| Message ID | 20220318132824.1134400-12-clg@kaod.org |
|---|---|
| State | New |
| Headers | show |
| Series | hw/sd: Rework models for eMMC support | expand |
Hi Cédric, On 3/18/22 14:28, Cédric Le Goater wrote: > The initial eMMC support from Vincent Palatin was largely reworked to > match the current SD framework. The parameters mimick a real 4GB eMMC, > but it can be set to various sizes. > > This adds a new QOM object class for EMMC devices. That is interesting. Is RPMB emulation implemented? I doesn't look like so, although... > + sd->ext_csd[EXT_CSD_RPMB_MULT] = 0x1; /* RPMB size */ ...this indicates that the device has one block (128 KB) of RPMB if I'm not mistaken. I would be quite interested in testing and possibly helping out implement RPMB, although I must admit don't know much about QEMU internals. I have written some quick & dirty emulation code for RPMB at the Linux ioctl() level, see [1]. This code is useful for CI testing of the OP-TEE OS project [2], but having a lower level emulation in QEMU would be much better since the Linux kernel would "see" the device and report it in sysfs etc. [1] https://github.com/OP-TEE/optee_client/blob/3.16.0/tee-supplicant/src/rpmb.c#L494-L571 [2] https://github.com/OP-TEE/optee_os/ Thanks,
Hello Jerome, On 3/28/22 14:10, Jerome Forissier wrote: > Hi Cédric, > > On 3/18/22 14:28, Cédric Le Goater wrote: >> The initial eMMC support from Vincent Palatin was largely reworked to >> match the current SD framework. The parameters mimick a real 4GB eMMC, >> but it can be set to various sizes. >> >> This adds a new QOM object class for EMMC devices. > > That is interesting. This series is really a pre-pre-alpha-0. It's a mixed of changes from Joel and I on top of Vincent Palatin patches sent ~10 years ago. I reworked them recently to take into account a proposal of Philippe to improve the sd models and possibly add eMMC support. They are good enough to boot a rainier-bmc board. > Is RPMB emulation implemented? I doesn't look like so, although... no. it's not. > > >> + sd->ext_csd[EXT_CSD_RPMB_MULT] = 0x1; /* RPMB size */ > > ...this indicates that the device has one block (128 KB) of RPMB if I'm > not mistaken. > > > I would be quite interested in testing and possibly helping out > implement RPMB, although I must admit don't know much about QEMU > internals. I have written some quick & dirty emulation code for RPMB at > the Linux ioctl() level, see [1]. This code is useful for CI testing of > the OP-TEE OS project [2], but having a lower level emulation in QEMU > would be much better since the Linux kernel would "see" the device and > report it in sysfs etc. > > [1] https://github.com/OP-TEE/optee_client/blob/3.16.0/tee-supplicant/src/rpmb.c#L494-L571 > [2] https://github.com/OP-TEE/optee_os/ You can give these patches a try using this branch: https://github.com/legoater/qemu/commits/aspeed-7.0 Using the above QEMU, I would run a rainier-bmc machine which requires eMMC support : qemu-system-arm -M rainier-bmc \ -nic user,mac=C0:FF:EE:00:00:02,hostfwd=::2222-:22 \ -drive file=/path/to/mmc-p10bmc.qcow2,format=qcow2,if=sd,id=sd0,index=2 \ -nographic -nodefaults -snapshot -serial mon:stdio The bootable qcow2 image : https://www.kaod.org/qemu/aspeed/mmc-p10bmc.qcow2 was created from : https://jenkins.openbmc.org/view/latest/job/latest-master/label=docker-builder,target=p10bmc/lastSuccessfulBuild/artifact/openbmc/build/tmp/deploy/images/p10bmc/ Booting from the eMMC is a topic by itself but instead of booting from the eMMC, I would use a custom kernel and userspace. Compile an AST2600 kernel or grab : https://www.kaod.org/qemu/aspeed/zImage https://www.kaod.org/qemu/aspeed/aspeed-bmc-ibm-rainier.dtb Compile a buildroot image or grab : https://www.kaod.org/qemu/aspeed/rootfs.cpio.xz and run : qemu-system-arm -M rainier-bmc \ -kernel /path/to/linux/build_ast2600/arch/arm/boot/zImage \ -initrd /path/to/rootfs.cpio.xz \ -dtb /path/to/linux/build_ast2600/arch/arm/boot/dts/aspeed-bmc-ibm-rainier.dtb \ -append 'console=ttyS4,115200n8 root=/dev/ram ro' \ -nic user,mac=C0:FF:EE:00:00:02,hostfwd=::2222-:22 \ -drive file=/path/to/mmc-p10bmc.qcow2,format=qcow2,if=sd,id=sd0,index=2 \ -nographic -nodefaults -serial mon:stdio root/0penBmc to login. From there, modify the kernel and the buildroot image, you can scp some binary, do your testing and possibly send patches to improve QEMU support ! C.
