1 /* Driver for SanDisk SDDR-09 SmartMedia reader 2 * 3 * $Id: sddr09.c,v 1.24 2002/04/22 03:39:43 mdharm Exp $ 4 * (c) 2000, 2001 Robert Baruch (autophile@starband.net) 5 * (c) 2002 Andries Brouwer (aeb@cwi.nl) 6 * Developed with the assistance of: 7 * (c) 2002 Alan Stern <stern@rowland.org> 8 * 9 * The SanDisk SDDR-09 SmartMedia reader uses the Shuttle EUSB-01 chip. 10 * This chip is a programmable USB controller. In the SDDR-09, it has 11 * been programmed to obey a certain limited set of SCSI commands. 12 * This driver translates the "real" SCSI commands to the SDDR-09 SCSI 13 * commands. 14 * 15 * This program is free software; you can redistribute it and/or modify it 16 * under the terms of the GNU General Public License as published by the 17 * Free Software Foundation; either version 2, or (at your option) any 18 * later version. 19 * 20 * This program is distributed in the hope that it will be useful, but 21 * WITHOUT ANY WARRANTY; without even the implied warranty of 22 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 23 * General Public License for more details. 24 * 25 * You should have received a copy of the GNU General Public License along 26 * with this program; if not, write to the Free Software Foundation, Inc., 27 * 675 Mass Ave, Cambridge, MA 02139, USA. 28 */ 29 30 /* 31 * Known vendor commands: 12 bytes, first byte is opcode 32 * 33 * E7: read scatter gather 34 * E8: read 35 * E9: write 36 * EA: erase 37 * EB: reset 38 * EC: read status 39 * ED: read ID 40 * EE: write CIS (?) 41 * EF: compute checksum (?) 42 */ 43 44 #include <linux/sched.h> 45 #include <linux/errno.h> 46 #include <linux/slab.h> 47 48 #include <scsi/scsi.h> 49 #include <scsi/scsi_cmnd.h> 50 51 #include "usb.h" 52 #include "transport.h" 53 #include "protocol.h" 54 #include "debug.h" 55 #include "sddr09.h" 56 57 58 #define short_pack(lsb,msb) ( ((u16)(lsb)) | ( ((u16)(msb))<<8 ) ) 59 #define LSB_of(s) ((s)&0xFF) 60 #define MSB_of(s) ((s)>>8) 61 62 /* #define US_DEBUGP printk */ 63 64 /* 65 * First some stuff that does not belong here: 66 * data on SmartMedia and other cards, completely 67 * unrelated to this driver. 68 * Similar stuff occurs in <linux/mtd/nand_ids.h>. 69 */ 70 71 struct nand_flash_dev { 72 int model_id; 73 int chipshift; /* 1<<cs bytes total capacity */ 74 char pageshift; /* 1<<ps bytes in a page */ 75 char blockshift; /* 1<<bs pages in an erase block */ 76 char zoneshift; /* 1<<zs blocks in a zone */ 77 /* # of logical blocks is 125/128 of this */ 78 char pageadrlen; /* length of an address in bytes - 1 */ 79 }; 80 81 /* 82 * NAND Flash Manufacturer ID Codes 83 */ 84 #define NAND_MFR_AMD 0x01 85 #define NAND_MFR_NATSEMI 0x8f 86 #define NAND_MFR_TOSHIBA 0x98 87 #define NAND_MFR_SAMSUNG 0xec 88 89 static inline char *nand_flash_manufacturer(int manuf_id) { 90 switch(manuf_id) { 91 case NAND_MFR_AMD: 92 return "AMD"; 93 case NAND_MFR_NATSEMI: 94 return "NATSEMI"; 95 case NAND_MFR_TOSHIBA: 96 return "Toshiba"; 97 case NAND_MFR_SAMSUNG: 98 return "Samsung"; 99 default: 100 return "unknown"; 101 } 102 } 103 104 /* 105 * It looks like it is unnecessary to attach manufacturer to the 106 * remaining data: SSFDC prescribes manufacturer-independent id codes. 107 * 108 * 256 MB NAND flash has a 5-byte ID with 2nd byte 0xaa, 0xba, 0xca or 0xda. 109 */ 110 111 static struct nand_flash_dev nand_flash_ids[] = { 112 /* NAND flash */ 113 { 0x6e, 20, 8, 4, 8, 2}, /* 1 MB */ 114 { 0xe8, 20, 8, 4, 8, 2}, /* 1 MB */ 115 { 0xec, 20, 8, 4, 8, 2}, /* 1 MB */ 116 { 0x64, 21, 8, 4, 9, 2}, /* 2 MB */ 117 { 0xea, 21, 8, 4, 9, 2}, /* 2 MB */ 118 { 0x6b, 22, 9, 4, 9, 2}, /* 4 MB */ 119 { 0xe3, 22, 9, 4, 9, 2}, /* 4 MB */ 120 { 0xe5, 22, 9, 4, 9, 2}, /* 4 MB */ 121 { 0xe6, 23, 9, 4, 10, 2}, /* 8 MB */ 122 { 0x73, 24, 9, 5, 10, 2}, /* 16 MB */ 123 { 0x75, 25, 9, 5, 10, 2}, /* 32 MB */ 124 { 0x76, 26, 9, 5, 10, 3}, /* 64 MB */ 125 { 0x79, 27, 9, 5, 10, 3}, /* 128 MB */ 126 127 /* MASK ROM */ 128 { 0x5d, 21, 9, 4, 8, 2}, /* 2 MB */ 129 { 0xd5, 22, 9, 4, 9, 2}, /* 4 MB */ 130 { 0xd6, 23, 9, 4, 10, 2}, /* 8 MB */ 131 { 0x57, 24, 9, 4, 11, 2}, /* 16 MB */ 132 { 0x58, 25, 9, 4, 12, 2}, /* 32 MB */ 133 { 0,} 134 }; 135 136 static struct nand_flash_dev * 137 nand_find_id(unsigned char id) { 138 int i; 139 140 for (i = 0; i < ARRAY_SIZE(nand_flash_ids); i++) 141 if (nand_flash_ids[i].model_id == id) 142 return &(nand_flash_ids[i]); 143 return NULL; 144 } 145 146 /* 147 * ECC computation. 148 */ 149 static unsigned char parity[256]; 150 static unsigned char ecc2[256]; 151 152 static void nand_init_ecc(void) { 153 int i, j, a; 154 155 parity[0] = 0; 156 for (i = 1; i < 256; i++) 157 parity[i] = (parity[i&(i-1)] ^ 1); 158 159 for (i = 0; i < 256; i++) { 160 a = 0; 161 for (j = 0; j < 8; j++) { 162 if (i & (1<<j)) { 163 if ((j & 1) == 0) 164 a ^= 0x04; 165 if ((j & 2) == 0) 166 a ^= 0x10; 167 if ((j & 4) == 0) 168 a ^= 0x40; 169 } 170 } 171 ecc2[i] = ~(a ^ (a<<1) ^ (parity[i] ? 0xa8 : 0)); 172 } 173 } 174 175 /* compute 3-byte ecc on 256 bytes */ 176 static void nand_compute_ecc(unsigned char *data, unsigned char *ecc) { 177 int i, j, a; 178 unsigned char par, bit, bits[8]; 179 180 par = 0; 181 for (j = 0; j < 8; j++) 182 bits[j] = 0; 183 184 /* collect 16 checksum bits */ 185 for (i = 0; i < 256; i++) { 186 par ^= data[i]; 187 bit = parity[data[i]]; 188 for (j = 0; j < 8; j++) 189 if ((i & (1<<j)) == 0) 190 bits[j] ^= bit; 191 } 192 193 /* put 4+4+4 = 12 bits in the ecc */ 194 a = (bits[3] << 6) + (bits[2] << 4) + (bits[1] << 2) + bits[0]; 195 ecc[0] = ~(a ^ (a<<1) ^ (parity[par] ? 0xaa : 0)); 196 197 a = (bits[7] << 6) + (bits[6] << 4) + (bits[5] << 2) + bits[4]; 198 ecc[1] = ~(a ^ (a<<1) ^ (parity[par] ? 