2 * Common Flash Interface support:
3 * AMD & Fujitsu Standard Vendor Command Set (ID 0x0002)
5 * Copyright (C) 2000 Crossnet Co. <info@crossnet.co.jp>
6 * Copyright (C) 2004 Arcom Control Systems Ltd <linux@arcom.com>
7 * Copyright (C) 2005 MontaVista Software Inc. <source@mvista.com>
9 * 2_by_8 routines added by Simon Munton
11 * 4_by_16 work by Carolyn J. Smith
13 * XIP support hooks by Vitaly Wool (based on code for Intel flash
16 * 25/09/2008 Christopher Moore: TopBottom fixup for many Macronix with CFI V1.0
18 * Occasionally maintained by Thayne Harbaugh tharbaugh at lnxi dot com
23 #include <linux/module.h>
24 #include <linux/types.h>
25 #include <linux/kernel.h>
26 #include <linux/sched.h>
28 #include <asm/byteorder.h>
30 #include <linux/errno.h>
31 #include <linux/slab.h>
32 #include <linux/delay.h>
33 #include <linux/interrupt.h>
34 #include <linux/reboot.h>
36 #include <linux/of_platform.h>
37 #include <linux/mtd/map.h>
38 #include <linux/mtd/mtd.h>
39 #include <linux/mtd/cfi.h>
40 #include <linux/mtd/xip.h>
42 #define AMD_BOOTLOC_BUG
43 #define FORCE_WORD_WRITE 0
45 #define MAX_WORD_RETRIES 3
47 #define SST49LF004B 0x0060
48 #define SST49LF040B 0x0050
49 #define SST49LF008A 0x005a
50 #define AT49BV6416 0x00d6
52 static int cfi_amdstd_read (struct mtd_info *, loff_t, size_t, size_t *, u_char *);
53 static int cfi_amdstd_write_words(struct mtd_info *, loff_t, size_t, size_t *, const u_char *);
54 static int cfi_amdstd_write_buffers(struct mtd_info *, loff_t, size_t, size_t *, const u_char *);
55 static int cfi_amdstd_erase_chip(struct mtd_info *, struct erase_info *);
56 static int cfi_amdstd_erase_varsize(struct mtd_info *, struct erase_info *);
57 static void cfi_amdstd_sync (struct mtd_info *);
58 static int cfi_amdstd_suspend (struct mtd_info *);
59 static void cfi_amdstd_resume (struct mtd_info *);
60 static int cfi_amdstd_reboot(struct notifier_block *, unsigned long, void *);
61 static int cfi_amdstd_get_fact_prot_info(struct mtd_info *, size_t,
62 size_t *, struct otp_info *);
63 static int cfi_amdstd_get_user_prot_info(struct mtd_info *, size_t,
64 size_t *, struct otp_info *);
65 static int cfi_amdstd_secsi_read (struct mtd_info *, loff_t, size_t, size_t *, u_char *);
66 static int cfi_amdstd_read_fact_prot_reg(struct mtd_info *, loff_t, size_t,
68 static int cfi_amdstd_read_user_prot_reg(struct mtd_info *, loff_t, size_t,
71 static int cfi_amdstd_panic_write(struct mtd_info *mtd, loff_t to, size_t len,
72 size_t *retlen, const u_char *buf);
74 static void cfi_amdstd_destroy(struct mtd_info *);
76 struct mtd_info *cfi_cmdset_0002(struct map_info *, int);
77 static struct mtd_info *cfi_amdstd_setup (struct mtd_info *);
79 static int get_chip(struct map_info *map, struct flchip *chip, unsigned long adr, int mode);
80 static void put_chip(struct map_info *map, struct flchip *chip, unsigned long adr);
83 static int cfi_atmel_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len);
84 static int cfi_atmel_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len);
86 static int cfi_ppb_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len);
87 static int cfi_ppb_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len);
88 static int cfi_ppb_is_locked(struct mtd_info *mtd, loff_t ofs, uint64_t len);
90 static struct mtd_chip_driver cfi_amdstd_chipdrv = {
91 .probe = NULL, /* Not usable directly */
92 .destroy = cfi_amdstd_destroy,
93 .name = "cfi_cmdset_0002",
98 /* #define DEBUG_CFI_FEATURES */
101 #ifdef DEBUG_CFI_FEATURES
102 static void cfi_tell_features(struct cfi_pri_amdstd *extp)
104 const char* erase_suspend[3] = {
105 "Not supported", "Read only", "Read/write"
107 const char* top_bottom[6] = {
108 "No WP", "8x8KiB sectors at top & bottom, no WP",
109 "Bottom boot", "Top boot",
110 "Uniform, Bottom WP", "Uniform, Top WP"
113 printk(" Silicon revision: %d\n", extp->SiliconRevision >> 1);
114 printk(" Address sensitive unlock: %s\n",
115 (extp->SiliconRevision & 1) ? "Not required" : "Required");
117 if (extp->EraseSuspend < ARRAY_SIZE(erase_suspend))
118 printk(" Erase Suspend: %s\n", erase_suspend[extp->EraseSuspend]);
120 printk(" Erase Suspend: Unknown value %d\n", extp->EraseSuspend);
122 if (extp->BlkProt == 0)
123 printk(" Block protection: Not supported\n");
125 printk(" Block protection: %d sectors per group\n", extp->BlkProt);
128 printk(" Temporary block unprotect: %s\n",
129 extp->TmpBlkUnprotect ? "Supported" : "Not supported");
130 printk(" Block protect/unprotect scheme: %d\n", extp->BlkProtUnprot);
131 printk(" Number of simultaneous operations: %d\n", extp->SimultaneousOps);
132 printk(" Burst mode: %s\n",
133 extp->BurstMode ? "Supported" : "Not supported");
134 if (extp->PageMode == 0)
135 printk(" Page mode: Not supported\n");
137 printk(" Page mode: %d word page\n", extp->PageMode << 2);
139 printk(" Vpp Supply Minimum Program/Erase Voltage: %d.%d V\n",
140 extp->VppMin >> 4, extp->VppMin & 0xf);
141 printk(" Vpp Supply Maximum Program/Erase Voltage: %d.%d V\n",
142 extp->VppMax >> 4, extp->VppMax & 0xf);
144 if (extp->TopBottom < ARRAY_SIZE(top_bottom))
145 printk(" Top/Bottom Boot Block: %s\n", top_bottom[extp->TopBottom]);
147 printk(" Top/Bottom Boot Block: Unknown value %d\n", extp->TopBottom);
151 #ifdef AMD_BOOTLOC_BUG
152 /* Wheee. Bring me the head of someone at AMD. */
153 static void fixup_amd_bootblock(struct mtd_info *mtd)
155 struct map_info *map = mtd->priv;
156 struct cfi_private *cfi = map->fldrv_priv;
157 struct cfi_pri_amdstd *extp = cfi->cmdset_priv;
158 __u8 major = extp->MajorVersion;
159 __u8 minor = extp->MinorVersion;
161 if (((major << 8) | minor) < 0x3131) {
162 /* CFI version 1.0 => don't trust bootloc */
164 pr_debug("%s: JEDEC Vendor ID is 0x%02X Device ID is 0x%02X\n",
165 map->name, cfi->mfr, cfi->id);
167 /* AFAICS all 29LV400 with a bottom boot block have a device ID
168 * of 0x22BA in 16-bit mode and 0xBA in 8-bit mode.
169 * These were badly detected as they have the 0x80 bit set
170 * so treat them as a special case.
172 if (((cfi->id == 0xBA) || (cfi->id == 0x22BA)) &&
174 /* Macronix added CFI to their 2nd generation
175 * MX29LV400C B/T but AFAICS no other 29LV400 (AMD,
176 * Fujitsu, Spansion, EON, ESI and older Macronix)
179 * Therefore also check the manufacturer.
180 * This reduces the risk of false detection due to
181 * the 8-bit device ID.
183 (cfi->mfr == CFI_MFR_MACRONIX)) {
184 pr_debug("%s: Macronix MX29LV400C with bottom boot block"
185 " detected\n", map->name);
186 extp->TopBottom = 2; /* bottom boot */
188 if (cfi->id & 0x80) {
189 printk(KERN_WARNING "%s: JEDEC Device ID is 0x%02X. Assuming broken CFI table.\n", map->name, cfi->id);
190 extp->TopBottom = 3; /* top boot */
192 extp->TopBottom = 2; /* bottom boot */
195 pr_debug("%s: AMD CFI PRI V%c.%c has no boot block field;"
196 " deduced %s from Device ID\n", map->name, major, minor,
197 extp->TopBottom == 2 ? "bottom" : "top");
202 static void fixup_use_write_buffers(struct mtd_info *mtd)
204 struct map_info *map = mtd->priv;
205 struct cfi_private *cfi = map->fldrv_priv;
206 if (cfi->cfiq->BufWriteTimeoutTyp) {
207 pr_debug("Using buffer write method\n" );
208 mtd->_write = cfi_amdstd_write_buffers;
212 /* Atmel chips don't use the same PRI format as AMD chips */
213 static void fixup_convert_atmel_pri(struct mtd_info *mtd)
215 struct map_info *map = mtd->priv;
216 struct cfi_private *cfi = map->fldrv_priv;
217 struct cfi_pri_amdstd *extp = cfi->cmdset_priv;
218 struct cfi_pri_atmel atmel_pri;
220 memcpy(&atmel_pri, extp, sizeof(atmel_pri));
221 memset((char *)extp + 5, 0, sizeof(*extp) - 5);
223 if (atmel_pri.Features & 0x02)
224 extp->EraseSuspend = 2;
226 /* Some chips got it backwards... */
227 if (cfi->id == AT49BV6416) {
228 if (atmel_pri.BottomBoot)
233 if (atmel_pri.BottomBoot)
239 /* burst write mode not supported */
240 cfi->cfiq->BufWriteTimeoutTyp = 0;
241 cfi->cfiq->BufWriteTimeoutMax = 0;
244 static void fixup_use_secsi(struct mtd_info *mtd)
246 /* Setup for chips with a secsi area */
247 mtd->_read_user_prot_reg = cfi_amdstd_secsi_read;
248 mtd->_read_fact_prot_reg = cfi_amdstd_secsi_read;
251 static void fixup_use_erase_chip(struct mtd_info *mtd)
253 struct map_info *map = mtd->priv;
254 struct cfi_private *cfi = map->fldrv_priv;
255 if ((cfi->cfiq->NumEraseRegions == 1) &&
256 ((cfi->cfiq->EraseRegionInfo[0] & 0xffff) == 0)) {
257 mtd->_erase = cfi_amdstd_erase_chip;
263 * Some Atmel chips (e.g. the AT49BV6416) power-up with all sectors
266 static void fixup_use_atmel_lock(struct mtd_info *mtd)
268 mtd->_lock = cfi_atmel_lock;
269 mtd->_unlock = cfi_atmel_unlock;
270 mtd->flags |= MTD_POWERUP_LOCK;
273 static void fixup_old_sst_eraseregion(struct mtd_info *mtd)
275 struct map_info *map = mtd->priv;
276 struct cfi_private *cfi = map->fldrv_priv;
279 * These flashes report two separate eraseblock regions based on the
280 * sector_erase-size and block_erase-size, although they both operate on the
281 * same memory. This is not allowed according to CFI, so we just pick the
284 cfi->cfiq->NumEraseRegions = 1;
287 static void fixup_sst39vf(struct mtd_info *mtd)
289 struct map_info *map = mtd->priv;
290 struct cfi_private *cfi = map->fldrv_priv;
292 fixup_old_sst_eraseregion(mtd);
294 cfi->addr_unlock1 = 0x5555;
295 cfi->addr_unlock2 = 0x2AAA;
298 static void fixup_sst39vf_rev_b(struct mtd_info *mtd)
300 struct map_info *map = mtd->priv;
301 struct cfi_private *cfi = map->fldrv_priv;
303 fixup_old_sst_eraseregion(mtd);
305 cfi->addr_unlock1 = 0x555;
306 cfi->addr_unlock2 = 0x2AA;
308 cfi->sector_erase_cmd = CMD(0x50);
311 static void fixup_sst38vf640x_sectorsize(struct mtd_info *mtd)
313 struct map_info *map = mtd->priv;
314 struct cfi_private *cfi = map->fldrv_priv;
316 fixup_sst39vf_rev_b(mtd);
319 * CFI reports 1024 sectors (0x03ff+1) of 64KBytes (0x0100*256) where
320 * it should report a size of 8KBytes (0x0020*256).
