atsamd_hal/peripherals/nvm/smart_eeprom.rs
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 140 141 142 143 144 145 146 147 148 149 150 151 152 153 154 155 156 157 158 159 160 161 162 163 164 165 166 167 168 169 170 171 172 173 174 175 176 177 178 179 180 181 182 183 184 185 186 187 188 189 190 191 192 193 194 195 196 197 198 199 200 201 202 203 204 205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237 238 239 240 241 242 243 244 245 246 247 248 249 250 251 252 253 254 255 256 257 258 259 260 261 262 263 264 265 266 267 268 269 270 271 272 273 274 275 276 277 278 279 280 281 282 283 284 285 286 287 288 289 290 291 292 293 294 295 296 297 298 299 300 301 302 303 304 305 306 307 308 309 310 311 312 313 314 315 316 317 318 319 320 321 322 323 324 325 326 327 328 329 330 331 332 333 334 335 336 337 338 339 340 341 342 343 344 345 346 347 348 349 350 351 352 353 354 355 356 357 358 359 360 361 362 363 364 365 366 367 368 369 370 371 372 373 374 375 376 377 378 379 380 381 382
//! # SmartEEPROM
//!
//! SmartEEPROM is a feature of NVM controller that simulates a RAM-like memory
//! within a flash. As bits in flash cannot switch from 0 to 1 because of its
//! properties (whole page of memory has to erased and data has to be recopied),
//! SmartEEPROM introduces an indirection mechanism that handles this issue via
//! notion of virtual pages and it handles physical page reallocation and
//! erasing automatically underneath.
//!
//! From a user perspective, SmartEEPROM behaves just like a piece of memory in
//! RAM but it is non-volatile. Data does not get lost between resets/power
//! cycles.
//!
//! From technical standpoint, NVM controller sacrifices last
//! `2*8192*Nvmctrl.SEESTAT.SBLK` bytes of flash (in an inactive bank). Memory
//! access through flash address space will cause HardFault. All accesses has to
//! be conducted through SmartEEPROM specific address space.
//!
//! Prerequisites:
//! Both `Nvmctrl.SEESTAT.{SBLK,PSZ}` (block size, virtual page size) are being
//! populated from proper bits in NVM controller user page on power-on-reset. By
//! default, `SBLK` property is set to `0`, effectively disabling SmartEEPROM.
//!
//! One of possible safe ways to change user page content is to use `OpenOCD`
//! custom commands. `atsame5x`'s `OpenOCD` driver supports `atsame5 userpage`
//! command. To access it from GDB, it has to be preceded with a `monitor`
//! clause.
//!
//! To access [`SmartEeprom`] struct, call [`Nvm::smart_eeprom`] method to
//! retrieve its instance.
use core::marker::PhantomData;
use super::Nvm;
use crate::pac::{nvmctrl::ctrlb::Cmdselect, Nvmctrl};
use crate::typelevel::Sealed;
/// Struct representing a SmartEEPROM instance.
///
/// It is generic over:
/// - a lifetime of a stored [`Nvm`] reference
/// - current state ([`Locked`]/[`Unlocked`])
pub struct SmartEeprom<'a, T: SmartEepromState> {
nvm: &'a mut Nvm,
virtual_size: usize,
__: PhantomData<T>,
}
/// Trait generalizing over a state of an SmartEEPROM
pub trait SmartEepromState: Sealed {}
/// Type-level enum variant representing a locked state of SmartEEPROM. In that
/// state, only read operations are permitted
pub enum Locked {}
impl SmartEepromState for Locked {}
impl Sealed for Locked {}
/// Type-level enum variant representing an unlocked state of SmartEEPROM. In
/// that state, both read and write operations are permitted
pub enum Unlocked {}
impl SmartEepromState for Unlocked {}
impl Sealed for Unlocked {}
/// Enum representing possible failure modes of SmartEEPROM while its state is
/// being retrieved from HW registers.
