Loading...
1// SPDX-License-Identifier: GPL-2.0
2/*
3 * Common Flash Interface support:
4 * Intel Extended Vendor Command Set (ID 0x0001)
5 *
6 * (C) 2000 Red Hat.
7 *
8 *
9 * 10/10/2000 Nicolas Pitre <nico@fluxnic.net>
10 * - completely revamped method functions so they are aware and
11 * independent of the flash geometry (buswidth, interleave, etc.)
12 * - scalability vs code size is completely set at compile-time
13 * (see include/linux/mtd/cfi.h for selection)
14 * - optimized write buffer method
15 * 02/05/2002 Christopher Hoover <ch@hpl.hp.com>/<ch@murgatroid.com>
16 * - reworked lock/unlock/erase support for var size flash
17 * 21/03/2007 Rodolfo Giometti <giometti@linux.it>
18 * - auto unlock sectors on resume for auto locking flash on power up
19 */
20
21#include <linux/module.h>
22#include <linux/types.h>
23#include <linux/kernel.h>
24#include <linux/sched.h>
25#include <asm/io.h>
26#include <asm/byteorder.h>
27
28#include <linux/errno.h>
29#include <linux/slab.h>
30#include <linux/delay.h>
31#include <linux/interrupt.h>
32#include <linux/reboot.h>
33#include <linux/bitmap.h>
34#include <linux/mtd/xip.h>
35#include <linux/mtd/map.h>
36#include <linux/mtd/mtd.h>
37#include <linux/mtd/cfi.h>
38
39/* #define CMDSET0001_DISABLE_ERASE_SUSPEND_ON_WRITE */
40/* #define CMDSET0001_DISABLE_WRITE_SUSPEND */
41
42// debugging, turns off buffer write mode if set to 1
43#define FORCE_WORD_WRITE 0
44
45/* Intel chips */
46#define I82802AB 0x00ad
47#define I82802AC 0x00ac
48#define PF38F4476 0x881c
49#define M28F00AP30 0x8963
50/* STMicroelectronics chips */
51#define M50LPW080 0x002F
52#define M50FLW080A 0x0080
53#define M50FLW080B 0x0081
54/* Atmel chips */
55#define AT49BV640D 0x02de
56#define AT49BV640DT 0x02db
57/* Sharp chips */
58#define LH28F640BFHE_PTTL90 0x00b0
59#define LH28F640BFHE_PBTL90 0x00b1
60#define LH28F640BFHE_PTTL70A 0x00b2
61#define LH28F640BFHE_PBTL70A 0x00b3
62
63static int cfi_intelext_read (struct mtd_info *, loff_t, size_t, size_t *, u_char *);
64static int cfi_intelext_write_words(struct mtd_info *, loff_t, size_t, size_t *, const u_char *);
65static int cfi_intelext_write_buffers(struct mtd_info *, loff_t, size_t, size_t *, const u_char *);
66static int cfi_intelext_writev(struct mtd_info *, const struct kvec *, unsigned long, loff_t, size_t *);
67static int cfi_intelext_erase_varsize(struct mtd_info *, struct erase_info *);
68static void cfi_intelext_sync (struct mtd_info *);
69static int cfi_intelext_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len);
70static int cfi_intelext_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len);
71static int cfi_intelext_is_locked(struct mtd_info *mtd, loff_t ofs,
72 uint64_t len);
73#ifdef CONFIG_MTD_OTP
74static int cfi_intelext_read_fact_prot_reg (struct mtd_info *, loff_t, size_t, size_t *, u_char *);
75static int cfi_intelext_read_user_prot_reg (struct mtd_info *, loff_t, size_t, size_t *, u_char *);
76static int cfi_intelext_write_user_prot_reg(struct mtd_info *, loff_t, size_t,
77 size_t *, const u_char *);
78static int cfi_intelext_lock_user_prot_reg (struct mtd_info *, loff_t, size_t);
79static int cfi_intelext_get_fact_prot_info(struct mtd_info *, size_t,
80 size_t *, struct otp_info *);
81static int cfi_intelext_get_user_prot_info(struct mtd_info *, size_t,
82 size_t *, struct otp_info *);
83#endif
84static int cfi_intelext_suspend (struct mtd_info *);
85static void cfi_intelext_resume (struct mtd_info *);
86static int cfi_intelext_reboot (struct notifier_block *, unsigned long, void *);
87
88static void cfi_intelext_destroy(struct mtd_info *);
89
90struct mtd_info *cfi_cmdset_0001(struct map_info *, int);
91
92static struct mtd_info *cfi_intelext_setup (struct mtd_info *);
93static int cfi_intelext_partition_fixup(struct mtd_info *, struct cfi_private **);
94
95static int cfi_intelext_point (struct mtd_info *mtd, loff_t from, size_t len,
96 size_t *retlen, void **virt, resource_size_t *phys);
97static int cfi_intelext_unpoint(struct mtd_info *mtd, loff_t from, size_t len);
98
99static int chip_ready (struct map_info *map, struct flchip *chip, unsigned long adr, int mode);
100static int get_chip(struct map_info *map, struct flchip *chip, unsigned long adr, int mode);
101static void put_chip(struct map_info *map, struct flchip *chip, unsigned long adr);
102#include "fwh_lock.h"
103
104
105
106/*
107 * *********** SETUP AND PROBE BITS ***********
108 */
109
110static struct mtd_chip_driver cfi_intelext_chipdrv = {
111 .probe = NULL, /* Not usable directly */
112 .destroy = cfi_intelext_destroy,
113 .name = "cfi_cmdset_0001",
114 .module = THIS_MODULE
115};
116
117/* #define DEBUG_LOCK_BITS */
118/* #define DEBUG_CFI_FEATURES */
119
120#ifdef DEBUG_CFI_FEATURES
121static void cfi_tell_features(struct cfi_pri_intelext *extp)
122{
123 int i;
124 printk(" Extended Query version %c.%c\n", extp->MajorVersion, extp->MinorVersion);
125 printk(" Feature/Command Support: %4.4X\n", extp->FeatureSupport);
126 printk(" - Chip Erase: %s\n", extp->FeatureSupport&1?"supported":"unsupported");
127 printk(" - Suspend Erase: %s\n", extp->FeatureSupport&2?"supported":"unsupported");
128 printk(" - Suspend Program: %s\n", extp->FeatureSupport&4?"supported":"unsupported");
129 printk(" - Legacy Lock/Unlock: %s\n", extp->FeatureSupport&8?"supported":"unsupported");
130 printk(" - Queued Erase: %s\n", extp->FeatureSupport&16?"supported":"unsupported");
131 printk(" - Instant block lock: %s\n", extp->FeatureSupport&32?"supported":"unsupported");
132 printk(" - Protection Bits: %s\n", extp->FeatureSupport&64?"supported":"unsupported");
133 printk(" - Page-mode read: %s\n", extp->FeatureSupport&128?"supported":"unsupported");
134 printk(" - Synchronous read: %s\n", extp->FeatureSupport&256?"supported":"unsupported");
135 printk(" - Simultaneous operations: %s\n", extp->FeatureSupport&512?"supported":"unsupported");
136 printk(" - Extended Flash Array: %s\n", extp->FeatureSupport&1024?"supported":"unsupported");
137 for (i=11; i<32; i++) {
138 if (extp->FeatureSupport & (1<<i))
139 printk(" - Unknown Bit %X: supported\n", i);
140 }
141
142 printk(" Supported functions after Suspend: %2.2X\n", extp->SuspendCmdSupport);
143 printk(" - Program after Erase Suspend: %s\n", extp->SuspendCmdSupport&1?"supported":"unsupported");
144 for (i=1; i<8; i++) {
145 if (extp->SuspendCmdSupport & (1<<i))
146 printk(" - Unknown Bit %X: supported\n", i);
147 }
148
149 printk(" Block Status Register Mask: %4.4X\n", extp->BlkStatusRegMask);
150 printk(" - Lock Bit Active: %s\n", extp->BlkStatusRegMask&1?"yes":"no");
151 printk(" - Lock-Down Bit Active: %s\n", extp->BlkStatusRegMask&2?"yes":"no");
152 for (i=2; i<3; i++) {
153 if (extp->BlkStatusRegMask & (1<<i))
154 printk(" - Unknown Bit %X Active: yes\n",i);
155 }
156 printk(" - EFA Lock Bit: %s\n", extp->BlkStatusRegMask&16?"yes":"no");
157 printk(" - EFA Lock-Down Bit: %s\n", extp->BlkStatusRegMask&32?"yes":"no");
158 for (i=6; i<16; i++) {
159 if (extp->BlkStatusRegMask & (1<<i))
160 printk(" - Unknown Bit %X Active: yes\n",i);
161 }
162
163 printk(" Vcc Logic Supply Optimum Program/Erase Voltage: %d.%d V\n",
164 extp->VccOptimal >> 4, extp->VccOptimal & 0xf);
165 if (extp->VppOptimal)
166 printk(" Vpp Programming Supply Optimum Program/Erase Voltage: %d.%d V\n",
167 extp->VppOptimal >> 4, extp->VppOptimal & 0xf);
168}
169#endif
170
171/* Atmel chips don't use the same PRI format as Intel chips */
172static void fixup_convert_atmel_pri(struct mtd_info *mtd)
173{
174 struct map_info *map = mtd->priv;
175 struct cfi_private *cfi = map->fldrv_priv;
176 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
177 struct cfi_pri_atmel atmel_pri;
178 uint32_t features = 0;
179
180 /* Reverse byteswapping */
181 extp->FeatureSupport = cpu_to_le32(extp->FeatureSupport);
182 extp->BlkStatusRegMask = cpu_to_le16(extp->BlkStatusRegMask);
183 extp->ProtRegAddr = cpu_to_le16(extp->ProtRegAddr);
184
185 memcpy(&atmel_pri, extp, sizeof(atmel_pri));
186 memset((char *)extp + 5, 0, sizeof(*extp) - 5);
187
188 printk(KERN_ERR "atmel Features: %02x\n", atmel_pri.Features);
189
190 if (atmel_pri.Features & 0x01) /* chip erase supported */
191 features |= (1<<0);
192 if (atmel_pri.Features & 0x02) /* erase suspend supported */
193 features |= (1<<1);
194 if (atmel_pri.Features & 0x04) /* program suspend supported */
195 features |= (1<<2);
196 if (atmel_pri.Features & 0x08) /* simultaneous operations supported */
197 features |= (1<<9);
198 if (atmel_pri.Features & 0x20) /* page mode read supported */
199 features |= (1<<7);
200 if (atmel_pri.Features & 0x40) /* queued erase supported */
201 features |= (1<<4);
202 if (atmel_pri.Features & 0x80) /* Protection bits supported */
203 features |= (1<<6);
204
205 extp->FeatureSupport = features;
206
207 /* burst write mode not supported */
208 cfi->cfiq->BufWriteTimeoutTyp = 0;
209 cfi->cfiq->BufWriteTimeoutMax = 0;
210}
211
212static void fixup_at49bv640dx_lock(struct mtd_info *mtd)
213{
214 struct map_info *map = mtd->priv;
215 struct cfi_private *cfi = map->fldrv_priv;
216 struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
217
218 cfip->FeatureSupport |= (1 << 5);
219 mtd->flags |= MTD_POWERUP_LOCK;
220}
221
222#ifdef CMDSET0001_DISABLE_ERASE_SUSPEND_ON_WRITE
223/* Some Intel Strata Flash prior to FPO revision C has bugs in this area */
224static void fixup_intel_strataflash(struct mtd_info *mtd)
225{
226 struct map_info *map = mtd->priv;
227 struct cfi_private *cfi = map->fldrv_priv;
228 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
229
230 printk(KERN_WARNING "cfi_cmdset_0001: Suspend "
231 "erase on write disabled.\n");
232 extp->SuspendCmdSupport &= ~1;
233}
234#endif
235
236#ifdef CMDSET0001_DISABLE_WRITE_SUSPEND
237static void fixup_no_write_suspend(struct mtd_info *mtd)
238{
239 struct map_info *map = mtd->priv;
240 struct cfi_private *cfi = map->fldrv_priv;
241 struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
242
243 if (cfip && (cfip->FeatureSupport&4)) {
244 cfip->FeatureSupport &= ~4;
245 printk(KERN_WARNING "cfi_cmdset_0001: write suspend disabled\n");
246 }
247}
248#endif
249
250static void fixup_st_m28w320ct(struct mtd_info *mtd)
251{
252 struct map_info *map = mtd->priv;
253 struct cfi_private *cfi = map->fldrv_priv;
254
255 cfi->cfiq->BufWriteTimeoutTyp = 0; /* Not supported */
256 cfi->cfiq->BufWriteTimeoutMax = 0; /* Not supported */
257}
258
259static void fixup_st_m28w320cb(struct mtd_info *mtd)
260{
261 struct map_info *map = mtd->priv;
262 struct cfi_private *cfi = map->fldrv_priv;
263
264 /* Note this is done after the region info is endian swapped */
265 cfi->cfiq->EraseRegionInfo[1] =
266 (cfi->cfiq->EraseRegionInfo[1] & 0xffff0000) | 0x3e;
267};
268
269static int is_LH28F640BF(struct cfi_private *cfi)
270{
271 /* Sharp LH28F640BF Family */
272 if (cfi->mfr == CFI_MFR_SHARP && (
273 cfi->id == LH28F640BFHE_PTTL90 || cfi->id == LH28F640BFHE_PBTL90 ||
274 cfi->id == LH28F640BFHE_PTTL70A || cfi->id == LH28F640BFHE_PBTL70A))
275 return 1;
276 return 0;
277}
278
279static void fixup_LH28F640BF(struct mtd_info *mtd)
280{
281 struct map_info *map = mtd->priv;
282 struct cfi_private *cfi = map->fldrv_priv;
283 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
284
285 /* Reset the Partition Configuration Register on LH28F640BF
286 * to a single partition (PCR = 0x000): PCR is embedded into A0-A15. */
287 if (is_LH28F640BF(cfi)) {
288 printk(KERN_INFO "Reset Partition Config. Register: 1 Partition of 4 planes\n");
289 map_write(map, CMD(0x60), 0);
290 map_write(map, CMD(0x04), 0);
291
292 /* We have set one single partition thus
293 * Simultaneous Operations are not allowed */
294 printk(KERN_INFO "cfi_cmdset_0001: Simultaneous Operations disabled\n");
295 extp->FeatureSupport &= ~512;
296 }
297}
298
299static void fixup_use_point(struct mtd_info *mtd)
300{
301 struct map_info *map = mtd->priv;
302 if (!mtd->_point && map_is_linear(map)) {
303 mtd->_point = cfi_intelext_point;
304 mtd->_unpoint = cfi_intelext_unpoint;
305 }
306}
307
308static void fixup_use_write_buffers(struct mtd_info *mtd)
309{
310 struct map_info *map = mtd->priv;
311 struct cfi_private *cfi = map->fldrv_priv;
312 if (cfi->cfiq->BufWriteTimeoutTyp) {
313 printk(KERN_INFO "Using buffer write method\n" );
314 mtd->_write = cfi_intelext_write_buffers;
315 mtd->_writev = cfi_intelext_writev;
316 }
317}
318
319/*
320 * Some chips power-up with all sectors locked by default.
321 */
322static void fixup_unlock_powerup_lock(struct mtd_info *mtd)
323{
324 struct map_info *map = mtd->priv;
325 struct cfi_private *cfi = map->fldrv_priv;
326 struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
327
328 if (cfip->FeatureSupport&32) {
329 printk(KERN_INFO "Using auto-unlock on power-up/resume\n" );
330 mtd->flags |= MTD_POWERUP_LOCK;
331 }
332}
333
334static struct cfi_fixup cfi_fixup_table[] = {
335 { CFI_MFR_ATMEL, CFI_ID_ANY, fixup_convert_atmel_pri },
336 { CFI_MFR_ATMEL, AT49BV640D, fixup_at49bv640dx_lock },
337 { CFI_MFR_ATMEL, AT49BV640DT, fixup_at49bv640dx_lock },
338#ifdef CMDSET0001_DISABLE_ERASE_SUSPEND_ON_WRITE
339 { CFI_MFR_ANY, CFI_ID_ANY, fixup_intel_strataflash },
340#endif
341#ifdef CMDSET0001_DISABLE_WRITE_SUSPEND
342 { CFI_MFR_ANY, CFI_ID_ANY, fixup_no_write_suspend },
343#endif
344#if !FORCE_WORD_WRITE
345 { CFI_MFR_ANY, CFI_ID_ANY, fixup_use_write_buffers },
346#endif
347 { CFI_MFR_ST, 0x00ba, /* M28W320CT */ fixup_st_m28w320ct },
348 { CFI_MFR_ST, 0x00bb, /* M28W320CB */ fixup_st_m28w320cb },
349 { CFI_MFR_INTEL, CFI_ID_ANY, fixup_unlock_powerup_lock },
350 { CFI_MFR_SHARP, CFI_ID_ANY, fixup_unlock_powerup_lock },
351 { CFI_MFR_SHARP, CFI_ID_ANY, fixup_LH28F640BF },
352 { 0, 0, NULL }
353};
354
355static struct cfi_fixup jedec_fixup_table[] = {
356 { CFI_MFR_INTEL, I82802AB, fixup_use_fwh_lock },
357 { CFI_MFR_INTEL, I82802AC, fixup_use_fwh_lock },
358 { CFI_MFR_ST, M50LPW080, fixup_use_fwh_lock },
359 { CFI_MFR_ST, M50FLW080A, fixup_use_fwh_lock },
360 { CFI_MFR_ST, M50FLW080B, fixup_use_fwh_lock },
361 { 0, 0, NULL }
362};
363static struct cfi_fixup fixup_table[] = {
364 /* The CFI vendor ids and the JEDEC vendor IDs appear
365 * to be common. It is like the devices id's are as
366 * well. This table is to pick all cases where
367 * we know that is the case.
368 */
369 { CFI_MFR_ANY, CFI_ID_ANY, fixup_use_point },
370 { 0, 0, NULL }
371};
372
373static void cfi_fixup_major_minor(struct cfi_private *cfi,
374 struct cfi_pri_intelext *extp)
375{
376 if (cfi->mfr == CFI_MFR_INTEL &&
377 cfi->id == PF38F4476 && extp->MinorVersion == '3')
378 extp->MinorVersion = '1';
379}
380
381static int cfi_is_micron_28F00AP30(struct cfi_private *cfi, struct flchip *chip)
382{
383 /*
384 * Micron(was Numonyx) 1Gbit bottom boot are buggy w.r.t
385 * Erase Supend for their small Erase Blocks(0x8000)
386 */
387 if (cfi->mfr == CFI_MFR_INTEL && cfi->id == M28F00AP30)
388 return 1;
389 return 0;
390}
391
392static inline struct cfi_pri_intelext *
393read_pri_intelext(struct map_info *map, __u16 adr)
394{
395 struct cfi_private *cfi = map->fldrv_priv;
396 struct cfi_pri_intelext *extp;
397 unsigned int extra_size = 0;
398 unsigned int extp_size = sizeof(*extp);
399
400 again:
401 extp = (struct cfi_pri_intelext *)cfi_read_pri(map, adr, extp_size, "Intel/Sharp");
402 if (!extp)
403 return NULL;
404
405 cfi_fixup_major_minor(cfi, extp);
406
407 if (extp->MajorVersion != '1' ||
408 (extp->MinorVersion < '0' || extp->MinorVersion > '5')) {
409 printk(KERN_ERR " Unknown Intel/Sharp Extended Query "
410 "version %c.%c.\n", extp->MajorVersion,
411 extp->MinorVersion);
412 kfree(extp);
413 return NULL;
414 }
415
416 /* Do some byteswapping if necessary */
417 extp->FeatureSupport = le32_to_cpu(extp->FeatureSupport);
418 extp->BlkStatusRegMask = le16_to_cpu(extp->BlkStatusRegMask);
419 extp->ProtRegAddr = le16_to_cpu(extp->ProtRegAddr);
420
421 if (extp->MinorVersion >= '0') {
422 extra_size = 0;
423
424 /* Protection Register info */
425 if (extp->NumProtectionFields) {
426 struct cfi_intelext_otpinfo *otp =
427 (struct cfi_intelext_otpinfo *)&extp->extra[0];
428
429 extra_size += (extp->NumProtectionFields - 1) *
430 sizeof(struct cfi_intelext_otpinfo);
431
432 if (extp_size >= sizeof(*extp) + extra_size) {
433 int i;
434
435 /* Do some byteswapping if necessary */
436 for (i = 0; i < extp->NumProtectionFields - 1; i++) {
437 otp->ProtRegAddr = le32_to_cpu(otp->ProtRegAddr);
438 otp->FactGroups = le16_to_cpu(otp->FactGroups);
439 otp->UserGroups = le16_to_cpu(otp->UserGroups);
440 otp++;
441 }
442 }
443 }
444 }
445
446 if (extp->MinorVersion >= '1') {
447 /* Burst Read info */
448 extra_size += 2;
449 if (extp_size < sizeof(*extp) + extra_size)
450 goto need_more;
451 extra_size += extp->extra[extra_size - 1];
452 }
453
454 if (extp->MinorVersion >= '3') {
455 int nb_parts, i;
456
457 /* Number of hardware-partitions */
458 extra_size += 1;
459 if (extp_size < sizeof(*extp) + extra_size)
460 goto need_more;
461 nb_parts = extp->extra[extra_size - 1];
462
463 /* skip the sizeof(partregion) field in CFI 1.4 */
464 if (extp->MinorVersion >= '4')
465 extra_size += 2;
466
467 for (i = 0; i < nb_parts; i++) {
468 struct cfi_intelext_regioninfo *rinfo;
469 rinfo = (struct cfi_intelext_regioninfo *)&extp->extra[extra_size];
470 extra_size += sizeof(*rinfo);
471 if (extp_size < sizeof(*extp) + extra_size)
472 goto need_more;
473 rinfo->NumIdentPartitions=le16_to_cpu(rinfo->NumIdentPartitions);
474 extra_size += (rinfo->NumBlockTypes - 1)
475 * sizeof(struct cfi_intelext_blockinfo);
476 }
477
478 if (extp->MinorVersion >= '4')
479 extra_size += sizeof(struct cfi_intelext_programming_regioninfo);
480
481 if (extp_size < sizeof(*extp) + extra_size) {
482 need_more:
483 extp_size = sizeof(*extp) + extra_size;
484 kfree(extp);
485 if (extp_size > 4096) {
486 printk(KERN_ERR
487 "%s: cfi_pri_intelext is too fat\n",
488 __func__);
489 return NULL;
490 }
491 goto again;
492 }
493 }
494
495 return extp;
496}
497
498struct mtd_info *cfi_cmdset_0001(struct map_info *map, int primary)
499{
500 struct cfi_private *cfi = map->fldrv_priv;
501 struct mtd_info *mtd;
502 int i;
503
504 mtd = kzalloc(sizeof(*mtd), GFP_KERNEL);
505 if (!mtd)
506 return NULL;
507 mtd->priv = map;
508 mtd->type = MTD_NORFLASH;
509
510 /* Fill in the default mtd operations */
511 mtd->_erase = cfi_intelext_erase_varsize;
512 mtd->_read = cfi_intelext_read;
513 mtd->_write = cfi_intelext_write_words;
514 mtd->_sync = cfi_intelext_sync;
515 mtd->_lock = cfi_intelext_lock;
516 mtd->_unlock = cfi_intelext_unlock;
517 mtd->_is_locked = cfi_intelext_is_locked;
518 mtd->_suspend = cfi_intelext_suspend;
519 mtd->_resume = cfi_intelext_resume;
520 mtd->flags = MTD_CAP_NORFLASH;
521 mtd->name = map->name;
522 mtd->writesize = 1;
523 mtd->writebufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
524
525 mtd->reboot_notifier.notifier_call = cfi_intelext_reboot;
526
527 if (cfi->cfi_mode == CFI_MODE_CFI) {
528 /*
529 * It's a real CFI chip, not one for which the probe
530 * routine faked a CFI structure. So we read the feature
531 * table from it.
