[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <7d1f770ae750d6ed5fb942b16979cdcb@walle.cc>
Date: Mon, 01 Mar 2021 18:32:09 +0100
From: Michael Walle <michael@...le.cc>
To: Tudor.Ambarus@...rochip.com
Cc: linux-kernel@...r.kernel.org, linux-mtd@...ts.infradead.org,
miquel.raynal@...tlin.com, richard@....at, vigneshr@...com
Subject: Re: [PATCH v3 1/2] mtd: spi-nor: add OTP support
Hi Tudor,
thanks for the review.
Am 2021-02-28 13:00, schrieb Tudor.Ambarus@...rochip.com:
> On 2/16/21 6:28 PM, Michael Walle wrote:
>> EXTERNAL EMAIL: Do not click links or open attachments unless you know
>> the content is safe
>>
>> SPI flashes sometimes have a special OTP area, which can (and is) used
>> to
>> store immutable properties like board serial number or vendor assigned
>> network hardware addresses.
>>
>> The MTD subsystem already supports accessing such areas and some (non
>> SPI-NOR) flashes already implement support for it. It differentiates
>> between user and factory areas. User areas can be written by the user
>> and
>> factory ones are pre-programmed and locked down by the vendor, usually
>> containing an "electrical serial number". This patch will only add
>> support
>> for the user areas.
>>
>> Lay the foundation and implement the MTD callbacks for the SPI-NOR and
>> add
>> necessary parameters to the flash_info structure. If a flash supports
>> OTP
>> it can be added by the convenience macro OTP_INFO(). Sometimes there
>> are
>> individual regions, which might have individual offsets. Therefore, it
>> is
>> possible to specify the starting address of the first regions as well
>> as
>> the distance between two regions (e.g. Winbond devices uses this
>> method).
>>
>> Additionally, the regions might be locked down. Once locked, no
>> further
>> write access is possible.
>>
>> For SPI-NOR flashes the OTP area is accessed like the normal memory,
>> e.g.
>> by offset addressing; except that you either have to use special
>> read/write
>> commands (Winbond) or you have to enter (and exit) a specific OTP mode
>> (Macronix, Micron).
>>
>> Thus we introduce four operations to which the MTD callbacks will be
>> mapped: .read(), .write(), .lock() and .is_locked(). The read and the
>> write
>> ops will be given an address offset to operate on while the locking
>> ops use
>> regions because locking always affects a whole region. It is up to the
>> flash driver to implement these ops.
>>
>
> SPI NORs can support some OTP-like behaviour, meaning that in addition
> to
> the tipical OTP ops (read, write, lock), the SPI NORs can also erase
> the
> OTP-like memory before the permanent lock. I find the erase useful, in
> case one writes something wrong from the start, in case of errors where
> what was written differs from what is read back, or simply at
> development
> stage, to check the implementation. So I think we should add support
> for
> that too. If not now, maybe later.
As mentioned on IRC, this should be a seperate ioctl() thus the
mtd-utils
need to be changed, too. I wouldn't like to change the semantics of the
current (more or less well-established) ioctl interface around MTD otp
operations.
Thus maybe there might be OTPERASE ioctl, similar to OTPLOCK. I'm open
to this, but in a seperate patch series.
>> diff --git a/drivers/mtd/spi-nor/core.c b/drivers/mtd/spi-nor/core.c
>> index 0522304f52fa..af9d7f194f01 100644
>> --- a/drivers/mtd/spi-nor/core.c
>> +++ b/drivers/mtd/spi-nor/core.c
>
> cut
>> @@ -3502,6 +3508,8 @@ int spi_nor_scan(struct spi_nor *nor, const char
>> *name,
>> mtd->_is_locked = spi_nor_is_locked;
>> }
>>
>> + spi_nor_otp_init(nor);
>
> since this returns void, we can do it the last thing in the
> spi_nor_scan(), so
> that we don't gratuitously init fields in case of errors.
Mh, it used to be at this point because it sets the mtd ops. In my
previous patch version this was still inline. So sure I can move it,
but I'd move it right before spi_nor_init() because that will actually
interface with the SPI flash.
>> +
>> if (info->flags & USE_FSR)
>> nor->flags |= SNOR_F_USE_FSR;
>> if (info->flags & SPI_NOR_HAS_TB) {
>> diff --git a/drivers/mtd/spi-nor/core.h b/drivers/mtd/spi-nor/core.h
>> index 4a3f7f150b5d..5fb54ae08c5b 100644
>> --- a/drivers/mtd/spi-nor/core.h
>> +++ b/drivers/mtd/spi-nor/core.h
>> @@ -175,6 +175,21 @@ struct spi_nor_erase_map {
>> u8 uniform_erase_type;
>> };
>>
>> +/**
>> + * struct spi_nor_otp_info - Structure to describe the SPI NOR OTP
>> region
>> + * @otp_size: size of one OTP region in bytes.
