blob: 428bd78e327fb4958deb06b87108fd7f290938be [file] [log] [blame]
ths5fafdf22007-09-16 21:08:06 +00001/*
pbrooka1bb27b2007-04-06 16:49:48 +00002 * SD Memory Card emulation as defined in the "SD Memory Card Physical
3 * layer specification, Version 1.10."
4 *
5 * Copyright (c) 2006 Andrzej Zaborowski <balrog@zabor.org>
6 * Copyright (c) 2007 CodeSourcery
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS''
20 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
21 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
22 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR
23 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
24 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
25 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
26 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
27 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 */
31
pbrook87ecb682007-11-17 17:14:51 +000032#include "hw.h"
Paolo Bonzini737e1502012-12-17 18:19:44 +010033#include "block/block.h"
pbrooka1bb27b2007-04-06 16:49:48 +000034#include "sd.h"
Paolo Bonzini1de7afc2012-12-17 18:20:00 +010035#include "qemu/bitmap.h"
pbrooka1bb27b2007-04-06 16:49:48 +000036
37//#define DEBUG_SD 1
38
39#ifdef DEBUG_SD
Blue Swirl001faf32009-05-13 17:53:17 +000040#define DPRINTF(fmt, ...) \
41do { fprintf(stderr, "SD: " fmt , ## __VA_ARGS__); } while (0)
pbrooka1bb27b2007-04-06 16:49:48 +000042#else
Blue Swirl001faf32009-05-13 17:53:17 +000043#define DPRINTF(fmt, ...) do {} while(0)
pbrooka1bb27b2007-04-06 16:49:48 +000044#endif
45
46typedef enum {
47 sd_r0 = 0, /* no response */
48 sd_r1, /* normal response command */
49 sd_r2_i, /* CID register */
50 sd_r2_s, /* CSD register */
51 sd_r3, /* OCR register */
52 sd_r6 = 6, /* Published RCA response */
balrog1b088992007-12-24 14:41:39 +000053 sd_r7, /* Operating voltage */
pbrooka1bb27b2007-04-06 16:49:48 +000054 sd_r1b = -1,
Peter Maydell53bb8cc2011-12-18 21:37:55 +010055 sd_illegal = -2,
Anthony Liguoric227f092009-10-01 16:12:16 -050056} sd_rsp_type_t;
pbrooka1bb27b2007-04-06 16:49:48 +000057
Igor Mitsyanko50a5be62012-10-30 07:45:12 +000058enum SDCardModes {
59 sd_inactive,
60 sd_card_identification_mode,
61 sd_data_transfer_mode,
62};
63
64enum SDCardStates {
65 sd_inactive_state = -1,
66 sd_idle_state = 0,
67 sd_ready_state,
68 sd_identification_state,
69 sd_standby_state,
70 sd_transfer_state,
71 sd_sendingdata_state,
72 sd_receivingdata_state,
73 sd_programming_state,
74 sd_disconnect_state,
75};
76
pbrooka1bb27b2007-04-06 16:49:48 +000077struct SDState {
Igor Mitsyanko50a5be62012-10-30 07:45:12 +000078 uint32_t mode; /* current card mode, one of SDCardModes */
79 int32_t state; /* current card state, one of SDCardStates */
pbrooka1bb27b2007-04-06 16:49:48 +000080 uint32_t ocr;
81 uint8_t scr[8];
82 uint8_t cid[16];
83 uint8_t csd[16];
84 uint16_t rca;
85 uint32_t card_status;
86 uint8_t sd_status[64];
balrog1b088992007-12-24 14:41:39 +000087 uint32_t vhs;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +010088 bool wp_switch;
Mitsyanko Igora9c01832012-08-13 11:04:06 +010089 unsigned long *wp_groups;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +000090 int32_t wpgrps_size;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +010091 uint64_t size;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +000092 uint32_t blk_len;
pbrooka1bb27b2007-04-06 16:49:48 +000093 uint32_t erase_start;
94 uint32_t erase_end;
95 uint8_t pwd[16];
Igor Mitsyanko50a5be62012-10-30 07:45:12 +000096 uint32_t pwd_len;
97 uint8_t function_group[6];
pbrooka1bb27b2007-04-06 16:49:48 +000098
Mitsyanko Igorbebd1272012-08-13 11:04:06 +010099 bool spi;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000100 uint8_t current_cmd;
Peter Maydell1d06cb72011-12-18 21:37:59 +0100101 /* True if we will handle the next command as an ACMD. Note that this does
102 * *not* track the APP_CMD status bit!
103 */
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100104 bool expecting_acmd;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000105 uint32_t blk_written;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100106 uint64_t data_start;
pbrooka1bb27b2007-04-06 16:49:48 +0000107 uint32_t data_offset;
108 uint8_t data[512];
balrog02ce6002007-11-17 14:34:44 +0000109 qemu_irq readonly_cb;
110 qemu_irq inserted_cb;
pbrooka1bb27b2007-04-06 16:49:48 +0000111 BlockDriverState *bdrv;
balrog33f00272007-12-24 14:33:24 +0000112 uint8_t *buf;
balrog827df9f2008-04-14 21:05:22 +0000113
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100114 bool enable;
pbrooka1bb27b2007-04-06 16:49:48 +0000115};
116
Peter Maydell10a412d2011-12-18 21:37:58 +0100117static void sd_set_mode(SDState *sd)
pbrooka1bb27b2007-04-06 16:49:48 +0000118{
119 switch (sd->state) {
120 case sd_inactive_state:
121 sd->mode = sd_inactive;
122 break;
123
124 case sd_idle_state:
125 case sd_ready_state:
126 case sd_identification_state:
127 sd->mode = sd_card_identification_mode;
128 break;
129
130 case sd_standby_state:
131 case sd_transfer_state:
132 case sd_sendingdata_state:
133 case sd_receivingdata_state:
134 case sd_programming_state:
135 case sd_disconnect_state:
136 sd->mode = sd_data_transfer_mode;
137 break;
138 }
pbrooka1bb27b2007-04-06 16:49:48 +0000139}
140
Anthony Liguoric227f092009-10-01 16:12:16 -0500141static const sd_cmd_type_t sd_cmd_type[64] = {
pbrooka1bb27b2007-04-06 16:49:48 +0000142 sd_bc, sd_none, sd_bcr, sd_bcr, sd_none, sd_none, sd_none, sd_ac,
balrog1b088992007-12-24 14:41:39 +0000143 sd_bcr, sd_ac, sd_ac, sd_adtc, sd_ac, sd_ac, sd_none, sd_ac,
pbrooka1bb27b2007-04-06 16:49:48 +0000144 sd_ac, sd_adtc, sd_adtc, sd_none, sd_none, sd_none, sd_none, sd_none,
145 sd_adtc, sd_adtc, sd_adtc, sd_adtc, sd_ac, sd_ac, sd_adtc, sd_none,
146 sd_ac, sd_ac, sd_none, sd_none, sd_none, sd_none, sd_ac, sd_none,
147 sd_none, sd_none, sd_bc, sd_none, sd_none, sd_none, sd_none, sd_none,
148 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_ac,
149 sd_adtc, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
150};
151
Anthony Liguoric227f092009-10-01 16:12:16 -0500152static const sd_cmd_type_t sd_acmd_type[64] = {
pbrooka1bb27b2007-04-06 16:49:48 +0000153 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_ac, sd_none,
154 sd_none, sd_none, sd_none, sd_none, sd_none, sd_adtc, sd_none, sd_none,
155 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_adtc, sd_ac,
156 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
157 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
158 sd_none, sd_bcr, sd_ac, sd_none, sd_none, sd_none, sd_none, sd_none,
159 sd_none, sd_none, sd_none, sd_adtc, sd_none, sd_none, sd_none, sd_none,
160 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
161};
162
163static const int sd_cmd_class[64] = {
164 0, 0, 0, 0, 0, 9, 10, 0, 0, 0, 0, 1, 0, 0, 0, 0,
165 2, 2, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 6, 6, 6, 6,
166 5, 5, 10, 10, 10, 10, 5, 9, 9, 9, 7, 7, 7, 7, 7, 7,
167 7, 7, 10, 7, 9, 9, 9, 8, 8, 10, 8, 8, 8, 8, 8, 8,
168};
169
170static uint8_t sd_crc7(void *message, size_t width)
171{
172 int i, bit;
173 uint8_t shift_reg = 0x00;
174 uint8_t *msg = (uint8_t *) message;
175
176 for (i = 0; i < width; i ++, msg ++)
177 for (bit = 7; bit >= 0; bit --) {
178 shift_reg <<= 1;
179 if ((shift_reg >> 7) ^ ((*msg >> bit) & 1))
180 shift_reg ^= 0x89;
181 }
182
183 return shift_reg;
184}
185
186static uint16_t sd_crc16(void *message, size_t width)
187{
188 int i, bit;
189 uint16_t shift_reg = 0x0000;
190 uint16_t *msg = (uint16_t *) message;
191 width <<= 1;
192
193 for (i = 0; i < width; i ++, msg ++)
194 for (bit = 15; bit >= 0; bit --) {
195 shift_reg <<= 1;
196 if ((shift_reg >> 15) ^ ((*msg >> bit) & 1))
197 shift_reg ^= 0x1011;
198 }
199
200 return shift_reg;
201}
202
203static void sd_set_ocr(SDState *sd)
204{
balrog1b088992007-12-24 14:41:39 +0000205 /* All voltages OK, card power-up OK, Standard Capacity SD Memory Card */
aurel32829ef7b2009-03-07 22:10:40 +0000206 sd->ocr = 0x80ffff00;
pbrooka1bb27b2007-04-06 16:49:48 +0000207}
208
209static void sd_set_scr(SDState *sd)
210{
211 sd->scr[0] = 0x00; /* SCR Structure */
212 sd->scr[1] = 0x2f; /* SD Security Support */
213 sd->scr[2] = 0x00;
214 sd->scr[3] = 0x00;
215 sd->scr[4] = 0x00;
216 sd->scr[5] = 0x00;
217 sd->scr[6] = 0x00;
218 sd->scr[7] = 0x00;
219}
220
221#define MID 0xaa
222#define OID "XY"
223#define PNM "QEMU!"
