1 /* $NetBSD: ncr53c9x.c,v 1.156 2021/12/05 08:16:10 msaitoh Exp $ */
2
3 /*-
4 * Copyright (c) 1998, 2002 The NetBSD Foundation, Inc.
5 * All rights reserved.
6 *
7 * This code is derived from software contributed to The NetBSD Foundation
8 * by Charles M. Hannum.
9 *
10 * Redistribution and use in source and binary forms, with or without
11 * modification, are permitted provided that the following conditions
12 * are met:
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
15 * 2. Redistributions in binary form must reproduce the above copyright
16 * notice, this list of conditions and the following disclaimer in the
17 * documentation and/or other materials provided with the distribution.
18 *
19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS
20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED
21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS
23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR
24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF
25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS
26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN
27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
29 * POSSIBILITY OF SUCH DAMAGE.
30 */
31
32 /*
33 * Copyright (c) 1994 Peter Galbavy
34 * Copyright (c) 1995 Paul Kranenburg
35 * All rights reserved.
36 *
37 * Redistribution and use in source and binary forms, with or without
38 * modification, are permitted provided that the following conditions
39 * are met:
40 * 1. Redistributions of source code must retain the above copyright
41 * notice, this list of conditions and the following disclaimer.
42 * 2. Redistributions in binary form must reproduce the above copyright
43 * notice, this list of conditions and the following disclaimer in the
44 * documentation and/or other materials provided with the distribution.
45 * 3. All advertising materials mentioning features or use of this software
46 * must display the following acknowledgement:
47 * This product includes software developed by Peter Galbavy
48 * 4. The name of the author may not be used to endorse or promote products
49 * derived from this software without specific prior written permission.
50 *
51 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
52 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED
53 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
54 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT,
55 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES
56 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR
57 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
59 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN
60 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
61 * POSSIBILITY OF SUCH DAMAGE.
62 */
63
64 /*
65 * Based on aic6360 by Jarle Greipsland
66 *
67 * Acknowledgements: Many of the algorithms used in this driver are
68 * inspired by the work of Julian Elischer (julian@tfs.com) and
69 * Charles Hannum (mycroft@duality.gnu.ai.mit.edu). Thanks a million!
70 */
71
72 #include <sys/cdefs.h>
73 __KERNEL_RCSID(0, "$NetBSD: ncr53c9x.c,v 1.156 2021/12/05 08:16:10 msaitoh Exp $");
74
75 #include <sys/param.h>
76 #include <sys/systm.h>
77 #include <sys/callout.h>
78 #include <sys/kernel.h>
79 #include <sys/errno.h>
80 #include <sys/ioctl.h>
81 #include <sys/device.h>
82 #include <sys/buf.h>
83 #include <sys/malloc.h>
84 #include <sys/proc.h>
85 #include <sys/queue.h>
86 #include <sys/pool.h>
87 #include <sys/scsiio.h>
88
89 #include <dev/scsipi/scsi_spc.h>
90 #include <dev/scsipi/scsi_all.h>
91 #include <dev/scsipi/scsipi_all.h>
92 #include <dev/scsipi/scsiconf.h>
93 #include <dev/scsipi/scsi_message.h>
94
95 #include <dev/ic/ncr53c9xreg.h>
96 #include <dev/ic/ncr53c9xvar.h>
97
98 int ncr53c9x_debug = NCR_SHOWMISC; /*NCR_SHOWPHASE|NCR_SHOWMISC|NCR_SHOWTRAC|NCR_SHOWCMDS;*/
99 #ifdef DEBUG
100 int ncr53c9x_notag = 0;
101 #endif
102
103 static void ncr53c9x_readregs(struct ncr53c9x_softc *);
104 static void ncr53c9x_select(struct ncr53c9x_softc *, struct ncr53c9x_ecb *);
105 static int ncr53c9x_reselect(struct ncr53c9x_softc *, int, int, int);
106 #if 0
107 static void ncr53c9x_scsi_reset(struct ncr53c9x_softc *);
108 #endif
109 static void ncr53c9x_clear(struct ncr53c9x_softc *, scsipi_xfer_result_t);
110 static int ncr53c9x_poll(struct ncr53c9x_softc *,
111 struct scsipi_xfer *, int);
112 static void ncr53c9x_sched(struct ncr53c9x_softc *);
113 static void ncr53c9x_done(struct ncr53c9x_softc *, struct ncr53c9x_ecb *);
114 static void ncr53c9x_msgin(struct ncr53c9x_softc *);
115 static void ncr53c9x_msgout(struct ncr53c9x_softc *);
116 static void ncr53c9x_timeout(void *arg);
117 static void ncr53c9x_watch(void *arg);
118 static void ncr53c9x_dequeue(struct ncr53c9x_softc *,
119 struct ncr53c9x_ecb *);
120 static int ncr53c9x_ioctl(struct scsipi_channel *, u_long,
121 void *, int, struct proc *);
122
123 void ncr53c9x_sense(struct ncr53c9x_softc *, struct ncr53c9x_ecb *);
124 void ncr53c9x_free_ecb(struct ncr53c9x_softc *, struct ncr53c9x_ecb *);
125 struct ncr53c9x_ecb *ncr53c9x_get_ecb(struct ncr53c9x_softc *, int);
126
127 static inline int ncr53c9x_stp2cpb(struct ncr53c9x_softc *, int);
128 static inline void ncr53c9x_setsync(struct ncr53c9x_softc *,
129 struct ncr53c9x_tinfo *);
130 void ncr53c9x_update_xfer_mode (struct ncr53c9x_softc *, int);
131 static struct ncr53c9x_linfo *ncr53c9x_lunsearch(struct ncr53c9x_tinfo *,
132 int64_t lun);
133
134 static void ncr53c9x_wrfifo(struct ncr53c9x_softc *, uint8_t *, int);
135
136 static int ncr53c9x_rdfifo(struct ncr53c9x_softc *, int);
137 #define NCR_RDFIFO_START 0
138 #define NCR_RDFIFO_CONTINUE 1
139
140
141 #define NCR_SET_COUNT(sc, size) do { \
142 NCR_WRITE_REG((sc), NCR_TCL, (size)); \
143 NCR_WRITE_REG((sc), NCR_TCM, (size) >> 8); \
144 if ((sc->sc_cfg2 & NCRCFG2_FE) || \
145 (sc->sc_rev == NCR_VARIANT_FAS366)) { \
146 NCR_WRITE_REG((sc), NCR_TCH, (size) >> 16); \
147 } \
148 if (sc->sc_rev == NCR_VARIANT_FAS366) { \
149 NCR_WRITE_REG(sc, NCR_RCH, 0); \
150 } \
151 } while (/* CONSTCOND */0)
152
153 static int ecb_pool_initialized = 0;
154 static struct pool ecb_pool;
155
156 /*
157 * Names for the NCR53c9x variants, corresponding to the variant tags
158 * in ncr53c9xvar.h.
159 */
160 static const char *ncr53c9x_variant_names[] = {
161 "ESP100",
162 "ESP100A",
163 "ESP200",
164 "NCR53C94",
165 "NCR53C96",
166 "ESP406",
167 "FAS408",
168 "FAS216",
169 "AM53C974",
170 "FAS366/HME",
171 "NCR53C90 (86C01)",
172 };
173
174 /*
175 * Search linked list for LUN info by LUN id.
176 */
177 static struct ncr53c9x_linfo *
ncr53c9x_lunsearch(struct ncr53c9x_tinfo * ti,int64_t lun)178 ncr53c9x_lunsearch(struct ncr53c9x_tinfo *ti, int64_t lun)
179 {
180 struct ncr53c9x_linfo *li;
181
182 LIST_FOREACH(li, &ti->luns, link)
183 if (li->lun == lun)
184 return li;
185 return NULL;
186 }
187
188 /*
189 * Attach this instance, and then all the sub-devices
190 */
191 void
ncr53c9x_attach(struct ncr53c9x_softc * sc)192 ncr53c9x_attach(struct ncr53c9x_softc *sc)
193 {
194 struct scsipi_adapter *adapt = &sc->sc_adapter;
195 struct scsipi_channel *chan = &sc->sc_channel;
196
197 mutex_init(&sc->sc_lock, MUTEX_DEFAULT, IPL_BIO);
198
199 callout_init(&sc->sc_watchdog, 0);
200
201 /*
202 * Note, the front-end has set us up to print the chip variation.
203 */
204 if (sc->sc_rev >= NCR_VARIANT_MAX) {
205 aprint_error(": unknown variant %d, devices not attached\n",
206 sc->sc_rev);
207 return;
208 }
209
210 aprint_normal(": %s, %dMHz, SCSI ID %d\n",
211 ncr53c9x_variant_names[sc->sc_rev], sc->sc_freq, sc->sc_id);
212
213 sc->sc_ntarg = (sc->sc_rev == NCR_VARIANT_FAS366) ? 16 : 8;
214
215 /*
216 * Allocate SCSI message buffers.
217 * Front-ends can override allocation to avoid alignment
218 * handling in the DMA engines. Note that that ncr53c9x_msgout()
219 * can request a 1 byte DMA transfer.
220 */
221 if (sc->sc_omess == NULL)
222 sc->sc_omess = malloc(NCR_MAX_MSG_LEN, M_DEVBUF, M_WAITOK);
223
224 if (sc->sc_imess == NULL)
225 sc->sc_imess = malloc(NCR_MAX_MSG_LEN + 1, M_DEVBUF, M_WAITOK);
226
227 sc->sc_tinfo = malloc(sc->sc_ntarg * sizeof(sc->sc_tinfo[0]),
228 M_DEVBUF, M_WAITOK | M_ZERO);
229
230 /*
231 * Treat NCR53C90 with the 86C01 DMA chip exactly as ESP100
232 * from now on.
233 */
234 if (sc->sc_rev == NCR_VARIANT_NCR53C90_86C01)
235 sc->sc_rev = NCR_VARIANT_ESP100;
236
237 sc->sc_ccf = FREQTOCCF(sc->sc_freq);
238
239 /* The value *must not* be == 1. Make it 2 */
240 if (sc->sc_ccf == 1)
241 sc->sc_ccf = 2;
242
243 /*
244 * The recommended timeout is 250ms. This register is loaded
245 * with a value calculated as follows, from the docs:
246 *
247 * (timeout period) x (CLK frequency)
248 * reg = -------------------------------------
249 * 8192 x (Clock Conversion Factor)
250 *
251 * Since CCF has a linear relation to CLK, this generally computes
252 * to the constant of 153.
253 */
254 sc->sc_timeout = ((250 * 1000) * sc->sc_freq) / (8192 * sc->sc_ccf);
255
256 /* CCF register only has 3 bits; 0 is actually 8 */
257 sc->sc_ccf &= 7;
258
259 /*
260 * Fill in the scsipi_adapter.
261 */
262 adapt->adapt_dev = sc->sc_dev;
263 adapt->adapt_nchannels = 1;
264 adapt->adapt_openings = 256;
265 adapt->adapt_max_periph = 256;
266 adapt->adapt_ioctl = ncr53c9x_ioctl;
267 /* adapt_request initialized by front-end */
268 /* adapt_minphys initialized by front-end */
269
270 /*
271 * Fill in the scsipi_channel.
272 */
273 memset(chan, 0, sizeof(*chan));
274 chan->chan_adapter = adapt;
275 chan->chan_bustype = &scsi_bustype;
276 chan->chan_channel = 0;
277 chan->chan_ntargets = sc->sc_ntarg;
278 chan->chan_nluns = 8;
279 chan->chan_id = sc->sc_id;
280
281 /*
282 * Add reference to adapter so that we drop the reference after
283 * config_found() to make sure the adapter is disabled.
284 */
285 if (scsipi_adapter_addref(adapt) != 0) {
286 aprint_error_dev(sc->sc_dev, "unable to enable controller\n");
287 return;
288 }
289
290 /* Reset state & bus */
291 sc->sc_cfflags = device_cfdata(sc->sc_dev)->cf_flags;
292 sc->sc_state = 0;
293 ncr53c9x_init(sc, 0); /* no bus reset yet, leave that to scsibus* */
294
295 /*
296 * Now try to attach all the sub-devices
297 */
298 sc->sc_child = config_found(sc->sc_dev, &sc->sc_channel, scsiprint,
299 CFARGS_NONE);
300
301 scsipi_adapter_delref(adapt);
302 callout_reset(&sc->sc_watchdog, 60 * hz, ncr53c9x_watch, sc);
303 }
304
305 int
ncr53c9x_detach(struct ncr53c9x_softc * sc,int flags)306 ncr53c9x_detach(struct ncr53c9x_softc *sc, int flags)
307 {
308 struct ncr53c9x_linfo *li, *nextli;
309 int t;
310 int error;
311
312 callout_stop(&sc->sc_watchdog);
313
314 if (sc->sc_tinfo) {
315 /* Cancel all commands. */
316 ncr53c9x_clear(sc, XS_DRIVER_STUFFUP);
317
318 /* Free logical units. */
319 for (t = 0; t < sc->sc_ntarg; t++) {
320 for (li = LIST_FIRST(&sc->sc_tinfo[t].luns); li;
321 li = nextli) {
322 nextli = LIST_NEXT(li, link);
323 free(li, M_DEVBUF);
324 }
325 }
326 }
327
328 if (sc->sc_child) {
329 error = config_detach(sc->sc_child, flags);
330 if (error)
331 return error;
332 }
333
334 if (sc->sc_imess)
335 free(sc->sc_imess, M_DEVBUF);
336 if (sc->sc_omess)
337 free(sc->sc_omess, M_DEVBUF);
338
339 mutex_destroy(&sc->sc_lock);
340
341 return 0;
342 }
343
344 /*
345 * This is the generic ncr53c9x reset function. It does not reset the SCSI bus,
346 * only this controller, but kills any on-going commands, and also stops
347 * and resets the DMA.
348 *
349 * After reset, registers are loaded with the defaults from the attach
350 * routine above.
