scsi: esp: check TI buffer index before read/write
[qemu.git] / hw / scsi / esp.c
1 /*
2 * QEMU ESP/NCR53C9x emulation
3 *
4 * Copyright (c) 2005-2006 Fabrice Bellard
5 * Copyright (c) 2012 Herve Poussineau
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25
26 #include "qemu/osdep.h"
27 #include "hw/sysbus.h"
28 #include "hw/scsi/esp.h"
29 #include "trace.h"
30 #include "qapi/error.h"
31 #include "qemu/log.h"
32
33 /*
34 * On Sparc32, this is the ESP (NCR53C90) part of chip STP2000 (Master I/O),
35 * also produced as NCR89C100. See
36 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR89C100.txt
37 * and
38 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR53C9X.txt
39 */
40
41 static void esp_raise_irq(ESPState *s)
42 {
43 if (!(s->rregs[ESP_RSTAT] & STAT_INT)) {
44 s->rregs[ESP_RSTAT] |= STAT_INT;
45 qemu_irq_raise(s->irq);
46 trace_esp_raise_irq();
47 }
48 }
49
50 static void esp_lower_irq(ESPState *s)
51 {
52 if (s->rregs[ESP_RSTAT] & STAT_INT) {
53 s->rregs[ESP_RSTAT] &= ~STAT_INT;
54 qemu_irq_lower(s->irq);
55 trace_esp_lower_irq();
56 }
57 }
58
59 void esp_dma_enable(ESPState *s, int irq, int level)
60 {
61 if (level) {
62 s->dma_enabled = 1;
63 trace_esp_dma_enable();
64 if (s->dma_cb) {
65 s->dma_cb(s);
66 s->dma_cb = NULL;
67 }
68 } else {
69 trace_esp_dma_disable();
70 s->dma_enabled = 0;
71 }
72 }
73
74 void esp_request_cancelled(SCSIRequest *req)
75 {
76 ESPState *s = req->hba_private;
77
78 if (req == s->current_req) {
79 scsi_req_unref(s->current_req);
80 s->current_req = NULL;
81 s->current_dev = NULL;
82 }
83 }
84
85 static uint32_t get_cmd(ESPState *s, uint8_t *buf, uint8_t buflen)
86 {
87 uint32_t dmalen;
88 int target;
89
90 target = s->wregs[ESP_WBUSID] & BUSID_DID;
91 if (s->dma) {
92 dmalen = s->rregs[ESP_TCLO];
93 dmalen |= s->rregs[ESP_TCMID] << 8;
94 dmalen |= s->rregs[ESP_TCHI] << 16;
95 if (dmalen > buflen) {
96 return 0;
97 }
98 s->dma_memory_read(s->dma_opaque, buf, dmalen);
99 } else {
100 dmalen = s->ti_size;
101 memcpy(buf, s->ti_buf, dmalen);
102 buf[0] = buf[2] >> 5;
103 }
104 trace_esp_get_cmd(dmalen, target);
105
106 s->ti_size = 0;
107 s->ti_rptr = 0;
108 s->ti_wptr = 0;
109
110 if (s->current_req) {
111 /* Started a new command before the old one finished. Cancel it. */
112 scsi_req_cancel(s->current_req);
113 s->async_len = 0;
114 }
115
116 s->current_dev = scsi_device_find(&s->bus, 0, target, 0);
117 if (!s->current_dev) {
118 // No such drive
119 s->rregs[ESP_RSTAT] = 0;
120 s->rregs[ESP_RINTR] = INTR_DC;
121 s->rregs[ESP_RSEQ] = SEQ_0;
122 esp_raise_irq(s);
123 return 0;
124 }
125 return dmalen;
126 }
127
128 static void do_busid_cmd(ESPState *s, uint8_t *buf, uint8_t busid)
129 {
130 int32_t datalen;
131 int lun;
132 SCSIDevice *current_lun;
133
134 trace_esp_do_busid_cmd(busid);
135 lun = busid & 7;
136 current_lun = scsi_device_find(&s->bus, 0, s->current_dev->id, lun);
137 s->current_req = scsi_req_new(current_lun, 0, lun, buf, s);
138 datalen = scsi_req_enqueue(s->current_req);
139 s->ti_size = datalen;
140 if (datalen != 0) {
141 s->rregs[ESP_RSTAT] = STAT_TC;
