2 * drivers/sbus/char/jsflash.c
4 * Copyright (C) 1991, 1992 Linus Torvalds (drivers/char/mem.c)
5 * Copyright (C) 1997 Eddie C. Dost (drivers/sbus/char/flash.c)
6 * Copyright (C) 1997-2000 Pavel Machek <pavel@ucw.cz> (drivers/block/nbd.c)
7 * Copyright (C) 1999-2000 Pete Zaitcev
9 * This driver is used to program OS into a Flash SIMM on
10 * Krups and Espresso platforms.
12 * TODO: do not allow erase/programming if file systems are mounted.
13 * TODO: Erase/program both banks of a 8MB SIMM.
15 * It is anticipated that programming an OS Flash will be a routine
16 * procedure. In the same time it is exeedingly dangerous because
17 * a user can program its OBP flash with OS image and effectively
20 * This driver uses an interface different from Eddie's flash.c
21 * as a silly safeguard.
23 * XXX The flash.c manipulates page caching characteristics in a certain
24 * dubious way; also it assumes that remap_pfn_range() can remap
25 * PCI bus locations, which may be false. ioremap() must be used
26 * instead. We should discuss this.
29 #include <linux/module.h>
30 #include <linux/smp_lock.h>
31 #include <linux/types.h>
32 #include <linux/errno.h>
33 #include <linux/miscdevice.h>
34 #include <linux/slab.h>
35 #include <linux/fcntl.h>
36 #include <linux/poll.h>
37 #include <linux/init.h>
38 #include <linux/string.h>
39 #include <linux/genhd.h>
40 #include <linux/blkdev.h>
41 #include <asm/uaccess.h>
42 #include <asm/pgtable.h>
45 #include <asm/oplib.h>
47 #include <asm/jsflash.h> /* ioctl arguments. <linux/> ?? */
48 #define JSFIDSZ (sizeof(struct jsflash_ident_arg))
49 #define JSFPRGSZ (sizeof(struct jsflash_program_arg))
52 * Our device numbers have no business in system headers.
53 * The only thing a user knows is the device name /dev/jsflash.
55 * Block devices are laid out like this:
56 * minor+0 - Bootstrap, for 8MB SIMM 0x20400000[0x800000]
57 * minor+1 - Filesystem to mount, normally 0x20400400[0x7ffc00]
58 * minor+2 - Whole flash area for any case... 0x20000000[0x01000000]
59 * Total 3 minors per flash device.
61 * It is easier to have static size vectors, so we define
62 * a total minor range JSF_MAX, which must cover all minors.
64 /* character device */
65 #define JSF_MINOR 178 /* 178 is registered with hpa */
67 #define JSF_MAX 3 /* 3 minors wasted total so far. */
68 #define JSF_NPART 3 /* 3 minors per flash device */
69 #define JSF_PART_BITS 2 /* 2 bits of minors to cover JSF_NPART */
70 #define JSF_PART_MASK 0x3 /* 2 bits mask */
74 * We could ioremap(), but it's easier this way.
76 static unsigned int jsf_inl(unsigned long addr)
80 __asm__ __volatile__("lda [%1] %2, %0\n\t" :
82 "r" (addr), "i" (ASI_M_BYPASS));
86 static void jsf_outl(unsigned long addr, __u32 data)
89 __asm__ __volatile__("sta %0, [%1] %2\n\t" : :
90 "r" (data), "r" (addr), "i" (ASI_M_BYPASS) :
106 unsigned long busy; /* In use? */
107 struct jsflash_ident_arg id;
108 /* int mbase; */ /* Minor base, typically zero */
109 struct jsfd_part dv[JSF_NPART];
113 * We do not map normal memory or obio as a safety precaution.
114 * But offsets are real, for ease of userland programming.
116 #define JSF_BASE_TOP 0x30000000
117 #define JSF_BASE_ALL 0x20000000
119 #define JSF_BASE_JK 0x20400000
123 static struct gendisk *jsfd_disk[JSF_MAX];
126 * Let's pretend we may have several of these...
128 static struct jsflash jsf0;
131 * Wait for AMD to finish its embedded algorithm.
132 * We use the Toggle bit DQ6 (0x40) because it does not
133 * depend on the data value as /DATA bit DQ7 does.
135 * XXX Do we need any timeout here? So far it never hanged, beware broken hw.
137 static void jsf_wait(unsigned long p) {
143 if ((x1 & 0x40404040) == (x2 & 0x40404040)) return;
148 * Programming will only work if Flash is clean,
149 * we leave it to the programmer application.
151 * AMD must be programmed one byte at a time;
152 * thus, Simple Tech SIMM must be written 4 bytes at a time.
154 * Write waits for the chip to become ready after the write
155 * was finished. This is done so that application would read
156 * consistent data after the write is done.
