qemu-e2k/hw/nvram/nrf51_nvm.c

402 lines
11 KiB
C
Raw Normal View History

/*
* Nordic Semiconductor nRF51 non-volatile memory
*
* It provides an interface to erase regions in flash memory.
* Furthermore it provides the user and factory information registers.
*
* Reference Manual: http://infocenter.nordicsemi.com/pdf/nRF51_RM_v3.0.pdf
*
* See nRF51 reference manual and product sheet sections:
* + Non-Volatile Memory Controller (NVMC)
* + Factory Information Configuration Registers (FICR)
* + User Information Configuration Registers (UICR)
*
* Copyright 2018 Steffen Görtz <contrib@steffen-goertz.de>
*
* This code is licensed under the GPL version 2 or later. See
* the COPYING file in the top-level directory.
*/
#include "qemu/osdep.h"
#include "qapi/error.h"
#include "qemu/log.h"
#include "qemu/module.h"
#include "exec/address-spaces.h"
#include "hw/arm/nrf51.h"
#include "hw/nvram/nrf51_nvm.h"
#include "hw/qdev-properties.h"
#include "migration/vmstate.h"
/*
* FICR Registers Assignments
* CODEPAGESIZE 0x010
* CODESIZE 0x014
* CLENR0 0x028
* PPFC 0x02C
* NUMRAMBLOCK 0x034
* SIZERAMBLOCKS 0x038
* SIZERAMBLOCK[0] 0x038
* SIZERAMBLOCK[1] 0x03C
* SIZERAMBLOCK[2] 0x040
* SIZERAMBLOCK[3] 0x044
* CONFIGID 0x05C
* DEVICEID[0] 0x060
* DEVICEID[1] 0x064
* ER[0] 0x080
* ER[1] 0x084
* ER[2] 0x088
* ER[3] 0x08C
* IR[0] 0x090
* IR[1] 0x094
* IR[2] 0x098
* IR[3] 0x09C
* DEVICEADDRTYPE 0x0A0
* DEVICEADDR[0] 0x0A4
* DEVICEADDR[1] 0x0A8
* OVERRIDEEN 0x0AC
* NRF_1MBIT[0] 0x0B0
* NRF_1MBIT[1] 0x0B4
* NRF_1MBIT[2] 0x0B8
* NRF_1MBIT[3] 0x0BC
* NRF_1MBIT[4] 0x0C0
* BLE_1MBIT[0] 0x0EC
* BLE_1MBIT[1] 0x0F0
* BLE_1MBIT[2] 0x0F4
* BLE_1MBIT[3] 0x0F8
* BLE_1MBIT[4] 0x0FC
*/
static const uint32_t ficr_content[64] = {
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000400,
0x00000100, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000002, 0x00002000,
0x00002000, 0x00002000, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000003,
0x12345678, 0x9ABCDEF1, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF
};
static uint64_t ficr_read(void *opaque, hwaddr offset, unsigned int size)
{
assert(offset < sizeof(ficr_content));
return ficr_content[offset / 4];
}
static void ficr_write(void *opaque, hwaddr offset, uint64_t value,
unsigned int size)
{
/* Intentionally do nothing */
}
static const MemoryRegionOps ficr_ops = {
.read = ficr_read,
.write = ficr_write,
.impl.min_access_size = 4,
.impl.max_access_size = 4,
.endianness = DEVICE_LITTLE_ENDIAN
};
/*
* UICR Registers Assignments
* CLENR0 0x000
* RBPCONF 0x004
* XTALFREQ 0x008
* FWID 0x010
* BOOTLOADERADDR 0x014
* NRFFW[0] 0x014
* NRFFW[1] 0x018
* NRFFW[2] 0x01C
* NRFFW[3] 0x020
* NRFFW[4] 0x024
* NRFFW[5] 0x028
* NRFFW[6] 0x02C
* NRFFW[7] 0x030
* NRFFW[8] 0x034
* NRFFW[9] 0x038
* NRFFW[10] 0x03C
* NRFFW[11] 0x040
* NRFFW[12] 0x044
* NRFFW[13] 0x048
* NRFFW[14] 0x04C
* NRFHW[0] 0x050
* NRFHW[1] 0x054
* NRFHW[2] 0x058
* NRFHW[3] 0x05C
* NRFHW[4] 0x060
* NRFHW[5] 0x064
* NRFHW[6] 0x068
* NRFHW[7] 0x06C
* NRFHW[8] 0x070
* NRFHW[9] 0x074
* NRFHW[10] 0x078
* NRFHW[11] 0x07C
* CUSTOMER[0] 0x080
* CUSTOMER[1] 0x084
* CUSTOMER[2] 0x088
* CUSTOMER[3] 0x08C
* CUSTOMER[4] 0x090
* CUSTOMER[5] 0x094