351 */
352 void
ncr53c9x_reset(struct ncr53c9x_softc * sc)353 ncr53c9x_reset(struct ncr53c9x_softc *sc)
354 {
355
356 /* reset DMA first */
357 NCRDMA_RESET(sc);
358
359 /* reset SCSI chip */
360 NCRCMD(sc, NCRCMD_RSTCHIP);
361 NCRCMD(sc, NCRCMD_NOP);
362 DELAY(500);
363
364 /* do these backwards, and fall through */
365 switch (sc->sc_rev) {
366 case NCR_VARIANT_ESP406:
367 case NCR_VARIANT_FAS408:
368 NCR_WRITE_REG(sc, NCR_CFG5, sc->sc_cfg5 | NCRCFG5_SINT);
369 NCR_WRITE_REG(sc, NCR_CFG4, sc->sc_cfg4);
370 /* FALLTHROUGH */
371 case NCR_VARIANT_AM53C974:
372 case NCR_VARIANT_FAS216:
373 case NCR_VARIANT_NCR53C94:
374 case NCR_VARIANT_NCR53C96:
375 case NCR_VARIANT_ESP200:
376 sc->sc_features |= NCR_F_HASCFG3;
377 NCR_WRITE_REG(sc, NCR_CFG3, sc->sc_cfg3);
378 /* FALLTHROUGH */
379 case NCR_VARIANT_ESP100A:
380 sc->sc_features |= NCR_F_SELATN3;
381 NCR_WRITE_REG(sc, NCR_CFG2, sc->sc_cfg2);
382 /* FALLTHROUGH */
383 case NCR_VARIANT_ESP100:
384 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1);
385 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf);
386 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0);
387 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout);
388 break;
389
390 case NCR_VARIANT_FAS366:
391 sc->sc_features |=
392 NCR_F_HASCFG3 | NCR_F_FASTSCSI | NCR_F_SELATN3;
393 sc->sc_cfg3 = NCRFASCFG3_FASTCLK | NCRFASCFG3_OBAUTO;
394 sc->sc_cfg3_fscsi = NCRFASCFG3_FASTSCSI;
395 NCR_WRITE_REG(sc, NCR_CFG3, sc->sc_cfg3);
396 sc->sc_cfg2 = 0; /* NCRCFG2_HMEFE| NCRCFG2_HME32 */
397 NCR_WRITE_REG(sc, NCR_CFG2, sc->sc_cfg2);
398 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1);
399 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf);
400 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0);
401 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout);
402 break;
403
404 default:
405 printf("%s: unknown revision code, assuming ESP100\n",
406 device_xname(sc->sc_dev));
407 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1);
408 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf);
409 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0);
410 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout);
411 }
412
413 if (sc->sc_rev == NCR_VARIANT_AM53C974)
414 NCR_WRITE_REG(sc, NCR_AMDCFG4, sc->sc_cfg4);
415
416 #if 0
417 printf("%s: ncr53c9x_reset: revision %d\n",
418 device_xname(sc->sc_dev), sc->sc_rev);
419 printf("%s: ncr53c9x_reset: cfg1 0x%x, cfg2 0x%x, cfg3 0x%x, "
420 "ccf 0x%x, timeout 0x%x\n",
421 device_xname(sc->sc_dev), sc->sc_cfg1, sc->sc_cfg2, sc->sc_cfg3,
422 sc->sc_ccf, sc->sc_timeout);
423 #endif
424 }
425
426 #if 0
427 /*
428 * Reset the SCSI bus, but not the chip
429 */
430 void
431 ncr53c9x_scsi_reset(struct ncr53c9x_softc *sc)
432 {
433
434 (*sc->sc_glue->gl_dma_stop)(sc);
435
436 printf("%s: resetting SCSI bus\n", device_xname(sc->sc_dev));
437 NCRCMD(sc, NCRCMD_RSTSCSI);
438 }
439 #endif
440
441 /*
442 * Clear all commands
443 */
444 void
ncr53c9x_clear(struct ncr53c9x_softc * sc,scsipi_xfer_result_t result)445 ncr53c9x_clear(struct ncr53c9x_softc *sc, scsipi_xfer_result_t result)
446 {
447 struct ncr53c9x_ecb *ecb;
448 struct ncr53c9x_linfo *li;
449 int i, r;
450
451 /* Cancel any active commands. */
452 sc->sc_state = NCR_CLEANING;
453 sc->sc_msgify = 0;
454 ecb = sc->sc_nexus;
455 if (ecb != NULL) {
456 ecb->xs->error = result;
457 ncr53c9x_done(sc, ecb);
458 }
459 /* Cancel outstanding disconnected commands on each LUN */
460 for (r = 0; r < sc->sc_ntarg; r++) {
461 LIST_FOREACH(li, &sc->sc_tinfo[r].luns, link) {
462 ecb = li->untagged;
463 if (ecb != NULL) {
464 li->untagged = NULL;
465 /*
466 * XXXXXXX
467 *
468 * Should we terminate a command
469 * that never reached the disk?
470 */
471 li->busy = 0;
472 ecb->xs->error = result;
473 ncr53c9x_done(sc, ecb);
474 }
475 for (i = 0; i < 256; i++) {
476 ecb = li->queued[i];
477 if (ecb != NULL) {
478 li->queued[i] = NULL;
479 ecb->xs->error = result;
480 ncr53c9x_done(sc, ecb);
481 }
482 }
483 li->used = 0;
484 }
485 }
486 }
487
488 /*
489 * Initialize ncr53c9x state machine
490 */
491 void
ncr53c9x_init(struct ncr53c9x_softc * sc,int doreset)492 ncr53c9x_init(struct ncr53c9x_softc *sc, int doreset)
493 {
494 int r;
495
496 NCR_MISC(("[NCR_INIT(%d) %d] ", doreset, sc->sc_state));
497
498 if (!ecb_pool_initialized) {
499 /* All instances share this pool */
500 pool_init(&ecb_pool, sizeof(struct ncr53c9x_ecb), 0, 0, 0,
501 "ncr53c9x_ecb", NULL, IPL_BIO);
502 /* make sure to always have some items to play with */
503 pool_prime(&ecb_pool, 1);
504 ecb_pool_initialized = 1;
505 }
506
507 if (sc->sc_state == 0) {
508 /* First time through; initialize. */
509
510 TAILQ_INIT(&sc->ready_list);
511 sc->sc_nexus = NULL;
512 memset(sc->sc_tinfo, 0, sizeof(*sc->sc_tinfo));
513 for (r = 0; r < sc->sc_ntarg; r++) {
514 LIST_INIT(&sc->sc_tinfo[r].luns);
515 }
516 } else {
517 ncr53c9x_clear(sc, XS_TIMEOUT);
518 }
519
520 /*
521 * reset the chip to a known state
522 */
523 ncr53c9x_reset(sc);
524
525 sc->sc_flags = 0;
526 sc->sc_msgpriq = sc->sc_msgout = sc->sc_msgoutq = 0;
527 sc->sc_phase = sc->sc_prevphase = INVALID_PHASE;
528
529 /* XXXSMP scsipi */
530 KERNEL_LOCK(1, curlwp);
531
532 for (r = 0; r < sc->sc_ntarg; r++) {
533 struct ncr53c9x_tinfo *ti = &sc->sc_tinfo[r];
534 /* XXX - config flags per target: low bits: no reselect; high bits: no synch */
535
536 ti->flags = ((sc->sc_minsync &&
537 !(sc->sc_cfflags & (1 << ((r & 7) + 8)))) ?
538 0 : T_SYNCHOFF) |
539 ((sc->sc_cfflags & (1 << (r & 7))) ? T_RSELECTOFF : 0);
540 #ifdef DEBUG
541 if (ncr53c9x_notag)
542 ti->flags &= ~T_TAG;
543 #endif
544 ti->period = sc->sc_minsync;
545 ti->offset = 0;
546 ti->cfg3 = 0;
547
548 ncr53c9x_update_xfer_mode(sc, r);
549 }
550
551 if (doreset) {
552 sc->sc_state = NCR_SBR;
553 NCRCMD(sc, NCRCMD_RSTSCSI);
554
555 /* Notify upper layer */
556 scsipi_async_event(&sc->sc_channel, ASYNC_EVENT_RESET, NULL);
557 } else {
558 sc->sc_state = NCR_IDLE;
559 ncr53c9x_sched(sc);
560 }
561
562 /* XXXSMP scsipi */
563 KERNEL_UNLOCK_ONE(curlwp);
564 }
565
566 /*
567 * Read the NCR registers, and save their contents for later use.
568 * NCR_STAT, NCR_STEP & NCR_INTR are mostly zeroed out when reading
569 * NCR_INTR - so make sure it is the last read.
570 *
571 * I think that (from reading the docs) most bits in these registers
572 * only make sense when he DMA CSR has an interrupt showing. Call only
573 * if an interrupt is pending.
574 */
575 inline void
ncr53c9x_readregs(struct ncr53c9x_softc * sc)576 ncr53c9x_readregs(struct ncr53c9x_softc *sc)
577 {
578
579 sc->sc_espstat = NCR_READ_REG(sc, NCR_STAT);
580 /* Only the stepo bits are of interest */
581 sc->sc_espstep = NCR_READ_REG(sc, NCR_STEP) & NCRSTEP_MASK;
582
583 if (sc->sc_rev == NCR_VARIANT_FAS366)
584 sc->sc_espstat2 = NCR_READ_REG(sc, NCR_STAT2);
585
586 sc->sc_espintr = NCR_READ_REG(sc, NCR_INTR);
587
588 if (sc->sc_glue->gl_clear_latched_intr != NULL)
589 (*sc->sc_glue->gl_clear_latched_intr)(sc);
590
591 /*
592 * Determine the SCSI bus phase, return either a real SCSI bus phase
593 * or some pseudo phase we use to detect certain exceptions.
594 */
595
596 sc->sc_phase = (sc->sc_espintr & NCRINTR_DIS) ?
597 /* Disconnected */ BUSFREE_PHASE : sc->sc_espstat & NCRSTAT_PHASE;
598
599 NCR_INTS(("regs[intr=%02x,stat=%02x,step=%02x,stat2=%02x] ",
600 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep, sc->sc_espstat2));
601 }
602
603 /*
604 * Convert Synchronous Transfer Period to chip register Clock Per Byte value.
605 */
606 static inline int
ncr53c9x_stp2cpb(struct ncr53c9x_softc * sc,int period)607 ncr53c9x_stp2cpb(struct ncr53c9x_softc *sc, int period)
608 {
609 int v;
610
611 v = (sc->sc_freq * period) / 250;
612 if (ncr53c9x_cpb2stp(sc, v) < period)
613 /* Correct round-down error */
614 v++;
615 return v;
616 }
617
618 static inline void
ncr53c9x_setsync(struct ncr53c9x_softc * sc,struct ncr53c9x_tinfo * ti)619 ncr53c9x_setsync(struct ncr53c9x_softc *sc, struct ncr53c9x_tinfo *ti)
620 {
621 uint8_t syncoff, synctp;
622 uint8_t cfg3 = sc->sc_cfg3 | ti->cfg3;
623
624 if (ti->flags & T_SYNCMODE) {
625 syncoff = ti->offset;
626 synctp = ncr53c9x_stp2cpb(sc, ti->period);
627 if (sc->sc_features & NCR_F_FASTSCSI) {
628 /*
629 * If the period is 200ns or less (ti->period <= 50),
630 * put the chip in Fast SCSI mode.
631 */
632 if (ti->period <= 50)
633 /*
634 * There are (at least) 4 variations of the
635 * configuration 3 register. The drive attach
636 * routine sets the appropriate bit to put the
637 * chip into Fast SCSI mode so that it doesn't
638 * have to be figured out here each time.
639 */
640 cfg3 |= sc->sc_cfg3_fscsi;
641 }
642
643 /*
644 * Am53c974 requires different SYNCTP values when the
645 * FSCSI bit is off.
646 */
647 if (sc->sc_rev == NCR_VARIANT_AM53C974 &&
648 (cfg3 & NCRAMDCFG3_FSCSI) == 0)
649 synctp--;
650 } else {
651 syncoff = 0;
652 synctp = 0;
653 }
654
655 if (sc->sc_features & NCR_F_HASCFG3)
656 NCR_WRITE_REG(sc, NCR_CFG3, cfg3);
657
658 NCR_WRITE_REG(sc, NCR_SYNCOFF, syncoff);
659 NCR_WRITE_REG(sc, NCR_SYNCTP, synctp);
660 }
661
662 /*
663 * Send a command to a target, set the driver state to NCR_SELECTING
664 * and let the caller take care of the rest.
665 *
666 * Keeping this as a function allows me to say that this may be done
667 * by DMA instead of programmed I/O soon.
668 */
669 void
ncr53c9x_select(struct ncr53c9x_softc * sc,struct ncr53c9x_ecb * ecb)670 ncr53c9x_select(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb)
671 {
672 struct scsipi_periph *periph = ecb->xs->xs_periph;
673 int target = periph->periph_target;
674 int lun = periph->periph_lun;
675 struct ncr53c9x_tinfo *ti = &sc->sc_tinfo[target];
676 int tiflags = ti->flags;
677 uint8_t *cmd;
678 int clen;
679 bool selatn3, selatns;
680 size_t dmasize;
681
682 NCR_TRACE(("[ncr53c9x_select(t%d,l%d,cmd:%x,tag:%x,%x)] ",
683 target, lun, ecb->cmd.cmd.opcode, ecb->tag[0], ecb->tag[1]));
684
685 sc->sc_state = NCR_SELECTING;
686 /*
687 * Schedule the timeout now, the first time we will go away
688 * expecting to come back due to an interrupt, because it is
689 * always possible that the interrupt may never happen.
690 */
691 if ((ecb->xs->xs_control & XS_CTL_POLL) == 0) {
692 callout_reset(&ecb->xs->xs_callout, mstohz(ecb->timeout),
693 ncr53c9x_timeout, ecb);
694 }
695
696 /*
697 * The docs say the target register is never reset, and I
698 * can't think of a better place to set it
699 */
700 if (sc->sc_rev == NCR_VARIANT_FAS366) {
701 NCRCMD(sc, NCRCMD_FLUSH);
702 NCR_WRITE_REG(sc, NCR_SELID, target | NCR_BUSID_HME);
703 } else {
704 NCR_WRITE_REG(sc, NCR_SELID, target);
705 }
706 ncr53c9x_setsync(sc, ti);
707
708 if ((ecb->flags & ECB_SENSE) != 0) {
709 /*
710 * For REQUEST SENSE, we should not send an IDENTIFY or
711 * otherwise mangle the target. There should be no MESSAGE IN
712 * phase.
