2 * QEMU ESP/NCR53C9x emulation
4 * Copyright (c) 2005-2006 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
33 * On Sparc32, this is the ESP (NCR53C90) part of chip STP2000 (Master I/O),
34 * also produced as NCR89C100. See
35 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR89C100.txt
37 * http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR53C9X.txt
41 #define DPRINTF(fmt, ...) \
42 do { printf("ESP: " fmt , ## __VA_ARGS__); } while (0)
44 #define DPRINTF(fmt, ...) do {} while (0)
47 #define ESP_ERROR(fmt, ...) \
48 do { printf("ESP ERROR: %s: " fmt, __func__ , ## __VA_ARGS__); } while (0)
53 typedef struct ESPState ESPState;
59 uint8_t rregs[ESP_REGS];
60 uint8_t wregs[ESP_REGS];
62 uint32_t ti_rptr, ti_wptr;
63 uint8_t ti_buf[TI_BUFSZ];
67 SCSIDevice *current_dev;
68 uint8_t cmdbuf[TI_BUFSZ];
72 /* The amount of data left in the current DMA transfer. */
74 /* The size of the current DMA transfer. Zero if no transfer is in
80 ESPDMAMemoryReadWriteFunc dma_memory_read;
81 ESPDMAMemoryReadWriteFunc dma_memory_write;
84 void (*dma_cb)(ESPState *s);
92 #define ESP_WBUSID 0x4
96 #define ESP_WSYNTP 0x6
97 #define ESP_RFLAGS 0x7
100 #define ESP_RRES1 0x9
102 #define ESP_RRES2 0xa
103 #define ESP_WTEST 0xa
114 #define CMD_FLUSH 0x01
115 #define CMD_RESET 0x02
116 #define CMD_BUSRESET 0x03
118 #define CMD_ICCS 0x11
119 #define CMD_MSGACC 0x12
121 #define CMD_SATN 0x1a
123 #define CMD_SELATN 0x42
124 #define CMD_SELATNS 0x43
125 #define CMD_ENSEL 0x44
133 #define STAT_PIO_MASK 0x06
138 #define STAT_INT 0x80
140 #define BUSID_DID 0x07
145 #define INTR_RST 0x80
150 #define CFG1_RESREPT 0x40
152 #define TCHI_FAS100A 0x4
154 static void esp_raise_irq(ESPState *s)
156 if (!(s->rregs[ESP_RSTAT] & STAT_INT)) {
157 s->rregs[ESP_RSTAT] |= STAT_INT;
158 qemu_irq_raise(s->irq);
159 DPRINTF("Raise IRQ\n");
163 static void esp_lower_irq(ESPState *s)
165 if (s->rregs[ESP_RSTAT] & STAT_INT) {
166 s->rregs[ESP_RSTAT] &= ~STAT_INT;
167 qemu_irq_lower(s->irq);
168 DPRINTF("Lower IRQ\n");
172 static void esp_dma_enable(void *opaque, int irq, int level)
174 DeviceState *d = opaque;
175 ESPState *s = container_of(d, ESPState, busdev.qdev);
179 DPRINTF("Raise enable\n");
185 DPRINTF("Lower enable\n");
190 static uint32_t get_cmd(ESPState *s, uint8_t *buf)
195 target = s->wregs[ESP_WBUSID] & BUSID_DID;
197 dmalen = s->rregs[ESP_TCLO] | (s->rregs[ESP_TCMID] << 8);
198 s->dma_memory_read(s->dma_opaque, buf, dmalen);
201 memcpy(buf, s->ti_buf, dmalen);
204 DPRINTF("get_cmd: len %d target %d\n", dmalen, target);
210 if (s->current_dev) {
211 /* Started a new command before the old one finished. Cancel it. */
212 s->current_dev->info->cancel_io(s->current_dev, 0);
216 if (target >= ESP_MAX_DEVS || !s->bus.devs[target]) {
218 s->rregs[ESP_RSTAT] = 0;
219 s->rregs[ESP_RINTR] = INTR_DC;
220 s->rregs[ESP_RSEQ] = SEQ_0;
224 s->current_dev = s->bus.devs[target];
228 static void do_busid_cmd(ESPState *s, uint8_t *buf, uint8_t busid)
233 DPRINTF("do_busid_cmd: busid 0x%x\n", busid);
235 datalen = s->current_dev->info->send_command(s->current_dev, 0, buf, lun);
236 s->ti_size = datalen;
238 s->rregs[ESP_RSTAT] = STAT_TC;
