!(sd->data[0] & 0x08);
598 lock = sd->data[0] & 0x04;
599 clr_pwd = sd->data[0] & 0x02;
600 set_pwd = sd->data[0] & 0x01;
601
602 if (sd->blk_len > 1)
603 pwd_len = sd->data[1];
604 else
605 pwd_len = 0;
606
607 if (erase) {
608 if (!(sd->card_status & CARD_IS_LOCKED) || sd->blk_len > 1 ||
609 set_pwd || clr_pwd || lock || sd->wp_switch ||
610 (sd->csd[14] & 0x20)) {
611 sd->card_status |= LOCK_UNLOCK_FAILED;
612 return;
613 }
614 bitmap_zero(sd->wp_groups, sd->wpgrps_size);
615 sd->csd[14] &= ~0x10;
616 sd->card_status &= ~CARD_IS_LOCKED;
617 sd->pwd_len = 0;
618
619 fprintf(stderr, "SD: Card force-erased by CMD42\n");
620 return;
621 }
622
623 if (sd->blk_len < 2 + pwd_len ||
624 pwd_len <= sd->pwd_len ||
625 pwd_len > sd->pwd_len + 16) {
626 sd->card_status |= LOCK_UNLOCK_FAILED;
627 return;
628 }
629
630 if (sd->pwd_len && memcmp(sd->pwd, sd->data + 2, sd->pwd_len)) {
631 sd->card_status |= LOCK_UNLOCK_FAILED;
632 return;
633 }
634
635 pwd_len -= sd->pwd_len;
636 if ((pwd_len && !set_pwd) ||
637 (clr_pwd && (set_pwd || lock)) ||
638 (lock && !sd->pwd_len && !set_pwd) ||
639 (!set_pwd && !clr_pwd &&
640 (((sd->card_status & CARD_IS_LOCKED) && lock) ||
641 (!(sd->card_status & CARD_IS_LOCKED) && !lock)))) {
642 sd->card_status |= LOCK_UNLOCK_FAILED;
643 return;
644 }
645
646 if (set_pwd) {
647 memcpy(sd->pwd, sd->data + 2 + sd->pwd_len, pwd_len);
648 sd->pwd_len = pwd_len;
649 }
650
651 if (clr_pwd) {
652 sd->pwd_len = 0;
653 }
654
655 if (lock)
656 sd->card_status |= CARD_IS_LOCKED;
657 else
658 sd->card_status &= ~CARD_IS_LOCKED;
659}
660
661static sd_rsp_type_t sd_normal_command(SDState *sd,
662 SDRequest req)
663{
664 uint32_t rca = 0x0000;
665 uint64_t addr = (sd->ocr & (1 << 30)) ? (uint64_t) req.arg << 9 : req.arg;
666
667
668 sd->card_status &= ~APP_CMD;
669
670 if (sd_cmd_type[req.cmd] == sd_ac || sd_cmd_type[req.cmd] == sd_adtc)
671 rca = req.arg >> 16;
672
673 DPRINTF("CMD%d 0x%08x state %d\n", req.cmd, req.arg, sd->state);
674 switch (req.cmd) {
675
676 case 0:
677 switch (sd->state) {
678 case sd_inactive_state:
679 return sd->spi ? sd_r1 : sd_r0;
680
681 default:
682 sd->state = sd_idle_state;
683 sd_reset(sd, sd->blk);
684 return sd->spi ? sd_r1 : sd_r0;
685 }
686 break;
687
688 case 1:
689 if (!sd->spi)
690 goto bad_cmd;
691
692 sd->state = sd_transfer_state;
693 return sd_r1;
694
695 case 2:
696 if (sd->spi)
697 goto bad_cmd;
698 switch (sd->state) {
699 case sd_ready_state:
700 sd->state = sd_identification_state;
701 return sd_r2_i;
702
703 default:
704 break;
705 }
706 break;
707
708 case 3:
709 if (sd->spi)
710 goto bad_cmd;
711 switch (sd->state) {
712 case sd_identification_state:
713 case sd_standby_state:
714 sd->state = sd_standby_state;
715 sd_set_rca(sd);
716 return sd_r6;
717
718 default:
719 break;
720 }
721 break;
722
723 case 4:
724 if (sd->spi)
725 goto bad_cmd;
726 switch (sd->state) {
727 case sd_standby_state:
728 break;
729
730 default:
731 break;
732 }
733 break;
734
735 case 5:
736 return sd_illegal;
737
738 case 6:
739 if (sd->spi)
740 goto bad_cmd;