0xaa : 0)); 199 200 ecc[2] = ecc2[par]; 201 } 202 203 static int nand_compare_ecc(unsigned char *data, unsigned char *ecc) { 204 return (data[0] == ecc[0] && data[1] == ecc[1] && data[2] == ecc[2]); 205 } 206 207 static void nand_store_ecc(unsigned char *data, unsigned char *ecc) { 208 memcpy(data, ecc, 3); 209 } 210 211 /* 212 * The actual driver starts here. 213 */ 214 215 struct sddr09_card_info { 216 unsigned long capacity; /* Size of card in bytes */ 217 int pagesize; /* Size of page in bytes */ 218 int pageshift; /* log2 of pagesize */ 219 int blocksize; /* Size of block in pages */ 220 int blockshift; /* log2 of blocksize */ 221 int blockmask; /* 2^blockshift - 1 */ 222 int *lba_to_pba; /* logical to physical map */ 223 int *pba_to_lba; /* physical to logical map */ 224 int lbact; /* number of available pages */ 225 int flags; 226 #define SDDR09_WP 1 /* write protected */ 227 }; 228 229 /* 230 * On my 16MB card, control blocks have size 64 (16 real control bytes, 231 * and 48 junk bytes). In reality of course the card uses 16 control bytes, 232 * so the reader makes up the remaining 48. Don't know whether these numbers 233 * depend on the card. For now a constant. 234 */ 235 #define CONTROL_SHIFT 6 236 237 /* 238 * On my Combo CF/SM reader, the SM reader has LUN 1. 239 * (and things fail with LUN 0). 240 * It seems LUN is irrelevant for others. 241 */ 242 #define LUN 1 243 #define LUNBITS (LUN << 5) 244 245 /* 246 * LBA and PBA are unsigned ints. Special values. 247 */ 248 #define UNDEF 0xffffffff 249 #define SPARE 0xfffffffe 250 #define UNUSABLE 0xfffffffd 251 252 static const int erase_bad_lba_entries = 0; 253 254 /* send vendor interface command (0x41) */ 255 /* called for requests 0, 1, 8 */ 256 static int 257 sddr09_send_command(struct us_data *us, 258 unsigned char request, 259 unsigned char direction, 260 unsigned char *xfer_data, 261 unsigned int xfer_len) { 262 unsigned int pipe; 263 unsigned char requesttype = (0x41 | direction); 264 int rc; 265 266 // Get the receive or send control pipe number 267 268 if (direction == USB_DIR_IN) 269 pipe = us->recv_ctrl_pipe; 270 else 271 pipe = us->send_ctrl_pipe; 272 273 rc = usb_stor_ctrl_transfer(us, pipe, request, requesttype, 274 0, 0, xfer_data, xfer_len); 275 switch (rc) { 276 case USB_STOR_XFER_GOOD: return 0; 277 case USB_STOR_XFER_STALLED: return -EPIPE; 278 default: return -EIO; 279 } 280 } 281 282 static int 283 sddr09_send_scsi_command(struct us_data *us, 284 unsigned char *command, 285 unsigned int command_len) { 286 return sddr09_send_command(us, 0, USB_DIR_OUT, command, command_len); 287 } 288 289 #if 0 290 /* 291 * Test Unit Ready Command: 12 bytes. 292 * byte 0: opcode: 00 293 */ 294 static int 295 sddr09_test_unit_ready(struct us_data *us) { 296 unsigned char *command = us->iobuf; 297 int result; 298 299 memset(command, 0, 6); 300 command[1] = LUNBITS; 301 302 result = sddr09_send_scsi_command(us, command, 6); 303 304 US_DEBUGP("sddr09_test_unit_ready returns %d\n", result); 305 306 return result; 307 } 308 #endif 309 310 /* 311 * Request Sense Command: 12 bytes. 312 * byte 0: opcode: 03 313 * byte 4: data length 314 */ 315 static int 316 sddr09_request_sense(struct us_data *us, unsigned char *sensebuf, int buflen) { 317 unsigned char *command = us->iobuf; 318 int result; 319 320 memset(command, 0, 12); 321 command[0] = 0x03; 322 command[1] = LUNBITS; 323 command[4] = buflen; 324 325 result = sddr09_send_scsi_command(us, command, 12); 326 if (result) 327 return result; 328 329 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe, 330 sensebuf, buflen, NULL); 331 return (result == USB_STOR_XFER_GOOD ? 0 : -EIO); 332 } 333 334 /* 335 * Read Command: 12 bytes. 336 * byte 0: opcode: E8 337 * byte 1: last two bits: 00: read data, 01: read blockwise control, 338 * 10: read both, 11: read pagewise control. 339 * It turns out we need values 20, 21, 22, 23 here (LUN 1). 340 * bytes 2-5: address (interpretation depends on byte 1, see below) 341 * bytes 10-11: count (idem) 342 * 343 * A page has 512 data bytes and 64 control bytes (16 control and 48 junk). 344 * A read data command gets data in 512-byte pages. 345 * A read control command gets control in 64-byte chunks. 346 * A read both command gets data+control in 576-byte chunks. 347 * 348 * Blocks are groups of 32 pages, and read blockwise control jumps to the 349 * next block, while read pagewise control jumps to the next page after 350 * reading a group of 64 control bytes. 351 * [Here 512 = 1<<pageshift, 32 = 1<<blockshift, 64 is constant?] 352 * 353 * (1 MB and 2 MB cards are a bit different, but I have only a 16 MB card.) 354 */ 355 356 static int 357 sddr09_readX(struct us_data *us, int x, unsigned long fromaddress, 358 int nr_of_pages, int bulklen, unsigned char *buf, 359 int use_sg) { 360 361 unsigned char *command = us->iobuf; 362 int result; 363 364 command[0] = 0xE8; 365 command[1] = LUNBITS | x; 366 command[2] = MSB_of(fromaddress>>16); 367 command[3] = LSB_of(fromaddress>>16); 368 command[4] = MSB_of(fromaddress & 0xFFFF); 369 command[5] = LSB_of(fromaddress & 0xFFFF); 370 command[6] = 0; 371 command[7] = 0; 372 command[8] = 0; 373 command[9] = 0; 374 command[10] = MSB_of(nr_of_pages); 375 command[11] = LSB_of(nr_of_pages); 376 377 result = sddr09_send_scsi_command(us, command, 12); 378 379 if (result) { 380 US_DEBUGP("Result for send_control in sddr09_read2%d %d\n", 381 x, result); 382 return result; 383 } 384 385 result = usb_stor_bulk_transfer_sg(us, us->recv_bulk_pipe, 386 buf, bulklen, use_sg, NULL); 387 388 if (result != USB_STOR_XFER_GOOD) { 389 US_DEBUGP("Result for bulk_transfer in sddr09_read2%d %d\n", 390 x, result); 391 return -EIO; 392 } 393 return 0; 394 } 395 396 /* 397 * Read Data 398 * 399 * fromaddress counts data shorts: 400 * increasing it by 256 shifts the bytestream by 512 bytes; 401 * the last 8 bits are ignored. 402 * 403 * nr_of_pages counts pages of size (1 << pageshift). 