1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16#include "qemu/osdep.h"
17
18#include "hw/irq.h"
19#include "hw/pci/pci.h"
20#include "hw/scsi/scsi.h"
21#include "migration/vmstate.h"
22#include "sysemu/dma.h"
23#include "qemu/log.h"
24#include "qemu/module.h"
25#include "trace.h"
26#include "qom/object.h"
27
28static const char *names[] = {
29 "SCNTL0", "SCNTL1", "SCNTL2", "SCNTL3", "SCID", "SXFER", "SDID", "GPREG",
30 "SFBR", "SOCL", "SSID", "SBCL", "DSTAT", "SSTAT0", "SSTAT1", "SSTAT2",
31 "DSA0", "DSA1", "DSA2", "DSA3", "ISTAT", "0x15", "0x16", "0x17",
32 "CTEST0", "CTEST1", "CTEST2", "CTEST3", "TEMP0", "TEMP1", "TEMP2", "TEMP3",
33 "DFIFO", "CTEST4", "CTEST5", "CTEST6", "DBC0", "DBC1", "DBC2", "DCMD",
34 "DNAD0", "DNAD1", "DNAD2", "DNAD3", "DSP0", "DSP1", "DSP2", "DSP3",
35 "DSPS0", "DSPS1", "DSPS2", "DSPS3", "SCRATCHA0", "SCRATCHA1", "SCRATCHA2", "SCRATCHA3",
36 "DMODE", "DIEN", "SBR", "DCNTL", "ADDER0", "ADDER1", "ADDER2", "ADDER3",
37 "SIEN0", "SIEN1", "SIST0", "SIST1", "SLPAR", "0x45", "MACNTL", "GPCNTL",
38 "STIME0", "STIME1", "RESPID", "0x4b", "STEST0", "STEST1", "STEST2", "STEST3",
39 "SIDL", "0x51", "0x52", "0x53", "SODL", "0x55", "0x56", "0x57",
40 "SBDL", "0x59", "0x5a", "0x5b", "SCRATCHB0", "SCRATCHB1", "SCRATCHB2", "SCRATCHB3",
41};
42
43#define LSI_MAX_DEVS 7
44
45#define LSI_SCNTL0_TRG 0x01
46#define LSI_SCNTL0_AAP 0x02
47#define LSI_SCNTL0_EPC 0x08
48#define LSI_SCNTL0_WATN 0x10
49#define LSI_SCNTL0_START 0x20
50
51#define LSI_SCNTL1_SST 0x01
52#define LSI_SCNTL1_IARB 0x02
53#define LSI_SCNTL1_AESP 0x04
54#define LSI_SCNTL1_RST 0x08
55#define LSI_SCNTL1_CON 0x10
56#define LSI_SCNTL1_DHP 0x20
57#define LSI_SCNTL1_ADB 0x40
58#define LSI_SCNTL1_EXC 0x80
59
60#define LSI_SCNTL2_WSR 0x01
61#define LSI_SCNTL2_VUE0 0x02
62#define LSI_SCNTL2_VUE1 0x04
63#define LSI_SCNTL2_WSS 0x08
64#define LSI_SCNTL2_SLPHBEN 0x10
65#define LSI_SCNTL2_SLPMD 0x20
66#define LSI_SCNTL2_CHM 0x40
67#define LSI_SCNTL2_SDU 0x80
68
69#define LSI_ISTAT0_DIP 0x01
70#define LSI_ISTAT0_SIP 0x02
71#define LSI_ISTAT0_INTF 0x04
72#define LSI_ISTAT0_CON 0x08
73#define LSI_ISTAT0_SEM 0x10
74#define LSI_ISTAT0_SIGP 0x20
75#define LSI_ISTAT0_SRST 0x40
76#define LSI_ISTAT0_ABRT 0x80
77
78#define LSI_ISTAT1_SI 0x01
79#define LSI_ISTAT1_SRUN 0x02
80#define LSI_ISTAT1_FLSH 0x04
81
82#define LSI_SSTAT0_SDP0 0x01
83#define LSI_SSTAT0_RST 0x02
84#define LSI_SSTAT0_WOA 0x04
85#define LSI_SSTAT0_LOA 0x08
86#define LSI_SSTAT0_AIP 0x10
87#define LSI_SSTAT0_OLF 0x20
88#define LSI_SSTAT0_ORF 0x40
89#define LSI_SSTAT0_ILF 0x80
90
91#define LSI_SIST0_PAR 0x01
92#define LSI_SIST0_RST 0x02
93#define LSI_SIST0_UDC 0x04
94#define LSI_SIST0_SGE 0x08
95#define LSI_SIST0_RSL 0x10
96#define LSI_SIST0_SEL 0x20
97#define LSI_SIST0_CMP 0x40
98#define LSI_SIST0_MA 0x80
99
100#define LSI_SIST1_HTH 0x01
101#define LSI_SIST1_GEN 0x02
102#define LSI_SIST1_STO 0x04
103#define LSI_SIST1_SBMC 0x10
104
105#define LSI_SOCL_IO 0x01
106#define LSI_SOCL_CD 0x02
107#define LSI_SOCL_MSG 0x04
108#define LSI_SOCL_ATN 0x08
109#define LSI_SOCL_SEL 0x10
110#define LSI_SOCL_BSY 0x20
111#define LSI_SOCL_ACK 0x40
112#define LSI_SOCL_REQ 0x80
113
114#define LSI_DSTAT_IID 0x01
115#define LSI_DSTAT_SIR 0x04
116#define LSI_DSTAT_SSI 0x08
117#define LSI_DSTAT_ABRT 0x10
118#define LSI_DSTAT_BF 0x20
119#define LSI_DSTAT_MDPE 0x40
120#define LSI_DSTAT_DFE 0x80
121
122#define LSI_DCNTL_COM 0x01
123#define LSI_DCNTL_IRQD 0x02
124#define LSI_DCNTL_STD 0x04
125#define LSI_DCNTL_IRQM 0x08
126#define LSI_DCNTL_SSM 0x10
127#define LSI_DCNTL_PFEN 0x20
128#define LSI_DCNTL_PFF 0x40
129#define LSI_DCNTL_CLSE 0x80
130
131#define LSI_DMODE_MAN 0x01
132#define LSI_DMODE_BOF 0x02
133#define LSI_DMODE_ERMP 0x04
134#define LSI_DMODE_ERL 0x08
135#define LSI_DMODE_DIOM 0x10
136#define LSI_DMODE_SIOM 0x20
137
138#define LSI_CTEST2_DACK 0x01
139#define LSI_CTEST2_DREQ 0x02
140#define LSI_CTEST2_TEOP 0x04
141#define LSI_CTEST2_PCICIE 0x08
142#define LSI_CTEST2_CM 0x10
143#define LSI_CTEST2_CIO 0x20
144#define LSI_CTEST2_SIGP 0x40
145#define LSI_CTEST2_DDIR 0x80
146
147#define LSI_CTEST5_BL2 0x04
148#define LSI_CTEST5_DDIR 0x08
149#define LSI_CTEST5_MASR 0x10
150#define LSI_CTEST5_DFSN 0x20
151#define LSI_CTEST5_BBCK 0x40
152#define LSI_CTEST5_ADCK 0x80
153
154#define LSI_CCNTL0_DILS 0x01
155#define LSI_CCNTL0_DISFC 0x10
156#define LSI_CCNTL0_ENNDJ 0x20
157#define LSI_CCNTL0_PMJCTL 0x40
158#define LSI_CCNTL0_ENPMJ 0x80
159
160#define LSI_CCNTL1_EN64DBMV 0x01
161#define LSI_CCNTL1_EN64TIBMV 0x02
162#define LSI_CCNTL1_64TIMOD 0x04
163#define LSI_CCNTL1_DDAC 0x08
164#define LSI_CCNTL1_ZMOD 0x80
165
166#define LSI_SBCL_ATN 0x08
167#define LSI_SBCL_BSY 0x20
168#define LSI_SBCL_ACK 0x40
169#define LSI_SBCL_REQ 0x80
170
171
172#define LSI_SCID_RRE 0x60
173
174#define LSI_CCNTL1_40BIT (LSI_CCNTL1_EN64TIBMV|LSI_CCNTL1_64TIMOD)
175
176#define PHASE_DO 0
177#define PHASE_DI 1
178#define PHASE_CMD 2
179#define PHASE_ST 3
180#define PHASE_MO 6
181#define PHASE_MI 7
182#define PHASE_MASK 7
183
184
185#define LSI_MAX_MSGIN_LEN 8
186
187
188#define LSI_TAG_VALID (1 << 16)
189
190
191#define LSI_MAX_INSN 10000
192
193typedef struct lsi_request {
194 SCSIRequest *req;
195 uint32_t tag;
196 uint32_t dma_len;
197 uint8_t *dma_buf;
198 uint32_t pending;
199 int out;
200 QTAILQ_ENTRY(lsi_request) next;
201} lsi_request;
202
203enum {
204 LSI_NOWAIT,
205 LSI_WAIT_RESELECT,
206 LSI_DMA_SCRIPTS,
207 LSI_DMA_IN_PROGRESS,
208};
209
210enum {
211 LSI_MSG_ACTION_COMMAND = 0,
212 LSI_MSG_ACTION_DISCONNECT = 1,
213 LSI_MSG_ACTION_DOUT = 2,
214 LSI_MSG_ACTION_DIN = 3,
215};
216
217struct LSIState {
218
219 PCIDevice parent_obj;
220
221
222 qemu_irq ext_irq;
223 MemoryRegion mmio_io;
224 MemoryRegion ram_io;
225 MemoryRegion io_io;
226 AddressSpace pci_io_as;
227
228 int carry;
229 int status;
230 int msg_action;
231 int msg_len;
232 uint8_t msg[LSI_MAX_MSGIN_LEN];
233 int waiting;
234 SCSIBus bus;
235 int current_lun;
236
237 uint32_t select_tag;
238 int command_complete;
239 QTAILQ_HEAD(, lsi_request) queue;
240 lsi_request *current;
241
242 uint32_t dsa;
243 uint32_t temp;
244 uint32_t dnad;
245 uint32_t dbc;
246 uint8_t istat0;
247 uint8_t istat1;
248 uint8_t dcmd;
249 uint8_t dstat;
250 uint8_t dien;
251 uint8_t sist0;
252 uint8_t sist1;
253 uint8_t sien0;
254 uint8_t sien1;
255 uint8_t mbox0;
256 uint8_t mbox1;
257 uint8_t dfifo;
258 uint8_t ctest2;
259 uint8_t ctest3;
260 uint8_t ctest4;
261 uint8_t ctest5;
262 uint8_t ccntl0;
263 uint8_t ccntl1;
264 uint32_t dsp;
265 uint32_t dsps;
266 uint8_t dmode;
267 uint8_t dcntl;
268 uint8_t scntl0;
269 uint8_t scntl1;
270 uint8_t scntl2;
271 uint8_t scntl3;
272 uint8_t sstat0;
273 uint8_t sstat1;
274 uint8_t scid;
275 uint8_t sxfer;
276 uint8_t socl;
277 uint8_t sdid;
278 uint8_t ssid;
279 uint8_t sfbr;
280 uint8_t sbcl;
281 uint8_t stest1;
282 uint8_t stest2;
283 uint8_t stest3;
284 uint8_t sidl;
285 uint8_t stime0;
286 uint8_t respid0;
287 uint8_t respid1;
288 uint32_t mmrs;