224#define PRV 0x01
225#define MDT_YR 2006
226#define MDT_MON 2
227
228static void sd_set_cid(SDState *sd)
229{
230 sd->cid[0] = MID; /* Fake card manufacturer ID (MID) */
231 sd->cid[1] = OID[0]; /* OEM/Application ID (OID) */
232 sd->cid[2] = OID[1];
233 sd->cid[3] = PNM[0]; /* Fake product name (PNM) */
234 sd->cid[4] = PNM[1];
235 sd->cid[5] = PNM[2];
236 sd->cid[6] = PNM[3];
237 sd->cid[7] = PNM[4];
238 sd->cid[8] = PRV; /* Fake product revision (PRV) */
239 sd->cid[9] = 0xde; /* Fake serial number (PSN) */
240 sd->cid[10] = 0xad;
241 sd->cid[11] = 0xbe;
242 sd->cid[12] = 0xef;
243 sd->cid[13] = 0x00 | /* Manufacture date (MDT) */
244 ((MDT_YR - 2000) / 10);
245 sd->cid[14] = ((MDT_YR % 10) << 4) | MDT_MON;
246 sd->cid[15] = (sd_crc7(sd->cid, 15) << 1) | 1;
247}
248
249#define HWBLOCK_SHIFT 9 /* 512 bytes */
250#define SECTOR_SHIFT 5 /* 16 kilobytes */
251#define WPGROUP_SHIFT 7 /* 2 megs */
252#define CMULT_SHIFT 9 /* 512 times HWBLOCK_SIZE */
pbrooka1bb27b2007-04-06 16:49:48 +0000253#define WPGROUP_SIZE (1 << (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT))
254
255static const uint8_t sd_csd_rw_mask[16] = {
256 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
257 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfc, 0xfe,
258};
259
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100260static void sd_set_csd(SDState *sd, uint64_t size)
pbrooka1bb27b2007-04-06 16:49:48 +0000261{
262 uint32_t csize = (size >> (CMULT_SHIFT + HWBLOCK_SHIFT)) - 1;
263 uint32_t sectsize = (1 << (SECTOR_SHIFT + 1)) - 1;
264 uint32_t wpsize = (1 << (WPGROUP_SHIFT + 1)) - 1;
265
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100266 if (size <= 0x40000000) { /* Standard Capacity SD */
267 sd->csd[0] = 0x00; /* CSD structure */
268 sd->csd[1] = 0x26; /* Data read access-time-1 */
269 sd->csd[2] = 0x00; /* Data read access-time-2 */
270 sd->csd[3] = 0x5a; /* Max. data transfer rate */
271 sd->csd[4] = 0x5f; /* Card Command Classes */
272 sd->csd[5] = 0x50 | /* Max. read data block length */
273 HWBLOCK_SHIFT;
274 sd->csd[6] = 0xe0 | /* Partial block for read allowed */
275 ((csize >> 10) & 0x03);
276 sd->csd[7] = 0x00 | /* Device size */
277 ((csize >> 2) & 0xff);
278 sd->csd[8] = 0x3f | /* Max. read current */
279 ((csize << 6) & 0xc0);
280 sd->csd[9] = 0xfc | /* Max. write current */
281 ((CMULT_SHIFT - 2) >> 1);
282 sd->csd[10] = 0x40 | /* Erase sector size */
283 (((CMULT_SHIFT - 2) << 7) & 0x80) | (sectsize >> 1);
284 sd->csd[11] = 0x00 | /* Write protect group size */
285 ((sectsize << 7) & 0x80) | wpsize;
286 sd->csd[12] = 0x90 | /* Write speed factor */
287 (HWBLOCK_SHIFT >> 2);
288 sd->csd[13] = 0x20 | /* Max. write data block length */
289 ((HWBLOCK_SHIFT << 6) & 0xc0);
290 sd->csd[14] = 0x00; /* File format group */
291 sd->csd[15] = (sd_crc7(sd->csd, 15) << 1) | 1;
292 } else { /* SDHC */
293 size /= 512 * 1024;
294 size -= 1;
295 sd->csd[0] = 0x40;
296 sd->csd[1] = 0x0e;
297 sd->csd[2] = 0x00;
298 sd->csd[3] = 0x32;
299 sd->csd[4] = 0x5b;
300 sd->csd[5] = 0x59;
301 sd->csd[6] = 0x00;
302 sd->csd[7] = (size >> 16) & 0xff;
303 sd->csd[8] = (size >> 8) & 0xff;
304 sd->csd[9] = (size & 0xff);
305 sd->csd[10] = 0x7f;
306 sd->csd[11] = 0x80;
307 sd->csd[12] = 0x0a;
308 sd->csd[13] = 0x40;
309 sd->csd[14] = 0x00;
310 sd->csd[15] = 0x00;
311 sd->ocr |= 1 << 30; /* High Capacity SD Memort Card */
312 }
pbrooka1bb27b2007-04-06 16:49:48 +0000313}
314
315static void sd_set_rca(SDState *sd)
316{
317 sd->rca += 0x4567;
318}
319
Peter Maydellb8d334c2011-12-18 21:37:52 +0100320/* Card status bits, split by clear condition:
321 * A : According to the card current state
322 * B : Always related to the previous command
323 * C : Cleared by read
324 */
pbrooka1bb27b2007-04-06 16:49:48 +0000325#define CARD_STATUS_A 0x02004100
326#define CARD_STATUS_B 0x00c01e00
327#define CARD_STATUS_C 0xfd39a028
328
329static void sd_set_cardstatus(SDState *sd)
330{
331 sd->card_status = 0x00000100;
332}
333
334static void sd_set_sdstatus(SDState *sd)
335{
336 memset(sd->sd_status, 0, 64);
337}
338
Paul Brookbc24a222009-05-10 01:44:56 +0100339static int sd_req_crc_validate(SDRequest *req)
pbrooka1bb27b2007-04-06 16:49:48 +0000340{
341 uint8_t buffer[5];
342 buffer[0] = 0x40 | req->cmd;
343 buffer[1] = (req->arg >> 24) & 0xff;
344 buffer[2] = (req->arg >> 16) & 0xff;
345 buffer[3] = (req->arg >> 8) & 0xff;
346 buffer[4] = (req->arg >> 0) & 0xff;
347 return 0;
348 return sd_crc7(buffer, 5) != req->crc; /* TODO */
349}
350
Peter Maydell10a412d2011-12-18 21:37:58 +0100351static void sd_response_r1_make(SDState *sd, uint8_t *response)
pbrooka1bb27b2007-04-06 16:49:48 +0000352{
Peter Maydell10a412d2011-12-18 21:37:58 +0100353 uint32_t status = sd->card_status;
Peter Maydell1d06cb72011-12-18 21:37:59 +0100354 /* Clear the "clear on read" status bits */
355 sd->card_status &= ~CARD_STATUS_C;
pbrooka1bb27b2007-04-06 16:49:48 +0000356
357 response[0] = (status >> 24) & 0xff;
358 response[1] = (status >> 16) & 0xff;
359 response[2] = (status >> 8) & 0xff;
360 response[3] = (status >> 0) & 0xff;
361}
362
pbrook9596ebb2007-11-18 01:44:38 +0000363static void sd_response_r3_make(SDState *sd, uint8_t *response)
pbrooka1bb27b2007-04-06 16:49:48 +0000364{
365 response[0] = (sd->ocr >> 24) & 0xff;
366 response[1] = (sd->ocr >> 16) & 0xff;
367 response[2] = (sd->ocr >> 8) & 0xff;
368 response[3] = (sd->ocr >> 0) & 0xff;
369}
370
pbrook9596ebb2007-11-18 01:44:38 +0000371static void sd_response_r6_make(SDState *sd, uint8_t *response)
pbrooka1bb27b2007-04-06 16:49:48 +0000372{
373 uint16_t arg;
374 uint16_t status;
375
376 arg = sd->rca;
377 status = ((sd->card_status >> 8) & 0xc000) |
378 ((sd->card_status >> 6) & 0x2000) |
379 (sd->card_status & 0x1fff);
Peter Maydellfcfa9352011-12-18 21:38:00 +0100380 sd->card_status &= ~(CARD_STATUS_C & 0xc81fff);
pbrooka1bb27b2007-04-06 16:49:48 +0000381
382 response[0] = (arg >> 8) & 0xff;
383 response[1] = arg & 0xff;
384 response[2] = (status >> 8) & 0xff;
385 response[3] = status & 0xff;
386}
387
balrog1b088992007-12-24 14:41:39 +0000388static void sd_response_r7_make(SDState *sd, uint8_t *response)
389{
390 response[0] = (sd->vhs >> 24) & 0xff;
391 response[1] = (sd->vhs >> 16) & 0xff;
392 response[2] = (sd->vhs >> 8) & 0xff;
393 response[3] = (sd->vhs >> 0) & 0xff;
394}
395
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100396static inline uint64_t sd_addr_to_wpnum(uint64_t addr)
397{
398 return addr >> (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT);
399}
400
pbrooka1bb27b2007-04-06 16:49:48 +0000401static void sd_reset(SDState *sd, BlockDriverState *bdrv)
402{
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100403 uint64_t size;
pbrooka1bb27b2007-04-06 16:49:48 +0000404 uint64_t sect;
405
Paul Brook03f311e2009-05-03 16:52:16 +0100406 if (bdrv) {
407 bdrv_get_geometry(bdrv, &sect);
408 } else {
409 sect = 0;
410 }
Vincent Palatin5e371412011-07-25 16:19:05 -0700411 size = sect << 9;
pbrooka1bb27b2007-04-06 16:49:48 +0000412
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100413 sect = sd_addr_to_wpnum(size) + 1;
pbrooka1bb27b2007-04-06 16:49:48 +0000414
415 sd->state = sd_idle_state;
416 sd->rca = 0x0000;
417 sd_set_ocr(sd);
418 sd_set_scr(sd);
419 sd_set_cid(sd);
420 sd_set_csd(sd, size);
421 sd_set_cardstatus(sd);
422 sd_set_sdstatus(sd);
423
424 sd->bdrv = bdrv;
425
pbrook257514d2007-11-17 15:32:38 +0000426 if (sd->wp_groups)
Anthony Liguori7267c092011-08-20 22:09:37 -0500427 g_free(sd->wp_groups);
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100428 sd->wp_switch = bdrv ? bdrv_is_read_only(bdrv) : false;
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000429 sd->wpgrps_size = sect;
430 sd->wp_groups = bitmap_new(sd->wpgrps_size);
431 memset(sd->function_group, 0, sizeof(sd->function_group));
