1 /* Common Flash Memory Interface (CFI) model. 2 http://www.spansion.com/Support/AppNotes/CFI_Spec_AN_03.pdf 3 http://www.spansion.com/Support/AppNotes/cfi_100_20011201.pdf 4 5 Copyright (C) 2010-2024 Free Software Foundation, Inc. 6 Contributed by Analog Devices, Inc. 7 8 This file is part of simulators. 9 10 This program is free software; you can redistribute it and/or modify 11 it under the terms of the GNU General Public License as published by 12 the Free Software Foundation; either version 3 of the License, or 13 (at your option) any later version. 14 15 This program is distributed in the hope that it will be useful, 16 but WITHOUT ANY WARRANTY; without even the implied warranty of 17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 GNU General Public License for more details. 19 20 You should have received a copy of the GNU General Public License 21 along with this program. If not, see <http://www.gnu.org/licenses/>. */ 22 23 /* TODO: support vendor query tables. */ 24 25 /* This must come before any other includes. */ 26 #include "defs.h" 27 28 #include <errno.h> 29 #include <fcntl.h> 30 #include <math.h> 31 #include <stdbool.h> 32 #include <unistd.h> 33 #ifdef HAVE_SYS_MMAN_H 34 #include <sys/mman.h> 35 #endif 36 37 #include "sim-main.h" 38 #include "hw-base.h" 39 #include "hw-main.h" 40 #include "dv-cfi.h" 41 42 /* Flashes are simple state machines, so here we cover all the 43 different states a device might be in at any particular time. */ 44 enum cfi_state 45 { 46 CFI_STATE_READ, 47 CFI_STATE_READ_ID, 48 CFI_STATE_CFI_QUERY, 49 CFI_STATE_PROTECT, 50 CFI_STATE_STATUS, 51 CFI_STATE_ERASE, 52 CFI_STATE_WRITE, 53 CFI_STATE_WRITE_BUFFER, 54 CFI_STATE_WRITE_BUFFER_CONFIRM, 55 }; 56 57 /* This is the structure that all CFI conforming devices must provided 58 when asked for it. This allows a single driver to dynamically support 59 different flash geometries without having to hardcode specs. 60 61 If you want to start mucking about here, you should just grab the 62 CFI spec and review that (see top of this file for URIs). */ 63 struct cfi_query 64 { 65 /* This is always 'Q' 'R' 'Y'. */ 66 unsigned char qry[3]; 67 /* Primary vendor ID. */ 68 unsigned char p_id[2]; 69 /* Primary query table address. */ 70 unsigned char p_adr[2]; 71 /* Alternate vendor ID. */ 72 unsigned char a_id[2]; 73 /* Alternate query table address. */ 74 unsigned char a_adr[2]; 75 union 76 { 77 /* Voltage levels. */ 78 unsigned char voltages[4]; 79 struct 80 { 81 /* Normal min voltage level. */ 82 unsigned char vcc_min; 83 /* Normal max voltage level. */ 84 unsigned char vcc_max; 85 /* Programming min volage level. */ 86 unsigned char vpp_min; 87 /* Programming max volage level. */ 88 unsigned char vpp_max; 89 }; 90 }; 91 union 92 { 93 /* Operational timeouts. */ 94 unsigned char timeouts[8]; 95 struct 96 { 97 /* Typical timeout for writing a single "unit". */ 98 unsigned char timeout_typ_unit_write; 99 /* Typical timeout for writing a single "buffer". */ 100 unsigned char timeout_typ_buf_write; 101 /* Typical timeout for erasing a block. */ 102 unsigned char timeout_typ_block_erase; 103 /* Typical timeout for erasing the chip. */ 104 unsigned char timeout_typ_chip_erase; 105 /* Max timeout for writing a single "unit". */ 106 unsigned char timeout_max_unit_write; 107 /* Max timeout