2 * QEMU ESP/NCR53C9x emulation
4 * Copyright (c) 2005-2006 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
33 * On Sparc32, this is the ESP (NCR53C90) part of chip STP2000 (Master I/O),
34 * also produced as NCR89C100. See
35 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR89C100.txt
37 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR53C9X.txt
41 #define DPRINTF(fmt, ...) \
42 do { printf("ESP: " fmt , ## __VA_ARGS__); } while (0)
44 #define DPRINTF(fmt, ...) do {} while (0)
47 #define ESP_ERROR(fmt, ...) \
48 do { printf("ESP ERROR: %s: " fmt, __func__ , ## __VA_ARGS__); } while (0)
53 typedef struct ESPState ESPState;
59 uint8_t rregs[ESP_REGS];
60 uint8_t wregs[ESP_REGS];
62 uint32_t ti_rptr, ti_wptr;
63 uint8_t ti_buf[TI_BUFSZ];
67 SCSIDevice *current_dev;
68 uint8_t cmdbuf[TI_BUFSZ];
72 /* The amount of data left in the current DMA transfer. */
74 /* The size of the current DMA transfer. Zero if no transfer is in
80 espdma_memory_read_write dma_memory_read;
81 espdma_memory_read_write dma_memory_write;
90 #define ESP_WBUSID 0x4
94 #define ESP_WSYNTP 0x6
95 #define ESP_RFLAGS 0x7
100 #define ESP_RRES2 0xa
101 #define ESP_WTEST 0xa
112 #define CMD_FLUSH 0x01
113 #define CMD_RESET 0x02
114 #define CMD_BUSRESET 0x03
116 #define CMD_ICCS 0x11
117 #define CMD_MSGACC 0x12
119 #define CMD_SATN 0x1a
121 #define CMD_SELATN 0x42
122 #define CMD_SELATNS 0x43
123 #define CMD_ENSEL 0x44
131 #define STAT_PIO_MASK 0x06
136 #define STAT_INT 0x80
138 #define BUSID_DID 0x07
143 #define INTR_RST 0x80
148 #define CFG1_RESREPT 0x40
150 #define TCHI_FAS100A 0x4
152 static void esp_raise_irq(ESPState *s)
154 if (!(s->rregs[ESP_RSTAT] & STAT_INT)) {
155 s->rregs[ESP_RSTAT] |= STAT_INT;
156 qemu_irq_raise(s->irq);
160 static void esp_lower_irq(ESPState *s)
162 if (s->rregs[ESP_RSTAT] & STAT_INT) {
163 s->rregs[ESP_RSTAT] &= ~STAT_INT;
164 qemu_irq_lower(s->irq);
168 static uint32_t get_cmd(ESPState *s, uint8_t *buf)
173 target = s->wregs[ESP_WBUSID] & BUSID_DID;
175 dmalen = s->rregs[ESP_TCLO] | (s->rregs[ESP_TCMID] << 8);
176 s->dma_memory_read(s->dma_opaque, buf, dmalen);
179 memcpy(buf, s->ti_buf, dmalen);
182 DPRINTF("get_cmd: len %d target %d\n", dmalen, target);
188 if (s->current_dev) {
189 /* Started a new command before the old one finished. Cancel it. */
190 s->current_dev->info->cancel_io(s->current_dev, 0);
194 if (target >= ESP_MAX_DEVS || !s->bus.devs[target]) {
196 s->rregs[ESP_RSTAT] = 0;
197 s->rregs[ESP_RINTR] = INTR_DC;
198 s->rregs[ESP_RSEQ] = SEQ_0;
202 s->current_dev = s->bus.devs[target];
206 static void do_busid_cmd(ESPState *s, uint8_t *buf, uint8_t busid)
211 DPRINTF("do_busid_cmd: busid 0x%x\n", busid);
213 datalen = s->current_dev->info->send_command(s->current_dev, 0, buf, lun);
214 s->ti_size = datalen;
216 s->rregs[ESP_RSTAT] = STAT_TC;
220 s->rregs[ESP_RSTAT] |= STAT_DI;
221 s->current_dev->info->read_data(s->current_dev, 0);
