1/*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD AND BSD-2-Clause NetBSD 3 * 4 * Copyright (c) 2004 Scott Long 5 * Copyright (c) 2005, 2008 Marius Strobl <marius@FreeBSD.org> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 */ 30 31/* $NetBSD: ncr53c9x.c,v 1.145 2012/06/18 21:23:56 martin Exp $ */ 32 33/*- 34 * Copyright (c) 1998, 2002 The NetBSD Foundation, Inc. 35 * All rights reserved. 36 * 37 * This code is derived from software contributed to The NetBSD Foundation 38 * by Charles M. Hannum. 39 * 40 * Redistribution and use in source and binary forms, with or without 41 * modification, are permitted provided that the following conditions 42 * are met: 43 * 1. Redistributions of source code must retain the above copyright 44 * notice, this list of conditions and the following disclaimer. 45 * 2. Redistributions in binary form must reproduce the above copyright 46 * notice, this list of conditions and the following disclaimer in the 47 * documentation and/or other materials provided with the distribution. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 50 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 51 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 52 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 53 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 54 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 55 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 56 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 57 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 58 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 59 * POSSIBILITY OF SUCH DAMAGE. 60 */ 61 62/*- 63 * Copyright (c) 1994 Peter Galbavy 64 * Copyright (c) 1995 Paul Kranenburg 65 * All rights reserved. 66 * 67 * Redistribution and use in source and binary forms, with or without 68 * modification, are permitted provided that the following conditions 69 * are met: 70 * 1. Redistributions of source code must retain the above copyright 71 * notice, this list of conditions and the following disclaimer. 72 * 2. Redistributions in binary form must reproduce the above copyright 73 * notice, this list of conditions and the following disclaimer in the 74 * documentation and/or other materials provided with the distribution. 75 * 3. All advertising materials mentioning features or use of this software 76 * must display the following acknowledgement: 77 * This product includes software developed by Peter Galbavy 78 * 4. The name of the author may not be used to endorse or promote products 79 * derived from this software without specific prior written permission. 80 * 81 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 82 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 83 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 84 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, 85 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 86 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 87 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 88 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 89 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 90 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 91 * POSSIBILITY OF SUCH DAMAGE. 92 */ 93 94/* 95 * Based on aic6360 by Jarle Greipsland 96 * 97 * Acknowledgements: Many of the algorithms used in this driver are 98 * inspired by the work of Julian Elischer (julian@FreeBSD.org) and 99 * Charles Hannum (mycroft@duality.gnu.ai.mit.edu). Thanks a million! 100 */ 101 102#include <sys/cdefs.h> 103__FBSDID("$FreeBSD$"); 104 105#include <sys/param.h> 106#include <sys/systm.h> 107#include <sys/bus.h> 108#include <sys/kernel.h> 109#include <sys/malloc.h> 110#include <sys/lock.h> 111#include <sys/module.h> 112#include <sys/mutex.h> 113#include <sys/queue.h> 114#include <sys/time.h> 115#include <sys/callout.h> 116 117#include <cam/cam.h> 118#include <cam/cam_ccb.h> 119#include <cam/cam_debug.h> 120#include <cam/cam_sim.h> 121#include <cam/cam_xpt_sim.h> 122#include <cam/scsi/scsi_all.h> 123#include <cam/scsi/scsi_message.h> 124 125#include <dev/esp/ncr53c9xreg.h> 126#include <dev/esp/ncr53c9xvar.h> 127 128devclass_t esp_devclass; 129 130MODULE_DEPEND(esp, cam, 1, 1, 1); 131 132#ifdef NCR53C9X_DEBUG 133int ncr53c9x_debug = 134 NCR_SHOWMISC /* | NCR_SHOWPHASE | NCR_SHOWTRAC | NCR_SHOWCMDS */; 135#endif 136 137static void ncr53c9x_abort(struct ncr53c9x_softc *sc, 138 struct ncr53c9x_ecb *ecb); 139static void ncr53c9x_action(struct cam_sim *sim, union ccb *ccb); 140static void ncr53c9x_async(void *cbarg, uint32_t code, 141 struct cam_path *path, void *arg); 142static void ncr53c9x_callout(void *arg); 143static void ncr53c9x_clear(struct ncr53c9x_softc *sc, cam_status result); 144static void ncr53c9x_clear_target(struct ncr53c9x_softc *sc, int target, 145 cam_status result); 146static void ncr53c9x_dequeue(struct ncr53c9x_softc *sc, 147 struct ncr53c9x_ecb *ecb); 148static void ncr53c9x_done(struct ncr53c9x_softc *sc, 149 struct ncr53c9x_ecb *ecb); 150static void ncr53c9x_free_ecb(struct ncr53c9x_softc *sc, 151 struct ncr53c9x_ecb *ecb); 152static void ncr53c9x_msgin(struct ncr53c9x_softc *sc); 153static void ncr53c9x_msgout(struct ncr53c9x_softc *sc); 154static void ncr53c9x_init(struct ncr53c9x_softc *sc, int doreset); 155static void ncr53c9x_intr1(struct ncr53c9x_softc *sc); 156static void ncr53c9x_poll(struct cam_sim *sim); 157static int ncr53c9x_rdfifo(struct ncr53c9x_softc *sc, int how); 158static int ncr53c9x_reselect(struct ncr53c9x_softc *sc, int message, 159 int tagtype, int tagid); 160static void ncr53c9x_reset(struct ncr53c9x_softc *sc); 161static void ncr53c9x_sense(struct ncr53c9x_softc *sc, 162 struct ncr53c9x_ecb *ecb); 163static void ncr53c9x_sched(struct ncr53c9x_softc *sc); 164static void ncr53c9x_select(struct ncr53c9x_softc *sc, 165 struct ncr53c9x_ecb *ecb); 166static void ncr53c9x_watch(void *arg); 167static void ncr53c9x_wrfifo(struct ncr53c9x_softc *sc, uint8_t *p, 168 int len); 169 170static struct ncr53c9x_ecb *ncr53c9x_get_ecb(struct ncr53c9x_softc *sc); 171static struct ncr53c9x_linfo *ncr53c9x_lunsearch(struct ncr53c9x_tinfo *sc, 172 int64_t lun); 173 174static inline void ncr53c9x_readregs(struct ncr53c9x_softc *sc); 175static inline void ncr53c9x_setsync(struct ncr53c9x_softc *sc, 176 struct ncr53c9x_tinfo *ti); 177static inline int ncr53c9x_stp2cpb(struct ncr53c9x_softc *sc, 178 int period); 179 180#define NCR_RDFIFO_START 0 181#define NCR_RDFIFO_CONTINUE 1 182 183#define NCR_SET_COUNT(sc, size) do { \ 184 NCR_WRITE_REG((sc), NCR_TCL, (size)); \ 185 NCR_WRITE_REG((sc), NCR_TCM, (size) >> 8); \ 186 if ((sc->sc_features & NCR_F_LARGEXFER) != 0) \ 187 NCR_WRITE_REG((sc), NCR_TCH, (size) >> 16); \ 188 if (sc->sc_rev == NCR_VARIANT_FAS366) \ 189 NCR_WRITE_REG(sc, NCR_RCH, 0); \ 190} while (/* CONSTCOND */0) 191 192#ifndef mstohz 193#define mstohz(ms) \ 194 (((ms) < 0x20000) ? \ 195 ((ms +0u) / 1000u) * hz : \ 196 ((ms +0u) * hz) /1000u) 197#endif 198 199/* 200 * Names for the NCR53c9x variants, corresponding to the variant tags 201 * in ncr53c9xvar.h. 202 */ 203static const char *ncr53c9x_variant_names[] = { 204 "ESP100", 205 "ESP100A", 206 "ESP200", 207 "NCR53C94", 208 "NCR53C96", 209 "ESP406", 210 "FAS408", 211 "FAS216", 212 "AM53C974", 213 "FAS366/HME", 214 "NCR53C90 (86C01)", 215 "FAS100A", 216 "FAS236", 217}; 218 219/* 220 * Search linked list for LUN info by LUN id. 221 */ 222static struct ncr53c9x_linfo * 223ncr53c9x_lunsearch(struct ncr53c9x_tinfo *ti, int64_t lun) 224{ 225 struct ncr53c9x_linfo *li; 226 227 LIST_FOREACH(li, &ti->luns, link) 228 if (li->lun == lun) 229 return (li); 230 return (NULL); 231} 232 233/* 234 * Attach this instance, and then all the sub-devices. 235 */ 236int 237ncr53c9x_attach(struct ncr53c9x_softc *sc) 238{ 239 struct cam_devq *devq; 240 struct cam_sim *sim; 241 struct cam_path *path; 242 struct ncr53c9x_ecb *ecb; 243 int error, i; 244 245 if (NCR_LOCK_INITIALIZED(sc) == 0) { 246 device_printf(sc->sc_dev, "mutex not initialized\n"); 247 return (ENXIO); 248 } 249 250 callout_init_mtx(&sc->sc_watchdog, &sc->sc_lock, 0); 251 252 /* 253 * Note, the front-end has set us up to print the chip variation. 254 */ 255 if (sc->sc_rev >= NCR_VARIANT_MAX) { 256 device_printf(sc->sc_dev, "unknown variant %d, devices not " 257 "attached\n", sc->sc_rev); 258 return (EINVAL); 259 } 260 261 device_printf(sc->sc_dev, "%s, %d MHz, SCSI ID %d\n", 262 ncr53c9x_variant_names[sc->sc_rev], sc->sc_freq, sc->sc_id); 263 264 sc->sc_ntarg = (sc->sc_rev == NCR_VARIANT_FAS366) ? 16 : 8; 265 266 /* 267 * Allocate SCSI message buffers. 268 * Front-ends can override allocation to avoid alignment 269 * handling in the DMA engines. Note that ncr53c9x_msgout() 270 * can request a 1 byte DMA transfer. 271 */ 272 if (sc->sc_omess == NULL) { 273 sc->sc_omess_self = 1; 274 sc->sc_omess = malloc(NCR_MAX_MSG_LEN, M_DEVBUF, M_NOWAIT); 275 if (sc->sc_omess == NULL) { 276 device_printf(sc->sc_dev, 277 "cannot allocate MSGOUT buffer\n"); 278 return (ENOMEM); 279 } 280 } else 281 sc->sc_omess_self = 0; 282 283 if (sc->sc_imess == NULL) { 284 sc->sc_imess_self = 1; 285 sc->sc_imess = malloc(NCR_MAX_MSG_LEN + 1, M_DEVBUF, M_NOWAIT); 286 if (sc->sc_imess == NULL) { 287 device_printf(sc->sc_dev, 288 "cannot allocate MSGIN buffer\n"); 289 error = ENOMEM; 290 goto fail_omess; 291 } 292 } else 293 sc->sc_imess_self = 0; 294 295 sc->sc_tinfo = malloc(sc->sc_ntarg * sizeof(sc->sc_tinfo[0]), 296 M_DEVBUF, M_NOWAIT | M_ZERO); 297 if (sc->sc_tinfo == NULL) { 298 device_printf(sc->sc_dev, 299 "cannot allocate target info buffer\n"); 300 error = ENOMEM; 301 goto fail_imess; 302 } 303 304 /* 305 * Treat NCR53C90 with the 86C01 DMA chip exactly as ESP100 306 * from now on. 307 */ 308 if (sc->sc_rev == NCR_VARIANT_NCR53C90_86C01) 309 sc->sc_rev = NCR_VARIANT_ESP100; 310 311 sc->sc_ccf = FREQTOCCF(sc->sc_freq); 312 313 /* The value *must not* be == 1. Make it 2. */ 314 if (sc->sc_ccf == 1) 315 sc->sc_ccf = 2; 316 317 /* 318 * The recommended timeout is 250ms. This register is loaded 319 * with a value calculated as follows, from the docs: 320 * 321 * (timeout period) x (CLK frequency) 322 * reg = ------------------------------------- 323 * 8192 x (Clock Conversion Factor) 324 * 325 * Since CCF has a linear relation to CLK, this generally computes 326 * to the constant of 153. 