Google Git
Sign in
qemu / qemu / 1374aecc7c6c6ea2c6b40b7c4c6e9bdb9163b774 / . / hw / sd / sd.c
blob: 87c6dc108df95a454843c203fcd1bf795bcb8e76 [file] [log] [blame]
ths5fafdf22007-09-16 21:08:06 +0000[diff] [blame]1/*
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]2 * SD Memory Card emulation as defined in the "SD Memory Card Physical
3 * layer specification, Version 1.10."
4 *
5 * Copyright (c) 2006 Andrzej Zaborowski <balrog@zabor.org>
6 * Copyright (c) 2007 CodeSourcery
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS''
20 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
21 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
22 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR
23 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
24 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
25 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
26 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
27 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 */
31
Peter Maydell04308912016-01-26 18:17:30 +0000[diff] [blame]32#include "qemu/osdep.h"
Peter Maydellc759a792016-02-18 14:16:18 +0000[diff] [blame]33#include "hw/qdev.h"
Paolo Bonzini83c9f4c2013-02-04 15:40:22 +0100[diff] [blame]34#include "hw/hw.h"
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]35#include "sysemu/block-backend.h"
Sai Pavan Boddue3382ef2015-10-08 18:51:01 +0530[diff] [blame]36#include "hw/sd/sd.h"
Markus Armbrusterda34e652016-03-14 09:01:28 +0100[diff] [blame]37#include "qapi/error.h"
Paolo Bonzini1de7afc2012-12-17 18:20:00 +0100[diff] [blame]38#include "qemu/bitmap.h"
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]39#include "hw/qdev-properties.h"
40#include "qemu/error-report.h"
Andrew Baumanndd26eb42016-02-18 14:16:20 +0000[diff] [blame]41#include "qemu/timer.h"
Paolo Bonzini03dd0242015-12-15 13:16:16 +0100[diff] [blame]42#include "qemu/log.h"
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]43
44//#define DEBUG_SD 1
45
46#ifdef DEBUG_SD
Blue Swirl001faf32009-05-13 17:53:17 +0000[diff] [blame]47#define DPRINTF(fmt, ...) \
48do { fprintf(stderr, "SD: " fmt , ## __VA_ARGS__); } while (0)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]49#else
Blue Swirl001faf32009-05-13 17:53:17 +0000[diff] [blame]50#define DPRINTF(fmt, ...) do {} while(0)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]51#endif
52
Andrew Baumanndd26eb42016-02-18 14:16:20 +0000[diff] [blame]53#define ACMD41_ENQUIRY_MASK 0x00ffffff
54#define OCR_POWER_UP 0x80000000
55#define OCR_POWER_DELAY_NS 500000 /* 0.5ms */
Peter Crosthwaite37ab4a52013-06-03 17:17:45 +0100[diff] [blame]56
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]57typedef enum {
58 sd_r0 = 0, /* no response */
59 sd_r1, /* normal response command */
60 sd_r2_i, /* CID register */
61 sd_r2_s, /* CSD register */
62 sd_r3, /* OCR register */
63 sd_r6 = 6, /* Published RCA response */
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]64 sd_r7, /* Operating voltage */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]65 sd_r1b = -1,
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]66 sd_illegal = -2,
Anthony Liguoric227f092009-10-01 16:12:16 -0500[diff] [blame]67} sd_rsp_type_t;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]68
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]69enum SDCardModes {
70 sd_inactive,
71 sd_card_identification_mode,
72 sd_data_transfer_mode,
73};
74
75enum SDCardStates {
76 sd_inactive_state = -1,
77 sd_idle_state = 0,
78 sd_ready_state,
79 sd_identification_state,
80 sd_standby_state,
81 sd_transfer_state,
82 sd_sendingdata_state,
83 sd_receivingdata_state,
84 sd_programming_state,
85 sd_disconnect_state,
86};
87
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]88struct SDState {
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]89 DeviceState parent_obj;
90
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]91 uint32_t mode; /* current card mode, one of SDCardModes */
92 int32_t state; /* current card state, one of SDCardStates */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]93 uint32_t ocr;
Andrew Baumanndd26eb42016-02-18 14:16:20 +0000[diff] [blame]94 QEMUTimer *ocr_power_timer;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]95 uint8_t scr[8];
96 uint8_t cid[16];
97 uint8_t csd[16];
98 uint16_t rca;
99 uint32_t card_status;
100 uint8_t sd_status[64];
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]101 uint32_t vhs;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]102 bool wp_switch;
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100[diff] [blame]103 unsigned long *wp_groups;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]104 int32_t wpgrps_size;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]105 uint64_t size;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]106 uint32_t blk_len;
Andrew Baumann4481bbc2016-02-18 14:16:19 +0000[diff] [blame]107 uint32_t multi_blk_cnt;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]108 uint32_t erase_start;
109 uint32_t erase_end;
110 uint8_t pwd[16];
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]111 uint32_t pwd_len;
112 uint8_t function_group[6];
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]113
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]114 bool spi;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]115 uint8_t current_cmd;
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]116 /* True if we will handle the next command as an ACMD. Note that this does
117 * *not* track the APP_CMD status bit!
118 */
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]119 bool expecting_acmd;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]120 uint32_t blk_written;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]121 uint64_t data_start;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]122 uint32_t data_offset;
123 uint8_t data[512];
balrog02ce6002007-11-17 14:34:44 +0000[diff] [blame]124 qemu_irq readonly_cb;
125 qemu_irq inserted_cb;
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]126 BlockBackend *blk;
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]127
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]128 bool enable;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]129};
130
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]131static void sd_set_mode(SDState *sd)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]132{
133 switch (sd->state) {
134 case sd_inactive_state:
135 sd->mode = sd_inactive;
136 break;
137
138 case sd_idle_state:
139 case sd_ready_state:
140 case sd_identification_state:
141 sd->mode = sd_card_identification_mode;
142 break;
143
144 case sd_standby_state:
145 case sd_transfer_state:
146 case sd_sendingdata_state:
147 case sd_receivingdata_state:
148 case sd_programming_state:
149 case sd_disconnect_state:
150 sd->mode = sd_data_transfer_mode;
151 break;
152 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]153}
154
Anthony Liguoric227f092009-10-01 16:12:16 -0500[diff] [blame]155static const sd_cmd_type_t sd_cmd_type[64] = {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]156 sd_bc, sd_none, sd_bcr, sd_bcr, sd_none, sd_none, sd_none, sd_ac,
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]157 sd_bcr, sd_ac, sd_ac, sd_adtc, sd_ac, sd_ac, sd_none, sd_ac,
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]158 sd_ac, sd_adtc, sd_adtc, sd_none, sd_none, sd_none, sd_none, sd_none,
159 sd_adtc, sd_adtc, sd_adtc, sd_adtc, sd_ac, sd_ac, sd_adtc, sd_none,
160 sd_ac, sd_ac, sd_none, sd_none, sd_none, sd_none, sd_ac, sd_none,
161 sd_none, sd_none, sd_bc, sd_none, sd_none, sd_none, sd_none, sd_none,
162 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_ac,
163 sd_adtc, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
164};
165
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]166static const int sd_cmd_class[64] = {
167 0, 0, 0, 0, 0, 9, 10, 0, 0, 0, 0, 1, 0, 0, 0, 0,
168 2, 2, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 6, 6, 6, 6,
169 5, 5, 10, 10, 10, 10, 5, 9, 9, 9, 7, 7, 7, 7, 7, 7,
170 7, 7, 10, 7, 9, 9, 9, 8, 8, 10, 8, 8, 8, 8, 8, 8,
171};
172
173static uint8_t sd_crc7(void *message, size_t width)
174{
175 int i, bit;
176 uint8_t shift_reg = 0x00;
177 uint8_t *msg = (uint8_t *) message;
178
179 for (i = 0; i < width; i ++, msg ++)
180 for (bit = 7; bit >= 0; bit --) {
181 shift_reg <<= 1;
182 if ((shift_reg >> 7) ^ ((*msg >> bit) & 1))
183 shift_reg ^= 0x89;
184 }
185
186 return shift_reg;
187}
188
189static uint16_t sd_crc16(void *message, size_t width)
190{
191 int i, bit;
192 uint16_t shift_reg = 0x0000;
193 uint16_t *msg = (uint16_t *) message;
194 width <<= 1;
195
196 for (i = 0; i < width; i ++, msg ++)
197 for (bit = 15; bit >= 0; bit --) {
198 shift_reg <<= 1;
199 if ((shift_reg >> 15) ^ ((*msg >> bit) & 1))
200 shift_reg ^= 0x1011;
201 }
202
203 return shift_reg;
204}
205
206static void sd_set_ocr(SDState *sd)
207{
Andrew Baumanndd26eb42016-02-18 14:16:20 +0000[diff] [blame]208 /* All voltages OK, Standard Capacity SD Memory Card, not yet powered up */
209 sd->ocr = 0x00ffff00;
210}
211
212static void sd_ocr_powerup(void *opaque)
213{
214 SDState *sd = opaque;
215
216 /* Set powered up bit in OCR */
217 assert(!(sd->ocr & OCR_POWER_UP));
218 sd->ocr |= OCR_POWER_UP;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]219}
220
221static void sd_set_scr(SDState *sd)
222{
223 sd->scr[0] = 0x00; /* SCR Structure */
224 sd->scr[1] = 0x2f; /* SD Security Support */
225 sd->scr[2] = 0x00;
226 sd->scr[3] = 0x00;
227 sd->scr[4] = 0x00;
228 sd->scr[5] = 0x00;
229 sd->scr[6] = 0x00;
230 sd->scr[7] = 0x00;
231}
232
233#define MID 0xaa
234#define OID "XY"
235#define PNM "QEMU!"
