esp: consolidate esp_cmdfifo_pop() into esp_fifo_pop()
[qemu.git] / hw / scsi / esp.c
1 /*
2 * QEMU ESP/NCR53C9x emulation
3 *
4 * Copyright (c) 2005-2006 Fabrice Bellard
5 * Copyright (c) 2012 Herve Poussineau
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25
26 #include "qemu/osdep.h"
27 #include "hw/sysbus.h"
28 #include "migration/vmstate.h"
29 #include "hw/irq.h"
30 #include "hw/scsi/esp.h"
31 #include "trace.h"
32 #include "qemu/log.h"
33 #include "qemu/module.h"
34
35 /*
36 * On Sparc32, this is the ESP (NCR53C90) part of chip STP2000 (Master I/O),
37 * also produced as NCR89C100. See
38 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR89C100.txt
39 * and
40 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR53C9X.txt
41 *
42 * On Macintosh Quadra it is a NCR53C96.
43 */
44
45 static void esp_raise_irq(ESPState *s)
46 {
47 if (!(s->rregs[ESP_RSTAT] & STAT_INT)) {
48 s->rregs[ESP_RSTAT] |= STAT_INT;
49 qemu_irq_raise(s->irq);
50 trace_esp_raise_irq();
51 }
52 }
53
54 static void esp_lower_irq(ESPState *s)
55 {
56 if (s->rregs[ESP_RSTAT] & STAT_INT) {
57 s->rregs[ESP_RSTAT] &= ~STAT_INT;
58 qemu_irq_lower(s->irq);
59 trace_esp_lower_irq();
60 }
61 }
62
63 static void esp_raise_drq(ESPState *s)
64 {
65 qemu_irq_raise(s->irq_data);
66 trace_esp_raise_drq();
67 }
68
69 static void esp_lower_drq(ESPState *s)
70 {
71 qemu_irq_lower(s->irq_data);
72 trace_esp_lower_drq();
73 }
74
75 void esp_dma_enable(ESPState *s, int irq, int level)
76 {
77 if (level) {
78 s->dma_enabled = 1;
79 trace_esp_dma_enable();
80 if (s->dma_cb) {
81 s->dma_cb(s);
82 s->dma_cb = NULL;
83 }
84 } else {
85 trace_esp_dma_disable();
86 s->dma_enabled = 0;
87 }
88 }
89
90 void esp_request_cancelled(SCSIRequest *req)
91 {
92 ESPState *s = req->hba_private;
93
94 if (req == s->current_req) {
95 scsi_req_unref(s->current_req);
96 s->current_req = NULL;
97 s->current_dev = NULL;
98 }
99 }
100
101 static void esp_fifo_push(Fifo8 *fifo, uint8_t val)
102 {
103 if (fifo8_num_used(fifo) == fifo->capacity) {
104 trace_esp_error_fifo_overrun();
105 return;
106 }
107
108 fifo8_push(fifo, val);
109 }
110
111 static uint8_t esp_fifo_pop(Fifo8 *fifo)
112 {
113 if (fifo8_is_empty(fifo)) {
114 return 0;
115 }
116
117 return fifo8_pop(fifo);
118 }
119
120 static uint32_t esp_get_tc(ESPState *s)
121 {
122 uint32_t dmalen;
123
124 dmalen = s->rregs[ESP_TCLO];
125 dmalen |= s->rregs[ESP_TCMID] << 8;
126 dmalen |= s->rregs[ESP_TCHI] << 16;
127
128 return dmalen;
129 }
130
131 static void esp_set_tc(ESPState *s, uint32_t dmalen)
132 {
133 s->rregs[ESP_TCLO] = dmalen;
134 s->rregs[ESP_TCMID] = dmalen >> 8;
135 s->rregs[ESP_TCHI] = dmalen >> 16;
136 }
137
138 static uint32_t esp_get_stc(ESPState *s)
139 {
140 uint32_t dmalen;
141
142 dmalen = s->wregs[ESP_TCLO];
143 dmalen |= s->wregs[ESP_TCMID] << 8;
144 dmalen |= s->wregs[ESP_TCHI] << 16;
145
146 return dmalen;
147 }
148
149 static uint8_t esp_pdma_read(ESPState *s)
150 {
151 uint8_t val;
152
153 if (s->do_cmd) {
154 val = esp_fifo_pop(&s->cmdfifo);
155 } else {
156 val = esp_fifo_pop(&s->fifo);
157 }
158
159 return val;
160 }
161
162 static void esp_pdma_write(ESPState *s, uint8_t val)
163 {
164 uint32_t dmalen = esp_get_tc(s);
165
166 if (dmalen == 0) {
167 return;
168 }
169
170 if (s->do_cmd) {
171 esp_fifo_push(&s->cmdfifo, val);
172 } else {
173 esp_fifo_push(&s->fifo, val);
174 }
175
176 dmalen--;
177 esp_set_tc(s, dmalen);
178 }
179
180 static int esp_select(ESPState *s)
181 {
182 int target;
183
184 target = s->wregs[ESP_WBUSID] & BUSID_DID;
185
186 s->ti_size = 0;
187 fifo8_reset(&s->fifo);
188
189 if (s->current_req) {
190 /* Started a new command before the old one finished. Cancel it. */
191 scsi_req_cancel(s->current_req);
192 s->async_len = 0;
193 }
194
195 s->current_dev = scsi_device_find(&s->bus, 0, target, 0);
196 if (!s->current_dev) {
197 /* No such drive */
198 s->rregs[ESP_RSTAT] = 0;
199 s->rregs[ESP_RINTR] |= INTR_DC;
200 s->rregs[ESP_RSEQ] = SEQ_0;
201 esp_raise_irq(s);
202 return -1;
203 }
204
205 /*
206 * Note that we deliberately don't raise the IRQ here: this will be done
207 * either in do_busid_cmd() for DATA OUT transfers or by the deferred
208 * IRQ mechanism in esp_transfer_data() for DATA IN transfers
209 */
