1/*- 2 * SPDX-License-Identifier: BSD-2-Clause-FreeBSD AND BSD-2-Clause NetBSD 3 * 4 * Copyright (c) 2004 Scott Long 5 * Copyright (c) 2005, 2008 Marius Strobl <marius@FreeBSD.org> 6 * All rights reserved. 7 * 8 * Redistribution and use in source and binary forms, with or without 9 * modification, are permitted provided that the following conditions 10 * are met: 11 * 1. Redistributions of source code must retain the above copyright 12 * notice, this list of conditions and the following disclaimer. 13 * 2. Redistributions in binary form must reproduce the above copyright 14 * notice, this list of conditions and the following disclaimer in the 15 * documentation and/or other materials provided with the distribution. 16 * 17 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 18 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 19 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 20 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 21 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 22 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 23 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 24 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 25 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 26 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 27 * SUCH DAMAGE. 28 * 29 */ 30 31/* $NetBSD: ncr53c9x.c,v 1.145 2012/06/18 21:23:56 martin Exp $ */ 32 33/*- 34 * Copyright (c) 1998, 2002 The NetBSD Foundation, Inc. 35 * All rights reserved. 36 * 37 * This code is derived from software contributed to The NetBSD Foundation 38 * by Charles M. Hannum. 39 * 40 * Redistribution and use in source and binary forms, with or without 41 * modification, are permitted provided that the following conditions 42 * are met: 43 * 1. Redistributions of source code must retain the above copyright 44 * notice, this list of conditions and the following disclaimer. 45 * 2. Redistributions in binary form must reproduce the above copyright 46 * notice, this list of conditions and the following disclaimer in the 47 * documentation and/or other materials provided with the distribution. 48 * 49 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 50 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 51 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 52 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 53 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 54 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 55 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 56 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 57 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 58 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 59 * POSSIBILITY OF SUCH DAMAGE. 60 */ 61 62/*- 63 * Copyright (c) 1994 Peter Galbavy 64 * Copyright (c) 1995 Paul Kranenburg 65 * All rights reserved. 66 * 67 * Redistribution and use in source and binary forms, with or without 68 * modification, are permitted provided that the following conditions 69 * are met: 70 * 1. Redistributions of source code must retain the above copyright 71 * notice, this list of conditions and the following disclaimer. 72 * 2. Redistributions in binary form must reproduce the above copyright 73 * notice, this list of conditions and the following disclaimer in the 74 * documentation and/or other materials provided with the distribution. 75 * 3. All advertising materials mentioning features or use of this software 76 * must display the following acknowledgement: 77 * This product includes software developed by Peter Galbavy 78 * 4. The name of the author may not be used to endorse or promote products 79 * derived from this software without specific prior written permission. 80 * 81 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 82 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 83 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 84 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, 85 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 86 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 87 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 88 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 89 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 90 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 91 * POSSIBILITY OF SUCH DAMAGE. 92 */ 93 94/* 95 * Based on aic6360 by Jarle Greipsland 96 * 97 * Acknowledgements: Many of the algorithms used in this driver are 98 * inspired by the work of Julian Elischer (julian@FreeBSD.org) and 99 * Charles Hannum (mycroft@duality.gnu.ai.mit.edu). Thanks a million! 100 */ 101 102#include <sys/cdefs.h> 103__FBSDID("$FreeBSD$"); 104 105#include <sys/param.h> 106#include <sys/systm.h> 107#include <sys/bus.h> 108#include <sys/kernel.h> 109#include <sys/malloc.h> 110#include <sys/lock.h> 111#include <sys/module.h> 112#include <sys/mutex.h> 113#include <sys/queue.h> 114#include <sys/time.h> 115#include <sys/callout.h> 116 117#include <cam/cam.h> 118#include <cam/cam_ccb.h> 119#include <cam/cam_debug.h> 120#include <cam/cam_sim.h> 121#include <cam/cam_xpt_sim.h> 122#include <cam/scsi/scsi_all.h> 123#include <cam/scsi/scsi_message.h> 124 125#include <dev/esp/ncr53c9xreg.h> 126#include <dev/esp/ncr53c9xvar.h> 127 128devclass_t esp_devclass; 129 130MODULE_DEPEND(esp, cam, 1, 1, 1); 131 132#ifdef NCR53C9X_DEBUG 133int ncr53c9x_debug = 134 NCR_SHOWMISC /* | NCR_SHOWPHASE | NCR_SHOWTRAC | NCR_SHOWCMDS */; 135#endif 136 137static void ncr53c9x_abort(struct ncr53c9x_softc *sc, 138 struct ncr53c9x_ecb *ecb); 139static void ncr53c9x_action(struct cam_sim *sim, union ccb *ccb); 140static void ncr53c9x_async(void *cbarg, uint32_t code, 141 struct cam_path *path, void *arg); 142static void ncr53c9x_callout(void *arg); 143static void ncr53c9x_clear(struct ncr53c9x_softc *sc, cam_status result); 144static void ncr53c9x_clear_target(struct ncr53c9x_softc *sc, int target, 145 cam_status result); 146static void ncr53c9x_dequeue(struct ncr53c9x_softc *sc, 147 struct ncr53c9x_ecb *ecb); 148static void ncr53c9x_done(struct ncr53c9x_softc *sc, 149 struct ncr53c9x_ecb *ecb); 150static void ncr53c9x_free_ecb(struct ncr53c9x_softc *sc, 151 struct ncr53c9x_ecb *ecb); 152static void ncr53c9x_msgin(struct ncr53c9x_softc *sc); 153static void ncr53c9x_msgout(struct ncr53c9x_softc *sc); 154static void ncr53c9x_init(struct ncr53c9x_softc *sc, int doreset); 155static void ncr53c9x_intr1(struct ncr53c9x_softc *sc); 156static void ncr53c9x_poll(struct cam_sim *sim); 157static int ncr53c9x_rdfifo(struct ncr53c9x_softc *sc, int how); 158static int ncr53c9x_reselect(struct ncr53c9x_softc *sc, int message, 159 int tagtype, int tagid); 160static void ncr53c9x_reset(struct ncr53c9x_softc *sc); 161static void ncr53c9x_sense(struct ncr53c9x_softc *sc, 162 struct ncr53c9x_ecb *ecb); 163static void ncr53c9x_sched(struct ncr53c9x_softc *sc); 164static void ncr53c9x_select(struct ncr53c9x_softc *sc, 165 struct ncr53c9x_ecb *ecb); 166static void ncr53c9x_watch(void *arg); 167static void ncr53c9x_wrfifo(struct ncr53c9x_softc *sc, uint8_t *p, 168 int len); 169 170static struct ncr53c9x_ecb *ncr53c9x_get_ecb(struct ncr53c9x_softc *sc); 171static struct ncr53c9x_linfo *ncr53c9x_lunsearch(struct ncr53c9x_tinfo *sc, 172 int64_t lun); 173 174static inline void ncr53c9x_readregs(struct ncr53c9x_softc *sc); 175static inline void ncr53c9x_setsync(struct ncr53c9x_softc *sc, 176 struct ncr53c9x_tinfo *ti); 177static inline int ncr53c9x_stp2cpb(struct ncr53c9x_softc *sc, 178 int period); 179 180#define NCR_RDFIFO_START 0 181#define NCR_RDFIFO_CONTINUE 1 182 183#define NCR_SET_COUNT(sc, size) do { \ 184 NCR_WRITE_REG((sc), NCR_TCL, (size)); \ 185 NCR_WRITE_REG((sc), NCR_TCM, (size) >> 8); \ 186 if ((sc->sc_features & NCR_F_LARGEXFER) != 0) \ 187 NCR_WRITE_REG((sc), NCR_TCH, (size) >> 16); \ 188 if (sc->sc_rev == NCR_VARIANT_FAS366) \ 189 NCR_WRITE_REG(sc, NCR_RCH, 0); \ 190} while (/* CONSTCOND */0) 191 192#ifndef mstohz 193#define mstohz(ms) \ 194 (((ms) < 0x20000) ? \ 195 ((ms +0u) / 1000u) * hz : \ 196 ((ms +0u) * hz) /1000u) 197#endif 198 199/* 200 * Names for the NCR53c9x variants, corresponding to the variant tags 201 * in ncr53c9xvar.h. 202 */ 203static const char *ncr53c9x_variant_names[] = { 204 "ESP100", 205 "ESP100A", 206 "ESP200", 207 "NCR53C94", 208 "NCR53C96", 209 "ESP406", 210 "FAS408", 211 "FAS216", 212 "AM53C974", 213 "FAS366/HME", 214 "NCR53C90 (86C01)", 215 "FAS100A", 216 "FAS236", 217}; 218 219/* 220 * Search linked list for LUN info by LUN id. 221 */ 222static struct ncr53c9x_linfo * 223ncr53c9x_lunsearch(struct ncr53c9x_tinfo *ti, int64_t lun) 224{ 225 struct ncr53c9x_linfo *li; 226 227 LIST_FOREACH(li, &ti->luns, link) 228 if (li->lun == lun) 229 return (li); 230 return (NULL); 231} 232 233/* 234 * Attach this instance, and then all the sub-devices. 235 */ 236int 237ncr53c9x_attach(struct ncr53c9x_softc *sc) 238{ 239 struct cam_devq *devq; 240 struct cam_sim *sim; 241 struct cam_path *path; 242 struct ncr53c9x_ecb *ecb; 243 int error, i; 244 245 if (NCR_LOCK_INITIALIZED(sc) == 0) { 246 device_printf(sc->sc_dev, "mutex not initialized\n"); 247 return (ENXIO); 248 } 249 250 callout_init_mtx(&sc->sc_watchdog, &sc->sc_lock, 0); 251 252 /* 253 * Note, the front-end has set us up to print the chip variation. 254 */ 255 if (sc->sc_rev >= NCR_VARIANT_MAX) { 256 device_printf(sc->sc_dev, "unknown variant %d, devices not " 257 "attached\n", sc->sc_rev); 258 return (EINVAL); 259 } 260 261 device_printf(sc->sc_dev, "%s, %d MHz, SCSI ID %d\n", 262 ncr53c9x_variant_names[sc->sc_rev], sc->sc_freq, sc->sc_id); 263 264 sc->sc_ntarg = (sc->sc_rev == NCR_VARIANT_FAS366) ? 16 : 8; 265 266 /* 267 * Allocate SCSI message buffers. 268 * Front-ends can override allocation to avoid alignment 269 * handling in the DMA engines. Note that ncr53c9x_msgout() 270 * can request a 1 byte DMA transfer. 271 */ 272 if (sc->sc_omess == NULL) { 273 sc->sc_omess_self = 1; 274 sc->sc_omess = malloc(NCR_MAX_MSG_LEN, M_DEVBUF, M_NOWAIT); 275 if (sc->sc_omess == NULL) { 276 device_printf(sc->sc_dev, 277 "cannot allocate MSGOUT buffer\n"); 278 return (ENOMEM); 279 } 280 } else 281 sc->sc_omess_self = 0; 282 283 if (sc->sc_imess == NULL) { 284 sc->sc_imess_self = 1; 285 sc->sc_imess = malloc(NCR_MAX_MSG_LEN + 1, M_DEVBUF, M_NOWAIT); 286 if (sc->sc_imess == NULL) { 287 device_printf(sc->sc_dev, 288 "cannot allocate MSGIN buffer\n"); 289 error = ENOMEM; 290 goto fail_omess; 291 } 292 } else 293 sc->sc_imess_self = 0; 294 295 sc->sc_tinfo = malloc(sc->sc_ntarg * sizeof(sc->sc_tinfo[0]), 296 M_DEVBUF, M_NOWAIT | M_ZERO); 297 if (sc->sc_tinfo == NULL) { 298 device_printf(sc->sc_dev, 299 "cannot allocate target info buffer\n"); 300 error = ENOMEM; 301 goto fail_imess; 302 } 303 304 /* 305 * Treat NCR53C90 with the 86C01 DMA chip exactly as ESP100 306 * from now on. 307 */ 308 if (sc->sc_rev == NCR_VARIANT_NCR53C90_86C01) 309 sc->sc_rev = NCR_VARIANT_ESP100; 310 311 sc->sc_ccf = FREQTOCCF(sc->sc_freq); 312 313 /* The value *must not* be == 1. Make it 2. */ 314 if (sc->sc_ccf == 1) 315 sc->sc_ccf = 2; 316 317 /* 318 * The recommended timeout is 250ms. This register is loaded 319 * with a value calculated as follows, from the docs: 320 * 321 * (timeout period) x (CLK frequency) 322 * reg = ------------------------------------- 323 * 8192 x (Clock Conversion Factor) 324 * 325 * Since CCF has a linear relation to CLK, this generally computes 326 * to the constant of 153. 