289 uint32_t mmws;
290 uint32_t sfs;
291 uint32_t drs;
292 uint32_t sbms;
293 uint32_t dbms;
294 uint32_t dnad64;
295 uint32_t pmjad1;
296 uint32_t pmjad2;
297 uint32_t rbc;
298 uint32_t ua;
299 uint32_t ia;
300 uint32_t sbc;
301 uint32_t csbc;
302 uint32_t scratch[18];
303 uint8_t sbr;
304 uint32_t adder;
305
306 uint8_t script_ram[2048 * sizeof(uint32_t)];
307};
308
309#define TYPE_LSI53C810 "lsi53c810"
310#define TYPE_LSI53C895A "lsi53c895a"
311
312OBJECT_DECLARE_SIMPLE_TYPE(LSIState, LSI53C895A)
313
314static const char *scsi_phases[] = {
315 "DOUT",
316 "DIN",
317 "CMD",
318 "STATUS",
319 "RSVOUT",
320 "RSVIN",
321 "MSGOUT",
322 "MSGIN"
323};
324
325static const char *scsi_phase_name(int phase)
326{
327 return scsi_phases[phase & PHASE_MASK];
328}
329
330static inline int lsi_irq_on_rsl(LSIState *s)
331{
332 return (s->sien0 & LSI_SIST0_RSL) && (s->scid & LSI_SCID_RRE);
333}
334
335static lsi_request *get_pending_req(LSIState *s)
336{
337 lsi_request *p;
338
339 QTAILQ_FOREACH(p, &s->queue, next) {
340 if (p->pending) {
341 return p;
342 }
343 }
344 return NULL;
345}
346
347static void lsi_soft_reset(LSIState *s)
348{
349 trace_lsi_reset();
350 s->carry = 0;
351
352 s->msg_action = LSI_MSG_ACTION_COMMAND;
353 s->msg_len = 0;
354 s->waiting = LSI_NOWAIT;
355 s->dsa = 0;
356 s->dnad = 0;
357 s->dbc = 0;
358 s->temp = 0;
359 memset(s->scratch, 0, sizeof(s->scratch));
360 s->istat0 = 0;
361 s->istat1 = 0;
362 s->dcmd = 0x40;
363 s->dstat = 0;
364 s->dien = 0;
365 s->sist0 = 0;
366 s->sist1 = 0;
367 s->sien0 = 0;
368 s->sien1 = 0;
369 s->mbox0 = 0;
370 s->mbox1 = 0;
371 s->dfifo = 0;
372 s->ctest2 = LSI_CTEST2_DACK;
373 s->ctest3 = 0;
374 s->ctest4 = 0;
375 s->ctest5 = 0;
376 s->ccntl0 = 0;
377 s->ccntl1 = 0;
378 s->dsp = 0;
379 s->dsps = 0;
380 s->dmode = 0;
381 s->dcntl = 0;
382 s->scntl0 = 0xc0;
383 s->scntl1 = 0;
384 s->scntl2 = 0;
385 s->scntl3 = 0;
386 s->sstat0 = 0;
387 s->sstat1 = 0;
388 s->scid = 7;
389 s->sxfer = 0;
390 s->socl = 0;
391 s->sdid = 0;
392 s->ssid = 0;
393 s->sbcl = 0;
394 s->stest1 = 0;
395 s->stest2 = 0;
396 s->stest3 = 0;
397 s->sidl = 0;
398 s->stime0 = 0;
399 s->respid0 = 0x80;
400 s->respid1 = 0;
401 s->mmrs = 0;
402 s->mmws = 0;
403 s->sfs = 0;
404 s->drs = 0;
405 s->sbms = 0;
406 s->dbms = 0;
407 s->dnad64 = 0;
408 s->pmjad1 = 0;
409 s->pmjad2 = 0;
410 s->rbc = 0;
411 s->ua = 0;
412 s->ia = 0;
413 s->sbc = 0;
414 s->csbc = 0;
415 s->sbr = 0;
416 assert(QTAILQ_EMPTY(&s->queue));
417 assert(!s->current);
418}
419
420static int lsi_dma_40bit(LSIState *s)
421{
422 if ((s->ccntl1 & LSI_CCNTL1_40BIT) == LSI_CCNTL1_40BIT)
423 return 1;
424 return 0;
425}
426
427static int lsi_dma_ti64bit(LSIState *s)
428{
429 if ((s->ccntl1 & LSI_CCNTL1_EN64TIBMV) == LSI_CCNTL1_EN64TIBMV)
430 return 1;
431 return 0;
432}
433
434static int lsi_dma_64bit(LSIState *s)
435{
436 if ((s->ccntl1 & LSI_CCNTL1_EN64DBMV) == LSI_CCNTL1_EN64DBMV)
437 return 1;
438 return 0;
439}
440
441static uint8_t lsi_reg_readb(LSIState *s, int offset);
442static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val);
443static void lsi_execute_script(LSIState *s);
444static void lsi_reselect(LSIState *s, lsi_request *p);
445
446static inline void lsi_mem_read(LSIState *s, dma_addr_t addr,
447 void *buf, dma_addr_t len)
448{
449 if (s->dmode & LSI_DMODE_SIOM) {
450 address_space_read(&s->pci_io_as, addr, MEMTXATTRS_UNSPECIFIED,
451 buf, len);
452 } else {
453 pci_dma_read(PCI_DEVICE(s), addr, buf, len);
454 }
455}
456
457static inline void lsi_mem_write(LSIState *s, dma_addr_t addr,
458 const void *buf, dma_addr_t len)
459{
460 if (s->dmode & LSI_DMODE_DIOM) {
461 address_space_write(&s->pci_io_as, addr, MEMTXATTRS_UNSPECIFIED,
462 buf, len);
463 } else {
464 pci_dma_write(PCI_DEVICE(s), addr, buf, len);
465 }
466}
467
468static inline uint32_t read_dword(LSIState *s, uint32_t addr)
469{
470 uint32_t buf;
471
472 pci_dma_read(PCI_DEVICE(s), addr, &buf, 4);
473 return cpu_to_le32(buf);
474}
475
476static void lsi_stop_script(LSIState *s)
477{
478 s->istat1 &= ~LSI_ISTAT1_SRUN;
479}
480
481static void lsi_set_irq(LSIState *s, int level)
482{
483 PCIDevice *d = PCI_DEVICE(s);
484
485 if (s->ext_irq) {
486 qemu_set_irq(s->ext_irq, level);
487 } else {
488 pci_set_irq(d, level);
489 }
490}
491
492static void lsi_update_irq(LSIState *s)
493{
494 int level;
495 static int last_level;
496
497
498
499
500 level = 0;
501 if (s->dstat) {
502 if (s->dstat & s->dien)
503 level = 1;
504 s->istat0 |= LSI_ISTAT0_DIP;
505 } else {
506 s->istat0 &= ~LSI_ISTAT0_DIP;
507 }
508
509 if (s->sist0 || s->sist1) {
510 if ((s->sist0 & s->sien0) || (s->sist1 & s->sien1))
511 level = 1;
512 s->istat0 |= LSI_ISTAT0_SIP;
513 } else {
514 s->istat0 &= ~LSI_ISTAT0_SIP;
515 }
516 if (s->istat0 & LSI_ISTAT0_INTF)
517 level = 1;
518
519 if (level != last_level) {
520 trace_lsi_update_irq(level, s->dstat, s->sist1, s->sist0);
521 last_level = level;
522 }
523 lsi_set_irq(s, level);
524
525 if (!s->current && !level && lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON)) {
526 lsi_request *p;
527
528 trace_lsi_update_irq_disconnected();
529 p = get_pending_req(s);
530 if (p) {
531 lsi_reselect(s, p);
532 }
533 }
534}
535
536
537static void lsi_script_scsi_interrupt(LSIState *s, int stat0, int stat1)
538{
539 uint32_t mask0;
540 uint32_t mask1;
541
542 trace_lsi_script_scsi_interrupt(stat1, stat0, s->sist1, s->sist0);
543 s->sist0 |= stat0;
544 s->sist1 |= stat1;
545
546
547
548 mask0 = s->sien0 | ~(LSI_SIST0_CMP | LSI_SIST0_SEL | LSI_SIST0_RSL);
549 mask1 = s->sien1 | ~(LSI_SIST1_GEN | LSI_SIST1_HTH);
550 mask1 &= ~LSI_SIST1_STO;
551 if (s->sist0 & mask0 || s->sist1 & mask1) {
552 lsi_stop_script(s);
553 }
554 lsi_update_irq(s);
555}
556
557
558static void lsi_script_dma_interrupt(LSIState *s, int stat)
559{
560 trace_lsi_script_dma_interrupt(stat, s->dstat);
561 s->dstat |= stat;
562 lsi_update_irq(s);
563 lsi_stop_script(s);
564}
565
566static inline void lsi_set_phase(LSIState *s, int phase)
567{
568 s->sbcl &= ~PHASE_MASK;
569 s->sbcl |= phase | LSI_SBCL_REQ;
570 s->sstat1 = (s->sstat1 & ~PHASE_MASK) | phase;
571}
572
573static void lsi_bad_phase(LSIState *s, int out, int new_phase)
574{
575
576 if (s->ccntl0 & LSI_CCNTL0_ENPMJ) {
577 if ((s->ccntl0 & LSI_CCNTL0_PMJCTL)) {
578 s->dsp = out ? s->pmjad1 : s->pmjad2;
579 } else {
580 s->dsp = (s->scntl2 & LSI_SCNTL2_WSR ? s->pmjad2 : s->pmjad1);
581 }
582 trace_lsi_bad_phase_jump(s->dsp);
583 } else {
584 trace_lsi_bad_phase_interrupt();
585 lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
586 lsi_stop_script(s);
587 }
588 lsi_set_phase(s, new_phase);
589}
590
591
592
593static void lsi_resume_script(LSIState *s)
594{
595 if (s->waiting != 2) {
596 s->waiting = LSI_NOWAIT;
597 lsi_execute_script(s);
598 } else {
599 s->waiting = LSI_NOWAIT;
600 }
601}
602
603static void lsi_disconnect(LSIState *s)
604{
605 s->scntl1 &= ~LSI_SCNTL1_CON;
606 s->sstat1 &= ~PHASE_MASK;
607 s->sbcl = 0;
608}
609