236#define PRV 0x01
237#define MDT_YR 2006
238#define MDT_MON 2
239
240static void sd_set_cid(SDState *sd)
241{
242 sd->cid[0] = MID; /* Fake card manufacturer ID (MID) */
243 sd->cid[1] = OID[0]; /* OEM/Application ID (OID) */
244 sd->cid[2] = OID[1];
245 sd->cid[3] = PNM[0]; /* Fake product name (PNM) */
246 sd->cid[4] = PNM[1];
247 sd->cid[5] = PNM[2];
248 sd->cid[6] = PNM[3];
249 sd->cid[7] = PNM[4];
250 sd->cid[8] = PRV; /* Fake product revision (PRV) */
251 sd->cid[9] = 0xde; /* Fake serial number (PSN) */
252 sd->cid[10] = 0xad;
253 sd->cid[11] = 0xbe;
254 sd->cid[12] = 0xef;
255 sd->cid[13] = 0x00 | /* Manufacture date (MDT) */
256 ((MDT_YR - 2000) / 10);
257 sd->cid[14] = ((MDT_YR % 10) << 4) | MDT_MON;
258 sd->cid[15] = (sd_crc7(sd->cid, 15) << 1) | 1;
259}
260
261#define HWBLOCK_SHIFT 9 /* 512 bytes */
262#define SECTOR_SHIFT 5 /* 16 kilobytes */
263#define WPGROUP_SHIFT 7 /* 2 megs */
264#define CMULT_SHIFT 9 /* 512 times HWBLOCK_SIZE */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]265#define WPGROUP_SIZE (1 << (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT))
266
267static const uint8_t sd_csd_rw_mask[16] = {
268 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
269 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfc, 0xfe,
270};
271
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]272static void sd_set_csd(SDState *sd, uint64_t size)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]273{
274 uint32_t csize = (size >> (CMULT_SHIFT + HWBLOCK_SHIFT)) - 1;
275 uint32_t sectsize = (1 << (SECTOR_SHIFT + 1)) - 1;
276 uint32_t wpsize = (1 << (WPGROUP_SHIFT + 1)) - 1;
277
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]278 if (size <= 0x40000000) { /* Standard Capacity SD */
279 sd->csd[0] = 0x00; /* CSD structure */
280 sd->csd[1] = 0x26; /* Data read access-time-1 */
281 sd->csd[2] = 0x00; /* Data read access-time-2 */
282 sd->csd[3] = 0x5a; /* Max. data transfer rate */
283 sd->csd[4] = 0x5f; /* Card Command Classes */
284 sd->csd[5] = 0x50 | /* Max. read data block length */
285 HWBLOCK_SHIFT;
286 sd->csd[6] = 0xe0 | /* Partial block for read allowed */
287 ((csize >> 10) & 0x03);
288 sd->csd[7] = 0x00 | /* Device size */
289 ((csize >> 2) & 0xff);
290 sd->csd[8] = 0x3f | /* Max. read current */
291 ((csize << 6) & 0xc0);
292 sd->csd[9] = 0xfc | /* Max. write current */
293 ((CMULT_SHIFT - 2) >> 1);
294 sd->csd[10] = 0x40 | /* Erase sector size */
295 (((CMULT_SHIFT - 2) << 7) & 0x80) | (sectsize >> 1);
296 sd->csd[11] = 0x00 | /* Write protect group size */
297 ((sectsize << 7) & 0x80) | wpsize;
298 sd->csd[12] = 0x90 | /* Write speed factor */
299 (HWBLOCK_SHIFT >> 2);
300 sd->csd[13] = 0x20 | /* Max. write data block length */
301 ((HWBLOCK_SHIFT << 6) & 0xc0);
302 sd->csd[14] = 0x00; /* File format group */
303 sd->csd[15] = (sd_crc7(sd->csd, 15) << 1) | 1;
304 } else { /* SDHC */
305 size /= 512 * 1024;
306 size -= 1;
307 sd->csd[0] = 0x40;
308 sd->csd[1] = 0x0e;
309 sd->csd[2] = 0x00;
310 sd->csd[3] = 0x32;
311 sd->csd[4] = 0x5b;
312 sd->csd[5] = 0x59;
313 sd->csd[6] = 0x00;
314 sd->csd[7] = (size >> 16) & 0xff;
315 sd->csd[8] = (size >> 8) & 0xff;
316 sd->csd[9] = (size & 0xff);
317 sd->csd[10] = 0x7f;
318 sd->csd[11] = 0x80;
319 sd->csd[12] = 0x0a;
320 sd->csd[13] = 0x40;
321 sd->csd[14] = 0x00;
322 sd->csd[15] = 0x00;
Peter Maydelle03ba132013-04-09 12:48:19 +0100[diff] [blame]323 sd->ocr |= 1 << 30; /* High Capacity SD Memory Card */
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]324 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]325}
326
327static void sd_set_rca(SDState *sd)
328{
329 sd->rca += 0x4567;
330}
331
Peter Maydellb8d334c2011-12-18 21:37:52 +0100[diff] [blame]332/* Card status bits, split by clear condition:
333 * A : According to the card current state
334 * B : Always related to the previous command
335 * C : Cleared by read
336 */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]337#define CARD_STATUS_A 0x02004100
338#define CARD_STATUS_B 0x00c01e00
339#define CARD_STATUS_C 0xfd39a028
340
341static void sd_set_cardstatus(SDState *sd)
342{
343 sd->card_status = 0x00000100;
344}
345
346static void sd_set_sdstatus(SDState *sd)
347{
348 memset(sd->sd_status, 0, 64);
349}
350
Paul Brookbc24a222009-05-10 01:44:56 +0100[diff] [blame]351static int sd_req_crc_validate(SDRequest *req)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]352{
353 uint8_t buffer[5];
354 buffer[0] = 0x40 | req->cmd;
355 buffer[1] = (req->arg >> 24) & 0xff;
356 buffer[2] = (req->arg >> 16) & 0xff;
357 buffer[3] = (req->arg >> 8) & 0xff;
358 buffer[4] = (req->arg >> 0) & 0xff;
359 return 0;
360 return sd_crc7(buffer, 5) != req->crc; /* TODO */
361}
362
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]363static void sd_response_r1_make(SDState *sd, uint8_t *response)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]364{
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]365 uint32_t status = sd->card_status;
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]366 /* Clear the "clear on read" status bits */
367 sd->card_status &= ~CARD_STATUS_C;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]368
369 response[0] = (status >> 24) & 0xff;
370 response[1] = (status >> 16) & 0xff;
371 response[2] = (status >> 8) & 0xff;
372 response[3] = (status >> 0) & 0xff;
373}
374
pbrook9596ebb2007-11-18 01:44:38 +0000[diff] [blame]375static void sd_response_r3_make(SDState *sd, uint8_t *response)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]376{
377 response[0] = (sd->ocr >> 24) & 0xff;
378 response[1] = (sd->ocr >> 16) & 0xff;
379 response[2] = (sd->ocr >> 8) & 0xff;
380 response[3] = (sd->ocr >> 0) & 0xff;
381}
382
pbrook9596ebb2007-11-18 01:44:38 +0000[diff] [blame]383static void sd_response_r6_make(SDState *sd, uint8_t *response)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]384{
385 uint16_t arg;
386 uint16_t status;
387
388 arg = sd->rca;
389 status = ((sd->card_status >> 8) & 0xc000) |
390 ((sd->card_status >> 6) & 0x2000) |
391 (sd->card_status & 0x1fff);
Peter Maydellfcfa9352011-12-18 21:38:00 +0100[diff] [blame]392 sd->card_status &= ~(CARD_STATUS_C & 0xc81fff);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]393
394 response[0] = (arg >> 8) & 0xff;
395 response[1] = arg & 0xff;
396 response[2] = (status >> 8) & 0xff;
397 response[3] = status & 0xff;
398}
399
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]400static void sd_response_r7_make(SDState *sd, uint8_t *response)
401{
402 response[0] = (sd->vhs >> 24) & 0xff;
403 response[1] = (sd->vhs >> 16) & 0xff;
404 response[2] = (sd->vhs >> 8) & 0xff;
405 response[3] = (sd->vhs >> 0) & 0xff;
406}
407
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]408static inline uint64_t sd_addr_to_wpnum(uint64_t addr)
409{
410 return addr >> (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT);
411}
412
Peter Maydellba3ed0f2016-02-18 14:16:18 +0000[diff] [blame]413static void sd_reset(DeviceState *dev)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]414{
Peter Maydellba3ed0f2016-02-18 14:16:18 +0000[diff] [blame]415 SDState *sd = SD_CARD(dev);
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]416 uint64_t size;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]417 uint64_t sect;
418
Peter Maydell16b781a2015-05-12 11:57:16 +0100[diff] [blame]419 if (sd->blk) {
420 blk_get_geometry(sd->blk, &sect);
Paul Brook03f311e2009-05-03 16:52:16 +0100[diff] [blame]421 } else {
422 sect = 0;
423 }
Vincent Palatin5e371412011-07-25 16:19:05 -0700[diff] [blame]424 size = sect << 9;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]425
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]426 sect = sd_addr_to_wpnum(size) + 1;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]427
428 sd->state = sd_idle_state;
429 sd->rca = 0x0000;
430 sd_set_ocr(sd);
431 sd_set_scr(sd);
432 sd_set_cid(sd);
433 sd_set_csd(sd, size);
434 sd_set_cardstatus(sd);
435 sd_set_sdstatus(sd);
436
Daniel P. Berrangeef1e1e02015-08-26 12:17:18 +0100[diff] [blame]437 g_free(sd->wp_groups);
Peter Maydell16b781a2015-05-12 11:57:16 +0100[diff] [blame]438 sd->wp_switch = sd->blk ? blk_is_read_only(sd->blk) : false;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]439 sd->wpgrps_size = sect;
440 sd->wp_groups = bitmap_new(sd->wpgrps_size);
441 memset(sd->function_group, 0, sizeof(sd->function_group));
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]442 sd->erase_start = 0;
443 sd->erase_end = 0;
444 sd->size = size;
445 sd->blk_len = 0x200;
446 sd->pwd_len = 0;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]447 sd->expecting_acmd = false;
Andrew Baumann4481bbc2016-02-18 14:16:19 +0000[diff] [blame]448 sd->multi_blk_cnt = 0;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]449}
450
Peter Maydellc759a792016-02-18 14:16:18 +0000[diff] [blame]451static bool sd_get_inserted(SDState *sd)
452{
Peter Maydell0719e712016-03-04 11:30:17 +0000[diff] [blame]453 return sd->blk && blk_is_inserted(sd->blk);
Peter Maydellc759a792016-02-18 14:16:18 +0000[diff] [blame]454}
455
456static bool sd_get_readonly(SDState *sd)
457{
458 return sd->wp_switch;
459}
460
Markus Armbruster7d4b4ba2011-09-06 18:58:59 +0200[diff] [blame]461static void sd_cardchange(void *opaque, bool load)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]462{
463 SDState *sd = opaque;
Peter Maydellc759a792016-02-18 14:16:18 +0000[diff] [blame]464 DeviceState *dev = DEVICE(sd);
465 SDBus *sdbus = SD_BUS(qdev_get_parent_bus(dev));
466 bool inserted = sd_get_inserted(sd);
467 bool readonly = sd_get_readonly(sd);
Christoph Hellwigdb97ee62011-01-24 13:32:41 +0100[diff] [blame]468
Peter Maydellc759a792016-02-18 14:16:18 +0000[diff] [blame]469 if (inserted) {
470 sd_reset(dev);
471 }
472
473 /* The IRQ notification is for legacy non-QOM SD controller devices;
474 * QOMified controllers use the SDBus APIs.
