2 ## This file is part of the libsigrokdecode project.
4 ## Copyright (C) 2012-2014 Uwe Hermann <uwe@hermann-uwe.de>
6 ## This program is free software; you can redistribute it and/or modify
7 ## it under the terms of the GNU General Public License as published by
8 ## the Free Software Foundation; either version 2 of the License, or
9 ## (at your option) any later version.
11 ## This program is distributed in the hope that it will be useful,
12 ## but WITHOUT ANY WARRANTY; without even the implied warranty of
13 ## MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 ## GNU General Public License for more details.
16 ## You should have received a copy of the GNU General Public License
17 ## along with this program; if not, see <http://www.gnu.org/licenses/>.
20 import sigrokdecode as srd
21 from common.sdcard import (cmd_names, acmd_names)
23 class Decoder(srd.Decoder):
26 name = 'SD card (SPI mode)'
27 longname = 'Secure Digital card (SPI mode)'
28 desc = 'Secure Digital card (SPI mode) low-level protocol.'
34 tuple(('cmd%d' % i, 'CMD%d' % i) for i in range(64)) + \
35 tuple(('acmd%d' % i, 'ACMD%d' % i) for i in range(64)) + ( \
42 ('bit-warnings', 'Bit warnings'),
45 ('bits', 'Bits', (133, 134)),
46 ('cmd-reply', 'Commands/replies', tuple(range(133))),
54 self.ss, self.es = 0, 0
55 self.ss_bit, self.es_bit = 0, 0
56 self.ss_cmd, self.es_cmd = 0, 0
58 self.cmd_token_bits = []
59 self.is_acmd = False # Indicates CMD vs. ACMD
64 self.cmd24_start_token_found = False
66 self.cmd17_start_token_found = False
69 self.out_ann = self.register(srd.OUTPUT_ANN)
72 self.put(self.ss_cmd, self.es_cmd, self.out_ann, data)
74 def putc(self, cmd, desc):
75 self.putx([cmd, ['%s: %s' % (self.cmd_str, desc)]])
78 self.put(self.ss_bit, self.es_bit, self.out_ann, data)
80 def cmd_name(self, cmd):
81 c = acmd_names if self.is_acmd else cmd_names
82 s = c.get(cmd, 'Unknown')
83 # SD mode names for CMD32/33: ERASE_WR_BLK_{START,END}.
84 # SPI mode names for CMD32/33: ERASE_WR_BLK_{START,END}_ADDR.
89 def handle_command_token(self, mosi, miso):
90 # Command tokens (6 bytes) are sent (MSB-first) by the host.
93 # - CMD[47:47]: Start bit (always 0)
94 # - CMD[46:46]: Transmitter bit (1 == host)
95 # - CMD[45:40]: Command index (BCD; valid: 0-63)
96 # - CMD[39:08]: Argument
98 # - CMD[00:00]: End bit (always 1)
100 if len(self.cmd_token) == 0:
101 self.ss_cmd = self.ss
103 self.cmd_token.append(mosi)
104 self.cmd_token_bits.append(self.mosi_bits)
106 # All command tokens are 6 bytes long.
