4 * Copyright (c) 2005-2006 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
30 #define DPRINTF(fmt, args...) \
31 do { printf("ESP: " fmt , ##args); } while (0)
32 #define pic_set_irq(irq, level) \
33 do { printf("ESP: set_irq(%d): %d\n", (irq), (level)); pic_set_irq((irq),(level));} while (0)
35 #define DPRINTF(fmt, args...)
39 #define ESPDMA_MAXADDR (ESPDMA_REGS * 4 - 1)
40 #define ESP_MAXREG 0x3f
42 #define DMA_VER 0xa0000000
44 #define DMA_INTREN 0x10
45 #define DMA_WRITE_MEM 0x100
46 #define DMA_LOADED 0x04000000
47 typedef struct ESPState ESPState;
50 BlockDriverState **bd;
51 uint8_t rregs[ESP_MAXREG];
52 uint8_t wregs[ESP_MAXREG];
54 uint32_t espdmaregs[ESPDMA_REGS];
56 uint32_t ti_rptr, ti_wptr;
57 uint8_t ti_buf[TI_BUFSZ];
60 SCSIDevice *scsi_dev[MAX_DISKS];
61 SCSIDevice *current_dev;
62 uint8_t cmdbuf[TI_BUFSZ];
67 uint8_t async_buf[TARGET_PAGE_SIZE];
92 static int get_cmd(ESPState *s, uint8_t *buf)
94 uint32_t dmaptr, dmalen;
97 dmalen = s->wregs[0] | (s->wregs[1] << 8);
98 target = s->wregs[4] & 7;
99 DPRINTF("get_cmd: len %d target %d\n", dmalen, target);
101 dmaptr = iommu_translate(s->espdmaregs[1]);
102 DPRINTF("DMA Direction: %c, addr 0x%8.8x\n",
103 s->espdmaregs[0] & DMA_WRITE_MEM ? 'w': 'r', dmaptr);
104 cpu_physical_memory_read(dmaptr, buf, dmalen);
107 memcpy(&buf[1], s->ti_buf, dmalen);
115 if (target >= 4 || !s->scsi_dev[target]) {
117 s->rregs[4] = STAT_IN;
118 s->rregs[5] = INTR_DC;
120 s->espdmaregs[0] |= DMA_INTR;
121 pic_set_irq(s->irq, 1);
124 s->current_dev = s->scsi_dev[target];
128 static void do_cmd(ESPState *s, uint8_t *buf)
133 DPRINTF("do_cmd: busid 0x%x\n", buf[0]);
135 datalen = scsi_send_command(s->current_dev, 0, &buf[1], lun);
139 s->rregs[4] = STAT_IN | STAT_TC;
141 s->rregs[4] |= STAT_DI;
142 s->ti_size = datalen;
144 s->rregs[4] |= STAT_DO;
145 s->ti_size = -datalen;
148 s->rregs[5] = INTR_BS | INTR_FC;
149 s->rregs[6] = SEQ_CD;
150 s->espdmaregs[0] |= DMA_INTR;
151 pic_set_irq(s->irq, 1);
154 static void handle_satn(ESPState *s)
159 len = get_cmd(s, buf);
164 static void handle_satn_stop(ESPState *s)
166 s->cmdlen = get_cmd(s, s->cmdbuf);
168 DPRINTF("Set ATN & Stop: cmdlen %d\n", s->cmdlen);
170 s->espdmaregs[1] += s->cmdlen;
171 s->rregs[4] = STAT_IN | STAT_TC | STAT_CD;
172 s->rregs[5] = INTR_BS | INTR_FC;
173 s->rregs[6] = SEQ_CD;
174 s->espdmaregs[0] |= DMA_INTR;
175 pic_set_irq(s->irq, 1);
179 static void write_response(ESPState *s)
183 DPRINTF("Transfer status (sense=%d)\n", s->sense);
184 s->ti_buf[0] = s->sense;
187 dmaptr = iommu_translate(s->espdmaregs[1]);
188 DPRINTF("DMA Direction: %c\n",
189 s->espdmaregs[0] & DMA_WRITE_MEM ? 'w': 'r');
190 cpu_physical_memory_write(dmaptr, s->ti_buf, 2);
191 s->rregs[4] = STAT_IN | STAT_TC | STAT_ST;
192 s->rregs[5] = INTR_BS | INTR_FC;
193 s->rregs[6] = SEQ_CD;
200 s->espdmaregs[0] |= DMA_INTR;
201 pic_set_irq(s->irq, 1);
205 static void esp_do_dma(ESPState *s)
207 uint32_t dmaptr, minlen, len, from, to;
209 to_device = (s->espdmaregs[0] & DMA_WRITE_MEM) == 0;
210 from = s->espdmaregs[1];
211 minlen = s->dma_left;
213 dmaptr = iommu_translate(s->espdmaregs[1]);
