2
* QEMU ESP/NCR53C9x emulation
4
* Copyright (c) 2005-2006 Fabrice Bellard
6
* Permission is hereby granted, free of charge, to any person obtaining a copy
7
* of this software and associated documentation files (the "Software"), to deal
8
* in the Software without restriction, including without limitation the rights
9
* to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10
* copies of the Software, and to permit persons to whom the Software is
11
* furnished to do so, subject to the following conditions:
13
* The above copyright notice and this permission notice shall be included in
14
* all copies or substantial portions of the Software.
16
* THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17
* IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18
* FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19
* THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20
* LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21
* OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
31
* On Sparc32, this is the ESP (NCR53C90) part of chip STP2000 (Master I/O),
32
* also produced as NCR89C100. See
33
* http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR89C100.txt
35
* http://www.ibiblio.org/pub/historic-linux/early-ports/Sparc/NCR/NCR53C9X.txt
38
#define ESP_ERROR(fmt, ...) \
39
do { printf("ESP ERROR: %s: " fmt, __func__ , ## __VA_ARGS__); } while (0)
44
typedef struct ESPState ESPState;
48
uint8_t rregs[ESP_REGS];
49
uint8_t wregs[ESP_REGS];
53
uint32_t ti_rptr, ti_wptr;
56
uint8_t ti_buf[TI_BUFSZ];
58
SCSIDevice *current_dev;
59
SCSIRequest *current_req;
60
uint8_t cmdbuf[TI_BUFSZ];
64
/* The amount of data left in the current DMA transfer. */
66
/* The size of the current DMA transfer. Zero if no transfer is in
74
ESPDMAMemoryReadWriteFunc dma_memory_read;
75
ESPDMAMemoryReadWriteFunc dma_memory_write;
77
void (*dma_cb)(ESPState *s);
85
#define ESP_WBUSID 0x4
89
#define ESP_WSYNTP 0x6
90
#define ESP_RFLAGS 0x7
107
#define CMD_FLUSH 0x01
108
#define CMD_RESET 0x02
109
#define CMD_BUSRESET 0x03
111
#define CMD_ICCS 0x11
112
#define CMD_MSGACC 0x12
114
#define CMD_SATN 0x1a
116
#define CMD_SELATN 0x42
117
#define CMD_SELATNS 0x43
118
#define CMD_ENSEL 0x44
126
#define STAT_PIO_MASK 0x06
131
#define STAT_INT 0x80
133
#define BUSID_DID 0x07
138
#define INTR_RST 0x80
143
#define CFG1_RESREPT 0x40
145
#define TCHI_FAS100A 0x4
147
static void esp_raise_irq(ESPState *s)
149
if (!(s->rregs[ESP_RSTAT] & STAT_INT)) {
150
s->rregs[ESP_RSTAT] |= STAT_INT;
151
qemu_irq_raise(s->irq);
152
trace_esp_raise_irq();
156
static void esp_lower_irq(ESPState *s)
158
if (s->rregs[ESP_RSTAT] & STAT_INT) {
159
s->rregs[ESP_RSTAT] &= ~STAT_INT;
160
qemu_irq_lower(s->irq);
161
trace_esp_lower_irq();
165
static void esp_dma_enable(void *opaque, int irq, int level)
167
DeviceState *d = opaque;
168
ESPState *s = container_of(d, ESPState, busdev.qdev);
172
trace_esp_dma_enable();
178
trace_esp_dma_disable();
183
static void esp_request_cancelled(SCSIRequest *req)
185
ESPState *s = DO_UPCAST(ESPState, busdev.qdev, req->bus->qbus.parent);
187
if (req == s->current_req) {
188
scsi_req_unref(s->current_req);
189
s->current_req = NULL;
190
s->current_dev = NULL;
194
static uint32_t get_cmd(ESPState *s, uint8_t *buf)
199
target = s->wregs[ESP_WBUSID] & BUSID_DID;
201
dmalen = s->rregs[ESP_TCLO] | (s->rregs[ESP_TCMID] << 8);
202
s->dma_memory_read(s->dma_opaque, buf, dmalen);