* CUSTOMER[6] 0x098
* CUSTOMER[7] 0x09C
* CUSTOMER[8] 0x0A0
* CUSTOMER[9] 0x0A4
* CUSTOMER[10] 0x0A8
* CUSTOMER[11] 0x0AC
* CUSTOMER[12] 0x0B0
* CUSTOMER[13] 0x0B4
* CUSTOMER[14] 0x0B8
* CUSTOMER[15] 0x0BC
* CUSTOMER[16] 0x0C0
* CUSTOMER[17] 0x0C4
* CUSTOMER[18] 0x0C8
* CUSTOMER[19] 0x0CC
* CUSTOMER[20] 0x0D0
* CUSTOMER[21] 0x0D4
* CUSTOMER[22] 0x0D8
* CUSTOMER[23] 0x0DC
* CUSTOMER[24] 0x0E0
* CUSTOMER[25] 0x0E4
* CUSTOMER[26] 0x0E8
* CUSTOMER[27] 0x0EC
* CUSTOMER[28] 0x0F0
* CUSTOMER[29] 0x0F4
* CUSTOMER[30] 0x0F8
* CUSTOMER[31] 0x0FC
*/
static uint64_t uicr_read(void *opaque, hwaddr offset, unsigned int size)
{
NRF51NVMState *s = NRF51_NVM(opaque);
assert(offset < sizeof(s->uicr_content));
return s->uicr_content[offset / 4];
}
static void uicr_write(void *opaque, hwaddr offset, uint64_t value,
unsigned int size)
{
NRF51NVMState *s = NRF51_NVM(opaque);
assert(offset < sizeof(s->uicr_content));
s->uicr_content[offset / 4] = value;
}
static const MemoryRegionOps uicr_ops = {
.read = uicr_read,
.write = uicr_write,
.impl.min_access_size = 4,
.impl.max_access_size = 4,
.endianness = DEVICE_LITTLE_ENDIAN
};
static uint64_t io_read(void *opaque, hwaddr offset, unsigned int size)
{
NRF51NVMState *s = NRF51_NVM(opaque);
uint64_t r = 0;
switch (offset) {
case NRF51_NVMC_READY:
r = NRF51_NVMC_READY_READY;
break;
case NRF51_NVMC_CONFIG:
r = s->config;
break;
default:
qemu_log_mask(LOG_GUEST_ERROR,
"%s: bad read offset 0x%" HWADDR_PRIx "\n", __func__, offset);
break;
}
return r;
}
static void io_write(void *opaque, hwaddr offset, uint64_t value,
unsigned int size)
{
NRF51NVMState *s = NRF51_NVM(opaque);
switch (offset) {
case NRF51_NVMC_CONFIG:
s->config = value & NRF51_NVMC_CONFIG_MASK;
break;
case NRF51_NVMC_ERASEPCR0:
case NRF51_NVMC_ERASEPCR1:
if (s->config & NRF51_NVMC_CONFIG_EEN) {
/* Mask in-page sub address */
value &= ~(NRF51_PAGE_SIZE - 1);
if (value <= (s->flash_size - NRF51_PAGE_SIZE)) {
memset(s->storage + value, 0xFF, NRF51_PAGE_SIZE);
memory_region_flush_rom_device(&s->flash, value,
NRF51_PAGE_SIZE);
}
} else {
qemu_log_mask(LOG_GUEST_ERROR,
"%s: Flash erase at 0x%" HWADDR_PRIx" while flash not erasable.\n",
__func__, offset);
}
break;
case NRF51_NVMC_ERASEALL:
if (value == NRF51_NVMC_ERASE) {
if (s->config & NRF51_NVMC_CONFIG_EEN) {
memset(s->storage, 0xFF, s->flash_size);
memory_region_flush_rom_device(&s->flash, 0, s->flash_size);
memset(s->uicr_content, 0xFF, sizeof(s->uicr_content));
} else {
qemu_log_mask(LOG_GUEST_ERROR, "%s: Flash not erasable.\n",
__func__);
}
}
break;
case NRF51_NVMC_ERASEUICR:
if (value == NRF51_NVMC_ERASE) {
memset(s->uicr_content, 0xFF, sizeof(s->uicr_content));
}
break;
default:
qemu_log_mask(LOG_GUEST_ERROR,
"%s: bad write offset 0x%" HWADDR_PRIx "\n", __func__, offset);
}
}
static const MemoryRegionOps io_ops = {
.read = io_read,
.write = io_write,
.impl.min_access_size = 4,
.impl.max_access_size = 4,
.endianness = DEVICE_LITTLE_ENDIAN,
};
static uint64_t flash_read(void *opaque, hwaddr offset, unsigned size)
{
/*
* This is a rom_device MemoryRegion which is always in
* romd_mode (we never put it in MMIO mode), so reads always
* go directly to RAM and never come here.