322 cfi->cfiq->EraseRegionInfo[0] = 0x002003ff;
323 pr_warning("%s: Bad 38VF640x CFI data; adjusting sector size from 64 to 8KiB\n", mtd->name);
326 static void fixup_s29gl064n_sectors(struct mtd_info *mtd)
328 struct map_info *map = mtd->priv;
329 struct cfi_private *cfi = map->fldrv_priv;
331 if ((cfi->cfiq->EraseRegionInfo[0] & 0xffff) == 0x003f) {
332 cfi->cfiq->EraseRegionInfo[0] |= 0x0040;
333 pr_warning("%s: Bad S29GL064N CFI data; adjust from 64 to 128 sectors\n", mtd->name);
337 static void fixup_s29gl032n_sectors(struct mtd_info *mtd)
339 struct map_info *map = mtd->priv;
340 struct cfi_private *cfi = map->fldrv_priv;
342 if ((cfi->cfiq->EraseRegionInfo[1] & 0xffff) == 0x007e) {
343 cfi->cfiq->EraseRegionInfo[1] &= ~0x0040;
344 pr_warning("%s: Bad S29GL032N CFI data; adjust from 127 to 63 sectors\n", mtd->name);
348 static void fixup_s29ns512p_sectors(struct mtd_info *mtd)
350 struct map_info *map = mtd->priv;
351 struct cfi_private *cfi = map->fldrv_priv;
354 * S29NS512P flash uses more than 8bits to report number of sectors,
355 * which is not permitted by CFI.
357 cfi->cfiq->EraseRegionInfo[0] = 0x020001ff;
358 pr_warning("%s: Bad S29NS512P CFI data; adjust to 512 sectors\n", mtd->name);
361 /* Used to fix CFI-Tables of chips without Extended Query Tables */
362 static struct cfi_fixup cfi_nopri_fixup_table[] = {
363 { CFI_MFR_SST, 0x234a, fixup_sst39vf }, /* SST39VF1602 */
364 { CFI_MFR_SST, 0x234b, fixup_sst39vf }, /* SST39VF1601 */
365 { CFI_MFR_SST, 0x235a, fixup_sst39vf }, /* SST39VF3202 */
366 { CFI_MFR_SST, 0x235b, fixup_sst39vf }, /* SST39VF3201 */
367 { CFI_MFR_SST, 0x235c, fixup_sst39vf_rev_b }, /* SST39VF3202B */
368 { CFI_MFR_SST, 0x235d, fixup_sst39vf_rev_b }, /* SST39VF3201B */
369 { CFI_MFR_SST, 0x236c, fixup_sst39vf_rev_b }, /* SST39VF6402B */
370 { CFI_MFR_SST, 0x236d, fixup_sst39vf_rev_b }, /* SST39VF6401B */
374 static struct cfi_fixup cfi_fixup_table[] = {
375 { CFI_MFR_ATMEL, CFI_ID_ANY, fixup_convert_atmel_pri },
376 #ifdef AMD_BOOTLOC_BUG
377 { CFI_MFR_AMD, CFI_ID_ANY, fixup_amd_bootblock },
378 { CFI_MFR_AMIC, CFI_ID_ANY, fixup_amd_bootblock },
379 { CFI_MFR_MACRONIX, CFI_ID_ANY, fixup_amd_bootblock },
381 { CFI_MFR_AMD, 0x0050, fixup_use_secsi },
382 { CFI_MFR_AMD, 0x0053, fixup_use_secsi },
383 { CFI_MFR_AMD, 0x0055, fixup_use_secsi },
384 { CFI_MFR_AMD, 0x0056, fixup_use_secsi },
385 { CFI_MFR_AMD, 0x005C, fixup_use_secsi },
386 { CFI_MFR_AMD, 0x005F, fixup_use_secsi },
387 { CFI_MFR_AMD, 0x0c01, fixup_s29gl064n_sectors },
388 { CFI_MFR_AMD, 0x1301, fixup_s29gl064n_sectors },
389 { CFI_MFR_AMD, 0x1a00, fixup_s29gl032n_sectors },
390 { CFI_MFR_AMD, 0x1a01, fixup_s29gl032n_sectors },
391 { CFI_MFR_AMD, 0x3f00, fixup_s29ns512p_sectors },
392 { CFI_MFR_SST, 0x536a, fixup_sst38vf640x_sectorsize }, /* SST38VF6402 */
393 { CFI_MFR_SST, 0x536b, fixup_sst38vf640x_sectorsize }, /* SST38VF6401 */
394 { CFI_MFR_SST, 0x536c, fixup_sst38vf640x_sectorsize }, /* SST38VF6404 */
395 { CFI_MFR_SST, 0x536d, fixup_sst38vf640x_sectorsize }, /* SST38VF6403 */
396 #if !FORCE_WORD_WRITE
397 { CFI_MFR_ANY, CFI_ID_ANY, fixup_use_write_buffers },
401 static struct cfi_fixup jedec_fixup_table[] = {
402 { CFI_MFR_SST, SST49LF004B, fixup_use_fwh_lock },
403 { CFI_MFR_SST, SST49LF040B, fixup_use_fwh_lock },
404 { CFI_MFR_SST, SST49LF008A, fixup_use_fwh_lock },
408 static struct cfi_fixup fixup_table[] = {
409 /* The CFI vendor ids and the JEDEC vendor IDs appear
410 * to be common. It is like the devices id's are as
411 * well. This table is to pick all cases where
412 * we know that is the case.
414 { CFI_MFR_ANY, CFI_ID_ANY, fixup_use_erase_chip },
415 { CFI_MFR_ATMEL, AT49BV6416, fixup_use_atmel_lock },
420 static void cfi_fixup_major_minor(struct cfi_private *cfi,
421 struct cfi_pri_amdstd *extp)
423 if (cfi->mfr == CFI_MFR_SAMSUNG) {
424 if ((extp->MajorVersion == '0' && extp->MinorVersion == '0') ||
425 (extp->MajorVersion == '3' && extp->MinorVersion == '3')) {
427 * Samsung K8P2815UQB and K8D6x16UxM chips
428 * report major=0 / minor=0.
429 * K8D3x16UxC chips report major=3 / minor=3.
431 printk(KERN_NOTICE " Fixing Samsung's Amd/Fujitsu"
432 " Extended Query version to 1.%c\n",
434 extp->MajorVersion = '1';
439 * SST 38VF640x chips report major=0xFF / minor=0xFF.
441 if (cfi->mfr == CFI_MFR_SST && (cfi->id >> 4) == 0x0536) {
442 extp->MajorVersion = '1';
443 extp->MinorVersion = '0';
447 static int is_m29ew(struct cfi_private *cfi)
449 if (cfi->mfr == CFI_MFR_INTEL &&
450 ((cfi->device_type == CFI_DEVICETYPE_X8 && (cfi->id & 0xff) == 0x7e) ||
451 (cfi->device_type == CFI_DEVICETYPE_X16 && cfi->id == 0x227e)))
457 * From TN-13-07: Patching the Linux Kernel and U-Boot for M29 Flash, page 20:
458 * Some revisions of the M29EW suffer from erase suspend hang ups. In
459 * particular, it can occur when the sequence
460 * Erase Confirm -> Suspend -> Program -> Resume
461 * causes a lockup due to internal timing issues. The consequence is that the
462 * erase cannot be resumed without inserting a dummy command after programming
463 * and prior to resuming. [...] The work-around is to issue a dummy write cycle
464 * that writes an F0 command code before the RESUME command.
466 static void cfi_fixup_m29ew_erase_suspend(struct map_info *map,
469 struct cfi_private *cfi = map->fldrv_priv;
470 /* before resume, insert a dummy 0xF0 cycle for Micron M29EW devices */
472 map_write(map, CMD(0xF0), adr);
476 * From TN-13-07: Patching the Linux Kernel and U-Boot for M29 Flash, page 22:
478 * Some revisions of the M29EW (for example, A1 and A2 step revisions)
479 * are affected by a problem that could cause a hang up when an ERASE SUSPEND
480 * command is issued after an ERASE RESUME operation without waiting for a
481 * minimum delay. The result is that once the ERASE seems to be completed
482 * (no bits are toggling), the contents of the Flash memory block on which
483 * the erase was ongoing could be inconsistent with the expected values
484 * (typically, the array value is stuck to the 0xC0, 0xC4, 0x80, or 0x84
485 * values), causing a consequent failure of the ERASE operation.
486 * The occurrence of this issue could be high, especially when file system
487 * operations on the Flash are intensive. As a result, it is recommended
488 * that a patch be applied. Intensive file system operations can cause many
489 * calls to the garbage routine to free Flash space (also by erasing physical
490 * Flash blocks) and as a result, many consecutive SUSPEND and RESUME
491 * commands can occur. The problem disappears when a delay is inserted after
492 * the RESUME command by using the udelay() function available in Linux.
493 * The DELAY value must be tuned based on the customer's platform.
494 * The maximum value that fixes the problem in all cases is 500us.
495 * But, in our experience, a delay of 30 µs to 50 µs is sufficient
497 * We have chosen 500µs because this latency is acceptable.