327 */ 328 sc->sc_timeout = ((250 * 1000) * sc->sc_freq) / (8192 * sc->sc_ccf); 329 330 /* The CCF register only has 3 bits; 0 is actually 8. */ 331 sc->sc_ccf &= 7; 332 333 /* 334 * Register with CAM. 335 */ 336 devq = cam_simq_alloc(sc->sc_ntarg); 337 if (devq == NULL) { 338 device_printf(sc->sc_dev, "cannot allocate device queue\n"); 339 error = ENOMEM; 340 goto fail_tinfo; 341 } 342 343 sim = cam_sim_alloc(ncr53c9x_action, ncr53c9x_poll, "esp", sc, 344 device_get_unit(sc->sc_dev), &sc->sc_lock, 1, NCR_TAG_DEPTH, devq); 345 if (sim == NULL) { 346 device_printf(sc->sc_dev, "cannot allocate SIM entry\n"); 347 error = ENOMEM; 348 goto fail_devq; 349 } 350 351 NCR_LOCK(sc); 352 353 if (xpt_bus_register(sim, sc->sc_dev, 0) != CAM_SUCCESS) { 354 device_printf(sc->sc_dev, "cannot register bus\n"); 355 error = EIO; 356 goto fail_lock; 357 } 358 359 if (xpt_create_path(&path, NULL, cam_sim_path(sim), 360 CAM_TARGET_WILDCARD, CAM_LUN_WILDCARD) != CAM_REQ_CMP) { 361 device_printf(sc->sc_dev, "cannot create path\n"); 362 error = EIO; 363 goto fail_bus; 364 } 365 366 if (xpt_register_async(AC_LOST_DEVICE, ncr53c9x_async, sim, path) != 367 CAM_REQ_CMP) { 368 device_printf(sc->sc_dev, "cannot register async handler\n"); 369 error = EIO; 370 goto fail_path; 371 } 372 373 sc->sc_sim = sim; 374 sc->sc_path = path; 375 376 /* Reset state and bus. */ 377#if 0 378 sc->sc_cfflags = sc->sc_dev.dv_cfdata->cf_flags; 379#else 380 sc->sc_cfflags = 0; 381#endif 382 sc->sc_state = 0; 383 ncr53c9x_init(sc, 1); 384 385 TAILQ_INIT(&sc->free_list); 386 if ((sc->ecb_array = 387 malloc(sizeof(struct ncr53c9x_ecb) * NCR_TAG_DEPTH, M_DEVBUF, 388 M_NOWAIT | M_ZERO)) == NULL) { 389 device_printf(sc->sc_dev, "cannot allocate ECB array\n"); 390 error = ENOMEM; 391 goto fail_async; 392 } 393 for (i = 0; i < NCR_TAG_DEPTH; i++) { 394 ecb = &sc->ecb_array[i]; 395 ecb->sc = sc; 396 ecb->tag_id = i; 397 callout_init_mtx(&ecb->ch, &sc->sc_lock, 0); 398 TAILQ_INSERT_HEAD(&sc->free_list, ecb, free_links); 399 } 400 401 callout_reset(&sc->sc_watchdog, 60 * hz, ncr53c9x_watch, sc); 402 403 NCR_UNLOCK(sc); 404 405 gone_in_dev(sc->sc_dev, 13, "esp(4) driver"); 406 return (0); 407 408fail_async: 409 xpt_register_async(0, ncr53c9x_async, sim, path); 410fail_path: 411 xpt_free_path(path); 412fail_bus: 413 xpt_bus_deregister(cam_sim_path(sim)); 414fail_lock: 415 NCR_UNLOCK(sc); 416 cam_sim_free(sim, TRUE); 417fail_devq: 418 cam_simq_free(devq); 419fail_tinfo: 420 free(sc->sc_tinfo, M_DEVBUF); 421fail_imess: 422 if (sc->sc_imess_self) 423 free(sc->sc_imess, M_DEVBUF); 424fail_omess: 425 if (sc->sc_omess_self) 426 free(sc->sc_omess, M_DEVBUF); 427 return (error); 428} 429 430int 431ncr53c9x_detach(struct ncr53c9x_softc *sc) 432{ 433 struct ncr53c9x_linfo *li, *nextli; 434 int t; 435 436 callout_drain(&sc->sc_watchdog); 437 438 NCR_LOCK(sc); 439 440 if (sc->sc_tinfo) { 441 /* Cancel all commands. */ 442 ncr53c9x_clear(sc, CAM_REQ_ABORTED); 443 444 /* Free logical units. */ 445 for (t = 0; t < sc->sc_ntarg; t++) { 446 for (li = LIST_FIRST(&sc->sc_tinfo[t].luns); li; 447 li = nextli) { 448 nextli = LIST_NEXT(li, link); 449 free(li, M_DEVBUF); 450 } 451 } 452 } 453 454 xpt_register_async(0, ncr53c9x_async, sc->sc_sim, sc->sc_path); 455 xpt_free_path(sc->sc_path); 456 xpt_bus_deregister(cam_sim_path(sc->sc_sim)); 457 cam_sim_free(sc->sc_sim, TRUE); 458 459 NCR_UNLOCK(sc); 460 461 free(sc->ecb_array, M_DEVBUF); 462 free(sc->sc_tinfo, M_DEVBUF); 463 if (sc->sc_imess_self) 464 free(sc->sc_imess, M_DEVBUF); 465 if (sc->sc_omess_self) 466 free(sc->sc_omess, M_DEVBUF); 467 468 return (0); 469} 470 471/* 472 * This is the generic ncr53c9x reset function. It does not reset the SCSI 473 * bus, only this controller, but kills any on-going commands, and also stops 474 * and resets the DMA. 475 * 476 * After reset, registers are loaded with the defaults from the attach 477 * routine above. 478 */ 479static void 480ncr53c9x_reset(struct ncr53c9x_softc *sc) 481{ 482 483 NCR_LOCK_ASSERT(sc, MA_OWNED); 484 485 /* Reset DMA first. */ 486 NCRDMA_RESET(sc); 487 488 /* Reset SCSI chip. */ 489 NCRCMD(sc, NCRCMD_RSTCHIP); 490 NCRCMD(sc, NCRCMD_NOP); 491 DELAY(500); 492 493 /* Do these backwards, and fall through. */ 494 switch (sc->sc_rev) { 495 case NCR_VARIANT_ESP406: 496 case NCR_VARIANT_FAS408: 497 NCR_WRITE_REG(sc, NCR_CFG5, sc->sc_cfg5 | NCRCFG5_SINT); 498 NCR_WRITE_REG(sc, NCR_CFG4, sc->sc_cfg4); 499 /* FALLTHROUGH */ 500 case NCR_VARIANT_AM53C974: 501 case NCR_VARIANT_FAS100A: 502 case NCR_VARIANT_FAS216: 503 case NCR_VARIANT_FAS236: 504 case NCR_VARIANT_NCR53C94: 505 case NCR_VARIANT_NCR53C96: 506 case NCR_VARIANT_ESP200: 507 sc->sc_features |= NCR_F_HASCFG3; 508 NCR_WRITE_REG(sc, NCR_CFG3, sc->sc_cfg3); 509 /* FALLTHROUGH */ 510 case NCR_VARIANT_ESP100A: 511 sc->sc_features |= NCR_F_SELATN3; 512 if ((sc->sc_cfg2 & NCRCFG2_FE) != 0) 513 sc->sc_features |= NCR_F_LARGEXFER; 514 NCR_WRITE_REG(sc, NCR_CFG2, sc->sc_cfg2); 515 /* FALLTHROUGH */ 516 case NCR_VARIANT_ESP100: 517 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1); 518 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf); 519 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0); 520 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout); 521 break; 522 523 case NCR_VARIANT_FAS366: 524 sc->sc_features |= NCR_F_HASCFG3 | NCR_F_FASTSCSI | 525 NCR_F_SELATN3 | NCR_F_LARGEXFER; 526 sc->sc_cfg3 = NCRFASCFG3_FASTCLK | NCRFASCFG3_OBAUTO; 527 if (sc->sc_id > 7) 528 sc->sc_cfg3 |= NCRFASCFG3_IDBIT3; 529 sc->sc_cfg3_fscsi = NCRFASCFG3_FASTSCSI; 530 NCR_WRITE_REG(sc, NCR_CFG3, sc->sc_cfg3); 531 sc->sc_cfg2 = NCRCFG2_HMEFE | NCRCFG2_HME32; 532 NCR_WRITE_REG(sc, NCR_CFG2, sc->sc_cfg2); 533 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1); 534 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf); 535 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0); 536 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout); 537 break; 538 539 default: 540 device_printf(sc->sc_dev, 541 "unknown revision code, assuming ESP100\n"); 542 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1); 543 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf); 544 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0); 545 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout); 546 } 547 548 if (sc->sc_rev == NCR_VARIANT_AM53C974) 549 NCR_WRITE_REG(sc, NCR_AMDCFG4, sc->sc_cfg4); 550 551#if 0 552 device_printf(sc->sc_dev, "%s: revision %d\n", __func__, sc->sc_rev); 553 device_printf(sc->sc_dev, "%s: cfg1 0x%x, cfg2 0x%x, cfg3 0x%x, ccf " 554 "0x%x, timeout 0x%x\n", __func__, sc->sc_cfg1, sc->sc_cfg2, 555 sc->sc_cfg3, sc->sc_ccf, sc->sc_timeout); 556#endif 557} 558 559/* 560 * Clear all commands. 561 */ 562static void 563ncr53c9x_clear(struct ncr53c9x_softc *sc, cam_status result) 564{ 565 struct ncr53c9x_ecb *ecb; 566 int r; 567 568 NCR_LOCK_ASSERT(sc, MA_OWNED); 569 570 /* Cancel any active commands. */ 571 sc->sc_state = NCR_CLEANING; 572 sc->sc_msgify = 0; 573 ecb = sc->sc_nexus; 574 if (ecb != NULL) { 575 ecb->ccb->ccb_h.status = result; 576 ncr53c9x_done(sc, ecb); 577 } 578 /* Cancel outstanding disconnected commands. */ 579 for (r = 0; r < sc->sc_ntarg; r++) 580 ncr53c9x_clear_target(sc, r, result); 581} 582 583/* 584 * Clear all commands for a specific target. 585 */ 586static void 587ncr53c9x_clear_target(struct ncr53c9x_softc *sc, int target, 588 cam_status result) 589{ 590 struct ncr53c9x_ecb *ecb; 591 struct ncr53c9x_linfo *li; 592 int i; 593 594 NCR_LOCK_ASSERT(sc, MA_OWNED); 595 596 /* Cancel outstanding disconnected commands on each LUN. */ 597 LIST_FOREACH(li, &sc->sc_tinfo[target].luns, link) { 598 ecb = li->untagged; 599 if (ecb != NULL) { 600 li->untagged = NULL; 601 /* 602 * XXX should we terminate a command 603 * that never reached the disk? 604 */ 605 li->busy = 0; 606 ecb->ccb->ccb_h.status = result; 607 ncr53c9x_done(sc, ecb); 608 } 609 for (i = 0; i < NCR_TAG_DEPTH; i++) { 610 ecb = li->queued[i]; 611 if (ecb != NULL) { 612 li->queued[i] = NULL; 613 ecb->ccb->ccb_h.status = result; 614 ncr53c9x_done(sc, ecb); 615 } 616 } 617 li->used = 0; 618 } 619} 620 621/* 622 * Initialize ncr53c9x state machine. 623 */ 624static void 625ncr53c9x_init(struct ncr53c9x_softc *sc, int doreset) 626{ 627 struct ncr53c9x_tinfo *ti; 628 int r; 629 630 NCR_LOCK_ASSERT(sc, MA_OWNED); 631 632 NCR_MISC(("[NCR_INIT(%d) %d] ", doreset, sc->sc_state)); 633 634 if (sc->sc_state == 0) { 635 /* First time through; initialize. */ 636 637 TAILQ_INIT(&sc->ready_list); 638 sc->sc_nexus = NULL; 639 memset(sc->sc_tinfo, 0, sizeof(*sc->sc_tinfo)); 640 for (r = 0; r < sc->sc_ntarg; r++) { 641 LIST_INIT(&sc->sc_tinfo[r].luns); 642 } 643 } else 644 ncr53c9x_clear(sc, CAM_CMD_TIMEOUT); 645 646 /* 647 * Reset the chip to a known state. 648 */ 649 ncr53c9x_reset(sc); 650 651 sc->sc_flags = 0; 652 sc->sc_msgpriq = sc->sc_msgout = sc->sc_msgoutq = 0; 653 sc->sc_phase = sc->sc_prevphase = INVALID_PHASE; 654 655 /* 656 * If we're the first time through, set the default parameters 657 * for all targets. Otherwise we only clear their current transfer 658 * settings so we'll renegotiate their goal settings with the next 659 * command. 660 */ 661 if (sc->sc_state == 0) { 662 for (r = 0; r < sc->sc_ntarg; r++) { 663 ti = &sc->sc_tinfo[r]; 664/* XXX - config flags per target: low bits: no reselect; high bits: no synch */ 665 666 ti->flags = ((sc->sc_minsync != 0 && 667 (sc->sc_cfflags & (1 << ((r & 7) + 8))) == 0) ? 668 0 : T_SYNCHOFF) | 669 ((sc->sc_cfflags & (1 << (r & 7))) == 0 ? 670 0 : T_RSELECTOFF); 671 ti->curr.period = ti->goal.period = 0; 672 ti->curr.offset = ti->goal.offset = 0; 673 ti->curr.width = ti->goal.width = 674 MSG_EXT_WDTR_BUS_8_BIT; 675 } 676 } else { 677 for (r = 0; r < sc->sc_ntarg; r++) { 678 ti = &sc->sc_tinfo[r]; 679 ti->flags &= ~(T_SDTRSENT | T_WDTRSENT); 680 ti->curr.period = 0; 681 ti->curr.offset = 0; 682 ti->curr.width = MSG_EXT_WDTR_BUS_8_BIT; 683 } 684 } 685 686 if (doreset) { 687 sc->sc_state = NCR_SBR; 688 NCRCMD(sc, NCRCMD_RSTSCSI); 689 /* Give the bus a fighting chance to settle. */ 690 DELAY(250000); 691 } else { 692 sc->sc_state = NCR_IDLE; 693 ncr53c9x_sched(sc); 694 } 695} 696 697/* 698 * Read the NCR registers, and save their contents for later use. 699 * NCR_STAT, NCR_STEP & NCR_INTR are mostly zeroed out when reading 700 * NCR_INTR - so make sure it is the last read. 701 * 702 * I think that (from reading the docs) most bits in these registers 703 * only make sense when the DMA CSR has an interrupt showing. Call only 704 * if an interrupt is pending. 705 */ 706static inline void 707ncr53c9x_readregs(struct ncr53c9x_softc *sc) 708{ 709 710 NCR_LOCK_ASSERT(sc, MA_OWNED); 711 712 sc->sc_espstat = NCR_READ_REG(sc, NCR_STAT); 713 /* Only the step bits are of interest. */ 714 sc->sc_espstep = NCR_READ_REG(sc, NCR_STEP) & NCRSTEP_MASK; 715 716 if (sc->sc_rev == NCR_VARIANT_FAS366) 717 sc->sc_espstat2 = NCR_READ_REG(sc, NCR_STAT2); 718 719 sc->sc_espintr = NCR_READ_REG(sc, NCR_INTR); 720 721 /* 722 * Determine the SCSI bus phase, return either a real SCSI bus phase 723 * or some pseudo phase we use to detect certain exceptions. 724 */ 725 sc->sc_phase = (sc->sc_espintr & NCRINTR_DIS) ? 726 BUSFREE_PHASE : sc->sc_espstat & NCRSTAT_PHASE; 727 728 NCR_INTS(("regs[intr=%02x,stat=%02x,step=%02x,stat2=%02x] ", 729 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep, sc->sc_espstat2)); 730} 731 732/* 733 * Convert Synchronous Transfer Period to chip register Clock Per Byte value. 