Loading...
1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * Driver for SanDisk SDDR-09 SmartMedia reader
4 *
5 * (c) 2000, 2001 Robert Baruch (autophile@starband.net)
6 * (c) 2002 Andries Brouwer (aeb@cwi.nl)
7 * Developed with the assistance of:
8 * (c) 2002 Alan Stern <stern@rowland.org>
9 *
10 * The SanDisk SDDR-09 SmartMedia reader uses the Shuttle EUSB-01 chip.
11 * This chip is a programmable USB controller. In the SDDR-09, it has
12 * been programmed to obey a certain limited set of SCSI commands.
13 * This driver translates the "real" SCSI commands to the SDDR-09 SCSI
14 * commands.
15 */
16
17/*
18 * Known vendor commands: 12 bytes, first byte is opcode
19 *
20 * E7: read scatter gather
21 * E8: read
22 * E9: write
23 * EA: erase
24 * EB: reset
25 * EC: read status
26 * ED: read ID
27 * EE: write CIS (?)
28 * EF: compute checksum (?)
29 */
30
31#include <linux/errno.h>
32#include <linux/module.h>
33#include <linux/slab.h>
34
35#include <scsi/scsi.h>
36#include <scsi/scsi_cmnd.h>
37#include <scsi/scsi_device.h>
38
39#include "usb.h"
40#include "transport.h"
41#include "protocol.h"
42#include "debug.h"
43#include "scsiglue.h"
44
45#define DRV_NAME "ums-sddr09"
46
47MODULE_DESCRIPTION("Driver for SanDisk SDDR-09 SmartMedia reader");
48MODULE_AUTHOR("Andries Brouwer <aeb@cwi.nl>, Robert Baruch <autophile@starband.net>");
49MODULE_LICENSE("GPL");
50MODULE_IMPORT_NS(USB_STORAGE);
51
52static int usb_stor_sddr09_dpcm_init(struct us_data *us);
53static int sddr09_transport(struct scsi_cmnd *srb, struct us_data *us);
54static int usb_stor_sddr09_init(struct us_data *us);
55
56
57/*
58 * The table of devices
59 */
60#define UNUSUAL_DEV(id_vendor, id_product, bcdDeviceMin, bcdDeviceMax, \
61 vendorName, productName, useProtocol, useTransport, \
62 initFunction, flags) \
63{ USB_DEVICE_VER(id_vendor, id_product, bcdDeviceMin, bcdDeviceMax), \
64 .driver_info = (flags) }
65
66static struct usb_device_id sddr09_usb_ids[] = {
67# include "unusual_sddr09.h"
68 { } /* Terminating entry */
69};
70MODULE_DEVICE_TABLE(usb, sddr09_usb_ids);
71
72#undef UNUSUAL_DEV
73
74/*
75 * The flags table
76 */
77#define UNUSUAL_DEV(idVendor, idProduct, bcdDeviceMin, bcdDeviceMax, \
78 vendor_name, product_name, use_protocol, use_transport, \
79 init_function, Flags) \
80{ \
81 .vendorName = vendor_name, \
82 .productName = product_name, \
83 .useProtocol = use_protocol, \
84 .useTransport = use_transport, \
85 .initFunction = init_function, \
86}
87
88static struct us_unusual_dev sddr09_unusual_dev_list[] = {
89# include "unusual_sddr09.h"
90 { } /* Terminating entry */
91};
92
93#undef UNUSUAL_DEV
94
95
96#define short_pack(lsb,msb) ( ((u16)(lsb)) | ( ((u16)(msb))<<8 ) )
97#define LSB_of(s) ((s)&0xFF)
98#define MSB_of(s) ((s)>>8)
99
100/*
101 * First some stuff that does not belong here:
102 * data on SmartMedia and other cards, completely
103 * unrelated to this driver.
104 * Similar stuff occurs in <linux/mtd/nand_ids.h>.
105 */
106
107struct nand_flash_dev {
108 int model_id;
109 int chipshift; /* 1<<cs bytes total capacity */
110 char pageshift; /* 1<<ps bytes in a page */
111 char blockshift; /* 1<<bs pages in an erase block */
112 char zoneshift; /* 1<<zs blocks in a zone */
113 /* # of logical blocks is 125/128 of this */
114 char pageadrlen; /* length of an address in bytes - 1 */
115};
116
117/*
118 * NAND Flash Manufacturer ID Codes
119 */
120#define NAND_MFR_AMD 0x01
121#define NAND_MFR_NATSEMI 0x8f
122#define NAND_MFR_TOSHIBA 0x98
123#define NAND_MFR_SAMSUNG 0xec
124
125static inline char *nand_flash_manufacturer(int manuf_id) {
126 switch(manuf_id) {
127 case NAND_MFR_AMD:
128 return "AMD";
129 case NAND_MFR_NATSEMI:
130 return "NATSEMI";
131 case NAND_MFR_TOSHIBA:
132 return "Toshiba";
133 case NAND_MFR_SAMSUNG:
134 return "Samsung";
135 default:
136 return "unknown";
137 }
138}
139
140/*
141 * It looks like it is unnecessary to attach manufacturer to the
142 * remaining data: SSFDC prescribes manufacturer-independent id codes.
143 *
144 * 256 MB NAND flash has a 5-byte ID with 2nd byte 0xaa, 0xba, 0xca or 0xda.
145 */
146
147static struct nand_flash_dev nand_flash_ids[] = {
148 /* NAND flash */
149 { 0x6e, 20, 8, 4, 8, 2}, /* 1 MB */
150 { 0xe8, 20, 8, 4, 8, 2}, /* 1 MB */
151 { 0xec, 20, 8, 4, 8, 2}, /* 1 MB */
152 { 0x64, 21, 8, 4, 9, 2}, /* 2 MB */
153 { 0xea, 21, 8, 4, 9, 2}, /* 2 MB */
154 { 0x6b, 22, 9, 4, 9, 2}, /* 4 MB */
155 { 0xe3, 22, 9, 4, 9, 2}, /* 4 MB */
156 { 0xe5, 22, 9, 4, 9, 2}, /* 4 MB */
157 { 0xe6, 23, 9, 4, 10, 2}, /* 8 MB */
158 { 0x73, 24, 9, 5, 10, 2}, /* 16 MB */
159 { 0x75, 25, 9, 5, 10, 2}, /* 32 MB */
160 { 0x76, 26, 9, 5, 10, 3}, /* 64 MB */
161 { 0x79, 27, 9, 5, 10, 3}, /* 128 MB */
162
163 /* MASK ROM */
164 { 0x5d, 21, 9, 4, 8, 2}, /* 2 MB */
165 { 0xd5, 22, 9, 4, 9, 2}, /* 4 MB */
166 { 0xd6, 23, 9, 4, 10, 2}, /* 8 MB */
167 { 0x57, 24, 9, 4, 11, 2}, /* 16 MB */
168 { 0x58, 25, 9, 4, 12, 2}, /* 32 MB */
169 { 0,}
170};
171
172static struct nand_flash_dev *
173nand_find_id(unsigned char id) {
174 int i;
175
176 for (i = 0; i < ARRAY_SIZE(nand_flash_ids); i++)
177 if (nand_flash_ids[i].model_id == id)
178 return &(nand_flash_ids[i]);
179 return NULL;
180}
181
182/*
183 * ECC computation.
184 */
185static unsigned char parity[256];
186static unsigned char ecc2[256];
187
188static void nand_init_ecc(void) {
189 int i, j, a;
190
191 parity[0] = 0;
192 for (i = 1; i < 256; i++)
193 parity[i] = (parity[i&(i-1)] ^ 1);
194
195 for (i = 0; i < 256; i++) {
196 a = 0;
197 for (j = 0; j < 8; j++) {
198 if (i & (1<<j)) {
199 if ((j & 1) == 0)
200 a ^= 0x04;
201 if ((j & 2) == 0)
202 a ^= 0x10;
203 if ((j & 4) == 0)
204 a ^= 0x40;
205 }
206 }
207 ecc2[i] = ~(a ^ (a<<1) ^ (parity[i] ? 0xa8 : 0));
208 }
209}
210
211/* compute 3-byte ecc on 256 bytes */
212static void nand_compute_ecc(unsigned char *data, unsigned char *ecc) {
213 int i, j, a;
214 unsigned char par = 0, bit, bits[8] = {0};
215
216 /* collect 16 checksum bits */
217 for (i = 0; i < 256; i++) {
218 par ^= data[i];
219 bit = parity[data[i]];
220 for (j = 0; j < 8; j++)
221 if ((i & (1<<j)) == 0)
222 bits[j] ^= bit;
223 }
224
225 /* put 4+4+4 = 12 bits in the ecc */
226 a = (bits[3] << 6) + (bits[2] << 4) + (bits[1] << 2) + bits[0];
227 ecc[0] = ~(a ^ (a<<1) ^ (parity[par] ? 0xaa : 0));
228
229 a = (bits[7] << 6) + (bits[6] << 4) + (bits[5] << 2) + bits[4];
230 ecc[1] = ~(a ^ (a<<1) ^ (parity[par] ? 0xaa : 0));
231
232 ecc[2] = ecc2[par];
233}
234
235static int nand_compare_ecc(unsigned char *data, unsigned char *ecc) {
236 return (data[0] == ecc[0] && data[1] == ecc[1] && data[2] == ecc[2]);
237}
238
239static void nand_store_ecc(unsigned char *data, unsigned char *ecc) {
240 memcpy(data, ecc, 3);
241}
242
243/*
244 * The actual driver starts here.
245 */
246
247struct sddr09_card_info {
248 unsigned long capacity; /* Size of card in bytes */
249 int pagesize; /* Size of page in bytes */
250 int pageshift; /* log2 of pagesize */
251 int blocksize; /* Size of block in pages */
252 int blockshift; /* log2 of blocksize */
253 int blockmask; /* 2^blockshift - 1 */
254 int *lba_to_pba; /* logical to physical map */
255 int *pba_to_lba; /* physical to logical map */
256 int lbact; /* number of available pages */
257 int flags;
258#define SDDR09_WP 1 /* write protected */
259};
260
261/*
262 * On my 16MB card, control blocks have size 64 (16 real control bytes,
263 * and 48 junk bytes). In reality of course the card uses 16 control bytes,
264 * so the reader makes up the remaining 48. Don't know whether these numbers
265 * depend on the card. For now a constant.
266 */
267#define CONTROL_SHIFT 6
268
269/*
270 * On my Combo CF/SM reader, the SM reader has LUN 1.
271 * (and things fail with LUN 0).
272 * It seems LUN is irrelevant for others.
273 */
274#define LUN 1
275#define LUNBITS (LUN << 5)
276
277/*
278 * LBA and PBA are unsigned ints. Special values.
279 */
280#define UNDEF 0xffffffff
281#define SPARE 0xfffffffe
282#define UNUSABLE 0xfffffffd
283
284static const int erase_bad_lba_entries = 0;
285
286/* send vendor interface command (0x41) */
287/* called for requests 0, 1, 8 */
288static int
289sddr09_send_command(struct us_data *us,
290 unsigned char request,
291 unsigned char direction,
292 unsigned char *xfer_data,
293 unsigned int xfer_len) {
294 unsigned int pipe;
295 unsigned char requesttype = (0x41 | direction);
296 int rc;
297
298 // Get the receive or send control pipe number
299
300 if (direction == USB_DIR_IN)
301 pipe = us->recv_ctrl_pipe;
302 else
303 pipe = us->send_ctrl_pipe;
304
305 rc = usb_stor_ctrl_transfer(us, pipe, request, requesttype,
306 0, 0, xfer_data, xfer_len);
307 switch (rc) {
308 case USB_STOR_XFER_GOOD: return 0;
309 case USB_STOR_XFER_STALLED: return -EPIPE;
310 default: return -EIO;
311 }
312}
313
314static int
315sddr09_send_scsi_command(struct us_data *us,
316 unsigned char *command,
317 unsigned int command_len) {
318 return sddr09_send_command(us, 0, USB_DIR_OUT, command, command_len);
319}
320
321#if 0
322/*
323 * Test Unit Ready Command: 12 bytes.
324 * byte 0: opcode: 00
325 */
326static int
327sddr09_test_unit_ready(struct us_data *us) {
328 unsigned char *command = us->iobuf;
329 int result;
330
331 memset(command, 0, 6);
332 command[1] = LUNBITS;
333
334 result = sddr09_send_scsi_command(us, command, 6);
335
336 usb_stor_dbg(us, "sddr09_test_unit_ready returns %d\n", result);
337
338 return result;
339}
340#endif
341
342/*
343 * Request Sense Command: 12 bytes.
344 * byte 0: opcode: 03
345 * byte 4: data length
346 */
347static int
348sddr09_request_sense(struct us_data *us, unsigned char *sensebuf, int buflen) {
349 unsigned char *command = us->iobuf;
350 int result;
351
352 memset(command, 0, 12);
353 command[0] = 0x03;
354 command[1] = LUNBITS;
355 command[4] = buflen;
356
357 result = sddr09_send_scsi_command(us, command, 12);
358 if (result)
359 return result;
360
361 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe,
362 sensebuf, buflen, NULL);
363 return (result == USB_STOR_XFER_GOOD ? 0 : -EIO);
364}
365
366/*
367 * Read Command: 12 bytes.
368 * byte 0: opcode: E8
369 * byte 1: last two bits: 00: read data, 01: read blockwise control,
370 * 10: read both, 11: read pagewise control.
371 * It turns out we need values 20, 21, 22, 23 here (LUN 1).
372 * bytes 2-5: address (interpretation depends on byte 1, see below)
373 * bytes 10-11: count (idem)
374 *
375 * A page has 512 data bytes and 64 control bytes (16 control and 48 junk).
376 * A read data command gets data in 512-byte pages.
377 * A read control command gets control in 64-byte chunks.
378 * A read both command gets data+control in 576-byte chunks.
379 *
380 * Blocks are groups of 32 pages, and read blockwise control jumps to the
381 * next block, while read pagewise control jumps to the next page after
382 * reading a group of 64 control bytes.
383 * [Here 512 = 1<<pageshift, 32 = 1<<blockshift, 64 is constant?]
384 *
385 * (1 MB and 2 MB cards are a bit different, but I have only a 16 MB card.)
386 */
387
388static int
389sddr09_readX(struct us_data *us, int x, unsigned long fromaddress,
390 int nr_of_pages, int bulklen, unsigned char *buf,
391 int use_sg) {
392
393 unsigned char *command = us->iobuf;
394 int result;
395
396 command[0] = 0xE8;
397 command[1] = LUNBITS | x;
398 command[2] = MSB_of(fromaddress>>16);
399 command[3] = LSB_of(fromaddress>>16);
400 command[4] = MSB_of(fromaddress & 0xFFFF);
401 command[5] = LSB_of(fromaddress & 0xFFFF);
402 command[6] = 0;
403 command[7] = 0;
404 command[8] = 0;
405 command[9] = 0;
406 command[10] = MSB_of(nr_of_pages);
407 command[11] = LSB_of(nr_of_pages);
408
409 result = sddr09_send_scsi_command(us, command, 12);
410
411 if (result) {
412 usb_stor_dbg(us, "Result for send_control in sddr09_read2%d %d\n",
413 x, result);
414 return result;
415 }
416
417 result = usb_stor_bulk_transfer_sg(us, us->recv_bulk_pipe,
418 buf, bulklen, use_sg, NULL);
419
420 if (result != USB_STOR_XFER_GOOD) {
421 usb_stor_dbg(us, "Result for bulk_transfer in sddr09_read2%d %d\n",
422 x, result);
423 return -EIO;
424 }
425 return 0;
426}
427
428/*
429 * Read Data
430 *
431 * fromaddress counts data shorts:
432 * increasing it by 256 shifts the bytestream by 512 bytes;
433 * the last 8 bits are ignored.
434 *
435 * nr_of_pages counts pages of size (1 << pageshift).
