1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include "qemu/osdep.h"
17
18#include "hw/hw.h"
19#include "hw/pci/pci.h"
20#include "hw/scsi/scsi.h"
21#include "sysemu/dma.h"
22#include "qemu/log.h"
23#include "qemu/module.h"
24#include "trace.h"
25
26static const char *names[] = {
27 "SCNTL0", "SCNTL1", "SCNTL2", "SCNTL3", "SCID", "SXFER", "SDID", "GPREG",
28 "SFBR", "SOCL", "SSID", "SBCL", "DSTAT", "SSTAT0", "SSTAT1", "SSTAT2",
29 "DSA0", "DSA1", "DSA2", "DSA3", "ISTAT", "0x15", "0x16", "0x17",
30 "CTEST0", "CTEST1", "CTEST2", "CTEST3", "TEMP0", "TEMP1", "TEMP2", "TEMP3",
31 "DFIFO", "CTEST4", "CTEST5", "CTEST6", "DBC0", "DBC1", "DBC2", "DCMD",
32 "DNAD0", "DNAD1", "DNAD2", "DNAD3", "DSP0", "DSP1", "DSP2", "DSP3",
33 "DSPS0", "DSPS1", "DSPS2", "DSPS3", "SCRATCHA0", "SCRATCHA1", "SCRATCHA2", "SCRATCHA3",
34 "DMODE", "DIEN", "SBR", "DCNTL", "ADDER0", "ADDER1", "ADDER2", "ADDER3",
35 "SIEN0", "SIEN1", "SIST0", "SIST1", "SLPAR", "0x45", "MACNTL", "GPCNTL",
36 "STIME0", "STIME1", "RESPID", "0x4b", "STEST0", "STEST1", "STEST2", "STEST3",
37 "SIDL", "0x51", "0x52", "0x53", "SODL", "0x55", "0x56", "0x57",
38 "SBDL", "0x59", "0x5a", "0x5b", "SCRATCHB0", "SCRATCHB1", "SCRATCHB2", "SCRATCHB3",
39};
40
41#define LSI_MAX_DEVS 7
42
43#define LSI_SCNTL0_TRG 0x01
44#define LSI_SCNTL0_AAP 0x02
45#define LSI_SCNTL0_EPC 0x08
46#define LSI_SCNTL0_WATN 0x10
47#define LSI_SCNTL0_START 0x20
48
49#define LSI_SCNTL1_SST 0x01
50#define LSI_SCNTL1_IARB 0x02
51#define LSI_SCNTL1_AESP 0x04
52#define LSI_SCNTL1_RST 0x08
53#define LSI_SCNTL1_CON 0x10
54#define LSI_SCNTL1_DHP 0x20
55#define LSI_SCNTL1_ADB 0x40
56#define LSI_SCNTL1_EXC 0x80
57
58#define LSI_SCNTL2_WSR 0x01
59#define LSI_SCNTL2_VUE0 0x02
60#define LSI_SCNTL2_VUE1 0x04
61#define LSI_SCNTL2_WSS 0x08
62#define LSI_SCNTL2_SLPHBEN 0x10
63#define LSI_SCNTL2_SLPMD 0x20
64#define LSI_SCNTL2_CHM 0x40
65#define LSI_SCNTL2_SDU 0x80
66
67#define LSI_ISTAT0_DIP 0x01
68#define LSI_ISTAT0_SIP 0x02
69#define LSI_ISTAT0_INTF 0x04
70#define LSI_ISTAT0_CON 0x08
71#define LSI_ISTAT0_SEM 0x10
72#define LSI_ISTAT0_SIGP 0x20
73#define LSI_ISTAT0_SRST 0x40
74#define LSI_ISTAT0_ABRT 0x80
75
76#define LSI_ISTAT1_SI 0x01
77#define LSI_ISTAT1_SRUN 0x02
78#define LSI_ISTAT1_FLSH 0x04
79
80#define LSI_SSTAT0_SDP0 0x01
81#define LSI_SSTAT0_RST 0x02
82#define LSI_SSTAT0_WOA 0x04
83#define LSI_SSTAT0_LOA 0x08
84#define LSI_SSTAT0_AIP 0x10
85#define LSI_SSTAT0_OLF 0x20
86#define LSI_SSTAT0_ORF 0x40
87#define LSI_SSTAT0_ILF 0x80
88
89#define LSI_SIST0_PAR 0x01
90#define LSI_SIST0_RST 0x02
91#define LSI_SIST0_UDC 0x04
92#define LSI_SIST0_SGE 0x08
93#define LSI_SIST0_RSL 0x10
94#define LSI_SIST0_SEL 0x20
95#define LSI_SIST0_CMP 0x40
96#define LSI_SIST0_MA 0x80
97
98#define LSI_SIST1_HTH 0x01
99#define LSI_SIST1_GEN 0x02
100#define LSI_SIST1_STO 0x04
101#define LSI_SIST1_SBMC 0x10
102
103#define LSI_SOCL_IO 0x01
104#define LSI_SOCL_CD 0x02
105#define LSI_SOCL_MSG 0x04
106#define LSI_SOCL_ATN 0x08
107#define LSI_SOCL_SEL 0x10
108#define LSI_SOCL_BSY 0x20
109#define LSI_SOCL_ACK 0x40
110#define LSI_SOCL_REQ 0x80
111
112#define LSI_DSTAT_IID 0x01
113#define LSI_DSTAT_SIR 0x04
114#define LSI_DSTAT_SSI 0x08
115#define LSI_DSTAT_ABRT 0x10
116#define LSI_DSTAT_BF 0x20
117#define LSI_DSTAT_MDPE 0x40
118#define LSI_DSTAT_DFE 0x80
119
120#define LSI_DCNTL_COM 0x01
121#define LSI_DCNTL_IRQD 0x02
122#define LSI_DCNTL_STD 0x04
123#define LSI_DCNTL_IRQM 0x08
124#define LSI_DCNTL_SSM 0x10
125#define LSI_DCNTL_PFEN 0x20
126#define LSI_DCNTL_PFF 0x40
127#define LSI_DCNTL_CLSE 0x80
128
129#define LSI_DMODE_MAN 0x01
130#define LSI_DMODE_BOF 0x02
131#define LSI_DMODE_ERMP 0x04
132#define LSI_DMODE_ERL 0x08
133#define LSI_DMODE_DIOM 0x10
134#define LSI_DMODE_SIOM 0x20
135
136#define LSI_CTEST2_DACK 0x01
137#define LSI_CTEST2_DREQ 0x02
138#define LSI_CTEST2_TEOP 0x04
139#define LSI_CTEST2_PCICIE 0x08
140#define LSI_CTEST2_CM 0x10
141#define LSI_CTEST2_CIO 0x20
142#define LSI_CTEST2_SIGP 0x40
143#define LSI_CTEST2_DDIR 0x80
144
145#define LSI_CTEST5_BL2 0x04
146#define LSI_CTEST5_DDIR 0x08
147#define LSI_CTEST5_MASR 0x10
148#define LSI_CTEST5_DFSN 0x20
149#define LSI_CTEST5_BBCK 0x40
150#define LSI_CTEST5_ADCK 0x80
151
152#define LSI_CCNTL0_DILS 0x01
153#define LSI_CCNTL0_DISFC 0x10
154#define LSI_CCNTL0_ENNDJ 0x20
155#define LSI_CCNTL0_PMJCTL 0x40
156#define LSI_CCNTL0_ENPMJ 0x80
157
158#define LSI_CCNTL1_EN64DBMV 0x01
159#define LSI_CCNTL1_EN64TIBMV 0x02
160#define LSI_CCNTL1_64TIMOD 0x04
161#define LSI_CCNTL1_DDAC 0x08
162#define LSI_CCNTL1_ZMOD 0x80
163
164#define LSI_SBCL_ATN 0x08
165#define LSI_SBCL_BSY 0x20
166#define LSI_SBCL_ACK 0x40
167#define LSI_SBCL_REQ 0x80
168
169
170#define LSI_SCID_RRE 0x60
171
172#define LSI_CCNTL1_40BIT (LSI_CCNTL1_EN64TIBMV|LSI_CCNTL1_64TIMOD)
173
174#define PHASE_DO 0
175#define PHASE_DI 1
176#define PHASE_CMD 2
177#define PHASE_ST 3
178#define PHASE_MO 6
179#define PHASE_MI 7
180#define PHASE_MASK 7
181
182
183#define LSI_MAX_MSGIN_LEN 8
184
185
186#define LSI_TAG_VALID (1 << 16)
187
188
189#define LSI_MAX_INSN 10000
190
191typedef struct lsi_request {
192 SCSIRequest *req;
193 uint32_t tag;
194 uint32_t dma_len;
195 uint8_t *dma_buf;
196 uint32_t pending;
197 int out;
198 QTAILQ_ENTRY(lsi_request) next;
199} lsi_request;
200
201enum {
202 LSI_NOWAIT,
203 LSI_WAIT_RESELECT,
204 LSI_DMA_SCRIPTS,
205 LSI_DMA_IN_PROGRESS,
206};
207
208enum {
209 LSI_MSG_ACTION_COMMAND = 0,
210 LSI_MSG_ACTION_DISCONNECT = 1,
211 LSI_MSG_ACTION_DOUT = 2,
212 LSI_MSG_ACTION_DIN = 3,
213};
214
215typedef struct {
216
217 PCIDevice parent_obj;
218
219
220 qemu_irq ext_irq;
221 MemoryRegion mmio_io;
222 MemoryRegion ram_io;
223 MemoryRegion io_io;
224 AddressSpace pci_io_as;
225
226 int carry;
227 int status;
228 int msg_action;
229 int msg_len;
230 uint8_t msg[LSI_MAX_MSGIN_LEN];
231 int waiting;
232 SCSIBus bus;
233 int current_lun;
234
235 uint32_t select_tag;
236 int command_complete;
237 QTAILQ_HEAD(, lsi_request) queue;
238 lsi_request *current;
239
240 uint32_t dsa;
241 uint32_t temp;
242 uint32_t dnad;
243 uint32_t dbc;
244 uint8_t istat0;
245 uint8_t istat1;
246 uint8_t dcmd;
247 uint8_t dstat;
248 uint8_t dien;
249 uint8_t sist0;
250 uint8_t sist1;
251 uint8_t sien0;
252 uint8_t sien1;
253 uint8_t mbox0;
254 uint8_t mbox1;
255 uint8_t dfifo;
256 uint8_t ctest2;
257 uint8_t ctest3;
258 uint8_t ctest4;
259 uint8_t ctest5;
260 uint8_t ccntl0;
261 uint8_t ccntl1;
262 uint32_t dsp;
263 uint32_t dsps;
264 uint8_t dmode;
265 uint8_t dcntl;
266 uint8_t scntl0;
267 uint8_t scntl1;
268 uint8_t scntl2;
269 uint8_t scntl3;
270 uint8_t sstat0;
271 uint8_t sstat1;
272 uint8_t scid;
273 uint8_t sxfer;
274 uint8_t socl;
275 uint8_t sdid;
276 uint8_t ssid;
277 uint8_t sfbr;
278 uint8_t sbcl;
279 uint8_t stest1;
280 uint8_t stest2;
281 uint8_t stest3;
282 uint8_t sidl;
283 uint8_t stime0;
284 uint8_t respid0;
285 uint8_t respid1;
286 uint32_t mmrs;
287 uint32_t mmws;
288 uint32_t sfs;
289 uint32_t drs;
290 uint32_t sbms;