107 if len(self.cmd_token) < 6:
110 self.es_cmd = self.es
115 s = 'ACMD' if self.is_acmd else 'CMD'
118 return self.cmd_token_bits[5 - byte][bit]
120 # Bits[47:47]: Start bit (always 0)
121 bit, self.ss_bit, self.es_bit = tb(5, 7)[0], tb(5, 7)[1], tb(5, 7)[2]
123 self.putb([134, ['Start bit: %d' % bit]])
125 self.putb([135, ['Start bit: %s (Warning: Must be 0!)' % bit]])
127 # Bits[46:46]: Transmitter bit (1 == host)
128 bit, self.ss_bit, self.es_bit = tb(5, 6)[0], tb(5, 6)[1], tb(5, 6)[2]
130 self.putb([134, ['Transmitter bit: %d' % bit]])
132 self.putb([135, ['Transmitter bit: %d (Warning: Must be 1!)' % bit]])
134 # Bits[45:40]: Command index (BCD; valid: 0-63)
135 cmd = self.cmd_index = t[0] & 0x3f
136 self.ss_bit, self.es_bit = tb(5, 5)[1], tb(5, 0)[2]
137 self.putb([134, ['Command: %s%d (%s)' % (s, cmd, self.cmd_name(cmd))]])
139 # Bits[39:8]: Argument
140 self.arg = (t[1] << 24) | (t[2] << 16) | (t[3] << 8) | t[4]
141 self.ss_bit, self.es_bit = tb(4, 7)[1], tb(1, 0)[2]
142 self.putb([134, ['Argument: 0x%04x' % self.arg]])
147 self.ss_bit, self.es_bit = tb(0, 7)[1], tb(0, 1)[2]
148 self.putb([134, ['CRC7: 0x%01x' % crc]])
150 # Bits[0:0]: End bit (always 1)
151 bit, self.ss_bit, self.es_bit = tb(0, 0)[0], tb(0, 0)[1], tb(0, 0)[2]
153 self.putb([134, ['End bit: %d' % bit]])
155 self.putb([135, ['End bit: %d (Warning: Must be 1!)' % bit]])
158 if cmd in (0, 1, 9, 16, 17, 24, 41, 49, 55, 59):
159 self.state = 'HANDLE CMD%d' % cmd
160 self.cmd_str = '%s%d (%s)' % (s, cmd, self.cmd_name(cmd))
162 self.state = 'HANDLE CMD999'
163 a = '%s%d: %02x %02x %02x %02x %02x %02x' % ((s, cmd) + tuple(t))
164 self.putx([cmd, [a]])
166 def handle_cmd0(self):
167 # CMD0: GO_IDLE_STATE
168 self.putc(0, 'Reset the SD card')
169 self.state = 'GET RESPONSE R1'
171 def handle_cmd1(self):
173 self.putc(1, 'Send HCS info and activate the card init process')
174 hcs = (self.arg & (1 << 30)) >> 30
175 self.ss_bit = self.cmd_token_bits[5 - 4][6][1]
176 self.es_bit = self.cmd_token_bits[5 - 4][6][2]
177 self.putb([134, ['HCS: %d' % hcs]])
178 self.state = 'GET RESPONSE R1'
180 def handle_cmd9(self):
181 # CMD9: SEND_CSD (128 bits / 16 bytes)
182 self.putc(9, 'Ask card to send its card specific data (CSD)')
183 if len(self.read_buf) == 0:
184 self.ss_cmd = self.ss
185 self.read_buf.append(self.miso)
187 ### if len(self.read_buf) < 16:
188 if len(self.read_buf) < 16 + 4:
190 self.es_cmd = self.es
191 self.read_buf = self.read_buf[4:] # TODO: Document or redo.
192 self.putx([9, ['CSD: %s' % self.read_buf]])
193 # TODO: Decode all bits.
195 ### self.state = 'GET RESPONSE R1'
198 def handle_cmd10(self):
199 # CMD10: SEND_CID (128 bits / 16 bytes)
200 self.putc(10, 'Ask card to send its card identification (CID)')
201 self.read_buf.append(self.miso)
202 if len(self.read_buf) < 16:
204 self.putx([10, ['CID: %s' % self.read_buf]])
205 # TODO: Decode all bits.
207 self.state = 'GET RESPONSE R1'
209 def handle_cmd16(self):
210 # CMD16: SET_BLOCKLEN
211 self.blocklen = self.arg
212 # TODO: Sanity check on block length.
