search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Add "cache" parameter to "-drive" (Laurent Vivier).
[qemu/mini2440.git] / hw / sd.c
blobe6e80db0eafd2abe5159dd54a9991abd5d62e02c
1 /*
2 * SD Memory Card emulation as defined in the "SD Memory Card Physical
3 * layer specification, Version 1.10."
4 *
5 * Copyright (c) 2006 Andrzej Zaborowski <balrog@zabor.org>
6 * Copyright (c) 2007 CodeSourcery
7 *
8 * Redistribution and use in source and binary forms, with or without
9 * modification, are permitted provided that the following conditions
10 * are met:
11 *
12 * 1. Redistributions of source code must retain the above copyright
13 * notice, this list of conditions and the following disclaimer.
14 * 2. Redistributions in binary form must reproduce the above copyright
15 * notice, this list of conditions and the following disclaimer in
16 * the documentation and/or other materials provided with the
17 * distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS''
20 * AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
21 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A
22 * PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR
23 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
24 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
25 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
26 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY
27 * OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
28 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
29 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
30 */
31
32 #include "hw.h"
33 #include "block.h"
34 #include "sd.h"
35
36 //#define DEBUG_SD 1
37
38 #ifdef DEBUG_SD
39 #define DPRINTF(fmt, args...) \
40 do { printf("SD: " fmt , ##args); } while (0)
41 #else
42 #define DPRINTF(fmt, args...) do {} while(0)
43 #endif
44
45 typedef enum {
46 sd_r0 = 0, /* no response */
47 sd_r1, /* normal response command */
48 sd_r2_i, /* CID register */
49 sd_r2_s, /* CSD register */
50 sd_r3, /* OCR register */
51 sd_r6 = 6, /* Published RCA response */
52 sd_r1b = -1,
53 } sd_rsp_type_t;
54
55 struct SDState {
56 enum {
57 sd_inactive,
58 sd_card_identification_mode,
59 sd_data_transfer_mode,
60 } mode;
61 enum {
62 sd_inactive_state = -1,
63 sd_idle_state = 0,
64 sd_ready_state,
65 sd_identification_state,
66 sd_standby_state,
67 sd_transfer_state,
68 sd_sendingdata_state,
69 sd_receivingdata_state,
70 sd_programming_state,
71 sd_disconnect_state,
72 } state;
73 uint32_t ocr;
74 uint8_t scr[8];
75 uint8_t cid[16];
76 uint8_t csd[16];
77 uint16_t rca;
78 uint32_t card_status;
79 uint8_t sd_status[64];
80 int wp_switch;
81 int *wp_groups;
82 uint32_t size;
83 int blk_len;
84 uint32_t erase_start;
85 uint32_t erase_end;
86 uint8_t pwd[16];
87 int pwd_len;
88 int function_group[6];
89
90 int spi;
91 int current_cmd;
92 int blk_written;
93 uint32_t data_start;
94 uint32_t data_offset;
95 uint8_t data[512];
96 qemu_irq readonly_cb;
97 qemu_irq inserted_cb;
98 BlockDriverState *bdrv;
99 uint8_t *buf;
100 };
101
102 static void sd_set_status(SDState *sd)
103 {
104 switch (sd->state) {
105 case sd_inactive_state:
106 sd->mode = sd_inactive;
107 break;
108
109 case sd_idle_state:
110 case sd_ready_state:
111 case sd_identification_state:
112 sd->mode = sd_card_identification_mode;
113 break;
114
115 case sd_standby_state:
116 case sd_transfer_state:
117 case sd_sendingdata_state:
118 case sd_receivingdata_state:
119 case sd_programming_state:
120 case sd_disconnect_state:
121 sd->mode = sd_data_transfer_mode;
122 break;
123 }
124
125 sd->card_status &= ~CURRENT_STATE;
126 sd->card_status |= sd->state << 9;
127 }
128
129 const sd_cmd_type_t sd_cmd_type[64] = {
130 sd_bc, sd_none, sd_bcr, sd_bcr, sd_none, sd_none, sd_none, sd_ac,
131 sd_none, sd_ac, sd_ac, sd_adtc, sd_ac, sd_ac, sd_none, sd_ac,
132 sd_ac, sd_adtc, sd_adtc, sd_none, sd_none, sd_none, sd_none, sd_none,
133 sd_adtc, sd_adtc, sd_adtc, sd_adtc, sd_ac, sd_ac, sd_adtc, sd_none,
134 sd_ac, sd_ac, sd_none, sd_none, sd_none, sd_none, sd_ac, sd_none,
135 sd_none, sd_none, sd_bc, sd_none, sd_none, sd_none, sd_none, sd_none,
136 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_ac,
137 sd_adtc, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
138 };
139
140 const sd_cmd_type_t sd_acmd_type[64] = {
141 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_ac, sd_none,
142 sd_none, sd_none, sd_none, sd_none, sd_none, sd_adtc, sd_none, sd_none,
143 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_adtc, sd_ac,
144 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
145 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
146 sd_none, sd_bcr, sd_ac, sd_none, sd_none, sd_none, sd_none, sd_none,
147 sd_none, sd_none, sd_none, sd_adtc, sd_none, sd_none, sd_none, sd_none,
148 sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none, sd_none,
149 };
150
151 static const int sd_cmd_class[64] = {
152 0, 0, 0, 0, 0, 9, 10, 0, 0, 0, 0, 1, 0, 0, 0, 0,
153 2, 2, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 6, 6, 6, 6,
154 5, 5, 10, 10, 10, 10, 5, 9, 9, 9, 7, 7, 7, 7, 7, 7,
155 7, 7, 10, 7, 9, 9, 9, 8, 8, 10, 8, 8, 8, 8, 8, 8,
156 };
157
158 static uint8_t sd_crc7(void *message, size_t width)
159 {
160 int i, bit;
161 uint8_t shift_reg = 0x00;
162 uint8_t *msg = (uint8_t *) message;
163
164 for (i = 0; i < width; i ++, msg ++)
165 for (bit = 7; bit >= 0; bit --) {
166 shift_reg <<= 1;
167 if ((shift_reg >> 7) ^ ((*msg >> bit) & 1))
168 shift_reg ^= 0x89;
169 }
170
171 return shift_reg;
172 }
173
174 static uint16_t sd_crc16(void *message, size_t width)
175 {
176 int i, bit;
177 uint16_t shift_reg = 0x0000;
178 uint16_t *msg = (uint16_t *) message;
179 width <<= 1;
180
181 for (i = 0; i < width; i ++, msg ++)
182 for (bit = 15; bit >= 0; bit --) {
183 shift_reg <<= 1;
184 if ((shift_reg >> 15) ^ ((*msg >> bit) & 1))
185 shift_reg ^= 0x1011;
186 }
187
188 return shift_reg;
189 }
190
191 static void sd_set_ocr(SDState *sd)
192 {
193 sd->ocr = 0x80ffff80;
194 }
195
196 static void sd_set_scr(SDState *sd)
197 {
198 sd->scr[0] = 0x00; /* SCR Structure */
199 sd->scr[1] = 0x2f; /* SD Security Support */
200 sd->scr[2] = 0x00;
201 sd->scr[3] = 0x00;
202 sd->scr[4] = 0x00;
203 sd->scr[5] = 0x00;
204 sd->scr[6] = 0x00;
205 sd->scr[7] = 0x00;
206 }
207
208 #define MID 0xaa
209 #define OID "XY"
210 #define PNM "QEMU!"
