1 /* 2 * QEMU ESP/NCR53C9x emulation 3 * 4 * Copyright (c) 2005-2006 Fabrice Bellard 5 * Copyright (c) 2012 Herve Poussineau 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 26 #include "qemu/osdep.h" 27 #include "hw/sysbus.h" 28 #include "migration/vmstate.h" 29 #include "hw/irq.h" 30 #include "hw/scsi/esp.h" 31 #include "trace.h" 32 #include "qemu/log.h" 33 #include "qemu/module.h" 34 35 /* 36 * On Sparc32, this is the ESP (NCR53C90) part of chip STP2000 (Master I/O), 37 * also produced as NCR89C100. See 38 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR89C100.txt 39 * and 40 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR53C9X.txt 41 * 42 * On Macintosh Quadra it is a NCR53C96. 43 */ 44 45 static void esp_raise_irq(ESPState *s) 46 { 47 if (!(s->rregs[ESP_RSTAT] & STAT_INT)) { 48 s->rregs[ESP_RSTAT] |= STAT_INT; 49 qemu_irq_raise(s->irq); 50 trace_esp_raise_irq(); 51 } 52 } 53 54 static void esp_lower_irq(ESPState *s) 55 { 56 if (s->rregs[ESP_RSTAT] & STAT_INT) { 57 s->rregs[ESP_RSTAT] &= ~STAT_INT; 58 qemu_irq_lower(s->irq); 59 trace_esp_lower_irq(); 60 } 61 } 62 63 static void esp_raise_drq(ESPState *s) 64 { 65 qemu_irq_raise(s->irq_data); 66 trace_esp_raise_drq(); 67 } 68 69 static void esp_lower_drq(ESPState *s) 70 { 71 qemu_irq_lower(s->irq_data); 72 trace_esp_lower_drq(); 73 } 74 75 void esp_dma_enable(ESPState *s, int irq, int level) 76 { 77 if (level) { 78 s->dma_enabled = 1; 79 trace_esp_dma_enable(); 80 if (s->dma_cb) { 81 s->dma_cb(s); 82 s->dma_cb = NULL; 83 } 84 } else { 85 trace_esp_dma_disable(); 86 s->dma_enabled = 0; 87 } 88 } 89 90 void esp_request_cancelled(SCSIRequest *req) 91 { 92 ESPState *s = req->hba_private; 93 94 if (req == s->current_req) { 95 scsi_req_unref(s->current_req); 96 s->current_req = NULL; 97 s->current_dev = NULL; 98 } 99 } 100 101 static void esp_fifo_push(ESPState *s, uint8_t val) 102 { 103 if (fifo8_num_used(&s->fifo) == ESP_FIFO_SZ) { 104 trace_esp_error_fifo_overrun(); 105 return; 106 } 107 108 fifo8_push(&s->fifo, val); 109 } 110 111 static uint8_t esp_fifo_pop(ESPState *s) 112 { 113 if (fifo8_is_empty(&s->fifo)) { 114 return 0; 115 } 116 117 return fifo8_pop(&s->fifo); 118 } 119 120 static void esp_cmdfifo_push(ESPState *s, uint8_t val) 121 { 122 if (fifo8_num_used(&s->cmdfifo) == ESP_CMDFIFO_SZ) { 123 trace_esp_error_fifo_overrun(); 124 return; 125 } 126 127 fifo8_push(&s->cmdfifo, val); 128 } 129 130 static uint8_t esp_cmdfifo_pop(ESPState *s) 131 { 132 if (fifo8_is_empty(&s->cmdfifo)) { 133 return 0; 134 } 135 136 return fifo8_pop(&s->cmdfifo); 137 } 138 139 static uint32_t esp_get_tc(ESPState *s) 140 { 141 uint32_t dmalen; 142 143 dmalen = s->rregs[ESP_TCLO]; 144 dmalen |= s->rregs[ESP_TCMID] << 8; 145 dmalen |= s->rregs[ESP_TCHI] << 16; 146 147 return dmalen; 148 } 149 150 static void esp_set_tc(ESPState *s, uint32_t dmalen) 151 { 152 s->rregs[ESP_TCLO] = dmalen; 153 s->rregs[ESP_TCMID] = dmalen >> 8; 154 s->rregs[ESP_TCHI] = dmalen >> 16; 155 } 156 157 static uint32_t esp_get_stc(ESPState *s) 158 { 159 uint32_t dmalen; 160 161 dmalen = s->wregs[ESP_TCLO]; 162 dmalen |= s->wregs[ESP_TCMID] << 8; 163 dmalen |= s->wregs[ESP_TCHI] << 16; 164 165 return dmalen; 166 } 167 168 static uint8_t esp_pdma_read(ESPState *s) 169 { 170 uint8_t val; 171 172 if (s->do_cmd) { 173 val = esp_cmdfifo_pop(s); 174 } else { 175 val = esp_fifo_pop(s); 176 } 177 178 return val; 179 } 180 181 static void esp_pdma_write(ESPState *s, uint8_t val) 182 { 183 uint32_t dmalen = esp_get_tc(s); 184 185 if (dmalen == 0) { 186 return; 187 } 188 189 if (s->do_cmd) { 190 esp_cmdfifo_push(s, val); 191 } else { 192 esp_fifo_push(s, val); 193 } 194 195 dmalen--; 196 esp_set_tc(s, dmalen); 197 } 198 199 static int esp_select(ESPState *s) 200 { 201 int target; 202 203 target = s->wregs[ESP_WBUSID] & BUSID_DID; 204 205 s->ti_size = 0; 206 fifo8_reset(&s->fifo); 207 208 if (s->current_req) { 209 /* Started a new command before the old one finished. Cancel it. */ 210 scsi_req_cancel(s->current_req); 211 s->async_len = 0; 212 } 213 214 s->current_dev = scsi_device_find(&s->bus, 0, target, 0); 215 if (!s->current_dev) { 216 /* No such drive */ 