1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include "qemu/osdep.h"
17
18#include "hw/hw.h"
19#include "hw/pci/pci.h"
20#include "hw/scsi/scsi.h"
21#include "sysemu/dma.h"
22#include "qemu/log.h"
23#include "trace.h"
24
25static const char *names[] = {
26 "SCNTL0", "SCNTL1", "SCNTL2", "SCNTL3", "SCID", "SXFER", "SDID", "GPREG",
27 "SFBR", "SOCL", "SSID", "SBCL", "DSTAT", "SSTAT0", "SSTAT1", "SSTAT2",
28 "DSA0", "DSA1", "DSA2", "DSA3", "ISTAT", "0x15", "0x16", "0x17",
29 "CTEST0", "CTEST1", "CTEST2", "CTEST3", "TEMP0", "TEMP1", "TEMP2", "TEMP3",
30 "DFIFO", "CTEST4", "CTEST5", "CTEST6", "DBC0", "DBC1", "DBC2", "DCMD",
31 "DNAD0", "DNAD1", "DNAD2", "DNAD3", "DSP0", "DSP1", "DSP2", "DSP3",
32 "DSPS0", "DSPS1", "DSPS2", "DSPS3", "SCRATCHA0", "SCRATCHA1", "SCRATCHA2", "SCRATCHA3",
33 "DMODE", "DIEN", "SBR", "DCNTL", "ADDER0", "ADDER1", "ADDER2", "ADDER3",
34 "SIEN0", "SIEN1", "SIST0", "SIST1", "SLPAR", "0x45", "MACNTL", "GPCNTL",
35 "STIME0", "STIME1", "RESPID", "0x4b", "STEST0", "STEST1", "STEST2", "STEST3",
36 "SIDL", "0x51", "0x52", "0x53", "SODL", "0x55", "0x56", "0x57",
37 "SBDL", "0x59", "0x5a", "0x5b", "SCRATCHB0", "SCRATCHB1", "SCRATCHB2", "SCRATCHB3",
38};
39
40#define LSI_MAX_DEVS 7
41
42#define LSI_SCNTL0_TRG 0x01
43#define LSI_SCNTL0_AAP 0x02
44#define LSI_SCNTL0_EPC 0x08
45#define LSI_SCNTL0_WATN 0x10
46#define LSI_SCNTL0_START 0x20
47
48#define LSI_SCNTL1_SST 0x01
49#define LSI_SCNTL1_IARB 0x02
50#define LSI_SCNTL1_AESP 0x04
51#define LSI_SCNTL1_RST 0x08
52#define LSI_SCNTL1_CON 0x10
53#define LSI_SCNTL1_DHP 0x20
54#define LSI_SCNTL1_ADB 0x40
55#define LSI_SCNTL1_EXC 0x80
56
57#define LSI_SCNTL2_WSR 0x01
58#define LSI_SCNTL2_VUE0 0x02
59#define LSI_SCNTL2_VUE1 0x04
60#define LSI_SCNTL2_WSS 0x08
61#define LSI_SCNTL2_SLPHBEN 0x10
62#define LSI_SCNTL2_SLPMD 0x20
63#define LSI_SCNTL2_CHM 0x40
64#define LSI_SCNTL2_SDU 0x80
65
66#define LSI_ISTAT0_DIP 0x01
67#define LSI_ISTAT0_SIP 0x02
68#define LSI_ISTAT0_INTF 0x04
69#define LSI_ISTAT0_CON 0x08
70#define LSI_ISTAT0_SEM 0x10
71#define LSI_ISTAT0_SIGP 0x20
72#define LSI_ISTAT0_SRST 0x40
73#define LSI_ISTAT0_ABRT 0x80
74
75#define LSI_ISTAT1_SI 0x01
76#define LSI_ISTAT1_SRUN 0x02
77#define LSI_ISTAT1_FLSH 0x04
78
79#define LSI_SSTAT0_SDP0 0x01
80#define LSI_SSTAT0_RST 0x02
81#define LSI_SSTAT0_WOA 0x04
82#define LSI_SSTAT0_LOA 0x08
83#define LSI_SSTAT0_AIP 0x10
84#define LSI_SSTAT0_OLF 0x20
85#define LSI_SSTAT0_ORF 0x40
86#define LSI_SSTAT0_ILF 0x80
87
88#define LSI_SIST0_PAR 0x01
89#define LSI_SIST0_RST 0x02
90#define LSI_SIST0_UDC 0x04
91#define LSI_SIST0_SGE 0x08
92#define LSI_SIST0_RSL 0x10
93#define LSI_SIST0_SEL 0x20
94#define LSI_SIST0_CMP 0x40
95#define LSI_SIST0_MA 0x80
96
97#define LSI_SIST1_HTH 0x01
98#define LSI_SIST1_GEN 0x02
99#define LSI_SIST1_STO 0x04
100#define LSI_SIST1_SBMC 0x10
101
102#define LSI_SOCL_IO 0x01
103#define LSI_SOCL_CD 0x02
104#define LSI_SOCL_MSG 0x04
105#define LSI_SOCL_ATN 0x08
106#define LSI_SOCL_SEL 0x10
107#define LSI_SOCL_BSY 0x20
108#define LSI_SOCL_ACK 0x40
109#define LSI_SOCL_REQ 0x80
110
111#define LSI_DSTAT_IID 0x01
112#define LSI_DSTAT_SIR 0x04
113#define LSI_DSTAT_SSI 0x08
114#define LSI_DSTAT_ABRT 0x10
115#define LSI_DSTAT_BF 0x20
116#define LSI_DSTAT_MDPE 0x40
117#define LSI_DSTAT_DFE 0x80
118
119#define LSI_DCNTL_COM 0x01
120#define LSI_DCNTL_IRQD 0x02
121#define LSI_DCNTL_STD 0x04
122#define LSI_DCNTL_IRQM 0x08
123#define LSI_DCNTL_SSM 0x10
124#define LSI_DCNTL_PFEN 0x20
125#define LSI_DCNTL_PFF 0x40
126#define LSI_DCNTL_CLSE 0x80
127
128#define LSI_DMODE_MAN 0x01
129#define LSI_DMODE_BOF 0x02
130#define LSI_DMODE_ERMP 0x04
131#define LSI_DMODE_ERL 0x08
132#define LSI_DMODE_DIOM 0x10
133#define LSI_DMODE_SIOM 0x20
134
135#define LSI_CTEST2_DACK 0x01
136#define LSI_CTEST2_DREQ 0x02
137#define LSI_CTEST2_TEOP 0x04
138#define LSI_CTEST2_PCICIE 0x08
139#define LSI_CTEST2_CM 0x10
140#define LSI_CTEST2_CIO 0x20
141#define LSI_CTEST2_SIGP 0x40
142#define LSI_CTEST2_DDIR 0x80
143
144#define LSI_CTEST5_BL2 0x04
145#define LSI_CTEST5_DDIR 0x08
146#define LSI_CTEST5_MASR 0x10
147#define LSI_CTEST5_DFSN 0x20
148#define LSI_CTEST5_BBCK 0x40
149#define LSI_CTEST5_ADCK 0x80
150
151#define LSI_CCNTL0_DILS 0x01
152#define LSI_CCNTL0_DISFC 0x10
153#define LSI_CCNTL0_ENNDJ 0x20
154#define LSI_CCNTL0_PMJCTL 0x40
155#define LSI_CCNTL0_ENPMJ 0x80
156
157#define LSI_CCNTL1_EN64DBMV 0x01
158#define LSI_CCNTL1_EN64TIBMV 0x02
159#define LSI_CCNTL1_64TIMOD 0x04
160#define LSI_CCNTL1_DDAC 0x08
161#define LSI_CCNTL1_ZMOD 0x80
162
163
164#define LSI_SCID_RRE 0x60
165
166#define LSI_CCNTL1_40BIT (LSI_CCNTL1_EN64TIBMV|LSI_CCNTL1_64TIMOD)
167
168#define PHASE_DO 0
169#define PHASE_DI 1
170#define PHASE_CMD 2
171#define PHASE_ST 3
172#define PHASE_MO 6
173#define PHASE_MI 7
174#define PHASE_MASK 7
175
176
177#define LSI_MAX_MSGIN_LEN 8
178
179
180#define LSI_TAG_VALID (1 << 16)
181
182typedef struct lsi_request {
183 SCSIRequest *req;
184 uint32_t tag;
185 uint32_t dma_len;
186 uint8_t *dma_buf;
187 uint32_t pending;
188 int out;
189 QTAILQ_ENTRY(lsi_request) next;
190} lsi_request;
191
192typedef struct {
193
194 PCIDevice parent_obj;
195
196
197 qemu_irq ext_irq;
198 MemoryRegion mmio_io;
199 MemoryRegion ram_io;
200 MemoryRegion io_io;
201 AddressSpace pci_io_as;
202
203 int carry;
204 int status;
205
206
207 int msg_action;
208 int msg_len;
209 uint8_t msg[LSI_MAX_MSGIN_LEN];
210
211
212
213
214 int waiting;
215 SCSIBus bus;
216 int current_lun;
217
218 uint32_t select_tag;
219 int command_complete;
220 QTAILQ_HEAD(, lsi_request) queue;
221 lsi_request *current;
222
223 uint32_t dsa;
224 uint32_t temp;
225 uint32_t dnad;
226 uint32_t dbc;
227 uint8_t istat0;
228 uint8_t istat1;
229 uint8_t dcmd;
230 uint8_t dstat;
231 uint8_t dien;
232 uint8_t sist0;
233 uint8_t sist1;
234 uint8_t sien0;
235 uint8_t sien1;
236 uint8_t mbox0;
237 uint8_t mbox1;
238 uint8_t dfifo;
239 uint8_t ctest2;
240 uint8_t ctest3;
241 uint8_t ctest4;
242 uint8_t ctest5;
243 uint8_t ccntl0;
244 uint8_t ccntl1;
245 uint32_t dsp;
246 uint32_t dsps;
247 uint8_t dmode;
248 uint8_t dcntl;
249 uint8_t scntl0;
250 uint8_t scntl1;
251 uint8_t scntl2;
252 uint8_t scntl3;
253 uint8_t sstat0;
254 uint8_t sstat1;
255 uint8_t scid;
256 uint8_t sxfer;
257 uint8_t socl;
258 uint8_t sdid;
259 uint8_t ssid;
260 uint8_t sfbr;
261 uint8_t stest1;
262 uint8_t stest2;
263 uint8_t stest3;
264 uint8_t sidl;
265 uint8_t stime0;
266 uint8_t respid0;
267 uint8_t respid1;
268 uint32_t mmrs;
269 uint32_t mmws;
270 uint32_t sfs;
271 uint32_t drs;
272 uint32_t sbms;
273 uint32_t dbms;
274 uint32_t dnad64;
275 uint32_t pmjad1;
276 uint32_t pmjad2;
277 uint32_t rbc;
278 uint32_t ua;
279 uint32_t ia;
280 uint32_t sbc;
281 uint32_t csbc;
282 uint32_t scratch[18];
283 uint8_t sbr;
284 uint32_t adder;
285
286
287 uint32_t script_ram[2048];
