1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include "qemu/osdep.h"
17
18#include "hw/irq.h"
19#include "hw/pci/pci.h"
20#include "hw/scsi/scsi.h"
21#include "migration/vmstate.h"
22#include "sysemu/dma.h"
23#include "qemu/log.h"
24#include "qemu/module.h"
25#include "trace.h"
26
27static const char *names[] = {
28 "SCNTL0", "SCNTL1", "SCNTL2", "SCNTL3", "SCID", "SXFER", "SDID", "GPREG",
29 "SFBR", "SOCL", "SSID", "SBCL", "DSTAT", "SSTAT0", "SSTAT1", "SSTAT2",
30 "DSA0", "DSA1", "DSA2", "DSA3", "ISTAT", "0x15", "0x16", "0x17",
31 "CTEST0", "CTEST1", "CTEST2", "CTEST3", "TEMP0", "TEMP1", "TEMP2", "TEMP3",
32 "DFIFO", "CTEST4", "CTEST5", "CTEST6", "DBC0", "DBC1", "DBC2", "DCMD",
33 "DNAD0", "DNAD1", "DNAD2", "DNAD3", "DSP0", "DSP1", "DSP2", "DSP3",
34 "DSPS0", "DSPS1", "DSPS2", "DSPS3", "SCRATCHA0", "SCRATCHA1", "SCRATCHA2", "SCRATCHA3",
35 "DMODE", "DIEN", "SBR", "DCNTL", "ADDER0", "ADDER1", "ADDER2", "ADDER3",
36 "SIEN0", "SIEN1", "SIST0", "SIST1", "SLPAR", "0x45", "MACNTL", "GPCNTL",
37 "STIME0", "STIME1", "RESPID", "0x4b", "STEST0", "STEST1", "STEST2", "STEST3",
38 "SIDL", "0x51", "0x52", "0x53", "SODL", "0x55", "0x56", "0x57",
39 "SBDL", "0x59", "0x5a", "0x5b", "SCRATCHB0", "SCRATCHB1", "SCRATCHB2", "SCRATCHB3",
40};
41
42#define LSI_MAX_DEVS 7
43
44#define LSI_SCNTL0_TRG 0x01
45#define LSI_SCNTL0_AAP 0x02
46#define LSI_SCNTL0_EPC 0x08
47#define LSI_SCNTL0_WATN 0x10
48#define LSI_SCNTL0_START 0x20
49
50#define LSI_SCNTL1_SST 0x01
51#define LSI_SCNTL1_IARB 0x02
52#define LSI_SCNTL1_AESP 0x04
53#define LSI_SCNTL1_RST 0x08
54#define LSI_SCNTL1_CON 0x10
55#define LSI_SCNTL1_DHP 0x20
56#define LSI_SCNTL1_ADB 0x40
57#define LSI_SCNTL1_EXC 0x80
58
59#define LSI_SCNTL2_WSR 0x01
60#define LSI_SCNTL2_VUE0 0x02
61#define LSI_SCNTL2_VUE1 0x04
62#define LSI_SCNTL2_WSS 0x08
63#define LSI_SCNTL2_SLPHBEN 0x10
64#define LSI_SCNTL2_SLPMD 0x20
65#define LSI_SCNTL2_CHM 0x40
66#define LSI_SCNTL2_SDU 0x80
67
68#define LSI_ISTAT0_DIP 0x01
69#define LSI_ISTAT0_SIP 0x02
70#define LSI_ISTAT0_INTF 0x04
71#define LSI_ISTAT0_CON 0x08
72#define LSI_ISTAT0_SEM 0x10
73#define LSI_ISTAT0_SIGP 0x20
74#define LSI_ISTAT0_SRST 0x40
75#define LSI_ISTAT0_ABRT 0x80
76
77#define LSI_ISTAT1_SI 0x01
78#define LSI_ISTAT1_SRUN 0x02
79#define LSI_ISTAT1_FLSH 0x04
80
81#define LSI_SSTAT0_SDP0 0x01
82#define LSI_SSTAT0_RST 0x02
83#define LSI_SSTAT0_WOA 0x04
84#define LSI_SSTAT0_LOA 0x08
85#define LSI_SSTAT0_AIP 0x10
86#define LSI_SSTAT0_OLF 0x20
87#define LSI_SSTAT0_ORF 0x40
88#define LSI_SSTAT0_ILF 0x80
89
90#define LSI_SIST0_PAR 0x01
91#define LSI_SIST0_RST 0x02
92#define LSI_SIST0_UDC 0x04
93#define LSI_SIST0_SGE 0x08
94#define LSI_SIST0_RSL 0x10
95#define LSI_SIST0_SEL 0x20
96#define LSI_SIST0_CMP 0x40
97#define LSI_SIST0_MA 0x80
98
99#define LSI_SIST1_HTH 0x01
100#define LSI_SIST1_GEN 0x02
101#define LSI_SIST1_STO 0x04
102#define LSI_SIST1_SBMC 0x10
103
104#define LSI_SOCL_IO 0x01
105#define LSI_SOCL_CD 0x02
106#define LSI_SOCL_MSG 0x04
107#define LSI_SOCL_ATN 0x08
108#define LSI_SOCL_SEL 0x10
109#define LSI_SOCL_BSY 0x20
110#define LSI_SOCL_ACK 0x40
111#define LSI_SOCL_REQ 0x80
112
113#define LSI_DSTAT_IID 0x01
114#define LSI_DSTAT_SIR 0x04
115#define LSI_DSTAT_SSI 0x08
116#define LSI_DSTAT_ABRT 0x10
117#define LSI_DSTAT_BF 0x20
118#define LSI_DSTAT_MDPE 0x40
119#define LSI_DSTAT_DFE 0x80
120
121#define LSI_DCNTL_COM 0x01
122#define LSI_DCNTL_IRQD 0x02
123#define LSI_DCNTL_STD 0x04
124#define LSI_DCNTL_IRQM 0x08
125#define LSI_DCNTL_SSM 0x10
126#define LSI_DCNTL_PFEN 0x20
127#define LSI_DCNTL_PFF 0x40
128#define LSI_DCNTL_CLSE 0x80
129
130#define LSI_DMODE_MAN 0x01
131#define LSI_DMODE_BOF 0x02
132#define LSI_DMODE_ERMP 0x04
133#define LSI_DMODE_ERL 0x08
134#define LSI_DMODE_DIOM 0x10
135#define LSI_DMODE_SIOM 0x20
136
137#define LSI_CTEST2_DACK 0x01
138#define LSI_CTEST2_DREQ 0x02
139#define LSI_CTEST2_TEOP 0x04
140#define LSI_CTEST2_PCICIE 0x08
141#define LSI_CTEST2_CM 0x10
142#define LSI_CTEST2_CIO 0x20
143#define LSI_CTEST2_SIGP 0x40
144#define LSI_CTEST2_DDIR 0x80
145
146#define LSI_CTEST5_BL2 0x04
147#define LSI_CTEST5_DDIR 0x08
148#define LSI_CTEST5_MASR 0x10
149#define LSI_CTEST5_DFSN 0x20
150#define LSI_CTEST5_BBCK 0x40
151#define LSI_CTEST5_ADCK 0x80
152
153#define LSI_CCNTL0_DILS 0x01
154#define LSI_CCNTL0_DISFC 0x10
155#define LSI_CCNTL0_ENNDJ 0x20
156#define LSI_CCNTL0_PMJCTL 0x40
157#define LSI_CCNTL0_ENPMJ 0x80
158
159#define LSI_CCNTL1_EN64DBMV 0x01
160#define LSI_CCNTL1_EN64TIBMV 0x02
161#define LSI_CCNTL1_64TIMOD 0x04
162#define LSI_CCNTL1_DDAC 0x08
163#define LSI_CCNTL1_ZMOD 0x80
164
165#define LSI_SBCL_ATN 0x08
166#define LSI_SBCL_BSY 0x20
167#define LSI_SBCL_ACK 0x40
168#define LSI_SBCL_REQ 0x80
169
170
171#define LSI_SCID_RRE 0x60
172
173#define LSI_CCNTL1_40BIT (LSI_CCNTL1_EN64TIBMV|LSI_CCNTL1_64TIMOD)
174
175#define PHASE_DO 0
176#define PHASE_DI 1
177#define PHASE_CMD 2
178#define PHASE_ST 3
179#define PHASE_MO 6
180#define PHASE_MI 7
181#define PHASE_MASK 7
182
183
184#define LSI_MAX_MSGIN_LEN 8
185
186
187#define LSI_TAG_VALID (1 << 16)
188
189
190#define LSI_MAX_INSN 10000
191
192typedef struct lsi_request {
193 SCSIRequest *req;
194 uint32_t tag;
195 uint32_t dma_len;
196 uint8_t *dma_buf;
197 uint32_t pending;
198 int out;
199 QTAILQ_ENTRY(lsi_request) next;
200} lsi_request;
201
202enum {
203 LSI_NOWAIT,
204 LSI_WAIT_RESELECT,
205 LSI_DMA_SCRIPTS,
206 LSI_DMA_IN_PROGRESS,
207};
208
209enum {
210 LSI_MSG_ACTION_COMMAND = 0,
211 LSI_MSG_ACTION_DISCONNECT = 1,
212 LSI_MSG_ACTION_DOUT = 2,
213 LSI_MSG_ACTION_DIN = 3,
214};
215
216typedef struct {
217
218 PCIDevice parent_obj;
219
220
221 qemu_irq ext_irq;
222 MemoryRegion mmio_io;
223 MemoryRegion ram_io;
224 MemoryRegion io_io;
225 AddressSpace pci_io_as;
226
227 int carry;
228 int status;
229 int msg_action;
230 int msg_len;
231 uint8_t msg[LSI_MAX_MSGIN_LEN];
232 int waiting;
233 SCSIBus bus;
234 int current_lun;
235
236 uint32_t select_tag;
237 int command_complete;
238 QTAILQ_HEAD(, lsi_request) queue;
239 lsi_request *current;
240
241 uint32_t dsa;
242 uint32_t temp;
243 uint32_t dnad;
244 uint32_t dbc;
245 uint8_t istat0;
246 uint8_t istat1;
247 uint8_t dcmd;
248 uint8_t dstat;
249 uint8_t dien;
250 uint8_t sist0;
251 uint8_t sist1;
252 uint8_t sien0;
253 uint8_t sien1;
254 uint8_t mbox0;
255 uint8_t mbox1;
256 uint8_t dfifo;
257 uint8_t ctest2;
258 uint8_t ctest3;
259 uint8_t ctest4;
260 uint8_t ctest5;
261 uint8_t ccntl0;
262 uint8_t ccntl1;
263 uint32_t dsp;
264 uint32_t dsps;
265 uint8_t dmode;
266 uint8_t dcntl;
267 uint8_t scntl0;
268 uint8_t scntl1;
269 uint8_t scntl2;
270 uint8_t scntl3;
271 uint8_t sstat0;
272 uint8_t sstat1;
273 uint8_t scid;
274 uint8_t sxfer;
275 uint8_t socl;
276 uint8_t sdid;
277 uint8_t ssid;
278 uint8_t sfbr;
279 uint8_t sbcl;
280 uint8_t stest1;
281 uint8_t stest2;
282 uint8_t stest3;
283 uint8_t sidl;
284 uint8_t stime0;
285 uint8_t respid0;
286 uint8_t respid1;
287 uint32_t mmrs;
288 uint32_t mmws;
289 uint32_t sfs;
