Gitiles
Code Review Sign In
gerrit.openfyde.cn / chromium.googlesource.com / chromiumos / third_party / qemu / 50f43f0ff9a640b901b2657492d642e14a57bd4d / . / hw / sd / sd.c
blob: ce4d44be91505100da02ba7b70ff066c8e0c8ba2 [file] [log] [blame]
ths5fafdf22007-09-16 21:08:06 +0000[diff] [blame]1/*
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]2 * SD Memory Card emulation as defined in the "SD Memory Card Physical
3 * layer specification, Version 1.10."
4 *
5 * Copyright (c) 2006 Andrzej Zaborowski <balrog@zabor.org>
6 * Copyright (c) 2007 CodeSourcery
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS''
20 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
21 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
22 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR
23 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
24 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
25 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
26 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
27 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 */
31
Paolo Bonzini83c9f4c2013-02-04 15:40:22 +0100[diff] [blame]32#include "hw/hw.h"
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]33#include "sysemu/block-backend.h"
Sai Pavan Boddue3382ef2015-10-08 18:51:01 +0530[diff] [blame]34#include "hw/sd/sd.h"
Paolo Bonzini1de7afc2012-12-17 18:20:00 +0100[diff] [blame]35#include "qemu/bitmap.h"
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]36
37//#define DEBUG_SD 1
38
39#ifdef DEBUG_SD
Blue Swirl001faf32009-05-13 17:53:17 +0000[diff] [blame]40#define DPRINTF(fmt, ...) \
41do { fprintf(stderr, "SD: " fmt , ## __VA_ARGS__); } while (0)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]42#else
Blue Swirl001faf32009-05-13 17:53:17 +0000[diff] [blame]43#define DPRINTF(fmt, ...) do {} while(0)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]44#endif
45
Peter Crosthwaite37ab4a52013-06-03 17:17:45 +0100[diff] [blame]46#define ACMD41_ENQUIRY_MASK 0x00ffffff
47
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]48typedef enum {
49 sd_r0 = 0, /* no response */
50 sd_r1, /* normal response command */
51 sd_r2_i, /* CID register */
52 sd_r2_s, /* CSD register */
53 sd_r3, /* OCR register */
54 sd_r6 = 6, /* Published RCA response */
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]55 sd_r7, /* Operating voltage */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]56 sd_r1b = -1,
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]57 sd_illegal = -2,
Anthony Liguoric227f092009-10-01 16:12:16 -0500[diff] [blame]58} sd_rsp_type_t;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]59
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]60enum SDCardModes {
61 sd_inactive,
62 sd_card_identification_mode,
63 sd_data_transfer_mode,
64};
65
66enum SDCardStates {
67 sd_inactive_state = -1,
68 sd_idle_state = 0,
69 sd_ready_state,
70 sd_identification_state,
71 sd_standby_state,
72 sd_transfer_state,
73 sd_sendingdata_state,
74 sd_receivingdata_state,
75 sd_programming_state,
76 sd_disconnect_state,
77};
78
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]79struct SDState {
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]80 uint32_t mode; /* current card mode, one of SDCardModes */
81 int32_t state; /* current card state, one of SDCardStates */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]82 uint32_t ocr;
83 uint8_t scr[8];
84 uint8_t cid[16];
85 uint8_t csd[16];
86 uint16_t rca;
87 uint32_t card_status;
88 uint8_t sd_status[64];
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]89 uint32_t vhs;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]90 bool wp_switch;
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100[diff] [blame]91 unsigned long *wp_groups;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]92 int32_t wpgrps_size;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]93 uint64_t size;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]94 uint32_t blk_len;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]95 uint32_t erase_start;
96 uint32_t erase_end;
97 uint8_t pwd[16];
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]98 uint32_t pwd_len;
99 uint8_t function_group[6];
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]100
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]101 bool spi;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]102 uint8_t current_cmd;
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]103 /* True if we will handle the next command as an ACMD. Note that this does
104 * *not* track the APP_CMD status bit!
105 */
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]106 bool expecting_acmd;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]107 uint32_t blk_written;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]108 uint64_t data_start;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]109 uint32_t data_offset;
110 uint8_t data[512];
balrog02ce6002007-11-17 14:34:44 +0000[diff] [blame]111 qemu_irq readonly_cb;
112 qemu_irq inserted_cb;
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]113 BlockBackend *blk;
balrog33f00272007-12-24 14:33:24 +0000[diff] [blame]114 uint8_t *buf;
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]115
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]116 bool enable;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]117};
118
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]119static void sd_set_mode(SDState *sd)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]120{
121 switch (sd->state) {
122 case sd_inactive_state:
123 sd->mode = sd_inactive;
124 break;
125
126 case sd_idle_state:
127 case sd_ready_state:
128 case sd_identification_state:
129 sd->mode = sd_card_identification_mode;
130 break;
131
132 case sd_standby_state:
133 case sd_transfer_state:
134 case sd_sendingdata_state:
135 case sd_receivingdata_state:
136 case sd_programming_state:
137 case sd_disconnect_state:
138 sd->mode = sd_data_transfer_mode;
139 break;
140 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]141}
142
Anthony Liguoric227f092009-10-01 16:12:16 -0500[diff] [blame]143static const sd_cmd_type_t sd_cmd_type[64] = {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]144 sd_bc, sd_none, sd_bcr, sd_bcr, sd_none, sd_none, sd_none, sd_ac,
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]145 sd_bcr, sd_ac, sd_ac, sd_adtc, sd_ac, sd_ac, sd_none, sd_ac,
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]146 sd_ac, sd_adtc, sd_adtc, sd_none, sd_none, sd_none, sd_none, sd_none,
147 sd_adtc, sd_adtc, sd_adtc, sd_adtc, sd_ac, sd_ac, sd_adtc, sd_none,
148 sd_ac, sd_ac, sd_none, sd_none, sd_none, sd_none, sd_ac, sd_none,
149 sd_none, sd_none, sd_bc, sd_none, sd_none, sd_none, sd_none, sd_none,
150 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_ac,
151 sd_adtc, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
152};
153
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]154static const int sd_cmd_class[64] = {
155 0, 0, 0, 0, 0, 9, 10, 0, 0, 0, 0, 1, 0, 0, 0, 0,
156 2, 2, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 6, 6, 6, 6,
157 5, 5, 10, 10, 10, 10, 5, 9, 9, 9, 7, 7, 7, 7, 7, 7,
158 7, 7, 10, 7, 9, 9, 9, 8, 8, 10, 8, 8, 8, 8, 8, 8,
159};
160
161static uint8_t sd_crc7(void *message, size_t width)
162{
163 int i, bit;
164 uint8_t shift_reg = 0x00;
165 uint8_t *msg = (uint8_t *) message;
166
167 for (i = 0; i < width; i ++, msg ++)
168 for (bit = 7; bit >= 0; bit --) {
169 shift_reg <<= 1;
170 if ((shift_reg >> 7) ^ ((*msg >> bit) & 1))
171 shift_reg ^= 0x89;
172 }
173
174 return shift_reg;
175}
176
177static uint16_t sd_crc16(void *message, size_t width)
178{
179 int i, bit;
180 uint16_t shift_reg = 0x0000;
181 uint16_t *msg = (uint16_t *) message;
182 width <<= 1;
183
184 for (i = 0; i < width; i ++, msg ++)
185 for (bit = 15; bit >= 0; bit --) {
186 shift_reg <<= 1;
187 if ((shift_reg >> 15) ^ ((*msg >> bit) & 1))
188 shift_reg ^= 0x1011;
189 }
190
191 return shift_reg;
192}
193
194static void sd_set_ocr(SDState *sd)
195{
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]196 /* All voltages OK, card power-up OK, Standard Capacity SD Memory Card */
aurel32829ef7b2009-03-07 22:10:40 +0000[diff] [blame]197 sd->ocr = 0x80ffff00;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]198}
199
200static void sd_set_scr(SDState *sd)
201{
202 sd->scr[0] = 0x00; /* SCR Structure */
203 sd->scr[1] = 0x2f; /* SD Security Support */
204 sd->scr[2] = 0x00;
205 sd->scr[3] = 0x00;
206 sd->scr[4] = 0x00;
207 sd->scr[5] = 0x00;
208 sd->scr[6] = 0x00;
209 sd->scr[7] = 0x00;
210}
211
212#define MID 0xaa
213#define OID "XY"
214#define PNM "QEMU!"