291 uint32_t dbms;
292 uint32_t dnad64;
293 uint32_t pmjad1;
294 uint32_t pmjad2;
295 uint32_t rbc;
296 uint32_t ua;
297 uint32_t ia;
298 uint32_t sbc;
299 uint32_t csbc;
300 uint32_t scratch[18];
301 uint8_t sbr;
302 uint32_t adder;
303
304 uint8_t script_ram[2048 * sizeof(uint32_t)];
305} LSIState;
306
307#define TYPE_LSI53C810 "lsi53c810"
308#define TYPE_LSI53C895A "lsi53c895a"
309
310#define LSI53C895A(obj) \
311 OBJECT_CHECK(LSIState, (obj), TYPE_LSI53C895A)
312
313static const char *scsi_phases[] = {
314 "DOUT",
315 "DIN",
316 "CMD",
317 "STATUS",
318 "RSVOUT",
319 "RSVIN",
320 "MSGOUT",
321 "MSGIN"
322};
323
324static const char *scsi_phase_name(int phase)
325{
326 return scsi_phases[phase & PHASE_MASK];
327}
328
329static inline int lsi_irq_on_rsl(LSIState *s)
330{
331 return (s->sien0 & LSI_SIST0_RSL) && (s->scid & LSI_SCID_RRE);
332}
333
334static lsi_request *get_pending_req(LSIState *s)
335{
336 lsi_request *p;
337
338 QTAILQ_FOREACH(p, &s->queue, next) {
339 if (p->pending) {
340 return p;
341 }
342 }
343 return NULL;
344}
345
346static void lsi_soft_reset(LSIState *s)
347{
348 trace_lsi_reset();
349 s->carry = 0;
350
351 s->msg_action = LSI_MSG_ACTION_COMMAND;
352 s->msg_len = 0;
353 s->waiting = LSI_NOWAIT;
354 s->dsa = 0;
355 s->dnad = 0;
356 s->dbc = 0;
357 s->temp = 0;
358 memset(s->scratch, 0, sizeof(s->scratch));
359 s->istat0 = 0;
360 s->istat1 = 0;
361 s->dcmd = 0x40;
362 s->dstat = 0;
363 s->dien = 0;
364 s->sist0 = 0;
365 s->sist1 = 0;
366 s->sien0 = 0;
367 s->sien1 = 0;
368 s->mbox0 = 0;
369 s->mbox1 = 0;
370 s->dfifo = 0;
371 s->ctest2 = LSI_CTEST2_DACK;
372 s->ctest3 = 0;
373 s->ctest4 = 0;
374 s->ctest5 = 0;
375 s->ccntl0 = 0;
376 s->ccntl1 = 0;
377 s->dsp = 0;
378 s->dsps = 0;
379 s->dmode = 0;
380 s->dcntl = 0;
381 s->scntl0 = 0xc0;
382 s->scntl1 = 0;
383 s->scntl2 = 0;
384 s->scntl3 = 0;
385 s->sstat0 = 0;
386 s->sstat1 = 0;
387 s->scid = 7;
388 s->sxfer = 0;
389 s->socl = 0;
390 s->sdid = 0;
391 s->ssid = 0;
392 s->sbcl = 0;
393 s->stest1 = 0;
394 s->stest2 = 0;
395 s->stest3 = 0;
396 s->sidl = 0;
397 s->stime0 = 0;
398 s->respid0 = 0x80;
399 s->respid1 = 0;
400 s->mmrs = 0;
401 s->mmws = 0;
402 s->sfs = 0;
403 s->drs = 0;
404 s->sbms = 0;
405 s->dbms = 0;
406 s->dnad64 = 0;
407 s->pmjad1 = 0;
408 s->pmjad2 = 0;
409 s->rbc = 0;
410 s->ua = 0;
411 s->ia = 0;
412 s->sbc = 0;
413 s->csbc = 0;
414 s->sbr = 0;
415 assert(QTAILQ_EMPTY(&s->queue));
416 assert(!s->current);
417}
418
419static int lsi_dma_40bit(LSIState *s)
420{
421 if ((s->ccntl1 & LSI_CCNTL1_40BIT) == LSI_CCNTL1_40BIT)
422 return 1;
423 return 0;
424}
425
426static int lsi_dma_ti64bit(LSIState *s)
427{
428 if ((s->ccntl1 & LSI_CCNTL1_EN64TIBMV) == LSI_CCNTL1_EN64TIBMV)
429 return 1;
430 return 0;
431}
432
433static int lsi_dma_64bit(LSIState *s)
434{
435 if ((s->ccntl1 & LSI_CCNTL1_EN64DBMV) == LSI_CCNTL1_EN64DBMV)
436 return 1;
437 return 0;
438}
439
440static uint8_t lsi_reg_readb(LSIState *s, int offset);
441static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val);
442static void lsi_execute_script(LSIState *s);
443static void lsi_reselect(LSIState *s, lsi_request *p);
444
445static inline void lsi_mem_read(LSIState *s, dma_addr_t addr,
446 void *buf, dma_addr_t len)
447{
448 if (s->dmode & LSI_DMODE_SIOM) {
449 address_space_read(&s->pci_io_as, addr, MEMTXATTRS_UNSPECIFIED,
450 buf, len);
451 } else {
452 pci_dma_read(PCI_DEVICE(s), addr, buf, len);
453 }
454}
455
456static inline void lsi_mem_write(LSIState *s, dma_addr_t addr,
457 const void *buf, dma_addr_t len)
458{
459 if (s->dmode & LSI_DMODE_DIOM) {
460 address_space_write(&s->pci_io_as, addr, MEMTXATTRS_UNSPECIFIED,
461 buf, len);
462 } else {
463 pci_dma_write(PCI_DEVICE(s), addr, buf, len);
464 }
465}
466
467static inline uint32_t read_dword(LSIState *s, uint32_t addr)
468{
469 uint32_t buf;
470
471 pci_dma_read(PCI_DEVICE(s), addr, &buf, 4);
472 return cpu_to_le32(buf);
473}
474
475static void lsi_stop_script(LSIState *s)
476{
477 s->istat1 &= ~LSI_ISTAT1_SRUN;
478}
479
480static void lsi_set_irq(LSIState *s, int level)
481{
482 PCIDevice *d = PCI_DEVICE(s);
483
484 if (s->ext_irq) {
485 qemu_set_irq(s->ext_irq, level);
486 } else {
487 pci_set_irq(d, level);
488 }
489}
490
491static void lsi_update_irq(LSIState *s)
492{
493 int level;
494 static int last_level;
495
496
497
498
499 level = 0;
500 if (s->dstat) {
501 if (s->dstat & s->dien)
502 level = 1;
503 s->istat0 |= LSI_ISTAT0_DIP;
504 } else {
505 s->istat0 &= ~LSI_ISTAT0_DIP;
506 }
507
508 if (s->sist0 || s->sist1) {
509 if ((s->sist0 & s->sien0) || (s->sist1 & s->sien1))
510 level = 1;
511 s->istat0 |= LSI_ISTAT0_SIP;
512 } else {
513 s->istat0 &= ~LSI_ISTAT0_SIP;
514 }
515 if (s->istat0 & LSI_ISTAT0_INTF)
516 level = 1;
517
518 if (level != last_level) {
519 trace_lsi_update_irq(level, s->dstat, s->sist1, s->sist0);
520 last_level = level;
521 }
522 lsi_set_irq(s, level);
523
524 if (!s->current && !level && lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON)) {
525 lsi_request *p;
526
527 trace_lsi_update_irq_disconnected();
528 p = get_pending_req(s);
529 if (p) {
530 lsi_reselect(s, p);
531 }
532 }
533}
534
535
536static void lsi_script_scsi_interrupt(LSIState *s, int stat0, int stat1)
537{
538 uint32_t mask0;
539 uint32_t mask1;
540
541 trace_lsi_script_scsi_interrupt(stat1, stat0, s->sist1, s->sist0);
542 s->sist0 |= stat0;
543 s->sist1 |= stat1;
544
545
546
547 mask0 = s->sien0 | ~(LSI_SIST0_CMP | LSI_SIST0_SEL | LSI_SIST0_RSL);
548 mask1 = s->sien1 | ~(LSI_SIST1_GEN | LSI_SIST1_HTH);
549 mask1 &= ~LSI_SIST1_STO;
550 if (s->sist0 & mask0 || s->sist1 & mask1) {
551 lsi_stop_script(s);
552 }
553 lsi_update_irq(s);
554}
555
556
557static void lsi_script_dma_interrupt(LSIState *s, int stat)
558{
559 trace_lsi_script_dma_interrupt(stat, s->dstat);
560 s->dstat |= stat;
561 lsi_update_irq(s);
562 lsi_stop_script(s);
563}
564
565static inline void lsi_set_phase(LSIState *s, int phase)
566{
567 s->sbcl &= ~PHASE_MASK;
568 s->sbcl |= phase | LSI_SBCL_REQ;
569 s->sstat1 = (s->sstat1 & ~PHASE_MASK) | phase;
570}
571
572static void lsi_bad_phase(LSIState *s, int out, int new_phase)
573{
574
575 if (s->ccntl0 & LSI_CCNTL0_ENPMJ) {
576 if ((s->ccntl0 & LSI_CCNTL0_PMJCTL)) {
577 s->dsp = out ? s->pmjad1 : s->pmjad2;
578 } else {
579 s->dsp = (s->scntl2 & LSI_SCNTL2_WSR ? s->pmjad2 : s->pmjad1);
580 }
581 trace_lsi_bad_phase_jump(s->dsp);
582 } else {
583 trace_lsi_bad_phase_interrupt();
584 lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
585 lsi_stop_script(s);
586 }
587 lsi_set_phase(s, new_phase);
588}
589
590
591
592static void lsi_resume_script(LSIState *s)
593{
594 if (s->waiting != 2) {
595 s->waiting = LSI_NOWAIT;
596 lsi_execute_script(s);
597 } else {
598 s->waiting = LSI_NOWAIT;
599 }
600}
601
602static void lsi_disconnect(LSIState *s)
603{
604 s->scntl1 &= ~LSI_SCNTL1_CON;
605 s->sstat1 &= ~PHASE_MASK;
606 s->sbcl = 0;
607}
608
609static void lsi_bad_selection(LSIState *s, uint32_t id)