532 */
533 __u16 adr = primary?cfi->cfiq->P_ADR:cfi->cfiq->A_ADR;
534 struct cfi_pri_intelext *extp;
535
536 extp = read_pri_intelext(map, adr);
537 if (!extp) {
538 kfree(mtd);
539 return NULL;
540 }
541
542 /* Install our own private info structure */
543 cfi->cmdset_priv = extp;
544
545 cfi_fixup(mtd, cfi_fixup_table);
546
547#ifdef DEBUG_CFI_FEATURES
548 /* Tell the user about it in lots of lovely detail */
549 cfi_tell_features(extp);
550#endif
551
552 if(extp->SuspendCmdSupport & 1) {
553 printk(KERN_NOTICE "cfi_cmdset_0001: Erase suspend on write enabled\n");
554 }
555 }
556 else if (cfi->cfi_mode == CFI_MODE_JEDEC) {
557 /* Apply jedec specific fixups */
558 cfi_fixup(mtd, jedec_fixup_table);
559 }
560 /* Apply generic fixups */
561 cfi_fixup(mtd, fixup_table);
562
563 for (i=0; i< cfi->numchips; i++) {
564 if (cfi->cfiq->WordWriteTimeoutTyp)
565 cfi->chips[i].word_write_time =
566 1<<cfi->cfiq->WordWriteTimeoutTyp;
567 else
568 cfi->chips[i].word_write_time = 50000;
569
570 if (cfi->cfiq->BufWriteTimeoutTyp)
571 cfi->chips[i].buffer_write_time =
572 1<<cfi->cfiq->BufWriteTimeoutTyp;
573 /* No default; if it isn't specified, we won't use it */
574
575 if (cfi->cfiq->BlockEraseTimeoutTyp)
576 cfi->chips[i].erase_time =
577 1000<<cfi->cfiq->BlockEraseTimeoutTyp;
578 else
579 cfi->chips[i].erase_time = 2000000;
580
581 if (cfi->cfiq->WordWriteTimeoutTyp &&
582 cfi->cfiq->WordWriteTimeoutMax)
583 cfi->chips[i].word_write_time_max =
584 1<<(cfi->cfiq->WordWriteTimeoutTyp +
585 cfi->cfiq->WordWriteTimeoutMax);
586 else
587 cfi->chips[i].word_write_time_max = 50000 * 8;
588
589 if (cfi->cfiq->BufWriteTimeoutTyp &&
590 cfi->cfiq->BufWriteTimeoutMax)
591 cfi->chips[i].buffer_write_time_max =
592 1<<(cfi->cfiq->BufWriteTimeoutTyp +
593 cfi->cfiq->BufWriteTimeoutMax);
594
595 if (cfi->cfiq->BlockEraseTimeoutTyp &&
596 cfi->cfiq->BlockEraseTimeoutMax)
597 cfi->chips[i].erase_time_max =
598 1000<<(cfi->cfiq->BlockEraseTimeoutTyp +
599 cfi->cfiq->BlockEraseTimeoutMax);
600 else
601 cfi->chips[i].erase_time_max = 2000000 * 8;
602
603 cfi->chips[i].ref_point_counter = 0;
604 init_waitqueue_head(&(cfi->chips[i].wq));
605 }
606
607 map->fldrv = &cfi_intelext_chipdrv;
608
609 return cfi_intelext_setup(mtd);
610}
611struct mtd_info *cfi_cmdset_0003(struct map_info *map, int primary) __attribute__((alias("cfi_cmdset_0001")));
612struct mtd_info *cfi_cmdset_0200(struct map_info *map, int primary) __attribute__((alias("cfi_cmdset_0001")));
613EXPORT_SYMBOL_GPL(cfi_cmdset_0001);
614EXPORT_SYMBOL_GPL(cfi_cmdset_0003);
615EXPORT_SYMBOL_GPL(cfi_cmdset_0200);
616
617static struct mtd_info *cfi_intelext_setup(struct mtd_info *mtd)
618{
619 struct map_info *map = mtd->priv;
620 struct cfi_private *cfi = map->fldrv_priv;
621 unsigned long offset = 0;
622 int i,j;
623 unsigned long devsize = (1<<cfi->cfiq->DevSize) * cfi->interleave;
624
625 //printk(KERN_DEBUG "number of CFI chips: %d\n", cfi->numchips);
626
627 mtd->size = devsize * cfi->numchips;
628
629 mtd->numeraseregions = cfi->cfiq->NumEraseRegions * cfi->numchips;
630 mtd->eraseregions = kcalloc(mtd->numeraseregions,
631 sizeof(struct mtd_erase_region_info),
632 GFP_KERNEL);
633 if (!mtd->eraseregions)
634 goto setup_err;
635
636 for (i=0; i<cfi->cfiq->NumEraseRegions; i++) {
637 unsigned long ernum, ersize;
638 ersize = ((cfi->cfiq->EraseRegionInfo[i] >> 8) & ~0xff) * cfi->interleave;
639 ernum = (cfi->cfiq->EraseRegionInfo[i] & 0xffff) + 1;
640
641 if (mtd->erasesize < ersize) {
642 mtd->erasesize = ersize;
643 }
644 for (j=0; j<cfi->numchips; j++) {
645 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].offset = (j*devsize)+offset;
646 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].erasesize = ersize;
647 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].numblocks = ernum;
648 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].lockmap = kmalloc(ernum / 8 + 1, GFP_KERNEL);
649 if (!mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].lockmap)
650 goto setup_err;
651 }
652 offset += (ersize * ernum);
653 }
654
655 if (offset != devsize) {
656 /* Argh */
657 printk(KERN_WARNING "Sum of regions (%lx) != total size of set of interleaved chips (%lx)\n", offset, devsize);
658 goto setup_err;
659 }
660
661 for (i=0; i<mtd->numeraseregions;i++){
662 printk(KERN_DEBUG "erase region %d: offset=0x%llx,size=0x%x,blocks=%d\n",
663 i,(unsigned long long)mtd->eraseregions[i].offset,
664 mtd->eraseregions[i].erasesize,
665 mtd->eraseregions[i].numblocks);
666 }
667
668#ifdef CONFIG_MTD_OTP
669 mtd->_read_fact_prot_reg = cfi_intelext_read_fact_prot_reg;
670 mtd->_read_user_prot_reg = cfi_intelext_read_user_prot_reg;
671 mtd->_write_user_prot_reg = cfi_intelext_write_user_prot_reg;
672 mtd->_lock_user_prot_reg = cfi_intelext_lock_user_prot_reg;
673 mtd->_get_fact_prot_info = cfi_intelext_get_fact_prot_info;
674 mtd->_get_user_prot_info = cfi_intelext_get_user_prot_info;
675#endif
676
677 /* This function has the potential to distort the reality
678 a bit and therefore should be called last. */
679 if (cfi_intelext_partition_fixup(mtd, &cfi) != 0)
680 goto setup_err;
681
682 __module_get(THIS_MODULE);
683 register_reboot_notifier(&mtd->reboot_notifier);
684 return mtd;
685
686 setup_err:
687 if (mtd->eraseregions)
688 for (i=0; i<cfi->cfiq->NumEraseRegions; i++)
689 for (j=0; j<cfi->numchips; j++)
690 kfree(mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].lockmap);
691 kfree(mtd->eraseregions);
692 kfree(mtd);
693 kfree(cfi->cmdset_priv);
694 return NULL;
695}
696
697static int cfi_intelext_partition_fixup(struct mtd_info *mtd,
698 struct cfi_private **pcfi)
699{
700 struct map_info *map = mtd->priv;
701 struct cfi_private *cfi = *pcfi;
702 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
703
704 /*
705 * Probing of multi-partition flash chips.
706 *
707 * To support multiple partitions when available, we simply arrange
708 * for each of them to have their own flchip structure even if they
709 * are on the same physical chip. This means completely recreating
710 * a new cfi_private structure right here which is a blatent code
711 * layering violation, but this is still the least intrusive
712 * arrangement at this point. This can be rearranged in the future
713 * if someone feels motivated enough. --nico
714 */
715 if (extp && extp->MajorVersion == '1' && extp->MinorVersion >= '3'
716 && extp->FeatureSupport & (1 << 9)) {
717 int offs = 0;
718 struct cfi_private *newcfi;
719 struct flchip *chip;
720 struct flchip_shared *shared;
721 int numregions, numparts, partshift, numvirtchips, i, j;
722
723 /* Protection Register info */
724 if (extp->NumProtectionFields)
725 offs = (extp->NumProtectionFields - 1) *
726 sizeof(struct cfi_intelext_otpinfo);
727
728 /* Burst Read info */
729 offs += extp->extra[offs+1]+2;
730
731 /* Number of partition regions */
732 numregions = extp->extra[offs];
733 offs += 1;
734
735 /* skip the sizeof(partregion) field in CFI 1.4 */
736 if (extp->MinorVersion >= '4')
737 offs += 2;
738
739 /* Number of hardware partitions */
740 numparts = 0;
741 for (i = 0; i < numregions; i++) {
742 struct cfi_intelext_regioninfo *rinfo;
743 rinfo = (struct cfi_intelext_regioninfo *)&extp->extra[offs];
744 numparts += rinfo->NumIdentPartitions;
745 offs += sizeof(*rinfo)
746 + (rinfo->NumBlockTypes - 1) *
747 sizeof(struct cfi_intelext_blockinfo);
748 }
749
750 if (!numparts)
751 numparts = 1;
752
753 /* Programming Region info */
754 if (extp->MinorVersion >= '4') {
755 struct cfi_intelext_programming_regioninfo *prinfo;
756 prinfo = (struct cfi_intelext_programming_regioninfo *)&extp->extra[offs];
757 mtd->writesize = cfi->interleave << prinfo->ProgRegShift;
758 mtd->flags &= ~MTD_BIT_WRITEABLE;
759 printk(KERN_DEBUG "%s: program region size/ctrl_valid/ctrl_inval = %d/%d/%d\n",
760 map->name, mtd->writesize,
761 cfi->interleave * prinfo->ControlValid,
762 cfi->interleave * prinfo->ControlInvalid);
763 }
764
765 /*
766 * All functions below currently rely on all chips having
767 * the same geometry so we'll just assume that all hardware
768 * partitions are of the same size too.
769 */
770 partshift = cfi->chipshift - __ffs(numparts);
771
772 if ((1 << partshift) < mtd->erasesize) {
773 printk( KERN_ERR
774 "%s: bad number of hw partitions (%d)\n",
775 __func__, numparts);
776 return -EINVAL;
777 }
778
779 numvirtchips = cfi->numchips * numparts;
780 newcfi = kmalloc(struct_size(newcfi, chips, numvirtchips),
781 GFP_KERNEL);
782 if (!newcfi)
783 return -ENOMEM;
784 shared = kmalloc_array(cfi->numchips,
785 sizeof(struct flchip_shared),
786 GFP_KERNEL);
787 if (!shared) {
788 kfree(newcfi);
789 return -ENOMEM;
790 }
791 memcpy(newcfi, cfi, sizeof(struct cfi_private));
792 newcfi->numchips = numvirtchips;
793 newcfi->chipshift = partshift;
794
795 chip = &newcfi->chips[0];
796 for (i = 0; i < cfi->numchips; i++) {
797 shared[i].writing = shared[i].erasing = NULL;
798 mutex_init(&shared[i].lock);
799 for (j = 0; j < numparts; j++) {
800 *chip = cfi->chips[i];
801 chip->start += j << partshift;
802 chip->priv = &shared[i];
803 /* those should be reset too since
804 they create memory references. */
805 init_waitqueue_head(&chip->wq);
806 mutex_init(&chip->mutex);
807 chip++;
808 }
809 }
810
811 printk(KERN_DEBUG "%s: %d set(s) of %d interleaved chips "
812 "--> %d partitions of %d KiB\n",
813 map->name, cfi->numchips, cfi->interleave,
814 newcfi->numchips, 1<<(newcfi->chipshift-10));
815
816 map->fldrv_priv = newcfi;
817 *pcfi = newcfi;
818 kfree(cfi);
819 }
820
821 return 0;
822}
823
824/*
825 * *********** CHIP ACCESS FUNCTIONS ***********
826 */
827static int chip_ready (struct map_info *map, struct flchip *chip, unsigned long adr, int mode)
828{
829 DECLARE_WAITQUEUE(wait, current);
830 struct cfi_private *cfi = map->fldrv_priv;
831 map_word status, status_OK = CMD(0x80), status_PWS = CMD(0x01);
832 struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
833 unsigned long timeo = jiffies + HZ;
834
835 /* Prevent setting state FL_SYNCING for chip in suspended state. */
836 if (mode == FL_SYNCING && chip->oldstate != FL_READY)
837 goto sleep;
838
839 switch (chip->state) {
840
841 case FL_STATUS:
842 for (;;) {
843 status = map_read(map, adr);
844 if (map_word_andequal(map, status, status_OK, status_OK))
845 break;
846
847 /* At this point we're fine with write operations
848 in other partitions as they don't conflict. */
849 if (chip->priv && map_word_andequal(map, status, status_PWS, status_PWS))
850 break;
851
852 mutex_unlock(&chip->mutex);
853 cfi_udelay(1);
854 mutex_lock(&chip->mutex);
855 /* Someone else might have been playing with it. */
856 return -EAGAIN;
857 }
858 fallthrough;
859 case FL_READY:
860 case FL_CFI_QUERY:
861 case FL_JEDEC_QUERY:
862 return 0;
863
864 case FL_ERASING:
865 if (!cfip ||
866 !(cfip->FeatureSupport & 2) ||
867 !(mode == FL_READY || mode == FL_POINT ||
868 (mode == FL_WRITING && (cfip->SuspendCmdSupport & 1))))
869 goto sleep;
870
871 /* Do not allow suspend iff read/write to EB address */
872 if ((adr & chip->in_progress_block_mask) ==
873 chip->in_progress_block_addr)
874 goto sleep;
875
876 /* do not suspend small EBs, buggy Micron Chips */
877 if (cfi_is_micron_28F00AP30(cfi, chip) &&
878 (chip->in_progress_block_mask == ~(0x8000-1)))
879 goto sleep;
880
881 /* Erase suspend */
882 map_write(map, CMD(0xB0), chip->in_progress_block_addr);
883
884 /* If the flash has finished erasing, then 'erase suspend'
885 * appears to make some (28F320) flash devices switch to
886 * 'read' mode. Make sure that we switch to 'read status'
887 * mode so we get the right data. --rmk
888 */
889 map_write(map, CMD(0x70), chip->in_progress_block_addr);
890 chip->oldstate = FL_ERASING;
891 chip->state = FL_ERASE_SUSPENDING;
892 chip->erase_suspended = 1;
893 for (;;) {
894 status = map_read(map, chip->in_progress_block_addr);
895 if (map_word_andequal(map, status, status_OK, status_OK))
896 break;
897
898 if (time_after(jiffies, timeo)) {
899 /* Urgh. Resume and pretend we weren't here.
900 * Make sure we're in 'read status' mode if it had finished */
901 put_chip(map, chip, adr);
902 printk(KERN_ERR "%s: Chip not ready after erase "
903 "suspended: status = 0x%lx\n", map->name, status.x[0]);
904 return -EIO;
905 }
906
907 mutex_unlock(&chip->mutex);
908 cfi_udelay(1);
909 mutex_lock(&chip->mutex);
910 /* Nobody will touch it while it's in state FL_ERASE_SUSPENDING.
911 So we can just loop here. */
912 }
913 chip->state = FL_STATUS;
914 return 0;
915
916 case FL_XIP_WHILE_ERASING:
917 if (mode != FL_READY && mode != FL_POINT &&
918 (mode != FL_WRITING || !cfip || !(cfip->SuspendCmdSupport&1)))
919 goto sleep;
920 chip->oldstate = chip->state;
921 chip->state = FL_READY;
922 return 0;
923
924 case FL_SHUTDOWN:
925 /* The machine is rebooting now,so no one can get chip anymore */
926 return -EIO;
927 case FL_POINT:
928 /* Only if there's no operation suspended... */
929 if (mode == FL_READY && chip->oldstate == FL_READY)
930 return 0;
931 fallthrough;
932 default:
933 sleep:
934 set_current_state(TASK_UNINTERRUPTIBLE);
935 add_wait_queue(&chip->wq, &wait);
936 mutex_unlock(&chip->mutex);
937 schedule();
938 remove_wait_queue(&chip->wq, &wait);
939 mutex_lock(&chip->mutex);
940 return -EAGAIN;
941 }
942}
943
944static int get_chip(struct map_info *map, struct flchip *chip, unsigned long adr, int mode)
945{
946 int ret;
947 DECLARE_WAITQUEUE(wait, current);
948
949 retry:
950 if (chip->priv &&
951 (mode == FL_WRITING || mode == FL_ERASING || mode == FL_OTP_WRITE
952 || mode == FL_SHUTDOWN) && chip->state != FL_SYNCING) {
953 /*
954 * OK. We have possibility for contention on the write/erase
955 * operations which are global to the real chip and not per
956 * partition. So let's fight it over in the partition which
957 * currently has authority on the operation.
958 *
959 * The rules are as follows:
960 *
961 * - any write operation must own shared->writing.
962 *
963 * - any erase operation must own _both_ shared->writing and
964 * shared->erasing.
965 *
966 * - contention arbitration is handled in the owner's context.
967 *
968 * The 'shared' struct can be read and/or written only when
969 * its lock is taken.
970 */
971 struct flchip_shared *shared = chip->priv;
972 struct flchip *contender;
973 mutex_lock(&shared->lock);
974 contender = shared->writing;
975 if (contender && contender != chip) {
976 /*
977 * The engine to perform desired operation on this
978 * partition is already in use by someone else.
979 * Let's fight over it in the context of the chip
980 * currently using it. If it is possible to suspend,
981 * that other partition will do just that, otherwise
982 * it'll happily send us to sleep. In any case, when
983 * get_chip returns success we're clear to go ahead.
984 */
985 ret = mutex_trylock(&contender->mutex);
986 mutex_unlock(&shared->lock);
987 if (!ret)
988 goto retry;
989 mutex_unlock(&chip->mutex);
990 ret = chip_ready(map, contender, contender->start, mode);
991 mutex_lock(&chip->mutex);
992
993 if (ret == -EAGAIN) {
994 mutex_unlock(&contender->mutex);
995 goto retry;
996 }
997 if (ret) {
998 mutex_unlock(&contender->mutex);
999 return ret;
1000 }
1001 mutex_lock(&shared->lock);
1002
1003 /* We should not own chip if it is already
1004 * in FL_SYNCING state. Put contender and retry. */
1005 if (chip->state == FL_SYNCING) {
1006 put_chip(map, contender, contender->start);
1007 mutex_unlock(&contender->mutex);
1008 goto retry;
1009 }
1010 mutex_unlock(&contender->mutex);
1011 }
1012
1013 /* Check if we already have suspended erase
1014 * on this chip. Sleep. */
1015 if (mode == FL_ERASING && shared->erasing
1016 && shared->erasing->oldstate == FL_ERASING) {
1017 mutex_unlock(&shared->lock);
1018 set_current_state(TASK_UNINTERRUPTIBLE);
1019 add_wait_queue(&chip->wq, &wait);
1020 mutex_unlock(&chip->mutex);
1021 schedule();
1022 remove_wait_queue(&chip->wq, &wait);
1023 mutex_lock(&chip->mutex);
1024 goto retry;
1025 }
1026
1027 /* We now own it */
1028 shared->writing = chip;
1029 if (mode == FL_ERASING)
1030 shared->erasing = chip;
1031 mutex_unlock(&shared->lock);
1032 }
1033 ret = chip_ready(map, chip, adr, mode);
1034 if (ret == -EAGAIN)
1035 goto retry;
1036
1037 return ret;
1038}
1039
1040static void put_chip(struct map_info *map, struct flchip *chip, unsigned long adr)
1041{
1042 struct cfi_private *cfi = map->fldrv_priv;
1043
1044 if (chip->priv) {
1045 struct flchip_shared *shared = chip->priv;
1046 mutex_lock(&shared->lock);
1047 if (shared->writing == chip && chip->oldstate == FL_READY) {
1048 /* We own the ability to write, but we're done */
1049 shared->writing = shared->erasing;
1050 if (shared->writing && shared->writing != chip) {
1051 /* give back ownership to who we loaned it from */
1052 struct flchip *loaner = shared->writing;
1053 mutex_lock(&loaner->mutex);
1054 mutex_unlock(&shared->lock);
1055 mutex_unlock(&chip->mutex);
1056 put_chip(map, loaner, loaner->start);
1057 mutex_lock(&chip->mutex);
1058 mutex_unlock(&loaner->mutex);
1059 wake_up(&chip->wq);
1060 return;
1061 }
1062 shared->erasing = NULL;
1063 shared->writing = NULL;
1064 } else if (shared->erasing == chip && shared->writing != chip) {
1065 /*
1066 * We own the ability to erase without the ability
1067 * to write, which means the erase was suspended
1068 * and some other partition is currently writing.
1069 * Don't let the switch below mess things up since
1070 * we don't have ownership to resume anything.
1071 */
1072 mutex_unlock(&shared->lock);
1073 wake_up(&chip->wq);
1074 return;
1075 }
1076 mutex_unlock(&shared->lock);
1077 }
1078
1079 switch(chip->oldstate) {
1080 case FL_ERASING:
1081 /* What if one interleaved chip has finished and the
1082 other hasn't? The old code would leave the finished
1083 one in READY mode. That's bad, and caused -EROFS
1084 errors to be returned from do_erase_oneblock because
1085 that's the only bit it checked for at the time.
1086 As the state machine appears to explicitly allow
1087 sending the 0x70 (Read Status) command to an erasing
1088 chip and expecting it to be ignored, that's what we
1089 do. */
1090 map_write(map, CMD(0xd0), chip->in_progress_block_addr);
1091 map_write(map, CMD(0x70), chip->in_progress_block_addr);
1092 chip->oldstate = FL_READY;
1093 chip->state = FL_ERASING;
1094 break;
1095
1096 case FL_XIP_WHILE_ERASING:
1097 chip->state = chip->oldstate;
1098 chip->oldstate = FL_READY;
1099 break;
1100
1101 case FL_READY:
1102 case FL_STATUS:
1103 case FL_JEDEC_QUERY:
1104 break;
1105 default:
1106 printk(KERN_ERR "%s: put_chip() called with oldstate %d!!\n", map->name, chip->oldstate);
1107 }
1108 wake_up(&chip->wq);
1109}
1110
1111#ifdef CONFIG_MTD_XIP
1112
1113/*
1114 * No interrupt what so ever can be serviced while the flash isn't in array
1115 * mode. This is ensured by the xip_disable() and xip_enable() functions
1116 * enclosing any code path where the flash is known not to be in array mode.
1117 * And within a XIP disabled code path, only functions marked with __xipram
1118 * may be called and nothing else (it's a good thing to inspect generated
1119 * assembly to make sure inline functions were actually inlined and that gcc
1120 * didn't emit calls to its own support functions). Also configuring MTD CFI
1121 * support to a single buswidth and a single interleave is also recommended.
1122 */
1123
1124static void xip_disable(struct map_info *map, struct flchip *chip,
1125 unsigned long adr)
1126{
1127 /* TODO: chips with no XIP use should ignore and return */
1128 (void) map_read(map, adr); /* ensure mmu mapping is up to date */
1129 local_irq_disable();
1130}
1131
1132static void __xipram xip_enable(struct map_info *map, struct flchip *chip,
1133 unsigned long adr)
1134{
1135 struct cfi_private *cfi = map->fldrv_priv;
1136 if (chip->state != FL_POINT && chip->state != FL_READY) {
1137 map_write(map, CMD(0xff), adr);
1138 chip->state = FL_READY;
1139 }
1140 (void) map_read(map, adr);
1141 xip_iprefetch();
1142 local_irq_enable();
1143}
1144
1145/*
1146 * When a delay is required for the flash operation to complete, the
1147 * xip_wait_for_operation() function is polling for both the given timeout
1148 * and pending (but still masked) hardware interrupts. Whenever there is an
1149 * interrupt pending then the flash erase or write operation is suspended,
1150 * array mode restored and interrupts unmasked. Task scheduling might also
1151 * happen at that point. The CPU eventually returns from the interrupt or
1152 * the call to schedule() and the suspended flash operation is resumed for
1153 * the remaining of the delay period.
1154 *
1155 * Warning: this function _will_ fool interrupt latency tracing tools.
1156 */
1157
1158static int __xipram xip_wait_for_operation(
1159 struct map_info *map, struct flchip *chip,
1160 unsigned long adr, unsigned int chip_op_time_max)
1161{
1162 struct cfi_private *cfi = map->fldrv_priv;
1163 struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
1164 map_word status, OK = CMD(0x80);
1165 unsigned long usec, suspended, start, done;
1166 flstate_t oldstate, newstate;
1167
1168 start = xip_currtime();
1169 usec = chip_op_time_max;
1170 if (usec == 0)
1171 usec = 500000;
1172 done = 0;
1173
1174 do {
1175 cpu_relax();
1176 if (xip_irqpending() && cfip &&
1177 ((chip->state == FL_ERASING && (cfip->FeatureSupport&2)) ||
1178 (chip->state == FL_WRITING && (cfip->FeatureSupport&4))) &&
1179 (cfi_interleave_is_1(cfi) || chip->oldstate == FL_READY)) {
1180 /*
1181 * Let's suspend the erase or write operation when
1182 * supported. Note that we currently don't try to
1183 * suspend interleaved chips if there is already
1184 * another operation suspended (imagine what happens
1185 * when one chip was already done with the current
1186 * operation while another chip suspended it, then
1187 * we resume the whole thing at once). Yes, it
1188 * can happen!
1189 */
1190 usec -= done;
1191 map_write(map, CMD(0xb0), adr);
1192 map_write(map, CMD(0x70), adr);
1193 suspended = xip_currtime();
1194 do {
1195 if (xip_elapsed_since(suspended) > 100000) {
1196 /*
1197 * The chip doesn't want to suspend
1198 * after waiting for 100 msecs.
1199 * This is a critical error but there
1200 * is not much we can do here.
1201 */
1202 return -EIO;
1203 }
1204 status = map_read(map, adr);
1205 } while (!map_word_andequal(map, status, OK, OK));
1206
1207 /* Suspend succeeded */
1208 oldstate = chip->state;
1209 if (oldstate == FL_ERASING) {
1210 if (!map_word_bitsset(map, status, CMD(0x40)))
1211 break;
1212 newstate = FL_XIP_WHILE_ERASING;
1213 chip->erase_suspended = 1;
1214 } else {
1215 if (!map_word_bitsset(map, status, CMD(0x04)))
1216 break;
1217 newstate = FL_XIP_WHILE_WRITING;
1218 chip->write_suspended = 1;
1219 }
1220 chip->state = newstate;
1221 map_write(map, CMD(0xff), adr);
1222 (void) map_read(map, adr);
1223 xip_iprefetch();
1224 local_irq_enable();
1225 mutex_unlock(&chip->mutex);
1226 xip_iprefetch();
1227 cond_resched();
1228
1229 /*
1230 * We're back. However someone else might have
1231 * decided to go write to the chip if we are in
1232 * a suspended erase state. If so let's wait
1233 * until it's done.
1234 */
1235 mutex_lock(&chip->mutex);
1236 while (chip->state != newstate) {
1237 DECLARE_WAITQUEUE(wait, current);
1238 set_current_state(TASK_UNINTERRUPTIBLE);
1239 add_wait_queue(&chip->wq, &wait);
1240 mutex_unlock(&chip->mutex);
1241 schedule();
1242 remove_wait_queue(&chip->wq, &wait);
1243 mutex_lock(&chip->mutex);
1244 }
1245 /* Disallow XIP again */
1246 local_irq_disable();
1247
1248 /* Resume the write or erase operation */
1249 map_write(map, CMD(0xd0), adr);
1250 map_write(map, CMD(0x70), adr);
1251 chip->state = oldstate;
1252 start = xip_currtime();
1253 } else if (usec >= 1000000/HZ) {
1254 /*
1255 * Try to save on CPU power when waiting delay
1256 * is at least a system timer tick period.
1257 * No need to be extremely accurate here.