>> + * @n_otps: number of individual OTP regions.
>> + * @otp_start_addr: start address of the OTP area.
>> + * @otp_addr_offset: offset between consecutive OTP regions if
>> there are
>> + * more than one.
>> + */
>> +struct spi_nor_otp_info {
>> + u32 otp_size;
>> + int n_otps;
>> + u32 otp_start_addr;
>> + u32 otp_addr_offset;
>> +};
>
> How about the following:
>
> struct spi_nor_otp_memory_organization {
I've used spi_nor_otp_organization, first because its a shorter name
and second it might or might not have something to do with memory.
> loff_t base;
> loff_t offset;
> size_t len;
> unsigned int n_regions;
> };
otherwise I've put the len argument as the first property, because
other flashes usually contain just one region, thus base and offset
are normally unused (or zero).
[..]
>> @@ -341,6 +374,15 @@ struct flash_info {
>>
>> /* Part specific fixup hooks. */
>> const struct spi_nor_fixups *fixups;
>> +
>> + /* OTP size in bytes */
>> + u16 otp_size;
>> + /* Number of OTP banks */
>> + u16 n_otps;
>> + /* Start address of OTP area */
>> + u32 otp_start_addr;
>> + /* Offset between consecutive OTP banks if there are more than
>> one */
>> + u32 otp_addr_offset;
>
> Let's use the structure that we have already defined:
> struct spi_nor_otp_memory_organization otp_memorg;
Ok, this was due to the convenience macro OTP_INFO(). Which now
looks like:
#define OTP_INFO(_len, _n_regions, _base, _offset) \
.otp_org = (struct spi_nor_otp_organization) { \
.len = (_len), \
.base = (_base), \
.offset = (_offset), \
.n_regions = (_n_regions), \
},
btw there is also a shorter OTP_INFO1(_len) which I used for the
macronix flashes (which for now was dropped in this series).
>> diff --git a/drivers/mtd/spi-nor/otp.c b/drivers/mtd/spi-nor/otp.c
>> new file mode 100644
>> index 000000000000..59bd1a3f450d
>> --- /dev/null
>> +++ b/drivers/mtd/spi-nor/otp.c
>> @@ -0,0 +1,157 @@
>> +// SPDX-License-Identifier: GPL-2.0
>> +/*
>> + * OTP support for SPI-NOR flashes
>> + *
>> + * Copyright (C) 2021 Michael Walle <michael@...le.cc>
>> + */
>> +
>> +#include <linux/mtd/mtd.h>
>> +#include <linux/mtd/spi-nor.h>
>> +
>> +#include "core.h"
>> +
>> +static loff_t spi_nor_otp_region_start(struct spi_nor *nor, int
>> region)
>
> const struct spi_nor *nor, unsigned int region
>
>> +{
>> + struct spi_nor_otp_info *info = &nor->params->otp_info;
>> +
>> + return info->otp_start_addr + region * info->otp_addr_offset;
>> +}
>> +
>> +static loff_t spi_nor_otp_region_end(struct spi_nor *nor, int region)
>
> same
>
>> +{
>> + struct spi_nor_otp_info *info = &nor->params->otp_info;
>> +
>> + return spi_nor_otp_region_start(nor, region) + info->otp_size
>> - 1;
>> +}
>> +
>> +static int spi_nor_mtd_otp_info(struct mtd_info *mtd, size_t len,
>> + size_t *retlen, struct otp_info *buf)
>> +{
>> + struct spi_nor *nor = mtd_to_spi_nor(mtd);
>
> const struct spi_nor *nor
Isn't possible, because is_locked() is called which in turn
calls spi_nor_read_xx() which takes "struct spi_nor".