436 */
437static int
438sddr09_read20(struct us_data *us, unsigned long fromaddress,
439 int nr_of_pages, int pageshift, unsigned char *buf, int use_sg) {
440 int bulklen = nr_of_pages << pageshift;
441
442 /* The last 8 bits of fromaddress are ignored. */
443 return sddr09_readX(us, 0, fromaddress, nr_of_pages, bulklen,
444 buf, use_sg);
445}
446
447/*
448 * Read Blockwise Control
449 *
450 * fromaddress gives the starting position (as in read data;
451 * the last 8 bits are ignored); increasing it by 32*256 shifts
452 * the output stream by 64 bytes.
453 *
454 * count counts control groups of size (1 << controlshift).
455 * For me, controlshift = 6. Is this constant?
456 *
457 * After getting one control group, jump to the next block
458 * (fromaddress += 8192).
459 */
460static int
461sddr09_read21(struct us_data *us, unsigned long fromaddress,
462 int count, int controlshift, unsigned char *buf, int use_sg) {
463
464 int bulklen = (count << controlshift);
465 return sddr09_readX(us, 1, fromaddress, count, bulklen,
466 buf, use_sg);
467}
468
469/*
470 * Read both Data and Control
471 *
472 * fromaddress counts data shorts, ignoring control:
473 * increasing it by 256 shifts the bytestream by 576 = 512+64 bytes;
474 * the last 8 bits are ignored.
475 *
476 * nr_of_pages counts pages of size (1 << pageshift) + (1 << controlshift).
477 */
478static int
479sddr09_read22(struct us_data *us, unsigned long fromaddress,
480 int nr_of_pages, int pageshift, unsigned char *buf, int use_sg) {
481
482 int bulklen = (nr_of_pages << pageshift) + (nr_of_pages << CONTROL_SHIFT);
483 usb_stor_dbg(us, "reading %d pages, %d bytes\n", nr_of_pages, bulklen);
484 return sddr09_readX(us, 2, fromaddress, nr_of_pages, bulklen,
485 buf, use_sg);
486}
487
488#if 0
489/*
490 * Read Pagewise Control
491 *
492 * fromaddress gives the starting position (as in read data;
493 * the last 8 bits are ignored); increasing it by 256 shifts
494 * the output stream by 64 bytes.
495 *
496 * count counts control groups of size (1 << controlshift).
497 * For me, controlshift = 6. Is this constant?
498 *
499 * After getting one control group, jump to the next page
500 * (fromaddress += 256).
501 */
502static int
503sddr09_read23(struct us_data *us, unsigned long fromaddress,
504 int count, int controlshift, unsigned char *buf, int use_sg) {
505
506 int bulklen = (count << controlshift);
507 return sddr09_readX(us, 3, fromaddress, count, bulklen,
508 buf, use_sg);
509}
510#endif
511
512/*
513 * Erase Command: 12 bytes.
514 * byte 0: opcode: EA
515 * bytes 6-9: erase address (big-endian, counting shorts, sector aligned).
516 *
517 * Always precisely one block is erased; bytes 2-5 and 10-11 are ignored.
518 * The byte address being erased is 2*Eaddress.
519 * The CIS cannot be erased.
520 */
521static int
522sddr09_erase(struct us_data *us, unsigned long Eaddress) {
523 unsigned char *command = us->iobuf;
524 int result;
525
526 usb_stor_dbg(us, "erase address %lu\n", Eaddress);
527
528 memset(command, 0, 12);
529 command[0] = 0xEA;
530 command[1] = LUNBITS;
531 command[6] = MSB_of(Eaddress>>16);
532 command[7] = LSB_of(Eaddress>>16);
533 command[8] = MSB_of(Eaddress & 0xFFFF);
534 command[9] = LSB_of(Eaddress & 0xFFFF);
535
536 result = sddr09_send_scsi_command(us, command, 12);
537
538 if (result)
539 usb_stor_dbg(us, "Result for send_control in sddr09_erase %d\n",
540 result);
541
542 return result;
543}
544
545/*
546 * Write CIS Command: 12 bytes.
547 * byte 0: opcode: EE
548 * bytes 2-5: write address in shorts
549 * bytes 10-11: sector count
550 *
551 * This writes at the indicated address. Don't know how it differs
552 * from E9. Maybe it does not erase? However, it will also write to
553 * the CIS.
554 *
555 * When two such commands on the same page follow each other directly,
556 * the second one is not done.
557 */
558
559/*
560 * Write Command: 12 bytes.
561 * byte 0: opcode: E9
562 * bytes 2-5: write address (big-endian, counting shorts, sector aligned).
563 * bytes 6-9: erase address (big-endian, counting shorts, sector aligned).
564 * bytes 10-11: sector count (big-endian, in 512-byte sectors).
565 *
566 * If write address equals erase address, the erase is done first,
567 * otherwise the write is done first. When erase address equals zero
568 * no erase is done?
569 */
570static int
571sddr09_writeX(struct us_data *us,
572 unsigned long Waddress, unsigned long Eaddress,
573 int nr_of_pages, int bulklen, unsigned char *buf, int use_sg) {
574
575 unsigned char *command = us->iobuf;
576 int result;
577
578 command[0] = 0xE9;
579 command[1] = LUNBITS;
580
581 command[2] = MSB_of(Waddress>>16);
582 command[3] = LSB_of(Waddress>>16);
583 command[4] = MSB_of(Waddress & 0xFFFF);
584 command[5] = LSB_of(Waddress & 0xFFFF);
585
586 command[6] = MSB_of(Eaddress>>16);
587 command[7] = LSB_of(Eaddress>>16);
588 command[8] = MSB_of(Eaddress & 0xFFFF);
589 command[9] = LSB_of(Eaddress & 0xFFFF);
590
591 command[10] = MSB_of(nr_of_pages);
592 command[11] = LSB_of(nr_of_pages);
593
594 result = sddr09_send_scsi_command(us, command, 12);
595
596 if (result) {
597 usb_stor_dbg(us, "Result for send_control in sddr09_writeX %d\n",
598 result);
599 return result;
600 }
601
602 result = usb_stor_bulk_transfer_sg(us, us->send_bulk_pipe,
603 buf, bulklen, use_sg, NULL);
604
605 if (result != USB_STOR_XFER_GOOD) {
606 usb_stor_dbg(us, "Result for bulk_transfer in sddr09_writeX %d\n",
607 result);
608 return -EIO;
609 }
610 return 0;
611}
612
613/* erase address, write same address */
614static int
615sddr09_write_inplace(struct us_data *us, unsigned long address,
616 int nr_of_pages, int pageshift, unsigned char *buf,
617 int use_sg) {
618 int bulklen = (nr_of_pages << pageshift) + (nr_of_pages << CONTROL_SHIFT);
619 return sddr09_writeX(us, address, address, nr_of_pages, bulklen,
620 buf, use_sg);
621}
622
623#if 0
624/*
625 * Read Scatter Gather Command: 3+4n bytes.
626 * byte 0: opcode E7
627 * byte 2: n
628 * bytes 4i-1,4i,4i+1: page address
629 * byte 4i+2: page count
630 * (i=1..n)
631 *
632 * This reads several pages from the card to a single memory buffer.
633 * The last two bits of byte 1 have the same meaning as for E8.
634 */
635static int
636sddr09_read_sg_test_only(struct us_data *us) {
637 unsigned char *command = us->iobuf;
638 int result, bulklen, nsg, ct;
639 unsigned char *buf;
640 unsigned long address;
641
642 nsg = bulklen = 0;
643 command[0] = 0xE7;
644 command[1] = LUNBITS;
645 command[2] = 0;
646 address = 040000; ct = 1;
647 nsg++;
648 bulklen += (ct << 9);
649 command[4*nsg+2] = ct;
650 command[4*nsg+1] = ((address >> 9) & 0xFF);
651 command[4*nsg+0] = ((address >> 17) & 0xFF);
652 command[4*nsg-1] = ((address >> 25) & 0xFF);
653
654 address = 0340000; ct = 1;
655 nsg++;
656 bulklen += (ct << 9);
657 command[4*nsg+2] = ct;
658 command[4*nsg+1] = ((address >> 9) & 0xFF);
659 command[4*nsg+0] = ((address >> 17) & 0xFF);
660 command[4*nsg-1] = ((address >> 25) & 0xFF);
661
662 address = 01000000; ct = 2;
663 nsg++;
664 bulklen += (ct << 9);
665 command[4*nsg+2] = ct;
666 command[4*nsg+1] = ((address >> 9) & 0xFF);
667 command[4*nsg+0] = ((address >> 17) & 0xFF);
668 command[4*nsg-1] = ((address >> 25) & 0xFF);
669
670 command[2] = nsg;
671
672 result = sddr09_send_scsi_command(us, command, 4*nsg+3);
673
674 if (result) {
675 usb_stor_dbg(us, "Result for send_control in sddr09_read_sg %d\n",
676 result);
677 return result;
678 }
679
680 buf = kmalloc(bulklen, GFP_NOIO);
681 if (!buf)
682 return -ENOMEM;
683
684 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe,
685 buf, bulklen, NULL);
686 kfree(buf);
687 if (result != USB_STOR_XFER_GOOD) {
688 usb_stor_dbg(us, "Result for bulk_transfer in sddr09_read_sg %d\n",
689 result);
690 return -EIO;
691 }
692
693 return 0;
694}
695#endif
696
697/*
698 * Read Status Command: 12 bytes.
699 * byte 0: opcode: EC
700 *
701 * Returns 64 bytes, all zero except for the first.
702 * bit 0: 1: Error
703 * bit 5: 1: Suspended
704 * bit 6: 1: Ready
705 * bit 7: 1: Not write-protected
706 */
707
708static int
709sddr09_read_status(struct us_data *us, unsigned char *status) {
710
711 unsigned char *command = us->iobuf;
712 unsigned char *data = us->iobuf;
713 int result;
714
715 usb_stor_dbg(us, "Reading status...\n");
716
717 memset(command, 0, 12);
718 command[0] = 0xEC;
719 command[1] = LUNBITS;
720
721 result = sddr09_send_scsi_command(us, command, 12);
722 if (result)
723 return result;
724
725 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe,
726 data, 64, NULL);
727 *status = data[0];
728 return (result == USB_STOR_XFER_GOOD ? 0 : -EIO);
729}
730
731static int
732sddr09_read_data(struct us_data *us,
733 unsigned long address,
734 unsigned int sectors) {
735
736 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra;
737 unsigned char *buffer;
738 unsigned int lba, maxlba, pba;
739 unsigned int page, pages;
740 unsigned int len, offset;
741 struct scatterlist *sg;
742 int result;
743
744 // Figure out the initial LBA and page
745 lba = address >> info->blockshift;
746 page = (address & info->blockmask);
747 maxlba = info->capacity >> (info->pageshift + info->blockshift);
748 if (lba >= maxlba)
749 return -EIO;
750
751 // Since we only read in one block at a time, we have to create
752 // a bounce buffer and move the data a piece at a time between the
753 // bounce buffer and the actual transfer buffer.
754
755 len = min(sectors, (unsigned int) info->blocksize) * info->pagesize;
756 buffer = kmalloc(len, GFP_NOIO);
757 if (!buffer)
758 return -ENOMEM;
759
760 // This could be made much more efficient by checking for
761 // contiguous LBA's. Another exercise left to the student.
762
763 result = 0;
764 offset = 0;
765 sg = NULL;
766
767 while (sectors > 0) {
768
769 /* Find number of pages we can read in this block */
770 pages = min(sectors, info->blocksize - page);
771 len = pages << info->pageshift;
772
773 /* Not overflowing capacity? */
774 if (lba >= maxlba) {
775 usb_stor_dbg(us, "Error: Requested lba %u exceeds maximum %u\n",
776 lba, maxlba);
777 result = -EIO;
778 break;
779 }
780
781 /* Find where this lba lives on disk */
782 pba = info->lba_to_pba[lba];
783
784 if (pba == UNDEF) { /* this lba was never written */
785
786 usb_stor_dbg(us, "Read %d zero pages (LBA %d) page %d\n",
787 pages, lba, page);
788
789 /*
790 * This is not really an error. It just means
791 * that the block has never been written.
792 * Instead of returning an error
793 * it is better to return all zero data.
794 */
795
796 memset(buffer, 0, len);
797
798 } else {
799 usb_stor_dbg(us, "Read %d pages, from PBA %d (LBA %d) page %d\n",
800 pages, pba, lba, page);
801
802 address = ((pba << info->blockshift) + page) <<
803 info->pageshift;
804
805 result = sddr09_read20(us, address>>1,
806 pages, info->pageshift, buffer, 0);
807 if (result)
808 break;
809 }
810
811 // Store the data in the transfer buffer
812 usb_stor_access_xfer_buf(buffer, len, us->srb,
813 &sg, &offset, TO_XFER_BUF);
814
815 page = 0;
816 lba++;
817 sectors -= pages;
818 }
819
820 kfree(buffer);
821 return result;
822}
823
824static unsigned int
825sddr09_find_unused_pba(struct sddr09_card_info *info, unsigned int lba) {
826 static unsigned int lastpba = 1;
827 int zonestart, end, i;
828
829 zonestart = (lba/1000) << 10;
830 end = info->capacity >> (info->blockshift + info->pageshift);
831 end -= zonestart;
832 if (end > 1024)
833 end = 1024;
834
835 for (i = lastpba+1; i < end; i++) {
836 if (info->pba_to_lba[zonestart+i] == UNDEF) {
837 lastpba = i;
838 return zonestart+i;
839 }
840 }
841 for (i = 0; i <= lastpba; i++) {
842 if (info->pba_to_lba[zonestart+i] == UNDEF) {
843 lastpba = i;
844 return zonestart+i;
845 }
846 }
847 return 0;
848}
849
850static int
851sddr09_write_lba(struct us_data *us, unsigned int lba,
852 unsigned int page, unsigned int pages,
853 unsigned char *ptr, unsigned char *blockbuffer) {
854
855 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra;
856 unsigned long address;
857 unsigned int pba, lbap;
858 unsigned int pagelen;
859 unsigned char *bptr, *cptr, *xptr;
860 unsigned char ecc[3];
861 int i, result;
862
863 lbap = ((lba % 1000) << 1) | 0x1000;
864 if (parity[MSB_of(lbap) ^ LSB_of(lbap)])
865 lbap ^= 1;
866 pba = info->lba_to_pba[lba];
867
868 if (pba == UNDEF) {
869 pba = sddr09_find_unused_pba(info, lba);
870 if (!pba) {
871 printk(KERN_WARNING
872 "sddr09_write_lba: Out of unused blocks\n");
873 return -ENOSPC;
874 }
875 info->pba_to_lba[pba] = lba;
876 info->lba_to_pba[lba] = pba;
877 }
878
879 if (pba == 1) {
880 /*
881 * Maybe it is impossible to write to PBA 1.
882 * Fake success, but don't do anything.