pbrooka1bb27b2007-04-06 16:49:48 +0000432 sd->erase_start = 0;
433 sd->erase_end = 0;
434 sd->size = size;
435 sd->blk_len = 0x200;
436 sd->pwd_len = 0;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100437 sd->expecting_acmd = false;
pbrooka1bb27b2007-04-06 16:49:48 +0000438}
439
Markus Armbruster7d4b4ba2011-09-06 18:58:59 +0200440static void sd_cardchange(void *opaque, bool load)
pbrooka1bb27b2007-04-06 16:49:48 +0000441{
442 SDState *sd = opaque;
Christoph Hellwigdb97ee62011-01-24 13:32:41 +0100443
balrog02ce6002007-11-17 14:34:44 +0000444 qemu_set_irq(sd->inserted_cb, bdrv_is_inserted(sd->bdrv));
pbrooka1bb27b2007-04-06 16:49:48 +0000445 if (bdrv_is_inserted(sd->bdrv)) {
446 sd_reset(sd, sd->bdrv);
pbrook257514d2007-11-17 15:32:38 +0000447 qemu_set_irq(sd->readonly_cb, sd->wp_switch);
pbrooka1bb27b2007-04-06 16:49:48 +0000448 }
449}
450
Markus Armbruster0e49de52011-08-03 15:07:41 +0200451static const BlockDevOps sd_block_ops = {
Markus Armbruster145feb12011-08-03 15:07:42 +0200452 .change_media_cb = sd_cardchange,
Markus Armbruster0e49de52011-08-03 15:07:41 +0200453};
454
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000455static const VMStateDescription sd_vmstate = {
456 .name = "sd-card",
457 .version_id = 1,
458 .minimum_version_id = 1,
459 .fields = (VMStateField[]) {
460 VMSTATE_UINT32(mode, SDState),
461 VMSTATE_INT32(state, SDState),
462 VMSTATE_UINT8_ARRAY(cid, SDState, 16),
463 VMSTATE_UINT8_ARRAY(csd, SDState, 16),
464 VMSTATE_UINT16(rca, SDState),
465 VMSTATE_UINT32(card_status, SDState),
466 VMSTATE_PARTIAL_BUFFER(sd_status, SDState, 1),
467 VMSTATE_UINT32(vhs, SDState),
468 VMSTATE_BITMAP(wp_groups, SDState, 0, wpgrps_size),
469 VMSTATE_UINT32(blk_len, SDState),
470 VMSTATE_UINT32(erase_start, SDState),
471 VMSTATE_UINT32(erase_end, SDState),
472 VMSTATE_UINT8_ARRAY(pwd, SDState, 16),
473 VMSTATE_UINT32(pwd_len, SDState),
474 VMSTATE_UINT8_ARRAY(function_group, SDState, 6),
475 VMSTATE_UINT8(current_cmd, SDState),
476 VMSTATE_BOOL(expecting_acmd, SDState),
477 VMSTATE_UINT32(blk_written, SDState),
478 VMSTATE_UINT64(data_start, SDState),
479 VMSTATE_UINT32(data_offset, SDState),
480 VMSTATE_UINT8_ARRAY(data, SDState, 512),
481 VMSTATE_BUFFER_UNSAFE(buf, SDState, 1, 512),
482 VMSTATE_BOOL(enable, SDState),
483 VMSTATE_END_OF_LIST()
484 }
485};
486
pbrook775616c2007-11-24 23:35:08 +0000487/* We do not model the chip select pin, so allow the board to select
balrog8ef63672007-11-25 18:46:17 +0000488 whether card should be in SSI or MMC/SD mode. It is also up to the
pbrook775616c2007-11-24 23:35:08 +0000489 board to ensure that ssi transfers only occur when the chip select
490 is asserted. */
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100491SDState *sd_init(BlockDriverState *bs, bool is_spi)
pbrooka1bb27b2007-04-06 16:49:48 +0000492{
493 SDState *sd;
494
Anthony Liguori7267c092011-08-20 22:09:37 -0500495 sd = (SDState *) g_malloc0(sizeof(SDState));
Christoph Hellwig72aef732010-09-12 23:42:56 +0200496 sd->buf = qemu_blockalign(bs, 512);
pbrook775616c2007-11-24 23:35:08 +0000497 sd->spi = is_spi;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +0100498 sd->enable = true;
pbrooka1bb27b2007-04-06 16:49:48 +0000499 sd_reset(sd, bs);
Paul Brook03f311e2009-05-03 16:52:16 +0100500 if (sd->bdrv) {
Markus Armbrusterfa879d62011-08-03 15:07:40 +0200501 bdrv_attach_dev_nofail(sd->bdrv, sd);
Markus Armbruster0e49de52011-08-03 15:07:41 +0200502 bdrv_set_dev_ops(sd->bdrv, &sd_block_ops, sd);
Paul Brook03f311e2009-05-03 16:52:16 +0100503 }
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000504 vmstate_register(NULL, -1, &sd_vmstate, sd);
pbrooka1bb27b2007-04-06 16:49:48 +0000505 return sd;
506}
507
balrog02ce6002007-11-17 14:34:44 +0000508void sd_set_cb(SDState *sd, qemu_irq readonly, qemu_irq insert)
pbrooka1bb27b2007-04-06 16:49:48 +0000509{
balrog02ce6002007-11-17 14:34:44 +0000510 sd->readonly_cb = readonly;
511 sd->inserted_cb = insert;
Aurelien Jarno0d2e91c2011-03-06 20:02:40 +0100512 qemu_set_irq(readonly, sd->bdrv ? bdrv_is_read_only(sd->bdrv) : 0);
513 qemu_set_irq(insert, sd->bdrv ? bdrv_is_inserted(sd->bdrv) : 0);
pbrooka1bb27b2007-04-06 16:49:48 +0000514}
515
516static void sd_erase(SDState *sd)
517{
Igor Mitsyankof2d189d2012-10-30 07:45:12 +0000518 int i;
519 uint64_t erase_start = sd->erase_start;
520 uint64_t erase_end = sd->erase_end;
521
pbrooka1bb27b2007-04-06 16:49:48 +0000522 if (!sd->erase_start || !sd->erase_end) {
523 sd->card_status |= ERASE_SEQ_ERROR;
524 return;
525 }
526
Igor Mitsyankof2d189d2012-10-30 07:45:12 +0000527 if (extract32(sd->ocr, OCR_CCS_BITN, 1)) {
528 /* High capacity memory card: erase units are 512 byte blocks */
529 erase_start *= 512;
530 erase_end *= 512;
531 }
532
533 erase_start = sd_addr_to_wpnum(erase_start);
534 erase_end = sd_addr_to_wpnum(erase_end);
pbrooka1bb27b2007-04-06 16:49:48 +0000535 sd->erase_start = 0;
536 sd->erase_end = 0;
537 sd->csd[14] |= 0x40;
538
Igor Mitsyankof2d189d2012-10-30 07:45:12 +0000539 for (i = erase_start; i <= erase_end; i++) {
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100540 if (test_bit(i, sd->wp_groups)) {
pbrooka1bb27b2007-04-06 16:49:48 +0000541 sd->card_status |= WP_ERASE_SKIP;
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100542 }
543 }
pbrooka1bb27b2007-04-06 16:49:48 +0000544}
545
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100546static uint32_t sd_wpbits(SDState *sd, uint64_t addr)
pbrooka1bb27b2007-04-06 16:49:48 +0000547{
548 uint32_t i, wpnum;
549 uint32_t ret = 0;
550
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100551 wpnum = sd_addr_to_wpnum(addr);
pbrooka1bb27b2007-04-06 16:49:48 +0000552
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100553 for (i = 0; i < 32; i++, wpnum++, addr += WPGROUP_SIZE) {
554 if (addr < sd->size && test_bit(wpnum, sd->wp_groups)) {
pbrooka1bb27b2007-04-06 16:49:48 +0000555 ret |= (1 << i);
Mitsyanko Igora9c01832012-08-13 11:04:06 +0100556 }
557 }
pbrooka1bb27b2007-04-06 16:49:48 +0000558
559 return ret;
560}
561
562static void sd_function_switch(SDState *sd, uint32_t arg)
563{
564 int i, mode, new_func, crc;
565 mode = !!(arg & 0x80000000);
566
567 sd->data[0] = 0x00; /* Maximum current consumption */
568 sd->data[1] = 0x01;
569 sd->data[2] = 0x80; /* Supported group 6 functions */
570 sd->data[3] = 0x01;
571 sd->data[4] = 0x80; /* Supported group 5 functions */
572 sd->data[5] = 0x01;
573 sd->data[6] = 0x80; /* Supported group 4 functions */
574 sd->data[7] = 0x01;
575 sd->data[8] = 0x80; /* Supported group 3 functions */
576 sd->data[9] = 0x01;
577 sd->data[10] = 0x80; /* Supported group 2 functions */
578 sd->data[11] = 0x43;
579 sd->data[12] = 0x80; /* Supported group 1 functions */
580 sd->data[13] = 0x03;
581 for (i = 0; i < 6; i ++) {
582 new_func = (arg >> (i * 4)) & 0x0f;
583 if (mode && new_func != 0x0f)
584 sd->function_group[i] = new_func;
585 sd->data[14 + (i >> 1)] = new_func << ((i * 4) & 4);
586 }
587 memset(&sd->data[17], 0, 47);
588 crc = sd_crc16(sd->data, 64);
589 sd->data[65] = crc >> 8;
590 sd->data[66] = crc & 0xff;
591}
592
Mitsyanko Igor4e8f1be2012-08-13 11:04:07 +0100593static inline bool sd_wp_addr(SDState *sd, uint64_t addr)
pbrooka1bb27b2007-04-06 16:49:48 +0000594{
Mitsyanko Igorb7202b82012-08-13 11:04:06 +0100595 return test_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
pbrooka1bb27b2007-04-06 16:49:48 +0000596}
597
598static void sd_lock_command(SDState *sd)
599{
600 int erase, lock, clr_pwd, set_pwd, pwd_len;
601 erase = !!(sd->data[0] & 0x08);
602 lock = sd->data[0] & 0x04;
603 clr_pwd = sd->data[0] & 0x02;
604 set_pwd = sd->data[0] & 0x01;
605
606 if (sd->blk_len > 1)
607 pwd_len = sd->data[1];
608 else
609 pwd_len = 0;
610
611 if (erase) {