142 s->dma_left = 0;
143 s->dma_counter = 0;
144 if (datalen > 0) {
145 s->rregs[ESP_RSTAT] |= STAT_DI;
146 } else {
147 s->rregs[ESP_RSTAT] |= STAT_DO;
148 }
149 scsi_req_continue(s->current_req);
150 }
151 s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
152 s->rregs[ESP_RSEQ] = SEQ_CD;
153 esp_raise_irq(s);
154 }
155
156 static void do_cmd(ESPState *s, uint8_t *buf)
157 {
158 uint8_t busid = buf[0];
159
160 do_busid_cmd(s, &buf[1], busid);
161 }
162
163 static void handle_satn(ESPState *s)
164 {
165 uint8_t buf[32];
166 int len;
167
168 if (s->dma && !s->dma_enabled) {
169 s->dma_cb = handle_satn;
170 return;
171 }
172 len = get_cmd(s, buf, sizeof(buf));
173 if (len)
174 do_cmd(s, buf);
175 }
176
177 static void handle_s_without_atn(ESPState *s)
178 {
179 uint8_t buf[32];
180 int len;
181
182 if (s->dma && !s->dma_enabled) {
183 s->dma_cb = handle_s_without_atn;
184 return;
185 }
186 len = get_cmd(s, buf, sizeof(buf));
187 if (len) {
188 do_busid_cmd(s, buf, 0);
189 }
190 }
191
192 static void handle_satn_stop(ESPState *s)
193 {
194 if (s->dma && !s->dma_enabled) {
195 s->dma_cb = handle_satn_stop;
196 return;
197 }
198 s->cmdlen = get_cmd(s, s->cmdbuf, sizeof(s->cmdbuf));
199 if (s->cmdlen) {
200 trace_esp_handle_satn_stop(s->cmdlen);
201 s->do_cmd = 1;
202 s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD;
203 s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
204 s->rregs[ESP_RSEQ] = SEQ_CD;
205 esp_raise_irq(s);
206 }
207 }
208
209 static void write_response(ESPState *s)
210 {
211 trace_esp_write_response(s->status);
212 s->ti_buf[0] = s->status;
213 s->ti_buf[1] = 0;
214 if (s->dma) {
215 s->dma_memory_write(s->dma_opaque, s->ti_buf, 2);
216 s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST;
217 s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
218 s->rregs[ESP_RSEQ] = SEQ_CD;
219 } else {
220 s->ti_size = 2;
221 s->ti_rptr = 0;
222 s->ti_wptr = 0;
223 s->rregs[ESP_RFLAGS] = 2;
224 }
225 esp_raise_irq(s);
226 }
227
228 static void esp_dma_done(ESPState *s)
229 {
230 s->rregs[ESP_RSTAT] |= STAT_TC;
231 s->rregs[ESP_RINTR] = INTR_BS;
232 s->rregs[ESP_RSEQ] = 0;
233 s->rregs[ESP_RFLAGS] = 0;
234 s->rregs[ESP_TCLO] = 0;
235 s->rregs[ESP_TCMID] = 0;
236 s->rregs[ESP_TCHI] = 0;
237 esp_raise_irq(s);
238 }
239
240 static void esp_do_dma(ESPState *s)
241 {
242 uint32_t len;
243 int to_device;
244
245 to_device = (s->ti_size < 0);
246 len = s->dma_left;
247 if (s->do_cmd) {
248 trace_esp_do_dma(s->cmdlen, len);
249 s->dma_memory_read(s->dma_opaque, &s->cmdbuf[s->cmdlen], len);
250 s->ti_size = 0;
251 s->cmdlen = 0;
252 s->do_cmd = 0;
253 do_cmd(s, s->cmdbuf);
254 return;
255 }
256 if (s->async_len == 0) {
257 /* Defer until data is available. */
258 return;
259 }
260 if (len > s->async_len) {
261 len = s->async_len;
262 }
263 if (to_device) {
264 s->dma_memory_read(s->dma_opaque, s->async_buf, len);
265 } else {
266 s->dma_memory_write(s->dma_opaque, s->async_buf, len);
267 }
268 s->dma_left -= len;
269 s->async_buf += len;
270 s->async_len -= len;
271 if (to_device)
272 s->ti_size += len;