713 */
714 if (sc->sc_features & NCR_F_DMASELECT) {
715 /* setup DMA transfer for command */
716 dmasize = clen = ecb->clen;
717 sc->sc_cmdlen = clen;
718 sc->sc_cmdp = (void *)&ecb->cmd.cmd;
719
720 NCRDMA_SETUP(sc, &sc->sc_cmdp, &sc->sc_cmdlen, 0,
721 &dmasize);
722 /* Program the SCSI counter */
723 NCR_SET_COUNT(sc, dmasize);
724
725 if (sc->sc_rev != NCR_VARIANT_FAS366)
726 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA);
727
728 /* And get the targets attention */
729 NCRCMD(sc, NCRCMD_SELNATN | NCRCMD_DMA);
730 NCRDMA_GO(sc);
731 } else {
732 ncr53c9x_wrfifo(sc, (uint8_t *)&ecb->cmd.cmd,
733 ecb->clen);
734 sc->sc_cmdlen = 0;
735 NCRCMD(sc, NCRCMD_SELNATN);
736 }
737 return;
738 }
739
740 selatn3 = selatns = false;
741 if (ecb->tag[0] != 0) {
742 if (sc->sc_features & NCR_F_SELATN3)
743 /* use SELATN3 to send tag messages */
744 selatn3 = true;
745 else
746 /* We don't have SELATN3; use SELATNS to send tags */
747 selatns = true;
748 }
749
750 if (ti->flags & T_NEGOTIATE) {
751 /* We have to use SELATNS to send sync/wide messages */
752 selatn3 = false;
753 selatns = true;
754 }
755
756 cmd = (uint8_t *)&ecb->cmd.cmd;
757
758 if (selatn3) {
759 /* We'll use tags with SELATN3 */
760 clen = ecb->clen + 3;
761 cmd -= 3;
762 cmd[0] = MSG_IDENTIFY(lun, 1); /* msg[0] */
763 cmd[1] = ecb->tag[0]; /* msg[1] */
764 cmd[2] = ecb->tag[1]; /* msg[2] */
765 } else {
766 /* We don't have tags, or will send messages with SELATNS */
767 clen = ecb->clen + 1;
768 cmd -= 1;
769 cmd[0] = MSG_IDENTIFY(lun, (tiflags & T_RSELECTOFF) == 0);
770 }
771
772 if ((sc->sc_features & NCR_F_DMASELECT) && !selatns) {
773
774 /* setup DMA transfer for command */
775 dmasize = clen;
776 sc->sc_cmdlen = clen;
777 sc->sc_cmdp = cmd;
778
779 NCRDMA_SETUP(sc, &sc->sc_cmdp, &sc->sc_cmdlen, 0, &dmasize);
780 /* Program the SCSI counter */
781 NCR_SET_COUNT(sc, dmasize);
782
783 /* load the count in */
784 /* if (sc->sc_rev != NCR_VARIANT_FAS366) */
785 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA);
786
787 /* And get the targets attention */
788 if (selatn3) {
789 sc->sc_msgout = SEND_TAG;
790 sc->sc_flags |= NCR_ATN;
791 NCRCMD(sc, NCRCMD_SELATN3 | NCRCMD_DMA);
792 } else
793 NCRCMD(sc, NCRCMD_SELATN | NCRCMD_DMA);
794 NCRDMA_GO(sc);
795 return;
796 }
797
798 /*
799 * Who am I. This is where we tell the target that we are
800 * happy for it to disconnect etc.
801 */
802
803 /* Now get the command into the FIFO */
804 sc->sc_cmdlen = 0;
805 ncr53c9x_wrfifo(sc, cmd, clen);
806
807 /* And get the targets attention */
808 if (selatns) {
809 NCR_MSGS(("SELATNS \n"));
810 /* Arbitrate, select and stop after IDENTIFY message */
811 NCRCMD(sc, NCRCMD_SELATNS);
812 } else if (selatn3) {
813 sc->sc_msgout = SEND_TAG;
814 sc->sc_flags |= NCR_ATN;
815 NCRCMD(sc, NCRCMD_SELATN3);
816 } else
817 NCRCMD(sc, NCRCMD_SELATN);
818 }
819
820 void
ncr53c9x_free_ecb(struct ncr53c9x_softc * sc,struct ncr53c9x_ecb * ecb)821 ncr53c9x_free_ecb(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb)
822 {
823 int s;
824
825 s = splbio();
826 ecb->flags = 0;
827 pool_put(&ecb_pool, (void *)ecb);
828 splx(s);
829 return;
830 }
831
832 struct ncr53c9x_ecb *
ncr53c9x_get_ecb(struct ncr53c9x_softc * sc,int flags)833 ncr53c9x_get_ecb(struct ncr53c9x_softc *sc, int flags)
834 {
835 struct ncr53c9x_ecb *ecb;
836 int s;
837
838 s = splbio();
839 ecb = pool_get(&ecb_pool, PR_NOWAIT | PR_ZERO);
840 if (ecb)
841 ecb->flags |= ECB_ALLOC;
842 splx(s);
843 return ecb;
844 }
845
846 /*
847 * DRIVER FUNCTIONS CALLABLE FROM HIGHER LEVEL DRIVERS
848 */
849
850 /*
851 * Start a SCSI-command
852 * This function is called by the higher level SCSI-driver to queue/run
853 * SCSI-commands.
854 */
855
856 void
ncr53c9x_scsipi_request(struct scsipi_channel * chan,scsipi_adapter_req_t req,void * arg)857 ncr53c9x_scsipi_request(struct scsipi_channel *chan, scsipi_adapter_req_t req,
858 void *arg)
859 {
860 struct scsipi_xfer *xs;
861 struct scsipi_periph *periph;
862 struct ncr53c9x_softc *sc;
863 struct ncr53c9x_ecb *ecb;
864 int flags;
865
866 NCR_TRACE(("[ncr53c9x_scsipi_request] "));
867
868 sc = device_private(chan->chan_adapter->adapt_dev);
869 mutex_enter(&sc->sc_lock);
870
871 switch (req) {
872 case ADAPTER_REQ_RUN_XFER:
873 xs = arg;
874 periph = xs->xs_periph;
875 flags = xs->xs_control;
876
877 NCR_CMDS(("[0x%x, %d]->%d ", (int)xs->cmd->opcode, xs->cmdlen,
878 periph->periph_target));
879
880 /* Get an ECB to use. */
881 ecb = ncr53c9x_get_ecb(sc, xs->xs_control);
882 /*
883 * This should never happen as we track resources
884 * in the mid-layer, but for now it can as pool_get()
885 * can fail.
886 */
887 if (ecb == NULL) {
888 scsipi_printaddr(periph);
889 printf("%s: unable to allocate ecb\n",
890 device_xname(sc->sc_dev));
891 xs->error = XS_RESOURCE_SHORTAGE;
892 mutex_exit(&sc->sc_lock);
893 scsipi_done(xs);
894 return;
895 }
896
897 /* Initialize ecb */
898 ecb->xs = xs;
899 ecb->timeout = xs->timeout;
900
901 if (flags & XS_CTL_RESET) {
902 ecb->flags |= ECB_RESET;
903 ecb->clen = 0;
904 ecb->dleft = 0;
905 } else {
906 memcpy(&ecb->cmd.cmd, xs->cmd, xs->cmdlen);
907 ecb->clen = xs->cmdlen;
908 ecb->daddr = xs->data;
909 ecb->dleft = xs->datalen;
910 }
911 ecb->stat = 0;
912
913 TAILQ_INSERT_TAIL(&sc->ready_list, ecb, chain);
914 ecb->flags |= ECB_READY;
915 if (sc->sc_state == NCR_IDLE)
916 ncr53c9x_sched(sc);
917
918 if ((flags & XS_CTL_POLL) == 0)
919 break;
920
921 /* Not allowed to use interrupts, use polling instead */
922 if (ncr53c9x_poll(sc, xs, ecb->timeout)) {
923 ncr53c9x_timeout(ecb);
924 if (ncr53c9x_poll(sc, xs, ecb->timeout))
925 ncr53c9x_timeout(ecb);
926 }
927 break;
928
929 case ADAPTER_REQ_GROW_RESOURCES:
930 /* XXX Not supported. */
931 break;
932
933 case ADAPTER_REQ_SET_XFER_MODE:
934 {
935 struct ncr53c9x_tinfo *ti;
936 struct scsipi_xfer_mode *xm = arg;
937
938 ti = &sc->sc_tinfo[xm->xm_target];
939 ti->flags &= ~(T_NEGOTIATE|T_SYNCMODE);
940 ti->period = 0;
941 ti->offset = 0;
942
943 if ((sc->sc_cfflags & (1 << ((xm->xm_target & 7) + 16))) == 0 &&
944 (xm->xm_mode & PERIPH_CAP_TQING)) {
945 NCR_MISC(("%s: target %d: tagged queuing\n",
946 device_xname(sc->sc_dev), xm->xm_target));
947 ti->flags |= T_TAG;
948 } else
949 ti->flags &= ~T_TAG;
950
951 if ((xm->xm_mode & PERIPH_CAP_WIDE16) != 0) {
952 NCR_MISC(("%s: target %d: wide scsi negotiation\n",
953 device_xname(sc->sc_dev), xm->xm_target));
954 if (sc->sc_rev == NCR_VARIANT_FAS366) {
955 ti->flags |= T_WIDE;
956 ti->width = 1;
957 }
958 }
959
960 if ((xm->xm_mode & PERIPH_CAP_SYNC) != 0 &&
961 (ti->flags & T_SYNCHOFF) == 0 && sc->sc_minsync != 0) {
962 NCR_MISC(("%s: target %d: sync negotiation\n",
963 device_xname(sc->sc_dev), xm->xm_target));
964 ti->flags |= T_NEGOTIATE;
965 ti->period = sc->sc_minsync;
966 }
967 /*
968 * If we're not going to negotiate, send the notification
969 * now, since it won't happen later.
970 */
971 if ((ti->flags & T_NEGOTIATE) == 0)
972 ncr53c9x_update_xfer_mode(sc, xm->xm_target);
973 }
974 break;
975 }
976
977 mutex_exit(&sc->sc_lock);
978 }
979
980 void
ncr53c9x_update_xfer_mode(struct ncr53c9x_softc * sc,int target)981 ncr53c9x_update_xfer_mode(struct ncr53c9x_softc *sc, int target)
982 {
983 struct scsipi_xfer_mode xm;
984 struct ncr53c9x_tinfo *ti = &sc->sc_tinfo[target];
985
986 xm.xm_target = target;
987 xm.xm_mode = 0;
988 xm.xm_period = 0;
989 xm.xm_offset = 0;
990
991 if (ti->flags & T_SYNCMODE) {
992 xm.xm_mode |= PERIPH_CAP_SYNC;
993 xm.xm_period = ti->period;
994 xm.xm_offset = ti->offset;
995 }
996 if (ti->width)
997 xm.xm_mode |= PERIPH_CAP_WIDE16;
998
999 if ((ti->flags & (T_RSELECTOFF|T_TAG)) == T_TAG)
1000 xm.xm_mode |= PERIPH_CAP_TQING;
1001
1002 scsipi_async_event(&sc->sc_channel, ASYNC_EVENT_XFER_MODE, &xm);
1003 }
1004
1005 /*
1006 * Used when interrupt driven I/O isn't allowed, e.g. during boot.
1007 */
1008 int
ncr53c9x_poll(struct ncr53c9x_softc * sc,struct scsipi_xfer * xs,int count)1009 ncr53c9x_poll(struct ncr53c9x_softc *sc, struct scsipi_xfer *xs, int count)
1010 {
1011
1012 NCR_TRACE(("[ncr53c9x_poll] "));
1013 while (count) {
1014 if (NCRDMA_ISINTR(sc)) {
1015 mutex_exit(&sc->sc_lock);
1016 ncr53c9x_intr(sc);
1017 mutex_enter(&sc->sc_lock);
1018 }
1019 #if alternatively
1020 if (NCR_READ_REG(sc, NCR_STAT) & NCRSTAT_INT)
1021 ncr53c9x_intr(sc);
1022 #endif
1023 if ((xs->xs_status & XS_STS_DONE) != 0)
1024 return 0;
1025 if (sc->sc_state == NCR_IDLE) {
1026 NCR_TRACE(("[ncr53c9x_poll: rescheduling] "));
1027 ncr53c9x_sched(sc);
1028 }
1029 DELAY(1000);
1030 count--;
1031 }
1032 return 1;
1033 }
1034
1035 int
ncr53c9x_ioctl(struct scsipi_channel * chan,u_long cmd,void * arg,int flag,struct proc * p)1036 ncr53c9x_ioctl(struct scsipi_channel *chan, u_long cmd, void *arg,
1037 int flag, struct proc *p)
1038 {
1039 struct ncr53c9x_softc *sc;
1040 int error = 0;
1041
1042 sc = device_private(chan->chan_adapter->adapt_dev);
1043 switch (cmd) {
1044 case SCBUSIORESET:
1045 mutex_enter(&sc->sc_lock);
1046 ncr53c9x_init(sc, 1);
1047 mutex_exit(&sc->sc_lock);
1048 break;
1049 default:
1050 error = ENOTTY;
1051 break;
1052 }
1053 return error;
1054 }
1055
1056
1057 /*
1058 * LOW LEVEL SCSI UTILITIES
1059 */
1060
1061 /*
1062 * Schedule a scsi operation. This has now been pulled out of the interrupt
1063 * handler so that we may call it from ncr53c9x_scsipi_request and
1064 * ncr53c9x_done. This may save us an unnecessary interrupt just to get
1065 * things going. Should only be called when state == NCR_IDLE and at bio pl.
1066 */
1067 void
ncr53c9x_sched(struct ncr53c9x_softc * sc)1068 ncr53c9x_sched(struct ncr53c9x_softc *sc)
1069 {
1070 struct ncr53c9x_ecb *ecb;
1071 struct scsipi_periph *periph;
1072 struct ncr53c9x_tinfo *ti;
1073 struct ncr53c9x_linfo *li;
1074 int lun;
1075 int tag;
1076
1077 NCR_TRACE(("[ncr53c9x_sched] "));
1078 if (sc->sc_state != NCR_IDLE)
1079 panic("%s: not IDLE (state=%d)", __func__, sc->sc_state);
1080
1081 /*
1082 * Find first ecb in ready queue that is for a target/lunit
1083 * combinations that is not busy.