404 */ 405 static int 406 sddr09_read20(struct us_data *us, unsigned long fromaddress, 407 int nr_of_pages, int pageshift, unsigned char *buf, int use_sg) { 408 int bulklen = nr_of_pages << pageshift; 409 410 /* The last 8 bits of fromaddress are ignored. */ 411 return sddr09_readX(us, 0, fromaddress, nr_of_pages, bulklen, 412 buf, use_sg); 413 } 414 415 /* 416 * Read Blockwise Control 417 * 418 * fromaddress gives the starting position (as in read data; 419 * the last 8 bits are ignored); increasing it by 32*256 shifts 420 * the output stream by 64 bytes. 421 * 422 * count counts control groups of size (1 << controlshift). 423 * For me, controlshift = 6. Is this constant? 424 * 425 * After getting one control group, jump to the next block 426 * (fromaddress += 8192). 427 */ 428 static int 429 sddr09_read21(struct us_data *us, unsigned long fromaddress, 430 int count, int controlshift, unsigned char *buf, int use_sg) { 431 432 int bulklen = (count << controlshift); 433 return sddr09_readX(us, 1, fromaddress, count, bulklen, 434 buf, use_sg); 435 } 436 437 /* 438 * Read both Data and Control 439 * 440 * fromaddress counts data shorts, ignoring control: 441 * increasing it by 256 shifts the bytestream by 576 = 512+64 bytes; 442 * the last 8 bits are ignored. 443 * 444 * nr_of_pages counts pages of size (1 << pageshift) + (1 << controlshift). 445 */ 446 static int 447 sddr09_read22(struct us_data *us, unsigned long fromaddress, 448 int nr_of_pages, int pageshift, unsigned char *buf, int use_sg) { 449 450 int bulklen = (nr_of_pages << pageshift) + (nr_of_pages << CONTROL_SHIFT); 451 US_DEBUGP("sddr09_read22: reading %d pages, %d bytes\n", 452 nr_of_pages, bulklen); 453 return sddr09_readX(us, 2, fromaddress, nr_of_pages, bulklen, 454 buf, use_sg); 455 } 456 457 #if 0 458 /* 459 * Read Pagewise Control 460 * 461 * fromaddress gives the starting position (as in read data; 462 * the last 8 bits are ignored); increasing it by 256 shifts 463 * the output stream by 64 bytes. 464 * 465 * count counts control groups of size (1 << controlshift). 466 * For me, controlshift = 6. Is this constant? 467 * 468 * After getting one control group, jump to the next page 469 * (fromaddress += 256). 470 */ 471 static int 472 sddr09_read23(struct us_data *us, unsigned long fromaddress, 473 int count, int controlshift, unsigned char *buf, int use_sg) { 474 475 int bulklen = (count << controlshift); 476 return sddr09_readX(us, 3, fromaddress, count, bulklen, 477 buf, use_sg); 478 } 479 #endif 480 481 /* 482 * Erase Command: 12 bytes. 483 * byte 0: opcode: EA 484 * bytes 6-9: erase address (big-endian, counting shorts, sector aligned). 485 * 486 * Always precisely one block is erased; bytes 2-5 and 10-11 are ignored. 487 * The byte address being erased is 2*Eaddress. 488 * The CIS cannot be erased. 489 */ 490 static int 491 sddr09_erase(struct us_data *us, unsigned long Eaddress) { 492 unsigned char *command = us->iobuf; 493 int result; 494 495 US_DEBUGP("sddr09_erase: erase address %lu\n", Eaddress); 496 497 memset(command, 0, 12); 498 command[0] = 0xEA; 499 command[1] = LUNBITS; 500 command[6] = MSB_of(Eaddress>>16); 501 command[7] = LSB_of(Eaddress>>16); 502 command[8] = MSB_of(Eaddress & 0xFFFF); 503 command[9] = LSB_of(Eaddress & 0xFFFF); 504 505 result = sddr09_send_scsi_command(us, command, 12); 506 507 if (result) 508 US_DEBUGP("Result for send_control in sddr09_erase %d\n", 509 result); 510 511 return result; 512 } 513 514 /* 515 * Write CIS Command: 12 bytes. 516 * byte 0: opcode: EE 517 * bytes 2-5: write address in shorts 518 * bytes 10-11: sector count 519 * 520 * This writes at the indicated address. Don't know how it differs 521 * from E9. Maybe it does not erase? However, it will also write to 522 * the CIS. 523 * 524 * When two such commands on the same page follow each other directly, 525 * the second one is not done. 526 */ 527 528 /* 529 * Write Command: 12 bytes. 530 * byte 0: opcode: E9 531 * bytes 2-5: write address (big-endian, counting shorts, sector aligned). 532 * bytes 6-9: erase address (big-endian, counting shorts, sector aligned). 533 * bytes 10-11: sector count (big-endian, in 512-byte sectors). 534 * 535 * If write address equals erase address, the erase is done first, 536 * otherwise the write is done first. When erase address equals zero 537 * no erase is done? 538 */ 539 static int 540 sddr09_writeX(struct us_data *us, 541 unsigned long Waddress, unsigned long Eaddress, 542 int nr_of_pages, int bulklen, unsigned char *buf, int use_sg) { 543 544 unsigned char *command = us->iobuf; 545 int result; 546 547 command[0] = 0xE9; 548 command[1] = LUNBITS; 549 550 command[2] = MSB_of(Waddress>>16); 551 command[3] = LSB_of(Waddress>>16); 552 command[4] = MSB_of(Waddress & 0xFFFF); 553 command[5] = LSB_of(Waddress & 0xFFFF); 554 555 command[6] = MSB_of(Eaddress>>16); 556 command[7] = LSB_of(Eaddress>>16); 557 command[8] = MSB_of(Eaddress & 0xFFFF); 558 command[9] = LSB_of(Eaddress & 0xFFFF); 559 560 command[10] = MSB_of(nr_of_pages); 561 command[11] = LSB_of(nr_of_pages); 562 563 result = sddr09_send_scsi_command(us, command, 12); 564 565 if (result) { 566 US_DEBUGP("Result for send_control in sddr09_writeX %d\n", 567 result); 568 return result; 569 } 570 571 result = usb_stor_bulk_transfer_sg(us, us->send_bulk_pipe, 572 buf, bulklen, use_sg, NULL); 573 574 if (result != USB_STOR_XFER_GOOD) { 575 US_DEBUGP("Result for bulk_transfer in sddr09_writeX %d\n", 576 result); 577 return -EIO; 578 } 579 return 0; 580 } 581 582 /* erase address, write same address */ 583 static int 584 sddr09_write_inplace(struct us_data *us, unsigned long address, 585 int nr_of_pages, int pageshift, unsigned char *buf, 586 int use_sg) { 587 int bulklen = (nr_of_pages << pageshift) + (nr_of_pages << CONTROL_SHIFT); 588 return sddr09_writeX(us, address, address, nr_of_pages, bulklen, 589 buf, use_sg); 590 } 591 592 #if 0 593 /* 594 * Read Scatter Gather Command: 3+4n bytes. 595 * byte 0: opcode E7 596 * byte 2: n 597 * bytes 4i-1,4i,4i+1: page address 598 * byte 4i+2: page count 599 * (i=1..n) 600 * 601 * This reads several pages from the card to a single memory buffer. 