273 else
274 s->ti_size -= len;
275 if (s->async_len == 0) {
276 scsi_req_continue(s->current_req);
277 /* If there is still data to be read from the device then
278 complete the DMA operation immediately. Otherwise defer
279 until the scsi layer has completed. */
280 if (to_device || s->dma_left != 0 || s->ti_size == 0) {
281 return;
282 }
283 }
284
285 /* Partially filled a scsi buffer. Complete immediately. */
286 esp_dma_done(s);
287 }
288
289 void esp_command_complete(SCSIRequest *req, uint32_t status,
290 size_t resid)
291 {
292 ESPState *s = req->hba_private;
293
294 trace_esp_command_complete();
295 if (s->ti_size != 0) {
296 trace_esp_command_complete_unexpected();
297 }
298 s->ti_size = 0;
299 s->dma_left = 0;
300 s->async_len = 0;
301 if (status) {
302 trace_esp_command_complete_fail();
303 }
304 s->status = status;
305 s->rregs[ESP_RSTAT] = STAT_ST;
306 esp_dma_done(s);
307 if (s->current_req) {
308 scsi_req_unref(s->current_req);
309 s->current_req = NULL;
310 s->current_dev = NULL;
311 }
312 }
313
314 void esp_transfer_data(SCSIRequest *req, uint32_t len)
315 {
316 ESPState *s = req->hba_private;
317
318 trace_esp_transfer_data(s->dma_left, s->ti_size);
319 s->async_len = len;
320 s->async_buf = scsi_req_get_buf(req);
321 if (s->dma_left) {
322 esp_do_dma(s);
323 } else if (s->dma_counter != 0 && s->ti_size <= 0) {
324 /* If this was the last part of a DMA transfer then the
325 completion interrupt is deferred to here. */
326 esp_dma_done(s);
327 }
328 }
329
330 static void handle_ti(ESPState *s)
331 {
332 uint32_t dmalen, minlen;
333
334 if (s->dma && !s->dma_enabled) {
335 s->dma_cb = handle_ti;
336 return;
337 }
338
339 dmalen = s->rregs[ESP_TCLO];
340 dmalen |= s->rregs[ESP_TCMID] << 8;
341 dmalen |= s->rregs[ESP_TCHI] << 16;
342 if (dmalen==0) {
343 dmalen=0x10000;
344 }
345 s->dma_counter = dmalen;
346
347 if (s->do_cmd)
348 minlen = (dmalen < 32) ? dmalen : 32;
349 else if (s->ti_size < 0)
350 minlen = (dmalen < -s->ti_size) ? dmalen : -s->ti_size;
351 else
352 minlen = (dmalen < s->ti_size) ? dmalen : s->ti_size;
353 trace_esp_handle_ti(minlen);
354 if (s->dma) {
355 s->dma_left = minlen;
356 s->rregs[ESP_RSTAT] &= ~STAT_TC;
357 esp_do_dma(s);
358 } else if (s->do_cmd) {
359 trace_esp_handle_ti_cmd(s->cmdlen);
360 s->ti_size = 0;
361 s->cmdlen = 0;
362 s->do_cmd = 0;
363 do_cmd(s, s->cmdbuf);
364 return;
365 }
366 }
367
368 void esp_hard_reset(ESPState *s)
369 {
370 memset(s->rregs, 0, ESP_REGS);
371 memset(s->wregs, 0, ESP_REGS);
372 s->tchi_written = 0;
373 s->ti_size = 0;
374 s->ti_rptr = 0;
375 s->ti_wptr = 0;
376 s->dma = 0;
377 s->do_cmd = 0;
378 s->dma_cb = NULL;
379
380 s->rregs[ESP_CFG1] = 7;
381 }
382
383 static void esp_soft_reset(ESPState *s)
384 {
385 qemu_irq_lower(s->irq);
386 esp_hard_reset(s);
387 }
388
389 static void parent_esp_reset(ESPState *s, int irq, int level)
390 {
391 if (level) {
392 esp_soft_reset(s);
393 }
394 }
395
396 uint64_t esp_reg_read(ESPState *s, uint32_t saddr)
397 {
398 uint32_t old_val;
399
400 trace_esp_mem_readb(saddr, s->rregs[saddr]);
401 switch (saddr) {