1084 */
1085 for (ecb = TAILQ_FIRST(&sc->ready_list); ecb != NULL;
1086 ecb = TAILQ_NEXT(ecb, chain)) {
1087 periph = ecb->xs->xs_periph;
1088 ti = &sc->sc_tinfo[periph->periph_target];
1089 lun = periph->periph_lun;
1090
1091 /* Select type of tag for this command */
1092 if ((ti->flags & T_RSELECTOFF) != 0)
1093 tag = 0;
1094 else if ((ti->flags & T_TAG) == 0)
1095 tag = 0;
1096 else if ((ecb->flags & ECB_SENSE) != 0)
1097 tag = 0;
1098 else
1099 tag = ecb->xs->xs_tag_type;
1100 #if 0
1101 /* XXXX Use tags for polled commands? */
1102 if (ecb->xs->xs_control & XS_CTL_POLL)
1103 tag = 0;
1104 #endif
1105
1106 li = TINFO_LUN(ti, lun);
1107 if (li == NULL) {
1108 /* Initialize LUN info and add to list. */
1109 li = malloc(sizeof(*li), M_DEVBUF, M_NOWAIT|M_ZERO);
1110 if (li == NULL) {
1111 continue;
1112 }
1113 li->lun = lun;
1114
1115 LIST_INSERT_HEAD(&ti->luns, li, link);
1116 if (lun < NCR_NLUN)
1117 ti->lun[lun] = li;
1118 }
1119 li->last_used = time_second;
1120 if (tag == 0) {
1121 /* Try to issue this as an un-tagged command */
1122 if (li->untagged == NULL)
1123 li->untagged = ecb;
1124 }
1125 if (li->untagged != NULL) {
1126 tag = 0;
1127 if ((li->busy != 1) && li->used == 0) {
1128 /* We need to issue this untagged command now */
1129 ecb = li->untagged;
1130 periph = ecb->xs->xs_periph;
1131 } else {
1132 /* Not ready yet */
1133 continue;
1134 }
1135 }
1136 ecb->tag[0] = tag;
1137 if (tag != 0) {
1138 li->queued[ecb->xs->xs_tag_id] = ecb;
1139 ecb->tag[1] = ecb->xs->xs_tag_id;
1140 li->used++;
1141 }
1142 if (li->untagged != NULL && (li->busy != 1)) {
1143 li->busy = 1;
1144 TAILQ_REMOVE(&sc->ready_list, ecb, chain);
1145 ecb->flags &= ~ECB_READY;
1146 sc->sc_nexus = ecb;
1147 ncr53c9x_select(sc, ecb);
1148 break;
1149 }
1150 if (li->untagged == NULL && tag != 0) {
1151 TAILQ_REMOVE(&sc->ready_list, ecb, chain);
1152 ecb->flags &= ~ECB_READY;
1153 sc->sc_nexus = ecb;
1154 ncr53c9x_select(sc, ecb);
1155 break;
1156 } else {
1157 NCR_TRACE(("%d:%d busy\n",
1158 periph->periph_target,
1159 periph->periph_lun));
1160 }
1161 }
1162 }
1163
1164 void
ncr53c9x_sense(struct ncr53c9x_softc * sc,struct ncr53c9x_ecb * ecb)1165 ncr53c9x_sense(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb)
1166 {
1167 struct scsipi_xfer *xs = ecb->xs;
1168 struct scsipi_periph *periph = xs->xs_periph;
1169 struct ncr53c9x_tinfo *ti = &sc->sc_tinfo[periph->periph_target];
1170 struct scsi_request_sense *ss = (void *)&ecb->cmd.cmd;
1171 struct ncr53c9x_linfo *li;
1172 int lun = periph->periph_lun;
1173
1174 NCR_TRACE(("requesting sense "));
1175 /* Next, setup a request sense command block */
1176 memset(ss, 0, sizeof(*ss));
1177 ss->opcode = SCSI_REQUEST_SENSE;
1178 ss->byte2 = periph->periph_lun << SCSI_CMD_LUN_SHIFT;
1179 ss->length = sizeof(struct scsi_sense_data);
1180 ecb->clen = sizeof(*ss);
1181 ecb->daddr = (uint8_t *)&xs->sense.scsi_sense;
1182 ecb->dleft = sizeof(struct scsi_sense_data);
1183 ecb->flags |= ECB_SENSE;
1184 ecb->timeout = NCR_SENSE_TIMEOUT;
1185 ti->senses++;
1186 li = TINFO_LUN(ti, lun);
1187 if (li->busy)
1188 li->busy = 0;
1189 ncr53c9x_dequeue(sc, ecb);
1190 li->untagged = ecb; /* must be executed first to fix C/A */
1191 li->busy = 2;
1192 if (ecb == sc->sc_nexus) {
1193 ncr53c9x_select(sc, ecb);
1194 } else {
1195 TAILQ_INSERT_HEAD(&sc->ready_list, ecb, chain);
1196 ecb->flags |= ECB_READY;
1197 if (sc->sc_state == NCR_IDLE)
1198 ncr53c9x_sched(sc);
1199 }
1200 }
1201
1202 /*
1203 * POST PROCESSING OF SCSI_CMD (usually current)
1204 */
1205 void
ncr53c9x_done(struct ncr53c9x_softc * sc,struct ncr53c9x_ecb * ecb)1206 ncr53c9x_done(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb)
1207 {
1208 struct scsipi_xfer *xs = ecb->xs;
1209 struct scsipi_periph *periph = xs->xs_periph;
1210 struct ncr53c9x_tinfo *ti = &sc->sc_tinfo[periph->periph_target];
1211 int lun = periph->periph_lun;
1212 struct ncr53c9x_linfo *li = TINFO_LUN(ti, lun);
1213
1214 NCR_TRACE(("[ncr53c9x_done(error:%x)] ", xs->error));
1215
1216 if ((xs->xs_control & XS_CTL_POLL) == 0)
1217 callout_stop(&xs->xs_callout);
1218
1219 /*
1220 * Now, if we've come here with no error code, i.e. we've kept the
1221 * initial XS_NOERROR, and the status code signals that we should
1222 * check sense, we'll need to set up a request sense cmd block and
1223 * push the command back into the ready queue *before* any other
1224 * commands for this target/lunit, else we lose the sense info.
1225 * We don't support chk sense conditions for the request sense cmd.
1226 */
1227 if (xs->error == XS_NOERROR) {
1228 xs->status = ecb->stat;
1229 if ((ecb->flags & ECB_ABORT) != 0) {
1230 xs->error = XS_TIMEOUT;
1231 } else if ((ecb->flags & ECB_SENSE) != 0) {
1232 xs->error = XS_SENSE;
1233 } else if ((ecb->stat & ST_MASK) == SCSI_CHECK) {
1234 /* First, save the return values */
1235 xs->resid = ecb->dleft;
1236 ncr53c9x_sense(sc, ecb);
1237 return;
1238 } else {
1239 xs->resid = ecb->dleft;
1240 }
1241 if (xs->status == SCSI_QUEUE_FULL || xs->status == XS_BUSY)
1242 xs->error = XS_BUSY;
1243 }
1244
1245 #ifdef NCR53C9X_DEBUG
1246 if (ncr53c9x_debug & NCR_SHOWTRAC) {
1247 if (xs->resid != 0)
1248 printf("resid=%d ", xs->resid);
1249 if (xs->error == XS_SENSE)
1250 printf("sense=0x%02x\n",
1251 xs->sense.scsi_sense.response_code);
1252 else
1253 printf("error=%d\n", xs->error);
1254 }
1255 #endif
1256
1257 /*
1258 * Remove the ECB from whatever queue it's on.
1259 */
1260 ncr53c9x_dequeue(sc, ecb);
1261 if (ecb == sc->sc_nexus) {
1262 sc->sc_nexus = NULL;
1263 if (sc->sc_state != NCR_CLEANING) {
1264 sc->sc_state = NCR_IDLE;
1265 ncr53c9x_sched(sc);
1266 }
1267 }
1268
1269 if (xs->error == XS_SELTIMEOUT) {
1270 /* Selection timeout -- discard this LUN if empty */
1271 if (li->untagged == NULL && li->used == 0) {
1272 if (lun < NCR_NLUN)
1273 ti->lun[lun] = NULL;
1274 LIST_REMOVE(li, link);
1275 free(li, M_DEVBUF);
1276 }
1277 }
1278
1279 ncr53c9x_free_ecb(sc, ecb);
1280 ti->cmds++;
1281 mutex_exit(&sc->sc_lock);
1282 scsipi_done(xs);
1283 mutex_enter(&sc->sc_lock);
1284 }
1285
1286 void
ncr53c9x_dequeue(struct ncr53c9x_softc * sc,struct ncr53c9x_ecb * ecb)1287 ncr53c9x_dequeue(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb)
1288 {
1289 struct ncr53c9x_tinfo *ti =
1290 &sc->sc_tinfo[ecb->xs->xs_periph->periph_target];
1291 struct ncr53c9x_linfo *li;
1292 int64_t lun = ecb->xs->xs_periph->periph_lun;
1293
1294 li = TINFO_LUN(ti, lun);
1295 #ifdef DIAGNOSTIC
1296 if (li == NULL || li->lun != lun)
1297 panic("%s: lun %" PRIx64 " for ecb %p does not exist",
1298 __func__, lun, ecb);
1299 #endif
1300 if (li->untagged == ecb) {
1301 li->busy = 0;
1302 li->untagged = NULL;
1303 }
1304 if (ecb->tag[0] && li->queued[ecb->tag[1]] != NULL) {
1305 #ifdef DIAGNOSTIC
1306 if (li->queued[ecb->tag[1]] != NULL &&
1307 (li->queued[ecb->tag[1]] != ecb))
1308 panic("%s: slot %d for lun %" PRIx64 " has %p "
1309 "instead of ecb %p\n", __func__, ecb->tag[1],
1310 lun,
1311 li->queued[ecb->tag[1]], ecb);
1312 #endif
1313 li->queued[ecb->tag[1]] = NULL;
1314 li->used--;
1315 }
1316
1317 if ((ecb->flags & ECB_READY) != 0) {
1318 ecb->flags &= ~ECB_READY;
1319 TAILQ_REMOVE(&sc->ready_list, ecb, chain);
1320 }
1321 }
1322
1323 /*
1324 * INTERRUPT/PROTOCOL ENGINE
1325 */
1326
1327 /*
1328 * Schedule an outgoing message by prioritizing it, and asserting
1329 * attention on the bus. We can only do this when we are the initiator
1330 * else there will be an illegal command interrupt.
1331 */
1332 #define ncr53c9x_sched_msgout(m) \
1333 do { \
1334 NCR_MSGS(("ncr53c9x_sched_msgout %x %d", m, __LINE__)); \
1335 NCRCMD(sc, NCRCMD_SETATN); \
1336 sc->sc_flags |= NCR_ATN; \
1337 sc->sc_msgpriq |= (m); \
1338 } while (/* CONSTCOND */0)
1339
1340 static void
ncr53c9x_flushfifo(struct ncr53c9x_softc * sc)1341 ncr53c9x_flushfifo(struct ncr53c9x_softc *sc)
1342 {
1343
1344 NCR_TRACE(("[flushfifo] "));
1345
1346 NCRCMD(sc, NCRCMD_FLUSH);
1347
1348 if (sc->sc_phase == COMMAND_PHASE ||
1349 sc->sc_phase == MESSAGE_OUT_PHASE)
1350 DELAY(2);
1351 }
1352
1353 static int
ncr53c9x_rdfifo(struct ncr53c9x_softc * sc,int how)1354 ncr53c9x_rdfifo(struct ncr53c9x_softc *sc, int how)
1355 {
1356 int i, n;
1357 uint8_t *ibuf;
1358
1359 switch (how) {
1360 case NCR_RDFIFO_START:
1361 ibuf = sc->sc_imess;
1362 sc->sc_imlen = 0;
1363 break;
1364 case NCR_RDFIFO_CONTINUE:
1365 ibuf = sc->sc_imess + sc->sc_imlen;
1366 break;
1367 default:
1368 panic("%s: bad flag", __func__);
1369 break;
1370 }
1371
1372 /*
1373 * XXX buffer (sc_imess) size for message
1374 */
1375
1376 n = NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF;
1377
1378 if (sc->sc_rev == NCR_VARIANT_FAS366) {
1379 n *= 2;
1380
1381 for (i = 0; i < n; i++)
1382 ibuf[i] = NCR_READ_REG(sc, NCR_FIFO);
1383
1384 if (sc->sc_espstat2 & NCRFAS_STAT2_ISHUTTLE) {
1385
1386 NCR_WRITE_REG(sc, NCR_FIFO, 0);
1387 ibuf[i++] = NCR_READ_REG(sc, NCR_FIFO);
1388
1389 NCR_READ_REG(sc, NCR_FIFO);
1390
1391 ncr53c9x_flushfifo(sc);
1392 }
1393 } else {
1394 for (i = 0; i < n; i++)
1395 ibuf[i] = NCR_READ_REG(sc, NCR_FIFO);
1396 }
1397
1398 sc->sc_imlen += i;
1399
1400 #if 0
1401 #ifdef NCR53C9X_DEBUG
1402 {
1403 int j;
1404
1405 NCR_TRACE(("\n[rdfifo %s (%d):",
1406 (how == NCR_RDFIFO_START) ? "start" : "cont",
1407 (int)sc->sc_imlen));
1408 if (ncr53c9x_debug & NCR_SHOWTRAC) {
1409 for (j = 0; j < sc->sc_imlen; j++)
1410 printf(" %02x", sc->sc_imess[j]);
1411 printf("]\n");
1412 }
1413 }
1414 #endif
1415 #endif
1416 return sc->sc_imlen;
1417 }
1418
1419 static void
ncr53c9x_wrfifo(struct ncr53c9x_softc * sc,uint8_t * p,int len)1420 ncr53c9x_wrfifo(struct ncr53c9x_softc *sc, uint8_t *p, int len)
1421 {
1422 int i;
1423
1424 #ifdef NCR53C9X_DEBUG
1425 NCR_MSGS(("[wrfifo(%d):", len));
1426 if (ncr53c9x_debug & NCR_SHOWMSGS) {
1427 for (i = 0; i < len; i++)
1428 printf(" %02x", p[i]);
1429 printf("]\n");
1430 }
1431 #endif
1432
1433 for (i = 0; i < len; i++) {
1434 NCR_WRITE_REG(sc, NCR_FIFO, p[i]);
1435
1436 if (sc->sc_rev == NCR_VARIANT_FAS366)
1437 NCR_WRITE_REG(sc, NCR_FIFO, 0);
1438 }
1439 }
1440
1441 int
ncr53c9x_reselect(struct ncr53c9x_softc * sc,int message,int tagtype,int tagid)1442 ncr53c9x_reselect(struct ncr53c9x_softc *sc, int message, int tagtype,
1443 int tagid)
1444 {
1445 uint8_t selid, target, lun;
1446 struct ncr53c9x_ecb *ecb = NULL;
1447 struct ncr53c9x_tinfo *ti;
1448 struct ncr53c9x_linfo *li;
1449
1450 if (sc->sc_rev == NCR_VARIANT_FAS366) {
1451 target = sc->sc_selid;
1452 } else {
1453 /*
1454 * The SCSI chip made a snapshot of the data bus
1455 * while the reselection was being negotiated.
1456 * This enables us to determine which target did
1457 * the reselect.
1458 */
1459 selid = sc->sc_selid & ~(1 << sc->sc_id);
1460 if (selid & (selid - 1)) {
1461 printf("%s: reselect with invalid selid %02x;"
1462 " sending DEVICE RESET\n",
1463 device_xname(sc->sc_dev), selid);
1464 goto reset;
1465 }
1466
1467 target = ffs(selid) - 1;
1468 }
1469 lun = message & 0x07;
1470
1471 /*
1472 * Search wait queue for disconnected cmd
1473 * The list should be short, so I haven't bothered with
1474 * any more sophisticated structures than a simple
1475 * singly linked list.
1476 */
1477 ti = &sc->sc_tinfo[target];
1478 li = TINFO_LUN(ti, lun);
1479
1480 /*
1481 * We can get as far as the LUN with the IDENTIFY
1482 * message. Check to see if we're running an
1483 * un-tagged command. Otherwise ack the IDENTIFY
1484 * and wait for a tag message.
