1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include "qemu/osdep.h"
17
18#include "hw/hw.h"
19#include "hw/pci/pci.h"
20#include "hw/scsi/scsi.h"
21#include "sysemu/dma.h"
22#include "qemu/log.h"
23
24
25
26
27#ifdef DEBUG_LSI
28#define DPRINTF(fmt, ...) \
29do { printf("lsi_scsi: " fmt , ## __VA_ARGS__); } while (0)
30#define BADF(fmt, ...) \
31do { fprintf(stderr, "lsi_scsi: error: " fmt , ## __VA_ARGS__); exit(1);} while (0)
32#else
33#define DPRINTF(fmt, ...) do {} while(0)
34#define BADF(fmt, ...) \
35do { fprintf(stderr, "lsi_scsi: error: " fmt , ## __VA_ARGS__);} while (0)
36#endif
37
38static const char *names[] = {
39 "SCNTL0", "SCNTL1", "SCNTL2", "SCNTL3", "SCID", "SXFER", "SDID", "GPREG",
40 "SFBR", "SOCL", "SSID", "SBCL", "DSTAT", "SSTAT0", "SSTAT1", "SSTAT2",
41 "DSA0", "DSA1", "DSA2", "DSA3", "ISTAT", "0x15", "0x16", "0x17",
42 "CTEST0", "CTEST1", "CTEST2", "CTEST3", "TEMP0", "TEMP1", "TEMP2", "TEMP3",
43 "DFIFO", "CTEST4", "CTEST5", "CTEST6", "DBC0", "DBC1", "DBC2", "DCMD",
44 "DNAD0", "DNAD1", "DNAD2", "DNAD3", "DSP0", "DSP1", "DSP2", "DSP3",
45 "DSPS0", "DSPS1", "DSPS2", "DSPS3", "SCRATCHA0", "SCRATCHA1", "SCRATCHA2", "SCRATCHA3",
46 "DMODE", "DIEN", "SBR", "DCNTL", "ADDER0", "ADDER1", "ADDER2", "ADDER3",
47 "SIEN0", "SIEN1", "SIST0", "SIST1", "SLPAR", "0x45", "MACNTL", "GPCNTL",
48 "STIME0", "STIME1", "RESPID", "0x4b", "STEST0", "STEST1", "STEST2", "STEST3",
49 "SIDL", "0x51", "0x52", "0x53", "SODL", "0x55", "0x56", "0x57",
50 "SBDL", "0x59", "0x5a", "0x5b", "SCRATCHB0", "SCRATCHB1", "SCRATCHB2", "SCRATCHB3",
51};
52
53#define LSI_MAX_DEVS 7
54
55#define LSI_SCNTL0_TRG 0x01
56#define LSI_SCNTL0_AAP 0x02
57#define LSI_SCNTL0_EPC 0x08
58#define LSI_SCNTL0_WATN 0x10
59#define LSI_SCNTL0_START 0x20
60
61#define LSI_SCNTL1_SST 0x01
62#define LSI_SCNTL1_IARB 0x02
63#define LSI_SCNTL1_AESP 0x04
64#define LSI_SCNTL1_RST 0x08
65#define LSI_SCNTL1_CON 0x10
66#define LSI_SCNTL1_DHP 0x20
67#define LSI_SCNTL1_ADB 0x40
68#define LSI_SCNTL1_EXC 0x80
69
70#define LSI_SCNTL2_WSR 0x01
71#define LSI_SCNTL2_VUE0 0x02
72#define LSI_SCNTL2_VUE1 0x04
73#define LSI_SCNTL2_WSS 0x08
74#define LSI_SCNTL2_SLPHBEN 0x10
75#define LSI_SCNTL2_SLPMD 0x20
76#define LSI_SCNTL2_CHM 0x40
77#define LSI_SCNTL2_SDU 0x80
78
79#define LSI_ISTAT0_DIP 0x01
80#define LSI_ISTAT0_SIP 0x02
81#define LSI_ISTAT0_INTF 0x04
82#define LSI_ISTAT0_CON 0x08
83#define LSI_ISTAT0_SEM 0x10
84#define LSI_ISTAT0_SIGP 0x20
85#define LSI_ISTAT0_SRST 0x40
86#define LSI_ISTAT0_ABRT 0x80
87
88#define LSI_ISTAT1_SI 0x01
89#define LSI_ISTAT1_SRUN 0x02
90#define LSI_ISTAT1_FLSH 0x04
91
92#define LSI_SSTAT0_SDP0 0x01
93#define LSI_SSTAT0_RST 0x02
94#define LSI_SSTAT0_WOA 0x04
95#define LSI_SSTAT0_LOA 0x08
96#define LSI_SSTAT0_AIP 0x10
97#define LSI_SSTAT0_OLF 0x20
98#define LSI_SSTAT0_ORF 0x40
99#define LSI_SSTAT0_ILF 0x80
100
101#define LSI_SIST0_PAR 0x01
102#define LSI_SIST0_RST 0x02
103#define LSI_SIST0_UDC 0x04
104#define LSI_SIST0_SGE 0x08
105#define LSI_SIST0_RSL 0x10
106#define LSI_SIST0_SEL 0x20
107#define LSI_SIST0_CMP 0x40
108#define LSI_SIST0_MA 0x80
109
110#define LSI_SIST1_HTH 0x01
111#define LSI_SIST1_GEN 0x02
112#define LSI_SIST1_STO 0x04
113#define LSI_SIST1_SBMC 0x10
114
115#define LSI_SOCL_IO 0x01
116#define LSI_SOCL_CD 0x02
117#define LSI_SOCL_MSG 0x04
118#define LSI_SOCL_ATN 0x08
119#define LSI_SOCL_SEL 0x10
120#define LSI_SOCL_BSY 0x20
121#define LSI_SOCL_ACK 0x40
122#define LSI_SOCL_REQ 0x80
123
124#define LSI_DSTAT_IID 0x01
125#define LSI_DSTAT_SIR 0x04
126#define LSI_DSTAT_SSI 0x08
127#define LSI_DSTAT_ABRT 0x10
128#define LSI_DSTAT_BF 0x20
129#define LSI_DSTAT_MDPE 0x40
130#define LSI_DSTAT_DFE 0x80
131
132#define LSI_DCNTL_COM 0x01
133#define LSI_DCNTL_IRQD 0x02
134#define LSI_DCNTL_STD 0x04
135#define LSI_DCNTL_IRQM 0x08
136#define LSI_DCNTL_SSM 0x10
137#define LSI_DCNTL_PFEN 0x20
138#define LSI_DCNTL_PFF 0x40
139#define LSI_DCNTL_CLSE 0x80
140
141#define LSI_DMODE_MAN 0x01
142#define LSI_DMODE_BOF 0x02
143#define LSI_DMODE_ERMP 0x04
144#define LSI_DMODE_ERL 0x08
145#define LSI_DMODE_DIOM 0x10
146#define LSI_DMODE_SIOM 0x20
147
148#define LSI_CTEST2_DACK 0x01
149#define LSI_CTEST2_DREQ 0x02
150#define LSI_CTEST2_TEOP 0x04
151#define LSI_CTEST2_PCICIE 0x08
152#define LSI_CTEST2_CM 0x10
153#define LSI_CTEST2_CIO 0x20
154#define LSI_CTEST2_SIGP 0x40
155#define LSI_CTEST2_DDIR 0x80
156
157#define LSI_CTEST5_BL2 0x04
158#define LSI_CTEST5_DDIR 0x08
159#define LSI_CTEST5_MASR 0x10
160#define LSI_CTEST5_DFSN 0x20
161#define LSI_CTEST5_BBCK 0x40
162#define LSI_CTEST5_ADCK 0x80
163
164#define LSI_CCNTL0_DILS 0x01
165#define LSI_CCNTL0_DISFC 0x10
166#define LSI_CCNTL0_ENNDJ 0x20
167#define LSI_CCNTL0_PMJCTL 0x40
168#define LSI_CCNTL0_ENPMJ 0x80
169
170#define LSI_CCNTL1_EN64DBMV 0x01
171#define LSI_CCNTL1_EN64TIBMV 0x02
172#define LSI_CCNTL1_64TIMOD 0x04
173#define LSI_CCNTL1_DDAC 0x08
174#define LSI_CCNTL1_ZMOD 0x80
175
176
177#define LSI_SCID_RRE 0x60
178
179#define LSI_CCNTL1_40BIT (LSI_CCNTL1_EN64TIBMV|LSI_CCNTL1_64TIMOD)
180
181#define PHASE_DO 0
182#define PHASE_DI 1
183#define PHASE_CMD 2
184#define PHASE_ST 3
185#define PHASE_MO 6
186#define PHASE_MI 7
187#define PHASE_MASK 7
188
189
190#define LSI_MAX_MSGIN_LEN 8
191
192
193#define LSI_TAG_VALID (1 << 16)
194
195typedef struct lsi_request {
196 SCSIRequest *req;
197 uint32_t tag;
198 uint32_t dma_len;
199 uint8_t *dma_buf;
200 uint32_t pending;
201 int out;
202 QTAILQ_ENTRY(lsi_request) next;
203} lsi_request;
204
205typedef struct {
206
207 PCIDevice parent_obj;
208
209
210 MemoryRegion mmio_io;
211 MemoryRegion ram_io;
212 MemoryRegion io_io;
213 AddressSpace pci_io_as;
214
215 int carry;
216 int status;
217
218
219 int msg_action;
220 int msg_len;
221 uint8_t msg[LSI_MAX_MSGIN_LEN];
222
223
224
225
226 int waiting;
227 SCSIBus bus;
228 int current_lun;
229
230 uint32_t select_tag;
231 int command_complete;
232 QTAILQ_HEAD(, lsi_request) queue;
233 lsi_request *current;
234
235 uint32_t dsa;
236 uint32_t temp;
237 uint32_t dnad;
238 uint32_t dbc;
239 uint8_t istat0;
240 uint8_t istat1;
241 uint8_t dcmd;
242 uint8_t dstat;
243 uint8_t dien;
244 uint8_t sist0;
245 uint8_t sist1;
246 uint8_t sien0;
247 uint8_t sien1;
248 uint8_t mbox0;
249 uint8_t mbox1;
250 uint8_t dfifo;
251 uint8_t ctest2;
252 uint8_t ctest3;
253 uint8_t ctest4;
254 uint8_t ctest5;
255 uint8_t ccntl0;
256 uint8_t ccntl1;
257 uint32_t dsp;
258 uint32_t dsps;
259 uint8_t dmode;
260 uint8_t dcntl;
261 uint8_t scntl0;
262 uint8_t scntl1;
263 uint8_t scntl2;
264 uint8_t scntl3;
265 uint8_t sstat0;
266 uint8_t sstat1;
267 uint8_t scid;
268 uint8_t sxfer;
269 uint8_t socl;
270 uint8_t sdid;
271 uint8_t ssid;
272 uint8_t sfbr;
273 uint8_t stest1;
274 uint8_t stest2;