883 */
884 printk(KERN_WARNING "sddr09: avoid writing to pba 1\n");
885 return 0;
886 }
887
888 pagelen = (1 << info->pageshift) + (1 << CONTROL_SHIFT);
889
890 /* read old contents */
891 address = (pba << (info->pageshift + info->blockshift));
892 result = sddr09_read22(us, address>>1, info->blocksize,
893 info->pageshift, blockbuffer, 0);
894 if (result)
895 return result;
896
897 /* check old contents and fill lba */
898 for (i = 0; i < info->blocksize; i++) {
899 bptr = blockbuffer + i*pagelen;
900 cptr = bptr + info->pagesize;
901 nand_compute_ecc(bptr, ecc);
902 if (!nand_compare_ecc(cptr+13, ecc)) {
903 usb_stor_dbg(us, "Warning: bad ecc in page %d- of pba %d\n",
904 i, pba);
905 nand_store_ecc(cptr+13, ecc);
906 }
907 nand_compute_ecc(bptr+(info->pagesize / 2), ecc);
908 if (!nand_compare_ecc(cptr+8, ecc)) {
909 usb_stor_dbg(us, "Warning: bad ecc in page %d+ of pba %d\n",
910 i, pba);
911 nand_store_ecc(cptr+8, ecc);
912 }
913 cptr[6] = cptr[11] = MSB_of(lbap);
914 cptr[7] = cptr[12] = LSB_of(lbap);
915 }
916
917 /* copy in new stuff and compute ECC */
918 xptr = ptr;
919 for (i = page; i < page+pages; i++) {
920 bptr = blockbuffer + i*pagelen;
921 cptr = bptr + info->pagesize;
922 memcpy(bptr, xptr, info->pagesize);
923 xptr += info->pagesize;
924 nand_compute_ecc(bptr, ecc);
925 nand_store_ecc(cptr+13, ecc);
926 nand_compute_ecc(bptr+(info->pagesize / 2), ecc);
927 nand_store_ecc(cptr+8, ecc);
928 }
929
930 usb_stor_dbg(us, "Rewrite PBA %d (LBA %d)\n", pba, lba);
931
932 result = sddr09_write_inplace(us, address>>1, info->blocksize,
933 info->pageshift, blockbuffer, 0);
934
935 usb_stor_dbg(us, "sddr09_write_inplace returns %d\n", result);
936
937#if 0
938 {
939 unsigned char status = 0;
940 int result2 = sddr09_read_status(us, &status);
941 if (result2)
942 usb_stor_dbg(us, "cannot read status\n");
943 else if (status != 0xc0)
944 usb_stor_dbg(us, "status after write: 0x%x\n", status);
945 }
946#endif
947
948#if 0
949 {
950 int result2 = sddr09_test_unit_ready(us);
951 }
952#endif
953
954 return result;
955}
956
957static int
958sddr09_write_data(struct us_data *us,
959 unsigned long address,
960 unsigned int sectors) {
961
962 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra;
963 unsigned int lba, maxlba, page, pages;
964 unsigned int pagelen, blocklen;
965 unsigned char *blockbuffer;
966 unsigned char *buffer;
967 unsigned int len, offset;
968 struct scatterlist *sg;
969 int result;
970
971 /* Figure out the initial LBA and page */
972 lba = address >> info->blockshift;
973 page = (address & info->blockmask);
974 maxlba = info->capacity >> (info->pageshift + info->blockshift);
975 if (lba >= maxlba)
976 return -EIO;
977
978 /*
979 * blockbuffer is used for reading in the old data, overwriting
980 * with the new data, and performing ECC calculations
981 */
982
983 /*
984 * TODO: instead of doing kmalloc/kfree for each write,
985 * add a bufferpointer to the info structure
986 */
987
988 pagelen = (1 << info->pageshift) + (1 << CONTROL_SHIFT);
989 blocklen = (pagelen << info->blockshift);
990 blockbuffer = kmalloc(blocklen, GFP_NOIO);
991 if (!blockbuffer)
992 return -ENOMEM;
993
994 /*
995 * Since we don't write the user data directly to the device,
996 * we have to create a bounce buffer and move the data a piece
997 * at a time between the bounce buffer and the actual transfer buffer.
998 */
999
1000 len = min(sectors, (unsigned int) info->blocksize) * info->pagesize;
1001 buffer = kmalloc(len, GFP_NOIO);
1002 if (!buffer) {
1003 kfree(blockbuffer);
1004 return -ENOMEM;
1005 }
1006
1007 result = 0;
1008 offset = 0;
1009 sg = NULL;
1010
1011 while (sectors > 0) {
1012
1013 /* Write as many sectors as possible in this block */
1014
1015 pages = min(sectors, info->blocksize - page);
1016 len = (pages << info->pageshift);
1017
1018 /* Not overflowing capacity? */
1019 if (lba >= maxlba) {
1020 usb_stor_dbg(us, "Error: Requested lba %u exceeds maximum %u\n",
1021 lba, maxlba);
1022 result = -EIO;
1023 break;
1024 }
1025
1026 /* Get the data from the transfer buffer */
1027 usb_stor_access_xfer_buf(buffer, len, us->srb,
1028 &sg, &offset, FROM_XFER_BUF);
1029
1030 result = sddr09_write_lba(us, lba, page, pages,
1031 buffer, blockbuffer);
1032 if (result)
1033 break;
1034
1035 page = 0;
1036 lba++;
1037 sectors -= pages;
1038 }
1039
1040 kfree(buffer);
1041 kfree(blockbuffer);
1042
1043 return result;
1044}
1045
1046static int
1047sddr09_read_control(struct us_data *us,
1048 unsigned long address,
1049 unsigned int blocks,
1050 unsigned char *content,
1051 int use_sg) {
1052
1053 usb_stor_dbg(us, "Read control address %lu, blocks %d\n",
1054 address, blocks);
1055
1056 return sddr09_read21(us, address, blocks,
1057 CONTROL_SHIFT, content, use_sg);
1058}
1059
1060/*
1061 * Read Device ID Command: 12 bytes.
1062 * byte 0: opcode: ED
1063 *
1064 * Returns 2 bytes: Manufacturer ID and Device ID.
1065 * On more recent cards 3 bytes: the third byte is an option code A5
1066 * signifying that the secret command to read an 128-bit ID is available.
1067 * On still more recent cards 4 bytes: the fourth byte C0 means that
1068 * a second read ID cmd is available.
1069 */
1070static int
1071sddr09_read_deviceID(struct us_data *us, unsigned char *deviceID) {
1072 unsigned char *command = us->iobuf;
1073 unsigned char *content = us->iobuf;
1074 int result, i;
1075
1076 memset(command, 0, 12);
1077 command[0] = 0xED;
1078 command[1] = LUNBITS;
1079
1080 result = sddr09_send_scsi_command(us, command, 12);
1081 if (result)
1082 return result;
1083
1084 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe,
1085 content, 64, NULL);
1086
1087 for (i = 0; i < 4; i++)
1088 deviceID[i] = content[i];
1089
1090 return (result == USB_STOR_XFER_GOOD ? 0 : -EIO);
1091}
1092
1093static int
1094sddr09_get_wp(struct us_data *us, struct sddr09_card_info *info) {
1095 int result;
1096 unsigned char status;
1097 const char *wp_fmt;
1098
1099 result = sddr09_read_status(us, &status);
1100 if (result) {
1101 usb_stor_dbg(us, "read_status fails\n");
1102 return result;
1103 }
1104 if ((status & 0x80) == 0) {
1105 info->flags |= SDDR09_WP; /* write protected */
1106 wp_fmt = " WP";
1107 } else {
1108 wp_fmt = "";
1109 }
1110 usb_stor_dbg(us, "status 0x%02X%s%s%s%s\n", status, wp_fmt,
1111 status & 0x40 ? " Ready" : "",
1112 status & LUNBITS ? " Suspended" : "",
1113 status & 0x01 ? " Error" : "");
1114
1115 return 0;
1116}
1117
1118#if 0
1119/*
1120 * Reset Command: 12 bytes.
1121 * byte 0: opcode: EB
1122 */
1123static int
1124sddr09_reset(struct us_data *us) {
1125
1126 unsigned char *command = us->iobuf;
1127
1128 memset(command, 0, 12);
1129 command[0] = 0xEB;
1130 command[1] = LUNBITS;
1131
1132 return sddr09_send_scsi_command(us, command, 12);
1133}
1134#endif
1135
1136static struct nand_flash_dev *
1137sddr09_get_cardinfo(struct us_data *us, unsigned char flags) {
1138 struct nand_flash_dev *cardinfo;
1139 unsigned char deviceID[4];
1140 char blurbtxt[256];
1141 int result;
1142
1143 usb_stor_dbg(us, "Reading capacity...\n");
1144
1145 result = sddr09_read_deviceID(us, deviceID);
1146
1147 if (result) {
1148 usb_stor_dbg(us, "Result of read_deviceID is %d\n", result);
1149 printk(KERN_WARNING "sddr09: could not read card info\n");
1150 return NULL;
1151 }
1152
1153 sprintf(blurbtxt, "sddr09: Found Flash card, ID = %4ph", deviceID);
1154
1155 /* Byte 0 is the manufacturer */
1156 sprintf(blurbtxt + strlen(blurbtxt),
1157 ": Manuf. %s",
1158 nand_flash_manufacturer(deviceID[0]));
1159
1160 /* Byte 1 is the device type */
1161 cardinfo = nand_find_id(deviceID[1]);
1162 if (cardinfo) {
1163 /*
1164 * MB or MiB? It is neither. A 16 MB card has
1165 * 17301504 raw bytes, of which 16384000 are
1166 * usable for user data.
1167 */
1168 sprintf(blurbtxt + strlen(blurbtxt),
1169 ", %d MB", 1<<(cardinfo->chipshift - 20));
1170 } else {
1171 sprintf(blurbtxt + strlen(blurbtxt),
1172 ", type unrecognized");
1173 }
1174
1175 /* Byte 2 is code to signal availability of 128-bit ID */
1176 if (deviceID[2] == 0xa5) {
1177 sprintf(blurbtxt + strlen(blurbtxt),
1178 ", 128-bit ID");
1179 }
1180
1181 /* Byte 3 announces the availability of another read ID command */
1182 if (deviceID[3] == 0xc0) {
1183 sprintf(blurbtxt + strlen(blurbtxt),
1184 ", extra cmd");
1185 }
1186
1187 if (flags & SDDR09_WP)
1188 sprintf(blurbtxt + strlen(blurbtxt),
1189 ", WP");
1190
1191 printk(KERN_WARNING "%s\n", blurbtxt);
1192
1193 return cardinfo;
1194}
1195
1196static int
1197sddr09_read_map(struct us_data *us) {
1198
1199 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra;
1200 int numblocks, alloc_len, alloc_blocks;
1201 int i, j, result;
1202 unsigned char *buffer, *buffer_end, *ptr;
1203 unsigned int lba, lbact;
1204
1205 if (!info->capacity)
1206 return -1;
1207
1208 /*
1209 * size of a block is 1 << (blockshift + pageshift) bytes
1210 * divide into the total capacity to get the number of blocks
1211 */
1212
1213 numblocks = info->capacity >> (info->blockshift + info->pageshift);
1214
1215 /*
1216 * read 64 bytes for every block (actually 1 << CONTROL_SHIFT)
1217 * but only use a 64 KB buffer
1218 * buffer size used must be a multiple of (1 << CONTROL_SHIFT)
1219 */
1220#define SDDR09_READ_MAP_BUFSZ 65536
1221
1222 alloc_blocks = min(numblocks, SDDR09_READ_MAP_BUFSZ >> CONTROL_SHIFT);
1223 alloc_len = (alloc_blocks << CONTROL_SHIFT);
1224 buffer = kmalloc(alloc_len, GFP_NOIO);
1225 if (!buffer) {
1226 result = -1;
1227 goto done;
1228 }
1229 buffer_end = buffer + alloc_len;
1230
1231#undef SDDR09_READ_MAP_BUFSZ
1232
1233 kfree(info->lba_to_pba);
1234 kfree(info->pba_to_lba);
1235 info->lba_to_pba = kmalloc_array(numblocks, sizeof(int), GFP_NOIO);
1236 info->pba_to_lba = kmalloc_array(numblocks, sizeof(int), GFP_NOIO);
1237
1238 if (info->lba_to_pba == NULL || info->pba_to_lba == NULL) {
1239 printk(KERN_WARNING "sddr09_read_map: out of memory\n");
1240 result = -1;
1241 goto done;
1242 }
1243
1244 for (i = 0; i < numblocks; i++)
1245 info->lba_to_pba[i] = info->pba_to_lba[i] = UNDEF;
1246
1247 /*
1248 * Define lba-pba translation table
1249 */
1250
1251 ptr = buffer_end;
1252 for (i = 0; i < numblocks; i++) {
1253 ptr += (1 << CONTROL_SHIFT);
1254 if (ptr >= buffer_end) {
1255 unsigned long address;
1256
1257 address = i << (info->pageshift + info->blockshift);
1258 result = sddr09_read_control(
1259 us, address>>1,
1260 min(alloc_blocks, numblocks - i),
1261 buffer, 0);
1262 if (result) {
1263 result = -1;
1264 goto done;
1265 }
1266 ptr = buffer;
1267 }
1268
1269 if (i == 0 || i == 1) {
1270 info->pba_to_lba[i] = UNUSABLE;
1271 continue;
1272 }
1273
1274 /* special PBAs have control field 0^16 */
1275 for (j = 0; j < 16; j++)
1276 if (ptr[j] != 0)
1277 goto nonz;
1278 info->pba_to_lba[i] = UNUSABLE;
1279 printk(KERN_WARNING "sddr09: PBA %d has no logical mapping\n",
1280 i);
1281 continue;
1282
1283 nonz:
1284 /* unwritten PBAs have control field FF^16 */
1285 for (j = 0; j < 16; j++)
1286 if (ptr[j] != 0xff)
1287 goto nonff;
1288 continue;
1289
1290 nonff:
1291 /* normal PBAs start with six FFs */
1292 if (j < 6) {
1293 printk(KERN_WARNING
1294 "sddr09: PBA %d has no logical mapping: "
1295 "reserved area = %02X%02X%02X%02X "
1296 "data status %02X block status %02X\n",
1297 i, ptr[0], ptr[1], ptr[2], ptr[3],
1298 ptr[4], ptr[5]);
1299 info->pba_to_lba[i] = UNUSABLE;
1300 continue;
1301 }
1302
1303 if ((ptr[6] >> 4) != 0x01) {
1304 printk(KERN_WARNING
1305 "sddr09: PBA %d has invalid address field "
1306 "%02X%02X/%02X%02X\n",
1307 i, ptr[6], ptr[7], ptr[11], ptr[12]);
1308 info->pba_to_lba[i] = UNUSABLE;
1309 continue;
1310 }
1311
1312 /* check even parity */
1313 if (parity[ptr[6] ^ ptr[7]]) {
1314 printk(KERN_WARNING
1315 "sddr09: Bad parity in LBA for block %d"
1316 " (%02X %02X)\n", i, ptr[6], ptr[7]);
1317 info->pba_to_lba[i] = UNUSABLE;
1318 continue;
1319 }
1320
1321 lba = short_pack(ptr[7], ptr[6]);
1322 lba = (lba & 0x07FF) >> 1;
1323
1324 /*
1325 * Every 1024 physical blocks ("zone"), the LBA numbers
1326 * go back to zero, but are within a higher block of LBA's.
1327 * Also, there is a maximum of 1000 LBA's per zone.
1328 * In other words, in PBA 1024-2047 you will find LBA 0-999
1329 * which are really LBA 1000-1999. This allows for 24 bad
1330 * or special physical blocks per zone.
1331 */
1332
1333 if (lba >= 1000) {
1334 printk(KERN_WARNING
1335 "sddr09: Bad low LBA %d for block %d\n",
1336 lba, i);
1337 goto possibly_erase;
1338 }
1339
1340 lba += 1000*(i/0x400);
1341
1342 if (info->lba_to_pba[lba] != UNDEF) {
1343 printk(KERN_WARNING
1344 "sddr09: LBA %d seen for PBA %d and %d\n",
1345 lba, info->lba_to_pba[lba], i);
1346 goto possibly_erase;
1347 }
1348
1349 info->pba_to_lba[i] = lba;
1350 info->lba_to_pba[lba] = i;
1351 continue;
1352
1353 possibly_erase:
1354 if (erase_bad_lba_entries) {
1355 unsigned long address;
1356
1357 address = (i << (info->pageshift + info->blockshift));
1358 sddr09_erase(us, address>>1);
1359 info->pba_to_lba[i] = UNDEF;
1360 } else
1361 info->pba_to_lba[i] = UNUSABLE;
1362 }
1363
1364 /*
1365 * Approximate capacity. This is not entirely correct yet,
1366 * since a zone with less than 1000 usable pages leads to
1367 * missing LBAs. Especially if it is the last zone, some
1368 * LBAs can be past capacity.