612 if (!(sd->card_status & CARD_IS_LOCKED) || sd->blk_len > 1 ||
613 set_pwd || clr_pwd || lock || sd->wp_switch ||
614 (sd->csd[14] & 0x20)) {
615 sd->card_status |= LOCK_UNLOCK_FAILED;
616 return;
617 }
Igor Mitsyanko50a5be62012-10-30 07:45:12 +0000618 bitmap_zero(sd->wp_groups, sd->wpgrps_size);
pbrooka1bb27b2007-04-06 16:49:48 +0000619 sd->csd[14] &= ~0x10;
620 sd->card_status &= ~CARD_IS_LOCKED;
621 sd->pwd_len = 0;
622 /* Erasing the entire card here! */
balrog827df9f2008-04-14 21:05:22 +0000623 fprintf(stderr, "SD: Card force-erased by CMD42\n");
pbrooka1bb27b2007-04-06 16:49:48 +0000624 return;
625 }
626
627 if (sd->blk_len < 2 + pwd_len ||
628 pwd_len <= sd->pwd_len ||
629 pwd_len > sd->pwd_len + 16) {
630 sd->card_status |= LOCK_UNLOCK_FAILED;
631 return;
632 }
633
634 if (sd->pwd_len && memcmp(sd->pwd, sd->data + 2, sd->pwd_len)) {
635 sd->card_status |= LOCK_UNLOCK_FAILED;
636 return;
637 }
638
639 pwd_len -= sd->pwd_len;
640 if ((pwd_len && !set_pwd) ||
641 (clr_pwd && (set_pwd || lock)) ||
642 (lock && !sd->pwd_len && !set_pwd) ||
643 (!set_pwd && !clr_pwd &&
644 (((sd->card_status & CARD_IS_LOCKED) && lock) ||
645 (!(sd->card_status & CARD_IS_LOCKED) && !lock)))) {
646 sd->card_status |= LOCK_UNLOCK_FAILED;
647 return;
648 }
649
650 if (set_pwd) {
651 memcpy(sd->pwd, sd->data + 2 + sd->pwd_len, pwd_len);
652 sd->pwd_len = pwd_len;
653 }
654
655 if (clr_pwd) {
656 sd->pwd_len = 0;
657 }
658
659 if (lock)
660 sd->card_status |= CARD_IS_LOCKED;
661 else
662 sd->card_status &= ~CARD_IS_LOCKED;
663}
664
Anthony Liguoric227f092009-10-01 16:12:16 -0500665static sd_rsp_type_t sd_normal_command(SDState *sd,
Paul Brookbc24a222009-05-10 01:44:56 +0100666 SDRequest req)
pbrooka1bb27b2007-04-06 16:49:48 +0000667{
668 uint32_t rca = 0x0000;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100669 uint64_t addr = (sd->ocr & (1 << 30)) ? (uint64_t) req.arg << 9 : req.arg;
pbrooka1bb27b2007-04-06 16:49:48 +0000670
Peter Maydell1d06cb72011-12-18 21:37:59 +0100671 /* Not interpreting this as an app command */
672 sd->card_status &= ~APP_CMD;
673
pbrooka1bb27b2007-04-06 16:49:48 +0000674 if (sd_cmd_type[req.cmd] == sd_ac || sd_cmd_type[req.cmd] == sd_adtc)
675 rca = req.arg >> 16;
676
677 DPRINTF("CMD%d 0x%08x state %d\n", req.cmd, req.arg, sd->state);
678 switch (req.cmd) {
679 /* Basic commands (Class 0 and Class 1) */
680 case 0: /* CMD0: GO_IDLE_STATE */
681 switch (sd->state) {
682 case sd_inactive_state:
pbrook775616c2007-11-24 23:35:08 +0000683 return sd->spi ? sd_r1 : sd_r0;
pbrooka1bb27b2007-04-06 16:49:48 +0000684
685 default:
686 sd->state = sd_idle_state;
687 sd_reset(sd, sd->bdrv);
pbrook775616c2007-11-24 23:35:08 +0000688 return sd->spi ? sd_r1 : sd_r0;
pbrooka1bb27b2007-04-06 16:49:48 +0000689 }
690 break;
691
pbrook775616c2007-11-24 23:35:08 +0000692 case 1: /* CMD1: SEND_OP_CMD */
693 if (!sd->spi)
694 goto bad_cmd;
695
696 sd->state = sd_transfer_state;
697 return sd_r1;
698
pbrooka1bb27b2007-04-06 16:49:48 +0000699 case 2: /* CMD2: ALL_SEND_CID */
pbrook775616c2007-11-24 23:35:08 +0000700 if (sd->spi)
701 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000702 switch (sd->state) {
703 case sd_ready_state:
704 sd->state = sd_identification_state;
705 return sd_r2_i;
706
707 default:
708 break;
709 }
710 break;
711
712 case 3: /* CMD3: SEND_RELATIVE_ADDR */
pbrook775616c2007-11-24 23:35:08 +0000713 if (sd->spi)
714 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000715 switch (sd->state) {
716 case sd_identification_state:
717 case sd_standby_state:
718 sd->state = sd_standby_state;
719 sd_set_rca(sd);
720 return sd_r6;
721
722 default:
723 break;
724 }
725 break;
726
727 case 4: /* CMD4: SEND_DSR */
pbrook775616c2007-11-24 23:35:08 +0000728 if (sd->spi)
729 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000730 switch (sd->state) {
731 case sd_standby_state:
732 break;
733
734 default:
735 break;
736 }
737 break;
738
Juha Riihimäki109ac322009-12-03 15:56:07 +0200739 case 5: /* CMD5: reserved for SDIO cards */
Peter Maydell53bb8cc2011-12-18 21:37:55 +0100740 return sd_illegal;
Juha Riihimäki109ac322009-12-03 15:56:07 +0200741
pbrooka1bb27b2007-04-06 16:49:48 +0000742 case 6: /* CMD6: SWITCH_FUNCTION */
pbrook775616c2007-11-24 23:35:08 +0000743 if (sd->spi)
744 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000745 switch (sd->mode) {
746 case sd_data_transfer_mode:
747 sd_function_switch(sd, req.arg);
748 sd->state = sd_sendingdata_state;
749 sd->data_start = 0;
750 sd->data_offset = 0;
751 return sd_r1;
752
753 default:
754 break;
755 }
756 break;
757
758 case 7: /* CMD7: SELECT/DESELECT_CARD */
pbrook775616c2007-11-24 23:35:08 +0000759 if (sd->spi)
760 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000761 switch (sd->state) {
762 case sd_standby_state:
763 if (sd->rca != rca)
764 return sd_r0;
765
766 sd->state = sd_transfer_state;
767 return sd_r1b;
768
769 case sd_transfer_state:
770 case sd_sendingdata_state:
771 if (sd->rca == rca)
772 break;
773
774 sd->state = sd_standby_state;
775 return sd_r1b;
776
777 case sd_disconnect_state:
778 if (sd->rca != rca)
779 return sd_r0;
780
781 sd->state = sd_programming_state;
782 return sd_r1b;
783
784 case sd_programming_state:
785 if (sd->rca == rca)
786 break;
787
788 sd->state = sd_disconnect_state;
789 return sd_r1b;
790
791 default:
792 break;
793 }
794 break;
795
balrog1b088992007-12-24 14:41:39 +0000796 case 8: /* CMD8: SEND_IF_COND */
797 /* Physical Layer Specification Version 2.00 command */
798 switch (sd->state) {
799 case sd_idle_state:
800 sd->vhs = 0;
801
802 /* No response if not exactly one VHS bit is set. */
803 if (!(req.arg >> 8) || (req.arg >> ffs(req.arg & ~0xff)))
804 return sd->spi ? sd_r7 : sd_r0;
805
806 /* Accept. */
807 sd->vhs = req.arg;
808 return sd_r7;
809
810 default:
811 break;
812 }
813 break;
814
pbrooka1bb27b2007-04-06 16:49:48 +0000815 case 9: /* CMD9: SEND_CSD */
816 switch (sd->state) {
817 case sd_standby_state:
818 if (sd->rca != rca)
819 return sd_r0;
820
821 return sd_r2_s;
822
pbrook775616c2007-11-24 23:35:08 +0000823 case sd_transfer_state:
824 if (!sd->spi)
825 break;
826 sd->state = sd_sendingdata_state;
827 memcpy(sd->data, sd->csd, 16);
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100828 sd->data_start = addr;
pbrook775616c2007-11-24 23:35:08 +0000829 sd->data_offset = 0;
830 return sd_r1;
831
pbrooka1bb27b2007-04-06 16:49:48 +0000832 default:
833 break;
834 }
835 break;
836
837 case 10: /* CMD10: SEND_CID */
838 switch (sd->state) {
839 case sd_standby_state:
840 if (sd->rca != rca)
841 return sd_r0;
842
843 return sd_r2_i;
844
pbrook775616c2007-11-24 23:35:08 +0000845 case sd_transfer_state:
846 if (!sd->spi)
847 break;
848 sd->state = sd_sendingdata_state;
849 memcpy(sd->data, sd->cid, 16);
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100850 sd->data_start = addr;
pbrook775616c2007-11-24 23:35:08 +0000851 sd->data_offset = 0;
852 return sd_r1;
853
pbrooka1bb27b2007-04-06 16:49:48 +0000854 default:
855 break;
856 }
857 break;
858
859 case 11: /* CMD11: READ_DAT_UNTIL_STOP */
pbrook775616c2007-11-24 23:35:08 +0000860 if (sd->spi)
861 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000862 switch (sd->state) {
863 case sd_transfer_state:
864 sd->state = sd_sendingdata_state;
865 sd->data_start = req.arg;
866 sd->data_offset = 0;
867
868 if (sd->data_start + sd->blk_len > sd->size)
869 sd->card_status |= ADDRESS_ERROR;
870 return sd_r0;
871
872 default:
873 break;
874 }
875 break;
876
877 case 12: /* CMD12: STOP_TRANSMISSION */
878 switch (sd->state) {
879 case sd_sendingdata_state:
880 sd->state = sd_transfer_state;
881 return sd_r1b;
882
883 case sd_receivingdata_state:
884 sd->state = sd_programming_state;
885 /* Bzzzzzzztt .... Operation complete. */
886 sd->state = sd_transfer_state;