610{
611 trace_lsi_bad_selection(id);
612 lsi_script_scsi_interrupt(s, 0, LSI_SIST1_STO);
613 lsi_disconnect(s);
614}
615
616
617static void lsi_do_dma(LSIState *s, int out)
618{
619 uint32_t count;
620 dma_addr_t addr;
621 SCSIDevice *dev;
622
623 assert(s->current);
624 if (!s->current->dma_len) {
625
626 trace_lsi_do_dma_unavailable();
627 return;
628 }
629
630 dev = s->current->req->dev;
631 assert(dev);
632
633 count = s->dbc;
634 if (count > s->current->dma_len)
635 count = s->current->dma_len;
636
637 addr = s->dnad;
638
639 if (lsi_dma_40bit(s) || lsi_dma_ti64bit(s))
640 addr |= ((uint64_t)s->dnad64 << 32);
641 else if (s->dbms)
642 addr |= ((uint64_t)s->dbms << 32);
643 else if (s->sbms)
644 addr |= ((uint64_t)s->sbms << 32);
645
646 trace_lsi_do_dma(addr, count);
647 s->csbc += count;
648 s->dnad += count;
649 s->dbc -= count;
650 if (s->current->dma_buf == NULL) {
651 s->current->dma_buf = scsi_req_get_buf(s->current->req);
652 }
653
654 if (out) {
655 lsi_mem_read(s, addr, s->current->dma_buf, count);
656 } else {
657 lsi_mem_write(s, addr, s->current->dma_buf, count);
658 }
659 s->current->dma_len -= count;
660 if (s->current->dma_len == 0) {
661 s->current->dma_buf = NULL;
662 scsi_req_continue(s->current->req);
663 } else {
664 s->current->dma_buf += count;
665 lsi_resume_script(s);
666 }
667}
668
669
670
671static void lsi_queue_command(LSIState *s)
672{
673 lsi_request *p = s->current;
674
675 trace_lsi_queue_command(p->tag);
676 assert(s->current != NULL);
677 assert(s->current->dma_len == 0);
678 QTAILQ_INSERT_TAIL(&s->queue, s->current, next);
679 s->current = NULL;
680
681 p->pending = 0;
682 p->out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
683}
684
685
686static void lsi_add_msg_byte(LSIState *s, uint8_t data)
687{
688 if (s->msg_len >= LSI_MAX_MSGIN_LEN) {
689 trace_lsi_add_msg_byte_error();
690 } else {
691 trace_lsi_add_msg_byte(data);
692 s->msg[s->msg_len++] = data;
693 }
694}
695
696
697static void lsi_reselect(LSIState *s, lsi_request *p)
698{
699 int id;
700
701 assert(s->current == NULL);
702 QTAILQ_REMOVE(&s->queue, p, next);
703 s->current = p;
704
705 id = (p->tag >> 8) & 0xf;
706 s->ssid = id | 0x80;
707
708 if (!(s->dcntl & LSI_DCNTL_COM)) {
709 s->sfbr = 1 << (id & 0x7);
710 }
711 trace_lsi_reselect(id);
712 s->scntl1 |= LSI_SCNTL1_CON;
713 lsi_set_phase(s, PHASE_MI);
714 s->msg_action = p->out ? LSI_MSG_ACTION_DOUT : LSI_MSG_ACTION_DIN;
715 s->current->dma_len = p->pending;
716 lsi_add_msg_byte(s, 0x80);
717 if (s->current->tag & LSI_TAG_VALID) {
718 lsi_add_msg_byte(s, 0x20);
719 lsi_add_msg_byte(s, p->tag & 0xff);
720 }
721
722 if (lsi_irq_on_rsl(s)) {
723 lsi_script_scsi_interrupt(s, LSI_SIST0_RSL, 0);
724 }
725}
726
727static lsi_request *lsi_find_by_tag(LSIState *s, uint32_t tag)
728{
729 lsi_request *p;
730
731 QTAILQ_FOREACH(p, &s->queue, next) {
732 if (p->tag == tag) {
733 return p;
734 }
735 }
736
737 return NULL;
738}
739
740static void lsi_request_free(LSIState *s, lsi_request *p)
741{
742 if (p == s->current) {
743 s->current = NULL;
744 } else {
745 QTAILQ_REMOVE(&s->queue, p, next);
746 }
747 g_free(p);
748}
749
750static void lsi_request_cancelled(SCSIRequest *req)
751{
752 LSIState *s = LSI53C895A(req->bus->qbus.parent);
753 lsi_request *p = req->hba_private;
754
755 req->hba_private = NULL;
756 lsi_request_free(s, p);
757 scsi_req_unref(req);
758}
759
760
761
762static int lsi_queue_req(LSIState *s, SCSIRequest *req, uint32_t len)
763{
764 lsi_request *p = req->hba_private;
765
766 if (p->pending) {
767 trace_lsi_queue_req_error(p);
768 }
769 p->pending = len;
770
771
772
773
774
775 if (s->waiting == LSI_WAIT_RESELECT ||
776 (lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON) &&
777 !(s->istat0 & (LSI_ISTAT0_SIP | LSI_ISTAT0_DIP)))) {
778
779 lsi_reselect(s, p);
780 return 0;
781 } else {
782 trace_lsi_queue_req(p->tag);
783 p->pending = len;
784 return 1;
785 }
786}
787
788
789static void lsi_command_complete(SCSIRequest *req, uint32_t status, size_t resid)
790{
791 LSIState *s = LSI53C895A(req->bus->qbus.parent);
792 int out;
793
794 out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
795 trace_lsi_command_complete(status);
796 s->status = status;
797 s->command_complete = 2;
798 if (s->waiting && s->dbc != 0) {
799
800 lsi_bad_phase(s, out, PHASE_ST);
801 } else {
802 lsi_set_phase(s, PHASE_ST);
803 }
804
805 if (req->hba_private == s->current) {
806 req->hba_private = NULL;
807 lsi_request_free(s, s->current);
808 scsi_req_unref(req);
809 }
810 lsi_resume_script(s);
811}
812
813
814static void lsi_transfer_data(SCSIRequest *req, uint32_t len)
815{
816 LSIState *s = LSI53C895A(req->bus->qbus.parent);
817 int out;
818
819 assert(req->hba_private);
820 if (s->waiting == LSI_WAIT_RESELECT || req->hba_private != s->current ||
821 (lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON))) {
822 if (lsi_queue_req(s, req, len)) {
823 return;
824 }
825 }
826
827 out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
828
829
830 trace_lsi_transfer_data(req->tag, len);
831 s->current->dma_len = len;
832 s->command_complete = 1;
833 if (s->waiting) {
834 if (s->waiting == LSI_WAIT_RESELECT || s->dbc == 0) {
835 lsi_resume_script(s);
836 } else {
837 lsi_do_dma(s, out);
838 }
839 }
840}
841
842static void lsi_do_command(LSIState *s)
843{
844 SCSIDevice *dev;
845 uint8_t buf[16];
846 uint32_t id;
847 int n;
848
849 trace_lsi_do_command(s->dbc);
850 if (s->dbc > 16)
851 s->dbc = 16;
852 pci_dma_read(PCI_DEVICE(s), s->dnad, buf, s->dbc);
853 s->sfbr = buf[0];
854 s->command_complete = 0;
855
856 id = (s->select_tag >> 8) & 0xf;
857 dev = scsi_device_find(&s->bus, 0, id, s->current_lun);
858 if (!dev) {
859 lsi_bad_selection(s, id);
860 return;
861 }
862
863 assert(s->current == NULL);
864 s->current = g_new0(lsi_request, 1);
865 s->current->tag = s->select_tag;
866 s->current->req = scsi_req_new(dev, s->current->tag, s->current_lun, buf,
867 s->current);
868
869 n = scsi_req_enqueue(s->current->req);
870 if (n) {
871 if (n > 0) {
872 lsi_set_phase(s, PHASE_DI);
873 } else if (n < 0) {
874 lsi_set_phase(s, PHASE_DO);
875 }
876 scsi_req_continue(s->current->req);
877 }
878 if (!s->command_complete) {
879 if (n) {
880
881 lsi_add_msg_byte(s, 2);
882 lsi_add_msg_byte(s, 4);
883
884 lsi_set_phase(s, PHASE_MI);
885 s->msg_action = LSI_MSG_ACTION_DISCONNECT;
886 lsi_queue_command(s);
887 } else {
888
889 lsi_set_phase(s, PHASE_DI);
890 }
891 }
892}
893
894static void lsi_do_status(LSIState *s)
895{
896 uint8_t status;
897 trace_lsi_do_status(s->dbc, s->status);
898 if (s->dbc != 1) {
899 trace_lsi_do_status_error();
900 }
901 s->dbc = 1;
902 status = s->status;
903 s->sfbr = status;
904 pci_dma_write(PCI_DEVICE(s), s->dnad, &status, 1);
905 lsi_set_phase(s, PHASE_MI);
906 s->msg_action = LSI_MSG_ACTION_DISCONNECT;
907 lsi_add_msg_byte(s, 0);
908}
909
910static void lsi_do_msgin(LSIState *s)
911{
912 uint8_t len;