1369 */
1370 lbact = 0;
1371 for (i = 0; i < numblocks; i += 1024) {
1372 int ct = 0;
1373
1374 for (j = 0; j < 1024 && i+j < numblocks; j++) {
1375 if (info->pba_to_lba[i+j] != UNUSABLE) {
1376 if (ct >= 1000)
1377 info->pba_to_lba[i+j] = SPARE;
1378 else
1379 ct++;
1380 }
1381 }
1382 lbact += ct;
1383 }
1384 info->lbact = lbact;
1385 usb_stor_dbg(us, "Found %d LBA's\n", lbact);
1386 result = 0;
1387
1388 done:
1389 if (result != 0) {
1390 kfree(info->lba_to_pba);
1391 kfree(info->pba_to_lba);
1392 info->lba_to_pba = NULL;
1393 info->pba_to_lba = NULL;
1394 }
1395 kfree(buffer);
1396 return result;
1397}
1398
1399static void
1400sddr09_card_info_destructor(void *extra) {
1401 struct sddr09_card_info *info = (struct sddr09_card_info *)extra;
1402
1403 if (!info)
1404 return;
1405
1406 kfree(info->lba_to_pba);
1407 kfree(info->pba_to_lba);
1408}
1409
1410static int
1411sddr09_common_init(struct us_data *us) {
1412 int result;
1413
1414 /* set the configuration -- STALL is an acceptable response here */
1415 if (us->pusb_dev->actconfig->desc.bConfigurationValue != 1) {
1416 usb_stor_dbg(us, "active config #%d != 1 ??\n",
1417 us->pusb_dev->actconfig->desc.bConfigurationValue);
1418 return -EINVAL;
1419 }
1420
1421 result = usb_reset_configuration(us->pusb_dev);
1422 usb_stor_dbg(us, "Result of usb_reset_configuration is %d\n", result);
1423 if (result == -EPIPE) {
1424 usb_stor_dbg(us, "-- stall on control interface\n");
1425 } else if (result != 0) {
1426 /* it's not a stall, but another error -- time to bail */
1427 usb_stor_dbg(us, "-- Unknown error. Rejecting device\n");
1428 return -EINVAL;
1429 }
1430
1431 us->extra = kzalloc(sizeof(struct sddr09_card_info), GFP_NOIO);
1432 if (!us->extra)
1433 return -ENOMEM;
1434 us->extra_destructor = sddr09_card_info_destructor;
1435
1436 nand_init_ecc();
1437 return 0;
1438}
1439
1440
1441/*
1442 * This is needed at a very early stage. If this is not listed in the
1443 * unusual devices list but called from here then LUN 0 of the combo reader
1444 * is not recognized. But I do not know what precisely these calls do.
1445 */
1446static int
1447usb_stor_sddr09_dpcm_init(struct us_data *us) {
1448 int result;
1449 unsigned char *data = us->iobuf;
1450
1451 result = sddr09_common_init(us);
1452 if (result)
1453 return result;
1454
1455 result = sddr09_send_command(us, 0x01, USB_DIR_IN, data, 2);
1456 if (result) {
1457 usb_stor_dbg(us, "send_command fails\n");
1458 return result;
1459 }
1460
1461 usb_stor_dbg(us, "%02X %02X\n", data[0], data[1]);
1462 // get 07 02
1463
1464 result = sddr09_send_command(us, 0x08, USB_DIR_IN, data, 2);
1465 if (result) {
1466 usb_stor_dbg(us, "2nd send_command fails\n");
1467 return result;
1468 }
1469
1470 usb_stor_dbg(us, "%02X %02X\n", data[0], data[1]);
1471 // get 07 00
1472
1473 result = sddr09_request_sense(us, data, 18);
1474 if (result == 0 && data[2] != 0) {
1475 int j;
1476 for (j=0; j<18; j++)
1477 printk(" %02X", data[j]);
1478 printk("\n");
1479 // get 70 00 00 00 00 00 00 * 00 00 00 00 00 00
1480 // 70: current command
1481 // sense key 0, sense code 0, extd sense code 0
1482 // additional transfer length * = sizeof(data) - 7
1483 // Or: 70 00 06 00 00 00 00 0b 00 00 00 00 28 00 00 00 00 00
1484 // sense key 06, sense code 28: unit attention,
1485 // not ready to ready transition
1486 }
1487
1488 // test unit ready
1489
1490 return 0; /* not result */
1491}
1492
1493/*
1494 * Transport for the Microtech DPCM-USB
1495 */
1496static int dpcm_transport(struct scsi_cmnd *srb, struct us_data *us)
1497{
1498 int ret;
1499
1500 usb_stor_dbg(us, "LUN=%d\n", (u8)srb->device->lun);
1501
1502 switch (srb->device->lun) {
1503 case 0:
1504
1505 /*
1506 * LUN 0 corresponds to the CompactFlash card reader.
1507 */
1508 ret = usb_stor_CB_transport(srb, us);
1509 break;
1510
1511 case 1:
1512
1513 /*
1514 * LUN 1 corresponds to the SmartMedia card reader.
1515 */
1516
1517 /*
1518 * Set the LUN to 0 (just in case).
1519 */
1520 srb->device->lun = 0;
1521 ret = sddr09_transport(srb, us);
1522 srb->device->lun = 1;
1523 break;
1524
1525 default:
1526 usb_stor_dbg(us, "Invalid LUN %d\n", (u8)srb->device->lun);
1527 ret = USB_STOR_TRANSPORT_ERROR;
1528 break;
1529 }
1530 return ret;
1531}
1532
1533
1534/*
1535 * Transport for the Sandisk SDDR-09
1536 */
1537static int sddr09_transport(struct scsi_cmnd *srb, struct us_data *us)
1538{
1539 static unsigned char sensekey = 0, sensecode = 0;
1540 static unsigned char havefakesense = 0;
1541 int result, i;
1542 unsigned char *ptr = us->iobuf;
1543 unsigned long capacity;
1544 unsigned int page, pages;
1545
1546 struct sddr09_card_info *info;
1547
1548 static unsigned char inquiry_response[8] = {
1549 0x00, 0x80, 0x00, 0x02, 0x1F, 0x00, 0x00, 0x00
1550 };
1551
1552 /* note: no block descriptor support */
1553 static unsigned char mode_page_01[19] = {
1554 0x00, 0x0F, 0x00, 0x0, 0x0, 0x0, 0x00,
1555 0x01, 0x0A,
1556 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1557 };
1558
1559 info = (struct sddr09_card_info *)us->extra;
1560
1561 if (srb->cmnd[0] == REQUEST_SENSE && havefakesense) {
1562 /* for a faked command, we have to follow with a faked sense */
1563 memset(ptr, 0, 18);
1564 ptr[0] = 0x70;
1565 ptr[2] = sensekey;
1566 ptr[7] = 11;
1567 ptr[12] = sensecode;
1568 usb_stor_set_xfer_buf(ptr, 18, srb);
1569 sensekey = sensecode = havefakesense = 0;
1570 return USB_STOR_TRANSPORT_GOOD;
1571 }
1572
1573 havefakesense = 1;
1574
1575 /*
1576 * Dummy up a response for INQUIRY since SDDR09 doesn't
1577 * respond to INQUIRY commands
1578 */
1579
1580 if (srb->cmnd[0] == INQUIRY) {
1581 memcpy(ptr, inquiry_response, 8);
1582 fill_inquiry_response(us, ptr, 36);
1583 return USB_STOR_TRANSPORT_GOOD;
1584 }
1585
1586 if (srb->cmnd[0] == READ_CAPACITY) {
1587 struct nand_flash_dev *cardinfo;
1588
1589 sddr09_get_wp(us, info); /* read WP bit */
1590
1591 cardinfo = sddr09_get_cardinfo(us, info->flags);
1592 if (!cardinfo) {
1593 /* probably no media */
1594 init_error:
1595 sensekey = 0x02; /* not ready */
1596 sensecode = 0x3a; /* medium not present */
1597 return USB_STOR_TRANSPORT_FAILED;
1598 }
1599
1600 info->capacity = (1 << cardinfo->chipshift);
1601 info->pageshift = cardinfo->pageshift;
1602 info->pagesize = (1 << info->pageshift);
1603 info->blockshift = cardinfo->blockshift;
1604 info->blocksize = (1 << info->blockshift);
1605 info->blockmask = info->blocksize - 1;
1606
1607 // map initialization, must follow get_cardinfo()
1608 if (sddr09_read_map(us)) {
1609 /* probably out of memory */
1610 goto init_error;
1611 }
1612
1613 // Report capacity
1614
1615 capacity = (info->lbact << info->blockshift) - 1;
1616
1617 ((__be32 *) ptr)[0] = cpu_to_be32(capacity);
1618
1619 // Report page size
1620
1621 ((__be32 *) ptr)[1] = cpu_to_be32(info->pagesize);
1622 usb_stor_set_xfer_buf(ptr, 8, srb);
1623
1624 return USB_STOR_TRANSPORT_GOOD;
1625 }
1626
1627 if (srb->cmnd[0] == MODE_SENSE_10) {
1628 int modepage = (srb->cmnd[2] & 0x3F);
1629
1630 /*
1631 * They ask for the Read/Write error recovery page,
1632 * or for all pages.
1633 */
1634 /* %% We should check DBD %% */
1635 if (modepage == 0x01 || modepage == 0x3F) {
1636 usb_stor_dbg(us, "Dummy up request for mode page 0x%x\n",
1637 modepage);
1638
1639 memcpy(ptr, mode_page_01, sizeof(mode_page_01));
1640 ((__be16*)ptr)[0] = cpu_to_be16(sizeof(mode_page_01) - 2);
1641 ptr[3] = (info->flags & SDDR09_WP) ? 0x80 : 0;
1642 usb_stor_set_xfer_buf(ptr, sizeof(mode_page_01), srb);
1643 return USB_STOR_TRANSPORT_GOOD;
1644 }
1645
1646 sensekey = 0x05; /* illegal request */
1647 sensecode = 0x24; /* invalid field in CDB */
1648 return USB_STOR_TRANSPORT_FAILED;
1649 }
1650
1651 if (srb->cmnd[0] == ALLOW_MEDIUM_REMOVAL)
1652 return USB_STOR_TRANSPORT_GOOD;
1653
1654 havefakesense = 0;
1655
1656 if (srb->cmnd[0] == READ_10) {
1657
1658 page = short_pack(srb->cmnd[3], srb->cmnd[2]);
1659 page <<= 16;
1660 page |= short_pack(srb->cmnd[5], srb->cmnd[4]);
1661 pages = short_pack(srb->cmnd[8], srb->cmnd[7]);
1662
1663 usb_stor_dbg(us, "READ_10: read page %d pagect %d\n",
1664 page, pages);
1665
1666 result = sddr09_read_data(us, page, pages);
1667 return (result == 0 ? USB_STOR_TRANSPORT_GOOD :
1668 USB_STOR_TRANSPORT_ERROR);
1669 }
1670
1671 if (srb->cmnd[0] == WRITE_10) {
1672
1673 page = short_pack(srb->cmnd[3], srb->cmnd[2]);
1674 page <<= 16;
1675 page |= short_pack(srb->cmnd[5], srb->cmnd[4]);
1676 pages = short_pack(srb->cmnd[8], srb->cmnd[7]);
1677
1678 usb_stor_dbg(us, "WRITE_10: write page %d pagect %d\n",
1679 page, pages);
1680
1681 result = sddr09_write_data(us, page, pages);
1682 return (result == 0 ? USB_STOR_TRANSPORT_GOOD :
1683 USB_STOR_TRANSPORT_ERROR);
1684 }
1685
1686 /*
1687 * catch-all for all other commands, except
1688 * pass TEST_UNIT_READY and REQUEST_SENSE through
1689 */
1690 if (srb->cmnd[0] != TEST_UNIT_READY &&
1691 srb->cmnd[0] != REQUEST_SENSE) {
1692 sensekey = 0x05; /* illegal request */
1693 sensecode = 0x20; /* invalid command */
1694 havefakesense = 1;
1695 return USB_STOR_TRANSPORT_FAILED;
1696 }
1697
1698 for (; srb->cmd_len<12; srb->cmd_len++)
1699 srb->cmnd[srb->cmd_len] = 0;
1700
1701 srb->cmnd[1] = LUNBITS;
1702
1703 ptr[0] = 0;
1704 for (i=0; i<12; i++)
1705 sprintf(ptr+strlen(ptr), "%02X ", srb->cmnd[i]);
1706
1707 usb_stor_dbg(us, "Send control for command %s\n", ptr);
1708
1709 result = sddr09_send_scsi_command(us, srb->cmnd, 12);
1710 if (result) {
1711 usb_stor_dbg(us, "sddr09_send_scsi_command returns %d\n",
1712 result);
1713 return USB_STOR_TRANSPORT_ERROR;
1714 }
1715
1716 if (scsi_bufflen(srb) == 0)
1717 return USB_STOR_TRANSPORT_GOOD;
1718
1719 if (srb->sc_data_direction == DMA_TO_DEVICE ||
1720 srb->sc_data_direction == DMA_FROM_DEVICE) {
1721 unsigned int pipe = (srb->sc_data_direction == DMA_TO_DEVICE)
1722 ? us->send_bulk_pipe : us->recv_bulk_pipe;
1723
1724 usb_stor_dbg(us, "%s %d bytes\n",
1725 (srb->sc_data_direction == DMA_TO_DEVICE) ?
1726 "sending" : "receiving",
1727 scsi_bufflen(srb));
1728
1729 result = usb_stor_bulk_srb(us, pipe, srb);
1730
1731 return (result == USB_STOR_XFER_GOOD ?
1732 USB_STOR_TRANSPORT_GOOD : USB_STOR_TRANSPORT_ERROR);
1733 }
1734
1735 return USB_STOR_TRANSPORT_GOOD;
1736}
1737
1738/*
1739 * Initialization routine for the sddr09 subdriver
1740 */
1741static int
1742usb_stor_sddr09_init(struct us_data *us) {
1743 return sddr09_common_init(us);
1744}
1745
1746static struct scsi_host_template sddr09_host_template;
1747
1748static int sddr09_probe(struct usb_interface *intf,
1749 const struct usb_device_id *id)
1750{
1751 struct us_data *us;
1752 int result;
1753
1754 result = usb_stor_probe1(&us, intf, id,
1755 (id - sddr09_usb_ids) + sddr09_unusual_dev_list,
1756 &sddr09_host_template);
1757 if (result)
1758 return result;
1759
1760 if (us->protocol == USB_PR_DPCM_USB) {
1761 us->transport_name = "Control/Bulk-EUSB/SDDR09";
1762 us->transport = dpcm_transport;
1763 us->transport_reset = usb_stor_CB_reset;
1764 us->max_lun = 1;
1765 } else {
1766 us->transport_name = "EUSB/SDDR09";
1767 us->transport = sddr09_transport;
1768 us->transport_reset = usb_stor_CB_reset;
1769 us->max_lun = 0;
1770 }
1771
1772 result = usb_stor_probe2(us);
1773 return result;
1774}
1775
1776static struct usb_driver sddr09_driver = {
1777 .name = DRV_NAME,
1778 .probe = sddr09_probe,
1779 .disconnect = usb_stor_disconnect,
1780 .suspend = usb_stor_suspend,
1781 .resume = usb_stor_resume,
1782 .reset_resume = usb_stor_reset_resume,
1783 .pre_reset = usb_stor_pre_reset,
1784 .post_reset = usb_stor_post_reset,
1785 .id_table = sddr09_usb_ids,
1786 .soft_unbind = 1,
1787 .no_dynamic_id = 1,
1788};
1789
1790module_usb_stor_driver(sddr09_driver, sddr09_host_template, DRV_NAME);
1// SPDX-License-Identifier: GPL-2.0+
2/*
3 * Driver for SanDisk SDDR-09 SmartMedia reader
4 *
5 * (c) 2000, 2001 Robert Baruch (autophile@starband.net)
6 * (c) 2002 Andries Brouwer (aeb@cwi.nl)
7 * Developed with the assistance of:
8 * (c) 2002 Alan Stern <stern@rowland.org>
9 *
10 * The SanDisk SDDR-09 SmartMedia reader uses the Shuttle EUSB-01 chip.