205
memcpy(buf, s->ti_buf, dmalen);
206
buf[0] = buf[2] >> 5;
208
trace_esp_get_cmd(dmalen, target);
214
if (s->current_req) {
215
/* Started a new command before the old one finished. Cancel it. */
216
scsi_req_cancel(s->current_req);
220
s->current_dev = scsi_device_find(&s->bus, 0, target, 0);
221
if (!s->current_dev) {
223
s->rregs[ESP_RSTAT] = 0;
224
s->rregs[ESP_RINTR] = INTR_DC;
225
s->rregs[ESP_RSEQ] = SEQ_0;
232
static void do_busid_cmd(ESPState *s, uint8_t *buf, uint8_t busid)
236
SCSIDevice *current_lun;
238
trace_esp_do_busid_cmd(busid);
240
current_lun = scsi_device_find(&s->bus, 0, s->current_dev->id, lun);
241
s->current_req = scsi_req_new(current_lun, 0, lun, buf, NULL);
242
datalen = scsi_req_enqueue(s->current_req);
243
s->ti_size = datalen;
245
s->rregs[ESP_RSTAT] = STAT_TC;
249
s->rregs[ESP_RSTAT] |= STAT_DI;
251
s->rregs[ESP_RSTAT] |= STAT_DO;
253
scsi_req_continue(s->current_req);
255
s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
256
s->rregs[ESP_RSEQ] = SEQ_CD;
260
static void do_cmd(ESPState *s, uint8_t *buf)
262
uint8_t busid = buf[0];
264
do_busid_cmd(s, &buf[1], busid);
267
static void handle_satn(ESPState *s)
272
if (!s->dma_enabled) {
273
s->dma_cb = handle_satn;
276
len = get_cmd(s, buf);
281
static void handle_s_without_atn(ESPState *s)
286
if (!s->dma_enabled) {
287
s->dma_cb = handle_s_without_atn;
290
len = get_cmd(s, buf);
292
do_busid_cmd(s, buf, 0);
296
static void handle_satn_stop(ESPState *s)
298
if (!s->dma_enabled) {
299
s->dma_cb = handle_satn_stop;
302
s->cmdlen = get_cmd(s, s->cmdbuf);
304
trace_esp_handle_satn_stop(s->cmdlen);
306
s->rregs[ESP_RSTAT] = STAT_TC | STAT_CD;
307
s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
308
s->rregs[ESP_RSEQ] = SEQ_CD;
313
static void write_response(ESPState *s)
315
trace_esp_write_response(s->status);
316
s->ti_buf[0] = s->status;
319
s->dma_memory_write(s->dma_opaque, s->ti_buf, 2);
320
s->rregs[ESP_RSTAT] = STAT_TC | STAT_ST;
321
s->rregs[ESP_RINTR] = INTR_BS | INTR_FC;
322
s->rregs[ESP_RSEQ] = SEQ_CD;
327
s->rregs[ESP_RFLAGS] = 2;
332
static void esp_dma_done(ESPState *s)
334
s->rregs[ESP_RSTAT] |= STAT_TC;
335
s->rregs[ESP_RINTR] = INTR_BS;
336
s->rregs[ESP_RSEQ] = 0;
337
s->rregs[ESP_RFLAGS] = 0;
338
s->rregs[ESP_TCLO] = 0;
339
s->rregs[ESP_TCMID] = 0;
343
static void esp_do_dma(ESPState *s)
348
to_device = (s->ti_size < 0);
351
trace_esp_do_dma(s->cmdlen, len);
352
s->dma_memory_read(s->dma_opaque, &s->cmdbuf[s->cmdlen], len);
356
do_cmd(s, s->cmdbuf);
359
if (s->async_len == 0) {
360
/* Defer until data is available. */
363
if (len > s->async_len) {
367
s->dma_memory_read(s->dma_opaque, s->async_buf, len);
369
s->dma_memory_write(s->dma_opaque, s->async_buf, len);
378
if (s->async_len == 0) {
379
scsi_req_continue(s->current_req);
380
/* If there is still data to be read from the device then
381
complete the DMA operation immediately. Otherwise defer
382
until the scsi layer has completed. */
383
if (to_device || s->dma_left != 0 || s->ti_size == 0) {
388
/* Partially filled a scsi buffer. Complete immediately. */
392
static void esp_command_complete(SCSIRequest *req, uint32_t status)
394
ESPState *s = DO_UPCAST(ESPState, busdev.qdev, req->bus->qbus.parent);
396
trace_esp_command_complete();
397
if (s->ti_size != 0) {
398
trace_esp_command_complete_unexpected();
404
trace_esp_command_complete_fail();
407
s->rregs[ESP_RSTAT] = STAT_ST;