327 */ 328 sc->sc_timeout = ((250 * 1000) * sc->sc_freq) / (8192 * sc->sc_ccf); 329 330 /* The CCF register only has 3 bits; 0 is actually 8. */ 331 sc->sc_ccf &= 7; 332 333 /* 334 * Register with CAM. 335 */ 336 devq = cam_simq_alloc(sc->sc_ntarg); 337 if (devq == NULL) { 338 device_printf(sc->sc_dev, "cannot allocate device queue\n"); 339 error = ENOMEM; 340 goto fail_tinfo; 341 } 342 343 sim = cam_sim_alloc(ncr53c9x_action, ncr53c9x_poll, "esp", sc, 344 device_get_unit(sc->sc_dev), &sc->sc_lock, 1, NCR_TAG_DEPTH, devq); 345 if (sim == NULL) { 346 device_printf(sc->sc_dev, "cannot allocate SIM entry\n"); 347 error = ENOMEM; 348 goto fail_devq; 349 } 350 351 NCR_LOCK(sc); 352 353 if (xpt_bus_register(sim, sc->sc_dev, 0) != CAM_SUCCESS) { 354 device_printf(sc->sc_dev, "cannot register bus\n"); 355 error = EIO; 356 goto fail_lock; 357 } 358 359 if (xpt_create_path(&path, NULL, cam_sim_path(sim), 360 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 361 device_printf(sc->sc_dev, "cannot create path\n"); 362 error = EIO; 363 goto fail_bus; 364 } 365 366 if (xpt_register_async(AC_LOST_DEVICE, ncr53c9x_async, sim, path) != 367 CAM_REQ_CMP) { 368 device_printf(sc->sc_dev, "cannot register async handler\n"); 369 error = EIO; 370 goto fail_path; 371 } 372 373 sc->sc_sim = sim; 374 sc->sc_path = path; 375 376 /* Reset state and bus. */ 377#if 0 378 sc->sc_cfflags = sc->sc_dev.dv_cfdata->cf_flags; 379#else 380 sc->sc_cfflags = 0; 381#endif 382 sc->sc_state = 0; 383 ncr53c9x_init(sc, 1); 384 385 TAILQ_INIT(&sc->free_list); 386 if ((sc->ecb_array = 387 malloc(sizeof(struct ncr53c9x_ecb) * NCR_TAG_DEPTH, M_DEVBUF, 388 M_NOWAIT | M_ZERO)) == NULL) { 389 device_printf(sc->sc_dev, "cannot allocate ECB array\n"); 390 error = ENOMEM; 391 goto fail_async; 392 } 393 for (i = 0; i < NCR_TAG_DEPTH; i++) { 394 ecb = &sc->ecb_array[i]; 395 ecb->sc = sc; 396 ecb->tag_id = i; 397 callout_init_mtx(&ecb->ch, &sc->sc_lock, 0); 398 TAILQ_INSERT_HEAD(&sc->free_list, ecb, free_links); 399 } 400 401 callout_reset(&sc->sc_watchdog, 60 * hz, ncr53c9x_watch, sc); 402 403 NCR_UNLOCK(sc); 404 405 return (0); 406 407fail_async: 408 xpt_register_async(0, ncr53c9x_async, sim, path); 409fail_path: 410 xpt_free_path(path); 411fail_bus: 412 xpt_bus_deregister(cam_sim_path(sim)); 413fail_lock: 414 NCR_UNLOCK(sc); 415 cam_sim_free(sim, TRUE); 416fail_devq: 417 cam_simq_free(devq); 418fail_tinfo: 419 free(sc->sc_tinfo, M_DEVBUF); 420fail_imess: 421 if (sc->sc_imess_self) 422 free(sc->sc_imess, M_DEVBUF); 423fail_omess: 424 if (sc->sc_omess_self) 425 free(sc->sc_omess, M_DEVBUF); 426 return (error); 427} 428 429int 430ncr53c9x_detach(struct ncr53c9x_softc *sc) 431{ 432 struct ncr53c9x_linfo *li, *nextli; 433 int t; 434 435 callout_drain(&sc->sc_watchdog); 436 437 NCR_LOCK(sc); 438 439 if (sc->sc_tinfo) { 440 /* Cancel all commands. */ 441 ncr53c9x_clear(sc, CAM_REQ_ABORTED); 442 443 /* Free logical units. */ 444 for (t = 0; t < sc->sc_ntarg; t++) { 445 for (li = LIST_FIRST(&sc->sc_tinfo[t].luns); li; 446 li = nextli) { 447 nextli = LIST_NEXT(li, link); 448 free(li, M_DEVBUF); 449 } 450 } 451 } 452 453 xpt_register_async(0, ncr53c9x_async, sc->sc_sim, sc->sc_path); 454 xpt_free_path(sc->sc_path); 455 xpt_bus_deregister(cam_sim_path(sc->sc_sim)); 456 cam_sim_free(sc->sc_sim, TRUE); 457 458 NCR_UNLOCK(sc); 459 460 free(sc->ecb_array, M_DEVBUF); 461 free(sc->sc_tinfo, M_DEVBUF); 462 if (sc->sc_imess_self) 463 free(sc->sc_imess, M_DEVBUF); 464 if (sc->sc_omess_self) 465 free(sc->sc_omess, M_DEVBUF); 466 467 return (0); 468} 469 470/* 471 * This is the generic ncr53c9x reset function. It does not reset the SCSI 472 * bus, only this controller, but kills any on-going commands, and also stops 473 * and resets the DMA. 474 * 475 * After reset, registers are loaded with the defaults from the attach 476 * routine above. 477 */ 478static void 479ncr53c9x_reset(struct ncr53c9x_softc *sc) 480{ 481 482 NCR_LOCK_ASSERT(sc, MA_OWNED); 483 484 /* Reset DMA first. */ 485 NCRDMA_RESET(sc); 486 487 /* Reset SCSI chip. */ 488 NCRCMD(sc, NCRCMD_RSTCHIP); 489 NCRCMD(sc, NCRCMD_NOP); 490 DELAY(500); 491 492 /* Do these backwards, and fall through. */ 493 switch (sc->sc_rev) { 494 case NCR_VARIANT_ESP406: 495 case NCR_VARIANT_FAS408: 496 NCR_WRITE_REG(sc, NCR_CFG5, sc->sc_cfg5 | NCRCFG5_SINT); 497 NCR_WRITE_REG(sc, NCR_CFG4, sc->sc_cfg4); 498 /* FALLTHROUGH */ 499 case NCR_VARIANT_AM53C974: 500 case NCR_VARIANT_FAS100A: 501 case NCR_VARIANT_FAS216: 502 case NCR_VARIANT_FAS236: 503 case NCR_VARIANT_NCR53C94: 504 case NCR_VARIANT_NCR53C96: 505 case NCR_VARIANT_ESP200: 506 sc->sc_features |= NCR_F_HASCFG3; 507 NCR_WRITE_REG(sc, NCR_CFG3, sc->sc_cfg3); 508 /* FALLTHROUGH */ 509 case NCR_VARIANT_ESP100A: 510 sc->sc_features |= NCR_F_SELATN3; 511 if ((sc->sc_cfg2 & NCRCFG2_FE) != 0) 512 sc->sc_features |= NCR_F_LARGEXFER; 513 NCR_WRITE_REG(sc, NCR_CFG2, sc->sc_cfg2); 514 /* FALLTHROUGH */ 515 case NCR_VARIANT_ESP100: 516 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1); 517 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf); 518 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0); 519 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout); 520 break; 521 522 case NCR_VARIANT_FAS366: 523 sc->sc_features |= NCR_F_HASCFG3 | NCR_F_FASTSCSI | 524 NCR_F_SELATN3 | NCR_F_LARGEXFER; 525 sc->sc_cfg3 = NCRFASCFG3_FASTCLK | NCRFASCFG3_OBAUTO; 526 if (sc->sc_id > 7) 527 sc->sc_cfg3 |= NCRFASCFG3_IDBIT3; 528 sc->sc_cfg3_fscsi = NCRFASCFG3_FASTSCSI; 529 NCR_WRITE_REG(sc, NCR_CFG3, sc->sc_cfg3); 530 sc->sc_cfg2 = NCRCFG2_HMEFE | NCRCFG2_HME32; 531 NCR_WRITE_REG(sc, NCR_CFG2, sc->sc_cfg2); 532 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1); 533 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf); 534 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0); 535 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout); 536 break; 537 538 default: 539 device_printf(sc->sc_dev, 540 "unknown revision code, assuming ESP100\n"); 541 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1); 542 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf); 543 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0); 544 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout); 545 } 546 547 if (sc->sc_rev == NCR_VARIANT_AM53C974) 548 NCR_WRITE_REG(sc, NCR_AMDCFG4, sc->sc_cfg4); 549 550#if 0 551 device_printf(sc->sc_dev, "%s: revision %d\n", __func__, sc->sc_rev); 552 device_printf(sc->sc_dev, "%s: cfg1 0x%x, cfg2 0x%x, cfg3 0x%x, ccf " 553 "0x%x, timeout 0x%x\n", __func__, sc->sc_cfg1, sc->sc_cfg2, 554 sc->sc_cfg3, sc->sc_ccf, sc->sc_timeout); 555#endif 556} 557 558/* 559 * Clear all commands. 560 */ 561static void 562ncr53c9x_clear(struct ncr53c9x_softc *sc, cam_status result) 563{ 564 struct ncr53c9x_ecb *ecb; 565 int r; 566 567 NCR_LOCK_ASSERT(sc, MA_OWNED); 568 569 /* Cancel any active commands. */ 570 sc->sc_state = NCR_CLEANING; 571 sc->sc_msgify = 0; 572 ecb = sc->sc_nexus; 573 if (ecb != NULL) { 574 ecb->ccb->ccb_h.status = result; 575 ncr53c9x_done(sc, ecb); 576 } 577 /* Cancel outstanding disconnected commands. */ 578 for (r = 0; r < sc->sc_ntarg; r++) 579 ncr53c9x_clear_target(sc, r, result); 580} 581 582/* 583 * Clear all commands for a specific target. 584 */ 585static void 586ncr53c9x_clear_target(struct ncr53c9x_softc *sc, int target, 587 cam_status result) 588{ 589 struct ncr53c9x_ecb *ecb; 590 struct ncr53c9x_linfo *li; 591 int i; 592 593 NCR_LOCK_ASSERT(sc, MA_OWNED); 594 595 /* Cancel outstanding disconnected commands on each LUN. */ 596 LIST_FOREACH(li, &sc->sc_tinfo[target].luns, link) { 597 ecb = li->untagged; 598 if (ecb != NULL) { 599 li->untagged = NULL; 600 /* 601 * XXX should we terminate a command 602 * that never reached the disk? 603 */ 604 li->busy = 0; 605 ecb->ccb->ccb_h.status = result; 606 ncr53c9x_done(sc, ecb); 607 } 608 for (i = 0; i < NCR_TAG_DEPTH; i++) { 609 ecb = li->queued[i]; 610 if (ecb != NULL) { 611 li->queued[i] = NULL; 612 ecb->ccb->ccb_h.status = result; 613 ncr53c9x_done(sc, ecb); 614 } 615 } 616 li->used = 0; 617 } 618} 619 620/* 621 * Initialize ncr53c9x state machine. 622 */ 623static void 624ncr53c9x_init(struct ncr53c9x_softc *sc, int doreset) 625{ 626 struct ncr53c9x_tinfo *ti; 627 int r; 628 629 NCR_LOCK_ASSERT(sc, MA_OWNED); 630 631 NCR_MISC(("[NCR_INIT(%d) %d] ", doreset, sc->sc_state)); 632 633 if (sc->sc_state == 0) { 634 /* First time through; initialize. */ 635 636 TAILQ_INIT(&sc->ready_list); 637 sc->sc_nexus = NULL; 638 memset(sc->sc_tinfo, 0, sizeof(*sc->sc_tinfo)); 639 for (r = 0; r < sc->sc_ntarg; r++) { 640 LIST_INIT(&sc->sc_tinfo[r].luns); 641 } 642 } else 643 ncr53c9x_clear(sc, CAM_CMD_TIMEOUT); 644 645 /* 646 * Reset the chip to a known state. 647 */ 648 ncr53c9x_reset(sc); 649 650 sc->sc_flags = 0; 651 sc->sc_msgpriq = sc->sc_msgout = sc->sc_msgoutq = 0; 652 sc->sc_phase = sc->sc_prevphase = INVALID_PHASE; 653 654 /* 655 * If we're the first time through, set the default parameters 656 * for all targets. Otherwise we only clear their current transfer 657 * settings so we'll renegotiate their goal settings with the next 658 * command. 659 */ 660 if (sc->sc_state == 0) { 661 for (r = 0; r < sc->sc_ntarg; r++) { 662 ti = &sc->sc_tinfo[r]; 663/* XXX - config flags per target: low bits: no reselect; high bits: no synch */ 664 665 ti->flags = ((sc->sc_minsync != 0 && 666 (sc->sc_cfflags & (1 << ((r & 7) + 8))) == 0) ? 667 0 : T_SYNCHOFF) | 668 ((sc->sc_cfflags & (1 << (r & 7))) == 0 ? 669 0 : T_RSELECTOFF); 670 ti->curr.period = ti->goal.period = 0; 671 ti->curr.offset = ti->goal.offset = 0; 672 ti->curr.width = ti->goal.width = 673 MSG_EXT_WDTR_BUS_8_BIT; 674 } 675 } else { 676 for (r = 0; r < sc->sc_ntarg; r++) { 677 ti = &sc->sc_tinfo[r]; 678 ti->flags &= ~(T_SDTRSENT | T_WDTRSENT); 679 ti->curr.period = 0; 680 ti->curr.offset = 0; 681 ti->curr.width = MSG_EXT_WDTR_BUS_8_BIT; 682 } 683 } 684 685 if (doreset) { 686 sc->sc_state = NCR_SBR; 687 NCRCMD(sc, NCRCMD_RSTSCSI); 688 /* Give the bus a fighting chance to settle. */ 689 DELAY(250000); 690 } else { 691 sc->sc_state = NCR_IDLE; 692 ncr53c9x_sched(sc); 693 } 694} 695 696/* 697 * Read the NCR registers, and save their contents for later use. 698 * NCR_STAT, NCR_STEP & NCR_INTR are mostly zeroed out when reading 699 * NCR_INTR - so make sure it is the last read. 700 * 701 * I think that (from reading the docs) most bits in these registers 702 * only make sense when the DMA CSR has an interrupt showing. Call only 703 * if an interrupt is pending. 704 */ 705static inline void 706ncr53c9x_readregs(struct ncr53c9x_softc *sc) 707{ 708 709 NCR_LOCK_ASSERT(sc, MA_OWNED); 710 711 sc->sc_espstat = NCR_READ_REG(sc, NCR_STAT); 712 /* Only the step bits are of interest. */ 713 sc->sc_espstep = NCR_READ_REG(sc, NCR_STEP) & NCRSTEP_MASK; 714 715 if (sc->sc_rev == NCR_VARIANT_FAS366) 716 sc->sc_espstat2 = NCR_READ_REG(sc, NCR_STAT2); 717 718 sc->sc_espintr = NCR_READ_REG(sc, NCR_INTR); 719 720 /* 721 * Determine the SCSI bus phase, return either a real SCSI bus phase 722 * or some pseudo phase we use to detect certain exceptions. 723 */ 724 sc->sc_phase = (sc->sc_espintr & NCRINTR_DIS) ? 725 BUSFREE_PHASE : sc->sc_espstat & NCRSTAT_PHASE; 726 727 NCR_INTS(("regs[intr=%02x,stat=%02x,step=%02x,stat2=%02x] ", 728 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep, sc->sc_espstat2)); 729} 730 731/* 732 * Convert Synchronous Transfer Period to chip register Clock Per Byte value. 733 */ 734static inline int 735ncr53c9x_stp2cpb(struct ncr53c9x_softc *sc, int period) 736{ 737 int v; 738 739 NCR_LOCK_ASSERT(sc, MA_OWNED); 740 741 v = (sc->sc_freq * period) / 250; 742 if (ncr53c9x_cpb2stp(sc, v) < period) 743 /* Correct round-down error. */ 744 v++; 745 return (v); 746} 747 748static inline void 749ncr53c9x_setsync(struct ncr53c9x_softc *sc, struct ncr53c9x_tinfo *ti) 750{ 751 uint8_t cfg3, syncoff, synctp; 752 753 NCR_LOCK_ASSERT(sc, MA_OWNED); 754 755 cfg3 = sc->sc_cfg3; 756 if (ti->curr.offset != 0) { 757 syncoff = ti->curr.offset; 758 synctp = ncr53c9x_stp2cpb(sc, ti->curr.period); 759 if (sc->sc_features & NCR_F_FASTSCSI) { 760 /* 761 * If the period is 200ns or less (ti->period <= 50), 762 * put the chip in Fast SCSI mode. 763 */ 764 if (ti->curr.period <= 50) 765 /* 766 * There are (at least) 4 variations of the 767 * configuration 3 register. The drive attach 768 * routine sets the appropriate bit to put the 769 * chip into Fast SCSI mode so that it doesn't 770 * have to be figured out here each time. 771 */ 772 cfg3 |= sc->sc_cfg3_fscsi; 773 } 774 775 /* 776 * Am53c974 requires different SYNCTP values when the 777 * FSCSI bit is off. 778 */ 779 if (sc->sc_rev == NCR_VARIANT_AM53C974 && 780 (cfg3 & NCRAMDCFG3_FSCSI) == 0) 781 synctp--; 782 } else { 783 syncoff = 0; 784 synctp = 0; 785 } 786 787 if (ti->curr.width != MSG_EXT_WDTR_BUS_8_BIT) { 788 if (sc->sc_rev == NCR_VARIANT_FAS366) 789 cfg3 |= NCRFASCFG3_EWIDE; 790 } 791 792 if (sc->sc_features & NCR_F_HASCFG3) 793 NCR_WRITE_REG(sc, NCR_CFG3, cfg3); 794 795 NCR_WRITE_REG(sc, NCR_SYNCOFF, syncoff); 796 NCR_WRITE_REG(sc, NCR_SYNCTP, synctp); 797} 798 799/* 800 * Send a command to a target, set the driver state to NCR_SELECTING 801 * and let the caller take care of the rest. 802 * 803 * Keeping this as a function allows me to say that this may be done 804 * by DMA instead of programmed I/O soon. 805 */ 806static void 807ncr53c9x_select(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 808{ 809 struct ncr53c9x_tinfo *ti; 810 uint8_t *cmd; 811 size_t dmasize; 812 int clen, error, selatn3, selatns; 813 int lun = ecb->ccb->ccb_h.target_lun; 814 int target = ecb->ccb->ccb_h.target_id; 815 816 NCR_LOCK_ASSERT(sc, MA_OWNED); 817 818 NCR_TRACE(("[%s(t%d,l%d,cmd:%x,tag:%x,%x)] ", __func__, target, lun, 819 ecb->cmd.cmd.opcode, ecb->tag[0], ecb->tag[1])); 820 821 ti = &sc->sc_tinfo[target]; 822 sc->sc_state = NCR_SELECTING; 823 /* 824 * Schedule the callout now, the first time we will go away 825 * expecting to come back due to an interrupt, because it is 826 * always possible that the interrupt may never happen. 