215#define PRV 0x01
216#define MDT_YR 2006
217#define MDT_MON 2
218
219static void sd_set_cid(SDState *sd)
220{
221 sd->cid[0] = MID; /* Fake card manufacturer ID (MID) */
222 sd->cid[1] = OID[0]; /* OEM/Application ID (OID) */
223 sd->cid[2] = OID[1];
224 sd->cid[3] = PNM[0]; /* Fake product name (PNM) */
225 sd->cid[4] = PNM[1];
226 sd->cid[5] = PNM[2];
227 sd->cid[6] = PNM[3];
228 sd->cid[7] = PNM[4];
229 sd->cid[8] = PRV; /* Fake product revision (PRV) */
230 sd->cid[9] = 0xde; /* Fake serial number (PSN) */
231 sd->cid[10] = 0xad;
232 sd->cid[11] = 0xbe;
233 sd->cid[12] = 0xef;
234 sd->cid[13] = 0x00 | /* Manufacture date (MDT) */
235 ((MDT_YR - 2000) / 10);
236 sd->cid[14] = ((MDT_YR % 10) << 4) | MDT_MON;
237 sd->cid[15] = (sd_crc7(sd->cid, 15) << 1) | 1;
238}
239
240#define HWBLOCK_SHIFT 9 /* 512 bytes */
241#define SECTOR_SHIFT 5 /* 16 kilobytes */
242#define WPGROUP_SHIFT 7 /* 2 megs */
243#define CMULT_SHIFT 9 /* 512 times HWBLOCK_SIZE */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]244#define WPGROUP_SIZE (1 << (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT))
245
246static const uint8_t sd_csd_rw_mask[16] = {
247 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
248 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfc, 0xfe,
249};
250
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]251static void sd_set_csd(SDState *sd, uint64_t size)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]252{
253 uint32_t csize = (size >> (CMULT_SHIFT + HWBLOCK_SHIFT)) - 1;
254 uint32_t sectsize = (1 << (SECTOR_SHIFT + 1)) - 1;
255 uint32_t wpsize = (1 << (WPGROUP_SHIFT + 1)) - 1;
256
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]257 if (size <= 0x40000000) { /* Standard Capacity SD */
258 sd->csd[0] = 0x00; /* CSD structure */
259 sd->csd[1] = 0x26; /* Data read access-time-1 */
260 sd->csd[2] = 0x00; /* Data read access-time-2 */
261 sd->csd[3] = 0x5a; /* Max. data transfer rate */
262 sd->csd[4] = 0x5f; /* Card Command Classes */
263 sd->csd[5] = 0x50 | /* Max. read data block length */
264 HWBLOCK_SHIFT;
265 sd->csd[6] = 0xe0 | /* Partial block for read allowed */
266 ((csize >> 10) & 0x03);
267 sd->csd[7] = 0x00 | /* Device size */
268 ((csize >> 2) & 0xff);
269 sd->csd[8] = 0x3f | /* Max. read current */
270 ((csize << 6) & 0xc0);
271 sd->csd[9] = 0xfc | /* Max. write current */
272 ((CMULT_SHIFT - 2) >> 1);
273 sd->csd[10] = 0x40 | /* Erase sector size */
274 (((CMULT_SHIFT - 2) << 7) & 0x80) | (sectsize >> 1);
275 sd->csd[11] = 0x00 | /* Write protect group size */
276 ((sectsize << 7) & 0x80) | wpsize;
277 sd->csd[12] = 0x90 | /* Write speed factor */
278 (HWBLOCK_SHIFT >> 2);
279 sd->csd[13] = 0x20 | /* Max. write data block length */
280 ((HWBLOCK_SHIFT << 6) & 0xc0);
281 sd->csd[14] = 0x00; /* File format group */
282 sd->csd[15] = (sd_crc7(sd->csd, 15) << 1) | 1;
283 } else { /* SDHC */
284 size /= 512 * 1024;
285 size -= 1;
286 sd->csd[0] = 0x40;
287 sd->csd[1] = 0x0e;
288 sd->csd[2] = 0x00;
289 sd->csd[3] = 0x32;
290 sd->csd[4] = 0x5b;
291 sd->csd[5] = 0x59;
292 sd->csd[6] = 0x00;
293 sd->csd[7] = (size >> 16) & 0xff;
294 sd->csd[8] = (size >> 8) & 0xff;
295 sd->csd[9] = (size & 0xff);
296 sd->csd[10] = 0x7f;
297 sd->csd[11] = 0x80;
298 sd->csd[12] = 0x0a;
299 sd->csd[13] = 0x40;
300 sd->csd[14] = 0x00;
301 sd->csd[15] = 0x00;
Peter Maydelle03ba132013-04-09 12:48:19 +0100[diff] [blame]302 sd->ocr |= 1 << 30; /* High Capacity SD Memory Card */
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]303 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]304}
305
306static void sd_set_rca(SDState *sd)
307{
308 sd->rca += 0x4567;
309}
310
Peter Maydellb8d334c2011-12-18 21:37:52 +0100[diff] [blame]311/* Card status bits, split by clear condition:
312 * A : According to the card current state
313 * B : Always related to the previous command
314 * C : Cleared by read
315 */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]316#define CARD_STATUS_A 0x02004100
317#define CARD_STATUS_B 0x00c01e00
318#define CARD_STATUS_C 0xfd39a028
319
320static void sd_set_cardstatus(SDState *sd)
321{
322 sd->card_status = 0x00000100;
323}
324
325static void sd_set_sdstatus(SDState *sd)
326{
327 memset(sd->sd_status, 0, 64);
328}
329
Paul Brookbc24a222009-05-10 01:44:56 +0100[diff] [blame]330static int sd_req_crc_validate(SDRequest *req)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]331{
332 uint8_t buffer[5];
333 buffer[0] = 0x40 | req->cmd;
334 buffer[1] = (req->arg >> 24) & 0xff;
335 buffer[2] = (req->arg >> 16) & 0xff;
336 buffer[3] = (req->arg >> 8) & 0xff;
337 buffer[4] = (req->arg >> 0) & 0xff;
338 return 0;
339 return sd_crc7(buffer, 5) != req->crc; /* TODO */
340}
341
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]342static void sd_response_r1_make(SDState *sd, uint8_t *response)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]343{
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]344 uint32_t status = sd->card_status;
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]345 /* Clear the "clear on read" status bits */
346 sd->card_status &= ~CARD_STATUS_C;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]347
348 response[0] = (status >> 24) & 0xff;
349 response[1] = (status >> 16) & 0xff;
350 response[2] = (status >> 8) & 0xff;
351 response[3] = (status >> 0) & 0xff;
352}
353
pbrook9596ebb2007-11-18 01:44:38 +0000[diff] [blame]354static void sd_response_r3_make(SDState *sd, uint8_t *response)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]355{
356 response[0] = (sd->ocr >> 24) & 0xff;
357 response[1] = (sd->ocr >> 16) & 0xff;
358 response[2] = (sd->ocr >> 8) & 0xff;
359 response[3] = (sd->ocr >> 0) & 0xff;
360}
361
pbrook9596ebb2007-11-18 01:44:38 +0000[diff] [blame]362static void sd_response_r6_make(SDState *sd, uint8_t *response)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]363{
364 uint16_t arg;
365 uint16_t status;
366
367 arg = sd->rca;
368 status = ((sd->card_status >> 8) & 0xc000) |
369 ((sd->card_status >> 6) & 0x2000) |
370 (sd->card_status & 0x1fff);
Peter Maydellfcfa9352011-12-18 21:38:00 +0100[diff] [blame]371 sd->card_status &= ~(CARD_STATUS_C & 0xc81fff);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]372
373 response[0] = (arg >> 8) & 0xff;
374 response[1] = arg & 0xff;
375 response[2] = (status >> 8) & 0xff;
376 response[3] = status & 0xff;
377}
378
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]379static void sd_response_r7_make(SDState *sd, uint8_t *response)
380{
381 response[0] = (sd->vhs >> 24) & 0xff;
382 response[1] = (sd->vhs >> 16) & 0xff;
383 response[2] = (sd->vhs >> 8) & 0xff;
384 response[3] = (sd->vhs >> 0) & 0xff;
385}
386
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]387static inline uint64_t sd_addr_to_wpnum(uint64_t addr)
388{
389 return addr >> (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT);
390}
391
Peter Maydell16b781a2015-05-12 11:57:16 +0100[diff] [blame]392static void sd_reset(SDState *sd)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]393{
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]394 uint64_t size;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]395 uint64_t sect;
396
Peter Maydell16b781a2015-05-12 11:57:16 +0100[diff] [blame]397 if (sd->blk) {
398 blk_get_geometry(sd->blk, &sect);
Paul Brook03f311e2009-05-03 16:52:16 +0100[diff] [blame]399 } else {
400 sect = 0;
401 }
Vincent Palatin5e371412011-07-25 16:19:05 -0700[diff] [blame]402 size = sect << 9;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]403
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]404 sect = sd_addr_to_wpnum(size) + 1;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]405
406 sd->state = sd_idle_state;
407 sd->rca = 0x0000;
408 sd_set_ocr(sd);
409 sd_set_scr(sd);
410 sd_set_cid(sd);
411 sd_set_csd(sd, size);
412 sd_set_cardstatus(sd);
413 sd_set_sdstatus(sd);
414
Daniel P. Berrangeef1e1e02015-08-26 12:17:18 +0100[diff] [blame]415 g_free(sd->wp_groups);
Peter Maydell16b781a2015-05-12 11:57:16 +0100[diff] [blame]416 sd->wp_switch = sd->blk ? blk_is_read_only(sd->blk) : false;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]417 sd->wpgrps_size = sect;
418 sd->wp_groups = bitmap_new(sd->wpgrps_size);
419 memset(sd->function_group, 0, sizeof(sd->function_group));
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]420 sd->erase_start = 0;
421 sd->erase_end = 0;