734 */ 735static inline int 736ncr53c9x_stp2cpb(struct ncr53c9x_softc *sc, int period) 737{ 738 int v; 739 740 NCR_LOCK_ASSERT(sc, MA_OWNED); 741 742 v = (sc->sc_freq * period) / 250; 743 if (ncr53c9x_cpb2stp(sc, v) < period) 744 /* Correct round-down error. */ 745 v++; 746 return (v); 747} 748 749static inline void 750ncr53c9x_setsync(struct ncr53c9x_softc *sc, struct ncr53c9x_tinfo *ti) 751{ 752 uint8_t cfg3, syncoff, synctp; 753 754 NCR_LOCK_ASSERT(sc, MA_OWNED); 755 756 cfg3 = sc->sc_cfg3; 757 if (ti->curr.offset != 0) { 758 syncoff = ti->curr.offset; 759 synctp = ncr53c9x_stp2cpb(sc, ti->curr.period); 760 if (sc->sc_features & NCR_F_FASTSCSI) { 761 /* 762 * If the period is 200ns or less (ti->period <= 50), 763 * put the chip in Fast SCSI mode. 764 */ 765 if (ti->curr.period <= 50) 766 /* 767 * There are (at least) 4 variations of the 768 * configuration 3 register. The drive attach 769 * routine sets the appropriate bit to put the 770 * chip into Fast SCSI mode so that it doesn't 771 * have to be figured out here each time. 772 */ 773 cfg3 |= sc->sc_cfg3_fscsi; 774 } 775 776 /* 777 * Am53c974 requires different SYNCTP values when the 778 * FSCSI bit is off. 779 */ 780 if (sc->sc_rev == NCR_VARIANT_AM53C974 && 781 (cfg3 & NCRAMDCFG3_FSCSI) == 0) 782 synctp--; 783 } else { 784 syncoff = 0; 785 synctp = 0; 786 } 787 788 if (ti->curr.width != MSG_EXT_WDTR_BUS_8_BIT) { 789 if (sc->sc_rev == NCR_VARIANT_FAS366) 790 cfg3 |= NCRFASCFG3_EWIDE; 791 } 792 793 if (sc->sc_features & NCR_F_HASCFG3) 794 NCR_WRITE_REG(sc, NCR_CFG3, cfg3); 795 796 NCR_WRITE_REG(sc, NCR_SYNCOFF, syncoff); 797 NCR_WRITE_REG(sc, NCR_SYNCTP, synctp); 798} 799 800/* 801 * Send a command to a target, set the driver state to NCR_SELECTING 802 * and let the caller take care of the rest. 803 * 804 * Keeping this as a function allows me to say that this may be done 805 * by DMA instead of programmed I/O soon. 806 */ 807static void 808ncr53c9x_select(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 809{ 810 struct ncr53c9x_tinfo *ti; 811 uint8_t *cmd; 812 size_t dmasize; 813 int clen, error, selatn3, selatns; 814 int lun = ecb->ccb->ccb_h.target_lun; 815 int target = ecb->ccb->ccb_h.target_id; 816 817 NCR_LOCK_ASSERT(sc, MA_OWNED); 818 819 NCR_TRACE(("[%s(t%d,l%d,cmd:%x,tag:%x,%x)] ", __func__, target, lun, 820 ecb->cmd.cmd.opcode, ecb->tag[0], ecb->tag[1])); 821 822 ti = &sc->sc_tinfo[target]; 823 sc->sc_state = NCR_SELECTING; 824 /* 825 * Schedule the callout now, the first time we will go away 826 * expecting to come back due to an interrupt, because it is 827 * always possible that the interrupt may never happen. 828 */ 829 callout_reset(&ecb->ch, mstohz(ecb->timeout), ncr53c9x_callout, ecb); 830 831 /* 832 * The docs say the target register is never reset, and I 833 * can't think of a better place to set it. 834 */ 835 if (sc->sc_rev == NCR_VARIANT_FAS366) { 836 NCRCMD(sc, NCRCMD_FLUSH); 837 NCR_WRITE_REG(sc, NCR_SELID, target | NCR_BUSID_HMEXC32 | 838 NCR_BUSID_HMEENCID); 839 } else 840 NCR_WRITE_REG(sc, NCR_SELID, target); 841 842 /* 843 * If we are requesting sense, force a renegotiation if we are 844 * currently using anything different from asynchronous at 8 bit 845 * as the target might have lost our transfer negotiations. 846 */ 847 if ((ecb->flags & ECB_SENSE) != 0 && (ti->curr.offset != 0 || 848 ti->curr.width != MSG_EXT_WDTR_BUS_8_BIT)) { 849 ti->curr.period = 0; 850 ti->curr.offset = 0; 851 ti->curr.width = MSG_EXT_WDTR_BUS_8_BIT; 852 } 853 ncr53c9x_setsync(sc, ti); 854 855 selatn3 = selatns = 0; 856 if (ecb->tag[0] != 0) { 857 if (sc->sc_features & NCR_F_SELATN3) 858 /* Use SELATN3 to send tag messages. */ 859 selatn3 = 1; 860 else 861 /* We don't have SELATN3; use SELATNS to send tags. */ 862 selatns = 1; 863 } 864 865 if (ti->curr.period != ti->goal.period || 866 ti->curr.offset != ti->goal.offset || 867 ti->curr.width != ti->goal.width) { 868 /* We have to use SELATNS to send sync/wide messages. */ 869 selatn3 = 0; 870 selatns = 1; 871 } 872 873 cmd = (uint8_t *)&ecb->cmd.cmd; 874 875 if (selatn3) { 876 /* We'll use tags with SELATN3. */ 877 clen = ecb->clen + 3; 878 cmd -= 3; 879 cmd[0] = MSG_IDENTIFY(lun, 1); /* msg[0] */ 880 cmd[1] = ecb->tag[0]; /* msg[1] */ 881 cmd[2] = ecb->tag[1]; /* msg[2] */ 882 } else { 883 /* We don't have tags, or will send messages with SELATNS. */ 884 clen = ecb->clen + 1; 885 cmd -= 1; 886 cmd[0] = MSG_IDENTIFY(lun, (ti->flags & T_RSELECTOFF) == 0); 887 } 888 889 if ((sc->sc_features & NCR_F_DMASELECT) && !selatns) { 890 /* Setup DMA transfer for command. */ 891 dmasize = clen; 892 sc->sc_cmdlen = clen; 893 sc->sc_cmdp = cmd; 894 error = NCRDMA_SETUP(sc, &sc->sc_cmdp, &sc->sc_cmdlen, 0, 895 &dmasize); 896 if (error != 0) 897 goto cmd; 898 899 /* Program the SCSI counter. */ 900 NCR_SET_COUNT(sc, dmasize); 901 902 /* Load the count in. */ 903 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 904 905 /* And get the target's attention. */ 906 if (selatn3) { 907 sc->sc_msgout = SEND_TAG; 908 sc->sc_flags |= NCR_ATN; 909 NCRCMD(sc, NCRCMD_SELATN3 | NCRCMD_DMA); 910 } else 911 NCRCMD(sc, NCRCMD_SELATN | NCRCMD_DMA); 912 NCRDMA_GO(sc); 913 return; 914 } 915 916cmd: 917 /* 918 * Who am I? This is where we tell the target that we are 919 * happy for it to disconnect etc. 920 */ 921 922 /* Now get the command into the FIFO. */ 923 sc->sc_cmdlen = 0; 924 ncr53c9x_wrfifo(sc, cmd, clen); 925 926 /* And get the target's attention. */ 927 if (selatns) { 928 NCR_MSGS(("SELATNS \n")); 929 /* Arbitrate, select and stop after IDENTIFY message. */ 930 NCRCMD(sc, NCRCMD_SELATNS); 931 } else if (selatn3) { 932 sc->sc_msgout = SEND_TAG; 933 sc->sc_flags |= NCR_ATN; 934 NCRCMD(sc, NCRCMD_SELATN3); 935 } else 936 NCRCMD(sc, NCRCMD_SELATN); 937} 938 939static void 940ncr53c9x_free_ecb(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 941{ 942 943 NCR_LOCK_ASSERT(sc, MA_OWNED); 944 945 ecb->flags = 0; 946 TAILQ_INSERT_TAIL(&sc->free_list, ecb, free_links); 947} 948 949static struct ncr53c9x_ecb * 950ncr53c9x_get_ecb(struct ncr53c9x_softc *sc) 951{ 952 struct ncr53c9x_ecb *ecb; 953 954 NCR_LOCK_ASSERT(sc, MA_OWNED); 955 956 ecb = TAILQ_FIRST(&sc->free_list); 957 if (ecb) { 958 if (ecb->flags != 0) 959 panic("%s: ecb flags not cleared", __func__); 960 TAILQ_REMOVE(&sc->free_list, ecb, free_links); 961 ecb->flags = ECB_ALLOC; 962 bzero(&ecb->ccb, sizeof(struct ncr53c9x_ecb) - 963 offsetof(struct ncr53c9x_ecb, ccb)); 964 } 965 return (ecb); 966} 967 968/* 969 * DRIVER FUNCTIONS CALLABLE FROM HIGHER LEVEL DRIVERS: 970 */ 971 972/* 973 * Start a SCSI-command. 974 * This function is called by the higher level SCSI-driver to queue/run 975 * SCSI-commands. 976 */ 977 978static void 979ncr53c9x_action(struct cam_sim *sim, union ccb *ccb) 980{ 981 struct ccb_pathinq *cpi; 982 struct ccb_scsiio *csio; 983 struct ccb_trans_settings *cts; 984 struct ccb_trans_settings_scsi *scsi; 985 struct ccb_trans_settings_spi *spi; 986 struct ncr53c9x_ecb *ecb; 987 struct ncr53c9x_softc *sc; 988 struct ncr53c9x_tinfo *ti; 989 int target; 990 991 sc = cam_sim_softc(sim); 992 993 NCR_LOCK_ASSERT(sc, MA_OWNED); 994 995 NCR_TRACE(("[%s %d]", __func__, ccb->ccb_h.func_code)); 996 997 switch (ccb->ccb_h.func_code) { 998 case XPT_RESET_BUS: 999 ncr53c9x_init(sc, 1); 1000 ccb->ccb_h.status = CAM_REQ_CMP; 1001 break; 1002 1003 case XPT_CALC_GEOMETRY: 1004 cam_calc_geometry(&ccb->ccg, sc->sc_extended_geom); 1005 break; 1006 1007 case XPT_PATH_INQ: 1008 cpi = &ccb->cpi; 1009 cpi->version_num = 1; 1010 cpi->hba_inquiry = PI_SDTR_ABLE | PI_TAG_ABLE; 1011 cpi->hba_inquiry |= 1012 (sc->sc_rev == NCR_VARIANT_FAS366) ? PI_WIDE_16 : 0; 1013 cpi->target_sprt = 0; 1014 cpi->hba_misc = 0; 1015 cpi->hba_eng_cnt = 0; 1016 cpi->max_target = sc->sc_ntarg - 1; 1017 cpi->max_lun = 7; 1018 cpi->initiator_id = sc->sc_id; 1019 strlcpy(cpi->sim_vid, "FreeBSD", SIM_IDLEN); 1020 strlcpy(cpi->hba_vid, "NCR", HBA_IDLEN); 1021 strlcpy(cpi->dev_name, cam_sim_name(sim), DEV_IDLEN); 1022 cpi->unit_number = cam_sim_unit(sim); 1023 cpi->bus_id = 0; 1024 cpi->base_transfer_speed = 3300; 1025 cpi->protocol = PROTO_SCSI; 1026 cpi->protocol_version = SCSI_REV_2; 1027 cpi->transport = XPORT_SPI; 1028 cpi->transport_version = 2; 1029 cpi->maxio = sc->sc_maxxfer; 1030 ccb->ccb_h.status = CAM_REQ_CMP; 1031 break; 1032 1033 case XPT_GET_TRAN_SETTINGS: 1034 cts = &ccb->cts; 1035 ti = &sc->sc_tinfo[ccb->ccb_h.target_id]; 1036 scsi = &cts->proto_specific.scsi; 1037 spi = &cts->xport_specific.spi; 1038 1039 cts->protocol = PROTO_SCSI; 1040 cts->protocol_version = SCSI_REV_2; 1041 cts->transport = XPORT_SPI; 1042 cts->transport_version = 2; 1043 1044 if (cts->type == CTS_TYPE_CURRENT_SETTINGS) { 1045 spi->sync_period = ti->curr.period; 1046 spi->sync_offset = ti->curr.offset; 1047 spi->bus_width = ti->curr.width; 1048 if ((ti->flags & T_TAG) != 0) { 1049 spi->flags |= CTS_SPI_FLAGS_DISC_ENB; 1050 scsi->flags |= CTS_SCSI_FLAGS_TAG_ENB; 1051 } else { 1052 spi->flags &= ~CTS_SPI_FLAGS_DISC_ENB; 1053 scsi->flags &= ~CTS_SCSI_FLAGS_TAG_ENB; 1054 } 1055 } else { 1056 if ((ti->flags & T_SYNCHOFF) != 0) { 1057 spi->sync_period = 0; 1058 spi->sync_offset = 0; 1059 } else { 1060 spi->sync_period = sc->sc_minsync; 1061 spi->sync_offset = sc->sc_maxoffset; 1062 } 1063 spi->bus_width = sc->sc_maxwidth; 1064 spi->flags |= CTS_SPI_FLAGS_DISC_ENB; 1065 scsi->flags |= CTS_SCSI_FLAGS_TAG_ENB; 1066 } 1067 spi->valid = 1068 CTS_SPI_VALID_BUS_WIDTH | 1069 CTS_SPI_VALID_SYNC_RATE | 1070 CTS_SPI_VALID_SYNC_OFFSET | 1071 CTS_SPI_VALID_DISC; 1072 scsi->valid = CTS_SCSI_VALID_TQ; 1073 ccb->ccb_h.status = CAM_REQ_CMP; 1074 break; 1075 1076 case XPT_ABORT: 1077 device_printf(sc->sc_dev, "XPT_ABORT called\n"); 1078 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL; 1079 break; 1080 1081 case XPT_TERM_IO: 1082 device_printf(sc->sc_dev, "XPT_TERM_IO called\n"); 1083 ccb->ccb_h.status = CAM_FUNC_NOTAVAIL; 1084 break; 1085 1086 case XPT_RESET_DEV: 1087 case XPT_SCSI_IO: 1088 if (ccb->ccb_h.target_id >= sc->sc_ntarg) { 1089 ccb->ccb_h.status = CAM_PATH_INVALID; 1090 goto done; 1091 } 1092 /* Get an ECB to use. */ 1093 ecb = ncr53c9x_get_ecb(sc); 1094 /* 1095 * This should never happen as we track resources 1096 * in the mid-layer. 1097 */ 1098 if (ecb == NULL) { 1099 xpt_freeze_simq(sim, 1); 1100 ccb->ccb_h.status = CAM_REQUEUE_REQ; 1101 device_printf(sc->sc_dev, "unable to allocate ecb\n"); 1102 goto done; 1103 } 1104 1105 /* Initialize ecb. */ 1106 ecb->ccb = ccb; 1107 ecb->timeout = ccb->ccb_h.timeout; 1108 1109 if (ccb->ccb_h.func_code == XPT_RESET_DEV) { 1110 ecb->flags |= ECB_RESET; 1111 ecb->clen = 0; 1112 ecb->dleft = 0; 1113 } else { 1114 csio = &ccb->csio; 1115 if ((ccb->ccb_h.flags & CAM_CDB_POINTER) != 0) 1116 bcopy(csio->cdb_io.cdb_ptr, &ecb->cmd.cmd, 1117 csio->cdb_len); 1118 else 1119 bcopy(csio->cdb_io.cdb_bytes, &ecb->cmd.cmd, 1120 csio->cdb_len); 1121 ecb->clen = csio->cdb_len; 1122 ecb->daddr = csio->data_ptr; 1123 ecb->dleft = csio->dxfer_len; 1124 } 1125 ecb->stat = 0; 1126 1127 TAILQ_INSERT_TAIL(&sc->ready_list, ecb, chain); 1128 ecb->flags |= ECB_READY; 1129 if (sc->sc_state == NCR_IDLE) 1130 ncr53c9x_sched(sc); 1131 return; 1132 1133 case XPT_SET_TRAN_SETTINGS: 1134 cts = &ccb->cts; 1135 target = ccb->ccb_h.target_id; 1136 ti = &sc->sc_tinfo[target]; 1137 scsi = &cts->proto_specific.scsi; 1138 spi = &cts->xport_specific.spi; 1139 1140 if ((scsi->valid & CTS_SCSI_VALID_TQ) != 0) { 1141 if ((sc->sc_cfflags & (1<<((target & 7) + 16))) == 0 && 1142 (scsi->flags & CTS_SCSI_FLAGS_TAG_ENB)) { 1143 NCR_MISC(("%s: target %d: tagged queuing\n", 1144 device_get_nameunit(sc->sc_dev), target)); 1145 ti->flags |= T_TAG; 1146 } else 1147 ti->flags &= ~T_TAG; 1148 } 1149 1150 if ((spi->valid & CTS_SPI_VALID_BUS_WIDTH) != 0) { 1151 NCR_MISC(("%s: target %d: wide negotiation\n", 1152 device_get_nameunit(sc->sc_dev), target)); 1153 ti->goal.width = spi->bus_width; 1154 } 1155 1156 if ((spi->valid & CTS_SPI_VALID_SYNC_RATE) != 0) { 1157 NCR_MISC(("%s: target %d: sync period negotiation\n", 1158 device_get_nameunit(sc->sc_dev), target)); 1159 ti->goal.period = spi->sync_period; 1160 } 1161 1162 if ((spi->valid & CTS_SPI_VALID_SYNC_OFFSET) != 0) { 1163 NCR_MISC(("%s: target %d: sync offset negotiation\n", 1164 device_get_nameunit(sc->sc_dev), target)); 1165 ti->goal.offset = spi->sync_offset; 1166 } 1167 1168 ccb->ccb_h.status = CAM_REQ_CMP; 1169 break; 1170 1171 default: 1172 device_printf(sc->sc_dev, "Unhandled function code %d\n", 1173 ccb->ccb_h.func_code); 1174 ccb->ccb_h.status = CAM_PROVIDE_FAIL; 1175 } 1176 1177done: 1178 xpt_done(ccb); 1179} 1180 1181/* 1182 * Used when interrupt driven I/O is not allowed, e.g. during boot. 1183 */ 1184static void 1185ncr53c9x_poll(struct cam_sim *sim) 1186{ 1187 struct ncr53c9x_softc *sc; 1188 1189 sc = cam_sim_softc(sim); 1190 1191 NCR_LOCK_ASSERT(sc, MA_OWNED); 1192 1193 NCR_TRACE(("[%s] ", __func__)); 1194 1195 if (NCRDMA_ISINTR(sc)) 1196 ncr53c9x_intr1(sc); 1197} 1198 1199/* 1200 * Asynchronous notification handler 1201 */ 1202static void 1203ncr53c9x_async(void *cbarg, uint32_t code, struct cam_path *path, void *arg) 1204{ 1205 struct ncr53c9x_softc *sc; 1206 struct ncr53c9x_tinfo *ti; 1207 int target; 1208 1209 sc = cam_sim_softc(cbarg); 1210 1211 NCR_LOCK_ASSERT(sc, MA_OWNED); 1212 1213 switch (code) { 1214 case AC_LOST_DEVICE: 1215 target = xpt_path_target_id(path); 1216 if (target < 0 || target >= sc->sc_ntarg) 1217 break; 1218 1219 /* Cancel outstanding disconnected commands. */ 1220 ncr53c9x_clear_target(sc, target, CAM_REQ_ABORTED); 1221 1222 /* Set the default parameters for the target. */ 1223 ti = &sc->sc_tinfo[target]; 1224/* XXX - config flags per target: low bits: no reselect; high bits: no synch */ 1225 ti->flags = ((sc->sc_minsync != 0 && 1226 (sc->sc_cfflags & (1 << ((target & 7) + 8))) == 0) ? 