210 s->rregs[ESP_RINTR] |= INTR_FC;
211 s->rregs[ESP_RSEQ] = SEQ_CD;
212 return 0;
213 }
214
215 static uint32_t get_cmd(ESPState *s, uint32_t maxlen)
216 {
217 uint8_t buf[ESP_CMDFIFO_SZ];
218 uint32_t dmalen, n;
219 int target;
220
221 target = s->wregs[ESP_WBUSID] & BUSID_DID;
222 if (s->dma) {
223 dmalen = MIN(esp_get_tc(s), maxlen);
224 if (dmalen == 0) {
225 return 0;
226 }
227 if (s->dma_memory_read) {
228 s->dma_memory_read(s->dma_opaque, buf, dmalen);
229 fifo8_push_all(&s->cmdfifo, buf, dmalen);
230 } else {
231 if (esp_select(s) < 0) {
232 fifo8_reset(&s->cmdfifo);
233 return -1;
234 }
235 esp_raise_drq(s);
236 fifo8_reset(&s->cmdfifo);
237 return 0;
238 }
239 } else {
240 dmalen = MIN(fifo8_num_used(&s->fifo), maxlen);
241 if (dmalen == 0) {
242 return 0;
243 }
244 memcpy(buf, fifo8_pop_buf(&s->fifo, dmalen, &n), dmalen);
245 if (dmalen >= 3) {
246 buf[0] = buf[2] >> 5;
247 }
248 fifo8_push_all(&s->cmdfifo, buf, dmalen);
249 }
250 trace_esp_get_cmd(dmalen, target);
251
252 if (esp_select(s) < 0) {
253 fifo8_reset(&s->cmdfifo);
254 return -1;
255 }
256 return dmalen;
257 }
258
259 static void do_busid_cmd(ESPState *s, uint8_t busid)
260 {
261 uint32_t n, cmdlen;
262 int32_t datalen;
263 int lun;
264 SCSIDevice *current_lun;
265 uint8_t *buf;
266
267 trace_esp_do_busid_cmd(busid);
268 lun = busid & 7;
269 cmdlen = fifo8_num_used(&s->cmdfifo);
270 buf = (uint8_t *)fifo8_pop_buf(&s->cmdfifo, cmdlen, &n);
271
272 current_lun = scsi_device_find(&s->bus, 0, s->current_dev->id, lun);
273 s->current_req = scsi_req_new(current_lun, 0, lun, buf, s);
274 datalen = scsi_req_enqueue(s->current_req);
275 s->ti_size = datalen;
276 fifo8_reset(&s->cmdfifo);
277 if (datalen != 0) {
278 s->rregs[ESP_RSTAT] = STAT_TC;
279 s->rregs[ESP_RSEQ] = SEQ_CD;
280 s->ti_cmd = 0;
281 esp_set_tc(s, 0);
282 if (datalen > 0) {
283 /*
284 * Switch to DATA IN phase but wait until initial data xfer is
285 * complete before raising the command completion interrupt
286 */
287 s->data_in_ready = false;
288 s->rregs[ESP_RSTAT] |= STAT_DI;
289 } else {
290 s->rregs[ESP_RSTAT] |= STAT_DO;
291 s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC;
292 esp_raise_irq(s);
293 esp_lower_drq(s);
294 }
295 scsi_req_continue(s->current_req);
296 return;
297 }
298 }
299
300 static void do_cmd(ESPState *s)
301 {
302 uint8_t busid = fifo8_pop(&s->cmdfifo);
303 uint32_t n;
304
305 s->cmdfifo_cdb_offset--;
306
307 /* Ignore extended messages for now */
308 if (s->cmdfifo_cdb_offset) {
309 fifo8_pop_buf(&s->cmdfifo, s->cmdfifo_cdb_offset, &n);
310 s->cmdfifo_cdb_offset = 0;
311 }
312
313 do_busid_cmd(s, busid);
314 }
315
316 static void satn_pdma_cb(ESPState *s)
317 {
318 s->do_cmd = 0;
319 if (!fifo8_is_empty(&s->cmdfifo)) {
320 s->cmdfifo_cdb_offset = 1;
321 do_cmd(s);
322 }
323 }
324
325 static void handle_satn(ESPState *s)
326 {
327 int32_t cmdlen;
328
329 if (s->dma && !s->dma_enabled) {
330 s->dma_cb = handle_satn;
331 return;
332 }
333 s->pdma_cb = satn_pdma_cb;
334 cmdlen = get_cmd(s, ESP_CMDFIFO_SZ);
335 if (cmdlen > 0) {
336 s->cmdfifo_cdb_offset = 1;
337 do_cmd(s);
338 } else if (cmdlen == 0) {
339 s->do_cmd = 1;
340 /* Target present, but no cmd yet - switch to command phase */
341 s->rregs[ESP_RSEQ] = SEQ_CD;
342 s->rregs[ESP_RSTAT] = STAT_CD;
343 }
344 }
345
346 static void s_without_satn_pdma_cb(ESPState *s)
347 {
348 uint32_t len;
349
350 s->do_cmd = 0;
351 len = fifo8_num_used(&s->cmdfifo);
352 if (len) {
353 s->cmdfifo_cdb_offset = 0;
354 do_busid_cmd(s, 0);
355 }
356 }
357
358 static void handle_s_without_atn(ESPState *s)
359 {
360 int32_t cmdlen;
361
362 if (s->dma && !s->dma_enabled) {
363 s->dma_cb = handle_s_without_atn;
364 return;
365 }
366 s->pdma_cb = s_without_satn_pdma_cb;
367 cmdlen = get_cmd(s, ESP_CMDFIFO_SZ);
368 if (cmdlen > 0) {
369 s->cmdfifo_cdb_offset = 0;
370 do_busid_cmd(s, 0);
371 } else if (cmdlen == 0) {
372 s->do_cmd = 1;
373 /* Target present, but no cmd yet - switch to command phase */
374 s->rregs[ESP_RSEQ] = SEQ_CD;
375 s->rregs[ESP_RSTAT] = STAT_CD;
376 }
377 }
378
379 static void satn_stop_pdma_cb(ESPState *s)
380 {
381 s->do_cmd = 0;
382 if (!fifo8_is_empty(&s->cmdfifo)) {
383 trace_esp_handle_satn_stop(fifo8_num_used(&s->cmdfifo));
384 s->do_cmd = 1;