422 sd->size = size;
423 sd->blk_len = 0x200;
424 sd->pwd_len = 0;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]425 sd->expecting_acmd = false;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]426}
427
Markus Armbruster7d4b4ba2011-09-06 18:58:59 +0200[diff] [blame]428static void sd_cardchange(void *opaque, bool load)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]429{
430 SDState *sd = opaque;
Christoph Hellwigdb97ee62011-01-24 13:32:41 +0100[diff] [blame]431
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]432 qemu_set_irq(sd->inserted_cb, blk_is_inserted(sd->blk));
433 if (blk_is_inserted(sd->blk)) {
Peter Maydell16b781a2015-05-12 11:57:16 +0100[diff] [blame]434 sd_reset(sd);
pbrook257514d2007-11-17 15:32:38 +0000[diff] [blame]435 qemu_set_irq(sd->readonly_cb, sd->wp_switch);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]436 }
437}
438
Markus Armbruster0e49de52011-08-03 15:07:41 +0200[diff] [blame]439static const BlockDevOps sd_block_ops = {
Markus Armbruster145feb12011-08-03 15:07:42 +0200[diff] [blame]440 .change_media_cb = sd_cardchange,
Markus Armbruster0e49de52011-08-03 15:07:41 +0200[diff] [blame]441};
442
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]443static const VMStateDescription sd_vmstate = {
444 .name = "sd-card",
445 .version_id = 1,
446 .minimum_version_id = 1,
447 .fields = (VMStateField[]) {
448 VMSTATE_UINT32(mode, SDState),
449 VMSTATE_INT32(state, SDState),
450 VMSTATE_UINT8_ARRAY(cid, SDState, 16),
451 VMSTATE_UINT8_ARRAY(csd, SDState, 16),
452 VMSTATE_UINT16(rca, SDState),
453 VMSTATE_UINT32(card_status, SDState),
454 VMSTATE_PARTIAL_BUFFER(sd_status, SDState, 1),
455 VMSTATE_UINT32(vhs, SDState),
456 VMSTATE_BITMAP(wp_groups, SDState, 0, wpgrps_size),
457 VMSTATE_UINT32(blk_len, SDState),
458 VMSTATE_UINT32(erase_start, SDState),
459 VMSTATE_UINT32(erase_end, SDState),
460 VMSTATE_UINT8_ARRAY(pwd, SDState, 16),
461 VMSTATE_UINT32(pwd_len, SDState),
462 VMSTATE_UINT8_ARRAY(function_group, SDState, 6),
463 VMSTATE_UINT8(current_cmd, SDState),
464 VMSTATE_BOOL(expecting_acmd, SDState),
465 VMSTATE_UINT32(blk_written, SDState),
466 VMSTATE_UINT64(data_start, SDState),
467 VMSTATE_UINT32(data_offset, SDState),
468 VMSTATE_UINT8_ARRAY(data, SDState, 512),
Igor Mitsyanko5f006792013-04-05 16:17:59 +0100[diff] [blame]469 VMSTATE_BUFFER_POINTER_UNSAFE(buf, SDState, 1, 512),
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]470 VMSTATE_BOOL(enable, SDState),
471 VMSTATE_END_OF_LIST()
472 }
473};
474
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]475/* We do not model the chip select pin, so allow the board to select
balrog8ef63672007-11-25 18:46:17 +0000[diff] [blame]476 whether card should be in SSI or MMC/SD mode. It is also up to the
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]477 board to ensure that ssi transfers only occur when the chip select
478 is asserted. */
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]479SDState *sd_init(BlockBackend *blk, bool is_spi)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]480{
481 SDState *sd;
482
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]483 if (blk && blk_is_read_only(blk)) {
Kevin Wolf4f8a0662013-09-13 15:51:47 +0200[diff] [blame]484 fprintf(stderr, "sd_init: Cannot use read-only drive\n");
485 return NULL;
486 }
487
Anthony Liguori7267c092011-08-20 22:09:37 -0500[diff] [blame]488 sd = (SDState *) g_malloc0(sizeof(SDState));
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]489 sd->buf = blk_blockalign(blk, 512);
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]490 sd->spi = is_spi;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]491 sd->enable = true;
Peter Maydell16b781a2015-05-12 11:57:16 +0100[diff] [blame]492 sd->blk = blk;
493 sd_reset(sd);
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]494 if (sd->blk) {
Kevin O'Connor5ec911c2015-08-17 15:20:33 -0400[diff] [blame]495 /* Attach dev if not already attached. (This call ignores an
496 * error return code if sd->blk is already attached.) */
497 blk_attach_dev(sd->blk, sd);
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]498 blk_set_dev_ops(sd->blk, &sd_block_ops, sd);
Paul Brook03f311e2009-05-03 16:52:16 +0100[diff] [blame]499 }
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]500 vmstate_register(NULL, -1, &sd_vmstate, sd);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]501 return sd;
502}
503
balrog02ce6002007-11-17 14:34:44 +0000[diff] [blame]504void sd_set_cb(SDState *sd, qemu_irq readonly, qemu_irq insert)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]505{
balrog02ce6002007-11-17 14:34:44 +0000[diff] [blame]506 sd->readonly_cb = readonly;
507 sd->inserted_cb = insert;
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]508 qemu_set_irq(readonly, sd->blk ? blk_is_read_only(sd->blk) : 0);
509 qemu_set_irq(insert, sd->blk ? blk_is_inserted(sd->blk) : 0);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]510}
511
512static void sd_erase(SDState *sd)
513{
Igor Mitsyankof2d189d2012-10-30 07:45:12 +0000[diff] [blame]514 int i;
515 uint64_t erase_start = sd->erase_start;
516 uint64_t erase_end = sd->erase_end;
517
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]518 if (!sd->erase_start || !sd->erase_end) {
519 sd->card_status |= ERASE_SEQ_ERROR;
520 return;
521 }
522
Igor Mitsyankof2d189d2012-10-30 07:45:12 +0000[diff] [blame]523 if (extract32(sd->ocr, OCR_CCS_BITN, 1)) {
524 /* High capacity memory card: erase units are 512 byte blocks */
525 erase_start *= 512;
526 erase_end *= 512;
527 }
528
529 erase_start = sd_addr_to_wpnum(erase_start);
530 erase_end = sd_addr_to_wpnum(erase_end);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]531 sd->erase_start = 0;
532 sd->erase_end = 0;
533 sd->csd[14] |= 0x40;
534
Igor Mitsyankof2d189d2012-10-30 07:45:12 +0000[diff] [blame]535 for (i = erase_start; i <= erase_end; i++) {
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100[diff] [blame]536 if (test_bit(i, sd->wp_groups)) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]537 sd->card_status |= WP_ERASE_SKIP;
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100[diff] [blame]538 }
539 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]540}
541
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]542static uint32_t sd_wpbits(SDState *sd, uint64_t addr)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]543{
544 uint32_t i, wpnum;
545 uint32_t ret = 0;
546
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]547 wpnum = sd_addr_to_wpnum(addr);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]548
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100[diff] [blame]549 for (i = 0; i < 32; i++, wpnum++, addr += WPGROUP_SIZE) {
550 if (addr < sd->size && test_bit(wpnum, sd->wp_groups)) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]551 ret |= (1 << i);
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100[diff] [blame]552 }
553 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]554
555 return ret;
556}
557
558static void sd_function_switch(SDState *sd, uint32_t arg)
559{
560 int i, mode, new_func, crc;
561 mode = !!(arg & 0x80000000);
562
563 sd->data[0] = 0x00; /* Maximum current consumption */
564 sd->data[1] = 0x01;
565 sd->data[2] = 0x80; /* Supported group 6 functions */
566 sd->data[3] = 0x01;
567 sd->data[4] = 0x80; /* Supported group 5 functions */
568 sd->data[5] = 0x01;
569 sd->data[6] = 0x80; /* Supported group 4 functions */
570 sd->data[7] = 0x01;
571 sd->data[8] = 0x80; /* Supported group 3 functions */
572 sd->data[9] = 0x01;
573 sd->data[10] = 0x80; /* Supported group 2 functions */
574 sd->data[11] = 0x43;
575 sd->data[12] = 0x80; /* Supported group 1 functions */
576 sd->data[13] = 0x03;
577 for (i = 0; i < 6; i ++) {
578 new_func = (arg >> (i * 4)) & 0x0f;
579 if (mode && new_func != 0x0f)
580 sd->function_group[i] = new_func;
581 sd->data[14 + (i >> 1)] = new_func << ((i * 4) & 4);
582 }
583 memset(&sd->data[17], 0, 47);
584 crc = sd_crc16(sd->data, 64);
585 sd->data[65] = crc >> 8;
586 sd->data[66] = crc & 0xff;
587}
588
Mitsyanko Igor4e8f1be2012-08-13 11:04:07 +0100[diff] [blame]589static inline bool sd_wp_addr(SDState *sd, uint64_t addr)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]590{
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]591 return test_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]592}