475 */
476 if (sdbus) {
477 sdbus_set_inserted(sdbus, inserted);
478 if (inserted) {
479 sdbus_set_readonly(sdbus, readonly);
480 }
481 } else {
482 qemu_set_irq(sd->inserted_cb, inserted);
483 if (inserted) {
484 qemu_set_irq(sd->readonly_cb, readonly);
485 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]486 }
487}
488
Markus Armbruster0e49de52011-08-03 15:07:41 +0200[diff] [blame]489static const BlockDevOps sd_block_ops = {
Markus Armbruster145feb12011-08-03 15:07:42 +0200[diff] [blame]490 .change_media_cb = sd_cardchange,
Markus Armbruster0e49de52011-08-03 15:07:41 +0200[diff] [blame]491};
492
Andrew Baumanndd26eb42016-02-18 14:16:20 +0000[diff] [blame]493static bool sd_ocr_vmstate_needed(void *opaque)
494{
495 SDState *sd = opaque;
496
497 /* Include the OCR state (and timer) if it is not yet powered up */
498 return !(sd->ocr & OCR_POWER_UP);
499}
500
501static const VMStateDescription sd_ocr_vmstate = {
502 .name = "sd-card/ocr-state",
503 .version_id = 1,
504 .minimum_version_id = 1,
505 .needed = sd_ocr_vmstate_needed,
506 .fields = (VMStateField[]) {
507 VMSTATE_UINT32(ocr, SDState),
508 VMSTATE_TIMER_PTR(ocr_power_timer, SDState),
509 VMSTATE_END_OF_LIST()
510 },
511};
512
513static int sd_vmstate_pre_load(void *opaque)
514{
515 SDState *sd = opaque;
516
517 /* If the OCR state is not included (prior versions, or not
518 * needed), then the OCR must be set as powered up. If the OCR state
519 * is included, this will be replaced by the state restore.
520 */
521 sd_ocr_powerup(sd);
522
523 return 0;
524}
525
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]526static const VMStateDescription sd_vmstate = {
527 .name = "sd-card",
528 .version_id = 1,
529 .minimum_version_id = 1,
Andrew Baumanndd26eb42016-02-18 14:16:20 +0000[diff] [blame]530 .pre_load = sd_vmstate_pre_load,
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]531 .fields = (VMStateField[]) {
532 VMSTATE_UINT32(mode, SDState),
533 VMSTATE_INT32(state, SDState),
534 VMSTATE_UINT8_ARRAY(cid, SDState, 16),
535 VMSTATE_UINT8_ARRAY(csd, SDState, 16),
536 VMSTATE_UINT16(rca, SDState),
537 VMSTATE_UINT32(card_status, SDState),
538 VMSTATE_PARTIAL_BUFFER(sd_status, SDState, 1),
539 VMSTATE_UINT32(vhs, SDState),
540 VMSTATE_BITMAP(wp_groups, SDState, 0, wpgrps_size),
541 VMSTATE_UINT32(blk_len, SDState),
Andrew Baumann4481bbc2016-02-18 14:16:19 +0000[diff] [blame]542 VMSTATE_UINT32(multi_blk_cnt, SDState),
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]543 VMSTATE_UINT32(erase_start, SDState),
544 VMSTATE_UINT32(erase_end, SDState),
545 VMSTATE_UINT8_ARRAY(pwd, SDState, 16),
546 VMSTATE_UINT32(pwd_len, SDState),
547 VMSTATE_UINT8_ARRAY(function_group, SDState, 6),
548 VMSTATE_UINT8(current_cmd, SDState),
549 VMSTATE_BOOL(expecting_acmd, SDState),
550 VMSTATE_UINT32(blk_written, SDState),
551 VMSTATE_UINT64(data_start, SDState),
552 VMSTATE_UINT32(data_offset, SDState),
553 VMSTATE_UINT8_ARRAY(data, SDState, 512),
Eric Blake12c125c2016-05-06 10:26:39 -0600[diff] [blame]554 VMSTATE_UNUSED_V(1, 512),
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]555 VMSTATE_BOOL(enable, SDState),
556 VMSTATE_END_OF_LIST()
Andrew Baumanndd26eb42016-02-18 14:16:20 +0000[diff] [blame]557 },
558 .subsections = (const VMStateDescription*[]) {
559 &sd_ocr_vmstate,
560 NULL
561 },
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]562};
563
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]564/* Legacy initialization function for use by non-qdevified callers */
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]565SDState *sd_init(BlockBackend *blk, bool is_spi)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]566{
Peter Maydellfec44a82016-03-16 17:06:02 +0000[diff] [blame]567 Object *obj;
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]568 DeviceState *dev;
569 Error *err = NULL;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]570
Peter Maydellfec44a82016-03-16 17:06:02 +0000[diff] [blame]571 obj = object_new(TYPE_SD_CARD);
572 dev = DEVICE(obj);
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]573 qdev_prop_set_drive(dev, "drive", blk, &err);
574 if (err) {
575 error_report("sd_init failed: %s", error_get_pretty(err));
576 return NULL;
577 }
578 qdev_prop_set_bit(dev, "spi", is_spi);
Peter Maydellfec44a82016-03-16 17:06:02 +0000[diff] [blame]579 object_property_set_bool(obj, true, "realized", &err);
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]580 if (err) {
581 error_report("sd_init failed: %s", error_get_pretty(err));
Kevin Wolf4f8a0662013-09-13 15:51:47 +0200[diff] [blame]582 return NULL;
583 }
584
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]585 return SD_CARD(dev);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]586}
587
balrog02ce6002007-11-17 14:34:44 +0000[diff] [blame]588void sd_set_cb(SDState *sd, qemu_irq readonly, qemu_irq insert)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]589{
balrog02ce6002007-11-17 14:34:44 +0000[diff] [blame]590 sd->readonly_cb = readonly;
591 sd->inserted_cb = insert;
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]592 qemu_set_irq(readonly, sd->blk ? blk_is_read_only(sd->blk) : 0);
593 qemu_set_irq(insert, sd->blk ? blk_is_inserted(sd->blk) : 0);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]594}
595
596static void sd_erase(SDState *sd)
597{
Igor Mitsyankof2d189d2012-10-30 07:45:12 +0000[diff] [blame]598 int i;
599 uint64_t erase_start = sd->erase_start;
600 uint64_t erase_end = sd->erase_end;
601
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]602 if (!sd->erase_start || !sd->erase_end) {
603 sd->card_status |= ERASE_SEQ_ERROR;
604 return;
605 }
606
Igor Mitsyankof2d189d2012-10-30 07:45:12 +0000[diff] [blame]607 if (extract32(sd->ocr, OCR_CCS_BITN, 1)) {
608 /* High capacity memory card: erase units are 512 byte blocks */
609 erase_start *= 512;
610 erase_end *= 512;
611 }
612
613 erase_start = sd_addr_to_wpnum(erase_start);
614 erase_end = sd_addr_to_wpnum(erase_end);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]615 sd->erase_start = 0;
616 sd->erase_end = 0;
617 sd->csd[14] |= 0x40;
618
Igor Mitsyankof2d189d2012-10-30 07:45:12 +0000[diff] [blame]619 for (i = erase_start; i <= erase_end; i++) {
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100[diff] [blame]620 if (test_bit(i, sd->wp_groups)) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]621 sd->card_status |= WP_ERASE_SKIP;
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100[diff] [blame]622 }
623 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]624}
625
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]626static uint32_t sd_wpbits(SDState *sd, uint64_t addr)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]627{
628 uint32_t i, wpnum;
629 uint32_t ret = 0;
630
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]631 wpnum = sd_addr_to_wpnum(addr);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]632
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100[diff] [blame]633 for (i = 0; i < 32; i++, wpnum++, addr += WPGROUP_SIZE) {
634 if (addr < sd->size && test_bit(wpnum, sd->wp_groups)) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]635 ret |= (1 << i);
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100[diff] [blame]636 }
637 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]638
639 return ret;
640}
641
642static void sd_function_switch(SDState *sd, uint32_t arg)
643{
644 int i, mode, new_func, crc;
645 mode = !!(arg & 0x80000000);
646
647 sd->data[0] = 0x00; /* Maximum current consumption */
648 sd->data[1] = 0x01;
649 sd->data[2] = 0x80; /* Supported group 6 functions */
650 sd->data[3] = 0x01;
651 sd->data[4] = 0x80; /* Supported group 5 functions */
652 sd->data[5] = 0x01;
653 sd->data[6] = 0x80; /* Supported group 4 functions */
654 sd->data[7] = 0x01;
655 sd->data[8] = 0x80; /* Supported group 3 functions */
656 sd->data[9] = 0x01;
657 sd->data[10] = 0x80; /* Supported group 2 functions */
658 sd->data[11] = 0x43;
659 sd->data[12] = 0x80; /* Supported group 1 functions */
660 sd->data[13] = 0x03;
661 for (i = 0; i < 6; i ++) {
662 new_func = (arg >> (i * 4)) & 0x0f;
663 if (mode && new_func != 0x0f)
664 sd->function_group[i] = new_func;
665 sd->data[14 + (i >> 1)] = new_func << ((i * 4) & 4);
666 }
667 memset(&sd->data[17], 0, 47);
668 crc = sd_crc16(sd->data, 64);
669 sd->data[65] = crc >> 8;
670 sd->data[66] = crc & 0xff;
671}
672
Mitsyanko Igor4e8f1be2012-08-13 11:04:07 +0100[diff] [blame]673static inline bool sd_wp_addr(SDState *sd, uint64_t addr)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]674{
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]675 return test_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]676}
677
678static void sd_lock_command(SDState *sd)
679{
680 int erase, lock, clr_pwd, set_pwd, pwd_len;