1258 */
1259 xip_cpu_idle();
1260 }
1261 status = map_read(map, adr);
1262 done = xip_elapsed_since(start);
1263 } while (!map_word_andequal(map, status, OK, OK)
1264 && done < usec);
1265
1266 return (done >= usec) ? -ETIME : 0;
1267}
1268
1269/*
1270 * The INVALIDATE_CACHED_RANGE() macro is normally used in parallel while
1271 * the flash is actively programming or erasing since we have to poll for
1272 * the operation to complete anyway. We can't do that in a generic way with
1273 * a XIP setup so do it before the actual flash operation in this case
1274 * and stub it out from INVAL_CACHE_AND_WAIT.
1275 */
1276#define XIP_INVAL_CACHED_RANGE(map, from, size) \
1277 INVALIDATE_CACHED_RANGE(map, from, size)
1278
1279#define INVAL_CACHE_AND_WAIT(map, chip, cmd_adr, inval_adr, inval_len, usec, usec_max) \
1280 xip_wait_for_operation(map, chip, cmd_adr, usec_max)
1281
1282#else
1283
1284#define xip_disable(map, chip, adr)
1285#define xip_enable(map, chip, adr)
1286#define XIP_INVAL_CACHED_RANGE(x...)
1287#define INVAL_CACHE_AND_WAIT inval_cache_and_wait_for_operation
1288
1289static int inval_cache_and_wait_for_operation(
1290 struct map_info *map, struct flchip *chip,
1291 unsigned long cmd_adr, unsigned long inval_adr, int inval_len,
1292 unsigned int chip_op_time, unsigned int chip_op_time_max)
1293{
1294 struct cfi_private *cfi = map->fldrv_priv;
1295 map_word status, status_OK = CMD(0x80);
1296 int chip_state = chip->state;
1297 unsigned int timeo, sleep_time, reset_timeo;
1298
1299 mutex_unlock(&chip->mutex);
1300 if (inval_len)
1301 INVALIDATE_CACHED_RANGE(map, inval_adr, inval_len);
1302 mutex_lock(&chip->mutex);
1303
1304 timeo = chip_op_time_max;
1305 if (!timeo)
1306 timeo = 500000;
1307 reset_timeo = timeo;
1308 sleep_time = chip_op_time / 2;
1309
1310 for (;;) {
1311 if (chip->state != chip_state) {
1312 /* Someone's suspended the operation: sleep */
1313 DECLARE_WAITQUEUE(wait, current);
1314 set_current_state(TASK_UNINTERRUPTIBLE);
1315 add_wait_queue(&chip->wq, &wait);
1316 mutex_unlock(&chip->mutex);
1317 schedule();
1318 remove_wait_queue(&chip->wq, &wait);
1319 mutex_lock(&chip->mutex);
1320 continue;
1321 }
1322
1323 status = map_read(map, cmd_adr);
1324 if (map_word_andequal(map, status, status_OK, status_OK))
1325 break;
1326
1327 if (chip->erase_suspended && chip_state == FL_ERASING) {
1328 /* Erase suspend occurred while sleep: reset timeout */
1329 timeo = reset_timeo;
1330 chip->erase_suspended = 0;
1331 }
1332 if (chip->write_suspended && chip_state == FL_WRITING) {
1333 /* Write suspend occurred while sleep: reset timeout */
1334 timeo = reset_timeo;
1335 chip->write_suspended = 0;
1336 }
1337 if (!timeo) {
1338 map_write(map, CMD(0x70), cmd_adr);
1339 chip->state = FL_STATUS;
1340 return -ETIME;
1341 }
1342
1343 /* OK Still waiting. Drop the lock, wait a while and retry. */
1344 mutex_unlock(&chip->mutex);
1345 if (sleep_time >= 1000000/HZ) {
1346 /*
1347 * Half of the normal delay still remaining
1348 * can be performed with a sleeping delay instead
1349 * of busy waiting.
1350 */
1351 msleep(sleep_time/1000);
1352 timeo -= sleep_time;
1353 sleep_time = 1000000/HZ;
1354 } else {
1355 udelay(1);
1356 cond_resched();
1357 timeo--;
1358 }
1359 mutex_lock(&chip->mutex);
1360 }
1361
1362 /* Done and happy. */
1363 chip->state = FL_STATUS;
1364 return 0;
1365}
1366
1367#endif
1368
1369#define WAIT_TIMEOUT(map, chip, adr, udelay, udelay_max) \
1370 INVAL_CACHE_AND_WAIT(map, chip, adr, 0, 0, udelay, udelay_max);
1371
1372
1373static int do_point_onechip (struct map_info *map, struct flchip *chip, loff_t adr, size_t len)
1374{
1375 unsigned long cmd_addr;
1376 struct cfi_private *cfi = map->fldrv_priv;
1377 int ret;
1378
1379 adr += chip->start;
1380
1381 /* Ensure cmd read/writes are aligned. */
1382 cmd_addr = adr & ~(map_bankwidth(map)-1);
1383
1384 mutex_lock(&chip->mutex);
1385
1386 ret = get_chip(map, chip, cmd_addr, FL_POINT);
1387
1388 if (!ret) {
1389 if (chip->state != FL_POINT && chip->state != FL_READY)
1390 map_write(map, CMD(0xff), cmd_addr);
1391
1392 chip->state = FL_POINT;
1393 chip->ref_point_counter++;
1394 }
1395 mutex_unlock(&chip->mutex);
1396
1397 return ret;
1398}
1399
1400static int cfi_intelext_point(struct mtd_info *mtd, loff_t from, size_t len,
1401 size_t *retlen, void **virt, resource_size_t *phys)
1402{
1403 struct map_info *map = mtd->priv;
1404 struct cfi_private *cfi = map->fldrv_priv;
1405 unsigned long ofs, last_end = 0;
1406 int chipnum;
1407 int ret;
1408
1409 if (!map->virt)
1410 return -EINVAL;
1411
1412 /* Now lock the chip(s) to POINT state */
1413
1414 /* ofs: offset within the first chip that the first read should start */
1415 chipnum = (from >> cfi->chipshift);
1416 ofs = from - (chipnum << cfi->chipshift);
1417
1418 *virt = map->virt + cfi->chips[chipnum].start + ofs;
1419 if (phys)
1420 *phys = map->phys + cfi->chips[chipnum].start + ofs;
1421
1422 while (len) {
1423 unsigned long thislen;
1424
1425 if (chipnum >= cfi->numchips)
1426 break;
1427
1428 /* We cannot point across chips that are virtually disjoint */
1429 if (!last_end)
1430 last_end = cfi->chips[chipnum].start;
1431 else if (cfi->chips[chipnum].start != last_end)
1432 break;
1433
1434 if ((len + ofs -1) >> cfi->chipshift)
1435 thislen = (1<<cfi->chipshift) - ofs;
1436 else
1437 thislen = len;
1438
1439 ret = do_point_onechip(map, &cfi->chips[chipnum], ofs, thislen);
1440 if (ret)
1441 break;
1442
1443 *retlen += thislen;
1444 len -= thislen;
1445
1446 ofs = 0;
1447 last_end += 1 << cfi->chipshift;
1448 chipnum++;
1449 }
1450 return 0;
1451}
1452
1453static int cfi_intelext_unpoint(struct mtd_info *mtd, loff_t from, size_t len)
1454{
1455 struct map_info *map = mtd->priv;
1456 struct cfi_private *cfi = map->fldrv_priv;
1457 unsigned long ofs;
1458 int chipnum, err = 0;
1459
1460 /* Now unlock the chip(s) POINT state */
1461
1462 /* ofs: offset within the first chip that the first read should start */
1463 chipnum = (from >> cfi->chipshift);
1464 ofs = from - (chipnum << cfi->chipshift);
1465
1466 while (len && !err) {
1467 unsigned long thislen;
1468 struct flchip *chip;
1469
1470 chip = &cfi->chips[chipnum];
1471 if (chipnum >= cfi->numchips)
1472 break;
1473
1474 if ((len + ofs -1) >> cfi->chipshift)
1475 thislen = (1<<cfi->chipshift) - ofs;
1476 else
1477 thislen = len;
1478
1479 mutex_lock(&chip->mutex);
1480 if (chip->state == FL_POINT) {
1481 chip->ref_point_counter--;
1482 if(chip->ref_point_counter == 0)
1483 chip->state = FL_READY;
1484 } else {
1485 printk(KERN_ERR "%s: Error: unpoint called on non pointed region\n", map->name);
1486 err = -EINVAL;
1487 }
1488
1489 put_chip(map, chip, chip->start);
1490 mutex_unlock(&chip->mutex);
1491
1492 len -= thislen;
1493 ofs = 0;
1494 chipnum++;
1495 }
1496
1497 return err;
1498}
1499
1500static inline int do_read_onechip(struct map_info *map, struct flchip *chip, loff_t adr, size_t len, u_char *buf)
1501{
1502 unsigned long cmd_addr;
1503 struct cfi_private *cfi = map->fldrv_priv;
1504 int ret;
1505
1506 adr += chip->start;
1507
1508 /* Ensure cmd read/writes are aligned. */
1509 cmd_addr = adr & ~(map_bankwidth(map)-1);
1510
1511 mutex_lock(&chip->mutex);
1512 ret = get_chip(map, chip, cmd_addr, FL_READY);
1513 if (ret) {
1514 mutex_unlock(&chip->mutex);
1515 return ret;
1516 }
1517
1518 if (chip->state != FL_POINT && chip->state != FL_READY) {
1519 map_write(map, CMD(0xff), cmd_addr);
1520
1521 chip->state = FL_READY;
1522 }
1523
1524 map_copy_from(map, buf, adr, len);
1525
1526 put_chip(map, chip, cmd_addr);
1527
1528 mutex_unlock(&chip->mutex);
1529 return 0;
1530}
1531
1532static int cfi_intelext_read (struct mtd_info *mtd, loff_t from, size_t len, size_t *retlen, u_char *buf)
1533{
1534 struct map_info *map = mtd->priv;
1535 struct cfi_private *cfi = map->fldrv_priv;
1536 unsigned long ofs;
1537 int chipnum;
1538 int ret = 0;
1539
1540 /* ofs: offset within the first chip that the first read should start */
1541 chipnum = (from >> cfi->chipshift);
1542 ofs = from - (chipnum << cfi->chipshift);
1543
1544 while (len) {
1545 unsigned long thislen;
1546
1547 if (chipnum >= cfi->numchips)
1548 break;
1549
1550 if ((len + ofs -1) >> cfi->chipshift)
1551 thislen = (1<<cfi->chipshift) - ofs;
1552 else
1553 thislen = len;
1554
1555 ret = do_read_onechip(map, &cfi->chips[chipnum], ofs, thislen, buf);
1556 if (ret)
1557 break;
1558
1559 *retlen += thislen;
1560 len -= thislen;
1561 buf += thislen;
1562
1563 ofs = 0;
1564 chipnum++;
1565 }
1566 return ret;
1567}
1568
1569static int __xipram do_write_oneword(struct map_info *map, struct flchip *chip,
1570 unsigned long adr, map_word datum, int mode)
1571{
1572 struct cfi_private *cfi = map->fldrv_priv;
1573 map_word status, write_cmd;
1574 int ret;
1575
1576 adr += chip->start;
1577
1578 switch (mode) {
1579 case FL_WRITING:
1580 write_cmd = (cfi->cfiq->P_ID != P_ID_INTEL_PERFORMANCE) ? CMD(0x40) : CMD(0x41);
1581 break;
1582 case FL_OTP_WRITE:
1583 write_cmd = CMD(0xc0);
1584 break;
1585 default:
1586 return -EINVAL;
1587 }
1588
1589 mutex_lock(&chip->mutex);
1590 ret = get_chip(map, chip, adr, mode);
1591 if (ret) {
1592 mutex_unlock(&chip->mutex);
1593 return ret;
1594 }
1595
1596 XIP_INVAL_CACHED_RANGE(map, adr, map_bankwidth(map));
1597 ENABLE_VPP(map);
1598 xip_disable(map, chip, adr);
1599 map_write(map, write_cmd, adr);
1600 map_write(map, datum, adr);
1601 chip->state = mode;
1602
1603 ret = INVAL_CACHE_AND_WAIT(map, chip, adr,
1604 adr, map_bankwidth(map),
1605 chip->word_write_time,
1606 chip->word_write_time_max);
1607 if (ret) {
1608 xip_enable(map, chip, adr);
1609 printk(KERN_ERR "%s: word write error (status timeout)\n", map->name);
1610 goto out;
1611 }
1612
1613 /* check for errors */
1614 status = map_read(map, adr);
1615 if (map_word_bitsset(map, status, CMD(0x1a))) {
1616 unsigned long chipstatus = MERGESTATUS(status);
1617
1618 /* reset status */
1619 map_write(map, CMD(0x50), adr);
1620 map_write(map, CMD(0x70), adr);
1621 xip_enable(map, chip, adr);
1622
1623 if (chipstatus & 0x02) {
1624 ret = -EROFS;
1625 } else if (chipstatus & 0x08) {
1626 printk(KERN_ERR "%s: word write error (bad VPP)\n", map->name);
1627 ret = -EIO;
1628 } else {
1629 printk(KERN_ERR "%s: word write error (status 0x%lx)\n", map->name, chipstatus);
1630 ret = -EINVAL;
1631 }
1632
1633 goto out;
1634 }
1635
1636 xip_enable(map, chip, adr);
1637 out: DISABLE_VPP(map);
1638 put_chip(map, chip, adr);
1639 mutex_unlock(&chip->mutex);
1640 return ret;
1641}
1642
1643
1644static int cfi_intelext_write_words (struct mtd_info *mtd, loff_t to , size_t len, size_t *retlen, const u_char *buf)
1645{
1646 struct map_info *map = mtd->priv;
1647 struct cfi_private *cfi = map->fldrv_priv;
1648 int ret;
1649 int chipnum;
1650 unsigned long ofs;
1651
1652 chipnum = to >> cfi->chipshift;
1653 ofs = to - (chipnum << cfi->chipshift);
1654
1655 /* If it's not bus-aligned, do the first byte write */
1656 if (ofs & (map_bankwidth(map)-1)) {
1657 unsigned long bus_ofs = ofs & ~(map_bankwidth(map)-1);
1658 int gap = ofs - bus_ofs;
1659 int n;
1660 map_word datum;
1661
1662 n = min_t(int, len, map_bankwidth(map)-gap);
1663 datum = map_word_ff(map);
1664 datum = map_word_load_partial(map, datum, buf, gap, n);
1665
1666 ret = do_write_oneword(map, &cfi->chips[chipnum],
1667 bus_ofs, datum, FL_WRITING);
1668 if (ret)
1669 return ret;
1670
1671 len -= n;
1672 ofs += n;
1673 buf += n;
1674 (*retlen) += n;
1675
1676 if (ofs >> cfi->chipshift) {
1677 chipnum ++;
1678 ofs = 0;
1679 if (chipnum == cfi->numchips)
1680 return 0;
1681 }
1682 }
1683
1684 while(len >= map_bankwidth(map)) {
1685 map_word datum = map_word_load(map, buf);
1686
1687 ret = do_write_oneword(map, &cfi->chips[chipnum],
1688 ofs, datum, FL_WRITING);
1689 if (ret)
1690 return ret;
1691
1692 ofs += map_bankwidth(map);
1693 buf += map_bankwidth(map);
1694 (*retlen) += map_bankwidth(map);
1695 len -= map_bankwidth(map);
1696
1697 if (ofs >> cfi->chipshift) {
1698 chipnum ++;
1699 ofs = 0;
1700 if (chipnum == cfi->numchips)
1701 return 0;
1702 }
1703 }
1704
1705 if (len & (map_bankwidth(map)-1)) {
1706 map_word datum;
1707
1708 datum = map_word_ff(map);
1709 datum = map_word_load_partial(map, datum, buf, 0, len);
1710
1711 ret = do_write_oneword(map, &cfi->chips[chipnum],
1712 ofs, datum, FL_WRITING);
1713 if (ret)
1714 return ret;
1715
1716 (*retlen) += len;
1717 }
1718
1719 return 0;
1720}
1721
1722
1723static int __xipram do_write_buffer(struct map_info *map, struct flchip *chip,
1724 unsigned long adr, const struct kvec **pvec,
1725 unsigned long *pvec_seek, int len)
1726{
1727 struct cfi_private *cfi = map->fldrv_priv;
1728 map_word status, write_cmd, datum;
1729 unsigned long cmd_adr;
1730 int ret, wbufsize, word_gap, words;
1731 const struct kvec *vec;
1732 unsigned long vec_seek;
1733 unsigned long initial_adr;
1734 int initial_len = len;
1735
1736 wbufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
1737 adr += chip->start;
1738 initial_adr = adr;
1739 cmd_adr = adr & ~(wbufsize-1);
1740
1741 /* Sharp LH28F640BF chips need the first address for the
1742 * Page Buffer Program command. See Table 5 of
1743 * LH28F320BF, LH28F640BF, LH28F128BF Series (Appendix FUM00701) */
1744 if (is_LH28F640BF(cfi))
1745 cmd_adr = adr;
1746
1747 /* Let's determine this according to the interleave only once */
1748 write_cmd = (cfi->cfiq->P_ID != P_ID_INTEL_PERFORMANCE) ? CMD(0xe8) : CMD(0xe9);
1749
1750 mutex_lock(&chip->mutex);
1751 ret = get_chip(map, chip, cmd_adr, FL_WRITING);
1752 if (ret) {
1753 mutex_unlock(&chip->mutex);
1754 return ret;
1755 }
1756
1757 XIP_INVAL_CACHED_RANGE(map, initial_adr, initial_len);
1758 ENABLE_VPP(map);
1759 xip_disable(map, chip, cmd_adr);
1760
1761 /* §4.8 of the 28FxxxJ3A datasheet says "Any time SR.4 and/or SR.5 is set
1762 [...], the device will not accept any more Write to Buffer commands".
1763 So we must check here and reset those bits if they're set. Otherwise
1764 we're just pissing in the wind */
1765 if (chip->state != FL_STATUS) {
1766 map_write(map, CMD(0x70), cmd_adr);
1767 chip->state = FL_STATUS;
1768 }
1769 status = map_read(map, cmd_adr);
1770 if (map_word_bitsset(map, status, CMD(0x30))) {
1771 xip_enable(map, chip, cmd_adr);
1772 printk(KERN_WARNING "SR.4 or SR.5 bits set in buffer write (status %lx). Clearing.\n", status.x[0]);
1773 xip_disable(map, chip, cmd_adr);
1774 map_write(map, CMD(0x50), cmd_adr);
1775 map_write(map, CMD(0x70), cmd_adr);
1776 }
1777
1778 chip->state = FL_WRITING_TO_BUFFER;
1779 map_write(map, write_cmd, cmd_adr);
1780 ret = WAIT_TIMEOUT(map, chip, cmd_adr, 0, 0);
1781 if (ret) {
1782 /* Argh. Not ready for write to buffer */
1783 map_word Xstatus = map_read(map, cmd_adr);
1784 map_write(map, CMD(0x70), cmd_adr);
1785 chip->state = FL_STATUS;
1786 status = map_read(map, cmd_adr);
1787 map_write(map, CMD(0x50), cmd_adr);
1788 map_write(map, CMD(0x70), cmd_adr);
1789 xip_enable(map, chip, cmd_adr);
1790 printk(KERN_ERR "%s: Chip not ready for buffer write. Xstatus = %lx, status = %lx\n",
1791 map->name, Xstatus.x[0], status.x[0]);
1792 goto out;
1793 }
1794
1795 /* Figure out the number of words to write */
1796 word_gap = (-adr & (map_bankwidth(map)-1));
1797 words = DIV_ROUND_UP(len - word_gap, map_bankwidth(map));
1798 if (!word_gap) {
1799 words--;
1800 } else {
1801 word_gap = map_bankwidth(map) - word_gap;
1802 adr -= word_gap;
1803 datum = map_word_ff(map);
1804 }
1805
1806 /* Write length of data to come */
1807 map_write(map, CMD(words), cmd_adr );
1808
1809 /* Write data */
1810 vec = *pvec;
1811 vec_seek = *pvec_seek;
1812 do {
1813 int n = map_bankwidth(map) - word_gap;
1814 if (n > vec->iov_len - vec_seek)
1815 n = vec->iov_len - vec_seek;
1816 if (n > len)
1817 n = len;
1818
1819 if (!word_gap && len < map_bankwidth(map))
1820 datum = map_word_ff(map);
1821
1822 datum = map_word_load_partial(map, datum,
1823 vec->iov_base + vec_seek,
1824 word_gap, n);
1825
1826 len -= n;
1827 word_gap += n;
1828 if (!len || word_gap == map_bankwidth(map)) {
1829 map_write(map, datum, adr);
1830 adr += map_bankwidth(map);
1831 word_gap = 0;
1832 }
1833
1834 vec_seek += n;
1835 if (vec_seek == vec->iov_len) {
1836 vec++;
1837 vec_seek = 0;
1838 }
1839 } while (len);
1840 *pvec = vec;
1841 *pvec_seek = vec_seek;
1842
1843 /* GO GO GO */
1844 map_write(map, CMD(0xd0), cmd_adr);
1845 chip->state = FL_WRITING;
1846
1847 ret = INVAL_CACHE_AND_WAIT(map, chip, cmd_adr,
1848 initial_adr, initial_len,
1849 chip->buffer_write_time,
1850 chip->buffer_write_time_max);
1851 if (ret) {
1852 map_write(map, CMD(0x70), cmd_adr);
1853 chip->state = FL_STATUS;
1854 xip_enable(map, chip, cmd_adr);
1855 printk(KERN_ERR "%s: buffer write error (status timeout)\n", map->name);
1856 goto out;
1857 }
1858
1859 /* check for errors */
1860 status = map_read(map, cmd_adr);
1861 if (map_word_bitsset(map, status, CMD(0x1a))) {
1862 unsigned long chipstatus = MERGESTATUS(status);
1863
1864 /* reset status */
1865 map_write(map, CMD(0x50), cmd_adr);
1866 map_write(map, CMD(0x70), cmd_adr);
1867 xip_enable(map, chip, cmd_adr);
1868
1869 if (chipstatus & 0x02) {
1870 ret = -EROFS;
1871 } else if (chipstatus & 0x08) {
1872 printk(KERN_ERR "%s: buffer write error (bad VPP)\n", map->name);
1873 ret = -EIO;
1874 } else {
1875 printk(KERN_ERR "%s: buffer write error (status 0x%lx)\n", map->name, chipstatus);
1876 ret = -EINVAL;
1877 }
1878
1879 goto out;
1880 }
1881
1882 xip_enable(map, chip, cmd_adr);
1883 out: DISABLE_VPP(map);
1884 put_chip(map, chip, cmd_adr);
1885 mutex_unlock(&chip->mutex);
1886 return ret;
1887}
1888
1889static int cfi_intelext_writev (struct mtd_info *mtd, const struct kvec *vecs,
1890 unsigned long count, loff_t to, size_t *retlen)
1891{
1892 struct map_info *map = mtd->priv;
1893 struct cfi_private *cfi = map->fldrv_priv;
1894 int wbufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
1895 int ret;
1896 int chipnum;
1897 unsigned long ofs, vec_seek, i;
1898 size_t len = 0;
1899
1900 for (i = 0; i < count; i++)
1901 len += vecs[i].iov_len;
1902
1903 if (!len)
1904 return 0;
1905
1906 chipnum = to >> cfi->chipshift;
1907 ofs = to - (chipnum << cfi->chipshift);
1908 vec_seek = 0;
1909
1910 do {
1911 /* We must not cross write block boundaries */
1912 int size = wbufsize - (ofs & (wbufsize-1));
1913
1914 if (size > len)
1915 size = len;
1916 ret = do_write_buffer(map, &cfi->chips[chipnum],
1917 ofs, &vecs, &vec_seek, size);
1918 if (ret)
1919 return ret;
1920
1921 ofs += size;
1922 (*retlen) += size;
1923 len -= size;
1924
1925 if (ofs >> cfi->chipshift) {
1926 chipnum ++;
1927 ofs = 0;
1928 if (chipnum == cfi->numchips)
1929 return 0;
1930 }
1931
1932 /* Be nice and reschedule with the chip in a usable state for other
1933 processes. */
1934 cond_resched();
1935
1936 } while (len);
1937
1938 return 0;
1939}
1940
1941static int cfi_intelext_write_buffers (struct mtd_info *mtd, loff_t to,
1942 size_t len, size_t *retlen, const u_char *buf)
1943{
1944 struct kvec vec;
1945
1946 vec.iov_base = (void *) buf;
1947 vec.iov_len = len;
1948
1949 return cfi_intelext_writev(mtd, &vec, 1, to, retlen);
1950}
1951
1952static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip,
1953 unsigned long adr, int len, void *thunk)
1954{
1955 struct cfi_private *cfi = map->fldrv_priv;
1956 map_word status;
1957 int retries = 3;
1958 int ret;
1959
1960 adr += chip->start;
1961
1962 retry:
1963 mutex_lock(&chip->mutex);
1964 ret = get_chip(map, chip, adr, FL_ERASING);
1965 if (ret) {
1966 mutex_unlock(&chip->mutex);
1967 return ret;
1968 }
1969
1970 XIP_INVAL_CACHED_RANGE(map, adr, len);
1971 ENABLE_VPP(map);
1972 xip_disable(map, chip, adr);
1973
1974 /* Clear the status register first */
1975 map_write(map, CMD(0x50), adr);
1976
1977 /* Now erase */
1978 map_write(map, CMD(0x20), adr);
1979 map_write(map, CMD(0xD0), adr);
1980 chip->state = FL_ERASING;
1981 chip->erase_suspended = 0;
1982 chip->in_progress_block_addr = adr;
1983 chip->in_progress_block_mask = ~(len - 1);
1984
1985 ret = INVAL_CACHE_AND_WAIT(map, chip, adr,
1986 adr, len,
1987 chip->erase_time,
1988 chip->erase_time_max);
1989 if (ret) {
1990 map_write(map, CMD(0x70), adr);
1991 chip->state = FL_STATUS;
1992 xip_enable(map, chip, adr);
1993 printk(KERN_ERR "%s: block erase error: (status timeout)\n", map->name);
1994 goto out;
1995 }
1996
1997 /* We've broken this before. It doesn't hurt to be safe */
1998 map_write(map, CMD(0x70), adr);
1999 chip->state = FL_STATUS;
2000 status = map_read(map, adr);
2001
2002 /* check for errors */
2003 if (map_word_bitsset(map, status, CMD(0x3a))) {
2004 unsigned long chipstatus = MERGESTATUS(status);
2005
2006 /* Reset the error bits */
2007 map_write(map, CMD(0x50), adr);
2008 map_write(map, CMD(0x70), adr);
2009 xip_enable(map, chip, adr);
2010
2011 if ((chipstatus & 0x30) == 0x30) {
2012 printk(KERN_ERR "%s: block erase error: (bad command sequence, status 0x%lx)\n", map->name, chipstatus);
2013 ret = -EINVAL;
2014 } else if (chipstatus & 0x02) {
2015 /* Protection bit set */
2016 ret = -EROFS;
2017 } else if (chipstatus & 0x8) {
2018 /* Voltage */
2019 printk(KERN_ERR "%s: block erase error: (bad VPP)\n", map->name);
2020 ret = -EIO;
2021 } else if (chipstatus & 0x20 && retries--) {
2022 printk(KERN_DEBUG "block erase failed at 0x%08lx: status 0x%lx. Retrying...\n", adr, chipstatus);
2023 DISABLE_VPP(map);
2024 put_chip(map, chip, adr);
2025 mutex_unlock(&chip->mutex);
2026 goto retry;
2027 } else {
2028 printk(KERN_ERR "%s: block erase failed at 0x%08lx (status 0x%lx)\n", map->name, adr, chipstatus);
2029 ret = -EIO;
2030 }
2031
2032 goto out;
2033 }
2034
2035 xip_enable(map, chip, adr);
2036 out: DISABLE_VPP(map);
2037 put_chip(map, chip, adr);
2038 mutex_unlock(&chip->mutex);
2039 return ret;
2040}
2041
2042static int cfi_intelext_erase_varsize(struct mtd_info *mtd, struct erase_info *instr)
2043{
2044 return cfi_varsize_frob(mtd, do_erase_oneblock, instr->addr,
2045 instr->len, NULL);
2046}
2047
2048static void cfi_intelext_sync (struct mtd_info *mtd)
2049{
2050 struct map_info *map = mtd->priv;
2051 struct cfi_private *cfi = map->fldrv_priv;
2052 int i;
2053 struct flchip *chip;
2054 int ret = 0;
2055
2056 for (i=0; !ret && i<cfi->numchips; i++) {
2057 chip = &cfi->chips[i];
2058
2059 mutex_lock(&chip->mutex);
2060 ret = get_chip(map, chip, chip->start, FL_SYNCING);
2061
2062 if (!ret) {
2063 chip->oldstate = chip->state;
2064 chip->state = FL_SYNCING;
2065 /* No need to wake_up() on this state change -
2066 * as the whole point is that nobody can do anything
2067 * with the chip now anyway.