1227 0 : T_SYNCHOFF) | 1228 ((sc->sc_cfflags & (1 << (target & 7))) == 0 ? 1229 0 : T_RSELECTOFF); 1230 ti->curr.period = ti->goal.period = 0; 1231 ti->curr.offset = ti->goal.offset = 0; 1232 ti->curr.width = ti->goal.width = MSG_EXT_WDTR_BUS_8_BIT; 1233 break; 1234 } 1235} 1236 1237/* 1238 * LOW LEVEL SCSI UTILITIES 1239 */ 1240 1241/* 1242 * Schedule a SCSI operation. This has now been pulled out of the interrupt 1243 * handler so that we may call it from ncr53c9x_action and ncr53c9x_done. 1244 * This may save us an unnecessary interrupt just to get things going. 1245 * Should only be called when state == NCR_IDLE and with sc_lock held. 1246 */ 1247static void 1248ncr53c9x_sched(struct ncr53c9x_softc *sc) 1249{ 1250 struct ncr53c9x_ecb *ecb; 1251 struct ncr53c9x_linfo *li; 1252 struct ncr53c9x_tinfo *ti; 1253 int lun, tag; 1254 1255 NCR_LOCK_ASSERT(sc, MA_OWNED); 1256 1257 NCR_TRACE(("[%s] ", __func__)); 1258 1259 if (sc->sc_state != NCR_IDLE) 1260 panic("%s: not IDLE (state=%d)", __func__, sc->sc_state); 1261 1262 /* 1263 * Find first ecb in ready queue that is for a target/lunit 1264 * combinations that is not busy. 1265 */ 1266 TAILQ_FOREACH(ecb, &sc->ready_list, chain) { 1267 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 1268 lun = ecb->ccb->ccb_h.target_lun; 1269 1270 /* Select type of tag for this command */ 1271 if ((ti->flags & (T_RSELECTOFF | T_TAG)) != T_TAG) 1272 tag = 0; 1273 else if ((ecb->flags & ECB_SENSE) != 0) 1274 tag = 0; 1275 else if ((ecb->ccb->ccb_h.flags & CAM_TAG_ACTION_VALID) == 0) 1276 tag = 0; 1277 else if (ecb->ccb->csio.tag_action == CAM_TAG_ACTION_NONE) 1278 tag = 0; 1279 else 1280 tag = ecb->ccb->csio.tag_action; 1281 1282 li = TINFO_LUN(ti, lun); 1283 if (li == NULL) { 1284 /* Initialize LUN info and add to list. */ 1285 li = malloc(sizeof(*li), M_DEVBUF, M_NOWAIT | M_ZERO); 1286 if (li == NULL) 1287 continue; 1288 li->lun = lun; 1289 1290 LIST_INSERT_HEAD(&ti->luns, li, link); 1291 if (lun < NCR_NLUN) 1292 ti->lun[lun] = li; 1293 } 1294 li->last_used = time_second; 1295 if (tag == 0) { 1296 /* Try to issue this as an untagged command. */ 1297 if (li->untagged == NULL) 1298 li->untagged = ecb; 1299 } 1300 if (li->untagged != NULL) { 1301 tag = 0; 1302 if ((li->busy != 1) && li->used == 0) { 1303 /* 1304 * We need to issue this untagged command 1305 * now. 1306 */ 1307 ecb = li->untagged; 1308 } else { 1309 /* not ready, yet */ 1310 continue; 1311 } 1312 } 1313 ecb->tag[0] = tag; 1314 if (tag != 0) { 1315 li->queued[ecb->tag_id] = ecb; 1316 ecb->tag[1] = ecb->tag_id; 1317 li->used++; 1318 } 1319 if (li->untagged != NULL && (li->busy != 1)) { 1320 li->busy = 1; 1321 TAILQ_REMOVE(&sc->ready_list, ecb, chain); 1322 ecb->flags &= ~ECB_READY; 1323 sc->sc_nexus = ecb; 1324 ncr53c9x_select(sc, ecb); 1325 break; 1326 } 1327 if (li->untagged == NULL && tag != 0) { 1328 TAILQ_REMOVE(&sc->ready_list, ecb, chain); 1329 ecb->flags &= ~ECB_READY; 1330 sc->sc_nexus = ecb; 1331 ncr53c9x_select(sc, ecb); 1332 break; 1333 } else 1334 NCR_TRACE(("[%s %d:%d busy] \n", __func__, 1335 ecb->ccb->ccb_h.target_id, 1336 ecb->ccb->ccb_h.target_lun)); 1337 } 1338} 1339 1340static void 1341ncr53c9x_sense(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 1342{ 1343 union ccb *ccb = ecb->ccb; 1344 struct ncr53c9x_linfo *li; 1345 struct ncr53c9x_tinfo *ti; 1346 struct scsi_request_sense *ss = (void *)&ecb->cmd.cmd; 1347 int lun; 1348 1349 NCR_LOCK_ASSERT(sc, MA_OWNED); 1350 1351 NCR_TRACE(("[%s] ", __func__)); 1352 1353 lun = ccb->ccb_h.target_lun; 1354 ti = &sc->sc_tinfo[ccb->ccb_h.target_id]; 1355 1356 /* Next, setup a REQUEST SENSE command block. */ 1357 memset(ss, 0, sizeof(*ss)); 1358 ss->opcode = REQUEST_SENSE; 1359 ss->byte2 = ccb->ccb_h.target_lun << SCSI_CMD_LUN_SHIFT; 1360 ss->length = sizeof(struct scsi_sense_data); 1361 ecb->clen = sizeof(*ss); 1362 memset(&ccb->csio.sense_data, 0, sizeof(ccb->csio.sense_data)); 1363 ecb->daddr = (uint8_t *)&ccb->csio.sense_data; 1364 ecb->dleft = sizeof(struct scsi_sense_data); 1365 ecb->flags |= ECB_SENSE; 1366 ecb->timeout = NCR_SENSE_TIMEOUT; 1367 ti->senses++; 1368 li = TINFO_LUN(ti, lun); 1369 if (li->busy) 1370 li->busy = 0; 1371 ncr53c9x_dequeue(sc, ecb); 1372 li->untagged = ecb; /* Must be executed first to fix C/A. */ 1373 li->busy = 2; 1374 if (ecb == sc->sc_nexus) 1375 ncr53c9x_select(sc, ecb); 1376 else { 1377 TAILQ_INSERT_HEAD(&sc->ready_list, ecb, chain); 1378 ecb->flags |= ECB_READY; 1379 if (sc->sc_state == NCR_IDLE) 1380 ncr53c9x_sched(sc); 1381 } 1382} 1383 1384/* 1385 * POST PROCESSING OF SCSI_CMD (usually current) 1386 */ 1387static void 1388ncr53c9x_done(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 1389{ 1390 union ccb *ccb = ecb->ccb; 1391 struct ncr53c9x_linfo *li; 1392 struct ncr53c9x_tinfo *ti; 1393 int lun, sense_returned; 1394 1395 NCR_LOCK_ASSERT(sc, MA_OWNED); 1396 1397 NCR_TRACE(("[%s(status:%x)] ", __func__, ccb->ccb_h.status)); 1398 1399 ti = &sc->sc_tinfo[ccb->ccb_h.target_id]; 1400 lun = ccb->ccb_h.target_lun; 1401 li = TINFO_LUN(ti, lun); 1402 1403 callout_stop(&ecb->ch); 1404 1405 /* 1406 * Now, if we've come here with no error code, i.e. we've kept the 1407 * initial CAM_REQ_CMP, and the status code signals that we should 1408 * check sense, we'll need to set up a request sense cmd block and 1409 * push the command back into the ready queue *before* any other 1410 * commands for this target/lunit, else we lose the sense info. 1411 * We don't support chk sense conditions for the request sense cmd. 1412 */ 1413 if (ccb->ccb_h.status == CAM_REQ_CMP) { 1414 ccb->csio.scsi_status = ecb->stat; 1415 if ((ecb->flags & ECB_ABORT) != 0) 1416 ccb->ccb_h.status = CAM_CMD_TIMEOUT; 1417 else if ((ecb->flags & ECB_SENSE) != 0 && 1418 (ecb->stat != SCSI_STATUS_CHECK_COND)) { 1419 ccb->csio.scsi_status = SCSI_STATUS_CHECK_COND; 1420 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR | 1421 CAM_AUTOSNS_VALID; 1422 sense_returned = sizeof(ccb->csio.sense_data) - 1423 ecb->dleft; 1424 if (sense_returned < ccb->csio.sense_len) 1425 ccb->csio.sense_resid = ccb->csio.sense_len - 1426 sense_returned; 1427 else 1428 ccb->csio.sense_resid = 0; 1429 } else if (ecb->stat == SCSI_STATUS_CHECK_COND) { 1430 if ((ecb->flags & ECB_SENSE) != 0) 1431 ccb->ccb_h.status = CAM_AUTOSENSE_FAIL; 1432 else { 1433 /* First, save the return values. */ 1434 ccb->csio.resid = ecb->dleft; 1435 if ((ccb->ccb_h.flags & CAM_DIS_AUTOSENSE) == 1436 0) { 1437 ncr53c9x_sense(sc, ecb); 1438 return; 1439 } 1440 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR; 1441 } 1442 } else 1443 ccb->csio.resid = ecb->dleft; 1444 if (ecb->stat == SCSI_STATUS_QUEUE_FULL) 1445 ccb->ccb_h.status = CAM_SCSI_STATUS_ERROR; 1446 else if (ecb->stat == SCSI_STATUS_BUSY) 1447 ccb->ccb_h.status = CAM_SCSI_BUSY; 1448 } else if ((ccb->ccb_h.status & CAM_DEV_QFRZN) == 0) { 1449 ccb->ccb_h.status |= CAM_DEV_QFRZN; 1450 xpt_freeze_devq(ccb->ccb_h.path, 1); 1451 } 1452 1453#ifdef NCR53C9X_DEBUG 1454 if ((ncr53c9x_debug & NCR_SHOWTRAC) != 0) { 1455 if (ccb->csio.resid != 0) 1456 printf("resid=%d ", ccb->csio.resid); 1457 if ((ccb->ccb_h.status & CAM_AUTOSNS_VALID) != 0) 1458 printf("sense=0x%02x\n", 1459 ccb->csio.sense_data.error_code); 1460 else 1461 printf("status SCSI=0x%x CAM=0x%x\n", 1462 ccb->csio.scsi_status, ccb->ccb_h.status); 1463 } 1464#endif 1465 1466 /* 1467 * Remove the ECB from whatever queue it's on. 1468 */ 1469 ncr53c9x_dequeue(sc, ecb); 1470 if (ecb == sc->sc_nexus) { 1471 sc->sc_nexus = NULL; 1472 if (sc->sc_state != NCR_CLEANING) { 1473 sc->sc_state = NCR_IDLE; 1474 ncr53c9x_sched(sc); 1475 } 1476 } 1477 1478 if ((ccb->ccb_h.status & CAM_SEL_TIMEOUT) != 0) { 1479 /* Selection timeout -- discard this LUN if empty. */ 1480 if (li->untagged == NULL && li->used == 0) { 1481 if (lun < NCR_NLUN) 1482 ti->lun[lun] = NULL; 1483 LIST_REMOVE(li, link); 1484 free(li, M_DEVBUF); 1485 } 1486 } 1487 1488 ncr53c9x_free_ecb(sc, ecb); 1489 ti->cmds++; 1490 xpt_done(ccb); 1491} 1492 1493static void 1494ncr53c9x_dequeue(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 1495{ 1496 struct ncr53c9x_linfo *li; 1497 struct ncr53c9x_tinfo *ti; 1498 int64_t lun; 1499 1500 NCR_LOCK_ASSERT(sc, MA_OWNED); 1501 1502 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 1503 lun = ecb->ccb->ccb_h.target_lun; 1504 li = TINFO_LUN(ti, lun); 1505#ifdef DIAGNOSTIC 1506 if (li == NULL || li->lun != lun) 1507 panic("%s: lun %llx for ecb %p does not exist", __func__, 1508 (long long)lun, ecb); 1509#endif 1510 if (li->untagged == ecb) { 1511 li->busy = 0; 1512 li->untagged = NULL; 1513 } 1514 if (ecb->tag[0] && li->queued[ecb->tag[1]] != NULL) { 1515#ifdef DIAGNOSTIC 1516 if (li->queued[ecb->tag[1]] != NULL && 1517 (li->queued[ecb->tag[1]] != ecb)) 1518 panic("%s: slot %d for lun %llx has %p instead of ecb " 1519 "%p", __func__, ecb->tag[1], (long long)lun, 1520 li->queued[ecb->tag[1]], ecb); 1521#endif 1522 li->queued[ecb->tag[1]] = NULL; 1523 li->used--; 1524 } 1525 ecb->tag[0] = ecb->tag[1] = 0; 1526 1527 if ((ecb->flags & ECB_READY) != 0) { 1528 ecb->flags &= ~ECB_READY; 1529 TAILQ_REMOVE(&sc->ready_list, ecb, chain); 1530 } 1531} 1532 1533/* 1534 * INTERRUPT/PROTOCOL ENGINE 1535 */ 1536 1537/* 1538 * Schedule an outgoing message by prioritizing it, and asserting 1539 * attention on the bus. We can only do this when we are the initiator 1540 * else there will be an illegal command interrupt. 