385 s->cmdfifo_cdb_offset = 1;
386 s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD;
387 s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC;
388 s->rregs[ESP_RSEQ] = SEQ_CD;
389 esp_raise_irq(s);
390 }
391 }
392
393 static void handle_satn_stop(ESPState *s)
394 {
395 int32_t cmdlen;
396
397 if (s->dma && !s->dma_enabled) {
398 s->dma_cb = handle_satn_stop;
399 return;
400 }
401 s->pdma_cb = satn_stop_pdma_cb;
402 cmdlen = get_cmd(s, 1);
403 if (cmdlen > 0) {
404 trace_esp_handle_satn_stop(fifo8_num_used(&s->cmdfifo));
405 s->do_cmd = 1;
406 s->cmdfifo_cdb_offset = 1;
407 s->rregs[ESP_RSTAT] = STAT_MO;
408 s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC;
409 s->rregs[ESP_RSEQ] = SEQ_MO;
410 esp_raise_irq(s);
411 } else if (cmdlen == 0) {
412 s->do_cmd = 1;
413 /* Target present, switch to message out phase */
414 s->rregs[ESP_RSEQ] = SEQ_MO;
415 s->rregs[ESP_RSTAT] = STAT_MO;
416 }
417 }
418
419 static void write_response_pdma_cb(ESPState *s)
420 {
421 s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST;
422 s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC;
423 s->rregs[ESP_RSEQ] = SEQ_CD;
424 esp_raise_irq(s);
425 }
426
427 static void write_response(ESPState *s)
428 {
429 uint8_t buf[2];
430
431 trace_esp_write_response(s->status);
432
433 buf[0] = s->status;
434 buf[1] = 0;
435
436 if (s->dma) {
437 if (s->dma_memory_write) {
438 s->dma_memory_write(s->dma_opaque, buf, 2);
439 s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST;
440 s->rregs[ESP_RINTR] |= INTR_BS | INTR_FC;
441 s->rregs[ESP_RSEQ] = SEQ_CD;
442 } else {
443 s->pdma_cb = write_response_pdma_cb;
444 esp_raise_drq(s);
445 return;
446 }
447 } else {
448 fifo8_reset(&s->fifo);
449 fifo8_push_all(&s->fifo, buf, 2);
450 s->rregs[ESP_RFLAGS] = 2;
451 }
452 esp_raise_irq(s);
453 }
454
455 static void esp_dma_done(ESPState *s)
456 {
457 s->rregs[ESP_RSTAT] |= STAT_TC;
458 s->rregs[ESP_RINTR] |= INTR_BS;
459 s->rregs[ESP_RSEQ] = 0;
460 s->rregs[ESP_RFLAGS] = 0;
461 esp_set_tc(s, 0);
462 esp_raise_irq(s);
463 }
464
465 static void do_dma_pdma_cb(ESPState *s)
466 {
467 int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO);
468 int len;
469 uint32_t n;
470
471 if (s->do_cmd) {
472 s->ti_size = 0;
473 s->do_cmd = 0;
474 do_cmd(s);
475 esp_lower_drq(s);
476 return;
477 }
478
479 if (!s->current_req) {
480 return;
481 }
482
483 if (to_device) {
484 /* Copy FIFO data to device */
485 len = MIN(s->async_len, ESP_FIFO_SZ);
486 len = MIN(len, fifo8_num_used(&s->fifo));
487 memcpy(s->async_buf, fifo8_pop_buf(&s->fifo, len, &n), len);
488 s->async_buf += n;
489 s->async_len -= n;
490 s->ti_size += n;
491
492 if (n < len) {
493 /* Unaligned accesses can cause FIFO wraparound */
494 len = len - n;
495 memcpy(s->async_buf, fifo8_pop_buf(&s->fifo, len, &n), len);
496 s->async_buf += n;
497 s->async_len -= n;
498 s->ti_size += n;
499 }
500
501 if (s->async_len == 0) {
502 scsi_req_continue(s->current_req);
503 return;
504 }
505
506 if (esp_get_tc(s) == 0) {
507 esp_lower_drq(s);
508 esp_dma_done(s);
509 }
510
511 return;
512 } else {
513 if (s->async_len == 0) {
514 /* Defer until the scsi layer has completed */
515 scsi_req_continue(s->current_req);
516 s->data_in_ready = false;
517 return;
518 }
519
520 if (esp_get_tc(s) != 0) {
521 /* Copy device data to FIFO */
522 len = MIN(s->async_len, esp_get_tc(s));
523 len = MIN(len, fifo8_num_free(&s->fifo));
524 fifo8_push_all(&s->fifo, s->async_buf, len);
525 s->async_buf += len;
526 s->async_len -= len;
527 s->ti_size -= len;
528 esp_set_tc(s, esp_get_tc(s) - len);
529
530 if (esp_get_tc(s) == 0) {
531 /* Indicate transfer to FIFO is complete */
532 s->rregs[ESP_RSTAT] |= STAT_TC;
533 }
534 return;
535 }
536
537 /* Partially filled a scsi buffer. Complete immediately. */
538 esp_lower_drq(s);
539 esp_dma_done(s);
540 }
541 }
542
543 static void esp_do_dma(ESPState *s)
544 {
545 uint32_t len, cmdlen;
546 int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO);
547 uint8_t buf[ESP_CMDFIFO_SZ];
548
549 len = esp_get_tc(s);
550 if (s->do_cmd) {
551 /*
552 * handle_ti_cmd() case: esp_do_dma() is called only from
553 * handle_ti_cmd() with do_cmd != NULL (see the assert())
554 */
555 cmdlen = fifo8_num_used(&s->cmdfifo);
556 trace_esp_do_dma(cmdlen, len);