499 static void cfi_fixup_m29ew_delay_after_resume(struct cfi_private *cfi)
502 * Resolving the Delay After Resume Issue see Micron TN-13-07
503 * Worst case delay must be 500µs but 30-50µs should be ok as well
509 struct mtd_info *cfi_cmdset_0002(struct map_info *map, int primary)
511 struct cfi_private *cfi = map->fldrv_priv;
512 struct device_node __maybe_unused *np = map->device_node;
513 struct mtd_info *mtd;
516 mtd = kzalloc(sizeof(*mtd), GFP_KERNEL);
520 mtd->type = MTD_NORFLASH;
522 /* Fill in the default mtd operations */
523 mtd->_erase = cfi_amdstd_erase_varsize;
524 mtd->_write = cfi_amdstd_write_words;
525 mtd->_read = cfi_amdstd_read;
526 mtd->_sync = cfi_amdstd_sync;
527 mtd->_suspend = cfi_amdstd_suspend;
528 mtd->_resume = cfi_amdstd_resume;
529 mtd->_read_user_prot_reg = cfi_amdstd_read_user_prot_reg;
530 mtd->_read_fact_prot_reg = cfi_amdstd_read_fact_prot_reg;
531 mtd->_get_fact_prot_info = cfi_amdstd_get_fact_prot_info;
532 mtd->_get_user_prot_info = cfi_amdstd_get_user_prot_info;
533 mtd->flags = MTD_CAP_NORFLASH;
534 mtd->name = map->name;
536 mtd->writebufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
538 pr_debug("MTD %s(): write buffer size %d\n", __func__,
541 mtd->_panic_write = cfi_amdstd_panic_write;
542 mtd->reboot_notifier.notifier_call = cfi_amdstd_reboot;
544 if (cfi->cfi_mode==CFI_MODE_CFI){
545 unsigned char bootloc;
546 __u16 adr = primary?cfi->cfiq->P_ADR:cfi->cfiq->A_ADR;
547 struct cfi_pri_amdstd *extp;
549 extp = (struct cfi_pri_amdstd*)cfi_read_pri(map, adr, sizeof(*extp), "Amd/Fujitsu");
552 * It's a real CFI chip, not one for which the probe
553 * routine faked a CFI structure.
555 cfi_fixup_major_minor(cfi, extp);
558 * Valid primary extension versions are: 1.0, 1.1, 1.2, 1.3, 1.4, 1.5
559 * see: http://cs.ozerki.net/zap/pub/axim-x5/docs/cfi_r20.pdf, page 19
560 * http://www.spansion.com/Support/AppNotes/cfi_100_20011201.pdf
561 * http://www.spansion.com/Support/Datasheets/s29ws-p_00_a12_e.pdf
562 * http://www.spansion.com/Support/Datasheets/S29GL_128S_01GS_00_02_e.pdf
564 if (extp->MajorVersion != '1' ||
565 (extp->MajorVersion == '1' && (extp->MinorVersion < '0' || extp->MinorVersion > '5'))) {
566 printk(KERN_ERR " Unknown Amd/Fujitsu Extended Query "
567 "version %c.%c (%#02x/%#02x).\n",
568 extp->MajorVersion, extp->MinorVersion,
569 extp->MajorVersion, extp->MinorVersion);
575 printk(KERN_INFO " Amd/Fujitsu Extended Query version %c.%c.\n",
576 extp->MajorVersion, extp->MinorVersion);
578 /* Install our own private info structure */
579 cfi->cmdset_priv = extp;
581 /* Apply cfi device specific fixups */
582 cfi_fixup(mtd, cfi_fixup_table);
584 #ifdef DEBUG_CFI_FEATURES
585 /* Tell the user about it in lots of lovely detail */
586 cfi_tell_features(extp);
590 if (np && of_property_read_bool(
591 np, "use-advanced-sector-protection")
592 && extp->BlkProtUnprot == 8) {
593 printk(KERN_INFO " Advanced Sector Protection (PPB Locking) supported\n");
594 mtd->_lock = cfi_ppb_lock;
595 mtd->_unlock = cfi_ppb_unlock;
596 mtd->_is_locked = cfi_ppb_is_locked;
600 bootloc = extp->TopBottom;
601 if ((bootloc < 2) || (bootloc > 5)) {
602 printk(KERN_WARNING "%s: CFI contains unrecognised boot "
603 "bank location (%d). Assuming bottom.\n",
608 if (bootloc == 3 && cfi->cfiq->NumEraseRegions > 1) {
609 printk(KERN_WARNING "%s: Swapping erase regions for top-boot CFI table.\n", map->name);
611 for (i=0; i<cfi->cfiq->NumEraseRegions / 2; i++) {
612 int j = (cfi->cfiq->NumEraseRegions-1)-i;
615 swap = cfi->cfiq->EraseRegionInfo[i];
616 cfi->cfiq->EraseRegionInfo[i] = cfi->cfiq->EraseRegionInfo[j];
617 cfi->cfiq->EraseRegionInfo[j] = swap;
620 /* Set the default CFI lock/unlock addresses */
621 cfi->addr_unlock1 = 0x555;
622 cfi->addr_unlock2 = 0x2aa;
624 cfi_fixup(mtd, cfi_nopri_fixup_table);
626 if (!cfi->addr_unlock1 || !cfi->addr_unlock2) {
632 else if (cfi->cfi_mode == CFI_MODE_JEDEC) {
633 /* Apply jedec specific fixups */
634 cfi_fixup(mtd, jedec_fixup_table);
636 /* Apply generic fixups */
637 cfi_fixup(mtd, fixup_table);
639 for (i=0; i< cfi->numchips; i++) {
640 cfi->chips[i].word_write_time = 1<<cfi->cfiq->WordWriteTimeoutTyp;
641 cfi->chips[i].buffer_write_time = 1<<cfi->cfiq->BufWriteTimeoutTyp;
642 cfi->chips[i].erase_time = 1<<cfi->cfiq->BlockEraseTimeoutTyp;
643 cfi->chips[i].ref_point_counter = 0;
644 init_waitqueue_head(&(cfi->chips[i].wq));
647 map->fldrv = &cfi_amdstd_chipdrv;
649 return cfi_amdstd_setup(mtd);
651 struct mtd_info *cfi_cmdset_0006(struct map_info *map, int primary) __attribute__((alias("cfi_cmdset_0002")));
652 struct mtd_info *cfi_cmdset_0701(struct map_info *map, int primary) __attribute__((alias("cfi_cmdset_0002")));
653 EXPORT_SYMBOL_GPL(cfi_cmdset_0002);
654 EXPORT_SYMBOL_GPL(cfi_cmdset_0006);
655 EXPORT_SYMBOL_GPL(cfi_cmdset_0701);
657 static struct mtd_info *cfi_amdstd_setup(struct mtd_info *mtd)
659 struct map_info *map = mtd->priv;
660 struct cfi_private *cfi = map->fldrv_priv;
661 unsigned long devsize = (1<<cfi->cfiq->DevSize) * cfi->interleave;
662 unsigned long offset = 0;
665 printk(KERN_NOTICE "number of %s chips: %d\n",
666 (cfi->cfi_mode == CFI_MODE_CFI)?"CFI":"JEDEC",cfi->numchips);
667 /* Select the correct geometry setup */
668 mtd->size = devsize * cfi->numchips;
670 mtd->numeraseregions = cfi->cfiq->NumEraseRegions * cfi->numchips;
671 mtd->eraseregions = kmalloc(sizeof(struct mtd_erase_region_info)
672 * mtd->numeraseregions, GFP_KERNEL);
673 if (!mtd->eraseregions)
676 for (i=0; i<cfi->cfiq->NumEraseRegions; i++) {
677 unsigned long ernum, ersize;
678 ersize = ((cfi->cfiq->EraseRegionInfo[i] >> 8) & ~0xff) * cfi->interleave;
679 ernum = (cfi->cfiq->EraseRegionInfo[i] & 0xffff) + 1;
681 if (mtd->erasesize < ersize) {
682 mtd->erasesize = ersize;
684 for (j=0; j<cfi->numchips; j++) {
685 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].offset = (j*devsize)+offset;
686 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].erasesize = ersize;
687 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].numblocks = ernum;
689 offset += (ersize * ernum);
691 if (offset != devsize) {
693 printk(KERN_WARNING "Sum of regions (%lx) != total size of set of interleaved chips (%lx)\n", offset, devsize);
697 __module_get(THIS_MODULE);
698 register_reboot_notifier(&mtd->reboot_notifier);
702 kfree(mtd->eraseregions);
704 kfree(cfi->cmdset_priv);
710 * Return true if the chip is ready.
712 * Ready is one of: read mode, query mode, erase-suspend-read mode (in any
713 * non-suspended sector) and is indicated by no toggle bits toggling.
715 * Note that anything more complicated than checking if no bits are toggling
716 * (including checking DQ5 for an error status) is tricky to get working
717 * correctly and is therefore not done (particularly with interleaved chips
718 * as each chip must be checked independently of the others).
720 static int __xipram chip_ready(struct map_info *map, unsigned long addr)
724 d = map_read(map, addr);
725 t = map_read(map, addr);
727 return map_word_equal(map, d, t);
731 * Return true if the chip is ready and has the correct value.
733 * Ready is one of: read mode, query mode, erase-suspend-read mode (in any
734 * non-suspended sector) and it is indicated by no bits toggling.
736 * Error are indicated by toggling bits or bits held with the wrong value,
737 * or with bits toggling.
739 * Note that anything more complicated than checking if no bits are toggling
740 * (including checking DQ5 for an error status) is tricky to get working
741 * correctly and is therefore not done (particularly with interleaved chips
742 * as each chip must be checked independently of the others).
745 static int __xipram chip_good(struct map_info *map, unsigned long addr, map_word expected)
749 oldd = map_read(map, addr);
750 curd = map_read(map, addr);
752 return map_word_equal(map, oldd, curd) &&
753 map_word_equal(map, curd, expected);
756 static int get_chip(struct map_info *map, struct flchip *chip, unsigned long adr, int mode)
758 DECLARE_WAITQUEUE(wait, current);
759 struct cfi_private *cfi = map->fldrv_priv;
761 struct cfi_pri_amdstd *cfip = (struct cfi_pri_amdstd *)cfi->cmdset_priv;
764 timeo = jiffies + HZ;
766 switch (chip->state) {
770 if (chip_ready(map, adr))
773 if (time_after(jiffies, timeo)) {
774 printk(KERN_ERR "Waiting for chip to be ready timed out.\n");
777 mutex_unlock(&chip->mutex);
779 mutex_lock(&chip->mutex);
780 /* Someone else might have been playing with it. */
790 if (!cfip || !(cfip->EraseSuspend & (0x1|0x2)) ||
791 !(mode == FL_READY || mode == FL_POINT ||
792 (mode == FL_WRITING && (cfip->EraseSuspend & 0x2))))
795 /* We could check to see if we're trying to access the sector
796 * that is currently being erased. However, no user will try
797 * anything like that so we just wait for the timeout. */
800 /* It's harmless to issue the Erase-Suspend and Erase-Resume
801 * commands when the erase algorithm isn't in progress. */
802 map_write(map, CMD(0xB0), chip->in_progress_block_addr);
803 chip->oldstate = FL_ERASING;
804 chip->state = FL_ERASE_SUSPENDING;
805 chip->erase_suspended = 1;
807 if (chip_ready(map, adr))
810 if (time_after(jiffies, timeo)) {
811 /* Should have suspended the erase by now.