211 #define PRV 0x01
212 #define MDT_YR 2006
213 #define MDT_MON 2
214
215 static void sd_set_cid(SDState *sd)
216 {
217 sd->cid[0] = MID; /* Fake card manufacturer ID (MID) */
218 sd->cid[1] = OID[0]; /* OEM/Application ID (OID) */
219 sd->cid[2] = OID[1];
220 sd->cid[3] = PNM[0]; /* Fake product name (PNM) */
221 sd->cid[4] = PNM[1];
222 sd->cid[5] = PNM[2];
223 sd->cid[6] = PNM[3];
224 sd->cid[7] = PNM[4];
225 sd->cid[8] = PRV; /* Fake product revision (PRV) */
226 sd->cid[9] = 0xde; /* Fake serial number (PSN) */
227 sd->cid[10] = 0xad;
228 sd->cid[11] = 0xbe;
229 sd->cid[12] = 0xef;
230 sd->cid[13] = 0x00 | /* Manufacture date (MDT) */
231 ((MDT_YR - 2000) / 10);
232 sd->cid[14] = ((MDT_YR % 10) << 4) | MDT_MON;
233 sd->cid[15] = (sd_crc7(sd->cid, 15) << 1) | 1;
234 }
235
236 #define HWBLOCK_SHIFT 9 /* 512 bytes */
237 #define SECTOR_SHIFT 5 /* 16 kilobytes */
238 #define WPGROUP_SHIFT 7 /* 2 megs */
239 #define CMULT_SHIFT 9 /* 512 times HWBLOCK_SIZE */
240 #define BLOCK_SIZE (1 << (HWBLOCK_SHIFT))
241 #define SECTOR_SIZE (1 << (HWBLOCK_SHIFT + SECTOR_SHIFT))
242 #define WPGROUP_SIZE (1 << (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT))
243
244 static const uint8_t sd_csd_rw_mask[16] = {
245 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
246 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfc, 0xfe,
247 };
248
249 static void sd_set_csd(SDState *sd, uint32_t size)
250 {
251 uint32_t csize = (size >> (CMULT_SHIFT + HWBLOCK_SHIFT)) - 1;
252 uint32_t sectsize = (1 << (SECTOR_SHIFT + 1)) - 1;
253 uint32_t wpsize = (1 << (WPGROUP_SHIFT + 1)) - 1;
254
255 sd->csd[0] = 0x00; /* CSD structure */
256 sd->csd[1] = 0x26; /* Data read access-time-1 */
257 sd->csd[2] = 0x00; /* Data read access-time-2 */
258 sd->csd[3] = 0x5a; /* Max. data transfer rate */
259 sd->csd[4] = 0x5f; /* Card Command Classes */
260 sd->csd[5] = 0x50 | /* Max. read data block length */
261 HWBLOCK_SHIFT;
262 sd->csd[6] = 0xe0 | /* Partial block for read allowed */
263 ((csize >> 10) & 0x03);
264 sd->csd[7] = 0x00 | /* Device size */
265 ((csize >> 2) & 0xff);
266 sd->csd[8] = 0x3f | /* Max. read current */
267 ((csize << 6) & 0xc0);
268 sd->csd[9] = 0xfc | /* Max. write current */
269 ((CMULT_SHIFT - 2) >> 1);
270 sd->csd[10] = 0x40 | /* Erase sector size */
271 (((CMULT_SHIFT - 2) << 7) & 0x80) | (sectsize >> 1);
272 sd->csd[11] = 0x00 | /* Write protect group size */
273 ((sectsize << 7) & 0x80) | wpsize;
274 sd->csd[12] = 0x90 | /* Write speed factor */
275 (HWBLOCK_SHIFT >> 2);
276 sd->csd[13] = 0x20 | /* Max. write data block length */
277 ((HWBLOCK_SHIFT << 6) & 0xc0);
278 sd->csd[14] = 0x00; /* File format group */
279 sd->csd[15] = (sd_crc7(sd->csd, 15) << 1) | 1;
280 }
281
282 static void sd_set_rca(SDState *sd)
283 {
284 sd->rca += 0x4567;
285 }
286
287 #define CARD_STATUS_A 0x02004100
288 #define CARD_STATUS_B 0x00c01e00
289 #define CARD_STATUS_C 0xfd39a028
290
291 static void sd_set_cardstatus(SDState *sd)
292 {
293 sd->card_status = 0x00000100;
294 }
295
296 static void sd_set_sdstatus(SDState *sd)
297 {
298 memset(sd->sd_status, 0, 64);
299 }
300
301 static int sd_req_crc_validate(struct sd_request_s *req)
302 {
303 uint8_t buffer[5];
304 buffer[0] = 0x40 | req->cmd;
305 buffer[1] = (req->arg >> 24) & 0xff;
306 buffer[2] = (req->arg >> 16) & 0xff;
307 buffer[3] = (req->arg >> 8) & 0xff;
308 buffer[4] = (req->arg >> 0) & 0xff;
309 return 0;
310 return sd_crc7(buffer, 5) != req->crc; /* TODO */
311 }
312
313 static void sd_response_r1_make(SDState *sd,
314 uint8_t *response, uint32_t last_status)
315 {
316 uint32_t mask = CARD_STATUS_B ^ ILLEGAL_COMMAND;
317 uint32_t status;
318
319 status = (sd->card_status & ~mask) | (last_status & mask);
320 sd->card_status &= ~CARD_STATUS_C | APP_CMD;
321
322 response[0] = (status >> 24) & 0xff;
323 response[1] = (status >> 16) & 0xff;
324 response[2] = (status >> 8) & 0xff;
325 response[3] = (status >> 0) & 0xff;
326 }
327
328 static void sd_response_r3_make(SDState *sd, uint8_t *response)
329 {
330 response[0] = (sd->ocr >> 24) & 0xff;
331 response[1] = (sd->ocr >> 16) & 0xff;
332 response[2] = (sd->ocr >> 8) & 0xff;
333 response[3] = (sd->ocr >> 0) & 0xff;
334 }
335
336 static void sd_response_r6_make(SDState *sd, uint8_t *response)
337 {
338 uint16_t arg;
339 uint16_t status;
340
341 arg = sd->rca;
342 status = ((sd->card_status >> 8) & 0xc000) |
343 ((sd->card_status >> 6) & 0x2000) |
344 (sd->card_status & 0x1fff);
345
346 response[0] = (arg >> 8) & 0xff;
347 response[1] = arg & 0xff;
348 response[2] = (status >> 8) & 0xff;
349 response[3] = status & 0xff;
350 }
351
352 static void sd_reset(SDState *sd, BlockDriverState *bdrv)
353 {
354 uint32_t size;
355 uint64_t sect;
356
357 bdrv_get_geometry(bdrv, &sect);
358 sect <<= 9;
359
360 if (sect > 0x40000000)
361 size = 0x40000000; /* 1 gig */
362 else
363 size = sect + 1;
364
365 sect = (size >> (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT)) + 1;