158 static void jsf_write4(unsigned long fa, u32 data) {
160 jsf_outl(fa, 0xAAAAAAAA); /* Unlock 1 Write 1 */
161 jsf_outl(fa, 0x55555555); /* Unlock 1 Write 2 */
162 jsf_outl(fa, 0xA0A0A0A0); /* Byte Program */
170 static void jsfd_read(char *buf, unsigned long p, size_t togo) {
185 static void jsfd_do_request(struct request_queue *q)
189 req = blk_fetch_request(q);
191 struct jsfd_part *jdp = req->rq_disk->private_data;
192 unsigned long offset = blk_rq_pos(req) << 9;
193 size_t len = blk_rq_cur_bytes(req);
196 if ((offset + len) > jdp->dsize)
199 if (rq_data_dir(req) != READ) {
200 printk(KERN_ERR "jsfd: write\n");
204 if ((jdp->dbase & 0xff000000) != 0x20000000) {
205 printk(KERN_ERR "jsfd: bad base %x\n", (int)jdp->dbase);
209 jsfd_read(req->buffer, jdp->dbase + offset, len);
212 if (!__blk_end_request_cur(req, err))
213 req = blk_fetch_request(q);
218 * The memory devices use the full 32/64 bits of the offset, and so we cannot
219 * check against negative addresses: they are ok. The return value is weird,
220 * though, in that case (0).
222 * also note that seeking relative to the "end of file" isn't supported:
223 * it has no meaning, so it returns -EINVAL.
225 static loff_t jsf_lseek(struct file * file, loff_t offset, int orig)
232 file->f_pos = offset;
236 file->f_pos += offset;
247 * OS SIMM Cannot be read in other size but a 32bits word.
249 static ssize_t jsf_read(struct file * file, char __user * buf,
250 size_t togo, loff_t *ppos)
252 unsigned long p = *ppos;
253 char __user *tmp = buf;
260 if (p < JSF_BASE_ALL || p >= JSF_BASE_TOP) {
264 if ((p + togo) < p /* wrap */
265 || (p + togo) >= JSF_BASE_TOP) {
266 togo = JSF_BASE_TOP - p;
269 if (p < JSF_BASE_ALL && togo != 0) {
270 #if 0 /* __bzero XXX */
271 size_t x = JSF_BASE_ALL - p;
272 if (x > togo) x = togo;
279 * Implementation of clear_user() calls __bzero
280 * without regard to modversions,
281 * so we cannot build a module.
290 if (copy_to_user(tmp, b.s, 4))
297 * XXX Small togo may remain if 1 byte is ordered.
298 * It would be nice if we did a word size read and unpacked it.
305 static ssize_t jsf_write(struct file * file, const char __user * buf,
306 size_t count, loff_t *ppos)
313 static int jsf_ioctl_erase(unsigned long arg)
317 /* p = jsf0.base; hits wrong bank */
320 jsf_outl(p, 0xAAAAAAAA); /* Unlock 1 Write 1 */
321 jsf_outl(p, 0x55555555); /* Unlock 1 Write 2 */
322 jsf_outl(p, 0x80808080); /* Erase setup */
323 jsf_outl(p, 0xAAAAAAAA); /* Unlock 2 Write 1 */
324 jsf_outl(p, 0x55555555); /* Unlock 2 Write 2 */
325 jsf_outl(p, 0x10101010); /* Chip erase */
329 * This code is ok, except that counter based timeout
330 * has no place in this world. Let's just drop timeouts...
335 for (i = 0; i < 1000000; i++) {
337 if ((x & 0x80808080) == 0x80808080) break;
339 if ((x & 0x80808080) != 0x80808080) {
340 printk("jsf0: erase timeout with 0x%08x\n", x);
342 printk("jsf0: erase done with 0x%08x\n", x);
353 * Program a block of flash.
354 * Very simple because we can do it byte by byte anyway.
356 static int jsf_ioctl_program(void __user *arg)
358 struct jsflash_program_arg abuf;
367 if (copy_from_user(&abuf, arg, JSFPRGSZ))
371 if ((togo & 3) || (p & 3)) return -EINVAL;
373 uptr = (char __user *) (unsigned long) abuf.data;
376 if (copy_from_user(&b.s[0], uptr, 4))
386 static long jsf_ioctl(struct file *f, unsigned int cmd, unsigned long arg)
390 void __user *argp = (void __user *)arg;
392 if (!capable(CAP_SYS_ADMIN)) {
398 if (copy_to_user(argp, &jsf0.id, JSFIDSZ)) {
404 error = jsf_ioctl_erase(arg);
406 case JSFLASH_PROGRAM:
407 error = jsf_ioctl_program(argp);
415 static int jsf_mmap(struct file * file, struct vm_area_struct * vma)
420 static int jsf_open(struct inode * inode, struct file * filp)
423 if (jsf0.base == 0) {
427 if (test_and_set_bit(0, (void *)&jsf0.busy) != 0) {
433 return 0; /* XXX What security? */
436 static int jsf_release(struct inode *inode, struct file *file)
442 static const struct file_operations jsf_fops = {
443 .owner = THIS_MODULE,
447 .unlocked_ioctl = jsf_ioctl,
450 .release = jsf_release,
453 static struct miscdevice jsf_dev = { JSF_MINOR, "jsflash", &jsf_fops };
455 static struct block_device_operations jsfd_fops = {
456 .owner = THIS_MODULE,
459 static int jsflash_init(void)
465 struct linux_prom_registers reg0;
467 node = prom_getchild(prom_root_node);
468 node = prom_searchsiblings(node, "flash-memory");
469 if (node != 0 && node != -1) {
470 if (prom_getproperty(node, "reg",
471 (char *)®0, sizeof(reg0)) == -1) {
472 printk("jsflash: no \"reg\" property\n");
475 if (reg0.which_io != 0) {
476 printk("jsflash: bus number nonzero: 0x%x:%x\n",
477 reg0.which_io, reg0.phys_addr);
481 * Flash may be somewhere else, for instance on Ebus.