290 uint32_t drs;
291 uint32_t sbms;
292 uint32_t dbms;
293 uint32_t dnad64;
294 uint32_t pmjad1;
295 uint32_t pmjad2;
296 uint32_t rbc;
297 uint32_t ua;
298 uint32_t ia;
299 uint32_t sbc;
300 uint32_t csbc;
301 uint32_t scratch[18];
302 uint8_t sbr;
303 uint32_t adder;
304
305 uint8_t script_ram[2048 * sizeof(uint32_t)];
306} LSIState;
307
308#define TYPE_LSI53C810 "lsi53c810"
309#define TYPE_LSI53C895A "lsi53c895a"
310
311#define LSI53C895A(obj) \
312 OBJECT_CHECK(LSIState, (obj), TYPE_LSI53C895A)
313
314static const char *scsi_phases[] = {
315 "DOUT",
316 "DIN",
317 "CMD",
318 "STATUS",
319 "RSVOUT",
320 "RSVIN",
321 "MSGOUT",
322 "MSGIN"
323};
324
325static const char *scsi_phase_name(int phase)
326{
327 return scsi_phases[phase & PHASE_MASK];
328}
329
330static inline int lsi_irq_on_rsl(LSIState *s)
331{
332 return (s->sien0 & LSI_SIST0_RSL) && (s->scid & LSI_SCID_RRE);
333}
334
335static lsi_request *get_pending_req(LSIState *s)
336{
337 lsi_request *p;
338
339 QTAILQ_FOREACH(p, &s->queue, next) {
340 if (p->pending) {
341 return p;
342 }
343 }
344 return NULL;
345}
346
347static void lsi_soft_reset(LSIState *s)
348{
349 trace_lsi_reset();
350 s->carry = 0;
351
352 s->msg_action = LSI_MSG_ACTION_COMMAND;
353 s->msg_len = 0;
354 s->waiting = LSI_NOWAIT;
355 s->dsa = 0;
356 s->dnad = 0;
357 s->dbc = 0;
358 s->temp = 0;
359 memset(s->scratch, 0, sizeof(s->scratch));
360 s->istat0 = 0;
361 s->istat1 = 0;
362 s->dcmd = 0x40;
363 s->dstat = 0;
364 s->dien = 0;
365 s->sist0 = 0;
366 s->sist1 = 0;
367 s->sien0 = 0;
368 s->sien1 = 0;
369 s->mbox0 = 0;
370 s->mbox1 = 0;
371 s->dfifo = 0;
372 s->ctest2 = LSI_CTEST2_DACK;
373 s->ctest3 = 0;
374 s->ctest4 = 0;
375 s->ctest5 = 0;
376 s->ccntl0 = 0;
377 s->ccntl1 = 0;
378 s->dsp = 0;
379 s->dsps = 0;
380 s->dmode = 0;
381 s->dcntl = 0;
382 s->scntl0 = 0xc0;
383 s->scntl1 = 0;
384 s->scntl2 = 0;
385 s->scntl3 = 0;
386 s->sstat0 = 0;
387 s->sstat1 = 0;
388 s->scid = 7;
389 s->sxfer = 0;
390 s->socl = 0;
391 s->sdid = 0;
392 s->ssid = 0;
393 s->sbcl = 0;
394 s->stest1 = 0;
395 s->stest2 = 0;
396 s->stest3 = 0;
397 s->sidl = 0;
398 s->stime0 = 0;
399 s->respid0 = 0x80;
400 s->respid1 = 0;
401 s->mmrs = 0;
402 s->mmws = 0;
403 s->sfs = 0;
404 s->drs = 0;
405 s->sbms = 0;
406 s->dbms = 0;
407 s->dnad64 = 0;
408 s->pmjad1 = 0;
409 s->pmjad2 = 0;
410 s->rbc = 0;
411 s->ua = 0;
412 s->ia = 0;
413 s->sbc = 0;
414 s->csbc = 0;
415 s->sbr = 0;
416 assert(QTAILQ_EMPTY(&s->queue));
417 assert(!s->current);
418}
419
420static int lsi_dma_40bit(LSIState *s)
421{
422 if ((s->ccntl1 & LSI_CCNTL1_40BIT) == LSI_CCNTL1_40BIT)
423 return 1;
424 return 0;
425}
426
427static int lsi_dma_ti64bit(LSIState *s)
428{
429 if ((s->ccntl1 & LSI_CCNTL1_EN64TIBMV) == LSI_CCNTL1_EN64TIBMV)
430 return 1;
431 return 0;
432}
433
434static int lsi_dma_64bit(LSIState *s)
435{
436 if ((s->ccntl1 & LSI_CCNTL1_EN64DBMV) == LSI_CCNTL1_EN64DBMV)
437 return 1;
438 return 0;
439}
440
441static uint8_t lsi_reg_readb(LSIState *s, int offset);
442static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val);
443static void lsi_execute_script(LSIState *s);
444static void lsi_reselect(LSIState *s, lsi_request *p);
445
446static inline void lsi_mem_read(LSIState *s, dma_addr_t addr,
447 void *buf, dma_addr_t len)
448{
449 if (s->dmode & LSI_DMODE_SIOM) {
450 address_space_read(&s->pci_io_as, addr, MEMTXATTRS_UNSPECIFIED,
451 buf, len);
452 } else {
453 pci_dma_read(PCI_DEVICE(s), addr, buf, len);
454 }
455}
456
457static inline void lsi_mem_write(LSIState *s, dma_addr_t addr,
458 const void *buf, dma_addr_t len)
459{
460 if (s->dmode & LSI_DMODE_DIOM) {
461 address_space_write(&s->pci_io_as, addr, MEMTXATTRS_UNSPECIFIED,
462 buf, len);
463 } else {
464 pci_dma_write(PCI_DEVICE(s), addr, buf, len);
465 }
466}
467
468static inline uint32_t read_dword(LSIState *s, uint32_t addr)
469{
470 uint32_t buf;
471
472 pci_dma_read(PCI_DEVICE(s), addr, &buf, 4);
473 return cpu_to_le32(buf);
474}
475
476static void lsi_stop_script(LSIState *s)
477{
478 s->istat1 &= ~LSI_ISTAT1_SRUN;
479}
480
481static void lsi_set_irq(LSIState *s, int level)
482{
483 PCIDevice *d = PCI_DEVICE(s);
484
485 if (s->ext_irq) {
486 qemu_set_irq(s->ext_irq, level);
487 } else {
488 pci_set_irq(d, level);
489 }
490}
491
492static void lsi_update_irq(LSIState *s)
493{
494 int level;
495 static int last_level;
496
497
498
499
500 level = 0;
501 if (s->dstat) {
502 if (s->dstat & s->dien)
503 level = 1;
504 s->istat0 |= LSI_ISTAT0_DIP;
505 } else {
506 s->istat0 &= ~LSI_ISTAT0_DIP;
507 }
508
509 if (s->sist0 || s->sist1) {
510 if ((s->sist0 & s->sien0) || (s->sist1 & s->sien1))
511 level = 1;
512 s->istat0 |= LSI_ISTAT0_SIP;
513 } else {
514 s->istat0 &= ~LSI_ISTAT0_SIP;
515 }
516 if (s->istat0 & LSI_ISTAT0_INTF)
517 level = 1;
518
519 if (level != last_level) {
520 trace_lsi_update_irq(level, s->dstat, s->sist1, s->sist0);
521 last_level = level;
522 }
523 lsi_set_irq(s, level);
524
525 if (!s->current && !level && lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON)) {
526 lsi_request *p;
527
528 trace_lsi_update_irq_disconnected();
529 p = get_pending_req(s);
530 if (p) {
531 lsi_reselect(s, p);
532 }
533 }
534}
535
536
537static void lsi_script_scsi_interrupt(LSIState *s, int stat0, int stat1)
538{
539 uint32_t mask0;
540 uint32_t mask1;
541
542 trace_lsi_script_scsi_interrupt(stat1, stat0, s->sist1, s->sist0);
543 s->sist0 |= stat0;
544 s->sist1 |= stat1;
545
546
547
548 mask0 = s->sien0 | ~(LSI_SIST0_CMP | LSI_SIST0_SEL | LSI_SIST0_RSL);
549 mask1 = s->sien1 | ~(LSI_SIST1_GEN | LSI_SIST1_HTH);
550 mask1 &= ~LSI_SIST1_STO;
551 if (s->sist0 & mask0 || s->sist1 & mask1) {
552 lsi_stop_script(s);
553 }
554 lsi_update_irq(s);
555}
556
557
558static void lsi_script_dma_interrupt(LSIState *s, int stat)
559{
560 trace_lsi_script_dma_interrupt(stat, s->dstat);
561 s->dstat |= stat;
562 lsi_update_irq(s);
563 lsi_stop_script(s);
564}
565
566static inline void lsi_set_phase(LSIState *s, int phase)
567{
568 s->sbcl &= ~PHASE_MASK;
569 s->sbcl |= phase | LSI_SBCL_REQ;
570 s->sstat1 = (s->sstat1 & ~PHASE_MASK) | phase;
571}
572
573static void lsi_bad_phase(LSIState *s, int out, int new_phase)
574{
575
576 if (s->ccntl0 & LSI_CCNTL0_ENPMJ) {
577 if ((s->ccntl0 & LSI_CCNTL0_PMJCTL)) {
578 s->dsp = out ? s->pmjad1 : s->pmjad2;
579 } else {
580 s->dsp = (s->scntl2 & LSI_SCNTL2_WSR ? s->pmjad2 : s->pmjad1);
581 }
582 trace_lsi_bad_phase_jump(s->dsp);
583 } else {
584 trace_lsi_bad_phase_interrupt();
585 lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
586 lsi_stop_script(s);
587 }
588 lsi_set_phase(s, new_phase);
589}
590
591
592
593static void lsi_resume_script(LSIState *s)
594{
595 if (s->waiting != 2) {
596 s->waiting = LSI_NOWAIT;
597 lsi_execute_script(s);
598 } else {
599 s->waiting = LSI_NOWAIT;
600 }
601}
602
603static void lsi_disconnect(LSIState *s)
604{
605 s->scntl1 &= ~LSI_SCNTL1_CON;
606 s->sstat1 &= ~PHASE_MASK;
607 s->sbcl = 0;
608}
609