887 return sd_r1b;
888
889 default:
890 break;
891 }
892 break;
893
894 case 13: /* CMD13: SEND_STATUS */
895 switch (sd->mode) {
896 case sd_data_transfer_mode:
897 if (sd->rca != rca)
898 return sd_r0;
899
900 return sd_r1;
901
902 default:
903 break;
904 }
905 break;
906
907 case 15: /* CMD15: GO_INACTIVE_STATE */
pbrook775616c2007-11-24 23:35:08 +0000908 if (sd->spi)
909 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000910 switch (sd->mode) {
911 case sd_data_transfer_mode:
912 if (sd->rca != rca)
913 return sd_r0;
914
915 sd->state = sd_inactive_state;
916 return sd_r0;
917
918 default:
919 break;
920 }
921 break;
922
923 /* Block read commands (Classs 2) */
924 case 16: /* CMD16: SET_BLOCKLEN */
925 switch (sd->state) {
926 case sd_transfer_state:
927 if (req.arg > (1 << HWBLOCK_SHIFT))
928 sd->card_status |= BLOCK_LEN_ERROR;
929 else
930 sd->blk_len = req.arg;
931
932 return sd_r1;
933
934 default:
935 break;
936 }
937 break;
938
939 case 17: /* CMD17: READ_SINGLE_BLOCK */
940 switch (sd->state) {
941 case sd_transfer_state:
942 sd->state = sd_sendingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100943 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000944 sd->data_offset = 0;
945
946 if (sd->data_start + sd->blk_len > sd->size)
947 sd->card_status |= ADDRESS_ERROR;
948 return sd_r1;
949
950 default:
951 break;
952 }
953 break;
954
955 case 18: /* CMD18: READ_MULTIPLE_BLOCK */
956 switch (sd->state) {
957 case sd_transfer_state:
958 sd->state = sd_sendingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100959 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000960 sd->data_offset = 0;
961
962 if (sd->data_start + sd->blk_len > sd->size)
963 sd->card_status |= ADDRESS_ERROR;
964 return sd_r1;
965
966 default:
967 break;
968 }
969 break;
970
971 /* Block write commands (Class 4) */
972 case 24: /* CMD24: WRITE_SINGLE_BLOCK */
pbrook775616c2007-11-24 23:35:08 +0000973 if (sd->spi)
974 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +0000975 switch (sd->state) {
976 case sd_transfer_state:
pbrook775616c2007-11-24 23:35:08 +0000977 /* Writing in SPI mode not implemented. */
978 if (sd->spi)
979 break;
pbrooka1bb27b2007-04-06 16:49:48 +0000980 sd->state = sd_receivingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +0100981 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +0000982 sd->data_offset = 0;
983 sd->blk_written = 0;
984
985 if (sd->data_start + sd->blk_len > sd->size)
986 sd->card_status |= ADDRESS_ERROR;
987 if (sd_wp_addr(sd, sd->data_start))
988 sd->card_status |= WP_VIOLATION;
989 if (sd->csd[14] & 0x30)
990 sd->card_status |= WP_VIOLATION;
991 return sd_r1;
992
993 default:
994 break;
995 }
996 break;
997
998 case 25: /* CMD25: WRITE_MULTIPLE_BLOCK */
pbrook775616c2007-11-24 23:35:08 +0000999 if (sd->spi)
1000 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +00001001 switch (sd->state) {
1002 case sd_transfer_state:
pbrook775616c2007-11-24 23:35:08 +00001003 /* Writing in SPI mode not implemented. */
1004 if (sd->spi)
1005 break;
pbrooka1bb27b2007-04-06 16:49:48 +00001006 sd->state = sd_receivingdata_state;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001007 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +00001008 sd->data_offset = 0;
1009 sd->blk_written = 0;
1010
1011 if (sd->data_start + sd->blk_len > sd->size)
1012 sd->card_status |= ADDRESS_ERROR;
1013 if (sd_wp_addr(sd, sd->data_start))
1014 sd->card_status |= WP_VIOLATION;
1015 if (sd->csd[14] & 0x30)
1016 sd->card_status |= WP_VIOLATION;
1017 return sd_r1;
1018
1019 default:
1020 break;
1021 }
1022 break;
1023
1024 case 26: /* CMD26: PROGRAM_CID */
pbrook775616c2007-11-24 23:35:08 +00001025 if (sd->spi)
1026 goto bad_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +00001027 switch (sd->state) {
1028 case sd_transfer_state:
1029 sd->state = sd_receivingdata_state;
1030 sd->data_start = 0;
1031 sd->data_offset = 0;
1032 return sd_r1;
1033
1034 default:
1035 break;
1036 }
1037 break;
1038
1039 case 27: /* CMD27: PROGRAM_CSD */
pbrook775616c2007-11-24 23:35:08 +00001040 if (sd->spi)
1041 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +00001042 switch (sd->state) {
1043 case sd_transfer_state:
1044 sd->state = sd_receivingdata_state;
1045 sd->data_start = 0;
1046 sd->data_offset = 0;
1047 return sd_r1;
1048
1049 default:
1050 break;
1051 }
1052 break;
1053
1054 /* Write protection (Class 6) */
1055 case 28: /* CMD28: SET_WRITE_PROT */
1056 switch (sd->state) {
1057 case sd_transfer_state:
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001058 if (addr >= sd->size) {
Peter Maydelle30d5932011-12-18 21:37:54 +01001059 sd->card_status |= ADDRESS_ERROR;
pbrooka1bb27b2007-04-06 16:49:48 +00001060 return sd_r1b;
1061 }
1062
1063 sd->state = sd_programming_state;
Mitsyanko Igorb7202b82012-08-13 11:04:06 +01001064 set_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
pbrooka1bb27b2007-04-06 16:49:48 +00001065 /* Bzzzzzzztt .... Operation complete. */
1066 sd->state = sd_transfer_state;
1067 return sd_r1b;
1068
1069 default:
1070 break;
1071 }
1072 break;
1073
1074 case 29: /* CMD29: CLR_WRITE_PROT */
1075 switch (sd->state) {
1076 case sd_transfer_state:
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001077 if (addr >= sd->size) {
Peter Maydelle30d5932011-12-18 21:37:54 +01001078 sd->card_status |= ADDRESS_ERROR;
pbrooka1bb27b2007-04-06 16:49:48 +00001079 return sd_r1b;
1080 }
1081
1082 sd->state = sd_programming_state;
Mitsyanko Igorb7202b82012-08-13 11:04:06 +01001083 clear_bit(sd_addr_to_wpnum(addr), sd->wp_groups);
pbrooka1bb27b2007-04-06 16:49:48 +00001084 /* Bzzzzzzztt .... Operation complete. */
1085 sd->state = sd_transfer_state;
1086 return sd_r1b;
1087
1088 default:
1089 break;
1090 }
1091 break;
1092
1093 case 30: /* CMD30: SEND_WRITE_PROT */
1094 switch (sd->state) {
1095 case sd_transfer_state:
1096 sd->state = sd_sendingdata_state;
1097 *(uint32_t *) sd->data = sd_wpbits(sd, req.arg);
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001098 sd->data_start = addr;
pbrooka1bb27b2007-04-06 16:49:48 +00001099 sd->data_offset = 0;
1100 return sd_r1b;
1101
1102 default:
1103 break;
1104 }
1105 break;
1106
1107 /* Erase commands (Class 5) */
1108 case 32: /* CMD32: ERASE_WR_BLK_START */
1109 switch (sd->state) {
1110 case sd_transfer_state:
1111 sd->erase_start = req.arg;
1112 return sd_r1;
1113
1114 default:
1115 break;
1116 }
1117 break;
1118
1119 case 33: /* CMD33: ERASE_WR_BLK_END */
1120 switch (sd->state) {
1121 case sd_transfer_state:
1122 sd->erase_end = req.arg;
1123 return sd_r1;
1124
1125 default:
1126 break;
1127 }
1128 break;
1129
1130 case 38: /* CMD38: ERASE */
1131 switch (sd->state) {
1132 case sd_transfer_state:
1133 if (sd->csd[14] & 0x30) {
1134 sd->card_status |= WP_VIOLATION;
1135 return sd_r1b;
1136 }
1137
1138 sd->state = sd_programming_state;
1139 sd_erase(sd);
1140 /* Bzzzzzzztt .... Operation complete. */
1141 sd->state = sd_transfer_state;
1142 return sd_r1b;
1143
1144 default:
1145 break;
1146 }
1147 break;
1148
1149 /* Lock card commands (Class 7) */
1150 case 42: /* CMD42: LOCK_UNLOCK */
pbrook775616c2007-11-24 23:35:08 +00001151 if (sd->spi)
1152 goto unimplemented_cmd;
pbrooka1bb27b2007-04-06 16:49:48 +00001153 switch (sd->state) {
1154 case sd_transfer_state:
1155 sd->state = sd_receivingdata_state;
1156 sd->data_start = 0;
1157 sd->data_offset = 0;
1158 return sd_r1;
1159
1160 default:
1161 break;
1162 }
1163 break;
1164
Peter Maydell39e594d2011-05-20 10:11:53 +01001165 case 52:
1166 case 53:
1167 /* CMD52, CMD53: reserved for SDIO cards
1168 * (see the SDIO Simplified Specification V2.0)
1169 * Handle as illegal command but do not complain
1170 * on stderr, as some OSes may use these in their
1171 * probing for presence of an SDIO card.
