4 * Copyright (c) 2005 Fabrice Bellard
6 * Permission is hereby granted, free of charge, to any person obtaining a copy
7 * of this software and associated documentation files (the "Software"), to deal
8 * in the Software without restriction, including without limitation the rights
9 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
10 * copies of the Software, and to permit persons to whom the Software is
11 * furnished to do so, subject to the following conditions:
13 * The above copyright notice and this permission notice shall be included in
14 * all copies or substantial portions of the Software.
16 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
17 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
18 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
19 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
20 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
21 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
30 #define DPRINTF(fmt, args...) \
31 do { printf("ESP: " fmt , ##args); } while (0)
32 #define pic_set_irq(irq, level) \
33 do { printf("ESP: set_irq(%d): %d\n", (irq), (level)); pic_set_irq((irq),(level));} while (0)
35 #define DPRINTF(fmt, args...)
39 #define ESPDMA_MAXADDR (ESPDMA_REGS * 4 - 1)
40 #define ESP_MAXREG 0x3f
41 #define TI_BUFSZ 65536
42 #define DMA_VER 0xa0000000
44 #define DMA_INTREN 0x10
45 #define DMA_LOADED 0x04000000
47 typedef struct ESPState {
48 BlockDriverState **bd;
49 uint8_t rregs[ESP_MAXREG];
50 uint8_t wregs[ESP_MAXREG];
52 uint32_t espdmaregs[ESPDMA_REGS];
54 uint32_t ti_rptr, ti_wptr;
56 uint8_t ti_buf[TI_BUFSZ];
78 static void handle_satn(ESPState *s)
81 uint32_t dmaptr, dmalen;
86 dmalen = s->wregs[0] | (s->wregs[1] << 8);
87 target = s->wregs[4] & 7;
88 DPRINTF("Select with ATN len %d target %d\n", dmalen, target);
90 dmaptr = iommu_translate(s->espdmaregs[1]);
91 DPRINTF("DMA Direction: %c, addr 0x%8.8x\n", s->espdmaregs[0] & 0x100? 'w': 'r', dmaptr);
92 cpu_physical_memory_read(dmaptr, buf, dmalen);
95 memcpy(&buf[1], s->ti_buf, dmalen);
98 for (i = 0; i < dmalen; i++) {
99 DPRINTF("Command %2.2x\n", buf[i]);
106 if (target >= 4 || !s->bd[target]) { // No such drive
107 s->rregs[4] = STAT_IN;
108 s->rregs[5] = INTR_DC;
110 s->espdmaregs[0] |= DMA_INTR;
111 pic_set_irq(s->irq, 1);
116 DPRINTF("Test Unit Ready (len %d)\n", buf[5]);
119 DPRINTF("Inquiry (len %d)\n", buf[5]);
120 memset(s->ti_buf, 0, 36);
121 if (bdrv_get_type_hint(s->bd[target]) == BDRV_TYPE_CDROM) {
123 memcpy(&s->ti_buf[16], "QEMU CDROM ", 16);
126 memcpy(&s->ti_buf[16], "QEMU HARDDISK ", 16);
128 memcpy(&s->ti_buf[8], "QEMU ", 8);
135 DPRINTF("Mode Sense(6) (page %d, len %d)\n", buf[3], buf[5]);
138 DPRINTF("Read Capacity (len %d)\n", buf[5]);
139 memset(s->ti_buf, 0, 8);
140 bdrv_get_geometry(s->bd[target], &nb_sectors);
141 s->ti_buf[0] = (nb_sectors >> 24) & 0xff;
142 s->ti_buf[1] = (nb_sectors >> 16) & 0xff;
143 s->ti_buf[2] = (nb_sectors >> 8) & 0xff;
144 s->ti_buf[3] = nb_sectors & 0xff;
147 if (bdrv_get_type_hint(s->bd[target]) == BDRV_TYPE_CDROM)
148 s->ti_buf[6] = 8; // sector size 2048
150 s->ti_buf[6] = 2; // sector size 512
159 if (bdrv_get_type_hint(s->bd[target]) == BDRV_TYPE_CDROM) {
160 offset = ((buf[3] << 24) | (buf[4] << 16) | (buf[5] << 8) | buf[6]) * 4;
161 len = ((buf[8] << 8) | buf[9]) * 4;