827 */ 828 callout_reset(&ecb->ch, mstohz(ecb->timeout), ncr53c9x_callout, ecb); 829 830 /* 831 * The docs say the target register is never reset, and I 832 * can't think of a better place to set it. 833 */ 834 if (sc->sc_rev == NCR_VARIANT_FAS366) { 835 NCRCMD(sc, NCRCMD_FLUSH); 836 NCR_WRITE_REG(sc, NCR_SELID, target | NCR_BUSID_HMEXC32 | 837 NCR_BUSID_HMEENCID); 838 } else 839 NCR_WRITE_REG(sc, NCR_SELID, target); 840 841 /* 842 * If we are requesting sense, force a renegotiation if we are 843 * currently using anything different from asynchronous at 8 bit 844 * as the target might have lost our transfer negotiations. 845 */ 846 if ((ecb->flags & ECB_SENSE) != 0 && (ti->curr.offset != 0 || 847 ti->curr.width != MSG_EXT_WDTR_BUS_8_BIT)) { 848 ti->curr.period = 0; 849 ti->curr.offset = 0; 850 ti->curr.width = MSG_EXT_WDTR_BUS_8_BIT; 851 } 852 ncr53c9x_setsync(sc, ti); 853 854 selatn3 = selatns = 0; 855 if (ecb->tag[0] != 0) { 856 if (sc->sc_features & NCR_F_SELATN3) 857 /* Use SELATN3 to send tag messages. */ 858 selatn3 = 1; 859 else 860 /* We don't have SELATN3; use SELATNS to send tags. */ 861 selatns = 1; 862 } 863 864 if (ti->curr.period != ti->goal.period || 865 ti->curr.offset != ti->goal.offset || 866 ti->curr.width != ti->goal.width) { 867 /* We have to use SELATNS to send sync/wide messages. */ 868 selatn3 = 0; 869 selatns = 1; 870 } 871 872 cmd = (uint8_t *)&ecb->cmd.cmd; 873 874 if (selatn3) { 875 /* We'll use tags with SELATN3. */ 876 clen = ecb->clen + 3; 877 cmd -= 3; 878 cmd[0] = MSG_IDENTIFY(lun, 1); /* msg[0] */ 879 cmd[1] = ecb->tag[0]; /* msg[1] */ 880 cmd[2] = ecb->tag[1]; /* msg[2] */ 881 } else { 882 /* We don't have tags, or will send messages with SELATNS. */ 883 clen = ecb->clen + 1; 884 cmd -= 1; 885 cmd[0] = MSG_IDENTIFY(lun, (ti->flags & T_RSELECTOFF) == 0); 886 } 887 888 if ((sc->sc_features & NCR_F_DMASELECT) && !selatns) { 889 /* Setup DMA transfer for command. */ 890 dmasize = clen; 891 sc->sc_cmdlen = clen; 892 sc->sc_cmdp = cmd; 893 error = NCRDMA_SETUP(sc, &sc->sc_cmdp, &sc->sc_cmdlen, 0, 894 &dmasize); 895 if (error != 0) 896 goto cmd; 897 898 /* Program the SCSI counter. */ 899 NCR_SET_COUNT(sc, dmasize); 900 901 /* Load the count in. */ 902 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 903 904 /* And get the target's attention. */ 905 if (selatn3) { 906 sc->sc_msgout = SEND_TAG; 907 sc->sc_flags |= NCR_ATN; 908 NCRCMD(sc, NCRCMD_SELATN3 | NCRCMD_DMA); 909 } else 910 NCRCMD(sc, NCRCMD_SELATN | NCRCMD_DMA); 911 NCRDMA_GO(sc); 912 return; 913 } 914 915cmd: 916 /* 917 * Who am I? This is where we tell the target that we are 918 * happy for it to disconnect etc. 919 */ 920 921 /* Now get the command into the FIFO. */ 922 sc->sc_cmdlen = 0; 923 ncr53c9x_wrfifo(sc, cmd, clen); 924 925 /* And get the target's attention. */ 926 if (selatns) { 927 NCR_MSGS(("SELATNS \n")); 928 /* Arbitrate, select and stop after IDENTIFY message. */ 929 NCRCMD(sc, NCRCMD_SELATNS); 930 } else if (selatn3) { 931 sc->sc_msgout = SEND_TAG; 932 sc->sc_flags |= NCR_ATN; 933 NCRCMD(sc, NCRCMD_SELATN3); 934 } else 935 NCRCMD(sc, NCRCMD_SELATN); 936} 937 938static void 939ncr53c9x_free_ecb(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 940{ 941 942 NCR_LOCK_ASSERT(sc, MA_OWNED); 943 944 ecb->flags = 0; 945 TAILQ_INSERT_TAIL(&sc->free_list, ecb, free_links); 946} 947 948static struct ncr53c9x_ecb * 949ncr53c9x_get_ecb(struct ncr53c9x_softc *sc) 950{ 951 struct ncr53c9x_ecb *ecb; 952 953 NCR_LOCK_ASSERT(sc, MA_OWNED); 954 955 ecb = TAILQ_FIRST(&sc->free_list); 956 if (ecb) { 957 if (ecb->flags != 0) 958 panic("%s: ecb flags not cleared", __func__); 959 TAILQ_REMOVE(&sc->free_list, ecb, free_links); 960 ecb->flags = ECB_ALLOC; 961 bzero(&ecb->ccb, sizeof(struct ncr53c9x_ecb) - 962 offsetof(struct ncr53c9x_ecb, ccb)); 963 } 964 return (ecb); 965} 966 967/* 968 * DRIVER FUNCTIONS CALLABLE FROM HIGHER LEVEL DRIVERS: 969 */ 970 971/* 972 * Start a SCSI-command. 973 * This function is called by the higher level SCSI-driver to queue/run 974 * SCSI-commands. 975 */ 976 977static void 978ncr53c9x_action(struct cam_sim *sim, union ccb *ccb) 979{ 980 struct ccb_pathinq *cpi; 981 struct ccb_scsiio *csio; 982 struct ccb_trans_settings *cts; 983 struct ccb_trans_settings_scsi *scsi; 984 struct ccb_trans_settings_spi *spi; 985 struct ncr53c9x_ecb *ecb; 986 struct ncr53c9x_softc *sc; 987 struct ncr53c9x_tinfo *ti; 988 int target; 989 990 sc = cam_sim_softc(sim); 991 992 NCR_LOCK_ASSERT(sc, MA_OWNED); 993 994 NCR_TRACE(("[%s %d]", __func__, ccb->ccb_h.func_code)); 995 996 switch (ccb->ccb_h.func_code) { 997 case XPT_RESET_BUS: 998 ncr53c9x_init(sc, 1); 999 ccb->ccb_h.status = CAM_REQ_CMP; 1000 break; 1001 1002 case XPT_CALC_GEOMETRY: 1003 cam_calc_geometry(&ccb->ccg, sc->sc_extended_geom); 1004 break; 1005 1006 case XPT_PATH_INQ: 1007 cpi = &ccb->cpi; 1008 cpi->version_num = 1; 1009 cpi->hba_inquiry = PI_SDTR_ABLE | PI_TAG_ABLE; 1010 cpi->hba_inquiry |= 1011 (sc->sc_rev == NCR_VARIANT_FAS366) ? PI_WIDE_16 : 0; 1012 cpi->target_sprt = 0; 1013 cpi->hba_misc = 0; 1014 cpi->hba_eng_cnt = 0; 1015 cpi->max_target = sc->sc_ntarg - 1; 1016 cpi->max_lun = 7; 1017 cpi->initiator_id = sc->sc_id; 1018 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 1019 strlcpy(cpi->hba_vid, "NCR", HBA_IDLEN); 1020 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 1021 cpi->unit_number = cam_sim_unit(sim); 1022 cpi->bus_id = 0; 1023 cpi->base_transfer_speed = 3300; 1024 cpi->protocol = PROTO_SCSI; 1025 cpi->protocol_version = SCSI_REV_2; 1026 cpi->transport = XPORT_SPI; 1027 cpi->transport_version = 2; 1028 cpi->maxio = sc->sc_maxxfer; 1029 ccb->ccb_h.status = CAM_REQ_CMP; 1030 break; 1031 1032 case XPT_GET_TRAN_SETTINGS: 1033 cts = &ccb->cts; 1034 ti = &sc->sc_tinfo[ccb->ccb_h.target_id]; 1035 scsi = &cts->proto_specific.scsi; 1036 spi = &cts->xport_specific.spi; 1037 1038 cts->protocol = PROTO_SCSI; 1039 cts->protocol_version = SCSI_REV_2; 1040 cts->transport = XPORT_SPI; 1041 cts->transport_version = 2; 1042 1043 if (cts->type == CTS_TYPE_CURRENT_SETTINGS) { 1044 spi->sync_period = ti->curr.period; 1045 spi->sync_offset = ti->curr.offset; 1046 spi->bus_width = ti->curr.width; 1047 if ((ti->flags & T_TAG) != 0) { 1048 spi->flags |= CTS_SPI_FLAGS_DISC_ENB; 1049 scsi->flags |= CTS_SCSI_FLAGS_TAG_ENB; 1050 } else { 1051 spi->flags &= ~CTS_SPI_FLAGS_DISC_ENB; 1052 scsi->flags &= ~CTS_SCSI_FLAGS_TAG_ENB; 1053 } 1054 } else { 1055 if ((ti->flags & T_SYNCHOFF) != 0) { 1056 spi->sync_period = 0; 1057 spi->sync_offset = 0; 1058 } else { 1059 spi->sync_period = sc->sc_minsync; 1060 spi->sync_offset = sc->sc_maxoffset; 1061 } 1062 spi->bus_width = sc->sc_maxwidth; 1063 spi->flags |= CTS_SPI_FLAGS_DISC_ENB; 1064 scsi->flags |= CTS_SCSI_FLAGS_TAG_ENB; 1065 } 1066 spi->valid = 1067 CTS_SPI_VALID_BUS_WIDTH | 1068 CTS_SPI_VALID_SYNC_RATE | 1069 CTS_SPI_VALID_SYNC_OFFSET | 1070 CTS_SPI_VALID_DISC; 1071 scsi->valid = CTS_SCSI_VALID_TQ; 1072 ccb->ccb_h.status = CAM_REQ_CMP; 1073 break; 1074 1075 case XPT_ABORT: 1076 device_printf(sc->sc_dev, "XPT_ABORT called\n"); 1077 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL; 1078 break; 1079 1080 case XPT_TERM_IO: 1081 device_printf(sc->sc_dev, "XPT_TERM_IO called\n"); 1082 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL; 1083 break; 1084 1085 case XPT_RESET_DEV: 1086 case XPT_SCSI_IO: 1087 if (ccb->ccb_h.target_id >= sc->sc_ntarg) { 1088 ccb->ccb_h.status = CAM_PATH_INVALID; 1089 goto done; 1090 } 1091 /* Get an ECB to use. */ 1092 ecb = ncr53c9x_get_ecb(sc); 1093 /* 1094 * This should never happen as we track resources 1095 * in the mid-layer. 1096 */ 1097 if (ecb == NULL) { 1098 xpt_freeze_simq(sim, 1); 1099 ccb->ccb_h.status = CAM_REQUEUE_REQ; 1100 device_printf(sc->sc_dev, "unable to allocate ecb\n"); 1101 goto done; 1102 } 1103 1104 /* Initialize ecb. */ 1105 ecb->ccb = ccb; 1106 ecb->timeout = ccb->ccb_h.timeout; 1107 1108 if (ccb->ccb_h.func_code == XPT_RESET_DEV) { 1109 ecb->flags |= ECB_RESET; 1110 ecb->clen = 0; 1111 ecb->dleft = 0; 1112 } else { 1113 csio = &ccb->csio; 1114 if ((ccb->ccb_h.flags & CAM_CDB_POINTER) != 0) 1115 bcopy(csio->cdb_io.cdb_ptr, &ecb->cmd.cmd, 1116 csio->cdb_len); 1117 else 1118 bcopy(csio->cdb_io.cdb_bytes, &ecb->cmd.cmd, 1119 csio->cdb_len); 1120 ecb->clen = csio->cdb_len; 1121 ecb->daddr = csio->data_ptr; 1122 ecb->dleft = csio->dxfer_len; 1123 } 1124 ecb->stat = 0; 1125 1126 TAILQ_INSERT_TAIL(&sc->ready_list, ecb, chain); 1127 ecb->flags |= ECB_READY; 1128 if (sc->sc_state == NCR_IDLE) 1129 ncr53c9x_sched(sc); 1130 return; 1131 1132 case XPT_SET_TRAN_SETTINGS: 1133 cts = &ccb->cts; 1134 target = ccb->ccb_h.target_id; 1135 ti = &sc->sc_tinfo[target]; 1136 scsi = &cts->proto_specific.scsi; 1137 spi = &cts->xport_specific.spi; 1138 1139 if ((scsi->valid & CTS_SCSI_VALID_TQ) != 0) { 1140 if ((sc->sc_cfflags & (1<<((target & 7) + 16))) == 0 && 1141 (scsi->flags & CTS_SCSI_FLAGS_TAG_ENB)) { 1142 NCR_MISC(("%s: target %d: tagged queuing\n", 1143 device_get_nameunit(sc->sc_dev), target)); 1144 ti->flags |= T_TAG; 1145 } else 1146 ti->flags &= ~T_TAG; 1147 } 1148 1149 if ((spi->valid & CTS_SPI_VALID_BUS_WIDTH) != 0) { 1150 NCR_MISC(("%s: target %d: wide negotiation\n", 1151 device_get_nameunit(sc->sc_dev), target)); 1152 ti->goal.width = spi->bus_width; 1153 } 1154 1155 if ((spi->valid & CTS_SPI_VALID_SYNC_RATE) != 0) { 1156 NCR_MISC(("%s: target %d: sync period negotiation\n", 1157 device_get_nameunit(sc->sc_dev), target)); 1158 ti->goal.period = spi->sync_period; 1159 } 1160 1161 if ((spi->valid & CTS_SPI_VALID_SYNC_OFFSET) != 0) { 1162 NCR_MISC(("%s: target %d: sync offset negotiation\n", 1163 device_get_nameunit(sc->sc_dev), target)); 1164 ti->goal.offset = spi->sync_offset; 1165 } 1166 1167 ccb->ccb_h.status = CAM_REQ_CMP; 1168 break; 1169 1170 default: 1171 device_printf(sc->sc_dev, "Unhandled function code %d\n", 1172 ccb->ccb_h.func_code); 1173 ccb->ccb_h.status = CAM_PROVIDE_FAIL; 1174 } 1175 1176done: 1177 xpt_done(ccb); 1178} 1179 1180/* 1181 * Used when interrupt driven I/O is not allowed, e.g. during boot. 1182 */ 1183static void 1184ncr53c9x_poll(struct cam_sim *sim) 1185{ 1186 struct ncr53c9x_softc *sc; 1187 1188 sc = cam_sim_softc(sim); 1189 1190 NCR_LOCK_ASSERT(sc, MA_OWNED); 1191 1192 NCR_TRACE(("[%s] ", __func__)); 1193 1194 if (NCRDMA_ISINTR(sc)) 1195 ncr53c9x_intr1(sc); 1196} 1197 1198/* 1199 * Asynchronous notification handler 1200 */ 1201static void 1202ncr53c9x_async(void *cbarg, uint32_t code, struct cam_path *path, void *arg) 1203{ 1204 struct ncr53c9x_softc *sc; 1205 struct ncr53c9x_tinfo *ti; 1206 int target; 1207 1208 sc = cam_sim_softc(cbarg); 1209 1210 NCR_LOCK_ASSERT(sc, MA_OWNED); 1211 1212 switch (code) { 1213 case AC_LOST_DEVICE: 1214 target = xpt_path_target_id(path); 1215 if (target < 0 || target >= sc->sc_ntarg) 1216 break; 1217 1218 /* Cancel outstanding disconnected commands. */ 1219 ncr53c9x_clear_target(sc, target, CAM_REQ_ABORTED); 1220 1221 /* Set the default parameters for the target. */ 1222 ti = &sc->sc_tinfo[target]; 1223/* XXX - config flags per target: low bits: no reselect; high bits: no synch */ 1224 ti->flags = ((sc->sc_minsync != 0 && 1225 (sc->sc_cfflags & (1 << ((target & 7) + 8))) == 0) ? 