Hi Guenter,
On 2/3/20 7:09 PM, Guenter Roeck wrote:
Always report 6 bytes of JEDEC data. Fill remaining data with 0.
For unsupported commands, keep sending a value of 0 until the chip
is deselected.
Two changes, I'd rather see 2 patches. If you happen to respin they are
welcome. As the split is trivial maybe a block maintainer is OK to do
it. Regardless the outcome:
Reviewed-by: Philippe Mathieu-Daudé <phi...@redhat.com>
Both changes avoid attempts to decode random commands. Up to now this
happened if the reported Jedec data was shorter than 6 bytes but the
host read 6 bytes, and with all unsupported commands.
Signed-off-by: Guenter Roeck <li...@roeck-us.net>
---
hw/block/m25p80.c | 10 +++++++++-
1 file changed, 9 insertions(+), 1 deletion(-)
diff --git a/hw/block/m25p80.c b/hw/block/m25p80.c
index 63e050d7d3..aca75edcc1 100644
--- a/hw/block/m25p80.c
+++ b/hw/block/m25p80.c
@@ -1040,8 +1040,11 @@ static void decode_new_cmd(Flash *s, uint32_t value)
for (i = 0; i < s->pi->id_len; i++) {
s->data[i] = s->pi->id[i];
}
+ for (; i < SPI_NOR_MAX_ID_LEN; i++) {
+ s->data[i] = 0;
+ }
- s->len = s->pi->id_len;
+ s->len = SPI_NOR_MAX_ID_LEN;
s->pos = 0;
s->state = STATE_READING_DATA;
break;
@@ -1158,6 +1161,11 @@ static void decode_new_cmd(Flash *s, uint32_t value)
s->quad_enable = false;
break;
default:
+ s->pos = 0;
+ s->len = 1;
+ s->state = STATE_READING_DATA;
+ s->data_read_loop = true;
+ s->data[0] = 0;
qemu_log_mask(LOG_GUEST_ERROR, "M25P80: Unknown cmd %x\n", value);
break;
}