217 s->rregs[ESP_RSTAT] = 0; 218 s->rregs[ESP_RINTR] |= INTR_DC; 219 s->rregs[ESP_RSEQ] = SEQ_0; 220 esp_raise_irq(s); 221 return -1; 222 } 223 224 /* 225 * Note that we deliberately don't raise the IRQ here: this will be done 226 * either in do_busid_cmd() for DATA OUT transfers or by the deferred 227 * IRQ mechanism in esp_transfer_data() for DATA IN transfers 228 */ 229 s->rregs[ESP_RINTR] |= INTR_FC; 230 s->rregs[ESP_RSEQ] = SEQ_CD; 231 return 0; 232 } 233 234 static uint32_t get_cmd(ESPState *s, uint32_t maxlen) 235 { 236 uint8_t buf[ESP_CMDFIFO_SZ]; 237 uint32_t dmalen, n; 238 int target; 239 240 target = s->wregs[ESP_WBUSID] & BUSID_DID; 241 if (s->dma) { 242 dmalen = MIN(esp_get_tc(s), maxlen); 243 if (dmalen == 0) { 244 return 0; 245 } 246 if (s->dma_memory_read) { 247 s->dma_memory_read(s->dma_opaque, buf, dmalen); 248 fifo8_push_all(&s->cmdfifo, buf, dmalen); 249 } else { 250 if (esp_select(s) < 0) { 251 fifo8_reset(&s->cmdfifo); 252 return -1; 253 } 254 esp_raise_drq(s); 255 fifo8_reset(&s->cmdfifo); 256 return 0; 257 } 258 } else { 259 dmalen = MIN(fifo8_num_used(&s->fifo), maxlen); 260 if (dmalen == 0) { 261 return 0; 262 } 263 memcpy(buf, fifo8_pop_buf(&s->fifo, dmalen, &n), dmalen); 264 if (dmalen >= 3) { 265 buf[0] = buf[2] >> 5; 266 } 267 fifo8_push_all(&s->cmdfifo, buf, dmalen); 268 } 269 trace_esp_get_cmd(dmalen, target); 270 271 if (esp_select(s) < 0) { 272 fifo8_reset(&s->cmdfifo); 273 return -1; 274 } 275 return dmalen; 276 } 277 278 static void do_busid_cmd(ESPState *s, uint8_t busid) 279 { 280 uint32_t n, cmdlen; 281 int32_t datalen; 282 int lun; 283 SCSIDevice *current_lun; 284 uint8_t *buf; 285 286 trace_esp_do_busid_cmd(busid); 287 lun = busid & 7; 288 cmdlen = fifo8_num_used(&s->cmdfifo); 289 buf = (uint8_t *)fifo8_pop_buf(&s->cmdfifo, cmdlen, &n); 290 291 current_lun = scsi_device_find(&s->bus, 0, s->current_dev->id, lun); 292 s->current_req = scsi_req_new(current_lun, 0, lun, buf, s); 293 datalen = scsi_req_enqueue(s->current_req); 294 s->ti_size = datalen; 295 fifo8_reset(&s->cmdfifo); 296 if (datalen != 0) { 297 s->rregs[ESP_RSTAT] = STAT_TC; 298 s->rregs[ESP_RSEQ] = SEQ_CD; 299 s->ti_cmd = 0; 300 esp_set_tc(s, 0); 301 if (datalen > 0) { 302 /* 303 * Switch to DATA IN phase but wait until initial data xfer is 304 * complete before raising the command completion interrupt 305 */ 306 s->data_in_ready = false; 307 s->rregs[ESP_RSTAT] |= STAT_DI; 308 } else { 309 s->rregs[ESP_RSTAT] |= STAT_DO; 310 s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC; 311 esp_raise_irq(s); 312 esp_lower_drq(s); 313 } 314 scsi_req_continue(s->current_req); 315 return; 316 } 317 } 318 319 static void do_cmd(ESPState *s) 320 { 321 uint8_t busid = fifo8_pop(&s->cmdfifo); 322 uint32_t n; 323 324 s->cmdfifo_cdb_offset--; 325 326 /* Ignore extended messages for now */ 327 if (s->cmdfifo_cdb_offset) { 328 fifo8_pop_buf(&s->cmdfifo, s->cmdfifo_cdb_offset, &n); 329 s->cmdfifo_cdb_offset = 0; 330 } 331 332 do_busid_cmd(s, busid); 333 } 334 335 static void satn_pdma_cb(ESPState *s) 336 { 337 s->do_cmd = 0; 338 if (!fifo8_is_empty(&s->cmdfifo)) { 339 s->cmdfifo_cdb_offset = 1; 340 do_cmd(s); 341 } 342 } 343 344 static void handle_satn(ESPState *s) 345 { 346 int32_t cmdlen; 347 348 if (s->dma && !s->dma_enabled) { 349 s->dma_cb = handle_satn; 350 return; 351 } 352 s->pdma_cb = satn_pdma_cb; 353 cmdlen = get_cmd(s, ESP_CMDFIFO_SZ); 354 if (cmdlen > 0) { 355 s->cmdfifo_cdb_offset = 1; 356 do_cmd(s); 357 } else if (cmdlen == 0) { 358 s->do_cmd = 1; 359 /* Target present, but no cmd yet - switch to command phase */ 360 s->rregs[ESP_RSEQ] = SEQ_CD; 361 s->rregs[ESP_RSTAT] = STAT_CD; 362 } 363 } 364 365 static void s_without_satn_pdma_cb(ESPState *s) 366 { 367 uint32_t len; 368 369 s->do_cmd = 0; 370 len = fifo8_num_used(&s->cmdfifo); 371 if (len) { 372 s->cmdfifo_cdb_offset = 0; 373 do_busid_cmd(s, 0); 374 } 375 } 376 377 static void handle_s_without_atn(ESPState *s) 378 { 379 int32_t cmdlen; 380 381 if (s->dma && !s->dma_enabled) { 382 s->dma_cb = handle_s_without_atn; 383 return; 384 } 385 s->pdma_cb = s_without_satn_pdma_cb; 386 cmdlen = get_cmd(s, ESP_CMDFIFO_SZ); 