#[derive(Debug)]
pub enum SmartEepromRetrievalFailure {
/// SmartEEPROM is disabled and user page is misconfigured. [`More details
/// in module-level documentation`](self).
Disabled,
/// Support for disabled automatic page reallocation is not implemented.
DisabledAutomaticPageReallocationNotSupported,
/// Support for buffered writes to NVM is not implemented.
BufferedWritesNotSupported,
/// `SBLK` must be in range `1..=10`. `SBLK` is represented by 4 bits in a
/// user page which means that it can be between `0` and `15`. Documentation
/// does not cover cases for `11..=15`, therefore API considers them
/// unsupported.
InvalidBlockCount {
/// Currently set, unsupported `SBLK` value.
sblk: u32,
},
}
/// Enum encapsulating different modes SmartEEPROM can be in.
pub enum SmartEepromMode<'a> {
/// SmartEEPROM is locked
Locked(SmartEeprom<'a, Locked>),
/// SmartEEPROM is unlocked
Unlocked(SmartEeprom<'a, Unlocked>),
}
/// Type alias for locally used [`Result`] type.
pub type Result<'a> = core::result::Result<SmartEepromMode<'a>, SmartEepromRetrievalFailure>;
#[inline]
fn wait_if_busy() {
// Workaround: Cannot access `Nvmctrl` through `self.nvm.nvm` because of double
// borrowing in iterator for [`SmartEeprom::set`]. This should be safe though.
let nvmctrl = unsafe { &*Nvmctrl::ptr() };
while nvmctrl.seestat().read().busy().bit_is_set() {}
}
impl<'a> SmartEepromMode<'a> {
/// Retrieve [`SmartEeprom`] instance using information found in relevant HW
/// registers.
pub(super) fn retrieve(nvm: &'a mut Nvm) -> Result<'a> {
use SmartEepromMode as Mode;
use SmartEepromRetrievalFailure::*;
if nvm.nvm.seecfg().read().aprdis().bit_is_set() {
return Err(DisabledAutomaticPageReallocationNotSupported);
}
if nvm.nvm.seecfg().read().wmode().is_buffered() {
return Err(BufferedWritesNotSupported);
}
let sblk = nvm.nvm.seestat().read().sblk().bits() as u32;
let psz = nvm.nvm.seestat().read().psz().bits() as u32;
let virtual_size = match (sblk, psz) {
(0, _) => return Err(Disabled),
(sblk @ 11..=u32::MAX, _) => return Err(InvalidBlockCount { sblk }),
(_, 8..=u32::MAX) => {
unreachable!("`Nvmctrl.SEESTAT.PSZ` value is represented with 3 bits in user page")
}
others => Self::map_sblk_psz_to_virtual_size(others),
};
if nvm.nvm.seestat().read().lock().bit_is_set() {
Ok(Mode::Locked(SmartEeprom {
nvm,
virtual_size,
__: PhantomData::<Locked>,
}))
} else {
Ok(Mode::Unlocked(SmartEeprom {
nvm,
virtual_size,
__: PhantomData::<Unlocked>,
}))
}
}
fn map_sblk_psz_to_virtual_size(sblk_psz_pair: (u32, u32)) -> usize {
match sblk_psz_pair {
(_, 0) => 512,
(_, 1) => 1024,
(_, 2) => 2048,
(_, 3) => 4096,
(1, _) => 4096,
(_, 4) => 8192,
(2, _) => 8192,
(_, 5) => 16384,
(3 | 4, _) => 16384,
(_, 6) => 32768,
(5..=8, _) => 32768,
(_, 7) => 65536,
_ => unreachable!(),
}
}
}
impl<'a, T: SmartEepromState> SmartEeprom<'a, T> {
const SEEPROM_ADDR: *mut usize = 0x44000000 as _;
/// Returns an immutable slice to SmartEEPROM mapped address space.