610static void lsi_bad_selection(LSIState *s, uint32_t id)
611{
612 trace_lsi_bad_selection(id);
613 lsi_script_scsi_interrupt(s, 0, LSI_SIST1_STO);
614 lsi_disconnect(s);
615}
616
617
618static void lsi_do_dma(LSIState *s, int out)
619{
620 uint32_t count;
621 dma_addr_t addr;
622 SCSIDevice *dev;
623
624 if (!s->current || !s->current->dma_len) {
625
626 trace_lsi_do_dma_unavailable();
627 return;
628 }
629
630 dev = s->current->req->dev;
631 assert(dev);
632
633 count = s->dbc;
634 if (count > s->current->dma_len)
635 count = s->current->dma_len;
636
637 addr = s->dnad;
638
639 if (lsi_dma_40bit(s) || lsi_dma_ti64bit(s))
640 addr |= ((uint64_t)s->dnad64 << 32);
641 else if (s->dbms)
642 addr |= ((uint64_t)s->dbms << 32);
643 else if (s->sbms)
644 addr |= ((uint64_t)s->sbms << 32);
645
646 trace_lsi_do_dma(addr, count);
647 s->csbc += count;
648 s->dnad += count;
649 s->dbc -= count;
650 if (s->current->dma_buf == NULL) {
651 s->current->dma_buf = scsi_req_get_buf(s->current->req);
652 }
653
654 if (out) {
655 lsi_mem_read(s, addr, s->current->dma_buf, count);
656 } else {
657 lsi_mem_write(s, addr, s->current->dma_buf, count);
658 }
659 s->current->dma_len -= count;
660 if (s->current->dma_len == 0) {
661 s->current->dma_buf = NULL;
662 scsi_req_continue(s->current->req);
663 } else {
664 s->current->dma_buf += count;
665 lsi_resume_script(s);
666 }
667}
668
669
670
671static void lsi_queue_command(LSIState *s)
672{
673 lsi_request *p = s->current;
674
675 trace_lsi_queue_command(p->tag);
676 assert(s->current != NULL);
677 assert(s->current->dma_len == 0);
678 QTAILQ_INSERT_TAIL(&s->queue, s->current, next);
679 s->current = NULL;
680
681 p->pending = 0;
682 p->out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
683}
684
685
686static void lsi_add_msg_byte(LSIState *s, uint8_t data)
687{
688 if (s->msg_len >= LSI_MAX_MSGIN_LEN) {
689 trace_lsi_add_msg_byte_error();
690 } else {
691 trace_lsi_add_msg_byte(data);
692 s->msg[s->msg_len++] = data;
693 }
694}
695
696
697static void lsi_reselect(LSIState *s, lsi_request *p)
698{
699 int id;
700
701 assert(s->current == NULL);
702 QTAILQ_REMOVE(&s->queue, p, next);
703 s->current = p;
704
705 id = (p->tag >> 8) & 0xf;
706 s->ssid = id | 0x80;
707
708 if (!(s->dcntl & LSI_DCNTL_COM)) {
709 s->sfbr = 1 << (id & 0x7);
710 }
711 trace_lsi_reselect(id);
712 s->scntl1 |= LSI_SCNTL1_CON;
713 lsi_set_phase(s, PHASE_MI);
714 s->msg_action = p->out ? LSI_MSG_ACTION_DOUT : LSI_MSG_ACTION_DIN;
715 s->current->dma_len = p->pending;
716 lsi_add_msg_byte(s, 0x80);
717 if (s->current->tag & LSI_TAG_VALID) {
718 lsi_add_msg_byte(s, 0x20);
719 lsi_add_msg_byte(s, p->tag & 0xff);
720 }
721
722 if (lsi_irq_on_rsl(s)) {
723 lsi_script_scsi_interrupt(s, LSI_SIST0_RSL, 0);
724 }
725}
726
727static lsi_request *lsi_find_by_tag(LSIState *s, uint32_t tag)
728{
729 lsi_request *p;
730
731 QTAILQ_FOREACH(p, &s->queue, next) {
732 if (p->tag == tag) {
733 return p;
734 }
735 }
736
737 return NULL;
738}
739
740static void lsi_request_free(LSIState *s, lsi_request *p)
741{
742 if (p == s->current) {
743 s->current = NULL;
744 } else {
745 QTAILQ_REMOVE(&s->queue, p, next);
746 }
747 g_free(p);
748}
749
750static void lsi_request_cancelled(SCSIRequest *req)
751{
752 LSIState *s = LSI53C895A(req->bus->qbus.parent);
753 lsi_request *p = req->hba_private;
754
755 req->hba_private = NULL;
756 lsi_request_free(s, p);
757 scsi_req_unref(req);
758}
759
760
761
762static int lsi_queue_req(LSIState *s, SCSIRequest *req, uint32_t len)
763{
764 lsi_request *p = req->hba_private;
765
766 if (p->pending) {
767 trace_lsi_queue_req_error(p);
768 }
769 p->pending = len;
770
771
772
773
774
775 if (s->waiting == LSI_WAIT_RESELECT ||
776 (lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON) &&
777 !(s->istat0 & (LSI_ISTAT0_SIP | LSI_ISTAT0_DIP)))) {
778
779 lsi_reselect(s, p);
780 return 0;
781 } else {
782 trace_lsi_queue_req(p->tag);
783 p->pending = len;
784 return 1;
785 }
786}
787
788
789static void lsi_command_complete(SCSIRequest *req, size_t resid)
790{
791 LSIState *s = LSI53C895A(req->bus->qbus.parent);
792 int out;
793
794 out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
795 trace_lsi_command_complete(req->status);
796 s->status = req->status;
797 s->command_complete = 2;
798 if (s->waiting && s->dbc != 0) {
799
800 lsi_bad_phase(s, out, PHASE_ST);
801 } else {
802 lsi_set_phase(s, PHASE_ST);
803 }
804
805 if (req->hba_private == s->current) {
806 req->hba_private = NULL;
807 lsi_request_free(s, s->current);
808 scsi_req_unref(req);
809 }
810 lsi_resume_script(s);
811}
812
813
814static void lsi_transfer_data(SCSIRequest *req, uint32_t len)
815{
816 LSIState *s = LSI53C895A(req->bus->qbus.parent);
817 int out;
818
819 assert(req->hba_private);
820 if (s->waiting == LSI_WAIT_RESELECT || req->hba_private != s->current ||
821 (lsi_irq_on_rsl(s) && !(s->scntl1 & LSI_SCNTL1_CON))) {
822 if (lsi_queue_req(s, req, len)) {
823 return;
824 }
825 }
826
827 out = (s->sstat1 & PHASE_MASK) == PHASE_DO;
828
829
830 trace_lsi_transfer_data(req->tag, len);
831 s->current->dma_len = len;
832 s->command_complete = 1;
833 if (s->waiting) {
834 if (s->waiting == LSI_WAIT_RESELECT || s->dbc == 0) {
835 lsi_resume_script(s);
836 } else {
837 lsi_do_dma(s, out);
838 }
839 }
840}
841
842static void lsi_do_command(LSIState *s)
843{
844 SCSIDevice *dev;
845 uint8_t buf[16];
846 uint32_t id;
847 int n;
848
849 trace_lsi_do_command(s->dbc);
850 if (s->dbc > 16)
851 s->dbc = 16;
852 pci_dma_read(PCI_DEVICE(s), s->dnad, buf, s->dbc);
853 s->sfbr = buf[0];
854 s->command_complete = 0;
855
856 id = (s->select_tag >> 8) & 0xf;
857 dev = scsi_device_find(&s->bus, 0, id, s->current_lun);
858 if (!dev) {
859 lsi_bad_selection(s, id);
860 return;
861 }
862
863 assert(s->current == NULL);
864 s->current = g_new0(lsi_request, 1);
865 s->current->tag = s->select_tag;
866 s->current->req = scsi_req_new(dev, s->current->tag, s->current_lun, buf,
867 s->current);
868
869 n = scsi_req_enqueue(s->current->req);
870 if (n) {
871 if (n > 0) {
872 lsi_set_phase(s, PHASE_DI);
873 } else if (n < 0) {
874 lsi_set_phase(s, PHASE_DO);
875 }
876 scsi_req_continue(s->current->req);
877 }
878 if (!s->command_complete) {
879 if (n) {
880
881 lsi_add_msg_byte(s, 2);
882 lsi_add_msg_byte(s, 4);
883
884 lsi_set_phase(s, PHASE_MI);
885 s->msg_action = LSI_MSG_ACTION_DISCONNECT;
886 lsi_queue_command(s);
887 } else {
888
889 lsi_set_phase(s, PHASE_DI);
890 }
891 }
892}
893
894static void lsi_do_status(LSIState *s)
895{
896 uint8_t status;
897 trace_lsi_do_status(s->dbc, s->status);
898 if (s->dbc != 1) {
899 trace_lsi_do_status_error();
900 }
901 s->dbc = 1;
902 status = s->status;
903 s->sfbr = status;
904 pci_dma_write(PCI_DEVICE(s), s->dnad, &status, 1);
905 lsi_set_phase(s, PHASE_MI);
906 s->msg_action = LSI_MSG_ACTION_DISCONNECT;
907 lsi_add_msg_byte(s, 0);
908}
909
910static void lsi_do_msgin(LSIState *s)
911{
912 uint8_t len;
913 trace_lsi_do_msgin(s->dbc, s->msg_len);