812 * Send an Erase-Resume command as either
813 * there was an error (so leave the erase
814 * routine to recover from it) or we trying to
815 * use the erase-in-progress sector. */
816 put_chip(map, chip, adr);
817 printk(KERN_ERR "MTD %s(): chip not ready after erase suspend\n", __func__);
821 mutex_unlock(&chip->mutex);
823 mutex_lock(&chip->mutex);
824 /* Nobody will touch it while it's in state FL_ERASE_SUSPENDING.
825 So we can just loop here. */
827 chip->state = FL_READY;
830 case FL_XIP_WHILE_ERASING:
831 if (mode != FL_READY && mode != FL_POINT &&
832 (!cfip || !(cfip->EraseSuspend&2)))
834 chip->oldstate = chip->state;
835 chip->state = FL_READY;
839 /* The machine is rebooting */
843 /* Only if there's no operation suspended... */
844 if (mode == FL_READY && chip->oldstate == FL_READY)
849 set_current_state(TASK_UNINTERRUPTIBLE);
850 add_wait_queue(&chip->wq, &wait);
851 mutex_unlock(&chip->mutex);
853 remove_wait_queue(&chip->wq, &wait);
854 mutex_lock(&chip->mutex);
860 static void put_chip(struct map_info *map, struct flchip *chip, unsigned long adr)
862 struct cfi_private *cfi = map->fldrv_priv;
864 switch(chip->oldstate) {
866 cfi_fixup_m29ew_erase_suspend(map,
867 chip->in_progress_block_addr);
868 map_write(map, cfi->sector_erase_cmd, chip->in_progress_block_addr);
869 cfi_fixup_m29ew_delay_after_resume(cfi);
870 chip->oldstate = FL_READY;
871 chip->state = FL_ERASING;
874 case FL_XIP_WHILE_ERASING:
875 chip->state = chip->oldstate;
876 chip->oldstate = FL_READY;
883 printk(KERN_ERR "MTD: put_chip() called with oldstate %d!!\n", chip->oldstate);
888 #ifdef CONFIG_MTD_XIP
891 * No interrupt what so ever can be serviced while the flash isn't in array
892 * mode. This is ensured by the xip_disable() and xip_enable() functions
893 * enclosing any code path where the flash is known not to be in array mode.
894 * And within a XIP disabled code path, only functions marked with __xipram
895 * may be called and nothing else (it's a good thing to inspect generated
896 * assembly to make sure inline functions were actually inlined and that gcc
897 * didn't emit calls to its own support functions). Also configuring MTD CFI
898 * support to a single buswidth and a single interleave is also recommended.
901 static void xip_disable(struct map_info *map, struct flchip *chip,
904 /* TODO: chips with no XIP use should ignore and return */
905 (void) map_read(map, adr); /* ensure mmu mapping is up to date */
909 static void __xipram xip_enable(struct map_info *map, struct flchip *chip,
912 struct cfi_private *cfi = map->fldrv_priv;
914 if (chip->state != FL_POINT && chip->state != FL_READY) {
915 map_write(map, CMD(0xf0), adr);
916 chip->state = FL_READY;
918 (void) map_read(map, adr);
924 * When a delay is required for the flash operation to complete, the
925 * xip_udelay() function is polling for both the given timeout and pending
926 * (but still masked) hardware interrupts. Whenever there is an interrupt
927 * pending then the flash erase operation is suspended, array mode restored
928 * and interrupts unmasked. Task scheduling might also happen at that
929 * point. The CPU eventually returns from the interrupt or the call to
930 * schedule() and the suspended flash operation is resumed for the remaining
931 * of the delay period.
933 * Warning: this function _will_ fool interrupt latency tracing tools.
936 static void __xipram xip_udelay(struct map_info *map, struct flchip *chip,
937 unsigned long adr, int usec)
939 struct cfi_private *cfi = map->fldrv_priv;
940 struct cfi_pri_amdstd *extp = cfi->cmdset_priv;
941 map_word status, OK = CMD(0x80);
942 unsigned long suspended, start = xip_currtime();
947 if (xip_irqpending() && extp &&
948 ((chip->state == FL_ERASING && (extp->EraseSuspend & 2))) &&
949 (cfi_interleave_is_1(cfi) || chip->oldstate == FL_READY)) {
951 * Let's suspend the erase operation when supported.
952 * Note that we currently don't try to suspend
953 * interleaved chips if there is already another
954 * operation suspended (imagine what happens
955 * when one chip was already done with the current
956 * operation while another chip suspended it, then
957 * we resume the whole thing at once). Yes, it
960 map_write(map, CMD(0xb0), adr);
961 usec -= xip_elapsed_since(start);
962 suspended = xip_currtime();
964 if (xip_elapsed_since(suspended) > 100000) {
966 * The chip doesn't want to suspend
967 * after waiting for 100 msecs.
968 * This is a critical error but there
969 * is not much we can do here.
973 status = map_read(map, adr);
974 } while (!map_word_andequal(map, status, OK, OK));
976 /* Suspend succeeded */
977 oldstate = chip->state;
978 if (!map_word_bitsset(map, status, CMD(0x40)))
980 chip->state = FL_XIP_WHILE_ERASING;
981 chip->erase_suspended = 1;
982 map_write(map, CMD(0xf0), adr);
983 (void) map_read(map, adr);
986 mutex_unlock(&chip->mutex);
991 * We're back. However someone else might have
992 * decided to go write to the chip if we are in
993 * a suspended erase state. If so let's wait
996 mutex_lock(&chip->mutex);
997 while (chip->state != FL_XIP_WHILE_ERASING) {
998 DECLARE_WAITQUEUE(wait, current);
999 set_current_state(TASK_UNINTERRUPTIBLE);
1000 add_wait_queue(&chip->wq, &wait);
1001 mutex_unlock(&chip->mutex);
1003 remove_wait_queue(&chip->wq, &wait);
1004 mutex_lock(&chip->mutex);
1006 /* Disallow XIP again */
1007 local_irq_disable();
1009 /* Correct Erase Suspend Hangups for M29EW */
1010 cfi_fixup_m29ew_erase_suspend(map, adr);
1011 /* Resume the write or erase operation */
1012 map_write(map, cfi->sector_erase_cmd, adr);
1013 chip->state = oldstate;
1014 start = xip_currtime();
1015 } else if (usec >= 1000000/HZ) {
1017 * Try to save on CPU power when waiting delay
1018 * is at least a system timer tick period.
1019 * No need to be extremely accurate here.
1023 status = map_read(map, adr);
1024 } while (!map_word_andequal(map, status, OK, OK)
1025 && xip_elapsed_since(start) < usec);
1028 #define UDELAY(map, chip, adr, usec) xip_udelay(map, chip, adr, usec)
1031 * The INVALIDATE_CACHED_RANGE() macro is normally used in parallel while
1032 * the flash is actively programming or erasing since we have to poll for
1033 * the operation to complete anyway. We can't do that in a generic way with
1034 * a XIP setup so do it before the actual flash operation in this case
1035 * and stub it out from INVALIDATE_CACHE_UDELAY.
1037 #define XIP_INVAL_CACHED_RANGE(map, from, size) \
1038 INVALIDATE_CACHED_RANGE(map, from, size)
1040 #define INVALIDATE_CACHE_UDELAY(map, chip, adr, len, usec) \
1041 UDELAY(map, chip, adr, usec)
1046 * Activating this XIP support changes the way the code works a bit. For
1047 * example the code to suspend the current process when concurrent access
1048 * happens is never executed because xip_udelay() will always return with the
1049 * same chip state as it was entered with. This is why there is no care for
1050 * the presence of add_wait_queue() or schedule() calls from within a couple
1051 * xip_disable()'d areas of code, like in do_erase_oneblock for example.
1052 * The queueing and scheduling are always happening within xip_udelay().
1054 * Similarly, get_chip() and put_chip() just happen to always be executed
1055 * with chip->state set to FL_READY (or FL_XIP_WHILE_*) where flash state
1056 * is in array mode, therefore never executing many cases therein and not
1057 * causing any problem with XIP.
1062 #define xip_disable(map, chip, adr)
1063 #define xip_enable(map, chip, adr)
1064 #define XIP_INVAL_CACHED_RANGE(x...)