593
594static void sd_lock_command(SDState *sd)
595{
596 int erase, lock, clr_pwd, set_pwd, pwd_len;
597 erase = !!(sd->data[0] & 0x08);
598 lock = sd->data[0] & 0x04;
599 clr_pwd = sd->data[0] & 0x02;
600 set_pwd = sd->data[0] & 0x01;
601
602 if (sd->blk_len > 1)
603 pwd_len = sd->data[1];
604 else
605 pwd_len = 0;
606
607 if (erase) {
608 if (!(sd->card_status & CARD_IS_LOCKED) || sd->blk_len > 1 ||
609 set_pwd || clr_pwd || lock || sd->wp_switch ||
610 (sd->csd[14] & 0x20)) {
611 sd->card_status |= LOCK_UNLOCK_FAILED;
612 return;
613 }
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]614 bitmap_zero(sd->wp_groups, sd->wpgrps_size);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]615 sd->csd[14] &= ~0x10;
616 sd->card_status &= ~CARD_IS_LOCKED;
617 sd->pwd_len = 0;
618 /* Erasing the entire card here! */
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]619 fprintf(stderr, "SD: Card force-erased by CMD42\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]620 return;
621 }
622
623 if (sd->blk_len < 2 + pwd_len ||
624 pwd_len <= sd->pwd_len ||
625 pwd_len > sd->pwd_len + 16) {
626 sd->card_status |= LOCK_UNLOCK_FAILED;
627 return;
628 }
629
630 if (sd->pwd_len && memcmp(sd->pwd, sd->data + 2, sd->pwd_len)) {
631 sd->card_status |= LOCK_UNLOCK_FAILED;
632 return;
633 }
634
635 pwd_len -= sd->pwd_len;
636 if ((pwd_len && !set_pwd) ||
637 (clr_pwd && (set_pwd || lock)) ||
638 (lock && !sd->pwd_len && !set_pwd) ||
639 (!set_pwd && !clr_pwd &&
640 (((sd->card_status & CARD_IS_LOCKED) && lock) ||
641 (!(sd->card_status & CARD_IS_LOCKED) && !lock)))) {
642 sd->card_status |= LOCK_UNLOCK_FAILED;
643 return;
644 }
645
646 if (set_pwd) {
647 memcpy(sd->pwd, sd->data + 2 + sd->pwd_len, pwd_len);
648 sd->pwd_len = pwd_len;
649 }
650
651 if (clr_pwd) {
652 sd->pwd_len = 0;
653 }
654
655 if (lock)
656 sd->card_status |= CARD_IS_LOCKED;
657 else
658 sd->card_status &= ~CARD_IS_LOCKED;
659}
660
Anthony Liguoric227f092009-10-01 16:12:16 -0500[diff] [blame]661static sd_rsp_type_t sd_normal_command(SDState *sd,
Paul Brookbc24a222009-05-10 01:44:56 +0100[diff] [blame]662 SDRequest req)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]663{
664 uint32_t rca = 0x0000;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]665 uint64_t addr = (sd->ocr & (1 << 30)) ? (uint64_t) req.arg << 9 : req.arg;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]666
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]667 /* Not interpreting this as an app command */
668 sd->card_status &= ~APP_CMD;
669
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]670 if (sd_cmd_type[req.cmd] == sd_ac || sd_cmd_type[req.cmd] == sd_adtc)
671 rca = req.arg >> 16;
672
673 DPRINTF("CMD%d 0x%08x state %d\n", req.cmd, req.arg, sd->state);
674 switch (req.cmd) {
675 /* Basic commands (Class 0 and Class 1) */
676 case 0: /* CMD0: GO_IDLE_STATE */
677 switch (sd->state) {
678 case sd_inactive_state:
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]679 return sd->spi ? sd_r1 : sd_r0;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]680
681 default:
682 sd->state = sd_idle_state;
Peter Maydell16b781a2015-05-12 11:57:16 +0100[diff] [blame]683 sd_reset(sd);
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]684 return sd->spi ? sd_r1 : sd_r0;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]685 }
686 break;
687
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]688 case 1: /* CMD1: SEND_OP_CMD */
689 if (!sd->spi)
690 goto bad_cmd;
691
692 sd->state = sd_transfer_state;
693 return sd_r1;
694
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]695 case 2: /* CMD2: ALL_SEND_CID */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]696 if (sd->spi)
697 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]698 switch (sd->state) {
699 case sd_ready_state:
700 sd->state = sd_identification_state;
701 return sd_r2_i;
702
703 default:
704 break;
705 }
706 break;
707
708 case 3: /* CMD3: SEND_RELATIVE_ADDR */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]709 if (sd->spi)
710 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]711 switch (sd->state) {
712 case sd_identification_state:
713 case sd_standby_state:
714 sd->state = sd_standby_state;
715 sd_set_rca(sd);
716 return sd_r6;
717
718 default:
719 break;
720 }
721 break;
722
723 case 4: /* CMD4: SEND_DSR */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]724 if (sd->spi)
725 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]726 switch (sd->state) {
727 case sd_standby_state:
728 break;
729
730 default:
731 break;
732 }
733 break;
734
Juha Riihimäki109ac322009-12-03 15:56:07 +0200[diff] [blame]735 case 5: /* CMD5: reserved for SDIO cards */
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]736 return sd_illegal;
Juha Riihimäki109ac322009-12-03 15:56:07 +0200[diff] [blame]737
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]738 case 6: /* CMD6: SWITCH_FUNCTION */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]739 if (sd->spi)
740 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]741 switch (sd->mode) {
742 case sd_data_transfer_mode:
743 sd_function_switch(sd, req.arg);
744 sd->state = sd_sendingdata_state;
745 sd->data_start = 0;
746 sd->data_offset = 0;
747 return sd_r1;
748
749 default:
750 break;
751 }
752 break;
753
754 case 7: /* CMD7: SELECT/DESELECT_CARD */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]755 if (sd->spi)
756 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]757 switch (sd->state) {
758 case sd_standby_state:
759 if (sd->rca != rca)
760 return sd_r0;
761
762 sd->state = sd_transfer_state;
763 return sd_r1b;
764
765 case sd_transfer_state:
766 case sd_sendingdata_state:
767 if (sd->rca == rca)
768 break;
769
770 sd->state = sd_standby_state;
771 return sd_r1b;
772
773 case sd_disconnect_state:
774 if (sd->rca != rca)
775 return sd_r0;
776
777 sd->state = sd_programming_state;
778 return sd_r1b;
779
780 case sd_programming_state:
781 if (sd->rca == rca)
782 break;
783
784 sd->state = sd_disconnect_state;
785 return sd_r1b;
786
787 default:
788 break;
789 }
790 break;
791
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]792 case 8: /* CMD8: SEND_IF_COND */
793 /* Physical Layer Specification Version 2.00 command */
794 switch (sd->state) {
795 case sd_idle_state:
796 sd->vhs = 0;
797
798 /* No response if not exactly one VHS bit is set. */
Stefan Hajnoczic9d93312015-03-23 15:29:28 +0000[diff] [blame]799 if (!(req.arg >> 8) || (req.arg >> (ctz32(req.arg & ~0xff) + 1))) {
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]800 return sd->spi ? sd_r7 : sd_r0;
Stefan Hajnoczic9d93312015-03-23 15:29:28 +0000[diff] [blame]801 }
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]802
803 /* Accept. */
804 sd->vhs = req.arg;
805 return sd_r7;
806
807 default:
808 break;
809 }
810 break;
811
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]812 case 9: /* CMD9: SEND_CSD */
813 switch (sd->state) {
814 case sd_standby_state:
815 if (sd->rca != rca)
816 return sd_r0;
817
818 return sd_r2_s;
819
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]820 case sd_transfer_state:
821 if (!sd->spi)
822 break;
823 sd->state = sd_sendingdata_state;
824 memcpy(sd->data, sd->csd, 16);
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]825 sd->data_start = addr;
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]826 sd->data_offset = 0;
827 return sd_r1;
828
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]829 default:
830 break;
831 }
832 break;
833
834 case 10: /* CMD10: SEND_CID */
835 switch (sd->state) {
836 case sd_standby_state:
837 if (sd->rca != rca)
838 return sd_r0;
839
840 return sd_r2_i;
841
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]842 case sd_transfer_state:
843 if (!sd->spi)
844 break;
845 sd->state = sd_sendingdata_state;
846 memcpy(sd->data, sd->cid, 16);
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]847 sd->data_start = addr;
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]848 sd->data_offset = 0;
849 return sd_r1;
850
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]851 default:
852 break;
853 }
854 break;
855
856 case 11: /* CMD11: READ_DAT_UNTIL_STOP */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]857 if (sd->spi)
858 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]859 switch (sd->state) {
860 case sd_transfer_state:
861 sd->state = sd_sendingdata_state;