482 * So, don't do the following check for IIep flash space.
485 if ((reg0.phys_addr >> 24) != 0x20) {
486 printk("jsflash: suspicious address: 0x%x:%x\n",
487 reg0.which_io, reg0.phys_addr);
491 if ((int)reg0.reg_size <= 0) {
492 printk("jsflash: bad size 0x%x\n", (int)reg0.reg_size);
496 /* XXX Remove this code once PROLL ID12 got widespread */
497 printk("jsflash: no /flash-memory node, use PROLL >= 12\n");
498 prom_getproperty(prom_root_node, "banner-name", banner, 128);
499 if (strcmp (banner, "JavaStation-NC") != 0 &&
500 strcmp (banner, "JavaStation-E") != 0) {
504 reg0.phys_addr = 0x20400000;
505 reg0.reg_size = 0x00800000;
508 /* Let us be really paranoid for modifications to probing code. */
509 /* extern enum sparc_cpu sparc_cpu_model; */ /* in <asm/system.h> */
510 if (sparc_cpu_model != sun4m) {
511 /* We must be on sun4m because we use MMU Bypass ASI. */
515 if (jsf0.base == 0) {
518 jsf->base = reg0.phys_addr;
519 jsf->size = reg0.reg_size;
521 /* XXX Redo the userland interface. */
522 jsf->id.off = JSF_BASE_ALL;
523 jsf->id.size = 0x01000000; /* 16M - all segments */
524 strcpy(jsf->id.name, "Krups_all");
526 jsf->dv[0].dbase = jsf->base;
527 jsf->dv[0].dsize = jsf->size;
528 jsf->dv[1].dbase = jsf->base + 1024;
529 jsf->dv[1].dsize = jsf->size - 1024;
530 jsf->dv[2].dbase = JSF_BASE_ALL;
531 jsf->dv[2].dsize = 0x01000000;
533 printk("Espresso Flash @0x%lx [%d MB]\n", jsf->base,
534 (int) (jsf->size / (1024*1024)));
537 if ((rc = misc_register(&jsf_dev)) != 0) {
538 printk(KERN_ERR "jsf: unable to get misc minor %d\n",
547 static struct request_queue *jsf_queue;
549 static int jsfd_init(void)
551 static DEFINE_SPINLOCK(lock);
553 struct jsfd_part *jdp;
561 for (i = 0; i < JSF_MAX; i++) {
562 struct gendisk *disk = alloc_disk(1);
568 if (register_blkdev(JSFD_MAJOR, "jsfd")) {
573 jsf_queue = blk_init_queue(jsfd_do_request, &lock);
576 unregister_blkdev(JSFD_MAJOR, "jsfd");
580 for (i = 0; i < JSF_MAX; i++) {
581 struct gendisk *disk = jsfd_disk[i];
582 if ((i & JSF_PART_MASK) >= JSF_NPART) continue;
583 jsf = &jsf0; /* actually, &jsfv[i >> JSF_PART_BITS] */
584 jdp = &jsf->dv[i&JSF_PART_MASK];
586 disk->major = JSFD_MAJOR;
587 disk->first_minor = i;
588 sprintf(disk->disk_name, "jsfd%d", i);
589 disk->fops = &jsfd_fops;
590 set_capacity(disk, jdp->dsize >> 9);
591 disk->private_data = jdp;
592 disk->queue = jsf_queue;
594 set_disk_ro(disk, 1);
599 put_disk(jsfd_disk[i]);
603 MODULE_LICENSE("GPL");
605 static int __init jsflash_init_module(void) {
608 if ((rc = jsflash_init()) == 0) {
615 static void __exit jsflash_cleanup_module(void)
619 for (i = 0; i < JSF_MAX; i++) {
620 if ((i & JSF_PART_MASK) >= JSF_NPART) continue;
621 del_gendisk(jsfd_disk[i]);
622 put_disk(jsfd_disk[i]);
625 printk("jsf0: cleaning busy unit\n");
629 misc_deregister(&jsf_dev);
630 unregister_blkdev(JSFD_MAJOR, "jsfd");
631 blk_cleanup_queue(jsf_queue);
634 module_init(jsflash_init_module);
635 module_exit(jsflash_cleanup_module);
git://ftp.safe.ca / safe / jmp / linux-2.6 / blob