1066 #define UDELAY(map, chip, adr, usec) \
1068 mutex_unlock(&chip->mutex); \
1070 mutex_lock(&chip->mutex); \
1073 #define INVALIDATE_CACHE_UDELAY(map, chip, adr, len, usec) \
1075 mutex_unlock(&chip->mutex); \
1076 INVALIDATE_CACHED_RANGE(map, adr, len); \
1078 mutex_lock(&chip->mutex); \
1083 static inline int do_read_onechip(struct map_info *map, struct flchip *chip, loff_t adr, size_t len, u_char *buf)
1085 unsigned long cmd_addr;
1086 struct cfi_private *cfi = map->fldrv_priv;
1091 /* Ensure cmd read/writes are aligned. */
1092 cmd_addr = adr & ~(map_bankwidth(map)-1);
1094 mutex_lock(&chip->mutex);
1095 ret = get_chip(map, chip, cmd_addr, FL_READY);
1097 mutex_unlock(&chip->mutex);
1101 if (chip->state != FL_POINT && chip->state != FL_READY) {
1102 map_write(map, CMD(0xf0), cmd_addr);
1103 chip->state = FL_READY;
1106 map_copy_from(map, buf, adr, len);
1108 put_chip(map, chip, cmd_addr);
1110 mutex_unlock(&chip->mutex);
1115 static int cfi_amdstd_read (struct mtd_info *mtd, loff_t from, size_t len, size_t *retlen, u_char *buf)
1117 struct map_info *map = mtd->priv;
1118 struct cfi_private *cfi = map->fldrv_priv;
1123 /* ofs: offset within the first chip that the first read should start */
1124 chipnum = (from >> cfi->chipshift);
1125 ofs = from - (chipnum << cfi->chipshift);
1128 unsigned long thislen;
1130 if (chipnum >= cfi->numchips)
1133 if ((len + ofs -1) >> cfi->chipshift)
1134 thislen = (1<<cfi->chipshift) - ofs;
1138 ret = do_read_onechip(map, &cfi->chips[chipnum], ofs, thislen, buf);
1152 typedef int (*otp_op_t)(struct map_info *map, struct flchip *chip,
1153 loff_t adr, size_t len, u_char *buf);
1155 static inline int do_read_secsi_onechip(struct map_info *map, struct flchip *chip, loff_t adr, size_t len, u_char *buf)
1157 DECLARE_WAITQUEUE(wait, current);
1158 unsigned long timeo = jiffies + HZ;
1159 struct cfi_private *cfi = map->fldrv_priv;
1162 mutex_lock(&chip->mutex);
1164 if (chip->state != FL_READY){
1165 set_current_state(TASK_UNINTERRUPTIBLE);
1166 add_wait_queue(&chip->wq, &wait);
1168 mutex_unlock(&chip->mutex);
1171 remove_wait_queue(&chip->wq, &wait);
1172 timeo = jiffies + HZ;
1179 chip->state = FL_READY;
1181 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
1182 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL);
1183 cfi_send_gen_cmd(0x88, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
1185 map_copy_from(map, buf, adr, len);
1187 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
1188 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL);
1189 cfi_send_gen_cmd(0x90, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
1190 cfi_send_gen_cmd(0x00, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
1193 mutex_unlock(&chip->mutex);
1198 static int cfi_amdstd_secsi_read (struct mtd_info *mtd, loff_t from, size_t len, size_t *retlen, u_char *buf)
1200 struct map_info *map = mtd->priv;
1201 struct cfi_private *cfi = map->fldrv_priv;
1206 /* ofs: offset within the first chip that the first read should start */
1207 /* 8 secsi bytes per chip */
1212 unsigned long thislen;
1214 if (chipnum >= cfi->numchips)
1217 if ((len + ofs -1) >> 3)
1218 thislen = (1<<3) - ofs;
1222 ret = do_read_secsi_onechip(map, &cfi->chips[chipnum], ofs, thislen, buf);
1236 static int cfi_amdstd_otp_walk(struct mtd_info *mtd, loff_t from, size_t len,
1237 size_t *retlen, u_char *buf,
1238 otp_op_t action, int user_regs)
1240 struct map_info *map = mtd->priv;
1241 struct cfi_private *cfi = map->fldrv_priv;
1242 int ofs_factor = cfi->interleave * cfi->device_type;
1245 struct flchip *chip;
1246 uint8_t otp, lockreg;
1249 size_t user_size, factory_size, otpsize;
1250 loff_t user_offset, factory_offset, otpoffset;
1251 int user_locked = 0, otplocked;
1255 for (chipnum = 0; chipnum < cfi->numchips; chipnum++) {
1256 chip = &cfi->chips[chipnum];
1260 /* Micron M29EW family */
1261 if (is_m29ew(cfi)) {
1264 /* check whether secsi area is factory locked
1266 mutex_lock(&chip->mutex);
1267 ret = get_chip(map, chip, base, FL_CFI_QUERY);
1269 mutex_unlock(&chip->mutex);
1272 cfi_qry_mode_on(base, map, cfi);
1273 otp = cfi_read_query(map, base + 0x3 * ofs_factor);
1274 cfi_qry_mode_off(base, map, cfi);
1275 put_chip(map, chip, base);
1276 mutex_unlock(&chip->mutex);
1279 /* factory locked */
1281 factory_size = 0x100;
1283 /* customer lockable */
1287 mutex_lock(&chip->mutex);
1288 ret = get_chip(map, chip, base, FL_LOCKING);
1290 /* Enter lock register command */
1291 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1,
1292 chip->start, map, cfi,
1293 cfi->device_type, NULL);
1294 cfi_send_gen_cmd(0x55, cfi->addr_unlock2,
1295 chip->start, map, cfi,
1296 cfi->device_type, NULL);
1297 cfi_send_gen_cmd(0x40, cfi->addr_unlock1,
1298 chip->start, map, cfi,
1299 cfi->device_type, NULL);
1300 /* read lock register */
1301 lockreg = cfi_read_query(map, 0);
1302 /* exit protection commands */
1303 map_write(map, CMD(0x90), chip->start);
1304 map_write(map, CMD(0x00), chip->start);
1305 put_chip(map, chip, chip->start);
1306 mutex_unlock(&chip->mutex);
1308 user_locked = ((lockreg & 0x01) == 0x00);
1312 otpsize = user_regs ? user_size : factory_size;
1315 otpoffset = user_regs ? user_offset : factory_offset;
1316 otplocked = user_regs ? user_locked : 1;
1319 /* return otpinfo */
1320 struct otp_info *otpinfo;
1321 len -= sizeof(*otpinfo);
1324 otpinfo = (struct otp_info *)buf;
1325 otpinfo->start = from;
1326 otpinfo->length = otpsize;
1327 otpinfo->locked = otplocked;
1328 buf += sizeof(*otpinfo);
1329 *retlen += sizeof(*otpinfo);
1331 } else if ((from < otpsize) && (len > 0)) {
1333 size = (len < otpsize - from) ? len : otpsize - from;
1334 ret = action(map, chip, otpoffset + from, size, buf);
1349 static int cfi_amdstd_get_fact_prot_info(struct mtd_info *mtd, size_t len,
1350 size_t *retlen, struct otp_info *buf)
1352 return cfi_amdstd_otp_walk(mtd, 0, len, retlen, (u_char *)buf,
1356 static int cfi_amdstd_get_user_prot_info(struct mtd_info *mtd, size_t len,
1357 size_t *retlen, struct otp_info *buf)
1359 return cfi_amdstd_otp_walk(mtd, 0, len, retlen, (u_char *)buf,
1363 static int cfi_amdstd_read_fact_prot_reg(struct mtd_info *mtd, loff_t from,
1364 size_t len, size_t *retlen,
1367 return cfi_amdstd_otp_walk(mtd, from, len, retlen,
1368 buf, do_read_secsi_onechip, 0);
1371 static int cfi_amdstd_read_user_prot_reg(struct mtd_info *mtd, loff_t from,
1372 size_t len, size_t *retlen,
1375 return cfi_amdstd_otp_walk(mtd, from, len, retlen,
1376 buf, do_read_secsi_onechip, 1);
1379 static int __xipram do_write_oneword(struct map_info *map, struct flchip *chip, unsigned long adr, map_word datum)
1381 struct cfi_private *cfi = map->fldrv_priv;
1382 unsigned long timeo = jiffies + HZ;
1384 * We use a 1ms + 1 jiffies generic timeout for writes (most devices
1385 * have a max write time of a few hundreds usec). However, we should
1386 * use the maximum timeout value given by the chip at probe time
1387 * instead. Unfortunately, struct flchip does have a field for
1388 * maximum timeout, only for typical which can be far too short
1389 * depending of the conditions. The ' + 1' is to avoid having a
1390 * timeout of 0 jiffies if HZ is smaller than 1000.
1392 unsigned long uWriteTimeout = ( HZ / 1000 ) + 1;
1399 mutex_lock(&chip->mutex);
1400 ret = get_chip(map, chip, adr, FL_WRITING);
1402 mutex_unlock(&chip->mutex);
1406 pr_debug("MTD %s(): WRITE 0x%.8lx(0x%.8lx)\n",
1407 __func__, adr, datum.x[0] );
1410 * Check for a NOP for the case when the datum to write is already
1411 * present - it saves time and works around buggy chips that corrupt
1412 * data at other locations when 0xff is written to a location that
1413 * already contains 0xff.
1415 oldd = map_read(map, adr);
1416 if (map_word_equal(map, oldd, datum)) {
1417 pr_debug("MTD %s(): NOP\n",
1422 XIP_INVAL_CACHED_RANGE(map, adr, map_bankwidth(map));
1424 xip_disable(map, chip, adr);
1426 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
1427 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL);
1428 cfi_send_gen_cmd(0xA0, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
1429 map_write(map, datum, adr);
1430 chip->state = FL_WRITING;
1432 INVALIDATE_CACHE_UDELAY(map, chip,
1433 adr, map_bankwidth(map),
1434 chip->word_write_time);
1436 /* See comment above for timeout value. */
1437 timeo = jiffies + uWriteTimeout;
1439 if (chip->state != FL_WRITING) {
1440 /* Someone's suspended the write. Sleep */
1441 DECLARE_WAITQUEUE(wait, current);
1443 set_current_state(TASK_UNINTERRUPTIBLE);
1444 add_wait_queue(&chip->wq, &wait);
1445 mutex_unlock(&chip->mutex);
1447 remove_wait_queue(&chip->wq, &wait);
1448 timeo = jiffies + (HZ / 2); /* FIXME */
1449 mutex_lock(&chip->mutex);
1453 if (time_after(jiffies, timeo) && !chip_ready(map, adr)){
1454 xip_enable(map, chip, adr);
1455 printk(KERN_WARNING "MTD %s(): software timeout\n", __func__);
1456 xip_disable(map, chip, adr);
1460 if (chip_ready(map, adr))
1463 /* Latency issues. Drop the lock, wait a while and retry */
1464 UDELAY(map, chip, adr, 1);
1466 /* Did we succeed? */
1467 if (!chip_good(map, adr, datum)) {
1468 /* reset on all failures. */
1469 map_write( map, CMD(0xF0), chip->start );
1470 /* FIXME - should have reset delay before continuing */
1472 if (++retry_cnt <= MAX_WORD_RETRIES)
1477 xip_enable(map, chip, adr);
1479 chip->state = FL_READY;
1481 put_chip(map, chip, adr);
1482 mutex_unlock(&chip->mutex);
1488 static int cfi_amdstd_write_words(struct mtd_info *mtd, loff_t to, size_t len,
1489 size_t *retlen, const u_char *buf)
1491 struct map_info *map = mtd->priv;
1492 struct cfi_private *cfi = map->fldrv_priv;
1495 unsigned long ofs, chipstart;
1496 DECLARE_WAITQUEUE(wait, current);
1498 chipnum = to >> cfi->chipshift;
1499 ofs = to - (chipnum << cfi->chipshift);
1500 chipstart = cfi->chips[chipnum].start;
1502 /* If it's not bus-aligned, do the first byte write */
1503 if (ofs & (map_bankwidth(map)-1)) {
1504 unsigned long bus_ofs = ofs & ~(map_bankwidth(map)-1);
1505 int i = ofs - bus_ofs;
1510 mutex_lock(&cfi->chips[chipnum].mutex);
1512 if (cfi->chips[chipnum].state != FL_READY) {
1513 set_current_state(TASK_UNINTERRUPTIBLE);
1514 add_wait_queue(&cfi->chips[chipnum].wq, &wait);
1516 mutex_unlock(&cfi->chips[chipnum].mutex);
1519 remove_wait_queue(&cfi->chips[chipnum].wq, &wait);
1523 /* Load 'tmp_buf' with old contents of flash */
1524 tmp_buf = map_read(map, bus_ofs+chipstart);
1526 mutex_unlock(&cfi->chips[chipnum].mutex);
1528 /* Number of bytes to copy from buffer */
1529 n = min_t(int, len, map_bankwidth(map)-i);
1531 tmp_buf = map_word_load_partial(map, tmp_buf, buf, i, n);
1533 ret = do_write_oneword(map, &cfi->chips[chipnum],
1543 if (ofs >> cfi->chipshift) {
1546 if (chipnum == cfi->numchips)
1551 /* We are now aligned, write as much as possible */
1552 while(len >= map_bankwidth(map)) {
1555 datum = map_word_load(map, buf);
1557 ret = do_write_oneword(map, &cfi->chips[chipnum],
1562 ofs += map_bankwidth(map);
1563 buf += map_bankwidth(map);
1564 (*retlen) += map_bankwidth(map);
1565 len -= map_bankwidth(map);
1567 if (ofs >> cfi->chipshift) {
1570 if (chipnum == cfi->numchips)
1572 chipstart = cfi->chips[chipnum].start;
1576 /* Write the trailing bytes if any */
1577 if (len & (map_bankwidth(map)-1)) {
1581 mutex_lock(&cfi->chips[chipnum].mutex);
1583 if (cfi->chips[chipnum].state != FL_READY) {
1584 set_current_state(TASK_UNINTERRUPTIBLE);
1585 add_wait_queue(&cfi->chips[chipnum].wq, &wait);
1587 mutex_unlock(&cfi->chips[chipnum].mutex);
1590 remove_wait_queue(&cfi->chips[chipnum].wq, &wait);
1594 tmp_buf = map_read(map, ofs + chipstart);
1596 mutex_unlock(&cfi->chips[chipnum].mutex);
1598 tmp_buf = map_word_load_partial(map, tmp_buf, buf, 0, len);
1600 ret = do_write_oneword(map, &cfi->chips[chipnum],
1613 * FIXME: interleaved mode not tested, and probably not supported!