275 uint8_t stest3;
276 uint8_t sidl;
277 uint8_t stime0;
278 uint8_t respid0;
279 uint8_t respid1;
280 uint32_t mmrs;
281 uint32_t mmws;
282 uint32_t sfs;
283 uint32_t drs;
284 uint32_t sbms;
285 uint32_t dbms;
286 uint32_t dnad64;
287 uint32_t pmjad1;
288 uint32_t pmjad2;
289 uint32_t rbc;
290 uint32_t ua;
291 uint32_t ia;
292 uint32_t sbc;
293 uint32_t csbc;
294 uint32_t scratch[18];
295 uint8_t sbr;
296 uint32_t adder;
297
298
299 uint32_t script_ram[2048];
300} LSIState;
301
302#define TYPE_LSI53C810 "lsi53c810"
303#define TYPE_LSI53C895A "lsi53c895a"
304
305#define LSI53C895A(obj) \
306 OBJECT_CHECK(LSIState, (obj), TYPE_LSI53C895A)
307
308static inline int lsi_irq_on_rsl(LSIState *s)
309{
310 return (s->sien0 & LSI_SIST0_RSL) && (s->scid & LSI_SCID_RRE);
311}
312
313static void lsi_soft_reset(LSIState *s)
314{
315 DPRINTF("Reset\n");
316 s->carry = 0;
317
318 s->msg_action = 0;
319 s->msg_len = 0;
320 s->waiting = 0;
321 s->dsa = 0;
322 s->dnad = 0;
323 s->dbc = 0;
324 s->temp = 0;
325 memset(s->scratch, 0, sizeof(s->scratch));
326 s->istat0 = 0;
327 s->istat1 = 0;
328 s->dcmd = 0x40;
329 s->dstat = 0;
330 s->dien = 0;
331 s->sist0 = 0;
332 s->sist1 = 0;
333 s->sien0 = 0;
334 s->sien1 = 0;
335 s->mbox0 = 0;
336 s->mbox1 = 0;
337 s->dfifo = 0;
338 s->ctest2 = LSI_CTEST2_DACK;
339 s->ctest3 = 0;
340 s->ctest4 = 0;
341 s->ctest5 = 0;
342 s->ccntl0 = 0;
343 s->ccntl1 = 0;
344 s->dsp = 0;
345 s->dsps = 0;
346 s->dmode = 0;
347 s->dcntl = 0;
348 s->scntl0 = 0xc0;
349 s->scntl1 = 0;
350 s->scntl2 = 0;
351 s->scntl3 = 0;
352 s->sstat0 = 0;
353 s->sstat1 = 0;
354 s->scid = 7;
355 s->sxfer = 0;
356 s->socl = 0;
357 s->sdid = 0;
358 s->ssid = 0;
359 s->stest1 = 0;
360 s->stest2 = 0;
361 s->stest3 = 0;
362 s->sidl = 0;
363 s->stime0 = 0;
364 s->respid0 = 0x80;
365 s->respid1 = 0;
366 s->mmrs = 0;
367 s->mmws = 0;
368 s->sfs = 0;
369 s->drs = 0;
370 s->sbms = 0;
371 s->dbms = 0;
372 s->dnad64 = 0;
373 s->pmjad1 = 0;
374 s->pmjad2 = 0;
375 s->rbc = 0;
376 s->ua = 0;
377 s->ia = 0;
378 s->sbc = 0;
379 s->csbc = 0;
380 s->sbr = 0;
381 assert(QTAILQ_EMPTY(&s->queue));
382 assert(!s->current);
383}
384
385static int lsi_dma_40bit(LSIState *s)
386{
387 if ((s->ccntl1 & LSI_CCNTL1_40BIT) == LSI_CCNTL1_40BIT)
388 return 1;
389 return 0;
390}
391
392static int lsi_dma_ti64bit(LSIState *s)
393{
394 if ((s->ccntl1 & LSI_CCNTL1_EN64TIBMV) == LSI_CCNTL1_EN64TIBMV)
395 return 1;
396 return 0;
397}
398
399static int lsi_dma_64bit(LSIState *s)
400{
401 if ((s->ccntl1 & LSI_CCNTL1_EN64DBMV) == LSI_CCNTL1_EN64DBMV)
402 return 1;
403 return 0;
404}
405
406static uint8_t lsi_reg_readb(LSIState *s, int offset);
407static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val);
408static void lsi_execute_script(LSIState *s);
409static void lsi_reselect(LSIState *s, lsi_request *p);
410
411static inline int lsi_mem_read(LSIState *s, dma_addr_t addr,
412 void *buf, dma_addr_t len)
413{
414 if (s->dmode & LSI_DMODE_SIOM) {
415 address_space_read(&s->pci_io_as, addr, MEMTXATTRS_UNSPECIFIED,
416 buf, len);
417 return 0;
418 } else {
419 return pci_dma_read(PCI_DEVICE(s), addr, buf, len);
420 }
421}
422
423static inline int lsi_mem_write(LSIState *s, dma_addr_t addr,
424 const void *buf, dma_addr_t len)
425{
426 if (s->dmode & LSI_DMODE_DIOM) {
427 address_space_write(&s->pci_io_as, addr, MEMTXATTRS_UNSPECIFIED,
428 buf, len);
429 return 0;
430 } else {
431 return pci_dma_write(PCI_DEVICE(s), addr, buf, len);
432 }
433}
434
435static inline uint32_t read_dword(LSIState *s, uint32_t addr)
436{
437 uint32_t buf;
438
439 pci_dma_read(PCI_DEVICE(s), addr, &buf, 4);
440 return cpu_to_le32(buf);
441}
442
443static void lsi_stop_script(LSIState *s)
444{
445 s->istat1 &= ~LSI_ISTAT1_SRUN;
446}
447
448static void lsi_update_irq(LSIState *s)
449{
450 PCIDevice *d = PCI_DEVICE(s);
451 int level;
452 static int last_level;
453 lsi_request *p;
454
455
456
457
458 level = 0;
459 if (s->dstat) {
460 if (s->dstat & s->dien)
461 level = 1;
462 s->istat0 |= LSI_ISTAT0_DIP;
463 } else {
464 s->istat0 &= ~LSI_ISTAT0_DIP;
465 }
466
467 if (s->sist0 || s->sist1) {
468 if ((s->sist0 & s->sien0) || (s->sist1 & s->sien1))
469 level = 1;
470 s->istat0 |= LSI_ISTAT0_SIP;
471 } else {
472 s->istat0 &= ~LSI_ISTAT0_SIP;
473 }
474 if (s->istat0 & LSI_ISTAT0_INTF)
475 level = 1;
476
477 if (level != last_level) {
478 DPRINTF("Update IRQ level %d dstat %02x sist %02x%02x\n",
479 level, s->dstat, s->sist1, s->sist0);
480 last_level = level;
481 }
482 pci_set_irq(d, level);
483
484 if (!level && lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON)) {
485 DPRINTF("Handled IRQs & disconnected, looking for pending "
486 "processes\n");
487 QTAILQ_FOREACH(p, &s->queue, next) {
488 if (p->pending) {
489 lsi_reselect(s, p);
490 break;
491 }
492 }
493 }
494}
495
496
497static void lsi_script_scsi_interrupt(LSIState *s, int stat0, int stat1)
498{
499 uint32_t mask0;
500 uint32_t mask1;
501
502 DPRINTF("SCSI Interrupt 0x%02x%02x prev 0x%02x%02x\n",
503 stat1, stat0, s->sist1, s->sist0);
504 s->sist0 |= stat0;
505 s->sist1 |= stat1;
506
507
508
509 mask0 = s->sien0 | ~(LSI_SIST0_CMP | LSI_SIST0_SEL | LSI_SIST0_RSL);
510 mask1 = s->sien1 | ~(LSI_SIST1_GEN | LSI_SIST1_HTH);
511 mask1 &= ~LSI_SIST1_STO;
512 if (s->sist0 & mask0 || s->sist1 & mask1) {
513 lsi_stop_script(s);
514 }
515 lsi_update_irq(s);
516}
517
518
519static void lsi_script_dma_interrupt(LSIState *s, int stat)
520{
521 DPRINTF("DMA Interrupt 0x%x prev 0x%x\n", stat, s->dstat);
522 s->dstat |= stat;
523 lsi_update_irq(s);
524 lsi_stop_script(s);
525}
526
527static inline void lsi_set_phase(LSIState *s, int phase)
528{
529 s->sstat1 = (s->sstat1 & ~PHASE_MASK) | phase;
530}
531
532static void lsi_bad_phase(LSIState *s, int out, int new_phase)
533{
534
535 if (s->ccntl0 & LSI_CCNTL0_ENPMJ) {
536 if ((s->ccntl0 & LSI_CCNTL0_PMJCTL)) {
537 s->dsp = out ? s->pmjad1 : s->pmjad2;
538 } else {
539 s->dsp = (s->scntl2 & LSI_SCNTL2_WSR ? s->pmjad2 : s->pmjad1);
540 }
541 DPRINTF("Data phase mismatch jump to %08x\n", s->dsp);
542 } else {
543 DPRINTF("Phase mismatch interrupt\n");
544 lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
545 lsi_stop_script(s);
546 }
547 lsi_set_phase(s, new_phase);
548}
549
550
551
552static void lsi_resume_script(LSIState *s)
553{
554 if (s->waiting != 2) {
555 s->waiting = 0;
556 lsi_execute_script(s);
557 } else {
558 s->waiting = 0;
559 }
560}
561
562static void lsi_disconnect(LSIState *s)
563{
564 s->scntl1 &= ~LSI_SCNTL1_CON;
565 s->sstat1 &= ~PHASE_MASK;
566}
567
568static void lsi_bad_selection(LSIState *s, uint32_t id)
569{
570 DPRINTF("Selected absent target %d\n", id);
571 lsi_script_scsi_interrupt(s, 0, LSI_SIST1_STO);