11 * This chip is a programmable USB controller. In the SDDR-09, it has
12 * been programmed to obey a certain limited set of SCSI commands.
13 * This driver translates the "real" SCSI commands to the SDDR-09 SCSI
14 * commands.
15 */
16
17/*
18 * Known vendor commands: 12 bytes, first byte is opcode
19 *
20 * E7: read scatter gather
21 * E8: read
22 * E9: write
23 * EA: erase
24 * EB: reset
25 * EC: read status
26 * ED: read ID
27 * EE: write CIS (?)
28 * EF: compute checksum (?)
29 */
30
31#include <linux/errno.h>
32#include <linux/module.h>
33#include <linux/slab.h>
34
35#include <scsi/scsi.h>
36#include <scsi/scsi_cmnd.h>
37#include <scsi/scsi_device.h>
38
39#include "usb.h"
40#include "transport.h"
41#include "protocol.h"
42#include "debug.h"
43#include "scsiglue.h"
44
45#define DRV_NAME "ums-sddr09"
46
47MODULE_DESCRIPTION("Driver for SanDisk SDDR-09 SmartMedia reader");
48MODULE_AUTHOR("Andries Brouwer <aeb@cwi.nl>, Robert Baruch <autophile@starband.net>");
49MODULE_LICENSE("GPL");
50MODULE_IMPORT_NS(USB_STORAGE);
51
52static int usb_stor_sddr09_dpcm_init(struct us_data *us);
53static int sddr09_transport(struct scsi_cmnd *srb, struct us_data *us);
54static int usb_stor_sddr09_init(struct us_data *us);
55
56
57/*
58 * The table of devices
59 */
60#define UNUSUAL_DEV(id_vendor, id_product, bcdDeviceMin, bcdDeviceMax, \
61 vendorName, productName, useProtocol, useTransport, \
62 initFunction, flags) \
63{ USB_DEVICE_VER(id_vendor, id_product, bcdDeviceMin, bcdDeviceMax), \
64 .driver_info = (flags) }
65
66static struct usb_device_id sddr09_usb_ids[] = {
67# include "unusual_sddr09.h"
68 { } /* Terminating entry */
69};
70MODULE_DEVICE_TABLE(usb, sddr09_usb_ids);
71
72#undef UNUSUAL_DEV
73
74/*
75 * The flags table
76 */
77#define UNUSUAL_DEV(idVendor, idProduct, bcdDeviceMin, bcdDeviceMax, \
78 vendor_name, product_name, use_protocol, use_transport, \
79 init_function, Flags) \
80{ \
81 .vendorName = vendor_name, \
82 .productName = product_name, \
83 .useProtocol = use_protocol, \
84 .useTransport = use_transport, \
85 .initFunction = init_function, \
86}
87
88static struct us_unusual_dev sddr09_unusual_dev_list[] = {
89# include "unusual_sddr09.h"
90 { } /* Terminating entry */
91};
92
93#undef UNUSUAL_DEV
94
95
96#define short_pack(lsb,msb) ( ((u16)(lsb)) | ( ((u16)(msb))<<8 ) )
97#define LSB_of(s) ((s)&0xFF)
98#define MSB_of(s) ((s)>>8)
99
100/*
101 * First some stuff that does not belong here:
102 * data on SmartMedia and other cards, completely
103 * unrelated to this driver.
104 * Similar stuff occurs in <linux/mtd/nand_ids.h>.
105 */
106
107struct nand_flash_dev {
108 int model_id;
109 int chipshift; /* 1<<cs bytes total capacity */
110 char pageshift; /* 1<<ps bytes in a page */
111 char blockshift; /* 1<<bs pages in an erase block */
112 char zoneshift; /* 1<<zs blocks in a zone */
113 /* # of logical blocks is 125/128 of this */
114 char pageadrlen; /* length of an address in bytes - 1 */
115};
116
117/*
118 * NAND Flash Manufacturer ID Codes
119 */
120#define NAND_MFR_AMD 0x01
121#define NAND_MFR_NATSEMI 0x8f
122#define NAND_MFR_TOSHIBA 0x98
123#define NAND_MFR_SAMSUNG 0xec
124
125static inline char *nand_flash_manufacturer(int manuf_id) {
126 switch(manuf_id) {
127 case NAND_MFR_AMD:
128 return "AMD";
129 case NAND_MFR_NATSEMI:
130 return "NATSEMI";
131 case NAND_MFR_TOSHIBA:
132 return "Toshiba";
133 case NAND_MFR_SAMSUNG:
134 return "Samsung";
135 default:
136 return "unknown";
137 }
138}
139
140/*
141 * It looks like it is unnecessary to attach manufacturer to the
142 * remaining data: SSFDC prescribes manufacturer-independent id codes.
143 *
144 * 256 MB NAND flash has a 5-byte ID with 2nd byte 0xaa, 0xba, 0xca or 0xda.
145 */
146
147static struct nand_flash_dev nand_flash_ids[] = {
148 /* NAND flash */
149 { 0x6e, 20, 8, 4, 8, 2}, /* 1 MB */
150 { 0xe8, 20, 8, 4, 8, 2}, /* 1 MB */
151 { 0xec, 20, 8, 4, 8, 2}, /* 1 MB */
152 { 0x64, 21, 8, 4, 9, 2}, /* 2 MB */
153 { 0xea, 21, 8, 4, 9, 2}, /* 2 MB */
154 { 0x6b, 22, 9, 4, 9, 2}, /* 4 MB */
155 { 0xe3, 22, 9, 4, 9, 2}, /* 4 MB */
156 { 0xe5, 22, 9, 4, 9, 2}, /* 4 MB */
157 { 0xe6, 23, 9, 4, 10, 2}, /* 8 MB */
158 { 0x73, 24, 9, 5, 10, 2}, /* 16 MB */
159 { 0x75, 25, 9, 5, 10, 2}, /* 32 MB */
160 { 0x76, 26, 9, 5, 10, 3}, /* 64 MB */
161 { 0x79, 27, 9, 5, 10, 3}, /* 128 MB */
162
163 /* MASK ROM */
164 { 0x5d, 21, 9, 4, 8, 2}, /* 2 MB */
165 { 0xd5, 22, 9, 4, 9, 2}, /* 4 MB */
166 { 0xd6, 23, 9, 4, 10, 2}, /* 8 MB */
167 { 0x57, 24, 9, 4, 11, 2}, /* 16 MB */
168 { 0x58, 25, 9, 4, 12, 2}, /* 32 MB */
169 { 0,}
170};
171
172static struct nand_flash_dev *
173nand_find_id(unsigned char id) {
174 int i;
175
176 for (i = 0; i < ARRAY_SIZE(nand_flash_ids); i++)
177 if (nand_flash_ids[i].model_id == id)
178 return &(nand_flash_ids[i]);
179 return NULL;
180}
181
182/*
183 * ECC computation.
184 */
185static unsigned char parity[256];
186static unsigned char ecc2[256];
187
188static void nand_init_ecc(void) {
189 int i, j, a;
190
191 parity[0] = 0;
192 for (i = 1; i < 256; i++)
193 parity[i] = (parity[i&(i-1)] ^ 1);
194
195 for (i = 0; i < 256; i++) {
196 a = 0;
197 for (j = 0; j < 8; j++) {
198 if (i & (1<<j)) {
199 if ((j & 1) == 0)
200 a ^= 0x04;
201 if ((j & 2) == 0)
202 a ^= 0x10;
203 if ((j & 4) == 0)
204 a ^= 0x40;
205 }
206 }
207 ecc2[i] = ~(a ^ (a<<1) ^ (parity[i] ? 0xa8 : 0));
208 }
209}
210
211/* compute 3-byte ecc on 256 bytes */
212static void nand_compute_ecc(unsigned char *data, unsigned char *ecc) {
213 int i, j, a;
214 unsigned char par = 0, bit, bits[8] = {0};
215
216 /* collect 16 checksum bits */
217 for (i = 0; i < 256; i++) {
218 par ^= data[i];
219 bit = parity[data[i]];
220 for (j = 0; j < 8; j++)
221 if ((i & (1<<j)) == 0)
222 bits[j] ^= bit;
223 }
224
225 /* put 4+4+4 = 12 bits in the ecc */
226 a = (bits[3] << 6) + (bits[2] << 4) + (bits[1] << 2) + bits[0];
227 ecc[0] = ~(a ^ (a<<1) ^ (parity[par] ? 0xaa : 0));
228
229 a = (bits[7] << 6) + (bits[6] << 4) + (bits[5] << 2) + bits[4];
230 ecc[1] = ~(a ^ (a<<1) ^ (parity[par] ? 0xaa : 0));
231
232 ecc[2] = ecc2[par];
233}
234
235static int nand_compare_ecc(unsigned char *data, unsigned char *ecc) {
236 return (data[0] == ecc[0] && data[1] == ecc[1] && data[2] == ecc[2]);
237}
238
239static void nand_store_ecc(unsigned char *data, unsigned char *ecc) {
240 memcpy(data, ecc, 3);
241}
242
243/*
244 * The actual driver starts here.
245 */
246
247struct sddr09_card_info {
248 unsigned long capacity; /* Size of card in bytes */
249 int pagesize; /* Size of page in bytes */
250 int pageshift; /* log2 of pagesize */
251 int blocksize; /* Size of block in pages */
252 int blockshift; /* log2 of blocksize */
253 int blockmask; /* 2^blockshift - 1 */
254 int *lba_to_pba; /* logical to physical map */
255 int *pba_to_lba; /* physical to logical map */
256 int lbact; /* number of available pages */
257 int flags;
258#define SDDR09_WP 1 /* write protected */
259};
260
261/*
262 * On my 16MB card, control blocks have size 64 (16 real control bytes,
263 * and 48 junk bytes). In reality of course the card uses 16 control bytes,
264 * so the reader makes up the remaining 48. Don't know whether these numbers
265 * depend on the card. For now a constant.
266 */
267#define CONTROL_SHIFT 6
268
269/*
270 * On my Combo CF/SM reader, the SM reader has LUN 1.
271 * (and things fail with LUN 0).
272 * It seems LUN is irrelevant for others.
273 */
274#define LUN 1
275#define LUNBITS (LUN << 5)
276
277/*
278 * LBA and PBA are unsigned ints. Special values.
279 */
280#define UNDEF 0xffffffff
281#define SPARE 0xfffffffe
282#define UNUSABLE 0xfffffffd
283
284static const int erase_bad_lba_entries = 0;
285
286/* send vendor interface command (0x41) */
287/* called for requests 0, 1, 8 */
288static int
289sddr09_send_command(struct us_data *us,
290 unsigned char request,
291 unsigned char direction,
292 unsigned char *xfer_data,
293 unsigned int xfer_len) {
294 unsigned int pipe;
295 unsigned char requesttype = (0x41 | direction);
296 int rc;
297
298 // Get the receive or send control pipe number
299
300 if (direction == USB_DIR_IN)
301 pipe = us->recv_ctrl_pipe;
302 else
303 pipe = us->send_ctrl_pipe;
304
305 rc = usb_stor_ctrl_transfer(us, pipe, request, requesttype,
306 0, 0, xfer_data, xfer_len);
307 switch (rc) {
308 case USB_STOR_XFER_GOOD: return 0;
309 case USB_STOR_XFER_STALLED: return -EPIPE;
310 default: return -EIO;
311 }
312}
313
314static int
315sddr09_send_scsi_command(struct us_data *us,
316 unsigned char *command,
317 unsigned int command_len) {
318 return sddr09_send_command(us, 0, USB_DIR_OUT, command, command_len);
319}
320
321#if 0
322/*
323 * Test Unit Ready Command: 12 bytes.
324 * byte 0: opcode: 00
325 */
326static int
327sddr09_test_unit_ready(struct us_data *us) {
328 unsigned char *command = us->iobuf;
329 int result;
330
331 memset(command, 0, 6);
332 command[1] = LUNBITS;
333
334 result = sddr09_send_scsi_command(us, command, 6);
335
336 usb_stor_dbg(us, "sddr09_test_unit_ready returns %d\n", result);
337
338 return result;
339}
340#endif
341
342/*
343 * Request Sense Command: 12 bytes.
344 * byte 0: opcode: 03
345 * byte 4: data length
346 */
347static int
348sddr09_request_sense(struct us_data *us, unsigned char *sensebuf, int buflen) {
349 unsigned char *command = us->iobuf;
350 int result;
351
352 memset(command, 0, 12);
353 command[0] = 0x03;
354 command[1] = LUNBITS;
355 command[4] = buflen;
356
357 result = sddr09_send_scsi_command(us, command, 12);
358 if (result)
359 return result;
360
361 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe,
362 sensebuf, buflen, NULL);
363 return (result == USB_STOR_XFER_GOOD ? 0 : -EIO);
364}
365
366/*
367 * Read Command: 12 bytes.
368 * byte 0: opcode: E8
369 * byte 1: last two bits: 00: read data, 01: read blockwise control,
370 * 10: read both, 11: read pagewise control.
371 * It turns out we need values 20, 21, 22, 23 here (LUN 1).
372 * bytes 2-5: address (interpretation depends on byte 1, see below)
373 * bytes 10-11: count (idem)
374 *
375 * A page has 512 data bytes and 64 control bytes (16 control and 48 junk).
376 * A read data command gets data in 512-byte pages.
377 * A read control command gets control in 64-byte chunks.
378 * A read both command gets data+control in 576-byte chunks.
379 *
380 * Blocks are groups of 32 pages, and read blockwise control jumps to the
381 * next block, while read pagewise control jumps to the next page after
382 * reading a group of 64 control bytes.
383 * [Here 512 = 1<<pageshift, 32 = 1<<blockshift, 64 is constant?]
384 *
385 * (1 MB and 2 MB cards are a bit different, but I have only a 16 MB card.)
386 */
387
388static int
389sddr09_readX(struct us_data *us, int x, unsigned long fromaddress,
390 int nr_of_pages, int bulklen, unsigned char *buf,
391 int use_sg) {
392
393 unsigned char *command = us->iobuf;
394 int result;
395
396 command[0] = 0xE8;
397 command[1] = LUNBITS | x;
398 command[2] = MSB_of(fromaddress>>16);
399 command[3] = LSB_of(fromaddress>>16);
400 command[4] = MSB_of(fromaddress & 0xFFFF);
401 command[5] = LSB_of(fromaddress & 0xFFFF);
402 command[6] = 0;
403 command[7] = 0;
404 command[8] = 0;
405 command[9] = 0;
406 command[10] = MSB_of(nr_of_pages);
407 command[11] = LSB_of(nr_of_pages);
408
409 result = sddr09_send_scsi_command(us, command, 12);
410
411 if (result) {
412 usb_stor_dbg(us, "Result for send_control in sddr09_read2%d %d\n",
413 x, result);
414 return result;
415 }
416
417 result = usb_stor_bulk_transfer_sg(us, us->recv_bulk_pipe,
418 buf, bulklen, use_sg, NULL);
419
420 if (result != USB_STOR_XFER_GOOD) {
421 usb_stor_dbg(us, "Result for bulk_transfer in sddr09_read2%d %d\n",
422 x, result);
423 return -EIO;
424 }
425 return 0;
426}
427
428/*
429 * Read Data
430 *
431 * fromaddress counts data shorts:
432 * increasing it by 256 shifts the bytestream by 512 bytes;
433 * the last 8 bits are ignored.
434 *
435 * nr_of_pages counts pages of size (1 << pageshift).