[ ... ] > Do you mind splitting as: > > - Add TYPE_EMMC, emmc_class_init and sd_proto_emmc[] with > already existing handlers (1 patch) > > - Add new handlers, from smaller to sd_emmc_set_csd(), > and finally mmc_set_ext_csd() with the EXT_CSD definitions > (various patches). Sure, I will reorganize the patchset. It will ease the review. > Otherwise LGTM! > > What is your test suite? Not simple. Get the latest FW images for the rainier platform from : https://jenkins.openbmc.org/view/latest/job/latest-master/label=docker-builder,target=p10bmc/lastSuccessfulBuild/artifact/openbmc/build/tmp/deploy/images/p10bmc/ and build a bootable eMMC with such a sequence : dd of=$mmc if=/dev/zero bs=1M count=128 dd of=$mmc if=${fw_dir}/u-boot-spl.bin conv=notrunc dd of=$mmc if=${fw_dir}/u-boot.bin conv=notrunc bs=1K seek=64 dd of=$mmc if=${fw_dir}/u-boot-env.bin conv=notrunc bs=1K seek=$((896 + 64)) xzdec $wicxz | dd status=progress of=$mmc conv=notrunc bs=1M seek=2 truncate --size 16G $mmc We could have a smaller image with a buildroot rootfs. Then, boot with: qemu-system-arm -M rainier-bmc -net nic,netdev=net0 -netdev user \ -drive file=$mmc.qcow2,format=qcow2,if=sd,id=sd0,index=2 The Aspeed machines (AST2600) can boot from flash or eMMC and the above command line does the trick. It is not optimal. Thanks, C.
On 5/10/22 09:15, Cédric Le Goater wrote: > [ ... ] > > >> Do you mind splitting as: >> >> - Add TYPE_EMMC, emmc_class_init and sd_proto_emmc[] with >> already existing handlers (1 patch) >> >> - Add new handlers, from smaller to sd_emmc_set_csd(), >> and finally mmc_set_ext_csd() with the EXT_CSD definitions >> (various patches). > > Sure, I will reorganize the patchset. It will ease the review. I just did in https://github.com/legoater/qemu/commits/aspeed-7.1 The commit logs need more information, at least a reference to the specs. > >> Otherwise LGTM! >> >> What is your test suite? > > Not simple. > > Get the latest FW images for the rainier platform from : > > https://jenkins.openbmc.org/view/latest/job/latest-master/label=docker-builder,target=p10bmc/lastSuccessfulBuild/artifact/openbmc/build/tmp/deploy/images/p10bmc/ > > and build a bootable eMMC with such a sequence : > > dd of=$mmc if=/dev/zero bs=1M count=128 > dd of=$mmc if=${fw_dir}/u-boot-spl.bin conv=notrunc > dd of=$mmc if=${fw_dir}/u-boot.bin conv=notrunc bs=1K seek=64 > dd of=$mmc if=${fw_dir}/u-boot-env.bin conv=notrunc bs=1K seek=$((896 + 64)) > xzdec $wicxz | dd status=progress of=$mmc conv=notrunc bs=1M seek=2 > truncate --size 16G $mmc > > We could have a smaller image with a buildroot rootfs. > > Then, boot with: > > qemu-system-arm -M rainier-bmc -net nic,netdev=net0 -netdev user \ > -drive file=$mmc.qcow2,format=qcow2,if=sd,id=sd0,index=2 and you will need my branch for that. Thanks, C. > The Aspeed machines (AST2600) can boot from flash or eMMC and the above > command line does the trick. It is not optimal. > > > Thanks, > > C.
On 5/30/22 19:02, Philippe Mathieu-Daudé wrote: > Hi Cédric, > > On 18/3/22 14:28, Cédric Le Goater wrote: >> The initial eMMC support from Vincent Palatin was largely reworked to >> match the current SD framework. The parameters mimick a real 4GB eMMC, >> but it can be set to various sizes. >> >> This adds a new QOM object class for EMMC devices. >> >> Signed-off-by: Vincent Palatin <vpalatin@chromium.org> >> Link: https://lore.kernel.org/r/1311635951-11047-5-git-send-email-vpalatin@chromium.org >> [ jms: - Forward ported to QEMU 5.2 ] >> Signed-off-by: Joel Stanley <joel@jms.id.au> >> [ clg: - ported on aspeed-7.0 patchset >> - HPI activation ] >> Signed-off-by: Cédric Le Goater <clg@kaod.org> >> --- >> hw/sd/sdmmc-internal.h | 97 +++++++++++++++++++ >> include/hw/sd/sd.h | 9 ++ >> hw/sd/sd.c | 205 ++++++++++++++++++++++++++++++++++++++++- >> hw/sd/sdmmc-internal.c | 2 +- >> 4 files changed, 311 insertions(+), 2 deletions(-) > >> +static const SDProto sd_proto_emmc = { > > What about renaming as: > > ... emmc_proto = { yes. These are internal functions. Fine with me. Thanks, C. > >> + .name = "eMMC", >> + .cmd = { >> + [0] = sd_cmd_GO_IDLE_STATE, >> + [1] = sd_emmc_cmd_SEND_OP_CMD, > > = emmc_cmd_SEND_OP_CMD, > >> + [2] = sd_emmc_cmd_ALL_SEND_CID, > > ... > > ? > >> + [3] = sd_emmc_cmd_SEND_RELATIVE_ADDR, >> + [5] = sd_cmd_illegal, >> + [8] = sd_emmc_cmd_SEND_EXT_CSD, >> + [19] = sd_cmd_SEND_TUNING_BLOCK, >> + [21] = sd_emmc_cmd_SEND_TUNING_BLOCK, >> + [41] = sd_cmd_illegal, >> + [52 ... 54] = sd_cmd_illegal, >> + [55] = sd_emmc_cmd_APP_CMD, >> + [58] = sd_cmd_illegal, >> + [59] = sd_cmd_illegal, >> + }, >> +};
On 5/30/22 19:40, Philippe Mathieu-Daudé wrote: > On 18/3/22 14:28, Cédric Le Goater wrote: >> The initial eMMC support from Vincent Palatin was largely reworked to >> match the current SD framework. The parameters mimick a real 4GB eMMC, >> but it can be set to various sizes. >> >> This adds a new QOM object class for EMMC devices. >> >> Signed-off-by: Vincent Palatin <vpalatin@chromium.org> >> Link: https://lore.kernel.org/r/1311635951-11047-5-git-send-email-vpalatin@chromium.org >> [ jms: - Forward ported to QEMU 5.2 ] >> Signed-off-by: Joel Stanley <joel@jms.id.au> >> [ clg: - ported on aspeed-7.0 patchset >> - HPI activation ] >> Signed-off-by: Cédric Le Goater <clg@kaod.org> >> --- >> hw/sd/sdmmc-internal.h | 97 +++++++++++++++++++ >> include/hw/sd/sd.h | 9 ++ >> hw/sd/sd.c | 205 ++++++++++++++++++++++++++++++++++++++++- >> hw/sd/sdmmc-internal.c | 2 +- >> 4 files changed, 311 insertions(+), 2 deletions(-) > > >> +static void emmc_class_init(ObjectClass *klass, void *data) >> +{ >> + DeviceClass *dc = DEVICE_CLASS(klass); >> + SDCardClass *sc = SD_CARD_CLASS(klass); >> + >> + dc->desc = "eMMC"; >> + sc->proto = &sd_proto_emmc; >> + sc->spec_version = SD_PHY_SPECv3_01_VERS; /* eMMC requirement */ >> + sc->set_csd = sd_emmc_set_csd; >> +} >> + >> +static const TypeInfo emmc_info = { >> + .name = TYPE_EMMC, >> + .parent = TYPE_SD_CARD, > > Hmm this is odd to have the model inheriting features from SD_CARD but then behaving differently (one could enumerate QDEV objects implementing > TYPE_SD_CARD then use them expecting they match the SD card protocol). > > Why do you need to have TYPE_SD_CARD as parent? Simply for the initialization. > Could we simply duplicate sd_class_init() assignations instead? That > would likely make it easier to modify eMMC handlers. May be we lack a base abstract class ? It would clean up this section in the realize routine : sd->proto = sd->spi ? &sd_proto_spi : &sd_proto_sd; if (sc->proto) { sd->proto = sc->proto; } Thanks, C. >> + .class_init = emmc_class_init, >> + };
On 5/30/22 20:29, Philippe Mathieu-Daudé wrote: > On 18/3/22 14:28, Cédric Le Goater wrote: >> The initial eMMC support from Vincent Palatin was largely reworked to >> match the current SD framework. The parameters mimick a real 4GB eMMC, >> but it can be set to various sizes. >> >> This adds a new QOM object class for EMMC devices. >> >> Signed-off-by: Vincent Palatin <vpalatin@chromium.org> >> Link: https://lore.kernel.org/r/1311635951-11047-5-git-send-email-vpalatin@chromium.org >> [ jms: - Forward ported to QEMU 5.2 ] >> Signed-off-by: Joel Stanley <joel@jms.id.au> >> [ clg: - ported on aspeed-7.0 patchset >> - HPI activation ] >> Signed-off-by: Cédric Le Goater <clg@kaod.org> >> --- >> hw/sd/sdmmc-internal.h | 97 +++++++++++++++++++ >> include/hw/sd/sd.h | 9 ++ >> hw/sd/sd.c | 205 ++++++++++++++++++++++++++++++++++++++++- >> hw/sd/sdmmc-internal.c | 2 +- >> 4 files changed, 311 insertions(+), 2 deletions(-) > >> static void sd_instance_init(Object *obj) >> { >> SDState *sd = SD_CARD(obj); >> @@ -2162,10 +2338,19 @@ static void sd_instance_finalize(Object *obj) >> static void sd_realize(DeviceState *dev, Error **errp) >> { >> SDState *sd = SD_CARD(dev); >> + SDCardClass *sc = SD_CARD_GET_CLASS(sd); >> int ret; >> sd->proto = sd->spi ? &sd_proto_spi : &sd_proto_sd; >> + if (sc->proto) { >> + sd->proto = sc->proto; >> + } >> + >> + if (sc->spec_version) { >> + sd->spec_version = sc->spec_version; >> + } >> + >> switch (sd->spec_version) { >> case SD_PHY_SPECv1_10_VERS >> ... SD_PHY_SPECv3_01_VERS: > > > Instead I'd use: Yes. This is better. Thanks, C. > -- >8 -- > @@ -2301,14 +2297,26 @@ static const TypeInfo sd_info = { > .instance_finalize = sd_instance_finalize, > }; > > +static void emmc_realize(DeviceState *dev, Error **errp) > +{ > + SDState *sd = SD_CARD(dev); > + > + if (sd->spec_version < SD_PHY_SPECv3_01_VERS) { > + error_setg(errp, "Minimum spec for eMMC is v3.01"); > + return; > + } > + > + sd_realize(dev, errp); > +} > + > static void emmc_class_init(ObjectClass *klass, void *data) > { > DeviceClass *dc = DEVICE_CLASS(klass); > SDCardClass *sc = SD_CARD_CLASS(klass); > > dc->desc = "eMMC"; > + dc->realize = emmc_realize; > sc->proto = &sd_proto_emmc; > } > > --- > >
On 5/31/22 10:03, Philippe Mathieu-Daudé wrote: > On 31/5/22 07:58, Cédric Le Goater wrote: >> On 5/30/22 19:40, Philippe Mathieu-Daudé wrote: >>> On 18/3/22 14:28, Cédric Le Goater wrote: >>>> The initial eMMC support from Vincent Palatin was largely reworked to >>>> match the current SD framework. The parameters mimick a real 4GB eMMC, >>>> but it can be set to various sizes. >>>> >>>> This adds a new QOM object class for EMMC devices. >>>> >>>> Signed-off-by: Vincent Palatin <vpalatin@chromium.org> >>>> Link: https://lore.kernel.org/r/1311635951-11047-5-git-send-email-vpalatin@chromium.org >>>> [ jms: - Forward ported to QEMU 5.2 ] >>>> Signed-off-by: Joel Stanley <joel@jms.id.au> >>>> [ clg: - ported on aspeed-7.0 patchset >>>> - HPI activation ] >>>> Signed-off-by: Cédric Le Goater <clg@kaod.org> >>>> --- >>>> hw/sd/sdmmc-internal.h | 97 +++++++++++++++++++ >>>> include/hw/sd/sd.h | 9 ++ >>>> hw/sd/sd.c | 205 ++++++++++++++++++++++++++++++++++++++++- >>>> hw/sd/sdmmc-internal.c | 2 +- >>>> 4 files changed, 311 insertions(+), 2 deletions(-) >>> >>> >>>> +static void emmc_class_init(ObjectClass *klass, void *data) >>>> +{ >>>> + DeviceClass *dc = DEVICE_CLASS(klass); >>>> + SDCardClass *sc = SD_CARD_CLASS(klass); >>>> + >>>> + dc->desc = "eMMC"; >>>> + sc->proto = &sd_proto_emmc; >>>> + sc->spec_version = SD_PHY_SPECv3_01_VERS; /* eMMC requirement */ >>>> + sc->set_csd = sd_emmc_set_csd; >>>> +} >>>> + >>>> +static const TypeInfo emmc_info = { >>>> + .name = TYPE_EMMC, >>>> + .parent = TYPE_SD_CARD, >>> >>> Hmm this is odd to have the model inheriting features from SD_CARD but then behaving differently (one could enumerate QDEV objects implementing >>> TYPE_SD_CARD then use them expecting they match the SD card protocol). >>> >>> Why do you need to have TYPE_SD_CARD as parent? >> >> Simply for the initialization. >>> Could we simply duplicate sd_class_init() assignations instead? That >>> would likely make it easier to modify eMMC handlers. >> >> May be we lack a base abstract class ? > > I've been thinking about it but maybe not enough. I'll revisit. > >> It would clean up this section in the realize routine : >> >> sd->proto = sd->spi ? &sd_proto_spi : &sd_proto_sd; >> >> if (sc->proto) { >> sd->proto = sc->proto; >> } > > In v2 I moved the 'proto' field from instance to class, so we don't need > this hack anymore. Indeed : static void sd_realize(DeviceState *dev, Error **errp) { SDState *sd = SD_CARD(dev); SDCardClass *sc = SD_CARD_GET_CLASS(sd); int ret; sc->proto = sd->spi ? &sd_proto_spi : &sd_proto_sd; ... but this is assigning a class attribute from an instance :/ C.