>> + int n_otps = nor->params->otp_info.n_otps;
>> + int locked, i;
>
> unsigned int i;
>
>> +
>> + if (len < n_otps * sizeof(*buf))
>> + return -ENOSPC;
>> +
>> + for (i = 0; i < n_otps; i++) {
>> + buf[i].start = spi_nor_otp_region_start(nor, i);
>> + buf[i].length = nor->params->otp_info.otp_size;
>> +
>> + locked = nor->params->otp_ops->is_locked(nor, i);
>> + if (locked < 0)
>> + return locked;
>> +
>> + buf[i].locked = !!locked;
>> + }
>> +
>> + *retlen = n_otps * sizeof(*buf);
>> +
>> + return 0;
>> +}
>> +
>> +static int spi_nor_otp_addr_to_region(struct spi_nor *nor, loff_t
>> addr)
>> +{
>> + int i;
>
> unsigned int i;
>
>> +
>> + for (i = 0; i < nor->params->otp_info.n_otps; i++)
>> + if (addr >= spi_nor_otp_region_start(nor, i) &&
>> + addr <= spi_nor_otp_region_end(nor, i))
>> + return i;
>> +
>> + return -EINVAL;
>> +}
>> +
>> +static int spi_nor_mtd_otp_read_write(struct mtd_info *mtd, loff_t
>> ofs,
>> + size_t len, size_t *retlen,
>> u_char *buf,
>> + bool is_write)
>> +{
>> + struct spi_nor *nor = mtd_to_spi_nor(mtd);
>
> const
likewise
>
>> + int region;
>> + int ret;
>> +
>> + *retlen = 0;
>> +
>> + region = spi_nor_otp_addr_to_region(nor, ofs);
>> + if (region < 0)
>> + return 0;
>> +
>> + if (ofs < spi_nor_otp_region_start(nor, region))
>> + return 0;
>> +
>> + if ((ofs + len - 1) > spi_nor_otp_region_end(nor, region))
>> + return 0;
>> +
>> + ret = spi_nor_lock_and_prep(nor);
>
> please check the ret value
good catch.
>
>> +
>> + if (is_write)
>> + ret = nor->params->otp_ops->write(nor, ofs, len, buf);
>> + else
>> + ret = nor->params->otp_ops->read(nor, ofs, len, buf);
>> +
>> + spi_nor_unlock_and_unprep(nor);
>> +
>> + if (ret < 0)
>> + return ret;
>> +
>> + *retlen = len;
>> + return 0;
>> +}
>> +
>> +static int spi_nor_mtd_otp_read(struct mtd_info *mtd, loff_t from,
>> size_t len,
>> + size_t *retlen, u_char *buf)
>> +{
>> + return spi_nor_mtd_otp_read_write(mtd, from, len, retlen, buf,
>> false);
>> +}
>> +
>> +static int spi_nor_mtd_otp_write(struct mtd_info *mtd, loff_t to,
>> size_t len,
>> + size_t *retlen, u_char *buf)
>> +{
>> + return spi_nor_mtd_otp_read_write(mtd, to, len, retlen, buf,
>> true);
>> +}
>> +
>> +static int spi_nor_mtd_otp_lock(struct mtd_info *mtd, loff_t from,
>> size_t len)
>> +{
>> + struct spi_nor *nor = mtd_to_spi_nor(mtd);
>
> const
likewise
>
>> + int region;
>> + int ret;
>> +
>> + region = spi_nor_otp_addr_to_region(nor, from);
>> + if (region < 0)
>> + return -EINVAL;
>> +
>> + if (len != nor->params->otp_info.otp_size)
>> + return -EINVAL;
>
> Does the otp memory organization matter for the end user?
> Can't we lock/read/write past region size, for example 2 or 3 regions
> in a row,
> depending on length?
Mhh tough one. I guess the question really is: Do we want
to remap the 0x1000, 0x2000, 0x3000 offsets?
- 0x1000 -> 0
- 0x2000 -> 1 * region_size
- 0x3000 -> 2 * region_size
This is just an example, some devices may us other offsets.
I'd see this as a prerequsite for handling multiple regions
in one write, because otherwise you'll have to handle the
holes which makes it impossible I guess. For example what
would happen with (given an otp size of 0x100):
(1) lock(0, 0x100)
(2) lock(0x100, 0xf00)
(3) lock(0, 0x1000)
(1) will work, (2) should return -EINVAL; but what will (3)
return. -EINVAL too, I guess. But then, ops spanning multiple
regions doesn't make sense at all, because they will always
return -EINVAL.
Unfortunately, I don't know how userspace might access it.
This is how it looks like at the moment:
# flash_otp_info -u /dev/mtd1
Number of OTP user blocks on /dev/mtd1: 3
block 0: offset = 0x1000 size = 256 bytes [unlocked]
block 1: offset = 0x2000 size = 256 bytes [unlocked]
block 2: offset = 0x3000 size = 256 bytes [unlocked]
-michael
Powered by blists - more mailing lists