572 lsi_disconnect(s);
573}
574
575
576static void lsi_do_dma(LSIState *s, int out)
577{
578 uint32_t count;
579 dma_addr_t addr;
580 SCSIDevice *dev;
581
582 assert(s->current);
583 if (!s->current->dma_len) {
584
585 DPRINTF("DMA no data available\n");
586 return;
587 }
588
589 dev = s->current->req->dev;
590 assert(dev);
591
592 count = s->dbc;
593 if (count > s->current->dma_len)
594 count = s->current->dma_len;
595
596 addr = s->dnad;
597
598 if (lsi_dma_40bit(s) || lsi_dma_ti64bit(s))
599 addr |= ((uint64_t)s->dnad64 << 32);
600 else if (s->dbms)
601 addr |= ((uint64_t)s->dbms << 32);
602 else if (s->sbms)
603 addr |= ((uint64_t)s->sbms << 32);
604
605 DPRINTF("DMA addr=0x" DMA_ADDR_FMT " len=%d\n", addr, count);
606 s->csbc += count;
607 s->dnad += count;
608 s->dbc -= count;
609 if (s->current->dma_buf == NULL) {
610 s->current->dma_buf = scsi_req_get_buf(s->current->req);
611 }
612
613 if (out) {
614 lsi_mem_read(s, addr, s->current->dma_buf, count);
615 } else {
616 lsi_mem_write(s, addr, s->current->dma_buf, count);
617 }
618 s->current->dma_len -= count;
619 if (s->current->dma_len == 0) {
620 s->current->dma_buf = NULL;
621 scsi_req_continue(s->current->req);
622 } else {
623 s->current->dma_buf += count;
624 lsi_resume_script(s);
625 }
626}
627
628
629
630static void lsi_queue_command(LSIState *s)
631{
632 lsi_request *p = s->current;
633
634 DPRINTF("Queueing tag=0x%x\n", p->tag);
635 assert(s->current != NULL);
636 assert(s->current->dma_len == 0);
637 QTAILQ_INSERT_TAIL(&s->queue, s->current, next);
638 s->current = NULL;
639
640 p->pending = 0;
641 p->out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
642}
643
644
645static void lsi_add_msg_byte(LSIState *s, uint8_t data)
646{
647 if (s->msg_len >= LSI_MAX_MSGIN_LEN) {
648 BADF("MSG IN data too long\n");
649 } else {
650 DPRINTF("MSG IN 0x%02x\n", data);
651 s->msg[s->msg_len++] = data;
652 }
653}
654
655
656static void lsi_reselect(LSIState *s, lsi_request *p)
657{
658 int id;
659
660 assert(s->current == NULL);
661 QTAILQ_REMOVE(&s->queue, p, next);
662 s->current = p;
663
664 id = (p->tag >> 8) & 0xf;
665 s->ssid = id | 0x80;
666
667 if (!(s->dcntl & LSI_DCNTL_COM)) {
668 s->sfbr = 1 << (id & 0x7);
669 }
670 DPRINTF("Reselected target %d\n", id);
671 s->scntl1 |= LSI_SCNTL1_CON;
672 lsi_set_phase(s, PHASE_MI);
673 s->msg_action = p->out ? 2 : 3;
674 s->current->dma_len = p->pending;
675 lsi_add_msg_byte(s, 0x80);
676 if (s->current->tag & LSI_TAG_VALID) {
677 lsi_add_msg_byte(s, 0x20);
678 lsi_add_msg_byte(s, p->tag & 0xff);
679 }
680
681 if (lsi_irq_on_rsl(s)) {
682 lsi_script_scsi_interrupt(s, LSI_SIST0_RSL, 0);
683 }
684}
685
686static lsi_request *lsi_find_by_tag(LSIState *s, uint32_t tag)
687{
688 lsi_request *p;
689
690 QTAILQ_FOREACH(p, &s->queue, next) {
691 if (p->tag == tag) {
692 return p;
693 }
694 }
695
696 return NULL;
697}
698
699static void lsi_request_free(LSIState *s, lsi_request *p)
700{
701 if (p == s->current) {
702 s->current = NULL;
703 } else {
704 QTAILQ_REMOVE(&s->queue, p, next);
705 }
706 g_free(p);
707}
708
709static void lsi_request_cancelled(SCSIRequest *req)
710{
711 LSIState *s = LSI53C895A(req->bus->qbus.parent);
712 lsi_request *p = req->hba_private;
713
714 req->hba_private = NULL;
715 lsi_request_free(s, p);
716 scsi_req_unref(req);
717}
718
719
720
721static int lsi_queue_req(LSIState *s, SCSIRequest *req, uint32_t len)
722{
723 lsi_request *p = req->hba_private;
724
725 if (p->pending) {
726 BADF("Multiple IO pending for request %p\n", p);
727 }
728 p->pending = len;
729
730
731
732
733
734 if (s->waiting == 1 ||
735 (lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON) &&
736 !(s->istat0 & (LSI_ISTAT0_SIP | LSI_ISTAT0_DIP)))) {
737
738 lsi_reselect(s, p);
739 return 0;
740 } else {
741 DPRINTF("Queueing IO tag=0x%x\n", p->tag);
742 p->pending = len;
743 return 1;
744 }
745}
746
747
748static void lsi_command_complete(SCSIRequest *req, uint32_t status, size_t resid)
749{
750 LSIState *s = LSI53C895A(req->bus->qbus.parent);
751 int out;
752
753 out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
754 DPRINTF("Command complete status=%d\n", (int)status);
755 s->status = status;
756 s->command_complete = 2;
757 if (s->waiting && s->dbc != 0) {
758
759 lsi_bad_phase(s, out, PHASE_ST);
760 } else {
761 lsi_set_phase(s, PHASE_ST);
762 }
763
764 if (req->hba_private == s->current) {
765 req->hba_private = NULL;
766 lsi_request_free(s, s->current);
767 scsi_req_unref(req);
768 }
769 lsi_resume_script(s);
770}
771
772
773static void lsi_transfer_data(SCSIRequest *req, uint32_t len)
774{
775 LSIState *s = LSI53C895A(req->bus->qbus.parent);
776 int out;
777
778 assert(req->hba_private);
779 if (s->waiting == 1 || req->hba_private != s->current ||
780 (lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON))) {
781 if (lsi_queue_req(s, req, len)) {
782 return;
783 }
784 }
785
786 out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
787
788
789 DPRINTF("Data ready tag=0x%x len=%d\n", req->tag, len);
790 s->current->dma_len = len;
791 s->command_complete = 1;
792 if (s->waiting) {
793 if (s->waiting == 1 || s->dbc == 0) {
794 lsi_resume_script(s);
795 } else {
796 lsi_do_dma(s, out);
797 }
798 }
799}
800
801static void lsi_do_command(LSIState *s)
802{
803 SCSIDevice *dev;
804 uint8_t buf[16];
805 uint32_t id;
806 int n;
807
808 DPRINTF("Send command len=%d\n", s->dbc);
809 if (s->dbc > 16)
810 s->dbc = 16;
811 pci_dma_read(PCI_DEVICE(s), s->dnad, buf, s->dbc);
812 s->sfbr = buf[0];
813 s->command_complete = 0;
814
815 id = (s->select_tag >> 8) & 0xf;
816 dev = scsi_device_find(&s->bus, 0, id, s->current_lun);
817 if (!dev) {
818 lsi_bad_selection(s, id);
819 return;
820 }
821
822 assert(s->current == NULL);
823 s->current = g_new0(lsi_request, 1);
824 s->current->tag = s->select_tag;
825 s->current->req = scsi_req_new(dev, s->current->tag, s->current_lun, buf,
826 s->current);
827
828 n = scsi_req_enqueue(s->current->req);
829 if (n) {
830 if (n > 0) {
831 lsi_set_phase(s, PHASE_DI);
832 } else if (n < 0) {
833 lsi_set_phase(s, PHASE_DO);
834 }
835 scsi_req_continue(s->current->req);
836 }
837 if (!s->command_complete) {
838 if (n) {
839
840 lsi_add_msg_byte(s, 2);
841 lsi_add_msg_byte(s, 4);
842
843 lsi_set_phase(s, PHASE_MI);
844 s->msg_action = 1;
845 lsi_queue_command(s);
846 } else {
847
848 lsi_set_phase(s, PHASE_DI);
849 }
850 }
851}
852
853static void lsi_do_status(LSIState *s)
854{
855 uint8_t status;
856 DPRINTF("Get status len=%d status=%d\n", s->dbc, s->status);
857 if (s->dbc != 1)
858 BADF("Bad Status move\n");
859 s->dbc = 1;
860 status = s->status;
861 s->sfbr = status;
862 pci_dma_write(PCI_DEVICE(s), s->dnad, &status, 1);