1615 static int __xipram do_write_buffer(struct map_info *map, struct flchip *chip,
1616 unsigned long adr, const u_char *buf,
1619 struct cfi_private *cfi = map->fldrv_priv;
1620 unsigned long timeo = jiffies + HZ;
1621 /* see comments in do_write_oneword() regarding uWriteTimeo. */
1622 unsigned long uWriteTimeout = ( HZ / 1000 ) + 1;
1624 unsigned long cmd_adr;
1631 mutex_lock(&chip->mutex);
1632 ret = get_chip(map, chip, adr, FL_WRITING);
1634 mutex_unlock(&chip->mutex);
1638 datum = map_word_load(map, buf);
1640 pr_debug("MTD %s(): WRITE 0x%.8lx(0x%.8lx)\n",
1641 __func__, adr, datum.x[0] );
1643 XIP_INVAL_CACHED_RANGE(map, adr, len);
1645 xip_disable(map, chip, cmd_adr);
1647 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
1648 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL);
1650 /* Write Buffer Load */
1651 map_write(map, CMD(0x25), cmd_adr);
1653 chip->state = FL_WRITING_TO_BUFFER;
1655 /* Write length of data to come */
1656 words = len / map_bankwidth(map);
1657 map_write(map, CMD(words - 1), cmd_adr);
1660 while(z < words * map_bankwidth(map)) {
1661 datum = map_word_load(map, buf);
1662 map_write(map, datum, adr + z);
1664 z += map_bankwidth(map);
1665 buf += map_bankwidth(map);
1667 z -= map_bankwidth(map);
1671 /* Write Buffer Program Confirm: GO GO GO */
1672 map_write(map, CMD(0x29), cmd_adr);
1673 chip->state = FL_WRITING;
1675 INVALIDATE_CACHE_UDELAY(map, chip,
1676 adr, map_bankwidth(map),
1677 chip->word_write_time);
1679 timeo = jiffies + uWriteTimeout;
1682 if (chip->state != FL_WRITING) {
1683 /* Someone's suspended the write. Sleep */
1684 DECLARE_WAITQUEUE(wait, current);
1686 set_current_state(TASK_UNINTERRUPTIBLE);
1687 add_wait_queue(&chip->wq, &wait);
1688 mutex_unlock(&chip->mutex);
1690 remove_wait_queue(&chip->wq, &wait);
1691 timeo = jiffies + (HZ / 2); /* FIXME */
1692 mutex_lock(&chip->mutex);
1696 if (time_after(jiffies, timeo) && !chip_ready(map, adr))
1699 if (chip_ready(map, adr)) {
1700 xip_enable(map, chip, adr);
1704 /* Latency issues. Drop the lock, wait a while and retry */
1705 UDELAY(map, chip, adr, 1);
1709 * Recovery from write-buffer programming failures requires
1710 * the write-to-buffer-reset sequence. Since the last part
1711 * of the sequence also works as a normal reset, we can run
1712 * the same commands regardless of why we are here.
1714 * http://www.spansion.com/Support/Application%20Notes/MirrorBit_Write_Buffer_Prog_Page_Buffer_Read_AN.pdf
1716 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi,
1717 cfi->device_type, NULL);
1718 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi,
1719 cfi->device_type, NULL);
1720 cfi_send_gen_cmd(0xF0, cfi->addr_unlock1, chip->start, map, cfi,
1721 cfi->device_type, NULL);
1722 xip_enable(map, chip, adr);
1723 /* FIXME - should have reset delay before continuing */
1725 printk(KERN_WARNING "MTD %s(): software timeout, address:0x%.8lx.\n",
1730 chip->state = FL_READY;
1732 put_chip(map, chip, adr);
1733 mutex_unlock(&chip->mutex);
1739 static int cfi_amdstd_write_buffers(struct mtd_info *mtd, loff_t to, size_t len,
1740 size_t *retlen, const u_char *buf)
1742 struct map_info *map = mtd->priv;
1743 struct cfi_private *cfi = map->fldrv_priv;
1744 int wbufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
1749 chipnum = to >> cfi->chipshift;
1750 ofs = to - (chipnum << cfi->chipshift);
1752 /* If it's not bus-aligned, do the first word write */
1753 if (ofs & (map_bankwidth(map)-1)) {
1754 size_t local_len = (-ofs)&(map_bankwidth(map)-1);
1755 if (local_len > len)
1757 ret = cfi_amdstd_write_words(mtd, ofs + (chipnum<<cfi->chipshift),
1758 local_len, retlen, buf);
1765 if (ofs >> cfi->chipshift) {
1768 if (chipnum == cfi->numchips)
1773 /* Write buffer is worth it only if more than one word to write... */
1774 while (len >= map_bankwidth(map) * 2) {
1775 /* We must not cross write block boundaries */
1776 int size = wbufsize - (ofs & (wbufsize-1));
1780 if (size % map_bankwidth(map))
1781 size -= size % map_bankwidth(map);
1783 ret = do_write_buffer(map, &cfi->chips[chipnum],
1793 if (ofs >> cfi->chipshift) {
1796 if (chipnum == cfi->numchips)
1802 size_t retlen_dregs = 0;
1804 ret = cfi_amdstd_write_words(mtd, ofs + (chipnum<<cfi->chipshift),
1805 len, &retlen_dregs, buf);
1807 *retlen += retlen_dregs;
1815 * Wait for the flash chip to become ready to write data
1817 * This is only called during the panic_write() path. When panic_write()
1818 * is called, the kernel is in the process of a panic, and will soon be
1819 * dead. Therefore we don't take any locks, and attempt to get access
1820 * to the chip as soon as possible.
1822 static int cfi_amdstd_panic_wait(struct map_info *map, struct flchip *chip,
1825 struct cfi_private *cfi = map->fldrv_priv;
1830 * If the driver thinks the chip is idle, and no toggle bits
1831 * are changing, then the chip is actually idle for sure.
1833 if (chip->state == FL_READY && chip_ready(map, adr))
1837 * Try several times to reset the chip and then wait for it
1838 * to become idle. The upper limit of a few milliseconds of
1839 * delay isn't a big problem: the kernel is dying anyway. It
1840 * is more important to save the messages.
1842 while (retries > 0) {
1843 const unsigned long timeo = (HZ / 1000) + 1;
1845 /* send the reset command */
1846 map_write(map, CMD(0xF0), chip->start);
1848 /* wait for the chip to become ready */
1849 for (i = 0; i < jiffies_to_usecs(timeo); i++) {
1850 if (chip_ready(map, adr))
1857 /* the chip never became ready */
1862 * Write out one word of data to a single flash chip during a kernel panic
1864 * This is only called during the panic_write() path. When panic_write()
1865 * is called, the kernel is in the process of a panic, and will soon be
1866 * dead. Therefore we don't take any locks, and attempt to get access
1867 * to the chip as soon as possible.
1869 * The implementation of this routine is intentionally similar to
1870 * do_write_oneword(), in order to ease code maintenance.
1872 static int do_panic_write_oneword(struct map_info *map, struct flchip *chip,
1873 unsigned long adr, map_word datum)
1875 const unsigned long uWriteTimeout = (HZ / 1000) + 1;
1876 struct cfi_private *cfi = map->fldrv_priv;
1884 ret = cfi_amdstd_panic_wait(map, chip, adr);
1888 pr_debug("MTD %s(): PANIC WRITE 0x%.8lx(0x%.8lx)\n",
1889 __func__, adr, datum.x[0]);
1892 * Check for a NOP for the case when the datum to write is already
1893 * present - it saves time and works around buggy chips that corrupt
1894 * data at other locations when 0xff is written to a location that
1895 * already contains 0xff.
1897 oldd = map_read(map, adr);
1898 if (map_word_equal(map, oldd, datum)) {
1899 pr_debug("MTD %s(): NOP\n", __func__);
1906 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
1907 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL);
1908 cfi_send_gen_cmd(0xA0, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
1909 map_write(map, datum, adr);
1911 for (i = 0; i < jiffies_to_usecs(uWriteTimeout); i++) {
1912 if (chip_ready(map, adr))
1918 if (!chip_good(map, adr, datum)) {
1919 /* reset on all failures. */
1920 map_write(map, CMD(0xF0), chip->start);
1921 /* FIXME - should have reset delay before continuing */
1923 if (++retry_cnt <= MAX_WORD_RETRIES)
1935 * Write out some data during a kernel panic
1937 * This is used by the mtdoops driver to save the dying messages from a
1938 * kernel which has panic'd.
1940 * This routine ignores all of the locking used throughout the rest of the
1941 * driver, in order to ensure that the data gets written out no matter what
1942 * state this driver (and the flash chip itself) was in when the kernel crashed.