387 if (cmdlen > 0) { 388 s->cmdfifo_cdb_offset = 0; 389 do_busid_cmd(s, 0); 390 } else if (cmdlen == 0) { 391 s->do_cmd = 1; 392 /* Target present, but no cmd yet - switch to command phase */ 393 s->rregs[ESP_RSEQ] = SEQ_CD; 394 s->rregs[ESP_RSTAT] = STAT_CD; 395 } 396 } 397 398 static void satn_stop_pdma_cb(ESPState *s) 399 { 400 s->do_cmd = 0; 401 if (!fifo8_is_empty(&s->cmdfifo)) { 402 trace_esp_handle_satn_stop(fifo8_num_used(&s->cmdfifo)); 403 s->do_cmd = 1; 404 s->cmdfifo_cdb_offset = 1; 405 s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD; 406 s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC; 407 s->rregs[ESP_RSEQ] = SEQ_CD; 408 esp_raise_irq(s); 409 } 410 } 411 412 static void handle_satn_stop(ESPState *s) 413 { 414 int32_t cmdlen; 415 416 if (s->dma && !s->dma_enabled) { 417 s->dma_cb = handle_satn_stop; 418 return; 419 } 420 s->pdma_cb = satn_stop_pdma_cb; 421 cmdlen = get_cmd(s, 1); 422 if (cmdlen > 0) { 423 trace_esp_handle_satn_stop(fifo8_num_used(&s->cmdfifo)); 424 s->do_cmd = 1; 425 s->cmdfifo_cdb_offset = 1; 426 s->rregs[ESP_RSTAT] = STAT_MO; 427 s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC; 428 s->rregs[ESP_RSEQ] = SEQ_MO; 429 esp_raise_irq(s); 430 } else if (cmdlen == 0) { 431 s->do_cmd = 1; 432 /* Target present, switch to message out phase */ 433 s->rregs[ESP_RSEQ] = SEQ_MO; 434 s->rregs[ESP_RSTAT] = STAT_MO; 435 } 436 } 437 438 static void write_response_pdma_cb(ESPState *s) 439 { 440 s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST; 441 s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC; 442 s->rregs[ESP_RSEQ] = SEQ_CD; 443 esp_raise_irq(s); 444 } 445 446 static void write_response(ESPState *s) 447 { 448 uint32_t n; 449 450 trace_esp_write_response(s->status); 451 452 fifo8_reset(&s->fifo); 453 esp_fifo_push(s, s->status); 454 esp_fifo_push(s, 0); 455 456 if (s->dma) { 457 if (s->dma_memory_write) { 458 s->dma_memory_write(s->dma_opaque, 459 (uint8_t *)fifo8_pop_buf(&s->fifo, 2, &n), 2); 460 s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST; 461 s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC; 462 s->rregs[ESP_RSEQ] = SEQ_CD; 463 } else { 464 s->pdma_cb = write_response_pdma_cb; 465 esp_raise_drq(s); 466 return; 467 } 468 } else { 469 s->ti_size = 2; 470 s->rregs[ESP_RFLAGS] = 2; 471 } 472 esp_raise_irq(s); 473 } 474 475 static void esp_dma_done(ESPState *s) 476 { 477 s->rregs[ESP_RSTAT] |= STAT_TC; 478 s->rregs[ESP_RINTR] |= INTR_BS; 479 s->rregs[ESP_RSEQ] = 0; 480 s->rregs[ESP_RFLAGS] = 0; 481 esp_set_tc(s, 0); 482 esp_raise_irq(s); 483 } 484 485 static void do_dma_pdma_cb(ESPState *s) 486 { 487 int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO); 488 int len; 489 uint32_t n; 490 491 if (s->do_cmd) { 492 s->ti_size = 0; 493 s->do_cmd = 0; 494 do_cmd(s); 495 esp_lower_drq(s); 496 return; 497 } 498 499 if (to_device) { 500 /* Copy FIFO data to device */ 501 len = MIN(fifo8_num_used(&s->fifo), ESP_FIFO_SZ); 502 memcpy(s->async_buf, fifo8_pop_buf(&s->fifo, len, &n), len); 503 s->async_buf += len; 504 s->async_len -= len; 505 s->ti_size += len; 506 if (s->async_len == 0) { 507 scsi_req_continue(s->current_req); 508 return; 509 } 510 511 if (esp_get_tc(s) == 0) { 512 esp_lower_drq(s); 513 esp_dma_done(s); 514 } 515 516 return; 517 } else { 518 if (s->async_len == 0) { 519 if (s->current_req) { 520 /* Defer until the scsi layer has completed */ 521 scsi_req_continue(s->current_req); 522 s->data_in_ready = false; 523 } 524 return; 525 } 526 527 if (esp_get_tc(s) != 0) { 528 /* Copy device data to FIFO */ 529 len = MIN(s->async_len, fifo8_num_free(&s->fifo)); 530 fifo8_push_all(&s->fifo, s->async_buf, len); 531 s->async_buf += len; 532 s->async_len -= len; 533 s->ti_size -= len; 534 esp_set_tc(s, esp_get_tc(s) - len); 535 return; 536 } 537 538 /* Partially filled a scsi buffer. Complete immediately. */ 539 esp_lower_drq(s); 540 esp_dma_done(s); 541 } 542 } 543 544 static void esp_do_dma(ESPState *s) 545 { 546 uint32_t len, cmdlen; 547 int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO); 548 uint8_t buf[ESP_CMDFIFO_SZ]; 549 550 len = esp_get_tc(s); 551 if (s->do_cmd) { 552 /* 553 * handle_ti_cmd() case: esp_do_dma() is called only from 554 * handle_ti_cmd() with do_cmd != NULL (see the assert()) 555 */ 556 cmdlen = fifo8_num_used(&s->cmdfifo); 557 trace_esp_do_dma(cmdlen, len); 558 if (s->dma_memory_read) { 559 s->dma_memory_read(s->dma_opaque, buf, len); 560 fifo8_push_all(&s->cmdfifo, buf, len); 561 } else { 562 s->pdma_cb = do_dma_pdma_cb; 563 esp_raise_drq(s); 564 return; 565 } 566 trace_esp_handle_ti_cmd(cmdlen); 567 s->ti_size = 0; 568 if ((s->rregs[ESP_RSTAT] & 7) == STAT_CD) { 569 /* No command received */ 570 if (s->cmdfifo_cdb_offset == fifo8_num_used(&s->cmdfifo)) { 571 return; 572 } 573 574 /* Command has been received */ 575 s->do_cmd = 0; 576 do_cmd(s); 577 } else { 578 /* 579 * Extra message out bytes received: update cmdfifo_cdb_offset 580 * and then switch to commmand phase 581 */ 582 s->cmdfifo_cdb_offset = fifo8_num_used(&s->cmdfifo); 583 s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD; 584 s->rregs[ESP_RSEQ] = SEQ_CD; 585 s->rregs[ESP_RINTR] |= INTR_BS; 586 esp_raise_irq(s); 587 } 588 return; 589 } 590 if (s->async_len == 0) { 591 /* Defer until data is available. */ 592 return; 593 } 594 if (len > s->async_len) { 595 len = s->async_len; 596 } 597 if (to_device) { 598 if (s->dma_memory_read) { 599 s->dma_memory_read(s->dma_opaque, s->async_buf, len); 600 } else { 601 s->pdma_cb = do_dma_pdma_cb; 602 esp_raise_drq(s); 603 return; 604 } 605 } else { 606 if (s->dma_memory_write) { 607 s->dma_memory_write(s->dma_opaque, s->async_buf, len); 608 } else { 609 /* Copy device data to FIFO */ 610 len = MIN(len, fifo8_num_free(&s->fifo)); 611 fifo8_push_all(&s->fifo, s->async_buf, len); 612 s->async_buf += len; 613 s->async_len -= len; 614 s->ti_size -= len; 615 esp_set_tc(s, esp_get_tc(s) - len); 616 s->pdma_cb = do_dma_pdma_cb; 617 esp_raise_drq(s); 618 619 /* Indicate transfer to FIFO is complete */ 620 s->rregs[ESP_RSTAT] |= STAT_TC; 621 return; 622 } 623 } 624 esp_set_tc(s, esp_get_tc(s) - len); 625 s->async_buf += len; 626 s->async_len -= len; 627 if (to_device) { 628 s->ti_size += len; 629 } else { 630 s->ti_size -= len; 631 } 632 if (s->async_len == 0) { 633 scsi_req_continue(s->current_req); 634 /* 635 * If there is still data to be read from the device then 636 * complete the DMA operation immediately. Otherwise defer 637 * until the scsi layer has completed. 638 */ 639 if (to_device || esp_get_tc(s) != 0 || s->ti_size == 0) { 640 return; 641 } 642 } 643 644 /* Partially filled a scsi buffer. Complete immediately. */ 645 esp_dma_done(s); 646 esp_lower_drq(s); 647 } 648 649 static void esp_do_nodma(ESPState *s) 650 { 651 int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO); 652 uint32_t cmdlen, n; 653 int len; 654 655 if (s->do_cmd) { 656 cmdlen = fifo8_num_used(&s->cmdfifo); 657 trace_esp_handle_ti_cmd(cmdlen); 658 s->ti_size = 0; 659 if ((s->rregs[ESP_RSTAT] & 7) == STAT_CD) { 660 /* No command received */ 661 if (s->cmdfifo_cdb_offset == fifo8_num_used(&s->cmdfifo)) { 662 return; 663 } 664 665 /* Command has been received */ 666 s->do_cmd = 0; 667 do_cmd(s); 668 } else { 669 /* 670 * Extra message out bytes received: update cmdfifo_cdb_offset 671 * and then switch to commmand phase 672 */ 673 s->cmdfifo_cdb_offset = fifo8_num_used(&s->cmdfifo); 674 s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD; 675 s->rregs[ESP_RSEQ] = SEQ_CD; 676 s->rregs[ESP_RINTR] |= INTR_BS; 677 esp_raise_irq(s); 678 } 679 return; 680 } 681 682 if (s->async_len == 0) { 683 /* Defer until data is available. */ 684 return; 685 } 686 687 if (to_device) { 688 len = MIN(fifo8_num_used(&s->fifo), ESP_FIFO_SZ); 689 memcpy(s->async_buf, fifo8_pop_buf(&s->fifo, len, &n), len); 690 s->async_buf += len; 691 s->async_len -= len; 692 s->ti_size += len; 693 } else { 694 len = MIN(s->ti_size, s->async_len); 695 len = MIN(len, fifo8_num_free(&s->fifo)); 696 fifo8_push_all(&s->fifo, s->async_buf, len); 697 s->async_buf += len; 698 s->async_len -= len; 699 s->ti_size -= len; 700 } 701 702 if (s->async_len == 0) { 703 scsi_req_continue(s->current_req); 704 705 if (to_device || s->ti_size == 0) { 706 return; 707 } 708 } 709 710 s->rregs[ESP_RINTR] |= INTR_BS; 