913 trace_lsi_do_msgin(s->dbc, s->msg_len);
914 s->sfbr = s->msg[0];
915 len = s->msg_len;
916 assert(len > 0 && len <= LSI_MAX_MSGIN_LEN);
917 if (len > s->dbc)
918 len = s->dbc;
919 pci_dma_write(PCI_DEVICE(s), s->dnad, s->msg, len);
920
921 s->sidl = s->msg[len - 1];
922 s->msg_len -= len;
923 if (s->msg_len) {
924 memmove(s->msg, s->msg + len, s->msg_len);
925 } else {
926
927
928 switch (s->msg_action) {
929 case LSI_MSG_ACTION_COMMAND:
930 lsi_set_phase(s, PHASE_CMD);
931 break;
932 case LSI_MSG_ACTION_DISCONNECT:
933 lsi_disconnect(s);
934 break;
935 case LSI_MSG_ACTION_DOUT:
936 lsi_set_phase(s, PHASE_DO);
937 break;
938 case LSI_MSG_ACTION_DIN:
939 lsi_set_phase(s, PHASE_DI);
940 break;
941 default:
942 abort();
943 }
944 }
945}
946
947
948static uint8_t lsi_get_msgbyte(LSIState *s)
949{
950 uint8_t data;
951 pci_dma_read(PCI_DEVICE(s), s->dnad, &data, 1);
952 s->dnad++;
953 s->dbc--;
954 return data;
955}
956
957
958static void lsi_skip_msgbytes(LSIState *s, unsigned int n)
959{
960 s->dnad += n;
961 s->dbc -= n;
962}
963
964static void lsi_do_msgout(LSIState *s)
965{
966 uint8_t msg;
967 int len;
968 uint32_t current_tag;
969 lsi_request *current_req, *p, *p_next;
970
971 if (s->current) {
972 current_tag = s->current->tag;
973 current_req = s->current;
974 } else {
975 current_tag = s->select_tag;
976 current_req = lsi_find_by_tag(s, current_tag);
977 }
978
979 trace_lsi_do_msgout(s->dbc);
980 while (s->dbc) {
981 msg = lsi_get_msgbyte(s);
982 s->sfbr = msg;
983
984 switch (msg) {
985 case 0x04:
986 trace_lsi_do_msgout_disconnect();
987 lsi_disconnect(s);
988 break;
989 case 0x08:
990 trace_lsi_do_msgout_noop();
991 lsi_set_phase(s, PHASE_CMD);
992 break;
993 case 0x01:
994 len = lsi_get_msgbyte(s);
995 msg = lsi_get_msgbyte(s);
996 (void)len;
997 trace_lsi_do_msgout_extended(msg, len);
998 switch (msg) {
999 case 1:
1000 trace_lsi_do_msgout_ignored("SDTR");
1001 lsi_skip_msgbytes(s, 2);
1002 break;
1003 case 3:
1004 trace_lsi_do_msgout_ignored("WDTR");
1005 lsi_skip_msgbytes(s, 1);
1006 break;
1007 case 4:
1008 trace_lsi_do_msgout_ignored("PPR");
1009 lsi_skip_msgbytes(s, 5);
1010 break;
1011 default:
1012 goto bad;
1013 }
1014 break;
1015 case 0x20:
1016 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
1017 trace_lsi_do_msgout_simplequeue(s->select_tag & 0xff);
1018 break;
1019 case 0x21:
1020 qemu_log_mask(LOG_UNIMP, "lsi_scsi: HEAD queue not implemented\n");
1021 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
1022 break;
1023 case 0x22:
1024 qemu_log_mask(LOG_UNIMP,
1025 "lsi_scsi: ORDERED queue not implemented\n");
1026 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
1027 break;
1028 case 0x0d:
1029
1030 trace_lsi_do_msgout_abort(current_tag);
1031 if (current_req) {
1032 scsi_req_cancel(current_req->req);
1033 }
1034 lsi_disconnect(s);
1035 break;
1036 case 0x06:
1037 case 0x0e:
1038 case 0x0c:
1039
1040
1041 if (msg == 0x06) {
1042 trace_lsi_do_msgout_abort(current_tag);
1043 }
1044
1045
1046 if (msg == 0x0e) {
1047 trace_lsi_do_msgout_clearqueue(current_tag);
1048 }
1049
1050
1051 if (msg == 0x0c) {
1052 trace_lsi_do_msgout_busdevicereset(current_tag);
1053 }
1054
1055
1056 if (s->current) {
1057 scsi_req_cancel(s->current->req);
1058 }
1059
1060
1061
1062
1063
1064
1065
1066
1067 QTAILQ_FOREACH_SAFE(p, &s->queue, next, p_next) {
1068 if ((p->tag & 0x0000ff00) == (current_tag & 0x0000ff00)) {
1069 scsi_req_cancel(p->req);
1070 }
1071 }
1072
1073 lsi_disconnect(s);
1074 break;
1075 default:
1076 if ((msg & 0x80) == 0) {
1077 goto bad;
1078 }
1079 s->current_lun = msg & 7;
1080 trace_lsi_do_msgout_select(s->current_lun);
1081 lsi_set_phase(s, PHASE_CMD);
1082 break;
1083 }
1084 }
1085 return;
1086bad:
1087 qemu_log_mask(LOG_UNIMP, "Unimplemented message 0x%02x\n", msg);
1088 lsi_set_phase(s, PHASE_MI);
1089 lsi_add_msg_byte(s, 7);
1090 s->msg_action = LSI_MSG_ACTION_COMMAND;
1091}
1092
1093#define LSI_BUF_SIZE 4096
1094static void lsi_memcpy(LSIState *s, uint32_t dest, uint32_t src, int count)
1095{
1096 int n;
1097 uint8_t buf[LSI_BUF_SIZE];
1098
1099 trace_lsi_memcpy(dest, src, count);
1100 while (count) {
1101 n = (count > LSI_BUF_SIZE) ? LSI_BUF_SIZE : count;
1102 lsi_mem_read(s, src, buf, n);
1103 lsi_mem_write(s, dest, buf, n);
1104 src += n;
1105 dest += n;
1106 count -= n;
1107 }
1108}
1109
1110static void lsi_wait_reselect(LSIState *s)
1111{
1112 lsi_request *p;
1113
1114 trace_lsi_wait_reselect();
1115
1116 if (s->current) {
1117 return;
1118 }
1119 p = get_pending_req(s);
1120 if (p) {
1121 lsi_reselect(s, p);
1122 }
1123 if (s->current == NULL) {
1124 s->waiting = LSI_WAIT_RESELECT;
1125 }
1126}
1127
1128static void lsi_execute_script(LSIState *s)
1129{
1130 PCIDevice *pci_dev = PCI_DEVICE(s);
1131 uint32_t insn;
1132 uint32_t addr, addr_high;
1133 int opcode;
1134 int insn_processed = 0;
1135
1136 s->istat1 |= LSI_ISTAT1_SRUN;
1137again:
1138 if (++insn_processed > LSI_MAX_INSN) {
1139
1140
1141
1142
1143
1144 if (!(s->sien0 & LSI_SIST0_UDC)) {
1145 qemu_log_mask(LOG_GUEST_ERROR,
1146 "lsi_scsi: inf. loop with UDC masked");
1147 }
1148 lsi_script_scsi_interrupt(s, LSI_SIST0_UDC, 0);
1149 lsi_disconnect(s);
1150 trace_lsi_execute_script_stop();
1151 return;
1152 }
1153 insn = read_dword(s, s->dsp);
1154 if (!insn) {
1155
1156
1157 s->dsp += 4;
1158 goto again;
1159 }
1160 addr = read_dword(s, s->dsp + 4);
1161 addr_high = 0;
1162 trace_lsi_execute_script(s->dsp, insn, addr);
1163 s->dsps = addr;
1164 s->dcmd = insn >> 24;
1165 s->dsp += 8;
1166 switch (insn >> 30) {
1167 case 0:
1168 if (s->sist1 & LSI_SIST1_STO) {
1169 trace_lsi_execute_script_blockmove_delayed();
1170 lsi_stop_script(s);
1171 break;
1172 }
1173 s->dbc = insn & 0xffffff;
1174 s->rbc = s->dbc;
1175
1176 s->ia = s->dsp - 8;
1177 if (insn & (1 << 29)) {
1178
1179 addr = read_dword(s, addr);
1180 } else if (insn & (1 << 28)) {
1181 uint32_t buf[2];
1182 int32_t offset;
1183
1184
1185
1186 offset = sextract32(addr, 0, 24);
1187 pci_dma_read(pci_dev, s->dsa + offset, buf, 8);
1188
1189 s->dbc = cpu_to_le32(buf[0]) & 0xffffff;
1190 s->rbc = s->dbc;
1191 addr = cpu_to_le32(buf[1]);
1192
1193
1194
1195 if (lsi_dma_40bit(s))
1196 addr_high = cpu_to_le32(buf[0]) >> 24;
1197 else if (lsi_dma_ti64bit(s)) {
1198 int selector = (cpu_to_le32(buf[0]) >> 24) & 0x1f;
1199 switch (selector) {
1200 case 0 ... 0x0f:
1201
1202
1203 addr_high = s->scratch[2 + selector];
1204 break;
1205 case 0x10:
1206 addr_high = s->mmrs;
1207 break;
1208 case 0x11:
1209 addr_high = s->mmws;
1210 break;
1211 case 0x12:
1212 addr_high = s->sfs;
1213 break;
1214 case 0x13:
1215 addr_high = s->drs;
1216 break;
1217 case 0x14:
1218 addr_high = s->sbms;
1219 break;
1220 case 0x15:
1221 addr_high = s->dbms;
1222 break;
1223 default:
1224 qemu_log_mask(LOG_GUEST_ERROR,
1225 "lsi_scsi: Illegal selector specified (0x%x > 0x15) "
1226 "for 64-bit DMA block move", selector);
1227 break;
1228 }
1229 }
1230 } else if (lsi_dma_64bit(s)) {
1231
1232