366
367 sd->state = sd_idle_state;
368 sd->rca = 0x0000;
369 sd_set_ocr(sd);
370 sd_set_scr(sd);
371 sd_set_cid(sd);
372 sd_set_csd(sd, size);
373 sd_set_cardstatus(sd);
374 sd_set_sdstatus(sd);
375
376 sd->bdrv = bdrv;
377
378 if (sd->wp_groups)
379 qemu_free(sd->wp_groups);
380 sd->wp_switch = bdrv_is_read_only(bdrv);
381 sd->wp_groups = (int *) qemu_mallocz(sizeof(int) * sect);
382 memset(sd->function_group, 0, sizeof(int) * 6);
383 sd->erase_start = 0;
384 sd->erase_end = 0;
385 sd->size = size;
386 sd->blk_len = 0x200;
387 sd->pwd_len = 0;
388 }
389
390 static void sd_cardchange(void *opaque)
391 {
392 SDState *sd = opaque;
393 qemu_set_irq(sd->inserted_cb, bdrv_is_inserted(sd->bdrv));
394 if (bdrv_is_inserted(sd->bdrv)) {
395 sd_reset(sd, sd->bdrv);
396 qemu_set_irq(sd->readonly_cb, sd->wp_switch);
397 }
398 }
399
400 /* We do not model the chip select pin, so allow the board to select
401 whether card should be in SSI or MMC/SD mode. It is also up to the
402 board to ensure that ssi transfers only occur when the chip select
403 is asserted. */
404 SDState *sd_init(BlockDriverState *bs, int is_spi)
405 {
406 SDState *sd;
407
408 sd = (SDState *) qemu_mallocz(sizeof(SDState));
409 sd->buf = qemu_memalign(512, 512);
410 sd->spi = is_spi;
411 sd_reset(sd, bs);
412 bdrv_set_change_cb(sd->bdrv, sd_cardchange, sd);
413 return sd;
414 }
415
416 void sd_set_cb(SDState *sd, qemu_irq readonly, qemu_irq insert)
417 {
418 sd->readonly_cb = readonly;
419 sd->inserted_cb = insert;
420 qemu_set_irq(readonly, bdrv_is_read_only(sd->bdrv));
421 qemu_set_irq(insert, bdrv_is_inserted(sd->bdrv));
422 }
423
424 static void sd_erase(SDState *sd)
425 {
426 int i, start, end;
427 if (!sd->erase_start || !sd->erase_end) {
428 sd->card_status |= ERASE_SEQ_ERROR;
429 return;
430 }
431
432 start = sd->erase_start >>
433 (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT);
434 end = sd->erase_end >>
435 (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT);
436 sd->erase_start = 0;
437 sd->erase_end = 0;
438 sd->csd[14] |= 0x40;
439
440 for (i = start; i <= end; i ++)
441 if (sd->wp_groups[i])
442 sd->card_status |= WP_ERASE_SKIP;
443 }
444
445 static uint32_t sd_wpbits(SDState *sd, uint32_t addr)
446 {
447 uint32_t i, wpnum;
448 uint32_t ret = 0;
449
450 wpnum = addr >> (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT);
451
452 for (i = 0; i < 32; i ++, wpnum ++, addr += WPGROUP_SIZE)
453 if (addr < sd->size && sd->wp_groups[wpnum])
454 ret |= (1 << i);
455
456 return ret;
457 }
458
459 static void sd_function_switch(SDState *sd, uint32_t arg)
460 {
461 int i, mode, new_func, crc;
462 mode = !!(arg & 0x80000000);
463
464 sd->data[0] = 0x00; /* Maximum current consumption */
465 sd->data[1] = 0x01;
466 sd->data[2] = 0x80; /* Supported group 6 functions */
467 sd->data[3] = 0x01;
468 sd->data[4] = 0x80; /* Supported group 5 functions */
469 sd->data[5] = 0x01;
470 sd->data[6] = 0x80; /* Supported group 4 functions */
471 sd->data[7] = 0x01;
472 sd->data[8] = 0x80; /* Supported group 3 functions */
473 sd->data[9] = 0x01;
474 sd->data[10] = 0x80; /* Supported group 2 functions */
475 sd->data[11] = 0x43;
476 sd->data[12] = 0x80; /* Supported group 1 functions */
477 sd->data[13] = 0x03;
478 for (i = 0; i < 6; i ++) {
479 new_func = (arg >> (i * 4)) & 0x0f;
480 if (mode && new_func != 0x0f)
481 sd->function_group[i] = new_func;
482 sd->data[14 + (i >> 1)] = new_func << ((i * 4) & 4);
483 }
484 memset(&sd->data[17], 0, 47);
485 crc = sd_crc16(sd->data, 64);
486 sd->data[65] = crc >> 8;
487 sd->data[66] = crc & 0xff;
488 }
489
490 static inline int sd_wp_addr(SDState *sd, uint32_t addr)
491 {
492 return sd->wp_groups[addr >>
493 (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT)];
494 }
495
496 static void sd_lock_command(SDState *sd)
497 {
498 int erase, lock, clr_pwd, set_pwd, pwd_len;
499 erase = !!(sd->data[0] & 0x08);
500 lock = sd->data[0] & 0x04;
501 clr_pwd = sd->data[0] & 0x02;
502 set_pwd = sd->data[0] & 0x01;
503
504 if (sd->blk_len > 1)
505 pwd_len = sd->data[1];
506 else
507 pwd_len = 0;
508
509 if (erase) {
510 if (!(sd->card_status & CARD_IS_LOCKED) || sd->blk_len > 1 ||
511 set_pwd || clr_pwd || lock || sd->wp_switch ||
512 (sd->csd[14] & 0x20)) {
513 sd->card_status |= LOCK_UNLOCK_FAILED;
514 return;
515 }
516 memset(sd->wp_groups, 0, sizeof(int) * (sd->size >>
517 (HWBLOCK_SHIFT + SECTOR_SHIFT + WPGROUP_SHIFT)));
518 sd->csd[14] &= ~0x10;
519 sd->card_status &= ~CARD_IS_LOCKED;
520 sd->pwd_len = 0;
521 /* Erasing the entire card here! */
522 printf("SD: Card force-erased by CMD42\n");
523 return;
524 }
525
526 if (sd->blk_len < 2 + pwd_len ||
527 pwd_len <= sd->pwd_len ||
528 pwd_len > sd->pwd_len + 16) {
529 sd->card_status |= LOCK_UNLOCK_FAILED;
530 return;
531 }
532
533 if (sd->pwd_len && memcmp(sd->pwd, sd->data + 2, sd->pwd_len)) {
534 sd->card_status |= LOCK_UNLOCK_FAILED;
535 return;
536 }
537
538 pwd_len -= sd->pwd_len;