557 if (s->dma_memory_read) {
558 s->dma_memory_read(s->dma_opaque, buf, len);
559 fifo8_push_all(&s->cmdfifo, buf, len);
560 } else {
561 s->pdma_cb = do_dma_pdma_cb;
562 esp_raise_drq(s);
563 return;
564 }
565 trace_esp_handle_ti_cmd(cmdlen);
566 s->ti_size = 0;
567 if ((s->rregs[ESP_RSTAT] & 7) == STAT_CD) {
568 /* No command received */
569 if (s->cmdfifo_cdb_offset == fifo8_num_used(&s->cmdfifo)) {
570 return;
571 }
572
573 /* Command has been received */
574 s->do_cmd = 0;
575 do_cmd(s);
576 } else {
577 /*
578 * Extra message out bytes received: update cmdfifo_cdb_offset
579 * and then switch to commmand phase
580 */
581 s->cmdfifo_cdb_offset = fifo8_num_used(&s->cmdfifo);
582 s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD;
583 s->rregs[ESP_RSEQ] = SEQ_CD;
584 s->rregs[ESP_RINTR] |= INTR_BS;
585 esp_raise_irq(s);
586 }
587 return;
588 }
589 if (!s->current_req) {
590 return;
591 }
592 if (s->async_len == 0) {
593 /* Defer until data is available. */
594 return;
595 }
596 if (len > s->async_len) {
597 len = s->async_len;
598 }
599 if (to_device) {
600 if (s->dma_memory_read) {
601 s->dma_memory_read(s->dma_opaque, s->async_buf, len);
602 } else {
603 s->pdma_cb = do_dma_pdma_cb;
604 esp_raise_drq(s);
605 return;
606 }
607 } else {
608 if (s->dma_memory_write) {
609 s->dma_memory_write(s->dma_opaque, s->async_buf, len);
610 } else {
611 /* Adjust TC for any leftover data in the FIFO */
612 if (!fifo8_is_empty(&s->fifo)) {
613 esp_set_tc(s, esp_get_tc(s) - fifo8_num_used(&s->fifo));
614 }
615
616 /* Copy device data to FIFO */
617 len = MIN(len, fifo8_num_free(&s->fifo));
618 fifo8_push_all(&s->fifo, s->async_buf, len);
619 s->async_buf += len;
620 s->async_len -= len;
621 s->ti_size -= len;
622
623 /*
624 * MacOS toolbox uses a TI length of 16 bytes for all commands, so
625 * commands shorter than this must be padded accordingly
626 */
627 if (len < esp_get_tc(s) && esp_get_tc(s) <= ESP_FIFO_SZ) {
628 while (fifo8_num_used(&s->fifo) < ESP_FIFO_SZ) {
629 esp_fifo_push(&s->fifo, 0);
630 len++;
631 }
632 }
633
634 esp_set_tc(s, esp_get_tc(s) - len);
635 s->pdma_cb = do_dma_pdma_cb;
636 esp_raise_drq(s);
637
638 /* Indicate transfer to FIFO is complete */
639 s->rregs[ESP_RSTAT] |= STAT_TC;
640 return;
641 }
642 }
643 esp_set_tc(s, esp_get_tc(s) - len);
644 s->async_buf += len;
645 s->async_len -= len;
646 if (to_device) {
647 s->ti_size += len;
648 } else {
649 s->ti_size -= len;
650 }
651 if (s->async_len == 0) {
652 scsi_req_continue(s->current_req);
653 /*
654 * If there is still data to be read from the device then
655 * complete the DMA operation immediately. Otherwise defer
656 * until the scsi layer has completed.
657 */
658 if (to_device || esp_get_tc(s) != 0 || s->ti_size == 0) {
659 return;
660 }
661 }
662
663 /* Partially filled a scsi buffer. Complete immediately. */
664 esp_dma_done(s);
665 esp_lower_drq(s);
666 }
667
668 static void esp_do_nodma(ESPState *s)
669 {
670 int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO);
671 uint32_t cmdlen, n;
672 int len;
673
674 if (s->do_cmd) {
675 cmdlen = fifo8_num_used(&s->cmdfifo);
676 trace_esp_handle_ti_cmd(cmdlen);
677 s->ti_size = 0;
678 if ((s->rregs[ESP_RSTAT] & 7) == STAT_CD) {
679 /* No command received */
680 if (s->cmdfifo_cdb_offset == fifo8_num_used(&s->cmdfifo)) {
681 return;
682 }
683
684 /* Command has been received */
685 s->do_cmd = 0;
686 do_cmd(s);
687 } else {
688 /*
689 * Extra message out bytes received: update cmdfifo_cdb_offset
690 * and then switch to commmand phase
691 */
692 s->cmdfifo_cdb_offset = fifo8_num_used(&s->cmdfifo);
693 s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD;
694 s->rregs[ESP_RSEQ] = SEQ_CD;
695 s->rregs[ESP_RINTR] |= INTR_BS;
696 esp_raise_irq(s);
697 }
698 return;
699 }
700
701 if (!s->current_req) {
702 return;
703 }
704
705 if (s->async_len == 0) {
706 /* Defer until data is available. */
707 return;
708 }
709
710 if (to_device) {
711 len = MIN(fifo8_num_used(&s->fifo), ESP_FIFO_SZ);
712 memcpy(s->async_buf, fifo8_pop_buf(&s->fifo, len, &n), len);
713 s->async_buf += len;
714 s->async_len -= len;
715 s->ti_size += len;
716 } else {
717 len = MIN(s->ti_size, s->async_len);
718 len = MIN(len, fifo8_num_free(&s->fifo));