681 erase = !!(sd->data[0] & 0x08);
682 lock = sd->data[0] & 0x04;
683 clr_pwd = sd->data[0] & 0x02;
684 set_pwd = sd->data[0] & 0x01;
685
686 if (sd->blk_len > 1)
687 pwd_len = sd->data[1];
688 else
689 pwd_len = 0;
690
691 if (erase) {
692 if (!(sd->card_status & CARD_IS_LOCKED) || sd->blk_len > 1 ||
693 set_pwd || clr_pwd || lock || sd->wp_switch ||
694 (sd->csd[14] & 0x20)) {
695 sd->card_status |= LOCK_UNLOCK_FAILED;
696 return;
697 }
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000[diff] [blame]698 bitmap_zero(sd->wp_groups, sd->wpgrps_size);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]699 sd->csd[14] &= ~0x10;
700 sd->card_status &= ~CARD_IS_LOCKED;
701 sd->pwd_len = 0;
702 /* Erasing the entire card here! */
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]703 fprintf(stderr, "SD: Card force-erased by CMD42\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]704 return;
705 }
706
707 if (sd->blk_len < 2 + pwd_len ||
708 pwd_len <= sd->pwd_len ||
709 pwd_len > sd->pwd_len + 16) {
710 sd->card_status |= LOCK_UNLOCK_FAILED;
711 return;
712 }
713
714 if (sd->pwd_len && memcmp(sd->pwd, sd->data + 2, sd->pwd_len)) {
715 sd->card_status |= LOCK_UNLOCK_FAILED;
716 return;
717 }
718
719 pwd_len -= sd->pwd_len;
720 if ((pwd_len && !set_pwd) ||
721 (clr_pwd && (set_pwd || lock)) ||
722 (lock && !sd->pwd_len && !set_pwd) ||
723 (!set_pwd && !clr_pwd &&
724 (((sd->card_status & CARD_IS_LOCKED) && lock) ||
725 (!(sd->card_status & CARD_IS_LOCKED) && !lock)))) {
726 sd->card_status |= LOCK_UNLOCK_FAILED;
727 return;
728 }
729
730 if (set_pwd) {
731 memcpy(sd->pwd, sd->data + 2 + sd->pwd_len, pwd_len);
732 sd->pwd_len = pwd_len;
733 }
734
735 if (clr_pwd) {
736 sd->pwd_len = 0;
737 }
738
739 if (lock)
740 sd->card_status |= CARD_IS_LOCKED;
741 else
742 sd->card_status &= ~CARD_IS_LOCKED;
743}
744
Anthony Liguoric227f092009-10-01 16:12:16 -0500[diff] [blame]745static sd_rsp_type_t sd_normal_command(SDState *sd,
Paul Brookbc24a222009-05-10 01:44:56 +0100[diff] [blame]746 SDRequest req)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]747{
748 uint32_t rca = 0x0000;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]749 uint64_t addr = (sd->ocr & (1 << 30)) ? (uint64_t) req.arg << 9 : req.arg;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]750
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]751 /* Not interpreting this as an app command */
752 sd->card_status &= ~APP_CMD;
753
Prasad J Pandit97f4ed32016-02-11 11:17:32 +0000[diff] [blame]754 if (sd_cmd_type[req.cmd & 0x3F] == sd_ac
755 || sd_cmd_type[req.cmd & 0x3F] == sd_adtc) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]756 rca = req.arg >> 16;
Prasad J Pandit97f4ed32016-02-11 11:17:32 +0000[diff] [blame]757 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]758
Andrew Baumann4481bbc2016-02-18 14:16:19 +0000[diff] [blame]759 /* CMD23 (set block count) must be immediately followed by CMD18 or CMD25
760 * if not, its effects are cancelled */
761 if (sd->multi_blk_cnt != 0 && !(req.cmd == 18 || req.cmd == 25)) {
762 sd->multi_blk_cnt = 0;
763 }
764
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]765 DPRINTF("CMD%d 0x%08x state %d\n", req.cmd, req.arg, sd->state);
766 switch (req.cmd) {
767 /* Basic commands (Class 0 and Class 1) */
768 case 0: /* CMD0: GO_IDLE_STATE */
769 switch (sd->state) {
770 case sd_inactive_state:
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]771 return sd->spi ? sd_r1 : sd_r0;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]772
773 default:
774 sd->state = sd_idle_state;
Peter Maydellba3ed0f2016-02-18 14:16:18 +0000[diff] [blame]775 sd_reset(DEVICE(sd));
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]776 return sd->spi ? sd_r1 : sd_r0;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]777 }
778 break;
779
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]780 case 1: /* CMD1: SEND_OP_CMD */
781 if (!sd->spi)
782 goto bad_cmd;
783
784 sd->state = sd_transfer_state;
785 return sd_r1;
786
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]787 case 2: /* CMD2: ALL_SEND_CID */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]788 if (sd->spi)
789 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]790 switch (sd->state) {
791 case sd_ready_state:
792 sd->state = sd_identification_state;
793 return sd_r2_i;
794
795 default:
796 break;
797 }
798 break;
799
800 case 3: /* CMD3: SEND_RELATIVE_ADDR */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]801 if (sd->spi)
802 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]803 switch (sd->state) {
804 case sd_identification_state:
805 case sd_standby_state:
806 sd->state = sd_standby_state;
807 sd_set_rca(sd);
808 return sd_r6;
809
810 default:
811 break;
812 }
813 break;
814
815 case 4: /* CMD4: SEND_DSR */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]816 if (sd->spi)
817 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]818 switch (sd->state) {
819 case sd_standby_state:
820 break;
821
822 default:
823 break;
824 }
825 break;
826
Juha Riihimäki109ac322009-12-03 15:56:07 +0200[diff] [blame]827 case 5: /* CMD5: reserved for SDIO cards */
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]828 return sd_illegal;
Juha Riihimäki109ac322009-12-03 15:56:07 +0200[diff] [blame]829
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]830 case 6: /* CMD6: SWITCH_FUNCTION */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]831 if (sd->spi)
832 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]833 switch (sd->mode) {
834 case sd_data_transfer_mode:
835 sd_function_switch(sd, req.arg);
836 sd->state = sd_sendingdata_state;
837 sd->data_start = 0;
838 sd->data_offset = 0;
839 return sd_r1;
840
841 default:
842 break;
843 }
844 break;
845
846 case 7: /* CMD7: SELECT/DESELECT_CARD */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]847 if (sd->spi)
848 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]849 switch (sd->state) {
850 case sd_standby_state:
851 if (sd->rca != rca)
852 return sd_r0;
853
854 sd->state = sd_transfer_state;
855 return sd_r1b;
856
857 case sd_transfer_state:
858 case sd_sendingdata_state:
859 if (sd->rca == rca)
860 break;
861
862 sd->state = sd_standby_state;
863 return sd_r1b;
864
865 case sd_disconnect_state:
866 if (sd->rca != rca)
867 return sd_r0;
868
869 sd->state = sd_programming_state;
870 return sd_r1b;
871
872 case sd_programming_state:
873 if (sd->rca == rca)
874 break;
875
876 sd->state = sd_disconnect_state;
877 return sd_r1b;
878
879 default:
880 break;
881 }
882 break;
883
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]884 case 8: /* CMD8: SEND_IF_COND */
885 /* Physical Layer Specification Version 2.00 command */
886 switch (sd->state) {
887 case sd_idle_state:
888 sd->vhs = 0;
889
890 /* No response if not exactly one VHS bit is set. */
Stefan Hajnoczic9d93312015-03-23 15:29:28 +0000[diff] [blame]891 if (!(req.arg >> 8) || (req.arg >> (ctz32(req.arg & ~0xff) + 1))) {
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]892 return sd->spi ? sd_r7 : sd_r0;
Stefan Hajnoczic9d93312015-03-23 15:29:28 +0000[diff] [blame]893 }
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]894
895 /* Accept. */
896 sd->vhs = req.arg;
897 return sd_r7;
898
899 default:
900 break;
901 }
902 break;
903
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]904 case 9: /* CMD9: SEND_CSD */
905 switch (sd->state) {
906 case sd_standby_state:
907 if (sd->rca != rca)
908 return sd_r0;
909
910 return sd_r2_s;
911
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]912 case sd_transfer_state:
913 if (!sd->spi)
914 break;
915 sd->state = sd_sendingdata_state;
916 memcpy(sd->data, sd->csd, 16);
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]917 sd->data_start = addr;
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]918 sd->data_offset = 0;
919 return sd_r1;
920
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]921 default:
922 break;
923 }
924 break;
925
926 case 10: /* CMD10: SEND_CID */
927 switch (sd->state) {
928 case sd_standby_state:
929 if (sd->rca != rca)
930 return sd_r0;
931
932 return sd_r2_i;
933
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]934 case sd_transfer_state:
935 if (!sd->spi)
936 break;
937 sd->state = sd_sendingdata_state;
938 memcpy(sd->data, sd->cid, 16);
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]939 sd->data_start = addr;
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]940 sd->data_offset = 0;
941 return sd_r1;
942
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]943 default:
944 break;
945 }
946 break;
947
948 case 11: /* CMD11: READ_DAT_UNTIL_STOP */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]949 if (sd->spi)
950 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]951 switch (sd->state) {
952 case sd_transfer_state:
953 sd->state = sd_sendingdata_state;
954 sd->data_start = req.arg;
955 sd->data_offset = 0;
956
957 if (sd->data_start + sd->blk_len > sd->size)
958 sd->card_status |= ADDRESS_ERROR;
959 return sd_r0;
960
961 default:
962 break;
963 }
964 break;
965
966 case 12: /* CMD12: STOP_TRANSMISSION */
967 switch (sd->state) {
968 case sd_sendingdata_state:
969 sd->state = sd_transfer_state;
970 return sd_r1b;
971
972 case sd_receivingdata_state:
973 sd->state = sd_programming_state;
974 /* Bzzzzzzztt .... Operation complete. */
975 sd->state = sd_transfer_state;
976 return sd_r1b;
977
978 default:
979 break;
980 }
981 break;
982
983 case 13: /* CMD13: SEND_STATUS */
984 switch (sd->mode) {
985 case sd_data_transfer_mode:
986 if (sd->rca != rca)
987 return sd_r0;
988
989 return sd_r1;
990
991 default:
992 break;
993 }
994 break;
995
996 case 15: /* CMD15: GO_INACTIVE_STATE */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]997 if (sd->spi)
998 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]999 switch (sd->mode) {
1000 case sd_data_transfer_mode:
1001 if (sd->rca != rca)
1002 return sd_r0;
1003
1004 sd->state = sd_inactive_state;
1005 return sd_r0;
1006
1007 default:
1008 break;
1009 }
1010 break;
1011
1012 /* Block read commands (Classs 2) */
1013 case 16: /* CMD16: SET_BLOCKLEN */
1014 switch (sd->state) {
1015 case sd_transfer_state:
1016 if (req.arg > (1 << HWBLOCK_SHIFT))
1017 sd->card_status |= BLOCK_LEN_ERROR;
1018 else
1019 sd->blk_len = req.arg;
1020
1021 return sd_r1;
1022
1023 default:
1024 break;
1025 }
1026 break;
1027
1028 case 17: /* CMD17: READ_SINGLE_BLOCK */
1029 switch (sd->state) {
1030 case sd_transfer_state:
1031 sd->state = sd_sendingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1032 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1033 sd->data_offset = 0;
1034
1035 if (sd->data_start + sd->blk_len > sd->size)
1036 sd->card_status |= ADDRESS_ERROR;
1037 return sd_r1;
1038
1039 default:
1040 break;
1041 }
1042 break;
1043
1044 case 18: /* CMD18: READ_MULTIPLE_BLOCK */
1045 switch (sd->state) {
1046 case sd_transfer_state:
1047 sd->state = sd_sendingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1048 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1049 sd->data_offset = 0;
1050
1051 if (sd->data_start + sd->blk_len > sd->size)
1052 sd->card_status |= ADDRESS_ERROR;
1053 return sd_r1;
1054
1055 default:
1056 break;
1057 }
1058 break;
1059
Andrew Baumann4481bbc2016-02-18 14:16:19 +0000[diff] [blame]1060 case 23: /* CMD23: SET_BLOCK_COUNT */
1061 switch (sd->state) {
1062 case sd_transfer_state:
1063 sd->multi_blk_cnt = req.arg;
1064 return sd_r1;
1065
1066 default:
1067 break;
1068 }
1069 break;
1070
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1071 /* Block write commands (Class 4) */
1072 case 24: /* CMD24: WRITE_SINGLE_BLOCK */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1073 if (sd->spi)
1074 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1075 switch (sd->state) {
1076 case sd_transfer_state:
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1077 /* Writing in SPI mode not implemented. */
1078 if (sd->spi)
1079 break;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1080 sd->state = sd_receivingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1081 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1082 sd->data_offset = 0;
1083 sd->blk_written = 0;
1084
1085 if (sd->data_start + sd->blk_len > sd->size)
1086 sd->card_status |= ADDRESS_ERROR;
1087 if (sd_wp_addr(sd, sd->data_start))
1088 sd->card_status |= WP_VIOLATION;
1089 if (sd->csd[14] & 0x30)
1090 sd->card_status |= WP_VIOLATION;
1091 return sd_r1;
1092
1093 default:
1094 break;
1095 }
1096 break;
1097
1098 case 25: /* CMD25: WRITE_MULTIPLE_BLOCK */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1099 if (sd->spi)
1100 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1101 switch (sd->state) {
1102 case sd_transfer_state:
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1103 /* Writing in SPI mode not implemented. */
1104 if (sd->spi)
1105 break;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1106 sd->state = sd_receivingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1107 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1108 sd->data_offset = 0;
1109 sd->blk_written = 0;
1110
1111 if (sd->data_start + sd->blk_len > sd->size)
1112 sd->card_status |= ADDRESS_ERROR;
1113 if (sd_wp_addr(sd, sd->data_start))
1114 sd->card_status |= WP_VIOLATION;
1115 if (sd->csd[14] & 0x30)
1116 sd->card_status |= WP_VIOLATION;
1117 return sd_r1;
1118
1119 default:
1120 break;
1121 }
1122 break;
1123
1124 case 26: /* CMD26: PROGRAM_CID */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1125 if (sd->spi)
1126 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1127 switch (sd->state) {
1128 case sd_transfer_state:
1129 sd->state = sd_receivingdata_state;
1130 sd->data_start = 0;
1131 sd->data_offset = 0;
1132 return sd_r1;
1133
1134 default:
1135 break;
1136 }
1137 break;
1138
1139 case 27: /* CMD27: PROGRAM_CSD */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1140 if (sd->spi)
1141 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1142 switch (sd->state) {
1143 case sd_transfer_state:
1144 sd->state = sd_receivingdata_state;
1145 sd->data_start = 0;
1146 sd->data_offset = 0;
1147 return sd_r1;
1148
1149 default:
1150 break;
1151 }
1152 break;
1153
1154 /* Write protection (Class 6) */
1155 case 28: /* CMD28: SET_WRITE_PROT */
1156 switch (sd->state) {
1157 case sd_transfer_state:
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1158 if (addr >= sd->size) {
Peter Maydelle30d5932011-12-18 21:37:54 +0100[diff] [blame]1159 sd->card_status |= ADDRESS_ERROR;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1160 return sd_r1b;
1161 }
1162
1163 sd->state = sd_programming_state;
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]1164 set_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1165 /* Bzzzzzzztt .... Operation complete. */
1166 sd->state = sd_transfer_state;
1167 return sd_r1b;
1168
1169 default:
1170 break;
1171 }
1172 break;
1173
1174 case 29: /* CMD29: CLR_WRITE_PROT */
1175 switch (sd->state) {
1176 case sd_transfer_state:
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1177 if (addr >= sd->size) {
Peter Maydelle30d5932011-12-18 21:37:54 +0100[diff] [blame]1178 sd->card_status |= ADDRESS_ERROR;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1179 return sd_r1b;
1180 }
1181
1182 sd->state = sd_programming_state;
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100[diff] [blame]1183 clear_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1184 /* Bzzzzzzztt .... Operation complete. */
1185 sd->state = sd_transfer_state;
1186 return sd_r1b;
1187
1188 default:
1189 break;
1190 }
1191 break;
1192
1193 case 30: /* CMD30: SEND_WRITE_PROT */
1194 switch (sd->state) {
1195 case sd_transfer_state:
1196 sd->state = sd_sendingdata_state;
1197 *(uint32_t *) sd->data = sd_wpbits(sd, req.arg);
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1198 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1199 sd->data_offset = 0;
1200 return sd_r1b;
1201
1202 default:
1203 break;
1204 }
1205 break;
1206
1207 /* Erase commands (Class 5) */
1208 case 32: /* CMD32: ERASE_WR_BLK_START */
1209 switch (sd->state) {
1210 case sd_transfer_state:
1211 sd->erase_start = req.arg;
1212 return sd_r1;
1213
1214 default:
1215 break;
1216 }
1217 break;
1218
1219 case 33: /* CMD33: ERASE_WR_BLK_END */
1220 switch (sd->state) {
1221 case sd_transfer_state:
1222 sd->erase_end = req.arg;
1223 return sd_r1;
1224
1225 default:
1226 break;
1227 }
1228 break;
1229
1230 case 38: /* CMD38: ERASE */
1231 switch (sd->state) {
1232 case sd_transfer_state:
1233 if (sd->csd[14] & 0x30) {
1234 sd->card_status |= WP_VIOLATION;
1235 return sd_r1b;
1236 }
1237
1238 sd->state = sd_programming_state;
1239 sd_erase(sd);
1240 /* Bzzzzzzztt .... Operation complete. */
1241 sd->state = sd_transfer_state;
1242 return sd_r1b;
1243
1244 default:
1245 break;
1246 }
1247 break;
1248
1249 /* Lock card commands (Class 7) */
1250 case 42: /* CMD42: LOCK_UNLOCK */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1251 if (sd->spi)
1252 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1253 switch (sd->state) {
1254 case sd_transfer_state:
1255 sd->state = sd_receivingdata_state;
1256 sd->data_start = 0;
1257 sd->data_offset = 0;
1258 return sd_r1;
1259
1260 default:
1261 break;
1262 }
1263 break;
1264
Peter Maydell39e594d2011-05-20 10:11:53 +0100[diff] [blame]1265 case 52:
1266 case 53:
1267 /* CMD52, CMD53: reserved for SDIO cards
1268 * (see the SDIO Simplified Specification V2.0)
1269 * Handle as illegal command but do not complain
1270 * on stderr, as some OSes may use these in their
1271 * probing for presence of an SDIO card.