213 self.putc(16, 'Set the block length to %d bytes' % self.blocklen)
214 self.state = 'GET RESPONSE R1'
216 def handle_cmd17(self):
217 # CMD17: READ_SINGLE_BLOCK
218 self.putc(17, 'Read a block from address 0x%04x' % self.arg)
220 self.state = 'GET RESPONSE R1'
222 def handle_cmd24(self):
224 self.putc(24, 'Write a block to address 0x%04x' % self.arg)
226 self.state = 'GET RESPONSE R1'
228 def handle_cmd49(self):
229 self.state = 'GET RESPONSE R1'
231 def handle_cmd55(self):
233 self.putc(55, 'Next command is an application-specific command')
235 self.state = 'GET RESPONSE R1'
237 def handle_cmd59(self):
239 crc_on_off = self.arg & (1 << 0)
240 s = 'on' if crc_on_off == 1 else 'off'
241 self.putc(59, 'Turn the SD card CRC option %s' % s)
242 self.state = 'GET RESPONSE R1'
244 def handle_acmd41(self):
245 # ACMD41: SD_SEND_OP_COND
246 self.putc(64 + 41, 'Send HCS info and activate the card init process')
247 self.state = 'GET RESPONSE R1'
249 def handle_cmd999(self):
250 self.state = 'GET RESPONSE R1'
252 def handle_cid_register(self):
253 # Card Identification (CID) register, 128bits
257 # Manufacturer ID: CID[127:120] (8 bits)
260 # OEM/Application ID: CID[119:104] (16 bits)
261 oid = (cid[14] << 8) | cid[13]
263 # Product name: CID[103:64] (40 bits)
265 for i in range(12, 8 - 1, -1):
269 # Product revision: CID[63:56] (8 bits)
272 # Product serial number: CID[55:24] (32 bits)
274 for i in range(6, 3 - 1, -1):
278 # RESERVED: CID[23:20] (4 bits)
280 # Manufacturing date: CID[19:8] (12 bits)
283 # CRC7 checksum: CID[7:1] (7 bits)
286 # Not used, always 1: CID[0:0] (1 bit)
289 def handle_response_r1(self, res):
290 # The R1 response token format (1 byte).
291 # Sent by the card after every command except for SEND_STATUS.
293 self.ss_cmd, self.es_cmd = self.miso_bits[7][1], self.miso_bits[0][2]
294 self.putx([65, ['R1: 0x%02x' % res]])
296 def putbit(bit, data):
297 b = self.miso_bits[bit]
298 self.ss_bit, self.es_bit = b[1], b[2]
299 self.putb([134, data])
301 # Bit 0: 'In idle state' bit
302 s = '' if (res & (1 << 0)) else 'not '
303 putbit(0, ['Card is %sin idle state' % s])
305 # Bit 1: 'Erase reset' bit
306 s = '' if (res & (1 << 1)) else 'not '
307 putbit(1, ['Erase sequence %scleared' % s])
309 # Bit 2: 'Illegal command' bit
310 s = 'I' if (res & (1 << 2)) else 'No i'
311 putbit(2, ['%sllegal command detected' % s])
313 # Bit 3: 'Communication CRC error' bit
314 s = 'failed' if (res & (1 << 3)) else 'was successful'
315 putbit(3, ['CRC check of last command %s' % s])
317 # Bit 4: 'Erase sequence error' bit
318 s = 'E' if (res & (1 << 4)) else 'No e'
319 putbit(4, ['%srror in the sequence of erase commands' % s])
321 # Bit 5: 'Address error' bit
322 s = 'M' if (res & (1 << 4)) else 'No m'
323 putbit(5, ['%sisaligned address used in command' % s])
325 # Bit 6: 'Parameter error' bit
326 s = '' if (res & (1 << 4)) else 'not '
327 putbit(6, ['Command argument %soutside allowed range' % s])
329 # Bit 7: Always set to 0
330 putbit(7, ['Bit 7 (always 0)'])
333 self.state = 'HANDLE DATA BLOCK CMD17'
335 self.state = 'HANDLE DATA BLOCK CMD24'
337 def handle_response_r1b(self, res):
341 def handle_response_r2(self, res):
345 def handle_response_r3(self, res):
349 # Note: Response token formats R4 and R5 are reserved for SDIO.
353 def handle_response_r7(self, res):
357 def handle_data_cmd17(self, miso):
358 # CMD17 returns one byte R1, then some bytes 0xff, then a Start Block
359 # (single byte 0xfe), then self.blocklen bytes of data, then always
361 if self.cmd17_start_token_found:
362 if len(self.read_buf) == 0:
363 self.ss_data = self.ss
364 if not self.blocklen:
365 # Assume a fixed block size when inspection of the previous
366 # traffic did not provide the respective parameter value.
367 # TODO: Make the default block size a PD option?
369 self.read_buf.append(miso)
370 # Wait until block transfer completed.