242 s->rregs[ESP_RSTAT] |= STAT_DI;
243 s->current_dev->info->read_data(s->current_dev, 0);
245 s->rregs[ESP_RSTAT] |= STAT_DO;
246 s->current_dev->info->write_data(s->current_dev, 0);
249 s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
250 s->rregs[ESP_RSEQ] = SEQ_CD;
254 static void do_cmd(ESPState *s, uint8_t *buf)
256 uint8_t busid = buf[0];
258 do_busid_cmd(s, &buf[1], busid);
261 static void handle_satn(ESPState *s)
266 if (!s->dma_enabled) {
267 s->dma_cb = handle_satn;
270 len = get_cmd(s, buf);
275 static void handle_s_without_atn(ESPState *s)
280 if (!s->dma_enabled) {
281 s->dma_cb = handle_s_without_atn;
284 len = get_cmd(s, buf);
286 do_busid_cmd(s, buf, 0);
290 static void handle_satn_stop(ESPState *s)
292 if (!s->dma_enabled) {
293 s->dma_cb = handle_satn_stop;
296 s->cmdlen = get_cmd(s, s->cmdbuf);
298 DPRINTF("Set ATN & Stop: cmdlen %d\n", s->cmdlen);
300 s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD;
301 s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
302 s->rregs[ESP_RSEQ] = SEQ_CD;
307 static void write_response(ESPState *s)
309 DPRINTF("Transfer status (sense=%d)\n", s->sense);
310 s->ti_buf[0] = s->sense;
313 s->dma_memory_write(s->dma_opaque, s->ti_buf, 2);
314 s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST;
315 s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
316 s->rregs[ESP_RSEQ] = SEQ_CD;
321 s->rregs[ESP_RFLAGS] = 2;
326 static void esp_dma_done(ESPState *s)
328 s->rregs[ESP_RSTAT] |= STAT_TC;
329 s->rregs[ESP_RINTR] = INTR_BS;
330 s->rregs[ESP_RSEQ] = 0;
331 s->rregs[ESP_RFLAGS] = 0;
332 s->rregs[ESP_TCLO] = 0;
333 s->rregs[ESP_TCMID] = 0;
337 static void esp_do_dma(ESPState *s)
342 to_device = (s->ti_size < 0);
345 DPRINTF("command len %d + %d\n", s->cmdlen, len);
346 s->dma_memory_read(s->dma_opaque, &s->cmdbuf[s->cmdlen], len);
350 do_cmd(s, s->cmdbuf);
353 if (s->async_len == 0) {
354 /* Defer until data is available. */
357 if (len > s->async_len) {
361 s->dma_memory_read(s->dma_opaque, s->async_buf, len);
363 s->dma_memory_write(s->dma_opaque, s->async_buf, len);
372 if (s->async_len == 0) {
374 // ti_size is negative
375 s->current_dev->info->write_data(s->current_dev, 0);
377 s->current_dev->info->read_data(s->current_dev, 0);
378 /* If there is still data to be read from the device then
379 complete the DMA operation immediately. Otherwise defer
380 until the scsi layer has completed. */
381 if (s->dma_left == 0 && s->ti_size > 0) {
386 /* Partially filled a scsi buffer. Complete immediately. */
391 static void esp_command_complete(SCSIBus *bus, int reason, uint32_t tag,
394 ESPState *s = DO_UPCAST(ESPState, busdev.qdev, bus->qbus.parent);
396 if (reason == SCSI_REASON_DONE) {
397 DPRINTF("SCSI Command complete\n");
399 DPRINTF("SCSI command completed unexpectedly\n");
404 DPRINTF("Command failed\n");
406 s->rregs[ESP_RSTAT] = STAT_ST;
408 s->current_dev = NULL;
410 DPRINTF("transfer %d/%d\n", s->dma_left, s->ti_size);
412 s->async_buf = s->current_dev->info->get_buf(s->current_dev, 0);
415 } else if (s->dma_counter != 0 && s->ti_size <= 0) {
416 /* If this was the last part of a DMA transfer then the