914 s->sfbr = s->msg[0];
915 len = s->msg_len;
916 assert(len > 0 && len <= LSI_MAX_MSGIN_LEN);
917 if (len > s->dbc)
918 len = s->dbc;
919 pci_dma_write(PCI_DEVICE(s), s->dnad, s->msg, len);
920
921 s->sidl = s->msg[len - 1];
922 s->msg_len -= len;
923 if (s->msg_len) {
924 memmove(s->msg, s->msg + len, s->msg_len);
925 } else {
926
927
928 switch (s->msg_action) {
929 case LSI_MSG_ACTION_COMMAND:
930 lsi_set_phase(s, PHASE_CMD);
931 break;
932 case LSI_MSG_ACTION_DISCONNECT:
933 lsi_disconnect(s);
934 break;
935 case LSI_MSG_ACTION_DOUT:
936 lsi_set_phase(s, PHASE_DO);
937 break;
938 case LSI_MSG_ACTION_DIN:
939 lsi_set_phase(s, PHASE_DI);
940 break;
941 default:
942 abort();
943 }
944 }
945}
946
947
948static uint8_t lsi_get_msgbyte(LSIState *s)
949{
950 uint8_t data;
951 pci_dma_read(PCI_DEVICE(s), s->dnad, &data, 1);
952 s->dnad++;
953 s->dbc--;
954 return data;
955}
956
957
958static void lsi_skip_msgbytes(LSIState *s, unsigned int n)
959{
960 s->dnad += n;
961 s->dbc -= n;
962}
963
964static void lsi_do_msgout(LSIState *s)
965{
966 uint8_t msg;
967 int len;
968 uint32_t current_tag;
969 lsi_request *current_req, *p, *p_next;
970
971 if (s->current) {
972 current_tag = s->current->tag;
973 current_req = s->current;
974 } else {
975 current_tag = s->select_tag;
976 current_req = lsi_find_by_tag(s, current_tag);
977 }
978
979 trace_lsi_do_msgout(s->dbc);
980 while (s->dbc) {
981 msg = lsi_get_msgbyte(s);
982 s->sfbr = msg;
983
984 switch (msg) {
985 case 0x04:
986 trace_lsi_do_msgout_disconnect();
987 lsi_disconnect(s);
988 break;
989 case 0x08:
990 trace_lsi_do_msgout_noop();
991 lsi_set_phase(s, PHASE_CMD);
992 break;
993 case 0x01:
994 len = lsi_get_msgbyte(s);
995 msg = lsi_get_msgbyte(s);
996 (void)len;
997 trace_lsi_do_msgout_extended(msg, len);
998 switch (msg) {
999 case 1:
1000 trace_lsi_do_msgout_ignored("SDTR");
1001 lsi_skip_msgbytes(s, 2);
1002 break;
1003 case 3:
1004 trace_lsi_do_msgout_ignored("WDTR");
1005 lsi_skip_msgbytes(s, 1);
1006 break;
1007 case 4:
1008 trace_lsi_do_msgout_ignored("PPR");
1009 lsi_skip_msgbytes(s, 5);
1010 break;
1011 default:
1012 goto bad;
1013 }
1014 break;
1015 case 0x20:
1016 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
1017 trace_lsi_do_msgout_simplequeue(s->select_tag & 0xff);
1018 break;
1019 case 0x21:
1020 qemu_log_mask(LOG_UNIMP, "lsi_scsi: HEAD queue not implemented\n");
1021 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
1022 break;
1023 case 0x22:
1024 qemu_log_mask(LOG_UNIMP,
1025 "lsi_scsi: ORDERED queue not implemented\n");
1026 s->select_tag |= lsi_get_msgbyte(s) | LSI_TAG_VALID;
1027 break;
1028 case 0x0d:
1029
1030 trace_lsi_do_msgout_abort(current_tag);
1031 if (current_req && current_req->req) {
1032 scsi_req_cancel(current_req->req);
1033 current_req = NULL;
1034 }
1035 lsi_disconnect(s);
1036 break;
1037 case 0x06:
1038 case 0x0e:
1039 case 0x0c:
1040
1041
1042 if (msg == 0x06) {
1043 trace_lsi_do_msgout_abort(current_tag);
1044 }
1045
1046
1047 if (msg == 0x0e) {
1048 trace_lsi_do_msgout_clearqueue(current_tag);
1049 }
1050
1051
1052 if (msg == 0x0c) {
1053 trace_lsi_do_msgout_busdevicereset(current_tag);
1054 }
1055
1056
1057 if (s->current) {
1058 scsi_req_cancel(s->current->req);
1059 current_req = NULL;
1060 }
1061
1062
1063
1064
1065
1066
1067
1068
1069 QTAILQ_FOREACH_SAFE(p, &s->queue, next, p_next) {
1070 if ((p->tag & 0x0000ff00) == (current_tag & 0x0000ff00)) {
1071 scsi_req_cancel(p->req);
1072 }
1073 }
1074
1075 lsi_disconnect(s);
1076 break;
1077 default:
1078 if ((msg & 0x80) == 0) {
1079 goto bad;
1080 }
1081 s->current_lun = msg & 7;
1082 trace_lsi_do_msgout_select(s->current_lun);
1083 lsi_set_phase(s, PHASE_CMD);
1084 break;
1085 }
1086 }
1087 return;
1088bad:
1089 qemu_log_mask(LOG_UNIMP, "Unimplemented message 0x%02x\n", msg);
1090 lsi_set_phase(s, PHASE_MI);
1091 lsi_add_msg_byte(s, 7);
1092 s->msg_action = LSI_MSG_ACTION_COMMAND;
1093}
1094
1095#define LSI_BUF_SIZE 4096
1096static void lsi_memcpy(LSIState *s, uint32_t dest, uint32_t src, int count)
1097{
1098 int n;
1099 uint8_t buf[LSI_BUF_SIZE];
1100
1101 trace_lsi_memcpy(dest, src, count);
1102 while (count) {
1103 n = (count > LSI_BUF_SIZE) ? LSI_BUF_SIZE : count;
1104 lsi_mem_read(s, src, buf, n);
1105 lsi_mem_write(s, dest, buf, n);
1106 src += n;
1107 dest += n;
1108 count -= n;
1109 }
1110}
1111
1112static void lsi_wait_reselect(LSIState *s)
1113{
1114 lsi_request *p;
1115
1116 trace_lsi_wait_reselect();
1117
1118 if (s->current) {
1119 return;
1120 }
1121 p = get_pending_req(s);
1122 if (p) {
1123 lsi_reselect(s, p);
1124 }
1125 if (s->current == NULL) {
1126 s->waiting = LSI_WAIT_RESELECT;
1127 }
1128}
1129
1130static void lsi_execute_script(LSIState *s)
1131{
1132 PCIDevice *pci_dev = PCI_DEVICE(s);
1133 uint32_t insn;
1134 uint32_t addr, addr_high;
1135 int opcode;
1136 int insn_processed = 0;
1137
1138 s->istat1 |= LSI_ISTAT1_SRUN;
1139again:
1140 if (++insn_processed > LSI_MAX_INSN) {
1141
1142
1143
1144
1145
1146 if (!(s->sien0 & LSI_SIST0_UDC)) {
1147 qemu_log_mask(LOG_GUEST_ERROR,
1148 "lsi_scsi: inf. loop with UDC masked");
1149 }
1150 lsi_script_scsi_interrupt(s, LSI_SIST0_UDC, 0);
1151 lsi_disconnect(s);
1152 trace_lsi_execute_script_stop();
1153 return;
1154 }
1155 insn = read_dword(s, s->dsp);
1156 if (!insn) {
1157
1158
1159 s->dsp += 4;
1160 goto again;
1161 }
1162 addr = read_dword(s, s->dsp + 4);
1163 addr_high = 0;
1164 trace_lsi_execute_script(s->dsp, insn, addr);
1165 s->dsps = addr;
1166 s->dcmd = insn >> 24;
1167 s->dsp += 8;
1168 switch (insn >> 30) {
1169 case 0:
1170 if (s->sist1 & LSI_SIST1_STO) {
1171 trace_lsi_execute_script_blockmove_delayed();
1172 lsi_stop_script(s);
1173 break;
1174 }
1175 s->dbc = insn & 0xffffff;
1176 s->rbc = s->dbc;
1177
1178 s->ia = s->dsp - 8;
1179 if (insn & (1 << 29)) {
1180
1181 addr = read_dword(s, addr);
1182 } else if (insn & (1 << 28)) {
1183 uint32_t buf[2];
1184 int32_t offset;
1185
1186
1187
1188 offset = sextract32(addr, 0, 24);
1189 pci_dma_read(pci_dev, s->dsa + offset, buf, 8);
1190
1191 s->dbc = cpu_to_le32(buf[0]) & 0xffffff;
1192 s->rbc = s->dbc;
1193 addr = cpu_to_le32(buf[1]);
1194
1195
1196
1197 if (lsi_dma_40bit(s))
1198 addr_high = cpu_to_le32(buf[0]) >> 24;
1199 else if (lsi_dma_ti64bit(s)) {
1200 int selector = (cpu_to_le32(buf[0]) >> 24) & 0x1f;
1201 switch (selector) {
1202 case 0 ... 0x0f:
1203
1204
1205 addr_high = s->scratch[2 + selector];
1206 break;
1207 case 0x10:
1208 addr_high = s->mmrs;
1209 break;
1210 case 0x11:
1211 addr_high = s->mmws;
1212 break;
1213 case 0x12:
1214 addr_high = s->sfs;
1215 break;
1216 case 0x13:
1217 addr_high = s->drs;
1218 break;
1219 case 0x14:
1220 addr_high = s->sbms;
1221 break;
1222 case 0x15:
1223 addr_high = s->dbms;
1224 break;
1225 default:
1226 qemu_log_mask(LOG_GUEST_ERROR,
1227 "lsi_scsi: Illegal selector specified (0x%x > 0x15) "
1228 "for 64-bit DMA block move", selector);
1229 break;
1230 }
1231 }