1226 0 : T_SYNCHOFF) | 1227 ((sc->sc_cfflags & (1 << (target & 7))) == 0 ? 1228 0 : T_RSELECTOFF); 1229 ti->curr.period = ti->goal.period = 0; 1230 ti->curr.offset = ti->goal.offset = 0; 1231 ti->curr.width = ti->goal.width = MSG_EXT_WDTR_BUS_8_BIT; 1232 break; 1233 } 1234} 1235 1236/* 1237 * LOW LEVEL SCSI UTILITIES 1238 */ 1239 1240/* 1241 * Schedule a SCSI operation. This has now been pulled out of the interrupt 1242 * handler so that we may call it from ncr53c9x_action and ncr53c9x_done. 1243 * This may save us an unnecessary interrupt just to get things going. 1244 * Should only be called when state == NCR_IDLE and with sc_lock held. 1245 */ 1246static void 1247ncr53c9x_sched(struct ncr53c9x_softc *sc) 1248{ 1249 struct ncr53c9x_ecb *ecb; 1250 struct ncr53c9x_linfo *li; 1251 struct ncr53c9x_tinfo *ti; 1252 int lun, tag; 1253 1254 NCR_LOCK_ASSERT(sc, MA_OWNED); 1255 1256 NCR_TRACE(("[%s] ", __func__)); 1257 1258 if (sc->sc_state != NCR_IDLE) 1259 panic("%s: not IDLE (state=%d)", __func__, sc->sc_state); 1260 1261 /* 1262 * Find first ecb in ready queue that is for a target/lunit 1263 * combinations that is not busy. 1264 */ 1265 TAILQ_FOREACH(ecb, &sc->ready_list, chain) { 1266 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 1267 lun = ecb->ccb->ccb_h.target_lun; 1268 1269 /* Select type of tag for this command */ 1270 if ((ti->flags & (T_RSELECTOFF | T_TAG)) != T_TAG) 1271 tag = 0; 1272 else if ((ecb->flags & ECB_SENSE) != 0) 1273 tag = 0; 1274 else if ((ecb->ccb->ccb_h.flags & CAM_TAG_ACTION_VALID) == 0) 1275 tag = 0; 1276 else if (ecb->ccb->csio.tag_action == CAM_TAG_ACTION_NONE) 1277 tag = 0; 1278 else 1279 tag = ecb->ccb->csio.tag_action; 1280 1281 li = TINFO_LUN(ti, lun); 1282 if (li == NULL) { 1283 /* Initialize LUN info and add to list. */ 1284 li = malloc(sizeof(*li), M_DEVBUF, M_NOWAIT | M_ZERO); 1285 if (li == NULL) 1286 continue; 1287 li->lun = lun; 1288 1289 LIST_INSERT_HEAD(&ti->luns, li, link); 1290 if (lun < NCR_NLUN) 1291 ti->lun[lun] = li; 1292 } 1293 li->last_used = time_second; 1294 if (tag == 0) { 1295 /* Try to issue this as an untagged command. */ 1296 if (li->untagged == NULL) 1297 li->untagged = ecb; 1298 } 1299 if (li->untagged != NULL) { 1300 tag = 0; 1301 if ((li->busy != 1) && li->used == 0) { 1302 /* 1303 * We need to issue this untagged command 1304 * now. 1305 */ 1306 ecb = li->untagged; 1307 } else { 1308 /* not ready, yet */ 1309 continue; 1310 } 1311 } 1312 ecb->tag[0] = tag; 1313 if (tag != 0) { 1314 li->queued[ecb->tag_id] = ecb; 1315 ecb->tag[1] = ecb->tag_id; 1316 li->used++; 1317 } 1318 if (li->untagged != NULL && (li->busy != 1)) { 1319 li->busy = 1; 1320 TAILQ_REMOVE(&sc->ready_list, ecb, chain); 1321 ecb->flags &= ~ECB_READY; 1322 sc->sc_nexus = ecb; 1323 ncr53c9x_select(sc, ecb); 1324 break; 1325 } 1326 if (li->untagged == NULL && tag != 0) { 1327 TAILQ_REMOVE(&sc->ready_list, ecb, chain); 1328 ecb->flags &= ~ECB_READY; 1329 sc->sc_nexus = ecb; 1330 ncr53c9x_select(sc, ecb); 1331 break; 1332 } else 1333 NCR_TRACE(("[%s %d:%d busy] \n", __func__, 1334 ecb->ccb->ccb_h.target_id, 1335 ecb->ccb->ccb_h.target_lun)); 1336 } 1337} 1338 1339static void 1340ncr53c9x_sense(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 1341{ 1342 union ccb *ccb = ecb->ccb; 1343 struct ncr53c9x_linfo *li; 1344 struct ncr53c9x_tinfo *ti; 1345 struct scsi_request_sense *ss = (void *)&ecb->cmd.cmd; 1346 int lun; 1347 1348 NCR_LOCK_ASSERT(sc, MA_OWNED); 1349 1350 NCR_TRACE(("[%s] ", __func__)); 1351 1352 lun = ccb->ccb_h.target_lun; 1353 ti = &sc->sc_tinfo[ccb->ccb_h.target_id]; 1354 1355 /* Next, setup a REQUEST SENSE command block. */ 1356 memset(ss, 0, sizeof(*ss)); 1357 ss->opcode = REQUEST_SENSE; 1358 ss->byte2 = ccb->ccb_h.target_lun << SCSI_CMD_LUN_SHIFT; 1359 ss->length = sizeof(struct scsi_sense_data); 1360 ecb->clen = sizeof(*ss); 1361 memset(&ccb->csio.sense_data, 0, sizeof(ccb->csio.sense_data)); 1362 ecb->daddr = (uint8_t *)&ccb->csio.sense_data; 1363 ecb->dleft = sizeof(struct scsi_sense_data); 1364 ecb->flags |= ECB_SENSE; 1365 ecb->timeout = NCR_SENSE_TIMEOUT; 1366 ti->senses++; 1367 li = TINFO_LUN(ti, lun); 1368 if (li->busy) 1369 li->busy = 0; 1370 ncr53c9x_dequeue(sc, ecb); 1371 li->untagged = ecb; /* Must be executed first to fix C/A. */ 1372 li->busy = 2; 1373 if (ecb == sc->sc_nexus) 1374 ncr53c9x_select(sc, ecb); 1375 else { 1376 TAILQ_INSERT_HEAD(&sc->ready_list, ecb, chain); 1377 ecb->flags |= ECB_READY; 1378 if (sc->sc_state == NCR_IDLE) 1379 ncr53c9x_sched(sc); 1380 } 1381} 1382 1383/* 1384 * POST PROCESSING OF SCSI_CMD (usually current) 1385 */ 1386static void 1387ncr53c9x_done(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 1388{ 1389 union ccb *ccb = ecb->ccb; 1390 struct ncr53c9x_linfo *li; 1391 struct ncr53c9x_tinfo *ti; 1392 int lun, sense_returned; 1393 1394 NCR_LOCK_ASSERT(sc, MA_OWNED); 1395 1396 NCR_TRACE(("[%s(status:%x)] ", __func__, ccb->ccb_h.status)); 1397 1398 ti = &sc->sc_tinfo[ccb->ccb_h.target_id]; 1399 lun = ccb->ccb_h.target_lun; 1400 li = TINFO_LUN(ti, lun); 1401 1402 callout_stop(&ecb->ch); 1403 1404 /* 1405 * Now, if we've come here with no error code, i.e. we've kept the 1406 * initial CAM_REQ_CMP, and the status code signals that we should 1407 * check sense, we'll need to set up a request sense cmd block and 1408 * push the command back into the ready queue *before* any other 1409 * commands for this target/lunit, else we lose the sense info. 1410 * We don't support chk sense conditions for the request sense cmd. 1411 */ 1412 if (ccb->ccb_h.status == CAM_REQ_CMP) { 1413 ccb->csio.scsi_status = ecb->stat; 1414 if ((ecb->flags & ECB_ABORT) != 0) 1415 ccb->ccb_h.status = CAM_CMD_TIMEOUT; 1416 else if ((ecb->flags & ECB_SENSE) != 0 && 1417 (ecb->stat != SCSI_STATUS_CHECK_COND)) { 1418 ccb->csio.scsi_status = SCSI_STATUS_CHECK_COND; 1419 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR | 1420 CAM_AUTOSNS_VALID; 1421 sense_returned = sizeof(ccb->csio.sense_data) - 1422 ecb->dleft; 1423 if (sense_returned < ccb->csio.sense_len) 1424 ccb->csio.sense_resid = ccb->csio.sense_len - 1425 sense_returned; 1426 else 1427 ccb->csio.sense_resid = 0; 1428 } else if (ecb->stat == SCSI_STATUS_CHECK_COND) { 1429 if ((ecb->flags & ECB_SENSE) != 0) 1430 ccb->ccb_h.status = CAM_AUTOSENSE_FAIL; 1431 else { 1432 /* First, save the return values. */ 1433 ccb->csio.resid = ecb->dleft; 1434 if ((ccb->ccb_h.flags & CAM_DIS_AUTOSENSE) == 1435 0) { 1436 ncr53c9x_sense(sc, ecb); 1437 return; 1438 } 1439 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR; 1440 } 1441 } else 1442 ccb->csio.resid = ecb->dleft; 1443 if (ecb->stat == SCSI_STATUS_QUEUE_FULL) 1444 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR; 1445 else if (ecb->stat == SCSI_STATUS_BUSY) 1446 ccb->ccb_h.status = CAM_SCSI_BUSY; 1447 } else if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 1448 ccb->ccb_h.status |= CAM_DEV_QFRZN; 1449 xpt_freeze_devq(ccb->ccb_h.path, 1); 1450 } 1451 1452#ifdef NCR53C9X_DEBUG 1453 if ((ncr53c9x_debug & NCR_SHOWTRAC) != 0) { 1454 if (ccb->csio.resid != 0) 1455 printf("resid=%d ", ccb->csio.resid); 1456 if ((ccb->ccb_h.status & CAM_AUTOSNS_VALID) != 0) 1457 printf("sense=0x%02x\n", 1458 ccb->csio.sense_data.error_code); 1459 else 1460 printf("status SCSI=0x%x CAM=0x%x\n", 1461 ccb->csio.scsi_status, ccb->ccb_h.status); 1462 } 1463#endif 1464 1465 /* 1466 * Remove the ECB from whatever queue it's on. 1467 */ 1468 ncr53c9x_dequeue(sc, ecb); 1469 if (ecb == sc->sc_nexus) { 1470 sc->sc_nexus = NULL; 1471 if (sc->sc_state != NCR_CLEANING) { 1472 sc->sc_state = NCR_IDLE; 1473 ncr53c9x_sched(sc); 1474 } 1475 } 1476 1477 if ((ccb->ccb_h.status & CAM_SEL_TIMEOUT) != 0) { 1478 /* Selection timeout -- discard this LUN if empty. */ 1479 if (li->untagged == NULL && li->used == 0) { 1480 if (lun < NCR_NLUN) 1481 ti->lun[lun] = NULL; 1482 LIST_REMOVE(li, link); 1483 free(li, M_DEVBUF); 1484 } 1485 } 1486 1487 ncr53c9x_free_ecb(sc, ecb); 1488 ti->cmds++; 1489 xpt_done(ccb); 1490} 1491 1492static void 1493ncr53c9x_dequeue(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 1494{ 1495 struct ncr53c9x_linfo *li; 1496 struct ncr53c9x_tinfo *ti; 1497 int64_t lun; 1498 1499 NCR_LOCK_ASSERT(sc, MA_OWNED); 1500 1501 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 1502 lun = ecb->ccb->ccb_h.target_lun; 1503 li = TINFO_LUN(ti, lun); 1504#ifdef DIAGNOSTIC 1505 if (li == NULL || li->lun != lun) 1506 panic("%s: lun %llx for ecb %p does not exist", __func__, 1507 (long long)lun, ecb); 1508#endif 1509 if (li->untagged == ecb) { 1510 li->busy = 0; 1511 li->untagged = NULL; 1512 } 1513 if (ecb->tag[0] && li->queued[ecb->tag[1]] != NULL) { 1514#ifdef DIAGNOSTIC 1515 if (li->queued[ecb->tag[1]] != NULL && 1516 (li->queued[ecb->tag[1]] != ecb)) 1517 panic("%s: slot %d for lun %llx has %p instead of ecb " 1518 "%p", __func__, ecb->tag[1], (long long)lun, 1519 li->queued[ecb->tag[1]], ecb); 1520#endif 1521 li->queued[ecb->tag[1]] = NULL; 1522 li->used--; 1523 } 1524 ecb->tag[0] = ecb->tag[1] = 0; 1525 1526 if ((ecb->flags & ECB_READY) != 0) { 1527 ecb->flags &= ~ECB_READY; 1528 TAILQ_REMOVE(&sc->ready_list, ecb, chain); 1529 } 1530} 1531 1532/* 1533 * INTERRUPT/PROTOCOL ENGINE 1534 */ 1535 1536/* 1537 * Schedule an outgoing message by prioritizing it, and asserting 1538 * attention on the bus. We can only do this when we are the initiator 1539 * else there will be an illegal command interrupt. 