417 completion interrupt is deferred to here. */
423 static void handle_ti(ESPState *s)
425 uint32_t dmalen, minlen;
427 dmalen = s->rregs[ESP_TCLO] | (s->rregs[ESP_TCMID] << 8);
431 s->dma_counter = dmalen;
434 minlen = (dmalen < 32) ? dmalen : 32;
435 else if (s->ti_size < 0)
436 minlen = (dmalen < -s->ti_size) ? dmalen : -s->ti_size;
438 minlen = (dmalen < s->ti_size) ? dmalen : s->ti_size;
439 DPRINTF("Transfer Information len %d\n", minlen);
441 s->dma_left = minlen;
442 s->rregs[ESP_RSTAT] &= ~STAT_TC;
444 } else if (s->do_cmd) {
445 DPRINTF("command len %d\n", s->cmdlen);
449 do_cmd(s, s->cmdbuf);
454 static void esp_hard_reset(DeviceState *d)
456 ESPState *s = container_of(d, ESPState, busdev.qdev);
458 memset(s->rregs, 0, ESP_REGS);
459 memset(s->wregs, 0, ESP_REGS);
460 s->rregs[ESP_TCHI] = TCHI_FAS100A; // Indicate fas100a
468 s->rregs[ESP_CFG1] = 7;
471 static void esp_soft_reset(DeviceState *d)
473 ESPState *s = container_of(d, ESPState, busdev.qdev);
475 qemu_irq_lower(s->irq);
479 static void parent_esp_reset(void *opaque, int irq, int level)
482 esp_soft_reset(opaque);
486 static void esp_gpio_demux(void *opaque, int irq, int level)
490 parent_esp_reset(opaque, irq, level);
493 esp_dma_enable(opaque, irq, level);
498 static uint32_t esp_mem_readb(void *opaque, target_phys_addr_t addr)
500 ESPState *s = opaque;
501 uint32_t saddr, old_val;
503 saddr = addr >> s->it_shift;
504 DPRINTF("read reg[%d]: 0x%2.2x\n", saddr, s->rregs[saddr]);
507 if (s->ti_size > 0) {
509 if ((s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) {
511 ESP_ERROR("PIO data read not implemented\n");
512 s->rregs[ESP_FIFO] = 0;
514 s->rregs[ESP_FIFO] = s->ti_buf[s->ti_rptr++];
518 if (s->ti_size == 0) {
524 /* Clear sequence step, interrupt register and all status bits
526 old_val = s->rregs[ESP_RINTR];
527 s->rregs[ESP_RINTR] = 0;
528 s->rregs[ESP_RSTAT] &= ~STAT_TC;
529 s->rregs[ESP_RSEQ] = SEQ_CD;
536 return s->rregs[saddr];
539 static void esp_mem_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
541 ESPState *s = opaque;
544 saddr = addr >> s->it_shift;
545 DPRINTF("write reg[%d]: 0x%2.2x -> 0x%2.2x\n", saddr, s->wregs[saddr],
550 s->rregs[ESP_RSTAT] &= ~STAT_TC;
554 s->cmdbuf[s->cmdlen++] = val & 0xff;
555 } else if (s->ti_size == TI_BUFSZ - 1) {
556 ESP_ERROR("fifo overrun\n");
559 s->ti_buf[s->ti_wptr++] = val & 0xff;
563 s->rregs[saddr] = val;
566 /* Reload DMA counter. */
567 s->rregs[ESP_TCLO] = s->wregs[ESP_TCLO];
568 s->rregs[ESP_TCMID] = s->wregs[ESP_TCMID];
572 switch(val & CMD_CMD) {
574 DPRINTF("NOP (%2.2x)\n", val);
577 DPRINTF("Flush FIFO (%2.2x)\n", val);
579 s->rregs[ESP_RINTR] = INTR_FC;
580 s->rregs[ESP_RSEQ] = 0;
581 s->rregs[ESP_RFLAGS] = 0;
584 DPRINTF("Chip reset (%2.2x)\n", val);
585 esp_soft_reset(&s->busdev.qdev);
588 DPRINTF("Bus reset (%2.2x)\n", val);
589 s->rregs[ESP_RINTR] = INTR_RST;
590 if (!(s->wregs[ESP_CFG1] & CFG1_RESREPT)) {
598 DPRINTF("Initiator Command Complete Sequence (%2.2x)\n", val);
600 s->rregs[ESP_RINTR] = INTR_FC;
601 s->rregs[ESP_RSTAT] |= STAT_MI;
604 DPRINTF("Message Accepted (%2.2x)\n", val);
605 s->rregs[ESP_RINTR] = INTR_DC;