1232 } else if (lsi_dma_64bit(s)) {
1233
1234
1235 s->dbms = read_dword(s, s->dsp);
1236 s->dsp += 4;
1237 s->ia = s->dsp - 12;
1238 }
1239 if ((s->sstat1 & PHASE_MASK) != ((insn >> 24) & 7)) {
1240 trace_lsi_execute_script_blockmove_badphase(
1241 scsi_phase_name(s->sstat1),
1242 scsi_phase_name(insn >> 24));
1243 lsi_script_scsi_interrupt(s, LSI_SIST0_MA, 0);
1244 break;
1245 }
1246 s->dnad = addr;
1247 s->dnad64 = addr_high;
1248 switch (s->sstat1 & 0x7) {
1249 case PHASE_DO:
1250 s->waiting = LSI_DMA_SCRIPTS;
1251 lsi_do_dma(s, 1);
1252 if (s->waiting)
1253 s->waiting = LSI_DMA_IN_PROGRESS;
1254 break;
1255 case PHASE_DI:
1256 s->waiting = LSI_DMA_SCRIPTS;
1257 lsi_do_dma(s, 0);
1258 if (s->waiting)
1259 s->waiting = LSI_DMA_IN_PROGRESS;
1260 break;
1261 case PHASE_CMD:
1262 lsi_do_command(s);
1263 break;
1264 case PHASE_ST:
1265 lsi_do_status(s);
1266 break;
1267 case PHASE_MO:
1268 lsi_do_msgout(s);
1269 break;
1270 case PHASE_MI:
1271 lsi_do_msgin(s);
1272 break;
1273 default:
1274 qemu_log_mask(LOG_UNIMP, "lsi_scsi: Unimplemented phase %s\n",
1275 scsi_phase_name(s->sstat1));
1276 }
1277 s->dfifo = s->dbc & 0xff;
1278 s->ctest5 = (s->ctest5 & 0xfc) | ((s->dbc >> 8) & 3);
1279 s->sbc = s->dbc;
1280 s->rbc -= s->dbc;
1281 s->ua = addr + s->dbc;
1282 break;
1283
1284 case 1:
1285 opcode = (insn >> 27) & 7;
1286 if (opcode < 5) {
1287 uint32_t id;
1288
1289 if (insn & (1 << 25)) {
1290 id = read_dword(s, s->dsa + sextract32(insn, 0, 24));
1291 } else {
1292 id = insn;
1293 }
1294 id = (id >> 16) & 0xf;
1295 if (insn & (1 << 26)) {
1296 addr = s->dsp + sextract32(addr, 0, 24);
1297 }
1298 s->dnad = addr;
1299 switch (opcode) {
1300 case 0:
1301 s->sdid = id;
1302 if (s->scntl1 & LSI_SCNTL1_CON) {
1303 trace_lsi_execute_script_io_alreadyreselected();
1304 s->dsp = s->dnad;
1305 break;
1306 }
1307 s->sstat0 |= LSI_SSTAT0_WOA;
1308 s->scntl1 &= ~LSI_SCNTL1_IARB;
1309 if (!scsi_device_find(&s->bus, 0, id, 0)) {
1310 lsi_bad_selection(s, id);
1311 break;
1312 }
1313 trace_lsi_execute_script_io_selected(id,
1314 insn & (1 << 3) ? " ATN" : "");
1315
1316
1317
1318 s->select_tag = id << 8;
1319 s->scntl1 |= LSI_SCNTL1_CON;
1320 if (insn & (1 << 3)) {
1321 s->socl |= LSI_SOCL_ATN;
1322 s->sbcl |= LSI_SBCL_ATN;
1323 }
1324 s->sbcl |= LSI_SBCL_BSY;
1325 lsi_set_phase(s, PHASE_MO);
1326 s->waiting = LSI_NOWAIT;
1327 break;
1328 case 1:
1329 trace_lsi_execute_script_io_disconnect();
1330 s->scntl1 &= ~LSI_SCNTL1_CON;
1331
1332
1333
1334
1335
1336
1337 if (!s->current) {
1338 lsi_request *p = get_pending_req(s);
1339 if (p) {
1340 lsi_reselect(s, p);
1341 }
1342 }
1343 break;
1344 case 2:
1345 if (s->istat0 & LSI_ISTAT0_SIGP) {
1346 s->dsp = s->dnad;
1347 } else if (!lsi_irq_on_rsl(s)) {
1348 lsi_wait_reselect(s);
1349 }
1350 break;
1351 case 3:
1352 trace_lsi_execute_script_io_set(
1353 insn & (1 << 3) ? " ATN" : "",
1354 insn & (1 << 6) ? " ACK" : "",
1355 insn & (1 << 9) ? " TM" : "",
1356 insn & (1 << 10) ? " CC" : "");
1357 if (insn & (1 << 3)) {
1358 s->socl |= LSI_SOCL_ATN;
1359 s->sbcl |= LSI_SBCL_ATN;
1360 lsi_set_phase(s, PHASE_MO);
1361 }
1362
1363 if (insn & (1 << 6)) {
1364 s->sbcl |= LSI_SBCL_ACK;
1365 }
1366
1367 if (insn & (1 << 9)) {
1368 qemu_log_mask(LOG_UNIMP,
1369 "lsi_scsi: Target mode not implemented\n");
1370 }
1371 if (insn & (1 << 10))
1372 s->carry = 1;
1373 break;
1374 case 4:
1375 trace_lsi_execute_script_io_clear(
1376 insn & (1 << 3) ? " ATN" : "",
1377 insn & (1 << 6) ? " ACK" : "",
1378 insn & (1 << 9) ? " TM" : "",
1379 insn & (1 << 10) ? " CC" : "");
1380 if (insn & (1 << 3)) {
1381 s->socl &= ~LSI_SOCL_ATN;
1382 s->sbcl &= ~LSI_SBCL_ATN;
1383 }
1384
1385 if (insn & (1 << 6)) {
1386 s->sbcl &= ~LSI_SBCL_ACK;
1387 }
1388
1389 if (insn & (1 << 10))
1390 s->carry = 0;
1391 break;
1392 }
1393 } else {
1394 uint8_t op0;
1395 uint8_t op1;
1396 uint8_t data8;
1397 int reg;
1398 int operator;
1399
1400 static const char *opcode_names[3] =
1401 {"Write", "Read", "Read-Modify-Write"};
1402 static const char *operator_names[8] =
1403 {"MOV", "SHL", "OR", "XOR", "AND", "SHR", "ADD", "ADC"};
1404
1405 reg = ((insn >> 16) & 0x7f) | (insn & 0x80);
1406 data8 = (insn >> 8) & 0xff;
1407 opcode = (insn >> 27) & 7;
1408 operator = (insn >> 24) & 7;
1409 trace_lsi_execute_script_io_opcode(
1410 opcode_names[opcode - 5], reg,
1411 operator_names[operator], data8, s->sfbr,
1412 (insn & (1 << 23)) ? " SFBR" : "");
1413 op0 = op1 = 0;
1414 switch (opcode) {
1415 case 5:
1416 op0 = s->sfbr;
1417 op1 = data8;
1418 break;
1419 case 6:
1420 if (operator)
1421 op0 = lsi_reg_readb(s, reg);
1422 op1 = data8;
1423 break;
1424 case 7:
1425 if (operator)
1426 op0 = lsi_reg_readb(s, reg);
1427 if (insn & (1 << 23)) {
1428 op1 = s->sfbr;
1429 } else {
1430 op1 = data8;
1431 }
1432 break;
1433 }
1434
1435 switch (operator) {
1436 case 0:
1437 op0 = op1;
1438 break;
1439 case 1:
1440 op1 = op0 >> 7;
1441 op0 = (op0 << 1) | s->carry;
1442 s->carry = op1;
1443 break;
1444 case 2:
1445 op0 |= op1;
1446 break;
1447 case 3:
1448 op0 ^= op1;
1449 break;
1450 case 4:
1451 op0 &= op1;
1452 break;
1453 case 5:
1454 op1 = op0 & 1;
1455 op0 = (op0 >> 1) | (s->carry << 7);
1456 s->carry = op1;
1457 break;
1458 case 6:
1459 op0 += op1;
1460 s->carry = op0 < op1;
1461 break;
1462 case 7:
1463 op0 += op1 + s->carry;
1464 if (s->carry)
1465 s->carry = op0 <= op1;
1466 else
1467 s->carry = op0 < op1;
1468 break;
1469 }
1470
1471 switch (opcode) {
1472 case 5:
1473 case 7:
1474 lsi_reg_writeb(s, reg, op0);
1475 break;
1476 case 6:
1477 s->sfbr = op0;
1478 break;
1479 }
1480 }
1481 break;
1482
1483 case 2:
1484 {
1485 int cond;
1486 int jmp;
1487
1488 if ((insn & 0x002e0000) == 0) {
1489 trace_lsi_execute_script_tc_nop();
1490 break;
1491 }
1492 if (s->sist1 & LSI_SIST1_STO) {
1493 trace_lsi_execute_script_tc_delayedselect_timeout();
1494 lsi_stop_script(s);
1495 break;
1496 }
1497 cond = jmp = (insn & (1 << 19)) != 0;
1498 if (cond == jmp && (insn & (1 << 21))) {
1499 trace_lsi_execute_script_tc_compc(s->carry == jmp);
1500 cond = s->carry != 0;
1501 }
1502 if (cond == jmp && (insn & (1 << 17))) {
1503 trace_lsi_execute_script_tc_compp(scsi_phase_name(s->sstat1),
1504 jmp ? '=' : '!', scsi_phase_name(insn >> 24));
1505 cond = (s->sstat1 & PHASE_MASK) == ((insn >> 24) & 7);
1506 }
1507 if (cond == jmp && (insn & (1 << 18))) {
1508 uint8_t mask;
1509
1510 mask = (~insn >> 8) & 0xff;
1511 trace_lsi_execute_script_tc_compd(
1512 s->sfbr, mask, jmp ? '=' : '!', insn & mask);
1513 cond = (s->sfbr & mask) == (insn & mask);
1514 }
1515 if (cond == jmp) {
1516 if (insn & (1 << 23)) {
1517
1518 addr = s->dsp + sextract32(addr, 0, 24);
1519 }
1520 switch ((insn >> 27) & 7) {
1521 case 0:
1522 trace_lsi_execute_script_tc_jump(addr);
1523 s->adder = addr;
1524 s->dsp = addr;
1525 break;
1526 case 1:
1527 trace_lsi_execute_script_tc_call(addr);
1528 s->temp = s->dsp;
1529 s->dsp = addr;
1530 break;
1531 case 2:
1532 trace_lsi_execute_script_tc_return(s->temp);