436 */
437static int
438sddr09_read20(struct us_data *us, unsigned long fromaddress,
439 int nr_of_pages, int pageshift, unsigned char *buf, int use_sg) {
440 int bulklen = nr_of_pages << pageshift;
441
442 /* The last 8 bits of fromaddress are ignored. */
443 return sddr09_readX(us, 0, fromaddress, nr_of_pages, bulklen,
444 buf, use_sg);
445}
446
447/*
448 * Read Blockwise Control
449 *
450 * fromaddress gives the starting position (as in read data;
451 * the last 8 bits are ignored); increasing it by 32*256 shifts
452 * the output stream by 64 bytes.
453 *
454 * count counts control groups of size (1 << controlshift).
455 * For me, controlshift = 6. Is this constant?
456 *
457 * After getting one control group, jump to the next block
458 * (fromaddress += 8192).
459 */
460static int
461sddr09_read21(struct us_data *us, unsigned long fromaddress,
462 int count, int controlshift, unsigned char *buf, int use_sg) {
463
464 int bulklen = (count << controlshift);
465 return sddr09_readX(us, 1, fromaddress, count, bulklen,
466 buf, use_sg);
467}
468
469/*
470 * Read both Data and Control
471 *
472 * fromaddress counts data shorts, ignoring control:
473 * increasing it by 256 shifts the bytestream by 576 = 512+64 bytes;
474 * the last 8 bits are ignored.
475 *
476 * nr_of_pages counts pages of size (1 << pageshift) + (1 << controlshift).
477 */
478static int
479sddr09_read22(struct us_data *us, unsigned long fromaddress,
480 int nr_of_pages, int pageshift, unsigned char *buf, int use_sg) {
481
482 int bulklen = (nr_of_pages << pageshift) + (nr_of_pages << CONTROL_SHIFT);
483 usb_stor_dbg(us, "reading %d pages, %d bytes\n", nr_of_pages, bulklen);
484 return sddr09_readX(us, 2, fromaddress, nr_of_pages, bulklen,
485 buf, use_sg);
486}
487
488#if 0
489/*
490 * Read Pagewise Control
491 *
492 * fromaddress gives the starting position (as in read data;
493 * the last 8 bits are ignored); increasing it by 256 shifts
494 * the output stream by 64 bytes.
495 *
496 * count counts control groups of size (1 << controlshift).
497 * For me, controlshift = 6. Is this constant?
498 *
499 * After getting one control group, jump to the next page
500 * (fromaddress += 256).
501 */
502static int
503sddr09_read23(struct us_data *us, unsigned long fromaddress,
504 int count, int controlshift, unsigned char *buf, int use_sg) {
505
506 int bulklen = (count << controlshift);
507 return sddr09_readX(us, 3, fromaddress, count, bulklen,
508 buf, use_sg);
509}
510#endif
511
512/*
513 * Erase Command: 12 bytes.
514 * byte 0: opcode: EA
515 * bytes 6-9: erase address (big-endian, counting shorts, sector aligned).
516 *
517 * Always precisely one block is erased; bytes 2-5 and 10-11 are ignored.
518 * The byte address being erased is 2*Eaddress.
519 * The CIS cannot be erased.
520 */
521static int
522sddr09_erase(struct us_data *us, unsigned long Eaddress) {
523 unsigned char *command = us->iobuf;
524 int result;
525
526 usb_stor_dbg(us, "erase address %lu\n", Eaddress);
527
528 memset(command, 0, 12);
529 command[0] = 0xEA;
530 command[1] = LUNBITS;
531 command[6] = MSB_of(Eaddress>>16);
532 command[7] = LSB_of(Eaddress>>16);
533 command[8] = MSB_of(Eaddress & 0xFFFF);
534 command[9] = LSB_of(Eaddress & 0xFFFF);
535
536 result = sddr09_send_scsi_command(us, command, 12);
537
538 if (result)
539 usb_stor_dbg(us, "Result for send_control in sddr09_erase %d\n",
540 result);
541
542 return result;
543}
544
545/*
546 * Write CIS Command: 12 bytes.
547 * byte 0: opcode: EE
548 * bytes 2-5: write address in shorts
549 * bytes 10-11: sector count
550 *
551 * This writes at the indicated address. Don't know how it differs
552 * from E9. Maybe it does not erase? However, it will also write to
553 * the CIS.
554 *
555 * When two such commands on the same page follow each other directly,
556 * the second one is not done.
557 */
558
559/*
560 * Write Command: 12 bytes.
561 * byte 0: opcode: E9
562 * bytes 2-5: write address (big-endian, counting shorts, sector aligned).
563 * bytes 6-9: erase address (big-endian, counting shorts, sector aligned).
564 * bytes 10-11: sector count (big-endian, in 512-byte sectors).
565 *
566 * If write address equals erase address, the erase is done first,
567 * otherwise the write is done first. When erase address equals zero
568 * no erase is done?
569 */
570static int
571sddr09_writeX(struct us_data *us,
572 unsigned long Waddress, unsigned long Eaddress,
573 int nr_of_pages, int bulklen, unsigned char *buf, int use_sg) {
574
575 unsigned char *command = us->iobuf;
576 int result;
577
578 command[0] = 0xE9;
579 command[1] = LUNBITS;
580
581 command[2] = MSB_of(Waddress>>16);
582 command[3] = LSB_of(Waddress>>16);
583 command[4] = MSB_of(Waddress & 0xFFFF);
584 command[5] = LSB_of(Waddress & 0xFFFF);
585
586 command[6] = MSB_of(Eaddress>>16);
587 command[7] = LSB_of(Eaddress>>16);
588 command[8] = MSB_of(Eaddress & 0xFFFF);
589 command[9] = LSB_of(Eaddress & 0xFFFF);
590
591 command[10] = MSB_of(nr_of_pages);
592 command[11] = LSB_of(nr_of_pages);
593
594 result = sddr09_send_scsi_command(us, command, 12);
595
596 if (result) {
597 usb_stor_dbg(us, "Result for send_control in sddr09_writeX %d\n",
598 result);
599 return result;
600 }
601
602 result = usb_stor_bulk_transfer_sg(us, us->send_bulk_pipe,
603 buf, bulklen, use_sg, NULL);
604
605 if (result != USB_STOR_XFER_GOOD) {
606 usb_stor_dbg(us, "Result for bulk_transfer in sddr09_writeX %d\n",
607 result);
608 return -EIO;
609 }
610 return 0;
611}
612
613/* erase address, write same address */
614static int
615sddr09_write_inplace(struct us_data *us, unsigned long address,
616 int nr_of_pages, int pageshift, unsigned char *buf,
617 int use_sg) {
618 int bulklen = (nr_of_pages << pageshift) + (nr_of_pages << CONTROL_SHIFT);
619 return sddr09_writeX(us, address, address, nr_of_pages, bulklen,
620 buf, use_sg);
621}
622
623#if 0
624/*
625 * Read Scatter Gather Command: 3+4n bytes.
626 * byte 0: opcode E7
627 * byte 2: n
628 * bytes 4i-1,4i,4i+1: page address
629 * byte 4i+2: page count
630 * (i=1..n)
631 *
632 * This reads several pages from the card to a single memory buffer.
633 * The last two bits of byte 1 have the same meaning as for E8.
634 */
635static int
636sddr09_read_sg_test_only(struct us_data *us) {
637 unsigned char *command = us->iobuf;
638 int result, bulklen, nsg, ct;
639 unsigned char *buf;
640 unsigned long address;
641
642 nsg = bulklen = 0;
643 command[0] = 0xE7;
644 command[1] = LUNBITS;
645 command[2] = 0;
646 address = 040000; ct = 1;
647 nsg++;
648 bulklen += (ct << 9);
649 command[4*nsg+2] = ct;
650 command[4*nsg+1] = ((address >> 9) & 0xFF);
651 command[4*nsg+0] = ((address >> 17) & 0xFF);
652 command[4*nsg-1] = ((address >> 25) & 0xFF);
653
654 address = 0340000; ct = 1;
655 nsg++;
656 bulklen += (ct << 9);
657 command[4*nsg+2] = ct;
658 command[4*nsg+1] = ((address >> 9) & 0xFF);
659 command[4*nsg+0] = ((address >> 17) & 0xFF);
660 command[4*nsg-1] = ((address >> 25) & 0xFF);
661
662 address = 01000000; ct = 2;
663 nsg++;
664 bulklen += (ct << 9);
665 command[4*nsg+2] = ct;
666 command[4*nsg+1] = ((address >> 9) & 0xFF);
667 command[4*nsg+0] = ((address >> 17) & 0xFF);
668 command[4*nsg-1] = ((address >> 25) & 0xFF);
669
670 command[2] = nsg;
671
672 result = sddr09_send_scsi_command(us, command, 4*nsg+3);
673
674 if (result) {
675 usb_stor_dbg(us, "Result for send_control in sddr09_read_sg %d\n",
676 result);
677 return result;
678 }
679
680 buf = kmalloc(bulklen, GFP_NOIO);
681 if (!buf)
682 return -ENOMEM;
683
684 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe,
685 buf, bulklen, NULL);
686 kfree(buf);
687 if (result != USB_STOR_XFER_GOOD) {
688 usb_stor_dbg(us, "Result for bulk_transfer in sddr09_read_sg %d\n",
689 result);
690 return -EIO;
691 }
692
693 return 0;
694}
695#endif
696
697/*
698 * Read Status Command: 12 bytes.
699 * byte 0: opcode: EC
700 *
701 * Returns 64 bytes, all zero except for the first.
702 * bit 0: 1: Error
703 * bit 5: 1: Suspended
704 * bit 6: 1: Ready
705 * bit 7: 1: Not write-protected
706 */
707
708static int
709sddr09_read_status(struct us_data *us, unsigned char *status) {
710
711 unsigned char *command = us->iobuf;
712 unsigned char *data = us->iobuf;
713 int result;
714
715 usb_stor_dbg(us, "Reading status...\n");
716
717 memset(command, 0, 12);
718 command[0] = 0xEC;
719 command[1] = LUNBITS;
720
721 result = sddr09_send_scsi_command(us, command, 12);
722 if (result)
723 return result;
724
725 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe,
726 data, 64, NULL);
727 *status = data[0];
728 return (result == USB_STOR_XFER_GOOD ? 0 : -EIO);
729}
730
731static int
732sddr09_read_data(struct us_data *us,
733 unsigned long address,
734 unsigned int sectors) {
735
736 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra;
737 unsigned char *buffer;
738 unsigned int lba, maxlba, pba;
739 unsigned int page, pages;
740 unsigned int len, offset;
741 struct scatterlist *sg;
742 int result;
743
744 // Figure out the initial LBA and page
745 lba = address >> info->blockshift;
746 page = (address & info->blockmask);
747 maxlba = info->capacity >> (info->pageshift + info->blockshift);
748 if (lba >= maxlba)
749 return -EIO;
750
751 // Since we only read in one block at a time, we have to create
752 // a bounce buffer and move the data a piece at a time between the
753 // bounce buffer and the actual transfer buffer.
754
755 len = min(sectors, (unsigned int) info->blocksize) * info->pagesize;
756 buffer = kmalloc(len, GFP_NOIO);
757 if (!buffer)
758 return -ENOMEM;
759
760 // This could be made much more efficient by checking for
761 // contiguous LBA's. Another exercise left to the student.
762
763 result = 0;
764 offset = 0;
765 sg = NULL;
766
767 while (sectors > 0) {
768
769 /* Find number of pages we can read in this block */
770 pages = min(sectors, info->blocksize - page);
771 len = pages << info->pageshift;
772
773 /* Not overflowing capacity? */
774 if (lba >= maxlba) {
775 usb_stor_dbg(us, "Error: Requested lba %u exceeds maximum %u\n",
776 lba, maxlba);
777 result = -EIO;
778 break;
779 }
780
781 /* Find where this lba lives on disk */
782 pba = info->lba_to_pba[lba];
783
784 if (pba == UNDEF) { /* this lba was never written */
785
786 usb_stor_dbg(us, "Read %d zero pages (LBA %d) page %d\n",
787 pages, lba, page);
788
789 /*
790 * This is not really an error. It just means
791 * that the block has never been written.
792 * Instead of returning an error
793 * it is better to return all zero data.
794 */
795
796 memset(buffer, 0, len);
797
798 } else {
799 usb_stor_dbg(us, "Read %d pages, from PBA %d (LBA %d) page %d\n",
800 pages, pba, lba, page);
801
802 address = ((pba << info->blockshift) + page) <<
803 info->pageshift;
804
805 result = sddr09_read20(us, address>>1,
806 pages, info->pageshift, buffer, 0);
807 if (result)
808 break;
809 }
810
811 // Store the data in the transfer buffer
812 usb_stor_access_xfer_buf(buffer, len, us->srb,
813 &sg, &offset, TO_XFER_BUF);
814
815 page = 0;
816 lba++;
817 sectors -= pages;
818 }
819
820 kfree(buffer);
821 return result;
822}
823
824static unsigned int
825sddr09_find_unused_pba(struct sddr09_card_info *info, unsigned int lba) {
826 static unsigned int lastpba = 1;
827 int zonestart, end, i;
828
829 zonestart = (lba/1000) << 10;
830 end = info->capacity >> (info->blockshift + info->pageshift);
831 end -= zonestart;
832 if (end > 1024)
833 end = 1024;
834
835 for (i = lastpba+1; i < end; i++) {
836 if (info->pba_to_lba[zonestart+i] == UNDEF) {
837 lastpba = i;
838 return zonestart+i;
839 }
840 }
841 for (i = 0; i <= lastpba; i++) {
842 if (info->pba_to_lba[zonestart+i] == UNDEF) {
843 lastpba = i;
844 return zonestart+i;
845 }
846 }
847 return 0;
848}
849
850static int
851sddr09_write_lba(struct us_data *us, unsigned int lba,
852 unsigned int page, unsigned int pages,
853 unsigned char *ptr, unsigned char *blockbuffer) {
854
855 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra;
856 unsigned long address;
857 unsigned int pba, lbap;
858 unsigned int pagelen;
859 unsigned char *bptr, *cptr, *xptr;
860 unsigned char ecc[3];
861 int i, result;
862
863 lbap = ((lba % 1000) << 1) | 0x1000;
864 if (parity[MSB_of(lbap) ^ LSB_of(lbap)])
865 lbap ^= 1;
866 pba = info->lba_to_pba[lba];
867
868 if (pba == UNDEF) {
869 pba = sddr09_find_unused_pba(info, lba);
870 if (!pba) {
871 printk(KERN_WARNING
872 "sddr09_write_lba: Out of unused blocks\n");
873 return -ENOSPC;
874 }
875 info->pba_to_lba[pba] = lba;
876 info->lba_to_pba[lba] = pba;
877 }
878
879 if (pba == 1) {
880 /*
881 * Maybe it is impossible to write to PBA 1.
882 * Fake success, but don't do anything.