539 if ((pwd_len && !set_pwd) ||
540 (clr_pwd && (set_pwd || lock)) ||
541 (lock && !sd->pwd_len && !set_pwd) ||
542 (!set_pwd && !clr_pwd &&
543 (((sd->card_status & CARD_IS_LOCKED) && lock) ||
544 (!(sd->card_status & CARD_IS_LOCKED) && !lock)))) {
545 sd->card_status |= LOCK_UNLOCK_FAILED;
546 return;
547 }
548
549 if (set_pwd) {
550 memcpy(sd->pwd, sd->data + 2 + sd->pwd_len, pwd_len);
551 sd->pwd_len = pwd_len;
552 }
553
554 if (clr_pwd) {
555 sd->pwd_len = 0;
556 }
557
558 if (lock)
559 sd->card_status |= CARD_IS_LOCKED;
560 else
561 sd->card_status &= ~CARD_IS_LOCKED;
562 }
563
564 static sd_rsp_type_t sd_normal_command(SDState *sd,
565 struct sd_request_s req)
566 {
567 uint32_t rca = 0x0000;
568
569 if (sd_cmd_type[req.cmd] == sd_ac || sd_cmd_type[req.cmd] == sd_adtc)
570 rca = req.arg >> 16;
571
572 DPRINTF("CMD%d 0x%08x state %d\n", req.cmd, req.arg, sd->state);
573 switch (req.cmd) {
574 /* Basic commands (Class 0 and Class 1) */
575 case 0: /* CMD0: GO_IDLE_STATE */
576 switch (sd->state) {
577 case sd_inactive_state:
578 return sd->spi ? sd_r1 : sd_r0;
579
580 default:
581 sd->state = sd_idle_state;
582 sd_reset(sd, sd->bdrv);
583 return sd->spi ? sd_r1 : sd_r0;
584 }
585 break;
586
587 case 1: /* CMD1: SEND_OP_CMD */
588 if (!sd->spi)
589 goto bad_cmd;
590
591 sd->state = sd_transfer_state;
592 return sd_r1;
593
594 case 2: /* CMD2: ALL_SEND_CID */
595 if (sd->spi)
596 goto bad_cmd;
597 switch (sd->state) {
598 case sd_ready_state:
599 sd->state = sd_identification_state;
600 return sd_r2_i;
601
602 default:
603 break;
604 }
605 break;
606
607 case 3: /* CMD3: SEND_RELATIVE_ADDR */
608 if (sd->spi)
609 goto bad_cmd;
610 switch (sd->state) {
611 case sd_identification_state:
612 case sd_standby_state:
613 sd->state = sd_standby_state;
614 sd_set_rca(sd);
615 return sd_r6;
616
617 default:
618 break;
619 }
620 break;
621
622 case 4: /* CMD4: SEND_DSR */
623 if (sd->spi)
624 goto bad_cmd;
625 switch (sd->state) {
626 case sd_standby_state:
627 break;
628
629 default:
630 break;
631 }
632 break;
633
634 case 6: /* CMD6: SWITCH_FUNCTION */
635 if (sd->spi)
636 goto bad_cmd;
637 switch (sd->mode) {
638 case sd_data_transfer_mode:
639 sd_function_switch(sd, req.arg);
640 sd->state = sd_sendingdata_state;
641 sd->data_start = 0;
642 sd->data_offset = 0;
643 return sd_r1;
644
645 default:
646 break;
647 }
648 break;
649
650 case 7: /* CMD7: SELECT/DESELECT_CARD */
651 if (sd->spi)
652 goto bad_cmd;
653 switch (sd->state) {
654 case sd_standby_state:
655 if (sd->rca != rca)
656 return sd_r0;
657
658 sd->state = sd_transfer_state;
659 return sd_r1b;
660
661 case sd_transfer_state:
662 case sd_sendingdata_state:
663 if (sd->rca == rca)
664 break;
665
666 sd->state = sd_standby_state;
667 return sd_r1b;
668
669 case sd_disconnect_state:
670 if (sd->rca != rca)
671 return sd_r0;
672
673 sd->state = sd_programming_state;
674 return sd_r1b;
675
676 case sd_programming_state:
677 if (sd->rca == rca)
678 break;
679
680 sd->state = sd_disconnect_state;
681 return sd_r1b;
682
683 default:
684 break;
685 }
686 break;
687
688 case 9: /* CMD9: SEND_CSD */
689 switch (sd->state) {
690 case sd_standby_state:
691 if (sd->rca != rca)
692 return sd_r0;
693
694 return sd_r2_s;
695
696 case sd_transfer_state:
697 if (!sd->spi)
698 break;
699 sd->state = sd_sendingdata_state;
700 memcpy(sd->data, sd->csd, 16);
701 sd->data_start = req.arg;
702 sd->data_offset = 0;
703 return sd_r1;
704
705 default:
706 break;
707 }
708 break;
709
710 case 10: /* CMD10: SEND_CID */
711 switch (sd->state) {
712 case sd_standby_state:
713 if (sd->rca != rca)
714 return sd_r0;
715
716 return sd_r2_i;
717
718 case sd_transfer_state:
719 if (!sd->spi)
720 break;
721 sd->state = sd_sendingdata_state;
722 memcpy(sd->data, sd->cid, 16);
723 sd->data_start = req.arg;
724 sd->data_offset = 0;
725 return sd_r1;
726
727 default:
728 break;
729 }
730 break;
731
732 case 11: /* CMD11: READ_DAT_UNTIL_STOP */
733 if (sd->spi)
734 goto bad_cmd;
735 switch (sd->state) {
736 case sd_transfer_state:
737 sd->state = sd_sendingdata_state;
738 sd->data_start = req.arg;
739 sd->data_offset = 0;
740
741 if (sd->data_start + sd->blk_len > sd->size)
742 sd->card_status |= ADDRESS_ERROR;
743 return sd_r0;
744
745 default:
746 break;
747 }
748 break;
749
750 case 12: /* CMD12: STOP_TRANSMISSION */
751 switch (sd->state) {
752 case sd_sendingdata_state:
753 sd->state = sd_transfer_state;
754 return sd_r1b;
755
756 case sd_receivingdata_state:
757 sd->state = sd_programming_state;
758 /* Bzzzzzzztt .... Operation complete. */
759 sd->state = sd_transfer_state;
760 return sd_r1b;
761
762 default:
763 break;
764 }
765 break;
766
767 case 13: /* CMD13: SEND_STATUS */
768 switch (sd->mode) {
769 case sd_data_transfer_mode:
770 if (sd->rca != rca)
771 return sd_r0;
772
773 return sd_r1;
774
775 default:
776 break;
777 }
778 break;
779
780 case 15: /* CMD15: GO_INACTIVE_STATE */
781 if (sd->spi)
782 goto bad_cmd;