402 case ESP_FIFO:
403 if ((s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) {
404 /* Data out. */
405 qemu_log_mask(LOG_UNIMP, "esp: PIO data read not implemented\n");
406 s->rregs[ESP_FIFO] = 0;
407 esp_raise_irq(s);
408 } else if (s->ti_rptr < s->ti_wptr) {
409 s->ti_size--;
410 s->rregs[ESP_FIFO] = s->ti_buf[s->ti_rptr++];
411 esp_raise_irq(s);
412 }
413 if (s->ti_rptr == s->ti_wptr) {
414 s->ti_rptr = 0;
415 s->ti_wptr = 0;
416 }
417 break;
418 case ESP_RINTR:
419 /* Clear sequence step, interrupt register and all status bits
420 except TC */
421 old_val = s->rregs[ESP_RINTR];
422 s->rregs[ESP_RINTR] = 0;
423 s->rregs[ESP_RSTAT] &= ~STAT_TC;
424 s->rregs[ESP_RSEQ] = SEQ_CD;
425 esp_lower_irq(s);
426
427 return old_val;
428 case ESP_TCHI:
429 /* Return the unique id if the value has never been written */
430 if (!s->tchi_written) {
431 return s->chip_id;
432 }
433 default:
434 break;
435 }
436 return s->rregs[saddr];
437 }
438
439 void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val)
440 {
441 trace_esp_mem_writeb(saddr, s->wregs[saddr], val);
442 switch (saddr) {
443 case ESP_TCHI:
444 s->tchi_written = true;
445 /* fall through */
446 case ESP_TCLO:
447 case ESP_TCMID:
448 s->rregs[ESP_RSTAT] &= ~STAT_TC;
449 break;
450 case ESP_FIFO:
451 if (s->do_cmd) {
452 if (s->cmdlen < TI_BUFSZ) {
453 s->cmdbuf[s->cmdlen++] = val & 0xff;
454 } else {
455 trace_esp_error_fifo_overrun();
456 }
457 } else if (s->ti_wptr == TI_BUFSZ - 1) {
458 trace_esp_error_fifo_overrun();
459 } else {
460 s->ti_size++;
461 s->ti_buf[s->ti_wptr++] = val & 0xff;
462 }
463 break;
464 case ESP_CMD:
465 s->rregs[saddr] = val;
466 if (val & CMD_DMA) {
467 s->dma = 1;
468 /* Reload DMA counter. */
469 s->rregs[ESP_TCLO] = s->wregs[ESP_TCLO];
470 s->rregs[ESP_TCMID] = s->wregs[ESP_TCMID];
471 s->rregs[ESP_TCHI] = s->wregs[ESP_TCHI];
472 } else {
473 s->dma = 0;
474 }
475 switch(val & CMD_CMD) {
476 case CMD_NOP:
477 trace_esp_mem_writeb_cmd_nop(val);
478 break;
479 case CMD_FLUSH:
480 trace_esp_mem_writeb_cmd_flush(val);
481 //s->ti_size = 0;
482 s->rregs[ESP_RINTR] = INTR_FC;
483 s->rregs[ESP_RSEQ] = 0;
484 s->rregs[ESP_RFLAGS] = 0;
485 break;
486 case CMD_RESET:
487 trace_esp_mem_writeb_cmd_reset(val);
488 esp_soft_reset(s);
489 break;
490 case CMD_BUSRESET:
491 trace_esp_mem_writeb_cmd_bus_reset(val);
492 s->rregs[ESP_RINTR] = INTR_RST;
493 if (!(s->wregs[ESP_CFG1] & CFG1_RESREPT)) {
494 esp_raise_irq(s);
495 }
496 break;
497 case CMD_TI:
498 handle_ti(s);
499 break;
500 case CMD_ICCS:
501 trace_esp_mem_writeb_cmd_iccs(val);
502 write_response(s);
503 s->rregs[ESP_RINTR] = INTR_FC;
504 s->rregs[ESP_RSTAT] |= STAT_MI;
505 break;
506 case CMD_MSGACC:
507 trace_esp_mem_writeb_cmd_msgacc(val);
508 s->rregs[ESP_RINTR] = INTR_DC;
509 s->rregs[ESP_RSEQ] = 0;
510 s->rregs[ESP_RFLAGS] = 0;
511 esp_raise_irq(s);
512 break;
513 case CMD_PAD:
514 trace_esp_mem_writeb_cmd_pad(val);
515 s->rregs[ESP_RSTAT] = STAT_TC;
516 s->rregs[ESP_RINTR] = INTR_FC;
517 s->rregs[ESP_RSEQ] = 0;
518 break;
519 case CMD_SATN:
520 trace_esp_mem_writeb_cmd_satn(val);