for writing a single "buffer". */ 108 unsigned char timeout_max_buf_write; 109 /* Max timeout for erasing a block. */ 110 unsigned char timeout_max_block_erase; 111 /* Max timeout for erasing the chip. */ 112 unsigned char timeout_max_chip_erase; 113 }; 114 }; 115 /* Flash size is 2^dev_size bytes. */ 116 unsigned char dev_size; 117 /* Flash device interface description. */ 118 unsigned char iface_desc[2]; 119 /* Max length of a single buffer write is 2^max_buf_write_len bytes. */ 120 unsigned char max_buf_write_len[2]; 121 /* Number of erase regions. */ 122 unsigned char num_erase_regions; 123 /* The erase regions would now be an array after this point, but since 124 it is dynamic, we'll provide that from "struct cfi" when requested. */ 125 /*unsigned char erase_region_info;*/ 126 }; 127 128 /* Flashes may have regions with different erase sizes. There is one 129 structure per erase region. */ 130 struct cfi_erase_region 131 { 132 unsigned blocks; 133 unsigned size; 134 unsigned start; 135 unsigned end; 136 }; 137 138 struct cfi; 139 140 /* Flashes are accessed via commands -- you write a certain number to 141 a special address to change the flash state and access info other 142 than the data. Diff companies have implemented their own command 143 set. This structure abstracts the different command sets so that 144 we can support multiple ones with just a single sim driver. */ 145 struct cfi_cmdset 146 { 147 unsigned id; 148 void (*setup) (struct hw *me, struct cfi *cfi); 149 bool (*write) (struct hw *me, struct cfi *cfi, const void *source, 150 unsigned offset, unsigned value, unsigned nr_bytes); 151 bool (*read) (struct hw *me, struct cfi *cfi, void *dest, 152 unsigned offset, unsigned shifted_offset, unsigned nr_bytes); 153 }; 154 155 /* The per-flash state. Much of this comes from the device tree which 156 people declare themselves. See top of attach_cfi_regs() for more 157 info. */ 158 struct cfi 159 { 160 unsigned width, dev_size, status; 161 enum cfi_state state; 162 unsigned char *data, *mmap; 163 164 struct cfi_query query; 165 const struct cfi_cmdset *cmdset; 166 167 unsigned char *erase_region_info; 168 struct cfi_erase_region *erase_regions; 169 }; 170 171 /* Helpful strings which are used with HW_TRACE. */ 172 static const char * const state_names[] = 173 { 174 "READ", "READ_ID", "CFI_QUERY", "PROTECT", "STATUS", "ERASE", "WRITE", 175 "WRITE_BUFFER", "WRITE_BUFFER_CONFIRM", 176 }; 177 178 /* Erase the block specified by the offset into the given CFI flash. */ 179 static void 180 cfi_erase_block (struct hw *me, struct cfi *cfi, unsigned offset) 181 { 182 unsigned i; 183 struct cfi_erase_region *region; 184 185 /* If no erase regions, then we can only do whole chip erase. */ 186 /* XXX: Is this within spec ? Or must there always be at least one ? */ 187 if (!cfi->query.num_erase_regions) 188 memset (cfi->data, 0xff, cfi->dev_size); 189 190 for (i = 0; i < cfi->query.num_erase_regions; ++i) 191 { 192 region = &cfi->erase_regions[i]; 193 194 if (offset >= region->end) 195 continue; 196 197 /* XXX: Does spec require the erase addr to be erase block aligned ? 