1172 */
Peter Maydell53bb8cc2011-12-18 21:37:55 +01001173 return sd_illegal;
Peter Maydell39e594d2011-05-20 10:11:53 +01001174
pbrooka1bb27b2007-04-06 16:49:48 +00001175 /* Application specific commands (Class 8) */
1176 case 55: /* CMD55: APP_CMD */
1177 if (sd->rca != rca)
1178 return sd_r0;
1179
Mitsyanko Igorbebd1272012-08-13 11:04:06 +01001180 sd->expecting_acmd = true;
pbrooka1bb27b2007-04-06 16:49:48 +00001181 sd->card_status |= APP_CMD;
1182 return sd_r1;
1183
1184 case 56: /* CMD56: GEN_CMD */
balrog827df9f2008-04-14 21:05:22 +00001185 fprintf(stderr, "SD: GEN_CMD 0x%08x\n", req.arg);
pbrooka1bb27b2007-04-06 16:49:48 +00001186
1187 switch (sd->state) {
1188 case sd_transfer_state:
1189 sd->data_offset = 0;
1190 if (req.arg & 1)
1191 sd->state = sd_sendingdata_state;
1192 else
1193 sd->state = sd_receivingdata_state;
1194 return sd_r1;
1195
1196 default:
1197 break;
1198 }
1199 break;
1200
1201 default:
pbrook775616c2007-11-24 23:35:08 +00001202 bad_cmd:
balrog827df9f2008-04-14 21:05:22 +00001203 fprintf(stderr, "SD: Unknown CMD%i\n", req.cmd);
Peter Maydell53bb8cc2011-12-18 21:37:55 +01001204 return sd_illegal;
pbrook775616c2007-11-24 23:35:08 +00001205
1206 unimplemented_cmd:
1207 /* Commands that are recognised but not yet implemented in SPI mode. */
balrog827df9f2008-04-14 21:05:22 +00001208 fprintf(stderr, "SD: CMD%i not implemented in SPI mode\n", req.cmd);
Peter Maydell53bb8cc2011-12-18 21:37:55 +01001209 return sd_illegal;
pbrooka1bb27b2007-04-06 16:49:48 +00001210 }
1211
balrog827df9f2008-04-14 21:05:22 +00001212 fprintf(stderr, "SD: CMD%i in a wrong state\n", req.cmd);
Peter Maydell53bb8cc2011-12-18 21:37:55 +01001213 return sd_illegal;
pbrooka1bb27b2007-04-06 16:49:48 +00001214}
1215
Anthony Liguoric227f092009-10-01 16:12:16 -05001216static sd_rsp_type_t sd_app_command(SDState *sd,
Blue Swirl22ed1d342010-04-25 19:31:06 +00001217 SDRequest req)
1218{
pbrooka1bb27b2007-04-06 16:49:48 +00001219 DPRINTF("ACMD%d 0x%08x\n", req.cmd, req.arg);
Peter Maydell1d06cb72011-12-18 21:37:59 +01001220 sd->card_status |= APP_CMD;
pbrooka1bb27b2007-04-06 16:49:48 +00001221 switch (req.cmd) {
1222 case 6: /* ACMD6: SET_BUS_WIDTH */
1223 switch (sd->state) {
1224 case sd_transfer_state:
1225 sd->sd_status[0] &= 0x3f;
1226 sd->sd_status[0] |= (req.arg & 0x03) << 6;
1227 return sd_r1;
1228
1229 default:
1230 break;
1231 }
1232 break;
1233
1234 case 13: /* ACMD13: SD_STATUS */
1235 switch (sd->state) {
1236 case sd_transfer_state:
Peter Maydellfb1ba032011-02-18 13:39:00 +00001237 sd->state = sd_sendingdata_state;
pbrooka1bb27b2007-04-06 16:49:48 +00001238 sd->data_start = 0;
1239 sd->data_offset = 0;
1240 return sd_r1;
1241
1242 default:
1243 break;
1244 }
1245 break;
1246
1247 case 22: /* ACMD22: SEND_NUM_WR_BLOCKS */
1248 switch (sd->state) {
1249 case sd_transfer_state:
1250 *(uint32_t *) sd->data = sd->blk_written;
1251
Peter Maydellfb1ba032011-02-18 13:39:00 +00001252 sd->state = sd_sendingdata_state;
pbrooka1bb27b2007-04-06 16:49:48 +00001253 sd->data_start = 0;
1254 sd->data_offset = 0;
1255 return sd_r1;
1256
1257 default:
1258 break;
1259 }
1260 break;
1261
1262 case 23: /* ACMD23: SET_WR_BLK_ERASE_COUNT */
1263 switch (sd->state) {
1264 case sd_transfer_state:
1265 return sd_r1;
1266
1267 default:
1268 break;
1269 }
1270 break;
1271
1272 case 41: /* ACMD41: SD_APP_OP_COND */
pbrook775616c2007-11-24 23:35:08 +00001273 if (sd->spi) {
1274 /* SEND_OP_CMD */
1275 sd->state = sd_transfer_state;
1276 return sd_r1;
1277 }
pbrooka1bb27b2007-04-06 16:49:48 +00001278 switch (sd->state) {
1279 case sd_idle_state:
1280 /* We accept any voltage. 10000 V is nothing. */
1281 if (req.arg)
1282 sd->state = sd_ready_state;
1283
1284 return sd_r3;
1285
1286 default:
1287 break;
1288 }
1289 break;
1290
1291 case 42: /* ACMD42: SET_CLR_CARD_DETECT */
1292 switch (sd->state) {
1293 case sd_transfer_state:
1294 /* Bringing in the 50KOhm pull-up resistor... Done. */
1295 return sd_r1;
1296
1297 default:
1298 break;
1299 }
1300 break;
1301
1302 case 51: /* ACMD51: SEND_SCR */
1303 switch (sd->state) {
1304 case sd_transfer_state:
1305 sd->state = sd_sendingdata_state;
1306 sd->data_start = 0;
1307 sd->data_offset = 0;
1308 return sd_r1;
1309
1310 default:
1311 break;
1312 }
1313 break;
1314
1315 default:
1316 /* Fall back to standard commands. */
pbrooka1bb27b2007-04-06 16:49:48 +00001317 return sd_normal_command(sd, req);
1318 }
1319
balrog827df9f2008-04-14 21:05:22 +00001320 fprintf(stderr, "SD: ACMD%i in a wrong state\n", req.cmd);
Peter Maydell5b08bfe2011-12-18 21:37:57 +01001321 return sd_illegal;
pbrooka1bb27b2007-04-06 16:49:48 +00001322}
1323
Peter Maydell25881d32011-12-18 21:37:51 +01001324static int cmd_valid_while_locked(SDState *sd, SDRequest *req)
1325{
1326 /* Valid commands in locked state:
1327 * basic class (0)
1328 * lock card class (7)
1329 * CMD16
1330 * implicitly, the ACMD prefix CMD55
1331 * ACMD41 and ACMD42
1332 * Anything else provokes an "illegal command" response.
1333 */
Peter Maydell1d06cb72011-12-18 21:37:59 +01001334 if (sd->expecting_acmd) {
Peter Maydell25881d32011-12-18 21:37:51 +01001335 return req->cmd == 41 || req->cmd == 42;
1336 }
1337 if (req->cmd == 16 || req->cmd == 55) {
1338 return 1;
1339 }
1340 return sd_cmd_class[req->cmd] == 0 || sd_cmd_class[req->cmd] == 7;
1341}
1342
Paul Brookbc24a222009-05-10 01:44:56 +01001343int sd_do_command(SDState *sd, SDRequest *req,
pbrooka1bb27b2007-04-06 16:49:48 +00001344 uint8_t *response) {
Peter Maydell10a412d2011-12-18 21:37:58 +01001345 int last_state;
Anthony Liguoric227f092009-10-01 16:12:16 -05001346 sd_rsp_type_t rtype;
pbrooka1bb27b2007-04-06 16:49:48 +00001347 int rsplen;
1348
Paul Brook03f311e2009-05-03 16:52:16 +01001349 if (!sd->bdrv || !bdrv_is_inserted(sd->bdrv) || !sd->enable) {
pbrooka1bb27b2007-04-06 16:49:48 +00001350 return 0;
1351 }
1352
1353 if (sd_req_crc_validate(req)) {
Peter Maydellabda1f32011-12-18 21:37:53 +01001354 sd->card_status |= COM_CRC_ERROR;
Peter Maydellb1f517e2011-12-18 21:37:56 +01001355 rtype = sd_illegal;
1356 goto send_response;
pbrooka1bb27b2007-04-06 16:49:48 +00001357 }
1358
Peter Maydell10a412d2011-12-18 21:37:58 +01001359 if (sd->card_status & CARD_IS_LOCKED) {
Peter Maydell25881d32011-12-18 21:37:51 +01001360 if (!cmd_valid_while_locked(sd, req)) {
pbrooka1bb27b2007-04-06 16:49:48 +00001361 sd->card_status |= ILLEGAL_COMMAND;
Mitsyanko Igorbebd1272012-08-13 11:04:06 +01001362 sd->expecting_acmd = false;
balrog827df9f2008-04-14 21:05:22 +00001363 fprintf(stderr, "SD: Card is locked\n");
Peter Maydellb1f517e2011-12-18 21:37:56 +01001364 rtype = sd_illegal;
1365 goto send_response;
pbrooka1bb27b2007-04-06 16:49:48 +00001366 }
Peter Maydell25881d32011-12-18 21:37:51 +01001367 }
pbrooka1bb27b2007-04-06 16:49:48 +00001368
Peter Maydell10a412d2011-12-18 21:37:58 +01001369 last_state = sd->state;
1370 sd_set_mode(sd);
1371
Peter Maydell1d06cb72011-12-18 21:37:59 +01001372 if (sd->expecting_acmd) {
Mitsyanko Igorbebd1272012-08-13 11:04:06 +01001373 sd->expecting_acmd = false;
pbrooka1bb27b2007-04-06 16:49:48 +00001374 rtype = sd_app_command(sd, *req);
Peter Maydell1d06cb72011-12-18 21:37:59 +01001375 } else {
pbrooka1bb27b2007-04-06 16:49:48 +00001376 rtype = sd_normal_command(sd, *req);
Peter Maydell1d06cb72011-12-18 21:37:59 +01001377 }
pbrooka1bb27b2007-04-06 16:49:48 +00001378
Peter Maydell53bb8cc2011-12-18 21:37:55 +01001379 if (rtype == sd_illegal) {
1380 sd->card_status |= ILLEGAL_COMMAND;
Peter Maydell10a412d2011-12-18 21:37:58 +01001381 } else {
1382 /* Valid command, we can update the 'state before command' bits.