162 s->ti_size = len * 2048;
164 offset = (buf[3] << 24) | (buf[4] << 16) | (buf[5] << 8) | buf[6];
165 len = (buf[8] << 8) | buf[9];
166 s->ti_size = len * 512;
168 DPRINTF("Read (10) (offset %lld len %lld)\n", offset, len);
169 bdrv_read(s->bd[target], offset, s->ti_buf, len);
170 // XXX error handling
178 if (bdrv_get_type_hint(s->bd[target]) == BDRV_TYPE_CDROM) {
179 offset = ((buf[3] << 24) | (buf[4] << 16) | (buf[5] << 8) | buf[6]) * 4;
180 len = ((buf[8] << 8) | buf[9]) * 4;
181 s->ti_size = len * 2048;
183 offset = (buf[3] << 24) | (buf[4] << 16) | (buf[5] << 8) | buf[6];
184 len = (buf[8] << 8) | buf[9];
185 s->ti_size = len * 512;
187 DPRINTF("Write (10) (offset %lld len %lld)\n", offset, len);
188 bdrv_write(s->bd[target], offset, s->ti_buf, len);
189 // XXX error handling
194 DPRINTF("Unknown SCSI command (%2.2x)\n", buf[1]);
197 s->rregs[4] = STAT_IN | STAT_TC | STAT_DI;
198 s->rregs[5] = INTR_BS | INTR_FC;
199 s->rregs[6] = SEQ_CD;
200 s->espdmaregs[0] |= DMA_INTR;
201 pic_set_irq(s->irq, 1);
204 static void dma_write(ESPState *s, const uint8_t *buf, uint32_t len)
206 uint32_t dmaptr, dmalen;
208 dmalen = s->wregs[0] | (s->wregs[1] << 8);
209 DPRINTF("Transfer status len %d\n", dmalen);
211 dmaptr = iommu_translate(s->espdmaregs[1]);
212 DPRINTF("DMA Direction: %c\n", s->espdmaregs[0] & 0x100? 'w': 'r');
213 cpu_physical_memory_write(dmaptr, buf, len);
214 s->rregs[4] = STAT_IN | STAT_TC | STAT_ST;
215 s->rregs[5] = INTR_BS | INTR_FC;
216 s->rregs[6] = SEQ_CD;
218 memcpy(s->ti_buf, buf, len);
222 s->rregs[7] = dmalen;
224 s->espdmaregs[0] |= DMA_INTR;
225 pic_set_irq(s->irq, 1);
229 static const uint8_t okbuf[] = {0, 0};
231 static void handle_ti(ESPState *s)
233 uint32_t dmaptr, dmalen;
236 dmalen = s->wregs[0] | (s->wregs[1] << 8);
237 DPRINTF("Transfer Information len %d\n", dmalen);
239 dmaptr = iommu_translate(s->espdmaregs[1]);
240 DPRINTF("DMA Direction: %c, addr 0x%8.8x\n", s->espdmaregs[0] & 0x100? 'w': 'r', dmaptr);
241 for (i = 0; i < s->ti_size; i++) {
242 dmaptr = iommu_translate(s->espdmaregs[1] + i);
244 cpu_physical_memory_write(dmaptr, &s->ti_buf[i], 1);
246 cpu_physical_memory_read(dmaptr, &s->ti_buf[i], 1);
248 s->rregs[4] = STAT_IN | STAT_TC | STAT_ST;
249 s->rregs[5] = INTR_BS;
251 s->espdmaregs[0] |= DMA_INTR;
256 s->rregs[7] = dmalen;
258 pic_set_irq(s->irq, 1);
261 static void esp_reset(void *opaque)
263 ESPState *s = opaque;
264 memset(s->rregs, 0, ESP_MAXREG);
265 s->rregs[0x0e] = 0x4; // Indicate fas100a
266 memset(s->espdmaregs, 0, ESPDMA_REGS * 4);
269 static uint32_t esp_mem_readb(void *opaque, target_phys_addr_t addr)
271 ESPState *s = opaque;
274 saddr = (addr & ESP_MAXREG) >> 2;
275 DPRINTF("read reg[%d]: 0x%2.2x\n", saddr, s->rregs[saddr]);
279 if (s->ti_size > 0) {
281 s->rregs[saddr] = s->ti_buf[s->ti_rptr++];
282 pic_set_irq(s->irq, 1);
284 if (s->ti_size == 0) {
291 // Clear status bits except TC
292 s->rregs[4] &= STAT_TC;
293 pic_set_irq(s->irq, 0);
294 s->espdmaregs[0] &= ~DMA_INTR;
299 return s->rregs[saddr];
302 static void esp_mem_writeb(void *opaque, target_phys_addr_t addr, uint32_t val)
304 ESPState *s = opaque;
307 saddr = (addr & ESP_MAXREG) >> 2;
308 DPRINTF("write reg[%d]: 0x%2.2x -> 0x%2.2x\n", saddr, s->wregs[saddr], val);
312 s->rregs[saddr] = val;