198 Maybe this is check is overly cautious ... */ 199 offset &= ~(region->size - 1); 200 memset (cfi->data + offset, 0xff, region->size); 201 break; 202 } 203 } 204 205 /* Depending on the bus width, addresses might be bit shifted. This 206 helps us normalize everything without cluttering up the rest of 207 the code. */ 208 static unsigned 209 cfi_unshift_addr (struct cfi *cfi, unsigned addr) 210 { 211 switch (cfi->width) 212 { 213 case 4: addr >>= 1; ATTRIBUTE_FALLTHROUGH; 214 case 2: addr >>= 1; 215 } 216 return addr; 217 } 218 219 /* CFI requires all values to be little endian in its structure, so 220 this helper writes a 16bit value into a little endian byte buffer. */ 221 static void 222 cfi_encode_16bit (unsigned char *data, unsigned num) 223 { 224 data[0] = num; 225 data[1] = num >> 8; 226 } 227 228 /* The functions required to implement the Intel command set. */ 229 230 static bool 231 cmdset_intel_write (struct hw *me, struct cfi *cfi, const void *source, 232 unsigned offset, unsigned value, unsigned nr_bytes) 233 { 234 switch (cfi->state) 235 { 236 case CFI_STATE_READ: 237 case CFI_STATE_READ_ID: 238 switch (value) 239 { 240 case INTEL_CMD_ERASE_BLOCK: 241 cfi->state = CFI_STATE_ERASE; 242 break; 243 case INTEL_CMD_WRITE: 244 case INTEL_CMD_WRITE_ALT: 245 cfi->state = CFI_STATE_WRITE; 246 break; 247 case INTEL_CMD_STATUS_CLEAR: 248 cfi->status = INTEL_SR_DWS; 249 break; 250 case INTEL_CMD_LOCK_SETUP: 251 cfi->state = CFI_STATE_PROTECT; 252 break; 253 default: 254 return false; 255 } 256 break; 257 258 case CFI_STATE_ERASE: 259 if (value == INTEL_CMD_ERASE_CONFIRM) 260 { 261 cfi_erase_block (me, cfi, offset); 262 cfi->status &= ~(INTEL_SR_PS | INTEL_SR_ES); 263 } 264 else 265 cfi->status |= INTEL_SR_PS | INTEL_SR_ES; 266 cfi->state = CFI_STATE_STATUS; 267 break; 268 269 case CFI_STATE_PROTECT: 270 switch (value) 271 { 272 case INTEL_CMD_LOCK_BLOCK: 273 case INTEL_CMD_UNLOCK_BLOCK: 274 case INTEL_CMD_LOCK_DOWN_BLOCK: 275 /* XXX: Handle the command. */ 276 break; 277 default: 278 /* Kick out. */ 279 cfi->status |= INTEL_SR_PS | INTEL_SR_ES; 280 break; 281 } 282 cfi->state = CFI_STATE_STATUS; 283 break; 284 285 default: 286 return false; 287 } 288 289 return true; 290 } 291 292 static bool 293 cmdset_intel_read (struct hw *me, struct cfi *cfi, void *dest, 294 unsigned offset, unsigned shifted_offset, unsigned nr_bytes) 295 { 296 unsigned char *sdest = dest; 297 298 switch (cfi->state) 299 { 300 case CFI_STATE_STATUS: 301 case CFI_STATE_ERASE: 302 *sdest = cfi->status; 303 break; 304 305 case CFI_STATE_READ_ID: 306 switch (shifted_offset & 0x1ff) 307 { 308 case 0x00: /* Manufacturer Code. */ 309 cfi_encode_16bit (dest, INTEL_ID_MANU); 310 break; 311 case 0x01: /* Device ID Code. */ 312 /* XXX: Push to device tree ? */ 313 cfi_encode_16bit (dest, 0xad); 314 break; 315 case 0x02: /* Block lock state. */ 316 /* XXX: This is per-block ... */ 317 *sdest = 0x00; 318 break; 319 case 0x05: /* Read Configuration Register. */ 320 cfi_encode_16bit (dest, (1 << 15)); 321 break; 322 default: 323 return false; 324 } 325 break; 326 327 default: 328 return false; 329 } 330 331 return true; 332 } 333 334 static void 335 cmdset_intel_setup (struct hw *me, struct cfi *cfi) 336 { 337 cfi->status = INTEL_SR_DWS; 338 } 339 340 static const struct cfi_cmdset cfi_cmdset_intel = 341 { 342 CFI_CMDSET_INTEL, cmdset_intel_setup, cmdset_intel_write, cmdset_intel_read, 343 }; 344 345 /* All of the supported command sets get listed here. We then walk this 346 array to see