///
/// [`Underlying pointed type`](SmartEepromPointableSize) can be either
/// [`u8`], [`u16`] or [`u32`].
///
/// # Safety
///
/// `Nvmctrl.SEESTAT.BUSY` register must be 0 before memory access can be
/// performed.
pub unsafe fn get_slice<TP: SmartEepromPointableSize>(&self) -> &[TP] {
core::slice::from_raw_parts_mut(
Self::SEEPROM_ADDR as _,
self.virtual_size / core::mem::size_of::<TP>(),
)
}
/// Retrieves data stored in SmartEEPROM at `offset` location and copies it
/// to `buffer`.
///
/// Note:
/// `offset_in_bytes == sizeof::<TP>() * offset`
pub fn get<TP: SmartEepromPointableSize>(&self, offset: usize, buffer: &mut [TP]) {
let slice = unsafe { self.get_slice() };
buffer
.iter_mut()
.zip(slice.iter().skip(offset))
.for_each(|(target, source)| {
wait_if_busy();
*target = *source
});
}
/// Returns an iterator over SmartEEPROM address space.
pub fn iter<TP: SmartEepromPointableSize>(&'a self) -> SmartEepromIter<'a, TP> {
SmartEepromIter {
iter: unsafe { self.get_slice().iter() },
}
}
}
/// Trait generalizing over primitive types that are permitted to be used as
/// slice backing types
pub trait SmartEepromPointableSize: Sealed + Copy {}
impl SmartEepromPointableSize for u8 {}
impl SmartEepromPointableSize for u16 {}
impl SmartEepromPointableSize for u32 {}
impl<'a> SmartEeprom<'a, Unlocked> {
/// Returns a mutable slice to SmartEEPROM mapped address space.
///
/// [`Underlying pointed type`](SmartEepromPointableSize) can be either
/// [`u8`], [`u16`] or [`u32`].
///
/// # Safety
///
/// `Nvmctrl.SEESTAT.BUSY` register must be 0 before memory access can be
/// performed.
pub unsafe fn get_mut_slice<TP: SmartEepromPointableSize>(&mut self) -> &mut [TP] {
core::slice::from_raw_parts_mut(
Self::SEEPROM_ADDR as _,
self.virtual_size / core::mem::size_of::<TP>(),
)
}
/// Copies data in a `buffer` to SmartEEPROM at `offset` location
///
/// Note:
/// `offset_in_bytes == sizeof::<TP>() * offset`
pub fn set<TP: SmartEepromPointableSize>(&mut self, offset: usize, buffer: &[TP]) {
let slice = unsafe { self.get_mut_slice() };
buffer
.iter()
.zip(slice.iter_mut().skip(offset))
.for_each(|(source, target)| {
wait_if_busy();
*target = *source
});
}
/// Returns a mutable iterator over SmartEEPROM address space.
pub fn iter_mut<TP: SmartEepromPointableSize>(&'a mut self) -> SmartEepromIterMut<'a, TP> {
SmartEepromIterMut {
iter: unsafe { self.get_mut_slice().iter_mut() },
}
}
/// Locks SmartEEPROM, allowing only to perform read operations
pub fn lock(self) -> SmartEeprom<'a, Locked> {
// Panic case should never happen as we wait for STATUS.READY
self.nvm
.command_sync(Cmdselect::Lsee)
.expect("SmartEEPROM locking failed");
let Self {
nvm, virtual_size, ..
} = self;
SmartEeprom {
nvm,
virtual_size,
__: PhantomData,
}
}
}
impl<'a> SmartEeprom<'a, Locked> {
/// Unlocks SmartEEPROM, allowing to perform both read and write operations
pub fn unlock(self) -> SmartEeprom<'a, Unlocked> {
// Panic case should never happen as we wait for STATUS.READY
self.nvm
.command_sync(Cmdselect::Usee)
.expect("SmartEEPROM unlocking failed");
let Self {
nvm, virtual_size, ..