602 * The last two bits of byte 1 have the same meaning as for E8. 603 */ 604 static int 605 sddr09_read_sg_test_only(struct us_data *us) { 606 unsigned char *command = us->iobuf; 607 int result, bulklen, nsg, ct; 608 unsigned char *buf; 609 unsigned long address; 610 611 nsg = bulklen = 0; 612 command[0] = 0xE7; 613 command[1] = LUNBITS; 614 command[2] = 0; 615 address = 040000; ct = 1; 616 nsg++; 617 bulklen += (ct << 9); 618 command[4*nsg+2] = ct; 619 command[4*nsg+1] = ((address >> 9) & 0xFF); 620 command[4*nsg+0] = ((address >> 17) & 0xFF); 621 command[4*nsg-1] = ((address >> 25) & 0xFF); 622 623 address = 0340000; ct = 1; 624 nsg++; 625 bulklen += (ct << 9); 626 command[4*nsg+2] = ct; 627 command[4*nsg+1] = ((address >> 9) & 0xFF); 628 command[4*nsg+0] = ((address >> 17) & 0xFF); 629 command[4*nsg-1] = ((address >> 25) & 0xFF); 630 631 address = 01000000; ct = 2; 632 nsg++; 633 bulklen += (ct << 9); 634 command[4*nsg+2] = ct; 635 command[4*nsg+1] = ((address >> 9) & 0xFF); 636 command[4*nsg+0] = ((address >> 17) & 0xFF); 637 command[4*nsg-1] = ((address >> 25) & 0xFF); 638 639 command[2] = nsg; 640 641 result = sddr09_send_scsi_command(us, command, 4*nsg+3); 642 643 if (result) { 644 US_DEBUGP("Result for send_control in sddr09_read_sg %d\n", 645 result); 646 return result; 647 } 648 649 buf = (unsigned char *) kmalloc(bulklen, GFP_NOIO); 650 if (!buf) 651 return -ENOMEM; 652 653 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe, 654 buf, bulklen, NULL); 655 kfree(buf); 656 if (result != USB_STOR_XFER_GOOD) { 657 US_DEBUGP("Result for bulk_transfer in sddr09_read_sg %d\n", 658 result); 659 return -EIO; 660 } 661 662 return 0; 663 } 664 #endif 665 666 /* 667 * Read Status Command: 12 bytes. 668 * byte 0: opcode: EC 669 * 670 * Returns 64 bytes, all zero except for the first. 671 * bit 0: 1: Error 672 * bit 5: 1: Suspended 673 * bit 6: 1: Ready 674 * bit 7: 1: Not write-protected 675 */ 676 677 static int 678 sddr09_read_status(struct us_data *us, unsigned char *status) { 679 680 unsigned char *command = us->iobuf; 681 unsigned char *data = us->iobuf; 682 int result; 683 684 US_DEBUGP("Reading status...\n"); 685 686 memset(command, 0, 12); 687 command[0] = 0xEC; 688 command[1] = LUNBITS; 689 690 result = sddr09_send_scsi_command(us, command, 12); 691 if (result) 692 return result; 693 694 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe, 695 data, 64, NULL); 696 *status = data[0]; 697 return (result == USB_STOR_XFER_GOOD ? 0 : -EIO); 698 } 699 700 static int 701 sddr09_read_data(struct us_data *us, 702 unsigned long address, 703 unsigned int sectors) { 704 705 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra; 706 unsigned char *buffer; 707 unsigned int lba, maxlba, pba; 708 unsigned int page, pages; 709 unsigned int len, index, offset; 710 int result; 711 712 // Figure out the initial LBA and page 713 lba = address >> info->blockshift; 714 page = (address & info->blockmask); 715 maxlba = info->capacity >> (info->pageshift + info->blockshift); 716 if (lba >= maxlba) 717 return -EIO; 718 719 // Since we only read in one block at a time, we have to create 720 // a bounce buffer and move the data a piece at a time between the 721 // bounce buffer and the actual transfer buffer. 722 723 len = min(sectors, (unsigned int) info->blocksize) * info->pagesize; 724 buffer = kmalloc(len, GFP_NOIO); 725 if (buffer == NULL) { 726 printk("sddr09_read_data: Out of memory\n"); 727 return -ENOMEM; 728 } 729 730 // This could be made much more efficient by checking for 731 // contiguous LBA's. Another exercise left to the student. 732 733 result = 0; 734 index = offset = 0; 735 736 while (sectors > 0) { 737 738 /* Find number of pages we can read in this block */ 739 pages = min(sectors, info->blocksize - page); 740 len = pages << info->pageshift; 741 742 /* Not overflowing capacity? */ 743 if (lba >= maxlba) { 744 US_DEBUGP("Error: Requested lba %u exceeds " 745 "maximum %u\n", lba, maxlba); 746 result = -EIO; 747 break; 748 } 749 750 /* Find where this lba lives on disk */ 751 pba = info->lba_to_pba[lba]; 752 753 if (pba == UNDEF) { /* this lba was never written */ 754 755 US_DEBUGP("Read %d zero pages (LBA %d) page %d\n", 756 pages, lba, page); 757 758 /* This is not really an error. It just means 759 that the block has never been written. 760 Instead of returning an error 761 it is better to return all zero data. */ 762 763 memset(buffer, 0, len); 764 765 } else { 766 US_DEBUGP("Read %d pages, from PBA %d" 767 " (LBA %d) page %d\n", 768 pages, pba, lba, page); 769 770 address = ((pba << info->blockshift) + page) << 771 info->pageshift; 772 773 result = sddr09_read20(us, address>>1, 774 pages, info->pageshift, buffer, 0); 775 if (result) 776 break; 777 } 778 779 // Store the data in the transfer buffer 780 usb_stor_access_xfer_buf(buffer, len, us->srb, 781 &index, &offset, TO_XFER_BUF); 782 783 page = 0; 784 lba++; 785 sectors -= pages; 786 } 787 788 kfree(buffer); 789 return result; 790 } 791 792 static unsigned int 793 sddr09_find_unused_pba(struct sddr09_card_info *info, unsigned int lba) { 794 static unsigned int lastpba = 1; 795 int zonestart, end, i; 796 797 zonestart = (lba/1000) << 10; 798 end = info->capacity >> (info->blockshift + info->pageshift); 799 end -= zonestart; 800 if (end > 1024) 801 end = 1024; 802 803 for (i = lastpba+1; i < end; i++) { 804 if (info->pba_to_lba[zonestart+i] == UNDEF) { 805 lastpba = i; 806 return zonestart+i; 807 } 808 } 809 for (i = 0; i <= lastpba; i++) { 810 if (info->pba_to_lba[zonestart+i] == UNDEF) { 811 lastpba = i; 812 return zonestart+i; 813 } 814 } 815 return 0; 816 } 817 818 static int 819 sddr09_write_lba(struct us_data *us, unsigned int lba, 820 unsigned int page, unsigned int pages, 821 unsigned char *ptr, unsigned char *blockbuffer) { 822 823 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra; 824 unsigned long address; 825 unsigned int pba, lbap; 826 unsigned int pagelen; 827 unsigned char *bptr, *cptr, *xptr; 828 unsigned char ecc[3]; 829 int i, result, isnew; 830 831 lbap = ((lba % 1000) << 1) | 0x1000; 832 if (parity[MSB_of(lbap) ^ LSB_of(lbap)]) 833 lbap ^= 1; 834 pba = info->lba_to_pba[lba]; 835 isnew = 0; 836 837 if (pba == UNDEF) { 838 pba = sddr09_find_unused_pba(info, lba); 839 if (!pba) { 840 printk("sddr09_write_lba: Out of unused blocks\n"); 841 return -ENOSPC; 842 } 843 info->pba_to_lba[pba] = lba; 844 info->lba_to_pba[lba] = pba; 845 isnew = 1; 846 } 847 848 if (pba == 1) { 849 /* Maybe it is impossible to write to PBA 1. 