741 switch (sd->mode) {
742 case sd_data_transfer_mode:
743 sd_function_switch(sd, req.arg);
744 sd->state = sd_sendingdata_state;
745 sd->data_start = 0;
746 sd->data_offset = 0;
747 return sd_r1;
748
749 default:
750 break;
751 }
752 break;
753
754 case 7:
755 if (sd->spi)
756 goto bad_cmd;
757 switch (sd->state) {
758 case sd_standby_state:
759 if (sd->rca != rca)
760 return sd_r0;
761
762 sd->state = sd_transfer_state;
763 return sd_r1b;
764
765 case sd_transfer_state:
766 case sd_sendingdata_state:
767 if (sd->rca == rca)
768 break;
769
770 sd->state = sd_standby_state;
771 return sd_r1b;
772
773 case sd_disconnect_state:
774 if (sd->rca != rca)
775 return sd_r0;
776
777 sd->state = sd_programming_state;
778 return sd_r1b;
779
780 case sd_programming_state:
781 if (sd->rca == rca)
782 break;
783
784 sd->state = sd_disconnect_state;
785 return sd_r1b;
786
787 default:
788 break;
789 }
790 break;
791
792 case 8:
793
794 switch (sd->state) {
795 case sd_idle_state:
796 sd->vhs = 0;
797
798
799 if (!(req.arg >> 8) || (req.arg >> ffs(req.arg & ~0xff)))
800 return sd->spi ? sd_r7 : sd_r0;
801
802
803 sd->vhs = req.arg;
804 return sd_r7;
805
806 default:
807 break;
808 }
809 break;
810
811 case 9:
812 switch (sd->state) {
813 case sd_standby_state:
814 if (sd->rca != rca)
815 return sd_r0;
816
817 return sd_r2_s;
818
819 case sd_transfer_state:
820 if (!sd->spi)
821 break;
822 sd->state = sd_sendingdata_state;
823 memcpy(sd->data, sd->csd, 16);
824 sd->data_start = addr;
825 sd->data_offset = 0;
826 return sd_r1;
827
828 default:
829 break;
830 }
831 break;
832
833 case 10:
834 switch (sd->state) {
835 case sd_standby_state:
836 if (sd->rca != rca)
837 return sd_r0;
838
839 return sd_r2_i;
840
841 case sd_transfer_state:
842 if (!sd->spi)
843 break;
844 sd->state = sd_sendingdata_state;
845 memcpy(sd->data, sd->cid, 16);
846 sd->data_start = addr;
847 sd->data_offset = 0;
848 return sd_r1;
849
850 default:
851 break;
852 }
853 break;
854
855 case 11:
856 if (sd->spi)
857 goto bad_cmd;
858 switch (sd->state) {
859 case sd_transfer_state:
860 sd->state = sd_sendingdata_state;
861 sd->data_start = req.arg;
862 sd->data_offset = 0;
863
864 if (sd->data_start + sd->blk_len > sd->size)
865 sd->card_status |= ADDRESS_ERROR;
866 return sd_r0;
867
868 default:
869 break;
870 }
871 break;
872
873 case 12:
874 switch (sd->state) {
875 case sd_sendingdata_state:
876 sd->state = sd_transfer_state;
877 return sd_r1b;
878
879 case sd_receivingdata_state:
880 sd->state = sd_programming_state;
881
882 sd->state = sd_transfer_state;
883 return sd_r1b;
884
885 default:
886 break;
887 }
888 break;
889
890 case 13:
891 switch (sd->mode) {
892 case sd_data_transfer_mode:
893 if (sd->rca != rca)
894 return sd_r0;
895
896 return sd_r1;
897
898 default:
899 break;
900 }
901 break;
902
903 case 15:
904 if (sd->spi)
905 goto bad_cmd;
906 switch (sd->mode) {
907 case sd_data_transfer_mode:
908 if (sd->rca != rca)
909 return sd_r0;
910
911 sd->state = sd_inactive_state;
912 return sd_r0;
913
914 default:
915 break;