} = self;
SmartEeprom {
nvm,
virtual_size,
__: PhantomData,
}
}
}
/// A type representing an immutable iterator over SmartEEPROM address space
pub struct SmartEepromIter<'a, TP: SmartEepromPointableSize> {
iter: core::slice::Iter<'a, TP>,
}
impl<'a, TP: SmartEepromPointableSize> Iterator for SmartEepromIter<'a, TP> {
type Item = &'a TP;
fn next(&mut self) -> Option<Self::Item> {
wait_if_busy();
self.iter.next()
}
}
impl<TP: SmartEepromPointableSize> DoubleEndedIterator for SmartEepromIter<'_, TP> {
fn next_back(&mut self) -> Option<Self::Item> {
wait_if_busy();
self.iter.next_back()
}
}
/// A type representing a mutable iterator over SmartEEPROM address space
pub struct SmartEepromIterMut<'a, TP: SmartEepromPointableSize> {
iter: core::slice::IterMut<'a, TP>,
}
impl<'a, TP: SmartEepromPointableSize> Iterator for SmartEepromIterMut<'a, TP> {
type Item = &'a mut TP;
fn next(&mut self) -> Option<Self::Item> {
wait_if_busy();
self.iter.next()
}
}
impl<TP: SmartEepromPointableSize> DoubleEndedIterator for SmartEepromIterMut<'_, TP> {
fn next_back(&mut self) -> Option<Self::Item> {
wait_if_busy();
self.iter.next_back()
}
}
#[cfg(test)]
mod tests {
use super::*;
#[test]
fn test_if_virtual_size_is_mapped_correctly() {
// For some reason, doing
// `use SmartEepromMode::map_sblk_psz_to_virtual_size as f;`
// is not permitted - 🤷
fn f(sblk: u32, psz: u32) -> usize {
SmartEepromMode::map_sblk_psz_to_virtual_size((sblk, psz))
}
assert_eq!(f(1, 0), 512);
assert_eq!(f(1, 1), 1024);
assert_eq!(f(1, 2), 2048);
assert_eq!(f(1, 3), 4096);
assert_eq!(f(1, 4), 4096);
assert_eq!(f(1, 5), 4096);
assert_eq!(f(1, 6), 4096);
assert_eq!(f(1, 7), 4096);
assert_eq!(f(2, 0), 512);
assert_eq!(f(2, 1), 1024);
assert_eq!(f(2, 2), 2048);
assert_eq!(f(2, 3), 4096);
assert_eq!(f(2, 4), 8192);
assert_eq!(f(2, 5), 8192);
assert_eq!(f(2, 6), 8192);
assert_eq!(f(2, 7), 8192);
assert_eq!(f(3, 0), 512);
for i in 3..=4 {
assert_eq!(f(i, 1), 1024);
assert_eq!(f(i, 2), 2048);
assert_eq!(f(i, 3), 4096);
assert_eq!(f(i, 4), 8192);
assert_eq!(f(i, 5), 16384);
assert_eq!(f(i, 6), 16384);
assert_eq!(f(i, 7), 16384);
}
for i in 5..=8 {
assert_eq!(f(i, 0), 512);
assert_eq!(f(i, 1), 1024);
assert_eq!(f(i, 2), 2048);
assert_eq!(f(i, 3), 4096);
assert_eq!(f(i, 4), 8192);
assert_eq!(f(i, 5), 16384);
assert_eq!(f(i, 6), 32768);
assert_eq!(f(i, 7), 32768);
}
for i in 9..=10 {
assert_eq!(f(i, 0), 512);
assert_eq!(f(i, 1), 1024);
assert_eq!(f(i, 2), 2048);
assert_eq!(f(i, 3), 4096);
assert_eq!(f(i, 4), 8192);
assert_eq!(f(i, 5), 16384);
assert_eq!(f(i, 6), 32768);
assert_eq!(f(i, 7), 65536);
}
}
}