783 switch (sd->mode) {
784 case sd_data_transfer_mode:
785 if (sd->rca != rca)
786 return sd_r0;
787
788 sd->state = sd_inactive_state;
789 return sd_r0;
790
791 default:
792 break;
793 }
794 break;
795
796 /* Block read commands (Classs 2) */
797 case 16: /* CMD16: SET_BLOCKLEN */
798 switch (sd->state) {
799 case sd_transfer_state:
800 if (req.arg > (1 << HWBLOCK_SHIFT))
801 sd->card_status |= BLOCK_LEN_ERROR;
802 else
803 sd->blk_len = req.arg;
804
805 return sd_r1;
806
807 default:
808 break;
809 }
810 break;
811
812 case 17: /* CMD17: READ_SINGLE_BLOCK */
813 switch (sd->state) {
814 case sd_transfer_state:
815 sd->state = sd_sendingdata_state;
816 sd->data_start = req.arg;
817 sd->data_offset = 0;
818
819 if (sd->data_start + sd->blk_len > sd->size)
820 sd->card_status |= ADDRESS_ERROR;
821 return sd_r1;
822
823 default:
824 break;
825 }
826 break;
827
828 case 18: /* CMD18: READ_MULTIPLE_BLOCK */
829 switch (sd->state) {
830 case sd_transfer_state:
831 sd->state = sd_sendingdata_state;
832 sd->data_start = req.arg;
833 sd->data_offset = 0;
834
835 if (sd->data_start + sd->blk_len > sd->size)
836 sd->card_status |= ADDRESS_ERROR;
837 return sd_r1;
838
839 default:
840 break;
841 }
842 break;
843
844 /* Block write commands (Class 4) */
845 case 24: /* CMD24: WRITE_SINGLE_BLOCK */
846 if (sd->spi)
847 goto unimplemented_cmd;
848 switch (sd->state) {
849 case sd_transfer_state:
850 /* Writing in SPI mode not implemented. */
851 if (sd->spi)
852 break;
853 sd->state = sd_receivingdata_state;
854 sd->data_start = req.arg;
855 sd->data_offset = 0;
856 sd->blk_written = 0;
857
858 if (sd->data_start + sd->blk_len > sd->size)
859 sd->card_status |= ADDRESS_ERROR;
860 if (sd_wp_addr(sd, sd->data_start))
861 sd->card_status |= WP_VIOLATION;
862 if (sd->csd[14] & 0x30)
863 sd->card_status |= WP_VIOLATION;
864 return sd_r1;
865
866 default:
867 break;
868 }
869 break;
870
871 case 25: /* CMD25: WRITE_MULTIPLE_BLOCK */
872 if (sd->spi)
873 goto unimplemented_cmd;
874 switch (sd->state) {
875 case sd_transfer_state:
876 /* Writing in SPI mode not implemented. */
877 if (sd->spi)
878 break;
879 sd->state = sd_receivingdata_state;
880 sd->data_start = req.arg;
881 sd->data_offset = 0;
882 sd->blk_written = 0;
883
884 if (sd->data_start + sd->blk_len > sd->size)
885 sd->card_status |= ADDRESS_ERROR;
886 if (sd_wp_addr(sd, sd->data_start))
887 sd->card_status |= WP_VIOLATION;
888 if (sd->csd[14] & 0x30)
889 sd->card_status |= WP_VIOLATION;
890 return sd_r1;
891
892 default:
893 break;
894 }
895 break;
896
897 case 26: /* CMD26: PROGRAM_CID */
898 if (sd->spi)
899 goto bad_cmd;
900 switch (sd->state) {
901 case sd_transfer_state:
902 sd->state = sd_receivingdata_state;
903 sd->data_start = 0;
904 sd->data_offset = 0;
905 return sd_r1;
906
907 default:
908 break;
909 }
910 break;
911
912 case 27: /* CMD27: PROGRAM_CSD */
913 if (sd->spi)
914 goto unimplemented_cmd;
915 switch (sd->state) {
916 case sd_transfer_state:
917 sd->state = sd_receivingdata_state;
918 sd->data_start = 0;
919 sd->data_offset = 0;
920 return sd_r1;
921
922 default:
923 break;
924 }
925 break;
926
927 /* Write protection (Class 6) */
928 case 28: /* CMD28: SET_WRITE_PROT */
929 switch (sd->state) {
930 case sd_transfer_state:
931 if (req.arg >= sd->size) {
932 sd->card_status = ADDRESS_ERROR;
933 return sd_r1b;
934 }
935
936 sd->state = sd_programming_state;
937 sd->wp_groups[req.arg >> (HWBLOCK_SHIFT +
938 SECTOR_SHIFT + WPGROUP_SHIFT)] = 1;
939 /* Bzzzzzzztt .... Operation complete. */
940 sd->state = sd_transfer_state;
941 return sd_r1b;
942
943 default:
944 break;
945 }
946 break;
947
948 case 29: /* CMD29: CLR_WRITE_PROT */
949 switch (sd->state) {
950 case sd_transfer_state:
951 if (req.arg >= sd->size) {
952 sd->card_status = ADDRESS_ERROR;
953 return sd_r1b;
954 }
955
956 sd->state = sd_programming_state;
957 sd->wp_groups[req.arg >> (HWBLOCK_SHIFT +
958 SECTOR_SHIFT + WPGROUP_SHIFT)] = 0;
959 /* Bzzzzzzztt .... Operation complete. */
960 sd->state = sd_transfer_state;
961 return sd_r1b;
962
963 default:
964 break;
965 }
966 break;
967
968 case 30: /* CMD30: SEND_WRITE_PROT */
969 switch (sd->state) {
970 case sd_transfer_state:
971 sd->state = sd_sendingdata_state;
972 *(uint32_t *) sd->data = sd_wpbits(sd, req.arg);
973 sd->data_start = req.arg;
974 sd->data_offset = 0;
975 return sd_r1b;
976
977 default:
978 break;
979 }
980 break;
981
982 /* Erase commands (Class 5) */
983 case 32: /* CMD32: ERASE_WR_BLK_START */
984 switch (sd->state) {
985 case sd_transfer_state:
986 sd->erase_start = req.arg;
987 return sd_r1;
988
989 default:
990 break;
991 }
992 break;
993
994 case 33: /* CMD33: ERASE_WR_BLK_END */
995 switch (sd->state) {
996 case sd_transfer_state:
997 sd->erase_end = req.arg;
998 return sd_r1;
999
1000 default:
1001 break;
1002 }
1003 break;
1004
1005 case 38: /* CMD38: ERASE */
1006 switch (sd->state) {
1007 case sd_transfer_state:
1008 if (sd->csd[14] & 0x30) {