1533 s->dsp = s->temp;
1534 break;
1535 case 3:
1536 trace_lsi_execute_script_tc_interrupt(s->dsps);
1537 if ((insn & (1 << 20)) != 0) {
1538 s->istat0 |= LSI_ISTAT0_INTF;
1539 lsi_update_irq(s);
1540 } else {
1541 lsi_script_dma_interrupt(s, LSI_DSTAT_SIR);
1542 }
1543 break;
1544 default:
1545 trace_lsi_execute_script_tc_illegal();
1546 lsi_script_dma_interrupt(s, LSI_DSTAT_IID);
1547 break;
1548 }
1549 } else {
1550 trace_lsi_execute_script_tc_cc_failed();
1551 }
1552 }
1553 break;
1554
1555 case 3:
1556 if ((insn & (1 << 29)) == 0) {
1557
1558 uint32_t dest;
1559
1560
1561
1562 dest = read_dword(s, s->dsp);
1563 s->dsp += 4;
1564 lsi_memcpy(s, dest, addr, insn & 0xffffff);
1565 } else {
1566 uint8_t data[7];
1567 int reg;
1568 int n;
1569 int i;
1570
1571 if (insn & (1 << 28)) {
1572 addr = s->dsa + sextract32(addr, 0, 24);
1573 }
1574 n = (insn & 7);
1575 reg = (insn >> 16) & 0xff;
1576 if (insn & (1 << 24)) {
1577 pci_dma_read(pci_dev, addr, data, n);
1578 trace_lsi_execute_script_mm_load(reg, n, addr, *(int *)data);
1579 for (i = 0; i < n; i++) {
1580 lsi_reg_writeb(s, reg + i, data[i]);
1581 }
1582 } else {
1583 trace_lsi_execute_script_mm_store(reg, n, addr);
1584 for (i = 0; i < n; i++) {
1585 data[i] = lsi_reg_readb(s, reg + i);
1586 }
1587 pci_dma_write(pci_dev, addr, data, n);
1588 }
1589 }
1590 }
1591 if (s->istat1 & LSI_ISTAT1_SRUN && s->waiting == LSI_NOWAIT) {
1592 if (s->dcntl & LSI_DCNTL_SSM) {
1593 lsi_script_dma_interrupt(s, LSI_DSTAT_SSI);
1594 } else {
1595 goto again;
1596 }
1597 }
1598 trace_lsi_execute_script_stop();
1599}
1600
1601static uint8_t lsi_reg_readb(LSIState *s, int offset)
1602{
1603 uint8_t ret;
1604
1605#define CASE_GET_REG24(name, addr) \
1606 case addr: ret = s->name & 0xff; break; \
1607 case addr + 1: ret = (s->name >> 8) & 0xff; break; \
1608 case addr + 2: ret = (s->name >> 16) & 0xff; break;
1609
1610#define CASE_GET_REG32(name, addr) \
1611 case addr: ret = s->name & 0xff; break; \
1612 case addr + 1: ret = (s->name >> 8) & 0xff; break; \
1613 case addr + 2: ret = (s->name >> 16) & 0xff; break; \
1614 case addr + 3: ret = (s->name >> 24) & 0xff; break;
1615
1616 switch (offset) {
1617 case 0x00:
1618 ret = s->scntl0;
1619 break;
1620 case 0x01:
1621 ret = s->scntl1;
1622 break;
1623 case 0x02:
1624 ret = s->scntl2;
1625 break;
1626 case 0x03:
1627 ret = s->scntl3;
1628 break;
1629 case 0x04:
1630 ret = s->scid;
1631 break;
1632 case 0x05:
1633 ret = s->sxfer;
1634 break;
1635 case 0x06:
1636 ret = s->sdid;
1637 break;
1638 case 0x07:
1639 ret = 0x7f;
1640 break;
1641 case 0x08:
1642 ret = 0x00;
1643 break;
1644 case 0x09:
1645 ret = s->socl;
1646 break;
1647 case 0xa:
1648 ret = s->ssid;
1649 break;
1650 case 0xb:
1651 ret = s->sbcl;
1652 break;
1653 case 0xc:
1654 ret = s->dstat | LSI_DSTAT_DFE;
1655 if ((s->istat0 & LSI_ISTAT0_INTF) == 0)
1656 s->dstat = 0;
1657 lsi_update_irq(s);
1658 break;
1659 case 0x0d:
1660 ret = s->sstat0;
1661 break;
1662 case 0x0e:
1663 ret = s->sstat1;
1664 break;
1665 case 0x0f:
1666 ret = s->scntl1 & LSI_SCNTL1_CON ? 0 : 2;
1667 break;
1668 CASE_GET_REG32(dsa, 0x10)
1669 case 0x14:
1670 ret = s->istat0;
1671 break;
1672 case 0x15:
1673 ret = s->istat1;
1674 break;
1675 case 0x16:
1676 ret = s->mbox0;
1677 break;
1678 case 0x17:
1679 ret = s->mbox1;
1680 break;
1681 case 0x18:
1682 ret = 0xff;
1683 break;
1684 case 0x19:
1685 ret = 0;
1686 break;
1687 case 0x1a:
1688 ret = s->ctest2 | LSI_CTEST2_DACK | LSI_CTEST2_CM;
1689 if (s->istat0 & LSI_ISTAT0_SIGP) {
1690 s->istat0 &= ~LSI_ISTAT0_SIGP;
1691 ret |= LSI_CTEST2_SIGP;
1692 }
1693 break;
1694 case 0x1b:
1695 ret = s->ctest3;
1696 break;
1697 CASE_GET_REG32(temp, 0x1c)
1698 case 0x20:
1699 ret = s->dfifo;
1700 break;
1701 case 0x21:
1702 ret = s->ctest4;
1703 break;
1704 case 0x22:
1705 ret = s->ctest5;
1706 break;
1707 case 0x23:
1708 ret = 0;
1709 break;
1710 CASE_GET_REG24(dbc, 0x24)
1711 case 0x27:
1712 ret = s->dcmd;
1713 break;
1714 CASE_GET_REG32(dnad, 0x28)
1715 CASE_GET_REG32(dsp, 0x2c)
1716 CASE_GET_REG32(dsps, 0x30)
1717 CASE_GET_REG32(scratch[0], 0x34)
1718 case 0x38:
1719 ret = s->dmode;
1720 break;
1721 case 0x39:
1722 ret = s->dien;
1723 break;
1724 case 0x3a:
1725 ret = s->sbr;
1726 break;
1727 case 0x3b:
1728 ret = s->dcntl;
1729 break;
1730
1731 CASE_GET_REG32(adder, 0x3c)
1732 case 0x40:
1733 ret = s->sien0;
1734 break;
1735 case 0x41:
1736 ret = s->sien1;
1737 break;
1738 case 0x42:
1739 ret = s->sist0;
1740 s->sist0 = 0;
1741 lsi_update_irq(s);
1742 break;
1743 case 0x43:
1744 ret = s->sist1;
1745 s->sist1 = 0;
1746 lsi_update_irq(s);
1747 break;
1748 case 0x46:
1749 ret = 0x0f;
1750 break;
1751 case 0x47:
1752 ret = 0x0f;
1753 break;
1754 case 0x48:
1755 ret = s->stime0;
1756 break;
1757 case 0x4a:
1758 ret = s->respid0;
1759 break;
1760 case 0x4b:
1761 ret = s->respid1;
1762 break;
1763 case 0x4d:
1764 ret = s->stest1;
1765 break;
1766 case 0x4e:
1767 ret = s->stest2;
1768 break;
1769 case 0x4f:
1770 ret = s->stest3;
1771 break;
1772 case 0x50:
1773
1774
1775 ret = s->sidl;
1776 break;
1777 case 0x52:
1778 ret = 0xe0;
1779 break;
1780 case 0x56:
1781 ret = s->ccntl0;
1782 break;
1783 case 0x57:
1784 ret = s->ccntl1;
1785 break;
1786 case 0x58:
1787
1788 if ((s->sstat1 & PHASE_MASK) == PHASE_MI) {
1789 assert(s->msg_len > 0);
1790 return s->msg[0];
1791 }
1792 ret = 0;
1793 break;
1794 case 0x59:
1795 ret = 0;
1796 break;
1797 CASE_GET_REG32(mmrs, 0xa0)
1798 CASE_GET_REG32(mmws, 0xa4)
1799 CASE_GET_REG32(sfs, 0xa8)
1800 CASE_GET_REG32(drs, 0xac)
1801 CASE_GET_REG32(sbms, 0xb0)
1802 CASE_GET_REG32(dbms, 0xb4)
1803 CASE_GET_REG32(dnad64, 0xb8)
1804 CASE_GET_REG32(pmjad1, 0xc0)
1805 CASE_GET_REG32(pmjad2, 0xc4)
1806 CASE_GET_REG32(rbc, 0xc8)
1807 CASE_GET_REG32(ua, 0xcc)
1808 CASE_GET_REG32(ia, 0xd4)
1809 CASE_GET_REG32(sbc, 0xd8)
1810 CASE_GET_REG32(csbc, 0xdc)
1811 case 0x5c ... 0x9f:
1812 {
1813 int n;
1814 int shift;
1815 n = (offset - 0x58) >> 2;
1816 shift = (offset & 3) * 8;
1817 ret = (s->scratch[n] >> shift) & 0xff;
1818 break;
1819 }
1820 default:
1821 {
1822 qemu_log_mask(LOG_GUEST_ERROR,
1823 "lsi_scsi: invalid read from reg %s %x\n",
1824 offset < ARRAY_SIZE(names) ? names[offset] : "???",
1825 offset);
1826 ret = 0xff;
1827 break;
1828 }
1829 }
1830#undef CASE_GET_REG24
1831#undef CASE_GET_REG32
1832
1833 trace_lsi_reg_read(offset < ARRAY_SIZE(names) ? names[offset] : "???",
1834 offset, ret);
1835
1836 return ret;
1837}
1838
1839static void lsi_reg_writeb(LSIState *s, int offset, uint8_t val)
1840{
1841#define CASE_SET_REG24(name, addr) \
1842 case addr : s->name &= 0xffffff00; s->name |= val; break; \
1843 case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \
1844 case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break;
1845
1846#define CASE_SET_REG32(name, addr) \
1847 case addr : s->name &= 0xffffff00; s->name |= val; break; \
1848 case addr + 1: s->name &= 0xffff00ff; s->name |= val << 8; break; \