862 sd->data_start = req.arg;
863 sd->data_offset = 0;
864
865 if (sd->data_start + sd->blk_len > sd->size)
866 sd->card_status |= ADDRESS_ERROR;
867 return sd_r0;
868
869 default:
870 break;
871 }
872 break;
873
874 case 12: /* CMD12: STOP_TRANSMISSION */
875 switch (sd->state) {
876 case sd_sendingdata_state:
877 sd->state = sd_transfer_state;
878 return sd_r1b;
879
880 case sd_receivingdata_state:
881 sd->state = sd_programming_state;
882 /* Bzzzzzzztt .... Operation complete. */
883 sd->state = sd_transfer_state;
884 return sd_r1b;
885
886 default:
887 break;
888 }
889 break;
890
891 case 13: /* CMD13: SEND_STATUS */
892 switch (sd->mode) {
893 case sd_data_transfer_mode:
894 if (sd->rca != rca)
895 return sd_r0;
896
897 return sd_r1;
898
899 default:
900 break;
901 }
902 break;
903
904 case 15: /* CMD15: GO_INACTIVE_STATE */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]905 if (sd->spi)
906 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]907 switch (sd->mode) {
908 case sd_data_transfer_mode:
909 if (sd->rca != rca)
910 return sd_r0;
911
912 sd->state = sd_inactive_state;
913 return sd_r0;
914
915 default:
916 break;
917 }
918 break;
919
920 /* Block read commands (Classs 2) */
921 case 16: /* CMD16: SET_BLOCKLEN */
922 switch (sd->state) {
923 case sd_transfer_state:
924 if (req.arg > (1 << HWBLOCK_SHIFT))
925 sd->card_status |= BLOCK_LEN_ERROR;
926 else
927 sd->blk_len = req.arg;
928
929 return sd_r1;
930
931 default:
932 break;
933 }
934 break;
935
936 case 17: /* CMD17: READ_SINGLE_BLOCK */
937 switch (sd->state) {
938 case sd_transfer_state:
939 sd->state = sd_sendingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]940 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]941 sd->data_offset = 0;
942
943 if (sd->data_start + sd->blk_len > sd->size)
944 sd->card_status |= ADDRESS_ERROR;
945 return sd_r1;
946
947 default:
948 break;
949 }
950 break;
951
952 case 18: /* CMD18: READ_MULTIPLE_BLOCK */
953 switch (sd->state) {
954 case sd_transfer_state:
955 sd->state = sd_sendingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]956 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]957 sd->data_offset = 0;
958
959 if (sd->data_start + sd->blk_len > sd->size)
960 sd->card_status |= ADDRESS_ERROR;
961 return sd_r1;
962
963 default:
964 break;
965 }
966 break;
967
968 /* Block write commands (Class 4) */
969 case 24: /* CMD24: WRITE_SINGLE_BLOCK */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]970 if (sd->spi)
971 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]972 switch (sd->state) {
973 case sd_transfer_state:
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]974 /* Writing in SPI mode not implemented. */
975 if (sd->spi)
976 break;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]977 sd->state = sd_receivingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]978 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]979 sd->data_offset = 0;
980 sd->blk_written = 0;
981
982 if (sd->data_start + sd->blk_len > sd->size)
983 sd->card_status |= ADDRESS_ERROR;
984 if (sd_wp_addr(sd, sd->data_start))
985 sd->card_status |= WP_VIOLATION;
986 if (sd->csd[14] & 0x30)
987 sd->card_status |= WP_VIOLATION;
988 return sd_r1;
989
990 default:
991 break;
992 }
993 break;
994
995 case 25: /* CMD25: WRITE_MULTIPLE_BLOCK */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]996 if (sd->spi)
997 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]998 switch (sd->state) {
999 case sd_transfer_state:
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1000 /* Writing in SPI mode not implemented. */
1001 if (sd->spi)
1002 break;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1003 sd->state = sd_receivingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1004 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1005 sd->data_offset = 0;
1006 sd->blk_written = 0;
1007
1008 if (sd->data_start + sd->blk_len > sd->size)
1009 sd->card_status |= ADDRESS_ERROR;
1010 if (sd_wp_addr(sd, sd->data_start))
1011 sd->card_status |= WP_VIOLATION;
1012 if (sd->csd[14] & 0x30)
1013 sd->card_status |= WP_VIOLATION;
1014 return sd_r1;
1015
1016 default:
1017 break;
1018 }
1019 break;
1020
1021 case 26: /* CMD26: PROGRAM_CID */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1022 if (sd->spi)
1023 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1024 switch (sd->state) {
1025 case sd_transfer_state:
1026 sd->state = sd_receivingdata_state;
1027 sd->data_start = 0;
1028 sd->data_offset = 0;
1029 return sd_r1;
1030
1031 default:
1032 break;
1033 }
1034 break;
1035
1036 case 27: /* CMD27: PROGRAM_CSD */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1037 if (sd->spi)
1038 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1039 switch (sd->state) {
1040 case sd_transfer_state:
1041 sd->state = sd_receivingdata_state;
1042 sd->data_start = 0;
1043 sd->data_offset = 0;
1044 return sd_r1;
1045
1046 default:
1047 break;
1048 }
1049 break;
1050
1051 /* Write protection (Class 6) */
1052 case 28: /* CMD28: SET_WRITE_PROT */
1053 switch (sd->state) {
1054 case sd_transfer_state:
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1055 if (addr >= sd->size) {
Peter Maydelle30d5932011-12-18 21:37:54 +0100[diff] [blame]1056 sd->card_status |= ADDRESS_ERROR;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1057 return sd_r1b;
1058 }
1059
1060 sd->state = sd_programming_state;
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]1061 set_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1062 /* Bzzzzzzztt .... Operation complete. */
1063 sd->state = sd_transfer_state;
1064 return sd_r1b;
1065
1066 default:
1067 break;
1068 }
1069 break;
1070
1071 case 29: /* CMD29: CLR_WRITE_PROT */
1072 switch (sd->state) {
1073 case sd_transfer_state:
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1074 if (addr >= sd->size) {
Peter Maydelle30d5932011-12-18 21:37:54 +0100[diff] [blame]1075 sd->card_status |= ADDRESS_ERROR;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1076 return sd_r1b;
1077 }
1078
1079 sd->state = sd_programming_state;
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]1080 clear_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1081 /* Bzzzzzzztt .... Operation complete. */
1082 sd->state = sd_transfer_state;
1083 return sd_r1b;
1084
1085 default:
1086 break;
1087 }
1088 break;
1089
1090 case 30: /* CMD30: SEND_WRITE_PROT */
1091 switch (sd->state) {
1092 case sd_transfer_state:
1093 sd->state = sd_sendingdata_state;
1094 *(uint32_t *) sd->data = sd_wpbits(sd, req.arg);
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1095 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1096 sd->data_offset = 0;
1097 return sd_r1b;
1098
1099 default:
1100 break;
1101 }
1102 break;
1103
1104 /* Erase commands (Class 5) */
1105 case 32: /* CMD32: ERASE_WR_BLK_START */
1106 switch (sd->state) {
1107 case sd_transfer_state:
1108 sd->erase_start = req.arg;
1109 return sd_r1;
1110
1111 default:
1112 break;
1113 }
1114 break;
1115
1116 case 33: /* CMD33: ERASE_WR_BLK_END */
1117 switch (sd->state) {
1118 case sd_transfer_state:
1119 sd->erase_end = req.arg;
1120 return sd_r1;
1121
1122 default:
1123 break;
1124 }
1125 break;
1126
1127 case 38: /* CMD38: ERASE */
1128 switch (sd->state) {
1129 case sd_transfer_state:
1130 if (sd->csd[14] & 0x30) {
1131 sd->card_status |= WP_VIOLATION;
1132 return sd_r1b;
1133 }
1134
1135 sd->state = sd_programming_state;
1136 sd_erase(sd);
1137 /* Bzzzzzzztt .... Operation complete. */
1138 sd->state = sd_transfer_state;
1139 return sd_r1b;
1140
1141 default:
1142 break;
1143 }
1144 break;
1145
1146 /* Lock card commands (Class 7) */
1147 case 42: /* CMD42: LOCK_UNLOCK */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1148 if (sd->spi)
1149 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1150 switch (sd->state) {
1151 case sd_transfer_state:
1152 sd->state = sd_receivingdata_state;
1153 sd->data_start = 0;
1154 sd->data_offset = 0;
1155 return sd_r1;
1156
1157 default:
1158 break;
1159 }
1160 break;
1161
Peter Maydell39e594d2011-05-20 10:11:53 +0100[diff] [blame]1162 case 52:
1163 case 53:
1164 /* CMD52, CMD53: reserved for SDIO cards
1165 * (see the SDIO Simplified Specification V2.0)
1166 * Handle as illegal command but do not complain
1167 * on stderr, as some OSes may use these in their
1168 * probing for presence of an SDIO card.