916 }
917 break;
918
919
920 case 16:
921 switch (sd->state) {
922 case sd_transfer_state:
923 if (req.arg > (1 << HWBLOCK_SHIFT))
924 sd->card_status |= BLOCK_LEN_ERROR;
925 else
926 sd->blk_len = req.arg;
927
928 return sd_r1;
929
930 default:
931 break;
932 }
933 break;
934
935 case 17:
936 switch (sd->state) {
937 case sd_transfer_state:
938 sd->state = sd_sendingdata_state;
939 sd->data_start = addr;
940 sd->data_offset = 0;
941
942 if (sd->data_start + sd->blk_len > sd->size)
943 sd->card_status |= ADDRESS_ERROR;
944 return sd_r1;
945
946 default:
947 break;
948 }
949 break;
950
951 case 18:
952 switch (sd->state) {
953 case sd_transfer_state:
954 sd->state = sd_sendingdata_state;
955 sd->data_start = addr;
956 sd->data_offset = 0;
957
958 if (sd->data_start + sd->blk_len > sd->size)
959 sd->card_status |= ADDRESS_ERROR;
960 return sd_r1;
961
962 default:
963 break;
964 }
965 break;
966
967
968 case 24:
969 if (sd->spi)
970 goto unimplemented_cmd;
971 switch (sd->state) {
972 case sd_transfer_state:
973
974 if (sd->spi)
975 break;
976 sd->state = sd_receivingdata_state;
977 sd->data_start = addr;
978 sd->data_offset = 0;
979 sd->blk_written = 0;
980
981 if (sd->data_start + sd->blk_len > sd->size)
982 sd->card_status |= ADDRESS_ERROR;
983 if (sd_wp_addr(sd, sd->data_start))
984 sd->card_status |= WP_VIOLATION;
985 if (sd->csd[14] & 0x30)
986 sd->card_status |= WP_VIOLATION;
987 return sd_r1;
988
989 default:
990 break;
991 }
992 break;
993
994 case 25:
995 if (sd->spi)
996 goto unimplemented_cmd;
997 switch (sd->state) {
998 case sd_transfer_state:
999
1000 if (sd->spi)
1001 break;
1002 sd->state = sd_receivingdata_state;
1003 sd->data_start = addr;
1004 sd->data_offset = 0;
1005 sd->blk_written = 0;
1006
1007 if (sd->data_start + sd->blk_len > sd->size)
1008 sd->card_status |= ADDRESS_ERROR;
1009 if (sd_wp_addr(sd, sd->data_start))
1010 sd->card_status |= WP_VIOLATION;
1011 if (sd->csd[14] & 0x30)
1012 sd->card_status |= WP_VIOLATION;
1013 return sd_r1;
1014
1015 default:
1016 break;
1017 }
1018 break;
1019
1020 case 26:
1021 if (sd->spi)
1022 goto bad_cmd;
1023 switch (sd->state) {
1024 case sd_transfer_state:
1025 sd->state = sd_receivingdata_state;
1026 sd->data_start = 0;
1027 sd->data_offset = 0;
1028 return sd_r1;
1029
1030 default:
1031 break;
1032 }
1033 break;
1034
1035 case 27:
1036 if (sd->spi)
1037 goto unimplemented_cmd;
1038 switch (sd->state) {
1039 case sd_transfer_state:
1040 sd->state = sd_receivingdata_state;
1041 sd->data_start = 0;
1042 sd->data_offset = 0;
1043 return sd_r1;
1044
1045 default:
1046 break;
1047 }
1048 break;
1049
1050
1051 case 28:
1052 switch (sd->state) {
1053 case sd_transfer_state:
1054 if (addr >= sd->size) {
1055 sd->card_status |= ADDRESS_ERROR;
1056 return sd_r1b;
1057 }
1058
1059 sd->state = sd_programming_state;
1060 set_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
1061
1062 sd->state = sd_transfer_state;
1063 return sd_r1b;
1064
1065 default:
1066 break;
1067 }
1068 break;
1069
1070 case 29:
1071 switch (sd->state) {