1009 sd->card_status |= WP_VIOLATION;
1010 return sd_r1b;
1011 }
1012
1013 sd->state = sd_programming_state;
1014 sd_erase(sd);
1015 /* Bzzzzzzztt .... Operation complete. */
1016 sd->state = sd_transfer_state;
1017 return sd_r1b;
1018
1019 default:
1020 break;
1021 }
1022 break;
1023
1024 /* Lock card commands (Class 7) */
1025 case 42: /* CMD42: LOCK_UNLOCK */
1026 if (sd->spi)
1027 goto unimplemented_cmd;
1028 switch (sd->state) {
1029 case sd_transfer_state:
1030 sd->state = sd_receivingdata_state;
1031 sd->data_start = 0;
1032 sd->data_offset = 0;
1033 return sd_r1;
1034
1035 default:
1036 break;
1037 }
1038 break;
1039
1040 /* Application specific commands (Class 8) */
1041 case 55: /* CMD55: APP_CMD */
1042 if (sd->rca != rca)
1043 return sd_r0;
1044
1045 sd->card_status |= APP_CMD;
1046 return sd_r1;
1047
1048 case 56: /* CMD56: GEN_CMD */
1049 printf("SD: GEN_CMD 0x%08x\n", req.arg);
1050
1051 switch (sd->state) {
1052 case sd_transfer_state:
1053 sd->data_offset = 0;
1054 if (req.arg & 1)
1055 sd->state = sd_sendingdata_state;
1056 else
1057 sd->state = sd_receivingdata_state;
1058 return sd_r1;
1059
1060 default:
1061 break;
1062 }
1063 break;
1064
1065 default:
1066 bad_cmd:
1067 sd->card_status |= ILLEGAL_COMMAND;
1068
1069 printf("SD: Unknown CMD%i\n", req.cmd);
1070 return sd_r0;
1071
1072 unimplemented_cmd:
1073 /* Commands that are recognised but not yet implemented in SPI mode. */
1074 sd->card_status |= ILLEGAL_COMMAND;
1075 printf ("SD: CMD%i not implemented in SPI mode\n", req.cmd);
1076 return sd_r0;
1077 }
1078
1079 sd->card_status |= ILLEGAL_COMMAND;
1080 printf("SD: CMD%i in a wrong state\n", req.cmd);
1081 return sd_r0;
1082 }
1083
1084 static sd_rsp_type_t sd_app_command(SDState *sd,
1085 struct sd_request_s req) {
1086 uint32_t rca;
1087
1088 if (sd_cmd_type[req.cmd] == sd_ac || sd_cmd_type[req.cmd] == sd_adtc)
1089 rca = req.arg >> 16;
1090
1091 DPRINTF("ACMD%d 0x%08x\n", req.cmd, req.arg);
1092 switch (req.cmd) {
1093 case 6: /* ACMD6: SET_BUS_WIDTH */
1094 switch (sd->state) {
1095 case sd_transfer_state:
1096 sd->sd_status[0] &= 0x3f;
1097 sd->sd_status[0] |= (req.arg & 0x03) << 6;
1098 return sd_r1;
1099
1100 default:
1101 break;
1102 }
1103 break;
1104
1105 case 13: /* ACMD13: SD_STATUS */
1106 switch (sd->state) {
1107 case sd_transfer_state:
1108 sd->data_start = 0;
1109 sd->data_offset = 0;
1110 return sd_r1;
1111
1112 default:
1113 break;
1114 }
1115 break;
1116
1117 case 22: /* ACMD22: SEND_NUM_WR_BLOCKS */
1118 switch (sd->state) {
1119 case sd_transfer_state:
1120 *(uint32_t *) sd->data = sd->blk_written;
1121
1122 sd->data_start = 0;
1123 sd->data_offset = 0;
1124 return sd_r1;
1125
1126 default:
1127 break;
1128 }
1129 break;
1130
1131 case 23: /* ACMD23: SET_WR_BLK_ERASE_COUNT */
1132 switch (sd->state) {
1133 case sd_transfer_state:
1134 return sd_r1;
1135
1136 default:
1137 break;
1138 }
1139 break;
1140
1141 case 41: /* ACMD41: SD_APP_OP_COND */
1142 if (sd->spi) {
1143 /* SEND_OP_CMD */
1144 sd->state = sd_transfer_state;
1145 return sd_r1;
1146 }
1147 switch (sd->state) {
1148 case sd_idle_state:
1149 /* We accept any voltage. 10000 V is nothing. */
1150 if (req.arg)
1151 sd->state = sd_ready_state;
1152
1153 return sd_r3;
1154
1155 default:
1156 break;
1157 }
1158 break;
1159
1160 case 42: /* ACMD42: SET_CLR_CARD_DETECT */
1161 switch (sd->state) {
1162 case sd_transfer_state:
1163 /* Bringing in the 50KOhm pull-up resistor... Done. */
1164 return sd_r1;
1165
1166 default:
1167 break;
1168 }
1169 break;
1170
1171 case 51: /* ACMD51: SEND_SCR */
1172 switch (sd->state) {
1173 case sd_transfer_state:
1174 sd->state = sd_sendingdata_state;
1175 sd->data_start = 0;
1176 sd->data_offset = 0;
1177 return sd_r1;
1178
1179 default:
1180 break;
1181 }
1182 break;
1183
1184 default:
1185 /* Fall back to standard commands. */
1186 sd->card_status &= ~APP_CMD;
1187 return sd_normal_command(sd, req);
1188 }
1189
1190 printf("SD: ACMD%i in a wrong state\n", req.cmd);
1191 return sd_r0;
1192 }
1193
1194 int sd_do_command(SDState *sd, struct sd_request_s *req,
1195 uint8_t *response) {
1196 uint32_t last_status = sd->card_status;
1197 sd_rsp_type_t rtype;
1198 int rsplen;
1199
1200 if (!bdrv_is_inserted(sd->bdrv)) {
1201 return 0;
1202 }
1203
1204 if (sd_req_crc_validate(req)) {
1205 sd->card_status &= ~COM_CRC_ERROR;
1206 return 0;
1207 }
1208
1209 sd->card_status &= ~CARD_STATUS_B;
1210 sd_set_status(sd);
1211
1212 if (last_status & CARD_IS_LOCKED)
1213 if (((last_status & APP_CMD) &&
1214 req->cmd == 41) ||
1215 (!(last_status & APP_CMD) &&
1216 (sd_cmd_class[req->cmd] == 0 ||
1217 sd_cmd_class[req->cmd] == 7 ||
1218 req->cmd == 16 || req->cmd == 55))) {
1219 sd->card_status |= ILLEGAL_COMMAND;
1220 printf("SD: Card is locked\n");
1221 return 0;
1222 }
1223
1224 if (last_status & APP_CMD) {
1225 rtype = sd_app_command(sd, *req);
1226 sd->card_status &= ~APP_CMD;
1227 } else
1228 rtype = sd_normal_command(sd, *req);