863 lsi_set_phase(s, PHASE_MI);
864 s->msg_action = 1;
865 lsi_add_msg_byte(s, 0);
866}
867
868static void lsi_do_msgin(LSIState *s)
869{
870 int len;
871 DPRINTF("Message in len=%d/%d\n", s->dbc, s->msg_len);
872 s->sfbr = s->msg[0];
873 len = s->msg_len;
874 if (len > s->dbc)
875 len = s->dbc;
876 pci_dma_write(PCI_DEVICE(s), s->dnad, s->msg, len);
877
878 s->sidl = s->msg[len - 1];
879 s->msg_len -= len;
880 if (s->msg_len) {
881 memmove(s->msg, s->msg + len, s->msg_len);
882 } else {
883
884
885 switch (s->msg_action) {
886 case 0:
887 lsi_set_phase(s, PHASE_CMD);
888 break;
889 case 1:
890 lsi_disconnect(s);
891 break;
892 case 2:
893 lsi_set_phase(s, PHASE_DO);
894 break;
895 case 3:
896 lsi_set_phase(s, PHASE_DI);
897 break;
898 default:
899 abort();
900 }
901 }
902}
903
904
905static uint8_t lsi_get_msgbyte(LSIState *s)
906{
907 uint8_t data;
908 pci_dma_read(PCI_DEVICE(s), s->dnad, &data, 1);
909 s->dnad++;
910 s->dbc--;
911 return data;
912}
913
914
915static void lsi_skip_msgbytes(LSIState *s, unsigned int n)
916{
917 s->dnad += n;
918 s->dbc -= n;
919}
920
921static void lsi_do_msgout(LSIState *s)
922{
923 uint8_t msg;
924 int len;
925 uint32_t current_tag;
926 lsi_request *current_req, *p, *p_next;
927
928 if (s->current) {
929 current_tag = s->current->tag;
930 current_req = s->current;
931 } else {
932 current_tag = s->select_tag;
933 current_req = lsi_find_by_tag(s, current_tag);
934 }
935
936 DPRINTF("MSG out len=%d\n", s->dbc);
937 while (s->dbc) {
938 msg = lsi_get_msgbyte(s);
939 s->sfbr = msg;
940
941 switch (msg) {
942 case 0x04:
943 DPRINTF("MSG: Disconnect\n");
944 lsi_disconnect(s);
945 break;
946 case 0x08:
947 DPRINTF("MSG: No Operation\n");
948 lsi_set_phase(s, PHASE_CMD);
949 break;
950 case 0x01:
951 len = lsi_get_msgbyte(s);
952 msg = lsi_get_msgbyte(s);
953 (void)len;
954 DPRINTF("Extended message 0x%x (len %d)\n", msg, len);
955 switch (msg) {
956 case 1:
957 DPRINTF("SDTR (ignored)\n");
958 lsi_skip_msgbytes(s, 2);
959 break;
960 case 3:
961 DPRINTF("WDTR (ignored)\n");
962 lsi_skip_msgbytes(s, 1);
963 break;
964 default:
965 goto bad;
966 }
967 break;
968 case 0x20:
969 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
970 DPRINTF("SIMPLE queue tag=0x%x\n", s->select_tag & 0xff);
971 break;
972 case 0x21:
973 BADF("HEAD queue not implemented\n");
974 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
975 break;
976 case 0x22:
977 BADF("ORDERED queue not implemented\n");
978 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
979 break;
980 case 0x0d:
981
982 DPRINTF("MSG: ABORT TAG tag=0x%x\n", current_tag);
983 if (current_req) {
984 scsi_req_cancel(current_req->req);
985 }
986 lsi_disconnect(s);
987 break;
988 case 0x06:
989 case 0x0e:
990 case 0x0c:
991
992
993 if (msg == 0x06) {
994 DPRINTF("MSG: ABORT tag=0x%x\n", current_tag);
995 }
996
997
998 if (msg == 0x0e) {
999 DPRINTF("MSG: CLEAR QUEUE tag=0x%x\n", current_tag);
1000 }
1001
1002
1003 if (msg == 0x0c) {
1004 DPRINTF("MSG: BUS DEVICE RESET tag=0x%x\n", current_tag);
1005 }
1006
1007
1008 if (s->current) {
1009 scsi_req_cancel(s->current->req);
1010 }
1011
1012
1013
1014
1015
1016
1017
1018
1019 QTAILQ_FOREACH_SAFE(p, &s->queue, next, p_next) {
1020 if ((p->tag & 0x0000ff00) == (current_tag & 0x0000ff00)) {
1021 scsi_req_cancel(p->req);
1022 }
1023 }
1024
1025 lsi_disconnect(s);
1026 break;
1027 default:
1028 if ((msg & 0x80) == 0) {
1029 goto bad;
1030 }
1031 s->current_lun = msg & 7;
1032 DPRINTF("Select LUN %d\n", s->current_lun);
1033 lsi_set_phase(s, PHASE_CMD);
1034 break;
1035 }
1036 }
1037 return;
1038bad:
1039 BADF("Unimplemented message 0x%02x\n", msg);
1040 lsi_set_phase(s, PHASE_MI);
1041 lsi_add_msg_byte(s, 7);
1042 s->msg_action = 0;
1043}
1044
1045#define LSI_BUF_SIZE 4096
1046static void lsi_memcpy(LSIState *s, uint32_t dest, uint32_t src, int count)
1047{
1048 int n;
1049 uint8_t buf[LSI_BUF_SIZE];
1050
1051 DPRINTF("memcpy dest 0x%08x src 0x%08x count %d\n", dest, src, count);
1052 while (count) {
1053 n = (count > LSI_BUF_SIZE) ? LSI_BUF_SIZE : count;
1054 lsi_mem_read(s, src, buf, n);
1055 lsi_mem_write(s, dest, buf, n);
1056 src += n;
1057 dest += n;
1058 count -= n;
1059 }
1060}
1061
1062static void lsi_wait_reselect(LSIState *s)
1063{
1064 lsi_request *p;
1065
1066 DPRINTF("Wait Reselect\n");
1067
1068 QTAILQ_FOREACH(p, &s->queue, next) {
1069 if (p->pending) {
1070 lsi_reselect(s, p);
1071 break;
1072 }
1073 }
1074 if (s->current == NULL) {
1075 s->waiting = 1;
1076 }
1077}
1078
1079static void lsi_execute_script(LSIState *s)
1080{
1081 PCIDevice *pci_dev = PCI_DEVICE(s);
1082 uint32_t insn;
1083 uint32_t addr, addr_high;
1084 int opcode;
1085 int insn_processed = 0;
1086
1087 s->istat1 |= LSI_ISTAT1_SRUN;
1088again:
1089 insn_processed++;
1090 insn = read_dword(s, s->dsp);
1091 if (!insn) {
1092
1093
1094 s->dsp += 4;
1095 goto again;
1096 }
1097 addr = read_dword(s, s->dsp + 4);
1098 addr_high = 0;
1099 DPRINTF("SCRIPTS dsp=%08x opcode %08x arg %08x\n", s->dsp, insn, addr);
1100 s->dsps = addr;
1101 s->dcmd = insn >> 24;
1102 s->dsp += 8;
1103 switch (insn >> 30) {
1104 case 0:
1105 if (s->sist1 & LSI_SIST1_STO) {
1106 DPRINTF("Delayed select timeout\n");
1107 lsi_stop_script(s);
1108 break;
1109 }
1110 s->dbc = insn & 0xffffff;
1111 s->rbc = s->dbc;
1112
1113 s->ia = s->dsp - 8;
1114 if (insn & (1 << 29)) {
1115
1116 addr = read_dword(s, addr);
1117 } else if (insn & (1 << 28)) {
1118 uint32_t buf[2];
1119 int32_t offset;
1120
1121
1122
1123 offset = sextract32(addr, 0, 24);
1124 pci_dma_read(pci_dev, s->dsa + offset, buf, 8);
1125
1126 s->dbc = cpu_to_le32(buf[0]) & 0xffffff;
1127 s->rbc = s->dbc;
1128 addr = cpu_to_le32(buf[1]);
1129
1130
1131
1132 if (lsi_dma_40bit(s))
1133 addr_high = cpu_to_le32(buf[0]) >> 24;
1134 else if (lsi_dma_ti64bit(s)) {
1135 int selector = (cpu_to_le32(buf[0]) >> 24) & 0x1f;
1136 switch (selector) {
1137 case 0 ... 0x0f:
1138
1139
1140 addr_high = s->scratch[2 + selector];
1141 break;
1142 case 0x10:
1143 addr_high = s->mmrs;
1144 break;
1145 case 0x11:
1146 addr_high = s->mmws;
1147 break;
1148 case 0x12:
1149 addr_high = s->sfs;
1150 break;
1151 case 0x13:
1152 addr_high = s->drs;
1153 break;
1154 case 0x14:
1155 addr_high = s->sbms;
1156 break;
1157 case 0x15:
1158 addr_high = s->dbms;
1159 break;
1160 default:
1161 BADF("Illegal selector specified (0x%x > 0x15)"
1162 " for 64-bit DMA block move", selector);
1163 break;
1164 }
1165 }
1166 } else if (lsi_dma_64bit(s)) {
1167
1168
1169 s->dbms = read_dword(s, s->dsp);
1170 s->dsp += 4;
1171 s->ia = s->dsp - 12;
1172 }
1173 if ((s->sstat1 & PHASE_MASK) != ((insn >> 24) & 7)) {
1174 DPRINTF("Wrong phase got %d expected %d\n",