1272 */
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1273 return sd_illegal;
Peter Maydell39e594d2011-05-20 10:11:53 +0100[diff] [blame]1274
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1275 /* Application specific commands (Class 8) */
1276 case 55: /* CMD55: APP_CMD */
1277 if (sd->rca != rca)
1278 return sd_r0;
1279
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]1280 sd->expecting_acmd = true;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1281 sd->card_status |= APP_CMD;
1282 return sd_r1;
1283
1284 case 56: /* CMD56: GEN_CMD */
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1285 fprintf(stderr, "SD: GEN_CMD 0x%08x\n", req.arg);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1286
1287 switch (sd->state) {
1288 case sd_transfer_state:
1289 sd->data_offset = 0;
1290 if (req.arg & 1)
1291 sd->state = sd_sendingdata_state;
1292 else
1293 sd->state = sd_receivingdata_state;
1294 return sd_r1;
1295
1296 default:
1297 break;
1298 }
1299 break;
1300
1301 default:
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1302 bad_cmd:
Andrew Baumann9800ad82016-02-18 14:16:20 +0000[diff] [blame]1303 qemu_log_mask(LOG_GUEST_ERROR, "SD: Unknown CMD%i\n", req.cmd);
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1304 return sd_illegal;
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1305
1306 unimplemented_cmd:
1307 /* Commands that are recognised but not yet implemented in SPI mode. */
Andrew Baumann9800ad82016-02-18 14:16:20 +0000[diff] [blame]1308 qemu_log_mask(LOG_UNIMP, "SD: CMD%i not implemented in SPI mode\n",
1309 req.cmd);
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1310 return sd_illegal;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1311 }
1312
Andrew Baumann9800ad82016-02-18 14:16:20 +0000[diff] [blame]1313 qemu_log_mask(LOG_GUEST_ERROR, "SD: CMD%i in a wrong state\n", req.cmd);
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1314 return sd_illegal;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1315}
1316
Anthony Liguoric227f092009-10-01 16:12:16 -0500[diff] [blame]1317static sd_rsp_type_t sd_app_command(SDState *sd,
Blue Swirl22ed1d342010-04-25 19:31:06 +0000[diff] [blame]1318 SDRequest req)
1319{
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1320 DPRINTF("ACMD%d 0x%08x\n", req.cmd, req.arg);
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]1321 sd->card_status |= APP_CMD;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1322 switch (req.cmd) {
1323 case 6: /* ACMD6: SET_BUS_WIDTH */
1324 switch (sd->state) {
1325 case sd_transfer_state:
1326 sd->sd_status[0] &= 0x3f;
1327 sd->sd_status[0] |= (req.arg & 0x03) << 6;
1328 return sd_r1;
1329
1330 default:
1331 break;
1332 }
1333 break;
1334
1335 case 13: /* ACMD13: SD_STATUS */
1336 switch (sd->state) {
1337 case sd_transfer_state:
Peter Maydellfb1ba032011-02-18 13:39:00 +0000[diff] [blame]1338 sd->state = sd_sendingdata_state;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1339 sd->data_start = 0;
1340 sd->data_offset = 0;
1341 return sd_r1;
1342
1343 default:
1344 break;
1345 }
1346 break;
1347
1348 case 22: /* ACMD22: SEND_NUM_WR_BLOCKS */
1349 switch (sd->state) {
1350 case sd_transfer_state:
1351 *(uint32_t *) sd->data = sd->blk_written;
1352
Peter Maydellfb1ba032011-02-18 13:39:00 +0000[diff] [blame]1353 sd->state = sd_sendingdata_state;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1354 sd->data_start = 0;
1355 sd->data_offset = 0;
1356 return sd_r1;
1357
1358 default:
1359 break;
1360 }
1361 break;
1362
1363 case 23: /* ACMD23: SET_WR_BLK_ERASE_COUNT */
1364 switch (sd->state) {
1365 case sd_transfer_state:
1366 return sd_r1;
1367
1368 default:
1369 break;
1370 }
1371 break;
1372
1373 case 41: /* ACMD41: SD_APP_OP_COND */
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1374 if (sd->spi) {
1375 /* SEND_OP_CMD */
1376 sd->state = sd_transfer_state;
1377 return sd_r1;
1378 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1379 switch (sd->state) {
1380 case sd_idle_state:
Andrew Baumanndd26eb42016-02-18 14:16:20 +0000[diff] [blame]1381 /* If it's the first ACMD41 since reset, we need to decide
1382 * whether to power up. If this is not an enquiry ACMD41,
1383 * we immediately report power on and proceed below to the
1384 * ready state, but if it is, we set a timer to model a
1385 * delay for power up. This works around a bug in EDK2
1386 * UEFI, which sends an initial enquiry ACMD41, but
1387 * assumes that the card is in ready state as soon as it
1388 * sees the power up bit set. */
1389 if (!(sd->ocr & OCR_POWER_UP)) {
1390 if ((req.arg & ACMD41_ENQUIRY_MASK) != 0) {
1391 timer_del(sd->ocr_power_timer);
1392 sd_ocr_powerup(sd);
1393 } else if (!timer_pending(sd->ocr_power_timer)) {
1394 timer_mod_ns(sd->ocr_power_timer,
1395 (qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL)
1396 + OCR_POWER_DELAY_NS));
1397 }
1398 }
1399
Peter Crosthwaite37ab4a52013-06-03 17:17:45 +0100[diff] [blame]1400 /* We accept any voltage. 10000 V is nothing.
1401 *
Andrew Baumanndd26eb42016-02-18 14:16:20 +0000[diff] [blame]1402 * Once we're powered up, we advance straight to ready state
Peter Crosthwaite37ab4a52013-06-03 17:17:45 +0100[diff] [blame]1403 * unless it's an enquiry ACMD41 (bits 23:0 == 0).
1404 */
1405 if (req.arg & ACMD41_ENQUIRY_MASK) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1406 sd->state = sd_ready_state;
Peter Crosthwaite37ab4a52013-06-03 17:17:45 +0100[diff] [blame]1407 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1408
1409 return sd_r3;
1410
1411 default:
1412 break;
1413 }
1414 break;
1415
1416 case 42: /* ACMD42: SET_CLR_CARD_DETECT */
1417 switch (sd->state) {
1418 case sd_transfer_state:
1419 /* Bringing in the 50KOhm pull-up resistor... Done. */
1420 return sd_r1;
1421
1422 default:
1423 break;
1424 }
1425 break;
1426
1427 case 51: /* ACMD51: SEND_SCR */
1428 switch (sd->state) {
1429 case sd_transfer_state:
1430 sd->state = sd_sendingdata_state;
1431 sd->data_start = 0;
1432 sd->data_offset = 0;
1433 return sd_r1;
1434
1435 default:
1436 break;
1437 }
1438 break;
1439
1440 default:
1441 /* Fall back to standard commands. */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1442 return sd_normal_command(sd, req);
1443 }
1444
Andrew Baumann9800ad82016-02-18 14:16:20 +0000[diff] [blame]1445 qemu_log_mask(LOG_GUEST_ERROR, "SD: ACMD%i in a wrong state\n", req.cmd);
Peter Maydell5b08bfe2011-12-18 21:37:57 +0100[diff] [blame]1446 return sd_illegal;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1447}
1448
Peter Maydell25881d32011-12-18 21:37:51 +0100[diff] [blame]1449static int cmd_valid_while_locked(SDState *sd, SDRequest *req)
1450{
1451 /* Valid commands in locked state:
1452 * basic class (0)
1453 * lock card class (7)
1454 * CMD16
1455 * implicitly, the ACMD prefix CMD55
1456 * ACMD41 and ACMD42
1457 * Anything else provokes an "illegal command" response.