1849 case addr + 2: s->name &= 0xff00ffff; s->name |= val << 16; break; \
1850 case addr + 3: s->name &= 0x00ffffff; s->name |= val << 24; break;
1851
1852 trace_lsi_reg_write(offset < ARRAY_SIZE(names) ? names[offset] : "???",
1853 offset, val);
1854
1855 switch (offset) {
1856 case 0x00:
1857 s->scntl0 = val;
1858 if (val & LSI_SCNTL0_START) {
1859 qemu_log_mask(LOG_UNIMP,
1860 "lsi_scsi: Start sequence not implemented\n");
1861 }
1862 break;
1863 case 0x01:
1864 s->scntl1 = val & ~LSI_SCNTL1_SST;
1865 if (val & LSI_SCNTL1_IARB) {
1866 qemu_log_mask(LOG_UNIMP,
1867 "lsi_scsi: Immediate Arbritration not implemented\n");
1868 }
1869 if (val & LSI_SCNTL1_RST) {
1870 if (!(s->sstat0 & LSI_SSTAT0_RST)) {
1871 qbus_reset_all(BUS(&s->bus));
1872 s->sstat0 |= LSI_SSTAT0_RST;
1873 lsi_script_scsi_interrupt(s, LSI_SIST0_RST, 0);
1874 }
1875 } else {
1876 s->sstat0 &= ~LSI_SSTAT0_RST;
1877 }
1878 break;
1879 case 0x02:
1880 val &= ~(LSI_SCNTL2_WSR | LSI_SCNTL2_WSS);
1881 s->scntl2 = val;
1882 break;
1883 case 0x03:
1884 s->scntl3 = val;
1885 break;
1886 case 0x04:
1887 s->scid = val;
1888 break;
1889 case 0x05:
1890 s->sxfer = val;
1891 break;
1892 case 0x06:
1893 if ((s->ssid & 0x80) && (val & 0xf) != (s->ssid & 0xf)) {
1894 qemu_log_mask(LOG_GUEST_ERROR,
1895 "lsi_scsi: Destination ID does not match SSID\n");
1896 }
1897 s->sdid = val & 0xf;
1898 break;
1899 case 0x07:
1900 break;
1901 case 0x08:
1902
1903
1904 s->sfbr = val;
1905 break;
1906 case 0x0a: case 0x0b:
1907
1908 return;
1909 case 0x0c: case 0x0d: case 0x0e: case 0x0f:
1910
1911 return;
1912 CASE_SET_REG32(dsa, 0x10)
1913 case 0x14:
1914 s->istat0 = (s->istat0 & 0x0f) | (val & 0xf0);
1915 if (val & LSI_ISTAT0_ABRT) {
1916 lsi_script_dma_interrupt(s, LSI_DSTAT_ABRT);
1917 }
1918 if (val & LSI_ISTAT0_INTF) {
1919 s->istat0 &= ~LSI_ISTAT0_INTF;
1920 lsi_update_irq(s);
1921 }
1922 if (s->waiting == LSI_WAIT_RESELECT && val & LSI_ISTAT0_SIGP) {
1923 trace_lsi_awoken();
1924 s->waiting = LSI_NOWAIT;
1925 s->dsp = s->dnad;
1926 lsi_execute_script(s);
1927 }
1928 if (val & LSI_ISTAT0_SRST) {
1929 qdev_reset_all(DEVICE(s));
1930 }
1931 break;
1932 case 0x16:
1933 s->mbox0 = val;
1934 break;
1935 case 0x17:
1936 s->mbox1 = val;
1937 break;
1938 case 0x18:
1939
1940 break;
1941 case 0x1a:
1942 s->ctest2 = val & LSI_CTEST2_PCICIE;
1943 break;
1944 case 0x1b:
1945 s->ctest3 = val & 0x0f;
1946 break;
1947 CASE_SET_REG32(temp, 0x1c)
1948 case 0x21:
1949 if (val & 7) {
1950 qemu_log_mask(LOG_UNIMP,
1951 "lsi_scsi: Unimplemented CTEST4-FBL 0x%x\n", val);
1952 }
1953 s->ctest4 = val;
1954 break;
1955 case 0x22:
1956 if (val & (LSI_CTEST5_ADCK | LSI_CTEST5_BBCK)) {
1957 qemu_log_mask(LOG_UNIMP,
1958 "lsi_scsi: CTEST5 DMA increment not implemented\n");
1959 }
1960 s->ctest5 = val;
1961 break;
1962 CASE_SET_REG24(dbc, 0x24)
1963 CASE_SET_REG32(dnad, 0x28)
1964 case 0x2c:
1965 s->dsp &= 0xffffff00;
1966 s->dsp |= val;
1967 break;
1968 case 0x2d:
1969 s->dsp &= 0xffff00ff;
1970 s->dsp |= val << 8;
1971 break;
1972 case 0x2e:
1973 s->dsp &= 0xff00ffff;
1974 s->dsp |= val << 16;
1975 break;
1976 case 0x2f:
1977 s->dsp &= 0x00ffffff;
1978 s->dsp |= val << 24;
1979
1980
1981
1982
1983 if ((s->dmode & LSI_DMODE_MAN) == 0
1984 && (s->istat1 & LSI_ISTAT1_SRUN) == 0)
1985 lsi_execute_script(s);
1986 break;
1987 CASE_SET_REG32(dsps, 0x30)
1988 CASE_SET_REG32(scratch[0], 0x34)
1989 case 0x38:
1990 s->dmode = val;
1991 break;
1992 case 0x39:
1993 s->dien = val;
1994 lsi_update_irq(s);
1995 break;
1996 case 0x3a:
1997 s->sbr = val;
1998 break;
1999 case 0x3b:
2000 s->dcntl = val & ~(LSI_DCNTL_PFF | LSI_DCNTL_STD);
2001
2002
2003
2004
2005 if ((val & LSI_DCNTL_STD) && (s->istat1 & LSI_ISTAT1_SRUN) == 0)
2006 lsi_execute_script(s);
2007 break;
2008 case 0x40:
2009 s->sien0 = val;
2010 lsi_update_irq(s);
2011 break;
2012 case 0x41:
2013 s->sien1 = val;
2014 lsi_update_irq(s);
2015 break;
2016 case 0x47:
2017 break;
2018 case 0x48:
2019 s->stime0 = val;
2020 break;
2021 case 0x49:
2022 if (val & 0xf) {
2023 qemu_log_mask(LOG_UNIMP,
2024 "lsi_scsi: General purpose timer not implemented\n");
2025
2026
2027 lsi_script_scsi_interrupt(s, 0, LSI_SIST1_GEN);
2028 }
2029 break;
2030 case 0x4a:
2031 s->respid0 = val;
2032 break;
2033 case 0x4b:
2034 s->respid1 = val;
2035 break;
2036 case 0x4d:
2037 s->stest1 = val;
2038 break;
2039 case 0x4e:
2040 if (val & 1) {
2041 qemu_log_mask(LOG_UNIMP,
2042 "lsi_scsi: Low level mode not implemented\n");
2043 }
2044 s->stest2 = val;
2045 break;
2046 case 0x4f:
2047 if (val & 0x41) {
2048 qemu_log_mask(LOG_UNIMP,
2049 "lsi_scsi: SCSI FIFO test mode not implemented\n");
2050 }
2051 s->stest3 = val;
2052 break;
2053 case 0x56:
2054 s->ccntl0 = val;
2055 break;
2056 case 0x57:
2057 s->ccntl1 = val;
2058 break;
2059 CASE_SET_REG32(mmrs, 0xa0)
2060 CASE_SET_REG32(mmws, 0xa4)
2061 CASE_SET_REG32(sfs, 0xa8)
2062 CASE_SET_REG32(drs, 0xac)
2063 CASE_SET_REG32(sbms, 0xb0)
2064 CASE_SET_REG32(dbms, 0xb4)
2065 CASE_SET_REG32(dnad64, 0xb8)
2066 CASE_SET_REG32(pmjad1, 0xc0)
2067 CASE_SET_REG32(pmjad2, 0xc4)
2068 CASE_SET_REG32(rbc, 0xc8)
2069 CASE_SET_REG32(ua, 0xcc)
2070 CASE_SET_REG32(ia, 0xd4)
2071 CASE_SET_REG32(sbc, 0xd8)
2072 CASE_SET_REG32(csbc, 0xdc)
2073 default:
2074 if (offset >= 0x5c && offset < 0xa0) {
2075 int n;
2076 int shift;
2077 n = (offset - 0x58) >> 2;
2078 shift = (offset & 3) * 8;
2079 s->scratch[n] = deposit32(s->scratch[n], shift, 8, val);
2080 } else {
2081 qemu_log_mask(LOG_GUEST_ERROR,
2082 "lsi_scsi: invalid write to reg %s %x (0x%02x)\n",
2083 offset < ARRAY_SIZE(names) ? names[offset] : "???",
2084 offset, val);
2085 }
2086 }
2087#undef CASE_SET_REG24
2088#undef CASE_SET_REG32
2089}
2090
2091static void lsi_mmio_write(void *opaque, hwaddr addr,
2092 uint64_t val, unsigned size)
2093{
2094 LSIState *s = opaque;
2095
2096 lsi_reg_writeb(s, addr & 0xff, val);
2097}
2098
2099static uint64_t lsi_mmio_read(void *opaque, hwaddr addr,
2100 unsigned size)
2101{
2102 LSIState *s = opaque;
2103 return lsi_reg_readb(s, addr & 0xff);
2104}
2105
2106static const MemoryRegionOps lsi_mmio_ops = {
2107 .read = lsi_mmio_read,
2108 .write = lsi_mmio_write,
2109 .endianness = DEVICE_LITTLE_ENDIAN,
2110 .impl = {
2111 .min_access_size = 1,
2112 .max_access_size = 1,
2113 },
2114};
2115
2116static void lsi_ram_write(void *opaque, hwaddr addr,
2117 uint64_t val, unsigned size)
2118{
2119 LSIState *s = opaque;
2120 stn_le_p(s->script_ram + addr, size, val);
2121}
2122
2123static uint64_t lsi_ram_read(void *opaque, hwaddr addr,
2124 unsigned size)
2125{
2126 LSIState *s = opaque;
2127 return ldn_le_p(s->script_ram + addr, size);
2128}
2129
2130static const MemoryRegionOps lsi_ram_ops = {
2131 .read = lsi_ram_read,
2132 .write = lsi_ram_write,
2133 .endianness = DEVICE_LITTLE_ENDIAN,
2134};
2135
2136static uint64_t lsi_io_read(void *opaque, hwaddr addr,
2137 unsigned size)
2138{
2139 LSIState *s = opaque;
2140 return lsi_reg_readb(s, addr & 0xff);
2141}
2142
2143static void lsi_io_write(void *opaque, hwaddr addr,