1072 case sd_transfer_state:
1073 if (addr >= sd->size) {
1074 sd->card_status |= ADDRESS_ERROR;
1075 return sd_r1b;
1076 }
1077
1078 sd->state = sd_programming_state;
1079 clear_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
1080
1081 sd->state = sd_transfer_state;
1082 return sd_r1b;
1083
1084 default:
1085 break;
1086 }
1087 break;
1088
1089 case 30:
1090 switch (sd->state) {
1091 case sd_transfer_state:
1092 sd->state = sd_sendingdata_state;
1093 *(uint32_t *) sd->data = sd_wpbits(sd, req.arg);
1094 sd->data_start = addr;
1095 sd->data_offset = 0;
1096 return sd_r1b;
1097
1098 default:
1099 break;
1100 }
1101 break;
1102
1103
1104 case 32:
1105 switch (sd->state) {
1106 case sd_transfer_state:
1107 sd->erase_start = req.arg;
1108 return sd_r1;
1109
1110 default:
1111 break;
1112 }
1113 break;
1114
1115 case 33:
1116 switch (sd->state) {
1117 case sd_transfer_state:
1118 sd->erase_end = req.arg;
1119 return sd_r1;
1120
1121 default:
1122 break;
1123 }
1124 break;
1125
1126 case 38:
1127 switch (sd->state) {
1128 case sd_transfer_state:
1129 if (sd->csd[14] & 0x30) {
1130 sd->card_status |= WP_VIOLATION;
1131 return sd_r1b;
1132 }
1133
1134 sd->state = sd_programming_state;
1135 sd_erase(sd);
1136
1137 sd->state = sd_transfer_state;
1138 return sd_r1b;
1139
1140 default:
1141 break;
1142 }
1143 break;
1144
1145
1146 case 42:
1147 if (sd->spi)
1148 goto unimplemented_cmd;
1149 switch (sd->state) {
1150 case sd_transfer_state:
1151 sd->state = sd_receivingdata_state;
1152 sd->data_start = 0;
1153 sd->data_offset = 0;
1154 return sd_r1;
1155
1156 default:
1157 break;
1158 }
1159 break;
1160
1161 case 52:
1162 case 53:
1163
1164
1165
1166
1167
1168
1169 return sd_illegal;
1170
1171
1172 case 55:
1173 if (sd->rca != rca)
1174 return sd_r0;
1175
1176 sd->expecting_acmd = true;
1177 sd->card_status |= APP_CMD;
1178 return sd_r1;
1179
1180 case 56:
1181 fprintf(stderr, "SD: GEN_CMD 0x%08x\n", req.arg);
1182
1183 switch (sd->state) {
1184 case sd_transfer_state:
1185 sd->data_offset = 0;
1186 if (req.arg & 1)
1187 sd->state = sd_sendingdata_state;
1188 else
1189 sd->state = sd_receivingdata_state;
1190 return sd_r1;
1191
1192 default:
1193 break;
1194 }
1195 break;
1196
1197 default:
1198 bad_cmd:
1199 fprintf(stderr, "SD: Unknown CMD%i\n", req.cmd);
1200 return sd_illegal;
1201
1202 unimplemented_cmd:
1203
1204 fprintf(stderr, "SD: CMD%i not implemented in SPI mode\n", req.cmd);
1205 return sd_illegal;
1206 }
1207
1208 fprintf(stderr, "SD: CMD%i in a wrong state\n", req.cmd);
1209 return sd_illegal;
1210}
1211
1212static sd_rsp_type_t sd_app_command(SDState *sd,
1213 SDRequest req)
1214{
1215 DPRINTF("ACMD%d 0x%08x\n", req.cmd, req.arg);
1216 sd->card_status |= APP_CMD;
1217 switch (req.cmd) {
1218 case 6:
1219 switch (sd->state) {
1220 case sd_transfer_state:
1221 sd->sd_status[0] &= 0x3f;
1222 sd->sd_status[0] |= (req.arg & 0x03) << 6;
1223 return sd_r1;
1224
1225 default:
1226 break;
1227 }
1228 break;
1229
1230 case 13:
1231 switch (sd->state) {
1232 case sd_transfer_state:
1233 sd->state = sd_sendingdata_state;
1234 sd->data_start = 0;
1235 sd->data_offset = 0;
1236 return sd_r1;
1237
1238 default:
1239 break;
1240 }
1241 break;
1242
1243 case 22:
1244 switch (sd->state) {
1245 case sd_transfer_state:
1246 *(uint32_t *) sd->data = sd->blk_written;
1247
1248 sd->state = sd_sendingdata_state;
1249 sd->data_start = 0;
1250 sd->data_offset = 0;
1251 return sd_r1;
1252
1253 default:
1254 break;
1255 }
1256 break;
1257
1258 case 23:
1259 switch (sd->state) {
1260 case sd_transfer_state:
1261 return sd_r1;
1262
1263 default:
1264 break;
1265 }
1266 break;
1267
1268 case 41:
1269 if (sd->spi) {
1270
1271 sd->state = sd_transfer_state;
1272 return sd_r1;
1273 }
1274 switch (sd->state) {
1275 case sd_idle_state:
1276
1277
1278
1279
1280
1281 if (req.arg & ACMD41_ENQUIRY_MASK) {
1282 sd->state = sd_ready_state;
1283 }
1284
1285 return sd_r3;
1286
1287 default:
1288 break;
1289 }
1290 break;
1291
1292 case 42:
1293 switch (sd->state) {
1294 case sd_transfer_state:
1295
1296 return sd_r1;
1297
1298 default:
1299 break;
1300 }
1301 break;
1302
1303 case 51:
1304 switch (sd->state) {
1305 case sd_transfer_state:
1306 sd->state = sd_sendingdata_state;
1307 sd->data_start = 0;
1308 sd->data_offset = 0;
1309 return sd_r1;
1310
1311 default:
1312 break;
1313 }
1314 break;
1315
1316 default:
1317
1318 return sd_normal_command(sd, req);
1319 }
1320
1321 fprintf(stderr, "SD: ACMD%i in a wrong state\n", req.cmd);
1322 return sd_illegal;
1323}
1324
1325static int cmd_valid_while_locked(SDState *sd, SDRequest *req)
1326{
1327
1328
1329
1330
1331
1332
1333
1334
1335 if (sd->expecting_acmd) {
1336 return req->cmd == 41 || req->cmd == 42;
1337 }
1338 if (req->cmd == 16 || req->cmd == 55) {
1339 return 1;
1340 }
1341 return sd_cmd_class[req->cmd] == 0 || sd_cmd_class[req->cmd] == 7;
1342}
1343
1344int sd_do_command(SDState *sd, SDRequest *req,
1345 uint8_t *response) {
1346 int last_state;
1347 sd_rsp_type_t rtype;
1348 int rsplen;
1349
1350 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable) {
1351 return 0;
1352 }
1353
1354 if (sd_req_crc_validate(req)) {
1355 sd->card_status |= COM_CRC_ERROR;
1356 rtype = sd_illegal;
1357 goto send_response;
1358 }
1359
1360 if (sd->card_status & CARD_IS_LOCKED) {
1361 if (!cmd_valid_while_locked(sd, req)) {
1362 sd->card_status |= ILLEGAL_COMMAND;
1363 sd->expecting_acmd = false;
1364 fprintf(stderr, "SD: Card is locked\n");
1365 rtype = sd_illegal;
1366 goto send_response;
1367 }
1368 }
1369
1370 last_state = sd->state;
1371 sd_set_mode(sd);
1372
1373 if (sd->expecting_acmd) {
1374 sd->expecting_acmd = false;
1375 rtype = sd_app_command(sd, *req);
1376 } else {
1377 rtype = sd_normal_command(sd, *req);
1378 }
1379
1380 if (rtype == sd_illegal) {
1381 sd->card_status |= ILLEGAL_COMMAND;
1382 } else {
1383
1384
1385
1386 sd->current_cmd = req->cmd;
1387 sd->card_status &= ~CURRENT_STATE;
1388 sd->card_status |= (last_state << 9);
1389 }
1390
1391send_response:
1392 switch (rtype) {
1393 case sd_r1:
1394 case sd_r1b:
1395 sd_response_r1_make(sd, response);