288} LSIState;
289
290#define TYPE_LSI53C810 "lsi53c810"
291#define TYPE_LSI53C895A "lsi53c895a"
292
293#define LSI53C895A(obj) \
294 OBJECT_CHECK(LSIState, (obj), TYPE_LSI53C895A)
295
296static inline int lsi_irq_on_rsl(LSIState *s)
297{
298 return (s->sien0 & LSI_SIST0_RSL) && (s->scid & LSI_SCID_RRE);
299}
300
301static lsi_request *get_pending_req(LSIState *s)
302{
303 lsi_request *p;
304
305 QTAILQ_FOREACH(p, &s->queue, next) {
306 if (p->pending) {
307 return p;
308 }
309 }
310 return NULL;
311}
312
313static void lsi_soft_reset(LSIState *s)
314{
315 trace_lsi_reset();
316 s->carry = 0;
317
318 s->msg_action = 0;
319 s->msg_len = 0;
320 s->waiting = 0;
321 s->dsa = 0;
322 s->dnad = 0;
323 s->dbc = 0;
324 s->temp = 0;
325 memset(s->scratch, 0, sizeof(s->scratch));
326 s->istat0 = 0;
327 s->istat1 = 0;
328 s->dcmd = 0x40;
329 s->dstat = 0;
330 s->dien = 0;
331 s->sist0 = 0;
332 s->sist1 = 0;
333 s->sien0 = 0;
334 s->sien1 = 0;
335 s->mbox0 = 0;
336 s->mbox1 = 0;
337 s->dfifo = 0;
338 s->ctest2 = LSI_CTEST2_DACK;
339 s->ctest3 = 0;
340 s->ctest4 = 0;
341 s->ctest5 = 0;
342 s->ccntl0 = 0;
343 s->ccntl1 = 0;
344 s->dsp = 0;
345 s->dsps = 0;
346 s->dmode = 0;
347 s->dcntl = 0;
348 s->scntl0 = 0xc0;
349 s->scntl1 = 0;
350 s->scntl2 = 0;
351 s->scntl3 = 0;
352 s->sstat0 = 0;
353 s->sstat1 = 0;
354 s->scid = 7;
355 s->sxfer = 0;
356 s->socl = 0;
357 s->sdid = 0;
358 s->ssid = 0;
359 s->stest1 = 0;
360 s->stest2 = 0;
361 s->stest3 = 0;
362 s->sidl = 0;
363 s->stime0 = 0;
364 s->respid0 = 0x80;
365 s->respid1 = 0;
366 s->mmrs = 0;
367 s->mmws = 0;
368 s->sfs = 0;
369 s->drs = 0;
370 s->sbms = 0;
371 s->dbms = 0;
372 s->dnad64 = 0;
373 s->pmjad1 = 0;
374 s->pmjad2 = 0;
375 s->rbc = 0;
376 s->ua = 0;
377 s->ia = 0;
378 s->sbc = 0;
379 s->csbc = 0;
380 s->sbr = 0;
381 assert(QTAILQ_EMPTY(&s->queue));
382 assert(!s->current);
383}
384
385static int lsi_dma_40bit(LSIState *s)
386{
387 if ((s->ccntl1 & LSI_CCNTL1_40BIT) == LSI_CCNTL1_40BIT)
388 return 1;
389 return 0;
390}
391
392static int lsi_dma_ti64bit(LSIState *s)
393{
394 if ((s->ccntl1 & LSI_CCNTL1_EN64TIBMV) == LSI_CCNTL1_EN64TIBMV)
395 return 1;
396 return 0;
397}
398
399static int lsi_dma_64bit(LSIState *s)
400{
401 if ((s->ccntl1 & LSI_CCNTL1_EN64DBMV) == LSI_CCNTL1_EN64DBMV)
402 return 1;
403 return 0;
404}
405
406static uint8_t lsi_reg_readb(LSIState *s, int offset);
407static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val);
408static void lsi_execute_script(LSIState *s);
409static void lsi_reselect(LSIState *s, lsi_request *p);
410
411static inline void lsi_mem_read(LSIState *s, dma_addr_t addr,
412 void *buf, dma_addr_t len)
413{
414 if (s->dmode & LSI_DMODE_SIOM) {
415 address_space_read(&s->pci_io_as, addr, MEMTXATTRS_UNSPECIFIED,
416 buf, len);
417 } else {
418 pci_dma_read(PCI_DEVICE(s), addr, buf, len);
419 }
420}
421
422static inline void lsi_mem_write(LSIState *s, dma_addr_t addr,
423 const void *buf, dma_addr_t len)
424{
425 if (s->dmode & LSI_DMODE_DIOM) {
426 address_space_write(&s->pci_io_as, addr, MEMTXATTRS_UNSPECIFIED,
427 buf, len);
428 } else {
429 pci_dma_write(PCI_DEVICE(s), addr, buf, len);
430 }
431}
432
433static inline uint32_t read_dword(LSIState *s, uint32_t addr)
434{
435 uint32_t buf;
436
437 pci_dma_read(PCI_DEVICE(s), addr, &buf, 4);
438 return cpu_to_le32(buf);
439}
440
441static void lsi_stop_script(LSIState *s)
442{
443 s->istat1 &= ~LSI_ISTAT1_SRUN;
444}
445
446static void lsi_set_irq(LSIState *s, int level)
447{
448 PCIDevice *d = PCI_DEVICE(s);
449
450 if (s->ext_irq) {
451 qemu_set_irq(s->ext_irq, level);
452 } else {
453 pci_set_irq(d, level);
454 }
455}
456
457static void lsi_update_irq(LSIState *s)
458{
459 int level;
460 static int last_level;
461
462
463
464
465 level = 0;
466 if (s->dstat) {
467 if (s->dstat & s->dien)
468 level = 1;
469 s->istat0 |= LSI_ISTAT0_DIP;
470 } else {
471 s->istat0 &= ~LSI_ISTAT0_DIP;
472 }
473
474 if (s->sist0 || s->sist1) {
475 if ((s->sist0 & s->sien0) || (s->sist1 & s->sien1))
476 level = 1;
477 s->istat0 |= LSI_ISTAT0_SIP;
478 } else {
479 s->istat0 &= ~LSI_ISTAT0_SIP;
480 }
481 if (s->istat0 & LSI_ISTAT0_INTF)
482 level = 1;
483
484 if (level != last_level) {
485 trace_lsi_update_irq(level, s->dstat, s->sist1, s->sist0);
486 last_level = level;
487 }
488 lsi_set_irq(s, level);
489
490 if (!s->current && !level && lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON)) {
491 lsi_request *p;
492
493 trace_lsi_update_irq_disconnected();
494 p = get_pending_req(s);
495 if (p) {
496 lsi_reselect(s, p);
497 }
498 }
499}
500
501
502static void lsi_script_scsi_interrupt(LSIState *s, int stat0, int stat1)
503{
504 uint32_t mask0;
505 uint32_t mask1;
506
507 trace_lsi_script_scsi_interrupt(stat1, stat0, s->sist1, s->sist0);
508 s->sist0 |= stat0;
509 s->sist1 |= stat1;
510
511
512
513 mask0 = s->sien0 | ~(LSI_SIST0_CMP | LSI_SIST0_SEL | LSI_SIST0_RSL);
514 mask1 = s->sien1 | ~(LSI_SIST1_GEN | LSI_SIST1_HTH);
515 mask1 &= ~LSI_SIST1_STO;
516 if (s->sist0 & mask0 || s->sist1 & mask1) {
517 lsi_stop_script(s);
518 }
519 lsi_update_irq(s);
520}
521
522
523static void lsi_script_dma_interrupt(LSIState *s, int stat)
524{
525 trace_lsi_script_dma_interrupt(stat, s->dstat);
526 s->dstat |= stat;
527 lsi_update_irq(s);
528 lsi_stop_script(s);
529}
530
531static inline void lsi_set_phase(LSIState *s, int phase)
532{
533 s->sstat1 = (s->sstat1 & ~PHASE_MASK) | phase;
534}
535
536static void lsi_bad_phase(LSIState *s, int out, int new_phase)
537{
538
539 if (s->ccntl0 & LSI_CCNTL0_ENPMJ) {
540 if ((s->ccntl0 & LSI_CCNTL0_PMJCTL)) {
541 s->dsp = out ? s->pmjad1 : s->pmjad2;
542 } else {
543 s->dsp = (s->scntl2 & LSI_SCNTL2_WSR ? s->pmjad2 : s->pmjad1);
544 }
545 trace_lsi_bad_phase_jump(s->dsp);
546 } else {
547 trace_lsi_bad_phase_interrupt();
548 lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
549 lsi_stop_script(s);
550 }
551 lsi_set_phase(s, new_phase);
552}
553
554
555
556static void lsi_resume_script(LSIState *s)
557{
558 if (s->waiting != 2) {
559 s->waiting = 0;
560 lsi_execute_script(s);
561 } else {
562 s->waiting = 0;
563 }
564}
565
566static void lsi_disconnect(LSIState *s)
567{
568 s->scntl1 &= ~LSI_SCNTL1_CON;
569 s->sstat1 &= ~PHASE_MASK;
570}
571
572static void lsi_bad_selection(LSIState *s, uint32_t id)
573{
574 trace_lsi_bad_selection(id);
575 lsi_script_scsi_interrupt(s, 0, LSI_SIST1_STO);
576 lsi_disconnect(s);
577}
578
579
580static void lsi_do_dma(LSIState *s, int out)
581{
582 uint32_t count;
583 dma_addr_t addr;
584 SCSIDevice *dev;
585
586 assert(s->current);
587 if (!s->current->dma_len) {
588
589 trace_lsi_do_dma_unavailable();
590 return;
591 }
592
593 dev = s->current->req->dev;
594 assert(dev);
595
596 count = s->dbc;
597 if (count > s->current->dma_len)
598 count = s->current->dma_len;