850 Fake success, but don't do anything. */ 851 printk("sddr09: avoid writing to pba 1\n"); 852 return 0; 853 } 854 855 pagelen = (1 << info->pageshift) + (1 << CONTROL_SHIFT); 856 857 /* read old contents */ 858 address = (pba << (info->pageshift + info->blockshift)); 859 result = sddr09_read22(us, address>>1, info->blocksize, 860 info->pageshift, blockbuffer, 0); 861 if (result) 862 return result; 863 864 /* check old contents and fill lba */ 865 for (i = 0; i < info->blocksize; i++) { 866 bptr = blockbuffer + i*pagelen; 867 cptr = bptr + info->pagesize; 868 nand_compute_ecc(bptr, ecc); 869 if (!nand_compare_ecc(cptr+13, ecc)) { 870 US_DEBUGP("Warning: bad ecc in page %d- of pba %d\n", 871 i, pba); 872 nand_store_ecc(cptr+13, ecc); 873 } 874 nand_compute_ecc(bptr+(info->pagesize / 2), ecc); 875 if (!nand_compare_ecc(cptr+8, ecc)) { 876 US_DEBUGP("Warning: bad ecc in page %d+ of pba %d\n", 877 i, pba); 878 nand_store_ecc(cptr+8, ecc); 879 } 880 cptr[6] = cptr[11] = MSB_of(lbap); 881 cptr[7] = cptr[12] = LSB_of(lbap); 882 } 883 884 /* copy in new stuff and compute ECC */ 885 xptr = ptr; 886 for (i = page; i < page+pages; i++) { 887 bptr = blockbuffer + i*pagelen; 888 cptr = bptr + info->pagesize; 889 memcpy(bptr, xptr, info->pagesize); 890 xptr += info->pagesize; 891 nand_compute_ecc(bptr, ecc); 892 nand_store_ecc(cptr+13, ecc); 893 nand_compute_ecc(bptr+(info->pagesize / 2), ecc); 894 nand_store_ecc(cptr+8, ecc); 895 } 896 897 US_DEBUGP("Rewrite PBA %d (LBA %d)\n", pba, lba); 898 899 result = sddr09_write_inplace(us, address>>1, info->blocksize, 900 info->pageshift, blockbuffer, 0); 901 902 US_DEBUGP("sddr09_write_inplace returns %d\n", result); 903 904 #if 0 905 { 906 unsigned char status = 0; 907 int result2 = sddr09_read_status(us, &status); 908 if (result2) 909 US_DEBUGP("sddr09_write_inplace: cannot read status\n"); 910 else if (status != 0xc0) 911 US_DEBUGP("sddr09_write_inplace: status after write: 0x%x\n", 912 status); 913 } 914 #endif 915 916 #if 0 917 { 918 int result2 = sddr09_test_unit_ready(us); 919 } 920 #endif 921 922 return result; 923 } 924 925 static int 926 sddr09_write_data(struct us_data *us, 927 unsigned long address, 928 unsigned int sectors) { 929 930 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra; 931 unsigned int lba, maxlba, page, pages; 932 unsigned int pagelen, blocklen; 933 unsigned char *blockbuffer; 934 unsigned char *buffer; 935 unsigned int len, index, offset; 936 int result; 937 938 // Figure out the initial LBA and page 939 lba = address >> info->blockshift; 940 page = (address & info->blockmask); 941 maxlba = info->capacity >> (info->pageshift + info->blockshift); 942 if (lba >= maxlba) 943 return -EIO; 944 945 // blockbuffer is used for reading in the old data, overwriting 946 // with the new data, and performing ECC calculations 947 948 /* TODO: instead of doing kmalloc/kfree for each write, 949 add a bufferpointer to the info structure */ 950 951 pagelen = (1 << info->pageshift) + (1 << CONTROL_SHIFT); 952 blocklen = (pagelen << info->blockshift); 953 blockbuffer = kmalloc(blocklen, GFP_NOIO); 954 if (!blockbuffer) { 955 printk("sddr09_write_data: Out of memory\n"); 956 return -ENOMEM; 957 } 958 959 // Since we don't write the user data directly to the device, 960 // we have to create a bounce buffer and move the data a piece 961 // at a time between the bounce buffer and the actual transfer buffer. 962 963 len = min(sectors, (unsigned int) info->blocksize) * info->pagesize; 964 buffer = kmalloc(len, GFP_NOIO); 965 if (buffer == NULL) { 966 printk("sddr09_write_data: Out of memory\n"); 967 kfree(blockbuffer); 968 return -ENOMEM; 969 } 970 971 result = 0; 972 index = offset = 0; 973 974 while (sectors > 0) { 975 976 // Write as many sectors as possible in this block 977 978 pages = min(sectors, info->blocksize - page); 979 len = (pages << info->pageshift); 980 981 /* Not overflowing capacity? */ 982 if (lba >= maxlba) { 983 US_DEBUGP("Error: Requested lba %u exceeds " 984 "maximum %u\n", lba, maxlba); 985 result = -EIO; 986 break; 987 } 988 989 // Get the data from the transfer buffer 990 usb_stor_access_xfer_buf(buffer, len, us->srb, 991 &index, &offset, FROM_XFER_BUF); 992 993 result = sddr09_write_lba(us, lba, page, pages, 994 buffer, blockbuffer); 995 if (result) 996 break; 997 998 page = 0; 999 lba++; 1000 sectors -= pages; 1001 } 1002 1003 kfree(buffer); 1004 kfree(blockbuffer); 1005 1006 return result; 1007 } 1008 1009 static int 1010 sddr09_read_control(struct us_data *us, 1011 unsigned long address, 1012 unsigned int blocks, 1013 unsigned char *content, 1014 int use_sg) { 1015 1016 US_DEBUGP("Read control address %lu, blocks %d\n", 1017 address, blocks); 1018 1019 return sddr09_read21(us, address, blocks, 1020 CONTROL_SHIFT, content, use_sg); 1021 } 1022 1023 /* 1024 * Read Device ID Command: 12 bytes. 1025 * byte 0: opcode: ED 1026 * 1027 * Returns 2 bytes: Manufacturer ID and Device ID. 1028 * On more recent cards 3 bytes: the third byte is an option code A5 1029 * signifying that the secret command to read an 128-bit ID is available. 1030 * On still more recent cards 4 bytes: the fourth byte C0 means that 1031 * a second read ID cmd is available. 