1540 */ 1541#define ncr53c9x_sched_msgout(m) do { \ 1542 NCR_MSGS(("ncr53c9x_sched_msgout %x %d", m, __LINE__)); \ 1543 NCRCMD(sc, NCRCMD_SETATN); \ 1544 sc->sc_flags |= NCR_ATN; \ 1545 sc->sc_msgpriq |= (m); \ 1546} while (/* CONSTCOND */0) 1547 1548static void 1549ncr53c9x_flushfifo(struct ncr53c9x_softc *sc) 1550{ 1551 1552 NCR_LOCK_ASSERT(sc, MA_OWNED); 1553 1554 NCR_TRACE(("[%s] ", __func__)); 1555 1556 NCRCMD(sc, NCRCMD_FLUSH); 1557 1558 if (sc->sc_phase == COMMAND_PHASE || 1559 sc->sc_phase == MESSAGE_OUT_PHASE) 1560 DELAY(2); 1561} 1562 1563static int 1564ncr53c9x_rdfifo(struct ncr53c9x_softc *sc, int how) 1565{ 1566 int i, n; 1567 uint8_t *ibuf; 1568 1569 NCR_LOCK_ASSERT(sc, MA_OWNED); 1570 1571 switch (how) { 1572 case NCR_RDFIFO_START: 1573 ibuf = sc->sc_imess; 1574 sc->sc_imlen = 0; 1575 break; 1576 1577 case NCR_RDFIFO_CONTINUE: 1578 ibuf = sc->sc_imess + sc->sc_imlen; 1579 break; 1580 1581 default: 1582 panic("%s: bad flag", __func__); 1583 /* NOTREACHED */ 1584 } 1585 1586 /* 1587 * XXX buffer (sc_imess) size for message 1588 */ 1589 1590 n = NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF; 1591 1592 if (sc->sc_rev == NCR_VARIANT_FAS366) { 1593 n *= 2; 1594 1595 for (i = 0; i < n; i++) 1596 ibuf[i] = NCR_READ_REG(sc, NCR_FIFO); 1597 1598 if (sc->sc_espstat2 & NCRFAS_STAT2_ISHUTTLE) { 1599 1600 NCR_WRITE_REG(sc, NCR_FIFO, 0); 1601 ibuf[i++] = NCR_READ_REG(sc, NCR_FIFO); 1602 1603 NCR_READ_REG(sc, NCR_FIFO); 1604 1605 ncr53c9x_flushfifo(sc); 1606 } 1607 } else 1608 for (i = 0; i < n; i++) 1609 ibuf[i] = NCR_READ_REG(sc, NCR_FIFO); 1610 1611 sc->sc_imlen += i; 1612 1613#if 0 1614#ifdef NCR53C9X_DEBUG 1615 NCR_TRACE(("\n[rdfifo %s (%d):", 1616 (how == NCR_RDFIFO_START) ? "start" : "cont", (int)sc->sc_imlen)); 1617 if ((ncr53c9x_debug & NCR_SHOWTRAC) != 0) { 1618 for (i = 0; i < sc->sc_imlen; i++) 1619 printf(" %02x", sc->sc_imess[i]); 1620 printf("]\n"); 1621 } 1622#endif 1623#endif 1624 return (sc->sc_imlen); 1625} 1626 1627static void 1628ncr53c9x_wrfifo(struct ncr53c9x_softc *sc, uint8_t *p, int len) 1629{ 1630 int i; 1631 1632 NCR_LOCK_ASSERT(sc, MA_OWNED); 1633 1634#ifdef NCR53C9X_DEBUG 1635 NCR_MSGS(("[wrfifo(%d):", len)); 1636 if ((ncr53c9x_debug & NCR_SHOWMSGS) != 0) { 1637 for (i = 0; i < len; i++) 1638 printf(" %02x", p[i]); 1639 printf("]\n"); 1640 } 1641#endif 1642 1643 for (i = 0; i < len; i++) { 1644 NCR_WRITE_REG(sc, NCR_FIFO, p[i]); 1645 1646 if (sc->sc_rev == NCR_VARIANT_FAS366) 1647 NCR_WRITE_REG(sc, NCR_FIFO, 0); 1648 } 1649} 1650 1651static int 1652ncr53c9x_reselect(struct ncr53c9x_softc *sc, int message, int tagtype, 1653 int tagid) 1654{ 1655 struct ncr53c9x_ecb *ecb = NULL; 1656 struct ncr53c9x_linfo *li; 1657 struct ncr53c9x_tinfo *ti; 1658 uint8_t lun, selid, target; 1659 1660 NCR_LOCK_ASSERT(sc, MA_OWNED); 1661 1662 if (sc->sc_rev == NCR_VARIANT_FAS366) 1663 target = sc->sc_selid; 1664 else { 1665 /* 1666 * The SCSI chip made a snapshot of the data bus 1667 * while the reselection was being negotiated. 1668 * This enables us to determine which target did 1669 * the reselect. 1670 */ 1671 selid = sc->sc_selid & ~(1 << sc->sc_id); 1672 if (selid & (selid - 1)) { 1673 device_printf(sc->sc_dev, "reselect with invalid " 1674 "selid %02x; sending DEVICE RESET\n", selid); 1675 goto reset; 1676 } 1677 1678 target = ffs(selid) - 1; 1679 } 1680 lun = message & 0x07; 1681 1682 /* 1683 * Search wait queue for disconnected command. 1684 * The list should be short, so I haven't bothered with 1685 * any more sophisticated structures than a simple 1686 * singly linked list. 1687 */ 1688 ti = &sc->sc_tinfo[target]; 1689 li = TINFO_LUN(ti, lun); 1690 1691 /* 1692 * We can get as far as the LUN with the IDENTIFY 1693 * message. Check to see if we're running an 1694 * untagged command. Otherwise ack the IDENTIFY 1695 * and wait for a tag message. 1696 */ 1697 if (li != NULL) { 1698 if (li->untagged != NULL && li->busy) 1699 ecb = li->untagged; 1700 else if (tagtype != MSG_SIMPLE_Q_TAG) { 1701 /* Wait for tag to come by. */ 1702 sc->sc_state = NCR_IDENTIFIED; 1703 return (0); 1704 } else if (tagtype) 1705 ecb = li->queued[tagid]; 1706 } 1707 if (ecb == NULL) { 1708 device_printf(sc->sc_dev, "reselect from target %d lun %d " 1709 "tag %x:%x with no nexus; sending ABORT\n", 1710 target, lun, tagtype, tagid); 1711 goto abort; 1712 } 1713 1714 /* Make this nexus active again. */ 1715 sc->sc_state = NCR_CONNECTED; 1716 sc->sc_nexus = ecb; 1717 ncr53c9x_setsync(sc, ti); 1718 1719 if (ecb->flags & ECB_RESET) 1720 ncr53c9x_sched_msgout(SEND_DEV_RESET); 1721 else if (ecb->flags & ECB_ABORT) 1722 ncr53c9x_sched_msgout(SEND_ABORT); 1723 1724 /* Do an implicit RESTORE POINTERS. */ 1725 sc->sc_dp = ecb->daddr; 1726 sc->sc_dleft = ecb->dleft; 1727 1728 return (0); 1729 1730reset: 1731 ncr53c9x_sched_msgout(SEND_DEV_RESET); 1732 return (1); 1733 1734abort: 1735 ncr53c9x_sched_msgout(SEND_ABORT); 1736 return (1); 1737} 1738 1739/* From NetBSD; these should go into CAM at some point. */ 1740#define MSG_ISEXTENDED(m) ((m) == MSG_EXTENDED) 1741#define MSG_IS1BYTE(m) \ 1742 ((!MSG_ISEXTENDED(m) && (m) < 0x20) || MSG_ISIDENTIFY(m)) 1743#define MSG_IS2BYTE(m) (((m) & 0xf0) == 0x20) 1744 1745static inline int 1746__verify_msg_format(uint8_t *p, int len) 1747{ 1748 1749 if (len == 1 && MSG_IS1BYTE(p[0])) 1750 return (1); 1751 if (len == 2 && MSG_IS2BYTE(p[0])) 1752 return (1); 1753 if (len >= 3 && MSG_ISEXTENDED(p[0]) && 1754 len == p[1] + 2) 1755 return (1); 1756 1757 return (0); 1758} 1759 1760/* 1761 * Get an incoming message as initiator. 1762 * 1763 * The SCSI bus must already be in MESSAGE_IN_PHASE and there is a 1764 * byte in the FIFO. 1765 */ 1766static void 1767ncr53c9x_msgin(struct ncr53c9x_softc *sc) 1768{ 1769 struct ncr53c9x_ecb *ecb; 1770 struct ncr53c9x_linfo *li; 1771 struct ncr53c9x_tinfo *ti; 1772 uint8_t *pb; 1773 int len, lun; 1774 1775 NCR_LOCK_ASSERT(sc, MA_OWNED); 1776 1777 NCR_TRACE(("[%s(curmsglen:%ld)] ", __func__, (long)sc->sc_imlen)); 1778 1779 if (sc->sc_imlen == 0) { 1780 device_printf(sc->sc_dev, "msgin: no msg byte available\n"); 1781 return; 1782 } 1783 1784 /* 1785 * Prepare for a new message. A message should (according 1786 * to the SCSI standard) be transmitted in one single 1787 * MESSAGE_IN_PHASE. If we have been in some other phase, 1788 * then this is a new message. 1789 */ 1790 if (sc->sc_prevphase != MESSAGE_IN_PHASE && 1791 sc->sc_state != NCR_RESELECTED) { 1792 device_printf(sc->sc_dev, "phase change, dropping message, " 1793 "prev %d, state %d\n", sc->sc_prevphase, sc->sc_state); 1794 sc->sc_flags &= ~NCR_DROP_MSGI; 1795 sc->sc_imlen = 0; 1796 } 1797 1798 /* 1799 * If we're going to reject the message, don't bother storing 1800 * the incoming bytes. But still, we need to ACK them. 1801 */ 1802 if ((sc->sc_flags & NCR_DROP_MSGI) != 0) { 1803 NCRCMD(sc, NCRCMD_MSGOK); 1804 device_printf(sc->sc_dev, "<dropping msg byte %x>", 1805 sc->sc_imess[sc->sc_imlen]); 1806 return; 1807 } 1808 1809 if (sc->sc_imlen >= NCR_MAX_MSG_LEN) { 1810 ncr53c9x_sched_msgout(SEND_REJECT); 1811 sc->sc_flags |= NCR_DROP_MSGI; 1812 } else { 1813 switch (sc->sc_state) { 1814 /* 1815 * if received message is the first of reselection 1816 * then first byte is selid, and then message 1817 */ 1818 case NCR_RESELECTED: 1819 pb = sc->sc_imess + 1; 1820 len = sc->sc_imlen - 1; 1821 break; 1822 1823 default: 1824 pb = sc->sc_imess; 1825 len = sc->sc_imlen; 1826 } 1827 1828 if (__verify_msg_format(pb, len)) 1829 goto gotit; 1830 } 1831 1832 /* Acknowledge what we have so far. */ 1833 NCRCMD(sc, NCRCMD_MSGOK); 1834 return; 1835 1836gotit: 1837 NCR_MSGS(("gotmsg(%x) state %d", sc->sc_imess[0], sc->sc_state)); 1838 /* 1839 * We got a complete message, flush the imess. 1840 * XXX nobody uses imlen below. 1841 */ 1842 sc->sc_imlen = 0; 1843 /* 1844 * Now we should have a complete message (1 byte, 2 byte 1845 * and moderately long extended messages). We only handle 1846 * extended messages which total length is shorter than 1847 * NCR_MAX_MSG_LEN. Longer messages will be amputated. 1848 */ 1849 switch (sc->sc_state) { 1850 case NCR_CONNECTED: 1851 ecb = sc->sc_nexus; 1852 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 1853 1854 switch (sc->sc_imess[0]) { 1855 case MSG_CMDCOMPLETE: 1856 NCR_MSGS(("cmdcomplete ")); 1857 if (sc->sc_dleft < 0) { 1858 xpt_print_path(ecb->ccb->ccb_h.path); 1859 printf("got %ld extra bytes\n", 1860 -(long)sc->sc_dleft); 1861 sc->sc_dleft = 0; 1862 } 1863 ecb->dleft = (ecb->flags & ECB_TENTATIVE_DONE) ? 1864 0 : sc->sc_dleft; 1865 if ((ecb->flags & ECB_SENSE) == 0) 1866 ecb->ccb->csio.resid = ecb->dleft; 1867 sc->sc_state = NCR_CMDCOMPLETE; 1868 break; 1869 1870 case MSG_MESSAGE_REJECT: 1871 NCR_MSGS(("msg reject (msgout=%x) ", sc->sc_msgout)); 1872 switch (sc->sc_msgout) { 1873 case SEND_TAG: 1874 /* 1875 * Target does not like tagged queuing. 1876 * - Flush the command queue 1877 * - Disable tagged queuing for the target 1878 * - Dequeue ecb from the queued array. 1879 */ 1880 device_printf(sc->sc_dev, "tagged queuing " 1881 "rejected: target %d\n", 1882 ecb->ccb->ccb_h.target_id); 1883 1884 NCR_MSGS(("(rejected sent tag)")); 1885 NCRCMD(sc, NCRCMD_FLUSH); 1886 DELAY(1); 1887 ti->flags &= ~T_TAG; 1888 lun = ecb->ccb->ccb_h.target_lun; 1889 li = TINFO_LUN(ti, lun); 1890 if (ecb->tag[0] && 1891 li->queued[ecb->tag[1]] != NULL) { 1892 li->queued[ecb->tag[1]] = NULL; 1893 li->used--; 1894 } 1895 ecb->tag[0] = ecb->tag[1] = 0; 1896 li->untagged = ecb; 1897 li->busy = 1; 1898 break; 1899 1900 case SEND_SDTR: 1901 device_printf(sc->sc_dev, "sync transfer " 1902 "rejected: target %d\n", 1903 ecb->ccb->ccb_h.target_id); 1904 1905 ti->flags &= ~T_SDTRSENT; 1906 ti->curr.period = ti->goal.period = 0; 1907 ti->curr.offset = ti->goal.offset = 0; 1908 ncr53c9x_setsync(sc, ti); 1909 break; 1910 1911 case SEND_WDTR: 1912 device_printf(sc->sc_dev, "wide transfer " 1913 "rejected: target %d\n", 1914 ecb->ccb->ccb_h.target_id); 1915 1916 ti->flags &= ~T_WDTRSENT; 1917 ti->curr.width = ti->goal.width = 1918 MSG_EXT_WDTR_BUS_8_BIT; 1919 ncr53c9x_setsync(sc, ti); 1920 break; 1921 1922 case SEND_INIT_DET_ERR: 1923 goto abort; 1924 } 1925 break; 1926 1927 case MSG_NOOP: 1928 NCR_MSGS(("noop ")); 1929 break; 1930 1931 case MSG_HEAD_OF_Q_TAG: 1932 case MSG_SIMPLE_Q_TAG: 1933 case MSG_ORDERED_Q_TAG: 1934 NCR_MSGS(("TAG %x:%x", 1935 sc->sc_imess[0], sc->sc_imess[1])); 1936 break; 1937 1938 case MSG_DISCONNECT: 1939 NCR_MSGS(("disconnect ")); 1940 ti->dconns++; 1941 sc->sc_state = NCR_DISCONNECT; 1942 1943 /* 1944 * Mark the fact that all bytes have moved. The 1945 * target may not bother to do a SAVE POINTERS 1946 * at this stage. This flag will set the residual 1947 * count to zero on MSG COMPLETE. 1948 */ 1949 if (sc->sc_dleft == 0) 1950 ecb->flags |= ECB_TENTATIVE_DONE; 1951 break; 1952 1953 case MSG_SAVEDATAPOINTER: 1954 NCR_MSGS(("save datapointer ")); 1955 ecb->daddr = sc->sc_dp; 1956 ecb->dleft = sc->sc_dleft; 1957 break; 1958 1959 case MSG_RESTOREPOINTERS: 1960 NCR_MSGS(("restore datapointer ")); 1961 sc->sc_dp = ecb->daddr; 1962 sc->sc_dleft = ecb->dleft; 1963 break; 1964 1965 case MSG_IGN_WIDE_RESIDUE: 1966 NCR_MSGS(("ignore wide residue (%d bytes)", 1967 sc->sc_imess[1])); 1968 if (sc->sc_imess[1] != 1) { 1969 xpt_print_path(ecb->ccb->ccb_h.path); 1970 printf("unexpected MESSAGE IGNORE WIDE " 1971 "RESIDUE (%d bytes); sending REJECT\n", 1972 sc->sc_imess[1]); 1973 goto reject; 1974 } 1975 /* 1976 * If there was a last transfer of an even number of 1977 * bytes, wipe the "done" memory and adjust by one 1978 * byte (sc->sc_imess[1]). 1979 */ 1980 len = sc->sc_dleft - ecb->dleft; 1981 if (len != 0 && (len & 1) == 0) { 1982 ecb->flags &= ~ECB_TENTATIVE_DONE; 1983 sc->sc_dp = (char *)sc->sc_dp - 1; 1984 sc->sc_dleft--; 1985 } 1986 break; 1987 1988 case MSG_EXTENDED: 1989 NCR_MSGS(("extended(%x) ", sc->sc_imess[2])); 1990 switch (sc->sc_imess[2]) { 1991 case MSG_EXT_SDTR: 1992 NCR_MSGS(("SDTR period %d, offset %d ", 1993 sc->sc_imess[3], sc->sc_imess[4])); 1994 if (sc->sc_imess[1] != 3) 1995 goto reject; 1996 ti->curr.period = sc->sc_imess[3]; 1997 ti->curr.offset = sc->sc_imess[4]; 1998 if (sc->sc_minsync == 0 || 1999 ti->curr.offset == 0 || 2000 ti->curr.period > 124) { 2001#if 0 2002#ifdef NCR53C9X_DEBUG 2003 xpt_print_path(ecb->ccb->ccb_h.path); 2004 printf("async mode\n"); 2005#endif 2006#endif 2007 if ((ti->flags & T_SDTRSENT) == 0) { 2008 /* 2009 * target initiated negotiation 2010 */ 2011 ti->curr.offset = 0; 2012 ncr53c9x_sched_msgout( 2013 SEND_SDTR); 2014 } 2015 } else { 2016 ti->curr.period = 2017 ncr53c9x_cpb2stp(sc, 2018 ncr53c9x_stp2cpb(sc, 2019 ti->curr.period)); 2020 if ((ti->flags & T_SDTRSENT) == 0) { 2021 /* 2022 * target initiated negotiation 2023 */ 2024 if (ti->curr.period < 2025 sc->sc_minsync) 2026 ti->curr.period = 2027 sc->sc_minsync; 2028 if (ti->curr.offset > 2029 sc->sc_maxoffset) 2030 ti->curr.offset = 2031 sc->sc_maxoffset; 2032 ncr53c9x_sched_msgout( 2033 SEND_SDTR); 2034 } 2035 } 2036 ti->flags &= ~T_SDTRSENT; 2037 ti->goal.period = ti->curr.period; 2038 ti->goal.offset = ti->curr.offset; 2039 ncr53c9x_setsync(sc, ti); 2040 break; 2041 2042 case MSG_EXT_WDTR: 2043 NCR_MSGS(("wide mode %d ", sc->sc_imess[3])); 2044 ti->curr.width = sc->sc_imess[3]; 2045 if (!