223 s->rregs[ESP_RSTAT] |= STAT_DO;
224 s->current_dev->info->write_data(s->current_dev, 0);
227 s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
228 s->rregs[ESP_RSEQ] = SEQ_CD;
232 static void do_cmd(ESPState *s, uint8_t *buf)
234 uint8_t busid = buf[0];
236 do_busid_cmd(s, &buf[1], busid);
239 static void handle_satn(ESPState *s)
244 len = get_cmd(s, buf);
249 static void handle_s_without_atn(ESPState *s)
254 len = get_cmd(s, buf);
256 do_busid_cmd(s, buf, 0);
260 static void handle_satn_stop(ESPState *s)
262 s->cmdlen = get_cmd(s, s->cmdbuf);
264 DPRINTF("Set ATN & Stop: cmdlen %d\n", s->cmdlen);
266 s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD;
267 s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
268 s->rregs[ESP_RSEQ] = SEQ_CD;
273 static void write_response(ESPState *s)
275 DPRINTF("Transfer status (sense=%d)\n", s->sense);
276 s->ti_buf[0] = s->sense;
279 s->dma_memory_write(s->dma_opaque, s->ti_buf, 2);
280 s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST;
281 s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
282 s->rregs[ESP_RSEQ] = SEQ_CD;
287 s->rregs[ESP_RFLAGS] = 2;
292 static void esp_dma_done(ESPState *s)
294 s->rregs[ESP_RSTAT] |= STAT_TC;
295 s->rregs[ESP_RINTR] = INTR_BS;
296 s->rregs[ESP_RSEQ] = 0;
297 s->rregs[ESP_RFLAGS] = 0;
298 s->rregs[ESP_TCLO] = 0;
299 s->rregs[ESP_TCMID] = 0;
303 static void esp_do_dma(ESPState *s)
308 to_device = (s->ti_size < 0);
311 DPRINTF("command len %d + %d\n", s->cmdlen, len);
312 s->dma_memory_read(s->dma_opaque, &s->cmdbuf[s->cmdlen], len);
316 do_cmd(s, s->cmdbuf);
319 if (s->async_len == 0) {
320 /* Defer until data is available. */
323 if (len > s->async_len) {
327 s->dma_memory_read(s->dma_opaque, s->async_buf, len);
329 s->dma_memory_write(s->dma_opaque, s->async_buf, len);
338 if (s->async_len == 0) {
340 // ti_size is negative
341 s->current_dev->info->write_data(s->current_dev, 0);
343 s->current_dev->info->read_data(s->current_dev, 0);
344 /* If there is still data to be read from the device then
345 complete the DMA operation immediately. Otherwise defer
346 until the scsi layer has completed. */
347 if (s->dma_left == 0 && s->ti_size > 0) {
352 /* Partially filled a scsi buffer. Complete immediately. */
357 static void esp_command_complete(SCSIBus *bus, int reason, uint32_t tag,
360 ESPState *s = DO_UPCAST(ESPState, busdev.qdev, bus->qbus.parent);
362 if (reason == SCSI_REASON_DONE) {
363 DPRINTF("SCSI Command complete\n");
365 DPRINTF("SCSI command completed unexpectedly\n");
370 DPRINTF("Command failed\n");
372 s->rregs[ESP_RSTAT] = STAT_ST;
374 s->current_dev = NULL;
376 DPRINTF("transfer %d/%d\n", s->dma_left, s->ti_size);
378 s->async_buf = s->current_dev->info->get_buf(s->current_dev, 0);
381 } else if (s->dma_counter != 0 && s->ti_size <= 0) {
382 /* If this was the last part of a DMA transfer then the