1541 */ 1542#define ncr53c9x_sched_msgout(m) do { \ 1543 NCR_MSGS(("ncr53c9x_sched_msgout %x %d", m, __LINE__)); \ 1544 NCRCMD(sc, NCRCMD_SETATN); \ 1545 sc->sc_flags |= NCR_ATN; \ 1546 sc->sc_msgpriq |= (m); \ 1547} while (/* CONSTCOND */0) 1548 1549static void 1550ncr53c9x_flushfifo(struct ncr53c9x_softc *sc) 1551{ 1552 1553 NCR_LOCK_ASSERT(sc, MA_OWNED); 1554 1555 NCR_TRACE(("[%s] ", __func__)); 1556 1557 NCRCMD(sc, NCRCMD_FLUSH); 1558 1559 if (sc->sc_phase == COMMAND_PHASE || 1560 sc->sc_phase == MESSAGE_OUT_PHASE) 1561 DELAY(2); 1562} 1563 1564static int 1565ncr53c9x_rdfifo(struct ncr53c9x_softc *sc, int how) 1566{ 1567 int i, n; 1568 uint8_t *ibuf; 1569 1570 NCR_LOCK_ASSERT(sc, MA_OWNED); 1571 1572 switch (how) { 1573 case NCR_RDFIFO_START: 1574 ibuf = sc->sc_imess; 1575 sc->sc_imlen = 0; 1576 break; 1577 1578 case NCR_RDFIFO_CONTINUE: 1579 ibuf = sc->sc_imess + sc->sc_imlen; 1580 break; 1581 1582 default: 1583 panic("%s: bad flag", __func__); 1584 /* NOTREACHED */ 1585 } 1586 1587 /* 1588 * XXX buffer (sc_imess) size for message 1589 */ 1590 1591 n = NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF; 1592 1593 if (sc->sc_rev == NCR_VARIANT_FAS366) { 1594 n *= 2; 1595 1596 for (i = 0; i < n; i++) 1597 ibuf[i] = NCR_READ_REG(sc, NCR_FIFO); 1598 1599 if (sc->sc_espstat2 & NCRFAS_STAT2_ISHUTTLE) { 1600 1601 NCR_WRITE_REG(sc, NCR_FIFO, 0); 1602 ibuf[i++] = NCR_READ_REG(sc, NCR_FIFO); 1603 1604 NCR_READ_REG(sc, NCR_FIFO); 1605 1606 ncr53c9x_flushfifo(sc); 1607 } 1608 } else 1609 for (i = 0; i < n; i++) 1610 ibuf[i] = NCR_READ_REG(sc, NCR_FIFO); 1611 1612 sc->sc_imlen += i; 1613 1614#if 0 1615#ifdef NCR53C9X_DEBUG 1616 NCR_TRACE(("\n[rdfifo %s (%d):", 1617 (how == NCR_RDFIFO_START) ? "start" : "cont", (int)sc->sc_imlen)); 1618 if ((ncr53c9x_debug & NCR_SHOWTRAC) != 0) { 1619 for (i = 0; i < sc->sc_imlen; i++) 1620 printf(" %02x", sc->sc_imess[i]); 1621 printf("]\n"); 1622 } 1623#endif 1624#endif 1625 return (sc->sc_imlen); 1626} 1627 1628static void 1629ncr53c9x_wrfifo(struct ncr53c9x_softc *sc, uint8_t *p, int len) 1630{ 1631 int i; 1632 1633 NCR_LOCK_ASSERT(sc, MA_OWNED); 1634 1635#ifdef NCR53C9X_DEBUG 1636 NCR_MSGS(("[wrfifo(%d):", len)); 1637 if ((ncr53c9x_debug & NCR_SHOWMSGS) != 0) { 1638 for (i = 0; i < len; i++) 1639 printf(" %02x", p[i]); 1640 printf("]\n"); 1641 } 1642#endif 1643 1644 for (i = 0; i < len; i++) { 1645 NCR_WRITE_REG(sc, NCR_FIFO, p[i]); 1646 1647 if (sc->sc_rev == NCR_VARIANT_FAS366) 1648 NCR_WRITE_REG(sc, NCR_FIFO, 0); 1649 } 1650} 1651 1652static int 1653ncr53c9x_reselect(struct ncr53c9x_softc *sc, int message, int tagtype, 1654 int tagid) 1655{ 1656 struct ncr53c9x_ecb *ecb = NULL; 1657 struct ncr53c9x_linfo *li; 1658 struct ncr53c9x_tinfo *ti; 1659 uint8_t lun, selid, target; 1660 1661 NCR_LOCK_ASSERT(sc, MA_OWNED); 1662 1663 if (sc->sc_rev == NCR_VARIANT_FAS366) 1664 target = sc->sc_selid; 1665 else { 1666 /* 1667 * The SCSI chip made a snapshot of the data bus 1668 * while the reselection was being negotiated. 1669 * This enables us to determine which target did 1670 * the reselect. 1671 */ 1672 selid = sc->sc_selid & ~(1 << sc->sc_id); 1673 if (selid & (selid - 1)) { 1674 device_printf(sc->sc_dev, "reselect with invalid " 1675 "selid %02x; sending DEVICE RESET\n", selid); 1676 goto reset; 1677 } 1678 1679 target = ffs(selid) - 1; 1680 } 1681 lun = message & 0x07; 1682 1683 /* 1684 * Search wait queue for disconnected command. 1685 * The list should be short, so I haven't bothered with 1686 * any more sophisticated structures than a simple 1687 * singly linked list. 1688 */ 1689 ti = &sc->sc_tinfo[target]; 1690 li = TINFO_LUN(ti, lun); 1691 1692 /* 1693 * We can get as far as the LUN with the IDENTIFY 1694 * message. Check to see if we're running an 1695 * untagged command. Otherwise ack the IDENTIFY 1696 * and wait for a tag message. 1697 */ 1698 if (li != NULL) { 1699 if (li->untagged != NULL && li->busy) 1700 ecb = li->untagged; 1701 else if (tagtype != MSG_SIMPLE_Q_TAG) { 1702 /* Wait for tag to come by. */ 1703 sc->sc_state = NCR_IDENTIFIED; 1704 return (0); 1705 } else if (tagtype) 1706 ecb = li->queued[tagid]; 1707 } 1708 if (ecb == NULL) { 1709 device_printf(sc->sc_dev, "reselect from target %d lun %d " 1710 "tag %x:%x with no nexus; sending ABORT\n", 1711 target, lun, tagtype, tagid); 1712 goto abort; 1713 } 1714 1715 /* Make this nexus active again. */ 1716 sc->sc_state = NCR_CONNECTED; 1717 sc->sc_nexus = ecb; 1718 ncr53c9x_setsync(sc, ti); 1719 1720 if (ecb->flags & ECB_RESET) 1721 ncr53c9x_sched_msgout(SEND_DEV_RESET); 1722 else if (ecb->flags & ECB_ABORT) 1723 ncr53c9x_sched_msgout(SEND_ABORT); 1724 1725 /* Do an implicit RESTORE POINTERS. */ 1726 sc->sc_dp = ecb->daddr; 1727 sc->sc_dleft = ecb->dleft; 1728 1729 return (0); 1730 1731reset: 1732 ncr53c9x_sched_msgout(SEND_DEV_RESET); 1733 return (1); 1734 1735abort: 1736 ncr53c9x_sched_msgout(SEND_ABORT); 1737 return (1); 1738} 1739 1740/* From NetBSD; these should go into CAM at some point. */ 1741#define MSG_ISEXTENDED(m) ((m) == MSG_EXTENDED) 1742#define MSG_IS1BYTE(m) \ 1743 ((!MSG_ISEXTENDED(m) && (m) < 0x20) || MSG_ISIDENTIFY(m)) 1744#define MSG_IS2BYTE(m) (((m) & 0xf0) == 0x20) 1745 1746static inline int 1747__verify_msg_format(uint8_t *p, int len) 1748{ 1749 1750 if (len == 1 && MSG_IS1BYTE(p[0])) 1751 return (1); 1752 if (len == 2 && MSG_IS2BYTE(p[0])) 1753 return (1); 1754 if (len >= 3 && MSG_ISEXTENDED(p[0]) && 1755 len == p[1] + 2) 1756 return (1); 1757 1758 return (0); 1759} 1760 1761/* 1762 * Get an incoming message as initiator. 1763 * 1764 * The SCSI bus must already be in MESSAGE_IN_PHASE and there is a 1765 * byte in the FIFO. 1766 */ 1767static void 1768ncr53c9x_msgin(struct ncr53c9x_softc *sc) 1769{ 1770 struct ncr53c9x_ecb *ecb; 1771 struct ncr53c9x_linfo *li; 1772 struct ncr53c9x_tinfo *ti; 1773 uint8_t *pb; 1774 int len, lun; 1775 1776 NCR_LOCK_ASSERT(sc, MA_OWNED); 1777 1778 NCR_TRACE(("[%s(curmsglen:%ld)] ", __func__, (long)sc->sc_imlen)); 1779 1780 if (sc->sc_imlen == 0) { 1781 device_printf(sc->sc_dev, "msgin: no msg byte available\n"); 1782 return; 1783 } 1784 1785 /* 1786 * Prepare for a new message. A message should (according 1787 * to the SCSI standard) be transmitted in one single 1788 * MESSAGE_IN_PHASE. If we have been in some other phase, 1789 * then this is a new message. 1790 */ 1791 if (sc->sc_prevphase != MESSAGE_IN_PHASE && 1792 sc->sc_state != NCR_RESELECTED) { 1793 device_printf(sc->sc_dev, "phase change, dropping message, " 1794 "prev %d, state %d\n", sc->sc_prevphase, sc->sc_state); 1795 sc->sc_flags &= ~NCR_DROP_MSGI; 1796 sc->sc_imlen = 0; 1797 } 1798 1799 /* 1800 * If we're going to reject the message, don't bother storing 1801 * the incoming bytes. But still, we need to ACK them. 1802 */ 1803 if ((sc->sc_flags & NCR_DROP_MSGI) != 0) { 1804 NCRCMD(sc, NCRCMD_MSGOK); 1805 device_printf(sc->sc_dev, "<dropping msg byte %x>", 1806 sc->sc_imess[sc->sc_imlen]); 1807 return; 1808 } 1809 1810 if (sc->sc_imlen >= NCR_MAX_MSG_LEN) { 1811 ncr53c9x_sched_msgout(SEND_REJECT); 1812 sc->sc_flags |= NCR_DROP_MSGI; 1813 } else { 1814 switch (sc->sc_state) { 1815 /* 1816 * if received message is the first of reselection 1817 * then first byte is selid, and then message 1818 */ 1819 case NCR_RESELECTED: 1820 pb = sc->sc_imess + 1; 1821 len = sc->sc_imlen - 1; 1822 break; 1823 1824 default: 1825 pb = sc->sc_imess; 1826 len = sc->sc_imlen; 1827 } 1828 1829 if (__verify_msg_format(pb, len)) 1830 goto gotit; 1831 } 1832 1833 /* Acknowledge what we have so far. */ 1834 NCRCMD(sc, NCRCMD_MSGOK); 1835 return; 1836 1837gotit: 1838 NCR_MSGS(("gotmsg(%x) state %d", sc->sc_imess[0], sc->sc_state)); 1839 /* 1840 * We got a complete message, flush the imess. 1841 * XXX nobody uses imlen below. 1842 */ 1843 sc->sc_imlen = 0; 1844 /* 1845 * Now we should have a complete message (1 byte, 2 byte 1846 * and moderately long extended messages). We only handle 1847 * extended messages which total length is shorter than 1848 * NCR_MAX_MSG_LEN. Longer messages will be amputated. 1849 */ 1850 switch (sc->sc_state) { 1851 case NCR_CONNECTED: 1852 ecb = sc->sc_nexus; 1853 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 1854 1855 switch (sc->sc_imess[0]) { 1856 case MSG_CMDCOMPLETE: 1857 NCR_MSGS(("cmdcomplete ")); 1858 if (sc->sc_dleft < 0) { 1859 xpt_print_path(ecb->ccb->ccb_h.path); 1860 printf("got %ld extra bytes\n", 1861 -(long)sc->sc_dleft); 1862 sc->sc_dleft = 0; 1863 } 1864 ecb->dleft = (ecb->flags & ECB_TENTATIVE_DONE) ? 1865 0 : sc->sc_dleft; 1866 if ((ecb->flags & ECB_SENSE) == 0) 1867 ecb->ccb->csio.resid = ecb->dleft; 1868 sc->sc_state = NCR_CMDCOMPLETE; 1869 break; 1870 1871 case MSG_MESSAGE_REJECT: 1872 NCR_MSGS(("msg reject (msgout=%x) ", sc->sc_msgout)); 1873 switch (sc->sc_msgout) { 1874 case SEND_TAG: 1875 /* 1876 * Target does not like tagged queuing. 1877 * - Flush the command queue 1878 * - Disable tagged queuing for the target 1879 * - Dequeue ecb from the queued array. 1880 */ 1881 device_printf(sc->sc_dev, "tagged queuing " 1882 "rejected: target %d\n", 1883 ecb->ccb->ccb_h.target_id); 1884 1885 NCR_MSGS(("(rejected sent tag)")); 1886 NCRCMD(sc, NCRCMD_FLUSH); 1887 DELAY(1); 1888 ti->flags &= ~T_TAG; 1889 lun = ecb->ccb->ccb_h.target_lun; 1890 li = TINFO_LUN(ti, lun); 1891 if (ecb->tag[0] && 1892 li->queued[ecb->tag[1]] != NULL) { 1893 li->queued[ecb->tag[1]] = NULL; 1894 li->used--; 1895 } 1896 ecb->tag[0] = ecb->tag[1] = 0; 1897 li->untagged = ecb; 1898 li->busy = 1; 1899 break; 1900 1901 case SEND_SDTR: 1902 device_printf(sc->sc_dev, "sync transfer " 1903 "rejected: target %d\n", 1904 ecb->ccb->ccb_h.target_id); 1905 1906 ti->flags &= ~T_SDTRSENT; 1907 ti->curr.period = ti->goal.period = 0; 1908 ti->curr.offset = ti->goal.offset = 0; 1909 ncr53c9x_setsync(sc, ti); 1910 break; 1911 1912 case SEND_WDTR: 1913 device_printf(sc->sc_dev, "wide transfer " 1914 "rejected: target %d\n", 1915 ecb->ccb->ccb_h.target_id); 1916 1917 ti->flags &= ~T_WDTRSENT; 1918 ti->curr.width = ti->goal.width = 1919 MSG_EXT_WDTR_BUS_8_BIT; 1920 ncr53c9x_setsync(sc, ti); 1921 break; 1922 1923 case SEND_INIT_DET_ERR: 1924 goto abort; 1925 } 1926 break; 1927 1928 case MSG_NOOP: 1929 NCR_MSGS(("noop ")); 1930 break; 1931 1932 case MSG_HEAD_OF_Q_TAG: 1933 case MSG_SIMPLE_Q_TAG: 1934 case MSG_ORDERED_Q_TAG: 1935 NCR_MSGS(("TAG %x:%x", 1936 sc->sc_imess[0], sc->sc_imess[1])); 1937 break; 1938 1939 case MSG_DISCONNECT: 1940 NCR_MSGS(("disconnect ")); 1941 ti->dconns++; 1942 sc->sc_state = NCR_DISCONNECT; 1943 1944 /* 1945 * Mark the fact that all bytes have moved. The 1946 * target may not bother to do a SAVE POINTERS 1947 * at this stage. This flag will set the residual 1948 * count to zero on MSG COMPLETE. 1949 */ 1950 if (sc->sc_dleft == 0) 1951 ecb->flags |= ECB_TENTATIVE_DONE; 1952 break; 1953 1954 case MSG_SAVEDATAPOINTER: 1955 NCR_MSGS(("save datapointer ")); 1956 ecb->daddr = sc->sc_dp; 1957 ecb->dleft = sc->sc_dleft; 1958 break; 1959 1960 case MSG_RESTOREPOINTERS: 1961 NCR_MSGS(("restore datapointer ")); 1962 sc->sc_dp = ecb->daddr; 1963 sc->sc_dleft = ecb->dleft; 1964 break; 1965 1966 case MSG_IGN_WIDE_RESIDUE: 1967 NCR_MSGS(("ignore wide residue (%d bytes)", 1968 sc->sc_imess[1])); 1969 if (sc->sc_imess[1] != 1) { 1970 xpt_print_path(ecb->ccb->ccb_h.path); 1971 printf("unexpected MESSAGE IGNORE WIDE " 1972 "RESIDUE (%d bytes); sending REJECT\n", 1973 sc->sc_imess[1]); 1974 goto reject; 1975 } 1976 /* 1977 * If there was a last transfer of an even number of 1978 * bytes, wipe the "done" memory and adjust by one 1979 * byte (sc->sc_imess[1]). 1980 */ 1981 len = sc->sc_dleft - ecb->dleft; 1982 if (len != 0 && (len & 1) == 0) { 1983 ecb->flags &= ~ECB_TENTATIVE_DONE; 1984 sc->sc_dp = (char *)sc->sc_dp - 1; 1985 sc->sc_dleft--; 1986 } 1987 break; 1988 1989 case MSG_EXTENDED: 1990 NCR_MSGS(("extended(%x) ", sc->sc_imess[2])); 1991 switch (sc->sc_imess[2]) { 1992 case MSG_EXT_SDTR: 1993 NCR_MSGS(("SDTR period %d, offset %d ", 1994 sc->sc_imess[3], sc->sc_imess[4])); 1995 if (sc->sc_imess[1] != 3) 1996 goto reject; 1997 ti->curr.period = sc->sc_imess[3]; 1998 ti->curr.offset = sc->sc_imess[4]; 1999 if (sc->sc_minsync == 0 || 2000 ti->curr.offset == 0 || 2001 ti->curr.period > 124) { 2002#if 0 2003#ifdef NCR53C9X_DEBUG 2004 xpt_print_path(ecb->ccb->ccb_h.path); 2005 printf("async mode\n"); 2006#endif 2007#endif 2008 if ((ti->flags & T_SDTRSENT) == 0) { 2009 /* 2010 * target initiated negotiation 2011 */ 2012 ti->curr.offset = 0; 2013 ncr53c9x_sched_msgout( 2014 SEND_SDTR); 2015 } 2016 } else { 2017 ti->curr.period = 2018 ncr53c9x_cpb2stp(sc, 2019 ncr53c9x_stp2cpb(sc, 2020 ti->curr.period)); 2021 if ((ti->flags & T_SDTRSENT) == 0) { 2022 /* 2023 * target initiated negotiation 2024 */ 2025 if (ti->curr.period < 2026 sc->sc_minsync) 2027 ti->curr.period = 2028 sc->sc_minsync; 2029 if (ti->curr.offset > 2030 sc->sc_maxoffset) 2031 ti->curr.offset = 2032 sc->sc_maxoffset; 2033 ncr53c9x_sched_msgout( 2034 SEND_SDTR); 2035 } 2036 } 2037 ti->flags &= ~T_SDTRSENT; 2038 ti->goal.period = ti->curr.period; 2039 ti->goal.offset = ti->curr.offset; 2040 ncr53c9x_setsync(sc, ti); 2041 break; 2042 2043 case MSG_EXT_WDTR: 2044 NCR_MSGS(("wide mode %d ", sc->sc_imess[3])); 2045 ti->curr.width = sc->sc_imess[3]; 2046 if (!