599
600 addr = s->dnad;
601
602 if (lsi_dma_40bit(s) || lsi_dma_ti64bit(s))
603 addr |= ((uint64_t)s->dnad64 << 32);
604 else if (s->dbms)
605 addr |= ((uint64_t)s->dbms << 32);
606 else if (s->sbms)
607 addr |= ((uint64_t)s->sbms << 32);
608
609 trace_lsi_do_dma(addr, count);
610 s->csbc += count;
611 s->dnad += count;
612 s->dbc -= count;
613 if (s->current->dma_buf == NULL) {
614 s->current->dma_buf = scsi_req_get_buf(s->current->req);
615 }
616
617 if (out) {
618 lsi_mem_read(s, addr, s->current->dma_buf, count);
619 } else {
620 lsi_mem_write(s, addr, s->current->dma_buf, count);
621 }
622 s->current->dma_len -= count;
623 if (s->current->dma_len == 0) {
624 s->current->dma_buf = NULL;
625 scsi_req_continue(s->current->req);
626 } else {
627 s->current->dma_buf += count;
628 lsi_resume_script(s);
629 }
630}
631
632
633
634static void lsi_queue_command(LSIState *s)
635{
636 lsi_request *p = s->current;
637
638 trace_lsi_queue_command(p->tag);
639 assert(s->current != NULL);
640 assert(s->current->dma_len == 0);
641 QTAILQ_INSERT_TAIL(&s->queue, s->current, next);
642 s->current = NULL;
643
644 p->pending = 0;
645 p->out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
646}
647
648
649static void lsi_add_msg_byte(LSIState *s, uint8_t data)
650{
651 if (s->msg_len >= LSI_MAX_MSGIN_LEN) {
652 trace_lsi_add_msg_byte_error();
653 } else {
654 trace_lsi_add_msg_byte(data);
655 s->msg[s->msg_len++] = data;
656 }
657}
658
659
660static void lsi_reselect(LSIState *s, lsi_request *p)
661{
662 int id;
663
664 assert(s->current == NULL);
665 QTAILQ_REMOVE(&s->queue, p, next);
666 s->current = p;
667
668 id = (p->tag >> 8) & 0xf;
669 s->ssid = id | 0x80;
670
671 if (!(s->dcntl & LSI_DCNTL_COM)) {
672 s->sfbr = 1 << (id & 0x7);
673 }
674 trace_lsi_reselect(id);
675 s->scntl1 |= LSI_SCNTL1_CON;
676 lsi_set_phase(s, PHASE_MI);
677 s->msg_action = p->out ? 2 : 3;
678 s->current->dma_len = p->pending;
679 lsi_add_msg_byte(s, 0x80);
680 if (s->current->tag & LSI_TAG_VALID) {
681 lsi_add_msg_byte(s, 0x20);
682 lsi_add_msg_byte(s, p->tag & 0xff);
683 }
684
685 if (lsi_irq_on_rsl(s)) {
686 lsi_script_scsi_interrupt(s, LSI_SIST0_RSL, 0);
687 }
688}
689
690static lsi_request *lsi_find_by_tag(LSIState *s, uint32_t tag)
691{
692 lsi_request *p;
693
694 QTAILQ_FOREACH(p, &s->queue, next) {
695 if (p->tag == tag) {
696 return p;
697 }
698 }
699
700 return NULL;
701}
702
703static void lsi_request_free(LSIState *s, lsi_request *p)
704{
705 if (p == s->current) {
706 s->current = NULL;
707 } else {
708 QTAILQ_REMOVE(&s->queue, p, next);
709 }
710 g_free(p);
711}
712
713static void lsi_request_cancelled(SCSIRequest *req)
714{
715 LSIState *s = LSI53C895A(req->bus->qbus.parent);
716 lsi_request *p = req->hba_private;
717
718 req->hba_private = NULL;
719 lsi_request_free(s, p);
720 scsi_req_unref(req);
721}
722
723
724
725static int lsi_queue_req(LSIState *s, SCSIRequest *req, uint32_t len)
726{
727 lsi_request *p = req->hba_private;
728
729 if (p->pending) {
730 trace_lsi_queue_req_error(p);
731 }
732 p->pending = len;
733
734
735
736
737
738 if (s->waiting == 1 ||
739 (lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON) &&
740 !(s->istat0 & (LSI_ISTAT0_SIP | LSI_ISTAT0_DIP)))) {
741
742 lsi_reselect(s, p);
743 return 0;
744 } else {
745 trace_lsi_queue_req(p->tag);
746 p->pending = len;
747 return 1;
748 }
749}
750
751
752static void lsi_command_complete(SCSIRequest *req, uint32_t status, size_t resid)
753{
754 LSIState *s = LSI53C895A(req->bus->qbus.parent);
755 int out;
756
757 out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
758 trace_lsi_command_complete(status);
759 s->status = status;
760 s->command_complete = 2;
761 if (s->waiting && s->dbc != 0) {
762
763 lsi_bad_phase(s, out, PHASE_ST);
764 } else {
765 lsi_set_phase(s, PHASE_ST);
766 }
767
768 if (req->hba_private == s->current) {
769 req->hba_private = NULL;
770 lsi_request_free(s, s->current);
771 scsi_req_unref(req);
772 }
773 lsi_resume_script(s);
774}
775
776
777static void lsi_transfer_data(SCSIRequest *req, uint32_t len)
778{
779 LSIState *s = LSI53C895A(req->bus->qbus.parent);
780 int out;
781
782 assert(req->hba_private);
783 if (s->waiting == 1 || req->hba_private != s->current ||
784 (lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON))) {
785 if (lsi_queue_req(s, req, len)) {
786 return;
787 }
788 }
789
790 out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
791
792
793 trace_lsi_transfer_data(req->tag, len);
794 s->current->dma_len = len;
795 s->command_complete = 1;
796 if (s->waiting) {
797 if (s->waiting == 1 || s->dbc == 0) {
798 lsi_resume_script(s);
799 } else {
800 lsi_do_dma(s, out);
801 }
802 }
803}
804
805static void lsi_do_command(LSIState *s)
806{
807 SCSIDevice *dev;
808 uint8_t buf[16];
809 uint32_t id;
810 int n;
811
812 trace_lsi_do_command(s->dbc);
813 if (s->dbc > 16)
814 s->dbc = 16;
815 pci_dma_read(PCI_DEVICE(s), s->dnad, buf, s->dbc);
816 s->sfbr = buf[0];
817 s->command_complete = 0;
818
819 id = (s->select_tag >> 8) & 0xf;
820 dev = scsi_device_find(&s->bus, 0, id, s->current_lun);
821 if (!dev) {
822 lsi_bad_selection(s, id);
823 return;
824 }
825
826 assert(s->current == NULL);
827 s->current = g_new0(lsi_request, 1);
828 s->current->tag = s->select_tag;
829 s->current->req = scsi_req_new(dev, s->current->tag, s->current_lun, buf,
830 s->current);
831
832 n = scsi_req_enqueue(s->current->req);
833 if (n) {
834 if (n > 0) {
835 lsi_set_phase(s, PHASE_DI);
836 } else if (n < 0) {
837 lsi_set_phase(s, PHASE_DO);
838 }
839 scsi_req_continue(s->current->req);
840 }
841 if (!s->command_complete) {
842 if (n) {
843
844 lsi_add_msg_byte(s, 2);
845 lsi_add_msg_byte(s, 4);
846
847 lsi_set_phase(s, PHASE_MI);
848 s->msg_action = 1;
849 lsi_queue_command(s);
850 } else {
851
852 lsi_set_phase(s, PHASE_DI);
853 }
854 }
855}
856
857static void lsi_do_status(LSIState *s)
858{
859 uint8_t status;
860 trace_lsi_do_status(s->dbc, s->status);
861 if (s->dbc != 1) {
862 trace_lsi_do_status_error();
863 }
864 s->dbc = 1;
865 status = s->status;
866 s->sfbr = status;
867 pci_dma_write(PCI_DEVICE(s), s->dnad, &status, 1);
868 lsi_set_phase(s, PHASE_MI);
869 s->msg_action = 1;
870 lsi_add_msg_byte(s, 0);
871}
872
873static void lsi_do_msgin(LSIState *s)
874{
875 uint8_t len;
876 trace_lsi_do_msgin(s->dbc, s->msg_len);
877 s->sfbr = s->msg[0];
878 len = s->msg_len;
879 assert(len > 0 && len <= LSI_MAX_MSGIN_LEN);
880 if (len > s->dbc)
881 len = s->dbc;
882 pci_dma_write(PCI_DEVICE(s), s->dnad, s->msg, len);
883
884 s->sidl = s->msg[len - 1];
885 s->msg_len -= len;
886 if (s->msg_len) {
887 memmove(s->msg, s->msg + len, s->msg_len);
888 } else {
889
890
891 switch (s->msg_action) {
892 case 0:
893 lsi_set_phase(s, PHASE_CMD);
894 break;
895 case 1:
896 lsi_disconnect(s);
897 break;
898 case 2:
899 lsi_set_phase(s, PHASE_DO);
900 break;
901 case 3:
902 lsi_set_phase(s, PHASE_DI);
903 break;
904 default:
905 abort();
906 }
907 }
908}
909
910
911static uint8_t lsi_get_msgbyte(LSIState *s)
912{
913 uint8_t data;
914 pci_dma_read(PCI_DEVICE(s), s->dnad, &data, 1);
915 s->dnad++;
916 s->dbc--;
917 return data;
918}
919
920
921static void lsi_skip_msgbytes(LSIState *s, unsigned int n)
922{
923 s->dnad += n;
924 s->dbc -= n;
925}
926
927static void lsi_do_msgout(LSIState *s)
928{
929 uint8_t msg;
930 int len;
931 uint32_t current_tag;
932 lsi_request *current_req, *p, *p_next;
933
934 if (s->current) {
935 current_tag = s->current->tag;
936 current_req = s->current;
937 } else {
938 current_tag = s->select_tag;
939 current_req = lsi_find_by_tag(s, current_tag);
940 }
941
942 trace_lsi_do_msgout(s->dbc);
943 while (s->dbc) {
944 msg = lsi_get_msgbyte(s);
945 s->sfbr = msg;
946
947 switch (msg) {
948 case 0x04:
949 trace_lsi_do_msgout_disconnect();
950 lsi_disconnect(s);
951 break;
952 case 0x08:
953 trace_lsi_do_msgout_noop();
954 lsi_set_phase(s, PHASE_CMD);
955 break;
956 case 0x01:
957 len = lsi_get_msgbyte(s);
958 msg = lsi_get_msgbyte(s);
959 (void)len;
960 trace_lsi_do_msgout_extended(msg, len);
961 switch (msg) {
962 case 1:
963 trace_lsi_do_msgout_ignored("SDTR");
964 lsi_skip_msgbytes(s, 2);
965 break;
966 case 3:
967 trace_lsi_do_msgout_ignored("WDTR");
968 lsi_skip_msgbytes(s, 1);
969 break;
970 case 4:
971 trace_lsi_do_msgout_ignored("PPR");
972 lsi_skip_msgbytes(s, 5);
973 break;
974 default:
975 goto bad;
976 }
977 break;
978 case 0x20:
979 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
980 trace_lsi_do_msgout_simplequeue(s->select_tag & 0xff);
981 break;
982 case 0x21:
983 qemu_log_mask(LOG_UNIMP, "lsi_scsi: HEAD queue not implemented\n");
984 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
985 break;
986 case 0x22:
987 qemu_log_mask(LOG_UNIMP,
988 "lsi_scsi: ORDERED queue not implemented\n");
989 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
990 break;
991 case 0x0d:
992
993 trace_lsi_do_msgout_abort(current_tag);
994 if (current_req) {
995 scsi_req_cancel(current_req->req);
996 }
997 lsi_disconnect(s);
998 break;
999 case 0x06:
1000 case 0x0e:
1001 case 0x0c:
1002
1003
1004 if (msg == 0x06) {
1005 trace_lsi_do_msgout_abort(current_tag);
1006 }
1007
1008
1009 if (msg == 0x0e) {
1010 trace_lsi_do_msgout_clearqueue(current_tag);
1011 }
1012
1013
1014 if (msg == 0x0c) {
1015 trace_lsi_do_msgout_busdevicereset(current_tag);
1016 }
1017
1018
1019 if (s->current) {
1020 scsi_req_cancel(s->current->req);
1021 }
1022
1023
1024
1025
1026
1027
1028
1029
1030 QTAILQ_FOREACH_SAFE(p, &s->queue, next, p_next) {
1031 if ((p->tag & 0x0000ff00) == (current_tag & 0x0000ff00)) {
1032 scsi_req_cancel(p->req);
1033 }
1034 }
1035
1036 lsi_disconnect(s);
1037 break;
1038 default:
1039 if ((msg & 0x80) == 0) {
1040 goto bad;
1041 }
1042 s->current_lun = msg & 7;
1043 trace_lsi_do_msgout_select(s->current_lun);
1044 lsi_set_phase(s, PHASE_CMD);
1045 break;
1046 }
1047 }
1048 return;
1049bad:
1050 qemu_log_mask(LOG_UNIMP, "Unimplemented message 0x%02x\n", msg);
1051 lsi_set_phase(s, PHASE_MI);
1052 lsi_add_msg_byte(s, 7);
1053 s->msg_action = 0;
1054}
1055
1056#define LSI_BUF_SIZE 4096
1057static void lsi_memcpy(LSIState *s, uint32_t dest, uint32_t src, int count)
1058{
1059 int n;
1060 uint8_t buf[LSI_BUF_SIZE];
1061
1062 trace_lsi_memcpy(dest, src, count);
1063 while (count) {
1064 n = (count > LSI_BUF_SIZE) ? LSI_BUF_SIZE : count;
1065 lsi_mem_read(s, src, buf, n);
1066 lsi_mem_write(s, dest, buf, n);
1067 src += n;
1068 dest += n;
1069 count -= n;
1070 }
1071}
1072
1073static void lsi_wait_reselect(LSIState *s)
1074{
1075 lsi_request *p;
1076
1077 trace_lsi_wait_reselect();
1078
1079 if (s->current) {
1080 return;
1081 }
1082 p = get_pending_req(s);
1083 if (p) {
1084 lsi_reselect(s, p);
1085 }
1086 if (s->current == NULL) {
1087 s->waiting = 1;
1088 }
1089}
1090
1091static void lsi_execute_script(LSIState *s)
1092{
1093 PCIDevice *pci_dev = PCI_DEVICE(s);
1094 uint32_t insn;
1095 uint32_t addr, addr_high;
1096 int opcode;
1097 int insn_processed = 0;
1098
1099 s->istat1 |= LSI_ISTAT1_SRUN;
1100again:
1101 insn_processed++;
1102 insn = read_dword(s, s->dsp);
1103 if (!insn) {
1104
1105
1106 s->dsp += 4;
1107 goto again;
1108 }
1109 addr = read_dword(s, s->dsp + 4);
1110 addr_high = 0;
1111 trace_lsi_execute_script(s->dsp, insn, addr);
1112 s->dsps = addr;
1113 s->dcmd = insn >> 24;
1114 s->dsp += 8;
1115 switch (insn >> 30) {
1116 case 0:
1117 if (s->sist1 & LSI_SIST1_STO) {
1118 trace_lsi_execute_script_blockmove_delayed();
1119 lsi_stop_script(s);
1120 break;
1121 }
1122 s->dbc = insn & 0xffffff;
1123 s->rbc = s->dbc;
1124
1125 s->ia = s->dsp - 8;
1126 if (insn & (1 << 29)) {
1127
1128 addr = read_dword(s, addr);
1129 } else if (insn & (1 << 28)) {
1130 uint32_t buf[2];
1131 int32_t offset;
1132
1133
1134
1135 offset = sextract32(addr, 0, 24);
1136 pci_dma_read(pci_dev, s->dsa + offset, buf, 8);
1137
1138 s->dbc = cpu_to_le32(buf[0]) & 0xffffff;
1139 s->rbc = s->dbc;
1140 addr = cpu_to_le32(buf[1]);
1141
1142
1143
1144 if (lsi_dma_40bit(s))
1145 addr_high = cpu_to_le32(buf[0]) >> 24;
1146 else if (lsi_dma_ti64bit(s)) {
1147 int selector = (cpu_to_le32(buf[0]) >> 24) & 0x1f;
1148 switch (selector) {
1149 case 0 ... 0x0f:
1150
1151
1152 addr_high = s->scratch[2 + selector];
1153 break;
1154 case 0x10:
1155 addr_high = s->mmrs;
1156 break;
1157 case 0x11:
1158 addr_high = s->mmws;
1159 break;
1160 case 0x12:
1161 addr_high = s->sfs;
1162 break;
1163 case 0x13:
1164 addr_high = s->drs;
1165 break;
1166 case 0x14:
1167 addr_high = s->sbms;
1168 break;
1169 case 0x15:
1170 addr_high = s->dbms;
1171 break;
1172 default:
1173 qemu_log_mask(LOG_GUEST_ERROR,
1174 "lsi_scsi: Illegal selector specified (0x%x > 0x15) "
1175 "for 64-bit DMA block move", selector);
1176 break;
1177 }
1178 }
1179 } else if (lsi_dma_64bit(s)) {
1180
1181
1182 s->dbms = read_dword(s, s->dsp);
1183 s->dsp += 4;
1184 s->ia = s->dsp - 12;
1185 }
1186 if ((s->sstat1 & PHASE_MASK) != ((insn >> 24) & 7)) {
1187 trace_lsi_execute_script_blockmove_badphase(s->sstat1 & PHASE_MASK,
1188 (insn >> 24) & 7);
1189 lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
1190 break;
1191 }
1192 s->dnad = addr;
1193 s->dnad64 = addr_high;
1194 switch (s->sstat1 & 0x7) {
1195 case PHASE_DO:
1196 s->waiting = 2;
1197 lsi_do_dma(s, 1);
1198 if (s->waiting)
1199 s->waiting = 3;
1200 break;
1201 case PHASE_DI:
1202 s->waiting = 2;
1203 lsi_do_dma(s, 0);
1204 if (s->waiting)
1205 s->waiting = 3;
1206 break;
1207 case PHASE_CMD:
1208 lsi_do_command(s);
1209 break;
1210 case PHASE_ST:
1211 lsi_do_status(s);
1212 break;
1213 case PHASE_MO:
1214 lsi_do_msgout(s);
1215 break;
1216 case PHASE_MI:
1217 lsi_do_msgin(s);
1218 break;
1219 default:
1220 qemu_log_mask(LOG_UNIMP, "lsi_scsi: Unimplemented phase %d\n",
1221 s->sstat1 & PHASE_MASK);
1222 }
1223 s->dfifo = s->dbc & 0xff;
1224 s->ctest5 = (s->ctest5 & 0xfc) | ((s->dbc >> 8) & 3);
1225 s->sbc = s->dbc;
1226 s->rbc -= s->dbc;
1227 s->ua = addr + s->dbc;
1228 break;
1229
1230 case 1:
1231 opcode = (insn >> 27) & 7;
1232 if (opcode < 5) {
1233 uint32_t id;
1234
1235 if (insn & (1 << 25)) {
1236 id = read_dword(s, s->dsa + sextract32(insn, 0, 24));
1237 } else {
1238 id = insn;
1239 }
1240 id = (id >> 16) & 0xf;
1241 if (insn & (1 << 26)) {
1242 addr = s->dsp + sextract32(addr, 0, 24);
1243 }
1244 s->dnad = addr;
1245 switch (opcode) {
1246 case 0:
1247 s->sdid = id;
1248 if (s->scntl1 & LSI_SCNTL1_CON) {
1249 trace_lsi_execute_script_io_alreadyreselected();
1250 s->dsp = s->dnad;
1251 break;
1252 }
1253 s->sstat0 |= LSI_SSTAT0_WOA;
1254 s->scntl1 &= ~LSI_SCNTL1_IARB;
1255 if (!scsi_device_find(&s->bus, 0, id, 0)) {
1256 lsi_bad_selection(s, id);
1257 break;
1258 }
1259 trace_lsi_execute_script_io_selected(id,
1260 insn & (1 << 3) ? " ATN" : "");
1261
1262
1263
1264 s->select_tag = id << 8;
1265 s->scntl1 |= LSI_SCNTL1_CON;
1266 if (insn & (1 << 3)) {
1267 s->socl |= LSI_SOCL_ATN;
1268 }
1269 lsi_set_phase(s, PHASE_MO);
1270 break;
1271 case 1:
1272 trace_lsi_execute_script_io_disconnect();
1273 s->scntl1 &= ~LSI_SCNTL1_CON;
1274
1275
1276
1277
1278
1279
1280 if (!s->current) {
1281 lsi_request *p = get_pending_req(s);
1282 if (p) {
1283 lsi_reselect(s, p);
1284 }
1285 }
1286 break;
1287 case 2:
1288 if (!lsi_irq_on_rsl(s)) {
1289 lsi_wait_reselect(s);
1290 }
1291 break;
1292 case 3:
1293 trace_lsi_execute_script_io_set(
1294 insn & (1 << 3) ? " ATN" : "",
1295 insn & (1 << 6) ? " ACK" : "",
1296 insn & (1 << 9) ? " TM" : "",
1297 insn & (1 << 10) ? " CC" : "");
1298 if (insn & (1 << 3)) {
1299 s->socl |= LSI_SOCL_ATN;
1300 lsi_set_phase(s, PHASE_MO);
1301 }
1302 if (insn & (1 << 9)) {
1303 qemu_log_mask(LOG_UNIMP,
1304 "lsi_scsi: Target mode not implemented\n");
1305 }
1306 if (insn & (1 << 10))
1307 s->carry = 1;
1308 break;
1309 case 4:
1310 trace_lsi_execute_script_io_clear(
1311 insn & (1 << 3) ? " ATN" : "",
1312 insn & (1 << 6) ? " ACK" : "",
1313 insn & (1 << 9) ? " TM" : "",
1314 insn & (1 << 10) ? " CC" : "");
1315 if (insn & (1 << 3)) {
1316 s->socl &= ~LSI_SOCL_ATN;
1317 }
1318 if (insn & (1 << 10))
1319 s->carry = 0;
1320 break;
1321 }
1322 } else {
1323 uint8_t op0;
1324 uint8_t op1;
1325 uint8_t data8;
1326 int reg;
1327 int operator;
1328
1329 static const char *opcode_names[3] =
1330 {"Write", "Read", "Read-Modify-Write"};
1331 static const char *operator_names[8] =
1332 {"MOV", "SHL", "OR", "XOR", "AND", "SHR", "ADD", "ADC"};
1333
1334 reg = ((insn >> 16) & 0x7f) | (insn & 0x80);
1335 data8 = (insn >> 8) & 0xff;
1336 opcode = (insn >> 27) & 7;
1337 operator = (insn >> 24) & 7;
1338 trace_lsi_execute_script_io_opcode(
1339 opcode_names[opcode - 5], reg,
1340 operator_names[operator], data8, s->sfbr,
1341 (insn & (1 << 23)) ? " SFBR" : "");
1342 op0 = op1 = 0;
1343 switch (opcode) {
1344 case 5:
1345 op0 = s->sfbr;
1346 op1 = data8;
1347 break;
1348 case 6:
1349 if (operator)
1350 op0 = lsi_reg_readb(s, reg);
1351 op1 = data8;
1352 break;
1353 case 7:
1354 if (operator)
1355 op0 = lsi_reg_readb(s, reg);
1356 if (insn & (1 << 23)) {
1357 op1 = s->sfbr;
1358 } else {
1359 op1 = data8;
1360 }
1361 break;
1362 }
1363
1364 switch (operator) {
1365 case 0:
1366 op0 = op1;
1367 break;
1368 case 1:
1369 op1 = op0 >> 7;
1370 op0 = (op0 << 1) | s->carry;
1371 s->carry = op1;
1372 break;
1373 case 2:
1374 op0 |= op1;
1375 break;
1376 case 3:
1377 op0 ^= op1;
1378 break;
1379 case 4:
1380 op0 &= op1;
1381 break;
1382 case 5:
1383 op1 = op0 & 1;
1384 op0 = (op0 >> 1) | (s->carry << 7);
1385 s->carry = op1;
1386 break;
1387 case 6:
1388 op0 += op1;
1389 s->carry = op0 < op1;
1390 break;
1391 case 7:
1392 op0 += op1 + s->carry;
1393 if (s->carry)
1394 s->carry = op0 <= op1;
1395 else
1396 s->carry = op0 < op1;
1397 break;
1398 }
1399
1400 switch (opcode) {
1401 case 5:
1402 case 7:
1403 lsi_reg_writeb(s, reg, op0);
1404 break;
1405 case 6:
1406 s->sfbr = op0;
1407 break;
1408 }
1409 }
1410 break;
1411
1412 case 2:
1413 {
1414 int cond;
1415 int jmp;
1416
1417 if ((insn & 0x002e0000) == 0) {
1418 trace_lsi_execute_script_tc_nop();
1419 break;
1420 }
1421 if (s->sist1 & LSI_SIST1_STO) {
1422 trace_lsi_execute_script_tc_delayedselect_timeout();
1423 lsi_stop_script(s);
1424 break;
1425 }
1426 cond = jmp = (insn & (1 << 19)) != 0;
1427 if (cond == jmp && (insn & (1 << 21))) {
1428 trace_lsi_execute_script_tc_compc(s->carry == jmp);
1429 cond = s->carry != 0;
1430 }
1431 if (cond == jmp && (insn & (1 << 17))) {
1432 trace_lsi_execute_script_tc_compp(
1433 (s->sstat1 & PHASE_MASK),
1434 jmp ? '=' : '!',
1435 ((insn >> 24) & 7));
1436 cond = (s->sstat1 & PHASE_MASK) == ((insn >> 24) & 7);
1437 }
1438 if (cond == jmp && (insn & (1 << 18))) {
1439 uint8_t mask;
1440
1441 mask = (~insn >> 8) & 0xff;
1442 trace_lsi_execute_script_tc_compd(
1443 s->sfbr, mask, jmp ? '=' : '!', insn & mask);
1444 cond = (s->sfbr & mask) == (insn & mask);
1445 }
1446 if (cond == jmp) {
1447 if (insn & (1 << 23)) {
1448
1449 addr = s->dsp + sextract32(addr, 0, 24);
1450 }
1451 switch ((insn >> 27) & 7) {
1452 case 0:
1453 trace_lsi_execute_script_tc_jump(addr);
1454 s->adder = addr;
1455 s->dsp = addr;
1456 break;
1457 case 1:
1458 trace_lsi_execute_script_tc_call(addr);
1459 s->temp = s->dsp;
1460 s->dsp = addr;
1461 break;
1462 case 2:
1463 trace_lsi_execute_script_tc_return(s->temp);
1464 s->dsp = s->temp;
1465 break;
1466 case 3:
1467 trace_lsi_execute_script_tc_interrupt(s->dsps);
1468 if ((insn & (1 << 20)) != 0) {
1469 s->istat0 |= LSI_ISTAT0_INTF;
1470 lsi_update_irq(s);
1471 } else {
1472 lsi_script_dma_interrupt(s, LSI_DSTAT_SIR);
1473 }
1474 break;
1475 default:
1476 trace_lsi_execute_script_tc_illegal();
1477 lsi_script_dma_interrupt(s, LSI_DSTAT_IID);
1478 break;
1479 }
1480 } else {
1481 trace_lsi_execute_script_tc_cc_failed();
1482 }
1483 }
1484 break;
1485
1486 case 3:
1487 if ((insn & (1 << 29)) == 0) {
1488
1489 uint32_t dest;
1490
1491
1492
1493 dest = read_dword(s, s->dsp);
1494 s->dsp += 4;
1495 lsi_memcpy(s, dest, addr, insn & 0xffffff);
1496 } else {
1497 uint8_t data[7];
1498 int reg;
1499 int n;
1500 int i;
1501
1502 if (insn & (1 << 28)) {
1503 addr = s->dsa + sextract32(addr, 0, 24);
1504 }
1505 n = (insn & 7);
1506 reg = (insn >> 16) & 0xff;
1507 if (insn & (1 << 24)) {
1508 pci_dma_read(pci_dev, addr, data, n);
1509 trace_lsi_execute_script_mm_load(reg, n, addr, *(int *)data);
1510 for (i = 0; i < n; i++) {
1511 lsi_reg_writeb(s, reg + i, data[i]);