1175 s->sstat1 & PHASE_MASK, (insn >> 24) & 7);
1176 lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
1177 break;
1178 }
1179 s->dnad = addr;
1180 s->dnad64 = addr_high;
1181 switch (s->sstat1 & 0x7) {
1182 case PHASE_DO:
1183 s->waiting = 2;
1184 lsi_do_dma(s, 1);
1185 if (s->waiting)
1186 s->waiting = 3;
1187 break;
1188 case PHASE_DI:
1189 s->waiting = 2;
1190 lsi_do_dma(s, 0);
1191 if (s->waiting)
1192 s->waiting = 3;
1193 break;
1194 case PHASE_CMD:
1195 lsi_do_command(s);
1196 break;
1197 case PHASE_ST:
1198 lsi_do_status(s);
1199 break;
1200 case PHASE_MO:
1201 lsi_do_msgout(s);
1202 break;
1203 case PHASE_MI:
1204 lsi_do_msgin(s);
1205 break;
1206 default:
1207 BADF("Unimplemented phase %d\n", s->sstat1 & PHASE_MASK);
1208 exit(1);
1209 }
1210 s->dfifo = s->dbc & 0xff;
1211 s->ctest5 = (s->ctest5 & 0xfc) | ((s->dbc >> 8) & 3);
1212 s->sbc = s->dbc;
1213 s->rbc -= s->dbc;
1214 s->ua = addr + s->dbc;
1215 break;
1216
1217 case 1:
1218 opcode = (insn >> 27) & 7;
1219 if (opcode < 5) {
1220 uint32_t id;
1221
1222 if (insn & (1 << 25)) {
1223 id = read_dword(s, s->dsa + sextract32(insn, 0, 24));
1224 } else {
1225 id = insn;
1226 }
1227 id = (id >> 16) & 0xf;
1228 if (insn & (1 << 26)) {
1229 addr = s->dsp + sextract32(addr, 0, 24);
1230 }
1231 s->dnad = addr;
1232 switch (opcode) {
1233 case 0:
1234 s->sdid = id;
1235 if (s->scntl1 & LSI_SCNTL1_CON) {
1236 DPRINTF("Already reselected, jumping to alternative address\n");
1237 s->dsp = s->dnad;
1238 break;
1239 }
1240 s->sstat0 |= LSI_SSTAT0_WOA;
1241 s->scntl1 &= ~LSI_SCNTL1_IARB;
1242 if (!scsi_device_find(&s->bus, 0, id, 0)) {
1243 lsi_bad_selection(s, id);
1244 break;
1245 }
1246 DPRINTF("Selected target %d%s\n",
1247 id, insn & (1 << 3) ? " ATN" : "");
1248
1249
1250
1251 s->select_tag = id << 8;
1252 s->scntl1 |= LSI_SCNTL1_CON;
1253 if (insn & (1 << 3)) {
1254 s->socl |= LSI_SOCL_ATN;
1255 }
1256 lsi_set_phase(s, PHASE_MO);
1257 break;
1258 case 1:
1259 DPRINTF("Wait Disconnect\n");
1260 s->scntl1 &= ~LSI_SCNTL1_CON;
1261 break;
1262 case 2:
1263 if (!lsi_irq_on_rsl(s)) {
1264 lsi_wait_reselect(s);
1265 }
1266 break;
1267 case 3:
1268 DPRINTF("Set%s%s%s%s\n",
1269 insn & (1 << 3) ? " ATN" : "",
1270 insn & (1 << 6) ? " ACK" : "",
1271 insn & (1 << 9) ? " TM" : "",
1272 insn & (1 << 10) ? " CC" : "");
1273 if (insn & (1 << 3)) {
1274 s->socl |= LSI_SOCL_ATN;
1275 lsi_set_phase(s, PHASE_MO);
1276 }
1277 if (insn & (1 << 9)) {
1278 BADF("Target mode not implemented\n");
1279 exit(1);
1280 }
1281 if (insn & (1 << 10))
1282 s->carry = 1;
1283 break;
1284 case 4:
1285 DPRINTF("Clear%s%s%s%s\n",
1286 insn & (1 << 3) ? " ATN" : "",
1287 insn & (1 << 6) ? " ACK" : "",
1288 insn & (1 << 9) ? " TM" : "",
1289 insn & (1 << 10) ? " CC" : "");
1290 if (insn & (1 << 3)) {
1291 s->socl &= ~LSI_SOCL_ATN;
1292 }
1293 if (insn & (1 << 10))
1294 s->carry = 0;
1295 break;
1296 }
1297 } else {
1298 uint8_t op0;
1299 uint8_t op1;
1300 uint8_t data8;
1301 int reg;
1302 int operator;
1303#ifdef DEBUG_LSI
1304 static const char *opcode_names[3] =
1305 {"Write", "Read", "Read-Modify-Write"};
1306 static const char *operator_names[8] =
1307 {"MOV", "SHL", "OR", "XOR", "AND", "SHR", "ADD", "ADC"};
1308#endif
1309
1310 reg = ((insn >> 16) & 0x7f) | (insn & 0x80);
1311 data8 = (insn >> 8) & 0xff;
1312 opcode = (insn >> 27) & 7;
1313 operator = (insn >> 24) & 7;
1314 DPRINTF("%s reg 0x%x %s data8=0x%02x sfbr=0x%02x%s\n",
1315 opcode_names[opcode - 5], reg,
1316 operator_names[operator], data8, s->sfbr,
1317 (insn & (1 << 23)) ? " SFBR" : "");
1318 op0 = op1 = 0;
1319 switch (opcode) {
1320 case 5:
1321 op0 = s->sfbr;
1322 op1 = data8;
1323 break;
1324 case 6:
1325 if (operator)
1326 op0 = lsi_reg_readb(s, reg);
1327 op1 = data8;
1328 break;
1329 case 7:
1330 if (operator)
1331 op0 = lsi_reg_readb(s, reg);
1332 if (insn & (1 << 23)) {
1333 op1 = s->sfbr;
1334 } else {
1335 op1 = data8;
1336 }
1337 break;
1338 }
1339
1340 switch (operator) {
1341 case 0:
1342 op0 = op1;
1343 break;
1344 case 1:
1345 op1 = op0 >> 7;
1346 op0 = (op0 << 1) | s->carry;
1347 s->carry = op1;
1348 break;
1349 case 2:
1350 op0 |= op1;
1351 break;
1352 case 3:
1353 op0 ^= op1;
1354 break;
1355 case 4:
1356 op0 &= op1;
1357 break;
1358 case 5:
1359 op1 = op0 & 1;
1360 op0 = (op0 >> 1) | (s->carry << 7);
1361 s->carry = op1;
1362 break;
1363 case 6:
1364 op0 += op1;
1365 s->carry = op0 < op1;
1366 break;
1367 case 7:
1368 op0 += op1 + s->carry;
1369 if (s->carry)
1370 s->carry = op0 <= op1;
1371 else
1372 s->carry = op0 < op1;
1373 break;
1374 }
1375
1376 switch (opcode) {
1377 case 5:
1378 case 7:
1379 lsi_reg_writeb(s, reg, op0);
1380 break;
1381 case 6:
1382 s->sfbr = op0;
1383 break;
1384 }
1385 }
1386 break;
1387
1388 case 2:
1389 {
1390 int cond;
1391 int jmp;
1392
1393 if ((insn & 0x002e0000) == 0) {
1394 DPRINTF("NOP\n");
1395 break;
1396 }
1397 if (s->sist1 & LSI_SIST1_STO) {
1398 DPRINTF("Delayed select timeout\n");
1399 lsi_stop_script(s);
1400 break;
1401 }
1402 cond = jmp = (insn & (1 << 19)) != 0;
1403 if (cond == jmp && (insn & (1 << 21))) {
1404 DPRINTF("Compare carry %d\n", s->carry == jmp);
1405 cond = s->carry != 0;
1406 }
1407 if (cond == jmp && (insn & (1 << 17))) {
1408 DPRINTF("Compare phase %d %c= %d\n",
1409 (s->sstat1 & PHASE_MASK),
1410 jmp ? '=' : '!',
1411 ((insn >> 24) & 7));
1412 cond = (s->sstat1 & PHASE_MASK) == ((insn >> 24) & 7);
1413 }
1414 if (cond == jmp && (insn & (1 << 18))) {
1415 uint8_t mask;
1416
1417 mask = (~insn >> 8) & 0xff;
1418 DPRINTF("Compare data 0x%x & 0x%x %c= 0x%x\n",
1419 s->sfbr, mask, jmp ? '=' : '!', insn & mask);
1420 cond = (s->sfbr & mask) == (insn & mask);
1421 }
1422 if (cond == jmp) {
1423 if (insn & (1 << 23)) {
1424
1425 addr = s->dsp + sextract32(addr, 0, 24);
1426 }
1427 switch ((insn >> 27) & 7) {
1428 case 0:
1429 DPRINTF("Jump to 0x%08x\n", addr);
1430 s->adder = addr;
1431 s->dsp = addr;
1432 break;
1433 case 1:
1434 DPRINTF("Call 0x%08x\n", addr);
1435 s->temp = s->dsp;
1436 s->dsp = addr;
1437 break;
1438 case 2:
1439 DPRINTF("Return to 0x%08x\n", s->temp);
1440 s->dsp = s->temp;
1441 break;
1442 case 3:
1443 DPRINTF("Interrupt 0x%08x\n", s->dsps);
1444 if ((insn & (1 << 20)) != 0) {
1445 s->istat0 |= LSI_ISTAT0_INTF;
1446 lsi_update_irq(s);
1447 } else {
1448 lsi_script_dma_interrupt(s, LSI_DSTAT_SIR);
1449 }
1450 break;
1451 default:
1452 DPRINTF("Illegal transfer control\n");
1453 lsi_script_dma_interrupt(s, LSI_DSTAT_IID);
1454 break;
1455 }
1456 } else {
1457 DPRINTF("Control condition failed\n");
1458 }
1459 }
1460 break;
1461
1462 case 3:
1463 if ((insn & (1 << 29)) == 0) {
1464
1465 uint32_t dest;
1466
1467
1468
1469 dest = read_dword(s, s->dsp);
1470 s->dsp += 4;