1383 * (Do this now so they appear in r1 responses.)
1384 */
1385 sd->current_cmd = req->cmd;
1386 sd->card_status &= ~CURRENT_STATE;
1387 sd->card_status |= (last_state << 9);
Peter Maydell53bb8cc2011-12-18 21:37:55 +01001388 }
1389
Peter Maydellb1f517e2011-12-18 21:37:56 +01001390send_response:
pbrooka1bb27b2007-04-06 16:49:48 +00001391 switch (rtype) {
1392 case sd_r1:
1393 case sd_r1b:
Peter Maydell10a412d2011-12-18 21:37:58 +01001394 sd_response_r1_make(sd, response);
pbrooka1bb27b2007-04-06 16:49:48 +00001395 rsplen = 4;
1396 break;
1397
1398 case sd_r2_i:
1399 memcpy(response, sd->cid, sizeof(sd->cid));
pbrooka1bb27b2007-04-06 16:49:48 +00001400 rsplen = 16;
1401 break;
1402
1403 case sd_r2_s:
1404 memcpy(response, sd->csd, sizeof(sd->csd));
pbrooka1bb27b2007-04-06 16:49:48 +00001405 rsplen = 16;
1406 break;
1407
1408 case sd_r3:
1409 sd_response_r3_make(sd, response);
1410 rsplen = 4;
1411 break;
1412
1413 case sd_r6:
1414 sd_response_r6_make(sd, response);
1415 rsplen = 4;
1416 break;
1417
balrog1b088992007-12-24 14:41:39 +00001418 case sd_r7:
1419 sd_response_r7_make(sd, response);
1420 rsplen = 4;
1421 break;
1422
pbrooka1bb27b2007-04-06 16:49:48 +00001423 case sd_r0:
Peter Maydell53bb8cc2011-12-18 21:37:55 +01001424 case sd_illegal:
pbrooka1bb27b2007-04-06 16:49:48 +00001425 default:
1426 rsplen = 0;
1427 break;
1428 }
1429
Peter Maydell10a412d2011-12-18 21:37:58 +01001430 if (rtype != sd_illegal) {
1431 /* Clear the "clear on valid command" status bits now we've
1432 * sent any response
1433 */
1434 sd->card_status &= ~CARD_STATUS_B;
1435 }
1436
pbrooka1bb27b2007-04-06 16:49:48 +00001437#ifdef DEBUG_SD
1438 if (rsplen) {
1439 int i;
1440 DPRINTF("Response:");
1441 for (i = 0; i < rsplen; i++)
Peter Crosthwaite038d3d42012-11-15 16:32:53 +10001442 fprintf(stderr, " %02x", response[i]);
1443 fprintf(stderr, " state %d\n", sd->state);
pbrooka1bb27b2007-04-06 16:49:48 +00001444 } else {
1445 DPRINTF("No response %d\n", sd->state);
1446 }
1447#endif
1448
1449 return rsplen;
1450}
1451
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001452static void sd_blk_read(SDState *sd, uint64_t addr, uint32_t len)
pbrooka1bb27b2007-04-06 16:49:48 +00001453{
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001454 uint64_t end = addr + len;
pbrooka1bb27b2007-04-06 16:49:48 +00001455
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001456 DPRINTF("sd_blk_read: addr = 0x%08llx, len = %d\n",
1457 (unsigned long long) addr, len);
Stefan Weil7a608f52012-09-23 08:51:01 +02001458 if (!sd->bdrv || bdrv_read(sd->bdrv, addr >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +00001459 fprintf(stderr, "sd_blk_read: read error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +00001460 return;
1461 }
1462
1463 if (end > (addr & ~511) + 512) {
balrog33f00272007-12-24 14:33:24 +00001464 memcpy(sd->data, sd->buf + (addr & 511), 512 - (addr & 511));
pbrooka1bb27b2007-04-06 16:49:48 +00001465
Stefan Weil7a608f52012-09-23 08:51:01 +02001466 if (bdrv_read(sd->bdrv, end >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +00001467 fprintf(stderr, "sd_blk_read: read error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +00001468 return;
1469 }
balrog33f00272007-12-24 14:33:24 +00001470 memcpy(sd->data + 512 - (addr & 511), sd->buf, end & 511);
pbrooka1bb27b2007-04-06 16:49:48 +00001471 } else
balrog33f00272007-12-24 14:33:24 +00001472 memcpy(sd->data, sd->buf + (addr & 511), len);
pbrooka1bb27b2007-04-06 16:49:48 +00001473}
1474
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001475static void sd_blk_write(SDState *sd, uint64_t addr, uint32_t len)
pbrooka1bb27b2007-04-06 16:49:48 +00001476{
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001477 uint64_t end = addr + len;
pbrooka1bb27b2007-04-06 16:49:48 +00001478
1479 if ((addr & 511) || len < 512)
Stefan Weil7a608f52012-09-23 08:51:01 +02001480 if (!sd->bdrv || bdrv_read(sd->bdrv, addr >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +00001481 fprintf(stderr, "sd_blk_write: read error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +00001482 return;
1483 }
1484
1485 if (end > (addr & ~511) + 512) {
balrog33f00272007-12-24 14:33:24 +00001486 memcpy(sd->buf + (addr & 511), sd->data, 512 - (addr & 511));
Stefan Weil7a608f52012-09-23 08:51:01 +02001487 if (bdrv_write(sd->bdrv, addr >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +00001488 fprintf(stderr, "sd_blk_write: write error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +00001489 return;
1490 }
1491
Stefan Weil7a608f52012-09-23 08:51:01 +02001492 if (bdrv_read(sd->bdrv, end >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +00001493 fprintf(stderr, "sd_blk_write: read error on host side\n");
pbrooka1bb27b2007-04-06 16:49:48 +00001494 return;
1495 }
balrog33f00272007-12-24 14:33:24 +00001496 memcpy(sd->buf, sd->data + 512 - (addr & 511), end & 511);
Stefan Weil7a608f52012-09-23 08:51:01 +02001497 if (bdrv_write(sd->bdrv, end >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +00001498 fprintf(stderr, "sd_blk_write: write error on host side\n");
Stefan Weil7a608f52012-09-23 08:51:01 +02001499 }
pbrooka1bb27b2007-04-06 16:49:48 +00001500 } else {
balrog33f00272007-12-24 14:33:24 +00001501 memcpy(sd->buf + (addr & 511), sd->data, len);
Stefan Weil7a608f52012-09-23 08:51:01 +02001502 if (!sd->bdrv || bdrv_write(sd->bdrv, addr >> 9, sd->buf, 1) < 0) {
balrog827df9f2008-04-14 21:05:22 +00001503 fprintf(stderr, "sd_blk_write: write error on host side\n");
Stefan Weil7a608f52012-09-23 08:51:01 +02001504 }
pbrooka1bb27b2007-04-06 16:49:48 +00001505 }
1506}
1507
balrog33f00272007-12-24 14:33:24 +00001508#define BLK_READ_BLOCK(a, len) sd_blk_read(sd, a, len)
1509#define BLK_WRITE_BLOCK(a, len) sd_blk_write(sd, a, len)
pbrooka1bb27b2007-04-06 16:49:48 +00001510#define APP_READ_BLOCK(a, len) memset(sd->data, 0xec, len)
1511#define APP_WRITE_BLOCK(a, len)
1512
1513void sd_write_data(SDState *sd, uint8_t value)
1514{
1515 int i;
1516
balrog827df9f2008-04-14 21:05:22 +00001517 if (!sd->bdrv || !bdrv_is_inserted(sd->bdrv) || !sd->enable)
pbrooka1bb27b2007-04-06 16:49:48 +00001518 return;
1519
1520 if (sd->state != sd_receivingdata_state) {
balrog827df9f2008-04-14 21:05:22 +00001521 fprintf(stderr, "sd_write_data: not in Receiving-Data state\n");
pbrooka1bb27b2007-04-06 16:49:48 +00001522 return;
1523 }
1524
1525 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION))
1526 return;
1527
1528 switch (sd->current_cmd) {
1529 case 24: /* CMD24: WRITE_SINGLE_BLOCK */
1530 sd->data[sd->data_offset ++] = value;
1531 if (sd->data_offset >= sd->blk_len) {
1532 /* TODO: Check CRC before committing */
1533 sd->state = sd_programming_state;
1534 BLK_WRITE_BLOCK(sd->data_start, sd->data_offset);
1535 sd->blk_written ++;
1536 sd->csd[14] |= 0x40;
1537 /* Bzzzzzzztt .... Operation complete. */
1538 sd->state = sd_transfer_state;
1539 }
1540 break;
1541
1542 case 25: /* CMD25: WRITE_MULTIPLE_BLOCK */
Dr. David Alan Gilbert33fa8232011-07-25 13:21:30 +01001543 if (sd->data_offset == 0) {
1544 /* Start of the block - lets check the address is valid */
pbrooka1bb27b2007-04-06 16:49:48 +00001545 if (sd->data_start + sd->blk_len > sd->size) {
1546 sd->card_status |= ADDRESS_ERROR;
1547 break;
1548 }
1549 if (sd_wp_addr(sd, sd->data_start)) {
1550 sd->card_status |= WP_VIOLATION;
1551 break;
1552 }
Dr. David Alan Gilbert33fa8232011-07-25 13:21:30 +01001553 }