711 esp_raise_irq(s); 712 } 713 714 void esp_command_complete(SCSIRequest *req, size_t resid) 715 { 716 ESPState *s = req->hba_private; 717 718 trace_esp_command_complete(); 719 if (s->ti_size != 0) { 720 trace_esp_command_complete_unexpected(); 721 } 722 s->ti_size = 0; 723 s->async_len = 0; 724 if (req->status) { 725 trace_esp_command_complete_fail(); 726 } 727 s->status = req->status; 728 s->rregs[ESP_RSTAT] = STAT_ST; 729 esp_dma_done(s); 730 esp_lower_drq(s); 731 if (s->current_req) { 732 scsi_req_unref(s->current_req); 733 s->current_req = NULL; 734 s->current_dev = NULL; 735 } 736 } 737 738 void esp_transfer_data(SCSIRequest *req, uint32_t len) 739 { 740 ESPState *s = req->hba_private; 741 int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO); 742 uint32_t dmalen = esp_get_tc(s); 743 744 assert(!s->do_cmd); 745 trace_esp_transfer_data(dmalen, s->ti_size); 746 s->async_len = len; 747 s->async_buf = scsi_req_get_buf(req); 748 749 if (!to_device && !s->data_in_ready) { 750 /* 751 * Initial incoming data xfer is complete so raise command 752 * completion interrupt 753 */ 754 s->data_in_ready = true; 755 s->rregs[ESP_RSTAT] |= STAT_TC; 756 s->rregs[ESP_RINTR] |= INTR_BS; 757 esp_raise_irq(s); 758 759 /* 760 * If data is ready to transfer and the TI command has already 761 * been executed, start DMA immediately. Otherwise DMA will start 762 * when host sends the TI command 763 */ 764 if (s->ti_size && (s->rregs[ESP_CMD] == (CMD_TI | CMD_DMA))) { 765 esp_do_dma(s); 766 } 767 return; 768 } 769 770 if (s->ti_cmd == 0) { 771 /* 772 * Always perform the initial transfer upon reception of the next TI 773 * command to ensure the DMA/non-DMA status of the command is correct. 774 * It is not possible to use s->dma directly in the section below as 775 * some OSs send non-DMA NOP commands after a DMA transfer. Hence if the 776 * async data transfer is delayed then s->dma is set incorrectly. 777 */ 778 return; 779 } 780 781 if (s->ti_cmd & CMD_DMA) { 782 if (dmalen) { 783 esp_do_dma(s); 784 } else if (s->ti_size <= 0) { 785 /* 786 * If this was the last part of a DMA transfer then the 787 * completion interrupt is deferred to here. 788 */ 789 esp_dma_done(s); 790 esp_lower_drq(s); 791 } 792 } else { 793 esp_do_nodma(s); 794 } 795 } 796 797 static void handle_ti(ESPState *s) 798 { 799 uint32_t dmalen; 800 801 if (s->dma && !s->dma_enabled) { 802 s->dma_cb = handle_ti; 803 return; 804 } 805 806 s->ti_cmd = s->rregs[ESP_CMD]; 807 if (s->dma) { 808 dmalen = esp_get_tc(s); 809 trace_esp_handle_ti(dmalen); 810 s->rregs[ESP_RSTAT] &= ~STAT_TC; 811 esp_do_dma(s); 812 } else { 813 trace_esp_handle_ti(s->ti_size); 814 esp_do_nodma(s); 815 } 816 } 817 818 void esp_hard_reset(ESPState *s) 819 { 820 memset(s->rregs, 0, ESP_REGS); 821 memset(s->wregs, 0, ESP_REGS); 822 s->tchi_written = 0; 823 s->ti_size = 0; 824 fifo8_reset(&s->fifo); 825 fifo8_reset(&s->cmdfifo); 826 s->dma = 0; 827 s->do_cmd = 0; 828 s->dma_cb = NULL; 829 830 s->rregs[ESP_CFG1] = 7; 831 } 832 833 static void esp_soft_reset(ESPState *s) 834 { 835 qemu_irq_lower(s->irq); 836 qemu_irq_lower(s->irq_data); 837 esp_hard_reset(s); 838 } 839 840 static void parent_esp_reset(ESPState *s, int irq, int level) 841 { 842 if (level) { 843 esp_soft_reset(s); 844 } 845 } 846 847 uint64_t esp_reg_read(ESPState *s, uint32_t saddr) 848 { 849 uint32_t val; 850 851 switch (saddr) { 852 case ESP_FIFO: 853 if (s->dma_memory_read && s->dma_memory_write && 854 (s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) { 855 /* Data out. */ 856 qemu_log_mask(LOG_UNIMP, "esp: PIO data read not implemented\n"); 857 s->rregs[ESP_FIFO] = 0; 858 } else { 859 s->rregs[ESP_FIFO] = esp_fifo_pop(s); 860 } 861 val = s->rregs[ESP_FIFO]; 862 break; 863 case ESP_RINTR: 864 /* 865 * Clear sequence step, interrupt register and all status bits 866 * except TC 867 */ 868 val = s->rregs[ESP_RINTR]; 869 s->rregs[ESP_RINTR] = 0; 870 s->rregs[ESP_RSTAT] &= ~STAT_TC; 871 s->rregs[ESP_RSEQ] = SEQ_0; 872 esp_lower_irq(s); 873 break; 874 case ESP_TCHI: 875 /* Return the unique id if the value has never been written */ 876 if (!s->tchi_written) { 877 val = s->chip_id; 