883 */
884 printk(KERN_WARNING "sddr09: avoid writing to pba 1\n");
885 return 0;
886 }
887
888 pagelen = (1 << info->pageshift) + (1 << CONTROL_SHIFT);
889
890 /* read old contents */
891 address = (pba << (info->pageshift + info->blockshift));
892 result = sddr09_read22(us, address>>1, info->blocksize,
893 info->pageshift, blockbuffer, 0);
894 if (result)
895 return result;
896
897 /* check old contents and fill lba */
898 for (i = 0; i < info->blocksize; i++) {
899 bptr = blockbuffer + i*pagelen;
900 cptr = bptr + info->pagesize;
901 nand_compute_ecc(bptr, ecc);
902 if (!nand_compare_ecc(cptr+13, ecc)) {
903 usb_stor_dbg(us, "Warning: bad ecc in page %d- of pba %d\n",
904 i, pba);
905 nand_store_ecc(cptr+13, ecc);
906 }
907 nand_compute_ecc(bptr+(info->pagesize / 2), ecc);
908 if (!nand_compare_ecc(cptr+8, ecc)) {
909 usb_stor_dbg(us, "Warning: bad ecc in page %d+ of pba %d\n",
910 i, pba);
911 nand_store_ecc(cptr+8, ecc);
912 }
913 cptr[6] = cptr[11] = MSB_of(lbap);
914 cptr[7] = cptr[12] = LSB_of(lbap);
915 }
916
917 /* copy in new stuff and compute ECC */
918 xptr = ptr;
919 for (i = page; i < page+pages; i++) {
920 bptr = blockbuffer + i*pagelen;
921 cptr = bptr + info->pagesize;
922 memcpy(bptr, xptr, info->pagesize);
923 xptr += info->pagesize;
924 nand_compute_ecc(bptr, ecc);
925 nand_store_ecc(cptr+13, ecc);
926 nand_compute_ecc(bptr+(info->pagesize / 2), ecc);
927 nand_store_ecc(cptr+8, ecc);
928 }
929
930 usb_stor_dbg(us, "Rewrite PBA %d (LBA %d)\n", pba, lba);
931
932 result = sddr09_write_inplace(us, address>>1, info->blocksize,
933 info->pageshift, blockbuffer, 0);
934
935 usb_stor_dbg(us, "sddr09_write_inplace returns %d\n", result);
936
937#if 0
938 {
939 unsigned char status = 0;
940 int result2 = sddr09_read_status(us, &status);
941 if (result2)
942 usb_stor_dbg(us, "cannot read status\n");
943 else if (status != 0xc0)
944 usb_stor_dbg(us, "status after write: 0x%x\n", status);
945 }
946#endif
947
948#if 0
949 {
950 int result2 = sddr09_test_unit_ready(us);
951 }
952#endif
953
954 return result;
955}
956
957static int
958sddr09_write_data(struct us_data *us,
959 unsigned long address,
960 unsigned int sectors) {
961
962 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra;
963 unsigned int lba, maxlba, page, pages;
964 unsigned int pagelen, blocklen;
965 unsigned char *blockbuffer;
966 unsigned char *buffer;
967 unsigned int len, offset;
968 struct scatterlist *sg;
969 int result;
970
971 /* Figure out the initial LBA and page */
972 lba = address >> info->blockshift;
973 page = (address & info->blockmask);
974 maxlba = info->capacity >> (info->pageshift + info->blockshift);
975 if (lba >= maxlba)
976 return -EIO;
977
978 /*
979 * blockbuffer is used for reading in the old data, overwriting
980 * with the new data, and performing ECC calculations
981 */
982
983 /*
984 * TODO: instead of doing kmalloc/kfree for each write,
985 * add a bufferpointer to the info structure
986 */
987
988 pagelen = (1 << info->pageshift) + (1 << CONTROL_SHIFT);
989 blocklen = (pagelen << info->blockshift);
990 blockbuffer = kmalloc(blocklen, GFP_NOIO);
991 if (!blockbuffer)
992 return -ENOMEM;
993
994 /*
995 * Since we don't write the user data directly to the device,
996 * we have to create a bounce buffer and move the data a piece
997 * at a time between the bounce buffer and the actual transfer buffer.
998 */
999
1000 len = min(sectors, (unsigned int) info->blocksize) * info->pagesize;
1001 buffer = kmalloc(len, GFP_NOIO);
1002 if (!buffer) {
1003 kfree(blockbuffer);
1004 return -ENOMEM;
1005 }
1006
1007 result = 0;
1008 offset = 0;
1009 sg = NULL;
1010
1011 while (sectors > 0) {
1012
1013 /* Write as many sectors as possible in this block */
1014
1015 pages = min(sectors, info->blocksize - page);
1016 len = (pages << info->pageshift);
1017
1018 /* Not overflowing capacity? */
1019 if (lba >= maxlba) {
1020 usb_stor_dbg(us, "Error: Requested lba %u exceeds maximum %u\n",
1021 lba, maxlba);
1022 result = -EIO;
1023 break;
1024 }
1025
1026 /* Get the data from the transfer buffer */
1027 usb_stor_access_xfer_buf(buffer, len, us->srb,
1028 &sg, &offset, FROM_XFER_BUF);
1029
1030 result = sddr09_write_lba(us, lba, page, pages,
1031 buffer, blockbuffer);
1032 if (result)
1033 break;
1034
1035 page = 0;
1036 lba++;
1037 sectors -= pages;
1038 }
1039
1040 kfree(buffer);
1041 kfree(blockbuffer);
1042
1043 return result;
1044}
1045
1046static int
1047sddr09_read_control(struct us_data *us,
1048 unsigned long address,
1049 unsigned int blocks,
1050 unsigned char *content,
1051 int use_sg) {
1052
1053 usb_stor_dbg(us, "Read control address %lu, blocks %d\n",
1054 address, blocks);
1055
1056 return sddr09_read21(us, address, blocks,
1057 CONTROL_SHIFT, content, use_sg);
1058}
1059
1060/*
1061 * Read Device ID Command: 12 bytes.
1062 * byte 0: opcode: ED
1063 *
1064 * Returns 2 bytes: Manufacturer ID and Device ID.
1065 * On more recent cards 3 bytes: the third byte is an option code A5
1066 * signifying that the secret command to read an 128-bit ID is available.
1067 * On still more recent cards 4 bytes: the fourth byte C0 means that
1068 * a second read ID cmd is available.
1069 */
1070static int
1071sddr09_read_deviceID(struct us_data *us, unsigned char *deviceID) {
1072 unsigned char *command = us->iobuf;
1073 unsigned char *content = us->iobuf;
1074 int result, i;
1075
1076 memset(command, 0, 12);
1077 command[0] = 0xED;
1078 command[1] = LUNBITS;
1079
1080 result = sddr09_send_scsi_command(us, command, 12);
1081 if (result)
1082 return result;
1083
1084 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe,
1085 content, 64, NULL);
1086
1087 for (i = 0; i < 4; i++)
1088 deviceID[i] = content[i];
1089
1090 return (result == USB_STOR_XFER_GOOD ? 0 : -EIO);
1091}
1092
1093static int
1094sddr09_get_wp(struct us_data *us, struct sddr09_card_info *info) {
1095 int result;
1096 unsigned char status;
1097 const char *wp_fmt;
1098
1099 result = sddr09_read_status(us, &status);
1100 if (result) {
1101 usb_stor_dbg(us, "read_status fails\n");
1102 return result;
1103 }
1104 if ((status & 0x80) == 0) {
1105 info->flags |= SDDR09_WP; /* write protected */
1106 wp_fmt = " WP";
1107 } else {
1108 wp_fmt = "";
1109 }
1110 usb_stor_dbg(us, "status 0x%02X%s%s%s%s\n", status, wp_fmt,
1111 status & 0x40 ? " Ready" : "",
1112 status & LUNBITS ? " Suspended" : "",
1113 status & 0x01 ? " Error" : "");
1114
1115 return 0;
1116}
1117
1118#if 0
1119/*
1120 * Reset Command: 12 bytes.
1121 * byte 0: opcode: EB
1122 */
1123static int
1124sddr09_reset(struct us_data *us) {
1125
1126 unsigned char *command = us->iobuf;
1127
1128 memset(command, 0, 12);
1129 command[0] = 0xEB;
1130 command[1] = LUNBITS;
1131
1132 return sddr09_send_scsi_command(us, command, 12);
1133}
1134#endif
1135
1136static struct nand_flash_dev *
1137sddr09_get_cardinfo(struct us_data *us, unsigned char flags) {
1138 struct nand_flash_dev *cardinfo;
1139 unsigned char deviceID[4];
1140 char blurbtxt[256];
1141 int result;
1142
1143 usb_stor_dbg(us, "Reading capacity...\n");
1144
1145 result = sddr09_read_deviceID(us, deviceID);
1146
1147 if (result) {
1148 usb_stor_dbg(us, "Result of read_deviceID is %d\n", result);
1149 printk(KERN_WARNING "sddr09: could not read card info\n");
1150 return NULL;
1151 }
1152
1153 sprintf(blurbtxt, "sddr09: Found Flash card, ID = %4ph", deviceID);
1154
1155 /* Byte 0 is the manufacturer */
1156 sprintf(blurbtxt + strlen(blurbtxt),
1157 ": Manuf. %s",
1158 nand_flash_manufacturer(deviceID[0]));
1159
1160 /* Byte 1 is the device type */
1161 cardinfo = nand_find_id(deviceID[1]);
1162 if (cardinfo) {
1163 /*
1164 * MB or MiB? It is neither. A 16 MB card has
1165 * 17301504 raw bytes, of which 16384000 are
1166 * usable for user data.
1167 */
1168 sprintf(blurbtxt + strlen(blurbtxt),
1169 ", %d MB", 1<<(cardinfo->chipshift - 20));
1170 } else {
1171 sprintf(blurbtxt + strlen(blurbtxt),
1172 ", type unrecognized");
1173 }
1174
1175 /* Byte 2 is code to signal availability of 128-bit ID */
1176 if (deviceID[2] == 0xa5) {
1177 sprintf(blurbtxt + strlen(blurbtxt),
1178 ", 128-bit ID");
1179 }
1180
1181 /* Byte 3 announces the availability of another read ID command */
1182 if (deviceID[3] == 0xc0) {
1183 sprintf(blurbtxt + strlen(blurbtxt),
1184 ", extra cmd");
1185 }
1186
1187 if (flags & SDDR09_WP)
1188 sprintf(blurbtxt + strlen(blurbtxt),
1189 ", WP");
1190
1191 printk(KERN_WARNING "%s\n", blurbtxt);
1192
1193 return cardinfo;
1194}
1195
1196static int
1197sddr09_read_map(struct us_data *us) {
1198
1199 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra;
1200 int numblocks, alloc_len, alloc_blocks;
1201 int i, j, result;
1202 unsigned char *buffer, *buffer_end, *ptr;
1203 unsigned int lba, lbact;
1204
1205 if (!info->capacity)
1206 return -1;
1207
1208 /*
1209 * size of a block is 1 << (blockshift + pageshift) bytes
1210 * divide into the total capacity to get the number of blocks
1211 */
1212
1213 numblocks = info->capacity >> (info->blockshift + info->pageshift);
1214
1215 /*
1216 * read 64 bytes for every block (actually 1 << CONTROL_SHIFT)
1217 * but only use a 64 KB buffer
1218 * buffer size used must be a multiple of (1 << CONTROL_SHIFT)
1219 */
1220#define SDDR09_READ_MAP_BUFSZ 65536
1221
1222 alloc_blocks = min(numblocks, SDDR09_READ_MAP_BUFSZ >> CONTROL_SHIFT);
1223 alloc_len = (alloc_blocks << CONTROL_SHIFT);
1224 buffer = kmalloc(alloc_len, GFP_NOIO);
1225 if (!buffer) {
1226 result = -1;
1227 goto done;
1228 }
1229 buffer_end = buffer + alloc_len;
1230
1231#undef SDDR09_READ_MAP_BUFSZ
1232
1233 kfree(info->lba_to_pba);
1234 kfree(info->pba_to_lba);
1235 info->lba_to_pba = kmalloc_array(numblocks, sizeof(int), GFP_NOIO);
1236 info->pba_to_lba = kmalloc_array(numblocks, sizeof(int), GFP_NOIO);
1237
1238 if (info->lba_to_pba == NULL || info->pba_to_lba == NULL) {
1239 printk(KERN_WARNING "sddr09_read_map: out of memory\n");
1240 result = -1;
1241 goto done;
1242 }
1243
1244 for (i = 0; i < numblocks; i++)
1245 info->lba_to_pba[i] = info->pba_to_lba[i] = UNDEF;
1246
1247 /*
1248 * Define lba-pba translation table
1249 */
1250
1251 ptr = buffer_end;
1252 for (i = 0; i < numblocks; i++) {
1253 ptr += (1 << CONTROL_SHIFT);
1254 if (ptr >= buffer_end) {
1255 unsigned long address;
1256
1257 address = i << (info->pageshift + info->blockshift);
1258 result = sddr09_read_control(
1259 us, address>>1,
1260 min(alloc_blocks, numblocks - i),
1261 buffer, 0);
1262 if (result) {
1263 result = -1;
1264 goto done;
1265 }
1266 ptr = buffer;
1267 }
1268
1269 if (i == 0 || i == 1) {
1270 info->pba_to_lba[i] = UNUSABLE;
1271 continue;
1272 }
1273
1274 /* special PBAs have control field 0^16 */
1275 for (j = 0; j < 16; j++)
1276 if (ptr[j] != 0)
1277 goto nonz;
1278 info->pba_to_lba[i] = UNUSABLE;
1279 printk(KERN_WARNING "sddr09: PBA %d has no logical mapping\n",
1280 i);
1281 continue;
1282
1283 nonz:
1284 /* unwritten PBAs have control field FF^16 */
1285 for (j = 0; j < 16; j++)
1286 if (ptr[j] != 0xff)
1287 goto nonff;
1288 continue;
1289
1290 nonff:
1291 /* normal PBAs start with six FFs */
1292 if (j < 6) {
1293 printk(KERN_WARNING
1294 "sddr09: PBA %d has no logical mapping: "
1295 "reserved area = %02X%02X%02X%02X "
1296 "data status %02X block status %02X\n",
1297 i, ptr[0], ptr[1], ptr[2], ptr[3],
1298 ptr[4], ptr[5]);
1299 info->pba_to_lba[i] = UNUSABLE;
1300 continue;
1301 }
1302
1303 if ((ptr[6] >> 4) != 0x01) {
1304 printk(KERN_WARNING
1305 "sddr09: PBA %d has invalid address field "
1306 "%02X%02X/%02X%02X\n",
1307 i, ptr[6], ptr[7], ptr[11], ptr[12]);
1308 info->pba_to_lba[i] = UNUSABLE;
1309 continue;
1310 }
1311
1312 /* check even parity */
1313 if (parity[ptr[6] ^ ptr[7]]) {
1314 printk(KERN_WARNING
1315 "sddr09: Bad parity in LBA for block %d"
1316 " (%02X %02X)\n", i, ptr[6], ptr[7]);
1317 info->pba_to_lba[i] = UNUSABLE;
1318 continue;
1319 }
1320
1321 lba = short_pack(ptr[7], ptr[6]);
1322 lba = (lba & 0x07FF) >> 1;
1323
1324 /*
1325 * Every 1024 physical blocks ("zone"), the LBA numbers
1326 * go back to zero, but are within a higher block of LBA's.
1327 * Also, there is a maximum of 1000 LBA's per zone.
1328 * In other words, in PBA 1024-2047 you will find LBA 0-999
1329 * which are really LBA 1000-1999. This allows for 24 bad
1330 * or special physical blocks per zone.
1331 */
1332
1333 if (lba >= 1000) {
1334 printk(KERN_WARNING
1335 "sddr09: Bad low LBA %d for block %d\n",
1336 lba, i);
1337 goto possibly_erase;
1338 }
1339
1340 lba += 1000*(i/0x400);
1341
1342 if (info->lba_to_pba[lba] != UNDEF) {
1343 printk(KERN_WARNING
1344 "sddr09: LBA %d seen for PBA %d and %d\n",
1345 lba, info->lba_to_pba[lba], i);
1346 goto possibly_erase;
1347 }
1348
1349 info->pba_to_lba[i] = lba;
1350 info->lba_to_pba[lba] = i;
1351 continue;
1352
1353 possibly_erase:
1354 if (erase_bad_lba_entries) {
1355 unsigned long address;
1356
1357 address = (i << (info->pageshift + info->blockshift));
1358 sddr09_erase(us, address>>1);
1359 info->pba_to_lba[i] = UNDEF;
1360 } else
1361 info->pba_to_lba[i] = UNUSABLE;
1362 }
1363
1364 /*
1365 * Approximate capacity. This is not entirely correct yet,
1366 * since a zone with less than 1000 usable pages leads to
1367 * missing LBAs. Especially if it is the last zone, some
1368 * LBAs can be past capacity.