1396 rsplen = 4;
1397 break;
1398
1399 case sd_r2_i:
1400 memcpy(response, sd->cid, sizeof(sd->cid));
1401 rsplen = 16;
1402 break;
1403
1404 case sd_r2_s:
1405 memcpy(response, sd->csd, sizeof(sd->csd));
1406 rsplen = 16;
1407 break;
1408
1409 case sd_r3:
1410 sd_response_r3_make(sd, response);
1411 rsplen = 4;
1412 break;
1413
1414 case sd_r6:
1415 sd_response_r6_make(sd, response);
1416 rsplen = 4;
1417 break;
1418
1419 case sd_r7:
1420 sd_response_r7_make(sd, response);
1421 rsplen = 4;
1422 break;
1423
1424 case sd_r0:
1425 case sd_illegal:
1426 default:
1427 rsplen = 0;
1428 break;
1429 }
1430
1431 if (rtype != sd_illegal) {
1432
1433
1434
1435 sd->card_status &= ~CARD_STATUS_B;
1436 }
1437
1438#ifdef DEBUG_SD
1439 if (rsplen) {
1440 int i;
1441 DPRINTF("Response:");
1442 for (i = 0; i < rsplen; i++)
1443 fprintf(stderr, " %02x", response[i]);
1444 fprintf(stderr, " state %d\n", sd->state);
1445 } else {
1446 DPRINTF("No response %d\n", sd->state);
1447 }
1448#endif
1449
1450 return rsplen;
1451}
1452
1453static void sd_blk_read(SDState *sd, uint64_t addr, uint32_t len)
1454{
1455 uint64_t end = addr + len;
1456
1457 DPRINTF("sd_blk_read: addr = 0x%08llx, len = %d\n",
1458 (unsigned long long) addr, len);
1459 if (!sd->blk || blk_read(sd->blk, addr >> 9, sd->buf, 1) < 0) {
1460 fprintf(stderr, "sd_blk_read: read error on host side\n");
1461 return;
1462 }
1463
1464 if (end > (addr & ~511) + 512) {
1465 memcpy(sd->data, sd->buf + (addr & 511), 512 - (addr & 511));
1466
1467 if (blk_read(sd->blk, end >> 9, sd->buf, 1) < 0) {
1468 fprintf(stderr, "sd_blk_read: read error on host side\n");
1469 return;
1470 }
1471 memcpy(sd->data + 512 - (addr & 511), sd->buf, end & 511);
1472 } else
1473 memcpy(sd->data, sd->buf + (addr & 511), len);
1474}
1475
1476static void sd_blk_write(SDState *sd, uint64_t addr, uint32_t len)
1477{
1478 uint64_t end = addr + len;
1479
1480 if ((addr & 511) || len < 512)
1481 if (!sd->blk || blk_read(sd->blk, addr >> 9, sd->buf, 1) < 0) {
1482 fprintf(stderr, "sd_blk_write: read error on host side\n");
1483 return;
1484 }
1485
1486 if (end > (addr & ~511) + 512) {
1487 memcpy(sd->buf + (addr & 511), sd->data, 512 - (addr & 511));
1488 if (blk_write(sd->blk, addr >> 9, sd->buf, 1) < 0) {
1489 fprintf(stderr, "sd_blk_write: write error on host side\n");
1490 return;
1491 }
1492
1493 if (blk_read(sd->blk, end >> 9, sd->buf, 1) < 0) {
1494 fprintf(stderr, "sd_blk_write: read error on host side\n");
1495 return;
1496 }
1497 memcpy(sd->buf, sd->data + 512 - (addr & 511), end & 511);
1498 if (blk_write(sd->blk, end >> 9, sd->buf, 1) < 0) {
1499 fprintf(stderr, "sd_blk_write: write error on host side\n");
1500 }
1501 } else {
1502 memcpy(sd->buf + (addr & 511), sd->data, len);
1503 if (!sd->blk || blk_write(sd->blk, addr >> 9, sd->buf, 1) < 0) {
1504 fprintf(stderr, "sd_blk_write: write error on host side\n");
1505 }
1506 }
1507}
1508
1509#define BLK_READ_BLOCK(a, len) sd_blk_read(sd, a, len)
1510#define BLK_WRITE_BLOCK(a, len) sd_blk_write(sd, a, len)