409
if (s->current_req) {
410
scsi_req_unref(s->current_req);
411
s->current_req = NULL;
412
s->current_dev = NULL;
416
static void esp_transfer_data(SCSIRequest *req, uint32_t len)
418
ESPState *s = DO_UPCAST(ESPState, busdev.qdev, req->bus->qbus.parent);
420
trace_esp_transfer_data(s->dma_left, s->ti_size);
422
s->async_buf = scsi_req_get_buf(req);
425
} else if (s->dma_counter != 0 && s->ti_size <= 0) {
426
/* If this was the last part of a DMA transfer then the
427
completion interrupt is deferred to here. */
432
static void handle_ti(ESPState *s)
434
uint32_t dmalen, minlen;
436
dmalen = s->rregs[ESP_TCLO] | (s->rregs[ESP_TCMID] << 8);
440
s->dma_counter = dmalen;
443
minlen = (dmalen < 32) ? dmalen : 32;
444
else if (s->ti_size < 0)
445
minlen = (dmalen < -s->ti_size) ? dmalen : -s->ti_size;
447
minlen = (dmalen < s->ti_size) ? dmalen : s->ti_size;
448
trace_esp_handle_ti(minlen);
450
s->dma_left = minlen;
451
s->rregs[ESP_RSTAT] &= ~STAT_TC;
453
} else if (s->do_cmd) {
454
trace_esp_handle_ti_cmd(s->cmdlen);
458
do_cmd(s, s->cmdbuf);
463
static void esp_hard_reset(DeviceState *d)
465
ESPState *s = container_of(d, ESPState, busdev.qdev);
467
memset(s->rregs, 0, ESP_REGS);
468
memset(s->wregs, 0, ESP_REGS);
469
s->rregs[ESP_TCHI] = TCHI_FAS100A; // Indicate fas100a
477
s->rregs[ESP_CFG1] = 7;
480
static void esp_soft_reset(DeviceState *d)
482
ESPState *s = container_of(d, ESPState, busdev.qdev);
484
qemu_irq_lower(s->irq);
488
static void parent_esp_reset(void *opaque, int irq, int level)
491
esp_soft_reset(opaque);
495
static void esp_gpio_demux(void *opaque, int irq, int level)
499
parent_esp_reset(opaque, irq, level);
502
esp_dma_enable(opaque, irq, level);
507
static uint32_t esp_mem_readb(void *opaque, target_phys_addr_t addr)
509
ESPState *s = opaque;
510
uint32_t saddr, old_val;
512
saddr = addr >> s->it_shift;
513
trace_esp_mem_readb(saddr, s->rregs[saddr]);
516
if (s->ti_size > 0) {
518
if ((s->rregs[ESP_RSTAT] & STAT_PIO_MASK) == 0) {
520
ESP_ERROR("PIO data read not implemented\n");
521
s->rregs[ESP_FIFO] = 0;
523
s->rregs[ESP_FIFO] = s->ti_buf[s->ti_rptr++];
527
if (s->ti_size == 0) {
533
/* Clear sequence step, interrupt register and all status bits
535
old_val = s->rregs[ESP_RINTR];
536
s->rregs[ESP_RINTR] = 0;
537
s->rregs[ESP_RSTAT] &= ~STAT_TC;
538
s->rregs[ESP_RSEQ] = SEQ_CD;
545
return s->rregs[saddr];
548
static void esp_mem_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
550
ESPState *s = opaque;
553
saddr = addr >> s->it_shift;
554
trace_esp_mem_writeb(saddr, s->wregs[saddr], val);
558
s->rregs[ESP_RSTAT] &= ~STAT_TC;
562
s->cmdbuf[s->cmdlen++] = val & 0xff;
563
} else if (s->ti_size == TI_BUFSZ - 1) {
564
ESP_ERROR("fifo overrun\n");
567
s->ti_buf[s->ti_wptr++] = val & 0xff;
571
s->rregs[saddr] = val;
574
/* Reload DMA counter. */
575
s->rregs[ESP_TCLO] = s->wregs[ESP_TCLO];
576
s->rregs[ESP_TCMID] = s->wregs[ESP_TCMID];
580
switch(val & CMD_CMD) {
582
trace_esp_mem_writeb_cmd_nop(val);
585
trace_esp_mem_writeb_cmd_flush(val);
587
s->rregs[ESP_RINTR] = INTR_FC;
588
s->rregs[ESP_RSEQ] = 0;
589
s->rregs[ESP_RFLAGS] = 0;
592
trace_esp_mem_writeb_cmd_reset(val);
593
esp_soft_reset(&s->busdev.qdev);
596
trace_esp_mem_writeb_cmd_bus_reset(val);
597
s->rregs[ESP_RINTR] = INTR_RST;
598
if (!(s->wregs[ESP_CFG1] & CFG1_RESREPT)) {
606
trace_esp_mem_writeb_cmd_iccs(val);
608
s->rregs[ESP_RINTR] = INTR_FC;
609