2144 uint64_t val, unsigned size)
2145{
2146 LSIState *s = opaque;
2147 lsi_reg_writeb(s, addr & 0xff, val);
2148}
2149
2150static const MemoryRegionOps lsi_io_ops = {
2151 .read = lsi_io_read,
2152 .write = lsi_io_write,
2153 .endianness = DEVICE_LITTLE_ENDIAN,
2154 .impl = {
2155 .min_access_size = 1,
2156 .max_access_size = 1,
2157 },
2158};
2159
2160static void lsi_scsi_reset(DeviceState *dev)
2161{
2162 LSIState *s = LSI53C895A(dev);
2163
2164 lsi_soft_reset(s);
2165}
2166
2167static int lsi_pre_save(void *opaque)
2168{
2169 LSIState *s = opaque;
2170
2171 if (s->current) {
2172 assert(s->current->dma_buf == NULL);
2173 assert(s->current->dma_len == 0);
2174 }
2175 assert(QTAILQ_EMPTY(&s->queue));
2176
2177 return 0;
2178}
2179
2180static int lsi_post_load(void *opaque, int version_id)
2181{
2182 LSIState *s = opaque;
2183
2184 if (s->msg_len < 0 || s->msg_len > LSI_MAX_MSGIN_LEN) {
2185 return -EINVAL;
2186 }
2187
2188 return 0;
2189}
2190
2191static const VMStateDescription vmstate_lsi_scsi = {
2192 .name = "lsiscsi",
2193 .version_id = 1,
2194 .minimum_version_id = 0,
2195 .pre_save = lsi_pre_save,
2196 .post_load = lsi_post_load,
2197 .fields = (VMStateField[]) {
2198 VMSTATE_PCI_DEVICE(parent_obj, LSIState),
2199
2200 VMSTATE_INT32(carry, LSIState),
2201 VMSTATE_INT32(status, LSIState),
2202 VMSTATE_INT32(msg_action, LSIState),
2203 VMSTATE_INT32(msg_len, LSIState),
2204 VMSTATE_BUFFER(msg, LSIState),
2205 VMSTATE_INT32(waiting, LSIState),
2206
2207 VMSTATE_UINT32(dsa, LSIState),
2208 VMSTATE_UINT32(temp, LSIState),
2209 VMSTATE_UINT32(dnad, LSIState),
2210 VMSTATE_UINT32(dbc, LSIState),
2211 VMSTATE_UINT8(istat0, LSIState),
2212 VMSTATE_UINT8(istat1, LSIState),
2213 VMSTATE_UINT8(dcmd, LSIState),
2214 VMSTATE_UINT8(dstat, LSIState),
2215 VMSTATE_UINT8(dien, LSIState),
2216 VMSTATE_UINT8(sist0, LSIState),
2217 VMSTATE_UINT8(sist1, LSIState),
2218 VMSTATE_UINT8(sien0, LSIState),
2219 VMSTATE_UINT8(sien1, LSIState),
2220 VMSTATE_UINT8(mbox0, LSIState),
2221 VMSTATE_UINT8(mbox1, LSIState),
2222 VMSTATE_UINT8(dfifo, LSIState),
2223 VMSTATE_UINT8(ctest2, LSIState),
2224 VMSTATE_UINT8(ctest3, LSIState),
2225 VMSTATE_UINT8(ctest4, LSIState),
2226 VMSTATE_UINT8(ctest5, LSIState),
2227 VMSTATE_UINT8(ccntl0, LSIState),
2228 VMSTATE_UINT8(ccntl1, LSIState),
2229 VMSTATE_UINT32(dsp, LSIState),
2230 VMSTATE_UINT32(dsps, LSIState),
2231 VMSTATE_UINT8(dmode, LSIState),
2232 VMSTATE_UINT8(dcntl, LSIState),
2233 VMSTATE_UINT8(scntl0, LSIState),
2234 VMSTATE_UINT8(scntl1, LSIState),
2235 VMSTATE_UINT8(scntl2, LSIState),
2236 VMSTATE_UINT8(scntl3, LSIState),
2237 VMSTATE_UINT8(sstat0, LSIState),
2238 VMSTATE_UINT8(sstat1, LSIState),
2239 VMSTATE_UINT8(scid, LSIState),
2240 VMSTATE_UINT8(sxfer, LSIState),
2241 VMSTATE_UINT8(socl, LSIState),
2242 VMSTATE_UINT8(sdid, LSIState),
2243 VMSTATE_UINT8(ssid, LSIState),
2244 VMSTATE_UINT8(sfbr, LSIState),
2245 VMSTATE_UINT8(stest1, LSIState),
2246 VMSTATE_UINT8(stest2, LSIState),
2247 VMSTATE_UINT8(stest3, LSIState),
2248 VMSTATE_UINT8(sidl, LSIState),
2249 VMSTATE_UINT8(stime0, LSIState),
2250 VMSTATE_UINT8(respid0, LSIState),
2251 VMSTATE_UINT8(respid1, LSIState),
2252 VMSTATE_UINT8_V(sbcl, LSIState, 1),
2253 VMSTATE_UINT32(mmrs, LSIState),
2254 VMSTATE_UINT32(mmws, LSIState),
2255 VMSTATE_UINT32(sfs, LSIState),
2256 VMSTATE_UINT32(drs, LSIState),
2257 VMSTATE_UINT32(sbms, LSIState),
2258 VMSTATE_UINT32(dbms, LSIState),
2259 VMSTATE_UINT32(dnad64, LSIState),
2260 VMSTATE_UINT32(pmjad1, LSIState),
2261 VMSTATE_UINT32(pmjad2, LSIState),
2262 VMSTATE_UINT32(rbc, LSIState),
2263 VMSTATE_UINT32(ua, LSIState),
2264 VMSTATE_UINT32(ia, LSIState),
2265 VMSTATE_UINT32(sbc, LSIState),
2266 VMSTATE_UINT32(csbc, LSIState),
2267 VMSTATE_BUFFER_UNSAFE(scratch, LSIState, 0, 18 * sizeof(uint32_t)),
2268 VMSTATE_UINT8(sbr, LSIState),
2269
2270 VMSTATE_BUFFER_UNSAFE(script_ram, LSIState, 0, 8192),
2271 VMSTATE_END_OF_LIST()
2272 }
2273};
2274
2275static const struct SCSIBusInfo lsi_scsi_info = {
2276 .tcq = true,
2277 .max_target = LSI_MAX_DEVS,
2278 .max_lun = 0,
2279
2280 .transfer_data = lsi_transfer_data,
2281 .complete = lsi_command_complete,
2282 .cancel = lsi_request_cancelled
2283};
2284
2285static void lsi_scsi_realize(PCIDevice *dev, Error **errp)
2286{
2287 LSIState *s = LSI53C895A(dev);
2288 DeviceState *d = DEVICE(dev);
2289 uint8_t *pci_conf;
2290
2291 pci_conf = dev->config;
2292
2293
2294 pci_conf[PCI_LATENCY_TIMER] = 0xff;
2295
2296 pci_conf[PCI_INTERRUPT_PIN] = 0x01;
2297
2298 memory_region_init_io(&s->mmio_io, OBJECT(s), &lsi_mmio_ops, s,
2299 "lsi-mmio", 0x400);
2300 memory_region_init_io(&s->ram_io, OBJECT(s), &lsi_ram_ops, s,
2301 "lsi-ram", 0x2000);
2302 memory_region_init_io(&s->io_io, OBJECT(s), &lsi_io_ops, s,
2303 "lsi-io", 256);
2304
2305 address_space_init(&s->pci_io_as, pci_address_space_io(dev), "lsi-pci-io");
2306 qdev_init_gpio_out(d, &s->ext_irq, 1);
2307
2308 pci_register_bar(dev, 0, PCI_BASE_ADDRESS_SPACE_IO, &s->io_io);
2309 pci_register_bar(dev, 1, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->mmio_io);
2310 pci_register_bar(dev, 2, PCI_BASE_ADDRESS_SPACE_MEMORY, &s->ram_io);
2311 QTAILQ_INIT(&s->queue);
2312
2313 scsi_bus_init(&s->bus, sizeof(s->bus), d, &lsi_scsi_info);
2314}
2315
2316static void lsi_scsi_exit(PCIDevice *dev)
2317{
2318 LSIState *s = LSI53C895A(dev);
2319
2320 address_space_destroy(&s->pci_io_as);
2321}
2322
2323static void lsi_class_init(ObjectClass *klass, void *data)
2324{
2325 DeviceClass *dc = DEVICE_CLASS(klass);
2326 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2327
2328 k->realize = lsi_scsi_realize;
2329 k->exit = lsi_scsi_exit;
2330 k->vendor_id = PCI_VENDOR_ID_LSI_LOGIC;
2331 k->device_id = PCI_DEVICE_ID_LSI_53C895A;
2332 k->class_id = PCI_CLASS_STORAGE_SCSI;
2333 k->subsystem_id = 0x1000;
2334 dc->reset = lsi_scsi_reset;
2335 dc->vmsd = &vmstate_lsi_scsi;
2336 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
2337}
2338
2339static const TypeInfo lsi_info = {
2340 .name = TYPE_LSI53C895A,
2341 .parent = TYPE_PCI_DEVICE,
2342 .instance_size = sizeof(LSIState),
2343 .class_init = lsi_class_init,
2344 .interfaces = (InterfaceInfo[]) {
2345 { INTERFACE_CONVENTIONAL_PCI_DEVICE },
2346 { },
2347 },
2348};
2349
2350static void lsi53c810_class_init(ObjectClass *klass, void *data)
2351{
2352 PCIDeviceClass *k = PCI_DEVICE_CLASS(klass);
2353
2354 k->device_id = PCI_DEVICE_ID_LSI_53C810;
2355}
2356
2357static const TypeInfo lsi53c810_info = {
2358 .name = TYPE_LSI53C810,
2359 .parent = TYPE_LSI53C895A,
2360 .class_init = lsi53c810_class_init,
2361};
2362
2363static void lsi53c895a_register_types(void)
2364{
2365 type_register_static(&lsi_info);
2366 type_register_static(&lsi53c810_info);
2367}
2368
2369type_init(lsi53c895a_register_types)
2370
2371void lsi53c8xx_handle_legacy_cmdline(DeviceState *lsi_dev)
2372{
2373 LSIState *s = LSI53C895A(lsi_dev);
2374
2375 scsi_bus_legacy_handle_cmdline(&s->bus);
2376}
2377