1512 }
1513 } else {
1514 trace_lsi_execute_script_mm_store(reg, n, addr);
1515 for (i = 0; i < n; i++) {
1516 data[i] = lsi_reg_readb(s, reg + i);
1517 }
1518 pci_dma_write(pci_dev, addr, data, n);
1519 }
1520 }
1521 }
1522 if (insn_processed > 10000 && !s->waiting) {
1523
1524
1525
1526
1527
1528 if (!(s->sien0 & LSI_SIST0_UDC)) {
1529 qemu_log_mask(LOG_GUEST_ERROR,
1530 "lsi_scsi: inf. loop with UDC masked");
1531 }
1532 lsi_script_scsi_interrupt(s, LSI_SIST0_UDC, 0);
1533 lsi_disconnect(s);
1534 } else if (s->istat1 & LSI_ISTAT1_SRUN && !s->waiting) {
1535 if (s->dcntl & LSI_DCNTL_SSM) {
1536 lsi_script_dma_interrupt(s, LSI_DSTAT_SSI);
1537 } else {
1538 goto again;
1539 }
1540 }
1541 trace_lsi_execute_script_stop();
1542}
1543
1544static uint8_t lsi_reg_readb(LSIState *s, int offset)
1545{
1546 uint8_t ret;
1547
1548#define CASE_GET_REG24(name, addr) \
1549 case addr: ret = s->name & 0xff; break; \
1550 case addr + 1: ret = (s->name >> 8) & 0xff; break; \
1551 case addr + 2: ret = (s->name >> 16) & 0xff; break;
1552
1553#define CASE_GET_REG32(name, addr) \
1554 case addr: ret = s->name & 0xff; break; \
1555 case addr + 1: ret = (s->name >> 8) & 0xff; break; \
1556 case addr + 2: ret = (s->name >> 16) & 0xff; break; \
1557 case addr + 3: ret = (s->name >> 24) & 0xff; break;
1558
1559 switch (offset) {
1560 case 0x00:
1561 ret = s->scntl0;
1562 break;
1563 case 0x01:
1564 ret = s->scntl1;
1565 break;
1566 case 0x02:
1567 ret = s->scntl2;
1568 break;
1569 case 0x03:
1570 ret = s->scntl3;
1571 break;
1572 case 0x04:
1573 ret = s->scid;
1574 break;
1575 case 0x05:
1576 ret = s->sxfer;
1577 break;
1578 case 0x06:
1579 ret = s->sdid;
1580 break;
1581 case 0x07:
1582 ret = 0x7f;
1583 break;
1584 case 0x08:
1585 ret = 0x00;
1586 break;
1587 case 0x09:
1588 ret = s->socl;
1589 break;
1590 case 0xa:
1591 ret = s->ssid;
1592 break;
1593 case 0xb:
1594
1595
1596 ret = 0;
1597 break;
1598 case 0xc:
1599 ret = s->dstat | LSI_DSTAT_DFE;
1600 if ((s->istat0 & LSI_ISTAT0_INTF) == 0)
1601 s->dstat = 0;
1602 lsi_update_irq(s);
1603 break;
1604 case 0x0d:
1605 ret = s->sstat0;
1606 break;
1607 case 0x0e:
1608 ret = s->sstat1;
1609 break;
1610 case 0x0f:
1611 ret = s->scntl1 & LSI_SCNTL1_CON ? 0 : 2;
1612 break;
1613 CASE_GET_REG32(dsa, 0x10)
1614 case 0x14:
1615 ret = s->istat0;
1616 break;
1617 case 0x15:
1618 ret = s->istat1;
1619 break;
1620 case 0x16:
1621 ret = s->mbox0;
1622 break;
1623 case 0x17:
1624 ret = s->mbox1;
1625 break;
1626 case 0x18:
1627 ret = 0xff;
1628 break;
1629 case 0x19:
1630 ret = 0;
1631 break;
1632 case 0x1a:
1633 ret = s->ctest2 | LSI_CTEST2_DACK | LSI_CTEST2_CM;
1634 if (s->istat0 & LSI_ISTAT0_SIGP) {
1635 s->istat0 &= ~LSI_ISTAT0_SIGP;
1636 ret |= LSI_CTEST2_SIGP;
1637 }
1638 break;
1639 case 0x1b:
1640 ret = s->ctest3;
1641 break;
1642 CASE_GET_REG32(temp, 0x1c)
1643 case 0x20:
1644 ret = 0;
1645 break;
1646 case 0x21:
1647 ret = s->ctest4;
1648 break;
1649 case 0x22:
1650 ret = s->ctest5;
1651 break;
1652 case 0x23:
1653 ret = 0;
1654 break;
1655 CASE_GET_REG24(dbc, 0x24)
1656 case 0x27:
1657 ret = s->dcmd;
1658 break;
1659 CASE_GET_REG32(dnad, 0x28)
1660 CASE_GET_REG32(dsp, 0x2c)
1661 CASE_GET_REG32(dsps, 0x30)
1662 CASE_GET_REG32(scratch[0], 0x34)
1663 case 0x38:
1664 ret = s->dmode;
1665 break;
1666 case 0x39:
1667 ret = s->dien;
1668 break;
1669 case 0x3a:
1670 ret = s->sbr;
1671 break;
1672 case 0x3b:
1673 ret = s->dcntl;
1674 break;
1675
1676 CASE_GET_REG32(adder, 0x3c)
1677 case 0x40:
1678 ret = s->sien0;
1679 break;
1680 case 0x41:
1681 ret = s->sien1;
1682 break;
1683 case 0x42:
1684 ret = s->sist0;
1685 s->sist0 = 0;
1686 lsi_update_irq(s);
1687 break;
1688 case 0x43:
1689 ret = s->sist1;
1690 s->sist1 = 0;
1691 lsi_update_irq(s);
1692 break;
1693 case 0x46:
1694 ret = 0x0f;
1695 break;
1696 case 0x47:
1697 ret = 0x0f;
1698 break;
1699 case 0x48:
1700 ret = s->stime0;
1701 break;
1702 case 0x4a:
1703 ret = s->respid0;
1704 break;
1705 case 0x4b:
1706 ret = s->respid1;
1707 break;
1708 case 0x4d:
1709 ret = s->stest1;
1710 break;
1711 case 0x4e:
1712 ret = s->stest2;
1713 break;
1714 case 0x4f:
1715 ret = s->stest3;
1716 break;
1717 case 0x50:
1718
1719
1720 ret = s->sidl;
1721 break;
1722 case 0x52:
1723 ret = 0xe0;
1724 break;
1725 case 0x56:
1726 ret = s->ccntl0;
1727 break;
1728 case 0x57:
1729 ret = s->ccntl1;
1730 break;
1731 case 0x58:
1732
1733 if ((s->sstat1 & PHASE_MASK) == PHASE_MI) {
1734 assert(s->msg_len > 0);
1735 return s->msg[0];
1736 }
1737 ret = 0;
1738 break;
1739 case 0x59:
1740 ret = 0;
1741 break;
1742 CASE_GET_REG32(mmrs, 0xa0)
1743 CASE_GET_REG32(mmws, 0xa4)
1744 CASE_GET_REG32(sfs, 0xa8)
1745 CASE_GET_REG32(drs, 0xac)
1746 CASE_GET_REG32(sbms, 0xb0)
1747 CASE_GET_REG32(dbms, 0xb4)
1748 CASE_GET_REG32(dnad64, 0xb8)
1749 CASE_GET_REG32(pmjad1, 0xc0)
1750 CASE_GET_REG32(pmjad2, 0xc4)
1751 CASE_GET_REG32(rbc, 0xc8)
1752 CASE_GET_REG32(ua, 0xcc)
1753 CASE_GET_REG32(ia, 0xd4)
1754 CASE_GET_REG32(sbc, 0xd8)
1755 CASE_GET_REG32(csbc, 0xdc)
1756 case 0x5c ... 0x9f:
1757 {
1758 int n;
1759 int shift;
1760 n = (offset - 0x58) >> 2;
1761 shift = (offset & 3) * 8;
1762 ret = (s->scratch[n] >> shift) & 0xff;
1763 break;
1764 }
1765 default:
1766 {
1767 qemu_log_mask(LOG_GUEST_ERROR,
1768 "lsi_scsi: invalid read from reg %s %x\n",
1769 offset < ARRAY_SIZE(names) ? names[offset] : "???",
1770 offset);
1771 ret = 0xff;
1772 break;
1773 }
1774 }
1775#undef CASE_GET_REG24
1776#undef CASE_GET_REG32
1777
1778 trace_lsi_reg_read(offset < ARRAY_SIZE(names) ? names[offset] : "???",
1779 offset, ret);
1780
1781 return ret;
1782}
1783
1784static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val)
1785{
1786#define CASE_SET_REG24(name, addr) \
1787 case addr : s->name &= 0xffffff00; s->name |= val; break; \
1788 case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \
1789 case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break;
1790
1791#define CASE_SET_REG32(name, addr) \
1792 case addr : s->name &= 0xffffff00; s->name |= val; break; \
1793 case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \
1794 case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break; \
1795 case addr + 3: s->name &= 0x00ffffff; s->name |= val << 24; break;
1796
1797 trace_lsi_reg_write(offset < ARRAY_SIZE(names) ? names[offset] : "???",
1798 offset, val);
1799
1800 switch (offset) {
1801 case 0x00:
1802 s->scntl0 = val;
1803 if (val & LSI_SCNTL0_START) {
1804 qemu_log_mask(LOG_UNIMP,
1805 "lsi_scsi: Start sequence not implemented\n");
1806 }
1807 break;
1808 case 0x01:
1809 s->scntl1 = val & ~LSI_SCNTL1_SST;
1810 if (val & LSI_SCNTL1_IARB) {
1811 qemu_log_mask(LOG_UNIMP,
1812 "lsi_scsi: Immediate Arbritration not implemented\n");
1813 }
1814 if (val & LSI_SCNTL1_RST) {
1815 if (!(s->sstat0 & LSI_SSTAT0_RST)) {