610static void lsi_bad_selection(LSIState *s, uint32_t id)
611{
612 trace_lsi_bad_selection(id);
613 lsi_script_scsi_interrupt(s, 0, LSI_SIST1_STO);
614 lsi_disconnect(s);
615}
616
617
618static void lsi_do_dma(LSIState *s, int out)
619{
620 uint32_t count;
621 dma_addr_t addr;
622 SCSIDevice *dev;
623
624 assert(s->current);
625 if (!s->current->dma_len) {
626
627 trace_lsi_do_dma_unavailable();
628 return;
629 }
630
631 dev = s->current->req->dev;
632 assert(dev);
633
634 count = s->dbc;
635 if (count > s->current->dma_len)
636 count = s->current->dma_len;
637
638 addr = s->dnad;
639
640 if (lsi_dma_40bit(s) || lsi_dma_ti64bit(s))
641 addr |= ((uint64_t)s->dnad64 << 32);
642 else if (s->dbms)
643 addr |= ((uint64_t)s->dbms << 32);
644 else if (s->sbms)
645 addr |= ((uint64_t)s->sbms << 32);
646
647 trace_lsi_do_dma(addr, count);
648 s->csbc += count;
649 s->dnad += count;
650 s->dbc -= count;
651 if (s->current->dma_buf == NULL) {
652 s->current->dma_buf = scsi_req_get_buf(s->current->req);
653 }
654
655 if (out) {
656 lsi_mem_read(s, addr, s->current->dma_buf, count);
657 } else {
658 lsi_mem_write(s, addr, s->current->dma_buf, count);
659 }
660 s->current->dma_len -= count;
661 if (s->current->dma_len == 0) {
662 s->current->dma_buf = NULL;
663 scsi_req_continue(s->current->req);
664 } else {
665 s->current->dma_buf += count;
666 lsi_resume_script(s);
667 }
668}
669
670
671
672static void lsi_queue_command(LSIState *s)
673{
674 lsi_request *p = s->current;
675
676 trace_lsi_queue_command(p->tag);
677 assert(s->current != NULL);
678 assert(s->current->dma_len == 0);
679 QTAILQ_INSERT_TAIL(&s->queue, s->current, next);
680 s->current = NULL;
681
682 p->pending = 0;
683 p->out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
684}
685
686
687static void lsi_add_msg_byte(LSIState *s, uint8_t data)
688{
689 if (s->msg_len >= LSI_MAX_MSGIN_LEN) {
690 trace_lsi_add_msg_byte_error();
691 } else {
692 trace_lsi_add_msg_byte(data);
693 s->msg[s->msg_len++] = data;
694 }
695}
696
697
698static void lsi_reselect(LSIState *s, lsi_request *p)
699{
700 int id;
701
702 assert(s->current == NULL);
703 QTAILQ_REMOVE(&s->queue, p, next);
704 s->current = p;
705
706 id = (p->tag >> 8) & 0xf;
707 s->ssid = id | 0x80;
708
709 if (!(s->dcntl & LSI_DCNTL_COM)) {
710 s->sfbr = 1 << (id & 0x7);
711 }
712 trace_lsi_reselect(id);
713 s->scntl1 |= LSI_SCNTL1_CON;
714 lsi_set_phase(s, PHASE_MI);
715 s->msg_action = p->out ? LSI_MSG_ACTION_DOUT : LSI_MSG_ACTION_DIN;
716 s->current->dma_len = p->pending;
717 lsi_add_msg_byte(s, 0x80);
718 if (s->current->tag & LSI_TAG_VALID) {
719 lsi_add_msg_byte(s, 0x20);
720 lsi_add_msg_byte(s, p->tag & 0xff);
721 }
722
723 if (lsi_irq_on_rsl(s)) {
724 lsi_script_scsi_interrupt(s, LSI_SIST0_RSL, 0);
725 }
726}
727
728static lsi_request *lsi_find_by_tag(LSIState *s, uint32_t tag)
729{
730 lsi_request *p;
731
732 QTAILQ_FOREACH(p, &s->queue, next) {
733 if (p->tag == tag) {
734 return p;
735 }
736 }
737
738 return NULL;
739}
740
741static void lsi_request_free(LSIState *s, lsi_request *p)
742{
743 if (p == s->current) {
744 s->current = NULL;
745 } else {
746 QTAILQ_REMOVE(&s->queue, p, next);
747 }
748 g_free(p);
749}
750
751static void lsi_request_cancelled(SCSIRequest *req)
752{
753 LSIState *s = LSI53C895A(req->bus->qbus.parent);
754 lsi_request *p = req->hba_private;
755
756 req->hba_private = NULL;
757 lsi_request_free(s, p);
758 scsi_req_unref(req);
759}
760
761
762
763static int lsi_queue_req(LSIState *s, SCSIRequest *req, uint32_t len)
764{
765 lsi_request *p = req->hba_private;
766
767 if (p->pending) {
768 trace_lsi_queue_req_error(p);
769 }
770 p->pending = len;
771
772
773
774
775
776 if (s->waiting == LSI_WAIT_RESELECT ||
777 (lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON) &&
778 !(s->istat0 & (LSI_ISTAT0_SIP | LSI_ISTAT0_DIP)))) {
779
780 lsi_reselect(s, p);
781 return 0;
782 } else {
783 trace_lsi_queue_req(p->tag);
784 p->pending = len;
785 return 1;
786 }
787}
788
789
790static void lsi_command_complete(SCSIRequest *req, uint32_t status, size_t resid)
791{
792 LSIState *s = LSI53C895A(req->bus->qbus.parent);
793 int out;
794
795 out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
796 trace_lsi_command_complete(status);
797 s->status = status;
798 s->command_complete = 2;
799 if (s->waiting && s->dbc != 0) {
800
801 lsi_bad_phase(s, out, PHASE_ST);
802 } else {
803 lsi_set_phase(s, PHASE_ST);
804 }
805
806 if (req->hba_private == s->current) {
807 req->hba_private = NULL;
808 lsi_request_free(s, s->current);
809 scsi_req_unref(req);
810 }
811 lsi_resume_script(s);
812}
813
814
815static void lsi_transfer_data(SCSIRequest *req, uint32_t len)
816{
817 LSIState *s = LSI53C895A(req->bus->qbus.parent);
818 int out;
819
820 assert(req->hba_private);
821 if (s->waiting == LSI_WAIT_RESELECT || req->hba_private != s->current ||
822 (lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON))) {
823 if (lsi_queue_req(s, req, len)) {
824 return;
825 }
826 }
827
828 out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
829
830
831 trace_lsi_transfer_data(req->tag, len);
832 s->current->dma_len = len;
833 s->command_complete = 1;
834 if (s->waiting) {
835 if (s->waiting == LSI_WAIT_RESELECT || s->dbc == 0) {
836 lsi_resume_script(s);
837 } else {
838 lsi_do_dma(s, out);
839 }
840 }
841}
842
843static void lsi_do_command(LSIState *s)
844{
845 SCSIDevice *dev;
846 uint8_t buf[16];
847 uint32_t id;
848 int n;
849
850 trace_lsi_do_command(s->dbc);
851 if (s->dbc > 16)
852 s->dbc = 16;
853 pci_dma_read(PCI_DEVICE(s), s->dnad, buf, s->dbc);
854 s->sfbr = buf[0];
855 s->command_complete = 0;
856
857 id = (s->select_tag >> 8) & 0xf;
858 dev = scsi_device_find(&s->bus, 0, id, s->current_lun);
859 if (!dev) {
860 lsi_bad_selection(s, id);
861 return;
862 }
863
864 assert(s->current == NULL);
865 s->current = g_new0(lsi_request, 1);
866 s->current->tag = s->select_tag;
867 s->current->req = scsi_req_new(dev, s->current->tag, s->current_lun, buf,
868 s->current);
869
870 n = scsi_req_enqueue(s->current->req);
871 if (n) {
872 if (n > 0) {
873 lsi_set_phase(s, PHASE_DI);
874 } else if (n < 0) {
875 lsi_set_phase(s, PHASE_DO);
876 }
877 scsi_req_continue(s->current->req);
878 }
879 if (!s->command_complete) {
880 if (n) {
881
882 lsi_add_msg_byte(s, 2);
883 lsi_add_msg_byte(s, 4);
884
885 lsi_set_phase(s, PHASE_MI);
886 s->msg_action = LSI_MSG_ACTION_DISCONNECT;
887 lsi_queue_command(s);
888 } else {
889
890 lsi_set_phase(s, PHASE_DI);
891 }
892 }
893}
894
895static void lsi_do_status(LSIState *s)
896{
897 uint8_t status;
898 trace_lsi_do_status(s->dbc, s->status);
899 if (s->dbc != 1) {
900 trace_lsi_do_status_error();
901 }
902 s->dbc = 1;
903 status = s->status;
904 s->sfbr = status;
905 pci_dma_write(PCI_DEVICE(s), s->dnad, &status, 1);
906 lsi_set_phase(s, PHASE_MI);
907 s->msg_action = LSI_MSG_ACTION_DISCONNECT;
908 lsi_add_msg_byte(s, 0);
909}
910
911static void lsi_do_msgin(LSIState *s)
912{
