1
2
3
4
5
6
7
8
9
10
11
12
13#include "qemu/osdep.h"
14#include "sysemu/block-backend.h"
15#include "sysemu/blockdev.h"
16#include "hw/ssi/ssi.h"
17#include "hw/sd/sd.h"
18
19
20
21#ifdef DEBUG_SSI_SD
22#define DPRINTF(fmt, ...) \
23do { printf("ssi_sd: " fmt , ## __VA_ARGS__); } while (0)
24#define BADF(fmt, ...) \
25do { fprintf(stderr, "ssi_sd: error: " fmt , ## __VA_ARGS__); exit(1);} while (0)
26#else
27#define DPRINTF(fmt, ...) do {} while(0)
28#define BADF(fmt, ...) \
29do { fprintf(stderr, "ssi_sd: error: " fmt , ## __VA_ARGS__);} while (0)
30#endif
31
32typedef enum {
33 SSI_SD_CMD,
34 SSI_SD_CMDARG,
35 SSI_SD_RESPONSE,
36 SSI_SD_DATA_START,
37 SSI_SD_DATA_READ,
38} ssi_sd_mode;
39
40typedef struct {
41 SSISlave ssidev;
42 ssi_sd_mode mode;
43 int cmd;
44 uint8_t cmdarg[4];
45 uint8_t response[5];
46 int arglen;
47 int response_pos;
48 int stopping;
49 SDState *sd;
50} ssi_sd_state;
51
52
53#define SSI_SDR_LOCKED 0x0001
54#define SSI_SDR_WP_ERASE 0x0002
55#define SSI_SDR_ERROR 0x0004
56#define SSI_SDR_CC_ERROR 0x0008
57#define SSI_SDR_ECC_FAILED 0x0010
58#define SSI_SDR_WP_VIOLATION 0x0020
59#define SSI_SDR_ERASE_PARAM 0x0040
60#define SSI_SDR_OUT_OF_RANGE 0x0080
61#define SSI_SDR_IDLE 0x0100
62#define SSI_SDR_ERASE_RESET 0x0200
63#define SSI_SDR_ILLEGAL_COMMAND 0x0400
64#define SSI_SDR_COM_CRC_ERROR 0x0800
65#define SSI_SDR_ERASE_SEQ_ERROR 0x1000
66#define SSI_SDR_ADDRESS_ERROR 0x2000
67#define SSI_SDR_PARAMETER_ERROR 0x4000
68
69static uint32_t ssi_sd_transfer(SSISlave *dev, uint32_t val)
70{
71 ssi_sd_state *s = FROM_SSI_SLAVE(ssi_sd_state, dev);
72
73
74 if (s->mode == SSI_SD_DATA_READ && val == 0x4d) {
75 s->mode = SSI_SD_CMD;
76
77 s->stopping = 1;
78 }
79
80 switch (s->mode) {
81 case SSI_SD_CMD:
82 if (val == 0xff) {
83 DPRINTF("NULL command\n");
84 return 0xff;
85 }
86 s->cmd = val & 0x3f;
87 s->mode = SSI_SD_CMDARG;
88 s->arglen = 0;
89 return 0xff;
90 case SSI_SD_CMDARG:
91 if (s->arglen == 4) {
92 SDRequest request;
93 uint8_t longresp[16];
94
95 request.cmd = s->cmd;
96 request.arg = (s->cmdarg[0] << 24) | (s->cmdarg[1] << 16)
97 | (s->cmdarg[2] << 8) | s->cmdarg[3];
98 DPRINTF("CMD%d arg 0x%08x\n", s->cmd, request.arg);
99 s->arglen = sd_do_command(s->sd, &request, longresp);
100 if (s->arglen <= 0) {
101 s->arglen = 1;
102 s->response[0] = 4;
103 DPRINTF("SD command failed\n");
104 } else if (s->cmd == 58) {
105
106 DPRINTF("Returned OCR\n");
107 s->arglen = 5;
108 s->response[0] = 1;
109 memcpy(&s->response[1], longresp, 4);
110 } else if (s->arglen != 4) {
111 BADF("Unexpected response to cmd %d\n", s->cmd);
112
113 s->arglen = 1;
114 s->response[0] = 4;
115 } else {
116
117 uint32_t cardstatus;
118 uint16_t status;
119
120
121 s->arglen = (s->cmd == 13) ? 2 : 1;
122 cardstatus = (longresp[0] << 24) | (longresp[1] << 16)
123 | (longresp[2] << 8) | longresp[3];
124 status = 0;
125 if (((cardstatus >> 9) & 0xf) < 4)
126 status |= SSI_SDR_IDLE;
127 if (cardstatus & ERASE_RESET)
128 status |= SSI_SDR_ERASE_RESET;
129 if (cardstatus & ILLEGAL_COMMAND)
130 status |= SSI_SDR_ILLEGAL_COMMAND;
131 if (cardstatus & COM_CRC_ERROR)
132 status |= SSI_SDR_COM_CRC_ERROR;
133 if (cardstatus & ERASE_SEQ_ERROR)
134 status |= SSI_SDR_ERASE_SEQ_ERROR;
135 if (cardstatus & ADDRESS_ERROR)
136 status |= SSI_SDR_ADDRESS_ERROR;
137 if (cardstatus & CARD_IS_LOCKED)
138 status |= SSI_SDR_LOCKED;
139 if (cardstatus & (LOCK_UNLOCK_FAILED | WP_ERASE_SKIP))
140 status |= SSI_SDR_WP_ERASE;
141 if (cardstatus & SD_ERROR)
142 status |= SSI_SDR_ERROR;
143 if (cardstatus & CC_ERROR)
144 status |= SSI_SDR_CC_ERROR;
145 if (cardstatus & CARD_ECC_FAILED)
146 status |= SSI_SDR_ECC_FAILED;
147 if (cardstatus & WP_VIOLATION)