1169 */
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1170 return sd_illegal;
Peter Maydell39e594d2011-05-20 10:11:53 +0100[diff] [blame]1171
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1172 /* Application specific commands (Class 8) */
1173 case 55: /* CMD55: APP_CMD */
1174 if (sd->rca != rca)
1175 return sd_r0;
1176
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]1177 sd->expecting_acmd = true;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1178 sd->card_status |= APP_CMD;
1179 return sd_r1;
1180
1181 case 56: /* CMD56: GEN_CMD */
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1182 fprintf(stderr, "SD: GEN_CMD 0x%08x\n", req.arg);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1183
1184 switch (sd->state) {
1185 case sd_transfer_state:
1186 sd->data_offset = 0;
1187 if (req.arg & 1)
1188 sd->state = sd_sendingdata_state;
1189 else
1190 sd->state = sd_receivingdata_state;
1191 return sd_r1;
1192
1193 default:
1194 break;
1195 }
1196 break;
1197
1198 default:
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1199 bad_cmd:
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1200 fprintf(stderr, "SD: Unknown CMD%i\n", req.cmd);
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1201 return sd_illegal;
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1202
1203 unimplemented_cmd:
1204 /* Commands that are recognised but not yet implemented in SPI mode. */
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1205 fprintf(stderr, "SD: CMD%i not implemented in SPI mode\n", req.cmd);
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1206 return sd_illegal;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1207 }
1208
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1209 fprintf(stderr, "SD: CMD%i in a wrong state\n", req.cmd);
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1210 return sd_illegal;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1211}
1212
Anthony Liguoric227f092009-10-01 16:12:16 -0500[diff] [blame]1213static sd_rsp_type_t sd_app_command(SDState *sd,
Blue Swirl22ed1d342010-04-25 19:31:06 +0000[diff] [blame]1214 SDRequest req)
1215{
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1216 DPRINTF("ACMD%d 0x%08x\n", req.cmd, req.arg);
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]1217 sd->card_status |= APP_CMD;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1218 switch (req.cmd) {
1219 case 6: /* ACMD6: SET_BUS_WIDTH */
1220 switch (sd->state) {
1221 case sd_transfer_state:
1222 sd->sd_status[0] &= 0x3f;
1223 sd->sd_status[0] |= (req.arg & 0x03) << 6;
1224 return sd_r1;
1225
1226 default:
1227 break;
1228 }
1229 break;
1230
1231 case 13: /* ACMD13: SD_STATUS */
1232 switch (sd->state) {
1233 case sd_transfer_state:
Peter Maydellfb1ba032011-02-18 13:39:00 +0000[diff] [blame]1234 sd->state = sd_sendingdata_state;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1235 sd->data_start = 0;
1236 sd->data_offset = 0;
1237 return sd_r1;
1238
1239 default:
1240 break;
1241 }
1242 break;
1243
1244 case 22: /* ACMD22: SEND_NUM_WR_BLOCKS */
1245 switch (sd->state) {
1246 case sd_transfer_state:
1247 *(uint32_t *) sd->data = sd->blk_written;
1248
Peter Maydellfb1ba032011-02-18 13:39:00 +0000[diff] [blame]1249 sd->state = sd_sendingdata_state;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1250 sd->data_start = 0;
1251 sd->data_offset = 0;
1252 return sd_r1;
1253
1254 default:
1255 break;
1256 }
1257 break;
1258
1259 case 23: /* ACMD23: SET_WR_BLK_ERASE_COUNT */
1260 switch (sd->state) {
1261 case sd_transfer_state:
1262 return sd_r1;
1263
1264 default:
1265 break;
1266 }
1267 break;
1268
1269 case 41: /* ACMD41: SD_APP_OP_COND */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1270 if (sd->spi) {
1271 /* SEND_OP_CMD */
1272 sd->state = sd_transfer_state;
1273 return sd_r1;
1274 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1275 switch (sd->state) {
1276 case sd_idle_state:
Peter Crosthwaite37ab4a52013-06-03 17:17:45 +0100[diff] [blame]1277 /* We accept any voltage. 10000 V is nothing.
1278 *
1279 * We don't model init delay so just advance straight to ready state
1280 * unless it's an enquiry ACMD41 (bits 23:0 == 0).
1281 */
1282 if (req.arg & ACMD41_ENQUIRY_MASK) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1283 sd->state = sd_ready_state;
Peter Crosthwaite37ab4a52013-06-03 17:17:45 +0100[diff] [blame]1284 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1285
1286 return sd_r3;
1287
1288 default:
1289 break;
1290 }
1291 break;
1292
1293 case 42: /* ACMD42: SET_CLR_CARD_DETECT */
1294 switch (sd->state) {
1295 case sd_transfer_state:
1296 /* Bringing in the 50KOhm pull-up resistor... Done. */
1297 return sd_r1;
1298
1299 default:
1300 break;
1301 }
1302 break;
1303
1304 case 51: /* ACMD51: SEND_SCR */
1305 switch (sd->state) {
1306 case sd_transfer_state:
1307 sd->state = sd_sendingdata_state;
1308 sd->data_start = 0;
1309 sd->data_offset = 0;
1310 return sd_r1;
1311
1312 default:
1313 break;
1314 }
1315 break;
1316
1317 default:
1318 /* Fall back to standard commands. */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1319 return sd_normal_command(sd, req);
1320 }
1321
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1322 fprintf(stderr, "SD: ACMD%i in a wrong state\n", req.cmd);
Peter Maydell5b08bfe2011-12-18 21:37:57 +0100[diff] [blame]1323 return sd_illegal;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1324}
1325
Peter Maydell25881d32011-12-18 21:37:51 +0100[diff] [blame]1326static int cmd_valid_while_locked(SDState *sd, SDRequest *req)
1327{
1328 /* Valid commands in locked state:
1329 * basic class (0)
1330 * lock card class (7)
1331 * CMD16
1332 * implicitly, the ACMD prefix CMD55
1333 * ACMD41 and ACMD42
1334 * Anything else provokes an "illegal command" response.