1229
1230 sd->current_cmd = req->cmd;
1231
1232 switch (rtype) {
1233 case sd_r1:
1234 case sd_r1b:
1235 sd_response_r1_make(sd, response, last_status);
1236 rsplen = 4;
1237 break;
1238
1239 case sd_r2_i:
1240 memcpy(response, sd->cid, sizeof(sd->cid));
1241 response[7] |= 1;
1242 rsplen = 16;
1243 break;
1244
1245 case sd_r2_s:
1246 memcpy(response, sd->csd, sizeof(sd->csd));
1247 response[7] |= 1;
1248 rsplen = 16;
1249 break;
1250
1251 case sd_r3:
1252 sd_response_r3_make(sd, response);
1253 rsplen = 4;
1254 break;
1255
1256 case sd_r6:
1257 sd_response_r6_make(sd, response);
1258 rsplen = 4;
1259 break;
1260
1261 case sd_r0:
1262 default:
1263 rsplen = 0;
1264 break;
1265 }
1266
1267 if (sd->card_status & ILLEGAL_COMMAND)
1268 rsplen = 0;
1269
1270 #ifdef DEBUG_SD
1271 if (rsplen) {
1272 int i;
1273 DPRINTF("Response:");
1274 for (i = 0; i < rsplen; i++)
1275 printf(" %02x", response[i]);
1276 printf(" state %d\n", sd->state);
1277 } else {
1278 DPRINTF("No response %d\n", sd->state);
1279 }
1280 #endif
1281
1282 return rsplen;
1283 }
1284
1285 /* No real need for 64 bit addresses here */
1286 static void sd_blk_read(SDState *sd, uint32_t addr, uint32_t len)
1287 {
1288 uint32_t end = addr + len;
1289
1290 if (!sd->bdrv || bdrv_read(sd->bdrv, addr >> 9, sd->buf, 1) == -1) {
1291 printf("sd_blk_read: read error on host side\n");
1292 return;
1293 }
1294
1295 if (end > (addr & ~511) + 512) {
1296 memcpy(sd->data, sd->buf + (addr & 511), 512 - (addr & 511));
1297
1298 if (bdrv_read(sd->bdrv, end >> 9, sd->buf, 1) == -1) {
1299 printf("sd_blk_read: read error on host side\n");
1300 return;
1301 }
1302 memcpy(sd->data + 512 - (addr & 511), sd->buf, end & 511);
1303 } else
1304 memcpy(sd->data, sd->buf + (addr & 511), len);
1305 }
1306
1307 static void sd_blk_write(SDState *sd, uint32_t addr, uint32_t len)
1308 {
1309 uint32_t end = addr + len;
1310
1311 if ((addr & 511) || len < 512)
1312 if (!sd->bdrv || bdrv_read(sd->bdrv, addr >> 9, sd->buf, 1) == -1) {
1313 printf("sd_blk_write: read error on host side\n");
1314 return;
1315 }
1316
1317 if (end > (addr & ~511) + 512) {
1318 memcpy(sd->buf + (addr & 511), sd->data, 512 - (addr & 511));
1319 if (bdrv_write(sd->bdrv, addr >> 9, sd->buf, 1) == -1) {
1320 printf("sd_blk_write: write error on host side\n");
1321 return;
1322 }
1323
1324 if (bdrv_read(sd->bdrv, end >> 9, sd->buf, 1) == -1) {
1325 printf("sd_blk_write: read error on host side\n");
1326 return;
1327 }
1328 memcpy(sd->buf, sd->data + 512 - (addr & 511), end & 511);
1329 if (bdrv_write(sd->bdrv, end >> 9, sd->buf, 1) == -1)
1330 printf("sd_blk_write: write error on host side\n");
1331 } else {
1332 memcpy(sd->buf + (addr & 511), sd->data, len);
1333 if (!sd->bdrv || bdrv_write(sd->bdrv, addr >> 9, sd->buf, 1) == -1)
1334 printf("sd_blk_write: write error on host side\n");
1335 }
1336 }
1337
1338 #define BLK_READ_BLOCK(a, len) sd_blk_read(sd, a, len)
1339 #define BLK_WRITE_BLOCK(a, len) sd_blk_write(sd, a, len)
1340 #define APP_READ_BLOCK(a, len) memset(sd->data, 0xec, len)
1341 #define APP_WRITE_BLOCK(a, len)
1342
1343 void sd_write_data(SDState *sd, uint8_t value)
1344 {
1345 int i;
1346
1347 if (!sd->bdrv || !bdrv_is_inserted(sd->bdrv))
1348 return;
1349
1350 if (sd->state != sd_receivingdata_state) {
1351 printf("sd_write_data: not in Receiving-Data state\n");
1352 return;
1353 }
1354
1355 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION))
1356 return;
1357
1358 switch (sd->current_cmd) {
1359 case 24: /* CMD24: WRITE_SINGLE_BLOCK */
1360 sd->data[sd->data_offset ++] = value;
1361 if (sd->data_offset >= sd->blk_len) {
1362 /* TODO: Check CRC before committing */
1363 sd->state = sd_programming_state;
1364 BLK_WRITE_BLOCK(sd->data_start, sd->data_offset);
1365 sd->blk_written ++;
1366 sd->csd[14] |= 0x40;
1367 /* Bzzzzzzztt .... Operation complete. */
1368 sd->state = sd_transfer_state;
1369 }
1370 break;
1371
1372 case 25: /* CMD25: WRITE_MULTIPLE_BLOCK */
1373 sd->data[sd->data_offset ++] = value;
1374 if (sd->data_offset >= sd->blk_len) {
1375 /* TODO: Check CRC before committing */
1376 sd->state = sd_programming_state;
1377 BLK_WRITE_BLOCK(sd->data_start, sd->data_offset);
1378 sd->blk_written ++;
1379 sd->data_start += sd->blk_len;
1380 sd->data_offset = 0;
1381 if (sd->data_start + sd->blk_len > sd->size) {
1382 sd->card_status |= ADDRESS_ERROR;
1383 break;
1384 }
1385 if (sd_wp_addr(sd, sd->data_start)) {
1386 sd->card_status |= WP_VIOLATION;
1387 break;
1388 }
1389 sd->csd[14] |= 0x40;
1390
1391 /* Bzzzzzzztt .... Operation complete. */
1392 sd->state = sd_receivingdata_state;
1393 }
1394 break;
1395
1396 case 26: /* CMD26: PROGRAM_CID */
1397 sd->data[sd->data_offset ++] = value;
1398 if (sd->data_offset >= sizeof(sd->cid)) {
1399 /* TODO: Check CRC before committing */
1400 sd->state = sd_programming_state;
1401 for (i = 0; i < sizeof(sd->cid); i ++)
1402 if ((sd->cid[i] | 0x00) != sd->data[i])