1816 qbus_reset_all(&s->bus.qbus);
1817 s->sstat0 |= LSI_SSTAT0_RST;
1818 lsi_script_scsi_interrupt(s, LSI_SIST0_RST, 0);
1819 }
1820 } else {
1821 s->sstat0 &= ~LSI_SSTAT0_RST;
1822 }
1823 break;
1824 case 0x02:
1825 val &= ~(LSI_SCNTL2_WSR | LSI_SCNTL2_WSS);
1826 s->scntl2 = val;
1827 break;
1828 case 0x03:
1829 s->scntl3 = val;
1830 break;
1831 case 0x04:
1832 s->scid = val;
1833 break;
1834 case 0x05:
1835 s->sxfer = val;
1836 break;
1837 case 0x06:
1838 if ((s->ssid & 0x80) && (val & 0xf) != (s->ssid & 0xf)) {
1839 qemu_log_mask(LOG_GUEST_ERROR,
1840 "lsi_scsi: Destination ID does not match SSID\n");
1841 }
1842 s->sdid = val & 0xf;
1843 break;
1844 case 0x07:
1845 break;
1846 case 0x08:
1847
1848
1849 s->sfbr = val;
1850 break;
1851 case 0x0a: case 0x0b:
1852
1853 return;
1854 case 0x0c: case 0x0d: case 0x0e: case 0x0f:
1855
1856 return;
1857 CASE_SET_REG32(dsa, 0x10)
1858 case 0x14:
1859 s->istat0 = (s->istat0 & 0x0f) | (val & 0xf0);
1860 if (val & LSI_ISTAT0_ABRT) {
1861 lsi_script_dma_interrupt(s, LSI_DSTAT_ABRT);
1862 }
1863 if (val & LSI_ISTAT0_INTF) {
1864 s->istat0 &= ~LSI_ISTAT0_INTF;
1865 lsi_update_irq(s);
1866 }
1867 if (s->waiting == 1 && val & LSI_ISTAT0_SIGP) {
1868 trace_lsi_awoken();
1869 s->waiting = 0;
1870 s->dsp = s->dnad;
1871 lsi_execute_script(s);
1872 }
1873 if (val & LSI_ISTAT0_SRST) {
1874 qdev_reset_all(DEVICE(s));
1875 }
1876 break;
1877 case 0x16:
1878 s->mbox0 = val;
1879 break;
1880 case 0x17:
1881 s->mbox1 = val;
1882 break;
1883 case 0x18:
1884
1885 break;
1886 case 0x1a:
1887 s->ctest2 = val & LSI_CTEST2_PCICIE;
1888 break;
1889 case 0x1b:
1890 s->ctest3 = val & 0x0f;
1891 break;
1892 CASE_SET_REG32(temp, 0x1c)
1893 case 0x21:
1894 if (val & 7) {
1895 qemu_log_mask(LOG_UNIMP,
1896 "lsi_scsi: Unimplemented CTEST4-FBL 0x%x\n", val);
1897 }
1898 s->ctest4 = val;
1899 break;
1900 case 0x22:
1901 if (val & (LSI_CTEST5_ADCK | LSI_CTEST5_BBCK)) {
1902 qemu_log_mask(LOG_UNIMP,
1903 "lsi_scsi: CTEST5 DMA increment not implemented\n");
1904 }
1905 s->ctest5 = val;
1906 break;
1907 CASE_SET_REG24(dbc, 0x24)
1908 CASE_SET_REG32(dnad, 0x28)
1909 case 0x2c:
1910 s->dsp &= 0xffffff00;
1911 s->dsp |= val;
1912 break;
1913 case 0x2d:
1914 s->dsp &= 0xffff00ff;
1915 s->dsp |= val << 8;
1916 break;
1917 case 0x2e:
1918 s->dsp &= 0xff00ffff;
1919 s->dsp |= val << 16;
1920 break;
1921 case 0x2f:
1922 s->dsp &= 0x00ffffff;
1923 s->dsp |= val << 24;
1924 if ((s->dmode & LSI_DMODE_MAN) == 0
1925 && (s->istat1 & LSI_ISTAT1_SRUN) == 0)
1926 lsi_execute_script(s);
1927 break;
1928 CASE_SET_REG32(dsps, 0x30)
1929 CASE_SET_REG32(scratch[0], 0x34)
1930 case 0x38:
1931 s->dmode = val;
1932 break;
1933 case 0x39:
1934 s->dien = val;
1935 lsi_update_irq(s);
1936 break;
1937 case 0x3a:
1938 s->sbr = val;
1939 break;
1940 case 0x3b:
1941 s->dcntl = val & ~(LSI_DCNTL_PFF | LSI_DCNTL_STD);
1942 if ((val & LSI_DCNTL_STD) && (s->istat1 & LSI_ISTAT1_SRUN) == 0)
1943 lsi_execute_script(s);
1944 break;
1945 case 0x40:
1946 s->sien0 = val;
1947 lsi_update_irq(s);
1948 break;
1949 case 0x41:
1950 s->sien1 = val;
1951 lsi_update_irq(s);
1952 break;
1953 case 0x47:
1954 break;
1955 case 0x48:
1956 s->stime0 = val;
1957 break;
1958 case 0x49:
1959 if (val & 0xf) {
1960 qemu_log_mask(LOG_UNIMP,
1961 "lsi_scsi: General purpose timer not implemented\n");
1962
1963
1964 lsi_script_scsi_interrupt(s, 0, LSI_SIST1_GEN);
1965 }
1966 break;
1967 case 0x4a:
1968 s->respid0 = val;
1969 break;
1970 case 0x4b:
1971 s->respid1 = val;
1972 break;
1973 case 0x4d:
1974 s->stest1 = val;
1975 break;
1976 case 0x4e:
1977 if (val & 1) {
1978 qemu_log_mask(LOG_UNIMP,
1979 "lsi_scsi: Low level mode not implemented\n");
1980 }
1981 s->stest2 = val;
1982 break;
1983 case 0x4f:
1984 if (val & 0x41) {
1985 qemu_log_mask(LOG_UNIMP,
1986 "lsi_scsi: SCSI FIFO test mode not implemented\n");
1987 }
1988 s->stest3 = val;
1989 break;
1990 case 0x56:
1991 s->ccntl0 = val;
1992 break;
1993 case 0x57:
1994 s->ccntl1 = val;
1995 break;
1996 CASE_SET_REG32(mmrs, 0xa0)
1997 CASE_SET_REG32(mmws, 0xa4)
1998 CASE_SET_REG32(sfs, 0xa8)
1999 CASE_SET_REG32(drs, 0xac)
2000 CASE_SET_REG32(sbms, 0xb0)
2001 CASE_SET_REG32(dbms, 0xb4)
2002 CASE_SET_REG32(dnad64, 0xb8)
2003 CASE_SET_REG32(pmjad1, 0xc0)
2004 CASE_SET_REG32(pmjad2, 0xc4)
2005 CASE_SET_REG32(rbc, 0xc8)
2006 CASE_SET_REG32(ua, 0xcc)
2007 CASE_SET_REG32(ia, 0xd4)
2008 CASE_SET_REG32(sbc, 0xd8)
2009 CASE_SET_REG32(csbc, 0xdc)
2010 default:
2011 if (offset >= 0x5c && offset < 0xa0) {
2012 int n;
2013 int shift;
2014 n = (offset - 0x58) >> 2;
2015 shift = (offset & 3) * 8;
2016 s->scratch[n] = deposit32(s->scratch[n], shift, 8, val);
2017 } else {
2018 qemu_log_mask(LOG_GUEST_ERROR,
2019 "lsi_scsi: invalid write to reg %s %x (0x%02x)\n",
2020 offset < ARRAY_SIZE(names) ? names[offset] : "???",
2021 offset, val);
2022 }
2023 }
2024#undef CASE_SET_REG24
2025#undef CASE_SET_REG32
2026}
2027
2028static void lsi_mmio_write(void *opaque, hwaddr addr,
2029 uint64_t val, unsigned size)
2030{
2031 LSIState *s = opaque;
2032
2033 lsi_reg_writeb(s, addr & 0xff, val);
2034}
2035
2036static uint64_t lsi_mmio_read(void *opaque, hwaddr addr,
2037 unsigned size)
2038{
2039 LSIState *s = opaque;
2040
2041 return lsi_reg_readb(s, addr & 0xff);
2042}
2043
2044static const MemoryRegionOps lsi_mmio_ops = {
2045 .read = lsi_mmio_read,
2046 .write = lsi_mmio_write,
2047 .endianness = DEVICE_NATIVE_ENDIAN,
2048 .impl = {
2049 .min_access_size = 1,
2050 .max_access_size = 1,
2051 },
2052};
2053
2054static void lsi_ram_write(void *opaque, hwaddr addr,
2055 uint64_t val, unsigned size)
2056{
2057 LSIState *s = opaque;
2058 uint32_t newval;
2059 uint32_t mask;
2060 int shift;
2061
2062 newval = s->script_ram[addr >> 2];
2063 shift = (addr & 3) * 8;
2064 mask = ((uint64_t)1 << (size * 8)) - 1;
2065 newval &= ~(mask << shift);
2066 newval |= val << shift;
2067 s->script_ram[addr >> 2] = newval;
2068}
2069
2070static uint64_t lsi_ram_read(void *opaque, hwaddr addr,
2071 unsigned size)
2072{
2073 LSIState *s = opaque;
2074 uint32_t val;
2075 uint32_t mask;
2076
2077 val = s->script_ram[addr >> 2];
2078 mask = ((uint64_t)1 << (size * 8)) - 1;
2079 val >>= (addr & 3) * 8;
2080 return val & mask;
2081}
2082
2083static const MemoryRegionOps lsi_ram_ops = {
2084 .read = lsi_ram_read,
2085 .write = lsi_ram_write,
2086 .endianness = DEVICE_NATIVE_ENDIAN,
2087};
2088
2089static uint64_t lsi_io_read(void *opaque, hwaddr addr,
2090 unsigned size)
2091{
2092 LSIState *s = opaque;
2093 return lsi_reg_readb(s, addr & 0xff);
2094}
2095
2096static void lsi_io_write(void *opaque, hwaddr addr,
2097 uint64_t val, unsigned size)
2098{
2099 LSIState *s = opaque;
2100 lsi_reg_writeb(s, addr & 0xff, val);
2101}
2102
2103static const MemoryRegionOps lsi_io_ops = {
2104 .read = lsi_io_read,