1511#define APP_READ_BLOCK(a, len) memset(sd->data, 0xec, len)
1512#define APP_WRITE_BLOCK(a, len)
1513
1514void sd_write_data(SDState *sd, uint8_t value)
1515{
1516 int i;
1517
1518 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable)
1519 return;
1520
1521 if (sd->state != sd_receivingdata_state) {
1522 fprintf(stderr, "sd_write_data: not in Receiving-Data state\n");
1523 return;
1524 }
1525
1526 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION))
1527 return;
1528
1529 switch (sd->current_cmd) {
1530 case 24:
1531 sd->data[sd->data_offset ++] = value;
1532 if (sd->data_offset >= sd->blk_len) {
1533
1534 sd->state = sd_programming_state;
1535 BLK_WRITE_BLOCK(sd->data_start, sd->data_offset);
1536 sd->blk_written ++;
1537 sd->csd[14] |= 0x40;
1538
1539 sd->state = sd_transfer_state;
1540 }
1541 break;
1542
1543 case 25:
1544 if (sd->data_offset == 0) {
1545
1546 if (sd->data_start + sd->blk_len > sd->size) {
1547 sd->card_status |= ADDRESS_ERROR;
1548 break;
1549 }
1550 if (sd_wp_addr(sd, sd->data_start)) {
1551 sd->card_status |= WP_VIOLATION;
1552 break;
1553 }
1554 }
1555 sd->data[sd->data_offset++] = value;
1556 if (sd->data_offset >= sd->blk_len) {
1557
1558 sd->state = sd_programming_state;
1559 BLK_WRITE_BLOCK(sd->data_start, sd->data_offset);
1560 sd->blk_written++;
1561 sd->data_start += sd->blk_len;
1562 sd->data_offset = 0;
1563 sd->csd[14] |= 0x40;
1564
1565
1566 sd->state = sd_receivingdata_state;
1567 }
1568 break;
1569
1570 case 26:
1571 sd->data[sd->data_offset ++] = value;
1572 if (sd->data_offset >= sizeof(sd->cid)) {
1573
1574 sd->state = sd_programming_state;
1575 for (i = 0; i < sizeof(sd->cid); i ++)
1576 if ((sd->cid[i] | 0x00) != sd->data[i])
1577 sd->card_status |= CID_CSD_OVERWRITE;
1578
1579 if (!(sd->card_status & CID_CSD_OVERWRITE))
1580 for (i = 0; i < sizeof(sd->cid); i ++) {
1581 sd->cid[i] |= 0x00;
1582 sd->cid[i] &= sd->data[i];
1583 }
1584
1585 sd->state = sd_transfer_state;
1586 }
1587 break;
1588
1589 case 27:
1590 sd->data[sd->data_offset ++] = value;
1591 if (sd->data_offset >= sizeof(sd->csd)) {
1592
1593 sd->state = sd_programming_state;
1594 for (i = 0; i < sizeof(sd->csd); i ++)
1595 if ((sd->csd[i] | sd_csd_rw_mask[i]) !=
1596 (sd->data[i] | sd_csd_rw_mask[i]))
1597 sd->card_status |= CID_CSD_OVERWRITE;
1598
1599
1600 if (sd->csd[14] & ~sd->data[14] & 0x60)
1601 sd->card_status |= CID_CSD_OVERWRITE;
1602
1603 if (!(sd->card_status & CID_CSD_OVERWRITE))
1604 for (i = 0; i < sizeof(sd->csd); i ++) {
1605 sd->csd[i] |= sd_csd_rw_mask[i];
1606 sd->csd[i] &= sd->data[i];
1607 }
1608
1609 sd->state = sd_transfer_state;
1610 }
1611 break;
1612
1613 case 42:
1614 sd->data[sd->data_offset ++] = value;
1615 if (sd->data_offset >= sd->blk_len) {
1616
1617 sd->state = sd_programming_state;
1618 sd_lock_command(sd);
1619
1620 sd->state = sd_transfer_state;
1621 }
1622 break;
1623
1624 case 56:
1625 sd->data[sd->data_offset ++] = value;
1626 if (sd->data_offset >= sd->blk_len) {
1627 APP_WRITE_BLOCK(sd->data_start, sd->data_offset);
1628 sd->state = sd_transfer_state;