(ti->flags & T_WDTRSENT)) 2046 /* 2047 * target initiated negotiation 2048 */ 2049 ncr53c9x_sched_msgout(SEND_WDTR); 2050 ti->flags &= ~T_WDTRSENT; 2051 ti->goal.width = ti->curr.width; 2052 ncr53c9x_setsync(sc, ti); 2053 break; 2054 2055 default: 2056 xpt_print_path(ecb->ccb->ccb_h.path); 2057 printf("unrecognized MESSAGE EXTENDED 0x%x;" 2058 " sending REJECT\n", sc->sc_imess[2]); 2059 goto reject; 2060 } 2061 break; 2062 2063 default: 2064 NCR_MSGS(("ident ")); 2065 xpt_print_path(ecb->ccb->ccb_h.path); 2066 printf("unrecognized MESSAGE 0x%x; sending REJECT\n", 2067 sc->sc_imess[0]); 2068 /* FALLTHROUGH */ 2069 reject: 2070 ncr53c9x_sched_msgout(SEND_REJECT); 2071 break; 2072 } 2073 break; 2074 2075 case NCR_IDENTIFIED: 2076 /* 2077 * IDENTIFY message was received and queue tag is expected 2078 * now. 2079 */ 2080 if ((sc->sc_imess[0] != MSG_SIMPLE_Q_TAG) || 2081 (sc->sc_msgify == 0)) { 2082 device_printf(sc->sc_dev, "TAG reselect without " 2083 "IDENTIFY; MSG %x; sending DEVICE RESET\n", 2084 sc->sc_imess[0]); 2085 goto reset; 2086 } 2087 (void)ncr53c9x_reselect(sc, sc->sc_msgify, 2088 sc->sc_imess[0], sc->sc_imess[1]); 2089 break; 2090 2091 case NCR_RESELECTED: 2092 if (MSG_ISIDENTIFY(sc->sc_imess[1])) 2093 sc->sc_msgify = sc->sc_imess[1]; 2094 else { 2095 device_printf(sc->sc_dev, "reselect without IDENTIFY;" 2096 " MSG %x; sending DEVICE RESET\n", sc->sc_imess[1]); 2097 goto reset; 2098 } 2099 (void)ncr53c9x_reselect(sc, sc->sc_msgify, 0, 0); 2100 break; 2101 2102 default: 2103 device_printf(sc->sc_dev, "unexpected MESSAGE IN; " 2104 "sending DEVICE RESET\n"); 2105 /* FALLTHROUGH */ 2106 reset: 2107 ncr53c9x_sched_msgout(SEND_DEV_RESET); 2108 break; 2109 2110 abort: 2111 ncr53c9x_sched_msgout(SEND_ABORT); 2112 } 2113 2114 /* If we have more messages to send set ATN. */ 2115 if (sc->sc_msgpriq) { 2116 NCRCMD(sc, NCRCMD_SETATN); 2117 sc->sc_flags |= NCR_ATN; 2118 } 2119 2120 /* Acknowledge last message byte. */ 2121 NCRCMD(sc, NCRCMD_MSGOK); 2122 2123 /* Done, reset message pointer. */ 2124 sc->sc_flags &= ~NCR_DROP_MSGI; 2125 sc->sc_imlen = 0; 2126} 2127 2128/* 2129 * Send the highest priority, scheduled message. 2130 */ 2131static void 2132ncr53c9x_msgout(struct ncr53c9x_softc *sc) 2133{ 2134 struct ncr53c9x_tinfo *ti; 2135 struct ncr53c9x_ecb *ecb; 2136 size_t size; 2137 int error; 2138#ifdef NCR53C9X_DEBUG 2139 int i; 2140#endif 2141 2142 NCR_LOCK_ASSERT(sc, MA_OWNED); 2143 2144 NCR_TRACE(("[%s(priq:%x, prevphase:%x)]", __func__, sc->sc_msgpriq, 2145 sc->sc_prevphase)); 2146 2147 /* 2148 * XXX - the NCR_ATN flag is not in sync with the actual ATN 2149 * condition on the SCSI bus. The 53c9x chip 2150 * automatically turns off ATN before sending the 2151 * message byte. (See also the comment below in the 2152 * default case when picking out a message to send.) 2153 */ 2154 if (sc->sc_flags & NCR_ATN) { 2155 if (sc->sc_prevphase != MESSAGE_OUT_PHASE) { 2156 new: 2157 NCRCMD(sc, NCRCMD_FLUSH); 2158#if 0 2159 DELAY(1); 2160#endif 2161 sc->sc_msgoutq = 0; 2162 sc->sc_omlen = 0; 2163 } 2164 } else { 2165 if (sc->sc_prevphase == MESSAGE_OUT_PHASE) { 2166 ncr53c9x_sched_msgout(sc->sc_msgoutq); 2167 goto new; 2168 } else 2169 device_printf(sc->sc_dev, "at line %d: unexpected " 2170 "MESSAGE OUT phase\n", __LINE__); 2171 } 2172 2173 if (sc->sc_omlen == 0) { 2174 /* Pick up highest priority message. */ 2175 sc->sc_msgout = sc->sc_msgpriq & -sc->sc_msgpriq; 2176 sc->sc_msgoutq |= sc->sc_msgout; 2177 sc->sc_msgpriq &= ~sc->sc_msgout; 2178 sc->sc_omlen = 1; /* "Default" message len */ 2179 switch (sc->sc_msgout) { 2180 case SEND_SDTR: 2181 ecb = sc->sc_nexus; 2182 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2183 sc->sc_omess[0] = MSG_EXTENDED; 2184 sc->sc_omess[1] = MSG_EXT_SDTR_LEN; 2185 sc->sc_omess[2] = MSG_EXT_SDTR; 2186 sc->sc_omess[3] = ti->goal.period; 2187 sc->sc_omess[4] = ti->goal.offset; 2188 sc->sc_omlen = 5; 2189 break; 2190 2191 case SEND_WDTR: 2192 ecb = sc->sc_nexus; 2193 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2194 sc->sc_omess[0] = MSG_EXTENDED; 2195 sc->sc_omess[1] = MSG_EXT_WDTR_LEN; 2196 sc->sc_omess[2] = MSG_EXT_WDTR; 2197 sc->sc_omess[3] = ti->goal.width; 2198 sc->sc_omlen = 4; 2199 break; 2200 2201 case SEND_IDENTIFY: 2202 if (sc->sc_state != NCR_CONNECTED) 2203 device_printf(sc->sc_dev, "at line %d: no " 2204 "nexus\n", __LINE__); 2205 ecb = sc->sc_nexus; 2206 sc->sc_omess[0] = 2207 MSG_IDENTIFY(ecb->ccb->ccb_h.target_lun, 0); 2208 break; 2209 2210 case SEND_TAG: 2211 if (sc->sc_state != NCR_CONNECTED) 2212 device_printf(sc->sc_dev, "at line %d: no " 2213 "nexus\n", __LINE__); 2214 ecb = sc->sc_nexus; 2215 sc->sc_omess[0] = ecb->tag[0]; 2216 sc->sc_omess[1] = ecb->tag[1]; 2217 sc->sc_omlen = 2; 2218 break; 2219 2220 case SEND_DEV_RESET: 2221 sc->sc_flags |= NCR_ABORTING; 2222 sc->sc_omess[0] = MSG_BUS_DEV_RESET; 2223 ecb = sc->sc_nexus; 2224 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2225 ti->curr.period = 0; 2226 ti->curr.offset = 0; 2227 ti->curr.width = MSG_EXT_WDTR_BUS_8_BIT; 2228 break; 2229 2230 case SEND_PARITY_ERROR: 2231 sc->sc_omess[0] = MSG_PARITY_ERROR; 2232 break; 2233 2234 case SEND_ABORT: 2235 sc->sc_flags |= NCR_ABORTING; 2236 sc->sc_omess[0] = MSG_ABORT; 2237 break; 2238 2239 case SEND_INIT_DET_ERR: 2240 sc->sc_omess[0] = MSG_INITIATOR_DET_ERR; 2241 break; 2242 2243 case SEND_REJECT: 2244 sc->sc_omess[0] = MSG_MESSAGE_REJECT; 2245 break; 2246 2247 default: 2248 /* 2249 * We normally do not get here, since the chip 2250 * automatically turns off ATN before the last 2251 * byte of a message is sent to the target. 2252 * However, if the target rejects our (multi-byte) 2253 * message early by switching to MSG IN phase 2254 * ATN remains on, so the target may return to 2255 * MSG OUT phase. If there are no scheduled messages 2256 * left we send a NO-OP. 2257 * 2258 * XXX - Note that this leaves no useful purpose for 2259 * the NCR_ATN flag. 2260 */ 2261 sc->sc_flags &= ~NCR_ATN; 2262 sc->sc_omess[0] = MSG_NOOP; 2263 } 2264 sc->sc_omp = sc->sc_omess; 2265 } 2266 2267#ifdef NCR53C9X_DEBUG 2268 if ((ncr53c9x_debug & NCR_SHOWMSGS) != 0) { 2269 NCR_MSGS(("<msgout:")); 2270 for (i = 0; i < sc->sc_omlen; i++) 2271 NCR_MSGS((" %02x", sc->sc_omess[i])); 2272 NCR_MSGS(("> ")); 2273 } 2274#endif 2275 2276 if (sc->sc_rev != NCR_VARIANT_FAS366) { 2277 /* (Re)send the message. */ 2278 size = ulmin(sc->sc_omlen, sc->sc_maxxfer); 2279 error = NCRDMA_SETUP(sc, &sc->sc_omp, &sc->sc_omlen, 0, &size); 2280 if (error != 0) 2281 goto cmd; 2282 2283 /* Program the SCSI counter. */ 2284 NCR_SET_COUNT(sc, size); 2285 2286 /* Load the count in and start the message-out transfer. */ 2287 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 2288 NCRCMD(sc, NCRCMD_TRANS | NCRCMD_DMA); 2289 NCRDMA_GO(sc); 2290 return; 2291 } 2292 2293cmd: 2294 /* 2295 * XXX FIFO size 2296 */ 2297 sc->sc_cmdlen = 0; 2298 ncr53c9x_flushfifo(sc); 2299 ncr53c9x_wrfifo(sc, sc->sc_omp, sc->sc_omlen); 2300 NCRCMD(sc, NCRCMD_TRANS); 2301} 2302 2303void 2304ncr53c9x_intr(void *arg) 2305{ 2306 struct ncr53c9x_softc *sc = arg; 2307 2308 if (!NCRDMA_ISINTR(sc)) 2309 return; 2310 2311 NCR_LOCK(sc); 2312 2313 ncr53c9x_intr1(sc); 2314 2315 NCR_UNLOCK(sc); 2316} 2317 2318/* 2319 * This is the most critical part of the driver, and has to know 2320 * how to deal with *all* error conditions and phases from the SCSI 2321 * bus. If there are no errors and the DMA was active, then call the 2322 * DMA pseudo-interrupt handler. If this returns 1, then that was it 2323 * and we can return from here without further processing. 2324 * 2325 * Most of this needs verifying. 2326 */ 2327static void 2328ncr53c9x_intr1(struct ncr53c9x_softc *sc) 2329{ 2330 struct ncr53c9x_ecb *ecb; 2331 struct ncr53c9x_linfo *li; 2332 struct ncr53c9x_tinfo *ti; 2333 struct timeval cur, wait; 2334 size_t size; 2335 int error, i, nfifo; 2336 uint8_t msg; 2337 2338 NCR_LOCK_ASSERT(sc, MA_OWNED); 2339 2340 NCR_INTS(("[ncr53c9x_intr: state %d]", sc->sc_state)); 2341 2342again: 2343 /* and what do the registers say... */ 2344 ncr53c9x_readregs(sc); 2345 2346 /* 2347 * At the moment, only a SCSI Bus Reset or Illegal 2348 * Command are classed as errors. A disconnect is a 2349 * valid condition, and we let the code check is the 2350 * "NCR_BUSFREE_OK" flag was set before declaring it 2351 * and error. 2352 * 2353 * Also, the status register tells us about "Gross 2354 * Errors" and "Parity errors". Only the Gross Error 2355 * is really bad, and the parity errors are dealt 2356 * with later. 2357 * 2358 * TODO 2359 * If there are too many parity error, go to slow 2360 * cable mode? 2361 */ 2362 2363 if ((sc->sc_espintr & NCRINTR_SBR) != 0) { 2364 if ((NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) != 0) { 2365 NCRCMD(sc, NCRCMD_FLUSH); 2366 DELAY(1); 2367 } 2368 if (sc->sc_state != NCR_SBR) { 2369 device_printf(sc->sc_dev, "SCSI bus reset\n"); 2370 ncr53c9x_init(sc, 0); /* Restart everything. */ 2371 return; 2372 } 2373#if 0 2374/*XXX*/ device_printf(sc->sc_dev, "<expected bus reset: " 2375 "[intr %x, stat %x, step %d]>\n", 2376 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep); 2377#endif 2378 if (sc->sc_nexus != NULL) 2379 panic("%s: nexus in reset state", 2380 device_get_nameunit(sc->sc_dev)); 2381 goto sched; 2382 } 2383 2384 ecb = sc->sc_nexus; 2385 2386#define NCRINTR_ERR (NCRINTR_SBR | NCRINTR_ILL) 2387 if (sc->sc_espintr & NCRINTR_ERR || 2388 sc->sc_espstat & NCRSTAT_GE) { 2389 if ((sc->sc_espstat & NCRSTAT_GE) != 0) { 2390 /* Gross Error; no target? */ 2391 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2392 NCRCMD(sc, NCRCMD_FLUSH); 2393 DELAY(1); 2394 } 2395 if (sc->sc_state == NCR_CONNECTED || 2396 sc->sc_state == NCR_SELECTING) { 2397 ecb->ccb->ccb_h.status = CAM_SEL_TIMEOUT; 2398 ncr53c9x_done(sc, ecb); 2399 } 2400 return; 2401 } 2402 2403 if ((sc->sc_espintr & NCRINTR_ILL) != 0) { 2404 if ((sc->sc_flags & NCR_EXPECT_ILLCMD) != 0) { 2405 /* 2406 * Eat away "Illegal command" interrupt 2407 * on a ESP100 caused by a re-selection 2408 * while we were trying to select 2409 * another target. 2410 */ 2411#ifdef NCR53C9X_DEBUG 2412 device_printf(sc->sc_dev, "ESP100 work-around " 2413 "activated\n"); 2414#endif 2415 sc->sc_flags &= ~NCR_EXPECT_ILLCMD; 2416 return; 2417 } 2418 /* Illegal command, out of sync? */ 2419 device_printf(sc->sc_dev, "illegal command: 0x%x " 2420 "(state %d, phase %x, prevphase %x)\n", 2421 sc->sc_lastcmd, 2422 sc->sc_state, sc->sc_phase, sc->sc_prevphase); 2423 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2424 NCRCMD(sc, NCRCMD_FLUSH); 2425 DELAY(1); 2426 } 2427 goto reset; 2428 } 2429 } 2430 sc->sc_flags &= ~NCR_EXPECT_ILLCMD; 2431 2432 /* 2433 * Call if DMA is active. 2434 * 2435 * If DMA_INTR returns true, then maybe go 'round the loop 2436 * again in case there is no more DMA queued, but a phase 2437 * change is expected. 2438 */ 2439 if (NCRDMA_ISACTIVE(sc)) { 2440 if (NCRDMA_INTR(sc) == -1) { 2441 device_printf(sc->sc_dev, "DMA error; resetting\n"); 2442 goto reset; 2443 } 2444 /* If DMA active here, then go back to work... */ 2445 if (NCRDMA_ISACTIVE(sc)) 2446 return; 2447 2448 if ((sc->sc_espstat & NCRSTAT_TC) == 0) { 2449 /* 2450 * DMA not completed. If we can not find a 2451 * acceptable explanation, print a diagnostic. 2452 */ 2453 if (sc->sc_state == NCR_SELECTING) 2454 /* 2455 * This can happen if we are reselected 2456 * while using DMA to select a target. 