383 completion interrupt is deferred to here. */
389 static void handle_ti(ESPState *s)
391 uint32_t dmalen, minlen;
393 dmalen = s->rregs[ESP_TCLO] | (s->rregs[ESP_TCMID] << 8);
397 s->dma_counter = dmalen;
400 minlen = (dmalen < 32) ? dmalen : 32;
401 else if (s->ti_size < 0)
402 minlen = (dmalen < -s->ti_size) ? dmalen : -s->ti_size;
404 minlen = (dmalen < s->ti_size) ? dmalen : s->ti_size;
405 DPRINTF("Transfer Information len %d\n", minlen);
407 s->dma_left = minlen;
408 s->rregs[ESP_RSTAT] &= ~STAT_TC;
410 } else if (s->do_cmd) {
411 DPRINTF("command len %d\n", s->cmdlen);
415 do_cmd(s, s->cmdbuf);
420 static void esp_reset(DeviceState *d)
422 ESPState *s = container_of(d, ESPState, busdev.qdev);
424 memset(s->rregs, 0, ESP_REGS);
425 memset(s->wregs, 0, ESP_REGS);
426 s->rregs[ESP_TCHI] = TCHI_FAS100A; // Indicate fas100a
433 s->rregs[ESP_CFG1] = 7;
436 static void parent_esp_reset(void *opaque, int irq, int level)
442 static uint32_t esp_mem_readb(void *opaque, target_phys_addr_t addr)
444 ESPState *s = opaque;
445 uint32_t saddr, old_val;
447 saddr = addr >> s->it_shift;
448 DPRINTF("read reg[%d]: 0x%2.2x\n", saddr, s->rregs[saddr]);
451 if (s->ti_size > 0) {
453 if ((s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) {
455 ESP_ERROR("PIO data read not implemented\n");
456 s->rregs[ESP_FIFO] = 0;
458 s->rregs[ESP_FIFO] = s->ti_buf[s->ti_rptr++];
462 if (s->ti_size == 0) {
468 /* Clear sequence step, interrupt register and all status bits
470 old_val = s->rregs[ESP_RINTR];
471 s->rregs[ESP_RINTR] = 0;
472 s->rregs[ESP_RSTAT] &= ~STAT_TC;
473 s->rregs[ESP_RSEQ] = SEQ_CD;
480 return s->rregs[saddr];
483 static void esp_mem_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
485 ESPState *s = opaque;
488 saddr = addr >> s->it_shift;
489 DPRINTF("write reg[%d]: 0x%2.2x -> 0x%2.2x\n", saddr, s->wregs[saddr],
494 s->rregs[ESP_RSTAT] &= ~STAT_TC;
498 s->cmdbuf[s->cmdlen++] = val & 0xff;
499 } else if (s->ti_size == TI_BUFSZ - 1) {
500 ESP_ERROR("fifo overrun\n");
503 s->ti_buf[s->ti_wptr++] = val & 0xff;
507 s->rregs[saddr] = val;
510 /* Reload DMA counter. */
511 s->rregs[ESP_TCLO] = s->wregs[ESP_TCLO];
512 s->rregs[ESP_TCMID] = s->wregs[ESP_TCMID];
516 switch(val & CMD_CMD) {
518 DPRINTF("NOP (%2.2x)\n", val);
521 DPRINTF("Flush FIFO (%2.2x)\n", val);
523 s->rregs[ESP_RINTR] = INTR_FC;
524 s->rregs[ESP_RSEQ] = 0;
525 s->rregs[ESP_RFLAGS] = 0;
528 DPRINTF("Chip reset (%2.2x)\n", val);
529 esp_reset(&s->busdev.qdev);
532 DPRINTF("Bus reset (%2.2x)\n", val);
533 s->rregs[ESP_RINTR] = INTR_RST;
534 if (!(s->wregs[ESP_CFG1] & CFG1_RESREPT)) {
542 DPRINTF("Initiator Command Complete Sequence (%2.2x)\n", val);
544 s->rregs[ESP_RINTR] = INTR_FC;
545 s->rregs[ESP_RSTAT] |= STAT_MI;
548 DPRINTF("Message Accepted (%2.2x)\n", val);
549 s->rregs[ESP_RINTR] = INTR_DC;
550 s->rregs[ESP_RSEQ] = 0;
551 s->rregs[ESP_RFLAGS] = 0;