1485 */
1486 if (li != NULL) {
1487 if (li->untagged != NULL && li->busy)
1488 ecb = li->untagged;
1489 else if (tagtype != MSG_SIMPLE_Q_TAG) {
1490 /* Wait for tag to come by */
1491 sc->sc_state = NCR_IDENTIFIED;
1492 return 0;
1493 } else if (tagtype)
1494 ecb = li->queued[tagid];
1495 }
1496 if (ecb == NULL) {
1497 printf("%s: reselect from target %d lun %d tag %x:%x "
1498 "with no nexus; sending ABORT\n",
1499 device_xname(sc->sc_dev), target, lun, tagtype, tagid);
1500 goto abort;
1501 }
1502
1503 /* Make this nexus active again. */
1504 sc->sc_state = NCR_CONNECTED;
1505 sc->sc_nexus = ecb;
1506 ncr53c9x_setsync(sc, ti);
1507
1508 if (ecb->flags & ECB_RESET)
1509 ncr53c9x_sched_msgout(SEND_DEV_RESET);
1510 else if (ecb->flags & ECB_ABORT)
1511 ncr53c9x_sched_msgout(SEND_ABORT);
1512
1513 /* Do an implicit RESTORE POINTERS. */
1514 sc->sc_dp = ecb->daddr;
1515 sc->sc_dleft = ecb->dleft;
1516
1517 return 0;
1518
1519 reset:
1520 ncr53c9x_sched_msgout(SEND_DEV_RESET);
1521 return 1;
1522
1523 abort:
1524 ncr53c9x_sched_msgout(SEND_ABORT);
1525 return 1;
1526 }
1527
1528 static inline int
__verify_msg_format(uint8_t * p,int len)1529 __verify_msg_format(uint8_t *p, int len)
1530 {
1531
1532 if (len == 1 && MSG_IS1BYTE(p[0]))
1533 return 1;
1534 if (len == 2 && MSG_IS2BYTE(p[0]))
1535 return 1;
1536 if (len >= 3 && MSG_ISEXTENDED(p[0]) &&
1537 len == p[1] + 2)
1538 return 1;
1539
1540 return 0;
1541 }
1542
1543 /*
1544 * Get an incoming message as initiator.
1545 *
1546 * The SCSI bus must already be in MESSAGE_IN_PHASE and there is a
1547 * byte in the FIFO
1548 */
1549 void
ncr53c9x_msgin(struct ncr53c9x_softc * sc)1550 ncr53c9x_msgin(struct ncr53c9x_softc *sc)
1551 {
1552
1553 NCR_TRACE(("[ncr53c9x_msgin(curmsglen:%ld)] ", (long)sc->sc_imlen));
1554
1555 if (sc->sc_imlen == 0) {
1556 printf("%s: msgin: no msg byte available\n",
1557 device_xname(sc->sc_dev));
1558 return;
1559 }
1560
1561 /*
1562 * Prepare for a new message. A message should (according
1563 * to the SCSI standard) be transmitted in one single
1564 * MESSAGE_IN_PHASE. If we have been in some other phase,
1565 * then this is a new message.
1566 */
1567 if (sc->sc_prevphase != MESSAGE_IN_PHASE &&
1568 sc->sc_state != NCR_RESELECTED) {
1569 printf("%s: phase change, dropping message, "
1570 "prev %d, state %d\n",
1571 device_xname(sc->sc_dev), sc->sc_prevphase, sc->sc_state);
1572 sc->sc_flags &= ~NCR_DROP_MSGI;
1573 sc->sc_imlen = 0;
1574 }
1575
1576 /*
1577 * If we're going to reject the message, don't bother storing
1578 * the incoming bytes. But still, we need to ACK them.
1579 */
1580 if ((sc->sc_flags & NCR_DROP_MSGI) != 0) {
1581 NCRCMD(sc, NCRCMD_MSGOK);
1582 printf("<dropping msg byte %x>", sc->sc_imess[sc->sc_imlen]);
1583 return;
1584 }
1585
1586 if (sc->sc_imlen >= NCR_MAX_MSG_LEN) {
1587 ncr53c9x_sched_msgout(SEND_REJECT);
1588 sc->sc_flags |= NCR_DROP_MSGI;
1589 } else {
1590 uint8_t *pb;
1591 int plen;
1592
1593 switch (sc->sc_state) {
1594 /*
1595 * if received message is the first of reselection
1596 * then first byte is selid, and then message
1597 */
1598 case NCR_RESELECTED:
1599 pb = sc->sc_imess + 1;
1600 plen = sc->sc_imlen - 1;
1601 break;
1602 default:
1603 pb = sc->sc_imess;
1604 plen = sc->sc_imlen;
1605 break;
1606 }
1607
1608 if (__verify_msg_format(pb, plen))
1609 goto gotit;
1610 }
1611
1612 /* Ack what we have so far */
1613 NCRCMD(sc, NCRCMD_MSGOK);
1614 return;
1615
1616 gotit:
1617 NCR_MSGS(("gotmsg(%x) state %d", sc->sc_imess[0], sc->sc_state));
1618 /* we got complete message, flush the imess, */
1619 /* XXX nobody uses imlen below */
1620 sc->sc_imlen = 0;
1621 /*
1622 * Now we should have a complete message (1 byte, 2 byte
1623 * and moderately long extended messages). We only handle
1624 * extended messages which total length is shorter than
1625 * NCR_MAX_MSG_LEN. Longer messages will be amputated.
1626 */
1627 switch (sc->sc_state) {
1628 struct ncr53c9x_ecb *ecb;
1629 struct ncr53c9x_tinfo *ti;
1630 struct ncr53c9x_linfo *li;
1631 int lun;
1632
1633 case NCR_CONNECTED:
1634 ecb = sc->sc_nexus;
1635 ti = &sc->sc_tinfo[ecb->xs->xs_periph->periph_target];
1636
1637 switch (sc->sc_imess[0]) {
1638 case MSG_CMDCOMPLETE:
1639 NCR_MSGS(("cmdcomplete "));
1640 if (sc->sc_dleft < 0) {
1641 scsipi_printaddr(ecb->xs->xs_periph);
1642 printf("%s: got %ld extra bytes\n",
1643 device_xname(sc->sc_dev),
1644 -(long)sc->sc_dleft);
1645 sc->sc_dleft = 0;
1646 }
1647 ecb->dleft = (ecb->flags & ECB_TENTATIVE_DONE) ?
1648 0 : sc->sc_dleft;
1649 if ((ecb->flags & ECB_SENSE) == 0)
1650 ecb->xs->resid = ecb->dleft;
1651 sc->sc_state = NCR_CMDCOMPLETE;
1652 break;
1653
1654 case MSG_MESSAGE_REJECT:
1655 NCR_MSGS(("msg reject (msgout=%x) ", sc->sc_msgout));
1656 switch (sc->sc_msgout) {
1657 case SEND_TAG:
1658 /*
1659 * Target does not like tagged queuing.
1660 * - Flush the command queue
1661 * - Disable tagged queuing for the target
1662 * - Dequeue ecb from the queued array.
1663 */
1664 printf("%s: tagged queuing rejected: "
1665 "target %d\n",
1666 device_xname(sc->sc_dev),
1667 ecb->xs->xs_periph->periph_target);
1668
1669 NCR_MSGS(("(rejected sent tag)"));
1670 NCRCMD(sc, NCRCMD_FLUSH);
1671 DELAY(1);
1672 ti->flags &= ~T_TAG;
1673 lun = ecb->xs->xs_periph->periph_lun;
1674 li = TINFO_LUN(ti, lun);
1675 if (ecb->tag[0] &&
1676 li->queued[ecb->tag[1]] != NULL) {
1677 li->queued[ecb->tag[1]] = NULL;
1678 li->used--;
1679 }
1680 ecb->tag[0] = ecb->tag[1] = 0;
1681 li->untagged = ecb;
1682 li->busy = 1;
1683 break;
1684
1685 case SEND_SDTR:
1686 printf("%s: sync transfer rejected: "
1687 "target %d\n",
1688 device_xname(sc->sc_dev),
1689 ecb->xs->xs_periph->periph_target);
1690
1691 sc->sc_flags &= ~NCR_SYNCHNEGO;
1692 ti->flags &= ~(T_NEGOTIATE | T_SYNCMODE);
1693 ncr53c9x_setsync(sc, ti);
1694 ncr53c9x_update_xfer_mode(sc,
1695 ecb->xs->xs_periph->periph_target);
1696 break;
1697
1698 case SEND_WDTR:
1699 printf("%s: wide transfer rejected: "
1700 "target %d\n",
1701 device_xname(sc->sc_dev),
1702 ecb->xs->xs_periph->periph_target);
1703 ti->flags &= ~(T_WIDE | T_WDTRSENT);
1704 ti->width = 0;
1705 break;
1706
1707 case SEND_INIT_DET_ERR:
1708 goto abort;
1709 }
1710 break;
1711
1712 case MSG_NOOP:
1713 NCR_MSGS(("noop "));
1714 break;
1715
1716 case MSG_HEAD_OF_Q_TAG:
1717 case MSG_SIMPLE_Q_TAG:
1718 case MSG_ORDERED_Q_TAG:
1719 NCR_MSGS(("TAG %x:%x",
1720 sc->sc_imess[0], sc->sc_imess[1]));
1721 break;
1722
1723 case MSG_DISCONNECT:
1724 NCR_MSGS(("disconnect "));
1725 ti->dconns++;
1726 sc->sc_state = NCR_DISCONNECT;
1727
1728 /*
1729 * Mark the fact that all bytes have moved. The
1730 * target may not bother to do a SAVE POINTERS
1731 * at this stage. This flag will set the residual
1732 * count to zero on MSG COMPLETE.
1733 */
1734 if (sc->sc_dleft == 0)
1735 ecb->flags |= ECB_TENTATIVE_DONE;
1736
1737 break;
1738
1739 case MSG_SAVEDATAPOINTER:
1740 NCR_MSGS(("save datapointer "));
1741 ecb->daddr = sc->sc_dp;
1742 ecb->dleft = sc->sc_dleft;
1743 break;
1744
1745 case MSG_RESTOREPOINTERS:
1746 NCR_MSGS(("restore datapointer "));
1747 sc->sc_dp = ecb->daddr;
1748 sc->sc_dleft = ecb->dleft;
1749 break;
1750
1751 case MSG_EXTENDED:
1752 NCR_MSGS(("extended(%x) ", sc->sc_imess[2]));
1753 switch (sc->sc_imess[2]) {
1754 case MSG_EXT_SDTR:
1755 NCR_MSGS(("SDTR period %d, offset %d ",
1756 sc->sc_imess[3], sc->sc_imess[4]));
1757 if (sc->sc_imess[1] != 3)
1758 goto reject;
1759 ti->period = sc->sc_imess[3];
1760 ti->offset = sc->sc_imess[4];
1761 ti->flags &= ~T_NEGOTIATE;
1762 if (sc->sc_minsync == 0 ||
1763 ti->offset == 0 ||
1764 ti->period > 124) {
1765 #if 0
1766 #ifdef NCR53C9X_DEBUG
1767 scsipi_printaddr(ecb->xs->xs_periph);
1768 printf("async mode\n");
1769 #endif
1770 #endif
1771 ti->flags &= ~T_SYNCMODE;
1772 if ((sc->sc_flags&NCR_SYNCHNEGO) == 0) {
1773 /*
1774 * target initiated negotiation
1775 */
1776 ti->offset = 0;
1777 ncr53c9x_sched_msgout(
1778 SEND_SDTR);
1779 }
1780 } else {
1781 int p;
1782
1783 p = ncr53c9x_stp2cpb(sc, ti->period);
1784 ti->period = ncr53c9x_cpb2stp(sc, p);
1785 if ((sc->sc_flags&NCR_SYNCHNEGO) == 0) {
1786 /*
1787 * target initiated negotiation
1788 */
1789 if (ti->period <
1790 sc->sc_minsync)
1791 ti->period =
1792 sc->sc_minsync;
1793 if (ti->offset > 15)
1794 ti->offset = 15;
1795 ti->flags &= ~T_SYNCMODE;
1796 ncr53c9x_sched_msgout(
1797 SEND_SDTR);
1798 } else {
1799 /* we are sync */
1800 ti->flags |= T_SYNCMODE;
1801 }
1802 }
1803 ncr53c9x_update_xfer_mode(sc,
1804 ecb->xs->xs_periph->periph_target);
1805 sc->sc_flags &= ~NCR_SYNCHNEGO;
1806 ncr53c9x_setsync(sc, ti);
1807 break;
1808
1809 case MSG_EXT_WDTR:
1810 #ifdef NCR53C9X_DEBUG
1811 printf("%s: wide mode %d\n",
1812 device_xname(sc->sc_dev), sc->sc_imess[3]);
1813 #endif
1814 if (sc->sc_imess[3] == 1) {
1815 ti->cfg3 |= NCRFASCFG3_EWIDE;
1816 ncr53c9x_setsync(sc, ti);
1817 } else
1818 ti->width = 0;
1819 /*
1820 * Device started width negotiation.