1629 }
1630 break;
1631
1632 default:
1633 fprintf(stderr, "sd_write_data: unknown command\n");
1634 break;
1635 }
1636}
1637
1638uint8_t sd_read_data(SDState *sd)
1639{
1640
1641 uint8_t ret;
1642 int io_len;
1643
1644 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable)
1645 return 0x00;
1646
1647 if (sd->state != sd_sendingdata_state) {
1648 fprintf(stderr, "sd_read_data: not in Sending-Data state\n");
1649 return 0x00;
1650 }
1651
1652 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION))
1653 return 0x00;
1654
1655 io_len = (sd->ocr & (1 << 30)) ? 512 : sd->blk_len;
1656
1657 switch (sd->current_cmd) {
1658 case 6:
1659 ret = sd->data[sd->data_offset ++];
1660
1661 if (sd->data_offset >= 64)
1662 sd->state = sd_transfer_state;
1663 break;
1664
1665 case 9:
1666 case 10:
1667 ret = sd->data[sd->data_offset ++];
1668
1669 if (sd->data_offset >= 16)
1670 sd->state = sd_transfer_state;
1671 break;
1672
1673 case 11:
1674 if (sd->data_offset == 0)
1675 BLK_READ_BLOCK(sd->data_start, io_len);
1676 ret = sd->data[sd->data_offset ++];
1677
1678 if (sd->data_offset >= io_len) {
1679 sd->data_start += io_len;
1680 sd->data_offset = 0;
1681 if (sd->data_start + io_len > sd->size) {
1682 sd->card_status |= ADDRESS_ERROR;
1683 break;
1684 }
1685 }
1686 break;
1687
1688 case 13:
1689 ret = sd->sd_status[sd->data_offset ++];
1690
1691 if (sd->data_offset >= sizeof(sd->sd_status))
1692 sd->state = sd_transfer_state;
1693 break;
1694
1695 case 17:
1696 if (sd->data_offset == 0)
1697 BLK_READ_BLOCK(sd->data_start, io_len);
1698 ret = sd->data[sd->data_offset ++];
1699
1700 if (sd->data_offset >= io_len)
1701 sd->state = sd_transfer_state;
1702 break;
1703
1704 case 18:
1705 if (sd->data_offset == 0)
1706 BLK_READ_BLOCK(sd->data_start, io_len);
1707 ret = sd->data[sd->data_offset ++];
1708
1709 if (sd->data_offset >= io_len) {
1710 sd->data_start += io_len;
1711 sd->data_offset = 0;
1712 if (sd->data_start + io_len > sd->size) {
1713 sd->card_status |= ADDRESS_ERROR;
1714 break;
1715 }
1716 }
1717 break;
1718
1719 case 22:
1720 ret = sd->data[sd->data_offset ++];
1721
1722 if (sd->data_offset >= 4)
1723 sd->state = sd_transfer_state;
1724 break;
1725
1726 case 30:
1727 ret = sd->data[sd->data_offset ++];
1728
1729 if (sd->data_offset >= 4)
1730 sd->state = sd_transfer_state;
1731 break;
1732
1733 case 51:
1734 ret = sd->scr[sd->data_offset ++];
1735
1736 if (sd->data_offset >= sizeof(sd->scr))
1737 sd->state = sd_transfer_state;
1738 break;
1739
1740 case 56:
1741 if (sd->data_offset == 0)
1742 APP_READ_BLOCK(sd->data_start, sd->blk_len);
1743 ret = sd->data[sd->data_offset ++];
1744
1745 if (sd->data_offset >= sd->blk_len)
1746 sd->state = sd_transfer_state;
1747 break;
1748
1749 default:
1750 fprintf(stderr, "sd_read_data: unknown command\n");
1751 return 0x00;
1752 }
1753
1754 return ret;
1755}
1756
1757bool sd_data_ready(SDState *sd)
1758{
1759 return sd->state == sd_sendingdata_state;
1760}
1761
1762void sd_enable(SDState *sd, bool enable)
1763{
1764 sd->enable = enable;
1765}
1766