719 fifo8_push_all(&s->fifo, s->async_buf, len);
720 s->async_buf += len;
721 s->async_len -= len;
722 s->ti_size -= len;
723 }
724
725 if (s->async_len == 0) {
726 scsi_req_continue(s->current_req);
727
728 if (to_device || s->ti_size == 0) {
729 return;
730 }
731 }
732
733 s->rregs[ESP_RINTR] |= INTR_BS;
734 esp_raise_irq(s);
735 }
736
737 void esp_command_complete(SCSIRequest *req, size_t resid)
738 {
739 ESPState *s = req->hba_private;
740
741 trace_esp_command_complete();
742 if (s->ti_size != 0) {
743 trace_esp_command_complete_unexpected();
744 }
745 s->ti_size = 0;
746 s->async_len = 0;
747 if (req->status) {
748 trace_esp_command_complete_fail();
749 }
750 s->status = req->status;
751 s->rregs[ESP_RSTAT] = STAT_ST;
752 esp_dma_done(s);
753 esp_lower_drq(s);
754 if (s->current_req) {
755 scsi_req_unref(s->current_req);
756 s->current_req = NULL;
757 s->current_dev = NULL;
758 }
759 }
760
761 void esp_transfer_data(SCSIRequest *req, uint32_t len)
762 {
763 ESPState *s = req->hba_private;
764 int to_device = ((s->rregs[ESP_RSTAT] & 7) == STAT_DO);
765 uint32_t dmalen = esp_get_tc(s);
766
767 assert(!s->do_cmd);
768 trace_esp_transfer_data(dmalen, s->ti_size);
769 s->async_len = len;
770 s->async_buf = scsi_req_get_buf(req);
771
772 if (!to_device && !s->data_in_ready) {
773 /*
774 * Initial incoming data xfer is complete so raise command
775 * completion interrupt
776 */
777 s->data_in_ready = true;
778 s->rregs[ESP_RSTAT] |= STAT_TC;
779 s->rregs[ESP_RINTR] |= INTR_BS;
780 esp_raise_irq(s);
781
782 /*
783 * If data is ready to transfer and the TI command has already
784 * been executed, start DMA immediately. Otherwise DMA will start
785 * when host sends the TI command
786 */
787 if (s->ti_size && (s->rregs[ESP_CMD] == (CMD_TI | CMD_DMA))) {
788 esp_do_dma(s);
789 }
790 return;
791 }
792
793 if (s->ti_cmd == 0) {
794 /*
795 * Always perform the initial transfer upon reception of the next TI
796 * command to ensure the DMA/non-DMA status of the command is correct.
797 * It is not possible to use s->dma directly in the section below as
798 * some OSs send non-DMA NOP commands after a DMA transfer. Hence if the
799 * async data transfer is delayed then s->dma is set incorrectly.
800 */
801 return;
802 }
803
804 if (s->ti_cmd & CMD_DMA) {
805 if (dmalen) {
806 esp_do_dma(s);
807 } else if (s->ti_size <= 0) {
808 /*
809 * If this was the last part of a DMA transfer then the
810 * completion interrupt is deferred to here.
811 */
812 esp_dma_done(s);
813 esp_lower_drq(s);
814 }
815 } else {
816 esp_do_nodma(s);
817 }
818 }
819
820 static void handle_ti(ESPState *s)
821 {
822 uint32_t dmalen;
823
824 if (s->dma && !s->dma_enabled) {
825 s->dma_cb = handle_ti;
826 return;
827 }
828
829 s->ti_cmd = s->rregs[ESP_CMD];
830 if (s->dma) {
831 dmalen = esp_get_tc(s);
832 trace_esp_handle_ti(dmalen);
833 s->rregs[ESP_RSTAT] &= ~STAT_TC;
834 esp_do_dma(s);
835 } else {
836 trace_esp_handle_ti(s->ti_size);
837 esp_do_nodma(s);
838 }
839 }
840
841 void esp_hard_reset(ESPState *s)
842 {
843 memset(s->rregs, 0, ESP_REGS);
844 memset(s->wregs, 0, ESP_REGS);
845 s->tchi_written = 0;
846 s->ti_size = 0;
847 fifo8_reset(&s->fifo);
848 fifo8_reset(&s->cmdfifo);
849 s->dma = 0;
850 s->do_cmd = 0;
851 s->dma_cb = NULL;
852
853 s->rregs[ESP_CFG1] = 7;
854 }
855
856 static void esp_soft_reset(ESPState *s)
857 {
858 qemu_irq_lower(s->irq);
859 qemu_irq_lower(s->irq_data);
860 esp_hard_reset(s);
861 }
862
863 static void parent_esp_reset(ESPState *s, int irq, int level)
864 {
865 if (level) {
866 esp_soft_reset(s);
867 }
868 }
869
870 uint64_t esp_reg_read(ESPState *s, uint32_t saddr)
871 {
872 uint32_t val;
873
874 switch (saddr) {
875 case ESP_FIFO:
876 if (s->dma_memory_read && s->dma_memory_write &&
877 (s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) {
878 /* Data out. */
879 qemu_log_mask(LOG_UNIMP, "esp: PIO data read not implemented\n");
880 s->rregs[ESP_FIFO] = 0;
881 } else {
882 s->rregs[ESP_FIFO] = esp_fifo_pop(&s->fifo);
883 }
884 val = s->rregs[ESP_FIFO];
885 break;
886 case ESP_RINTR:
887 /*
888 * Clear sequence step, interrupt register and all status bits
889 * except TC
890 */
891 val = s->rregs[ESP_RINTR];
892 s->rregs[ESP_RINTR] = 0;
893 s->rregs[ESP_RSTAT] &= ~STAT_TC;