1458 */
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]1459 if (sd->expecting_acmd) {
Peter Maydell25881d32011-12-18 21:37:51 +0100[diff] [blame]1460 return req->cmd == 41 || req->cmd == 42;
1461 }
1462 if (req->cmd == 16 || req->cmd == 55) {
1463 return 1;
1464 }
Prasad J Pandit97f4ed32016-02-11 11:17:32 +0000[diff] [blame]1465 return sd_cmd_class[req->cmd & 0x3F] == 0
1466 || sd_cmd_class[req->cmd & 0x3F] == 7;
Peter Maydell25881d32011-12-18 21:37:51 +0100[diff] [blame]1467}
1468
Paul Brookbc24a222009-05-10 01:44:56 +0100[diff] [blame]1469int sd_do_command(SDState *sd, SDRequest *req,
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1470 uint8_t *response) {
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1471 int last_state;
Anthony Liguoric227f092009-10-01 16:12:16 -0500[diff] [blame]1472 sd_rsp_type_t rtype;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1473 int rsplen;
1474
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1475 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1476 return 0;
1477 }
1478
1479 if (sd_req_crc_validate(req)) {
Peter Maydellabda1f32011-12-18 21:37:53 +0100[diff] [blame]1480 sd->card_status |= COM_CRC_ERROR;
Peter Maydellb1f517e2011-12-18 21:37:56 +0100[diff] [blame]1481 rtype = sd_illegal;
1482 goto send_response;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1483 }
1484
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1485 if (sd->card_status & CARD_IS_LOCKED) {
Peter Maydell25881d32011-12-18 21:37:51 +0100[diff] [blame]1486 if (!cmd_valid_while_locked(sd, req)) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1487 sd->card_status |= ILLEGAL_COMMAND;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]1488 sd->expecting_acmd = false;
Andrew Baumann9800ad82016-02-18 14:16:20 +0000[diff] [blame]1489 qemu_log_mask(LOG_GUEST_ERROR, "SD: Card is locked\n");
Peter Maydellb1f517e2011-12-18 21:37:56 +0100[diff] [blame]1490 rtype = sd_illegal;
1491 goto send_response;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1492 }
Peter Maydell25881d32011-12-18 21:37:51 +0100[diff] [blame]1493 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1494
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1495 last_state = sd->state;
1496 sd_set_mode(sd);
1497
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]1498 if (sd->expecting_acmd) {
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]1499 sd->expecting_acmd = false;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1500 rtype = sd_app_command(sd, *req);
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]1501 } else {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1502 rtype = sd_normal_command(sd, *req);
Peter Maydell1d06cb72011-12-18 21:37:59 +0100[diff] [blame]1503 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1504
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1505 if (rtype == sd_illegal) {
1506 sd->card_status |= ILLEGAL_COMMAND;
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1507 } else {
1508 /* Valid command, we can update the 'state before command' bits.
1509 * (Do this now so they appear in r1 responses.)
1510 */
1511 sd->current_cmd = req->cmd;
1512 sd->card_status &= ~CURRENT_STATE;
1513 sd->card_status |= (last_state << 9);
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1514 }
1515
Peter Maydellb1f517e2011-12-18 21:37:56 +0100[diff] [blame]1516send_response:
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1517 switch (rtype) {
1518 case sd_r1:
1519 case sd_r1b:
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1520 sd_response_r1_make(sd, response);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1521 rsplen = 4;
1522 break;
1523
1524 case sd_r2_i:
1525 memcpy(response, sd->cid, sizeof(sd->cid));
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1526 rsplen = 16;
1527 break;
1528
1529 case sd_r2_s:
1530 memcpy(response, sd->csd, sizeof(sd->csd));
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1531 rsplen = 16;
1532 break;
1533
1534 case sd_r3:
1535 sd_response_r3_make(sd, response);
1536 rsplen = 4;
1537 break;
1538
1539 case sd_r6:
1540 sd_response_r6_make(sd, response);
1541 rsplen = 4;
1542 break;
1543
balrog1b088992007-12-24 14:41:39 +0000[diff] [blame]1544 case sd_r7:
1545 sd_response_r7_make(sd, response);
1546 rsplen = 4;
1547 break;
1548
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1549 case sd_r0:
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100[diff] [blame]1550 case sd_illegal:
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1551 default:
1552 rsplen = 0;
1553 break;
1554 }
1555
Peter Maydell10a412d2011-12-18 21:37:58 +0100[diff] [blame]1556 if (rtype != sd_illegal) {
1557 /* Clear the "clear on valid command" status bits now we've
1558 * sent any response
1559 */
1560 sd->card_status &= ~CARD_STATUS_B;
1561 }
1562
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1563#ifdef DEBUG_SD
1564 if (rsplen) {
1565 int i;
1566 DPRINTF("Response:");
1567 for (i = 0; i < rsplen; i++)
Peter Crosthwaite038d3d42012-11-15 16:32:53 +1000[diff] [blame]1568 fprintf(stderr, " %02x", response[i]);
1569 fprintf(stderr, " state %d\n", sd->state);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1570 } else {
1571 DPRINTF("No response %d\n", sd->state);
1572 }
1573#endif
1574
1575 return rsplen;
1576}
1577
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1578static void sd_blk_read(SDState *sd, uint64_t addr, uint32_t len)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1579{
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1580 DPRINTF("sd_blk_read: addr = 0x%08llx, len = %d\n",
1581 (unsigned long long) addr, len);
Eric Blake12c125c2016-05-06 10:26:39 -0600[diff] [blame]1582 if (!sd->blk || blk_pread(sd->blk, addr, sd->data, len) < 0) {
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1583 fprintf(stderr, "sd_blk_read: read error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1584 }
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1585}
1586
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1587static void sd_blk_write(SDState *sd, uint64_t addr, uint32_t len)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1588{
Eric Blake12c125c2016-05-06 10:26:39 -0600[diff] [blame]1589 if (!sd->blk || blk_pwrite(sd->blk, addr, sd->data, len, 0) < 0) {
1590 fprintf(stderr, "sd_blk_write: write error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1591 }
1592}
1593
balrog33f00272007-12-24 14:33:24 +0000[diff] [blame]1594#define BLK_READ_BLOCK(a, len) sd_blk_read(sd, a, len)
1595#define BLK_WRITE_BLOCK(a, len) sd_blk_write(sd, a, len)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1596#define APP_READ_BLOCK(a, len) memset(sd->data, 0xec, len)
1597#define APP_WRITE_BLOCK(a, len)
1598
1599void sd_write_data(SDState *sd, uint8_t value)
1600{
1601 int i;
1602
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1603 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1604 return;
1605
1606 if (sd->state != sd_receivingdata_state) {
Andrew Baumann9800ad82016-02-18 14:16:20 +0000[diff] [blame]1607 qemu_log_mask(LOG_GUEST_ERROR,
1608 "sd_write_data: not in Receiving-Data state\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1609 return;
1610 }
1611
1612 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION))
1613 return;
1614
1615 switch (sd->current_cmd) {
1616 case 24: /* CMD24: WRITE_SINGLE_BLOCK */
1617 sd->data[sd->data_offset ++] = value;
1618 if (sd->data_offset >= sd->blk_len) {
1619 /* TODO: Check CRC before committing */
1620 sd->state = sd_programming_state;
1621 BLK_WRITE_BLOCK(sd->data_start, sd->data_offset);
1622 sd->blk_written ++;
1623 sd->csd[14] |= 0x40;
1624 /* Bzzzzzzztt .... Operation complete. */
1625 sd->state = sd_transfer_state;
1626 }
1627 break;
1628
1629 case 25: /* CMD25: WRITE_MULTIPLE_BLOCK */
Dr. David Alan Gilbert33fa8232011-07-25 13:21:30 +0100[diff] [blame]1630 if (sd->data_offset == 0) {
Peter Maydelle03ba132013-04-09 12:48:19 +0100[diff] [blame]1631 /* Start of the block - let's check the address is valid */
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1632 if (sd->data_start + sd->blk_len > sd->size) {
1633 sd->card_status |= ADDRESS_ERROR;
1634 break;
1635 }
1636 if (sd_wp_addr(sd, sd->data_start)) {
1637 sd->card_status |= WP_VIOLATION;
1638 break;
1639 }
Dr. David Alan Gilbert33fa8232011-07-25 13:21:30 +0100[diff] [blame]1640 }
1641 sd->data[sd->data_offset++] = value;
1642 if (sd->data_offset >= sd->blk_len) {
1643 /* TODO: Check CRC before committing */
1644 sd->state = sd_programming_state;
1645 BLK_WRITE_BLOCK(sd->data_start, sd->data_offset);
1646 sd->blk_written++;
1647 sd->data_start += sd->blk_len;
1648 sd->data_offset = 0;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1649 sd->csd[14] |= 0x40;
1650
1651 /* Bzzzzzzztt .... Operation complete. */
Andrew Baumann4481bbc2016-02-18 14:16:19 +0000[diff] [blame]1652 if (sd->multi_blk_cnt != 0) {
1653 if (--sd->multi_blk_cnt == 0) {
1654 /* Stop! */
1655 sd->state = sd_transfer_state;
1656 break;
1657 }
1658 }
1659
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1660 sd->state = sd_receivingdata_state;
1661 }
1662 break;
1663
1664 case 26: /* CMD26: PROGRAM_CID */
1665 sd->data[sd->data_offset ++] = value;
1666 if (sd->data_offset >= sizeof(sd->cid)) {
1667 /* TODO: Check CRC before committing */
1668 sd->state = sd_programming_state;
1669 for (i = 0; i < sizeof(sd->cid); i ++)
1670 if ((sd->cid[i] | 0x00) != sd->data[i])
1671 sd->card_status |= CID_CSD_OVERWRITE;
1672
1673 if (!(sd->card_status & CID_CSD_OVERWRITE))
1674 for (i = 0; i < sizeof(sd->cid); i ++) {
1675 sd->cid[i] |= 0x00;
1676 sd->cid[i] &= sd->data[i];