1471 lsi_memcpy(s, dest, addr, insn & 0xffffff);
1472 } else {
1473 uint8_t data[7];
1474 int reg;
1475 int n;
1476 int i;
1477
1478 if (insn & (1 << 28)) {
1479 addr = s->dsa + sextract32(addr, 0, 24);
1480 }
1481 n = (insn & 7);
1482 reg = (insn >> 16) & 0xff;
1483 if (insn & (1 << 24)) {
1484 pci_dma_read(pci_dev, addr, data, n);
1485 DPRINTF("Load reg 0x%x size %d addr 0x%08x = %08x\n", reg, n,
1486 addr, *(int *)data);
1487 for (i = 0; i < n; i++) {
1488 lsi_reg_writeb(s, reg + i, data[i]);
1489 }
1490 } else {
1491 DPRINTF("Store reg 0x%x size %d addr 0x%08x\n", reg, n, addr);
1492 for (i = 0; i < n; i++) {
1493 data[i] = lsi_reg_readb(s, reg + i);
1494 }
1495 pci_dma_write(pci_dev, addr, data, n);
1496 }
1497 }
1498 }
1499 if (insn_processed > 10000 && !s->waiting) {
1500
1501
1502
1503
1504
1505 if (!(s->sien0 & LSI_SIST0_UDC))
1506 fprintf(stderr, "inf. loop with UDC masked\n");
1507 lsi_script_scsi_interrupt(s, LSI_SIST0_UDC, 0);
1508 lsi_disconnect(s);
1509 } else if (s->istat1 & LSI_ISTAT1_SRUN && !s->waiting) {
1510 if (s->dcntl & LSI_DCNTL_SSM) {
1511 lsi_script_dma_interrupt(s, LSI_DSTAT_SSI);
1512 } else {
1513 goto again;
1514 }
1515 }
1516 DPRINTF("SCRIPTS execution stopped\n");
1517}
1518
1519static uint8_t lsi_reg_readb(LSIState *s, int offset)
1520{
1521 uint8_t ret;
1522
1523#define CASE_GET_REG24(name, addr) \
1524 case addr: ret = s->name & 0xff; break; \
1525 case addr + 1: ret = (s->name >> 8) & 0xff; break; \
1526 case addr + 2: ret = (s->name >> 16) & 0xff; break;
1527
1528#define CASE_GET_REG32(name, addr) \
1529 case addr: ret = s->name & 0xff; break; \
1530 case addr + 1: ret = (s->name >> 8) & 0xff; break; \
1531 case addr + 2: ret = (s->name >> 16) & 0xff; break; \
1532 case addr + 3: ret = (s->name >> 24) & 0xff; break;
1533
1534 switch (offset) {
1535 case 0x00:
1536 ret = s->scntl0;
1537 break;
1538 case 0x01:
1539 ret = s->scntl1;
1540 break;
1541 case 0x02:
1542 ret = s->scntl2;
1543 break;
1544 case 0x03:
1545 ret = s->scntl3;
1546 break;
1547 case 0x04:
1548 ret = s->scid;
1549 break;
1550 case 0x05:
1551 ret = s->sxfer;
1552 break;
1553 case 0x06:
1554 ret = s->sdid;
1555 break;
1556 case 0x07:
1557 ret = 0x7f;
1558 break;
1559 case 0x08:
1560 ret = 0x00;
1561 break;
1562 case 0x09:
1563 ret = s->socl;
1564 break;
1565 case 0xa:
1566 ret = s->ssid;
1567 break;
1568 case 0xb:
1569
1570
1571 ret = 0;
1572 break;
1573 case 0xc:
1574 ret = s->dstat | LSI_DSTAT_DFE;
1575 if ((s->istat0 & LSI_ISTAT0_INTF) == 0)
1576 s->dstat = 0;
1577 lsi_update_irq(s);
1578 break;
1579 case 0x0d:
1580 ret = s->sstat0;
1581 break;
1582 case 0x0e:
1583 ret = s->sstat1;
1584 break;
1585 case 0x0f:
1586 ret = s->scntl1 & LSI_SCNTL1_CON ? 0 : 2;
1587 break;
1588 CASE_GET_REG32(dsa, 0x10)
1589 case 0x14:
1590 ret = s->istat0;
1591 break;
1592 case 0x15:
1593 ret = s->istat1;
1594 break;
1595 case 0x16:
1596 ret = s->mbox0;
1597 break;
1598 case 0x17:
1599 ret = s->mbox1;
1600 break;
1601 case 0x18:
1602 ret = 0xff;
1603 break;
1604 case 0x19:
1605 ret = 0;
1606 break;
1607 case 0x1a:
1608 ret = s->ctest2 | LSI_CTEST2_DACK | LSI_CTEST2_CM;
1609 if (s->istat0 & LSI_ISTAT0_SIGP) {
1610 s->istat0 &= ~LSI_ISTAT0_SIGP;
1611 ret |= LSI_CTEST2_SIGP;
1612 }
1613 break;
1614 case 0x1b:
1615 ret = s->ctest3;
1616 break;
1617 CASE_GET_REG32(temp, 0x1c)
1618 case 0x20:
1619 ret = 0;
1620 break;
1621 case 0x21:
1622 ret = s->ctest4;
1623 break;
1624 case 0x22:
1625 ret = s->ctest5;
1626 break;
1627 case 0x23:
1628 ret = 0;
1629 break;
1630 CASE_GET_REG24(dbc, 0x24)
1631 case 0x27:
1632 ret = s->dcmd;
1633 break;
1634 CASE_GET_REG32(dnad, 0x28)
1635 CASE_GET_REG32(dsp, 0x2c)
1636 CASE_GET_REG32(dsps, 0x30)
1637 CASE_GET_REG32(scratch[0], 0x34)
1638 case 0x38:
1639 ret = s->dmode;
1640 break;
1641 case 0x39:
1642 ret = s->dien;
1643 break;
1644 case 0x3a:
1645 ret = s->sbr;
1646 break;
1647 case 0x3b:
1648 ret = s->dcntl;
1649 break;
1650
1651 CASE_GET_REG32(adder, 0x3c)
1652 case 0x40:
1653 ret = s->sien0;
1654 break;
1655 case 0x41:
1656 ret = s->sien1;
1657 break;
1658 case 0x42:
1659 ret = s->sist0;
1660 s->sist0 = 0;
1661 lsi_update_irq(s);
1662 break;
1663 case 0x43:
1664 ret = s->sist1;
1665 s->sist1 = 0;
1666 lsi_update_irq(s);
1667 break;
1668 case 0x46:
1669 ret = 0x0f;
1670 break;
1671 case 0x47:
1672 ret = 0x0f;
1673 break;
1674 case 0x48:
1675 ret = s->stime0;
1676 break;
1677 case 0x4a:
1678 ret = s->respid0;
1679 break;
1680 case 0x4b:
1681 ret = s->respid1;
1682 break;
1683 case 0x4d:
1684 ret = s->stest1;
1685 break;
1686 case 0x4e:
1687 ret = s->stest2;
1688 break;
1689 case 0x4f:
1690 ret = s->stest3;
1691 break;
1692 case 0x50:
1693
1694
1695 ret = s->sidl;
1696 break;
1697 case 0x52:
1698 ret = 0xe0;
1699 break;
1700 case 0x56:
1701 ret = s->ccntl0;
1702 break;
1703 case 0x57:
1704 ret = s->ccntl1;
1705 break;
1706 case 0x58:
1707
1708 if ((s->sstat1 & PHASE_MASK) == PHASE_MI)
1709 return s->msg[0];
1710 ret = 0;
1711 break;
1712 case 0x59:
1713 ret = 0;
1714 break;
1715 CASE_GET_REG32(mmrs, 0xa0)
1716 CASE_GET_REG32(mmws, 0xa4)
1717 CASE_GET_REG32(sfs, 0xa8)
1718 CASE_GET_REG32(drs, 0xac)
1719 CASE_GET_REG32(sbms, 0xb0)
1720 CASE_GET_REG32(dbms, 0xb4)
1721 CASE_GET_REG32(dnad64, 0xb8)
1722 CASE_GET_REG32(pmjad1, 0xc0)
1723 CASE_GET_REG32(pmjad2, 0xc4)
1724 CASE_GET_REG32(rbc, 0xc8)
1725 CASE_GET_REG32(ua, 0xcc)
1726 CASE_GET_REG32(ia, 0xd4)
1727 CASE_GET_REG32(sbc, 0xd8)
1728 CASE_GET_REG32(csbc, 0xdc)
1729 case 0x5c ... 0x9f:
1730 {
1731 int n;
1732 int shift;
1733 n = (offset - 0x58) >> 2;
1734 shift = (offset & 3) * 8;
1735 ret = (s->scratch[n] >> shift) & 0xff;
1736 break;
1737 }
1738 default:
1739 {
1740 qemu_log_mask(LOG_GUEST_ERROR,
1741 "lsi_scsi: invalid read from reg %s %x\n",
1742 offset < ARRAY_SIZE(names) ? names[offset] : "???",
1743 offset);
1744 ret = 0xff;
1745 break;
1746 }
1747 }
1748#undef CASE_GET_REG24
1749#undef CASE_GET_REG32
1750
1751#ifdef DEBUG_LSI_REG
1752 DPRINTF("Read reg %s %x = %02x\n",
1753 offset < ARRAY_SIZE(names) ? names[offset] : "???", offset, ret);
1754#endif
1755
1756 return ret;
1757}
1758
1759static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val)
1760{
1761#define CASE_SET_REG24(name, addr) \
1762 case addr : s->name &= 0xffffff00; s->name |= val; break; \
1763 case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \
1764 case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break;
1765
1766#define CASE_SET_REG32(name, addr) \
1767 case addr : s->name &= 0xffffff00; s->name |= val; break; \
1768 case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \
1769 case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break; \
1770 case addr + 3: s->name &= 0x00ffffff; s->name |= val << 24; break;