894 s->rregs[ESP_RSEQ] = SEQ_0;
895 esp_lower_irq(s);
896 break;
897 case ESP_TCHI:
898 /* Return the unique id if the value has never been written */
899 if (!s->tchi_written) {
900 val = s->chip_id;
901 } else {
902 val = s->rregs[saddr];
903 }
904 break;
905 case ESP_RFLAGS:
906 /* Bottom 5 bits indicate number of bytes in FIFO */
907 val = fifo8_num_used(&s->fifo);
908 break;
909 default:
910 val = s->rregs[saddr];
911 break;
912 }
913
914 trace_esp_mem_readb(saddr, val);
915 return val;
916 }
917
918 void esp_reg_write(ESPState *s, uint32_t saddr, uint64_t val)
919 {
920 trace_esp_mem_writeb(saddr, s->wregs[saddr], val);
921 switch (saddr) {
922 case ESP_TCHI:
923 s->tchi_written = true;
924 /* fall through */
925 case ESP_TCLO:
926 case ESP_TCMID:
927 s->rregs[ESP_RSTAT] &= ~STAT_TC;
928 break;
929 case ESP_FIFO:
930 if (s->do_cmd) {
931 esp_fifo_push(&s->cmdfifo, val);
932 } else {
933 esp_fifo_push(&s->fifo, val);
934 }
935
936 /* Non-DMA transfers raise an interrupt after every byte */
937 if (s->rregs[ESP_CMD] == CMD_TI) {
938 s->rregs[ESP_RINTR] |= INTR_FC | INTR_BS;
939 esp_raise_irq(s);
940 }
941 break;
942 case ESP_CMD:
943 s->rregs[saddr] = val;
944 if (val & CMD_DMA) {
945 s->dma = 1;
946 /* Reload DMA counter. */
947 if (esp_get_stc(s) == 0) {
948 esp_set_tc(s, 0x10000);
949 } else {
950 esp_set_tc(s, esp_get_stc(s));
951 }
952 } else {
953 s->dma = 0;
954 }
955 switch (val & CMD_CMD) {
956 case CMD_NOP:
957 trace_esp_mem_writeb_cmd_nop(val);
958 break;
959 case CMD_FLUSH:
960 trace_esp_mem_writeb_cmd_flush(val);
961 fifo8_reset(&s->fifo);
962 break;
963 case CMD_RESET:
964 trace_esp_mem_writeb_cmd_reset(val);
965 esp_soft_reset(s);
966 break;
967 case CMD_BUSRESET:
968 trace_esp_mem_writeb_cmd_bus_reset(val);
969 if (!(s->wregs[ESP_CFG1] & CFG1_RESREPT)) {
970 s->rregs[ESP_RINTR] |= INTR_RST;
971 esp_raise_irq(s);
972 }
973 break;
974 case CMD_TI:
975 trace_esp_mem_writeb_cmd_ti(val);
976 handle_ti(s);
977 break;
978 case CMD_ICCS:
979 trace_esp_mem_writeb_cmd_iccs(val);
980 write_response(s);
981 s->rregs[ESP_RINTR] |= INTR_FC;
982 s->rregs[ESP_RSTAT] |= STAT_MI;
983 break;
984 case CMD_MSGACC:
985 trace_esp_mem_writeb_cmd_msgacc(val);
986 s->rregs[ESP_RINTR] |= INTR_DC;
987 s->rregs[ESP_RSEQ] = 0;
988 s->rregs[ESP_RFLAGS] = 0;
989 esp_raise_irq(s);
990 break;
991 case CMD_PAD:
992 trace_esp_mem_writeb_cmd_pad(val);
993 s->rregs[ESP_RSTAT] = STAT_TC;
994 s->rregs[ESP_RINTR] |= INTR_FC;
995 s->rregs[ESP_RSEQ] = 0;
996 break;
997 case CMD_SATN:
998 trace_esp_mem_writeb_cmd_satn(val);
999 break;
1000 case CMD_RSTATN:
1001 trace_esp_mem_writeb_cmd_rstatn(val);
1002 break;
1003 case CMD_SEL:
1004 trace_esp_mem_writeb_cmd_sel(val);
1005 handle_s_without_atn(s);
1006 break;
1007 case CMD_SELATN:
1008 trace_esp_mem_writeb_cmd_selatn(val);
1009 handle_satn(s);
1010 break;
1011 case CMD_SELATNS:
1012 trace_esp_mem_writeb_cmd_selatns(val);
1013 handle_satn_stop(s);
1014 break;
1015 case CMD_ENSEL:
1016 trace_esp_mem_writeb_cmd_ensel(val);
1017 s->rregs[ESP_RINTR] = 0;
1018 break;
1019 case CMD_DISSEL:
1020 trace_esp_mem_writeb_cmd_dissel(val);
1021 s->rregs[ESP_RINTR] = 0;
1022 esp_raise_irq(s);
1023 break;
1024 default:
1025 trace_esp_error_unhandled_command(val);
1026 break;
1027 }
1028 break;
1029 case ESP_WBUSID ... ESP_WSYNO:
1030 break;
1031 case ESP_CFG1:
1032 case ESP_CFG2: case ESP_CFG3:
1033 case ESP_RES3: case ESP_RES4:
1034 s->rregs[saddr] = val;
1035 break;
1036 case ESP_WCCF ... ESP_WTEST:
1037 break;
1038 default:
1039 trace_esp_error_invalid_write(val, saddr);
1040 return;
1041 }
1042 s->wregs[saddr] = val;
1043 }
1044
1045 static bool esp_mem_accepts(void *opaque, hwaddr addr,
1046 unsigned size, bool is_write,
1047 MemTxAttrs attrs)
1048 {
1049 return (size == 1) || (is_write && size == 4);
1050 }
1051
1052 static bool esp_is_before_version_5(void *opaque, int version_id)
1053 {
1054 ESPState *s = ESP(opaque);
1055
1056 version_id = MIN(version_id, s->mig_version_id);
1057 return version_id < 5;
1058 }
1059
1060 static bool esp_is_version_5(void *opaque, int version_id)
1061 {
1062 ESPState *s = ESP(opaque);
1063
1064 version_id = MIN(version_id, s->mig_version_id);
1065 return version_id == 5;
1066 }
1067
1068 int esp_pre_save(void *opaque)