(ti->flags & T_WDTRSENT)) 2047 /* 2048 * target initiated negotiation 2049 */ 2050 ncr53c9x_sched_msgout(SEND_WDTR); 2051 ti->flags &= ~T_WDTRSENT; 2052 ti->goal.width = ti->curr.width; 2053 ncr53c9x_setsync(sc, ti); 2054 break; 2055 2056 default: 2057 xpt_print_path(ecb->ccb->ccb_h.path); 2058 printf("unrecognized MESSAGE EXTENDED 0x%x;" 2059 " sending REJECT\n", sc->sc_imess[2]); 2060 goto reject; 2061 } 2062 break; 2063 2064 default: 2065 NCR_MSGS(("ident ")); 2066 xpt_print_path(ecb->ccb->ccb_h.path); 2067 printf("unrecognized MESSAGE 0x%x; sending REJECT\n", 2068 sc->sc_imess[0]); 2069 /* FALLTHROUGH */ 2070 reject: 2071 ncr53c9x_sched_msgout(SEND_REJECT); 2072 break; 2073 } 2074 break; 2075 2076 case NCR_IDENTIFIED: 2077 /* 2078 * IDENTIFY message was received and queue tag is expected 2079 * now. 2080 */ 2081 if ((sc->sc_imess[0] != MSG_SIMPLE_Q_TAG) || 2082 (sc->sc_msgify == 0)) { 2083 device_printf(sc->sc_dev, "TAG reselect without " 2084 "IDENTIFY; MSG %x; sending DEVICE RESET\n", 2085 sc->sc_imess[0]); 2086 goto reset; 2087 } 2088 (void)ncr53c9x_reselect(sc, sc->sc_msgify, 2089 sc->sc_imess[0], sc->sc_imess[1]); 2090 break; 2091 2092 case NCR_RESELECTED: 2093 if (MSG_ISIDENTIFY(sc->sc_imess[1])) 2094 sc->sc_msgify = sc->sc_imess[1]; 2095 else { 2096 device_printf(sc->sc_dev, "reselect without IDENTIFY;" 2097 " MSG %x; sending DEVICE RESET\n", sc->sc_imess[1]); 2098 goto reset; 2099 } 2100 (void)ncr53c9x_reselect(sc, sc->sc_msgify, 0, 0); 2101 break; 2102 2103 default: 2104 device_printf(sc->sc_dev, "unexpected MESSAGE IN; " 2105 "sending DEVICE RESET\n"); 2106 /* FALLTHROUGH */ 2107 reset: 2108 ncr53c9x_sched_msgout(SEND_DEV_RESET); 2109 break; 2110 2111 abort: 2112 ncr53c9x_sched_msgout(SEND_ABORT); 2113 } 2114 2115 /* If we have more messages to send set ATN. */ 2116 if (sc->sc_msgpriq) { 2117 NCRCMD(sc, NCRCMD_SETATN); 2118 sc->sc_flags |= NCR_ATN; 2119 } 2120 2121 /* Acknowledge last message byte. */ 2122 NCRCMD(sc, NCRCMD_MSGOK); 2123 2124 /* Done, reset message pointer. */ 2125 sc->sc_flags &= ~NCR_DROP_MSGI; 2126 sc->sc_imlen = 0; 2127} 2128 2129/* 2130 * Send the highest priority, scheduled message. 2131 */ 2132static void 2133ncr53c9x_msgout(struct ncr53c9x_softc *sc) 2134{ 2135 struct ncr53c9x_tinfo *ti; 2136 struct ncr53c9x_ecb *ecb; 2137 size_t size; 2138 int error; 2139#ifdef NCR53C9X_DEBUG 2140 int i; 2141#endif 2142 2143 NCR_LOCK_ASSERT(sc, MA_OWNED); 2144 2145 NCR_TRACE(("[%s(priq:%x, prevphase:%x)]", __func__, sc->sc_msgpriq, 2146 sc->sc_prevphase)); 2147 2148 /* 2149 * XXX - the NCR_ATN flag is not in sync with the actual ATN 2150 * condition on the SCSI bus. The 53c9x chip 2151 * automatically turns off ATN before sending the 2152 * message byte. (See also the comment below in the 2153 * default case when picking out a message to send.) 2154 */ 2155 if (sc->sc_flags & NCR_ATN) { 2156 if (sc->sc_prevphase != MESSAGE_OUT_PHASE) { 2157 new: 2158 NCRCMD(sc, NCRCMD_FLUSH); 2159#if 0 2160 DELAY(1); 2161#endif 2162 sc->sc_msgoutq = 0; 2163 sc->sc_omlen = 0; 2164 } 2165 } else { 2166 if (sc->sc_prevphase == MESSAGE_OUT_PHASE) { 2167 ncr53c9x_sched_msgout(sc->sc_msgoutq); 2168 goto new; 2169 } else 2170 device_printf(sc->sc_dev, "at line %d: unexpected " 2171 "MESSAGE OUT phase\n", __LINE__); 2172 } 2173 2174 if (sc->sc_omlen == 0) { 2175 /* Pick up highest priority message. */ 2176 sc->sc_msgout = sc->sc_msgpriq & -sc->sc_msgpriq; 2177 sc->sc_msgoutq |= sc->sc_msgout; 2178 sc->sc_msgpriq &= ~sc->sc_msgout; 2179 sc->sc_omlen = 1; /* "Default" message len */ 2180 switch (sc->sc_msgout) { 2181 case SEND_SDTR: 2182 ecb = sc->sc_nexus; 2183 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2184 sc->sc_omess[0] = MSG_EXTENDED; 2185 sc->sc_omess[1] = MSG_EXT_SDTR_LEN; 2186 sc->sc_omess[2] = MSG_EXT_SDTR; 2187 sc->sc_omess[3] = ti->goal.period; 2188 sc->sc_omess[4] = ti->goal.offset; 2189 sc->sc_omlen = 5; 2190 break; 2191 2192 case SEND_WDTR: 2193 ecb = sc->sc_nexus; 2194 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2195 sc->sc_omess[0] = MSG_EXTENDED; 2196 sc->sc_omess[1] = MSG_EXT_WDTR_LEN; 2197 sc->sc_omess[2] = MSG_EXT_WDTR; 2198 sc->sc_omess[3] = ti->goal.width; 2199 sc->sc_omlen = 4; 2200 break; 2201 2202 case SEND_IDENTIFY: 2203 if (sc->sc_state != NCR_CONNECTED) 2204 device_printf(sc->sc_dev, "at line %d: no " 2205 "nexus\n", __LINE__); 2206 ecb = sc->sc_nexus; 2207 sc->sc_omess[0] = 2208 MSG_IDENTIFY(ecb->ccb->ccb_h.target_lun, 0); 2209 break; 2210 2211 case SEND_TAG: 2212 if (sc->sc_state != NCR_CONNECTED) 2213 device_printf(sc->sc_dev, "at line %d: no " 2214 "nexus\n", __LINE__); 2215 ecb = sc->sc_nexus; 2216 sc->sc_omess[0] = ecb->tag[0]; 2217 sc->sc_omess[1] = ecb->tag[1]; 2218 sc->sc_omlen = 2; 2219 break; 2220 2221 case SEND_DEV_RESET: 2222 sc->sc_flags |= NCR_ABORTING; 2223 sc->sc_omess[0] = MSG_BUS_DEV_RESET; 2224 ecb = sc->sc_nexus; 2225 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2226 ti->curr.period = 0; 2227 ti->curr.offset = 0; 2228 ti->curr.width = MSG_EXT_WDTR_BUS_8_BIT; 2229 break; 2230 2231 case SEND_PARITY_ERROR: 2232 sc->sc_omess[0] = MSG_PARITY_ERROR; 2233 break; 2234 2235 case SEND_ABORT: 2236 sc->sc_flags |= NCR_ABORTING; 2237 sc->sc_omess[0] = MSG_ABORT; 2238 break; 2239 2240 case SEND_INIT_DET_ERR: 2241 sc->sc_omess[0] = MSG_INITIATOR_DET_ERR; 2242 break; 2243 2244 case SEND_REJECT: 2245 sc->sc_omess[0] = MSG_MESSAGE_REJECT; 2246 break; 2247 2248 default: 2249 /* 2250 * We normally do not get here, since the chip 2251 * automatically turns off ATN before the last 2252 * byte of a message is sent to the target. 2253 * However, if the target rejects our (multi-byte) 2254 * message early by switching to MSG IN phase 2255 * ATN remains on, so the target may return to 2256 * MSG OUT phase. If there are no scheduled messages 2257 * left we send a NO-OP. 2258 * 2259 * XXX - Note that this leaves no useful purpose for 2260 * the NCR_ATN flag. 2261 */ 2262 sc->sc_flags &= ~NCR_ATN; 2263 sc->sc_omess[0] = MSG_NOOP; 2264 } 2265 sc->sc_omp = sc->sc_omess; 2266 } 2267 2268#ifdef NCR53C9X_DEBUG 2269 if ((ncr53c9x_debug & NCR_SHOWMSGS) != 0) { 2270 NCR_MSGS(("<msgout:")); 2271 for (i = 0; i < sc->sc_omlen; i++) 2272 NCR_MSGS((" %02x", sc->sc_omess[i])); 2273 NCR_MSGS(("> ")); 2274 } 2275#endif 2276 2277 if (sc->sc_rev != NCR_VARIANT_FAS366) { 2278 /* (Re)send the message. */ 2279 size = ulmin(sc->sc_omlen, sc->sc_maxxfer); 2280 error = NCRDMA_SETUP(sc, &sc->sc_omp, &sc->sc_omlen, 0, &size); 2281 if (error != 0) 2282 goto cmd; 2283 2284 /* Program the SCSI counter. */ 2285 NCR_SET_COUNT(sc, size); 2286 2287 /* Load the count in and start the message-out transfer. */ 2288 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 2289 NCRCMD(sc, NCRCMD_TRANS | NCRCMD_DMA); 2290 NCRDMA_GO(sc); 2291 return; 2292 } 2293 2294cmd: 2295 /* 2296 * XXX FIFO size 2297 */ 2298 sc->sc_cmdlen = 0; 2299 ncr53c9x_flushfifo(sc); 2300 ncr53c9x_wrfifo(sc, sc->sc_omp, sc->sc_omlen); 2301 NCRCMD(sc, NCRCMD_TRANS); 2302} 2303 2304void 2305ncr53c9x_intr(void *arg) 2306{ 2307 struct ncr53c9x_softc *sc = arg; 2308 2309 if (!NCRDMA_ISINTR(sc)) 2310 return; 2311 2312 NCR_LOCK(sc); 2313 2314 ncr53c9x_intr1(sc); 2315 2316 NCR_UNLOCK(sc); 2317} 2318 2319/* 2320 * This is the most critical part of the driver, and has to know 2321 * how to deal with *all* error conditions and phases from the SCSI 2322 * bus. If there are no errors and the DMA was active, then call the 2323 * DMA pseudo-interrupt handler. If this returns 1, then that was it 2324 * and we can return from here without further processing. 2325 * 2326 * Most of this needs verifying. 2327 */ 2328static void 2329ncr53c9x_intr1(struct ncr53c9x_softc *sc) 2330{ 2331 struct ncr53c9x_ecb *ecb; 2332 struct ncr53c9x_linfo *li; 2333 struct ncr53c9x_tinfo *ti; 2334 struct timeval cur, wait; 2335 size_t size; 2336 int error, i, nfifo; 2337 uint8_t msg; 2338 2339 NCR_LOCK_ASSERT(sc, MA_OWNED); 2340 2341 NCR_INTS(("[ncr53c9x_intr: state %d]", sc->sc_state)); 2342 2343again: 2344 /* and what do the registers say... */ 2345 ncr53c9x_readregs(sc); 2346 2347 /* 2348 * At the moment, only a SCSI Bus Reset or Illegal 2349 * Command are classed as errors. A disconnect is a 2350 * valid condition, and we let the code check is the 2351 * "NCR_BUSFREE_OK" flag was set before declaring it 2352 * and error. 2353 * 2354 * Also, the status register tells us about "Gross 2355 * Errors" and "Parity errors". Only the Gross Error 2356 * is really bad, and the parity errors are dealt 2357 * with later. 2358 * 2359 * TODO 2360 * If there are too many parity error, go to slow 2361 * cable mode? 2362 */ 2363 2364 if ((sc->sc_espintr & NCRINTR_SBR) != 0) { 2365 if ((NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) != 0) { 2366 NCRCMD(sc, NCRCMD_FLUSH); 2367 DELAY(1); 2368 } 2369 if (sc->sc_state != NCR_SBR) { 2370 device_printf(sc->sc_dev, "SCSI bus reset\n"); 2371 ncr53c9x_init(sc, 0); /* Restart everything. */ 2372 return; 2373 } 2374#if 0 2375/*XXX*/ device_printf(sc->sc_dev, "<expected bus reset: " 2376 "[intr %x, stat %x, step %d]>\n", 2377 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep); 2378#endif 2379 if (sc->sc_nexus != NULL) 2380 panic("%s: nexus in reset state", 2381 device_get_nameunit(sc->sc_dev)); 2382 goto sched; 2383 } 2384 2385 ecb = sc->sc_nexus; 2386 2387#define NCRINTR_ERR (NCRINTR_SBR | NCRINTR_ILL) 2388 if (sc->sc_espintr & NCRINTR_ERR || 2389 sc->sc_espstat & NCRSTAT_GE) { 2390 if ((sc->sc_espstat & NCRSTAT_GE) != 0) { 2391 /* Gross Error; no target? */ 2392 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2393 NCRCMD(sc, NCRCMD_FLUSH); 2394 DELAY(1); 2395 } 2396 if (sc->sc_state == NCR_CONNECTED || 2397 sc->sc_state == NCR_SELECTING) { 2398 ecb->ccb->ccb_h.status = CAM_SEL_TIMEOUT; 2399 ncr53c9x_done(sc, ecb); 2400 } 2401 return; 2402 } 2403 2404 if ((sc->sc_espintr & NCRINTR_ILL) != 0) { 2405 if ((sc->sc_flags & NCR_EXPECT_ILLCMD) != 0) { 2406 /* 2407 * Eat away "Illegal command" interrupt 2408 * on a ESP100 caused by a re-selection 2409 * while we were trying to select 2410 * another target. 2411 */ 2412#ifdef NCR53C9X_DEBUG 2413 device_printf(sc->sc_dev, "ESP100 work-around " 2414 "activated\n"); 2415#endif 2416 sc->sc_flags &= ~NCR_EXPECT_ILLCMD; 2417 return; 2418 } 2419 /* Illegal command, out of sync? */ 2420 device_printf(sc->sc_dev, "illegal command: 0x%x " 2421 "(state %d, phase %x, prevphase %x)\n", 2422 sc->sc_lastcmd, 2423 sc->sc_state, sc->sc_phase, sc->sc_prevphase); 2424 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2425 NCRCMD(sc, NCRCMD_FLUSH); 2426 DELAY(1); 2427 } 2428 goto reset; 2429 } 2430 } 2431 sc->sc_flags &= ~NCR_EXPECT_ILLCMD; 2432 2433 /* 2434 * Call if DMA is active. 2435 * 2436 * If DMA_INTR returns true, then maybe go 'round the loop 2437 * again in case there is no more DMA queued, but a phase 2438 * change is expected. 2439 */ 2440 if (NCRDMA_ISACTIVE(sc)) { 2441 if (NCRDMA_INTR(sc) == -1) { 2442 device_printf(sc->sc_dev, "DMA error; resetting\n"); 2443 goto reset; 2444 } 2445 /* If DMA active here, then go back to work... */ 2446 if (NCRDMA_ISACTIVE(sc)) 2447 return; 2448 2449 if ((sc->sc_espstat & NCRSTAT_TC) == 0) { 2450 /* 2451 * DMA not completed. If we can not find a 2452 * acceptable explanation, print a diagnostic. 