214 if ((from & TARGET_PAGE_MASK) != (to & TARGET_PAGE_MASK)) {
215 len = TARGET_PAGE_SIZE - (from & ~TARGET_PAGE_MASK);
219 DPRINTF("DMA address p %08x v %08x len %08x, from %08x, to %08x\n", dmaptr, s->espdmaregs[1], len, from, to);
221 s->espdmaregs[1] += len;
223 DPRINTF("command len %d + %d\n", s->cmdlen, len);
224 cpu_physical_memory_read(dmaptr, &s->cmdbuf[s->cmdlen], len);
228 do_cmd(s, s->cmdbuf);
235 cpu_physical_memory_read(dmaptr, s->async_buf, len);
236 scsi_write_data(s->current_dev, s->async_buf, len);
238 s->async_ptr = dmaptr;
239 scsi_read_data(s->current_dev, s->async_buf, len);
244 static void esp_command_complete(void *opaque, uint32_t reason, int sense)
246 ESPState *s = (ESPState *)opaque;
248 s->ti_size -= s->async_len;
249 s->espdmaregs[1] += s->async_len;
250 if (s->async_ptr != (uint32_t)-1) {
251 cpu_physical_memory_write(s->async_ptr, s->async_buf, s->async_len);
253 if (reason == SCSI_REASON_DONE) {
254 DPRINTF("SCSI Command complete\n");
256 DPRINTF("SCSI command completed unexpectedly\n");
259 DPRINTF("Command failed\n");
262 DPRINTF("transfer %d/%d\n", s->dma_left, s->ti_size);
268 s->rregs[4] |= STAT_IN | STAT_TC;
270 s->rregs[4] = STAT_IN | STAT_TC | STAT_ST;
272 s->rregs[5] = INTR_BS;
275 s->espdmaregs[0] |= DMA_INTR;
276 pic_set_irq(s->irq, 1);
280 static void handle_ti(ESPState *s)
282 uint32_t dmalen, minlen;
284 dmalen = s->wregs[0] | (s->wregs[1] << 8);
290 minlen = (dmalen < 32) ? dmalen : 32;
292 minlen = (dmalen < s->ti_size) ? dmalen : s->ti_size;
293 DPRINTF("Transfer Information len %d\n", minlen);
295 s->dma_left = minlen;
296 s->rregs[4] &= ~STAT_TC;
298 } else if (s->do_cmd) {
299 DPRINTF("command len %d\n", s->cmdlen);
303 do_cmd(s, s->cmdbuf);
308 static void esp_reset(void *opaque)
310 ESPState *s = opaque;
311 memset(s->rregs, 0, ESP_MAXREG);
312 memset(s->wregs, 0, ESP_MAXREG);
313 s->rregs[0x0e] = 0x4; // Indicate fas100a
314 memset(s->espdmaregs, 0, ESPDMA_REGS * 4);
322 static uint32_t esp_mem_readb(void *opaque, target_phys_addr_t addr)
324 ESPState *s = opaque;
327 saddr = (addr & ESP_MAXREG) >> 2;
328 DPRINTF("read reg[%d]: 0x%2.2x\n", saddr, s->rregs[saddr]);
332 if (s->ti_size > 0) {
334 if ((s->rregs[4] & 6) == 0) {
336 scsi_read_data(s->current_dev, &s->rregs[2], 0);
338 s->rregs[2] = s->ti_buf[s->ti_rptr++];
340 pic_set_irq(s->irq, 1);
342 if (s->ti_size == 0) {
349 // Clear interrupt/error status bits
350 s->rregs[4] &= ~(STAT_IN | STAT_GE | STAT_PE);
351 pic_set_irq(s->irq, 0);
352 s->espdmaregs[0] &= ~DMA_INTR;
357 return s->rregs[saddr];
360 static void esp_mem_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
362 ESPState *s = opaque;
365 saddr = (addr & ESP_MAXREG) >> 2;
366 DPRINTF("write reg[%d]: 0x%2.2x -> 0x%2.2x\n", saddr, s->wregs[saddr], val);
370 s->rregs[saddr] = val;
371 s->rregs[4] &= ~STAT_TC;
376 s->cmdbuf[s->cmdlen++] = val & 0xff;
377 } else if ((s->rregs[4] & 6) == 0) {
381 scsi_write_data(s->current_dev, &buf, 0);
384 s->ti_buf[s->ti_wptr++] = val & 0xff;
388 s->rregs[saddr] = val;
397 DPRINTF("NOP (%2.2x)\n", val);
400 DPRINTF("Flush FIFO (%2.2x)\n", val);
402 s->rregs[5] = INTR_FC;