1335 */
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]1336 if (sd->expecting_acmd) {
Peter Maydell25881d32011-12-18 21:37:51 +0100[diff] [blame]1337 return req->cmd == 41 || req->cmd == 42;
1338 }
1339 if (req->cmd == 16 || req->cmd == 55) {
1340 return 1;
1341 }
1342 return sd_cmd_class[req->cmd] == 0 || sd_cmd_class[req->cmd] == 7;
1343}
1344
Paul Brookbc24a222009-05-10 01:44:56 +0100[diff] [blame]1345int sd_do_command(SDState *sd, SDRequest *req,
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1346 uint8_t *response) {
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1347 int last_state;
Anthony Liguoric227f092009-10-01 16:12:16 -0500[diff] [blame]1348 sd_rsp_type_t rtype;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1349 int rsplen;
1350
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1351 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1352 return 0;
1353 }
1354
1355 if (sd_req_crc_validate(req)) {
Peter Maydellabda1f32011-12-18 21:37:53 +0100[diff] [blame]1356 sd->card_status |= COM_CRC_ERROR;
Peter Maydellb1f517e2011-12-18 21:37:56 +0100[diff] [blame]1357 rtype = sd_illegal;
1358 goto send_response;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1359 }
1360
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1361 if (sd->card_status & CARD_IS_LOCKED) {
Peter Maydell25881d32011-12-18 21:37:51 +0100[diff] [blame]1362 if (!cmd_valid_while_locked(sd, req)) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1363 sd->card_status |= ILLEGAL_COMMAND;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]1364 sd->expecting_acmd = false;
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1365 fprintf(stderr, "SD: Card is locked\n");
Peter Maydellb1f517e2011-12-18 21:37:56 +0100[diff] [blame]1366 rtype = sd_illegal;
1367 goto send_response;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1368 }
Peter Maydell25881d32011-12-18 21:37:51 +0100[diff] [blame]1369 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1370
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1371 last_state = sd->state;
1372 sd_set_mode(sd);
1373
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]1374 if (sd->expecting_acmd) {
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]1375 sd->expecting_acmd = false;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1376 rtype = sd_app_command(sd, *req);
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]1377 } else {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1378 rtype = sd_normal_command(sd, *req);
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]1379 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1380
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1381 if (rtype == sd_illegal) {
1382 sd->card_status |= ILLEGAL_COMMAND;
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1383 } else {
1384 /* Valid command, we can update the 'state before command' bits.
1385 * (Do this now so they appear in r1 responses.)
1386 */
1387 sd->current_cmd = req->cmd;
1388 sd->card_status &= ~CURRENT_STATE;
1389 sd->card_status |= (last_state << 9);
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1390 }
1391
Peter Maydellb1f517e2011-12-18 21:37:56 +0100[diff] [blame]1392send_response:
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1393 switch (rtype) {
1394 case sd_r1:
1395 case sd_r1b:
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1396 sd_response_r1_make(sd, response);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1397 rsplen = 4;
1398 break;
1399
1400 case sd_r2_i:
1401 memcpy(response, sd->cid, sizeof(sd->cid));
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1402 rsplen = 16;
1403 break;
1404
1405 case sd_r2_s:
1406 memcpy(response, sd->csd, sizeof(sd->csd));
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1407 rsplen = 16;
1408 break;
1409
1410 case sd_r3:
1411 sd_response_r3_make(sd, response);
1412 rsplen = 4;
1413 break;
1414
1415 case sd_r6:
1416 sd_response_r6_make(sd, response);
1417 rsplen = 4;
1418 break;
1419
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]1420 case sd_r7:
1421 sd_response_r7_make(sd, response);
1422 rsplen = 4;
1423 break;
1424
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1425 case sd_r0:
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1426 case sd_illegal:
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1427 default:
1428 rsplen = 0;
1429 break;
1430 }
1431
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1432 if (rtype != sd_illegal) {
1433 /* Clear the "clear on valid command" status bits now we've
1434 * sent any response
1435 */
1436 sd->card_status &= ~CARD_STATUS_B;
1437 }
1438
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1439#ifdef DEBUG_SD
1440 if (rsplen) {
1441 int i;
1442 DPRINTF("Response:");
1443 for (i = 0; i < rsplen; i++)
Peter Crosthwaite038d3d42012-11-15 16:32:53 +1000[diff] [blame]1444 fprintf(stderr, " %02x", response[i]);
1445 fprintf(stderr, " state %d\n", sd->state);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1446 } else {
1447 DPRINTF("No response %d\n", sd->state);
1448 }
1449#endif
1450
1451 return rsplen;
1452}
1453
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1454static void sd_blk_read(SDState *sd, uint64_t addr, uint32_t len)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1455{
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1456 uint64_t end = addr + len;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1457
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1458 DPRINTF("sd_blk_read: addr = 0x%08llx, len = %d\n",
1459 (unsigned long long) addr, len);
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1460 if (!sd->blk || blk_read(sd->blk, addr >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1461 fprintf(stderr, "sd_blk_read: read error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1462 return;
1463 }
1464
1465 if (end > (addr & ~511) + 512) {
balrog33f00272007-12-24 14:33:24 +0000[diff] [blame]1466 memcpy(sd->data, sd->buf + (addr & 511), 512 - (addr & 511));
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1467
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1468 if (blk_read(sd->blk, end >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1469 fprintf(stderr, "sd_blk_read: read error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1470 return;
1471 }
balrog33f00272007-12-24 14:33:24 +0000[diff] [blame]1472 memcpy(sd->data + 512 - (addr & 511), sd->buf, end & 511);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1473 } else
balrog33f00272007-12-24 14:33:24 +0000[diff] [blame]1474 memcpy(sd->data, sd->buf + (addr & 511), len);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1475}
1476
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1477static void sd_blk_write(SDState *sd, uint64_t addr, uint32_t len)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1478{
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1479 uint64_t end = addr + len;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1480
1481 if ((addr & 511) || len < 512)
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1482 if (!sd->blk || blk_read(sd->blk, addr >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1483 fprintf(stderr, "sd_blk_write: read error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1484 return;
1485 }
1486
1487 if (end > (addr & ~511) + 512) {
balrog33f00272007-12-24 14:33:24 +0000[diff] [blame]1488 memcpy(sd->buf + (addr & 511), sd->data, 512 - (addr & 511));
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1489 if (blk_write(sd->blk, addr >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1490 fprintf(stderr, "sd_blk_write: write error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1491 return;
1492 }
1493
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1494 if (blk_read(sd->blk, end >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1495 fprintf(stderr, "sd_blk_write: read error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1496 return;
1497 }
balrog33f00272007-12-24 14:33:24 +0000[diff] [blame]1498 memcpy(sd->buf, sd->data + 512 - (addr & 511), end & 511);
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1499 if (blk_write(sd->blk, end >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1500 fprintf(stderr, "sd_blk_write: write error on host side\n");
Stefan Weil7a608f52012-09-23 08:51:01 +0200[diff] [blame]1501 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1502 } else {
balrog33f00272007-12-24 14:33:24 +0000[diff] [blame]1503 memcpy(sd->buf + (addr & 511), sd->data, len);
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1504 if (!sd->blk || blk_write(sd->blk, addr >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1505 fprintf(stderr, "sd_blk_write: write error on host side\n");
Stefan Weil7a608f52012-09-23 08:51:01 +0200[diff] [blame]1506 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1507 }
1508}
1509
balrog33f00272007-12-24 14:33:24 +0000[diff] [blame]1510#define BLK_READ_BLOCK(a, len) sd_blk_read(sd, a, len)
1511#define BLK_WRITE_BLOCK(a, len) sd_blk_write(sd, a, len)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1512#define APP_READ_BLOCK(a, len) memset(sd->data, 0xec, len)
1513#define APP_WRITE_BLOCK(a, len)