2105 .write = lsi_io_write,
2106 .endianness = DEVICE_NATIVE_ENDIAN,
2107 .impl = {
2108 .min_access_size = 1,
2109 .max_access_size = 1,
2110 },
2111};
2112
2113static void lsi_scsi_reset(DeviceState *dev)
2114{
2115 LSIState *s = LSI53C895A(dev);
2116
2117 lsi_soft_reset(s);
2118}
2119
2120static int lsi_pre_save(void *opaque)
2121{
2122 LSIState *s = opaque;
2123
2124 if (s->current) {
2125 assert(s->current->dma_buf == NULL);
2126 assert(s->current->dma_len == 0);
2127 }
2128 assert(QTAILQ_EMPTY(&s->queue));
2129
2130 return 0;
2131}
2132
2133static int lsi_post_load(void *opaque, int version_id)
2134{
2135 LSIState *s = opaque;
2136
2137 if (s->msg_len < 0 || s->msg_len > LSI_MAX_MSGIN_LEN) {
2138 return -EINVAL;
2139 }
2140
2141 return 0;
2142}
2143
2144static const VMStateDescription vmstate_lsi_scsi = {
2145 .name = "lsiscsi",
2146 .version_id = 0,
2147 .minimum_version_id = 0,
2148 .pre_save = lsi_pre_save,
2149 .post_load = lsi_post_load,
2150 .fields = (VMStateField[]) {
2151 VMSTATE_PCI_DEVICE(parent_obj, LSIState),
2152
2153 VMSTATE_INT32(carry, LSIState),
2154 VMSTATE_INT32(status, LSIState),
2155 VMSTATE_INT32(msg_action, LSIState),
2156 VMSTATE_INT32(msg_len, LSIState),
2157 VMSTATE_BUFFER(msg, LSIState),
2158 VMSTATE_INT32(waiting, LSIState),
2159
2160 VMSTATE_UINT32(dsa, LSIState),
2161 VMSTATE_UINT32(temp, LSIState),
2162 VMSTATE_UINT32(dnad, LSIState),
2163 VMSTATE_UINT32(dbc, LSIState),
2164 VMSTATE_UINT8(istat0, LSIState),
2165 VMSTATE_UINT8(istat1, LSIState),
2166 VMSTATE_UINT8(dcmd, LSIState),
2167 VMSTATE_UINT8(dstat, LSIState),
2168 VMSTATE_UINT8(dien, LSIState),
2169 VMSTATE_UINT8(sist0, LSIState),
2170 VMSTATE_UINT8(sist1, LSIState),
2171 VMSTATE_UINT8(sien0, LSIState),
2172 VMSTATE_UINT8(sien1, LSIState),
2173 VMSTATE_UINT8(mbox0, LSIState),
2174 VMSTATE_UINT8(mbox1, LSIState),
2175 VMSTATE_UINT8(dfifo, LSIState),
2176 VMSTATE_UINT8(ctest2, LSIState),
2177 VMSTATE_UINT8(ctest3, LSIState),
2178 VMSTATE_UINT8(ctest4, LSIState),
2179 VMSTATE_UINT8(ctest5, LSIState),
2180 VMSTATE_UINT8(ccntl0, LSIState),
2181 VMSTATE_UINT8(ccntl1, LSIState),
2182 VMSTATE_UINT32(dsp, LSIState),
2183 VMSTATE_UINT32(dsps, LSIState),
2184 VMSTATE_UINT8(dmode, LSIState),
2185 VMSTATE_UINT8(dcntl, LSIState),
2186 VMSTATE_UINT8(scntl0, LSIState),
2187 VMSTATE_UINT8(scntl1, LSIState),
2188 VMSTATE_UINT8(scntl2, LSIState),
2189 VMSTATE_UINT8(scntl3, LSIState),
2190 VMSTATE_UINT8(sstat0, LSIState),
2191 VMSTATE_UINT8(sstat1, LSIState),
2192 VMSTATE_UINT8(scid, LSIState),
2193 VMSTATE_UINT8(sxfer, LSIState),
2194 VMSTATE_UINT8(socl, LSIState),
2195 VMSTATE_UINT8(sdid, LSIState),
2196 VMSTATE_UINT8(ssid, LSIState),
2197 VMSTATE_UINT8(sfbr, LSIState),
2198 VMSTATE_UINT8(stest1, LSIState),
2199 VMSTATE_UINT8(stest2, LSIState),
2200 VMSTATE_UINT8(stest3, LSIState),
2201 VMSTATE_UINT8(sidl, LSIState),
2202 VMSTATE_UINT8(stime0, LSIState),
2203 VMSTATE_UINT8(respid0, LSIState),
2204 VMSTATE_UINT8(respid1, LSIState),
2205 VMSTATE_UINT32(mmrs, LSIState),
2206 VMSTATE_UINT32(mmws, LSIState),
2207 VMSTATE_UINT32(sfs, LSIState),
2208 VMSTATE_UINT32(drs, LSIState),
2209 VMSTATE_UINT32(sbms, LSIState),
2210 VMSTATE_UINT32(dbms, LSIState),
2211 VMSTATE_UINT32(dnad64, LSIState),
2212 VMSTATE_UINT32(pmjad1, LSIState),
2213 VMSTATE_UINT32(pmjad2, LSIState),
2214 VMSTATE_UINT32(rbc, LSIState),
2215 VMSTATE_UINT32(ua, LSIState),
2216 VMSTATE_UINT32(ia, LSIState),
2217 VMSTATE_UINT32(sbc, LSIState),
2218 VMSTATE_UINT32(csbc, LSIState),
2219 VMSTATE_BUFFER_UNSAFE(scratch, LSIState, 0, 18 * sizeof(uint32_t)),
2220 VMSTATE_UINT8(sbr, LSIState),
2221
2222 VMSTATE_BUFFER_UNSAFE(script_ram, LSIState, 0, 2048 * sizeof(uint32_t)),
2223 VMSTATE_END_OF_LIST()
2224 }
2225};
2226
2227static const struct SCSIBusInfo lsi_scsi_info = {
2228 .tcq = true,
2229 .max_target = LSI_MAX_DEVS,
2230 .max_lun = 0,
2231
2232 .transfer_data = lsi_transfer_data,
2233 .complete = lsi_command_complete,
2234 .cancel = lsi_request_cancelled
2235};
2236
2237static void lsi_scsi_realize(PCIDevice *dev, Error **errp)
2238{
2239 LSIState *s = LSI53C895A(dev);
2240 DeviceState *d = DEVICE(dev);
2241 uint8_t *pci_conf;
2242
2243 pci_conf = dev->config;
2244
2245
2246 pci_conf[PCI_LATENCY_TIMER] = 0xff;
2247
2248 pci_conf[PCI_INTERRUPT_PIN] = 0x01;
2249
2250 memory_region_init_io(&s->mmio_io, OBJECT(s), &lsi_mmio_ops, s,
2251 "lsi-mmio", 0x400);
2252 memory_region_init_io(&s->ram_io, OBJECT(s), &lsi_ram_ops, s,
2253 "lsi-ram", 0x2000);
2254 memory_region_init_io(&s->io_io, OBJECT(s), &lsi_io_ops, s,
2255 "lsi-io", 256);
2256
2257 address_space_init(&s->pci_io_as, pci_address_space_io(dev), "lsi-pci-io");
2258 qdev_init_gpio_out(d, &s->ext_irq, 1);
2259
2260 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_io);
2261 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->mmio_io);
2262 pci_register_bar(dev, 2, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->ram_io);
2263 QTAILQ_INIT(&s->queue);
2264
2265 scsi_bus_new(&s->bus, sizeof(s->bus), d, &lsi_scsi_info, NULL);
2266}
2267
2268static void lsi_scsi_unrealize(DeviceState *dev, Error **errp)
2269{
2270 LSIState *s = LSI53C895A(dev);
2271
2272 address_space_destroy(&s->pci_io_as);
2273}
2274
2275static void lsi_class_init(ObjectClass *klass, void *data)
2276{
2277 DeviceClass *dc = DEVICE_CLASS(klass);
2278 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2279
2280 k->realize = lsi_scsi_realize;
2281 k->vendor_id = PCI_VENDOR_ID_LSI_LOGIC;
2282 k->device_id = PCI_DEVICE_ID_LSI_53C895A;
2283 k->class_id = PCI_CLASS_STORAGE_SCSI;
2284 k->subsystem_id = 0x1000;
2285 dc->unrealize = lsi_scsi_unrealize;
2286 dc->reset = lsi_scsi_reset;
2287 dc->vmsd = &vmstate_lsi_scsi;
2288 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
2289}
2290
2291static const TypeInfo lsi_info = {
2292 .name = TYPE_LSI53C895A,
2293 .parent = TYPE_PCI_DEVICE,
2294 .instance_size = sizeof(LSIState),
2295 .class_init = lsi_class_init,
2296 .interfaces = (InterfaceInfo[]) {
2297 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
2298 { },
2299 },
2300};
2301
2302static void lsi53c810_class_init(ObjectClass *klass, void *data)
2303{
2304 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2305
2306 k->device_id = PCI_DEVICE_ID_LSI_53C810;
2307}
2308
2309static TypeInfo lsi53c810_info = {
2310 .name = TYPE_LSI53C810,
2311 .parent = TYPE_LSI53C895A,
2312 .class_init = lsi53c810_class_init,
2313};
2314
2315static void lsi53c895a_register_types(void)
2316{
2317 type_register_static(&lsi_info);
2318 type_register_static(&lsi53c810_info);
2319}
2320
2321type_init(lsi53c895a_register_types)
2322
2323void lsi53c8xx_handle_legacy_cmdline(DeviceState *lsi_dev)
2324{
2325 LSIState *s = LSI53C895A(lsi_dev);
2326
2327 scsi_bus_legacy_handle_cmdline(&s->bus);
2328}
2329