1944 * The implementation of this routine is intentionally similar to
1945 * cfi_amdstd_write_words(), in order to ease code maintenance.
1947 static int cfi_amdstd_panic_write(struct mtd_info *mtd, loff_t to, size_t len,
1948 size_t *retlen, const u_char *buf)
1950 struct map_info *map = mtd->priv;
1951 struct cfi_private *cfi = map->fldrv_priv;
1952 unsigned long ofs, chipstart;
1956 chipnum = to >> cfi->chipshift;
1957 ofs = to - (chipnum << cfi->chipshift);
1958 chipstart = cfi->chips[chipnum].start;
1960 /* If it's not bus aligned, do the first byte write */
1961 if (ofs & (map_bankwidth(map) - 1)) {
1962 unsigned long bus_ofs = ofs & ~(map_bankwidth(map) - 1);
1963 int i = ofs - bus_ofs;
1967 ret = cfi_amdstd_panic_wait(map, &cfi->chips[chipnum], bus_ofs);
1971 /* Load 'tmp_buf' with old contents of flash */
1972 tmp_buf = map_read(map, bus_ofs + chipstart);
1974 /* Number of bytes to copy from buffer */
1975 n = min_t(int, len, map_bankwidth(map) - i);
1977 tmp_buf = map_word_load_partial(map, tmp_buf, buf, i, n);
1979 ret = do_panic_write_oneword(map, &cfi->chips[chipnum],
1989 if (ofs >> cfi->chipshift) {
1992 if (chipnum == cfi->numchips)
1997 /* We are now aligned, write as much as possible */
1998 while (len >= map_bankwidth(map)) {
2001 datum = map_word_load(map, buf);
2003 ret = do_panic_write_oneword(map, &cfi->chips[chipnum],
2008 ofs += map_bankwidth(map);
2009 buf += map_bankwidth(map);
2010 (*retlen) += map_bankwidth(map);
2011 len -= map_bankwidth(map);
2013 if (ofs >> cfi->chipshift) {
2016 if (chipnum == cfi->numchips)
2019 chipstart = cfi->chips[chipnum].start;
2023 /* Write the trailing bytes if any */
2024 if (len & (map_bankwidth(map) - 1)) {
2027 ret = cfi_amdstd_panic_wait(map, &cfi->chips[chipnum], ofs);
2031 tmp_buf = map_read(map, ofs + chipstart);
2033 tmp_buf = map_word_load_partial(map, tmp_buf, buf, 0, len);
2035 ret = do_panic_write_oneword(map, &cfi->chips[chipnum],
2048 * Handle devices with one erase region, that only implement
2049 * the chip erase command.
2051 static int __xipram do_erase_chip(struct map_info *map, struct flchip *chip)
2053 struct cfi_private *cfi = map->fldrv_priv;
2054 unsigned long timeo = jiffies + HZ;
2055 unsigned long int adr;
2056 DECLARE_WAITQUEUE(wait, current);
2059 adr = cfi->addr_unlock1;
2061 mutex_lock(&chip->mutex);
2062 ret = get_chip(map, chip, adr, FL_WRITING);
2064 mutex_unlock(&chip->mutex);
2068 pr_debug("MTD %s(): ERASE 0x%.8lx\n",
2069 __func__, chip->start );
2071 XIP_INVAL_CACHED_RANGE(map, adr, map->size);
2073 xip_disable(map, chip, adr);
2075 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
2076 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL);
2077 cfi_send_gen_cmd(0x80, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
2078 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
2079 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL);
2080 cfi_send_gen_cmd(0x10, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
2082 chip->state = FL_ERASING;
2083 chip->erase_suspended = 0;
2084 chip->in_progress_block_addr = adr;
2086 INVALIDATE_CACHE_UDELAY(map, chip,
2088 chip->erase_time*500);
2090 timeo = jiffies + (HZ*20);
2093 if (chip->state != FL_ERASING) {
2094 /* Someone's suspended the erase. Sleep */
2095 set_current_state(TASK_UNINTERRUPTIBLE);
2096 add_wait_queue(&chip->wq, &wait);
2097 mutex_unlock(&chip->mutex);
2099 remove_wait_queue(&chip->wq, &wait);
2100 mutex_lock(&chip->mutex);
2103 if (chip->erase_suspended) {
2104 /* This erase was suspended and resumed.
2105 Adjust the timeout */
2106 timeo = jiffies + (HZ*20); /* FIXME */
2107 chip->erase_suspended = 0;
2110 if (chip_ready(map, adr))
2113 if (time_after(jiffies, timeo)) {
2114 printk(KERN_WARNING "MTD %s(): software timeout\n",
2119 /* Latency issues. Drop the lock, wait a while and retry */
2120 UDELAY(map, chip, adr, 1000000/HZ);
2122 /* Did we succeed? */
2123 if (!chip_good(map, adr, map_word_ff(map))) {
2124 /* reset on all failures. */
2125 map_write( map, CMD(0xF0), chip->start );
2126 /* FIXME - should have reset delay before continuing */
2131 chip->state = FL_READY;
2132 xip_enable(map, chip, adr);
2134 put_chip(map, chip, adr);
2135 mutex_unlock(&chip->mutex);
2141 static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip, unsigned long adr, int len, void *thunk)
2143 struct cfi_private *cfi = map->fldrv_priv;
2144 unsigned long timeo = jiffies + HZ;
2145 DECLARE_WAITQUEUE(wait, current);
2150 mutex_lock(&chip->mutex);
2151 ret = get_chip(map, chip, adr, FL_ERASING);
2153 mutex_unlock(&chip->mutex);
2157 pr_debug("MTD %s(): ERASE 0x%.8lx\n",
2160 XIP_INVAL_CACHED_RANGE(map, adr, len);
2162 xip_disable(map, chip, adr);
2164 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
2165 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL);
2166 cfi_send_gen_cmd(0x80, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
2167 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi, cfi->device_type, NULL);
2168 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi, cfi->device_type, NULL);
2169 map_write(map, cfi->sector_erase_cmd, adr);
2171 chip->state = FL_ERASING;
2172 chip->erase_suspended = 0;
2173 chip->in_progress_block_addr = adr;
2175 INVALIDATE_CACHE_UDELAY(map, chip,
2177 chip->erase_time*500);
2179 timeo = jiffies + (HZ*20);
2182 if (chip->state != FL_ERASING) {
2183 /* Someone's suspended the erase. Sleep */
2184 set_current_state(TASK_UNINTERRUPTIBLE);
2185 add_wait_queue(&chip->wq, &wait);
2186 mutex_unlock(&chip->mutex);
2188 remove_wait_queue(&chip->wq, &wait);
2189 mutex_lock(&chip->mutex);
2192 if (chip->erase_suspended) {
2193 /* This erase was suspended and resumed.
2194 Adjust the timeout */
2195 timeo = jiffies + (HZ*20); /* FIXME */
2196 chip->erase_suspended = 0;
2199 if (chip_ready(map, adr)) {
2200 xip_enable(map, chip, adr);
2204 if (time_after(jiffies, timeo)) {
2205 xip_enable(map, chip, adr);
2206 printk(KERN_WARNING "MTD %s(): software timeout\n",
2211 /* Latency issues. Drop the lock, wait a while and retry */
2212 UDELAY(map, chip, adr, 1000000/HZ);
2214 /* Did we succeed? */
2215 if (!chip_good(map, adr, map_word_ff(map))) {
2216 /* reset on all failures. */
2217 map_write( map, CMD(0xF0), chip->start );
2218 /* FIXME - should have reset delay before continuing */
2223 chip->state = FL_READY;
2225 put_chip(map, chip, adr);
2226 mutex_unlock(&chip->mutex);
2231 static int cfi_amdstd_erase_varsize(struct mtd_info *mtd, struct erase_info *instr)
2233 unsigned long ofs, len;
2239 ret = cfi_varsize_frob(mtd, do_erase_oneblock, ofs, len, NULL);
2243 instr->state = MTD_ERASE_DONE;
2244 mtd_erase_callback(instr);
2250 static int cfi_amdstd_erase_chip(struct mtd_info *mtd, struct erase_info *instr)
2252 struct map_info *map = mtd->priv;
2253 struct cfi_private *cfi = map->fldrv_priv;
2256 if (instr->addr != 0)
2259 if (instr->len != mtd->size)
2262 ret = do_erase_chip(map, &cfi->chips[0]);
2266 instr->state = MTD_ERASE_DONE;
2267 mtd_erase_callback(instr);
2272 static int do_atmel_lock(struct map_info *map, struct flchip *chip,
2273 unsigned long adr, int len, void *thunk)
2275 struct cfi_private *cfi = map->fldrv_priv;
2278 mutex_lock(&chip->mutex);
2279 ret = get_chip(map, chip, adr + chip->start, FL_LOCKING);
2282 chip->state = FL_LOCKING;
2284 pr_debug("MTD %s(): LOCK 0x%08lx len %d\n", __func__, adr, len);
2286 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi,
2287 cfi->device_type, NULL);
2288 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi,
2289 cfi->device_type, NULL);
2290 cfi_send_gen_cmd(0x80, cfi->addr_unlock1, chip->start, map, cfi,
2291 cfi->device_type, NULL);
2292 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi,
2293 cfi->device_type, NULL);
2294 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi,
2295 cfi->device_type, NULL);
2296 map_write(map, CMD(0x40), chip->start + adr);
2298 chip->state = FL_READY;
2299 put_chip(map, chip, adr + chip->start);
2303 mutex_unlock(&chip->mutex);
2307 static int do_atmel_unlock(struct map_info *map, struct flchip *chip,
2308 unsigned long adr, int len, void *thunk)
2310 struct cfi_private *cfi = map->fldrv_priv;
2313 mutex_lock(&chip->mutex);
2314 ret = get_chip(map, chip, adr + chip->start, FL_UNLOCKING);
2317 chip->state = FL_UNLOCKING;
2319 pr_debug("MTD %s(): LOCK 0x%08lx len %d\n", __func__, adr, len);
2321 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi,
2322 cfi->device_type, NULL);
2323 map_write(map, CMD(0x70), adr);
2325 chip->state = FL_READY;
2326 put_chip(map, chip, adr + chip->start);