1369 */
1370 lbact = 0;
1371 for (i = 0; i < numblocks; i += 1024) {
1372 int ct = 0;
1373
1374 for (j = 0; j < 1024 && i+j < numblocks; j++) {
1375 if (info->pba_to_lba[i+j] != UNUSABLE) {
1376 if (ct >= 1000)
1377 info->pba_to_lba[i+j] = SPARE;
1378 else
1379 ct++;
1380 }
1381 }
1382 lbact += ct;
1383 }
1384 info->lbact = lbact;
1385 usb_stor_dbg(us, "Found %d LBA's\n", lbact);
1386 result = 0;
1387
1388 done:
1389 if (result != 0) {
1390 kfree(info->lba_to_pba);
1391 kfree(info->pba_to_lba);
1392 info->lba_to_pba = NULL;
1393 info->pba_to_lba = NULL;
1394 }
1395 kfree(buffer);
1396 return result;
1397}
1398
1399static void
1400sddr09_card_info_destructor(void *extra) {
1401 struct sddr09_card_info *info = (struct sddr09_card_info *)extra;
1402
1403 if (!info)
1404 return;
1405
1406 kfree(info->lba_to_pba);
1407 kfree(info->pba_to_lba);
1408}
1409
1410static int
1411sddr09_common_init(struct us_data *us) {
1412 int result;
1413
1414 /* set the configuration -- STALL is an acceptable response here */
1415 if (us->pusb_dev->actconfig->desc.bConfigurationValue != 1) {
1416 usb_stor_dbg(us, "active config #%d != 1 ??\n",
1417 us->pusb_dev->actconfig->desc.bConfigurationValue);
1418 return -EINVAL;
1419 }
1420
1421 result = usb_reset_configuration(us->pusb_dev);
1422 usb_stor_dbg(us, "Result of usb_reset_configuration is %d\n", result);
1423 if (result == -EPIPE) {
1424 usb_stor_dbg(us, "-- stall on control interface\n");
1425 } else if (result != 0) {
1426 /* it's not a stall, but another error -- time to bail */
1427 usb_stor_dbg(us, "-- Unknown error. Rejecting device\n");
1428 return -EINVAL;
1429 }
1430
1431 us->extra = kzalloc(sizeof(struct sddr09_card_info), GFP_NOIO);
1432 if (!us->extra)
1433 return -ENOMEM;
1434 us->extra_destructor = sddr09_card_info_destructor;
1435
1436 nand_init_ecc();
1437 return 0;
1438}
1439
1440
1441/*
1442 * This is needed at a very early stage. If this is not listed in the
1443 * unusual devices list but called from here then LUN 0 of the combo reader
1444 * is not recognized. But I do not know what precisely these calls do.
1445 */
1446static int
1447usb_stor_sddr09_dpcm_init(struct us_data *us) {
1448 int result;
1449 unsigned char *data = us->iobuf;
1450
1451 result = sddr09_common_init(us);
1452 if (result)
1453 return result;
1454
1455 result = sddr09_send_command(us, 0x01, USB_DIR_IN, data, 2);
1456 if (result) {
1457 usb_stor_dbg(us, "send_command fails\n");
1458 return result;
1459 }
1460
1461 usb_stor_dbg(us, "%02X %02X\n", data[0], data[1]);
1462 // get 07 02
1463
1464 result = sddr09_send_command(us, 0x08, USB_DIR_IN, data, 2);
1465 if (result) {
1466 usb_stor_dbg(us, "2nd send_command fails\n");
1467 return result;
1468 }
1469
1470 usb_stor_dbg(us, "%02X %02X\n", data[0], data[1]);
1471 // get 07 00
1472
1473 result = sddr09_request_sense(us, data, 18);
1474 if (result == 0 && data[2] != 0) {
1475 int j;
1476 for (j=0; j<18; j++)
1477 printk(" %02X", data[j]);
1478 printk("\n");
1479 // get 70 00 00 00 00 00 00 * 00 00 00 00 00 00
1480 // 70: current command
1481 // sense key 0, sense code 0, extd sense code 0
1482 // additional transfer length * = sizeof(data) - 7
1483 // Or: 70 00 06 00 00 00 00 0b 00 00 00 00 28 00 00 00 00 00
1484 // sense key 06, sense code 28: unit attention,
1485 // not ready to ready transition
1486 }
1487
1488 // test unit ready
1489
1490 return 0; /* not result */
1491}
1492
1493/*
1494 * Transport for the Microtech DPCM-USB
1495 */
1496static int dpcm_transport(struct scsi_cmnd *srb, struct us_data *us)
1497{
1498 int ret;
1499
1500 usb_stor_dbg(us, "LUN=%d\n", (u8)srb->device->lun);
1501
1502 switch (srb->device->lun) {
1503 case 0:
1504
1505 /*
1506 * LUN 0 corresponds to the CompactFlash card reader.
1507 */
1508 ret = usb_stor_CB_transport(srb, us);
1509 break;
1510
1511 case 1:
1512
1513 /*
1514 * LUN 1 corresponds to the SmartMedia card reader.
1515 */
1516
1517 /*
1518 * Set the LUN to 0 (just in case).
1519 */
1520 srb->device->lun = 0;
1521 ret = sddr09_transport(srb, us);
1522 srb->device->lun = 1;
1523 break;
1524
1525 default:
1526 usb_stor_dbg(us, "Invalid LUN %d\n", (u8)srb->device->lun);
1527 ret = USB_STOR_TRANSPORT_ERROR;
1528 break;
1529 }
1530 return ret;
1531}
1532
1533
1534/*
1535 * Transport for the Sandisk SDDR-09
1536 */
1537static int sddr09_transport(struct scsi_cmnd *srb, struct us_data *us)
1538{
1539 static unsigned char sensekey = 0, sensecode = 0;
1540 static unsigned char havefakesense = 0;
1541 int result, i;
1542 unsigned char *ptr = us->iobuf;
1543 unsigned long capacity;
1544 unsigned int page, pages;
1545
1546 struct sddr09_card_info *info;
1547
1548 static unsigned char inquiry_response[8] = {
1549 0x00, 0x80, 0x00, 0x02, 0x1F, 0x00, 0x00, 0x00
1550 };
1551
1552 /* note: no block descriptor support */
1553 static unsigned char mode_page_01[19] = {
1554 0x00, 0x0F, 0x00, 0x0, 0x0, 0x0, 0x00,
1555 0x01, 0x0A,
1556 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
1557 };
1558
1559 info = (struct sddr09_card_info *)us->extra;
1560
1561 if (srb->cmnd[0] == REQUEST_SENSE && havefakesense) {
1562 /* for a faked command, we have to follow with a faked sense */
1563 memset(ptr, 0, 18);
1564 ptr[0] = 0x70;
1565 ptr[2] = sensekey;
1566 ptr[7] = 11;
1567 ptr[12] = sensecode;
1568 usb_stor_set_xfer_buf(ptr, 18, srb);
1569 sensekey = sensecode = havefakesense = 0;
1570 return USB_STOR_TRANSPORT_GOOD;
1571 }
1572
1573 havefakesense = 1;
1574
1575 /*
1576 * Dummy up a response for INQUIRY since SDDR09 doesn't
1577 * respond to INQUIRY commands
1578 */
1579
1580 if (srb->cmnd[0] == INQUIRY) {
1581 memcpy(ptr, inquiry_response, 8);
1582 fill_inquiry_response(us, ptr, 36);
1583 return USB_STOR_TRANSPORT_GOOD;
1584 }
1585
1586 if (srb->cmnd[0] == READ_CAPACITY) {
1587 struct nand_flash_dev *cardinfo;
1588
1589 sddr09_get_wp(us, info); /* read WP bit */
1590
1591 cardinfo = sddr09_get_cardinfo(us, info->flags);
1592 if (!cardinfo) {
1593 /* probably no media */
1594 init_error:
1595 sensekey = 0x02; /* not ready */
1596 sensecode = 0x3a; /* medium not present */
1597 return USB_STOR_TRANSPORT_FAILED;
1598 }
1599
1600 info->capacity = (1 << cardinfo->chipshift);
1601 info->pageshift = cardinfo->pageshift;
1602 info->pagesize = (1 << info->pageshift);
1603 info->blockshift = cardinfo->blockshift;
1604 info->blocksize = (1 << info->blockshift);
1605 info->blockmask = info->blocksize - 1;
1606
1607 // map initialization, must follow get_cardinfo()
1608 if (sddr09_read_map(us)) {
1609 /* probably out of memory */
1610 goto init_error;
1611 }
1612
1613 // Report capacity
1614
1615 capacity = (info->lbact << info->blockshift) - 1;
1616
1617 ((__be32 *) ptr)[0] = cpu_to_be32(capacity);
1618
1619 // Report page size
1620
1621 ((__be32 *) ptr)[1] = cpu_to_be32(info->pagesize);
1622 usb_stor_set_xfer_buf(ptr, 8, srb);
1623
1624 return USB_STOR_TRANSPORT_GOOD;
1625 }
1626
1627 if (srb->cmnd[0] == MODE_SENSE_10) {
1628 int modepage = (srb->cmnd[2] & 0x3F);
1629
1630 /*
1631 * They ask for the Read/Write error recovery page,
1632 * or for all pages.
1633 */
1634 /* %% We should check DBD %% */
1635 if (modepage == 0x01 || modepage == 0x3F) {
1636 usb_stor_dbg(us, "Dummy up request for mode page 0x%x\n",
1637 modepage);
1638
1639 memcpy(ptr, mode_page_01, sizeof(mode_page_01));
1640 ((__be16*)ptr)[0] = cpu_to_be16(sizeof(mode_page_01) - 2);
1641 ptr[3] = (info->flags & SDDR09_WP) ? 0x80 : 0;
1642 usb_stor_set_xfer_buf(ptr, sizeof(mode_page_01), srb);
1643 return USB_STOR_TRANSPORT_GOOD;
1644 }
1645
1646 sensekey = 0x05; /* illegal request */
1647 sensecode = 0x24; /* invalid field in CDB */
1648 return USB_STOR_TRANSPORT_FAILED;
1649 }
1650
1651 if (srb->cmnd[0] == ALLOW_MEDIUM_REMOVAL)
1652 return USB_STOR_TRANSPORT_GOOD;
1653
1654 havefakesense = 0;
1655
1656 if (srb->cmnd[0] == READ_10) {
1657
1658 page = short_pack(srb->cmnd[3], srb->cmnd[2]);
1659 page <<= 16;
1660 page |= short_pack(srb->cmnd[5], srb->cmnd[4]);
1661 pages = short_pack(srb->cmnd[8], srb->cmnd[7]);
1662
1663 usb_stor_dbg(us, "READ_10: read page %d pagect %d\n",
1664 page, pages);
1665
1666 result = sddr09_read_data(us, page, pages);
1667 return (result == 0 ? USB_STOR_TRANSPORT_GOOD :
1668 USB_STOR_TRANSPORT_ERROR);
1669 }
1670
1671 if (srb->cmnd[0] == WRITE_10) {
1672
1673 page = short_pack(srb->cmnd[3], srb->cmnd[2]);
1674 page <<= 16;
1675 page |= short_pack(srb->cmnd[5], srb->cmnd[4]);
1676 pages = short_pack(srb->cmnd[8], srb->cmnd[7]);
1677
1678 usb_stor_dbg(us, "WRITE_10: write page %d pagect %d\n",
1679 page, pages);
1680
1681 result = sddr09_write_data(us, page, pages);
1682 return (result == 0 ? USB_STOR_TRANSPORT_GOOD :
1683 USB_STOR_TRANSPORT_ERROR);
1684 }
1685
1686 /*
1687 * catch-all for all other commands, except
1688 * pass TEST_UNIT_READY and REQUEST_SENSE through
1689 */
1690 if (srb->cmnd[0] != TEST_UNIT_READY &&
1691 srb->cmnd[0] != REQUEST_SENSE) {
1692 sensekey = 0x05; /* illegal request */
1693 sensecode = 0x20; /* invalid command */
1694 havefakesense = 1;
1695 return USB_STOR_TRANSPORT_FAILED;
1696 }
1697
1698 for (; srb->cmd_len<12; srb->cmd_len++)
1699 srb->cmnd[srb->cmd_len] = 0;
1700
1701 srb->cmnd[1] = LUNBITS;
1702
1703 ptr[0] = 0;
1704 for (i=0; i<12; i++)
1705 sprintf(ptr+strlen(ptr), "%02X ", srb->cmnd[i]);
1706
1707 usb_stor_dbg(us, "Send control for command %s\n", ptr);
1708
1709 result = sddr09_send_scsi_command(us, srb->cmnd, 12);
1710 if (result) {
1711 usb_stor_dbg(us, "sddr09_send_scsi_command returns %d\n",
1712 result);
1713 return USB_STOR_TRANSPORT_ERROR;
1714 }
1715
1716 if (scsi_bufflen(srb) == 0)
1717 return USB_STOR_TRANSPORT_GOOD;
1718
1719 if (srb->sc_data_direction == DMA_TO_DEVICE ||
1720 srb->sc_data_direction == DMA_FROM_DEVICE) {
1721 unsigned int pipe = (srb->sc_data_direction == DMA_TO_DEVICE)
1722 ? us->send_bulk_pipe : us->recv_bulk_pipe;
1723
1724 usb_stor_dbg(us, "%s %d bytes\n",
1725 (srb->sc_data_direction == DMA_TO_DEVICE) ?
1726 "sending" : "receiving",
1727 scsi_bufflen(srb));
1728
1729 result = usb_stor_bulk_srb(us, pipe, srb);
1730
1731 return (result == USB_STOR_XFER_GOOD ?
1732 USB_STOR_TRANSPORT_GOOD : USB_STOR_TRANSPORT_ERROR);
1733 }
1734
1735 return USB_STOR_TRANSPORT_GOOD;
1736}
1737
1738/*
1739 * Initialization routine for the sddr09 subdriver
1740 */
1741static int
1742usb_stor_sddr09_init(struct us_data *us) {
1743 return sddr09_common_init(us);
1744}
1745
1746static struct scsi_host_template sddr09_host_template;
1747
1748static int sddr09_probe(struct usb_interface *intf,
1749 const struct usb_device_id *id)
1750{
1751 struct us_data *us;
1752 int result;
1753
1754 result = usb_stor_probe1(&us, intf, id,
1755 (id - sddr09_usb_ids) + sddr09_unusual_dev_list,
1756 &sddr09_host_template);
1757 if (result)
1758 return result;
1759
1760 if (us->protocol == USB_PR_DPCM_USB) {
1761 us->transport_name = "Control/Bulk-EUSB/SDDR09";
1762 us->transport = dpcm_transport;
1763 us->transport_reset = usb_stor_CB_reset;
1764 us->max_lun = 1;
1765 } else {
1766 us->transport_name = "EUSB/SDDR09";
1767 us->transport = sddr09_transport;
1768 us->transport_reset = usb_stor_CB_reset;
1769 us->max_lun = 0;
1770 }
1771
1772 result = usb_stor_probe2(us);
1773 return result;
1774}
1775
1776static struct usb_driver sddr09_driver = {
1777 .name = DRV_NAME,
1778 .probe = sddr09_probe,
1779 .disconnect = usb_stor_disconnect,
1780 .suspend = usb_stor_suspend,
1781 .resume = usb_stor_resume,
1782 .reset_resume = usb_stor_reset_resume,
1783 .pre_reset = usb_stor_pre_reset,
1784 .post_reset = usb_stor_post_reset,
1785 .id_table = sddr09_usb_ids,
1786 .soft_unbind = 1,
1787 .no_dynamic_id = 1,
1788};
1789
1790module_usb_stor_driver(sddr09_driver, sddr09_host_template, DRV_NAME);