*/
g_assert_not_reached();
}
static void flash_write(void *opaque, hwaddr offset, uint64_t value,
unsigned int size)
{
NRF51NVMState *s = NRF51_NVM(opaque);
if (s->config & NRF51_NVMC_CONFIG_WEN) {
uint32_t oldval;
assert(offset + size <= s->flash_size);
/* NOR Flash only allows bits to be flipped from 1's to 0's on write */
oldval = ldl_le_p(s->storage + offset);
oldval &= value;
stl_le_p(s->storage + offset, oldval);
memory_region_flush_rom_device(&s->flash, offset, size);
} else {
qemu_log_mask(LOG_GUEST_ERROR,
"%s: Flash write 0x%" HWADDR_PRIx" while flash not writable.\n",
__func__, offset);
}
}
static const MemoryRegionOps flash_ops = {
.read = flash_read,
.write = flash_write,
.valid.min_access_size = 4,
.valid.max_access_size = 4,
.endianness = DEVICE_LITTLE_ENDIAN,
};
static void nrf51_nvm_init(Object *obj)
{
NRF51NVMState *s = NRF51_NVM(obj);
SysBusDevice *sbd = SYS_BUS_DEVICE(obj);
memory_region_init_io(&s->mmio, obj, &io_ops, s, "nrf51_soc.nvmc",
NRF51_NVMC_SIZE);
sysbus_init_mmio(sbd, &s->mmio);
memory_region_init_io(&s->ficr, obj, &ficr_ops, s, "nrf51_soc.ficr",
sizeof(ficr_content));
sysbus_init_mmio(sbd, &s->ficr);
memory_region_init_io(&s->uicr, obj, &uicr_ops, s, "nrf51_soc.uicr",
sizeof(s->uicr_content));
sysbus_init_mmio(sbd, &s->uicr);
}
static void nrf51_nvm_realize(DeviceState *dev, Error **errp)
{
NRF51NVMState *s = NRF51_NVM(dev);
Error *err = NULL;
memory_region_init_rom_device(&s->flash, OBJECT(dev), &flash_ops, s,
"nrf51_soc.flash", s->flash_size, &err);
if (err) {
error_propagate(errp, err);
return;
}
s->storage = memory_region_get_ram_ptr(&s->flash);
sysbus_init_mmio(SYS_BUS_DEVICE(dev), &s->flash);
}
static void nrf51_nvm_reset(DeviceState *dev)
{
NRF51NVMState *s = NRF51_NVM(dev);
s->config = 0x00;
memset(s->uicr_content, 0xFF, sizeof(s->uicr_content));
}
static Property nrf51_nvm_properties[] = {
DEFINE_PROP_UINT32("flash-size", NRF51NVMState, flash_size, 0x40000),
DEFINE_PROP_END_OF_LIST(),
};
static const VMStateDescription vmstate_nvm = {
.name = "nrf51_soc.nvm",
.version_id = 1,
.minimum_version_id = 1,
.fields = (VMStateField[]) {
VMSTATE_UINT32_ARRAY(uicr_content, NRF51NVMState,
NRF51_UICR_FIXTURE_SIZE),
VMSTATE_UINT32(config, NRF51NVMState),
VMSTATE_END_OF_LIST()
}
};
static void nrf51_nvm_class_init(ObjectClass *klass, void *data)
{
DeviceClass *dc = DEVICE_CLASS(klass);
device_class_set_props(dc, nrf51_nvm_properties);
dc->vmsd = &vmstate_nvm;
dc->realize = nrf51_nvm_realize;
dc->reset = nrf51_nvm_reset;
}
static const TypeInfo nrf51_nvm_info = {
.name = TYPE_NRF51_NVM,
.parent = TYPE_SYS_BUS_DEVICE,
.instance_size = sizeof(NRF51NVMState),
.instance_init = nrf51_nvm_init,
.class_init = nrf51_nvm_class_init
};
static void nrf51_nvm_register_types(void)
{
type_register_static(&nrf51_nvm_info);
}
type_init(nrf51_nvm_register_types)