1821 */
1822 if ((ti->flags & T_WDTRSENT) == 0)
1823 ncr53c9x_sched_msgout(SEND_WDTR);
1824 ti->flags &= ~(T_WIDE | T_WDTRSENT);
1825 break;
1826 default:
1827 scsipi_printaddr(ecb->xs->xs_periph);
1828 printf("%s: unrecognized MESSAGE EXTENDED;"
1829 " sending REJECT\n",
1830 device_xname(sc->sc_dev));
1831 goto reject;
1832 }
1833 break;
1834 case MSG_IGN_WIDE_RESIDUE:
1835 NCR_MSGS(("ignore wide residue "));
1836 break;
1837
1838 default:
1839 NCR_MSGS(("ident "));
1840 scsipi_printaddr(ecb->xs->xs_periph);
1841 printf("%s: unrecognized MESSAGE (%x); sending REJECT\n",
1842 device_xname(sc->sc_dev), sc->sc_imess[0]);
1843 reject:
1844 ncr53c9x_sched_msgout(SEND_REJECT);
1845 break;
1846 }
1847 break;
1848
1849 case NCR_IDENTIFIED:
1850 /*
1851 * IDENTIFY message was received and queue tag is expected now
1852 */
1853 if ((sc->sc_imess[0] != MSG_SIMPLE_Q_TAG) ||
1854 (sc->sc_msgify == 0)) {
1855 printf("%s: TAG reselect without IDENTIFY;"
1856 " MSG %x;"
1857 " sending DEVICE RESET\n",
1858 device_xname(sc->sc_dev),
1859 sc->sc_imess[0]);
1860 goto reset;
1861 }
1862 (void)ncr53c9x_reselect(sc, sc->sc_msgify,
1863 sc->sc_imess[0], sc->sc_imess[1]);
1864 break;
1865
1866 case NCR_RESELECTED:
1867 if (MSG_ISIDENTIFY(sc->sc_imess[1])) {
1868 sc->sc_msgify = sc->sc_imess[1];
1869 } else {
1870 printf("%s: reselect without IDENTIFY;"
1871 " MSG %x;"
1872 " sending DEVICE RESET\n",
1873 device_xname(sc->sc_dev),
1874 sc->sc_imess[1]);
1875 goto reset;
1876 }
1877 (void)ncr53c9x_reselect(sc, sc->sc_msgify, 0, 0);
1878 break;
1879
1880 default:
1881 printf("%s: unexpected MESSAGE IN; sending DEVICE RESET\n",
1882 device_xname(sc->sc_dev));
1883 reset:
1884 ncr53c9x_sched_msgout(SEND_DEV_RESET);
1885 break;
1886
1887 abort:
1888 ncr53c9x_sched_msgout(SEND_ABORT);
1889 break;
1890 }
1891
1892 /* if we have more messages to send set ATN */
1893 if (sc->sc_msgpriq)
1894 NCRCMD(sc, NCRCMD_SETATN);
1895
1896 /* Ack last message byte */
1897 NCRCMD(sc, NCRCMD_MSGOK);
1898
1899 /* Done, reset message pointer. */
1900 sc->sc_flags &= ~NCR_DROP_MSGI;
1901 sc->sc_imlen = 0;
1902 }
1903
1904
1905 /*
1906 * Send the highest priority, scheduled message
1907 */
1908 void
ncr53c9x_msgout(struct ncr53c9x_softc * sc)1909 ncr53c9x_msgout(struct ncr53c9x_softc *sc)
1910 {
1911 struct ncr53c9x_tinfo *ti;
1912 struct ncr53c9x_ecb *ecb;
1913 size_t size;
1914
1915 NCR_TRACE(("[ncr53c9x_msgout(priq:%x, prevphase:%x)]",
1916 sc->sc_msgpriq, sc->sc_prevphase));
1917
1918 /*
1919 * XXX - the NCR_ATN flag is not in sync with the actual ATN
1920 * condition on the SCSI bus. The 53c9x chip
1921 * automatically turns off ATN before sending the
1922 * message byte. (see also the comment below in the
1923 * default case when picking out a message to send)
1924 */
1925 if (sc->sc_flags & NCR_ATN) {
1926 if (sc->sc_prevphase != MESSAGE_OUT_PHASE) {
1927 new:
1928 NCRCMD(sc, NCRCMD_FLUSH);
1929 #if 0
1930 DELAY(1);
1931 #endif
1932 sc->sc_msgoutq = 0;
1933 sc->sc_omlen = 0;
1934 }
1935 } else {
1936 if (sc->sc_prevphase == MESSAGE_OUT_PHASE) {
1937 ncr53c9x_sched_msgout(sc->sc_msgoutq);
1938 goto new;
1939 } else {
1940 printf("%s at line %d: unexpected MESSAGE OUT phase\n",
1941 device_xname(sc->sc_dev), __LINE__);
1942 }
1943 }
1944
1945 if (sc->sc_omlen == 0) {
1946 /* Pick up highest priority message */
1947 sc->sc_msgout = sc->sc_msgpriq & -sc->sc_msgpriq;
1948 sc->sc_msgoutq |= sc->sc_msgout;
1949 sc->sc_msgpriq &= ~sc->sc_msgout;
1950 sc->sc_omlen = 1; /* "Default" message len */
1951 switch (sc->sc_msgout) {
1952 case SEND_SDTR:
1953 ecb = sc->sc_nexus;
1954 ti = &sc->sc_tinfo[ecb->xs->xs_periph->periph_target];
1955 sc->sc_omess[0] = MSG_EXTENDED;
1956 sc->sc_omess[1] = MSG_EXT_SDTR_LEN;
1957 sc->sc_omess[2] = MSG_EXT_SDTR;
1958 sc->sc_omess[3] = ti->period;
1959 sc->sc_omess[4] = ti->offset;
1960 sc->sc_omlen = 5;
1961 if ((sc->sc_flags & NCR_SYNCHNEGO) == 0) {
1962 ti->flags |= T_SYNCMODE;
1963 ncr53c9x_setsync(sc, ti);
1964 }
1965 break;
1966 case SEND_WDTR:
1967 ecb = sc->sc_nexus;
1968 ti = &sc->sc_tinfo[ecb->xs->xs_periph->periph_target];
1969 sc->sc_omess[0] = MSG_EXTENDED;
1970 sc->sc_omess[1] = MSG_EXT_WDTR_LEN;
1971 sc->sc_omess[2] = MSG_EXT_WDTR;
1972 sc->sc_omess[3] = ti->width;
1973 sc->sc_omlen = 4;
1974 break;
1975 case SEND_IDENTIFY:
1976 if (sc->sc_state != NCR_CONNECTED) {
1977 printf("%s at line %d: no nexus\n",
1978 device_xname(sc->sc_dev), __LINE__);
1979 }
1980 ecb = sc->sc_nexus;
1981 sc->sc_omess[0] =
1982 MSG_IDENTIFY(ecb->xs->xs_periph->periph_lun, 0);
1983 break;
1984 case SEND_TAG:
1985 if (sc->sc_state != NCR_CONNECTED) {
1986 printf("%s at line %d: no nexus\n",
1987 device_xname(sc->sc_dev), __LINE__);
1988 }
1989 ecb = sc->sc_nexus;
1990 sc->sc_omess[0] = ecb->tag[0];
1991 sc->sc_omess[1] = ecb->tag[1];
1992 sc->sc_omlen = 2;
1993 break;
1994 case SEND_DEV_RESET:
1995 sc->sc_flags |= NCR_ABORTING;
1996 sc->sc_omess[0] = MSG_BUS_DEV_RESET;
1997 ecb = sc->sc_nexus;
1998 ti = &sc->sc_tinfo[ecb->xs->xs_periph->periph_target];
1999 ti->flags &= ~T_SYNCMODE;
2000 ncr53c9x_update_xfer_mode(sc,
2001 ecb->xs->xs_periph->periph_target);
2002 if ((ti->flags & T_SYNCHOFF) == 0)
2003 /* We can re-start sync negotiation */
2004 ti->flags |= T_NEGOTIATE;
2005 break;
2006 case SEND_PARITY_ERROR:
2007 sc->sc_omess[0] = MSG_PARITY_ERROR;
2008 break;
2009 case SEND_ABORT:
2010 sc->sc_flags |= NCR_ABORTING;
2011 sc->sc_omess[0] = MSG_ABORT;
2012 break;
2013 case SEND_INIT_DET_ERR:
2014 sc->sc_omess[0] = MSG_INITIATOR_DET_ERR;
2015 break;
2016 case SEND_REJECT:
2017 sc->sc_omess[0] = MSG_MESSAGE_REJECT;
2018 break;
2019 default:
2020 /*
2021 * We normally do not get here, since the chip
2022 * automatically turns off ATN before the last
2023 * byte of a message is sent to the target.
2024 * However, if the target rejects our (multi-byte)
2025 * message early by switching to MSG IN phase
2026 * ATN remains on, so the target may return to
2027 * MSG OUT phase. If there are no scheduled messages
2028 * left we send a NO-OP.
2029 *
2030 * XXX - Note that this leaves no useful purpose for
2031 * the NCR_ATN flag.
2032 */
2033 sc->sc_flags &= ~NCR_ATN;
2034 sc->sc_omess[0] = MSG_NOOP;
2035 break;
2036 }
2037 sc->sc_omp = sc->sc_omess;
2038 }
2039
2040 #ifdef DEBUG
2041 if (ncr53c9x_debug & NCR_SHOWMSGS) {
2042 int i;
2043
2044 NCR_MSGS(("<msgout:"));
2045 for (i = 0; i < sc->sc_omlen; i++)
2046 NCR_MSGS((" %02x", sc->sc_omess[i]));
2047 NCR_MSGS(("> "));
2048 }
2049 #endif
2050 if (sc->sc_rev == NCR_VARIANT_FAS366) {
2051 /*
2052 * XXX fifo size
2053 */
2054 ncr53c9x_flushfifo(sc);
2055 ncr53c9x_wrfifo(sc, sc->sc_omp, sc->sc_omlen);
2056 sc->sc_cmdlen = 0;
2057 NCRCMD(sc, NCRCMD_TRANS);
2058 } else {
2059 /* (re)send the message */
2060 size = uimin(sc->sc_omlen, sc->sc_maxxfer);
2061 NCRDMA_SETUP(sc, &sc->sc_omp, &sc->sc_omlen, 0, &size);
2062 /* Program the SCSI counter */
2063 NCR_SET_COUNT(sc, size);
2064
2065 /* Load the count in and start the message-out transfer */
2066 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA);
2067 NCRCMD(sc, NCRCMD_TRANS | NCRCMD_DMA);
2068 NCRDMA_GO(sc);
2069 }
2070 }
2071
2072 /*
2073 * This is the most critical part of the driver, and has to know
2074 * how to deal with *all* error conditions and phases from the SCSI
2075 * bus. If there are no errors and the DMA was active, then call the
2076 * DMA pseudo-interrupt handler. If this returns 1, then that was it
2077 * and we can return from here without further processing.
2078 *
2079 * Most of this needs verifying.
2080 */
2081 int
ncr53c9x_intr(void * arg)2082 ncr53c9x_intr(void *arg)
2083 {
2084 struct ncr53c9x_softc *sc = arg;
2085 struct ncr53c9x_ecb *ecb;
2086 struct scsipi_periph *periph;
2087 struct ncr53c9x_tinfo *ti;
2088 size_t size;
2089 int nfifo;
2090
2091 NCR_INTS(("[ncr53c9x_intr: state %d]", sc->sc_state));
2092
2093 if (!NCRDMA_ISINTR(sc))
2094 return 0;
2095
2096 mutex_enter(&sc->sc_lock);
2097 again:
2098 /* and what do the registers say... */
2099 ncr53c9x_readregs(sc);
2100
2101 sc->sc_intrcnt.ev_count++;
2102
2103 /*
2104 * At the moment, only a SCSI Bus Reset or Illegal
2105 * Command are classed as errors. A disconnect is a
2106 * valid condition, and we let the code check is the
2107 * "NCR_BUSFREE_OK" flag was set before declaring it
2108 * and error.
2109 *
2110 * Also, the status register tells us about "Gross
2111 * Errors" and "Parity errors". Only the Gross Error
2112 * is really bad, and the parity errors are dealt
2113 * with later
2114 *
2115 * TODO
2116 * If there are too many parity error, go to slow
2117 * cable mode ?
2118 */
2119
2120 /* SCSI Reset */
2121 if ((sc->sc_espintr & NCRINTR_SBR) != 0) {
2122 if ((NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) != 0) {
2123 NCRCMD(sc, NCRCMD_FLUSH);
2124 DELAY(1);
2125 }
2126 if (sc->sc_state != NCR_SBR) {
2127 printf("%s: SCSI bus reset\n",
2128 device_xname(sc->sc_dev));
2129 ncr53c9x_init(sc, 0); /* Restart everything */
2130 goto out;
2131 }
2132 #if 0
2133 /*XXX*/ printf("<expected bus reset: "
2134 "[intr %x, stat %x, step %d]>\n",
2135 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep);
2136 #endif
2137 if (sc->sc_nexus != NULL)
2138 panic("%s: nexus in reset state",
2139 device_xname(sc->sc_dev));
2140 goto sched;
2141 }
2142
2143 ecb = sc->sc_nexus;
2144
2145 #define NCRINTR_ERR (NCRINTR_SBR|NCRINTR_ILL)
2146 if (sc->sc_espintr & NCRINTR_ERR ||
2147 sc->sc_espstat & NCRSTAT_GE) {
2148
2149 if ((sc->sc_espstat & NCRSTAT_GE) != 0) {
2150 /* Gross Error; no target ? */
2151 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) {
2152 NCRCMD(sc, NCRCMD_FLUSH);
2153 DELAY(1);
2154 }
2155 if (sc->sc_state == NCR_CONNECTED ||
2156 sc->sc_state == NCR_SELECTING) {
2157 ecb->xs->error = XS_TIMEOUT;
2158 ncr53c9x_done(sc, ecb);
2159 }
2160 goto out;
2161 }
2162
2163 if ((sc->sc_espintr & NCRINTR_ILL) != 0) {
2164 if ((sc->sc_flags & NCR_EXPECT_ILLCMD) != 0) {
2165 /*
2166 * Eat away "Illegal command" interrupt
2167 * on a ESP100 caused by a re-selection
2168 * while we were trying to select
2169 * another target.
2170 */
2171 #ifdef NCR53C9X_DEBUG
2172 printf("%s: ESP100 work-around activated\n",
2173 device_xname(sc->sc_dev));
2174 #endif
2175 sc->sc_flags &= ~NCR_EXPECT_ILLCMD;
2176 goto out;
2177 }
2178 /* illegal command, out of sync ? */
2179 printf("%s: illegal command: 0x%x "
2180 "(state %d, phase %x, prevphase %x)\n",
2181 device_xname(sc->sc_dev), sc->sc_lastcmd,
2182 sc->sc_state, sc->sc_phase, sc->sc_prevphase);
2183 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) {
2184 NCRCMD(sc, NCRCMD_FLUSH);
2185 DELAY(1);
2186 }
2187 ncr53c9x_init(sc, 1); /* Restart everything */
2188 goto out;
2189 }
2190 }
2191 sc->sc_flags &= ~NCR_EXPECT_ILLCMD;
2192
2193 /*
2194 * Call if DMA is active.
2195 *
2196 * If DMA_INTR returns true, then maybe go 'round the loop
2197 * again in case there is no more DMA queued, but a phase
2198 * change is expected.
2199 */
2200 if (NCRDMA_ISACTIVE(sc)) {
2201 int r = NCRDMA_INTR(sc);
2202 if (r == -1) {
2203 printf("%s: DMA error; resetting\n",
2204 device_xname(sc->sc_dev));
2205 ncr53c9x_init(sc, 1);
2206 goto out;
2207 }
2208 /* If DMA active here, then go back to work... */
2209 if (NCRDMA_ISACTIVE(sc))
2210 goto out;
2211
2212 if ((sc->sc_espstat & NCRSTAT_TC) == 0) {
2213 /*
2214 * DMA not completed. If we can not find a
2215 * acceptable explanation, print a diagnostic.
2216 */
2217 if (sc->sc_state == NCR_SELECTING)
2218 /*
2219 * This can happen if we are reselected
2220 * while using DMA to select a target.
2221 */
2222 /*void*/;
2223 else if (sc->sc_prevphase == MESSAGE_OUT_PHASE) {
2224 /*
2225 * Our (multi-byte) message (eg SDTR) was
2226 * interrupted by the target to send
2227 * a MSG REJECT.
2228 * Print diagnostic if current phase
2229 * is not MESSAGE IN.
2230 */
2231 if (sc->sc_phase != MESSAGE_IN_PHASE)
2232 printf("%s: !TC on MSG OUT"
2233 " [intr %x, stat %x, step %d]"
2234 " prevphase %x, resid %lx\n",
2235 device_xname(sc->sc_dev),
2236 sc->sc_espintr,
2237 sc->sc_espstat,
2238 sc->sc_espstep,
2239 sc->sc_prevphase,
2240 (u_long)sc->sc_omlen);
2241 } else if (sc->sc_dleft == 0) {
2242 /*
2243 * The DMA operation was started for
2244 * a DATA transfer. Print a diagnostic
2245 * if the DMA counter and TC bit
2246 * appear to be out of sync.