1771
1772#ifdef DEBUG_LSI_REG
1773 DPRINTF("Write reg %s %x = %02x\n",
1774 offset < ARRAY_SIZE(names) ? names[offset] : "???", offset, val);
1775#endif
1776 switch (offset) {
1777 case 0x00:
1778 s->scntl0 = val;
1779 if (val & LSI_SCNTL0_START) {
1780 BADF("Start sequence not implemented\n");
1781 }
1782 break;
1783 case 0x01:
1784 s->scntl1 = val & ~LSI_SCNTL1_SST;
1785 if (val & LSI_SCNTL1_IARB) {
1786 BADF("Immediate Arbritration not implemented\n");
1787 }
1788 if (val & LSI_SCNTL1_RST) {
1789 if (!(s->sstat0 & LSI_SSTAT0_RST)) {
1790 qbus_reset_all(&s->bus.qbus);
1791 s->sstat0 |= LSI_SSTAT0_RST;
1792 lsi_script_scsi_interrupt(s, LSI_SIST0_RST, 0);
1793 }
1794 } else {
1795 s->sstat0 &= ~LSI_SSTAT0_RST;
1796 }
1797 break;
1798 case 0x02:
1799 val &= ~(LSI_SCNTL2_WSR | LSI_SCNTL2_WSS);
1800 s->scntl2 = val;
1801 break;
1802 case 0x03:
1803 s->scntl3 = val;
1804 break;
1805 case 0x04:
1806 s->scid = val;
1807 break;
1808 case 0x05:
1809 s->sxfer = val;
1810 break;
1811 case 0x06:
1812 if ((s->ssid & 0x80) && (val & 0xf) != (s->ssid & 0xf)) {
1813 BADF("Destination ID does not match SSID\n");
1814 }
1815 s->sdid = val & 0xf;
1816 break;
1817 case 0x07:
1818 break;
1819 case 0x08:
1820
1821
1822 s->sfbr = val;
1823 break;
1824 case 0x0a: case 0x0b:
1825
1826 return;
1827 case 0x0c: case 0x0d: case 0x0e: case 0x0f:
1828
1829 return;
1830 CASE_SET_REG32(dsa, 0x10)
1831 case 0x14:
1832 s->istat0 = (s->istat0 & 0x0f) | (val & 0xf0);
1833 if (val & LSI_ISTAT0_ABRT) {
1834 lsi_script_dma_interrupt(s, LSI_DSTAT_ABRT);
1835 }
1836 if (val & LSI_ISTAT0_INTF) {
1837 s->istat0 &= ~LSI_ISTAT0_INTF;
1838 lsi_update_irq(s);
1839 }
1840 if (s->waiting == 1 && val & LSI_ISTAT0_SIGP) {
1841 DPRINTF("Woken by SIGP\n");
1842 s->waiting = 0;
1843 s->dsp = s->dnad;
1844 lsi_execute_script(s);
1845 }
1846 if (val & LSI_ISTAT0_SRST) {
1847 qdev_reset_all(DEVICE(s));
1848 }
1849 break;
1850 case 0x16:
1851 s->mbox0 = val;
1852 break;
1853 case 0x17:
1854 s->mbox1 = val;
1855 break;
1856 case 0x18:
1857
1858 break;
1859 case 0x1a:
1860 s->ctest2 = val & LSI_CTEST2_PCICIE;
1861 break;
1862 case 0x1b:
1863 s->ctest3 = val & 0x0f;
1864 break;
1865 CASE_SET_REG32(temp, 0x1c)
1866 case 0x21:
1867 if (val & 7) {
1868 BADF("Unimplemented CTEST4-FBL 0x%x\n", val);
1869 }
1870 s->ctest4 = val;
1871 break;
1872 case 0x22:
1873 if (val & (LSI_CTEST5_ADCK | LSI_CTEST5_BBCK)) {
1874 BADF("CTEST5 DMA increment not implemented\n");
1875 }
1876 s->ctest5 = val;
1877 break;
1878 CASE_SET_REG24(dbc, 0x24)
1879 CASE_SET_REG32(dnad, 0x28)
1880 case 0x2c:
1881 s->dsp &= 0xffffff00;
1882 s->dsp |= val;
1883 break;
1884 case 0x2d:
1885 s->dsp &= 0xffff00ff;
1886 s->dsp |= val << 8;
1887 break;
1888 case 0x2e:
1889 s->dsp &= 0xff00ffff;
1890 s->dsp |= val << 16;
1891 break;
1892 case 0x2f:
1893 s->dsp &= 0x00ffffff;
1894 s->dsp |= val << 24;
1895 if ((s->dmode & LSI_DMODE_MAN) == 0
1896 && (s->istat1 & LSI_ISTAT1_SRUN) == 0)
1897 lsi_execute_script(s);
1898 break;
1899 CASE_SET_REG32(dsps, 0x30)
1900 CASE_SET_REG32(scratch[0], 0x34)
1901 case 0x38:
1902 s->dmode = val;
1903 break;
1904 case 0x39:
1905 s->dien = val;
1906 lsi_update_irq(s);
1907 break;
1908 case 0x3a:
1909 s->sbr = val;
1910 break;
1911 case 0x3b:
1912 s->dcntl = val & ~(LSI_DCNTL_PFF | LSI_DCNTL_STD);
1913 if ((val & LSI_DCNTL_STD) && (s->istat1 & LSI_ISTAT1_SRUN) == 0)
1914 lsi_execute_script(s);
1915 break;
1916 case 0x40:
1917 s->sien0 = val;
1918 lsi_update_irq(s);
1919 break;
1920 case 0x41:
1921 s->sien1 = val;
1922 lsi_update_irq(s);
1923 break;
1924 case 0x47:
1925 break;
1926 case 0x48:
1927 s->stime0 = val;
1928 break;
1929 case 0x49:
1930 if (val & 0xf) {
1931 DPRINTF("General purpose timer not implemented\n");
1932
1933
1934 lsi_script_scsi_interrupt(s, 0, LSI_SIST1_GEN);
1935 }
1936 break;
1937 case 0x4a:
1938 s->respid0 = val;
1939 break;
1940 case 0x4b:
1941 s->respid1 = val;
1942 break;
1943 case 0x4d:
1944 s->stest1 = val;
1945 break;
1946 case 0x4e:
1947 if (val & 1) {
1948 BADF("Low level mode not implemented\n");
1949 }
1950 s->stest2 = val;
1951 break;
1952 case 0x4f:
1953 if (val & 0x41) {
1954 BADF("SCSI FIFO test mode not implemented\n");
1955 }
1956 s->stest3 = val;
1957 break;
1958 case 0x56:
1959 s->ccntl0 = val;
1960 break;
1961 case 0x57:
1962 s->ccntl1 = val;
1963 break;
1964 CASE_SET_REG32(mmrs, 0xa0)
1965 CASE_SET_REG32(mmws, 0xa4)
1966 CASE_SET_REG32(sfs, 0xa8)
1967 CASE_SET_REG32(drs, 0xac)
1968 CASE_SET_REG32(sbms, 0xb0)
1969 CASE_SET_REG32(dbms, 0xb4)
1970 CASE_SET_REG32(dnad64, 0xb8)
1971 CASE_SET_REG32(pmjad1, 0xc0)
1972 CASE_SET_REG32(pmjad2, 0xc4)
1973 CASE_SET_REG32(rbc, 0xc8)
1974 CASE_SET_REG32(ua, 0xcc)
1975 CASE_SET_REG32(ia, 0xd4)
1976 CASE_SET_REG32(sbc, 0xd8)
1977 CASE_SET_REG32(csbc, 0xdc)
1978 default:
1979 if (offset >= 0x5c && offset < 0xa0) {
1980 int n;
1981 int shift;
1982 n = (offset - 0x58) >> 2;
1983 shift = (offset & 3) * 8;
1984 s->scratch[n] = deposit32(s->scratch[n], shift, 8, val);
1985 } else {
1986 qemu_log_mask(LOG_GUEST_ERROR,
1987 "lsi_scsi: invalid write to reg %s %x (0x%02x)\n",
1988 offset < ARRAY_SIZE(names) ? names[offset] : "???",
1989 offset, val);
1990 }
1991 }
1992#undef CASE_SET_REG24
1993#undef CASE_SET_REG32
1994}
1995
1996static void lsi_mmio_write(void *opaque, hwaddr addr,
1997 uint64_t val, unsigned size)
1998{
1999 LSIState *s = opaque;
2000
2001 lsi_reg_writeb(s, addr & 0xff, val);
2002}
2003
2004static uint64_t lsi_mmio_read(void *opaque, hwaddr addr,
2005 unsigned size)
2006{
2007 LSIState *s = opaque;
2008
2009 return lsi_reg_readb(s, addr & 0xff);
2010}
2011
2012static const MemoryRegionOps lsi_mmio_ops = {
2013 .read = lsi_mmio_read,
2014 .write = lsi_mmio_write,
2015 .endianness = DEVICE_NATIVE_ENDIAN,
2016 .impl = {
2017 .min_access_size = 1,
2018 .max_access_size = 1,
2019 },
2020};
2021
2022static void lsi_ram_write(void *opaque, hwaddr addr,
2023 uint64_t val, unsigned size)
2024{
2025 LSIState *s = opaque;
2026 uint32_t newval;
2027 uint32_t mask;
2028 int shift;
2029
2030 newval = s->script_ram[addr >> 2];
2031 shift = (addr & 3) * 8;
2032 mask = ((uint64_t)1 << (size * 8)) - 1;
2033 newval &= ~(mask << shift);
2034 newval |= val << shift;
2035 s->script_ram[addr >> 2] = newval;
2036}
2037
2038static uint64_t lsi_ram_read(void *opaque, hwaddr addr,
2039 unsigned size)
2040{
2041 LSIState *s = opaque;
2042 uint32_t val;
2043 uint32_t mask;
2044
2045 val = s->script_ram[addr >> 2];
2046 mask = ((uint64_t)1 << (size * 8)) - 1;
2047 val >>= (addr & 3) * 8;
2048 return val & mask;
2049}
2050
2051static const MemoryRegionOps lsi_ram_ops = {
2052 .read = lsi_ram_read,
2053 .write = lsi_ram_write,
2054 .endianness = DEVICE_NATIVE_ENDIAN,