1514
1515void sd_write_data(SDState *sd, uint8_t value)
1516{
1517 int i;
1518
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1519 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1520 return;
1521
1522 if (sd->state != sd_receivingdata_state) {
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1523 fprintf(stderr, "sd_write_data: not in Receiving-Data state\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1524 return;
1525 }
1526
1527 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION))
1528 return;
1529
1530 switch (sd->current_cmd) {
1531 case 24: /* CMD24: WRITE_SINGLE_BLOCK */
1532 sd->data[sd->data_offset ++] = value;
1533 if (sd->data_offset >= sd->blk_len) {
1534 /* TODO: Check CRC before committing */
1535 sd->state = sd_programming_state;
1536 BLK_WRITE_BLOCK(sd->data_start, sd->data_offset);
1537 sd->blk_written ++;
1538 sd->csd[14] |= 0x40;
1539 /* Bzzzzzzztt .... Operation complete. */
1540 sd->state = sd_transfer_state;
1541 }
1542 break;
1543
1544 case 25: /* CMD25: WRITE_MULTIPLE_BLOCK */
Dr. David Alan Gilbert33fa8232011-07-25 13:21:30 +0100[diff] [blame]1545 if (sd->data_offset == 0) {
Peter Maydelle03ba132013-04-09 12:48:19 +0100[diff] [blame]1546 /* Start of the block - let's check the address is valid */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1547 if (sd->data_start + sd->blk_len > sd->size) {
1548 sd->card_status |= ADDRESS_ERROR;
1549 break;
1550 }
1551 if (sd_wp_addr(sd, sd->data_start)) {
1552 sd->card_status |= WP_VIOLATION;
1553 break;
1554 }
Dr. David Alan Gilbert33fa8232011-07-25 13:21:30 +0100[diff] [blame]1555 }
1556 sd->data[sd->data_offset++] = value;
1557 if (sd->data_offset >= sd->blk_len) {
1558 /* TODO: Check CRC before committing */
1559 sd->state = sd_programming_state;
1560 BLK_WRITE_BLOCK(sd->data_start, sd->data_offset);
1561 sd->blk_written++;
1562 sd->data_start += sd->blk_len;
1563 sd->data_offset = 0;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1564 sd->csd[14] |= 0x40;
1565
1566 /* Bzzzzzzztt .... Operation complete. */
1567 sd->state = sd_receivingdata_state;
1568 }
1569 break;
1570
1571 case 26: /* CMD26: PROGRAM_CID */
1572 sd->data[sd->data_offset ++] = value;
1573 if (sd->data_offset >= sizeof(sd->cid)) {
1574 /* TODO: Check CRC before committing */
1575 sd->state = sd_programming_state;
1576 for (i = 0; i < sizeof(sd->cid); i ++)
1577 if ((sd->cid[i] | 0x00) != sd->data[i])
1578 sd->card_status |= CID_CSD_OVERWRITE;
1579
1580 if (!(sd->card_status & CID_CSD_OVERWRITE))
1581 for (i = 0; i < sizeof(sd->cid); i ++) {
1582 sd->cid[i] |= 0x00;
1583 sd->cid[i] &= sd->data[i];
1584 }
1585 /* Bzzzzzzztt .... Operation complete. */
1586 sd->state = sd_transfer_state;
1587 }
1588 break;
1589
1590 case 27: /* CMD27: PROGRAM_CSD */
1591 sd->data[sd->data_offset ++] = value;
1592 if (sd->data_offset >= sizeof(sd->csd)) {
1593 /* TODO: Check CRC before committing */
1594 sd->state = sd_programming_state;
1595 for (i = 0; i < sizeof(sd->csd); i ++)
1596 if ((sd->csd[i] | sd_csd_rw_mask[i]) !=
1597 (sd->data[i] | sd_csd_rw_mask[i]))
1598 sd->card_status |= CID_CSD_OVERWRITE;
1599
1600 /* Copy flag (OTP) & Permanent write protect */
1601 if (sd->csd[14] & ~sd->data[14] & 0x60)
1602 sd->card_status |= CID_CSD_OVERWRITE;
1603
1604 if (!(sd->card_status & CID_CSD_OVERWRITE))
1605 for (i = 0; i < sizeof(sd->csd); i ++) {
1606 sd->csd[i] |= sd_csd_rw_mask[i];
1607 sd->csd[i] &= sd->data[i];
1608 }
1609 /* Bzzzzzzztt .... Operation complete. */
1610 sd->state = sd_transfer_state;
1611 }
1612 break;
1613
1614 case 42: /* CMD42: LOCK_UNLOCK */
1615 sd->data[sd->data_offset ++] = value;
1616 if (sd->data_offset >= sd->blk_len) {
1617 /* TODO: Check CRC before committing */
1618 sd->state = sd_programming_state;
1619 sd_lock_command(sd);
1620 /* Bzzzzzzztt .... Operation complete. */
1621 sd->state = sd_transfer_state;
1622 }
1623 break;
1624
1625 case 56: /* CMD56: GEN_CMD */
1626 sd->data[sd->data_offset ++] = value;
1627 if (sd->data_offset >= sd->blk_len) {
1628 APP_WRITE_BLOCK(sd->data_start, sd->data_offset);
1629 sd->state = sd_transfer_state;
1630 }
1631 break;
1632
1633 default:
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1634 fprintf(stderr, "sd_write_data: unknown command\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1635 break;
1636 }
1637}
1638
1639uint8_t sd_read_data(SDState *sd)
1640{
1641 /* TODO: Append CRCs */
1642 uint8_t ret;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1643 int io_len;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1644
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1645 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1646 return 0x00;
1647
1648 if (sd->state != sd_sendingdata_state) {
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1649 fprintf(stderr, "sd_read_data: not in Sending-Data state\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1650 return 0x00;
1651 }
1652
1653 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION))
1654 return 0x00;
1655
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1656 io_len = (sd->ocr & (1 << 30)) ? 512 : sd->blk_len;
1657
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1658 switch (sd->current_cmd) {
1659 case 6: /* CMD6: SWITCH_FUNCTION */
1660 ret = sd->data[sd->data_offset ++];
1661
1662 if (sd->data_offset >= 64)
1663 sd->state = sd_transfer_state;
1664 break;
1665
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1666 case 9: /* CMD9: SEND_CSD */
1667 case 10: /* CMD10: SEND_CID */
1668 ret = sd->data[sd->data_offset ++];
1669
1670 if (sd->data_offset >= 16)
1671 sd->state = sd_transfer_state;
1672 break;
1673
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1674 case 11: /* CMD11: READ_DAT_UNTIL_STOP */
1675 if (sd->data_offset == 0)
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1676 BLK_READ_BLOCK(sd->data_start, io_len);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1677 ret = sd->data[sd->data_offset ++];
1678
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1679 if (sd->data_offset >= io_len) {
1680 sd->data_start += io_len;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1681 sd->data_offset = 0;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1682 if (sd->data_start + io_len > sd->size) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1683 sd->card_status |= ADDRESS_ERROR;
1684 break;
1685 }
1686 }
1687 break;
1688
1689 case 13: /* ACMD13: SD_STATUS */
1690 ret = sd->sd_status[sd->data_offset ++];
1691
1692 if (sd->data_offset >= sizeof(sd->sd_status))
1693 sd->state = sd_transfer_state;
1694 break;
1695
1696 case 17: /* CMD17: READ_SINGLE_BLOCK */
1697 if (sd->data_offset == 0)
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1698 BLK_READ_BLOCK(sd->data_start, io_len);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1699 ret = sd->data[sd->data_offset ++];
1700
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1701 if (sd->data_offset >= io_len)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1702 sd->state = sd_transfer_state;
1703 break;
1704
1705 case 18: /* CMD18: READ_MULTIPLE_BLOCK */
1706 if (sd->data_offset == 0)
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1707 BLK_READ_BLOCK(sd->data_start, io_len);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1708 ret = sd->data[sd->data_offset ++];
1709
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1710 if (sd->data_offset >= io_len) {
1711 sd->data_start += io_len;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1712 sd->data_offset = 0;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1713 if (sd->data_start + io_len > sd->size) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1714 sd->card_status |= ADDRESS_ERROR;
1715 break;
1716 }
1717 }
1718 break;
1719
1720 case 22: /* ACMD22: SEND_NUM_WR_BLOCKS */
1721 ret = sd->data[sd->data_offset ++];
1722
1723 if (sd->data_offset >= 4)
1724 sd->state = sd_transfer_state;
1725 break;
1726
1727 case 30: /* CMD30: SEND_WRITE_PROT */
1728 ret = sd->data[sd->data_offset ++];
1729
1730 if (sd->data_offset >= 4)
1731 sd->state = sd_transfer_state;
1732 break;
1733
1734 case 51: /* ACMD51: SEND_SCR */
1735 ret = sd->scr[sd->data_offset ++];
1736
1737 if (sd->data_offset >= sizeof(sd->scr))
1738 sd->state = sd_transfer_state;
1739 break;
1740
1741 case 56: /* CMD56: GEN_CMD */
1742 if (sd->data_offset == 0)
1743 APP_READ_BLOCK(sd->data_start, sd->blk_len);
1744 ret = sd->data[sd->data_offset ++];
1745
1746 if (sd->data_offset >= sd->blk_len)
1747 sd->state = sd_transfer_state;
1748 break;
1749
1750 default:
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1751 fprintf(stderr, "sd_read_data: unknown command\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1752 return 0x00;
1753 }
1754
1755 return ret;
1756}
1757
Mitsyanko Igor879bf4a2012-08-13 11:04:07 +0100[diff] [blame]1758bool sd_data_ready(SDState *sd)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1759{
1760 return sd->state == sd_sendingdata_state;
1761}
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1762
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]1763void sd_enable(SDState *sd, bool enable)
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1764{
1765 sd->enable = enable;
1766}