1677 }
1678 /* Bzzzzzzztt .... Operation complete. */
1679 sd->state = sd_transfer_state;
1680 }
1681 break;
1682
1683 case 27: /* CMD27: PROGRAM_CSD */
1684 sd->data[sd->data_offset ++] = value;
1685 if (sd->data_offset >= sizeof(sd->csd)) {
1686 /* TODO: Check CRC before committing */
1687 sd->state = sd_programming_state;
1688 for (i = 0; i < sizeof(sd->csd); i ++)
1689 if ((sd->csd[i] | sd_csd_rw_mask[i]) !=
1690 (sd->data[i] | sd_csd_rw_mask[i]))
1691 sd->card_status |= CID_CSD_OVERWRITE;
1692
1693 /* Copy flag (OTP) & Permanent write protect */
1694 if (sd->csd[14] & ~sd->data[14] & 0x60)
1695 sd->card_status |= CID_CSD_OVERWRITE;
1696
1697 if (!(sd->card_status & CID_CSD_OVERWRITE))
1698 for (i = 0; i < sizeof(sd->csd); i ++) {
1699 sd->csd[i] |= sd_csd_rw_mask[i];
1700 sd->csd[i] &= sd->data[i];
1701 }
1702 /* Bzzzzzzztt .... Operation complete. */
1703 sd->state = sd_transfer_state;
1704 }
1705 break;
1706
1707 case 42: /* CMD42: LOCK_UNLOCK */
1708 sd->data[sd->data_offset ++] = value;
1709 if (sd->data_offset >= sd->blk_len) {
1710 /* TODO: Check CRC before committing */
1711 sd->state = sd_programming_state;
1712 sd_lock_command(sd);
1713 /* Bzzzzzzztt .... Operation complete. */
1714 sd->state = sd_transfer_state;
1715 }
1716 break;
1717
1718 case 56: /* CMD56: GEN_CMD */
1719 sd->data[sd->data_offset ++] = value;
1720 if (sd->data_offset >= sd->blk_len) {
1721 APP_WRITE_BLOCK(sd->data_start, sd->data_offset);
1722 sd->state = sd_transfer_state;
1723 }
1724 break;
1725
1726 default:
Andrew Baumann9800ad82016-02-18 14:16:20 +0000[diff] [blame]1727 qemu_log_mask(LOG_GUEST_ERROR, "sd_write_data: unknown command\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1728 break;
1729 }
1730}
1731
1732uint8_t sd_read_data(SDState *sd)
1733{
1734 /* TODO: Append CRCs */
1735 uint8_t ret;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1736 int io_len;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1737
Markus Armbruster4be74632014-10-07 13:59:18 +0200[diff] [blame]1738 if (!sd->blk || !blk_is_inserted(sd->blk) || !sd->enable)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1739 return 0x00;
1740
1741 if (sd->state != sd_sendingdata_state) {
Andrew Baumann9800ad82016-02-18 14:16:20 +0000[diff] [blame]1742 qemu_log_mask(LOG_GUEST_ERROR,
1743 "sd_read_data: not in Sending-Data state\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1744 return 0x00;
1745 }
1746
1747 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION))
1748 return 0x00;
1749
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1750 io_len = (sd->ocr & (1 << 30)) ? 512 : sd->blk_len;
1751
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1752 switch (sd->current_cmd) {
1753 case 6: /* CMD6: SWITCH_FUNCTION */
1754 ret = sd->data[sd->data_offset ++];
1755
1756 if (sd->data_offset >= 64)
1757 sd->state = sd_transfer_state;
1758 break;
1759
pbrook775616c2007-11-24 23:35:08 +0000[diff] [blame]1760 case 9: /* CMD9: SEND_CSD */
1761 case 10: /* CMD10: SEND_CID */
1762 ret = sd->data[sd->data_offset ++];
1763
1764 if (sd->data_offset >= 16)
1765 sd->state = sd_transfer_state;
1766 break;
1767
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1768 case 11: /* CMD11: READ_DAT_UNTIL_STOP */
1769 if (sd->data_offset == 0)
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1770 BLK_READ_BLOCK(sd->data_start, io_len);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1771 ret = sd->data[sd->data_offset ++];
1772
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1773 if (sd->data_offset >= io_len) {
1774 sd->data_start += io_len;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1775 sd->data_offset = 0;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1776 if (sd->data_start + io_len > sd->size) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1777 sd->card_status |= ADDRESS_ERROR;
1778 break;
1779 }
1780 }
1781 break;
1782
1783 case 13: /* ACMD13: SD_STATUS */
1784 ret = sd->sd_status[sd->data_offset ++];
1785
1786 if (sd->data_offset >= sizeof(sd->sd_status))
1787 sd->state = sd_transfer_state;
1788 break;
1789
1790 case 17: /* CMD17: READ_SINGLE_BLOCK */
1791 if (sd->data_offset == 0)
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1792 BLK_READ_BLOCK(sd->data_start, io_len);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1793 ret = sd->data[sd->data_offset ++];
1794
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1795 if (sd->data_offset >= io_len)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1796 sd->state = sd_transfer_state;
1797 break;
1798
1799 case 18: /* CMD18: READ_MULTIPLE_BLOCK */
1800 if (sd->data_offset == 0)
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1801 BLK_READ_BLOCK(sd->data_start, io_len);
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1802 ret = sd->data[sd->data_offset ++];
1803
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1804 if (sd->data_offset >= io_len) {
1805 sd->data_start += io_len;
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1806 sd->data_offset = 0;
Andrew Baumann4481bbc2016-02-18 14:16:19 +0000[diff] [blame]1807
1808 if (sd->multi_blk_cnt != 0) {
1809 if (--sd->multi_blk_cnt == 0) {
1810 /* Stop! */
1811 sd->state = sd_transfer_state;
1812 break;
1813 }
1814 }
1815
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100[diff] [blame]1816 if (sd->data_start + io_len > sd->size) {
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1817 sd->card_status |= ADDRESS_ERROR;
1818 break;
1819 }
1820 }
1821 break;
1822
1823 case 22: /* ACMD22: SEND_NUM_WR_BLOCKS */
1824 ret = sd->data[sd->data_offset ++];
1825
1826 if (sd->data_offset >= 4)
1827 sd->state = sd_transfer_state;
1828 break;
1829
1830 case 30: /* CMD30: SEND_WRITE_PROT */
1831 ret = sd->data[sd->data_offset ++];
1832
1833 if (sd->data_offset >= 4)
1834 sd->state = sd_transfer_state;
1835 break;
1836
1837 case 51: /* ACMD51: SEND_SCR */
1838 ret = sd->scr[sd->data_offset ++];
1839
1840 if (sd->data_offset >= sizeof(sd->scr))
1841 sd->state = sd_transfer_state;
1842 break;
1843
1844 case 56: /* CMD56: GEN_CMD */
1845 if (sd->data_offset == 0)
1846 APP_READ_BLOCK(sd->data_start, sd->blk_len);
1847 ret = sd->data[sd->data_offset ++];
1848
1849 if (sd->data_offset >= sd->blk_len)
1850 sd->state = sd_transfer_state;
1851 break;
1852
1853 default:
Andrew Baumann9800ad82016-02-18 14:16:20 +0000[diff] [blame]1854 qemu_log_mask(LOG_GUEST_ERROR, "sd_read_data: unknown command\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1855 return 0x00;
1856 }
1857
1858 return ret;
1859}
1860
Mitsyanko Igor879bf4a2012-08-13 11:04:07 +0100[diff] [blame]1861bool sd_data_ready(SDState *sd)
pbrooka1bb27b2007-04-06 16:49:48 +0000[diff] [blame]1862{
1863 return sd->state == sd_sendingdata_state;
1864}
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1865
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100[diff] [blame]1866void sd_enable(SDState *sd, bool enable)
balrog827df9f2008-04-14 21:05:22 +0000[diff] [blame]1867{
1868 sd->enable = enable;
1869}
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]1870
1871static void sd_instance_init(Object *obj)
1872{
1873 SDState *sd = SD_CARD(obj);
1874
1875 sd->enable = true;
Andrew Baumanndd26eb42016-02-18 14:16:20 +0000[diff] [blame]1876 sd->ocr_power_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, sd_ocr_powerup, sd);
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]1877}
1878
1879static void sd_realize(DeviceState *dev, Error **errp)
1880{
1881 SDState *sd = SD_CARD(dev);
1882
1883 if (sd->blk && blk_is_read_only(sd->blk)) {
1884 error_setg(errp, "Cannot use read-only drive as SD card");
1885 return;
1886 }
1887
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]1888 if (sd->blk) {
1889 blk_set_dev_ops(sd->blk, &sd_block_ops, sd);
1890 }
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]1891}
1892
1893static Property sd_properties[] = {
1894 DEFINE_PROP_DRIVE("drive", SDState, blk),
1895 /* We do not model the chip select pin, so allow the board to select
1896 * whether card should be in SSI or MMC/SD mode. It is also up to the
1897 * board to ensure that ssi transfers only occur when the chip select
1898 * is asserted. */
1899 DEFINE_PROP_BOOL("spi", SDState, spi, false),
1900 DEFINE_PROP_END_OF_LIST()
1901};
1902
1903static void sd_class_init(ObjectClass *klass, void *data)
1904{
1905 DeviceClass *dc = DEVICE_CLASS(klass);
Peter Maydellc759a792016-02-18 14:16:18 +0000[diff] [blame]1906 SDCardClass *sc = SD_CARD_CLASS(klass);
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]1907
1908 dc->realize = sd_realize;
1909 dc->props = sd_properties;
1910 dc->vmsd = &sd_vmstate;
Peter Maydellba3ed0f2016-02-18 14:16:18 +0000[diff] [blame]1911 dc->reset = sd_reset;
Peter Maydellc759a792016-02-18 14:16:18 +0000[diff] [blame]1912 dc->bus_type = TYPE_SD_BUS;
1913
1914 sc->do_command = sd_do_command;
1915 sc->write_data = sd_write_data;
1916 sc->read_data = sd_read_data;
1917 sc->data_ready = sd_data_ready;
1918 sc->enable = sd_enable;
1919 sc->get_inserted = sd_get_inserted;
1920 sc->get_readonly = sd_get_readonly;
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]1921}
1922
1923static const TypeInfo sd_info = {
1924 .name = TYPE_SD_CARD,
1925 .parent = TYPE_DEVICE,
1926 .instance_size = sizeof(SDState),
Peter Maydellc759a792016-02-18 14:16:18 +0000[diff] [blame]1927 .class_size = sizeof(SDCardClass),
Peter Maydell260bc9d2016-02-18 14:16:18 +0000[diff] [blame]1928 .class_init = sd_class_init,
1929 .instance_init = sd_instance_init,
1930};
1931
1932static void sd_register_types(void)
1933{
1934 type_register_static(&sd_info);
1935}
1936
1937type_init(sd_register_types)