2457 */ 2458 /*void*/; 2459 else if (sc->sc_prevphase == MESSAGE_OUT_PHASE) { 2460 /* 2461 * Our (multi-byte) message (eg SDTR) was 2462 * interrupted by the target to send 2463 * a MSG REJECT. 2464 * Print diagnostic if current phase 2465 * is not MESSAGE IN. 2466 */ 2467 if (sc->sc_phase != MESSAGE_IN_PHASE) 2468 device_printf(sc->sc_dev,"!TC on MSGOUT" 2469 " [intr %x, stat %x, step %d]" 2470 " prevphase %x, resid %lx\n", 2471 sc->sc_espintr, 2472 sc->sc_espstat, 2473 sc->sc_espstep, 2474 sc->sc_prevphase, 2475 (u_long)sc->sc_omlen); 2476 } else if (sc->sc_dleft == 0) { 2477 /* 2478 * The DMA operation was started for 2479 * a DATA transfer. Print a diagnostic 2480 * if the DMA counter and TC bit 2481 * appear to be out of sync. 2482 * 2483 * XXX This is fatal and usually means that 2484 * the DMA engine is hopelessly out of 2485 * sync with reality. A disk is likely 2486 * getting spammed at this point. 2487 */ 2488 device_printf(sc->sc_dev, "!TC on DATA XFER" 2489 " [intr %x, stat %x, step %d]" 2490 " prevphase %x, resid %x\n", 2491 sc->sc_espintr, 2492 sc->sc_espstat, 2493 sc->sc_espstep, 2494 sc->sc_prevphase, 2495 ecb ? ecb->dleft : -1); 2496 goto reset; 2497 } 2498 } 2499 } 2500 2501 /* 2502 * Check for less serious errors. 2503 */ 2504 if ((sc->sc_espstat & NCRSTAT_PE) != 0) { 2505 device_printf(sc->sc_dev, "SCSI bus parity error\n"); 2506 if (sc->sc_prevphase == MESSAGE_IN_PHASE) 2507 ncr53c9x_sched_msgout(SEND_PARITY_ERROR); 2508 else 2509 ncr53c9x_sched_msgout(SEND_INIT_DET_ERR); 2510 } 2511 2512 if ((sc->sc_espintr & NCRINTR_DIS) != 0) { 2513 sc->sc_msgify = 0; 2514 NCR_INTS(("<DISC [intr %x, stat %x, step %d]>", 2515 sc->sc_espintr,sc->sc_espstat,sc->sc_espstep)); 2516 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2517 NCRCMD(sc, NCRCMD_FLUSH); 2518#if 0 2519 DELAY(1); 2520#endif 2521 } 2522 /* 2523 * This command must (apparently) be issued within 2524 * 250mS of a disconnect. So here you are... 2525 */ 2526 NCRCMD(sc, NCRCMD_ENSEL); 2527 2528 switch (sc->sc_state) { 2529 case NCR_RESELECTED: 2530 goto sched; 2531 2532 case NCR_SELECTING: 2533 ecb->ccb->ccb_h.status = CAM_SEL_TIMEOUT; 2534 2535 /* Selection timeout -- discard all LUNs if empty. */ 2536 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2537 li = LIST_FIRST(&ti->luns); 2538 while (li != NULL) { 2539 if (li->untagged == NULL && li->used == 0) { 2540 if (li->lun < NCR_NLUN) 2541 ti->lun[li->lun] = NULL; 2542 LIST_REMOVE(li, link); 2543 free(li, M_DEVBUF); 2544 /* 2545 * Restart the search at the beginning. 2546 */ 2547 li = LIST_FIRST(&ti->luns); 2548 continue; 2549 } 2550 li = LIST_NEXT(li, link); 2551 } 2552 goto finish; 2553 2554 case NCR_CONNECTED: 2555 if (ecb != NULL) { 2556 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2557 if ((ti->flags & T_SDTRSENT) != 0) { 2558 xpt_print_path(ecb->ccb->ccb_h.path); 2559 printf("sync nego not completed!\n"); 2560 ti->flags &= ~T_SDTRSENT; 2561 ti->curr.period = ti->goal.period = 0; 2562 ti->curr.offset = ti->goal.offset = 0; 2563 ncr53c9x_setsync(sc, ti); 2564 } 2565 if ((ti->flags & T_WDTRSENT) != 0) { 2566 xpt_print_path(ecb->ccb->ccb_h.path); 2567 printf("wide nego not completed!\n"); 2568 ti->flags &= ~T_WDTRSENT; 2569 ti->curr.width = ti->goal.width = 2570 MSG_EXT_WDTR_BUS_8_BIT; 2571 ncr53c9x_setsync(sc, ti); 2572 } 2573 } 2574 2575 /* It may be OK to disconnect. */ 2576 if ((sc->sc_flags & NCR_ABORTING) == 0) { 2577 /* 2578 * Section 5.1.1 of the SCSI 2 spec 2579 * suggests issuing a REQUEST SENSE 2580 * following an unexpected disconnect. 2581 * Some devices go into a contingent 2582 * allegiance condition when 2583 * disconnecting, and this is necessary 2584 * to clean up their state. 2585 */ 2586 device_printf(sc->sc_dev, "unexpected " 2587 "disconnect [state %d, intr %x, stat %x, " 2588 "phase(c %x, p %x)]; ", sc->sc_state, 2589 sc->sc_espintr, sc->sc_espstat, 2590 sc->sc_phase, sc->sc_prevphase); 2591 2592 /* 2593 * XXX This will cause a chip reset and will 2594 * prevent us from finding out the real 2595 * problem with the device. However, it's 2596 * necessary until a way can be found to 2597 * safely cancel the DMA that is in 2598 * progress. 2599 */ 2600 if (1 || (ecb->flags & ECB_SENSE) != 0) { 2601 printf("resetting\n"); 2602 goto reset; 2603 } 2604 printf("sending REQUEST SENSE\n"); 2605 callout_stop(&ecb->ch); 2606 ncr53c9x_sense(sc, ecb); 2607 return; 2608 } else if (ecb != NULL && 2609 (ecb->flags & ECB_RESET) != 0) { 2610 ecb->ccb->ccb_h.status = CAM_REQ_CMP; 2611 goto finish; 2612 } 2613 2614 ecb->ccb->ccb_h.status = CAM_CMD_TIMEOUT; 2615 goto finish; 2616 2617 case NCR_DISCONNECT: 2618 sc->sc_nexus = NULL; 2619 goto sched; 2620 2621 case NCR_CMDCOMPLETE: 2622 ecb->ccb->ccb_h.status = CAM_REQ_CMP; 2623 goto finish; 2624 } 2625 } 2626 2627 switch (sc->sc_state) { 2628 case NCR_SBR: 2629 device_printf(sc->sc_dev, "waiting for Bus Reset to happen\n"); 2630 return; 2631 2632 case NCR_RESELECTED: 2633 /* 2634 * We must be continuing a message? 2635 */ 2636 device_printf(sc->sc_dev, "unhandled reselect continuation, " 2637 "state %d, intr %02x\n", sc->sc_state, sc->sc_espintr); 2638 goto reset; 2639 break; 2640 2641 case NCR_IDENTIFIED: 2642 ecb = sc->sc_nexus; 2643 if (sc->sc_phase != MESSAGE_IN_PHASE) { 2644 i = NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF; 2645 /* 2646 * Things are seriously screwed up. 2647 * Pull the brakes, i.e. reset. 2648 */ 2649 device_printf(sc->sc_dev, "target didn't send tag: %d " 2650 "bytes in FIFO\n", i); 2651 /* Drain and display FIFO. */ 2652 while (i-- > 0) 2653 printf("[%d] ", NCR_READ_REG(sc, NCR_FIFO)); 2654 2655 goto reset; 2656 } else 2657 goto msgin; 2658 2659 case NCR_IDLE: 2660 case NCR_SELECTING: 2661 ecb = sc->sc_nexus; 2662 if (sc->sc_espintr & NCRINTR_RESEL) { 2663 sc->sc_msgpriq = sc->sc_msgout = sc->sc_msgoutq = 0; 2664 sc->sc_flags = 0; 2665 /* 2666 * If we're trying to select a 2667 * target ourselves, push our command 2668 * back into the ready list. 2669 */ 2670 if (sc->sc_state == NCR_SELECTING) { 2671 NCR_INTS(("backoff selector ")); 2672 callout_stop(&ecb->ch); 2673 ncr53c9x_dequeue(sc, ecb); 2674 TAILQ_INSERT_HEAD(&sc->ready_list, ecb, chain); 2675 ecb->flags |= ECB_READY; 2676 ecb = sc->sc_nexus = NULL; 2677 } 2678 sc->sc_state = NCR_RESELECTED; 2679 if (sc->sc_phase != MESSAGE_IN_PHASE) { 2680 /* 2681 * Things are seriously screwed up. 2682 * Pull the brakes, i.e. reset 2683 */ 2684 device_printf(sc->sc_dev, "target didn't " 2685 "identify\n"); 2686 goto reset; 2687 } 2688 /* 2689 * The C90 only inhibits FIFO writes until reselection 2690 * is complete instead of waiting until the interrupt 2691 * status register has been read. So, if the reselect 2692 * happens while we were entering command bytes (for 2693 * another target) some of those bytes can appear in 2694 * the FIFO here, after the interrupt is taken. 2695 * 2696 * To remedy this situation, pull the Selection ID 2697 * and Identify message from the FIFO directly, and 2698 * ignore any extraneous FIFO contents. Also, set 2699 * a flag that allows one Illegal Command Interrupt 2700 * to occur which the chip also generates as a result 2701 * of writing to the FIFO during a reselect. 2702 */ 2703 if (sc->sc_rev == NCR_VARIANT_ESP100) { 2704 nfifo = 2705 NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF; 2706 sc->sc_imess[0] = NCR_READ_REG(sc, NCR_FIFO); 2707 sc->sc_imess[1] = NCR_READ_REG(sc, NCR_FIFO); 2708 sc->sc_imlen = 2; 2709 if (nfifo != 2) { 2710 /* Flush the rest. */ 2711 NCRCMD(sc, NCRCMD_FLUSH); 2712 } 2713 sc->sc_flags |= NCR_EXPECT_ILLCMD; 2714 if (nfifo > 2) 2715 nfifo = 2; /* We fixed it... */ 2716 } else 2717 nfifo = ncr53c9x_rdfifo(sc, NCR_RDFIFO_START); 2718 2719 if (nfifo != 2) { 2720 device_printf(sc->sc_dev, "RESELECT: %d bytes " 2721 "in FIFO! [intr %x, stat %x, step %d, " 2722 "prevphase %x]\n", 2723 nfifo, 2724 sc->sc_espintr, 2725 sc->sc_espstat, 2726 sc->sc_espstep, 2727 sc->sc_prevphase); 2728 goto reset; 2729 } 2730 sc->sc_selid = sc->sc_imess[0]; 2731 NCR_INTS(("selid=%02x ", sc->sc_selid)); 2732 2733 /* Handle IDENTIFY message. */ 2734 ncr53c9x_msgin(sc); 2735 2736 if (sc->sc_state != NCR_CONNECTED && 2737 sc->sc_state != NCR_IDENTIFIED) { 2738 /* IDENTIFY fail?! */ 2739 device_printf(sc->sc_dev, "identify failed, " 2740 "state %d, intr %02x\n", sc->sc_state, 2741 sc->sc_espintr); 2742 goto reset; 2743 } 2744 goto shortcut; /* i.e. next phase expected soon */ 2745 } 2746 2747#define NCRINTR_DONE (NCRINTR_FC | NCRINTR_BS) 2748 if ((sc->sc_espintr & NCRINTR_DONE) == NCRINTR_DONE) { 2749 /* 2750 * Arbitration won; examine the `step' register 2751 * to determine how far the selection could progress. 2752 */ 2753 if (ecb == NULL) { 2754 /* 2755 * When doing path inquiry during boot 2756 * FAS100A trigger a stray interrupt which 2757 * we just ignore instead of panicing. 2758 */ 2759 if (sc->sc_state == NCR_IDLE && 2760 sc->sc_espstep == 0) 2761 return; 2762 panic("%s: no nexus", __func__); 2763 } 2764 2765 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2766 2767 switch (sc->sc_espstep) { 2768 case 0: 2769 /* 2770 * The target did not respond with a 2771 * message out phase - probably an old 2772 * device that doesn't recognize ATN. 2773 * Clear ATN and just continue, the 2774 * target should be in the command 2775 * phase. 2776 * XXX check for command phase? 2777 */ 2778 NCRCMD(sc, NCRCMD_RSTATN); 2779 break; 2780 2781 case 1: 2782 if (ti->curr.period == ti->goal.period && 2783 ti->curr.offset == ti->goal.offset && 2784 ti->curr.width == ti->goal.width && 2785 ecb->tag[0] == 0) { 2786 device_printf(sc->sc_dev, "step 1 " 2787 "and no negotiation to perform " 2788 "or tag to send\n"); 2789 goto reset; 2790 } 2791 if (sc->sc_phase != MESSAGE_OUT_PHASE) { 2792 device_printf(sc->sc_dev, "step 1 " 2793 "but not in MESSAGE_OUT_PHASE\n"); 2794 goto reset; 2795 } 2796 sc->sc_prevphase = MESSAGE_OUT_PHASE; /* XXX */ 2797 if (ecb->flags & ECB_RESET) { 2798 /* 2799 * A DEVICE RESET was scheduled and 2800 * ATNS used. As SEND_DEV_RESET has 2801 * the highest priority, the target 2802 * will reset and disconnect and we 2803 * will end up in ncr53c9x_done w/o 2804 * negotiating or sending a TAG. So 2805 * we just break here in order to 2806 * avoid warnings about negotiation 2807 * not having completed. 2808 */ 2809 ncr53c9x_sched_msgout(SEND_DEV_RESET); 2810 break; 2811 } 2812 if (ti->curr.width != ti->goal.width) { 2813 ti->flags |= T_WDTRSENT | T_SDTRSENT; 2814 ncr53c9x_sched_msgout(SEND_WDTR | 2815 SEND_SDTR); 2816 } 2817 if (ti->curr.period != ti->goal.period || 2818 ti->curr.offset != ti->goal.offset) { 2819 ti->flags |= T_SDTRSENT; 2820 ncr53c9x_sched_msgout(SEND_SDTR); 2821 } 2822 if (ecb->tag[0] != 0) 2823 /* Could not do ATN3 so send TAG. */ 2824 ncr53c9x_sched_msgout(SEND_TAG); 2825 break; 2826 2827 case 3: 2828 /* 2829 * Grr, this is supposed to mean 2830 * "target left command phase prematurely". 2831 * It seems to happen regularly when 2832 * sync mode is on. 2833 * Look at FIFO to see if command went out. 2834 * (Timing problems?) 