606 s->rregs[ESP_RSEQ] = 0;
607 s->rregs[ESP_RFLAGS] = 0;
611 DPRINTF("Transfer padding (%2.2x)\n", val);
612 s->rregs[ESP_RSTAT] = STAT_TC;
613 s->rregs[ESP_RINTR] = INTR_FC;
614 s->rregs[ESP_RSEQ] = 0;
617 DPRINTF("Set ATN (%2.2x)\n", val);
620 DPRINTF("Select without ATN (%2.2x)\n", val);
621 handle_s_without_atn(s);
624 DPRINTF("Select with ATN (%2.2x)\n", val);
628 DPRINTF("Select with ATN & stop (%2.2x)\n", val);
632 DPRINTF("Enable selection (%2.2x)\n", val);
633 s->rregs[ESP_RINTR] = 0;
636 ESP_ERROR("Unhandled ESP command (%2.2x)\n", val);
640 case ESP_WBUSID ... ESP_WSYNO:
643 s->rregs[saddr] = val;
645 case ESP_WCCF ... ESP_WTEST:
647 case ESP_CFG2 ... ESP_RES4:
648 s->rregs[saddr] = val;
651 ESP_ERROR("invalid write of 0x%02x at [0x%x]\n", val, saddr);
654 s->wregs[saddr] = val;
657 static CPUReadMemoryFunc * const esp_mem_read[3] = {
663 static CPUWriteMemoryFunc * const esp_mem_write[3] = {
669 static const VMStateDescription vmstate_esp = {
672 .minimum_version_id = 3,
673 .minimum_version_id_old = 3,
674 .fields = (VMStateField []) {
675 VMSTATE_BUFFER(rregs, ESPState),
676 VMSTATE_BUFFER(wregs, ESPState),
677 VMSTATE_INT32(ti_size, ESPState),
678 VMSTATE_UINT32(ti_rptr, ESPState),
679 VMSTATE_UINT32(ti_wptr, ESPState),
680 VMSTATE_BUFFER(ti_buf, ESPState),
681 VMSTATE_UINT32(sense, ESPState),
682 VMSTATE_UINT32(dma, ESPState),
683 VMSTATE_BUFFER(cmdbuf, ESPState),
684 VMSTATE_UINT32(cmdlen, ESPState),
685 VMSTATE_UINT32(do_cmd, ESPState),
686 VMSTATE_UINT32(dma_left, ESPState),
687 VMSTATE_END_OF_LIST()
691 void esp_init(target_phys_addr_t espaddr, int it_shift,
692 ESPDMAMemoryReadWriteFunc dma_memory_read,
693 ESPDMAMemoryReadWriteFunc dma_memory_write,
694 void *dma_opaque, qemu_irq irq, qemu_irq *reset,
695 qemu_irq *dma_enable)
701 dev = qdev_create(NULL, "esp");
702 esp = DO_UPCAST(ESPState, busdev.qdev, dev);
703 esp->dma_memory_read = dma_memory_read;
704 esp->dma_memory_write = dma_memory_write;
705 esp->dma_opaque = dma_opaque;
706 esp->it_shift = it_shift;
707 /* XXX for now until rc4030 has been changed to use DMA enable signal */
708 esp->dma_enabled = 1;
709 qdev_init_nofail(dev);
710 s = sysbus_from_qdev(dev);
711 sysbus_connect_irq(s, 0, irq);
712 sysbus_mmio_map(s, 0, espaddr);
713 *reset = qdev_get_gpio_in(dev, 0);
714 *dma_enable = qdev_get_gpio_in(dev, 1);
717 static int esp_init1(SysBusDevice *dev)
719 ESPState *s = FROM_SYSBUS(ESPState, dev);
722 sysbus_init_irq(dev, &s->irq);
723 assert(s->it_shift != -1);
725 esp_io_memory = cpu_register_io_memory(esp_mem_read, esp_mem_write, s);
726 sysbus_init_mmio(dev, ESP_REGS << s->it_shift, esp_io_memory);
728 qdev_init_gpio_in(&dev->qdev, esp_gpio_demux, 2);
730 scsi_bus_new(&s->bus, &dev->qdev, 0, ESP_MAX_DEVS, esp_command_complete);
731 return scsi_bus_legacy_handle_cmdline(&s->bus);
734 static SysBusDeviceInfo esp_info = {
737 .qdev.size = sizeof(ESPState),
738 .qdev.vmsd = &vmstate_esp,
739 .qdev.reset = esp_hard_reset,
740 .qdev.props = (Property[]) {
745 static void esp_register_devices(void)
747 sysbus_register_withprop(&esp_info);
750 device_init(esp_register_devices)
projects / sdk / emulator / qemu.git / blob