2068 */
2069 }
2070 mutex_unlock(&chip->mutex);
2071 }
2072
2073 /* Unlock the chips again */
2074
2075 for (i--; i >=0; i--) {
2076 chip = &cfi->chips[i];
2077
2078 mutex_lock(&chip->mutex);
2079
2080 if (chip->state == FL_SYNCING) {
2081 chip->state = chip->oldstate;
2082 chip->oldstate = FL_READY;
2083 wake_up(&chip->wq);
2084 }
2085 mutex_unlock(&chip->mutex);
2086 }
2087}
2088
2089static int __xipram do_getlockstatus_oneblock(struct map_info *map,
2090 struct flchip *chip,
2091 unsigned long adr,
2092 int len, void *thunk)
2093{
2094 struct cfi_private *cfi = map->fldrv_priv;
2095 int status, ofs_factor = cfi->interleave * cfi->device_type;
2096
2097 adr += chip->start;
2098 xip_disable(map, chip, adr+(2*ofs_factor));
2099 map_write(map, CMD(0x90), adr+(2*ofs_factor));
2100 chip->state = FL_JEDEC_QUERY;
2101 status = cfi_read_query(map, adr+(2*ofs_factor));
2102 xip_enable(map, chip, 0);
2103 return status;
2104}
2105
2106#ifdef DEBUG_LOCK_BITS
2107static int __xipram do_printlockstatus_oneblock(struct map_info *map,
2108 struct flchip *chip,
2109 unsigned long adr,
2110 int len, void *thunk)
2111{
2112 printk(KERN_DEBUG "block status register for 0x%08lx is %x\n",
2113 adr, do_getlockstatus_oneblock(map, chip, adr, len, thunk));
2114 return 0;
2115}
2116#endif
2117
2118#define DO_XXLOCK_ONEBLOCK_LOCK ((void *) 1)
2119#define DO_XXLOCK_ONEBLOCK_UNLOCK ((void *) 2)
2120
2121static int __xipram do_xxlock_oneblock(struct map_info *map, struct flchip *chip,
2122 unsigned long adr, int len, void *thunk)
2123{
2124 struct cfi_private *cfi = map->fldrv_priv;
2125 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
2126 int mdelay;
2127 int ret;
2128
2129 adr += chip->start;
2130
2131 mutex_lock(&chip->mutex);
2132 ret = get_chip(map, chip, adr, FL_LOCKING);
2133 if (ret) {
2134 mutex_unlock(&chip->mutex);
2135 return ret;
2136 }
2137
2138 ENABLE_VPP(map);
2139 xip_disable(map, chip, adr);
2140
2141 map_write(map, CMD(0x60), adr);
2142 if (thunk == DO_XXLOCK_ONEBLOCK_LOCK) {
2143 map_write(map, CMD(0x01), adr);
2144 chip->state = FL_LOCKING;
2145 } else if (thunk == DO_XXLOCK_ONEBLOCK_UNLOCK) {
2146 map_write(map, CMD(0xD0), adr);
2147 chip->state = FL_UNLOCKING;
2148 } else
2149 BUG();
2150
2151 /*
2152 * If Instant Individual Block Locking supported then no need
2153 * to delay.
2154 */
2155 /*
2156 * Unlocking may take up to 1.4 seconds on some Intel flashes. So
2157 * lets use a max of 1.5 seconds (1500ms) as timeout.
2158 *
2159 * See "Clear Block Lock-Bits Time" on page 40 in
2160 * "3 Volt Intel StrataFlash Memory" 28F128J3,28F640J3,28F320J3 manual
2161 * from February 2003
2162 */
2163 mdelay = (!extp || !(extp->FeatureSupport & (1 << 5))) ? 1500 : 0;
2164
2165 ret = WAIT_TIMEOUT(map, chip, adr, mdelay, mdelay * 1000);
2166 if (ret) {
2167 map_write(map, CMD(0x70), adr);
2168 chip->state = FL_STATUS;
2169 xip_enable(map, chip, adr);
2170 printk(KERN_ERR "%s: block unlock error: (status timeout)\n", map->name);
2171 goto out;
2172 }
2173
2174 xip_enable(map, chip, adr);
2175 out: DISABLE_VPP(map);
2176 put_chip(map, chip, adr);
2177 mutex_unlock(&chip->mutex);
2178 return ret;
2179}
2180
2181static int cfi_intelext_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len)
2182{
2183 int ret;
2184
2185#ifdef DEBUG_LOCK_BITS
2186 printk(KERN_DEBUG "%s: lock status before, ofs=0x%08llx, len=0x%08X\n",
2187 __func__, ofs, len);
2188 cfi_varsize_frob(mtd, do_printlockstatus_oneblock,
2189 ofs, len, NULL);
2190#endif
2191
2192 ret = cfi_varsize_frob(mtd, do_xxlock_oneblock,
2193 ofs, len, DO_XXLOCK_ONEBLOCK_LOCK);
2194
2195#ifdef DEBUG_LOCK_BITS
2196 printk(KERN_DEBUG "%s: lock status after, ret=%d\n",
2197 __func__, ret);
2198 cfi_varsize_frob(mtd, do_printlockstatus_oneblock,
2199 ofs, len, NULL);
2200#endif
2201
2202 return ret;
2203}
2204
2205static int cfi_intelext_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len)
2206{
2207 int ret;
2208
2209#ifdef DEBUG_LOCK_BITS
2210 printk(KERN_DEBUG "%s: lock status before, ofs=0x%08llx, len=0x%08X\n",
2211 __func__, ofs, len);
2212 cfi_varsize_frob(mtd, do_printlockstatus_oneblock,
2213 ofs, len, NULL);
2214#endif
2215
2216 ret = cfi_varsize_frob(mtd, do_xxlock_oneblock,
2217 ofs, len, DO_XXLOCK_ONEBLOCK_UNLOCK);
2218
2219#ifdef DEBUG_LOCK_BITS
2220 printk(KERN_DEBUG "%s: lock status after, ret=%d\n",
2221 __func__, ret);
2222 cfi_varsize_frob(mtd, do_printlockstatus_oneblock,
2223 ofs, len, NULL);
2224#endif
2225
2226 return ret;
2227}
2228
2229static int cfi_intelext_is_locked(struct mtd_info *mtd, loff_t ofs,
2230 uint64_t len)
2231{
2232 return cfi_varsize_frob(mtd, do_getlockstatus_oneblock,
2233 ofs, len, NULL) ? 1 : 0;
2234}
2235
2236#ifdef CONFIG_MTD_OTP
2237
2238typedef int (*otp_op_t)(struct map_info *map, struct flchip *chip,
2239 u_long data_offset, u_char *buf, u_int size,
2240 u_long prot_offset, u_int groupno, u_int groupsize);
2241
2242static int __xipram
2243do_otp_read(struct map_info *map, struct flchip *chip, u_long offset,
2244 u_char *buf, u_int size, u_long prot, u_int grpno, u_int grpsz)
2245{
2246 struct cfi_private *cfi = map->fldrv_priv;
2247 int ret;
2248
2249 mutex_lock(&chip->mutex);
2250 ret = get_chip(map, chip, chip->start, FL_JEDEC_QUERY);
2251 if (ret) {
2252 mutex_unlock(&chip->mutex);
2253 return ret;
2254 }
2255
2256 /* let's ensure we're not reading back cached data from array mode */
2257 INVALIDATE_CACHED_RANGE(map, chip->start + offset, size);
2258
2259 xip_disable(map, chip, chip->start);
2260 if (chip->state != FL_JEDEC_QUERY) {
2261 map_write(map, CMD(0x90), chip->start);
2262 chip->state = FL_JEDEC_QUERY;
2263 }
2264 map_copy_from(map, buf, chip->start + offset, size);
2265 xip_enable(map, chip, chip->start);
2266
2267 /* then ensure we don't keep OTP data in the cache */
2268 INVALIDATE_CACHED_RANGE(map, chip->start + offset, size);
2269
2270 put_chip(map, chip, chip->start);
2271 mutex_unlock(&chip->mutex);
2272 return 0;
2273}
2274
2275static int
2276do_otp_write(struct map_info *map, struct flchip *chip, u_long offset,
2277 u_char *buf, u_int size, u_long prot, u_int grpno, u_int grpsz)
2278{
2279 int ret;
2280
2281 while (size) {
2282 unsigned long bus_ofs = offset & ~(map_bankwidth(map)-1);
2283 int gap = offset - bus_ofs;
2284 int n = min_t(int, size, map_bankwidth(map)-gap);
2285 map_word datum = map_word_ff(map);
2286
2287 datum = map_word_load_partial(map, datum, buf, gap, n);
2288 ret = do_write_oneword(map, chip, bus_ofs, datum, FL_OTP_WRITE);
2289 if (ret)
2290 return ret;
2291
2292 offset += n;
2293 buf += n;
2294 size -= n;
2295 }
2296
2297 return 0;
2298}
2299
2300static int
2301do_otp_lock(struct map_info *map, struct flchip *chip, u_long offset,
2302 u_char *buf, u_int size, u_long prot, u_int grpno, u_int grpsz)
2303{
2304 struct cfi_private *cfi = map->fldrv_priv;
2305 map_word datum;
2306
2307 /* make sure area matches group boundaries */
2308 if (size != grpsz)
2309 return -EXDEV;
2310
2311 datum = map_word_ff(map);
2312 datum = map_word_clr(map, datum, CMD(1 << grpno));
2313 return do_write_oneword(map, chip, prot, datum, FL_OTP_WRITE);
2314}
2315
2316static int cfi_intelext_otp_walk(struct mtd_info *mtd, loff_t from, size_t len,
2317 size_t *retlen, u_char *buf,
2318 otp_op_t action, int user_regs)
2319{
2320 struct map_info *map = mtd->priv;
2321 struct cfi_private *cfi = map->fldrv_priv;
2322 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
2323 struct flchip *chip;
2324 struct cfi_intelext_otpinfo *otp;
2325 u_long devsize, reg_prot_offset, data_offset;
2326 u_int chip_num, chip_step, field, reg_fact_size, reg_user_size;
2327 u_int groups, groupno, groupsize, reg_fact_groups, reg_user_groups;
2328 int ret;
2329
2330 *retlen = 0;
2331
2332 /* Check that we actually have some OTP registers */
2333 if (!extp || !(extp->FeatureSupport & 64) || !extp->NumProtectionFields)
2334 return -ENODATA;
2335
2336 /* we need real chips here not virtual ones */
2337 devsize = (1 << cfi->cfiq->DevSize) * cfi->interleave;
2338 chip_step = devsize >> cfi->chipshift;
2339 chip_num = 0;
2340
2341 /* Some chips have OTP located in the _top_ partition only.
2342 For example: Intel 28F256L18T (T means top-parameter device) */
2343 if (cfi->mfr == CFI_MFR_INTEL) {
2344 switch (cfi->id) {
2345 case 0x880b:
2346 case 0x880c:
2347 case 0x880d:
2348 chip_num = chip_step - 1;
2349 }
2350 }
2351
2352 for ( ; chip_num < cfi->numchips; chip_num += chip_step) {
2353 chip = &cfi->chips[chip_num];
2354 otp = (struct cfi_intelext_otpinfo *)&extp->extra[0];
2355
2356 /* first OTP region */
2357 field = 0;
2358 reg_prot_offset = extp->ProtRegAddr;
2359 reg_fact_groups = 1;
2360 reg_fact_size = 1 << extp->FactProtRegSize;
2361 reg_user_groups = 1;
2362 reg_user_size = 1 << extp->UserProtRegSize;
2363
2364 while (len > 0) {
2365 /* flash geometry fixup */
2366 data_offset = reg_prot_offset + 1;
2367 data_offset *= cfi->interleave * cfi->device_type;
2368 reg_prot_offset *= cfi->interleave * cfi->device_type;
2369 reg_fact_size *= cfi->interleave;
2370 reg_user_size *= cfi->interleave;
2371
2372 if (user_regs) {
2373 groups = reg_user_groups;
2374 groupsize = reg_user_size;
2375 /* skip over factory reg area */
2376 groupno = reg_fact_groups;
2377 data_offset += reg_fact_groups * reg_fact_size;
2378 } else {
2379 groups = reg_fact_groups;
2380 groupsize = reg_fact_size;
2381 groupno = 0;
2382 }
2383
2384 while (len > 0 && groups > 0) {
2385 if (!action) {
2386 /*
2387 * Special case: if action is NULL
2388 * we fill buf with otp_info records.
2389 */
2390 struct otp_info *otpinfo;
2391 map_word lockword;
2392 len -= sizeof(struct otp_info);
2393 if (len <= 0)
2394 return -ENOSPC;
2395 ret = do_otp_read(map, chip,
2396 reg_prot_offset,
2397 (u_char *)&lockword,
2398 map_bankwidth(map),
2399 0, 0, 0);
2400 if (ret)
2401 return ret;
2402 otpinfo = (struct otp_info *)buf;
2403 otpinfo->start = from;
2404 otpinfo->length = groupsize;
2405 otpinfo->locked =
2406 !map_word_bitsset(map, lockword,
2407 CMD(1 << groupno));
2408 from += groupsize;
2409 buf += sizeof(*otpinfo);
2410 *retlen += sizeof(*otpinfo);
2411 } else if (from >= groupsize) {
2412 from -= groupsize;
2413 data_offset += groupsize;
2414 } else {
2415 int size = groupsize;
2416 data_offset += from;
2417 size -= from;
2418 from = 0;
2419 if (size > len)
2420 size = len;
2421 ret = action(map, chip, data_offset,
2422 buf, size, reg_prot_offset,
2423 groupno, groupsize);
2424 if (ret < 0)
2425 return ret;
2426 buf += size;
2427 len -= size;
2428 *retlen += size;
2429 data_offset += size;
2430 }
2431 groupno++;
2432 groups--;
2433 }
2434
2435 /* next OTP region */
2436 if (++field == extp->NumProtectionFields)
2437 break;
2438 reg_prot_offset = otp->ProtRegAddr;
2439 reg_fact_groups = otp->FactGroups;
2440 reg_fact_size = 1 << otp->FactProtRegSize;
2441 reg_user_groups = otp->UserGroups;
2442 reg_user_size = 1 << otp->UserProtRegSize;
2443 otp++;
2444 }
2445 }
2446
2447 return 0;
2448}
2449
2450static int cfi_intelext_read_fact_prot_reg(struct mtd_info *mtd, loff_t from,
2451 size_t len, size_t *retlen,
2452 u_char *buf)
2453{
2454 return cfi_intelext_otp_walk(mtd, from, len, retlen,
2455 buf, do_otp_read, 0);
2456}
2457
2458static int cfi_intelext_read_user_prot_reg(struct mtd_info *mtd, loff_t from,
2459 size_t len, size_t *retlen,
2460 u_char *buf)
2461{
2462 return cfi_intelext_otp_walk(mtd, from, len, retlen,
2463 buf, do_otp_read, 1);
2464}
2465
2466static int cfi_intelext_write_user_prot_reg(struct mtd_info *mtd, loff_t from,
2467 size_t len, size_t *retlen,
2468 const u_char *buf)
2469{
2470 return cfi_intelext_otp_walk(mtd, from, len, retlen,
2471 (u_char *)buf, do_otp_write, 1);
2472}
2473
2474static int cfi_intelext_lock_user_prot_reg(struct mtd_info *mtd,
2475 loff_t from, size_t len)
2476{
2477 size_t retlen;
2478 return cfi_intelext_otp_walk(mtd, from, len, &retlen,
2479 NULL, do_otp_lock, 1);
2480}
2481
2482static int cfi_intelext_get_fact_prot_info(struct mtd_info *mtd, size_t len,
2483 size_t *retlen, struct otp_info *buf)
2484
2485{
2486 return cfi_intelext_otp_walk(mtd, 0, len, retlen, (u_char *)buf,
2487 NULL, 0);
2488}
2489
2490static int cfi_intelext_get_user_prot_info(struct mtd_info *mtd, size_t len,
2491 size_t *retlen, struct otp_info *buf)
2492{
2493 return cfi_intelext_otp_walk(mtd, 0, len, retlen, (u_char *)buf,
2494 NULL, 1);
2495}
2496
2497#endif
2498
2499static void cfi_intelext_save_locks(struct mtd_info *mtd)
2500{
2501 struct mtd_erase_region_info *region;
2502 int block, status, i;
2503 unsigned long adr;
2504 size_t len;
2505
2506 for (i = 0; i < mtd->numeraseregions; i++) {
2507 region = &mtd->eraseregions[i];
2508 if (!region->lockmap)
2509 continue;
2510
2511 for (block = 0; block < region->numblocks; block++){
2512 len = region->erasesize;
2513 adr = region->offset + block * len;
2514
2515 status = cfi_varsize_frob(mtd,
2516 do_getlockstatus_oneblock, adr, len, NULL);
2517 if (status)
2518 set_bit(block, region->lockmap);
2519 else
2520 clear_bit(block, region->lockmap);
2521 }
2522 }
2523}
2524
2525static int cfi_intelext_suspend(struct mtd_info *mtd)
2526{
2527 struct map_info *map = mtd->priv;
2528 struct cfi_private *cfi = map->fldrv_priv;
2529 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
2530 int i;
2531 struct flchip *chip;
2532 int ret = 0;
2533
2534 if ((mtd->flags & MTD_POWERUP_LOCK)
2535 && extp && (extp->FeatureSupport & (1 << 5)))
2536 cfi_intelext_save_locks(mtd);
2537
2538 for (i=0; !ret && i<cfi->numchips; i++) {
2539 chip = &cfi->chips[i];
2540
2541 mutex_lock(&chip->mutex);
2542
2543 switch (chip->state) {
2544 case FL_READY:
2545 case FL_STATUS:
2546 case FL_CFI_QUERY:
2547 case FL_JEDEC_QUERY:
2548 if (chip->oldstate == FL_READY) {
2549 /* place the chip in a known state before suspend */
2550 map_write(map, CMD(0xFF), cfi->chips[i].start);
2551 chip->oldstate = chip->state;
2552 chip->state = FL_PM_SUSPENDED;
2553 /* No need to wake_up() on this state change -
2554 * as the whole point is that nobody can do anything
2555 * with the chip now anyway.
2556 */
2557 } else {
2558 /* There seems to be an operation pending. We must wait for it. */
2559 printk(KERN_NOTICE "Flash device refused suspend due to pending operation (oldstate %d)\n", chip->oldstate);
2560 ret = -EAGAIN;
2561 }
2562 break;
2563 default:
2564 /* Should we actually wait? Once upon a time these routines weren't
2565 allowed to. Or should we return -EAGAIN, because the upper layers
2566 ought to have already shut down anything which was using the device
2567 anyway? The latter for now. */
2568 printk(KERN_NOTICE "Flash device refused suspend due to active operation (state %d)\n", chip->state);
2569 ret = -EAGAIN;
2570 break;
2571 case FL_PM_SUSPENDED:
2572 break;
2573 }
2574 mutex_unlock(&chip->mutex);
2575 }
2576
2577 /* Unlock the chips again */
2578
2579 if (ret) {
2580 for (i--; i >=0; i--) {
2581 chip = &cfi->chips[i];
2582
2583 mutex_lock(&chip->mutex);
2584
2585 if (chip->state == FL_PM_SUSPENDED) {
2586 /* No need to force it into a known state here,
2587 because we're returning failure, and it didn't
2588 get power cycled */
2589 chip->state = chip->oldstate;
2590 chip->oldstate = FL_READY;
2591 wake_up(&chip->wq);
2592 }
2593 mutex_unlock(&chip->mutex);
2594 }
2595 }
2596
2597 return ret;
2598}
2599
2600static void cfi_intelext_restore_locks(struct mtd_info *mtd)
2601{
2602 struct mtd_erase_region_info *region;
2603 int block, i;
2604 unsigned long adr;
2605 size_t len;
2606
2607 for (i = 0; i < mtd->numeraseregions; i++) {
2608 region = &mtd->eraseregions[i];
2609 if (!region->lockmap)
2610 continue;
2611
2612 for_each_clear_bit(block, region->lockmap, region->numblocks) {
2613 len = region->erasesize;
2614 adr = region->offset + block * len;
2615 cfi_intelext_unlock(mtd, adr, len);
2616 }
2617 }
2618}
2619
2620static void cfi_intelext_resume(struct mtd_info *mtd)
2621{
2622 struct map_info *map = mtd->priv;
2623 struct cfi_private *cfi = map->fldrv_priv;
2624 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
2625 int i;
2626 struct flchip *chip;
2627
2628 for (i=0; i<cfi->numchips; i++) {
2629
2630 chip = &cfi->chips[i];
2631
2632 mutex_lock(&chip->mutex);
2633
2634 /* Go to known state. Chip may have been power cycled */
2635 if (chip->state == FL_PM_SUSPENDED) {
2636 /* Refresh LH28F640BF Partition Config. Register */
2637 fixup_LH28F640BF(mtd);
2638 map_write(map, CMD(0xFF), cfi->chips[i].start);
2639 chip->oldstate = chip->state = FL_READY;
2640 wake_up(&chip->wq);
2641 }
2642
2643 mutex_unlock(&chip->mutex);
2644 }
2645
2646 if ((mtd->flags & MTD_POWERUP_LOCK)
2647 && extp && (extp->FeatureSupport & (1 << 5)))
2648 cfi_intelext_restore_locks(mtd);
2649}
2650
2651static int cfi_intelext_reset(struct mtd_info *mtd)
2652{
2653 struct map_info *map = mtd->priv;
2654 struct cfi_private *cfi = map->fldrv_priv;
2655 int i, ret;
2656
2657 for (i=0; i < cfi->numchips; i++) {
2658 struct flchip *chip = &cfi->chips[i];
2659
2660 /* force the completion of any ongoing operation
2661 and switch to array mode so any bootloader in
2662 flash is accessible for soft reboot. */
2663 mutex_lock(&chip->mutex);
2664 ret = get_chip(map, chip, chip->start, FL_SHUTDOWN);
2665 if (!ret) {
2666 map_write(map, CMD(0xff), chip->start);
2667 chip->state = FL_SHUTDOWN;
2668 put_chip(map, chip, chip->start);
2669 }
2670 mutex_unlock(&chip->mutex);
2671 }
2672
2673 return 0;
2674}
2675
2676static int cfi_intelext_reboot(struct notifier_block *nb, unsigned long val,
2677 void *v)
2678{
2679 struct mtd_info *mtd;
2680
2681 mtd = container_of(nb, struct mtd_info, reboot_notifier);
2682 cfi_intelext_reset(mtd);
2683 return NOTIFY_DONE;
2684}
2685
2686static void cfi_intelext_destroy(struct mtd_info *mtd)
2687{
2688 struct map_info *map = mtd->priv;
2689 struct cfi_private *cfi = map->fldrv_priv;
2690 struct mtd_erase_region_info *region;
2691 int i;
2692 cfi_intelext_reset(mtd);
2693 unregister_reboot_notifier(&mtd->reboot_notifier);
2694 kfree(cfi->cmdset_priv);
2695 kfree(cfi->cfiq);
2696 kfree(cfi->chips[0].priv);
2697 kfree(cfi);
2698 for (i = 0; i < mtd->numeraseregions; i++) {
2699 region = &mtd->eraseregions[i];
2700 kfree(region->lockmap);
2701 }
2702 kfree(mtd->eraseregions);
2703}
2704
2705MODULE_LICENSE("GPL");
2706MODULE_AUTHOR("David Woodhouse <dwmw2@infradead.org> et al.");
2707MODULE_DESCRIPTION("MTD chip driver for Intel/Sharp flash chips");
2708MODULE_ALIAS("cfi_cmdset_0003");
2709MODULE_ALIAS("cfi_cmdset_0200");
1/*
2 * Common Flash Interface support:
3 * Intel Extended Vendor Command Set (ID 0x0001)
4 *
5 * (C) 2000 Red Hat. GPL'd
6 *
7 *
8 * 10/10/2000 Nicolas Pitre <nico@fluxnic.net>
9 * - completely revamped method functions so they are aware and
10 * independent of the flash geometry (buswidth, interleave, etc.)