if the user requested command set is implemented. */ 347 static const struct cfi_cmdset * const cfi_cmdsets[] = 348 { 349 &cfi_cmdset_intel, 350 }; 351 352 /* All writes to the flash address space come here. Using the state 353 machine, we figure out what to do with this specific write. All 354 common code sits here and if there is a request we can't process, 355 we hand it off to the command set-specific write function. */ 356 static unsigned 357 cfi_io_write_buffer (struct hw *me, const void *source, int space, 358 address_word addr, unsigned nr_bytes) 359 { 360 struct cfi *cfi = hw_data (me); 361 const unsigned char *ssource = source; 362 enum cfi_state old_state; 363 unsigned offset, shifted_offset, value; 364 365 offset = addr & (cfi->dev_size - 1); 366 shifted_offset = cfi_unshift_addr (cfi, offset); 367 368 if (cfi->width != nr_bytes) 369 { 370 HW_TRACE ((me, "write 0x%08lx length %u does not match flash width %u", 371 (unsigned long) addr, nr_bytes, cfi->width)); 372 return nr_bytes; 373 } 374 375 if (cfi->state == CFI_STATE_WRITE) 376 { 377 /* NOR flash can only go from 1 to 0. */ 378 unsigned i; 379 380 HW_TRACE ((me, "program %#x length %u", offset, nr_bytes)); 381 382 for (i = 0; i < nr_bytes; ++i) 383 cfi->data[offset + i] &= ssource[i]; 384 385 cfi->state = CFI_STATE_STATUS; 386 387 return nr_bytes; 388 } 389 390 value = ssource[0]; 391 392 old_state = cfi->state; 393 394 if (value == CFI_CMD_READ || value == CFI_CMD_RESET) 395 { 396 cfi->state = CFI_STATE_READ; 397 goto done; 398 } 399 400 switch (cfi->state) 401 { 402 case CFI_STATE_READ: 403 case CFI_STATE_READ_ID: 404 if (value == CFI_CMD_CFI_QUERY) 405 { 406 if (shifted_offset == CFI_ADDR_CFI_QUERY_START) 407 cfi->state = CFI_STATE_CFI_QUERY; 408 goto done; 409 } 410 411 if (value == CFI_CMD_READ_ID) 412 { 413 cfi->state = CFI_STATE_READ_ID; 414 goto done; 415 } 416 417 ATTRIBUTE_FALLTHROUGH; 418 419 default: 420 if (!cfi->cmdset->write (me, cfi, source, offset, value, nr_bytes)) 421 HW_TRACE ((me, "unhandled command %#x at %#x", value, offset)); 422 break; 423 } 424 425 done: 426 HW_TRACE ((me, "write 0x%08lx command {%#x,%#x,%#x,%#x}; state %s -> %s", 427 (unsigned long) addr, ssource[0], 428 nr_bytes > 1 ? ssource[1] : 0, 429 nr_bytes > 2 ? ssource[2] : 0, 430 nr_bytes > 3 ? ssource[3] : 0, 431 state_names[old_state], state_names[cfi->state])); 432 433 return nr_bytes; 434 } 435 436 /* All reads to the flash address space come here. Using the state 437 machine, we figure out what to return -- actual data stored in the 438 flash, the CFI query structure, some status info, or something else ? 439 Any requests that we can't handle are passed to the command set- 440 specific read function. */ 441 static unsigned 442 cfi_io_read_buffer (struct hw *me, void *dest, int space, 443 address_word addr, unsigned nr_bytes) 444 { 445 struct cfi *cfi = hw_data (me); 446 unsigned char *sdest = dest; 447 unsigned offset, shifted_offset; 448 449 offset = addr & (cfi->dev_size - 1); 450 shifted_offset = cfi_unshift_addr (cfi, offset); 451 452 /* XXX: Is this OK to enforce ? */ 453 #if 0 454 if (cfi->state != CFI_STATE_READ && cfi->width != nr_bytes) 455 { 456 HW_TRACE ((me, "read 0x%08lx length %u does not match flash width %u", 457 (unsigned long) addr, nr_bytes, cfi->width)); 458 return nr_bytes; 459 } 