555 DPRINTF("Transfer padding (%2.2x)\n", val);
556 s->rregs[ESP_RSTAT] = STAT_TC;
557 s->rregs[ESP_RINTR] = INTR_FC;
558 s->rregs[ESP_RSEQ] = 0;
561 DPRINTF("Set ATN (%2.2x)\n", val);
564 DPRINTF("Select without ATN (%2.2x)\n", val);
565 handle_s_without_atn(s);
568 DPRINTF("Select with ATN (%2.2x)\n", val);
572 DPRINTF("Select with ATN & stop (%2.2x)\n", val);
576 DPRINTF("Enable selection (%2.2x)\n", val);
577 s->rregs[ESP_RINTR] = 0;
580 ESP_ERROR("Unhandled ESP command (%2.2x)\n", val);
584 case ESP_WBUSID ... ESP_WSYNO:
587 s->rregs[saddr] = val;
589 case ESP_WCCF ... ESP_WTEST:
591 case ESP_CFG2 ... ESP_RES4:
592 s->rregs[saddr] = val;
595 ESP_ERROR("invalid write of 0x%02x at [0x%x]\n", val, saddr);
598 s->wregs[saddr] = val;
601 static CPUReadMemoryFunc * const esp_mem_read[3] = {
607 static CPUWriteMemoryFunc * const esp_mem_write[3] = {
613 static const VMStateDescription vmstate_esp = {
616 .minimum_version_id = 3,
617 .minimum_version_id_old = 3,
618 .fields = (VMStateField []) {
619 VMSTATE_BUFFER(rregs, ESPState),
620 VMSTATE_BUFFER(wregs, ESPState),
621 VMSTATE_INT32(ti_size, ESPState),
622 VMSTATE_UINT32(ti_rptr, ESPState),
623 VMSTATE_UINT32(ti_wptr, ESPState),
624 VMSTATE_BUFFER(ti_buf, ESPState),
625 VMSTATE_UINT32(sense, ESPState),
626 VMSTATE_UINT32(dma, ESPState),
627 VMSTATE_BUFFER(cmdbuf, ESPState),
628 VMSTATE_UINT32(cmdlen, ESPState),
629 VMSTATE_UINT32(do_cmd, ESPState),
630 VMSTATE_UINT32(dma_left, ESPState),
631 VMSTATE_END_OF_LIST()
635 void esp_init(target_phys_addr_t espaddr, int it_shift,
636 espdma_memory_read_write dma_memory_read,
637 espdma_memory_read_write dma_memory_write,
638 void *dma_opaque, qemu_irq irq, qemu_irq *reset)
644 dev = qdev_create(NULL, "esp");
645 esp = DO_UPCAST(ESPState, busdev.qdev, dev);
646 esp->dma_memory_read = dma_memory_read;
647 esp->dma_memory_write = dma_memory_write;
648 esp->dma_opaque = dma_opaque;
649 esp->it_shift = it_shift;
650 qdev_init_nofail(dev);
651 s = sysbus_from_qdev(dev);
652 sysbus_connect_irq(s, 0, irq);
653 sysbus_mmio_map(s, 0, espaddr);
654 *reset = qdev_get_gpio_in(dev, 0);
657 static int esp_init1(SysBusDevice *dev)
659 ESPState *s = FROM_SYSBUS(ESPState, dev);
662 sysbus_init_irq(dev, &s->irq);
663 assert(s->it_shift != -1);
665 esp_io_memory = cpu_register_io_memory(esp_mem_read, esp_mem_write, s);
666 sysbus_init_mmio(dev, ESP_REGS << s->it_shift, esp_io_memory);
668 qdev_init_gpio_in(&dev->qdev, parent_esp_reset, 1);
670 scsi_bus_new(&s->bus, &dev->qdev, 0, ESP_MAX_DEVS, esp_command_complete);
671 scsi_bus_legacy_handle_cmdline(&s->bus);
675 static SysBusDeviceInfo esp_info = {
678 .qdev.size = sizeof(ESPState),
679 .qdev.vmsd = &vmstate_esp,
680 .qdev.reset = esp_reset,
681 .qdev.props = (Property[]) {
686 static void esp_register_devices(void)
688 sysbus_register_withprop(&esp_info);
691 device_init(esp_register_devices)
projects / qemu.git / blob