913 uint8_t len;
914 trace_lsi_do_msgin(s->dbc, s->msg_len);
915 s->sfbr = s->msg[0];
916 len = s->msg_len;
917 assert(len > 0 && len <= LSI_MAX_MSGIN_LEN);
918 if (len > s->dbc)
919 len = s->dbc;
920 pci_dma_write(PCI_DEVICE(s), s->dnad, s->msg, len);
921
922 s->sidl = s->msg[len - 1];
923 s->msg_len -= len;
924 if (s->msg_len) {
925 memmove(s->msg, s->msg + len, s->msg_len);
926 } else {
927
928
929 switch (s->msg_action) {
930 case LSI_MSG_ACTION_COMMAND:
931 lsi_set_phase(s, PHASE_CMD);
932 break;
933 case LSI_MSG_ACTION_DISCONNECT:
934 lsi_disconnect(s);
935 break;
936 case LSI_MSG_ACTION_DOUT:
937 lsi_set_phase(s, PHASE_DO);
938 break;
939 case LSI_MSG_ACTION_DIN:
940 lsi_set_phase(s, PHASE_DI);
941 break;
942 default:
943 abort();
944 }
945 }
946}
947
948
949static uint8_t lsi_get_msgbyte(LSIState *s)
950{
951 uint8_t data;
952 pci_dma_read(PCI_DEVICE(s), s->dnad, &data, 1);
953 s->dnad++;
954 s->dbc--;
955 return data;
956}
957
958
959static void lsi_skip_msgbytes(LSIState *s, unsigned int n)
960{
961 s->dnad += n;
962 s->dbc -= n;
963}
964
965static void lsi_do_msgout(LSIState *s)
966{
967 uint8_t msg;
968 int len;
969 uint32_t current_tag;
970 lsi_request *current_req, *p, *p_next;
971
972 if (s->current) {
973 current_tag = s->current->tag;
974 current_req = s->current;
975 } else {
976 current_tag = s->select_tag;
977 current_req = lsi_find_by_tag(s, current_tag);
978 }
979
980 trace_lsi_do_msgout(s->dbc);
981 while (s->dbc) {
982 msg = lsi_get_msgbyte(s);
983 s->sfbr = msg;
984
985 switch (msg) {
986 case 0x04:
987 trace_lsi_do_msgout_disconnect();
988 lsi_disconnect(s);
989 break;
990 case 0x08:
991 trace_lsi_do_msgout_noop();
992 lsi_set_phase(s, PHASE_CMD);
993 break;
994 case 0x01:
995 len = lsi_get_msgbyte(s);
996 msg = lsi_get_msgbyte(s);
997 (void)len;
998 trace_lsi_do_msgout_extended(msg, len);
999 switch (msg) {
1000 case 1:
1001 trace_lsi_do_msgout_ignored("SDTR");
1002 lsi_skip_msgbytes(s, 2);
1003 break;
1004 case 3:
1005 trace_lsi_do_msgout_ignored("WDTR");
1006 lsi_skip_msgbytes(s, 1);
1007 break;
1008 case 4:
1009 trace_lsi_do_msgout_ignored("PPR");
1010 lsi_skip_msgbytes(s, 5);
1011 break;
1012 default:
1013 goto bad;
1014 }
1015 break;
1016 case 0x20:
1017 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
1018 trace_lsi_do_msgout_simplequeue(s->select_tag & 0xff);
1019 break;
1020 case 0x21:
1021 qemu_log_mask(LOG_UNIMP, "lsi_scsi: HEAD queue not implemented\n");
1022 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
1023 break;
1024 case 0x22:
1025 qemu_log_mask(LOG_UNIMP,
1026 "lsi_scsi: ORDERED queue not implemented\n");
1027 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
1028 break;
1029 case 0x0d:
1030
1031 trace_lsi_do_msgout_abort(current_tag);
1032 if (current_req) {
1033 scsi_req_cancel(current_req->req);
1034 }
1035 lsi_disconnect(s);
1036 break;
1037 case 0x06:
1038 case 0x0e:
1039 case 0x0c:
1040
1041
1042 if (msg == 0x06) {
1043 trace_lsi_do_msgout_abort(current_tag);
1044 }
1045
1046
1047 if (msg == 0x0e) {
1048 trace_lsi_do_msgout_clearqueue(current_tag);
1049 }
1050
1051
1052 if (msg == 0x0c) {
1053 trace_lsi_do_msgout_busdevicereset(current_tag);
1054 }
1055
1056
1057 if (s->current) {
1058 scsi_req_cancel(s->current->req);
1059 }
1060
1061
1062
1063
1064
1065
1066
1067
1068 QTAILQ_FOREACH_SAFE(p, &s->queue, next, p_next) {
1069 if ((p->tag & 0x0000ff00) == (current_tag & 0x0000ff00)) {
1070 scsi_req_cancel(p->req);
1071 }
1072 }
1073
1074 lsi_disconnect(s);
1075 break;
1076 default:
1077 if ((msg & 0x80) == 0) {
1078 goto bad;
1079 }
1080 s->current_lun = msg & 7;
1081 trace_lsi_do_msgout_select(s->current_lun);
1082 lsi_set_phase(s, PHASE_CMD);
1083 break;
1084 }
1085 }
1086 return;
1087bad:
1088 qemu_log_mask(LOG_UNIMP, "Unimplemented message 0x%02x\n", msg);
1089 lsi_set_phase(s, PHASE_MI);
1090 lsi_add_msg_byte(s, 7);
1091 s->msg_action = LSI_MSG_ACTION_COMMAND;
1092}
1093
1094#define LSI_BUF_SIZE 4096
1095static void lsi_memcpy(LSIState *s, uint32_t dest, uint32_t src, int count)
1096{
1097 int n;
1098 uint8_t buf[LSI_BUF_SIZE];
1099
1100 trace_lsi_memcpy(dest, src, count);
1101 while (count) {
1102 n = (count > LSI_BUF_SIZE) ? LSI_BUF_SIZE : count;
1103 lsi_mem_read(s, src, buf, n);
1104 lsi_mem_write(s, dest, buf, n);
1105 src += n;
1106 dest += n;
1107 count -= n;
1108 }
1109}
1110
1111static void lsi_wait_reselect(LSIState *s)
1112{
1113 lsi_request *p;
1114
1115 trace_lsi_wait_reselect();
1116
1117 if (s->current) {
1118 return;
1119 }
1120 p = get_pending_req(s);
1121 if (p) {
1122 lsi_reselect(s, p);
1123 }
1124 if (s->current == NULL) {
1125 s->waiting = LSI_WAIT_RESELECT;
1126 }
1127}
1128
1129static void lsi_execute_script(LSIState *s)
1130{
1131 PCIDevice *pci_dev = PCI_DEVICE(s);
1132 uint32_t insn;
1133 uint32_t addr, addr_high;
1134 int opcode;
1135 int insn_processed = 0;
1136
1137 s->istat1 |= LSI_ISTAT1_SRUN;
1138again:
1139 if (++insn_processed > LSI_MAX_INSN) {
1140
1141
1142
1143
1144
1145 if (!(s->sien0 & LSI_SIST0_UDC)) {
1146 qemu_log_mask(LOG_GUEST_ERROR,
1147 "lsi_scsi: inf. loop with UDC masked");
1148 }
1149 lsi_script_scsi_interrupt(s, LSI_SIST0_UDC, 0);
1150 lsi_disconnect(s);
1151 trace_lsi_execute_script_stop();
1152 return;
1153 }
1154 insn = read_dword(s, s->dsp);
1155 if (!insn) {
1156
1157
1158 s->dsp += 4;
1159 goto again;
1160 }
1161 addr = read_dword(s, s->dsp + 4);
1162 addr_high = 0;
1163 trace_lsi_execute_script(s->dsp, insn, addr);
1164 s->dsps = addr;
1165 s->dcmd = insn >> 24;
1166 s->dsp += 8;
1167 switch (insn >> 30) {
1168 case 0:
1169 if (s->sist1 & LSI_SIST1_STO) {
1170 trace_lsi_execute_script_blockmove_delayed();
1171 lsi_stop_script(s);
1172 break;
1173 }
1174 s->dbc = insn & 0xffffff;
1175 s->rbc = s->dbc;
1176
1177 s->ia = s->dsp - 8;
1178 if (insn & (1 << 29)) {
1179
1180 addr = read_dword(s, addr);
1181 } else if (insn & (1 << 28)) {
1182 uint32_t buf[2];
1183 int32_t offset;
1184
1185
1186
1187 offset = sextract32(addr, 0, 24);
1188 pci_dma_read(pci_dev, s->dsa + offset, buf, 8);
1189
1190 s->dbc = cpu_to_le32(buf[0]) & 0xffffff;
1191 s->rbc = s->dbc;
1192 addr = cpu_to_le32(buf[1]);
1193
1194
1195
1196 if (lsi_dma_40bit(s))
1197 addr_high = cpu_to_le32(buf[0]) >> 24;
1198 else if (lsi_dma_ti64bit(s)) {
1199 int selector = (cpu_to_le32(buf[0]) >> 24) & 0x1f;
1200 switch (selector) {
1201 case 0 ... 0x0f:
1202
1203
1204 addr_high = s->scratch[2 + selector];
1205 break;
1206 case 0x10:
1207 addr_high = s->mmrs;
1208 break;
1209 case 0x11:
1210 addr_high = s->mmws;
1211 break;
1212 case 0x12:
1213 addr_high = s->sfs;
1214 break;
1215 case 0x13:
1216 addr_high = s->drs;
1217 break;
1218 case 0x14:
1219 addr_high = s->sbms;
1220 break;
1221 case 0x15:
1222 addr_high = s->dbms;
1223 break;
1224 default:
1225 qemu_log_mask(LOG_GUEST_ERROR,
1226 "lsi_scsi: Illegal selector specified (0x%x > 0x15) "
1227 "for 64-bit DMA block move", selector);
1228 break;
1229 }
1230 }
1231 } else if (lsi_dma_64bit(s)) {