460 #endif 461 462 HW_TRACE ((me, "%s read 0x%08lx length %u", 463 state_names[cfi->state], (unsigned long) addr, nr_bytes)); 464 465 switch (cfi->state) 466 { 467 case CFI_STATE_READ: 468 memcpy (dest, cfi->data + offset, nr_bytes); 469 break; 470 471 case CFI_STATE_CFI_QUERY: 472 if (shifted_offset >= CFI_ADDR_CFI_QUERY_RESULT && 473 shifted_offset < CFI_ADDR_CFI_QUERY_RESULT + sizeof (cfi->query) + 474 (cfi->query.num_erase_regions * 4)) 475 { 476 unsigned char *qry; 477 478 shifted_offset -= CFI_ADDR_CFI_QUERY_RESULT; 479 if (shifted_offset >= sizeof (cfi->query)) 480 { 481 qry = cfi->erase_region_info; 482 shifted_offset -= sizeof (cfi->query); 483 } 484 else 485 qry = (void *) &cfi->query; 486 487 sdest[0] = qry[shifted_offset]; 488 memset (sdest + 1, 0, nr_bytes - 1); 489 490 break; 491 } 492 493 ATTRIBUTE_FALLTHROUGH; 494 495 default: 496 if (!cfi->cmdset->read (me, cfi, dest, offset, shifted_offset, nr_bytes)) 497 HW_TRACE ((me, "unhandled state %s", state_names[cfi->state])); 498 break; 499 } 500 501 return nr_bytes; 502 } 503 504 /* Clean up any state when this device is removed (e.g. when shutting 505 down, or when reloading via gdb). */ 506 static void 507 cfi_delete_callback (struct hw *me) 508 { 509 #ifdef HAVE_MMAP 510 struct cfi *cfi = hw_data (me); 511 512 if (cfi->mmap) 513 munmap (cfi->mmap, cfi->dev_size); 514 #endif 515 } 516 517 /* Helper function to easily add CFI erase regions to the existing set. */ 518 static void 519 cfi_add_erase_region (struct hw *me, struct cfi *cfi, 520 unsigned blocks, unsigned size) 521 { 522 unsigned num_regions = cfi->query.num_erase_regions; 523 struct cfi_erase_region *region; 524 unsigned char *qry_region; 525 526 /* Store for our own usage. */ 527 region = &cfi->erase_regions[num_regions]; 528 region->blocks = blocks; 529 region->size = size; 530 if (num_regions == 0) 531 region->start = 0; 532 else 533 region->start = region[-1].end; 534 region->end = region->start + (blocks * size); 535 536 /* Regions are 4 bytes long. */ 537 qry_region = cfi->erase_region_info + 4 * num_regions; 538 539 /* [0][1] = number erase blocks - 1 */ 540 if (blocks > 0xffff + 1) 541 hw_abort (me, "erase blocks %u too big to fit into region info", blocks); 542 cfi_encode_16bit (&qry_region[0], blocks - 1); 543 544 /* [2][3] = block size / 256 bytes */ 545 if (size > 0xffff * 256) 546 hw_abort (me, "erase size %u too big to fit into region info", size); 547 cfi_encode_16bit (&qry_region[2], size / 256); 548 549 /* Yet another region. */ 550 cfi->query.num_erase_regions = num_regions + 1; 551 } 552 553 /* Device tree options: 554 Required: 555 .../reg <addr> <len> 556 .../cmdset <primary; integer> [alt; integer] 557 Optional: 558 .../size <device size (must be pow of 2)> 559 .../width <8|16|32> 560 .../write_size <integer (must be pow of 2)> 561 .../erase_regions <number blocks> <block size> \ 562 [<number blocks> <block size> ...] 