1032 */ 1033 static int 1034 sddr09_read_deviceID(struct us_data *us, unsigned char *deviceID) { 1035 unsigned char *command = us->iobuf; 1036 unsigned char *content = us->iobuf; 1037 int result, i; 1038 1039 memset(command, 0, 12); 1040 command[0] = 0xED; 1041 command[1] = LUNBITS; 1042 1043 result = sddr09_send_scsi_command(us, command, 12); 1044 if (result) 1045 return result; 1046 1047 result = usb_stor_bulk_transfer_buf(us, us->recv_bulk_pipe, 1048 content, 64, NULL); 1049 1050 for (i = 0; i < 4; i++) 1051 deviceID[i] = content[i]; 1052 1053 return (result == USB_STOR_XFER_GOOD ? 0 : -EIO); 1054 } 1055 1056 static int 1057 sddr09_get_wp(struct us_data *us, struct sddr09_card_info *info) { 1058 int result; 1059 unsigned char status; 1060 1061 result = sddr09_read_status(us, &status); 1062 if (result) { 1063 US_DEBUGP("sddr09_get_wp: read_status fails\n"); 1064 return result; 1065 } 1066 US_DEBUGP("sddr09_get_wp: status 0x%02X", status); 1067 if ((status & 0x80) == 0) { 1068 info->flags |= SDDR09_WP; /* write protected */ 1069 US_DEBUGP(" WP"); 1070 } 1071 if (status & 0x40) 1072 US_DEBUGP(" Ready"); 1073 if (status & LUNBITS) 1074 US_DEBUGP(" Suspended"); 1075 if (status & 0x1) 1076 US_DEBUGP(" Error"); 1077 US_DEBUGP("\n"); 1078 return 0; 1079 } 1080 1081 #if 0 1082 /* 1083 * Reset Command: 12 bytes. 1084 * byte 0: opcode: EB 1085 */ 1086 static int 1087 sddr09_reset(struct us_data *us) { 1088 1089 unsigned char *command = us->iobuf; 1090 1091 memset(command, 0, 12); 1092 command[0] = 0xEB; 1093 command[1] = LUNBITS; 1094 1095 return sddr09_send_scsi_command(us, command, 12); 1096 } 1097 #endif 1098 1099 static struct nand_flash_dev * 1100 sddr09_get_cardinfo(struct us_data *us, unsigned char flags) { 1101 struct nand_flash_dev *cardinfo; 1102 unsigned char deviceID[4]; 1103 char blurbtxt[256]; 1104 int result; 1105 1106 US_DEBUGP("Reading capacity...\n"); 1107 1108 result = sddr09_read_deviceID(us, deviceID); 1109 1110 if (result) { 1111 US_DEBUGP("Result of read_deviceID is %d\n", result); 1112 printk("sddr09: could not read card info\n"); 1113 return NULL; 1114 } 1115 1116 sprintf(blurbtxt, "sddr09: Found Flash card, ID = %02X %02X %02X %02X", 1117 deviceID[0], deviceID[1], deviceID[2], deviceID[3]); 1118 1119 /* Byte 0 is the manufacturer */ 1120 sprintf(blurbtxt + strlen(blurbtxt), 1121 ": Manuf. %s", 1122 nand_flash_manufacturer(deviceID[0])); 1123 1124 /* Byte 1 is the device type */ 1125 cardinfo = nand_find_id(deviceID[1]); 1126 if (cardinfo) { 1127 /* MB or MiB? It is neither. A 16 MB card has 1128 17301504 raw bytes, of which 16384000 are 1129 usable for user data. */ 1130 sprintf(blurbtxt + strlen(blurbtxt), 1131 ", %d MB", 1<<(cardinfo->chipshift - 20)); 1132 } else { 1133 sprintf(blurbtxt + strlen(blurbtxt), 1134 ", type unrecognized"); 1135 } 1136 1137 /* Byte 2 is code to signal availability of 128-bit ID */ 1138 if (deviceID[2] == 0xa5) { 1139 sprintf(blurbtxt + strlen(blurbtxt), 1140 ", 128-bit ID"); 1141 } 1142 1143 /* Byte 3 announces the availability of another read ID command */ 1144 if (deviceID[3] == 0xc0) { 1145 sprintf(blurbtxt + strlen(blurbtxt), 1146 ", extra cmd"); 1147 } 1148 1149 if (flags & SDDR09_WP) 1150 sprintf(blurbtxt + strlen(blurbtxt), 1151 ", WP"); 1152 1153 printk("%s\n", blurbtxt); 1154 1155 return cardinfo; 1156 } 1157 1158 static int 1159 sddr09_read_map(struct us_data *us) { 1160 1161 struct sddr09_card_info *info = (struct sddr09_card_info *) us->extra; 1162 int numblocks, alloc_len, alloc_blocks; 1163 int i, j, result; 1164 unsigned char *buffer, *buffer_end, *ptr; 1165 unsigned int lba, lbact; 1166 1167 if (!info->capacity) 1168 return -1; 1169 1170 // size of a block is 1 << (blockshift + pageshift) bytes 1171 // divide into the total capacity to get the number of blocks 1172 1173 numblocks = info->capacity >> (info->blockshift + info->pageshift); 1174 1175 // read 64 bytes for every block (actually 1 << CONTROL_SHIFT) 1176 // but only use a 64 KB buffer 1177 // buffer size used must be a multiple of (1 << CONTROL_SHIFT) 1178 #define SDDR09_READ_MAP_BUFSZ 65536 1179 1180 alloc_blocks = min(numblocks, SDDR09_READ_MAP_BUFSZ >> CONTROL_SHIFT); 1181 alloc_len = (alloc_blocks << CONTROL_SHIFT); 1182 buffer = kmalloc(alloc_len, GFP_NOIO); 1183 if (buffer == NULL) { 1184 printk("sddr09_read_map: out of memory\n"); 1185 result = -1; 1186 goto done; 1187 } 1188 buffer_end = buffer + alloc_len; 1189 1190 #undef SDDR09_READ_MAP_BUFSZ 1191 1192 kfree(info->lba_to_pba); 1193 kfree(info->pba_to_lba); 1194 info->lba_to_pba = kmalloc(numblocks*sizeof(int), GFP_NOIO); 1195 info->pba_to_lba = kmalloc(numblocks*sizeof(int), GFP_NOIO); 1196 1197 if (info->lba_to_pba == NULL || info->pba_to_lba == NULL) { 1198 printk("sddr09_read_map: out of memory\n"); 1199 result = -1; 1200 goto done; 1201 } 1202 1203 for (i = 0; i < numblocks; i++) 1204 info->lba_to_pba[i] = info->pba_to_lba[i] = UNDEF; 1205 1206 /* 1207 * Define lba-pba translation table 1208 */ 1209 1210 ptr = buffer_end; 1211 for (i = 0; i < numblocks; i++) { 1212 ptr += (1 << CONTROL_SHIFT); 1213 if (ptr >= buffer_end) { 1214 unsigned long address; 1215 1216 address = i << (info->pageshift + info->blockshift); 1217 result = sddr09_read_control( 1218 us, address>>1, 1219 min(alloc_blocks, numblocks - i), 1220 buffer, 0); 1221 if (result) { 1222 result = -1; 1223 goto done; 1224 } 1225 ptr = buffer; 1226 } 1227 1228 if (i == 0 || i == 1) { 1229 info->pba_to_lba[i] = UNUSABLE; 1230 continue; 1231 } 1232 1233 /* special PBAs have control field 0^16 */ 1234 for (j = 0; j < 16; j++) 1235 if (ptr[j] != 0) 1236 goto nonz; 1237 info->pba_to_lba[i] = UNUSABLE; 1238 printk("sddr09: PBA %d has no logical mapping\n", i); 1239 continue; 1240 1241 nonz: 1242 /* unwritten PBAs have control field FF^16 */ 1243 for (j = 0; j < 16; j++) 1244 if (ptr[j] != 0xff) 1245 goto nonff; 