1403 sd->card_status |= CID_CSD_OVERWRITE;
1404
1405 if (!(sd->card_status & CID_CSD_OVERWRITE))
1406 for (i = 0; i < sizeof(sd->cid); i ++) {
1407 sd->cid[i] |= 0x00;
1408 sd->cid[i] &= sd->data[i];
1409 }
1410 /* Bzzzzzzztt .... Operation complete. */
1411 sd->state = sd_transfer_state;
1412 }
1413 break;
1414
1415 case 27: /* CMD27: PROGRAM_CSD */
1416 sd->data[sd->data_offset ++] = value;
1417 if (sd->data_offset >= sizeof(sd->csd)) {
1418 /* TODO: Check CRC before committing */
1419 sd->state = sd_programming_state;
1420 for (i = 0; i < sizeof(sd->csd); i ++)
1421 if ((sd->csd[i] | sd_csd_rw_mask[i]) !=
1422 (sd->data[i] | sd_csd_rw_mask[i]))
1423 sd->card_status |= CID_CSD_OVERWRITE;
1424
1425 /* Copy flag (OTP) & Permanent write protect */
1426 if (sd->csd[14] & ~sd->data[14] & 0x60)
1427 sd->card_status |= CID_CSD_OVERWRITE;
1428
1429 if (!(sd->card_status & CID_CSD_OVERWRITE))
1430 for (i = 0; i < sizeof(sd->csd); i ++) {
1431 sd->csd[i] |= sd_csd_rw_mask[i];
1432 sd->csd[i] &= sd->data[i];
1433 }
1434 /* Bzzzzzzztt .... Operation complete. */
1435 sd->state = sd_transfer_state;
1436 }
1437 break;
1438
1439 case 42: /* CMD42: LOCK_UNLOCK */
1440 sd->data[sd->data_offset ++] = value;
1441 if (sd->data_offset >= sd->blk_len) {
1442 /* TODO: Check CRC before committing */
1443 sd->state = sd_programming_state;
1444 sd_lock_command(sd);
1445 /* Bzzzzzzztt .... Operation complete. */
1446 sd->state = sd_transfer_state;
1447 }
1448 break;
1449
1450 case 56: /* CMD56: GEN_CMD */
1451 sd->data[sd->data_offset ++] = value;
1452 if (sd->data_offset >= sd->blk_len) {
1453 APP_WRITE_BLOCK(sd->data_start, sd->data_offset);
1454 sd->state = sd_transfer_state;
1455 }
1456 break;
1457
1458 default:
1459 printf("sd_write_data: unknown command\n");
1460 break;
1461 }
1462 }
1463
1464 uint8_t sd_read_data(SDState *sd)
1465 {
1466 /* TODO: Append CRCs */
1467 uint8_t ret;
1468
1469 if (!sd->bdrv || !bdrv_is_inserted(sd->bdrv))
1470 return 0x00;
1471
1472 if (sd->state != sd_sendingdata_state) {
1473 printf("sd_read_data: not in Sending-Data state\n");
1474 return 0x00;
1475 }
1476
1477 if (sd->card_status & (ADDRESS_ERROR | WP_VIOLATION))
1478 return 0x00;
1479
1480 switch (sd->current_cmd) {
1481 case 6: /* CMD6: SWITCH_FUNCTION */
1482 ret = sd->data[sd->data_offset ++];
1483
1484 if (sd->data_offset >= 64)
1485 sd->state = sd_transfer_state;
1486 break;
1487
1488 case 9: /* CMD9: SEND_CSD */
1489 case 10: /* CMD10: SEND_CID */
1490 ret = sd->data[sd->data_offset ++];
1491
1492 if (sd->data_offset >= 16)
1493 sd->state = sd_transfer_state;
1494 break;
1495
1496 case 11: /* CMD11: READ_DAT_UNTIL_STOP */
1497 if (sd->data_offset == 0)
1498 BLK_READ_BLOCK(sd->data_start, sd->blk_len);
1499 ret = sd->data[sd->data_offset ++];
1500
1501 if (sd->data_offset >= sd->blk_len) {
1502 sd->data_start += sd->blk_len;
1503 sd->data_offset = 0;
1504 if (sd->data_start + sd->blk_len > sd->size) {
1505 sd->card_status |= ADDRESS_ERROR;
1506 break;
1507 }
1508 }
1509 break;
1510
1511 case 13: /* ACMD13: SD_STATUS */
1512 ret = sd->sd_status[sd->data_offset ++];
1513
1514 if (sd->data_offset >= sizeof(sd->sd_status))
1515 sd->state = sd_transfer_state;
1516 break;
1517
1518 case 17: /* CMD17: READ_SINGLE_BLOCK */
1519 if (sd->data_offset == 0)
1520 BLK_READ_BLOCK(sd->data_start, sd->blk_len);
1521 ret = sd->data[sd->data_offset ++];
1522
1523 if (sd->data_offset >= sd->blk_len)
1524 sd->state = sd_transfer_state;
1525 break;
1526
1527 case 18: /* CMD18: READ_MULTIPLE_BLOCK */
1528 if (sd->data_offset == 0)
1529 BLK_READ_BLOCK(sd->data_start, sd->blk_len);
1530 ret = sd->data[sd->data_offset ++];
1531
1532 if (sd->data_offset >= sd->blk_len) {
1533 sd->data_start += sd->blk_len;
1534 sd->data_offset = 0;
1535 if (sd->data_start + sd->blk_len > sd->size) {
1536 sd->card_status |= ADDRESS_ERROR;
1537 break;
1538 }
1539 }
1540 break;
1541
1542 case 22: /* ACMD22: SEND_NUM_WR_BLOCKS */
1543 ret = sd->data[sd->data_offset ++];
1544
1545 if (sd->data_offset >= 4)
1546 sd->state = sd_transfer_state;
1547 break;
1548
1549 case 30: /* CMD30: SEND_WRITE_PROT */
1550 ret = sd->data[sd->data_offset ++];
1551
1552 if (sd->data_offset >= 4)
1553 sd->state = sd_transfer_state;
1554 break;
1555
1556 case 51: /* ACMD51: SEND_SCR */
1557 ret = sd->scr[sd->data_offset ++];
1558
1559 if (sd->data_offset >= sizeof(sd->scr))
1560 sd->state = sd_transfer_state;
1561 break;
1562
1563 case 56: /* CMD56: GEN_CMD */
1564 if (sd->data_offset == 0)
1565 APP_READ_BLOCK(sd->data_start, sd->blk_len);
1566 ret = sd->data[sd->data_offset ++];
1567
1568 if (sd->data_offset >= sd->blk_len)
1569 sd->state = sd_transfer_state;
1570 break;
1571
1572 default:
1573 printf("sd_read_data: unknown command\n");
1574 return 0x00;
1575 }
1576
1577 return ret;
1578 }
1579
1580 int sd_data_ready(SDState *sd)
1581 {
1582 return sd->state == sd_sendingdata_state;
1583 }
Samsung s3c2440 and arm920t support for the mini2440 dev board