1232
1233
1234 s->dbms = read_dword(s, s->dsp);
1235 s->dsp += 4;
1236 s->ia = s->dsp - 12;
1237 }
1238 if ((s->sstat1 & PHASE_MASK) != ((insn >> 24) & 7)) {
1239 trace_lsi_execute_script_blockmove_badphase(
1240 scsi_phase_name(s->sstat1),
1241 scsi_phase_name(insn >> 24));
1242 lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
1243 break;
1244 }
1245 s->dnad = addr;
1246 s->dnad64 = addr_high;
1247 switch (s->sstat1 & 0x7) {
1248 case PHASE_DO:
1249 s->waiting = LSI_DMA_SCRIPTS;
1250 lsi_do_dma(s, 1);
1251 if (s->waiting)
1252 s->waiting = LSI_DMA_IN_PROGRESS;
1253 break;
1254 case PHASE_DI:
1255 s->waiting = LSI_DMA_SCRIPTS;
1256 lsi_do_dma(s, 0);
1257 if (s->waiting)
1258 s->waiting = LSI_DMA_IN_PROGRESS;
1259 break;
1260 case PHASE_CMD:
1261 lsi_do_command(s);
1262 break;
1263 case PHASE_ST:
1264 lsi_do_status(s);
1265 break;
1266 case PHASE_MO:
1267 lsi_do_msgout(s);
1268 break;
1269 case PHASE_MI:
1270 lsi_do_msgin(s);
1271 break;
1272 default:
1273 qemu_log_mask(LOG_UNIMP, "lsi_scsi: Unimplemented phase %s\n",
1274 scsi_phase_name(s->sstat1));
1275 }
1276 s->dfifo = s->dbc & 0xff;
1277 s->ctest5 = (s->ctest5 & 0xfc) | ((s->dbc >> 8) & 3);
1278 s->sbc = s->dbc;
1279 s->rbc -= s->dbc;
1280 s->ua = addr + s->dbc;
1281 break;
1282
1283 case 1:
1284 opcode = (insn >> 27) & 7;
1285 if (opcode < 5) {
1286 uint32_t id;
1287
1288 if (insn & (1 << 25)) {
1289 id = read_dword(s, s->dsa + sextract32(insn, 0, 24));
1290 } else {
1291 id = insn;
1292 }
1293 id = (id >> 16) & 0xf;
1294 if (insn & (1 << 26)) {
1295 addr = s->dsp + sextract32(addr, 0, 24);
1296 }
1297 s->dnad = addr;
1298 switch (opcode) {
1299 case 0:
1300 s->sdid = id;
1301 if (s->scntl1 & LSI_SCNTL1_CON) {
1302 trace_lsi_execute_script_io_alreadyreselected();
1303 s->dsp = s->dnad;
1304 break;
1305 }
1306 s->sstat0 |= LSI_SSTAT0_WOA;
1307 s->scntl1 &= ~LSI_SCNTL1_IARB;
1308 if (!scsi_device_find(&s->bus, 0, id, 0)) {
1309 lsi_bad_selection(s, id);
1310 break;
1311 }
1312 trace_lsi_execute_script_io_selected(id,
1313 insn & (1 << 3) ? " ATN" : "");
1314
1315
1316
1317 s->select_tag = id << 8;
1318 s->scntl1 |= LSI_SCNTL1_CON;
1319 if (insn & (1 << 3)) {
1320 s->socl |= LSI_SOCL_ATN;
1321 s->sbcl |= LSI_SBCL_ATN;
1322 }
1323 s->sbcl |= LSI_SBCL_BSY;
1324 lsi_set_phase(s, PHASE_MO);
1325 s->waiting = LSI_NOWAIT;
1326 break;
1327 case 1:
1328 trace_lsi_execute_script_io_disconnect();
1329 s->scntl1 &= ~LSI_SCNTL1_CON;
1330
1331
1332
1333
1334
1335
1336 if (!s->current) {
1337 lsi_request *p = get_pending_req(s);
1338 if (p) {
1339 lsi_reselect(s, p);
1340 }
1341 }
1342 break;
1343 case 2:
1344 if (s->istat0 & LSI_ISTAT0_SIGP) {
1345 s->dsp = s->dnad;
1346 } else if (!lsi_irq_on_rsl(s)) {
1347 lsi_wait_reselect(s);
1348 }
1349 break;
1350 case 3:
1351 trace_lsi_execute_script_io_set(
1352 insn & (1 << 3) ? " ATN" : "",
1353 insn & (1 << 6) ? " ACK" : "",
1354 insn & (1 << 9) ? " TM" : "",
1355 insn & (1 << 10) ? " CC" : "");
1356 if (insn & (1 << 3)) {
1357 s->socl |= LSI_SOCL_ATN;
1358 s->sbcl |= LSI_SBCL_ATN;
1359 lsi_set_phase(s, PHASE_MO);
1360 }
1361
1362 if (insn & (1 << 6)) {
1363 s->sbcl |= LSI_SBCL_ACK;
1364 }
1365
1366 if (insn & (1 << 9)) {
1367 qemu_log_mask(LOG_UNIMP,
1368 "lsi_scsi: Target mode not implemented\n");
1369 }
1370 if (insn & (1 << 10))
1371 s->carry = 1;
1372 break;
1373 case 4:
1374 trace_lsi_execute_script_io_clear(
1375 insn & (1 << 3) ? " ATN" : "",
1376 insn & (1 << 6) ? " ACK" : "",
1377 insn & (1 << 9) ? " TM" : "",
1378 insn & (1 << 10) ? " CC" : "");
1379 if (insn & (1 << 3)) {
1380 s->socl &= ~LSI_SOCL_ATN;
1381 s->sbcl &= ~LSI_SBCL_ATN;
1382 }
1383
1384 if (insn & (1 << 6)) {
1385 s->sbcl &= ~LSI_SBCL_ACK;
1386 }
1387
1388 if (insn & (1 << 10))
1389 s->carry = 0;
1390 break;
1391 }
1392 } else {
1393 uint8_t op0;
1394 uint8_t op1;
1395 uint8_t data8;
1396 int reg;
1397 int operator;
1398
1399 static const char *opcode_names[3] =
1400 {"Write", "Read", "Read-Modify-Write"};
1401 static const char *operator_names[8] =
1402 {"MOV", "SHL", "OR", "XOR", "AND", "SHR", "ADD", "ADC"};
1403
1404 reg = ((insn >> 16) & 0x7f) | (insn & 0x80);
1405 data8 = (insn >> 8) & 0xff;
1406 opcode = (insn >> 27) & 7;
1407 operator = (insn >> 24) & 7;
1408 trace_lsi_execute_script_io_opcode(
1409 opcode_names[opcode - 5], reg,
1410 operator_names[operator], data8, s->sfbr,
1411 (insn & (1 << 23)) ? " SFBR" : "");
1412 op0 = op1 = 0;
1413 switch (opcode) {
1414 case 5:
1415 op0 = s->sfbr;
1416 op1 = data8;
1417 break;
1418 case 6:
1419 if (operator)
1420 op0 = lsi_reg_readb(s, reg);
1421 op1 = data8;
1422 break;
1423 case 7:
1424 if (operator)
1425 op0 = lsi_reg_readb(s, reg);
1426 if (insn & (1 << 23)) {
1427 op1 = s->sfbr;
1428 } else {
1429 op1 = data8;
1430 }
1431 break;
1432 }
1433
1434 switch (operator) {
1435 case 0:
1436 op0 = op1;
1437 break;
1438 case 1:
1439 op1 = op0 >> 7;
1440 op0 = (op0 << 1) | s->carry;
1441 s->carry = op1;
1442 break;
1443 case 2:
1444 op0 |= op1;
1445 break;
1446 case 3:
1447 op0 ^= op1;
1448 break;
1449 case 4:
1450 op0 &= op1;
1451 break;
1452 case 5:
1453 op1 = op0 & 1;
1454 op0 = (op0 >> 1) | (s->carry << 7);
1455 s->carry = op1;
1456 break;
1457 case 6:
1458 op0 += op1;
1459 s->carry = op0 < op1;
1460 break;
1461 case 7:
1462 op0 += op1 + s->carry;
1463 if (s->carry)
1464 s->carry = op0 <= op1;
1465 else
1466 s->carry = op0 < op1;
1467 break;
1468 }
1469
1470 switch (opcode) {
1471 case 5:
1472 case 7:
1473 lsi_reg_writeb(s, reg, op0);
1474 break;
1475 case 6:
1476 s->sfbr = op0;
1477 break;
1478 }
1479 }
1480 break;
1481
1482 case 2:
1483 {
1484 int cond;
1485 int jmp;
1486
1487 if ((insn & 0x002e0000) == 0) {
1488 trace_lsi_execute_script_tc_nop();
1489 break;
1490 }
1491 if (s->sist1 & LSI_SIST1_STO) {
1492 trace_lsi_execute_script_tc_delayedselect_timeout();
1493 lsi_stop_script(s);
1494 break;
1495 }
1496 cond = jmp = (insn & (1 << 19)) != 0;
1497 if (cond == jmp && (insn & (1 << 21))) {
1498 trace_lsi_execute_script_tc_compc(s->carry == jmp);
1499 cond = s->carry != 0;
1500 }
1501 if (cond == jmp && (insn & (1 << 17))) {
1502 trace_lsi_execute_script_tc_compp(scsi_phase_name(s->sstat1),
1503 jmp ? '=' : '!', scsi_phase_name(insn >> 24));
1504 cond = (s->sstat1 & PHASE_MASK) == ((insn >> 24) & 7);
1505 }
1506 if (cond == jmp && (insn & (1 << 18))) {
1507 uint8_t mask;
1508
1509 mask = (~insn >> 8) & 0xff;
1510 trace_lsi_execute_script_tc_compd(
1511 s->sfbr, mask, jmp ? '=' : '!', insn & mask);
1512 cond = (s->sfbr & mask) == (insn & mask);
1513 }
1514 if (cond == jmp) {
1515 if (insn & (1 << 23)) {
1516
1517 addr = s->dsp + sextract32(addr, 0, 24);
1518 }
1519 switch ((insn >> 27) & 7) {
1520 case 0:
1521 trace_lsi_execute_script_tc_jump(addr);
1522 s->adder = addr;
1523 s->dsp = addr;
1524 break;
1525 case 1:
1526 trace_lsi_execute_script_tc_call(addr);
1527 s->temp = s->dsp;
1528 s->dsp = addr;
1529 break;
1530 case 2:
1531 trace_lsi_execute_script_tc_return(s->temp);
1532 s->dsp = s->temp;