11 * - scalability vs code size is completely set at compile-time
12 * (see include/linux/mtd/cfi.h for selection)
13 * - optimized write buffer method
14 * 02/05/2002 Christopher Hoover <ch@hpl.hp.com>/<ch@murgatroid.com>
15 * - reworked lock/unlock/erase support for var size flash
16 * 21/03/2007 Rodolfo Giometti <giometti@linux.it>
17 * - auto unlock sectors on resume for auto locking flash on power up
18 */
19
20#include <linux/module.h>
21#include <linux/types.h>
22#include <linux/kernel.h>
23#include <linux/sched.h>
24#include <asm/io.h>
25#include <asm/byteorder.h>
26
27#include <linux/errno.h>
28#include <linux/slab.h>
29#include <linux/delay.h>
30#include <linux/interrupt.h>
31#include <linux/reboot.h>
32#include <linux/bitmap.h>
33#include <linux/mtd/xip.h>
34#include <linux/mtd/map.h>
35#include <linux/mtd/mtd.h>
36#include <linux/mtd/cfi.h>
37
38/* #define CMDSET0001_DISABLE_ERASE_SUSPEND_ON_WRITE */
39/* #define CMDSET0001_DISABLE_WRITE_SUSPEND */
40
41// debugging, turns off buffer write mode if set to 1
42#define FORCE_WORD_WRITE 0
43
44/* Intel chips */
45#define I82802AB 0x00ad
46#define I82802AC 0x00ac
47#define PF38F4476 0x881c
48#define M28F00AP30 0x8963
49/* STMicroelectronics chips */
50#define M50LPW080 0x002F
51#define M50FLW080A 0x0080
52#define M50FLW080B 0x0081
53/* Atmel chips */
54#define AT49BV640D 0x02de
55#define AT49BV640DT 0x02db
56/* Sharp chips */
57#define LH28F640BFHE_PTTL90 0x00b0
58#define LH28F640BFHE_PBTL90 0x00b1
59#define LH28F640BFHE_PTTL70A 0x00b2
60#define LH28F640BFHE_PBTL70A 0x00b3
61
62static int cfi_intelext_read (struct mtd_info *, loff_t, size_t, size_t *, u_char *);
63static int cfi_intelext_write_words(struct mtd_info *, loff_t, size_t, size_t *, const u_char *);
64static int cfi_intelext_write_buffers(struct mtd_info *, loff_t, size_t, size_t *, const u_char *);
65static int cfi_intelext_writev(struct mtd_info *, const struct kvec *, unsigned long, loff_t, size_t *);
66static int cfi_intelext_erase_varsize(struct mtd_info *, struct erase_info *);
67static void cfi_intelext_sync (struct mtd_info *);
68static int cfi_intelext_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len);
69static int cfi_intelext_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len);
70static int cfi_intelext_is_locked(struct mtd_info *mtd, loff_t ofs,
71 uint64_t len);
72#ifdef CONFIG_MTD_OTP
73static int cfi_intelext_read_fact_prot_reg (struct mtd_info *, loff_t, size_t, size_t *, u_char *);
74static int cfi_intelext_read_user_prot_reg (struct mtd_info *, loff_t, size_t, size_t *, u_char *);
75static int cfi_intelext_write_user_prot_reg(struct mtd_info *, loff_t, size_t,
76 size_t *, const u_char *);
77static int cfi_intelext_lock_user_prot_reg (struct mtd_info *, loff_t, size_t);
78static int cfi_intelext_get_fact_prot_info(struct mtd_info *, size_t,
79 size_t *, struct otp_info *);
80static int cfi_intelext_get_user_prot_info(struct mtd_info *, size_t,
81 size_t *, struct otp_info *);
82#endif
83static int cfi_intelext_suspend (struct mtd_info *);
84static void cfi_intelext_resume (struct mtd_info *);
85static int cfi_intelext_reboot (struct notifier_block *, unsigned long, void *);
86
87static void cfi_intelext_destroy(struct mtd_info *);
88
89struct mtd_info *cfi_cmdset_0001(struct map_info *, int);
90
91static struct mtd_info *cfi_intelext_setup (struct mtd_info *);
92static int cfi_intelext_partition_fixup(struct mtd_info *, struct cfi_private **);
93
94static int cfi_intelext_point (struct mtd_info *mtd, loff_t from, size_t len,
95 size_t *retlen, void **virt, resource_size_t *phys);
96static int cfi_intelext_unpoint(struct mtd_info *mtd, loff_t from, size_t len);
97
98static int chip_ready (struct map_info *map, struct flchip *chip, unsigned long adr, int mode);
99static int get_chip(struct map_info *map, struct flchip *chip, unsigned long adr, int mode);
100static void put_chip(struct map_info *map, struct flchip *chip, unsigned long adr);
101#include "fwh_lock.h"
102
103
104
105/*
106 * *********** SETUP AND PROBE BITS ***********
107 */
108
109static struct mtd_chip_driver cfi_intelext_chipdrv = {
110 .probe = NULL, /* Not usable directly */
111 .destroy = cfi_intelext_destroy,
112 .name = "cfi_cmdset_0001",
113 .module = THIS_MODULE
114};
115
116/* #define DEBUG_LOCK_BITS */
117/* #define DEBUG_CFI_FEATURES */
118
119#ifdef DEBUG_CFI_FEATURES
120static void cfi_tell_features(struct cfi_pri_intelext *extp)
121{
122 int i;
123 printk(" Extended Query version %c.%c\n", extp->MajorVersion, extp->MinorVersion);
124 printk(" Feature/Command Support: %4.4X\n", extp->FeatureSupport);
125 printk(" - Chip Erase: %s\n", extp->FeatureSupport&1?"supported":"unsupported");
126 printk(" - Suspend Erase: %s\n", extp->FeatureSupport&2?"supported":"unsupported");
127 printk(" - Suspend Program: %s\n", extp->FeatureSupport&4?"supported":"unsupported");
128 printk(" - Legacy Lock/Unlock: %s\n", extp->FeatureSupport&8?"supported":"unsupported");
129 printk(" - Queued Erase: %s\n", extp->FeatureSupport&16?"supported":"unsupported");
130 printk(" - Instant block lock: %s\n", extp->FeatureSupport&32?"supported":"unsupported");
131 printk(" - Protection Bits: %s\n", extp->FeatureSupport&64?"supported":"unsupported");
132 printk(" - Page-mode read: %s\n", extp->FeatureSupport&128?"supported":"unsupported");
133 printk(" - Synchronous read: %s\n", extp->FeatureSupport&256?"supported":"unsupported");
134 printk(" - Simultaneous operations: %s\n", extp->FeatureSupport&512?"supported":"unsupported");
135 printk(" - Extended Flash Array: %s\n", extp->FeatureSupport&1024?"supported":"unsupported");
136 for (i=11; i<32; i++) {
137 if (extp->FeatureSupport & (1<<i))
138 printk(" - Unknown Bit %X: supported\n", i);
139 }
140
141 printk(" Supported functions after Suspend: %2.2X\n", extp->SuspendCmdSupport);
142 printk(" - Program after Erase Suspend: %s\n", extp->SuspendCmdSupport&1?"supported":"unsupported");
143 for (i=1; i<8; i++) {
144 if (extp->SuspendCmdSupport & (1<<i))
145 printk(" - Unknown Bit %X: supported\n", i);
146 }
147
148 printk(" Block Status Register Mask: %4.4X\n", extp->BlkStatusRegMask);
149 printk(" - Lock Bit Active: %s\n", extp->BlkStatusRegMask&1?"yes":"no");
150 printk(" - Lock-Down Bit Active: %s\n", extp->BlkStatusRegMask&2?"yes":"no");
151 for (i=2; i<3; i++) {
152 if (extp->BlkStatusRegMask & (1<<i))
153 printk(" - Unknown Bit %X Active: yes\n",i);
154 }
155 printk(" - EFA Lock Bit: %s\n", extp->BlkStatusRegMask&16?"yes":"no");
156 printk(" - EFA Lock-Down Bit: %s\n", extp->BlkStatusRegMask&32?"yes":"no");
157 for (i=6; i<16; i++) {
158 if (extp->BlkStatusRegMask & (1<<i))
159 printk(" - Unknown Bit %X Active: yes\n",i);
160 }
161
162 printk(" Vcc Logic Supply Optimum Program/Erase Voltage: %d.%d V\n",
163 extp->VccOptimal >> 4, extp->VccOptimal & 0xf);
164 if (extp->VppOptimal)
165 printk(" Vpp Programming Supply Optimum Program/Erase Voltage: %d.%d V\n",
166 extp->VppOptimal >> 4, extp->VppOptimal & 0xf);
167}
168#endif
169
170/* Atmel chips don't use the same PRI format as Intel chips */
171static void fixup_convert_atmel_pri(struct mtd_info *mtd)
172{
173 struct map_info *map = mtd->priv;
174 struct cfi_private *cfi = map->fldrv_priv;
175 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
176 struct cfi_pri_atmel atmel_pri;
177 uint32_t features = 0;
178
179 /* Reverse byteswapping */
180 extp->FeatureSupport = cpu_to_le32(extp->FeatureSupport);
181 extp->BlkStatusRegMask = cpu_to_le16(extp->BlkStatusRegMask);
182 extp->ProtRegAddr = cpu_to_le16(extp->ProtRegAddr);
183
184 memcpy(&atmel_pri, extp, sizeof(atmel_pri));
185 memset((char *)extp + 5, 0, sizeof(*extp) - 5);
186
187 printk(KERN_ERR "atmel Features: %02x\n", atmel_pri.Features);
188
189 if (atmel_pri.Features & 0x01) /* chip erase supported */
190 features |= (1<<0);
191 if (atmel_pri.Features & 0x02) /* erase suspend supported */
192 features |= (1<<1);
193 if (atmel_pri.Features & 0x04) /* program suspend supported */
194 features |= (1<<2);
195 if (atmel_pri.Features & 0x08) /* simultaneous operations supported */
196 features |= (1<<9);
197 if (atmel_pri.Features & 0x20) /* page mode read supported */
198 features |= (1<<7);
199 if (atmel_pri.Features & 0x40) /* queued erase supported */
200 features |= (1<<4);
201 if (atmel_pri.Features & 0x80) /* Protection bits supported */
202 features |= (1<<6);
203
204 extp->FeatureSupport = features;
205
206 /* burst write mode not supported */
207 cfi->cfiq->BufWriteTimeoutTyp = 0;
208 cfi->cfiq->BufWriteTimeoutMax = 0;
209}
210
211static void fixup_at49bv640dx_lock(struct mtd_info *mtd)
212{
213 struct map_info *map = mtd->priv;
214 struct cfi_private *cfi = map->fldrv_priv;
215 struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
216
217 cfip->FeatureSupport |= (1 << 5);
218 mtd->flags |= MTD_POWERUP_LOCK;
219}
220
221#ifdef CMDSET0001_DISABLE_ERASE_SUSPEND_ON_WRITE
222/* Some Intel Strata Flash prior to FPO revision C has bugs in this area */
223static void fixup_intel_strataflash(struct mtd_info *mtd)
224{
225 struct map_info *map = mtd->priv;
226 struct cfi_private *cfi = map->fldrv_priv;
227 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
228
229 printk(KERN_WARNING "cfi_cmdset_0001: Suspend "
230 "erase on write disabled.\n");
231 extp->SuspendCmdSupport &= ~1;
232}
233#endif
234
235#ifdef CMDSET0001_DISABLE_WRITE_SUSPEND
236static void fixup_no_write_suspend(struct mtd_info *mtd)
237{
238 struct map_info *map = mtd->priv;
239 struct cfi_private *cfi = map->fldrv_priv;
240 struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
241
242 if (cfip && (cfip->FeatureSupport&4)) {
243 cfip->FeatureSupport &= ~4;
244 printk(KERN_WARNING "cfi_cmdset_0001: write suspend disabled\n");
245 }
246}
247#endif
248
249static void fixup_st_m28w320ct(struct mtd_info *mtd)
250{
251 struct map_info *map = mtd->priv;
252 struct cfi_private *cfi = map->fldrv_priv;
253
254 cfi->cfiq->BufWriteTimeoutTyp = 0; /* Not supported */
255 cfi->cfiq->BufWriteTimeoutMax = 0; /* Not supported */
256}
257
258static void fixup_st_m28w320cb(struct mtd_info *mtd)
259{
260 struct map_info *map = mtd->priv;
261 struct cfi_private *cfi = map->fldrv_priv;
262
263 /* Note this is done after the region info is endian swapped */
264 cfi->cfiq->EraseRegionInfo[1] =
265 (cfi->cfiq->EraseRegionInfo[1] & 0xffff0000) | 0x3e;
266};
267
268static int is_LH28F640BF(struct cfi_private *cfi)
269{
270 /* Sharp LH28F640BF Family */
271 if (cfi->mfr == CFI_MFR_SHARP && (
272 cfi->id == LH28F640BFHE_PTTL90 || cfi->id == LH28F640BFHE_PBTL90 ||
273 cfi->id == LH28F640BFHE_PTTL70A || cfi->id == LH28F640BFHE_PBTL70A))
274 return 1;
275 return 0;
276}
277
278static void fixup_LH28F640BF(struct mtd_info *mtd)
279{
280 struct map_info *map = mtd->priv;
281 struct cfi_private *cfi = map->fldrv_priv;
282 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
283
284 /* Reset the Partition Configuration Register on LH28F640BF
285 * to a single partition (PCR = 0x000): PCR is embedded into A0-A15. */
286 if (is_LH28F640BF(cfi)) {
287 printk(KERN_INFO "Reset Partition Config. Register: 1 Partition of 4 planes\n");
288 map_write(map, CMD(0x60), 0);
289 map_write(map, CMD(0x04), 0);
290
291 /* We have set one single partition thus
292 * Simultaneous Operations are not allowed */
293 printk(KERN_INFO "cfi_cmdset_0001: Simultaneous Operations disabled\n");
294 extp->FeatureSupport &= ~512;
295 }
296}
297
298static void fixup_use_point(struct mtd_info *mtd)
299{
300 struct map_info *map = mtd->priv;
301 if (!mtd->_point && map_is_linear(map)) {
302 mtd->_point = cfi_intelext_point;
303 mtd->_unpoint = cfi_intelext_unpoint;
304 }
305}
306
307static void fixup_use_write_buffers(struct mtd_info *mtd)
308{
309 struct map_info *map = mtd->priv;
310 struct cfi_private *cfi = map->fldrv_priv;
311 if (cfi->cfiq->BufWriteTimeoutTyp) {
312 printk(KERN_INFO "Using buffer write method\n" );
313 mtd->_write = cfi_intelext_write_buffers;
314 mtd->_writev = cfi_intelext_writev;
315 }
316}
317
318/*
319 * Some chips power-up with all sectors locked by default.
320 */
321static void fixup_unlock_powerup_lock(struct mtd_info *mtd)
322{
323 struct map_info *map = mtd->priv;
324 struct cfi_private *cfi = map->fldrv_priv;
325 struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
326
327 if (cfip->FeatureSupport&32) {
328 printk(KERN_INFO "Using auto-unlock on power-up/resume\n" );
329 mtd->flags |= MTD_POWERUP_LOCK;
330 }
331}
332
333static struct cfi_fixup cfi_fixup_table[] = {
334 { CFI_MFR_ATMEL, CFI_ID_ANY, fixup_convert_atmel_pri },
335 { CFI_MFR_ATMEL, AT49BV640D, fixup_at49bv640dx_lock },
336 { CFI_MFR_ATMEL, AT49BV640DT, fixup_at49bv640dx_lock },
337#ifdef CMDSET0001_DISABLE_ERASE_SUSPEND_ON_WRITE
338 { CFI_MFR_ANY, CFI_ID_ANY, fixup_intel_strataflash },
339#endif
340#ifdef CMDSET0001_DISABLE_WRITE_SUSPEND
341 { CFI_MFR_ANY, CFI_ID_ANY, fixup_no_write_suspend },
342#endif
343#if !FORCE_WORD_WRITE
344 { CFI_MFR_ANY, CFI_ID_ANY, fixup_use_write_buffers },
345#endif
346 { CFI_MFR_ST, 0x00ba, /* M28W320CT */ fixup_st_m28w320ct },
347 { CFI_MFR_ST, 0x00bb, /* M28W320CB */ fixup_st_m28w320cb },
348 { CFI_MFR_INTEL, CFI_ID_ANY, fixup_unlock_powerup_lock },
349 { CFI_MFR_SHARP, CFI_ID_ANY, fixup_unlock_powerup_lock },
350 { CFI_MFR_SHARP, CFI_ID_ANY, fixup_LH28F640BF },
351 { 0, 0, NULL }
352};
353
354static struct cfi_fixup jedec_fixup_table[] = {
355 { CFI_MFR_INTEL, I82802AB, fixup_use_fwh_lock },
356 { CFI_MFR_INTEL, I82802AC, fixup_use_fwh_lock },
357 { CFI_MFR_ST, M50LPW080, fixup_use_fwh_lock },
358 { CFI_MFR_ST, M50FLW080A, fixup_use_fwh_lock },
359 { CFI_MFR_ST, M50FLW080B, fixup_use_fwh_lock },
360 { 0, 0, NULL }
361};
362static struct cfi_fixup fixup_table[] = {
363 /* The CFI vendor ids and the JEDEC vendor IDs appear
364 * to be common. It is like the devices id's are as
365 * well. This table is to pick all cases where
366 * we know that is the case.
367 */
368 { CFI_MFR_ANY, CFI_ID_ANY, fixup_use_point },
369 { 0, 0, NULL }
370};
371
372static void cfi_fixup_major_minor(struct cfi_private *cfi,
373 struct cfi_pri_intelext *extp)
374{
375 if (cfi->mfr == CFI_MFR_INTEL &&
376 cfi->id == PF38F4476 && extp->MinorVersion == '3')
377 extp->MinorVersion = '1';
378}
379
380static int cfi_is_micron_28F00AP30(struct cfi_private *cfi, struct flchip *chip)
381{
382 /*
383 * Micron(was Numonyx) 1Gbit bottom boot are buggy w.r.t
384 * Erase Supend for their small Erase Blocks(0x8000)
385 */
386 if (cfi->mfr == CFI_MFR_INTEL && cfi->id == M28F00AP30)
387 return 1;
388 return 0;
389}
390
391static inline struct cfi_pri_intelext *
392read_pri_intelext(struct map_info *map, __u16 adr)
393{
394 struct cfi_private *cfi = map->fldrv_priv;
395 struct cfi_pri_intelext *extp;
396 unsigned int extra_size = 0;
397 unsigned int extp_size = sizeof(*extp);
398
399 again:
400 extp = (struct cfi_pri_intelext *)cfi_read_pri(map, adr, extp_size, "Intel/Sharp");
401 if (!extp)
402 return NULL;
403
404 cfi_fixup_major_minor(cfi, extp);
405
406 if (extp->MajorVersion != '1' ||
407 (extp->MinorVersion < '0' || extp->MinorVersion > '5')) {
408 printk(KERN_ERR " Unknown Intel/Sharp Extended Query "
409 "version %c.%c.\n", extp->MajorVersion,
410 extp->MinorVersion);
411 kfree(extp);
412 return NULL;
413 }
414
415 /* Do some byteswapping if necessary */
416 extp->FeatureSupport = le32_to_cpu(extp->FeatureSupport);
417 extp->BlkStatusRegMask = le16_to_cpu(extp->BlkStatusRegMask);
418 extp->ProtRegAddr = le16_to_cpu(extp->ProtRegAddr);
419
420 if (extp->MinorVersion >= '0') {
421 extra_size = 0;
422
423 /* Protection Register info */
424 if (extp->NumProtectionFields)
425 extra_size += (extp->NumProtectionFields - 1) *
426 sizeof(struct cfi_intelext_otpinfo);
427 }
428
429 if (extp->MinorVersion >= '1') {
430 /* Burst Read info */
431 extra_size += 2;
432 if (extp_size < sizeof(*extp) + extra_size)
433 goto need_more;
434 extra_size += extp->extra[extra_size - 1];
435 }
436
437 if (extp->MinorVersion >= '3') {
438 int nb_parts, i;
439
440 /* Number of hardware-partitions */
441 extra_size += 1;
442 if (extp_size < sizeof(*extp) + extra_size)
443 goto need_more;
444 nb_parts = extp->extra[extra_size - 1];
445
446 /* skip the sizeof(partregion) field in CFI 1.4 */
447 if (extp->MinorVersion >= '4')
448 extra_size += 2;
449
450 for (i = 0; i < nb_parts; i++) {
451 struct cfi_intelext_regioninfo *rinfo;
452 rinfo = (struct cfi_intelext_regioninfo *)&extp->extra[extra_size];
453 extra_size += sizeof(*rinfo);
454 if (extp_size < sizeof(*extp) + extra_size)
455 goto need_more;
456 rinfo->NumIdentPartitions=le16_to_cpu(rinfo->NumIdentPartitions);
457 extra_size += (rinfo->NumBlockTypes - 1)
458 * sizeof(struct cfi_intelext_blockinfo);
459 }
460
461 if (extp->MinorVersion >= '4')
462 extra_size += sizeof(struct cfi_intelext_programming_regioninfo);
463
464 if (extp_size < sizeof(*extp) + extra_size) {
465 need_more:
466 extp_size = sizeof(*extp) + extra_size;
467 kfree(extp);
468 if (extp_size > 4096) {
469 printk(KERN_ERR
470 "%s: cfi_pri_intelext is too fat\n",
471 __func__);
472 return NULL;
473 }
474 goto again;
475 }
476 }
477
478 return extp;
479}
480
481struct mtd_info *cfi_cmdset_0001(struct map_info *map, int primary)
482{
483 struct cfi_private *cfi = map->fldrv_priv;
484 struct mtd_info *mtd;
485 int i;
486
487 mtd = kzalloc(sizeof(*mtd), GFP_KERNEL);
488 if (!mtd)
489 return NULL;
490 mtd->priv = map;
491 mtd->type = MTD_NORFLASH;
492
493 /* Fill in the default mtd operations */
494 mtd->_erase = cfi_intelext_erase_varsize;
495 mtd->_read = cfi_intelext_read;
496 mtd->_write = cfi_intelext_write_words;
497 mtd->_sync = cfi_intelext_sync;
498 mtd->_lock = cfi_intelext_lock;
499 mtd->_unlock = cfi_intelext_unlock;
500 mtd->_is_locked = cfi_intelext_is_locked;
501 mtd->_suspend = cfi_intelext_suspend;
502 mtd->_resume = cfi_intelext_resume;
503 mtd->flags = MTD_CAP_NORFLASH;
504 mtd->name = map->name;
505 mtd->writesize = 1;
506 mtd->writebufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
507
508 mtd->reboot_notifier.notifier_call = cfi_intelext_reboot;
509
510 if (cfi->cfi_mode == CFI_MODE_CFI) {
511 /*
512 * It's a real CFI chip, not one for which the probe
513 * routine faked a CFI structure. So we read the feature
514 * table from it.