563 .../voltage <vcc min> <vcc max> <vpp min> <vpp max> 564 .../timeouts <typ unit write> <typ buf write> \ 565 <typ block erase> <typ chip erase> \ 566 <max unit write> <max buf write> \ 567 <max block erase> <max chip erase> 568 .../file <file> [ro|rw] 569 Defaults: 570 size: <len> from "reg" 571 width: 8 572 write_size: 0 (not supported) 573 erase_region: 1 (can only erase whole chip) 574 voltage: 0.0V (for all) 575 timeouts: typ: 1µs, not supported, 1ms, not supported 576 max: 1µs, 1ms, 1ms, not supported 577 578 TODO: Verify user args are valid (e.g. voltage is 8 bits). */ 579 static void 580 attach_cfi_regs (struct hw *me, struct cfi *cfi) 581 { 582 address_word attach_address; 583 int attach_space; 584 unsigned attach_size; 585 reg_property_spec reg; 586 bool fd_writable; 587 int i, ret, fd; 588 signed_cell ival; 589 590 if (hw_find_property (me, "reg") == NULL) 591 hw_abort (me, "Missing \"reg\" property"); 592 if (hw_find_property (me, "cmdset") == NULL) 593 hw_abort (me, "Missing \"cmdset\" property"); 594 595 if (!hw_find_reg_array_property (me, "reg", 0, ®)) 596 hw_abort (me, "\"reg\" property must contain three addr/size entries"); 597 598 hw_unit_address_to_attach_address (hw_parent (me), 599 ®.address, 600 &attach_space, &attach_address, me); 601 hw_unit_size_to_attach_size (hw_parent (me), ®.size, &attach_size, me); 602 603 hw_attach_address (hw_parent (me), 604 0, attach_space, attach_address, attach_size, me); 605 606 /* Extract the desired flash command set. */ 607 ret = hw_find_integer_array_property (me, "cmdset", 0, &ival); 608 if (ret != 1 && ret != 2) 609 hw_abort (me, "\"cmdset\" property takes 1 or 2 entries"); 610 cfi_encode_16bit (cfi->query.p_id, ival); 611 612 for (i = 0; i < ARRAY_SIZE (cfi_cmdsets); ++i) 613 if (cfi_cmdsets[i]->id == ival) 614 cfi->cmdset = cfi_cmdsets[i]; 615 if (cfi->cmdset == NULL) 616 hw_abort (me, "cmdset %" PRIiTC " not supported", ival); 617 618 if (ret == 2) 619 { 620 hw_find_integer_array_property (me, "cmdset", 1, &ival); 621 cfi_encode_16bit (cfi->query.a_id, ival); 622 } 623 624 /* Extract the desired device size. */ 625 if (hw_find_property (me, "size")) 626 cfi->dev_size = hw_find_integer_property (me, "size"); 627 else 628 cfi->dev_size = attach_size; 629 cfi->query.dev_size = log2 (cfi->dev_size); 630 631 /* Extract the desired flash width. */ 632 if (hw_find_property (me, "width")) 633 { 634 cfi->width = hw_find_integer_property (me, "width"); 635 if (cfi->width != 8 && cfi->width != 16 && cfi->width != 32) 636 hw_abort (me, "\"width\" must be 8 or 16 or 32, not %u", cfi->width); 637 } 638 else 639 /* Default to 8 bit. */ 640 cfi->width = 8; 641 /* Turn 8/16/32 into 1/2/4. */ 642 cfi->width /= 8; 643 644 /* Extract optional write buffer size. */ 645 if (hw_find_property (me, "write_size")) 646 { 647 ival = hw_find_integer_property (me, "write_size"); 648 cfi_encode_16bit (cfi->query.max_buf_write_len, log2 (ival)); 649 } 650 651 /* Extract optional erase regions. */ 652 if (hw_find_property (me, "erase_regions")) 653 { 654 ret = hw_find_integer_array_property (me, "erase_regions", 0, &ival); 655 if (ret % 2) 656 hw_abort (me, "\"erase_regions\" must be specified in sets of 2"); 657 658 cfi->erase_region_info = HW_NALLOC (me, unsigned char, ret / 2); 659 cfi->erase_regions = HW_NALLOC (me, struct cfi_erase_region, ret / 2); 660 661 for (i = 0; i < ret; i += 2) 662 { 663 unsigned blocks, size; 664 665 hw_find_integer_array_property (me, "erase_regions", i, &ival); 666 blocks = ival; 667 668 hw_find_integer_array_property (me, "erase_regions", i + 1, &ival); 669 size = ival; 670 671 cfi_add_erase_region (me, cfi, blocks, size); 672 } 673 } 674 675 /* Extract optional voltages. */ 676 if (hw_find_property (me, "voltage")) 677 { 678 unsigned num = ARRAY_SIZE (cfi->query.voltages); 679 680 ret = hw_find_integer_array_property (me, "voltage", 0, &ival); 681 if (ret > num) 682 hw_abort (me, "\"voltage\" may have only %u arguments", num); 683 684 for (i = 0; i < ret; ++i) 685 { 686 hw_find_integer_array_property (me, "voltage", i, &ival); 687 cfi->query.voltages[i] = ival; 688 } 689 } 690 691 /* Extract optional timeouts. */ 692 if (hw_find_property (me, "timeout")) 693 { 694 unsigned num = ARRAY_SIZE (cfi->query.timeouts); 695 696 ret = hw_find_integer_array_property (me, "timeout", 0, &ival); 697 if (ret > num) 698 hw_abort (me, "\"timeout\" may have only %u arguments", num); 699 700 for (i = 0; i < ret; ++i) 701 { 702 hw_find_integer_array_property (me, "timeout", i, &ival); 703 cfi->query.timeouts[i] = ival; 704 } 705 } 706 707 /* Extract optional file. */ 708 fd = -1; 709 fd_writable = false; 710 if (hw_find_property (me, "file")) 711 { 712 const char *file; 713 714 ret = hw_find_string_array_property (me, "file", 0, &file); 715 if (ret > 2) 716 hw_abort (me, "\"file\" may take only one argument"); 717 if (ret == 2) 718 { 719 const char *writable; 720 721 hw_find_string_array_property (me, "file", 1, &writable); 722 fd_writable = !strcmp (writable, "rw"); 723 } 724 725 fd = open (file, fd_writable ? O_RDWR : O_RDONLY); 726 if (fd < 0) 727 hw_abort (me, "unable to read file `%s': %s", file, strerror (errno)); 728 } 729 730 /* Figure out where our initial flash data is coming from. */ 731 if (fd != -1 && fd_writable) 732 { 733 #if defined (HAVE_MMAP) && defined (HAVE_POSIX_FALLOCATE) 734 posix_fallocate (fd, 0, cfi->dev_size); 735 736 cfi->mmap = mmap (NULL, cfi->dev_size, 737 PROT_READ | (fd_writable ? PROT_WRITE : 0), 738 MAP_SHARED, fd, 0); 739 740 if (cfi->mmap == MAP_FAILED) 741 cfi->mmap = NULL; 742 else 743 cfi->data = cfi->mmap; 744 #else 745 sim_io_eprintf (hw_system (me), 746 "cfi: sorry, file write support requires mmap()\n"); 747 #endif 748 } 749 if (!cfi->data) 750 { 751 size_t read_len; 752 753 cfi->data = HW_NALLOC (me, unsigned char, cfi->dev_size); 754 755 if (fd != -1) 756 { 757 /* Use stdio to avoid EINTR issues with read(). */ 758 FILE *fp = fdopen (fd, "r"); 759 760 if (fp) 761 read_len = fread (cfi->data, 1, cfi->dev_size, fp); 762 else 763 read_len = 0; 764 765 /* Don't need to fclose() with fdopen("r"). */ 766 } 767 else 768 read_len = 0; 769 770 memset (cfi->data, 0xff, cfi->dev_size - read_len); 771 } 772 773 close (fd); 774 } 775 776 /* Once we've been declared in the device tree, this is the main 777 entry point. So allocate state, attach memory addresses, and 778 all that fun stuff. */ 779 static void 780 cfi_finish (struct hw *me) 781 { 782 struct cfi *cfi; 783 784 cfi = HW_ZALLOC (me, struct cfi); 785 786 set_hw_data (me, cfi); 787 set_hw_io_read_buffer (me, cfi_io_read_buffer); 788 set_hw_io_write_buffer (me, cfi_io_write_buffer); 789 set_hw_delete (me, cfi_delete_callback); 790 791 attach_cfi_regs (me, cfi); 792 793 /* Initialize the CFI. */ 794 cfi->state = CFI_STATE_READ; 795 memcpy (cfi->query.qry, "QRY", 3); 796 cfi->cmdset->setup (me, cfi); 797 } 798 799 /* Every device is required to declare this. */ 800 const struct hw_descriptor dv_cfi_descriptor[] = 801 { 802 {"cfi", cfi_finish,}, 803 {NULL, NULL}, 804 }; 805