diff --git a/hw/sd/sdmmc-internal.h b/hw/sd/sdmmc-internal.h index d8bf17d204fc..2b98f117cd8f 100644 --- a/hw/sd/sdmmc-internal.h +++ b/hw/sd/sdmmc-internal.h @@ -37,4 +37,101 @@ const char *sd_cmd_name(uint8_t cmd); */ const char *sd_acmd_name(uint8_t cmd); +/* + * EXT_CSD fields + */ + +#define EXT_CSD_CMDQ_MODE_EN 15 /* R/W */ +#define EXT_CSD_FLUSH_CACHE 32 /* W */ +#define EXT_CSD_CACHE_CTRL 33 /* R/W */ +#define EXT_CSD_POWER_OFF_NOTIFICATION 34 /* R/W */ +#define EXT_CSD_PACKED_FAILURE_INDEX 35 /* RO */ +#define EXT_CSD_PACKED_CMD_STATUS 36 /* RO */ +#define EXT_CSD_EXP_EVENTS_STATUS 54 /* RO, 2 bytes */ +#define EXT_CSD_EXP_EVENTS_CTRL 56 /* R/W, 2 bytes */ +#define EXT_CSD_DATA_SECTOR_SIZE 61 /* R */ +#define EXT_CSD_GP_SIZE_MULT 143 /* R/W */ +#define EXT_CSD_PARTITION_SETTING_COMPLETED 155 /* R/W */ +#define EXT_CSD_PARTITION_ATTRIBUTE 156 /* R/W */ +#define EXT_CSD_PARTITION_SUPPORT 160 /* RO */ +#define EXT_CSD_HPI_MGMT 161 /* R/W */ +#define EXT_CSD_RST_N_FUNCTION 162 /* R/W */ +#define EXT_CSD_BKOPS_EN 163 /* R/W */ +#define EXT_CSD_BKOPS_START 164 /* W */ +#define EXT_CSD_SANITIZE_START 165 /* W */ +#define EXT_CSD_WR_REL_PARAM 166 /* RO */ +#define EXT_CSD_RPMB_MULT 168 /* RO */ +#define EXT_CSD_FW_CONFIG 169 /* R/W */ +#define EXT_CSD_BOOT_WP 173 /* R/W */ +#define EXT_CSD_ERASE_GROUP_DEF 175 /* R/W */ +#define EXT_CSD_PART_CONFIG 179 /* R/W */ +#define EXT_CSD_ERASED_MEM_CONT 181 /* RO */ +#define EXT_CSD_BUS_WIDTH 183 /* R/W */ +#define EXT_CSD_STROBE_SUPPORT 184 /* RO */ +#define EXT_CSD_HS_TIMING 185 /* R/W */ +#define EXT_CSD_POWER_CLASS 187 /* R/W */ +#define EXT_CSD_REV 192 /* RO */ +#define EXT_CSD_STRUCTURE 194 /* RO */ +#define EXT_CSD_CARD_TYPE 196 /* RO */ +#define EXT_CSD_DRIVER_STRENGTH 197 /* RO */ +#define EXT_CSD_OUT_OF_INTERRUPT_TIME 198 /* RO */ +#define EXT_CSD_PART_SWITCH_TIME 199 /* RO */ +#define EXT_CSD_PWR_CL_52_195 200 /* RO */ +#define EXT_CSD_PWR_CL_26_195 201 /* RO */ +#define EXT_CSD_PWR_CL_52_360 202 /* RO */ +#define EXT_CSD_PWR_CL_26_360 203 /* RO */ +#define EXT_CSD_SEC_CNT 212 /* RO, 4 bytes */ +#define EXT_CSD_S_A_TIMEOUT 217 /* RO */ +#define EXT_CSD_S_C_VCCQ 219 /* RO */ +#define EXT_CSD_S_C_VCC 220 /* RO */ +#define EXT_CSD_REL_WR_SEC_C 222 /* RO */ +#define EXT_CSD_HC_WP_GRP_SIZE 221 /* RO */ +#define EXT_CSD_ERASE_TIMEOUT_MULT 223 /* RO */ +#define EXT_CSD_HC_ERASE_GRP_SIZE 224 /* RO */ +#define EXT_CSD_ACC_SIZE 225 /* RO */ +#define EXT_CSD_BOOT_MULT 226 /* RO */ +#define EXT_CSD_BOOT_INFO 228 /* RO */ +#define EXT_CSD_SEC_TRIM_MULT 229 /* RO */ +#define EXT_CSD_SEC_ERASE_MULT 230 /* RO */ +#define EXT_CSD_SEC_FEATURE_SUPPORT 231 /* RO */ +#define EXT_CSD_TRIM_MULT 232 /* RO */ +#define EXT_CSD_PWR_CL_200_195 236 /* RO */ +#define EXT_CSD_PWR_CL_200_360 237 /* RO */ +#define EXT_CSD_PWR_CL_DDR_52_195 238 /* RO */ +#define EXT_CSD_PWR_CL_DDR_52_360 239 /* RO */ +#define EXT_CSD_BKOPS_STATUS 246 /* RO */ +#define EXT_CSD_POWER_OFF_LONG_TIME 247 /* RO */ +#define EXT_CSD_GENERIC_CMD6_TIME 248 /* RO */ +#define EXT_CSD_CACHE_SIZE 249 /* RO, 4 bytes */ +#define EXT_CSD_PWR_CL_DDR_200_360 253 /* RO */ +#define EXT_CSD_FIRMWARE_VERSION 254 /* RO, 8 bytes */ +#define EXT_CSD_PRE_EOL_INFO 267 /* RO */ +#define EXT_CSD_DEVICE_LIFE_TIME_EST_TYP_A 268 /* RO */ +#define EXT_CSD_DEVICE_LIFE_TIME_EST_TYP_B 269 /* RO */ +#define EXT_CSD_CMDQ_DEPTH 307 /* RO */ +#define EXT_CSD_CMDQ_SUPPORT 308 /* RO */ +#define