2247 */
2248 printf("%s: !TC on DATA XFER"
2249 " [intr %x, stat %x, step %d]"
2250 " prevphase %x, resid %x\n",
2251 device_xname(sc->sc_dev),
2252 sc->sc_espintr,
2253 sc->sc_espstat,
2254 sc->sc_espstep,
2255 sc->sc_prevphase,
2256 ecb ? ecb->dleft : -1);
2257 }
2258 }
2259 }
2260
2261 /*
2262 * Check for less serious errors.
2263 */
2264 if ((sc->sc_espstat & NCRSTAT_PE) != 0) {
2265 printf("%s: SCSI bus parity error\n", device_xname(sc->sc_dev));
2266 if (sc->sc_prevphase == MESSAGE_IN_PHASE)
2267 ncr53c9x_sched_msgout(SEND_PARITY_ERROR);
2268 else
2269 ncr53c9x_sched_msgout(SEND_INIT_DET_ERR);
2270 }
2271
2272 if ((sc->sc_espintr & NCRINTR_DIS) != 0) {
2273 sc->sc_msgify = 0;
2274 NCR_INTS(("<DISC [intr %x, stat %x, step %d]>",
2275 sc->sc_espintr,sc->sc_espstat,sc->sc_espstep));
2276 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) {
2277 NCRCMD(sc, NCRCMD_FLUSH);
2278 #if 0
2279 DELAY(1);
2280 #endif
2281 }
2282 /*
2283 * This command must (apparently) be issued within
2284 * 250mS of a disconnect. So here you are...
2285 */
2286 NCRCMD(sc, NCRCMD_ENSEL);
2287
2288 switch (sc->sc_state) {
2289 case NCR_RESELECTED:
2290 goto sched;
2291
2292 case NCR_SELECTING:
2293 {
2294 struct ncr53c9x_linfo *li;
2295
2296 ecb->xs->error = XS_SELTIMEOUT;
2297
2298 /* Selection timeout -- discard all LUNs if empty */
2299 periph = ecb->xs->xs_periph;
2300 ti = &sc->sc_tinfo[periph->periph_target];
2301 li = LIST_FIRST(&ti->luns);
2302 while (li != NULL) {
2303 if (li->untagged == NULL && li->used == 0) {
2304 if (li->lun < NCR_NLUN)
2305 ti->lun[li->lun] = NULL;
2306 LIST_REMOVE(li, link);
2307 free(li, M_DEVBUF);
2308 /*
2309 * Restart the search at the beginning
2310 */
2311 li = LIST_FIRST(&ti->luns);
2312 continue;
2313 }
2314 li = LIST_NEXT(li, link);
2315 }
2316 goto finish;
2317 }
2318 case NCR_CONNECTED:
2319 if ((sc->sc_flags & NCR_SYNCHNEGO) != 0) {
2320 #ifdef NCR53C9X_DEBUG
2321 if (ecb != NULL)
2322 scsipi_printaddr(ecb->xs->xs_periph);
2323 printf("sync nego not completed!\n");
2324 #endif
2325 ti = &sc->sc_tinfo[
2326 ecb->xs->xs_periph->periph_target];
2327 sc->sc_flags &= ~NCR_SYNCHNEGO;
2328 ti->flags &= ~(T_NEGOTIATE | T_SYNCMODE);
2329 }
2330
2331 /* it may be OK to disconnect */
2332 if ((sc->sc_flags & NCR_ABORTING) == 0) {
2333 /*
2334 * Section 5.1.1 of the SCSI 2 spec
2335 * suggests issuing a REQUEST SENSE
2336 * following an unexpected disconnect.
2337 * Some devices go into a contingent
2338 * allegiance condition when
2339 * disconnecting, and this is necessary
2340 * to clean up their state.
2341 */
2342 printf("%s: unexpected disconnect "
2343 "[state %d, intr %x, stat %x, phase(c %x, p %x)]; ",
2344 device_xname(sc->sc_dev), sc->sc_state,
2345 sc->sc_espintr, sc->sc_espstat,
2346 sc->sc_phase, sc->sc_prevphase);
2347
2348 if ((ecb->flags & ECB_SENSE) != 0) {
2349 printf("resetting\n");
2350 goto reset;
2351 }
2352 printf("sending REQUEST SENSE\n");
2353 callout_stop(&ecb->xs->xs_callout);
2354 ncr53c9x_sense(sc, ecb);
2355 goto out;
2356 }
2357
2358 ecb->xs->error = XS_TIMEOUT;
2359 goto finish;
2360
2361 case NCR_DISCONNECT:
2362 sc->sc_nexus = NULL;
2363 goto sched;
2364
2365 case NCR_CMDCOMPLETE:
2366 goto finish;
2367 }
2368 }
2369
2370 switch (sc->sc_state) {
2371
2372 case NCR_SBR:
2373 printf("%s: waiting for SCSI Bus Reset to happen\n",
2374 device_xname(sc->sc_dev));
2375 goto out;
2376
2377 case NCR_RESELECTED:
2378 /*
2379 * we must be continuing a message ?
2380 */
2381 printf("%s: unhandled reselect continuation, "
2382 "state %d, intr %02x\n",
2383 device_xname(sc->sc_dev), sc->sc_state, sc->sc_espintr);
2384 ncr53c9x_init(sc, 1);
2385 goto out;
2386
2387 case NCR_IDENTIFIED:
2388 ecb = sc->sc_nexus;
2389 if (sc->sc_phase != MESSAGE_IN_PHASE) {
2390 int i = (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF);
2391 /*
2392 * Things are seriously screwed up.
2393 * Pull the brakes, i.e. reset
2394 */
2395 printf("%s: target didn't send tag: %d bytes in fifo\n",
2396 device_xname(sc->sc_dev), i);
2397 /* Drain and display fifo */
2398 while (i-- > 0)
2399 printf("[%d] ", NCR_READ_REG(sc, NCR_FIFO));
2400
2401 ncr53c9x_init(sc, 1);
2402 goto out;
2403 } else
2404 goto msgin;
2405
2406 case NCR_IDLE:
2407 case NCR_SELECTING:
2408 ecb = sc->sc_nexus;
2409 if (sc->sc_espintr & NCRINTR_RESEL) {
2410 sc->sc_msgpriq = sc->sc_msgout = sc->sc_msgoutq = 0;
2411 sc->sc_flags = 0;
2412 /*
2413 * If we're trying to select a
2414 * target ourselves, push our command
2415 * back into the ready list.
2416 */
2417 if (sc->sc_state == NCR_SELECTING) {
2418 NCR_INTS(("backoff selector "));
2419 callout_stop(&ecb->xs->xs_callout);
2420 ncr53c9x_dequeue(sc, ecb);
2421 TAILQ_INSERT_HEAD(&sc->ready_list, ecb, chain);
2422 ecb->flags |= ECB_READY;
2423 ecb = sc->sc_nexus = NULL;
2424 }
2425 sc->sc_state = NCR_RESELECTED;
2426 if (sc->sc_phase != MESSAGE_IN_PHASE) {
2427 /*
2428 * Things are seriously screwed up.
2429 * Pull the brakes, i.e. reset
2430 */
2431 printf("%s: target didn't identify\n",
2432 device_xname(sc->sc_dev));
2433 ncr53c9x_init(sc, 1);
2434 goto out;
2435 }
2436 /*
2437 * The C90 only inhibits FIFO writes until reselection
2438 * is complete, instead of waiting until the interrupt
2439 * status register has been read. So, if the reselect
2440 * happens while we were entering command bytes (for
2441 * another target) some of those bytes can appear in
2442 * the FIFO here, after the interrupt is taken.
2443 *
2444 * To remedy this situation, pull the Selection ID
2445 * and Identify message from the FIFO directly, and
2446 * ignore any extraneous fifo contents. Also, set
2447 * a flag that allows one Illegal Command Interrupt
2448 * to occur which the chip also generates as a result
2449 * of writing to the FIFO during a reselect.
2450 */
2451 if (sc->sc_rev == NCR_VARIANT_ESP100) {
2452 nfifo = NCR_READ_REG(sc, NCR_FFLAG) &
2453 NCRFIFO_FF;
2454 sc->sc_imess[0] = NCR_READ_REG(sc, NCR_FIFO);
2455 sc->sc_imess[1] = NCR_READ_REG(sc, NCR_FIFO);
2456 sc->sc_imlen = 2;
2457 if (nfifo != 2) {
2458 /* Flush the rest */
2459 NCRCMD(sc, NCRCMD_FLUSH);
2460 }
2461 sc->sc_flags |= NCR_EXPECT_ILLCMD;
2462 if (nfifo > 2)
2463 nfifo = 2; /* We fixed it.. */
2464 } else
2465 nfifo = ncr53c9x_rdfifo(sc, NCR_RDFIFO_START);
2466
2467 if (nfifo != 2) {
2468 printf("%s: RESELECT: %d bytes in FIFO! "
2469 "[intr %x, stat %x, step %d, "
2470 "prevphase %x]\n",
2471 device_xname(sc->sc_dev),
2472 nfifo,
2473 sc->sc_espintr,
2474 sc->sc_espstat,
2475 sc->sc_espstep,
2476 sc->sc_prevphase);
2477 ncr53c9x_init(sc, 1);
2478 goto out;
2479 }
2480 sc->sc_selid = sc->sc_imess[0];
2481 NCR_INTS(("selid=%02x ", sc->sc_selid));
2482
2483 /* Handle identify message */
2484 ncr53c9x_msgin(sc);
2485
2486 if (sc->sc_state != NCR_CONNECTED &&
2487 sc->sc_state != NCR_IDENTIFIED) {
2488 /* IDENTIFY fail?! */
2489 printf("%s: identify failed, "
2490 "state %d, intr %02x\n",
2491 device_xname(sc->sc_dev),
2492 sc->sc_state, sc->sc_espintr);
2493 ncr53c9x_init(sc, 1);
2494 goto out;
2495 }
2496 goto shortcut; /* ie. next phase expected soon */
2497 }
2498
2499 #define NCRINTR_DONE (NCRINTR_FC | NCRINTR_BS)
2500 if ((sc->sc_espintr & NCRINTR_DONE) == NCRINTR_DONE) {
2501 /*
2502 * Arbitration won; examine the `step' register
2503 * to determine how far the selection could progress.
2504 */
2505 ecb = sc->sc_nexus;
2506 if (ecb == NULL)
2507 panic("%s: no nexus", __func__);
2508
2509 periph = ecb->xs->xs_periph;
2510 ti = &sc->sc_tinfo[periph->periph_target];
2511
2512 switch (sc->sc_espstep) {
2513 case 0:
2514 /*
2515 * The target did not respond with a
2516 * message out phase - probably an old
2517 * device that doesn't recognize ATN.
2518 * Clear ATN and just continue, the
2519 * target should be in the command
2520 * phase.
2521 * XXXX check for command phase?
2522 */
2523 NCRCMD(sc, NCRCMD_RSTATN);
2524 break;
2525 case 1:
2526 if ((ti->flags & T_NEGOTIATE) == 0 &&
2527 ecb->tag[0] == 0) {
2528 printf("%s: step 1 & !NEG\n",
2529 device_xname(sc->sc_dev));
2530 goto reset;
2531 }
2532 if (sc->sc_phase != MESSAGE_OUT_PHASE) {
2533 printf("%s: !MSGOUT\n",
2534 device_xname(sc->sc_dev));
2535 goto reset;
2536 }
2537 if (ti->flags & T_WIDE) {
2538 ti->flags |= T_WDTRSENT;
2539 ncr53c9x_sched_msgout(SEND_WDTR);
2540 }
2541 if (ti->flags & T_NEGOTIATE) {
2542 /* Start negotiating */
2543 ti->period = sc->sc_minsync;
2544 ti->offset = 15;
2545 sc->sc_flags |= NCR_SYNCHNEGO;
2546 if (ecb->tag[0])
2547 ncr53c9x_sched_msgout(
2548 SEND_TAG | SEND_SDTR);
2549 else
2550 ncr53c9x_sched_msgout(
2551 SEND_SDTR);
2552 } else {
2553 /* Could not do ATN3 so send TAG */
2554 ncr53c9x_sched_msgout(SEND_TAG);
2555 }
2556 sc->sc_prevphase = MESSAGE_OUT_PHASE; /* XXXX */
2557 break;
2558 case 3:
2559 /*
2560 * Grr, this is supposed to mean
2561 * "target left command phase prematurely".
2562 * It seems to happen regularly when
2563 * sync mode is on.
2564 * Look at FIFO to see if command went out.
2565 * (Timing problems?)
2566 */
2567 if (sc->sc_features & NCR_F_DMASELECT) {
2568 if (sc->sc_cmdlen == 0)
2569 /* Hope for the best.. */
2570 break;
2571 } else if ((NCR_READ_REG(sc, NCR_FFLAG)
2572 & NCRFIFO_FF) == 0) {
2573 /* Hope for the best.. */
2574 break;
2575 }
2576 printf("(%s:%d:%d): selection failed;"
2577 " %d left in FIFO "
2578 "[intr %x, stat %x, step %d]\n",
2579 device_xname(sc->sc_dev),
2580 periph->periph_target,
2581 periph->periph_lun,
2582 NCR_READ_REG(sc, NCR_FFLAG)
2583 & NCRFIFO_FF,
2584 sc->sc_espintr, sc->sc_espstat,
2585 sc->sc_espstep);
2586 NCRCMD(sc, NCRCMD_FLUSH);
2587 ncr53c9x_sched_msgout(SEND_ABORT);
2588 goto out;
2589 case 2:
2590 /* Select stuck at Command Phase */
2591 NCRCMD(sc, NCRCMD_FLUSH);
2592 break;
2593 case 4:
2594 if (sc->sc_features & NCR_F_DMASELECT &&
2595 sc->sc_cmdlen != 0)
2596 printf("(%s:%d:%d): select; "
2597 "%lu left in DMA buffer "
2598 "[intr %x, stat %x, step %d]\n",
2599 device_xname(sc->sc_dev),
2600 periph->periph_target,
2601 periph->periph_lun,
2602 (u_long)sc->sc_cmdlen,
2603 sc->sc_espintr,
2604 sc->sc_espstat,
2605 sc->sc_espstep);
2606 /* So far, everything went fine */
2607 break;
2608 }
2609
2610 sc->sc_prevphase = INVALID_PHASE; /* ?? */
2611 /* Do an implicit RESTORE POINTERS. */
2612 sc->sc_dp = ecb->daddr;
2613 sc->sc_dleft = ecb->dleft;
2614 sc->sc_state = NCR_CONNECTED;
2615 break;
2616
2617 } else {
2618
2619 printf("%s: unexpected status after select"
2620 ": [intr %x, stat %x, step %x]\n",
2621 device_xname(sc->sc_dev),
2622 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep);
2623 NCRCMD(sc, NCRCMD_FLUSH);
2624 DELAY(1);
2625 goto reset;
2626 }
2627 if (sc->sc_state == NCR_IDLE) {
2628 printf("%s: stray interrupt\n",
2629 device_xname(sc->sc_dev));
2630 mutex_exit(&sc->sc_lock);
2631 return 0;
2632 }
2633 break;
2634
2635 case NCR_CONNECTED:
2636 if ((sc->sc_flags & NCR_ICCS) != 0) {
2637 /* "Initiate Command Complete Steps" in progress */
2638 uint8_t msg;
2639
2640 sc->sc_flags &= ~NCR_ICCS;
2641
2642 if ((sc->sc_espintr & NCRINTR_DONE) == 0) {
2643 printf("%s: ICCS: "
2644 ": [intr %x, stat %x, step %x]\n",
2645 device_xname(sc->sc_dev),
2646 sc->sc_espintr, sc->sc_espstat,
2647 sc->sc_espstep);
2648 }
2649 ncr53c9x_rdfifo(sc, NCR_RDFIFO_START);
2650 if (sc->sc_imlen < 2)
2651 printf("%s: can't get status, only %d bytes\n",
2652 device_xname(sc->sc_dev),
2653 (int)sc->sc_imlen);
2654 ecb->stat = sc->sc_imess[sc->sc_imlen - 2];
2655 msg = sc->sc_imess[sc->sc_imlen - 1];
2656 NCR_PHASE(("<stat:(%x,%x)>", ecb->stat, msg));
2657 if (msg == MSG_CMDCOMPLETE) {
2658 ecb->dleft = (ecb->flags & ECB_TENTATIVE_DONE)
2659 ? 0 : sc->sc_dleft;
2660 if ((ecb->flags & ECB_SENSE) == 0)
2661 ecb->xs->resid = ecb->dleft;
2662 sc->sc_state = NCR_CMDCOMPLETE;
2663 } else
2664 printf("%s: STATUS_PHASE: msg %d\n",
2665 device_xname(sc->sc_dev), msg);
2666 sc->sc_imlen = 0;
2667 NCRCMD(sc, NCRCMD_MSGOK);
2668 goto shortcut; /* ie. wait for disconnect */
2669 }
2670 break;
2671
2672 default:
2673 printf("%s: invalid state: %d [intr %x, phase(c %x, p %x)]\n",
2674 device_xname(sc->sc_dev), sc->sc_state,
2675 sc->sc_espintr, sc->sc_phase, sc->sc_prevphase);
2676 goto reset;
2677 }
2678
2679 /*
2680 * Driver is now in state NCR_CONNECTED, i.e. we
2681 * have a current command working the SCSI bus.