1533 break;
1534 case 3:
1535 trace_lsi_execute_script_tc_interrupt(s->dsps);
1536 if ((insn & (1 << 20)) != 0) {
1537 s->istat0 |= LSI_ISTAT0_INTF;
1538 lsi_update_irq(s);
1539 } else {
1540 lsi_script_dma_interrupt(s, LSI_DSTAT_SIR);
1541 }
1542 break;
1543 default:
1544 trace_lsi_execute_script_tc_illegal();
1545 lsi_script_dma_interrupt(s, LSI_DSTAT_IID);
1546 break;
1547 }
1548 } else {
1549 trace_lsi_execute_script_tc_cc_failed();
1550 }
1551 }
1552 break;
1553
1554 case 3:
1555 if ((insn & (1 << 29)) == 0) {
1556
1557 uint32_t dest;
1558
1559
1560
1561 dest = read_dword(s, s->dsp);
1562 s->dsp += 4;
1563 lsi_memcpy(s, dest, addr, insn & 0xffffff);
1564 } else {
1565 uint8_t data[7];
1566 int reg;
1567 int n;
1568 int i;
1569
1570 if (insn & (1 << 28)) {
1571 addr = s->dsa + sextract32(addr, 0, 24);
1572 }
1573 n = (insn & 7);
1574 reg = (insn >> 16) & 0xff;
1575 if (insn & (1 << 24)) {
1576 pci_dma_read(pci_dev, addr, data, n);
1577 trace_lsi_execute_script_mm_load(reg, n, addr, *(int *)data);
1578 for (i = 0; i < n; i++) {
1579 lsi_reg_writeb(s, reg + i, data[i]);
1580 }
1581 } else {
1582 trace_lsi_execute_script_mm_store(reg, n, addr);
1583 for (i = 0; i < n; i++) {
1584 data[i] = lsi_reg_readb(s, reg + i);
1585 }
1586 pci_dma_write(pci_dev, addr, data, n);
1587 }
1588 }
1589 }
1590 if (s->istat1 & LSI_ISTAT1_SRUN && s->waiting == LSI_NOWAIT) {
1591 if (s->dcntl & LSI_DCNTL_SSM) {
1592 lsi_script_dma_interrupt(s, LSI_DSTAT_SSI);
1593 } else {
1594 goto again;
1595 }
1596 }
1597 trace_lsi_execute_script_stop();
1598}
1599
1600static uint8_t lsi_reg_readb(LSIState *s, int offset)
1601{
1602 uint8_t ret;
1603
1604#define CASE_GET_REG24(name, addr) \
1605 case addr: ret = s->name & 0xff; break; \
1606 case addr + 1: ret = (s->name >> 8) & 0xff; break; \
1607 case addr + 2: ret = (s->name >> 16) & 0xff; break;
1608
1609#define CASE_GET_REG32(name, addr) \
1610 case addr: ret = s->name & 0xff; break; \
1611 case addr + 1: ret = (s->name >> 8) & 0xff; break; \
1612 case addr + 2: ret = (s->name >> 16) & 0xff; break; \
1613 case addr + 3: ret = (s->name >> 24) & 0xff; break;
1614
1615 switch (offset) {
1616 case 0x00:
1617 ret = s->scntl0;
1618 break;
1619 case 0x01:
1620 ret = s->scntl1;
1621 break;
1622 case 0x02:
1623 ret = s->scntl2;
1624 break;
1625 case 0x03:
1626 ret = s->scntl3;
1627 break;
1628 case 0x04:
1629 ret = s->scid;
1630 break;
1631 case 0x05:
1632 ret = s->sxfer;
1633 break;
1634 case 0x06:
1635 ret = s->sdid;
1636 break;
1637 case 0x07:
1638 ret = 0x7f;
1639 break;
1640 case 0x08:
1641 ret = 0x00;
1642 break;
1643 case 0x09:
1644 ret = s->socl;
1645 break;
1646 case 0xa:
1647 ret = s->ssid;
1648 break;
1649 case 0xb:
1650 ret = s->sbcl;
1651 break;
1652 case 0xc:
1653 ret = s->dstat | LSI_DSTAT_DFE;
1654 if ((s->istat0 & LSI_ISTAT0_INTF) == 0)
1655 s->dstat = 0;
1656 lsi_update_irq(s);
1657 break;
1658 case 0x0d:
1659 ret = s->sstat0;
1660 break;
1661 case 0x0e:
1662 ret = s->sstat1;
1663 break;
1664 case 0x0f:
1665 ret = s->scntl1 & LSI_SCNTL1_CON ? 0 : 2;
1666 break;
1667 CASE_GET_REG32(dsa, 0x10)
1668 case 0x14:
1669 ret = s->istat0;
1670 break;
1671 case 0x15:
1672 ret = s->istat1;
1673 break;
1674 case 0x16:
1675 ret = s->mbox0;
1676 break;
1677 case 0x17:
1678 ret = s->mbox1;
1679 break;
1680 case 0x18:
1681 ret = 0xff;
1682 break;
1683 case 0x19:
1684 ret = 0;
1685 break;
1686 case 0x1a:
1687 ret = s->ctest2 | LSI_CTEST2_DACK | LSI_CTEST2_CM;
1688 if (s->istat0 & LSI_ISTAT0_SIGP) {
1689 s->istat0 &= ~LSI_ISTAT0_SIGP;
1690 ret |= LSI_CTEST2_SIGP;
1691 }
1692 break;
1693 case 0x1b:
1694 ret = s->ctest3;
1695 break;
1696 CASE_GET_REG32(temp, 0x1c)
1697 case 0x20:
1698 ret = s->dfifo;
1699 break;
1700 case 0x21:
1701 ret = s->ctest4;
1702 break;
1703 case 0x22:
1704 ret = s->ctest5;
1705 break;
1706 case 0x23:
1707 ret = 0;
1708 break;
1709 CASE_GET_REG24(dbc, 0x24)
1710 case 0x27:
1711 ret = s->dcmd;
1712 break;
1713 CASE_GET_REG32(dnad, 0x28)
1714 CASE_GET_REG32(dsp, 0x2c)
1715 CASE_GET_REG32(dsps, 0x30)
1716 CASE_GET_REG32(scratch[0], 0x34)
1717 case 0x38:
1718 ret = s->dmode;
1719 break;
1720 case 0x39:
1721 ret = s->dien;
1722 break;
1723 case 0x3a:
1724 ret = s->sbr;
1725 break;
1726 case 0x3b:
1727 ret = s->dcntl;
1728 break;
1729
1730 CASE_GET_REG32(adder, 0x3c)
1731 case 0x40:
1732 ret = s->sien0;
1733 break;
1734 case 0x41:
1735 ret = s->sien1;
1736 break;
1737 case 0x42:
1738 ret = s->sist0;
1739 s->sist0 = 0;
1740 lsi_update_irq(s);
1741 break;
1742 case 0x43:
1743 ret = s->sist1;
1744 s->sist1 = 0;
1745 lsi_update_irq(s);
1746 break;
1747 case 0x46:
1748 ret = 0x0f;
1749 break;
1750 case 0x47:
1751 ret = 0x0f;
1752 break;
1753 case 0x48:
1754 ret = s->stime0;
1755 break;
1756 case 0x4a:
1757 ret = s->respid0;
1758 break;
1759 case 0x4b:
1760 ret = s->respid1;
1761 break;
1762 case 0x4d:
1763 ret = s->stest1;
1764 break;
1765 case 0x4e:
1766 ret = s->stest2;
1767 break;
1768 case 0x4f:
1769 ret = s->stest3;
1770 break;
1771 case 0x50:
1772
1773
1774 ret = s->sidl;
1775 break;
1776 case 0x52:
1777 ret = 0xe0;
1778 break;
1779 case 0x56:
1780 ret = s->ccntl0;
1781 break;
1782 case 0x57:
1783 ret = s->ccntl1;
1784 break;
1785 case 0x58:
1786
1787 if ((s->sstat1 & PHASE_MASK) == PHASE_MI) {
1788 assert(s->msg_len > 0);
1789 return s->msg[0];
1790 }
1791 ret = 0;
1792 break;
1793 case 0x59:
1794 ret = 0;
1795 break;
1796 CASE_GET_REG32(mmrs, 0xa0)
1797 CASE_GET_REG32(mmws, 0xa4)
1798 CASE_GET_REG32(sfs, 0xa8)
1799 CASE_GET_REG32(drs, 0xac)
1800 CASE_GET_REG32(sbms, 0xb0)
1801 CASE_GET_REG32(dbms, 0xb4)
1802 CASE_GET_REG32(dnad64, 0xb8)
1803 CASE_GET_REG32(pmjad1, 0xc0)
1804 CASE_GET_REG32(pmjad2, 0xc4)
1805 CASE_GET_REG32(rbc, 0xc8)
1806 CASE_GET_REG32(ua, 0xcc)
1807 CASE_GET_REG32(ia, 0xd4)
1808 CASE_GET_REG32(sbc, 0xd8)
1809 CASE_GET_REG32(csbc, 0xdc)
1810 case 0x5c ... 0x9f:
1811 {
1812 int n;
1813 int shift;
1814 n = (offset - 0x58) >> 2;
1815 shift = (offset & 3) * 8;
1816 ret = (s->scratch[n] >> shift) & 0xff;
1817 break;
1818 }
1819 default:
1820 {
1821 qemu_log_mask(LOG_GUEST_ERROR,
1822 "lsi_scsi: invalid read from reg %s %x\n",
1823 offset < ARRAY_SIZE(names) ? names[offset] : "???",
1824 offset);
1825 ret = 0xff;
1826 break;
1827 }
1828 }
1829#undef CASE_GET_REG24
1830#undef CASE_GET_REG32
1831
1832 trace_lsi_reg_read(offset < ARRAY_SIZE(names) ? names[offset] : "???",
1833 offset, ret);
1834
1835 return ret;
1836}
1837
1838static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val)
1839{
1840#define CASE_SET_REG24(name, addr) \
1841 case addr : s->name &= 0xffffff00; s->name |= val; break; \
1842 case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \
1843 case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break;
1844
1845#define CASE_SET_REG32(name, addr) \
1846 case addr : s->name &= 0xffffff00; s->name |= val; break; \
1847 case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \
1848 case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break; \