2835 */ 2836 if (sc->sc_features & NCR_F_DMASELECT) { 2837 if (sc->sc_cmdlen == 0) { 2838 /* Hope for the best... */ 2839 break; 2840 } 2841 } else if ((NCR_READ_REG(sc, NCR_FFLAG) & 2842 NCRFIFO_FF) == 0) { 2843 /* Hope for the best... */ 2844 break; 2845 } 2846 xpt_print_path(ecb->ccb->ccb_h.path); 2847 printf("selection failed; %d left in FIFO " 2848 "[intr %x, stat %x, step %d]\n", 2849 NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF, 2850 sc->sc_espintr, sc->sc_espstat, 2851 sc->sc_espstep); 2852 NCRCMD(sc, NCRCMD_FLUSH); 2853 ncr53c9x_sched_msgout(SEND_ABORT); 2854 return; 2855 2856 case 2: 2857 /* Select stuck at Command Phase. */ 2858 NCRCMD(sc, NCRCMD_FLUSH); 2859 break; 2860 2861 case 4: 2862 if (sc->sc_features & NCR_F_DMASELECT && 2863 sc->sc_cmdlen != 0) { 2864 xpt_print_path(ecb->ccb->ccb_h.path); 2865 printf("select; %lu left in DMA buffer " 2866 "[intr %x, stat %x, step %d]\n", 2867 (u_long)sc->sc_cmdlen, 2868 sc->sc_espintr, 2869 sc->sc_espstat, 2870 sc->sc_espstep); 2871 } 2872 /* So far, everything went fine. */ 2873 break; 2874 } 2875 2876 sc->sc_prevphase = INVALID_PHASE; /* ??? */ 2877 /* Do an implicit RESTORE POINTERS. */ 2878 sc->sc_dp = ecb->daddr; 2879 sc->sc_dleft = ecb->dleft; 2880 sc->sc_state = NCR_CONNECTED; 2881 break; 2882 } else { 2883 device_printf(sc->sc_dev, "unexpected status after " 2884 "select: [intr %x, stat %x, step %x]\n", 2885 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep); 2886 NCRCMD(sc, NCRCMD_FLUSH); 2887 DELAY(1); 2888 goto reset; 2889 } 2890 if (sc->sc_state == NCR_IDLE) { 2891 device_printf(sc->sc_dev, "stray interrupt\n"); 2892 return; 2893 } 2894 break; 2895 2896 case NCR_CONNECTED: 2897 if ((sc->sc_flags & NCR_ICCS) != 0) { 2898 /* "Initiate Command Complete Steps" in progress */ 2899 sc->sc_flags &= ~NCR_ICCS; 2900 2901 if ((sc->sc_espintr & NCRINTR_DONE) == 0) { 2902 device_printf(sc->sc_dev, "ICCS: " 2903 ": [intr %x, stat %x, step %x]\n", 2904 sc->sc_espintr, sc->sc_espstat, 2905 sc->sc_espstep); 2906 } 2907 ncr53c9x_rdfifo(sc, NCR_RDFIFO_START); 2908 if (sc->sc_imlen < 2) 2909 device_printf(sc->sc_dev, "can't get status, " 2910 "only %d bytes\n", (int)sc->sc_imlen); 2911 ecb->stat = sc->sc_imess[sc->sc_imlen - 2]; 2912 msg = sc->sc_imess[sc->sc_imlen - 1]; 2913 NCR_PHASE(("<stat:(%x,%x)>", ecb->stat, msg)); 2914 if (msg == MSG_CMDCOMPLETE) { 2915 ecb->dleft = 2916 (ecb->flags & ECB_TENTATIVE_DONE) ? 2917 0 : sc->sc_dleft; 2918 if ((ecb->flags & ECB_SENSE) == 0) 2919 ecb->ccb->csio.resid = ecb->dleft; 2920 sc->sc_state = NCR_CMDCOMPLETE; 2921 } else 2922 device_printf(sc->sc_dev, "STATUS_PHASE: " 2923 "msg %d\n", msg); 2924 sc->sc_imlen = 0; 2925 NCRCMD(sc, NCRCMD_MSGOK); 2926 goto shortcut; /* i.e. wait for disconnect */ 2927 } 2928 break; 2929 2930 default: 2931 device_printf(sc->sc_dev, "invalid state: %d [intr %x, " 2932 "phase(c %x, p %x)]\n", sc->sc_state, 2933 sc->sc_espintr, sc->sc_phase, sc->sc_prevphase); 2934 goto reset; 2935 } 2936 2937 /* 2938 * Driver is now in state NCR_CONNECTED, i.e. we 2939 * have a current command working the SCSI bus. 2940 */ 2941 if (sc->sc_state != NCR_CONNECTED || ecb == NULL) 2942 panic("%s: no nexus", __func__); 2943 2944 switch (sc->sc_phase) { 2945 case MESSAGE_OUT_PHASE: 2946 NCR_PHASE(("MESSAGE_OUT_PHASE ")); 2947 ncr53c9x_msgout(sc); 2948 sc->sc_prevphase = MESSAGE_OUT_PHASE; 2949 break; 2950 2951 case MESSAGE_IN_PHASE: 2952msgin: 2953 NCR_PHASE(("MESSAGE_IN_PHASE ")); 2954 if ((sc->sc_espintr & NCRINTR_BS) != 0) { 2955 if ((sc->sc_rev != NCR_VARIANT_FAS366) || 2956 (sc->sc_espstat2 & NCRFAS_STAT2_EMPTY) == 0) { 2957 NCRCMD(sc, NCRCMD_FLUSH); 2958 } 2959 sc->sc_flags |= NCR_WAITI; 2960 NCRCMD(sc, NCRCMD_TRANS); 2961 } else if ((sc->sc_espintr & NCRINTR_FC) != 0) { 2962 if ((sc->sc_flags & NCR_WAITI) == 0) { 2963 device_printf(sc->sc_dev, "MSGIN: unexpected " 2964 "FC bit: [intr %x, stat %x, step %x]\n", 2965 sc->sc_espintr, sc->sc_espstat, 2966 sc->sc_espstep); 2967 } 2968 sc->sc_flags &= ~NCR_WAITI; 2969 ncr53c9x_rdfifo(sc, 2970 (sc->sc_prevphase == sc->sc_phase) ? 2971 NCR_RDFIFO_CONTINUE : NCR_RDFIFO_START); 2972 ncr53c9x_msgin(sc); 2973 } else 2974 device_printf(sc->sc_dev, "MSGIN: weird bits: " 2975 "[intr %x, stat %x, step %x]\n", 2976 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep); 2977 sc->sc_prevphase = MESSAGE_IN_PHASE; 2978 goto shortcut; /* i.e. expect data to be ready */ 2979 2980 case COMMAND_PHASE: 2981 /* 2982 * Send the command block. Normally we don't see this 2983 * phase because the SEL_ATN command takes care of 2984 * all this. However, we end up here if either the 2985 * target or we wanted to exchange some more messages 2986 * first (e.g. to start negotiations). 2987 */ 2988 2989 NCR_PHASE(("COMMAND_PHASE 0x%02x (%d) ", 2990 ecb->cmd.cmd.opcode, ecb->clen)); 2991 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2992 NCRCMD(sc, NCRCMD_FLUSH); 2993#if 0 2994 DELAY(1); 2995#endif 2996 } 2997 /* 2998 * If we have more messages to send, e.g. WDTR or SDTR 2999 * after we've sent a TAG, set ATN so we'll go back to 3000 * MESSAGE_OUT_PHASE. 3001 */ 3002 if (sc->sc_msgpriq) { 3003 NCRCMD(sc, NCRCMD_SETATN); 3004 sc->sc_flags |= NCR_ATN; 3005 } 3006 if (sc->sc_features & NCR_F_DMASELECT) { 3007 /* Setup DMA transfer for command. */ 3008 size = ecb->clen; 3009 sc->sc_cmdlen = size; 3010 sc->sc_cmdp = (void *)&ecb->cmd.cmd; 3011 error = NCRDMA_SETUP(sc, &sc->sc_cmdp, &sc->sc_cmdlen, 3012 0, &size); 3013 if (error != 0) 3014 goto cmd; 3015 3016 /* Program the SCSI counter. */ 3017 NCR_SET_COUNT(sc, size); 3018 3019 /* Load the count in. */ 3020 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 3021 3022 /* Start the command transfer. */ 3023 NCRCMD(sc, NCRCMD_TRANS | NCRCMD_DMA); 3024 NCRDMA_GO(sc); 3025 sc->sc_prevphase = COMMAND_PHASE; 3026 break; 3027 } 3028cmd: 3029 sc->sc_cmdlen = 0; 3030 ncr53c9x_wrfifo(sc, (uint8_t *)&ecb->cmd.cmd, ecb->clen); 3031 NCRCMD(sc, NCRCMD_TRANS); 3032 sc->sc_prevphase = COMMAND_PHASE; 3033 break; 3034 3035 case DATA_OUT_PHASE: 3036 NCR_PHASE(("DATA_OUT_PHASE [%ld] ", (long)sc->sc_dleft)); 3037 sc->sc_prevphase = DATA_OUT_PHASE; 3038 NCRCMD(sc, NCRCMD_FLUSH); 3039 size = ulmin(sc->sc_dleft, sc->sc_maxxfer); 3040 error = NCRDMA_SETUP(sc, &sc->sc_dp, &sc->sc_dleft, 0, &size); 3041 goto setup_xfer; 3042 3043 case DATA_IN_PHASE: 3044 NCR_PHASE(("DATA_IN_PHASE ")); 3045 sc->sc_prevphase = DATA_IN_PHASE; 3046 if (sc->sc_rev == NCR_VARIANT_ESP100) 3047 NCRCMD(sc, NCRCMD_FLUSH); 3048 size = ulmin(sc->sc_dleft, sc->sc_maxxfer); 3049 error = NCRDMA_SETUP(sc, &sc->sc_dp, &sc->sc_dleft, 1, &size); 3050setup_xfer: 3051 if (error != 0) { 3052 switch (error) { 3053 case EFBIG: 3054 ecb->ccb->ccb_h.status |= CAM_REQ_TOO_BIG; 3055 break; 3056 case EINPROGRESS: 3057 panic("%s: cannot deal with deferred DMA", 3058 __func__); 3059 case EINVAL: 3060 ecb->ccb->ccb_h.status |= CAM_REQ_INVALID; 3061 break; 3062 case ENOMEM: 3063 ecb->ccb->ccb_h.status |= CAM_REQUEUE_REQ; 3064 break; 3065 default: 3066 ecb->ccb->ccb_h.status |= CAM_REQ_CMP_ERR; 3067 } 3068 goto finish; 3069 } 3070 3071 /* Target returned to data phase: wipe "done" memory. */ 3072 ecb->flags &= ~ECB_TENTATIVE_DONE; 3073 3074 /* Program the SCSI counter. */ 3075 NCR_SET_COUNT(sc, size); 3076 3077 /* Load the count in. */ 3078 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 3079 3080 /* 3081 * Note that if `size' is 0, we've already transceived 3082 * all the bytes we want but we're still in DATA PHASE. 3083 * Apparently, the device needs padding. Also, a 3084 * transfer size of 0 means "maximum" to the chip 3085 * DMA logic. 3086 */ 3087 NCRCMD(sc, 3088 (size == 0 ? NCRCMD_TRPAD : NCRCMD_TRANS) | NCRCMD_DMA); 3089 NCRDMA_GO(sc); 3090 return; 3091 3092 case STATUS_PHASE: 3093 NCR_PHASE(("STATUS_PHASE ")); 3094 sc->sc_flags |= NCR_ICCS; 3095 NCRCMD(sc, NCRCMD_ICCS); 3096 sc->sc_prevphase = STATUS_PHASE; 3097 goto shortcut; /* i.e. expect status results soon */ 3098 3099 case INVALID_PHASE: 3100 break; 3101 3102 default: 3103 device_printf(sc->sc_dev, 3104 "unexpected bus phase; resetting\n"); 3105 goto reset; 3106 } 3107 3108 return; 3109 3110reset: 3111 ncr53c9x_init(sc, 1); 3112 return; 3113 3114finish: 3115 ncr53c9x_done(sc, ecb); 3116 return; 3117 3118sched: 3119 sc->sc_state = NCR_IDLE; 3120 ncr53c9x_sched(sc); 3121 return; 3122 3123shortcut: 3124 /* 3125 * The idea is that many of the SCSI operations take very little 3126 * time, and going away and getting interrupted is too high an 3127 * overhead to pay. For example, selecting, sending a message 3128 * and command and then doing some work can be done in one "pass". 3129 * 3130 * The delay is a heuristic. It is 2 when at 20 MHz, 2 at 25 MHz and 3131 * 1 at 40 MHz. This needs testing. 3132 */ 3133 microtime(&wait); 3134 wait.tv_usec += 50 / sc->sc_freq; 3135 if (wait.tv_usec > 1000000) { 3136 wait.tv_sec++; 3137 wait.tv_usec -= 1000000; 3138 } 3139 do { 3140 if (NCRDMA_ISINTR(sc)) 3141 goto again; 3142 microtime(&cur); 3143 } while (cur.tv_sec <= wait.tv_sec && cur.tv_usec <= wait.tv_usec); 3144} 3145 3146static void 3147ncr53c9x_abort(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 3148{ 3149 3150 NCR_LOCK_ASSERT(sc, MA_OWNED); 3151 3152 /* 2 secs for the abort */ 3153 ecb->timeout = NCR_ABORT_TIMEOUT; 3154 ecb->flags |= ECB_ABORT; 3155 3156 if (ecb == sc->sc_nexus) { 3157 /* 3158 * If we're still selecting, the message will be scheduled 3159 * after selection is complete. 3160 */ 3161 if (sc->sc_state == NCR_CONNECTED) 3162 ncr53c9x_sched_msgout(SEND_ABORT); 3163 3164 /* 3165 * Reschedule callout. 3166 */ 3167 callout_reset(&ecb->ch, mstohz(ecb->timeout), 3168 ncr53c9x_callout, ecb); 3169 } else { 3170 /* 3171 * Just leave the command where it is. 3172 * XXX - what choice do we have but to reset the SCSI 3173 * eventually? 3174 */ 3175 if (sc->sc_state == NCR_IDLE) 3176 ncr53c9x_sched(sc); 3177 } 3178} 3179 3180static void 3181ncr53c9x_callout(void *arg) 3182{ 3183 struct ncr53c9x_ecb *ecb = arg; 3184 union ccb *ccb = ecb->ccb; 3185 struct ncr53c9x_softc *sc = ecb->sc; 3186 struct ncr53c9x_tinfo *ti; 3187 3188 NCR_LOCK_ASSERT(sc, MA_OWNED); 3189 3190 ti = &sc->sc_tinfo[ccb->ccb_h.target_id]; 3191 xpt_print_path(ccb->ccb_h.path); 3192 device_printf(sc->sc_dev, "timed out [ecb %p (flags 0x%x, dleft %x, " 3193 "stat %x)], <state %d, nexus %p, phase(l %x, c %x, p %x), " 3194 "resid %lx, msg(q %x,o %x) %s>", 3195 ecb, ecb->flags, ecb->dleft, ecb->stat, 3196 sc->sc_state, sc->sc_nexus, 3197 NCR_READ_REG(sc, NCR_STAT), 3198 sc->sc_phase, sc->sc_prevphase, 3199 (long)sc->sc_dleft, sc->sc_msgpriq, sc->sc_msgout, 3200 NCRDMA_ISACTIVE(sc) ? "DMA active" : ""); 3201#if defined(NCR53C9X_DEBUG) && NCR53C9X_DEBUG > 1 3202 printf("TRACE: %s.", ecb->trace); 3203#endif 3204 3205 if (ecb->flags & ECB_ABORT) { 3206 /* Abort timed out. */ 3207 printf(" AGAIN\n"); 3208 ncr53c9x_init(sc, 1); 3209 } else { 3210 /* Abort the operation that has timed out. */ 3211 printf("\n"); 3212 ccb->ccb_h.status = CAM_CMD_TIMEOUT; 3213 ncr53c9x_abort(sc, ecb); 3214 3215 /* Disable sync mode if stuck in a data phase. */ 3216 if (ecb == sc->sc_nexus && ti->curr.offset != 0 && 3217 (sc->sc_phase & (MSGI | CDI)) == 0) { 3218 /* XXX ASYNC CALLBACK! */ 3219 ti->goal.offset = 0; 3220 xpt_print_path(ccb->ccb_h.path); 3221 printf("sync negotiation disabled\n"); 3222 } 3223 } 3224} 3225 3226static void 3227ncr53c9x_watch(void *arg) 3228{ 3229 struct ncr53c9x_softc *sc = arg; 3230 struct ncr53c9x_linfo *li; 3231 struct ncr53c9x_tinfo *ti; 3232 time_t old; 3233 int t; 3234 3235 NCR_LOCK_ASSERT(sc, MA_OWNED); 3236 3237 /* Delete any structures that have not been used in 10min. */ 3238 old = time_second - (10 * 60); 3239 3240 for (t = 0; t < sc->sc_ntarg; t++) { 3241 ti = &sc->sc_tinfo[t]; 3242 li = LIST_FIRST(&ti->luns); 3243 while (li) { 3244 if (li->last_used < old && 3245 li->untagged == NULL && 3246 li->used == 0) { 3247 if (li->lun < NCR_NLUN) 3248 ti->lun[li->lun] = NULL; 3249 LIST_REMOVE(li, link); 3250 free(li, M_DEVBUF); 3251 /* Restart the search at the beginning. */ 3252 li = LIST_FIRST(&ti->luns); 3253 continue; 3254 } 3255 li = LIST_NEXT(li, link); 3256 } 3257 } 3258 callout_reset(&sc->sc_watchdog, 60 * hz, ncr53c9x_watch, sc); 3259} 3260