371 if len(self.read_buf) < self.blocklen:
373 if len(self.read_buf) == self.blocklen:
374 self.es_data = self.es
375 self.put(self.ss_data, self.es_data, self.out_ann, [17, ['Block data: %s' % self.read_buf]])
376 elif len(self.read_buf) == (self.blocklen + 1):
377 self.ss_crc = self.ss
378 elif len(self.read_buf) == (self.blocklen + 2):
379 self.es_crc = self.es
381 self.put(self.ss_crc, self.es_crc, self.out_ann, [17, ['CRC']])
384 self.put(self.ss, self.es, self.out_ann, [17, ['Start Block']])
385 self.cmd17_start_token_found = True
387 def handle_data_cmd24(self, mosi):
388 if self.cmd24_start_token_found:
389 if len(self.read_buf) == 0:
390 self.ss_data = self.ss
391 if not self.blocklen:
392 # Assume a fixed block size when inspection of the
393 # previous traffic did not provide the respective
395 # TODO Make the default block size a user adjustable option?
397 self.read_buf.append(mosi)
398 # Wait until block transfer completed.
399 if len(self.read_buf) < self.blocklen:
401 self.es_data = self.es
402 self.put(self.ss_data, self.es_data, self.out_ann, [24, ['Block data: %s' % self.read_buf]])
404 self.state = 'DATA RESPONSE'
406 self.put(self.ss, self.es, self.out_ann, [24, ['Start Block']])
407 self.cmd24_start_token_found = True
409 def handle_data_response(self, miso):
410 # Data Response token (1 byte).
413 # - Bits[7:5]: Don't care.
414 # - Bits[4:4]: Always 0.
415 # - Bits[3:1]: Status.
416 # - 010: Data accepted.
417 # - 101: Data rejected due to a CRC error.
418 # - 110: Data rejected due to a write error.
419 # - Bits[0:0]: Always 1.
421 if miso & 0x11 != 0x01:
422 # This is not the byte we are waiting for.
423 # Should we return to IDLE here?
426 self.put(m[7][1], m[5][2], self.out_ann, [134, ['Don\'t care']])
427 self.put(m[4][1], m[4][2], self.out_ann, [134, ['Always 0']])
429 self.put(m[3][1], m[1][2], self.out_ann, [134, ['Data accepted']])
431 self.put(m[3][1], m[1][2], self.out_ann, [134, ['Data rejected (CRC error)']])
433 self.put(m[3][1], m[1][2], self.out_ann, [134, ['Data rejected (write error)']])
434 self.put(m[0][1], m[0][2], self.out_ann, [134, ['Always 1']])
438 if ann_class is not None:
439 self.put(self.ss, self.es, self.out_ann, [ann_class, ['Data Response']])
442 def decode(self, ss, es, data):
443 ptype, mosi, miso = data
445 # For now, only use DATA and BITS packets.
446 if ptype not in ('DATA', 'BITS'):
449 # Store the individual bit values and ss/es numbers. The next packet
450 # is guaranteed to be a 'DATA' packet belonging to this 'BITS' one.
452 self.miso_bits, self.mosi_bits = miso, mosi
455 self.ss, self.es = ss, es
458 if self.state == 'IDLE':
459 # Ignore stray 0xff bytes, some devices seem to send those!?
460 if mosi == 0xff: # TODO?
462 self.state = 'GET COMMAND TOKEN'
463 self.handle_command_token(mosi, miso)
464 elif self.state == 'GET COMMAND TOKEN':
465 self.handle_command_token(mosi, miso)
466 elif self.state.startswith('HANDLE CMD'):
467 self.miso, self.mosi = miso, mosi
468 # Call the respective handler method for the command.
469 a, cmdstr = 'a' if self.is_acmd else '', self.state[10:].lower()
470 handle_cmd = getattr(self, 'handle_%scmd%s' % (a, cmdstr))
473 self.cmd_token_bits = []
474 # Leave ACMD mode again after the first command after CMD55.
475 if self.is_acmd and cmdstr != '55':
477 elif self.state.startswith('GET RESPONSE'):
478 # Ignore stray 0xff bytes, some devices seem to send those!?
479 if miso == 0xff: # TODO?
481 # Call the respective handler method for the response.
482 # Assume return to IDLE state, but allow response handlers
483 # to advance to some other state when applicable.
484 s = 'handle_response_%s' % self.state[13:].lower()
485 handle_response = getattr(self, s)
487 handle_response(miso)
488 elif self.state == 'HANDLE DATA BLOCK CMD17':
489 self.handle_data_cmd17(miso)
490 elif self.state == 'HANDLE DATA BLOCK CMD24':
491 self.handle_data_cmd24(mosi)
492 elif self.state == 'DATA RESPONSE':
493 self.handle_data_response(miso)