515 */
516 __u16 adr = primary?cfi->cfiq->P_ADR:cfi->cfiq->A_ADR;
517 struct cfi_pri_intelext *extp;
518
519 extp = read_pri_intelext(map, adr);
520 if (!extp) {
521 kfree(mtd);
522 return NULL;
523 }
524
525 /* Install our own private info structure */
526 cfi->cmdset_priv = extp;
527
528 cfi_fixup(mtd, cfi_fixup_table);
529
530#ifdef DEBUG_CFI_FEATURES
531 /* Tell the user about it in lots of lovely detail */
532 cfi_tell_features(extp);
533#endif
534
535 if(extp->SuspendCmdSupport & 1) {
536 printk(KERN_NOTICE "cfi_cmdset_0001: Erase suspend on write enabled\n");
537 }
538 }
539 else if (cfi->cfi_mode == CFI_MODE_JEDEC) {
540 /* Apply jedec specific fixups */
541 cfi_fixup(mtd, jedec_fixup_table);
542 }
543 /* Apply generic fixups */
544 cfi_fixup(mtd, fixup_table);
545
546 for (i=0; i< cfi->numchips; i++) {
547 if (cfi->cfiq->WordWriteTimeoutTyp)
548 cfi->chips[i].word_write_time =
549 1<<cfi->cfiq->WordWriteTimeoutTyp;
550 else
551 cfi->chips[i].word_write_time = 50000;
552
553 if (cfi->cfiq->BufWriteTimeoutTyp)
554 cfi->chips[i].buffer_write_time =
555 1<<cfi->cfiq->BufWriteTimeoutTyp;
556 /* No default; if it isn't specified, we won't use it */
557
558 if (cfi->cfiq->BlockEraseTimeoutTyp)
559 cfi->chips[i].erase_time =
560 1000<<cfi->cfiq->BlockEraseTimeoutTyp;
561 else
562 cfi->chips[i].erase_time = 2000000;
563
564 if (cfi->cfiq->WordWriteTimeoutTyp &&
565 cfi->cfiq->WordWriteTimeoutMax)
566 cfi->chips[i].word_write_time_max =
567 1<<(cfi->cfiq->WordWriteTimeoutTyp +
568 cfi->cfiq->WordWriteTimeoutMax);
569 else
570 cfi->chips[i].word_write_time_max = 50000 * 8;
571
572 if (cfi->cfiq->BufWriteTimeoutTyp &&
573 cfi->cfiq->BufWriteTimeoutMax)
574 cfi->chips[i].buffer_write_time_max =
575 1<<(cfi->cfiq->BufWriteTimeoutTyp +
576 cfi->cfiq->BufWriteTimeoutMax);
577
578 if (cfi->cfiq->BlockEraseTimeoutTyp &&
579 cfi->cfiq->BlockEraseTimeoutMax)
580 cfi->chips[i].erase_time_max =
581 1000<<(cfi->cfiq->BlockEraseTimeoutTyp +
582 cfi->cfiq->BlockEraseTimeoutMax);
583 else
584 cfi->chips[i].erase_time_max = 2000000 * 8;
585
586 cfi->chips[i].ref_point_counter = 0;
587 init_waitqueue_head(&(cfi->chips[i].wq));
588 }
589
590 map->fldrv = &cfi_intelext_chipdrv;
591
592 return cfi_intelext_setup(mtd);
593}
594struct mtd_info *cfi_cmdset_0003(struct map_info *map, int primary) __attribute__((alias("cfi_cmdset_0001")));
595struct mtd_info *cfi_cmdset_0200(struct map_info *map, int primary) __attribute__((alias("cfi_cmdset_0001")));
596EXPORT_SYMBOL_GPL(cfi_cmdset_0001);
597EXPORT_SYMBOL_GPL(cfi_cmdset_0003);
598EXPORT_SYMBOL_GPL(cfi_cmdset_0200);
599
600static struct mtd_info *cfi_intelext_setup(struct mtd_info *mtd)
601{
602 struct map_info *map = mtd->priv;
603 struct cfi_private *cfi = map->fldrv_priv;
604 unsigned long offset = 0;
605 int i,j;
606 unsigned long devsize = (1<<cfi->cfiq->DevSize) * cfi->interleave;
607
608 //printk(KERN_DEBUG "number of CFI chips: %d\n", cfi->numchips);
609
610 mtd->size = devsize * cfi->numchips;
611
612 mtd->numeraseregions = cfi->cfiq->NumEraseRegions * cfi->numchips;
613 mtd->eraseregions = kcalloc(mtd->numeraseregions,
614 sizeof(struct mtd_erase_region_info),
615 GFP_KERNEL);
616 if (!mtd->eraseregions)
617 goto setup_err;
618
619 for (i=0; i<cfi->cfiq->NumEraseRegions; i++) {
620 unsigned long ernum, ersize;
621 ersize = ((cfi->cfiq->EraseRegionInfo[i] >> 8) & ~0xff) * cfi->interleave;
622 ernum = (cfi->cfiq->EraseRegionInfo[i] & 0xffff) + 1;
623
624 if (mtd->erasesize < ersize) {
625 mtd->erasesize = ersize;
626 }
627 for (j=0; j<cfi->numchips; j++) {
628 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].offset = (j*devsize)+offset;
629 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].erasesize = ersize;
630 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].numblocks = ernum;
631 mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].lockmap = kmalloc(ernum / 8 + 1, GFP_KERNEL);
632 if (!mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].lockmap)
633 goto setup_err;
634 }
635 offset += (ersize * ernum);
636 }
637
638 if (offset != devsize) {
639 /* Argh */
640 printk(KERN_WARNING "Sum of regions (%lx) != total size of set of interleaved chips (%lx)\n", offset, devsize);
641 goto setup_err;
642 }
643
644 for (i=0; i<mtd->numeraseregions;i++){
645 printk(KERN_DEBUG "erase region %d: offset=0x%llx,size=0x%x,blocks=%d\n",
646 i,(unsigned long long)mtd->eraseregions[i].offset,
647 mtd->eraseregions[i].erasesize,
648 mtd->eraseregions[i].numblocks);
649 }
650
651#ifdef CONFIG_MTD_OTP
652 mtd->_read_fact_prot_reg = cfi_intelext_read_fact_prot_reg;
653 mtd->_read_user_prot_reg = cfi_intelext_read_user_prot_reg;
654 mtd->_write_user_prot_reg = cfi_intelext_write_user_prot_reg;
655 mtd->_lock_user_prot_reg = cfi_intelext_lock_user_prot_reg;
656 mtd->_get_fact_prot_info = cfi_intelext_get_fact_prot_info;
657 mtd->_get_user_prot_info = cfi_intelext_get_user_prot_info;
658#endif
659
660 /* This function has the potential to distort the reality
661 a bit and therefore should be called last. */
662 if (cfi_intelext_partition_fixup(mtd, &cfi) != 0)
663 goto setup_err;
664
665 __module_get(THIS_MODULE);
666 register_reboot_notifier(&mtd->reboot_notifier);
667 return mtd;
668
669 setup_err:
670 if (mtd->eraseregions)
671 for (i=0; i<cfi->cfiq->NumEraseRegions; i++)
672 for (j=0; j<cfi->numchips; j++)
673 kfree(mtd->eraseregions[(j*cfi->cfiq->NumEraseRegions)+i].lockmap);
674 kfree(mtd->eraseregions);
675 kfree(mtd);
676 kfree(cfi->cmdset_priv);
677 return NULL;
678}
679
680static int cfi_intelext_partition_fixup(struct mtd_info *mtd,
681 struct cfi_private **pcfi)
682{
683 struct map_info *map = mtd->priv;
684 struct cfi_private *cfi = *pcfi;
685 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
686
687 /*
688 * Probing of multi-partition flash chips.
689 *
690 * To support multiple partitions when available, we simply arrange
691 * for each of them to have their own flchip structure even if they
692 * are on the same physical chip. This means completely recreating
693 * a new cfi_private structure right here which is a blatent code
694 * layering violation, but this is still the least intrusive
695 * arrangement at this point. This can be rearranged in the future
696 * if someone feels motivated enough. --nico
697 */
698 if (extp && extp->MajorVersion == '1' && extp->MinorVersion >= '3'
699 && extp->FeatureSupport & (1 << 9)) {
700 int offs = 0;
701 struct cfi_private *newcfi;
702 struct flchip *chip;
703 struct flchip_shared *shared;
704 int numregions, numparts, partshift, numvirtchips, i, j;
705
706 /* Protection Register info */
707 if (extp->NumProtectionFields)
708 offs = (extp->NumProtectionFields - 1) *
709 sizeof(struct cfi_intelext_otpinfo);
710
711 /* Burst Read info */
712 offs += extp->extra[offs+1]+2;
713
714 /* Number of partition regions */
715 numregions = extp->extra[offs];
716 offs += 1;
717
718 /* skip the sizeof(partregion) field in CFI 1.4 */
719 if (extp->MinorVersion >= '4')
720 offs += 2;
721
722 /* Number of hardware partitions */
723 numparts = 0;
724 for (i = 0; i < numregions; i++) {
725 struct cfi_intelext_regioninfo *rinfo;
726 rinfo = (struct cfi_intelext_regioninfo *)&extp->extra[offs];
727 numparts += rinfo->NumIdentPartitions;
728 offs += sizeof(*rinfo)
729 + (rinfo->NumBlockTypes - 1) *
730 sizeof(struct cfi_intelext_blockinfo);
731 }
732
733 if (!numparts)
734 numparts = 1;
735
736 /* Programming Region info */
737 if (extp->MinorVersion >= '4') {
738 struct cfi_intelext_programming_regioninfo *prinfo;
739 prinfo = (struct cfi_intelext_programming_regioninfo *)&extp->extra[offs];
740 mtd->writesize = cfi->interleave << prinfo->ProgRegShift;
741 mtd->flags &= ~MTD_BIT_WRITEABLE;
742 printk(KERN_DEBUG "%s: program region size/ctrl_valid/ctrl_inval = %d/%d/%d\n",
743 map->name, mtd->writesize,
744 cfi->interleave * prinfo->ControlValid,
745 cfi->interleave * prinfo->ControlInvalid);
746 }
747
748 /*
749 * All functions below currently rely on all chips having
750 * the same geometry so we'll just assume that all hardware
751 * partitions are of the same size too.
752 */
753 partshift = cfi->chipshift - __ffs(numparts);
754
755 if ((1 << partshift) < mtd->erasesize) {
756 printk( KERN_ERR
757 "%s: bad number of hw partitions (%d)\n",
758 __func__, numparts);
759 return -EINVAL;
760 }
761
762 numvirtchips = cfi->numchips * numparts;
763 newcfi = kmalloc(struct_size(newcfi, chips, numvirtchips),
764 GFP_KERNEL);
765 if (!newcfi)
766 return -ENOMEM;
767 shared = kmalloc_array(cfi->numchips,
768 sizeof(struct flchip_shared),
769 GFP_KERNEL);
770 if (!shared) {
771 kfree(newcfi);
772 return -ENOMEM;
773 }
774 memcpy(newcfi, cfi, sizeof(struct cfi_private));
775 newcfi->numchips = numvirtchips;
776 newcfi->chipshift = partshift;
777
778 chip = &newcfi->chips[0];
779 for (i = 0; i < cfi->numchips; i++) {
780 shared[i].writing = shared[i].erasing = NULL;
781 mutex_init(&shared[i].lock);
782 for (j = 0; j < numparts; j++) {
783 *chip = cfi->chips[i];
784 chip->start += j << partshift;
785 chip->priv = &shared[i];
786 /* those should be reset too since
787 they create memory references. */
788 init_waitqueue_head(&chip->wq);
789 mutex_init(&chip->mutex);
790 chip++;
791 }
792 }
793
794 printk(KERN_DEBUG "%s: %d set(s) of %d interleaved chips "
795 "--> %d partitions of %d KiB\n",
796 map->name, cfi->numchips, cfi->interleave,
797 newcfi->numchips, 1<<(newcfi->chipshift-10));
798
799 map->fldrv_priv = newcfi;
800 *pcfi = newcfi;
801 kfree(cfi);
802 }
803
804 return 0;
805}
806
807/*
808 * *********** CHIP ACCESS FUNCTIONS ***********
809 */
810static int chip_ready (struct map_info *map, struct flchip *chip, unsigned long adr, int mode)
811{
812 DECLARE_WAITQUEUE(wait, current);
813 struct cfi_private *cfi = map->fldrv_priv;
814 map_word status, status_OK = CMD(0x80), status_PWS = CMD(0x01);
815 struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
816 unsigned long timeo = jiffies + HZ;
817
818 /* Prevent setting state FL_SYNCING for chip in suspended state. */
819 if (mode == FL_SYNCING && chip->oldstate != FL_READY)
820 goto sleep;
821
822 switch (chip->state) {
823
824 case FL_STATUS:
825 for (;;) {
826 status = map_read(map, adr);
827 if (map_word_andequal(map, status, status_OK, status_OK))
828 break;
829
830 /* At this point we're fine with write operations
831 in other partitions as they don't conflict. */
832 if (chip->priv && map_word_andequal(map, status, status_PWS, status_PWS))
833 break;
834
835 mutex_unlock(&chip->mutex);
836 cfi_udelay(1);
837 mutex_lock(&chip->mutex);
838 /* Someone else might have been playing with it. */
839 return -EAGAIN;
840 }
841 fallthrough;
842 case FL_READY:
843 case FL_CFI_QUERY:
844 case FL_JEDEC_QUERY:
845 return 0;
846
847 case FL_ERASING:
848 if (!cfip ||
849 !(cfip->FeatureSupport & 2) ||
850 !(mode == FL_READY || mode == FL_POINT ||
851 (mode == FL_WRITING && (cfip->SuspendCmdSupport & 1))))
852 goto sleep;
853
854 /* Do not allow suspend iff read/write to EB address */
855 if ((adr & chip->in_progress_block_mask) ==
856 chip->in_progress_block_addr)
857 goto sleep;
858
859 /* do not suspend small EBs, buggy Micron Chips */
860 if (cfi_is_micron_28F00AP30(cfi, chip) &&
861 (chip->in_progress_block_mask == ~(0x8000-1)))
862 goto sleep;
863
864 /* Erase suspend */
865 map_write(map, CMD(0xB0), chip->in_progress_block_addr);
866
867 /* If the flash has finished erasing, then 'erase suspend'
868 * appears to make some (28F320) flash devices switch to
869 * 'read' mode. Make sure that we switch to 'read status'
870 * mode so we get the right data. --rmk
871 */
872 map_write(map, CMD(0x70), chip->in_progress_block_addr);
873 chip->oldstate = FL_ERASING;
874 chip->state = FL_ERASE_SUSPENDING;
875 chip->erase_suspended = 1;
876 for (;;) {
877 status = map_read(map, chip->in_progress_block_addr);
878 if (map_word_andequal(map, status, status_OK, status_OK))
879 break;
880
881 if (time_after(jiffies, timeo)) {
882 /* Urgh. Resume and pretend we weren't here.
883 * Make sure we're in 'read status' mode if it had finished */
884 put_chip(map, chip, adr);
885 printk(KERN_ERR "%s: Chip not ready after erase "
886 "suspended: status = 0x%lx\n", map->name, status.x[0]);
887 return -EIO;
888 }
889
890 mutex_unlock(&chip->mutex);
891 cfi_udelay(1);
892 mutex_lock(&chip->mutex);
893 /* Nobody will touch it while it's in state FL_ERASE_SUSPENDING.
894 So we can just loop here. */
895 }
896 chip->state = FL_STATUS;
897 return 0;
898
899 case FL_XIP_WHILE_ERASING:
900 if (mode != FL_READY && mode != FL_POINT &&
901 (mode != FL_WRITING || !cfip || !(cfip->SuspendCmdSupport&1)))
902 goto sleep;
903 chip->oldstate = chip->state;
904 chip->state = FL_READY;
905 return 0;
906
907 case FL_SHUTDOWN:
908 /* The machine is rebooting now,so no one can get chip anymore */
909 return -EIO;
910 case FL_POINT:
911 /* Only if there's no operation suspended... */
912 if (mode == FL_READY && chip->oldstate == FL_READY)
913 return 0;
914 fallthrough;
915 default:
916 sleep:
917 set_current_state(TASK_UNINTERRUPTIBLE);
918 add_wait_queue(&chip->wq, &wait);
919 mutex_unlock(&chip->mutex);
920 schedule();
921 remove_wait_queue(&chip->wq, &wait);
922 mutex_lock(&chip->mutex);
923 return -EAGAIN;
924 }
925}
926
927static int get_chip(struct map_info *map, struct flchip *chip, unsigned long adr, int mode)
928{
929 int ret;
930 DECLARE_WAITQUEUE(wait, current);
931
932 retry:
933 if (chip->priv &&
934 (mode == FL_WRITING || mode == FL_ERASING || mode == FL_OTP_WRITE
935 || mode == FL_SHUTDOWN) && chip->state != FL_SYNCING) {
936 /*
937 * OK. We have possibility for contention on the write/erase
938 * operations which are global to the real chip and not per
939 * partition. So let's fight it over in the partition which
940 * currently has authority on the operation.
941 *
942 * The rules are as follows:
943 *
944 * - any write operation must own shared->writing.
945 *
946 * - any erase operation must own _both_ shared->writing and
947 * shared->erasing.
948 *
949 * - contention arbitration is handled in the owner's context.
950 *
951 * The 'shared' struct can be read and/or written only when
952 * its lock is taken.
953 */
954 struct flchip_shared *shared = chip->priv;
955 struct flchip *contender;
956 mutex_lock(&shared->lock);
957 contender = shared->writing;
958 if (contender && contender != chip) {
959 /*
960 * The engine to perform desired operation on this
961 * partition is already in use by someone else.
962 * Let's fight over it in the context of the chip
963 * currently using it. If it is possible to suspend,
964 * that other partition will do just that, otherwise
965 * it'll happily send us to sleep. In any case, when
966 * get_chip returns success we're clear to go ahead.
967 */
968 ret = mutex_trylock(&contender->mutex);
969 mutex_unlock(&shared->lock);
970 if (!ret)
971 goto retry;
972 mutex_unlock(&chip->mutex);
973 ret = chip_ready(map, contender, contender->start, mode);
974 mutex_lock(&chip->mutex);
975
976 if (ret == -EAGAIN) {
977 mutex_unlock(&contender->mutex);
978 goto retry;
979 }
980 if (ret) {
981 mutex_unlock(&contender->mutex);
982 return ret;
983 }
984 mutex_lock(&shared->lock);
985
986 /* We should not own chip if it is already
987 * in FL_SYNCING state. Put contender and retry. */
988 if (chip->state == FL_SYNCING) {
989 put_chip(map, contender, contender->start);
990 mutex_unlock(&contender->mutex);
991 goto retry;
992 }
993 mutex_unlock(&contender->mutex);
994 }
995
996 /* Check if we already have suspended erase
997 * on this chip. Sleep. */
998 if (mode == FL_ERASING && shared->erasing
999 && shared->erasing->oldstate == FL_ERASING) {
1000 mutex_unlock(&shared->lock);
1001 set_current_state(TASK_UNINTERRUPTIBLE);
1002 add_wait_queue(&chip->wq, &wait);
1003 mutex_unlock(&chip->mutex);
1004 schedule();
1005 remove_wait_queue(&chip->wq, &wait);
1006 mutex_lock(&chip->mutex);
1007 goto retry;
1008 }
1009
1010 /* We now own it */
1011 shared->writing = chip;
1012 if (mode == FL_ERASING)
1013 shared->erasing = chip;
1014 mutex_unlock(&shared->lock);
1015 }
1016 ret = chip_ready(map, chip, adr, mode);
1017 if (ret == -EAGAIN)
1018 goto retry;
1019
1020 return ret;
1021}
1022
1023static void put_chip(struct map_info *map, struct flchip *chip, unsigned long adr)
1024{
1025 struct cfi_private *cfi = map->fldrv_priv;
1026
1027 if (chip->priv) {
1028 struct flchip_shared *shared = chip->priv;
1029 mutex_lock(&shared->lock);
1030 if (shared->writing == chip && chip->oldstate == FL_READY) {
1031 /* We own the ability to write, but we're done */
1032 shared->writing = shared->erasing;
1033 if (shared->writing && shared->writing != chip) {
1034 /* give back ownership to who we loaned it from */
1035 struct flchip *loaner = shared->writing;
1036 mutex_lock(&loaner->mutex);
1037 mutex_unlock(&shared->lock);
1038 mutex_unlock(&chip->mutex);
1039 put_chip(map, loaner, loaner->start);
1040 mutex_lock(&chip->mutex);
1041 mutex_unlock(&loaner->mutex);
1042 wake_up(&chip->wq);
1043 return;
1044 }
1045 shared->erasing = NULL;
1046 shared->writing = NULL;
1047 } else if (shared->erasing == chip && shared->writing != chip) {
1048 /*
1049 * We own the ability to erase without the ability
1050 * to write, which means the erase was suspended
1051 * and some other partition is currently writing.
1052 * Don't let the switch below mess things up since
1053 * we don't have ownership to resume anything.
1054 */
1055 mutex_unlock(&shared->lock);
1056 wake_up(&chip->wq);
1057 return;
1058 }
1059 mutex_unlock(&shared->lock);
1060 }
1061
1062 switch(chip->oldstate) {
1063 case FL_ERASING:
1064 /* What if one interleaved chip has finished and the
1065 other hasn't? The old code would leave the finished
1066 one in READY mode. That's bad, and caused -EROFS
1067 errors to be returned from do_erase_oneblock because
1068 that's the only bit it checked for at the time.
1069 As the state machine appears to explicitly allow
1070 sending the 0x70 (Read Status) command to an erasing
1071 chip and expecting it to be ignored, that's what we
1072 do. */
1073 map_write(map, CMD(0xd0), chip->in_progress_block_addr);
1074 map_write(map, CMD(0x70), chip->in_progress_block_addr);
1075 chip->oldstate = FL_READY;
1076 chip->state = FL_ERASING;
1077 break;
1078
1079 case FL_XIP_WHILE_ERASING:
1080 chip->state = chip->oldstate;
1081 chip->oldstate = FL_READY;
1082 break;
1083
1084 case FL_READY:
1085 case FL_STATUS:
1086 case FL_JEDEC_QUERY:
1087 break;
1088 default:
1089 printk(KERN_ERR "%s: put_chip() called with oldstate %d!!\n", map->name, chip->oldstate);
1090 }
1091 wake_up(&chip->wq);
1092}
1093
1094#ifdef CONFIG_MTD_XIP
1095
1096/*
1097 * No interrupt what so ever can be serviced while the flash isn't in array
1098 * mode. This is ensured by the xip_disable() and xip_enable() functions
1099 * enclosing any code path where the flash is known not to be in array mode.
1100 * And within a XIP disabled code path, only functions marked with __xipram
1101 * may be called and nothing else (it's a good thing to inspect generated
1102 * assembly to make sure inline functions were actually inlined and that gcc
1103 * didn't emit calls to its own support functions). Also configuring MTD CFI
1104 * support to a single buswidth and a single interleave is also recommended.
1105 */
1106
1107static void xip_disable(struct map_info *map, struct flchip *chip,
1108 unsigned long adr)
1109{
1110 /* TODO: chips with no XIP use should ignore and return */
1111 (void) map_read(map, adr); /* ensure mmu mapping is up to date */
1112 local_irq_disable();
1113}
1114
1115static void __xipram xip_enable(struct map_info *map, struct flchip *chip,
1116 unsigned long adr)
1117{
1118 struct cfi_private *cfi = map->fldrv_priv;
1119 if (chip->state != FL_POINT && chip->state != FL_READY) {
1120 map_write(map, CMD(0xff), adr);
1121 chip->state = FL_READY;
1122 }
1123 (void) map_read(map, adr);
1124 xip_iprefetch();
1125 local_irq_enable();
1126}
1127
1128/*
1129 * When a delay is required for the flash operation to complete, the
1130 * xip_wait_for_operation() function is polling for both the given timeout
1131 * and pending (but still masked) hardware interrupts. Whenever there is an
1132 * interrupt pending then the flash erase or write operation is suspended,
1133 * array mode restored and interrupts unmasked. Task scheduling might also
1134 * happen at that point. The CPU eventually returns from the interrupt or
1135 * the call to schedule() and the suspended flash operation is resumed for
1136 * the remaining of the delay period.
1137 *
1138 * Warning: this function _will_ fool interrupt latency tracing tools.
1139 */
1140
1141static int __xipram xip_wait_for_operation(
1142 struct map_info *map, struct flchip *chip,
1143 unsigned long adr, unsigned int chip_op_time_max)
1144{
1145 struct cfi_private *cfi = map->fldrv_priv;
1146 struct cfi_pri_intelext *cfip = cfi->cmdset_priv;
1147 map_word status, OK = CMD(0x80);
1148 unsigned long usec, suspended, start, done;
1149 flstate_t oldstate, newstate;
1150
1151 start = xip_currtime();
1152 usec = chip_op_time_max;
1153 if (usec == 0)
1154 usec = 500000;
1155 done = 0;
1156
1157 do {
1158 cpu_relax();
1159 if (xip_irqpending() && cfip &&
1160 ((chip->state == FL_ERASING && (cfip->FeatureSupport&2)) ||
1161 (chip->state == FL_WRITING && (cfip->FeatureSupport&4))) &&
1162 (cfi_interleave_is_1(cfi) || chip->oldstate == FL_READY)) {
1163 /*
1164 * Let's suspend the erase or write operation when
1165 * supported. Note that we currently don't try to
1166 * suspend interleaved chips if there is already
1167 * another operation suspended (imagine what happens
1168 * when one chip was already done with the current
1169 * operation while another chip suspended it, then
1170 * we resume the whole thing at once). Yes, it
1171 * can happen!
1172 */
1173 usec -= done;
1174 map_write(map, CMD(0xb0), adr);
1175 map_write(map, CMD(0x70), adr);
1176 suspended = xip_currtime();
1177 do {
1178 if (xip_elapsed_since(suspended) > 100000) {
1179 /*
1180 * The chip doesn't want to suspend
1181 * after waiting for 100 msecs.
1182 * This is a critical error but there
1183 * is not much we can do here.
1184 */
1185 return -EIO;
1186 }
1187 status = map_read(map, adr);
1188 } while (!map_word_andequal(map, status, OK, OK));
1189
1190 /* Suspend succeeded */
1191 oldstate = chip->state;
1192 if (oldstate == FL_ERASING) {
1193 if (!map_word_bitsset(map, status, CMD(0x40)))
1194 break;
1195 newstate = FL_XIP_WHILE_ERASING;
1196 chip->erase_suspended = 1;
1197 } else {
1198 if (!map_word_bitsset(map, status, CMD(0x04)))
1199 break;
1200 newstate = FL_XIP_WHILE_WRITING;
1201 chip->write_suspended = 1;
1202 }
1203 chip->state = newstate;
1204 map_write(map, CMD(0xff), adr);
1205 (void) map_read(map, adr);
1206 xip_iprefetch();
1207 local_irq_enable();
1208 mutex_unlock(&chip->mutex);
1209 xip_iprefetch();
1210 cond_resched();
1211
1212 /*
1213 * We're back. However someone else might have
1214 * decided to go write to the chip if we are in
1215 * a suspended erase state. If so let's wait
1216 * until it's done.
1217 */
1218 mutex_lock(&chip->mutex);
1219 while (chip->state != newstate) {
1220 DECLARE_WAITQUEUE(wait, current);
1221 set_current_state(TASK_UNINTERRUPTIBLE);
1222 add_wait_queue(&chip->wq, &wait);
1223 mutex_unlock(&chip->mutex);
1224 schedule();
1225 remove_wait_queue(&chip->wq, &wait);
1226 mutex_lock(&chip->mutex);
1227 }
1228 /* Disallow XIP again */
1229 local_irq_disable();
1230
1231 /* Resume the write or erase operation */
1232 map_write(map, CMD(0xd0), adr);
1233 map_write(map, CMD(0x70), adr);
1234 chip->state = oldstate;
1235 start = xip_currtime();
1236 } else if (usec >= 1000000/HZ) {
1237 /*
1238 * Try to save on CPU power when waiting delay
1239 * is at least a system timer tick period.
1240 * No need to be extremely accurate here.
1241 */
1242 xip_cpu_idle();
1243 }
1244 status = map_read(map, adr);
1245 done = xip_elapsed_since(start);
1246 } while (!map_word_andequal(map, status, OK, OK)
1247 && done < usec);
1248
1249 return (done >= usec) ? -ETIME : 0;
1250}
1251
1252/*
1253 * The INVALIDATE_CACHED_RANGE() macro is normally used in parallel while
1254 * the flash is actively programming or erasing since we have to poll for
1255 * the operation to complete anyway. We can't do that in a generic way with
1256 * a XIP setup so do it before the actual flash operation in this case
1257 * and stub it out from INVAL_CACHE_AND_WAIT.