1233 s->dbms = read_dword(s, s->dsp);
1234 s->dsp += 4;
1235 s->ia = s->dsp - 12;
1236 }
1237 if ((s->sstat1 & PHASE_MASK) != ((insn >> 24) & 7)) {
1238 trace_lsi_execute_script_blockmove_badphase(
1239 scsi_phase_name(s->sstat1),
1240 scsi_phase_name(insn >> 24));
1241 lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
1242 break;
1243 }
1244 s->dnad = addr;
1245 s->dnad64 = addr_high;
1246 switch (s->sstat1 & 0x7) {
1247 case PHASE_DO:
1248 s->waiting = LSI_DMA_SCRIPTS;
1249 lsi_do_dma(s, 1);
1250 if (s->waiting)
1251 s->waiting = LSI_DMA_IN_PROGRESS;
1252 break;
1253 case PHASE_DI:
1254 s->waiting = LSI_DMA_SCRIPTS;
1255 lsi_do_dma(s, 0);
1256 if (s->waiting)
1257 s->waiting = LSI_DMA_IN_PROGRESS;
1258 break;
1259 case PHASE_CMD:
1260 lsi_do_command(s);
1261 break;
1262 case PHASE_ST:
1263 lsi_do_status(s);
1264 break;
1265 case PHASE_MO:
1266 lsi_do_msgout(s);
1267 break;
1268 case PHASE_MI:
1269 lsi_do_msgin(s);
1270 break;
1271 default:
1272 qemu_log_mask(LOG_UNIMP, "lsi_scsi: Unimplemented phase %s\n",
1273 scsi_phase_name(s->sstat1));
1274 }
1275 s->dfifo = s->dbc & 0xff;
1276 s->ctest5 = (s->ctest5 & 0xfc) | ((s->dbc >> 8) & 3);
1277 s->sbc = s->dbc;
1278 s->rbc -= s->dbc;
1279 s->ua = addr + s->dbc;
1280 break;
1281
1282 case 1:
1283 opcode = (insn >> 27) & 7;
1284 if (opcode < 5) {
1285 uint32_t id;
1286
1287 if (insn & (1 << 25)) {
1288 id = read_dword(s, s->dsa + sextract32(insn, 0, 24));
1289 } else {
1290 id = insn;
1291 }
1292 id = (id >> 16) & 0xf;
1293 if (insn & (1 << 26)) {
1294 addr = s->dsp + sextract32(addr, 0, 24);
1295 }
1296 s->dnad = addr;
1297 switch (opcode) {
1298 case 0:
1299 s->sdid = id;
1300 if (s->scntl1 & LSI_SCNTL1_CON) {
1301 trace_lsi_execute_script_io_alreadyreselected();
1302 s->dsp = s->dnad;
1303 break;
1304 }
1305 s->sstat0 |= LSI_SSTAT0_WOA;
1306 s->scntl1 &= ~LSI_SCNTL1_IARB;
1307 if (!scsi_device_find(&s->bus, 0, id, 0)) {
1308 lsi_bad_selection(s, id);
1309 break;
1310 }
1311 trace_lsi_execute_script_io_selected(id,
1312 insn & (1 << 3) ? " ATN" : "");
1313
1314
1315
1316 s->select_tag = id << 8;
1317 s->scntl1 |= LSI_SCNTL1_CON;
1318 if (insn & (1 << 3)) {
1319 s->socl |= LSI_SOCL_ATN;
1320 s->sbcl |= LSI_SBCL_ATN;
1321 }
1322 s->sbcl |= LSI_SBCL_BSY;
1323 lsi_set_phase(s, PHASE_MO);
1324 s->waiting = LSI_NOWAIT;
1325 break;
1326 case 1:
1327 trace_lsi_execute_script_io_disconnect();
1328 s->scntl1 &= ~LSI_SCNTL1_CON;
1329
1330
1331
1332
1333
1334
1335 if (!s->current) {
1336 lsi_request *p = get_pending_req(s);
1337 if (p) {
1338 lsi_reselect(s, p);
1339 }
1340 }
1341 break;
1342 case 2:
1343 if (s->istat0 & LSI_ISTAT0_SIGP) {
1344 s->dsp = s->dnad;
1345 } else if (!lsi_irq_on_rsl(s)) {
1346 lsi_wait_reselect(s);
1347 }
1348 break;
1349 case 3:
1350 trace_lsi_execute_script_io_set(
1351 insn & (1 << 3) ? " ATN" : "",
1352 insn & (1 << 6) ? " ACK" : "",
1353 insn & (1 << 9) ? " TM" : "",
1354 insn & (1 << 10) ? " CC" : "");
1355 if (insn & (1 << 3)) {
1356 s->socl |= LSI_SOCL_ATN;
1357 s->sbcl |= LSI_SBCL_ATN;
1358 lsi_set_phase(s, PHASE_MO);
1359 }
1360
1361 if (insn & (1 << 6)) {
1362 s->sbcl |= LSI_SBCL_ACK;
1363 }
1364
1365 if (insn & (1 << 9)) {
1366 qemu_log_mask(LOG_UNIMP,
1367 "lsi_scsi: Target mode not implemented\n");
1368 }
1369 if (insn & (1 << 10))
1370 s->carry = 1;
1371 break;
1372 case 4:
1373 trace_lsi_execute_script_io_clear(
1374 insn & (1 << 3) ? " ATN" : "",
1375 insn & (1 << 6) ? " ACK" : "",
1376 insn & (1 << 9) ? " TM" : "",
1377 insn & (1 << 10) ? " CC" : "");
1378 if (insn & (1 << 3)) {
1379 s->socl &= ~LSI_SOCL_ATN;
1380 s->sbcl &= ~LSI_SBCL_ATN;
1381 }
1382
1383 if (insn & (1 << 6)) {
1384 s->sbcl &= ~LSI_SBCL_ACK;
1385 }
1386
1387 if (insn & (1 << 10))
1388 s->carry = 0;
1389 break;
1390 }
1391 } else {
1392 uint8_t op0;
1393 uint8_t op1;
1394 uint8_t data8;
1395 int reg;
1396 int operator;
1397
1398 static const char *opcode_names[3] =
1399 {"Write", "Read", "Read-Modify-Write"};
1400 static const char *operator_names[8] =
1401 {"MOV", "SHL", "OR", "XOR", "AND", "SHR", "ADD", "ADC"};
1402
1403 reg = ((insn >> 16) & 0x7f) | (insn & 0x80);
1404 data8 = (insn >> 8) & 0xff;
1405 opcode = (insn >> 27) & 7;
1406 operator = (insn >> 24) & 7;
1407 trace_lsi_execute_script_io_opcode(
1408 opcode_names[opcode - 5], reg,
1409 operator_names[operator], data8, s->sfbr,
1410 (insn & (1 << 23)) ? " SFBR" : "");
1411 op0 = op1 = 0;
1412 switch (opcode) {
1413 case 5:
1414 op0 = s->sfbr;
1415 op1 = data8;
1416 break;
1417 case 6:
1418 if (operator)
1419 op0 = lsi_reg_readb(s, reg);
1420 op1 = data8;
1421 break;
1422 case 7:
1423 if (operator)
1424 op0 = lsi_reg_readb(s, reg);
1425 if (insn & (1 << 23)) {
1426 op1 = s->sfbr;
1427 } else {
1428 op1 = data8;
1429 }
1430 break;
1431 }
1432
1433 switch (operator) {
1434 case 0:
1435 op0 = op1;
1436 break;
1437 case 1:
1438 op1 = op0 >> 7;
1439 op0 = (op0 << 1) | s->carry;
1440 s->carry = op1;
1441 break;
1442 case 2:
1443 op0 |= op1;
1444 break;
1445 case 3:
1446 op0 ^= op1;
1447 break;
1448 case 4:
1449 op0 &= op1;
1450 break;
1451 case 5:
1452 op1 = op0 & 1;
1453 op0 = (op0 >> 1) | (s->carry << 7);
1454 s->carry = op1;
1455 break;
1456 case 6:
1457 op0 += op1;
1458 s->carry = op0 < op1;
1459 break;
1460 case 7:
1461 op0 += op1 + s->carry;
1462 if (s->carry)
1463 s->carry = op0 <= op1;
1464 else
1465 s->carry = op0 < op1;
1466 break;
1467 }
1468
1469 switch (opcode) {
1470 case 5:
1471 case 7:
1472 lsi_reg_writeb(s, reg, op0);
1473 break;
1474 case 6:
1475 s->sfbr = op0;
1476 break;
1477 }
1478 }
1479 break;
1480
1481 case 2:
1482 {
1483 int cond;
1484 int jmp;
1485
1486 if ((insn & 0x002e0000) == 0) {
1487 trace_lsi_execute_script_tc_nop();
1488 break;
1489 }
1490 if (s->sist1 & LSI_SIST1_STO) {
1491 trace_lsi_execute_script_tc_delayedselect_timeout();
1492 lsi_stop_script(s);
1493 break;
1494 }
1495 cond = jmp = (insn & (1 << 19)) != 0;
1496 if (cond == jmp && (insn & (1 << 21))) {
1497 trace_lsi_execute_script_tc_compc(s->carry == jmp);
1498 cond = s->carry != 0;
1499 }
1500 if (cond == jmp && (insn & (1 << 17))) {
1501 trace_lsi_execute_script_tc_compp(scsi_phase_name(s->sstat1),
1502 jmp ? '=' : '!', scsi_phase_name(insn >> 24));
1503 cond = (s->sstat1 & PHASE_MASK) == ((insn >> 24) & 7);
1504 }
1505 if (cond == jmp && (insn & (1 << 18))) {
1506 uint8_t mask;
1507
1508 mask = (~insn >> 8) & 0xff;
1509 trace_lsi_execute_script_tc_compd(
1510 s->sfbr, mask, jmp ? '=' : '!', insn & mask);
1511 cond = (s->sfbr & mask) == (insn & mask);
1512 }
1513 if (cond == jmp) {
1514 if (insn & (1 << 23)) {
1515
1516 addr = s->dsp + sextract32(addr, 0, 24);
1517 }
1518 switch ((insn >> 27) & 7) {
1519 case 0:
1520 trace_lsi_execute_script_tc_jump(addr);
1521 s->adder = addr;
1522 s->dsp = addr;
1523 break;
1524 case 1:
1525 trace_lsi_execute_script_tc_call(addr);
1526 s->temp = s->dsp;
1527 s->dsp = addr;
1528 break;
1529 case 2:
1530 trace_lsi_execute_script_tc_return(s->temp);
1531 s->dsp = s->temp;
1532 break;