2055};
2056
2057static uint64_t lsi_io_read(void *opaque, hwaddr addr,
2058 unsigned size)
2059{
2060 LSIState *s = opaque;
2061 return lsi_reg_readb(s, addr & 0xff);
2062}
2063
2064static void lsi_io_write(void *opaque, hwaddr addr,
2065 uint64_t val, unsigned size)
2066{
2067 LSIState *s = opaque;
2068 lsi_reg_writeb(s, addr & 0xff, val);
2069}
2070
2071static const MemoryRegionOps lsi_io_ops = {
2072 .read = lsi_io_read,
2073 .write = lsi_io_write,
2074 .endianness = DEVICE_NATIVE_ENDIAN,
2075 .impl = {
2076 .min_access_size = 1,
2077 .max_access_size = 1,
2078 },
2079};
2080
2081static void lsi_scsi_reset(DeviceState *dev)
2082{
2083 LSIState *s = LSI53C895A(dev);
2084
2085 lsi_soft_reset(s);
2086}
2087
2088static void lsi_pre_save(void *opaque)
2089{
2090 LSIState *s = opaque;
2091
2092 if (s->current) {
2093 assert(s->current->dma_buf == NULL);
2094 assert(s->current->dma_len == 0);
2095 }
2096 assert(QTAILQ_EMPTY(&s->queue));
2097}
2098
2099static const VMStateDescription vmstate_lsi_scsi = {
2100 .name = "lsiscsi",
2101 .version_id = 0,
2102 .minimum_version_id = 0,
2103 .pre_save = lsi_pre_save,
2104 .fields = (VMStateField[]) {
2105 VMSTATE_PCI_DEVICE(parent_obj, LSIState),
2106
2107 VMSTATE_INT32(carry, LSIState),
2108 VMSTATE_INT32(status, LSIState),
2109 VMSTATE_INT32(msg_action, LSIState),
2110 VMSTATE_INT32(msg_len, LSIState),
2111 VMSTATE_BUFFER(msg, LSIState),
2112 VMSTATE_INT32(waiting, LSIState),
2113
2114 VMSTATE_UINT32(dsa, LSIState),
2115 VMSTATE_UINT32(temp, LSIState),
2116 VMSTATE_UINT32(dnad, LSIState),
2117 VMSTATE_UINT32(dbc, LSIState),
2118 VMSTATE_UINT8(istat0, LSIState),
2119 VMSTATE_UINT8(istat1, LSIState),
2120 VMSTATE_UINT8(dcmd, LSIState),
2121 VMSTATE_UINT8(dstat, LSIState),
2122 VMSTATE_UINT8(dien, LSIState),
2123 VMSTATE_UINT8(sist0, LSIState),
2124 VMSTATE_UINT8(sist1, LSIState),
2125 VMSTATE_UINT8(sien0, LSIState),
2126 VMSTATE_UINT8(sien1, LSIState),
2127 VMSTATE_UINT8(mbox0, LSIState),
2128 VMSTATE_UINT8(mbox1, LSIState),
2129 VMSTATE_UINT8(dfifo, LSIState),
2130 VMSTATE_UINT8(ctest2, LSIState),
2131 VMSTATE_UINT8(ctest3, LSIState),
2132 VMSTATE_UINT8(ctest4, LSIState),
2133 VMSTATE_UINT8(ctest5, LSIState),
2134 VMSTATE_UINT8(ccntl0, LSIState),
2135 VMSTATE_UINT8(ccntl1, LSIState),
2136 VMSTATE_UINT32(dsp, LSIState),
2137 VMSTATE_UINT32(dsps, LSIState),
2138 VMSTATE_UINT8(dmode, LSIState),
2139 VMSTATE_UINT8(dcntl, LSIState),
2140 VMSTATE_UINT8(scntl0, LSIState),
2141 VMSTATE_UINT8(scntl1, LSIState),
2142 VMSTATE_UINT8(scntl2, LSIState),
2143 VMSTATE_UINT8(scntl3, LSIState),
2144 VMSTATE_UINT8(sstat0, LSIState),
2145 VMSTATE_UINT8(sstat1, LSIState),
2146 VMSTATE_UINT8(scid, LSIState),
2147 VMSTATE_UINT8(sxfer, LSIState),
2148 VMSTATE_UINT8(socl, LSIState),
2149 VMSTATE_UINT8(sdid, LSIState),
2150 VMSTATE_UINT8(ssid, LSIState),
2151 VMSTATE_UINT8(sfbr, LSIState),
2152 VMSTATE_UINT8(stest1, LSIState),
2153 VMSTATE_UINT8(stest2, LSIState),
2154 VMSTATE_UINT8(stest3, LSIState),
2155 VMSTATE_UINT8(sidl, LSIState),
2156 VMSTATE_UINT8(stime0, LSIState),
2157 VMSTATE_UINT8(respid0, LSIState),
2158 VMSTATE_UINT8(respid1, LSIState),
2159 VMSTATE_UINT32(mmrs, LSIState),
2160 VMSTATE_UINT32(mmws, LSIState),
2161 VMSTATE_UINT32(sfs, LSIState),
2162 VMSTATE_UINT32(drs, LSIState),
2163 VMSTATE_UINT32(sbms, LSIState),
2164 VMSTATE_UINT32(dbms, LSIState),
2165 VMSTATE_UINT32(dnad64, LSIState),
2166 VMSTATE_UINT32(pmjad1, LSIState),
2167 VMSTATE_UINT32(pmjad2, LSIState),
2168 VMSTATE_UINT32(rbc, LSIState),
2169 VMSTATE_UINT32(ua, LSIState),
2170 VMSTATE_UINT32(ia, LSIState),
2171 VMSTATE_UINT32(sbc, LSIState),
2172 VMSTATE_UINT32(csbc, LSIState),
2173 VMSTATE_BUFFER_UNSAFE(scratch, LSIState, 0, 18 * sizeof(uint32_t)),
2174 VMSTATE_UINT8(sbr, LSIState),
2175
2176 VMSTATE_BUFFER_UNSAFE(script_ram, LSIState, 0, 2048 * sizeof(uint32_t)),
2177 VMSTATE_END_OF_LIST()
2178 }
2179};
2180
2181static const struct SCSIBusInfo lsi_scsi_info = {
2182 .tcq = true,
2183 .max_target = LSI_MAX_DEVS,
2184 .max_lun = 0,
2185
2186 .transfer_data = lsi_transfer_data,
2187 .complete = lsi_command_complete,
2188 .cancel = lsi_request_cancelled
2189};
2190
2191static void lsi_scsi_realize(PCIDevice *dev, Error **errp)
2192{
2193 LSIState *s = LSI53C895A(dev);
2194 DeviceState *d = DEVICE(dev);
2195 uint8_t *pci_conf;
2196
2197 pci_conf = dev->config;
2198
2199
2200 pci_conf[PCI_LATENCY_TIMER] = 0xff;
2201
2202 pci_conf[PCI_INTERRUPT_PIN] = 0x01;
2203
2204 memory_region_init_io(&s->mmio_io, OBJECT(s), &lsi_mmio_ops, s,
2205 "lsi-mmio", 0x400);
2206 memory_region_init_io(&s->ram_io, OBJECT(s), &lsi_ram_ops, s,
2207 "lsi-ram", 0x2000);
2208 memory_region_init_io(&s->io_io, OBJECT(s), &lsi_io_ops, s,
2209 "lsi-io", 256);
2210
2211 address_space_init(&s->pci_io_as, pci_address_space_io(dev), "lsi-pci-io");
2212
2213 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_io);
2214 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->mmio_io);
2215 pci_register_bar(dev, 2, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->ram_io);
2216 QTAILQ_INIT(&s->queue);
2217
2218 scsi_bus_new(&s->bus, sizeof(s->bus), d, &lsi_scsi_info, NULL);
2219 if (!d->hotplugged) {
2220 scsi_bus_legacy_handle_cmdline(&s->bus, errp);
2221 }
2222}
2223
2224static void lsi_scsi_unrealize(DeviceState *dev, Error **errp)
2225{
2226 LSIState *s = LSI53C895A(dev);
2227
2228 address_space_destroy(&s->pci_io_as);
2229}
2230
2231static void lsi_class_init(ObjectClass *klass, void *data)
2232{
2233 DeviceClass *dc = DEVICE_CLASS(klass);
2234 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2235
2236 k->realize = lsi_scsi_realize;
2237 k->vendor_id = PCI_VENDOR_ID_LSI_LOGIC;
2238 k->device_id = PCI_DEVICE_ID_LSI_53C895A;
2239 k->class_id = PCI_CLASS_STORAGE_SCSI;
2240 k->subsystem_id = 0x1000;
2241 dc->unrealize = lsi_scsi_unrealize;
2242 dc->reset = lsi_scsi_reset;
2243 dc->vmsd = &vmstate_lsi_scsi;
2244 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
2245}
2246
2247static const TypeInfo lsi_info = {
2248 .name = TYPE_LSI53C895A,
2249 .parent = TYPE_PCI_DEVICE,
2250 .instance_size = sizeof(LSIState),
2251 .class_init = lsi_class_init,
2252};
2253
2254static void lsi53c810_class_init(ObjectClass *klass, void *data)
2255{
2256 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2257
2258 k->device_id = PCI_DEVICE_ID_LSI_53C810;
2259}
2260
2261static TypeInfo lsi53c810_info = {
2262 .name = TYPE_LSI53C810,
2263 .parent = TYPE_LSI53C895A,
2264 .class_init = lsi53c810_class_init,
2265};
2266
2267static void lsi53c895a_register_types(void)
2268{
2269 type_register_static(&lsi_info);
2270 type_register_static(&lsi53c810_info);
2271}
2272
2273type_init(lsi53c895a_register_types)
2274