1246 continue; 1247 1248 nonff: 1249 /* normal PBAs start with six FFs */ 1250 if (j < 6) { 1251 printk("sddr09: PBA %d has no logical mapping: " 1252 "reserved area = %02X%02X%02X%02X " 1253 "data status %02X block status %02X\n", 1254 i, ptr[0], ptr[1], ptr[2], ptr[3], 1255 ptr[4], ptr[5]); 1256 info->pba_to_lba[i] = UNUSABLE; 1257 continue; 1258 } 1259 1260 if ((ptr[6] >> 4) != 0x01) { 1261 printk("sddr09: PBA %d has invalid address field " 1262 "%02X%02X/%02X%02X\n", 1263 i, ptr[6], ptr[7], ptr[11], ptr[12]); 1264 info->pba_to_lba[i] = UNUSABLE; 1265 continue; 1266 } 1267 1268 /* check even parity */ 1269 if (parity[ptr[6] ^ ptr[7]]) { 1270 printk("sddr09: Bad parity in LBA for block %d" 1271 " (%02X %02X)\n", i, ptr[6], ptr[7]); 1272 info->pba_to_lba[i] = UNUSABLE; 1273 continue; 1274 } 1275 1276 lba = short_pack(ptr[7], ptr[6]); 1277 lba = (lba & 0x07FF) >> 1; 1278 1279 /* 1280 * Every 1024 physical blocks ("zone"), the LBA numbers 1281 * go back to zero, but are within a higher block of LBA's. 1282 * Also, there is a maximum of 1000 LBA's per zone. 1283 * In other words, in PBA 1024-2047 you will find LBA 0-999 1284 * which are really LBA 1000-1999. This allows for 24 bad 1285 * or special physical blocks per zone. 1286 */ 1287 1288 if (lba >= 1000) { 1289 printk("sddr09: Bad low LBA %d for block %d\n", 1290 lba, i); 1291 goto possibly_erase; 1292 } 1293 1294 lba += 1000*(i/0x400); 1295 1296 if (info->lba_to_pba[lba] != UNDEF) { 1297 printk("sddr09: LBA %d seen for PBA %d and %d\n", 1298 lba, info->lba_to_pba[lba], i); 1299 goto possibly_erase; 1300 } 1301 1302 info->pba_to_lba[i] = lba; 1303 info->lba_to_pba[lba] = i; 1304 continue; 1305 1306 possibly_erase: 1307 if (erase_bad_lba_entries) { 1308 unsigned long address; 1309 1310 address = (i << (info->pageshift + info->blockshift)); 1311 sddr09_erase(us, address>>1); 1312 info->pba_to_lba[i] = UNDEF; 1313 } else 1314 info->pba_to_lba[i] = UNUSABLE; 1315 } 1316 1317 /* 1318 * Approximate capacity. This is not entirely correct yet, 1319 * since a zone with less than 1000 usable pages leads to 1320 * missing LBAs. Especially if it is the last zone, some 1321 * LBAs can be past capacity. 1322 */ 1323 lbact = 0; 1324 for (i = 0; i < numblocks; i += 1024) { 1325 int ct = 0; 1326 1327 for (j = 0; j < 1024 && i+j < numblocks; j++) { 1328 if (info->pba_to_lba[i+j] != UNUSABLE) { 1329 if (ct >= 1000) 1330 info->pba_to_lba[i+j] = SPARE; 1331 else 1332 ct++; 1333 } 1334 } 1335 lbact += ct; 1336 } 1337 info->lbact = lbact; 1338 US_DEBUGP("Found %d LBA's\n", lbact); 1339 result = 0; 1340 1341 done: 1342 if (result != 0) { 1343 kfree(info->lba_to_pba); 1344 kfree(info->pba_to_lba); 1345 info->lba_to_pba = NULL; 1346 info->pba_to_lba = NULL; 1347 } 1348 kfree(buffer); 1349 return result; 1350 } 1351 1352 static void 1353 sddr09_card_info_destructor(void *extra) { 1354 struct sddr09_card_info *info = (struct sddr09_card_info *)extra; 1355 1356 if (!info) 1357 return; 1358 1359 kfree(info->lba_to_pba); 1360 kfree(info->pba_to_lba); 1361 } 1362 1363 static int 1364 sddr09_common_init(struct us_data *us) { 1365 int result; 1366 1367 /* set the configuration -- STALL is an acceptable response here */ 1368 if (us->pusb_dev->actconfig->desc.bConfigurationValue != 1) { 1369 US_DEBUGP("active config #%d != 1 ??\n", us->pusb_dev 1370 ->actconfig->desc.bConfigurationValue); 1371 return -EINVAL; 1372 } 1373 1374 result = usb_reset_configuration(us->pusb_dev); 1375 US_DEBUGP("Result of usb_reset_configuration is %d\n", result); 1376 if (result == -EPIPE) { 1377 US_DEBUGP("-- stall on control interface\n"); 1378 } else if (result != 0) { 1379 /* it's not a stall, but another error -- time to bail */ 1380 US_DEBUGP("-- Unknown error. Rejecting device\n"); 1381 return -EINVAL; 1382 } 1383 1384 us->extra = kzalloc(sizeof(struct sddr09_card_info), GFP_NOIO); 1385 if (!us->extra) 1386 return -ENOMEM; 1387 us->extra_destructor = sddr09_card_info_destructor; 1388 1389 nand_init_ecc(); 1390 return 0; 1391 } 1392 1393 1394 /* 1395 * This is needed at a very early stage. If this is not listed in the 1396 * unusual devices list but called from here then LUN 0 of the combo reader 1397 * is not recognized. But I do not know what precisely these calls do. 1398 */ 1399 int 1400 usb_stor_sddr09_dpcm_init(struct us_data *us) { 1401 int result; 1402 unsigned char *data = us->iobuf; 1403 1404 result = sddr09_common_init(us); 1405 if (result) 1406 return result; 1407 1408 result = sddr09_send_command(us, 0x01, USB_DIR_IN, data, 2); 1409 if (result) { 1410 US_DEBUGP("sddr09_init: send_command fails\n"); 1411 return result; 1412 } 1413 1414 US_DEBUGP("SDDR09init: %02X %02X\n", data[0], data[1]); 1415 // get 07 02 1416 1417 result = sddr09_send_command(us, 0x08, USB_DIR_IN, data, 2); 1418 if (result) { 1419 US_DEBUGP("sddr09_init: 2nd send_command fails\n"); 1420 return result; 1421 } 1422 1423 US_DEBUGP("SDDR09init: %02X %02X\n", data[0], data[1]); 1424 // get 07 00 1425 1426 result = sddr09_request_sense(us, data, 18); 1427 if (result == 0 && data[2] != 0) { 1428 int j; 1429 for (j=0; j<18; j++) 1430 printk(" %02X", data[j]); 1431 printk("\n"); 1432 // get 70 00 00 00 00 00 00 * 00 00 00 00 00 00 1433 // 70: current command 1434 // sense key 0, sense code 0, extd sense code 0 1435 // additional transfer length * = sizeof(data) - 7 1436 // Or: 70 00 06 00 00 00 00 0b 00 00 00 00 28 00 00 00 00 00 1437 // sense key 06, sense code 28: unit attention, 1438 // not ready to ready transition 1439 } 1440 1441 // test unit ready 1442 1443 return 0; /* not result */ 1444 } 1445 1446 /* 1447 * Transport for the Sandisk SDDR-09 1448 */ 1449 int sddr09_transport(struct scsi_cmnd *srb, struct us_data *us) 1450 { 1451 static unsigned char sensekey = 0, sensecode = 0; 1452 static unsigned char havefakesense = 0; 1453 int result, i; 1454 unsigned char *ptr = us->iobuf; 1455 unsigned long