521 break;
522 case CMD_RSTATN:
523 trace_esp_mem_writeb_cmd_rstatn(val);
524 break;
525 case CMD_SEL:
526 trace_esp_mem_writeb_cmd_sel(val);
527 handle_s_without_atn(s);
528 break;
529 case CMD_SELATN:
530 trace_esp_mem_writeb_cmd_selatn(val);
531 handle_satn(s);
532 break;
533 case CMD_SELATNS:
534 trace_esp_mem_writeb_cmd_selatns(val);
535 handle_satn_stop(s);
536 break;
537 case CMD_ENSEL:
538 trace_esp_mem_writeb_cmd_ensel(val);
539 s->rregs[ESP_RINTR] = 0;
540 break;
541 case CMD_DISSEL:
542 trace_esp_mem_writeb_cmd_dissel(val);
543 s->rregs[ESP_RINTR] = 0;
544 esp_raise_irq(s);
545 break;
546 default:
547 trace_esp_error_unhandled_command(val);
548 break;
549 }
550 break;
551 case ESP_WBUSID ... ESP_WSYNO:
552 break;
553 case ESP_CFG1:
554 case ESP_CFG2: case ESP_CFG3:
555 case ESP_RES3: case ESP_RES4:
556 s->rregs[saddr] = val;
557 break;
558 case ESP_WCCF ... ESP_WTEST:
559 break;
560 default:
561 trace_esp_error_invalid_write(val, saddr);
562 return;
563 }
564 s->wregs[saddr] = val;
565 }
566
567 static bool esp_mem_accepts(void *opaque, hwaddr addr,
568 unsigned size, bool is_write)
569 {
570 return (size == 1) || (is_write && size == 4);
571 }
572
573 const VMStateDescription vmstate_esp = {
574 .name ="esp",
575 .version_id = 3,
576 .minimum_version_id = 3,
577 .fields = (VMStateField[]) {
578 VMSTATE_BUFFER(rregs, ESPState),
579 VMSTATE_BUFFER(wregs, ESPState),
580 VMSTATE_INT32(ti_size, ESPState),
581 VMSTATE_UINT32(ti_rptr, ESPState),
582 VMSTATE_UINT32(ti_wptr, ESPState),
583 VMSTATE_BUFFER(ti_buf, ESPState),
584 VMSTATE_UINT32(status, ESPState),
585 VMSTATE_UINT32(dma, ESPState),
586 VMSTATE_BUFFER(cmdbuf, ESPState),
587 VMSTATE_UINT32(cmdlen, ESPState),
588 VMSTATE_UINT32(do_cmd, ESPState),
589 VMSTATE_UINT32(dma_left, ESPState),
590 VMSTATE_END_OF_LIST()
591 }
592 };
593
594 #define TYPE_ESP "esp"
595 #define ESP(obj) OBJECT_CHECK(SysBusESPState, (obj), TYPE_ESP)
596
597 typedef struct {
598 /*< private >*/
599 SysBusDevice parent_obj;
600 /*< public >*/
601
602 MemoryRegion iomem;
603 uint32_t it_shift;
604 ESPState esp;
605 } SysBusESPState;
606
607 static void sysbus_esp_mem_write(void *opaque, hwaddr addr,
608 uint64_t val, unsigned int size)
609 {
610 SysBusESPState *sysbus = opaque;
611 uint32_t saddr;
612
613 saddr = addr >> sysbus->it_shift;
614 esp_reg_write(&sysbus->esp, saddr, val);
615 }
616
617 static uint64_t sysbus_esp_mem_read(void *opaque, hwaddr addr,
618 unsigned int size)
619 {
620 SysBusESPState *sysbus = opaque;
621 uint32_t saddr;
622
623 saddr = addr >> sysbus->it_shift;
624 return esp_reg_read(&sysbus->esp, saddr);
625 }
626
627 static const MemoryRegionOps sysbus_esp_mem_ops = {
628 .read = sysbus_esp_mem_read,
629 .write = sysbus_esp_mem_write,
630 .endianness = DEVICE_NATIVE_ENDIAN,
631 .valid.accepts = esp_mem_accepts,
632 };
633
634 void esp_init(hwaddr espaddr, int it_shift,
635 ESPDMAMemoryReadWriteFunc dma_memory_read,
636 ESPDMAMemoryReadWriteFunc dma_memory_write,
637 void *dma_opaque, qemu_irq irq, qemu_irq *reset,
638 qemu_irq *dma_enable)
639 {