2453 */ 2454 if (sc->sc_state == NCR_SELECTING) 2455 /* 2456 * This can happen if we are reselected 2457 * while using DMA to select a target. 2458 */ 2459 /*void*/; 2460 else if (sc->sc_prevphase == MESSAGE_OUT_PHASE) { 2461 /* 2462 * Our (multi-byte) message (eg SDTR) was 2463 * interrupted by the target to send 2464 * a MSG REJECT. 2465 * Print diagnostic if current phase 2466 * is not MESSAGE IN. 2467 */ 2468 if (sc->sc_phase != MESSAGE_IN_PHASE) 2469 device_printf(sc->sc_dev,"!TC on MSGOUT" 2470 " [intr %x, stat %x, step %d]" 2471 " prevphase %x, resid %lx\n", 2472 sc->sc_espintr, 2473 sc->sc_espstat, 2474 sc->sc_espstep, 2475 sc->sc_prevphase, 2476 (u_long)sc->sc_omlen); 2477 } else if (sc->sc_dleft == 0) { 2478 /* 2479 * The DMA operation was started for 2480 * a DATA transfer. Print a diagnostic 2481 * if the DMA counter and TC bit 2482 * appear to be out of sync. 2483 * 2484 * XXX This is fatal and usually means that 2485 * the DMA engine is hopelessly out of 2486 * sync with reality. A disk is likely 2487 * getting spammed at this point. 2488 */ 2489 device_printf(sc->sc_dev, "!TC on DATA XFER" 2490 " [intr %x, stat %x, step %d]" 2491 " prevphase %x, resid %x\n", 2492 sc->sc_espintr, 2493 sc->sc_espstat, 2494 sc->sc_espstep, 2495 sc->sc_prevphase, 2496 ecb ? ecb->dleft : -1); 2497 goto reset; 2498 } 2499 } 2500 } 2501 2502 /* 2503 * Check for less serious errors. 2504 */ 2505 if ((sc->sc_espstat & NCRSTAT_PE) != 0) { 2506 device_printf(sc->sc_dev, "SCSI bus parity error\n"); 2507 if (sc->sc_prevphase == MESSAGE_IN_PHASE) 2508 ncr53c9x_sched_msgout(SEND_PARITY_ERROR); 2509 else 2510 ncr53c9x_sched_msgout(SEND_INIT_DET_ERR); 2511 } 2512 2513 if ((sc->sc_espintr & NCRINTR_DIS) != 0) { 2514 sc->sc_msgify = 0; 2515 NCR_INTS(("<DISC [intr %x, stat %x, step %d]>", 2516 sc->sc_espintr,sc->sc_espstat,sc->sc_espstep)); 2517 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2518 NCRCMD(sc, NCRCMD_FLUSH); 2519#if 0 2520 DELAY(1); 2521#endif 2522 } 2523 /* 2524 * This command must (apparently) be issued within 2525 * 250mS of a disconnect. So here you are... 2526 */ 2527 NCRCMD(sc, NCRCMD_ENSEL); 2528 2529 switch (sc->sc_state) { 2530 case NCR_RESELECTED: 2531 goto sched; 2532 2533 case NCR_SELECTING: 2534 ecb->ccb->ccb_h.status = CAM_SEL_TIMEOUT; 2535 2536 /* Selection timeout -- discard all LUNs if empty. */ 2537 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2538 li = LIST_FIRST(&ti->luns); 2539 while (li != NULL) { 2540 if (li->untagged == NULL && li->used == 0) { 2541 if (li->lun < NCR_NLUN) 2542 ti->lun[li->lun] = NULL; 2543 LIST_REMOVE(li, link); 2544 free(li, M_DEVBUF); 2545 /* 2546 * Restart the search at the beginning. 2547 */ 2548 li = LIST_FIRST(&ti->luns); 2549 continue; 2550 } 2551 li = LIST_NEXT(li, link); 2552 } 2553 goto finish; 2554 2555 case NCR_CONNECTED: 2556 if (ecb != NULL) { 2557 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2558 if ((ti->flags & T_SDTRSENT) != 0) { 2559 xpt_print_path(ecb->ccb->ccb_h.path); 2560 printf("sync nego not completed!\n"); 2561 ti->flags &= ~T_SDTRSENT; 2562 ti->curr.period = ti->goal.period = 0; 2563 ti->curr.offset = ti->goal.offset = 0; 2564 ncr53c9x_setsync(sc, ti); 2565 } 2566 if ((ti->flags & T_WDTRSENT) != 0) { 2567 xpt_print_path(ecb->ccb->ccb_h.path); 2568 printf("wide nego not completed!\n"); 2569 ti->flags &= ~T_WDTRSENT; 2570 ti->curr.width = ti->goal.width = 2571 MSG_EXT_WDTR_BUS_8_BIT; 2572 ncr53c9x_setsync(sc, ti); 2573 } 2574 } 2575 2576 /* It may be OK to disconnect. */ 2577 if ((sc->sc_flags & NCR_ABORTING) == 0) { 2578 /* 2579 * Section 5.1.1 of the SCSI 2 spec 2580 * suggests issuing a REQUEST SENSE 2581 * following an unexpected disconnect. 2582 * Some devices go into a contingent 2583 * allegiance condition when 2584 * disconnecting, and this is necessary 2585 * to clean up their state. 2586 */ 2587 device_printf(sc->sc_dev, "unexpected " 2588 "disconnect [state %d, intr %x, stat %x, " 2589 "phase(c %x, p %x)]; ", sc->sc_state, 2590 sc->sc_espintr, sc->sc_espstat, 2591 sc->sc_phase, sc->sc_prevphase); 2592 2593 /* 2594 * XXX This will cause a chip reset and will 2595 * prevent us from finding out the real 2596 * problem with the device. However, it's 2597 * necessary until a way can be found to 2598 * safely cancel the DMA that is in 2599 * progress. 2600 */ 2601 if (1 || (ecb->flags & ECB_SENSE) != 0) { 2602 printf("resetting\n"); 2603 goto reset; 2604 } 2605 printf("sending REQUEST SENSE\n"); 2606 callout_stop(&ecb->ch); 2607 ncr53c9x_sense(sc, ecb); 2608 return; 2609 } else if (ecb != NULL && 2610 (ecb->flags & ECB_RESET) != 0) { 2611 ecb->ccb->ccb_h.status = CAM_REQ_CMP; 2612 goto finish; 2613 } 2614 2615 ecb->ccb->ccb_h.status = CAM_CMD_TIMEOUT; 2616 goto finish; 2617 2618 case NCR_DISCONNECT: 2619 sc->sc_nexus = NULL; 2620 goto sched; 2621 2622 case NCR_CMDCOMPLETE: 2623 ecb->ccb->ccb_h.status = CAM_REQ_CMP; 2624 goto finish; 2625 } 2626 } 2627 2628 switch (sc->sc_state) { 2629 case NCR_SBR: 2630 device_printf(sc->sc_dev, "waiting for Bus Reset to happen\n"); 2631 return; 2632 2633 case NCR_RESELECTED: 2634 /* 2635 * We must be continuing a message? 2636 */ 2637 device_printf(sc->sc_dev, "unhandled reselect continuation, " 2638 "state %d, intr %02x\n", sc->sc_state, sc->sc_espintr); 2639 goto reset; 2640 break; 2641 2642 case NCR_IDENTIFIED: 2643 ecb = sc->sc_nexus; 2644 if (sc->sc_phase != MESSAGE_IN_PHASE) { 2645 i = NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF; 2646 /* 2647 * Things are seriously screwed up. 2648 * Pull the brakes, i.e. reset. 2649 */ 2650 device_printf(sc->sc_dev, "target didn't send tag: %d " 2651 "bytes in FIFO\n", i); 2652 /* Drain and display FIFO. */ 2653 while (i-- > 0) 2654 printf("[%d] ", NCR_READ_REG(sc, NCR_FIFO)); 2655 2656 goto reset; 2657 } else 2658 goto msgin; 2659 2660 case NCR_IDLE: 2661 case NCR_SELECTING: 2662 ecb = sc->sc_nexus; 2663 if (sc->sc_espintr & NCRINTR_RESEL) { 2664 sc->sc_msgpriq = sc->sc_msgout = sc->sc_msgoutq = 0; 2665 sc->sc_flags = 0; 2666 /* 2667 * If we're trying to select a 2668 * target ourselves, push our command 2669 * back into the ready list. 2670 */ 2671 if (sc->sc_state == NCR_SELECTING) { 2672 NCR_INTS(("backoff selector ")); 2673 callout_stop(&ecb->ch); 2674 ncr53c9x_dequeue(sc, ecb); 2675 TAILQ_INSERT_HEAD(&sc->ready_list, ecb, chain); 2676 ecb->flags |= ECB_READY; 2677 ecb = sc->sc_nexus = NULL; 2678 } 2679 sc->sc_state = NCR_RESELECTED; 2680 if (sc->sc_phase != MESSAGE_IN_PHASE) { 2681 /* 2682 * Things are seriously screwed up. 2683 * Pull the brakes, i.e. reset 2684 */ 2685 device_printf(sc->sc_dev, "target didn't " 2686 "identify\n"); 2687 goto reset; 2688 } 2689 /* 2690 * The C90 only inhibits FIFO writes until reselection 2691 * is complete instead of waiting until the interrupt 2692 * status register has been read. So, if the reselect 2693 * happens while we were entering command bytes (for 2694 * another target) some of those bytes can appear in 2695 * the FIFO here, after the interrupt is taken. 2696 * 2697 * To remedy this situation, pull the Selection ID 2698 * and Identify message from the FIFO directly, and 2699 * ignore any extraneous FIFO contents. Also, set 2700 * a flag that allows one Illegal Command Interrupt 2701 * to occur which the chip also generates as a result 2702 * of writing to the FIFO during a reselect. 2703 */ 2704 if (sc->sc_rev == NCR_VARIANT_ESP100) { 2705 nfifo = 2706 NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF; 2707 sc->sc_imess[0] = NCR_READ_REG(sc, NCR_FIFO); 2708 sc->sc_imess[1] = NCR_READ_REG(sc, NCR_FIFO); 2709 sc->sc_imlen = 2; 2710 if (nfifo != 2) { 2711 /* Flush the rest. */ 2712 NCRCMD(sc, NCRCMD_FLUSH); 2713 } 2714 sc->sc_flags |= NCR_EXPECT_ILLCMD; 2715 if (nfifo > 2) 2716 nfifo = 2; /* We fixed it... */ 2717 } else 2718 nfifo = ncr53c9x_rdfifo(sc, NCR_RDFIFO_START); 2719 2720 if (nfifo != 2) { 2721 device_printf(sc->sc_dev, "RESELECT: %d bytes " 2722 "in FIFO! [intr %x, stat %x, step %d, " 2723 "prevphase %x]\n", 2724 nfifo, 2725 sc->sc_espintr, 2726 sc->sc_espstat, 2727 sc->sc_espstep, 2728 sc->sc_prevphase); 2729 goto reset; 2730 } 2731 sc->sc_selid = sc->sc_imess[0]; 2732 NCR_INTS(("selid=%02x ", sc->sc_selid)); 2733 2734 /* Handle IDENTIFY message. */ 2735 ncr53c9x_msgin(sc); 2736 2737 if (sc->sc_state != NCR_CONNECTED && 2738 sc->sc_state != NCR_IDENTIFIED) { 2739 /* IDENTIFY fail?! */ 2740 device_printf(sc->sc_dev, "identify failed, " 2741 "state %d, intr %02x\n", sc->sc_state, 2742 sc->sc_espintr); 2743 goto reset; 2744 } 2745 goto shortcut; /* i.e. next phase expected soon */ 2746 } 2747 2748#define NCRINTR_DONE (NCRINTR_FC | NCRINTR_BS) 2749 if ((sc->sc_espintr & NCRINTR_DONE) == NCRINTR_DONE) { 2750 /* 2751 * Arbitration won; examine the `step' register 2752 * to determine how far the selection could progress. 2753 */ 2754 if (ecb == NULL) { 2755 /* 2756 * When doing path inquiry during boot 2757 * FAS100A trigger a stray interrupt which 2758 * we just ignore instead of panicing. 2759 */ 2760 if (sc->sc_state == NCR_IDLE && 2761 sc->sc_espstep == 0) 2762 return; 2763 panic("%s: no nexus", __func__); 2764 } 2765 2766 ti = &sc->sc_tinfo[ecb->ccb->ccb_h.target_id]; 2767 2768 switch (sc->sc_espstep) { 2769 case 0: 2770 /* 2771 * The target did not respond with a 2772 * message out phase - probably an old 2773 * device that doesn't recognize ATN. 2774 * Clear ATN and just continue, the 2775 * target should be in the command 2776 * phase. 2777 * XXX check for command phase? 2778 */ 2779 NCRCMD(sc, NCRCMD_RSTATN); 2780 break; 2781 2782 case 1: 2783 if (ti->curr.period == ti->goal.period && 2784 ti->curr.offset == ti->goal.offset && 2785 ti->curr.width == ti->goal.width && 2786 ecb->tag[0] == 0) { 2787 device_printf(sc->sc_dev, "step 1 " 2788 "and no negotiation to perform " 2789 "or tag to send\n"); 2790 goto reset; 2791 } 2792 if (sc->sc_phase != MESSAGE_OUT_PHASE) { 2793 device_printf(sc->sc_dev, "step 1 " 2794 "but not in MESSAGE_OUT_PHASE\n"); 2795 goto reset; 2796 } 2797 sc->sc_prevphase = MESSAGE_OUT_PHASE; /* XXX */ 2798 if (ecb->flags & ECB_RESET) { 2799 /* 2800 * A DEVICE RESET was scheduled and 2801 * ATNS used. As SEND_DEV_RESET has 2802 * the highest priority, the target 2803 * will reset and disconnect and we 2804 * will end up in ncr53c9x_done w/o 2805 * negotiating or sending a TAG. So 2806 * we just break here in order to 2807 * avoid warnings about negotiation 2808 * not having completed. 2809 */ 2810 ncr53c9x_sched_msgout(SEND_DEV_RESET); 2811 break; 2812 } 2813 if (ti->curr.width != ti->goal.width) { 2814 ti->flags |= T_WDTRSENT | T_SDTRSENT; 2815 ncr53c9x_sched_msgout(SEND_WDTR | 2816 SEND_SDTR); 2817 } 2818 if (ti->curr.period != ti->goal.period || 2819 ti->curr.offset != ti->goal.offset) { 2820 ti->flags |= T_SDTRSENT; 2821 ncr53c9x_sched_msgout(SEND_SDTR); 2822 } 2823 if (ecb->tag[0] != 0) 2824 /* Could not do ATN3 so send TAG. */ 2825 ncr53c9x_sched_msgout(SEND_TAG); 2826 break; 2827 2828 case 3: 2829 /* 2830 * Grr, this is supposed to mean 2831 * "target left command phase prematurely". 2832 * It seems to happen regularly when 2833 * sync mode is on. 2834 * Look at FIFO to see if command went out. 2835 * (Timing problems?) 