2330 mutex_unlock(&chip->mutex);
2334 static int cfi_atmel_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len)
2336 return cfi_varsize_frob(mtd, do_atmel_lock, ofs, len, NULL);
2339 static int cfi_atmel_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len)
2341 return cfi_varsize_frob(mtd, do_atmel_unlock, ofs, len, NULL);
2345 * Advanced Sector Protection - PPB (Persistent Protection Bit) locking
2349 struct flchip *chip;
2354 #define MAX_SECTORS 512
2356 #define DO_XXLOCK_ONEBLOCK_LOCK ((void *)1)
2357 #define DO_XXLOCK_ONEBLOCK_UNLOCK ((void *)2)
2358 #define DO_XXLOCK_ONEBLOCK_GETLOCK ((void *)3)
2360 static int __maybe_unused do_ppb_xxlock(struct map_info *map,
2361 struct flchip *chip,
2362 unsigned long adr, int len, void *thunk)
2364 struct cfi_private *cfi = map->fldrv_priv;
2365 unsigned long timeo;
2368 mutex_lock(&chip->mutex);
2369 ret = get_chip(map, chip, adr + chip->start, FL_LOCKING);
2371 mutex_unlock(&chip->mutex);
2375 pr_debug("MTD %s(): XXLOCK 0x%08lx len %d\n", __func__, adr, len);
2377 cfi_send_gen_cmd(0xAA, cfi->addr_unlock1, chip->start, map, cfi,
2378 cfi->device_type, NULL);
2379 cfi_send_gen_cmd(0x55, cfi->addr_unlock2, chip->start, map, cfi,
2380 cfi->device_type, NULL);
2381 /* PPB entry command */
2382 cfi_send_gen_cmd(0xC0, cfi->addr_unlock1, chip->start, map, cfi,
2383 cfi->device_type, NULL);
2385 if (thunk == DO_XXLOCK_ONEBLOCK_LOCK) {
2386 chip->state = FL_LOCKING;
2387 map_write(map, CMD(0xA0), chip->start + adr);
2388 map_write(map, CMD(0x00), chip->start + adr);
2389 } else if (thunk == DO_XXLOCK_ONEBLOCK_UNLOCK) {
2391 * Unlocking of one specific sector is not supported, so we
2392 * have to unlock all sectors of this device instead
2394 chip->state = FL_UNLOCKING;
2395 map_write(map, CMD(0x80), chip->start);
2396 map_write(map, CMD(0x30), chip->start);
2397 } else if (thunk == DO_XXLOCK_ONEBLOCK_GETLOCK) {
2398 chip->state = FL_JEDEC_QUERY;
2399 /* Return locked status: 0->locked, 1->unlocked */
2400 ret = !cfi_read_query(map, adr);
2405 * Wait for some time as unlocking of all sectors takes quite long
2407 timeo = jiffies + msecs_to_jiffies(2000); /* 2s max (un)locking */
2409 if (chip_ready(map, adr))
2412 if (time_after(jiffies, timeo)) {
2413 printk(KERN_ERR "Waiting for chip to be ready timed out.\n");
2418 UDELAY(map, chip, adr, 1);
2421 /* Exit BC commands */
2422 map_write(map, CMD(0x90), chip->start);
2423 map_write(map, CMD(0x00), chip->start);
2425 chip->state = FL_READY;
2426 put_chip(map, chip, adr + chip->start);
2427 mutex_unlock(&chip->mutex);
2432 static int __maybe_unused cfi_ppb_lock(struct mtd_info *mtd, loff_t ofs,
2435 return cfi_varsize_frob(mtd, do_ppb_xxlock, ofs, len,
2436 DO_XXLOCK_ONEBLOCK_LOCK);
2439 static int __maybe_unused cfi_ppb_unlock(struct mtd_info *mtd, loff_t ofs,
2442 struct mtd_erase_region_info *regions = mtd->eraseregions;
2443 struct map_info *map = mtd->priv;
2444 struct cfi_private *cfi = map->fldrv_priv;
2445 struct ppb_lock *sect;
2455 * PPB unlocking always unlocks all sectors of the flash chip.
2456 * We need to re-lock all previously locked sectors. So lets
2457 * first check the locking status of all sectors and save
2458 * it for future use.
2460 sect = kzalloc(MAX_SECTORS * sizeof(struct ppb_lock), GFP_KERNEL);
2465 * This code to walk all sectors is a slightly modified version
2466 * of the cfi_varsize_frob() code.
2476 int size = regions[i].erasesize;
2479 * Only test sectors that shall not be unlocked. The other
2480 * sectors shall be unlocked, so lets keep their locking
2481 * status at "unlocked" (locked=0) for the final re-locking.
2483 if ((adr < ofs) || (adr >= (ofs + len))) {
2484 sect[sectors].chip = &cfi->chips[chipnum];
2485 sect[sectors].offset = offset;
2486 sect[sectors].locked = do_ppb_xxlock(
2487 map, &cfi->chips[chipnum], adr, 0,
2488 DO_XXLOCK_ONEBLOCK_GETLOCK);
2495 if (offset == regions[i].offset + size * regions[i].numblocks)
2498 if (adr >> cfi->chipshift) {
2502 if (chipnum >= cfi->numchips)
2507 if (sectors >= MAX_SECTORS) {
2508 printk(KERN_ERR "Only %d sectors for PPB locking supported!\n",
2515 /* Now unlock the whole chip */
2516 ret = cfi_varsize_frob(mtd, do_ppb_xxlock, ofs, len,
2517 DO_XXLOCK_ONEBLOCK_UNLOCK);
2524 * PPB unlocking always unlocks all sectors of the flash chip.
2525 * We need to re-lock all previously locked sectors.
2527 for (i = 0; i < sectors; i++) {
2529 do_ppb_xxlock(map, sect[i].chip, sect[i].offset, 0,
2530 DO_XXLOCK_ONEBLOCK_LOCK);
2537 static int __maybe_unused cfi_ppb_is_locked(struct mtd_info *mtd, loff_t ofs,
2540 return cfi_varsize_frob(mtd, do_ppb_xxlock, ofs, len,
2541 DO_XXLOCK_ONEBLOCK_GETLOCK) ? 1 : 0;
2544 static void cfi_amdstd_sync (struct mtd_info *mtd)
2546 struct map_info *map = mtd->priv;
2547 struct cfi_private *cfi = map->fldrv_priv;
2549 struct flchip *chip;
2551 DECLARE_WAITQUEUE(wait, current);
2553 for (i=0; !ret && i<cfi->numchips; i++) {
2554 chip = &cfi->chips[i];
2557 mutex_lock(&chip->mutex);
2559 switch(chip->state) {
2563 case FL_JEDEC_QUERY:
2564 chip->oldstate = chip->state;
2565 chip->state = FL_SYNCING;
2566 /* No need to wake_up() on this state change -
2567 * as the whole point is that nobody can do anything
2568 * with the chip now anyway.
2571 mutex_unlock(&chip->mutex);
2575 /* Not an idle state */
2576 set_current_state(TASK_UNINTERRUPTIBLE);
2577 add_wait_queue(&chip->wq, &wait);
2579 mutex_unlock(&chip->mutex);
2583 remove_wait_queue(&chip->wq, &wait);
2589 /* Unlock the chips again */
2591 for (i--; i >=0; i--) {
2592 chip = &cfi->chips[i];
2594 mutex_lock(&chip->mutex);
2596 if (chip->state == FL_SYNCING) {
2597 chip->state = chip->oldstate;
2600 mutex_unlock(&chip->mutex);
2605 static int cfi_amdstd_suspend(struct mtd_info *mtd)
2607 struct map_info *map = mtd->priv;
2608 struct cfi_private *cfi = map->fldrv_priv;
2610 struct flchip *chip;
2613 for (i=0; !ret && i<cfi->numchips; i++) {
2614 chip = &cfi->chips[i];
2616 mutex_lock(&chip->mutex);
2618 switch(chip->state) {
2622 case FL_JEDEC_QUERY:
2623 chip->oldstate = chip->state;
2624 chip->state = FL_PM_SUSPENDED;
2625 /* No need to wake_up() on this state change -
2626 * as the whole point is that nobody can do anything
2627 * with the chip now anyway.
2629 case FL_PM_SUSPENDED:
2636 mutex_unlock(&chip->mutex);
2639 /* Unlock the chips again */
2642 for (i--; i >=0; i--) {
2643 chip = &cfi->chips[i];
2645 mutex_lock(&chip->mutex);
2647 if (chip->state == FL_PM_SUSPENDED) {
2648 chip->state = chip->oldstate;
2651 mutex_unlock(&chip->mutex);
2659 static void cfi_amdstd_resume(struct mtd_info *mtd)
2661 struct map_info *map = mtd->priv;
2662 struct cfi_private *cfi = map->fldrv_priv;
2664 struct flchip *chip;
2666 for (i=0; i<cfi->numchips; i++) {
2668 chip = &cfi->chips[i];
2670 mutex_lock(&chip->mutex);
2672 if (chip->state == FL_PM_SUSPENDED) {
2673 chip->state = FL_READY;
2674 map_write(map, CMD(0xF0), chip->start);
2678 printk(KERN_ERR "Argh. Chip not in PM_SUSPENDED state upon resume()\n");
2680 mutex_unlock(&chip->mutex);
2686 * Ensure that the flash device is put back into read array mode before
2687 * unloading the driver or rebooting. On some systems, rebooting while
2688 * the flash is in query/program/erase mode will prevent the CPU from
2689 * fetching the bootloader code, requiring a hard reset or power cycle.
2691 static int cfi_amdstd_reset(struct mtd_info *mtd)
2693 struct map_info *map = mtd->priv;
2694 struct cfi_private *cfi = map->fldrv_priv;
2696 struct flchip *chip;
2698 for (i = 0; i < cfi->numchips; i++) {
2700 chip = &cfi->chips[i];
2702 mutex_lock(&chip->mutex);
2704 ret = get_chip(map, chip, chip->start, FL_SHUTDOWN);
2706 map_write(map, CMD(0xF0), chip->start);
2707 chip->state = FL_SHUTDOWN;
2708 put_chip(map, chip, chip->start);
2711 mutex_unlock(&chip->mutex);
2718 static int cfi_amdstd_reboot(struct notifier_block *nb, unsigned long val,
2721 struct mtd_info *mtd;
2723 mtd = container_of(nb, struct mtd_info, reboot_notifier);
2724 cfi_amdstd_reset(mtd);
2729 static void cfi_amdstd_destroy(struct mtd_info *mtd)
2731 struct map_info *map = mtd->priv;
2732 struct cfi_private *cfi = map->fldrv_priv;
2734 cfi_amdstd_reset(mtd);
2735 unregister_reboot_notifier(&mtd->reboot_notifier);
2736 kfree(cfi->cmdset_priv);
2739 kfree(mtd->eraseregions);
2742 MODULE_LICENSE("GPL");
2743 MODULE_AUTHOR("Crossnet Co. <info@crossnet.co.jp> et al.");
2744 MODULE_DESCRIPTION("MTD chip driver for AMD/Fujitsu flash chips");
2745 MODULE_ALIAS("cfi_cmdset_0006");
2746 MODULE_ALIAS("cfi_cmdset_0701");
projects / firefly-linux-kernel-4.4.55.git / blob