640 DeviceState *dev;
641 SysBusDevice *s;
642 SysBusESPState *sysbus;
643 ESPState *esp;
644
645 dev = qdev_create(NULL, TYPE_ESP);
646 sysbus = ESP(dev);
647 esp = &sysbus->esp;
648 esp->dma_memory_read = dma_memory_read;
649 esp->dma_memory_write = dma_memory_write;
650 esp->dma_opaque = dma_opaque;
651 sysbus->it_shift = it_shift;
652 /* XXX for now until rc4030 has been changed to use DMA enable signal */
653 esp->dma_enabled = 1;
654 qdev_init_nofail(dev);
655 s = SYS_BUS_DEVICE(dev);
656 sysbus_connect_irq(s, 0, irq);
657 sysbus_mmio_map(s, 0, espaddr);
658 *reset = qdev_get_gpio_in(dev, 0);
659 *dma_enable = qdev_get_gpio_in(dev, 1);
660 }
661
662 static const struct SCSIBusInfo esp_scsi_info = {
663 .tcq = false,
664 .max_target = ESP_MAX_DEVS,
665 .max_lun = 7,
666
667 .transfer_data = esp_transfer_data,
668 .complete = esp_command_complete,
669 .cancel = esp_request_cancelled
670 };
671
672 static void sysbus_esp_gpio_demux(void *opaque, int irq, int level)
673 {
674 SysBusESPState *sysbus = ESP(opaque);
675 ESPState *s = &sysbus->esp;
676
677 switch (irq) {
678 case 0:
679 parent_esp_reset(s, irq, level);
680 break;
681 case 1:
682 esp_dma_enable(opaque, irq, level);
683 break;
684 }
685 }
686
687 static void sysbus_esp_realize(DeviceState *dev, Error **errp)
688 {
689 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
690 SysBusESPState *sysbus = ESP(dev);
691 ESPState *s = &sysbus->esp;
692 Error *err = NULL;
693
694 sysbus_init_irq(sbd, &s->irq);
695 assert(sysbus->it_shift != -1);
696
697 s->chip_id = TCHI_FAS100A;
698 memory_region_init_io(&sysbus->iomem, OBJECT(sysbus), &sysbus_esp_mem_ops,
699 sysbus, "esp", ESP_REGS << sysbus->it_shift);
700 sysbus_init_mmio(sbd, &sysbus->iomem);
701
702 qdev_init_gpio_in(dev, sysbus_esp_gpio_demux, 2);
703
704 scsi_bus_new(&s->bus, sizeof(s->bus), dev, &esp_scsi_info, NULL);
705 scsi_bus_legacy_handle_cmdline(&s->bus, &err);
706 if (err != NULL) {
707 error_propagate(errp, err);
708 return;
709 }
710 }
711
712 static void sysbus_esp_hard_reset(DeviceState *dev)
713 {
714 SysBusESPState *sysbus = ESP(dev);
715 esp_hard_reset(&sysbus->esp);
716 }
717
718 static const VMStateDescription vmstate_sysbus_esp_scsi = {
719 .name = "sysbusespscsi",
720 .version_id = 0,
721 .minimum_version_id = 0,
722 .fields = (VMStateField[]) {
723 VMSTATE_STRUCT(esp, SysBusESPState, 0, vmstate_esp, ESPState),
724 VMSTATE_END_OF_LIST()
725 }
726 };
727
728 static void sysbus_esp_class_init(ObjectClass *klass, void *data)
729 {
730 DeviceClass *dc = DEVICE_CLASS(klass);
731
732 dc->realize = sysbus_esp_realize;
733 dc->reset = sysbus_esp_hard_reset;
734 dc->vmsd = &vmstate_sysbus_esp_scsi;
735 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
736 }
737
738 static const TypeInfo sysbus_esp_info = {
739 .name = TYPE_ESP,
740 .parent = TYPE_SYS_BUS_DEVICE,
741 .instance_size = sizeof(SysBusESPState),
742 .class_init = sysbus_esp_class_init,
743 };
744
745 static void esp_register_types(void)
746 {
747 type_register_static(&sysbus_esp_info);
748 }
749
750 type_init(esp_register_types)