406 DPRINTF("Chip reset (%2.2x)\n", val);
410 DPRINTF("Bus reset (%2.2x)\n", val);
411 s->rregs[5] = INTR_RST;
412 if (!(s->wregs[8] & 0x40)) {
413 s->espdmaregs[0] |= DMA_INTR;
414 pic_set_irq(s->irq, 1);
421 DPRINTF("Initiator Command Complete Sequence (%2.2x)\n", val);
425 DPRINTF("Message Accepted (%2.2x)\n", val);
427 s->rregs[5] = INTR_DC;
431 DPRINTF("Set ATN (%2.2x)\n", val);
434 DPRINTF("Set ATN (%2.2x)\n", val);
438 DPRINTF("Set ATN & stop (%2.2x)\n", val);
442 DPRINTF("Unhandled ESP command (%2.2x)\n", val);
449 s->rregs[saddr] = val;
454 s->rregs[saddr] = val & 0x15;
457 s->rregs[saddr] = val;
462 s->wregs[saddr] = val;
465 static CPUReadMemoryFunc *esp_mem_read[3] = {
471 static CPUWriteMemoryFunc *esp_mem_write[3] = {
477 static uint32_t espdma_mem_readl(void *opaque, target_phys_addr_t addr)
479 ESPState *s = opaque;
482 saddr = (addr & ESPDMA_MAXADDR) >> 2;
483 DPRINTF("read dmareg[%d]: 0x%8.8x\n", saddr, s->espdmaregs[saddr]);
485 return s->espdmaregs[saddr];
488 static void espdma_mem_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
490 ESPState *s = opaque;
493 saddr = (addr & ESPDMA_MAXADDR) >> 2;
494 DPRINTF("write dmareg[%d]: 0x%8.8x -> 0x%8.8x\n", saddr, s->espdmaregs[saddr], val);
497 if (!(val & DMA_INTREN))
498 pic_set_irq(s->irq, 0);
501 } else if (val & 0x40) {
509 s->espdmaregs[0] |= DMA_LOADED;
514 s->espdmaregs[saddr] = val;
517 static CPUReadMemoryFunc *espdma_mem_read[3] = {
523 static CPUWriteMemoryFunc *espdma_mem_write[3] = {
529 static void esp_save(QEMUFile *f, void *opaque)
531 ESPState *s = opaque;
534 qemu_put_buffer(f, s->rregs, ESP_MAXREG);
535 qemu_put_buffer(f, s->wregs, ESP_MAXREG);
536 qemu_put_be32s(f, &s->irq);
537 for (i = 0; i < ESPDMA_REGS; i++)
538 qemu_put_be32s(f, &s->espdmaregs[i]);
539 qemu_put_be32s(f, &s->ti_size);
540 qemu_put_be32s(f, &s->ti_rptr);
541 qemu_put_be32s(f, &s->ti_wptr);
542 qemu_put_buffer(f, s->ti_buf, TI_BUFSZ);
543 qemu_put_be32s(f, &s->dma);
546 static int esp_load(QEMUFile *f, void *opaque, int version_id)
548 ESPState *s = opaque;
554 qemu_get_buffer(f, s->rregs, ESP_MAXREG);
555 qemu_get_buffer(f, s->wregs, ESP_MAXREG);
556 qemu_get_be32s(f, &s->irq);
557 for (i = 0; i < ESPDMA_REGS; i++)
558 qemu_get_be32s(f, &s->espdmaregs[i]);
559 qemu_get_be32s(f, &s->ti_size);
560 qemu_get_be32s(f, &s->ti_rptr);
561 qemu_get_be32s(f, &s->ti_wptr);
562 qemu_get_buffer(f, s->ti_buf, TI_BUFSZ);
563 qemu_get_be32s(f, &s->dma);
568 void esp_init(BlockDriverState **bd, int irq, uint32_t espaddr, uint32_t espdaddr)
571 int esp_io_memory, espdma_io_memory;
574 s = qemu_mallocz(sizeof(ESPState));
581 esp_io_memory = cpu_register_io_memory(0, esp_mem_read, esp_mem_write, s);
582 cpu_register_physical_memory(espaddr, ESP_MAXREG*4, esp_io_memory);
584 espdma_io_memory = cpu_register_io_memory(0, espdma_mem_read, espdma_mem_write, s);
585 cpu_register_physical_memory(espdaddr, 16, espdma_io_memory);
589 register_savevm("esp", espaddr, 1, esp_save, esp_load, s);
590 qemu_register_reset(esp_reset, s);
591 for (i = 0; i < MAX_DISKS; i++) {
594 scsi_disk_init(bs_table[i], esp_command_complete, s);
projects / qemu / blob