317 s->ti_buf[s->ti_wptr++] = val & 0xff;
320 s->rregs[saddr] = val;
329 DPRINTF("NOP (%2.2x)\n", val);
332 DPRINTF("Flush FIFO (%2.2x)\n", val);
334 s->rregs[5] = INTR_FC;
338 DPRINTF("Chip reset (%2.2x)\n", val);
342 DPRINTF("Bus reset (%2.2x)\n", val);
343 s->rregs[5] = INTR_RST;
344 if (!(s->wregs[8] & 0x40)) {
345 s->espdmaregs[0] |= DMA_INTR;
346 pic_set_irq(s->irq, 1);
353 DPRINTF("Initiator Command Complete Sequence (%2.2x)\n", val);
354 dma_write(s, okbuf, 2);
357 DPRINTF("Message Accepted (%2.2x)\n", val);
358 dma_write(s, okbuf, 2);
359 s->rregs[5] = INTR_DC;
363 DPRINTF("Set ATN (%2.2x)\n", val);
369 DPRINTF("Set ATN & stop (%2.2x)\n", val);
373 DPRINTF("Unhandled ESP command (%2.2x)\n", val);
380 s->rregs[saddr] = val;
385 s->rregs[saddr] = val & 0x15;
388 s->rregs[saddr] = val;
393 s->wregs[saddr] = val;
396 static CPUReadMemoryFunc *esp_mem_read[3] = {
402 static CPUWriteMemoryFunc *esp_mem_write[3] = {
408 static uint32_t espdma_mem_readl(void *opaque, target_phys_addr_t addr)
410 ESPState *s = opaque;
413 saddr = (addr & ESPDMA_MAXADDR) >> 2;
414 DPRINTF("read dmareg[%d]: 0x%8.8x\n", saddr, s->espdmaregs[saddr]);
416 return s->espdmaregs[saddr];
419 static void espdma_mem_writel(void *opaque, target_phys_addr_t addr, uint32_t val)
421 ESPState *s = opaque;
424 saddr = (addr & ESPDMA_MAXADDR) >> 2;
425 DPRINTF("write dmareg[%d]: 0x%8.8x -> 0x%8.8x\n", saddr, s->espdmaregs[saddr], val);
428 if (!(val & DMA_INTREN))
429 pic_set_irq(s->irq, 0);
432 } else if (val & 0x40) {
440 s->espdmaregs[0] = DMA_LOADED;
445 s->espdmaregs[saddr] = val;
448 static CPUReadMemoryFunc *espdma_mem_read[3] = {
454 static CPUWriteMemoryFunc *espdma_mem_write[3] = {
460 static void esp_save(QEMUFile *f, void *opaque)
462 ESPState *s = opaque;
465 qemu_put_buffer(f, s->rregs, ESP_MAXREG);
466 qemu_put_buffer(f, s->wregs, ESP_MAXREG);
467 qemu_put_be32s(f, &s->irq);
468 for (i = 0; i < ESPDMA_REGS; i++)
469 qemu_put_be32s(f, &s->espdmaregs[i]);
470 qemu_put_be32s(f, &s->ti_size);
471 qemu_put_be32s(f, &s->ti_rptr);
472 qemu_put_be32s(f, &s->ti_wptr);
473 qemu_put_be32s(f, &s->ti_dir);
474 qemu_put_buffer(f, s->ti_buf, TI_BUFSZ);
475 qemu_put_be32s(f, &s->dma);
478 static int esp_load(QEMUFile *f, void *opaque, int version_id)
480 ESPState *s = opaque;
486 qemu_get_buffer(f, s->rregs, ESP_MAXREG);
487 qemu_get_buffer(f, s->wregs, ESP_MAXREG);
488 qemu_get_be32s(f, &s->irq);
489 for (i = 0; i < ESPDMA_REGS; i++)
490 qemu_get_be32s(f, &s->espdmaregs[i]);
491 qemu_get_be32s(f, &s->ti_size);
492 qemu_get_be32s(f, &s->ti_rptr);
493 qemu_get_be32s(f, &s->ti_wptr);
494 qemu_get_be32s(f, &s->ti_dir);
495 qemu_get_buffer(f, s->ti_buf, TI_BUFSZ);
496 qemu_get_be32s(f, &s->dma);
501 void esp_init(BlockDriverState **bd, int irq, uint32_t espaddr, uint32_t espdaddr)
504 int esp_io_memory, espdma_io_memory;
506 s = qemu_mallocz(sizeof(ESPState));
513 esp_io_memory = cpu_register_io_memory(0, esp_mem_read, esp_mem_write, s);
514 cpu_register_physical_memory(espaddr, ESP_MAXREG*4, esp_io_memory);
516 espdma_io_memory = cpu_register_io_memory(0, espdma_mem_read, espdma_mem_write, s);
517 cpu_register_physical_memory(espdaddr, 16, espdma_io_memory);
521 register_savevm("esp", espaddr, 1, esp_save, esp_load, s);
522 qemu_register_reset(esp_reset, s);
projects / qemu / blob