1533 case 3:
1534 trace_lsi_execute_script_tc_interrupt(s->dsps);
1535 if ((insn & (1 << 20)) != 0) {
1536 s->istat0 |= LSI_ISTAT0_INTF;
1537 lsi_update_irq(s);
1538 } else {
1539 lsi_script_dma_interrupt(s, LSI_DSTAT_SIR);
1540 }
1541 break;
1542 default:
1543 trace_lsi_execute_script_tc_illegal();
1544 lsi_script_dma_interrupt(s, LSI_DSTAT_IID);
1545 break;
1546 }
1547 } else {
1548 trace_lsi_execute_script_tc_cc_failed();
1549 }
1550 }
1551 break;
1552
1553 case 3:
1554 if ((insn & (1 << 29)) == 0) {
1555
1556 uint32_t dest;
1557
1558
1559
1560 dest = read_dword(s, s->dsp);
1561 s->dsp += 4;
1562 lsi_memcpy(s, dest, addr, insn & 0xffffff);
1563 } else {
1564 uint8_t data[7];
1565 int reg;
1566 int n;
1567 int i;
1568
1569 if (insn & (1 << 28)) {
1570 addr = s->dsa + sextract32(addr, 0, 24);
1571 }
1572 n = (insn & 7);
1573 reg = (insn >> 16) & 0xff;
1574 if (insn & (1 << 24)) {
1575 pci_dma_read(pci_dev, addr, data, n);
1576 trace_lsi_execute_script_mm_load(reg, n, addr, *(int *)data);
1577 for (i = 0; i < n; i++) {
1578 lsi_reg_writeb(s, reg + i, data[i]);
1579 }
1580 } else {
1581 trace_lsi_execute_script_mm_store(reg, n, addr);
1582 for (i = 0; i < n; i++) {
1583 data[i] = lsi_reg_readb(s, reg + i);
1584 }
1585 pci_dma_write(pci_dev, addr, data, n);
1586 }
1587 }
1588 }
1589 if (s->istat1 & LSI_ISTAT1_SRUN && s->waiting == LSI_NOWAIT) {
1590 if (s->dcntl & LSI_DCNTL_SSM) {
1591 lsi_script_dma_interrupt(s, LSI_DSTAT_SSI);
1592 } else {
1593 goto again;
1594 }
1595 }
1596 trace_lsi_execute_script_stop();
1597}
1598
1599static uint8_t lsi_reg_readb(LSIState *s, int offset)
1600{
1601 uint8_t ret;
1602
1603#define CASE_GET_REG24(name, addr) \
1604 case addr: ret = s->name & 0xff; break; \
1605 case addr + 1: ret = (s->name >> 8) & 0xff; break; \
1606 case addr + 2: ret = (s->name >> 16) & 0xff; break;
1607
1608#define CASE_GET_REG32(name, addr) \
1609 case addr: ret = s->name & 0xff; break; \
1610 case addr + 1: ret = (s->name >> 8) & 0xff; break; \
1611 case addr + 2: ret = (s->name >> 16) & 0xff; break; \
1612 case addr + 3: ret = (s->name >> 24) & 0xff; break;
1613
1614 switch (offset) {
1615 case 0x00:
1616 ret = s->scntl0;
1617 break;
1618 case 0x01:
1619 ret = s->scntl1;
1620 break;
1621 case 0x02:
1622 ret = s->scntl2;
1623 break;
1624 case 0x03:
1625 ret = s->scntl3;
1626 break;
1627 case 0x04:
1628 ret = s->scid;
1629 break;
1630 case 0x05:
1631 ret = s->sxfer;
1632 break;
1633 case 0x06:
1634 ret = s->sdid;
1635 break;
1636 case 0x07:
1637 ret = 0x7f;
1638 break;
1639 case 0x08:
1640 ret = 0x00;
1641 break;
1642 case 0x09:
1643 ret = s->socl;
1644 break;
1645 case 0xa:
1646 ret = s->ssid;
1647 break;
1648 case 0xb:
1649 ret = s->sbcl;
1650 break;
1651 case 0xc:
1652 ret = s->dstat | LSI_DSTAT_DFE;
1653 if ((s->istat0 & LSI_ISTAT0_INTF) == 0)
1654 s->dstat = 0;
1655 lsi_update_irq(s);
1656 break;
1657 case 0x0d:
1658 ret = s->sstat0;
1659 break;
1660 case 0x0e:
1661 ret = s->sstat1;
1662 break;
1663 case 0x0f:
1664 ret = s->scntl1 & LSI_SCNTL1_CON ? 0 : 2;
1665 break;
1666 CASE_GET_REG32(dsa, 0x10)
1667 case 0x14:
1668 ret = s->istat0;
1669 break;
1670 case 0x15:
1671 ret = s->istat1;
1672 break;
1673 case 0x16:
1674 ret = s->mbox0;
1675 break;
1676 case 0x17:
1677 ret = s->mbox1;
1678 break;
1679 case 0x18:
1680 ret = 0xff;
1681 break;
1682 case 0x19:
1683 ret = 0;
1684 break;
1685 case 0x1a:
1686 ret = s->ctest2 | LSI_CTEST2_DACK | LSI_CTEST2_CM;
1687 if (s->istat0 & LSI_ISTAT0_SIGP) {
1688 s->istat0 &= ~LSI_ISTAT0_SIGP;
1689 ret |= LSI_CTEST2_SIGP;
1690 }
1691 break;
1692 case 0x1b:
1693 ret = s->ctest3;
1694 break;
1695 CASE_GET_REG32(temp, 0x1c)
1696 case 0x20:
1697 ret = s->dfifo;
1698 break;
1699 case 0x21:
1700 ret = s->ctest4;
1701 break;
1702 case 0x22:
1703 ret = s->ctest5;
1704 break;
1705 case 0x23:
1706 ret = 0;
1707 break;
1708 CASE_GET_REG24(dbc, 0x24)
1709 case 0x27:
1710 ret = s->dcmd;
1711 break;
1712 CASE_GET_REG32(dnad, 0x28)
1713 CASE_GET_REG32(dsp, 0x2c)
1714 CASE_GET_REG32(dsps, 0x30)
1715 CASE_GET_REG32(scratch[0], 0x34)
1716 case 0x38:
1717 ret = s->dmode;
1718 break;
1719 case 0x39:
1720 ret = s->dien;
1721 break;
1722 case 0x3a:
1723 ret = s->sbr;
1724 break;
1725 case 0x3b:
1726 ret = s->dcntl;
1727 break;
1728
1729 CASE_GET_REG32(adder, 0x3c)
1730 case 0x40:
1731 ret = s->sien0;
1732 break;
1733 case 0x41:
1734 ret = s->sien1;
1735 break;
1736 case 0x42:
1737 ret = s->sist0;
1738 s->sist0 = 0;
1739 lsi_update_irq(s);
1740 break;
1741 case 0x43:
1742 ret = s->sist1;
1743 s->sist1 = 0;
1744 lsi_update_irq(s);
1745 break;
1746 case 0x46:
1747 ret = 0x0f;
1748 break;
1749 case 0x47:
1750 ret = 0x0f;
1751 break;
1752 case 0x48:
1753 ret = s->stime0;
1754 break;
1755 case 0x4a:
1756 ret = s->respid0;
1757 break;
1758 case 0x4b:
1759 ret = s->respid1;
1760 break;
1761 case 0x4d:
1762 ret = s->stest1;
1763 break;
1764 case 0x4e:
1765 ret = s->stest2;
1766 break;
1767 case 0x4f:
1768 ret = s->stest3;
1769 break;
1770 case 0x50:
1771
1772
1773 ret = s->sidl;
1774 break;
1775 case 0x52:
1776 ret = 0xe0;
1777 break;
1778 case 0x56:
1779 ret = s->ccntl0;
1780 break;
1781 case 0x57:
1782 ret = s->ccntl1;
1783 break;
1784 case 0x58:
1785
1786 if ((s->sstat1 & PHASE_MASK) == PHASE_MI) {
1787 assert(s->msg_len > 0);
1788 return s->msg[0];
1789 }
1790 ret = 0;
1791 break;
1792 case 0x59:
1793 ret = 0;
1794 break;
1795 CASE_GET_REG32(mmrs, 0xa0)
1796 CASE_GET_REG32(mmws, 0xa4)
1797 CASE_GET_REG32(sfs, 0xa8)
1798 CASE_GET_REG32(drs, 0xac)
1799 CASE_GET_REG32(sbms, 0xb0)
1800 CASE_GET_REG32(dbms, 0xb4)
1801 CASE_GET_REG32(dnad64, 0xb8)
1802 CASE_GET_REG32(pmjad1, 0xc0)
1803 CASE_GET_REG32(pmjad2, 0xc4)
1804 CASE_GET_REG32(rbc, 0xc8)
1805 CASE_GET_REG32(ua, 0xcc)
1806 CASE_GET_REG32(ia, 0xd4)
1807 CASE_GET_REG32(sbc, 0xd8)
1808 CASE_GET_REG32(csbc, 0xdc)
1809 case 0x5c ... 0x9f:
1810 {
1811 int n;
1812 int shift;
1813 n = (offset - 0x58) >> 2;
1814 shift = (offset & 3) * 8;
1815 ret = (s->scratch[n] >> shift) & 0xff;
1816 break;
1817 }
1818 default:
1819 {
1820 qemu_log_mask(LOG_GUEST_ERROR,
1821 "lsi_scsi: invalid read from reg %s %x\n",
1822 offset < ARRAY_SIZE(names) ? names[offset] : "???",
1823 offset);
1824 ret = 0xff;
1825 break;
1826 }
1827 }
1828#undef CASE_GET_REG24
1829#undef CASE_GET_REG32
1830
1831 trace_lsi_reg_read(offset < ARRAY_SIZE(names) ? names[offset] : "???",
1832 offset, ret);
1833
1834 return ret;
1835}
1836
1837static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val)
1838{
1839#define CASE_SET_REG24(name, addr) \
1840 case addr : s->name &= 0xffffff00; s->name |= val; break; \
1841 case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \
1842 case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break;
1843
1844#define CASE_SET_REG32(name, addr) \
1845 case addr : s->name &= 0xffffff00; s->name |= val; break; \
1846 case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \
1847 case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break; \