s->rregs[ESP_RSTAT] |= STAT_MI;
612
trace_esp_mem_writeb_cmd_msgacc(val);
613
s->rregs[ESP_RINTR] = INTR_DC;
614
s->rregs[ESP_RSEQ] = 0;
615
s->rregs[ESP_RFLAGS] = 0;
619
trace_esp_mem_writeb_cmd_pad(val);
620
s->rregs[ESP_RSTAT] = STAT_TC;
621
s->rregs[ESP_RINTR] = INTR_FC;
622
s->rregs[ESP_RSEQ] = 0;
625
trace_esp_mem_writeb_cmd_satn(val);
628
trace_esp_mem_writeb_cmd_sel(val);
629
handle_s_without_atn(s);
632
trace_esp_mem_writeb_cmd_selatn(val);
636
trace_esp_mem_writeb_cmd_selatns(val);
640
trace_esp_mem_writeb_cmd_ensel(val);
641
s->rregs[ESP_RINTR] = 0;
644
ESP_ERROR("Unhandled ESP command (%2.2x)\n", val);
648
case ESP_WBUSID ... ESP_WSYNO:
651
s->rregs[saddr] = val;
653
case ESP_WCCF ... ESP_WTEST:
655
case ESP_CFG2 ... ESP_RES4:
656
s->rregs[saddr] = val;
659
ESP_ERROR("invalid write of 0x%02x at [0x%x]\n", val, saddr);
662
s->wregs[saddr] = val;
665
static CPUReadMemoryFunc * const esp_mem_read[3] = {
671
static CPUWriteMemoryFunc * const esp_mem_write[3] = {
677
static const VMStateDescription vmstate_esp = {
680
.minimum_version_id = 3,
681
.minimum_version_id_old = 3,
682
.fields = (VMStateField []) {
683
VMSTATE_BUFFER(rregs, ESPState),
684
VMSTATE_BUFFER(wregs, ESPState),
685
VMSTATE_INT32(ti_size, ESPState),
686
VMSTATE_UINT32(ti_rptr, ESPState),
687
VMSTATE_UINT32(ti_wptr, ESPState),
688
VMSTATE_BUFFER(ti_buf, ESPState),
689
VMSTATE_UINT32(status, ESPState),
690
VMSTATE_UINT32(dma, ESPState),
691
VMSTATE_BUFFER(cmdbuf, ESPState),
692
VMSTATE_UINT32(cmdlen, ESPState),
693
VMSTATE_UINT32(do_cmd, ESPState),
694
VMSTATE_UINT32(dma_left, ESPState),
695
VMSTATE_END_OF_LIST()
699
void esp_init(target_phys_addr_t espaddr, int it_shift,
700
ESPDMAMemoryReadWriteFunc dma_memory_read,
701
ESPDMAMemoryReadWriteFunc dma_memory_write,
702
void *dma_opaque, qemu_irq irq, qemu_irq *reset,
703
qemu_irq *dma_enable)
709
dev = qdev_create(NULL, "esp");
710
esp = DO_UPCAST(ESPState, busdev.qdev, dev);
711
esp->dma_memory_read = dma_memory_read;
712
esp->dma_memory_write = dma_memory_write;
713
esp->dma_opaque = dma_opaque;
714
esp->it_shift = it_shift;
715
/* XXX for now until rc4030 has been changed to use DMA enable signal */
716
esp->dma_enabled = 1;
717
qdev_init_nofail(dev);
718
s = sysbus_from_qdev(dev);
719
sysbus_connect_irq(s, 0, irq);
720
sysbus_mmio_map(s, 0, espaddr);
721
*reset = qdev_get_gpio_in(dev, 0);
722
*dma_enable = qdev_get_gpio_in(dev, 1);
725
static const struct SCSIBusInfo esp_scsi_info = {
727
.max_target = ESP_MAX_DEVS,
730
.transfer_data = esp_transfer_data,
731
.complete = esp_command_complete,
732
.cancel = esp_request_cancelled
735
static int esp_init1(SysBusDevice *dev)
737
ESPState *s = FROM_SYSBUS(ESPState, dev);
740
sysbus_init_irq(dev, &s->irq);
741
assert(s->it_shift != -1);
743
esp_io_memory = cpu_register_io_memory(esp_mem_read, esp_mem_write, s,
744
DEVICE_NATIVE_ENDIAN);
745
sysbus_init_mmio(dev, ESP_REGS << s->it_shift, esp_io_memory);
747
qdev_init_gpio_in(&dev->qdev, esp_gpio_demux, 2);
749
scsi_bus_new(&s->bus, &dev->qdev, &esp_scsi_info);
750
return scsi_bus_legacy_handle_cmdline(&s->bus);
753
static SysBusDeviceInfo esp_info = {
756
.qdev.size = sizeof(ESPState),
757
.qdev.vmsd = &vmstate_esp,
758
.qdev.reset = esp_hard_reset,
759
.qdev.props = (Property[]) {
764
static void esp_register_devices(void)
766
sysbus_register_withprop(&esp_info);
769
device_init(esp_register_devices)
added
removed
hw/esp.c