1069 {
1070 ESPState *s = ESP(object_resolve_path_component(
1071 OBJECT(opaque), "esp"));
1072
1073 s->mig_version_id = vmstate_esp.version_id;
1074 return 0;
1075 }
1076
1077 static int esp_post_load(void *opaque, int version_id)
1078 {
1079 ESPState *s = ESP(opaque);
1080 int len, i;
1081
1082 version_id = MIN(version_id, s->mig_version_id);
1083
1084 if (version_id < 5) {
1085 esp_set_tc(s, s->mig_dma_left);
1086
1087 /* Migrate ti_buf to fifo */
1088 len = s->mig_ti_wptr - s->mig_ti_rptr;
1089 for (i = 0; i < len; i++) {
1090 fifo8_push(&s->fifo, s->mig_ti_buf[i]);
1091 }
1092
1093 /* Migrate cmdbuf to cmdfifo */
1094 for (i = 0; i < s->mig_cmdlen; i++) {
1095 fifo8_push(&s->cmdfifo, s->mig_cmdbuf[i]);
1096 }
1097 }
1098
1099 s->mig_version_id = vmstate_esp.version_id;
1100 return 0;
1101 }
1102
1103 const VMStateDescription vmstate_esp = {
1104 .name = "esp",
1105 .version_id = 5,
1106 .minimum_version_id = 3,
1107 .post_load = esp_post_load,
1108 .fields = (VMStateField[]) {
1109 VMSTATE_BUFFER(rregs, ESPState),
1110 VMSTATE_BUFFER(wregs, ESPState),
1111 VMSTATE_INT32(ti_size, ESPState),
1112 VMSTATE_UINT32_TEST(mig_ti_rptr, ESPState, esp_is_before_version_5),
1113 VMSTATE_UINT32_TEST(mig_ti_wptr, ESPState, esp_is_before_version_5),
1114 VMSTATE_BUFFER_TEST(mig_ti_buf, ESPState, esp_is_before_version_5),
1115 VMSTATE_UINT32(status, ESPState),
1116 VMSTATE_UINT32_TEST(mig_deferred_status, ESPState,
1117 esp_is_before_version_5),
1118 VMSTATE_BOOL_TEST(mig_deferred_complete, ESPState,
1119 esp_is_before_version_5),
1120 VMSTATE_UINT32(dma, ESPState),
1121 VMSTATE_STATIC_BUFFER(mig_cmdbuf, ESPState, 0,
1122 esp_is_before_version_5, 0, 16),
1123 VMSTATE_STATIC_BUFFER(mig_cmdbuf, ESPState, 4,
1124 esp_is_before_version_5, 16,
1125 sizeof(typeof_field(ESPState, mig_cmdbuf))),
1126 VMSTATE_UINT32_TEST(mig_cmdlen, ESPState, esp_is_before_version_5),
1127 VMSTATE_UINT32(do_cmd, ESPState),
1128 VMSTATE_UINT32_TEST(mig_dma_left, ESPState, esp_is_before_version_5),
1129 VMSTATE_BOOL_TEST(data_in_ready, ESPState, esp_is_version_5),
1130 VMSTATE_UINT8_TEST(cmdfifo_cdb_offset, ESPState, esp_is_version_5),
1131 VMSTATE_FIFO8_TEST(fifo, ESPState, esp_is_version_5),
1132 VMSTATE_FIFO8_TEST(cmdfifo, ESPState, esp_is_version_5),
1133 VMSTATE_UINT8_TEST(ti_cmd, ESPState, esp_is_version_5),
1134 VMSTATE_END_OF_LIST()
1135 },
1136 };
1137
1138 static void sysbus_esp_mem_write(void *opaque, hwaddr addr,
1139 uint64_t val, unsigned int size)
1140 {
1141 SysBusESPState *sysbus = opaque;
1142 ESPState *s = ESP(&sysbus->esp);
1143 uint32_t saddr;
1144
1145 saddr = addr >> sysbus->it_shift;
1146 esp_reg_write(s, saddr, val);
1147 }
1148
1149 static uint64_t sysbus_esp_mem_read(void *opaque, hwaddr addr,
1150 unsigned int size)
1151 {
1152 SysBusESPState *sysbus = opaque;
1153 ESPState *s = ESP(&sysbus->esp);
1154 uint32_t saddr;
1155
1156 saddr = addr >> sysbus->it_shift;
1157 return esp_reg_read(s, saddr);
1158 }
1159
1160 static const MemoryRegionOps sysbus_esp_mem_ops = {
1161 .read = sysbus_esp_mem_read,
1162 .write = sysbus_esp_mem_write,
1163 .endianness = DEVICE_NATIVE_ENDIAN,
1164 .valid.accepts = esp_mem_accepts,
1165 };
1166
1167 static void sysbus_esp_pdma_write(void *opaque, hwaddr addr,
1168 uint64_t val, unsigned int size)
1169 {
1170 SysBusESPState *sysbus = opaque;
1171 ESPState *s = ESP(&sysbus->esp);
1172 uint32_t dmalen;
1173
1174 trace_esp_pdma_write(size);
1175
1176 switch (size) {
1177 case 1:
1178 esp_pdma_write(s, val);
1179 break;
1180 case 2:
1181 esp_pdma_write(s, val >> 8);
1182 esp_pdma_write(s, val);
1183 break;
1184 }
1185 dmalen = esp_get_tc(s);
1186 if (dmalen == 0 || fifo8_num_free(&s->fifo) < 2) {
1187 s->pdma_cb(s);
1188 }
1189 }
1190
1191 static uint64_t sysbus_esp_pdma_read(void *opaque, hwaddr addr,
1192 unsigned int size)
1193 {
1194 SysBusESPState *sysbus = opaque;
1195 ESPState *s = ESP(&sysbus->esp);
1196 uint64_t val = 0;
1197
1198 trace_esp_pdma_read(size);
1199
1200 switch (size) {
1201 case 1:
1202 val = esp_pdma_read(s);
1203 break;
1204 case 2:
1205 val = esp_pdma_read(s);
1206 val = (val << 8) | esp_pdma_read(s);
1207 break;
1208 }
1209 if (fifo8_num_used(&s->fifo) < 2) {
1210 s->pdma_cb(s);
1211 }
1212 return val;