1848 case addr + 3: s->name &= 0x00ffffff; s->name |= val << 24; break;
1849
1850 trace_lsi_reg_write(offset < ARRAY_SIZE(names) ? names[offset] : "???",
1851 offset, val);
1852
1853 switch (offset) {
1854 case 0x00:
1855 s->scntl0 = val;
1856 if (val & LSI_SCNTL0_START) {
1857 qemu_log_mask(LOG_UNIMP,
1858 "lsi_scsi: Start sequence not implemented\n");
1859 }
1860 break;
1861 case 0x01:
1862 s->scntl1 = val & ~LSI_SCNTL1_SST;
1863 if (val & LSI_SCNTL1_IARB) {
1864 qemu_log_mask(LOG_UNIMP,
1865 "lsi_scsi: Immediate Arbritration not implemented\n");
1866 }
1867 if (val & LSI_SCNTL1_RST) {
1868 if (!(s->sstat0 & LSI_SSTAT0_RST)) {
1869 qbus_reset_all(BUS(&s->bus));
1870 s->sstat0 |= LSI_SSTAT0_RST;
1871 lsi_script_scsi_interrupt(s, LSI_SIST0_RST, 0);
1872 }
1873 } else {
1874 s->sstat0 &= ~LSI_SSTAT0_RST;
1875 }
1876 break;
1877 case 0x02:
1878 val &= ~(LSI_SCNTL2_WSR | LSI_SCNTL2_WSS);
1879 s->scntl2 = val;
1880 break;
1881 case 0x03:
1882 s->scntl3 = val;
1883 break;
1884 case 0x04:
1885 s->scid = val;
1886 break;
1887 case 0x05:
1888 s->sxfer = val;
1889 break;
1890 case 0x06:
1891 if ((s->ssid & 0x80) && (val & 0xf) != (s->ssid & 0xf)) {
1892 qemu_log_mask(LOG_GUEST_ERROR,
1893 "lsi_scsi: Destination ID does not match SSID\n");
1894 }
1895 s->sdid = val & 0xf;
1896 break;
1897 case 0x07:
1898 break;
1899 case 0x08:
1900
1901
1902 s->sfbr = val;
1903 break;
1904 case 0x0a: case 0x0b:
1905
1906 return;
1907 case 0x0c: case 0x0d: case 0x0e: case 0x0f:
1908
1909 return;
1910 CASE_SET_REG32(dsa, 0x10)
1911 case 0x14:
1912 s->istat0 = (s->istat0 & 0x0f) | (val & 0xf0);
1913 if (val & LSI_ISTAT0_ABRT) {
1914 lsi_script_dma_interrupt(s, LSI_DSTAT_ABRT);
1915 }
1916 if (val & LSI_ISTAT0_INTF) {
1917 s->istat0 &= ~LSI_ISTAT0_INTF;
1918 lsi_update_irq(s);
1919 }
1920 if (s->waiting == LSI_WAIT_RESELECT && val & LSI_ISTAT0_SIGP) {
1921 trace_lsi_awoken();
1922 s->waiting = LSI_NOWAIT;
1923 s->dsp = s->dnad;
1924 lsi_execute_script(s);
1925 }
1926 if (val & LSI_ISTAT0_SRST) {
1927 qdev_reset_all(DEVICE(s));
1928 }
1929 break;
1930 case 0x16:
1931 s->mbox0 = val;
1932 break;
1933 case 0x17:
1934 s->mbox1 = val;
1935 break;
1936 case 0x18:
1937
1938 break;
1939 case 0x1a:
1940 s->ctest2 = val & LSI_CTEST2_PCICIE;
1941 break;
1942 case 0x1b:
1943 s->ctest3 = val & 0x0f;
1944 break;
1945 CASE_SET_REG32(temp, 0x1c)
1946 case 0x21:
1947 if (val & 7) {
1948 qemu_log_mask(LOG_UNIMP,
1949 "lsi_scsi: Unimplemented CTEST4-FBL 0x%x\n", val);
1950 }
1951 s->ctest4 = val;
1952 break;
1953 case 0x22:
1954 if (val & (LSI_CTEST5_ADCK | LSI_CTEST5_BBCK)) {
1955 qemu_log_mask(LOG_UNIMP,
1956 "lsi_scsi: CTEST5 DMA increment not implemented\n");
1957 }
1958 s->ctest5 = val;
1959 break;
1960 CASE_SET_REG24(dbc, 0x24)
1961 CASE_SET_REG32(dnad, 0x28)
1962 case 0x2c:
1963 s->dsp &= 0xffffff00;
1964 s->dsp |= val;
1965 break;
1966 case 0x2d:
1967 s->dsp &= 0xffff00ff;
1968 s->dsp |= val << 8;
1969 break;
1970 case 0x2e:
1971 s->dsp &= 0xff00ffff;
1972 s->dsp |= val << 16;
1973 break;
1974 case 0x2f:
1975 s->dsp &= 0x00ffffff;
1976 s->dsp |= val << 24;
1977
1978
1979
1980
1981 if ((s->dmode & LSI_DMODE_MAN) == 0
1982 && (s->istat1 & LSI_ISTAT1_SRUN) == 0)
1983 lsi_execute_script(s);
1984 break;
1985 CASE_SET_REG32(dsps, 0x30)
1986 CASE_SET_REG32(scratch[0], 0x34)
1987 case 0x38:
1988 s->dmode = val;
1989 break;
1990 case 0x39:
1991 s->dien = val;
1992 lsi_update_irq(s);
1993 break;
1994 case 0x3a:
1995 s->sbr = val;
1996 break;
1997 case 0x3b:
1998 s->dcntl = val & ~(LSI_DCNTL_PFF | LSI_DCNTL_STD);
1999
2000
2001
2002
2003 if ((val & LSI_DCNTL_STD) && (s->istat1 & LSI_ISTAT1_SRUN) == 0)
2004 lsi_execute_script(s);
2005 break;
2006 case 0x40:
2007 s->sien0 = val;
2008 lsi_update_irq(s);
2009 break;
2010 case 0x41:
2011 s->sien1 = val;
2012 lsi_update_irq(s);
2013 break;
2014 case 0x47:
2015 break;
2016 case 0x48:
2017 s->stime0 = val;
2018 break;
2019 case 0x49:
2020 if (val & 0xf) {
2021 qemu_log_mask(LOG_UNIMP,
2022 "lsi_scsi: General purpose timer not implemented\n");
2023
2024
2025 lsi_script_scsi_interrupt(s, 0, LSI_SIST1_GEN);
2026 }
2027 break;
2028 case 0x4a:
2029 s->respid0 = val;
2030 break;
2031 case 0x4b:
2032 s->respid1 = val;
2033 break;
2034 case 0x4d:
2035 s->stest1 = val;
2036 break;
2037 case 0x4e:
2038 if (val & 1) {
2039 qemu_log_mask(LOG_UNIMP,
2040 "lsi_scsi: Low level mode not implemented\n");
2041 }
2042 s->stest2 = val;
2043 break;
2044 case 0x4f:
2045 if (val & 0x41) {
2046 qemu_log_mask(LOG_UNIMP,
2047 "lsi_scsi: SCSI FIFO test mode not implemented\n");
2048 }
2049 s->stest3 = val;
2050 break;
2051 case 0x56:
2052 s->ccntl0 = val;
2053 break;
2054 case 0x57:
2055 s->ccntl1 = val;
2056 break;
2057 CASE_SET_REG32(mmrs, 0xa0)
2058 CASE_SET_REG32(mmws, 0xa4)
2059 CASE_SET_REG32(sfs, 0xa8)
2060 CASE_SET_REG32(drs, 0xac)
2061 CASE_SET_REG32(sbms, 0xb0)
2062 CASE_SET_REG32(dbms, 0xb4)
2063 CASE_SET_REG32(dnad64, 0xb8)
2064 CASE_SET_REG32(pmjad1, 0xc0)
2065 CASE_SET_REG32(pmjad2, 0xc4)
2066 CASE_SET_REG32(rbc, 0xc8)
2067 CASE_SET_REG32(ua, 0xcc)
2068 CASE_SET_REG32(ia, 0xd4)
2069 CASE_SET_REG32(sbc, 0xd8)
2070 CASE_SET_REG32(csbc, 0xdc)
2071 default:
2072 if (offset >= 0x5c && offset < 0xa0) {
2073 int n;
2074 int shift;
2075 n = (offset - 0x58) >> 2;
2076 shift = (offset & 3) * 8;
2077 s->scratch[n] = deposit32(s->scratch[n], shift, 8, val);
2078 } else {
2079 qemu_log_mask(LOG_GUEST_ERROR,
2080 "lsi_scsi: invalid write to reg %s %x (0x%02x)\n",
2081 offset < ARRAY_SIZE(names) ? names[offset] : "???",
2082 offset, val);
2083 }
2084 }
2085#undef CASE_SET_REG24
2086#undef CASE_SET_REG32
2087}
2088
2089static void lsi_mmio_write(void *opaque, hwaddr addr,
2090 uint64_t val, unsigned size)
2091{
2092 LSIState *s = opaque;
2093
2094 lsi_reg_writeb(s, addr & 0xff, val);
2095}
2096
2097static uint64_t lsi_mmio_read(void *opaque, hwaddr addr,
2098 unsigned size)
2099{
2100 LSIState *s = opaque;
2101 return lsi_reg_readb(s, addr & 0xff);
2102}
2103
2104static const MemoryRegionOps lsi_mmio_ops = {
2105 .read = lsi_mmio_read,
2106 .write = lsi_mmio_write,
2107 .endianness = DEVICE_LITTLE_ENDIAN,
2108 .impl = {
2109 .min_access_size = 1,
2110 .max_access_size = 1,
2111 },
2112};
2113
2114static void lsi_ram_write(void *opaque, hwaddr addr,
2115 uint64_t val, unsigned size)
2116{
2117 LSIState *s = opaque;
2118 stn_le_p(s->script_ram + addr, size, val);
2119}
2120
2121static uint64_t lsi_ram_read(void *opaque, hwaddr addr,
2122 unsigned size)
2123{
2124 LSIState *s = opaque;
2125 return ldn_le_p(s->script_ram + addr, size);
2126}
2127
2128static const MemoryRegionOps lsi_ram_ops = {
2129 .read = lsi_ram_read,
2130 .write = lsi_ram_write,
2131 .endianness = DEVICE_LITTLE_ENDIAN,
2132};
2133
2134static uint64_t lsi_io_read(void *opaque, hwaddr addr,
2135 unsigned size)
2136{
2137 LSIState *s = opaque;
2138 return lsi_reg_readb(s, addr & 0xff);
2139}
2140
2141static void lsi_io_write(void *opaque, hwaddr addr,
2142 uint64_t val, unsigned size)
2143{