1258 */
1259#define XIP_INVAL_CACHED_RANGE(map, from, size) \
1260 INVALIDATE_CACHED_RANGE(map, from, size)
1261
1262#define INVAL_CACHE_AND_WAIT(map, chip, cmd_adr, inval_adr, inval_len, usec, usec_max) \
1263 xip_wait_for_operation(map, chip, cmd_adr, usec_max)
1264
1265#else
1266
1267#define xip_disable(map, chip, adr)
1268#define xip_enable(map, chip, adr)
1269#define XIP_INVAL_CACHED_RANGE(x...)
1270#define INVAL_CACHE_AND_WAIT inval_cache_and_wait_for_operation
1271
1272static int inval_cache_and_wait_for_operation(
1273 struct map_info *map, struct flchip *chip,
1274 unsigned long cmd_adr, unsigned long inval_adr, int inval_len,
1275 unsigned int chip_op_time, unsigned int chip_op_time_max)
1276{
1277 struct cfi_private *cfi = map->fldrv_priv;
1278 map_word status, status_OK = CMD(0x80);
1279 int chip_state = chip->state;
1280 unsigned int timeo, sleep_time, reset_timeo;
1281
1282 mutex_unlock(&chip->mutex);
1283 if (inval_len)
1284 INVALIDATE_CACHED_RANGE(map, inval_adr, inval_len);
1285 mutex_lock(&chip->mutex);
1286
1287 timeo = chip_op_time_max;
1288 if (!timeo)
1289 timeo = 500000;
1290 reset_timeo = timeo;
1291 sleep_time = chip_op_time / 2;
1292
1293 for (;;) {
1294 if (chip->state != chip_state) {
1295 /* Someone's suspended the operation: sleep */
1296 DECLARE_WAITQUEUE(wait, current);
1297 set_current_state(TASK_UNINTERRUPTIBLE);
1298 add_wait_queue(&chip->wq, &wait);
1299 mutex_unlock(&chip->mutex);
1300 schedule();
1301 remove_wait_queue(&chip->wq, &wait);
1302 mutex_lock(&chip->mutex);
1303 continue;
1304 }
1305
1306 status = map_read(map, cmd_adr);
1307 if (map_word_andequal(map, status, status_OK, status_OK))
1308 break;
1309
1310 if (chip->erase_suspended && chip_state == FL_ERASING) {
1311 /* Erase suspend occurred while sleep: reset timeout */
1312 timeo = reset_timeo;
1313 chip->erase_suspended = 0;
1314 }
1315 if (chip->write_suspended && chip_state == FL_WRITING) {
1316 /* Write suspend occurred while sleep: reset timeout */
1317 timeo = reset_timeo;
1318 chip->write_suspended = 0;
1319 }
1320 if (!timeo) {
1321 map_write(map, CMD(0x70), cmd_adr);
1322 chip->state = FL_STATUS;
1323 return -ETIME;
1324 }
1325
1326 /* OK Still waiting. Drop the lock, wait a while and retry. */
1327 mutex_unlock(&chip->mutex);
1328 if (sleep_time >= 1000000/HZ) {
1329 /*
1330 * Half of the normal delay still remaining
1331 * can be performed with a sleeping delay instead
1332 * of busy waiting.
1333 */
1334 msleep(sleep_time/1000);
1335 timeo -= sleep_time;
1336 sleep_time = 1000000/HZ;
1337 } else {
1338 udelay(1);
1339 cond_resched();
1340 timeo--;
1341 }
1342 mutex_lock(&chip->mutex);
1343 }
1344
1345 /* Done and happy. */
1346 chip->state = FL_STATUS;
1347 return 0;
1348}
1349
1350#endif
1351
1352#define WAIT_TIMEOUT(map, chip, adr, udelay, udelay_max) \
1353 INVAL_CACHE_AND_WAIT(map, chip, adr, 0, 0, udelay, udelay_max);
1354
1355
1356static int do_point_onechip (struct map_info *map, struct flchip *chip, loff_t adr, size_t len)
1357{
1358 unsigned long cmd_addr;
1359 struct cfi_private *cfi = map->fldrv_priv;
1360 int ret;
1361
1362 adr += chip->start;
1363
1364 /* Ensure cmd read/writes are aligned. */
1365 cmd_addr = adr & ~(map_bankwidth(map)-1);
1366
1367 mutex_lock(&chip->mutex);
1368
1369 ret = get_chip(map, chip, cmd_addr, FL_POINT);
1370
1371 if (!ret) {
1372 if (chip->state != FL_POINT && chip->state != FL_READY)
1373 map_write(map, CMD(0xff), cmd_addr);
1374
1375 chip->state = FL_POINT;
1376 chip->ref_point_counter++;
1377 }
1378 mutex_unlock(&chip->mutex);
1379
1380 return ret;
1381}
1382
1383static int cfi_intelext_point(struct mtd_info *mtd, loff_t from, size_t len,
1384 size_t *retlen, void **virt, resource_size_t *phys)
1385{
1386 struct map_info *map = mtd->priv;
1387 struct cfi_private *cfi = map->fldrv_priv;
1388 unsigned long ofs, last_end = 0;
1389 int chipnum;
1390 int ret;
1391
1392 if (!map->virt)
1393 return -EINVAL;
1394
1395 /* Now lock the chip(s) to POINT state */
1396
1397 /* ofs: offset within the first chip that the first read should start */
1398 chipnum = (from >> cfi->chipshift);
1399 ofs = from - (chipnum << cfi->chipshift);
1400
1401 *virt = map->virt + cfi->chips[chipnum].start + ofs;
1402 if (phys)
1403 *phys = map->phys + cfi->chips[chipnum].start + ofs;
1404
1405 while (len) {
1406 unsigned long thislen;
1407
1408 if (chipnum >= cfi->numchips)
1409 break;
1410
1411 /* We cannot point across chips that are virtually disjoint */
1412 if (!last_end)
1413 last_end = cfi->chips[chipnum].start;
1414 else if (cfi->chips[chipnum].start != last_end)
1415 break;
1416
1417 if ((len + ofs -1) >> cfi->chipshift)
1418 thislen = (1<<cfi->chipshift) - ofs;
1419 else
1420 thislen = len;
1421
1422 ret = do_point_onechip(map, &cfi->chips[chipnum], ofs, thislen);
1423 if (ret)
1424 break;
1425
1426 *retlen += thislen;
1427 len -= thislen;
1428
1429 ofs = 0;
1430 last_end += 1 << cfi->chipshift;
1431 chipnum++;
1432 }
1433 return 0;
1434}
1435
1436static int cfi_intelext_unpoint(struct mtd_info *mtd, loff_t from, size_t len)
1437{
1438 struct map_info *map = mtd->priv;
1439 struct cfi_private *cfi = map->fldrv_priv;
1440 unsigned long ofs;
1441 int chipnum, err = 0;
1442
1443 /* Now unlock the chip(s) POINT state */
1444
1445 /* ofs: offset within the first chip that the first read should start */
1446 chipnum = (from >> cfi->chipshift);
1447 ofs = from - (chipnum << cfi->chipshift);
1448
1449 while (len && !err) {
1450 unsigned long thislen;
1451 struct flchip *chip;
1452
1453 chip = &cfi->chips[chipnum];
1454 if (chipnum >= cfi->numchips)
1455 break;
1456
1457 if ((len + ofs -1) >> cfi->chipshift)
1458 thislen = (1<<cfi->chipshift) - ofs;
1459 else
1460 thislen = len;
1461
1462 mutex_lock(&chip->mutex);
1463 if (chip->state == FL_POINT) {
1464 chip->ref_point_counter--;
1465 if(chip->ref_point_counter == 0)
1466 chip->state = FL_READY;
1467 } else {
1468 printk(KERN_ERR "%s: Error: unpoint called on non pointed region\n", map->name);
1469 err = -EINVAL;
1470 }
1471
1472 put_chip(map, chip, chip->start);
1473 mutex_unlock(&chip->mutex);
1474
1475 len -= thislen;
1476 ofs = 0;
1477 chipnum++;
1478 }
1479
1480 return err;
1481}
1482
1483static inline int do_read_onechip(struct map_info *map, struct flchip *chip, loff_t adr, size_t len, u_char *buf)
1484{
1485 unsigned long cmd_addr;
1486 struct cfi_private *cfi = map->fldrv_priv;
1487 int ret;
1488
1489 adr += chip->start;
1490
1491 /* Ensure cmd read/writes are aligned. */
1492 cmd_addr = adr & ~(map_bankwidth(map)-1);
1493
1494 mutex_lock(&chip->mutex);
1495 ret = get_chip(map, chip, cmd_addr, FL_READY);
1496 if (ret) {
1497 mutex_unlock(&chip->mutex);
1498 return ret;
1499 }
1500
1501 if (chip->state != FL_POINT && chip->state != FL_READY) {
1502 map_write(map, CMD(0xff), cmd_addr);
1503
1504 chip->state = FL_READY;
1505 }
1506
1507 map_copy_from(map, buf, adr, len);
1508
1509 put_chip(map, chip, cmd_addr);
1510
1511 mutex_unlock(&chip->mutex);
1512 return 0;
1513}
1514
1515static int cfi_intelext_read (struct mtd_info *mtd, loff_t from, size_t len, size_t *retlen, u_char *buf)
1516{
1517 struct map_info *map = mtd->priv;
1518 struct cfi_private *cfi = map->fldrv_priv;
1519 unsigned long ofs;
1520 int chipnum;
1521 int ret = 0;
1522
1523 /* ofs: offset within the first chip that the first read should start */
1524 chipnum = (from >> cfi->chipshift);
1525 ofs = from - (chipnum << cfi->chipshift);
1526
1527 while (len) {
1528 unsigned long thislen;
1529
1530 if (chipnum >= cfi->numchips)
1531 break;
1532
1533 if ((len + ofs -1) >> cfi->chipshift)
1534 thislen = (1<<cfi->chipshift) - ofs;
1535 else
1536 thislen = len;
1537
1538 ret = do_read_onechip(map, &cfi->chips[chipnum], ofs, thislen, buf);
1539 if (ret)
1540 break;
1541
1542 *retlen += thislen;
1543 len -= thislen;
1544 buf += thislen;
1545
1546 ofs = 0;
1547 chipnum++;
1548 }
1549 return ret;
1550}
1551
1552static int __xipram do_write_oneword(struct map_info *map, struct flchip *chip,
1553 unsigned long adr, map_word datum, int mode)
1554{
1555 struct cfi_private *cfi = map->fldrv_priv;
1556 map_word status, write_cmd;
1557 int ret;
1558
1559 adr += chip->start;
1560
1561 switch (mode) {
1562 case FL_WRITING:
1563 write_cmd = (cfi->cfiq->P_ID != P_ID_INTEL_PERFORMANCE) ? CMD(0x40) : CMD(0x41);
1564 break;
1565 case FL_OTP_WRITE:
1566 write_cmd = CMD(0xc0);
1567 break;
1568 default:
1569 return -EINVAL;
1570 }
1571
1572 mutex_lock(&chip->mutex);
1573 ret = get_chip(map, chip, adr, mode);
1574 if (ret) {
1575 mutex_unlock(&chip->mutex);
1576 return ret;
1577 }
1578
1579 XIP_INVAL_CACHED_RANGE(map, adr, map_bankwidth(map));
1580 ENABLE_VPP(map);
1581 xip_disable(map, chip, adr);
1582 map_write(map, write_cmd, adr);
1583 map_write(map, datum, adr);
1584 chip->state = mode;
1585
1586 ret = INVAL_CACHE_AND_WAIT(map, chip, adr,
1587 adr, map_bankwidth(map),
1588 chip->word_write_time,
1589 chip->word_write_time_max);
1590 if (ret) {
1591 xip_enable(map, chip, adr);
1592 printk(KERN_ERR "%s: word write error (status timeout)\n", map->name);
1593 goto out;
1594 }
1595
1596 /* check for errors */
1597 status = map_read(map, adr);
1598 if (map_word_bitsset(map, status, CMD(0x1a))) {
1599 unsigned long chipstatus = MERGESTATUS(status);
1600
1601 /* reset status */
1602 map_write(map, CMD(0x50), adr);
1603 map_write(map, CMD(0x70), adr);
1604 xip_enable(map, chip, adr);
1605
1606 if (chipstatus & 0x02) {
1607 ret = -EROFS;
1608 } else if (chipstatus & 0x08) {
1609 printk(KERN_ERR "%s: word write error (bad VPP)\n", map->name);
1610 ret = -EIO;
1611 } else {
1612 printk(KERN_ERR "%s: word write error (status 0x%lx)\n", map->name, chipstatus);
1613 ret = -EINVAL;
1614 }
1615
1616 goto out;
1617 }
1618
1619 xip_enable(map, chip, adr);
1620 out: DISABLE_VPP(map);
1621 put_chip(map, chip, adr);
1622 mutex_unlock(&chip->mutex);
1623 return ret;
1624}
1625
1626
1627static int cfi_intelext_write_words (struct mtd_info *mtd, loff_t to , size_t len, size_t *retlen, const u_char *buf)
1628{
1629 struct map_info *map = mtd->priv;
1630 struct cfi_private *cfi = map->fldrv_priv;
1631 int ret;
1632 int chipnum;
1633 unsigned long ofs;
1634
1635 chipnum = to >> cfi->chipshift;
1636 ofs = to - (chipnum << cfi->chipshift);
1637
1638 /* If it's not bus-aligned, do the first byte write */
1639 if (ofs & (map_bankwidth(map)-1)) {
1640 unsigned long bus_ofs = ofs & ~(map_bankwidth(map)-1);
1641 int gap = ofs - bus_ofs;
1642 int n;
1643 map_word datum;
1644
1645 n = min_t(int, len, map_bankwidth(map)-gap);
1646 datum = map_word_ff(map);
1647 datum = map_word_load_partial(map, datum, buf, gap, n);
1648
1649 ret = do_write_oneword(map, &cfi->chips[chipnum],
1650 bus_ofs, datum, FL_WRITING);
1651 if (ret)
1652 return ret;
1653
1654 len -= n;
1655 ofs += n;
1656 buf += n;
1657 (*retlen) += n;
1658
1659 if (ofs >> cfi->chipshift) {
1660 chipnum ++;
1661 ofs = 0;
1662 if (chipnum == cfi->numchips)
1663 return 0;
1664 }
1665 }
1666
1667 while(len >= map_bankwidth(map)) {
1668 map_word datum = map_word_load(map, buf);
1669
1670 ret = do_write_oneword(map, &cfi->chips[chipnum],
1671 ofs, datum, FL_WRITING);
1672 if (ret)
1673 return ret;
1674
1675 ofs += map_bankwidth(map);
1676 buf += map_bankwidth(map);
1677 (*retlen) += map_bankwidth(map);
1678 len -= map_bankwidth(map);
1679
1680 if (ofs >> cfi->chipshift) {
1681 chipnum ++;
1682 ofs = 0;
1683 if (chipnum == cfi->numchips)
1684 return 0;
1685 }
1686 }
1687
1688 if (len & (map_bankwidth(map)-1)) {
1689 map_word datum;
1690
1691 datum = map_word_ff(map);
1692 datum = map_word_load_partial(map, datum, buf, 0, len);
1693
1694 ret = do_write_oneword(map, &cfi->chips[chipnum],
1695 ofs, datum, FL_WRITING);
1696 if (ret)
1697 return ret;
1698
1699 (*retlen) += len;
1700 }
1701
1702 return 0;
1703}
1704
1705
1706static int __xipram do_write_buffer(struct map_info *map, struct flchip *chip,
1707 unsigned long adr, const struct kvec **pvec,
1708 unsigned long *pvec_seek, int len)
1709{
1710 struct cfi_private *cfi = map->fldrv_priv;
1711 map_word status, write_cmd, datum;
1712 unsigned long cmd_adr;
1713 int ret, wbufsize, word_gap, words;
1714 const struct kvec *vec;
1715 unsigned long vec_seek;
1716 unsigned long initial_adr;
1717 int initial_len = len;
1718
1719 wbufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
1720 adr += chip->start;
1721 initial_adr = adr;
1722 cmd_adr = adr & ~(wbufsize-1);
1723
1724 /* Sharp LH28F640BF chips need the first address for the
1725 * Page Buffer Program command. See Table 5 of
1726 * LH28F320BF, LH28F640BF, LH28F128BF Series (Appendix FUM00701) */
1727 if (is_LH28F640BF(cfi))
1728 cmd_adr = adr;
1729
1730 /* Let's determine this according to the interleave only once */
1731 write_cmd = (cfi->cfiq->P_ID != P_ID_INTEL_PERFORMANCE) ? CMD(0xe8) : CMD(0xe9);
1732
1733 mutex_lock(&chip->mutex);
1734 ret = get_chip(map, chip, cmd_adr, FL_WRITING);
1735 if (ret) {
1736 mutex_unlock(&chip->mutex);
1737 return ret;
1738 }
1739
1740 XIP_INVAL_CACHED_RANGE(map, initial_adr, initial_len);
1741 ENABLE_VPP(map);
1742 xip_disable(map, chip, cmd_adr);
1743
1744 /* §4.8 of the 28FxxxJ3A datasheet says "Any time SR.4 and/or SR.5 is set
1745 [...], the device will not accept any more Write to Buffer commands".
1746 So we must check here and reset those bits if they're set. Otherwise
1747 we're just pissing in the wind */
1748 if (chip->state != FL_STATUS) {
1749 map_write(map, CMD(0x70), cmd_adr);
1750 chip->state = FL_STATUS;
1751 }
1752 status = map_read(map, cmd_adr);
1753 if (map_word_bitsset(map, status, CMD(0x30))) {
1754 xip_enable(map, chip, cmd_adr);
1755 printk(KERN_WARNING "SR.4 or SR.5 bits set in buffer write (status %lx). Clearing.\n", status.x[0]);
1756 xip_disable(map, chip, cmd_adr);
1757 map_write(map, CMD(0x50), cmd_adr);
1758 map_write(map, CMD(0x70), cmd_adr);
1759 }
1760
1761 chip->state = FL_WRITING_TO_BUFFER;
1762 map_write(map, write_cmd, cmd_adr);
1763 ret = WAIT_TIMEOUT(map, chip, cmd_adr, 0, 0);
1764 if (ret) {
1765 /* Argh. Not ready for write to buffer */
1766 map_word Xstatus = map_read(map, cmd_adr);
1767 map_write(map, CMD(0x70), cmd_adr);
1768 chip->state = FL_STATUS;
1769 status = map_read(map, cmd_adr);
1770 map_write(map, CMD(0x50), cmd_adr);
1771 map_write(map, CMD(0x70), cmd_adr);
1772 xip_enable(map, chip, cmd_adr);
1773 printk(KERN_ERR "%s: Chip not ready for buffer write. Xstatus = %lx, status = %lx\n",
1774 map->name, Xstatus.x[0], status.x[0]);
1775 goto out;
1776 }
1777
1778 /* Figure out the number of words to write */
1779 word_gap = (-adr & (map_bankwidth(map)-1));
1780 words = DIV_ROUND_UP(len - word_gap, map_bankwidth(map));
1781 if (!word_gap) {
1782 words--;
1783 } else {
1784 word_gap = map_bankwidth(map) - word_gap;
1785 adr -= word_gap;
1786 datum = map_word_ff(map);
1787 }
1788
1789 /* Write length of data to come */
1790 map_write(map, CMD(words), cmd_adr );
1791
1792 /* Write data */
1793 vec = *pvec;
1794 vec_seek = *pvec_seek;
1795 do {
1796 int n = map_bankwidth(map) - word_gap;
1797 if (n > vec->iov_len - vec_seek)
1798 n = vec->iov_len - vec_seek;
1799 if (n > len)
1800 n = len;
1801
1802 if (!word_gap && len < map_bankwidth(map))
1803 datum = map_word_ff(map);
1804
1805 datum = map_word_load_partial(map, datum,
1806 vec->iov_base + vec_seek,
1807 word_gap, n);
1808
1809 len -= n;
1810 word_gap += n;
1811 if (!len || word_gap == map_bankwidth(map)) {
1812 map_write(map, datum, adr);
1813 adr += map_bankwidth(map);
1814 word_gap = 0;
1815 }
1816
1817 vec_seek += n;
1818 if (vec_seek == vec->iov_len) {
1819 vec++;
1820 vec_seek = 0;
1821 }
1822 } while (len);
1823 *pvec = vec;
1824 *pvec_seek = vec_seek;
1825
1826 /* GO GO GO */
1827 map_write(map, CMD(0xd0), cmd_adr);
1828 chip->state = FL_WRITING;
1829
1830 ret = INVAL_CACHE_AND_WAIT(map, chip, cmd_adr,
1831 initial_adr, initial_len,
1832 chip->buffer_write_time,
1833 chip->buffer_write_time_max);
1834 if (ret) {
1835 map_write(map, CMD(0x70), cmd_adr);
1836 chip->state = FL_STATUS;
1837 xip_enable(map, chip, cmd_adr);
1838 printk(KERN_ERR "%s: buffer write error (status timeout)\n", map->name);
1839 goto out;
1840 }
1841
1842 /* check for errors */
1843 status = map_read(map, cmd_adr);
1844 if (map_word_bitsset(map, status, CMD(0x1a))) {
1845 unsigned long chipstatus = MERGESTATUS(status);
1846
1847 /* reset status */
1848 map_write(map, CMD(0x50), cmd_adr);
1849 map_write(map, CMD(0x70), cmd_adr);
1850 xip_enable(map, chip, cmd_adr);
1851
1852 if (chipstatus & 0x02) {
1853 ret = -EROFS;
1854 } else if (chipstatus & 0x08) {
1855 printk(KERN_ERR "%s: buffer write error (bad VPP)\n", map->name);
1856 ret = -EIO;
1857 } else {
1858 printk(KERN_ERR "%s: buffer write error (status 0x%lx)\n", map->name, chipstatus);
1859 ret = -EINVAL;
1860 }
1861
1862 goto out;
1863 }
1864
1865 xip_enable(map, chip, cmd_adr);
1866 out: DISABLE_VPP(map);
1867 put_chip(map, chip, cmd_adr);
1868 mutex_unlock(&chip->mutex);
1869 return ret;
1870}
1871
1872static int cfi_intelext_writev (struct mtd_info *mtd, const struct kvec *vecs,
1873 unsigned long count, loff_t to, size_t *retlen)
1874{
1875 struct map_info *map = mtd->priv;
1876 struct cfi_private *cfi = map->fldrv_priv;
1877 int wbufsize = cfi_interleave(cfi) << cfi->cfiq->MaxBufWriteSize;
1878 int ret;
1879 int chipnum;
1880 unsigned long ofs, vec_seek, i;
1881 size_t len = 0;
1882
1883 for (i = 0; i < count; i++)
1884 len += vecs[i].iov_len;
1885
1886 if (!len)
1887 return 0;
1888
1889 chipnum = to >> cfi->chipshift;
1890 ofs = to - (chipnum << cfi->chipshift);
1891 vec_seek = 0;
1892
1893 do {
1894 /* We must not cross write block boundaries */
1895 int size = wbufsize - (ofs & (wbufsize-1));
1896
1897 if (size > len)
1898 size = len;
1899 ret = do_write_buffer(map, &cfi->chips[chipnum],
1900 ofs, &vecs, &vec_seek, size);
1901 if (ret)
1902 return ret;
1903
1904 ofs += size;
1905 (*retlen) += size;
1906 len -= size;
1907
1908 if (ofs >> cfi->chipshift) {
1909 chipnum ++;
1910 ofs = 0;
1911 if (chipnum == cfi->numchips)
1912 return 0;
1913 }
1914
1915 /* Be nice and reschedule with the chip in a usable state for other
1916 processes. */
1917 cond_resched();
1918
1919 } while (len);
1920
1921 return 0;
1922}
1923
1924static int cfi_intelext_write_buffers (struct mtd_info *mtd, loff_t to,
1925 size_t len, size_t *retlen, const u_char *buf)
1926{
1927 struct kvec vec;
1928
1929 vec.iov_base = (void *) buf;
1930 vec.iov_len = len;
1931
1932 return cfi_intelext_writev(mtd, &vec, 1, to, retlen);
1933}
1934
1935static int __xipram do_erase_oneblock(struct map_info *map, struct flchip *chip,
1936 unsigned long adr, int len, void *thunk)
1937{
1938 struct cfi_private *cfi = map->fldrv_priv;
1939 map_word status;
1940 int retries = 3;
1941 int ret;
1942
1943 adr += chip->start;
1944
1945 retry:
1946 mutex_lock(&chip->mutex);
1947 ret = get_chip(map, chip, adr, FL_ERASING);
1948 if (ret) {
1949 mutex_unlock(&chip->mutex);
1950 return ret;
1951 }
1952
1953 XIP_INVAL_CACHED_RANGE(map, adr, len);
1954 ENABLE_VPP(map);
1955 xip_disable(map, chip, adr);
1956
1957 /* Clear the status register first */
1958 map_write(map, CMD(0x50), adr);
1959
1960 /* Now erase */
1961 map_write(map, CMD(0x20), adr);
1962 map_write(map, CMD(0xD0), adr);
1963 chip->state = FL_ERASING;
1964 chip->erase_suspended = 0;
1965 chip->in_progress_block_addr = adr;
1966 chip->in_progress_block_mask = ~(len - 1);
1967
1968 ret = INVAL_CACHE_AND_WAIT(map, chip, adr,
1969 adr, len,
1970 chip->erase_time,
1971 chip->erase_time_max);
1972 if (ret) {
1973 map_write(map, CMD(0x70), adr);
1974 chip->state = FL_STATUS;
1975 xip_enable(map, chip, adr);
1976 printk(KERN_ERR "%s: block erase error: (status timeout)\n", map->name);
1977 goto out;
1978 }
1979
1980 /* We've broken this before. It doesn't hurt to be safe */
1981 map_write(map, CMD(0x70), adr);
1982 chip->state = FL_STATUS;
1983 status = map_read(map, adr);
1984
1985 /* check for errors */
1986 if (map_word_bitsset(map, status, CMD(0x3a))) {
1987 unsigned long chipstatus = MERGESTATUS(status);
1988
1989 /* Reset the error bits */
1990 map_write(map, CMD(0x50), adr);
1991 map_write(map, CMD(0x70), adr);
1992 xip_enable(map, chip, adr);
1993
1994 if ((chipstatus & 0x30) == 0x30) {
1995 printk(KERN_ERR "%s: block erase error: (bad command sequence, status 0x%lx)\n", map->name, chipstatus);
1996 ret = -EINVAL;
1997 } else if (chipstatus & 0x02) {
1998 /* Protection bit set */
1999 ret = -EROFS;
2000 } else if (chipstatus & 0x8) {
2001 /* Voltage */
2002 printk(KERN_ERR "%s: block erase error: (bad VPP)\n", map->name);
2003 ret = -EIO;
2004 } else if (chipstatus & 0x20 && retries--) {
2005 printk(KERN_DEBUG "block erase failed at 0x%08lx: status 0x%lx. Retrying...\n", adr, chipstatus);
2006 DISABLE_VPP(map);
2007 put_chip(map, chip, adr);
2008 mutex_unlock(&chip->mutex);
2009 goto retry;
2010 } else {
2011 printk(KERN_ERR "%s: block erase failed at 0x%08lx (status 0x%lx)\n", map->name, adr, chipstatus);
2012 ret = -EIO;
2013 }
2014
2015 goto out;
2016 }
2017
2018 xip_enable(map, chip, adr);
2019 out: DISABLE_VPP(map);
2020 put_chip(map, chip, adr);
2021 mutex_unlock(&chip->mutex);
2022 return ret;
2023}
2024
2025static int cfi_intelext_erase_varsize(struct mtd_info *mtd, struct erase_info *instr)
2026{
2027 return cfi_varsize_frob(mtd, do_erase_oneblock, instr->addr,
2028 instr->len, NULL);
2029}
2030
2031static void cfi_intelext_sync (struct mtd_info *mtd)
2032{
2033 struct map_info *map = mtd->priv;
2034 struct cfi_private *cfi = map->fldrv_priv;
2035 int i;
2036 struct flchip *chip;
2037 int ret = 0;
2038
2039 for (i=0; !ret && i<cfi->numchips; i++) {
2040 chip = &cfi->chips[i];
2041
2042 mutex_lock(&chip->mutex);
2043 ret = get_chip(map, chip, chip->start, FL_SYNCING);
2044
2045 if (!ret) {
2046 chip->oldstate = chip->state;
2047 chip->state = FL_SYNCING;
2048 /* No need to wake_up() on this state change -
2049 * as the whole point is that nobody can do anything
2050 * with the chip now anyway.