1213 }
1214
1215 static const MemoryRegionOps sysbus_esp_pdma_ops = {
1216 .read = sysbus_esp_pdma_read,
1217 .write = sysbus_esp_pdma_write,
1218 .endianness = DEVICE_NATIVE_ENDIAN,
1219 .valid.min_access_size = 1,
1220 .valid.max_access_size = 4,
1221 .impl.min_access_size = 1,
1222 .impl.max_access_size = 2,
1223 };
1224
1225 static const struct SCSIBusInfo esp_scsi_info = {
1226 .tcq = false,
1227 .max_target = ESP_MAX_DEVS,
1228 .max_lun = 7,
1229
1230 .transfer_data = esp_transfer_data,
1231 .complete = esp_command_complete,
1232 .cancel = esp_request_cancelled
1233 };
1234
1235 static void sysbus_esp_gpio_demux(void *opaque, int irq, int level)
1236 {
1237 SysBusESPState *sysbus = SYSBUS_ESP(opaque);
1238 ESPState *s = ESP(&sysbus->esp);
1239
1240 switch (irq) {
1241 case 0:
1242 parent_esp_reset(s, irq, level);
1243 break;
1244 case 1:
1245 esp_dma_enable(opaque, irq, level);
1246 break;
1247 }
1248 }
1249
1250 static void sysbus_esp_realize(DeviceState *dev, Error **errp)
1251 {
1252 SysBusDevice *sbd = SYS_BUS_DEVICE(dev);
1253 SysBusESPState *sysbus = SYSBUS_ESP(dev);
1254 ESPState *s = ESP(&sysbus->esp);
1255
1256 if (!qdev_realize(DEVICE(s), NULL, errp)) {
1257 return;
1258 }
1259
1260 sysbus_init_irq(sbd, &s->irq);
1261 sysbus_init_irq(sbd, &s->irq_data);
1262 assert(sysbus->it_shift != -1);
1263
1264 s->chip_id = TCHI_FAS100A;
1265 memory_region_init_io(&sysbus->iomem, OBJECT(sysbus), &sysbus_esp_mem_ops,
1266 sysbus, "esp-regs", ESP_REGS << sysbus->it_shift);
1267 sysbus_init_mmio(sbd, &sysbus->iomem);
1268 memory_region_init_io(&sysbus->pdma, OBJECT(sysbus), &sysbus_esp_pdma_ops,
1269 sysbus, "esp-pdma", 4);
1270 sysbus_init_mmio(sbd, &sysbus->pdma);
1271
1272 qdev_init_gpio_in(dev, sysbus_esp_gpio_demux, 2);
1273
1274 scsi_bus_new(&s->bus, sizeof(s->bus), dev, &esp_scsi_info, NULL);
1275 }
1276
1277 static void sysbus_esp_hard_reset(DeviceState *dev)
1278 {
1279 SysBusESPState *sysbus = SYSBUS_ESP(dev);
1280 ESPState *s = ESP(&sysbus->esp);
1281
1282 esp_hard_reset(s);
1283 }
1284
1285 static void sysbus_esp_init(Object *obj)
1286 {
1287 SysBusESPState *sysbus = SYSBUS_ESP(obj);
1288
1289 object_initialize_child(obj, "esp", &sysbus->esp, TYPE_ESP);
1290 }
1291
1292 static const VMStateDescription vmstate_sysbus_esp_scsi = {
1293 .name = "sysbusespscsi",
1294 .version_id = 2,
1295 .minimum_version_id = 1,
1296 .pre_save = esp_pre_save,
1297 .fields = (VMStateField[]) {
1298 VMSTATE_UINT8_V(esp.mig_version_id, SysBusESPState, 2),
1299 VMSTATE_STRUCT(esp, SysBusESPState, 0, vmstate_esp, ESPState),
1300 VMSTATE_END_OF_LIST()
1301 }
1302 };
1303
1304 static void sysbus_esp_class_init(ObjectClass *klass, void *data)
1305 {
1306 DeviceClass *dc = DEVICE_CLASS(klass);
1307
1308 dc->realize = sysbus_esp_realize;
1309 dc->reset = sysbus_esp_hard_reset;
1310 dc->vmsd = &vmstate_sysbus_esp_scsi;
1311 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1312 }
1313
1314 static const TypeInfo sysbus_esp_info = {
1315 .name = TYPE_SYSBUS_ESP,
1316 .parent = TYPE_SYS_BUS_DEVICE,
1317 .instance_init = sysbus_esp_init,
1318 .instance_size = sizeof(SysBusESPState),
1319 .class_init = sysbus_esp_class_init,
1320 };
1321
1322 static void esp_finalize(Object *obj)
1323 {
1324 ESPState *s = ESP(obj);
1325
1326 fifo8_destroy(&s->fifo);
1327 fifo8_destroy(&s->cmdfifo);
1328 }
1329
1330 static void esp_init(Object *obj)
1331 {
1332 ESPState *s = ESP(obj);
1333
1334 fifo8_create(&s->fifo, ESP_FIFO_SZ);
1335 fifo8_create(&s->cmdfifo, ESP_CMDFIFO_SZ);
1336 }
1337
1338 static void esp_class_init(ObjectClass *klass, void *data)
1339 {
1340 DeviceClass *dc = DEVICE_CLASS(klass);
1341
1342 /* internal device for sysbusesp/pciespscsi, not user-creatable */
1343 dc->user_creatable = false;
1344 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
1345 }
1346
1347 static const TypeInfo esp_info = {
1348 .name = TYPE_ESP,
1349 .parent = TYPE_DEVICE,
1350 .instance_init = esp_init,
1351 .instance_finalize = esp_finalize,
1352 .instance_size = sizeof(ESPState),
1353 .class_init = esp_class_init,
1354 };
1355
1356 static void esp_register_types(void)
1357 {
1358 type_register_static(&sysbus_esp_info);
1359 type_register_static(&esp_info);
1360 }
1361
1362 type_init(esp_register_types)