1554 sd->data[sd->data_offset++] = value;
1555 if (sd->data_offset >= sd->blk_len) {
1556 /* TODO: Check CRC before committing */
1557 sd->state = sd_programming_state;
1558 BLK_WRITE_BLOCK(sd->data_start, sd->data_offset);
1559 sd->blk_written++;
1560 sd->data_start += sd->blk_len;
1561 sd->data_offset = 0;
pbrooka1bb27b2007-04-06 16:49:48 +00001562 sd->csd[14] |= 0x40;
1563
1564 /* Bzzzzzzztt .... Operation complete. */
1565 sd->state = sd_receivingdata_state;
1566 }
1567 break;
1568
1569 case 26: /* CMD26: PROGRAM_CID */
1570 sd->data[sd->data_offset ++] = value;
1571 if (sd->data_offset >= sizeof(sd->cid)) {
1572 /* TODO: Check CRC before committing */
1573 sd->state = sd_programming_state;
1574 for (i = 0; i < sizeof(sd->cid); i ++)
1575 if ((sd->cid[i] | 0x00) != sd->data[i])
1576 sd->card_status |= CID_CSD_OVERWRITE;
1577
1578 if (!(sd->card_status & CID_CSD_OVERWRITE))
1579 for (i = 0; i < sizeof(sd->cid); i ++) {
1580 sd->cid[i] |= 0x00;
1581 sd->cid[i] &= sd->data[i];
1582 }
1583 /* Bzzzzzzztt .... Operation complete. */
1584 sd->state = sd_transfer_state;
1585 }
1586 break;
1587
1588 case 27: /* CMD27: PROGRAM_CSD */
1589 sd->data[sd->data_offset ++] = value;
1590 if (sd->data_offset >= sizeof(sd->csd)) {
1591 /* TODO: Check CRC before committing */
1592 sd->state = sd_programming_state;
1593 for (i = 0; i < sizeof(sd->csd); i ++)
1594 if ((sd->csd[i] | sd_csd_rw_mask[i]) !=
1595 (sd->data[i] | sd_csd_rw_mask[i]))
1596 sd->card_status |= CID_CSD_OVERWRITE;
1597
1598 /* Copy flag (OTP) & Permanent write protect */
1599 if (sd->csd[14] & ~sd->data[14] & 0x60)
1600 sd->card_status |= CID_CSD_OVERWRITE;
1601
1602 if (!(sd->card_status & CID_CSD_OVERWRITE))
1603 for (i = 0; i < sizeof(sd->csd); i ++) {
1604 sd->csd[i] |= sd_csd_rw_mask[i];
1605 sd->csd[i] &= sd->data[i];
1606 }
1607 /* Bzzzzzzztt .... Operation complete. */
1608 sd->state = sd_transfer_state;
1609 }
1610 break;
1611
1612 case 42: /* CMD42: LOCK_UNLOCK */
1613 sd->data[sd->data_offset ++] = value;
1614 if (sd->data_offset >= sd->blk_len) {
1615 /* TODO: Check CRC before committing */
1616 sd->state = sd_programming_state;
1617 sd_lock_command(sd);
1618 /* Bzzzzzzztt .... Operation complete. */
1619 sd->state = sd_transfer_state;
1620 }
1621 break;
1622
1623 case 56: /* CMD56: GEN_CMD */
1624 sd->data[sd->data_offset ++] = value;
1625 if (sd->data_offset >= sd->blk_len) {
1626 APP_WRITE_BLOCK(sd->data_start, sd->data_offset);
1627 sd->state = sd_transfer_state;
1628 }
1629 break;
1630
1631 default:
balrog827df9f2008-04-14 21:05:22 +00001632 fprintf(stderr, "sd_write_data: unknown command\n");
pbrooka1bb27b2007-04-06 16:49:48 +00001633 break;
1634 }
1635}
1636
1637uint8_t sd_read_data(SDState *sd)
1638{
1639 /* TODO: Append CRCs */
1640 uint8_t ret;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001641 int io_len;
pbrooka1bb27b2007-04-06 16:49:48 +00001642
balrog827df9f2008-04-14 21:05:22 +00001643 if (!sd->bdrv || !bdrv_is_inserted(sd->bdrv) || !sd->enable)
pbrooka1bb27b2007-04-06 16:49:48 +00001644 return 0x00;
1645
1646 if (sd->state != sd_sendingdata_state) {
balrog827df9f2008-04-14 21:05:22 +00001647 fprintf(stderr, "sd_read_data: not in Sending-Data state\n");
pbrooka1bb27b2007-04-06 16:49:48 +00001648 return 0x00;
1649 }
1650
1651 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION))
1652 return 0x00;
1653
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001654 io_len = (sd->ocr & (1 << 30)) ? 512 : sd->blk_len;
1655
pbrooka1bb27b2007-04-06 16:49:48 +00001656 switch (sd->current_cmd) {
1657 case 6: /* CMD6: SWITCH_FUNCTION */
1658 ret = sd->data[sd->data_offset ++];
1659
1660 if (sd->data_offset >= 64)
1661 sd->state = sd_transfer_state;
1662 break;
1663
pbrook775616c2007-11-24 23:35:08 +00001664 case 9: /* CMD9: SEND_CSD */
1665 case 10: /* CMD10: SEND_CID */
1666 ret = sd->data[sd->data_offset ++];
1667
1668 if (sd->data_offset >= 16)
1669 sd->state = sd_transfer_state;
1670 break;
1671
pbrooka1bb27b2007-04-06 16:49:48 +00001672 case 11: /* CMD11: READ_DAT_UNTIL_STOP */
1673 if (sd->data_offset == 0)
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001674 BLK_READ_BLOCK(sd->data_start, io_len);
pbrooka1bb27b2007-04-06 16:49:48 +00001675 ret = sd->data[sd->data_offset ++];
1676
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001677 if (sd->data_offset >= io_len) {
1678 sd->data_start += io_len;
pbrooka1bb27b2007-04-06 16:49:48 +00001679 sd->data_offset = 0;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001680 if (sd->data_start + io_len > sd->size) {
pbrooka1bb27b2007-04-06 16:49:48 +00001681 sd->card_status |= ADDRESS_ERROR;
1682 break;
1683 }
1684 }
1685 break;
1686
1687 case 13: /* ACMD13: SD_STATUS */
1688 ret = sd->sd_status[sd->data_offset ++];
1689
1690 if (sd->data_offset >= sizeof(sd->sd_status))
1691 sd->state = sd_transfer_state;
1692 break;
1693
1694 case 17: /* CMD17: READ_SINGLE_BLOCK */
1695 if (sd->data_offset == 0)
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001696 BLK_READ_BLOCK(sd->data_start, io_len);
pbrooka1bb27b2007-04-06 16:49:48 +00001697 ret = sd->data[sd->data_offset ++];
1698
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001699 if (sd->data_offset >= io_len)
pbrooka1bb27b2007-04-06 16:49:48 +00001700 sd->state = sd_transfer_state;
1701 break;
1702
1703 case 18: /* CMD18: READ_MULTIPLE_BLOCK */
1704 if (sd->data_offset == 0)
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001705 BLK_READ_BLOCK(sd->data_start, io_len);
pbrooka1bb27b2007-04-06 16:49:48 +00001706 ret = sd->data[sd->data_offset ++];
1707
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001708 if (sd->data_offset >= io_len) {
1709 sd->data_start += io_len;
pbrooka1bb27b2007-04-06 16:49:48 +00001710 sd->data_offset = 0;
Andrzej Zaborowski2d7adea2009-11-03 15:28:19 +01001711 if (sd->data_start + io_len > sd->size) {
pbrooka1bb27b2007-04-06 16:49:48 +00001712 sd->card_status |= ADDRESS_ERROR;
1713 break;
1714 }
1715 }
1716 break;
1717
1718 case 22: /* ACMD22: SEND_NUM_WR_BLOCKS */
1719 ret = sd->data[sd->data_offset ++];
1720
1721 if (sd->data_offset >= 4)
1722 sd->state = sd_transfer_state;
1723 break;
1724
1725 case 30: /* CMD30: SEND_WRITE_PROT */
1726 ret = sd->data[sd->data_offset ++];
1727
1728 if (sd->data_offset >= 4)
1729 sd->state = sd_transfer_state;
1730 break;
1731
1732 case 51: /* ACMD51: SEND_SCR */
1733 ret = sd->scr[sd->data_offset ++];
1734
1735 if (sd->data_offset >= sizeof(sd->scr))
1736 sd->state = sd_transfer_state;
1737 break;
1738
1739 case 56: /* CMD56: GEN_CMD */
1740 if (sd->data_offset == 0)
1741 APP_READ_BLOCK(sd->data_start, sd->blk_len);
1742 ret = sd->data[sd->data_offset ++];
1743
1744 if (sd->data_offset >= sd->blk_len)
1745 sd->state = sd_transfer_state;
1746 break;
1747
1748 default:
balrog827df9f2008-04-14 21:05:22 +00001749 fprintf(stderr, "sd_read_data: unknown command\n");
pbrooka1bb27b2007-04-06 16:49:48 +00001750 return 0x00;
1751 }
1752
1753 return ret;
1754}
1755
Mitsyanko Igor879bf4a2012-08-13 11:04:07 +01001756bool sd_data_ready(SDState *sd)
pbrooka1bb27b2007-04-06 16:49:48 +00001757{
1758 return sd->state == sd_sendingdata_state;
1759}
balrog827df9f2008-04-14 21:05:22 +00001760
Mitsyanko Igorbebd1272012-08-13 11:04:06 +01001761void sd_enable(SDState *sd, bool enable)
balrog827df9f2008-04-14 21:05:22 +00001762{
1763 sd->enable = enable;
1764}