1849 case addr + 3: s->name &= 0x00ffffff; s->name |= val << 24; break;
1850
1851 trace_lsi_reg_write(offset < ARRAY_SIZE(names) ? names[offset] : "???",
1852 offset, val);
1853
1854 switch (offset) {
1855 case 0x00:
1856 s->scntl0 = val;
1857 if (val & LSI_SCNTL0_START) {
1858 qemu_log_mask(LOG_UNIMP,
1859 "lsi_scsi: Start sequence not implemented\n");
1860 }
1861 break;
1862 case 0x01:
1863 s->scntl1 = val & ~LSI_SCNTL1_SST;
1864 if (val & LSI_SCNTL1_IARB) {
1865 qemu_log_mask(LOG_UNIMP,
1866 "lsi_scsi: Immediate Arbritration not implemented\n");
1867 }
1868 if (val & LSI_SCNTL1_RST) {
1869 if (!(s->sstat0 & LSI_SSTAT0_RST)) {
1870 qbus_reset_all(BUS(&s->bus));
1871 s->sstat0 |= LSI_SSTAT0_RST;
1872 lsi_script_scsi_interrupt(s, LSI_SIST0_RST, 0);
1873 }
1874 } else {
1875 s->sstat0 &= ~LSI_SSTAT0_RST;
1876 }
1877 break;
1878 case 0x02:
1879 val &= ~(LSI_SCNTL2_WSR | LSI_SCNTL2_WSS);
1880 s->scntl2 = val;
1881 break;
1882 case 0x03:
1883 s->scntl3 = val;
1884 break;
1885 case 0x04:
1886 s->scid = val;
1887 break;
1888 case 0x05:
1889 s->sxfer = val;
1890 break;
1891 case 0x06:
1892 if ((s->ssid & 0x80) && (val & 0xf) != (s->ssid & 0xf)) {
1893 qemu_log_mask(LOG_GUEST_ERROR,
1894 "lsi_scsi: Destination ID does not match SSID\n");
1895 }
1896 s->sdid = val & 0xf;
1897 break;
1898 case 0x07:
1899 break;
1900 case 0x08:
1901
1902
1903 s->sfbr = val;
1904 break;
1905 case 0x0a: case 0x0b:
1906
1907 return;
1908 case 0x0c: case 0x0d: case 0x0e: case 0x0f:
1909
1910 return;
1911 CASE_SET_REG32(dsa, 0x10)
1912 case 0x14:
1913 s->istat0 = (s->istat0 & 0x0f) | (val & 0xf0);
1914 if (val & LSI_ISTAT0_ABRT) {
1915 lsi_script_dma_interrupt(s, LSI_DSTAT_ABRT);
1916 }
1917 if (val & LSI_ISTAT0_INTF) {
1918 s->istat0 &= ~LSI_ISTAT0_INTF;
1919 lsi_update_irq(s);
1920 }
1921 if (s->waiting == LSI_WAIT_RESELECT && val & LSI_ISTAT0_SIGP) {
1922 trace_lsi_awoken();
1923 s->waiting = LSI_NOWAIT;
1924 s->dsp = s->dnad;
1925 lsi_execute_script(s);
1926 }
1927 if (val & LSI_ISTAT0_SRST) {
1928 qdev_reset_all(DEVICE(s));
1929 }
1930 break;
1931 case 0x16:
1932 s->mbox0 = val;
1933 break;
1934 case 0x17:
1935 s->mbox1 = val;
1936 break;
1937 case 0x18:
1938
1939 break;
1940 case 0x1a:
1941 s->ctest2 = val & LSI_CTEST2_PCICIE;
1942 break;
1943 case 0x1b:
1944 s->ctest3 = val & 0x0f;
1945 break;
1946 CASE_SET_REG32(temp, 0x1c)
1947 case 0x21:
1948 if (val & 7) {
1949 qemu_log_mask(LOG_UNIMP,
1950 "lsi_scsi: Unimplemented CTEST4-FBL 0x%x\n", val);
1951 }
1952 s->ctest4 = val;
1953 break;
1954 case 0x22:
1955 if (val & (LSI_CTEST5_ADCK | LSI_CTEST5_BBCK)) {
1956 qemu_log_mask(LOG_UNIMP,
1957 "lsi_scsi: CTEST5 DMA increment not implemented\n");
1958 }
1959 s->ctest5 = val;
1960 break;
1961 CASE_SET_REG24(dbc, 0x24)
1962 CASE_SET_REG32(dnad, 0x28)
1963 case 0x2c:
1964 s->dsp &= 0xffffff00;
1965 s->dsp |= val;
1966 break;
1967 case 0x2d:
1968 s->dsp &= 0xffff00ff;
1969 s->dsp |= val << 8;
1970 break;
1971 case 0x2e:
1972 s->dsp &= 0xff00ffff;
1973 s->dsp |= val << 16;
1974 break;
1975 case 0x2f:
1976 s->dsp &= 0x00ffffff;
1977 s->dsp |= val << 24;
1978
1979
1980
1981
1982 if ((s->dmode & LSI_DMODE_MAN) == 0
1983 && (s->istat1 & LSI_ISTAT1_SRUN) == 0)
1984 lsi_execute_script(s);
1985 break;
1986 CASE_SET_REG32(dsps, 0x30)
1987 CASE_SET_REG32(scratch[0], 0x34)
1988 case 0x38:
1989 s->dmode = val;
1990 break;
1991 case 0x39:
1992 s->dien = val;
1993 lsi_update_irq(s);
1994 break;
1995 case 0x3a:
1996 s->sbr = val;
1997 break;
1998 case 0x3b:
1999 s->dcntl = val & ~(LSI_DCNTL_PFF | LSI_DCNTL_STD);
2000
2001
2002
2003
2004 if ((val & LSI_DCNTL_STD) && (s->istat1 & LSI_ISTAT1_SRUN) == 0)
2005 lsi_execute_script(s);
2006 break;
2007 case 0x40:
2008 s->sien0 = val;
2009 lsi_update_irq(s);
2010 break;
2011 case 0x41:
2012 s->sien1 = val;
2013 lsi_update_irq(s);
2014 break;
2015 case 0x47:
2016 break;
2017 case 0x48:
2018 s->stime0 = val;
2019 break;
2020 case 0x49:
2021 if (val & 0xf) {
2022 qemu_log_mask(LOG_UNIMP,
2023 "lsi_scsi: General purpose timer not implemented\n");
2024
2025
2026 lsi_script_scsi_interrupt(s, 0, LSI_SIST1_GEN);
2027 }
2028 break;
2029 case 0x4a:
2030 s->respid0 = val;
2031 break;
2032 case 0x4b:
2033 s->respid1 = val;
2034 break;
2035 case 0x4d:
2036 s->stest1 = val;
2037 break;
2038 case 0x4e:
2039 if (val & 1) {
2040 qemu_log_mask(LOG_UNIMP,
2041 "lsi_scsi: Low level mode not implemented\n");
2042 }
2043 s->stest2 = val;
2044 break;
2045 case 0x4f:
2046 if (val & 0x41) {
2047 qemu_log_mask(LOG_UNIMP,
2048 "lsi_scsi: SCSI FIFO test mode not implemented\n");
2049 }
2050 s->stest3 = val;
2051 break;
2052 case 0x56:
2053 s->ccntl0 = val;
2054 break;
2055 case 0x57:
2056 s->ccntl1 = val;
2057 break;
2058 CASE_SET_REG32(mmrs, 0xa0)
2059 CASE_SET_REG32(mmws, 0xa4)
2060 CASE_SET_REG32(sfs, 0xa8)
2061 CASE_SET_REG32(drs, 0xac)
2062 CASE_SET_REG32(sbms, 0xb0)
2063 CASE_SET_REG32(dbms, 0xb4)
2064 CASE_SET_REG32(dnad64, 0xb8)
2065 CASE_SET_REG32(pmjad1, 0xc0)
2066 CASE_SET_REG32(pmjad2, 0xc4)
2067 CASE_SET_REG32(rbc, 0xc8)
2068 CASE_SET_REG32(ua, 0xcc)
2069 CASE_SET_REG32(ia, 0xd4)
2070 CASE_SET_REG32(sbc, 0xd8)
2071 CASE_SET_REG32(csbc, 0xdc)
2072 default:
2073 if (offset >= 0x5c && offset < 0xa0) {
2074 int n;
2075 int shift;
2076 n = (offset - 0x58) >> 2;
2077 shift = (offset & 3) * 8;
2078 s->scratch[n] = deposit32(s->scratch[n], shift, 8, val);
2079 } else {
2080 qemu_log_mask(LOG_GUEST_ERROR,
2081 "lsi_scsi: invalid write to reg %s %x (0x%02x)\n",
2082 offset < ARRAY_SIZE(names) ? names[offset] : "???",
2083 offset, val);
2084 }
2085 }
2086#undef CASE_SET_REG24
2087#undef CASE_SET_REG32
2088}
2089
2090static void lsi_mmio_write(void *opaque, hwaddr addr,
2091 uint64_t val, unsigned size)
2092{
2093 LSIState *s = opaque;
2094
2095 lsi_reg_writeb(s, addr & 0xff, val);
2096}
2097
2098static uint64_t lsi_mmio_read(void *opaque, hwaddr addr,
2099 unsigned size)
2100{
2101 LSIState *s = opaque;
2102 return lsi_reg_readb(s, addr & 0xff);
2103}
2104
2105static const MemoryRegionOps lsi_mmio_ops = {
2106 .read = lsi_mmio_read,
2107 .write = lsi_mmio_write,
2108 .endianness = DEVICE_LITTLE_ENDIAN,
2109 .impl = {
2110 .min_access_size = 1,
2111 .max_access_size = 1,
2112 },
2113};
2114
2115static void lsi_ram_write(void *opaque, hwaddr addr,
2116 uint64_t val, unsigned size)
2117{
2118 LSIState *s = opaque;
2119 stn_le_p(s->script_ram + addr, size, val);
2120}
2121
2122static uint64_t lsi_ram_read(void *opaque, hwaddr addr,
2123 unsigned size)
2124{
2125 LSIState *s = opaque;
2126 return ldn_le_p(s->script_ram + addr, size);
2127}
2128
2129static const MemoryRegionOps lsi_ram_ops = {
2130 .read = lsi_ram_read,
2131 .write = lsi_ram_write,
2132 .endianness = DEVICE_LITTLE_ENDIAN,
2133};
2134
2135static uint64_t lsi_io_read(void *opaque, hwaddr addr,
2136 unsigned size)
2137{
2138 LSIState *s = opaque;
2139 return lsi_reg_readb(s, addr & 0xff);
2140}
2141
2142static void lsi_io_write(void *opaque, hwaddr addr,
2143 uint64_t val, unsigned size)