148 status |= SSI_SDR_WP_VIOLATION;
149 if (cardstatus & ERASE_PARAM)
150 status |= SSI_SDR_ERASE_PARAM;
151 if (cardstatus & (OUT_OF_RANGE | CID_CSD_OVERWRITE))
152 status |= SSI_SDR_OUT_OF_RANGE;
153
154
155 if (status & 0xff)
156 status |= SSI_SDR_PARAMETER_ERROR;
157 s->response[0] = status >> 8;
158 s->response[1] = status;
159 DPRINTF("Card status 0x%02x\n", status);
160 }
161 s->mode = SSI_SD_RESPONSE;
162 s->response_pos = 0;
163 } else {
164 s->cmdarg[s->arglen++] = val;
165 }
166 return 0xff;
167 case SSI_SD_RESPONSE:
168 if (s->stopping) {
169 s->stopping = 0;
170 return 0xff;
171 }
172 if (s->response_pos < s->arglen) {
173 DPRINTF("Response 0x%02x\n", s->response[s->response_pos]);
174 return s->response[s->response_pos++];
175 }
176 if (sd_data_ready(s->sd)) {
177 DPRINTF("Data read\n");
178 s->mode = SSI_SD_DATA_START;
179 } else {
180 DPRINTF("End of command\n");
181 s->mode = SSI_SD_CMD;
182 }
183 return 0xff;
184 case SSI_SD_DATA_START:
185 DPRINTF("Start read block\n");
186 s->mode = SSI_SD_DATA_READ;
187 return 0xfe;
188 case SSI_SD_DATA_READ:
189 val = sd_read_data(s->sd);
190 if (!sd_data_ready(s->sd)) {
191 DPRINTF("Data read end\n");
192 s->mode = SSI_SD_CMD;
193 }
194 return val;
195 }
196
197 return 0xff;
198}
199
200static void ssi_sd_save(QEMUFile *f, void *opaque)
201{
202 SSISlave *ss = SSI_SLAVE(opaque);
203 ssi_sd_state *s = (ssi_sd_state *)opaque;
204 int i;
205
206 qemu_put_be32(f, s->mode);
207 qemu_put_be32(f, s->cmd);
208 for (i = 0; i < 4; i++)
209 qemu_put_be32(f, s->cmdarg[i]);
210 for (i = 0; i < 5; i++)
211 qemu_put_be32(f, s->response[i]);
212 qemu_put_be32(f, s->arglen);
213 qemu_put_be32(f, s->response_pos);
214 qemu_put_be32(f, s->stopping);
215
216 qemu_put_be32(f, ss->cs);
217}
218
219static int ssi_sd_load(QEMUFile *f, void *opaque, int version_id)
220{
221 SSISlave *ss = SSI_SLAVE(opaque);
222 ssi_sd_state *s = (ssi_sd_state *)opaque;
223 int i;
224
225 if (version_id != 1)
226 return -EINVAL;
227
228 s->mode = qemu_get_be32(f);
229 s->cmd = qemu_get_be32(f);
230 for (i = 0; i < 4; i++)
231 s->cmdarg[i] = qemu_get_be32(f);
232 for (i = 0; i < 5; i++)
233 s->response[i] = qemu_get_be32(f);
234 s->arglen = qemu_get_be32(f);
235 if (s->mode == SSI_SD_CMDARG &&
236 (s->arglen < 0 || s->arglen >= ARRAY_SIZE(s->cmdarg))) {
237 return -EINVAL;
238 }
239 s->response_pos = qemu_get_be32(f);
240 s->stopping = qemu_get_be32(f);
241 if (s->mode == SSI_SD_RESPONSE &&
242 (s->response_pos < 0 || s->response_pos >= ARRAY_SIZE(s->response) ||
243 (!s->stopping && s->arglen > ARRAY_SIZE(s->response)))) {
244 return -EINVAL;
245 }
246
247 ss->cs = qemu_get_be32(f);
248
249 return 0;
250}
251
252static int ssi_sd_init(SSISlave *d)
253{
254 DeviceState *dev = DEVICE(d);
255 ssi_sd_state *s = FROM_SSI_SLAVE(ssi_sd_state, d);
256 DriveInfo *dinfo;
257
258 s->mode = SSI_SD_CMD;
259
260 dinfo = drive_get_next(IF_SD);
261 s->sd = sd_init(dinfo ? blk_by_legacy_dinfo(dinfo) : NULL, true);
262 if (s->sd == NULL) {
263 return -1;
264 }
265 register_savevm(dev, "ssi_sd", -1, 1, ssi_sd_save, ssi_sd_load, s);
266 return 0;
267}
268
269static void ssi_sd_class_init(ObjectClass *klass, void *data)
270{
271 SSISlaveClass *k = SSI_SLAVE_CLASS(klass);
272
273 k->init = ssi_sd_init;
274 k->transfer = ssi_sd_transfer;
275 k->cs_polarity = SSI_CS_LOW;
276}
277
278static const TypeInfo ssi_sd_info = {
279 .name = "ssi-sd",
280 .parent = TYPE_SSI_SLAVE,
281 .instance_size = sizeof(ssi_sd_state),
282 .class_init = ssi_sd_class_init,
283};
284
285static void ssi_sd_register_types(void)
286{
287 type_register_static(&ssi_sd_info);
288}
289
290type_init(ssi_sd_register_types)
291