capacity; 1456 unsigned int page, pages; 1457 1458 struct sddr09_card_info *info; 1459 1460 static unsigned char inquiry_response[8] = { 1461 0x00, 0x80, 0x00, 0x02, 0x1F, 0x00, 0x00, 0x00 1462 }; 1463 1464 /* note: no block descriptor support */ 1465 static unsigned char mode_page_01[19] = { 1466 0x00, 0x0F, 0x00, 0x0, 0x0, 0x0, 0x00, 1467 0x01, 0x0A, 1468 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00 1469 }; 1470 1471 info = (struct sddr09_card_info *)us->extra; 1472 1473 if (srb->cmnd[0] == REQUEST_SENSE && havefakesense) { 1474 /* for a faked command, we have to follow with a faked sense */ 1475 memset(ptr, 0, 18); 1476 ptr[0] = 0x70; 1477 ptr[2] = sensekey; 1478 ptr[7] = 11; 1479 ptr[12] = sensecode; 1480 usb_stor_set_xfer_buf(ptr, 18, srb); 1481 sensekey = sensecode = havefakesense = 0; 1482 return USB_STOR_TRANSPORT_GOOD; 1483 } 1484 1485 havefakesense = 1; 1486 1487 /* Dummy up a response for INQUIRY since SDDR09 doesn't 1488 respond to INQUIRY commands */ 1489 1490 if (srb->cmnd[0] == INQUIRY) { 1491 memcpy(ptr, inquiry_response, 8); 1492 fill_inquiry_response(us, ptr, 36); 1493 return USB_STOR_TRANSPORT_GOOD; 1494 } 1495 1496 if (srb->cmnd[0] == READ_CAPACITY) { 1497 struct nand_flash_dev *cardinfo; 1498 1499 sddr09_get_wp(us, info); /* read WP bit */ 1500 1501 cardinfo = sddr09_get_cardinfo(us, info->flags); 1502 if (!cardinfo) { 1503 /* probably no media */ 1504 init_error: 1505 sensekey = 0x02; /* not ready */ 1506 sensecode = 0x3a; /* medium not present */ 1507 return USB_STOR_TRANSPORT_FAILED; 1508 } 1509 1510 info->capacity = (1 << cardinfo->chipshift); 1511 info->pageshift = cardinfo->pageshift; 1512 info->pagesize = (1 << info->pageshift); 1513 info->blockshift = cardinfo->blockshift; 1514 info->blocksize = (1 << info->blockshift); 1515 info->blockmask = info->blocksize - 1; 1516 1517 // map initialization, must follow get_cardinfo() 1518 if (sddr09_read_map(us)) { 1519 /* probably out of memory */ 1520 goto init_error; 1521 } 1522 1523 // Report capacity 1524 1525 capacity = (info->lbact << info->blockshift) - 1; 1526 1527 ((__be32 *) ptr)[0] = cpu_to_be32(capacity); 1528 1529 // Report page size 1530 1531 ((__be32 *) ptr)[1] = cpu_to_be32(info->pagesize); 1532 usb_stor_set_xfer_buf(ptr, 8, srb); 1533 1534 return USB_STOR_TRANSPORT_GOOD; 1535 } 1536 1537 if (srb->cmnd[0] == MODE_SENSE_10) { 1538 int modepage = (srb->cmnd[2] & 0x3F); 1539 1540 /* They ask for the Read/Write error recovery page, 1541 or for all pages. */ 1542 /* %% We should check DBD %% */ 1543 if (modepage == 0x01 || modepage == 0x3F) { 1544 US_DEBUGP("SDDR09: Dummy up request for " 1545 "mode page 0x%x\n", modepage); 1546 1547 memcpy(ptr, mode_page_01, sizeof(mode_page_01)); 1548 ((__be16*)ptr)[0] = cpu_to_be16(sizeof(mode_page_01) - 2); 1549 ptr[3] = (info->flags & SDDR09_WP) ? 0x80 : 0; 1550 usb_stor_set_xfer_buf(ptr, sizeof(mode_page_01), srb); 1551 return USB_STOR_TRANSPORT_GOOD; 1552 } 1553 1554 sensekey = 0x05; /* illegal request */ 1555 sensecode = 0x24; /* invalid field in CDB */ 1556 return USB_STOR_TRANSPORT_FAILED; 1557 } 1558 1559 if (srb->cmnd[0] == ALLOW_MEDIUM_REMOVAL) 1560 return USB_STOR_TRANSPORT_GOOD; 1561 1562 havefakesense = 0; 1563 1564 if (srb->cmnd[0] == READ_10) { 1565 1566 page = short_pack(srb->cmnd[3], srb->cmnd[2]); 1567 page <<= 16; 1568 page |= short_pack(srb->cmnd[5], srb->cmnd[4]); 1569 pages = short_pack(srb->cmnd[8], srb->cmnd[7]); 1570 1571 US_DEBUGP("READ_10: read page %d pagect %d\n", 1572 page, pages); 1573 1574 result = sddr09_read_data(us, page, pages); 1575 return (result == 0 ? USB_STOR_TRANSPORT_GOOD : 1576 USB_STOR_TRANSPORT_ERROR); 1577 } 1578 1579 if (srb->cmnd[0] == WRITE_10) { 1580 1581 page = short_pack(srb->cmnd[3], srb->cmnd[2]); 1582 page <<= 16; 1583 page |= short_pack(srb->cmnd[5], srb->cmnd[4]); 1584 pages = short_pack(srb->cmnd[8], srb->cmnd[7]); 1585 1586 US_DEBUGP("WRITE_10: write page %d pagect %d\n", 1587 page, pages); 1588 1589 result = sddr09_write_data(us, page, pages); 1590 return (result == 0 ? USB_STOR_TRANSPORT_GOOD : 1591 USB_STOR_TRANSPORT_ERROR); 1592 } 1593 1594 /* catch-all for all other commands, except 1595 * pass TEST_UNIT_READY and REQUEST_SENSE through 1596 */ 1597 if (srb->cmnd[0] != TEST_UNIT_READY && 1598 srb->cmnd[0] != REQUEST_SENSE) { 1599 sensekey = 0x05; /* illegal request */ 1600 sensecode = 0x20; /* invalid command */ 1601 havefakesense = 1; 1602 return USB_STOR_TRANSPORT_FAILED; 1603 } 1604 1605 for (; srb->cmd_len<12; srb->cmd_len++) 1606 srb->cmnd[srb->cmd_len] = 0; 1607 1608 srb->cmnd[1] = LUNBITS; 1609 1610 ptr[0] = 0; 1611 for (i=0; i<12; i++) 1612 sprintf(ptr+strlen(ptr), "%02X ", srb->cmnd[i]); 1613 1614 US_DEBUGP("SDDR09: Send control for command %s\n", ptr); 1615 1616 result = sddr09_send_scsi_command(us, srb->cmnd, 12); 1617 if (result) { 1618 US_DEBUGP("sddr09_transport: sddr09_send_scsi_command " 1619 "returns %d\n", result); 1620 return USB_STOR_TRANSPORT_ERROR; 1621 } 1622 1623 if (srb->request_bufflen == 0) 1624 return USB_STOR_TRANSPORT_GOOD; 1625 1626 if (srb->sc_data_direction == DMA_TO_DEVICE || 1627 srb->sc_data_direction == DMA_FROM_DEVICE) { 1628 unsigned int pipe = (srb->sc_data_direction == DMA_TO_DEVICE) 1629 ? us->send_bulk_pipe : us->recv_bulk_pipe; 1630 1631 US_DEBUGP("SDDR09: %s %d bytes\n", 1632 (srb->sc_data_direction == DMA_TO_DEVICE) ? 1633 "sending" : "receiving", 1634 srb->request_bufflen); 1635 1636 result = usb_stor_bulk_transfer_sg(us, pipe, 1637 srb->request_buffer, 1638 srb->request_bufflen, 1639 srb->use_sg, &srb->resid); 1640 1641 return (result == USB_STOR_XFER_GOOD ? 1642 USB_STOR_TRANSPORT_GOOD : USB_STOR_TRANSPORT_ERROR); 1643 } 1644 1645 return USB_STOR_TRANSPORT_GOOD; 1646 } 1647 1648 /* 1649 * Initialization routine for the sddr09 subdriver 1650 */ 1651 int 1652 usb_stor_sddr09_init(struct us_data *us) { 1653 return sddr09_common_init(us); 1654 } 1655