From: Philippe Mathieu-Daudé <philmd@linaro.org>
Date: Tue, 25 Jun 2024 02:48:12 +0000 (+0200)
Subject: hw/sd/sdcard: Restrict SWITCH_FUNCTION to sd_transfer_state (CMD6)
X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=c239084f5b2b13e74716071a5e029329a52e643a;p=qemu.git

hw/sd/sdcard: Restrict SWITCH_FUNCTION to sd_transfer_state (CMD6)

SWITCH_FUNCTION is only allowed in TRANSFER state
(See 4.8 "Card State Transition Table).

Fixes: a1bb27b1e9 ("Initial SD card emulation")
Signed-off-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Tested-by: Cédric Le Goater <clg@redhat.com>
Reviewed-by: Cédric Le Goater <clg@redhat.com>
Message-Id: <20240628070216.92609-13-philmd@linaro.org>
---

diff --git a/hw/sd/sd.c b/hw/sd/sd.c
index 396185f240..b5d002e6d7 100644
--- a/hw/sd/sd.c
+++ b/hw/sd/sd.c
@@ -1204,6 +1204,10 @@ static sd_rsp_type_t sd_normal_command(SDState *sd, SDRequest req)
         if (sd->mode != sd_data_transfer_mode) {
             return sd_invalid_mode_for_cmd(sd, req);
         }
+        if (sd->state != sd_transfer_state) {
+            return sd_invalid_state_for_cmd(sd, req);
+        }
+
         sd_function_switch(sd, req.arg);
         sd->state = sd_sendingdata_state;
         sd->data_start = 0;