2144{
2145 LSIState *s = opaque;
2146 lsi_reg_writeb(s, addr & 0xff, val);
2147}
2148
2149static const MemoryRegionOps lsi_io_ops = {
2150 .read = lsi_io_read,
2151 .write = lsi_io_write,
2152 .endianness = DEVICE_LITTLE_ENDIAN,
2153 .impl = {
2154 .min_access_size = 1,
2155 .max_access_size = 1,
2156 },
2157};
2158
2159static void lsi_scsi_reset(DeviceState *dev)
2160{
2161 LSIState *s = LSI53C895A(dev);
2162
2163 lsi_soft_reset(s);
2164}
2165
2166static int lsi_pre_save(void *opaque)
2167{
2168 LSIState *s = opaque;
2169
2170 if (s->current) {
2171 assert(s->current->dma_buf == NULL);
2172 assert(s->current->dma_len == 0);
2173 }
2174 assert(QTAILQ_EMPTY(&s->queue));
2175
2176 return 0;
2177}
2178
2179static int lsi_post_load(void *opaque, int version_id)
2180{
2181 LSIState *s = opaque;
2182
2183 if (s->msg_len < 0 || s->msg_len > LSI_MAX_MSGIN_LEN) {
2184 return -EINVAL;
2185 }
2186
2187 return 0;
2188}
2189
2190static const VMStateDescription vmstate_lsi_scsi = {
2191 .name = "lsiscsi",
2192 .version_id = 1,
2193 .minimum_version_id = 0,
2194 .pre_save = lsi_pre_save,
2195 .post_load = lsi_post_load,
2196 .fields = (VMStateField[]) {
2197 VMSTATE_PCI_DEVICE(parent_obj, LSIState),
2198
2199 VMSTATE_INT32(carry, LSIState),
2200 VMSTATE_INT32(status, LSIState),
2201 VMSTATE_INT32(msg_action, LSIState),
2202 VMSTATE_INT32(msg_len, LSIState),
2203 VMSTATE_BUFFER(msg, LSIState),
2204 VMSTATE_INT32(waiting, LSIState),
2205
2206 VMSTATE_UINT32(dsa, LSIState),
2207 VMSTATE_UINT32(temp, LSIState),
2208 VMSTATE_UINT32(dnad, LSIState),
2209 VMSTATE_UINT32(dbc, LSIState),
2210 VMSTATE_UINT8(istat0, LSIState),
2211 VMSTATE_UINT8(istat1, LSIState),
2212 VMSTATE_UINT8(dcmd, LSIState),
2213 VMSTATE_UINT8(dstat, LSIState),
2214 VMSTATE_UINT8(dien, LSIState),
2215 VMSTATE_UINT8(sist0, LSIState),
2216 VMSTATE_UINT8(sist1, LSIState),
2217 VMSTATE_UINT8(sien0, LSIState),
2218 VMSTATE_UINT8(sien1, LSIState),
2219 VMSTATE_UINT8(mbox0, LSIState),
2220 VMSTATE_UINT8(mbox1, LSIState),
2221 VMSTATE_UINT8(dfifo, LSIState),
2222 VMSTATE_UINT8(ctest2, LSIState),
2223 VMSTATE_UINT8(ctest3, LSIState),
2224 VMSTATE_UINT8(ctest4, LSIState),
2225 VMSTATE_UINT8(ctest5, LSIState),
2226 VMSTATE_UINT8(ccntl0, LSIState),
2227 VMSTATE_UINT8(ccntl1, LSIState),
2228 VMSTATE_UINT32(dsp, LSIState),
2229 VMSTATE_UINT32(dsps, LSIState),
2230 VMSTATE_UINT8(dmode, LSIState),
2231 VMSTATE_UINT8(dcntl, LSIState),
2232 VMSTATE_UINT8(scntl0, LSIState),
2233 VMSTATE_UINT8(scntl1, LSIState),
2234 VMSTATE_UINT8(scntl2, LSIState),
2235 VMSTATE_UINT8(scntl3, LSIState),
2236 VMSTATE_UINT8(sstat0, LSIState),
2237 VMSTATE_UINT8(sstat1, LSIState),
2238 VMSTATE_UINT8(scid, LSIState),
2239 VMSTATE_UINT8(sxfer, LSIState),
2240 VMSTATE_UINT8(socl, LSIState),
2241 VMSTATE_UINT8(sdid, LSIState),
2242 VMSTATE_UINT8(ssid, LSIState),
2243 VMSTATE_UINT8(sfbr, LSIState),
2244 VMSTATE_UINT8(stest1, LSIState),
2245 VMSTATE_UINT8(stest2, LSIState),
2246 VMSTATE_UINT8(stest3, LSIState),
2247 VMSTATE_UINT8(sidl, LSIState),
2248 VMSTATE_UINT8(stime0, LSIState),
2249 VMSTATE_UINT8(respid0, LSIState),
2250 VMSTATE_UINT8(respid1, LSIState),
2251 VMSTATE_UINT8_V(sbcl, LSIState, 1),
2252 VMSTATE_UINT32(mmrs, LSIState),
2253 VMSTATE_UINT32(mmws, LSIState),
2254 VMSTATE_UINT32(sfs, LSIState),
2255 VMSTATE_UINT32(drs, LSIState),
2256 VMSTATE_UINT32(sbms, LSIState),
2257 VMSTATE_UINT32(dbms, LSIState),
2258 VMSTATE_UINT32(dnad64, LSIState),
2259 VMSTATE_UINT32(pmjad1, LSIState),
2260 VMSTATE_UINT32(pmjad2, LSIState),
2261 VMSTATE_UINT32(rbc, LSIState),
2262 VMSTATE_UINT32(ua, LSIState),
2263 VMSTATE_UINT32(ia, LSIState),
2264 VMSTATE_UINT32(sbc, LSIState),
2265 VMSTATE_UINT32(csbc, LSIState),
2266 VMSTATE_BUFFER_UNSAFE(scratch, LSIState, 0, 18 * sizeof(uint32_t)),
2267 VMSTATE_UINT8(sbr, LSIState),
2268
2269 VMSTATE_BUFFER_UNSAFE(script_ram, LSIState, 0, 8192),
2270 VMSTATE_END_OF_LIST()
2271 }
2272};
2273
2274static const struct SCSIBusInfo lsi_scsi_info = {
2275 .tcq = true,
2276 .max_target = LSI_MAX_DEVS,
2277 .max_lun = 0,
2278
2279 .transfer_data = lsi_transfer_data,
2280 .complete = lsi_command_complete,
2281 .cancel = lsi_request_cancelled
2282};
2283
2284static void lsi_scsi_realize(PCIDevice *dev, Error **errp)
2285{
2286 LSIState *s = LSI53C895A(dev);
2287 DeviceState *d = DEVICE(dev);
2288 uint8_t *pci_conf;
2289
2290 pci_conf = dev->config;
2291
2292
2293 pci_conf[PCI_LATENCY_TIMER] = 0xff;
2294
2295 pci_conf[PCI_INTERRUPT_PIN] = 0x01;
2296
2297 memory_region_init_io(&s->mmio_io, OBJECT(s), &lsi_mmio_ops, s,
2298 "lsi-mmio", 0x400);
2299 memory_region_init_io(&s->ram_io, OBJECT(s), &lsi_ram_ops, s,
2300 "lsi-ram", 0x2000);
2301 memory_region_init_io(&s->io_io, OBJECT(s), &lsi_io_ops, s,
2302 "lsi-io", 256);
2303
2304 address_space_init(&s->pci_io_as, pci_address_space_io(dev), "lsi-pci-io");
2305 qdev_init_gpio_out(d, &s->ext_irq, 1);
2306
2307 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_io);
2308 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->mmio_io);
2309 pci_register_bar(dev, 2, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->ram_io);
2310 QTAILQ_INIT(&s->queue);
2311
2312 scsi_bus_new(&s->bus, sizeof(s->bus), d, &lsi_scsi_info, NULL);
2313}
2314
2315static void lsi_scsi_unrealize(DeviceState *dev, Error **errp)
2316{
2317 LSIState *s = LSI53C895A(dev);
2318
2319 address_space_destroy(&s->pci_io_as);
2320}
2321
2322static void lsi_class_init(ObjectClass *klass, void *data)
2323{
2324 DeviceClass *dc = DEVICE_CLASS(klass);
2325 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2326
2327 k->realize = lsi_scsi_realize;
2328 k->vendor_id = PCI_VENDOR_ID_LSI_LOGIC;
2329 k->device_id = PCI_DEVICE_ID_LSI_53C895A;
2330 k->class_id = PCI_CLASS_STORAGE_SCSI;
2331 k->subsystem_id = 0x1000;
2332 dc->unrealize = lsi_scsi_unrealize;
2333 dc->reset = lsi_scsi_reset;
2334 dc->vmsd = &vmstate_lsi_scsi;
2335 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
2336}
2337
2338static const TypeInfo lsi_info = {
2339 .name = TYPE_LSI53C895A,
2340 .parent = TYPE_PCI_DEVICE,
2341 .instance_size = sizeof(LSIState),
2342 .class_init = lsi_class_init,
2343 .interfaces = (InterfaceInfo[]) {
2344 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
2345 { },
2346 },
2347};
2348
2349static void lsi53c810_class_init(ObjectClass *klass, void *data)
2350{
2351 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2352
2353 k->device_id = PCI_DEVICE_ID_LSI_53C810;
2354}
2355
2356static TypeInfo lsi53c810_info = {
2357 .name = TYPE_LSI53C810,
2358 .parent = TYPE_LSI53C895A,
2359 .class_init = lsi53c810_class_init,
2360};
2361
2362static void lsi53c895a_register_types(void)
2363{
2364 type_register_static(&lsi_info);
2365 type_register_static(&lsi53c810_info);
2366}
2367
2368type_init(lsi53c895a_register_types)
2369
2370void lsi53c8xx_handle_legacy_cmdline(DeviceState *lsi_dev)
2371{
2372 LSIState *s = LSI53C895A(lsi_dev);
2373
2374 scsi_bus_legacy_handle_cmdline(&s->bus);
2375}
2376