2144 LSIState *s = opaque;
2145 lsi_reg_writeb(s, addr & 0xff, val);
2146}
2147
2148static const MemoryRegionOps lsi_io_ops = {
2149 .read = lsi_io_read,
2150 .write = lsi_io_write,
2151 .endianness = DEVICE_LITTLE_ENDIAN,
2152 .impl = {
2153 .min_access_size = 1,
2154 .max_access_size = 1,
2155 },
2156};
2157
2158static void lsi_scsi_reset(DeviceState *dev)
2159{
2160 LSIState *s = LSI53C895A(dev);
2161
2162 lsi_soft_reset(s);
2163}
2164
2165static int lsi_pre_save(void *opaque)
2166{
2167 LSIState *s = opaque;
2168
2169 if (s->current) {
2170 assert(s->current->dma_buf == NULL);
2171 assert(s->current->dma_len == 0);
2172 }
2173 assert(QTAILQ_EMPTY(&s->queue));
2174
2175 return 0;
2176}
2177
2178static int lsi_post_load(void *opaque, int version_id)
2179{
2180 LSIState *s = opaque;
2181
2182 if (s->msg_len < 0 || s->msg_len > LSI_MAX_MSGIN_LEN) {
2183 return -EINVAL;
2184 }
2185
2186 return 0;
2187}
2188
2189static const VMStateDescription vmstate_lsi_scsi = {
2190 .name = "lsiscsi",
2191 .version_id = 1,
2192 .minimum_version_id = 0,
2193 .pre_save = lsi_pre_save,
2194 .post_load = lsi_post_load,
2195 .fields = (VMStateField[]) {
2196 VMSTATE_PCI_DEVICE(parent_obj, LSIState),
2197
2198 VMSTATE_INT32(carry, LSIState),
2199 VMSTATE_INT32(status, LSIState),
2200 VMSTATE_INT32(msg_action, LSIState),
2201 VMSTATE_INT32(msg_len, LSIState),
2202 VMSTATE_BUFFER(msg, LSIState),
2203 VMSTATE_INT32(waiting, LSIState),
2204
2205 VMSTATE_UINT32(dsa, LSIState),
2206 VMSTATE_UINT32(temp, LSIState),
2207 VMSTATE_UINT32(dnad, LSIState),
2208 VMSTATE_UINT32(dbc, LSIState),
2209 VMSTATE_UINT8(istat0, LSIState),
2210 VMSTATE_UINT8(istat1, LSIState),
2211 VMSTATE_UINT8(dcmd, LSIState),
2212 VMSTATE_UINT8(dstat, LSIState),
2213 VMSTATE_UINT8(dien, LSIState),
2214 VMSTATE_UINT8(sist0, LSIState),
2215 VMSTATE_UINT8(sist1, LSIState),
2216 VMSTATE_UINT8(sien0, LSIState),
2217 VMSTATE_UINT8(sien1, LSIState),
2218 VMSTATE_UINT8(mbox0, LSIState),
2219 VMSTATE_UINT8(mbox1, LSIState),
2220 VMSTATE_UINT8(dfifo, LSIState),
2221 VMSTATE_UINT8(ctest2, LSIState),
2222 VMSTATE_UINT8(ctest3, LSIState),
2223 VMSTATE_UINT8(ctest4, LSIState),
2224 VMSTATE_UINT8(ctest5, LSIState),
2225 VMSTATE_UINT8(ccntl0, LSIState),
2226 VMSTATE_UINT8(ccntl1, LSIState),
2227 VMSTATE_UINT32(dsp, LSIState),
2228 VMSTATE_UINT32(dsps, LSIState),
2229 VMSTATE_UINT8(dmode, LSIState),
2230 VMSTATE_UINT8(dcntl, LSIState),
2231 VMSTATE_UINT8(scntl0, LSIState),
2232 VMSTATE_UINT8(scntl1, LSIState),
2233 VMSTATE_UINT8(scntl2, LSIState),
2234 VMSTATE_UINT8(scntl3, LSIState),
2235 VMSTATE_UINT8(sstat0, LSIState),
2236 VMSTATE_UINT8(sstat1, LSIState),
2237 VMSTATE_UINT8(scid, LSIState),
2238 VMSTATE_UINT8(sxfer, LSIState),
2239 VMSTATE_UINT8(socl, LSIState),
2240 VMSTATE_UINT8(sdid, LSIState),
2241 VMSTATE_UINT8(ssid, LSIState),
2242 VMSTATE_UINT8(sfbr, LSIState),
2243 VMSTATE_UINT8(stest1, LSIState),
2244 VMSTATE_UINT8(stest2, LSIState),
2245 VMSTATE_UINT8(stest3, LSIState),
2246 VMSTATE_UINT8(sidl, LSIState),
2247 VMSTATE_UINT8(stime0, LSIState),
2248 VMSTATE_UINT8(respid0, LSIState),
2249 VMSTATE_UINT8(respid1, LSIState),
2250 VMSTATE_UINT8_V(sbcl, LSIState, 1),
2251 VMSTATE_UINT32(mmrs, LSIState),
2252 VMSTATE_UINT32(mmws, LSIState),
2253 VMSTATE_UINT32(sfs, LSIState),
2254 VMSTATE_UINT32(drs, LSIState),
2255 VMSTATE_UINT32(sbms, LSIState),
2256 VMSTATE_UINT32(dbms, LSIState),
2257 VMSTATE_UINT32(dnad64, LSIState),
2258 VMSTATE_UINT32(pmjad1, LSIState),
2259 VMSTATE_UINT32(pmjad2, LSIState),
2260 VMSTATE_UINT32(rbc, LSIState),
2261 VMSTATE_UINT32(ua, LSIState),
2262 VMSTATE_UINT32(ia, LSIState),
2263 VMSTATE_UINT32(sbc, LSIState),
2264 VMSTATE_UINT32(csbc, LSIState),
2265 VMSTATE_BUFFER_UNSAFE(scratch, LSIState, 0, 18 * sizeof(uint32_t)),
2266 VMSTATE_UINT8(sbr, LSIState),
2267
2268 VMSTATE_BUFFER_UNSAFE(script_ram, LSIState, 0, 8192),
2269 VMSTATE_END_OF_LIST()
2270 }
2271};
2272
2273static const struct SCSIBusInfo lsi_scsi_info = {
2274 .tcq = true,
2275 .max_target = LSI_MAX_DEVS,
2276 .max_lun = 0,
2277
2278 .transfer_data = lsi_transfer_data,
2279 .complete = lsi_command_complete,
2280 .cancel = lsi_request_cancelled
2281};
2282
2283static void lsi_scsi_realize(PCIDevice *dev, Error **errp)
2284{
2285 LSIState *s = LSI53C895A(dev);
2286 DeviceState *d = DEVICE(dev);
2287 uint8_t *pci_conf;
2288
2289 pci_conf = dev->config;
2290
2291
2292 pci_conf[PCI_LATENCY_TIMER] = 0xff;
2293
2294 pci_conf[PCI_INTERRUPT_PIN] = 0x01;
2295
2296 memory_region_init_io(&s->mmio_io, OBJECT(s), &lsi_mmio_ops, s,
2297 "lsi-mmio", 0x400);
2298 memory_region_init_io(&s->ram_io, OBJECT(s), &lsi_ram_ops, s,
2299 "lsi-ram", 0x2000);
2300 memory_region_init_io(&s->io_io, OBJECT(s), &lsi_io_ops, s,
2301 "lsi-io", 256);
2302
2303 address_space_init(&s->pci_io_as, pci_address_space_io(dev), "lsi-pci-io");
2304 qdev_init_gpio_out(d, &s->ext_irq, 1);
2305
2306 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_io);
2307 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->mmio_io);
2308 pci_register_bar(dev, 2, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->ram_io);
2309 QTAILQ_INIT(&s->queue);
2310
2311 scsi_bus_new(&s->bus, sizeof(s->bus), d, &lsi_scsi_info, NULL);
2312}
2313
2314static void lsi_scsi_unrealize(DeviceState *dev, Error **errp)
2315{
2316 LSIState *s = LSI53C895A(dev);
2317
2318 address_space_destroy(&s->pci_io_as);
2319}
2320
2321static void lsi_class_init(ObjectClass *klass, void *data)
2322{
2323 DeviceClass *dc = DEVICE_CLASS(klass);
2324 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2325
2326 k->realize = lsi_scsi_realize;
2327 k->vendor_id = PCI_VENDOR_ID_LSI_LOGIC;
2328 k->device_id = PCI_DEVICE_ID_LSI_53C895A;
2329 k->class_id = PCI_CLASS_STORAGE_SCSI;
2330 k->subsystem_id = 0x1000;
2331 dc->unrealize = lsi_scsi_unrealize;
2332 dc->reset = lsi_scsi_reset;
2333 dc->vmsd = &vmstate_lsi_scsi;
2334 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
2335}
2336
2337static const TypeInfo lsi_info = {
2338 .name = TYPE_LSI53C895A,
2339 .parent = TYPE_PCI_DEVICE,
2340 .instance_size = sizeof(LSIState),
2341 .class_init = lsi_class_init,
2342 .interfaces = (InterfaceInfo[]) {
2343 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
2344 { },
2345 },
2346};
2347
2348static void lsi53c810_class_init(ObjectClass *klass, void *data)
2349{
2350 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2351
2352 k->device_id = PCI_DEVICE_ID_LSI_53C810;
2353}
2354
2355static TypeInfo lsi53c810_info = {
2356 .name = TYPE_LSI53C810,
2357 .parent = TYPE_LSI53C895A,
2358 .class_init = lsi53c810_class_init,
2359};
2360
2361static void lsi53c895a_register_types(void)
2362{
2363 type_register_static(&lsi_info);
2364 type_register_static(&lsi53c810_info);
2365}
2366
2367type_init(lsi53c895a_register_types)
2368
2369void lsi53c8xx_handle_legacy_cmdline(DeviceState *lsi_dev)
2370{
2371 LSIState *s = LSI53C895A(lsi_dev);
2372
2373 scsi_bus_legacy_handle_cmdline(&s->bus);
2374}
2375