2051 */
2052 }
2053 mutex_unlock(&chip->mutex);
2054 }
2055
2056 /* Unlock the chips again */
2057
2058 for (i--; i >=0; i--) {
2059 chip = &cfi->chips[i];
2060
2061 mutex_lock(&chip->mutex);
2062
2063 if (chip->state == FL_SYNCING) {
2064 chip->state = chip->oldstate;
2065 chip->oldstate = FL_READY;
2066 wake_up(&chip->wq);
2067 }
2068 mutex_unlock(&chip->mutex);
2069 }
2070}
2071
2072static int __xipram do_getlockstatus_oneblock(struct map_info *map,
2073 struct flchip *chip,
2074 unsigned long adr,
2075 int len, void *thunk)
2076{
2077 struct cfi_private *cfi = map->fldrv_priv;
2078 int status, ofs_factor = cfi->interleave * cfi->device_type;
2079
2080 adr += chip->start;
2081 xip_disable(map, chip, adr+(2*ofs_factor));
2082 map_write(map, CMD(0x90), adr+(2*ofs_factor));
2083 chip->state = FL_JEDEC_QUERY;
2084 status = cfi_read_query(map, adr+(2*ofs_factor));
2085 xip_enable(map, chip, 0);
2086 return status;
2087}
2088
2089#ifdef DEBUG_LOCK_BITS
2090static int __xipram do_printlockstatus_oneblock(struct map_info *map,
2091 struct flchip *chip,
2092 unsigned long adr,
2093 int len, void *thunk)
2094{
2095 printk(KERN_DEBUG "block status register for 0x%08lx is %x\n",
2096 adr, do_getlockstatus_oneblock(map, chip, adr, len, thunk));
2097 return 0;
2098}
2099#endif
2100
2101#define DO_XXLOCK_ONEBLOCK_LOCK ((void *) 1)
2102#define DO_XXLOCK_ONEBLOCK_UNLOCK ((void *) 2)
2103
2104static int __xipram do_xxlock_oneblock(struct map_info *map, struct flchip *chip,
2105 unsigned long adr, int len, void *thunk)
2106{
2107 struct cfi_private *cfi = map->fldrv_priv;
2108 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
2109 int mdelay;
2110 int ret;
2111
2112 adr += chip->start;
2113
2114 mutex_lock(&chip->mutex);
2115 ret = get_chip(map, chip, adr, FL_LOCKING);
2116 if (ret) {
2117 mutex_unlock(&chip->mutex);
2118 return ret;
2119 }
2120
2121 ENABLE_VPP(map);
2122 xip_disable(map, chip, adr);
2123
2124 map_write(map, CMD(0x60), adr);
2125 if (thunk == DO_XXLOCK_ONEBLOCK_LOCK) {
2126 map_write(map, CMD(0x01), adr);
2127 chip->state = FL_LOCKING;
2128 } else if (thunk == DO_XXLOCK_ONEBLOCK_UNLOCK) {
2129 map_write(map, CMD(0xD0), adr);
2130 chip->state = FL_UNLOCKING;
2131 } else
2132 BUG();
2133
2134 /*
2135 * If Instant Individual Block Locking supported then no need
2136 * to delay.
2137 */
2138 /*
2139 * Unlocking may take up to 1.4 seconds on some Intel flashes. So
2140 * lets use a max of 1.5 seconds (1500ms) as timeout.
2141 *
2142 * See "Clear Block Lock-Bits Time" on page 40 in
2143 * "3 Volt Intel StrataFlash Memory" 28F128J3,28F640J3,28F320J3 manual
2144 * from February 2003
2145 */
2146 mdelay = (!extp || !(extp->FeatureSupport & (1 << 5))) ? 1500 : 0;
2147
2148 ret = WAIT_TIMEOUT(map, chip, adr, mdelay, mdelay * 1000);
2149 if (ret) {
2150 map_write(map, CMD(0x70), adr);
2151 chip->state = FL_STATUS;
2152 xip_enable(map, chip, adr);
2153 printk(KERN_ERR "%s: block unlock error: (status timeout)\n", map->name);
2154 goto out;
2155 }
2156
2157 xip_enable(map, chip, adr);
2158 out: DISABLE_VPP(map);
2159 put_chip(map, chip, adr);
2160 mutex_unlock(&chip->mutex);
2161 return ret;
2162}
2163
2164static int cfi_intelext_lock(struct mtd_info *mtd, loff_t ofs, uint64_t len)
2165{
2166 int ret;
2167
2168#ifdef DEBUG_LOCK_BITS
2169 printk(KERN_DEBUG "%s: lock status before, ofs=0x%08llx, len=0x%08X\n",
2170 __func__, ofs, len);
2171 cfi_varsize_frob(mtd, do_printlockstatus_oneblock,
2172 ofs, len, NULL);
2173#endif
2174
2175 ret = cfi_varsize_frob(mtd, do_xxlock_oneblock,
2176 ofs, len, DO_XXLOCK_ONEBLOCK_LOCK);
2177
2178#ifdef DEBUG_LOCK_BITS
2179 printk(KERN_DEBUG "%s: lock status after, ret=%d\n",
2180 __func__, ret);
2181 cfi_varsize_frob(mtd, do_printlockstatus_oneblock,
2182 ofs, len, NULL);
2183#endif
2184
2185 return ret;
2186}
2187
2188static int cfi_intelext_unlock(struct mtd_info *mtd, loff_t ofs, uint64_t len)
2189{
2190 int ret;
2191
2192#ifdef DEBUG_LOCK_BITS
2193 printk(KERN_DEBUG "%s: lock status before, ofs=0x%08llx, len=0x%08X\n",
2194 __func__, ofs, len);
2195 cfi_varsize_frob(mtd, do_printlockstatus_oneblock,
2196 ofs, len, NULL);
2197#endif
2198
2199 ret = cfi_varsize_frob(mtd, do_xxlock_oneblock,
2200 ofs, len, DO_XXLOCK_ONEBLOCK_UNLOCK);
2201
2202#ifdef DEBUG_LOCK_BITS
2203 printk(KERN_DEBUG "%s: lock status after, ret=%d\n",
2204 __func__, ret);
2205 cfi_varsize_frob(mtd, do_printlockstatus_oneblock,
2206 ofs, len, NULL);
2207#endif
2208
2209 return ret;
2210}
2211
2212static int cfi_intelext_is_locked(struct mtd_info *mtd, loff_t ofs,
2213 uint64_t len)
2214{
2215 return cfi_varsize_frob(mtd, do_getlockstatus_oneblock,
2216 ofs, len, NULL) ? 1 : 0;
2217}
2218
2219#ifdef CONFIG_MTD_OTP
2220
2221typedef int (*otp_op_t)(struct map_info *map, struct flchip *chip,
2222 u_long data_offset, u_char *buf, u_int size,
2223 u_long prot_offset, u_int groupno, u_int groupsize);
2224
2225static int __xipram
2226do_otp_read(struct map_info *map, struct flchip *chip, u_long offset,
2227 u_char *buf, u_int size, u_long prot, u_int grpno, u_int grpsz)
2228{
2229 struct cfi_private *cfi = map->fldrv_priv;
2230 int ret;
2231
2232 mutex_lock(&chip->mutex);
2233 ret = get_chip(map, chip, chip->start, FL_JEDEC_QUERY);
2234 if (ret) {
2235 mutex_unlock(&chip->mutex);
2236 return ret;
2237 }
2238
2239 /* let's ensure we're not reading back cached data from array mode */
2240 INVALIDATE_CACHED_RANGE(map, chip->start + offset, size);
2241
2242 xip_disable(map, chip, chip->start);
2243 if (chip->state != FL_JEDEC_QUERY) {
2244 map_write(map, CMD(0x90), chip->start);
2245 chip->state = FL_JEDEC_QUERY;
2246 }
2247 map_copy_from(map, buf, chip->start + offset, size);
2248 xip_enable(map, chip, chip->start);
2249
2250 /* then ensure we don't keep OTP data in the cache */
2251 INVALIDATE_CACHED_RANGE(map, chip->start + offset, size);
2252
2253 put_chip(map, chip, chip->start);
2254 mutex_unlock(&chip->mutex);
2255 return 0;
2256}
2257
2258static int
2259do_otp_write(struct map_info *map, struct flchip *chip, u_long offset,
2260 u_char *buf, u_int size, u_long prot, u_int grpno, u_int grpsz)
2261{
2262 int ret;
2263
2264 while (size) {
2265 unsigned long bus_ofs = offset & ~(map_bankwidth(map)-1);
2266 int gap = offset - bus_ofs;
2267 int n = min_t(int, size, map_bankwidth(map)-gap);
2268 map_word datum = map_word_ff(map);
2269
2270 datum = map_word_load_partial(map, datum, buf, gap, n);
2271 ret = do_write_oneword(map, chip, bus_ofs, datum, FL_OTP_WRITE);
2272 if (ret)
2273 return ret;
2274
2275 offset += n;
2276 buf += n;
2277 size -= n;
2278 }
2279
2280 return 0;
2281}
2282
2283static int
2284do_otp_lock(struct map_info *map, struct flchip *chip, u_long offset,
2285 u_char *buf, u_int size, u_long prot, u_int grpno, u_int grpsz)
2286{
2287 struct cfi_private *cfi = map->fldrv_priv;
2288 map_word datum;
2289
2290 /* make sure area matches group boundaries */
2291 if (size != grpsz)
2292 return -EXDEV;
2293
2294 datum = map_word_ff(map);
2295 datum = map_word_clr(map, datum, CMD(1 << grpno));
2296 return do_write_oneword(map, chip, prot, datum, FL_OTP_WRITE);
2297}
2298
2299static int cfi_intelext_otp_walk(struct mtd_info *mtd, loff_t from, size_t len,
2300 size_t *retlen, u_char *buf,
2301 otp_op_t action, int user_regs)
2302{
2303 struct map_info *map = mtd->priv;
2304 struct cfi_private *cfi = map->fldrv_priv;
2305 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
2306 struct flchip *chip;
2307 struct cfi_intelext_otpinfo *otp;
2308 u_long devsize, reg_prot_offset, data_offset;
2309 u_int chip_num, chip_step, field, reg_fact_size, reg_user_size;
2310 u_int groups, groupno, groupsize, reg_fact_groups, reg_user_groups;
2311 int ret;
2312
2313 *retlen = 0;
2314
2315 /* Check that we actually have some OTP registers */
2316 if (!extp || !(extp->FeatureSupport & 64) || !extp->NumProtectionFields)
2317 return -ENODATA;
2318
2319 /* we need real chips here not virtual ones */
2320 devsize = (1 << cfi->cfiq->DevSize) * cfi->interleave;
2321 chip_step = devsize >> cfi->chipshift;
2322 chip_num = 0;
2323
2324 /* Some chips have OTP located in the _top_ partition only.
2325 For example: Intel 28F256L18T (T means top-parameter device) */
2326 if (cfi->mfr == CFI_MFR_INTEL) {
2327 switch (cfi->id) {
2328 case 0x880b:
2329 case 0x880c:
2330 case 0x880d:
2331 chip_num = chip_step - 1;
2332 }
2333 }
2334
2335 for ( ; chip_num < cfi->numchips; chip_num += chip_step) {
2336 chip = &cfi->chips[chip_num];
2337 otp = (struct cfi_intelext_otpinfo *)&extp->extra[0];
2338
2339 /* first OTP region */
2340 field = 0;
2341 reg_prot_offset = extp->ProtRegAddr;
2342 reg_fact_groups = 1;
2343 reg_fact_size = 1 << extp->FactProtRegSize;
2344 reg_user_groups = 1;
2345 reg_user_size = 1 << extp->UserProtRegSize;
2346
2347 while (len > 0) {
2348 /* flash geometry fixup */
2349 data_offset = reg_prot_offset + 1;
2350 data_offset *= cfi->interleave * cfi->device_type;
2351 reg_prot_offset *= cfi->interleave * cfi->device_type;
2352 reg_fact_size *= cfi->interleave;
2353 reg_user_size *= cfi->interleave;
2354
2355 if (user_regs) {
2356 groups = reg_user_groups;
2357 groupsize = reg_user_size;
2358 /* skip over factory reg area */
2359 groupno = reg_fact_groups;
2360 data_offset += reg_fact_groups * reg_fact_size;
2361 } else {
2362 groups = reg_fact_groups;
2363 groupsize = reg_fact_size;
2364 groupno = 0;
2365 }
2366
2367 while (len > 0 && groups > 0) {
2368 if (!action) {
2369 /*
2370 * Special case: if action is NULL
2371 * we fill buf with otp_info records.
2372 */
2373 struct otp_info *otpinfo;
2374 map_word lockword;
2375 len -= sizeof(struct otp_info);
2376 if (len <= 0)
2377 return -ENOSPC;
2378 ret = do_otp_read(map, chip,
2379 reg_prot_offset,
2380 (u_char *)&lockword,
2381 map_bankwidth(map),
2382 0, 0, 0);
2383 if (ret)
2384 return ret;
2385 otpinfo = (struct otp_info *)buf;
2386 otpinfo->start = from;
2387 otpinfo->length = groupsize;
2388 otpinfo->locked =
2389 !map_word_bitsset(map, lockword,
2390 CMD(1 << groupno));
2391 from += groupsize;
2392 buf += sizeof(*otpinfo);
2393 *retlen += sizeof(*otpinfo);
2394 } else if (from >= groupsize) {
2395 from -= groupsize;
2396 data_offset += groupsize;
2397 } else {
2398 int size = groupsize;
2399 data_offset += from;
2400 size -= from;
2401 from = 0;
2402 if (size > len)
2403 size = len;
2404 ret = action(map, chip, data_offset,
2405 buf, size, reg_prot_offset,
2406 groupno, groupsize);
2407 if (ret < 0)
2408 return ret;
2409 buf += size;
2410 len -= size;
2411 *retlen += size;
2412 data_offset += size;
2413 }
2414 groupno++;
2415 groups--;
2416 }
2417
2418 /* next OTP region */
2419 if (++field == extp->NumProtectionFields)
2420 break;
2421 reg_prot_offset = otp->ProtRegAddr;
2422 reg_fact_groups = otp->FactGroups;
2423 reg_fact_size = 1 << otp->FactProtRegSize;
2424 reg_user_groups = otp->UserGroups;
2425 reg_user_size = 1 << otp->UserProtRegSize;
2426 otp++;
2427 }
2428 }
2429
2430 return 0;
2431}
2432
2433static int cfi_intelext_read_fact_prot_reg(struct mtd_info *mtd, loff_t from,
2434 size_t len, size_t *retlen,
2435 u_char *buf)
2436{
2437 return cfi_intelext_otp_walk(mtd, from, len, retlen,
2438 buf, do_otp_read, 0);
2439}
2440
2441static int cfi_intelext_read_user_prot_reg(struct mtd_info *mtd, loff_t from,
2442 size_t len, size_t *retlen,
2443 u_char *buf)
2444{
2445 return cfi_intelext_otp_walk(mtd, from, len, retlen,
2446 buf, do_otp_read, 1);
2447}
2448
2449static int cfi_intelext_write_user_prot_reg(struct mtd_info *mtd, loff_t from,
2450 size_t len, size_t *retlen,
2451 const u_char *buf)
2452{
2453 return cfi_intelext_otp_walk(mtd, from, len, retlen,
2454 (u_char *)buf, do_otp_write, 1);
2455}
2456
2457static int cfi_intelext_lock_user_prot_reg(struct mtd_info *mtd,
2458 loff_t from, size_t len)
2459{
2460 size_t retlen;
2461 return cfi_intelext_otp_walk(mtd, from, len, &retlen,
2462 NULL, do_otp_lock, 1);
2463}
2464
2465static int cfi_intelext_get_fact_prot_info(struct mtd_info *mtd, size_t len,
2466 size_t *retlen, struct otp_info *buf)
2467
2468{
2469 return cfi_intelext_otp_walk(mtd, 0, len, retlen, (u_char *)buf,
2470 NULL, 0);
2471}
2472
2473static int cfi_intelext_get_user_prot_info(struct mtd_info *mtd, size_t len,
2474 size_t *retlen, struct otp_info *buf)
2475{
2476 return cfi_intelext_otp_walk(mtd, 0, len, retlen, (u_char *)buf,
2477 NULL, 1);
2478}
2479
2480#endif
2481
2482static void cfi_intelext_save_locks(struct mtd_info *mtd)
2483{
2484 struct mtd_erase_region_info *region;
2485 int block, status, i;
2486 unsigned long adr;
2487 size_t len;
2488
2489 for (i = 0; i < mtd->numeraseregions; i++) {
2490 region = &mtd->eraseregions[i];
2491 if (!region->lockmap)
2492 continue;
2493
2494 for (block = 0; block < region->numblocks; block++){
2495 len = region->erasesize;
2496 adr = region->offset + block * len;
2497
2498 status = cfi_varsize_frob(mtd,
2499 do_getlockstatus_oneblock, adr, len, NULL);
2500 if (status)
2501 set_bit(block, region->lockmap);
2502 else
2503 clear_bit(block, region->lockmap);
2504 }
2505 }
2506}
2507
2508static int cfi_intelext_suspend(struct mtd_info *mtd)
2509{
2510 struct map_info *map = mtd->priv;
2511 struct cfi_private *cfi = map->fldrv_priv;
2512 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
2513 int i;
2514 struct flchip *chip;
2515 int ret = 0;
2516
2517 if ((mtd->flags & MTD_POWERUP_LOCK)
2518 && extp && (extp->FeatureSupport & (1 << 5)))
2519 cfi_intelext_save_locks(mtd);
2520
2521 for (i=0; !ret && i<cfi->numchips; i++) {
2522 chip = &cfi->chips[i];
2523
2524 mutex_lock(&chip->mutex);
2525
2526 switch (chip->state) {
2527 case FL_READY:
2528 case FL_STATUS:
2529 case FL_CFI_QUERY:
2530 case FL_JEDEC_QUERY:
2531 if (chip->oldstate == FL_READY) {
2532 /* place the chip in a known state before suspend */
2533 map_write(map, CMD(0xFF), cfi->chips[i].start);
2534 chip->oldstate = chip->state;
2535 chip->state = FL_PM_SUSPENDED;
2536 /* No need to wake_up() on this state change -
2537 * as the whole point is that nobody can do anything
2538 * with the chip now anyway.
2539 */
2540 } else {
2541 /* There seems to be an operation pending. We must wait for it. */
2542 printk(KERN_NOTICE "Flash device refused suspend due to pending operation (oldstate %d)\n", chip->oldstate);
2543 ret = -EAGAIN;
2544 }
2545 break;
2546 default:
2547 /* Should we actually wait? Once upon a time these routines weren't
2548 allowed to. Or should we return -EAGAIN, because the upper layers
2549 ought to have already shut down anything which was using the device
2550 anyway? The latter for now. */
2551 printk(KERN_NOTICE "Flash device refused suspend due to active operation (state %d)\n", chip->state);
2552 ret = -EAGAIN;
2553 break;
2554 case FL_PM_SUSPENDED:
2555 break;
2556 }
2557 mutex_unlock(&chip->mutex);
2558 }
2559
2560 /* Unlock the chips again */
2561
2562 if (ret) {
2563 for (i--; i >=0; i--) {
2564 chip = &cfi->chips[i];
2565
2566 mutex_lock(&chip->mutex);
2567
2568 if (chip->state == FL_PM_SUSPENDED) {
2569 /* No need to force it into a known state here,
2570 because we're returning failure, and it didn't
2571 get power cycled */
2572 chip->state = chip->oldstate;
2573 chip->oldstate = FL_READY;
2574 wake_up(&chip->wq);
2575 }
2576 mutex_unlock(&chip->mutex);
2577 }
2578 }
2579
2580 return ret;
2581}
2582
2583static void cfi_intelext_restore_locks(struct mtd_info *mtd)
2584{
2585 struct mtd_erase_region_info *region;
2586 int block, i;
2587 unsigned long adr;
2588 size_t len;
2589
2590 for (i = 0; i < mtd->numeraseregions; i++) {
2591 region = &mtd->eraseregions[i];
2592 if (!region->lockmap)
2593 continue;
2594
2595 for_each_clear_bit(block, region->lockmap, region->numblocks) {
2596 len = region->erasesize;
2597 adr = region->offset + block * len;
2598 cfi_intelext_unlock(mtd, adr, len);
2599 }
2600 }
2601}
2602
2603static void cfi_intelext_resume(struct mtd_info *mtd)
2604{
2605 struct map_info *map = mtd->priv;
2606 struct cfi_private *cfi = map->fldrv_priv;
2607 struct cfi_pri_intelext *extp = cfi->cmdset_priv;
2608 int i;
2609 struct flchip *chip;
2610
2611 for (i=0; i<cfi->numchips; i++) {
2612
2613 chip = &cfi->chips[i];
2614
2615 mutex_lock(&chip->mutex);
2616
2617 /* Go to known state. Chip may have been power cycled */
2618 if (chip->state == FL_PM_SUSPENDED) {
2619 /* Refresh LH28F640BF Partition Config. Register */
2620 fixup_LH28F640BF(mtd);
2621 map_write(map, CMD(0xFF), cfi->chips[i].start);
2622 chip->oldstate = chip->state = FL_READY;
2623 wake_up(&chip->wq);
2624 }
2625
2626 mutex_unlock(&chip->mutex);
2627 }
2628
2629 if ((mtd->flags & MTD_POWERUP_LOCK)
2630 && extp && (extp->FeatureSupport & (1 << 5)))
2631 cfi_intelext_restore_locks(mtd);
2632}
2633
2634static int cfi_intelext_reset(struct mtd_info *mtd)
2635{
2636 struct map_info *map = mtd->priv;
2637 struct cfi_private *cfi = map->fldrv_priv;
2638 int i, ret;
2639
2640 for (i=0; i < cfi->numchips; i++) {
2641 struct flchip *chip = &cfi->chips[i];
2642
2643 /* force the completion of any ongoing operation
2644 and switch to array mode so any bootloader in
2645 flash is accessible for soft reboot. */
2646 mutex_lock(&chip->mutex);
2647 ret = get_chip(map, chip, chip->start, FL_SHUTDOWN);
2648 if (!ret) {
2649 map_write(map, CMD(0xff), chip->start);
2650 chip->state = FL_SHUTDOWN;
2651 put_chip(map, chip, chip->start);
2652 }
2653 mutex_unlock(&chip->mutex);
2654 }
2655
2656 return 0;
2657}
2658
2659static int cfi_intelext_reboot(struct notifier_block *nb, unsigned long val,
2660 void *v)
2661{
2662 struct mtd_info *mtd;
2663
2664 mtd = container_of(nb, struct mtd_info, reboot_notifier);
2665 cfi_intelext_reset(mtd);
2666 return NOTIFY_DONE;
2667}
2668
2669static void cfi_intelext_destroy(struct mtd_info *mtd)
2670{
2671 struct map_info *map = mtd->priv;
2672 struct cfi_private *cfi = map->fldrv_priv;
2673 struct mtd_erase_region_info *region;
2674 int i;
2675 cfi_intelext_reset(mtd);
2676 unregister_reboot_notifier(&mtd->reboot_notifier);
2677 kfree(cfi->cmdset_priv);
2678 kfree(cfi->cfiq);
2679 kfree(cfi->chips[0].priv);
2680 kfree(cfi);
2681 for (i = 0; i < mtd->numeraseregions; i++) {
2682 region = &mtd->eraseregions[i];
2683 kfree(region->lockmap);
2684 }
2685 kfree(mtd->eraseregions);
2686}
2687
2688MODULE_LICENSE("GPL");
2689MODULE_AUTHOR("David Woodhouse <dwmw2@infradead.org> et al.");
2690MODULE_DESCRIPTION("MTD chip driver for Intel/Sharp flash chips");
2691MODULE_ALIAS("cfi_cmdset_0003");
2692MODULE_ALIAS("cfi_cmdset_0200");