EXT_CSD_SUPPORTED_MODE 493 /* RO */ +#define EXT_CSD_TAG_UNIT_SIZE 498 /* RO */ +#define EXT_CSD_DATA_TAG_SUPPORT 499 /* RO */ +#define EXT_CSD_MAX_PACKED_WRITES 500 /* RO */ +#define EXT_CSD_MAX_PACKED_READS 501 /* RO */ +#define EXT_CSD_BKOPS_SUPPORT 502 /* RO */ +#define EXT_CSD_HPI_FEATURES 503 /* RO */ +#define EXT_CSD_S_CMD_SET 504 /* RO */ + +/* + * EXT_CSD field definitions + */ + +#define EXT_CSD_WR_REL_PARAM_EN (1 << 2) +#define EXT_CSD_WR_REL_PARAM_EN_RPMB_REL_WR (1 << 4) + +#define EXT_CSD_PART_CONFIG_ACC_MASK (0x7) +#define EXT_CSD_PART_CONFIG_ACC_DEFAULT (0x0) +#define EXT_CSD_PART_CONFIG_ACC_BOOT0 (0x1) + +#define EXT_CSD_PART_CONFIG_EN_MASK (0x7 << 3) +#define EXT_CSD_PART_CONFIG_EN_BOOT0 (0x1 << 3) +#define EXT_CSD_PART_CONFIG_EN_USER (0x7 << 3) + #endif diff --git a/include/hw/sd/sd.h b/include/hw/sd/sd.h index 47360ba4ee98..dfe661079b8a 100644 --- a/include/hw/sd/sd.h +++ b/include/hw/sd/sd.h @@ -93,6 +93,11 @@ typedef struct { #define TYPE_SD_CARD "sd-card" OBJECT_DECLARE_TYPE(SDState, SDCardClass, SD_CARD) +#define TYPE_EMMC "emmc" +DECLARE_INSTANCE_CHECKER(SDState, EMMC, TYPE_EMMC) + +struct SDProto; + struct SDCardClass { /*< private >*/ DeviceClass parent_class; @@ -124,6 +129,10 @@ struct SDCardClass { void (*enable)(SDState *sd, bool enable); bool (*get_inserted)(SDState *sd); bool (*get_readonly)(SDState *sd); + + const struct SDProto *proto; + uint8_t spec_version; + void (*set_csd)(SDState *sd, uint64_t size); }; #define TYPE_SD_BUS "sd-bus" diff --git a/hw/sd/sd.c b/hw/sd/sd.c index 602ed6eb0701..5d7f04adf5a4 100644 --- a/hw/sd/sd.c +++ b/hw/sd/sd.c @@ -144,6 +144,7 @@ struct SDState { uint64_t data_start; uint32_t data_offset; uint8_t data[512]; + uint8_t ext_csd[512]; qemu_irq readonly_cb; qemu_irq inserted_cb; QEMUTimer *ocr_power_timer; @@ -390,8 +391,85 @@ static const uint8_t sd_csd_rw_mask[16] = { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0xfc, 0xfe, }; +static void mmc_set_ext_csd(SDState *sd, uint64_t size) +{ + uint32_t sectcount = size >> HWBLOCK_SHIFT; + + memset(sd->ext_csd, 0, sizeof(sd->ext_csd)); + + sd->ext_csd[EXT_CSD_S_CMD_SET] = 0x1; /* supported command sets */ + sd->ext_csd[EXT_CSD_HPI_FEATURES] = 0x3; /* HPI features */ + sd->ext_csd[EXT_CSD_BKOPS_SUPPORT] = 0x1; /* Background operations */ + sd->ext_csd[241] = 0xA; /* 1st initialization time after partitioning */ + sd->ext_csd[EXT_CSD_TRIM_MULT] = 0x1; /* Trim multiplier */ + sd->ext_csd[EXT_CSD_SEC_FEATURE_SUPPORT] = 0x15; /* Secure feature */ + sd->ext_csd[EXT_CSD_SEC_ERASE_MULT] = 0x96; /* Secure erase support */ + sd->ext_csd[EXT_CSD_SEC_TRIM_MULT] = 0x96; /* Secure TRIM multiplier */ + sd->ext_csd[EXT_CSD_BOOT_INFO] = 0x7; /* Boot information */ + sd->ext_csd[EXT_CSD_BOOT_MULT] = 0x8; /* Boot partition size. 128KB unit */ + sd->ext_csd[EXT_CSD_ACC_SIZE] = 0x6; /* Access size */ + sd->ext_csd[EXT_CSD_HC_ERASE_GRP_SIZE] = 0x4; /* HC Erase unit size */ + sd->ext_csd[EXT_CSD_ERASE_TIMEOUT_MULT] = 0x1; /* HC erase timeout */ + sd->ext_csd[EXT_CSD_REL_WR_SEC_C] = 0x1; /* Reliable write sector count */ + sd->ext_csd[EXT_CSD_HC_WP_GRP_SIZE] = 0x4; /* HC write protect group size */ + sd->ext_csd[EXT_CSD_S_C_VCC] = 0x8; /* Sleep current VCC */ + sd->ext_csd[EXT_CSD_S_C_VCCQ] = 0x7; /* Sleep current VCCQ */ + sd->ext_csd[EXT_CSD_S_A_TIMEOUT] = 0x11; /* Sleep/Awake timeout */ + sd->ext_csd[215] = (sectcount >> 24) & 0xff; /* Sector count */ + sd->ext_csd[214] = (sectcount >> 16) & 0xff; /* ... */ + sd->ext_csd[213] = (sectcount >> 8) & 0xff; /* ... */ + sd->ext_csd[EXT_CSD_SEC_CNT] = (sectcount & 0xff); /* ... */ + sd->ext_csd[210] = 0xa; /* Min write perf for 8bit@52Mhz */ + sd->ext_csd[209] = 0xa; /* Min read perf for 8bit@52Mhz */ + sd->ext_csd[208] = 0xa; /* Min write perf for 4bit@52Mhz */ + sd->ext_csd[207] = 0xa; /* Min read perf for 4bit@52Mhz */ + sd->ext_csd[206] = 0xa; /* Min write perf for 4bit@26Mhz */ + sd->ext_csd[205] = 0xa; /* Min read perf for 4bit@26Mhz */ + sd->ext_csd[EXT_CSD_PART_SWITCH_TIME] = 0x1; + sd->ext_csd[EXT_CSD_OUT_OF_INTERRUPT_TIME] = 0x1; + sd->ext_csd[EXT_CSD_CARD_TYPE] = 0x7; + sd->ext_csd[EXT_CSD_STRUCTURE] = 0x2; + sd->ext_csd[EXT_CSD_REV] = 0x5; + sd->ext_csd[EXT_CSD_RPMB_MULT] = 0x1; /* RPMB size */ + sd->ext_csd[EXT_CSD_PARTITION_SUPPORT] = 0x3; + sd->ext_csd[159] = 0x00; /* Max enhanced area size */ + sd->ext_csd[158] = 0x00; /* ... */ + sd->ext_csd[157] = 0xEC; /* ... */ +} + +static void sd_emmc_set_csd(SDState *sd, uint64_t size) +{ + sd->csd[0] = 0xd0; + sd->csd[1] = 0x0f; + sd->csd[2] = 0x00; + sd->csd[3] = 0x32; + sd->csd[4] = 0x0f; + if (size <= 2 * GiB) { + /* use 1k blocks */ + uint32_t csize1k = (size >> (CMULT_SHIFT + 10)) - 1; + sd->csd[5] = 0x5a; + sd->csd[6] = 0x80 | ((csize1k >> 10) & 0xf); + sd->csd[7] = (csize1k >> 2) & 0xff; + } else { /* >= 2GB : size stored in ext CSD, block addressing */ + sd->csd[5] = 0x59; + sd->csd[6] = 0x8f; + sd->csd[7] = 0xff; + sd->ocr = FIELD_DP32(sd->ocr, OCR, CARD_CAPACITY, 1); + } + sd->csd[8] = 0xff; + sd->csd[9] = 0xff; + sd->csd[10] = 0xf7; + sd->csd[11] = 0xfe; + sd->csd[12] = 0x49; + sd->csd[13] = 0x10; + sd->csd[14] = 0x00; + sd->csd[15] = (sd_crc7(sd->csd, 15) << 1) | 1; + mmc_set_ext_csd(sd, size); +} + static void sd_set_csd(SDState *sd, uint64_t size) { + SDCardClass *sc = SD_CARD_GET_CLASS(sd); int hwblock_shift = HWBLOCK_SHIFT; uint32_t csize; uint32_t sectsize = (1 << (SECTOR_SHIFT + 1)) - 1; @@ -403,7 +481,9 @@ static void sd_set_csd(SDState *sd, uint64_t size) } csize = (size >> (CMULT_SHIFT + hwblock_shift)) - 1; - if (size <= SDSC_MAX_CAPACITY) { /* Standard Capacity SD */ + if (sc->set_csd) { + sc->set_csd(sd, size); + } else if (size <= SDSC_MAX_CAPACITY) { /* Standard Capacity SD */ sd->csd[0] = 0x00; /* CSD structure */ sd->csd[1] = 0x26; /* Data read access-time-1 */ sd->csd[2] = 0x00; /* Data read access-time-2 */ @@ -1028,6 +1108,25 @@ static sd_rsp_type_t sd_cmd_ALL_SEND_CID(SDState *sd, SDRequest req) return sd_r2_i; } +static void sd_emmc_set_rca(SDState *sd, uint16_t value) +{ + sd->rca = value; +} + +static sd_rsp_type_t sd_emmc_cmd_SEND_RELATIVE_ADDR(SDState *sd, SDRequest req) +{ + switch (sd->state) { + case sd_identification_state: + case sd_standby_state: + sd->state = sd_standby_state; + sd_emmc_set_rca(sd, req.arg >> 16); + return sd_r1; + + default: + return sd_invalid_state_for_cmd(sd, req); + } +} + static sd_rsp_type_t sd_cmd_SEND_RELATIVE_ADDR(SDState *sd, SDRequest req) { switch (sd->state) { @@ -2003,6 +2102,14 @@ uint8_t sd_read_byte(SDState *sd) sd->state = sd_transfer_state; break; + case 8: /* CMD8: SEND_EXT_CSD on MMC */ + ret = sd->data[sd->data_offset++]; + + if (sd->data_offset >= sizeof(sd->ext_csd)) { + sd->state = sd_transfer_state; + } + break; + case 9: /* CMD9: SEND_CSD */ case 10: /* CMD10: SEND_CID */ ret = sd->data[sd->data_offset ++]; @@ -2144,6 +2251,75 @@ static const SDProto sd_proto_sd = { }, }; +static sd_rsp_type_t sd_emmc_cmd_SEND_OP_CMD(SDState *sd, SDRequest req) +{ + sd->state = sd_ready_state; + return sd_r3; +} + +static sd_rsp_type_t sd_emmc_cmd_ALL_SEND_CID(SDState *sd, SDRequest req) +{ + if (sd->state != sd_ready_state && sd->state != sd_idle_state) { + return sd_invalid_state_for_cmd(sd, req); + } + + sd->state = sd_identification_state; + + return sd_r2_i; +} + +static sd_rsp_type_t sd_emmc_cmd_SEND_EXT_CSD(SDState *sd, SDRequest req) +{ + uint64_t addr = (sd->ocr & (1 << 30)) ? (uint64_t) req.arg << 9 : req.arg; + + switch (sd->state) { + case sd_transfer_state: + /* MMC : Sends the EXT_CSD register as a Block of data */ + sd->state = sd_sendingdata_state; + memcpy(sd->data, sd->ext_csd, sizeof(sd->ext_csd)); + sd->data_start = addr; + sd->data_offset = 0; + return sd_r1; + default: + return sd_invalid_state_for_cmd(sd, req); + } +} + +static sd_rsp_type_t sd_emmc_cmd_APP_CMD(SDState *sd, SDRequest req) +{ + return sd_r0; +} + +static sd_rsp_type_t sd_emmc_cmd_SEND_TUNING_BLOCK(SDState *sd, SDRequest req) +{ + if (sd->state != sd_transfer_state) { + sd_invalid_state_for_cmd(sd, req); + } + + sd->state = sd_sendingdata_state; + sd->data_offset = 0; + return sd_r1; +} + +static const SDProto sd_proto_emmc = { + .name = "eMMC", + .cmd = { + [0] = sd_cmd_GO_IDLE_STATE, + [1] = sd_emmc_cmd_SEND_OP_CMD, + [2] = sd_emmc_cmd_ALL_SEND_CID, + [3] = sd_emmc_cmd_SEND_RELATIVE_ADDR, + [5] = sd_cmd_illegal, + [8] = sd_emmc_cmd_SEND_EXT_CSD, + [19] = sd_cmd_SEND_TUNING_BLOCK, + [21] = sd_emmc_cmd_SEND_TUNING_BLOCK, + [41] = sd_cmd_illegal, + [52 ... 54] = sd_cmd_illegal, + [55] = sd_emmc_cmd_APP_CMD, + [58] = sd_cmd_illegal, + [59] = sd_cmd_illegal, + }, +}; + static void sd_instance_init(Object *obj) { SDState *sd = SD_CARD(obj); @@ -2162,10 +2338,19 @@ static void sd_instance_finalize(Object *obj) static void sd_realize(DeviceState *dev, Error **errp) { SDState *sd = SD_CARD(dev); + SDCardClass *sc = SD_CARD_GET_CLASS(sd); int ret; sd->proto = sd->spi ? &sd_proto_spi : &sd_proto_sd; + if (sc->proto) { + sd->proto = sc->proto; + } + + if (sc->spec_version) { + sd->spec_version = sc->spec_version; + } + switch (sd->spec_version) { case SD_PHY_SPECv1_10_VERS ... SD_PHY_SPECv3_01_VERS: @@ -2261,9 +2446,27 @@ static const TypeInfo sd_info = { .instance_finalize = sd_instance_finalize, }; +static void emmc_class_init(ObjectClass *klass, void *data) +{ + DeviceClass *dc = DEVICE_CLASS(klass); + SDCardClass *sc = SD_CARD_CLASS(klass); + + dc->desc = "eMMC"; + sc->proto = &sd_proto_emmc; + sc->spec_version = SD_PHY_SPECv3_01_VERS; /* eMMC requirement */ + sc->set_csd = sd_emmc_set_csd; +} + +static const TypeInfo emmc_info = { + .name = TYPE_EMMC, + .parent = TYPE_SD_CARD, + .class_init = emmc_class_init, + }; + static void sd_register_types(void) { type_register_static(&sd_info); + type_register_static(&emmc_info); } type_init(sd_register_types) diff --git a/hw/sd/sdmmc-internal.c b/hw/sd/sdmmc-internal.c index 2053def3f10b..8648a7808dcc 100644 --- a/hw/sd/sdmmc-internal.c +++ b/hw/sd/sdmmc-internal.c @@ -14,7 +14,7 @@ const char *sd_cmd_name(uint8_t cmd) { static const char *cmd_abbrev[SDMMC_CMD_MAX] = { - [0] = "GO_IDLE_STATE", + [0] = "GO_IDLE_STATE", [1] = "SEND_OP_CMD", [2] = "ALL_SEND_CID", [3] = "SEND_RELATIVE_ADDR", [4] = "SET_DSR", [5] = "IO_SEND_OP_COND", [6] = "SWITCH_FUNC", [7] = "SELECT/DESELECT_CARD",