2682 */
2683 if (sc->sc_state != NCR_CONNECTED || ecb == NULL) {
2684 panic("%s: no nexus", __func__);
2685 }
2686
2687 switch (sc->sc_phase) {
2688 case MESSAGE_OUT_PHASE:
2689 NCR_PHASE(("MESSAGE_OUT_PHASE "));
2690 ncr53c9x_msgout(sc);
2691 sc->sc_prevphase = MESSAGE_OUT_PHASE;
2692 break;
2693
2694 case MESSAGE_IN_PHASE:
2695 msgin:
2696 NCR_PHASE(("MESSAGE_IN_PHASE "));
2697 if ((sc->sc_espintr & NCRINTR_BS) != 0) {
2698 if ((sc->sc_rev != NCR_VARIANT_FAS366) ||
2699 (sc->sc_espstat2 & NCRFAS_STAT2_EMPTY) == 0) {
2700 NCRCMD(sc, NCRCMD_FLUSH);
2701 }
2702 sc->sc_flags |= NCR_WAITI;
2703 NCRCMD(sc, NCRCMD_TRANS);
2704 } else if ((sc->sc_espintr & NCRINTR_FC) != 0) {
2705 if ((sc->sc_flags & NCR_WAITI) == 0) {
2706 printf("%s: MSGIN: unexpected FC bit: "
2707 "[intr %x, stat %x, step %x]\n",
2708 device_xname(sc->sc_dev),
2709 sc->sc_espintr, sc->sc_espstat,
2710 sc->sc_espstep);
2711 }
2712 sc->sc_flags &= ~NCR_WAITI;
2713 ncr53c9x_rdfifo(sc,
2714 (sc->sc_prevphase == sc->sc_phase) ?
2715 NCR_RDFIFO_CONTINUE : NCR_RDFIFO_START);
2716 ncr53c9x_msgin(sc);
2717 } else {
2718 printf("%s: MSGIN: weird bits: "
2719 "[intr %x, stat %x, step %x]\n",
2720 device_xname(sc->sc_dev),
2721 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep);
2722 }
2723 sc->sc_prevphase = MESSAGE_IN_PHASE;
2724 goto shortcut; /* i.e. expect data to be ready */
2725
2726 case COMMAND_PHASE:
2727 /*
2728 * Send the command block. Normally we don't see this
2729 * phase because the SEL_ATN command takes care of
2730 * all this. However, we end up here if either the
2731 * target or we wanted to exchange some more messages
2732 * first (e.g. to start negotiations).
2733 */
2734
2735 NCR_PHASE(("COMMAND_PHASE 0x%02x (%d) ",
2736 ecb->cmd.cmd.opcode, ecb->clen));
2737 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) {
2738 NCRCMD(sc, NCRCMD_FLUSH);
2739 #if 0
2740 DELAY(1);
2741 #endif
2742 }
2743 if (sc->sc_features & NCR_F_DMASELECT) {
2744 /* setup DMA transfer for command */
2745 size = ecb->clen;
2746 sc->sc_cmdlen = size;
2747 sc->sc_cmdp = (void *)&ecb->cmd.cmd;
2748 NCRDMA_SETUP(sc, &sc->sc_cmdp, &sc->sc_cmdlen,
2749 0, &size);
2750 /* Program the SCSI counter */
2751 NCR_SET_COUNT(sc, size);
2752
2753 /* load the count in */
2754 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA);
2755
2756 /* start the command transfer */
2757 NCRCMD(sc, NCRCMD_TRANS | NCRCMD_DMA);
2758 NCRDMA_GO(sc);
2759 } else {
2760 ncr53c9x_wrfifo(sc, (uint8_t *)&ecb->cmd.cmd,
2761 ecb->clen);
2762 sc->sc_cmdlen = 0;
2763 NCRCMD(sc, NCRCMD_TRANS);
2764 }
2765 sc->sc_prevphase = COMMAND_PHASE;
2766 break;
2767
2768 case DATA_OUT_PHASE:
2769 NCR_PHASE(("DATA_OUT_PHASE [%ld] ",(long)sc->sc_dleft));
2770 NCRCMD(sc, NCRCMD_FLUSH);
2771 size = uimin(sc->sc_dleft, sc->sc_maxxfer);
2772 NCRDMA_SETUP(sc, &sc->sc_dp, &sc->sc_dleft, 0, &size);
2773 sc->sc_prevphase = DATA_OUT_PHASE;
2774 goto setup_xfer;
2775
2776 case DATA_IN_PHASE:
2777 NCR_PHASE(("DATA_IN_PHASE "));
2778 if (sc->sc_rev == NCR_VARIANT_ESP100)
2779 NCRCMD(sc, NCRCMD_FLUSH);
2780 size = uimin(sc->sc_dleft, sc->sc_maxxfer);
2781 NCRDMA_SETUP(sc, &sc->sc_dp, &sc->sc_dleft, 1, &size);
2782 sc->sc_prevphase = DATA_IN_PHASE;
2783 setup_xfer:
2784 /* Target returned to data phase: wipe "done" memory */
2785 ecb->flags &= ~ECB_TENTATIVE_DONE;
2786
2787 /* Program the SCSI counter */
2788 NCR_SET_COUNT(sc, size);
2789
2790 /* load the count in */
2791 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA);
2792
2793 /*
2794 * Note that if `size' is 0, we've already transceived
2795 * all the bytes we want but we're still in DATA PHASE.
2796 * Apparently, the device needs padding. Also, a
2797 * transfer size of 0 means "maximum" to the chip
2798 * DMA logic.
2799 */
2800 NCRCMD(sc,
2801 (size == 0 ? NCRCMD_TRPAD : NCRCMD_TRANS) | NCRCMD_DMA);
2802 NCRDMA_GO(sc);
2803 goto out;
2804
2805 case STATUS_PHASE:
2806 NCR_PHASE(("STATUS_PHASE "));
2807 sc->sc_flags |= NCR_ICCS;
2808 NCRCMD(sc, NCRCMD_ICCS);
2809 sc->sc_prevphase = STATUS_PHASE;
2810 goto shortcut; /* i.e. expect status results soon */
2811
2812 case INVALID_PHASE:
2813 break;
2814
2815 default:
2816 printf("%s: unexpected bus phase; resetting\n",
2817 device_xname(sc->sc_dev));
2818 goto reset;
2819 }
2820
2821 out:
2822 mutex_exit(&sc->sc_lock);
2823 return 1;
2824
2825 reset:
2826 ncr53c9x_init(sc, 1);
2827 goto out;
2828
2829 finish:
2830 ncr53c9x_done(sc, ecb);
2831 goto out;
2832
2833 sched:
2834 sc->sc_state = NCR_IDLE;
2835 ncr53c9x_sched(sc);
2836 goto out;
2837
2838 shortcut:
2839 /*
2840 * The idea is that many of the SCSI operations take very little
2841 * time, and going away and getting interrupted is too high an
2842 * overhead to pay. For example, selecting, sending a message
2843 * and command and then doing some work can be done in one "pass".
2844 *
2845 * The delay is a heuristic. It is 2 when at 20MHz, 2 at 25MHz and 1
2846 * at 40MHz. This needs testing.
2847 */
2848 {
2849 struct timeval wait, cur;
2850
2851 microtime(&wait);
2852 wait.tv_usec += 50 / sc->sc_freq;
2853 if (wait.tv_usec > 1000000) {
2854 wait.tv_sec++;
2855 wait.tv_usec -= 1000000;
2856 }
2857 do {
2858 if (NCRDMA_ISINTR(sc))
2859 goto again;
2860 microtime(&cur);
2861 } while (timercmp(&cur, &wait, <=));
2862 }
2863 goto out;
2864 }
2865
2866 void
ncr53c9x_abort(struct ncr53c9x_softc * sc,struct ncr53c9x_ecb * ecb)2867 ncr53c9x_abort(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb)
2868 {
2869
2870 /* 2 secs for the abort */
2871 ecb->timeout = NCR_ABORT_TIMEOUT;
2872 ecb->flags |= ECB_ABORT;
2873
2874 if (ecb == sc->sc_nexus) {
2875 /*
2876 * If we're still selecting, the message will be scheduled
2877 * after selection is complete.
2878 */
2879 if (sc->sc_state == NCR_CONNECTED)
2880 ncr53c9x_sched_msgout(SEND_ABORT);
2881
2882 /*
2883 * Reschedule timeout.
2884 */
2885 callout_reset(&ecb->xs->xs_callout, mstohz(ecb->timeout),
2886 ncr53c9x_timeout, ecb);
2887 } else {
2888 /*
2889 * Just leave the command where it is.
2890 * XXX - what choice do we have but to reset the SCSI
2891 * eventually?
2892 */
2893 if (sc->sc_state == NCR_IDLE)
2894 ncr53c9x_sched(sc);
2895 }
2896 }
2897
2898 void
ncr53c9x_timeout(void * arg)2899 ncr53c9x_timeout(void *arg)
2900 {
2901 struct ncr53c9x_ecb *ecb = arg;
2902 struct scsipi_xfer *xs = ecb->xs;
2903 struct scsipi_periph *periph = xs->xs_periph;
2904 struct ncr53c9x_softc *sc;
2905 struct ncr53c9x_tinfo *ti;
2906
2907 sc = device_private(periph->periph_channel->chan_adapter->adapt_dev);
2908 ti = &sc->sc_tinfo[periph->periph_target];
2909
2910 scsipi_printaddr(periph);
2911 printf("%s: timed out [ecb %p (flags 0x%x, dleft %x, stat %x)], "
2912 "<state %d, nexus %p, phase(l %x, c %x, p %x), resid %lx, "
2913 "msg(q %x,o %x) %s>",
2914 device_xname(sc->sc_dev),
2915 ecb, ecb->flags, ecb->dleft, ecb->stat,
2916 sc->sc_state, sc->sc_nexus,
2917 NCR_READ_REG(sc, NCR_STAT),
2918 sc->sc_phase, sc->sc_prevphase,
2919 (long)sc->sc_dleft, sc->sc_msgpriq, sc->sc_msgout,
2920 NCRDMA_ISACTIVE(sc) ? "DMA active" : "");
2921 #if NCR53C9X_DEBUG > 1
2922 printf("TRACE: %s.", ecb->trace);
2923 #endif
2924
2925 mutex_enter(&sc->sc_lock);
2926
2927 if (ecb->flags & ECB_ABORT) {
2928 /* abort timed out */
2929 printf(" AGAIN\n");
2930
2931 ncr53c9x_init(sc, 1);
2932 } else {
2933 /* abort the operation that has timed out */
2934 printf("\n");
2935 xs->error = XS_TIMEOUT;
2936 ncr53c9x_abort(sc, ecb);
2937
2938 /* Disable sync mode if stuck in a data phase */
2939 if (ecb == sc->sc_nexus &&
2940 (ti->flags & T_SYNCMODE) != 0 &&
2941 (sc->sc_phase & (MSGI | CDI)) == 0) {
2942 /* XXX ASYNC CALLBACK! */
2943 scsipi_printaddr(periph);
2944 printf("sync negotiation disabled\n");
2945 sc->sc_cfflags |=
2946 (1 << ((periph->periph_target & 7) + 8));
2947 ncr53c9x_update_xfer_mode(sc, periph->periph_target);
2948 }
2949 }
2950
2951 mutex_exit(&sc->sc_lock);
2952 }
2953
2954 void
ncr53c9x_watch(void * arg)2955 ncr53c9x_watch(void *arg)
2956 {
2957 struct ncr53c9x_softc *sc = arg;
2958 struct ncr53c9x_tinfo *ti;
2959 struct ncr53c9x_linfo *li;
2960 int t;
2961 /* Delete any structures that have not been used in 10min. */
2962 time_t old = time_second - (10 * 60);
2963
2964 mutex_enter(&sc->sc_lock);
2965 for (t = 0; t < sc->sc_ntarg; t++) {
2966 ti = &sc->sc_tinfo[t];
2967 li = LIST_FIRST(&ti->luns);
2968 while (li) {
2969 if (li->last_used < old &&
2970 li->untagged == NULL &&
2971 li->used == 0) {
2972 if (li->lun < NCR_NLUN)
2973 ti->lun[li->lun] = NULL;
2974 LIST_REMOVE(li, link);
2975 free(li, M_DEVBUF);
2976 /* Restart the search at the beginning */
2977 li = LIST_FIRST(&ti->luns);
2978 continue;
2979 }
2980 li = LIST_NEXT(li, link);
2981 }
2982 }
2983 mutex_exit(&sc->sc_lock);
2984 callout_reset(&sc->sc_watchdog, 60 * hz, ncr53c9x_watch, sc);
2985 }
2986