2836 */ 2837 if (sc->sc_features & NCR_F_DMASELECT) { 2838 if (sc->sc_cmdlen == 0) { 2839 /* Hope for the best... */ 2840 break; 2841 } 2842 } else if ((NCR_READ_REG(sc, NCR_FFLAG) & 2843 NCRFIFO_FF) == 0) { 2844 /* Hope for the best... */ 2845 break; 2846 } 2847 xpt_print_path(ecb->ccb->ccb_h.path); 2848 printf("selection failed; %d left in FIFO " 2849 "[intr %x, stat %x, step %d]\n", 2850 NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF, 2851 sc->sc_espintr, sc->sc_espstat, 2852 sc->sc_espstep); 2853 NCRCMD(sc, NCRCMD_FLUSH); 2854 ncr53c9x_sched_msgout(SEND_ABORT); 2855 return; 2856 2857 case 2: 2858 /* Select stuck at Command Phase. */ 2859 NCRCMD(sc, NCRCMD_FLUSH); 2860 break; 2861 2862 case 4: 2863 if (sc->sc_features & NCR_F_DMASELECT && 2864 sc->sc_cmdlen != 0) { 2865 xpt_print_path(ecb->ccb->ccb_h.path); 2866 printf("select; %lu left in DMA buffer " 2867 "[intr %x, stat %x, step %d]\n", 2868 (u_long)sc->sc_cmdlen, 2869 sc->sc_espintr, 2870 sc->sc_espstat, 2871 sc->sc_espstep); 2872 } 2873 /* So far, everything went fine. */ 2874 break; 2875 } 2876 2877 sc->sc_prevphase = INVALID_PHASE; /* ??? */ 2878 /* Do an implicit RESTORE POINTERS. */ 2879 sc->sc_dp = ecb->daddr; 2880 sc->sc_dleft = ecb->dleft; 2881 sc->sc_state = NCR_CONNECTED; 2882 break; 2883 } else { 2884 device_printf(sc->sc_dev, "unexpected status after " 2885 "select: [intr %x, stat %x, step %x]\n", 2886 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep); 2887 NCRCMD(sc, NCRCMD_FLUSH); 2888 DELAY(1); 2889 goto reset; 2890 } 2891 if (sc->sc_state == NCR_IDLE) { 2892 device_printf(sc->sc_dev, "stray interrupt\n"); 2893 return; 2894 } 2895 break; 2896 2897 case NCR_CONNECTED: 2898 if ((sc->sc_flags & NCR_ICCS) != 0) { 2899 /* "Initiate Command Complete Steps" in progress */ 2900 sc->sc_flags &= ~NCR_ICCS; 2901 2902 if ((sc->sc_espintr & NCRINTR_DONE) == 0) { 2903 device_printf(sc->sc_dev, "ICCS: " 2904 ": [intr %x, stat %x, step %x]\n", 2905 sc->sc_espintr, sc->sc_espstat, 2906 sc->sc_espstep); 2907 } 2908 ncr53c9x_rdfifo(sc, NCR_RDFIFO_START); 2909 if (sc->sc_imlen < 2) 2910 device_printf(sc->sc_dev, "can't get status, " 2911 "only %d bytes\n", (int)sc->sc_imlen); 2912 ecb->stat = sc->sc_imess[sc->sc_imlen - 2]; 2913 msg = sc->sc_imess[sc->sc_imlen - 1]; 2914 NCR_PHASE(("<stat:(%x,%x)>", ecb->stat, msg)); 2915 if (msg == MSG_CMDCOMPLETE) { 2916 ecb->dleft = 2917 (ecb->flags & ECB_TENTATIVE_DONE) ? 2918 0 : sc->sc_dleft; 2919 if ((ecb->flags & ECB_SENSE) == 0) 2920 ecb->ccb->csio.resid = ecb->dleft; 2921 sc->sc_state = NCR_CMDCOMPLETE; 2922 } else 2923 device_printf(sc->sc_dev, "STATUS_PHASE: " 2924 "msg %d\n", msg); 2925 sc->sc_imlen = 0; 2926 NCRCMD(sc, NCRCMD_MSGOK); 2927 goto shortcut; /* i.e. wait for disconnect */ 2928 } 2929 break; 2930 2931 default: 2932 device_printf(sc->sc_dev, "invalid state: %d [intr %x, " 2933 "phase(c %x, p %x)]\n", sc->sc_state, 2934 sc->sc_espintr, sc->sc_phase, sc->sc_prevphase); 2935 goto reset; 2936 } 2937 2938 /* 2939 * Driver is now in state NCR_CONNECTED, i.e. we 2940 * have a current command working the SCSI bus. 2941 */ 2942 if (sc->sc_state != NCR_CONNECTED || ecb == NULL) 2943 panic("%s: no nexus", __func__); 2944 2945 switch (sc->sc_phase) { 2946 case MESSAGE_OUT_PHASE: 2947 NCR_PHASE(("MESSAGE_OUT_PHASE ")); 2948 ncr53c9x_msgout(sc); 2949 sc->sc_prevphase = MESSAGE_OUT_PHASE; 2950 break; 2951 2952 case MESSAGE_IN_PHASE: 2953msgin: 2954 NCR_PHASE(("MESSAGE_IN_PHASE ")); 2955 if ((sc->sc_espintr & NCRINTR_BS) != 0) { 2956 if ((sc->sc_rev != NCR_VARIANT_FAS366) || 2957 (sc->sc_espstat2 & NCRFAS_STAT2_EMPTY) == 0) { 2958 NCRCMD(sc, NCRCMD_FLUSH); 2959 } 2960 sc->sc_flags |= NCR_WAITI; 2961 NCRCMD(sc, NCRCMD_TRANS); 2962 } else if ((sc->sc_espintr & NCRINTR_FC) != 0) { 2963 if ((sc->sc_flags & NCR_WAITI) == 0) { 2964 device_printf(sc->sc_dev, "MSGIN: unexpected " 2965 "FC bit: [intr %x, stat %x, step %x]\n", 2966 sc->sc_espintr, sc->sc_espstat, 2967 sc->sc_espstep); 2968 } 2969 sc->sc_flags &= ~NCR_WAITI; 2970 ncr53c9x_rdfifo(sc, 2971 (sc->sc_prevphase == sc->sc_phase) ? 2972 NCR_RDFIFO_CONTINUE : NCR_RDFIFO_START); 2973 ncr53c9x_msgin(sc); 2974 } else 2975 device_printf(sc->sc_dev, "MSGIN: weird bits: " 2976 "[intr %x, stat %x, step %x]\n", 2977 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep); 2978 sc->sc_prevphase = MESSAGE_IN_PHASE; 2979 goto shortcut; /* i.e. expect data to be ready */ 2980 2981 case COMMAND_PHASE: 2982 /* 2983 * Send the command block. Normally we don't see this 2984 * phase because the SEL_ATN command takes care of 2985 * all this. However, we end up here if either the 2986 * target or we wanted to exchange some more messages 2987 * first (e.g. to start negotiations). 2988 */ 2989 2990 NCR_PHASE(("COMMAND_PHASE 0x%02x (%d) ", 2991 ecb->cmd.cmd.opcode, ecb->clen)); 2992 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2993 NCRCMD(sc, NCRCMD_FLUSH); 2994#if 0 2995 DELAY(1); 2996#endif 2997 } 2998 /* 2999 * If we have more messages to send, e.g. WDTR or SDTR 3000 * after we've sent a TAG, set ATN so we'll go back to 3001 * MESSAGE_OUT_PHASE. 3002 */ 3003 if (sc->sc_msgpriq) { 3004 NCRCMD(sc, NCRCMD_SETATN); 3005 sc->sc_flags |= NCR_ATN; 3006 } 3007 if (sc->sc_features & NCR_F_DMASELECT) { 3008 /* Setup DMA transfer for command. */ 3009 size = ecb->clen; 3010 sc->sc_cmdlen = size; 3011 sc->sc_cmdp = (void *)&ecb->cmd.cmd; 3012 error = NCRDMA_SETUP(sc, &sc->sc_cmdp, &sc->sc_cmdlen, 3013 0, &size); 3014 if (error != 0) 3015 goto cmd; 3016 3017 /* Program the SCSI counter. */ 3018 NCR_SET_COUNT(sc, size); 3019 3020 /* Load the count in. */ 3021 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 3022 3023 /* Start the command transfer. */ 3024 NCRCMD(sc, NCRCMD_TRANS | NCRCMD_DMA); 3025 NCRDMA_GO(sc); 3026 sc->sc_prevphase = COMMAND_PHASE; 3027 break; 3028 } 3029cmd: 3030 sc->sc_cmdlen = 0; 3031 ncr53c9x_wrfifo(sc, (uint8_t *)&ecb->cmd.cmd, ecb->clen); 3032 NCRCMD(sc, NCRCMD_TRANS); 3033 sc->sc_prevphase = COMMAND_PHASE; 3034 break; 3035 3036 case DATA_OUT_PHASE: 3037 NCR_PHASE(("DATA_OUT_PHASE [%ld] ", (long)sc->sc_dleft)); 3038 sc->sc_prevphase = DATA_OUT_PHASE; 3039 NCRCMD(sc, NCRCMD_FLUSH); 3040 size = ulmin(sc->sc_dleft, sc->sc_maxxfer); 3041 error = NCRDMA_SETUP(sc, &sc->sc_dp, &sc->sc_dleft, 0, &size); 3042 goto setup_xfer; 3043 3044 case DATA_IN_PHASE: 3045 NCR_PHASE(("DATA_IN_PHASE ")); 3046 sc->sc_prevphase = DATA_IN_PHASE; 3047 if (sc->sc_rev == NCR_VARIANT_ESP100) 3048 NCRCMD(sc, NCRCMD_FLUSH); 3049 size = ulmin(sc->sc_dleft, sc->sc_maxxfer); 3050 error = NCRDMA_SETUP(sc, &sc->sc_dp, &sc->sc_dleft, 1, &size); 3051setup_xfer: 3052 if (error != 0) { 3053 switch (error) { 3054 case EFBIG: 3055 ecb->ccb->ccb_h.status |= CAM_REQ_TOO_BIG; 3056 break; 3057 case EINPROGRESS: 3058 panic("%s: cannot deal with deferred DMA", 3059 __func__); 3060 case EINVAL: 3061 ecb->ccb->ccb_h.status |= CAM_REQ_INVALID; 3062 break; 3063 case ENOMEM: 3064 ecb->ccb->ccb_h.status |= CAM_REQUEUE_REQ; 3065 break; 3066 default: 3067 ecb->ccb->ccb_h.status |= CAM_REQ_CMP_ERR; 3068 } 3069 goto finish; 3070 } 3071 3072 /* Target returned to data phase: wipe "done" memory. */ 3073 ecb->flags &= ~ECB_TENTATIVE_DONE; 3074 3075 /* Program the SCSI counter. */ 3076 NCR_SET_COUNT(sc, size); 3077 3078 /* Load the count in. */ 3079 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 3080 3081 /* 3082 * Note that if `size' is 0, we've already transceived 3083 * all the bytes we want but we're still in DATA PHASE. 3084 * Apparently, the device needs padding. Also, a 3085 * transfer size of 0 means "maximum" to the chip 3086 * DMA logic. 3087 */ 3088 NCRCMD(sc, 3089 (size == 0 ? NCRCMD_TRPAD : NCRCMD_TRANS) | NCRCMD_DMA); 3090 NCRDMA_GO(sc); 3091 return; 3092 3093 case STATUS_PHASE: 3094 NCR_PHASE(("STATUS_PHASE ")); 3095 sc->sc_flags |= NCR_ICCS; 3096 NCRCMD(sc, NCRCMD_ICCS); 3097 sc->sc_prevphase = STATUS_PHASE; 3098 goto shortcut; /* i.e. expect status results soon */ 3099 3100 case INVALID_PHASE: 3101 break; 3102 3103 default: 3104 device_printf(sc->sc_dev, 3105 "unexpected bus phase; resetting\n"); 3106 goto reset; 3107 } 3108 3109 return; 3110 3111reset: 3112 ncr53c9x_init(sc, 1); 3113 return; 3114 3115finish: 3116 ncr53c9x_done(sc, ecb); 3117 return; 3118 3119sched: 3120 sc->sc_state = NCR_IDLE; 3121 ncr53c9x_sched(sc); 3122 return; 3123 3124shortcut: 3125 /* 3126 * The idea is that many of the SCSI operations take very little 3127 * time, and going away and getting interrupted is too high an 3128 * overhead to pay. For example, selecting, sending a message 3129 * and command and then doing some work can be done in one "pass". 3130 * 3131 * The delay is a heuristic. It is 2 when at 20 MHz, 2 at 25 MHz and 3132 * 1 at 40 MHz. This needs testing. 3133 */ 3134 microtime(&wait); 3135 wait.tv_usec += 50 / sc->sc_freq; 3136 if (wait.tv_usec > 1000000) { 3137 wait.tv_sec++; 3138 wait.tv_usec -= 1000000; 3139 } 3140 do { 3141 if (NCRDMA_ISINTR(sc)) 3142 goto again; 3143 microtime(&cur); 3144 } while (cur.tv_sec <= wait.tv_sec && cur.tv_usec <= wait.tv_usec); 3145} 3146 3147static void 3148ncr53c9x_abort(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 3149{ 3150 3151 NCR_LOCK_ASSERT(sc, MA_OWNED); 3152 3153 /* 2 secs for the abort */ 3154 ecb->timeout = NCR_ABORT_TIMEOUT; 3155 ecb->flags |= ECB_ABORT; 3156 3157 if (ecb == sc->sc_nexus) { 3158 /* 3159 * If we're still selecting, the message will be scheduled 3160 * after selection is complete. 3161 */ 3162 if (sc->sc_state == NCR_CONNECTED) 3163 ncr53c9x_sched_msgout(SEND_ABORT); 3164 3165 /* 3166 * Reschedule callout. 3167 */ 3168 callout_reset(&ecb->ch, mstohz(ecb->timeout), 3169 ncr53c9x_callout, ecb); 3170 } else { 3171 /* 3172 * Just leave the command where it is. 3173 * XXX - what choice do we have but to reset the SCSI 3174 * eventually? 3175 */ 3176 if (sc->sc_state == NCR_IDLE) 3177 ncr53c9x_sched(sc); 3178 } 3179} 3180 3181static void 3182ncr53c9x_callout(void *arg) 3183{ 3184 struct ncr53c9x_ecb *ecb = arg; 3185 union ccb *ccb = ecb->ccb; 3186 struct ncr53c9x_softc *sc = ecb->sc; 3187 struct ncr53c9x_tinfo *ti; 3188 3189 NCR_LOCK_ASSERT(sc, MA_OWNED); 3190 3191 ti = &sc->sc_tinfo[ccb->ccb_h.target_id]; 3192 xpt_print_path(ccb->ccb_h.path); 3193 device_printf(sc->sc_dev, "timed out [ecb %p (flags 0x%x, dleft %x, " 3194 "stat %x)], <state %d, nexus %p, phase(l %x, c %x, p %x), " 3195 "resid %lx, msg(q %x,o %x) %s>", 3196 ecb, ecb->flags, ecb->dleft, ecb->stat, 3197 sc->sc_state, sc->sc_nexus, 3198 NCR_READ_REG(sc, NCR_STAT), 3199 sc->sc_phase, sc->sc_prevphase, 3200 (long)sc->sc_dleft, sc->sc_msgpriq, sc->sc_msgout, 3201 NCRDMA_ISACTIVE(sc) ? "DMA active" : ""); 3202#if defined(NCR53C9X_DEBUG) && NCR53C9X_DEBUG > 1 3203 printf("TRACE: %s.", ecb->trace); 3204#endif 3205 3206 if (ecb->flags & ECB_ABORT) { 3207 /* Abort timed out. */ 3208 printf(" AGAIN\n"); 3209 ncr53c9x_init(sc, 1); 3210 } else { 3211 /* Abort the operation that has timed out. */ 3212 printf("\n"); 3213 ccb->ccb_h.status = CAM_CMD_TIMEOUT; 3214 ncr53c9x_abort(sc, ecb); 3215 3216 /* Disable sync mode if stuck in a data phase. */ 3217 if (ecb == sc->sc_nexus && ti->curr.offset != 0 && 3218 (sc->sc_phase & (MSGI | CDI)) == 0) { 3219 /* XXX ASYNC CALLBACK! */ 3220 ti->goal.offset = 0; 3221 xpt_print_path(ccb->ccb_h.path); 3222 printf("sync negotiation disabled\n"); 3223 } 3224 } 3225} 3226 3227static void 3228ncr53c9x_watch(void *arg) 3229{ 3230 struct ncr53c9x_softc *sc = arg; 3231 struct ncr53c9x_linfo *li; 3232 struct ncr53c9x_tinfo *ti; 3233 time_t old; 3234 int t; 3235 3236 NCR_LOCK_ASSERT(sc, MA_OWNED); 3237 3238 /* Delete any structures that have not been used in 10min. */ 3239 old = time_second - (10 * 60); 3240 3241 for (t = 0; t < sc->sc_ntarg; t++) { 3242 ti = &sc->sc_tinfo[t]; 3243 li = LIST_FIRST(&ti->luns); 3244 while (li) { 3245 if (li->last_used < old && 3246 li->untagged == NULL && 3247 li->used == 0) { 3248 if (li->lun < NCR_NLUN) 3249 ti->lun[li->lun] = NULL; 3250 LIST_REMOVE(li, link); 3251 free(li, M_DEVBUF); 3252 /* Restart the search at the beginning. */ 3253 li = LIST_FIRST(&ti->luns); 3254 continue; 3255 } 3256 li = LIST_NEXT(li, link); 3257 } 3258 } 3259 callout_reset(&sc->sc_watchdog, 60 * hz, ncr53c9x_watch, sc); 3260} 3261