878 } else { 879 val = s->rregs[saddr]; 880 } 881 break; 882 case ESP_RFLAGS: 883 /* Bottom 5 bits indicate number of bytes in FIFO */ 884 val = fifo8_num_used(&s->fifo); 885 break; 886 default: 887 val = s->rregs[saddr]; 888 break; 889 } 890 891 trace_esp_mem_readb(saddr, val); 892 return val; 893 } 894 895 void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val) 896 { 897 trace_esp_mem_writeb(saddr, s->wregs[saddr], val); 898 switch (saddr) { 899 case ESP_TCHI: 900 s->tchi_written = true; 901 /* fall through */ 902 case ESP_TCLO: 903 case ESP_TCMID: 904 s->rregs[ESP_RSTAT] &= ~STAT_TC; 905 break; 906 case ESP_FIFO: 907 if (s->do_cmd) { 908 esp_cmdfifo_push(s, val); 909 } else { 910 esp_fifo_push(s, val); 911 } 912 913 /* Non-DMA transfers raise an interrupt after every byte */ 914 if (s->rregs[ESP_CMD] == CMD_TI) { 915 s->rregs[ESP_RINTR] |= INTR_FC | INTR_BS; 916 esp_raise_irq(s); 917 } 918 break; 919 case ESP_CMD: 920 s->rregs[saddr] = val; 921 if (val & CMD_DMA) { 922 s->dma = 1; 923 /* Reload DMA counter. */ 924 if (esp_get_stc(s) == 0) { 925 esp_set_tc(s, 0x10000); 926 } else { 927 esp_set_tc(s, esp_get_stc(s)); 928 } 929 } else { 930 s->dma = 0; 931 } 932 switch (val & CMD_CMD) { 933 case CMD_NOP: 934 trace_esp_mem_writeb_cmd_nop(val); 935 break; 936 case CMD_FLUSH: 937 trace_esp_mem_writeb_cmd_flush(val); 938 fifo8_reset(&s->fifo); 939 break; 940 case CMD_RESET: 941 trace_esp_mem_writeb_cmd_reset(val); 942 esp_soft_reset(s); 943 break; 944 case CMD_BUSRESET: 945 trace_esp_mem_writeb_cmd_bus_reset(val); 946 if (!(s->wregs[ESP_CFG1] & CFG1_RESREPT)) { 947 s->rregs[ESP_RINTR] |= INTR_RST; 948 esp_raise_irq(s); 949 } 950 break; 951 case CMD_TI: 952 trace_esp_mem_writeb_cmd_ti(val); 953 handle_ti(s); 954 break; 955 case CMD_ICCS: 956 trace_esp_mem_writeb_cmd_iccs(val); 957 write_response(s); 958 s->rregs[ESP_RINTR] |= INTR_FC; 959 s->rregs[ESP_RSTAT] |= STAT_MI; 960 break; 961 case CMD_MSGACC: 962 trace_esp_mem_writeb_cmd_msgacc(val); 963 s->rregs[ESP_RINTR] |= INTR_DC; 964 s->rregs[ESP_RSEQ] = 0; 965 s->rregs[ESP_RFLAGS] = 0; 966 esp_raise_irq(s); 967 break; 968 case CMD_PAD: 969 trace_esp_mem_writeb_cmd_pad(val); 970 s->rregs[ESP_RSTAT] = STAT_TC; 971 s->rregs[ESP_RINTR] |= INTR_FC; 972 s->rregs[ESP_RSEQ] = 0; 973 break; 974 case CMD_SATN: 975 trace_esp_mem_writeb_cmd_satn(val); 976 break; 977 case CMD_RSTATN: 978 trace_esp_mem_writeb_cmd_rstatn(val); 979 break; 980 case CMD_SEL: 981 trace_esp_mem_writeb_cmd_sel(val); 982 handle_s_without_atn(s); 983 break; 984 case CMD_SELATN: 985 trace_esp_mem_writeb_cmd_selatn(val); 986 handle_satn(s); 987 break; 988 case CMD_SELATNS: 989 trace_esp_mem_writeb_cmd_selatns(val); 990 handle_satn_stop(s); 991 break; 992 case CMD_ENSEL: 993 trace_esp_mem_writeb_cmd_ensel(val); 994 s->rregs[ESP_RINTR] = 0; 995 break; 996 case CMD_DISSEL: 997 trace_esp_mem_writeb_cmd_dissel(val); 998 s->rregs[ESP_RINTR] = 0; 999 esp_raise_irq(s); 1000 break; 1001 default: 1002 trace_esp_error_unhandled_command(val); 1003 break; 1004 } 1005 break; 1006 case ESP_WBUSID ... ESP_WSYNO: 1007 break; 1008 case ESP_CFG1: 1009 case ESP_CFG2: case ESP_CFG3: 1010 case ESP_RES3: case ESP_RES4: 1011 s->rregs[saddr] = val; 1012 break; 1013 case ESP_WCCF ... ESP_WTEST: 1014 break; 1015 default: 1016 trace_esp_error_invalid_write(val, saddr); 1017 return; 1018 } 1019 s->wregs[saddr] = val; 1020 } 1021 1022 static bool esp_mem_accepts(void *opaque, hwaddr addr, 1023 unsigned size, bool is_write, 1024 MemTxAttrs attrs) 1025 { 1026 return (size == 1) || (is_write && size == 4); 1027 } 1028 1029 static bool esp_is_before_version_5(void *opaque, int version_id) 1030 { 1031 ESPState *s = ESP(opaque); 1032 1033 version_id = MIN(version_id, s->mig_version_id); 1034 return version_id < 5; 1035 } 1036 1037 static bool esp_is_version_5(void *opaque, int version_id) 1038 { 1039 ESPState *s = ESP(opaque); 1040 1041 version_id = MIN(version_id, s->mig_version_id); 1042 return version_id == 5; 1043 } 1044 1045 static int esp_pre_save(void *opaque) 1046 { 1047 ESPState *s = ESP(opaque); 1048 1049 s->mig_version_id = vmstate_esp.version_id; 1050 return 0; 1051 } 1052 1053 static int esp_post_load(void *opaque, int version_id) 1054 { 1055 ESPState *s = ESP(opaque); 1056 int len, i; 1057 1058 version_id = MIN(version_id, s->mig_version_id); 1059 1060 if (version_id < 5) { 1061 esp_set_tc(s, s->mig_dma_left); 1062 1063 /* Migrate ti_buf to fifo */ 1064 len = s->mig_ti_wptr - s->mig_ti_rptr; 1065 for (i = 0; i < len; i++) { 1066 fifo8_push(&s->fifo, s->mig_ti_buf[i]); 1067 } 1068 1069 /* Migrate cmdbuf to cmdfifo */ 1070 for (i = 0; i < s->mig_cmdlen; i++) { 1071 fifo8_push(&s->cmdfifo, s->mig_cmdbuf[i]); 1072 } 1073 } 1074 1075 s->mig_version_id = vmstate_esp.version_id; 1076 return 0; 1077 } 1078 1079 const VMStateDescription vmstate_esp = { 1080 .name = "esp", 1081 .version_id = 5, 1082 .minimum_version_id = 3, 1083 .pre_save = esp_pre_save, 1084 .post_load = esp_post_load, 1085 .fields = (VMStateField[]) { 1086 VMSTATE_BUFFER(rregs, ESPState), 1087 VMSTATE_BUFFER(wregs, ESPState), 1088 VMSTATE_INT32(ti_size, ESPState), 1089 VMSTATE_UINT32_TEST(mig_ti_rptr, ESPState, esp_is_before_version_5), 1090 VMSTATE_UINT32_TEST(mig_ti_wptr, ESPState, esp_is_before_version_5), 1091 VMSTATE_BUFFER_TEST(mig_ti_buf, ESPState, esp_is_before_version_5), 1092 VMSTATE_UINT32(status, ESPState), 1093 VMSTATE_UINT32_TEST(mig_deferred_status, ESPState, 1094 esp_is_before_version_5), 1095 VMSTATE_BOOL_TEST(mig_deferred_complete, ESPState, 1096 esp_is_before_version_5), 1097 VMSTATE_UINT32(dma, ESPState), 1098 VMSTATE_STATIC_BUFFER(mig_cmdbuf, ESPState, 0, 1099 esp_is_before_version_5, 0, 16), 1100 VMSTATE_STATIC_BUFFER(mig_cmdbuf, ESPState, 4, 1101 esp_is_before_version_5, 16, 1102 sizeof(typeof_field(ESPState, mig_cmdbuf))), 1103 VMSTATE_UINT32_TEST(mig_cmdlen, ESPState, esp_is_before_version_5), 1104 VMSTATE_UINT32(do_cmd, ESPState), 1105 VMSTATE_UINT32_TEST(mig_dma_left, ESPState, esp_is_before_version_5), 1106 VMSTATE_BOOL_TEST(data_in_ready, ESPState, esp_is_version_5), 1107 VMSTATE_UINT8_TEST(cmdfifo_cdb_offset, ESPState, esp_is_version_5), 1108 VMSTATE_FIFO8_TEST(fifo, ESPState, esp_is_version_5), 1109 VMSTATE_FIFO8_TEST(cmdfifo, ESPState, esp_is_version_5), 1110 VMSTATE_UINT8_TEST(ti_cmd, ESPState, esp_is_version_5), 1111 VMSTATE_END_OF_LIST() 1112 }, 1113 }; 1114 1115 static void sysbus_esp_mem_write(void *opaque, hwaddr addr, 1116 uint64_t val, unsigned int size) 1117 { 1118 SysBusESPState *sysbus = opaque; 1119 ESPState *s = ESP(&sysbus->esp); 1120 uint32_t saddr; 1121 1122 saddr = addr >> sysbus->it_shift; 1123 esp_reg_write(s, saddr, val); 1124 } 1125 1126 static uint64_t sysbus_esp_mem_read(void *opaque, hwaddr addr, 1127 unsigned int size) 1128 { 1129 SysBusESPState *sysbus = opaque; 1130 ESPState *s = ESP(&sysbus->esp); 1131 uint32_t saddr; 1132 1133 saddr = addr >> sysbus->it_shift; 1134 return esp_reg_read(s, saddr); 1135 } 1136 1137 static const MemoryRegionOps sysbus_esp_mem_ops = { 1138 .read = sysbus_esp_mem_read, 1139 .write = sysbus_esp_mem_write, 1140 .endianness = DEVICE_NATIVE_ENDIAN, 1141 .valid.accepts = esp_mem_accepts, 1142 }; 1143 1144 static void sysbus_esp_pdma_write(void *opaque, hwaddr addr, 1145 uint64_t val, unsigned int size) 1146 { 1147 SysBusESPState *sysbus = opaque; 1148 ESPState *s = ESP(&sysbus->esp); 1149 uint32_t dmalen; 1150 1151 trace_esp_pdma_write(size); 1152 1153 switch (size) { 1154 case 1: 1155 esp_pdma_write(s, val); 1156 break; 1157 case 2: 1158 esp_pdma_write(s, val >> 8); 1159 esp_pdma_write(s, val); 1160 break; 1161 } 1162 dmalen = esp_get_tc(s); 1163 if (dmalen == 0 || fifo8_is_full(&s->fifo)) { 1164 s->pdma_cb(s); 1165 } 1166 } 1167 1168 static uint64_t sysbus_esp_pdma_read(void *opaque, hwaddr addr, 1169 unsigned int size) 1170 { 1171 SysBusESPState *sysbus = opaque; 1172 ESPState *s = ESP(&sysbus->esp); 1173 uint64_t val = 0; 1174 1175 trace_esp_pdma_read(size); 1176 1177 switch (size) { 1178 case 1: 1179 val = esp_pdma_read(s); 1180 break; 1181 case 2: 1182 val = esp_pdma_read(s); 1183 val = (val << 8) | esp_pdma_read(s); 1184 break; 1185 } 1186 if (fifo8_is_empty(&s->fifo)) { 1187 s->pdma_cb(s); 1188 } 1189 return val; 1190 } 1191 1192 static const MemoryRegionOps sysbus_esp_pdma_ops = { 1193 .read = sysbus_esp_pdma_read, 1194 .write = sysbus_esp_pdma_write, 1195 .endianness = DEVICE_NATIVE_ENDIAN, 1196 .valid.min_access_size = 1, 1197 .valid.max_access_size = 4, 1198 .impl.min_access_size = 1, 1199 .impl.max_access_size = 2, 1200 }; 1201 1202 static const struct SCSIBusInfo esp_scsi_info = { 1203 .tcq = false, 1204 .max_target = ESP_MAX_DEVS, 1205 .max_lun = 7, 1206 1207 .transfer_data = esp_transfer_data, 1208 .complete = esp_command_complete, 1209 .cancel = esp_request_cancelled 1210 }; 1211 1212 static void sysbus_esp_gpio_demux(void *opaque, int irq, int level) 1213 { 1214 SysBusESPState *sysbus = SYSBUS_ESP(opaque); 1215 ESPState *s = ESP(&sysbus->esp); 1216 1217 switch (irq) { 1218 case 0: 1219 parent_esp_reset(s, irq, level); 1220 break; 1221 case 1: 1222 esp_dma_enable(opaque, irq, level); 1223 break; 1224 } 1225 } 1226 1227 static void sysbus_esp_realize(DeviceState *dev, Error **errp) 1228 { 1229 SysBusDevice *sbd = SYS_BUS_DEVICE(dev); 1230 SysBusESPState *sysbus = SYSBUS_ESP(dev); 1231 ESPState *s = ESP(&sysbus->esp); 1232 1233 if (!qdev_realize(DEVICE(s), NULL, errp)) { 1234 return; 1235 } 1236 1237 sysbus_init_irq(sbd, &s->irq); 1238 sysbus_init_irq(sbd, &s->irq_data); 1239 assert(sysbus->it_shift != -1); 1240 1241 s->chip_id = TCHI_FAS100A; 1242 memory_region_init_io(&sysbus->iomem, OBJECT(sysbus), &sysbus_esp_mem_ops, 1243 sysbus, "esp-regs", ESP_REGS << sysbus->it_shift); 1244 sysbus_init_mmio(sbd, &sysbus->iomem); 1245 memory_region_init_io(&sysbus->pdma, OBJECT(sysbus), &sysbus_esp_pdma_ops, 1246 sysbus, "esp-pdma", 4); 1247 sysbus_init_mmio(sbd, &sysbus->pdma); 1248 1249 qdev_init_gpio_in(dev, sysbus_esp_gpio_demux, 2); 1250 1251 scsi_bus_new(&s->bus, sizeof(s->bus), dev, &esp_scsi_info, NULL); 1252 } 1253 1254 static void sysbus_esp_hard_reset(DeviceState *dev) 1255 { 1256 SysBusESPState *sysbus = SYSBUS_ESP(dev); 1257 ESPState *s = ESP(&sysbus->esp); 1258 1259 esp_hard_reset(s); 1260 } 1261 1262 static void sysbus_esp_init(Object *obj) 1263 { 1264 SysBusESPState *sysbus = SYSBUS_ESP(obj); 1265 1266 object_initialize_child(obj, "esp", &sysbus->esp, TYPE_ESP); 1267 } 1268 1269 static const VMStateDescription vmstate_sysbus_esp_scsi = { 1270 .name = "sysbusespscsi", 1271 .version_id = 2, 1272 .minimum_version_id = 1, 1273 .fields = (VMStateField[]) { 1274 VMSTATE_UINT8_V(esp.mig_version_id, SysBusESPState, 2), 1275 VMSTATE_STRUCT(esp, SysBusESPState, 0, vmstate_esp, ESPState), 1276 VMSTATE_END_OF_LIST() 1277 } 1278 }; 1279 1280 static void sysbus_esp_class_init(ObjectClass *klass, void *data) 1281 { 1282 DeviceClass *dc = DEVICE_CLASS(klass); 1283 1284 dc->realize = sysbus_esp_realize; 1285 dc->reset = sysbus_esp_hard_reset; 1286 dc->vmsd = &vmstate_sysbus_esp_scsi; 1287 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); 1288 } 1289 1290 static const TypeInfo sysbus_esp_info = { 1291 .name = TYPE_SYSBUS_ESP, 1292 .parent = TYPE_SYS_BUS_DEVICE, 1293 .instance_init = sysbus_esp_init, 1294 .instance_size = sizeof(SysBusESPState), 1295 .class_init = sysbus_esp_class_init, 1296 }; 1297 1298 static void esp_finalize(Object *obj) 1299 { 1300 ESPState *s = ESP(obj); 1301 1302 fifo8_destroy(&s->fifo); 1303 fifo8_destroy(&s->cmdfifo); 1304 } 1305 1306 static void esp_init(Object *obj) 1307 { 1308 ESPState *s = ESP(obj); 1309 1310 fifo8_create(&s->fifo, ESP_FIFO_SZ); 1311 fifo8_create(&s->cmdfifo, ESP_CMDFIFO_SZ); 1312 } 1313 1314 static void esp_class_init(ObjectClass *klass, void *data) 1315 { 1316 DeviceClass *dc = DEVICE_CLASS(klass); 1317 1318 /* internal device for sysbusesp/pciespscsi, not user-creatable */ 1319 dc->user_creatable = false; 1320 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); 1321 } 1322 1323 static const TypeInfo esp_info = { 1324 .name = TYPE_ESP, 1325 .parent = TYPE_DEVICE, 1326 .instance_init = esp_init, 1327 .instance_finalize = esp_finalize, 1328 .instance_size = sizeof(ESPState), 1329 .class_init = esp_class_init, 1330 }; 1331 1332 static void esp_register_types(void) 1333 { 1334 type_register_static(&sysbus_esp_info); 1335 type_register_static(&esp_info); 1336 } 1337 1338 type_init(esp_register_types) 1339