1 /* $NetBSD: ncr53c9x.c,v 1.153 2020/04/13 00:27:17 chs Exp $ */ 2 3 /*- 4 * Copyright (c) 1998, 2002 The NetBSD Foundation, Inc. 5 * All rights reserved. 6 * 7 * This code is derived from software contributed to The NetBSD Foundation 8 * by Charles M. Hannum. 9 * 10 * Redistribution and use in source and binary forms, with or without 11 * modification, are permitted provided that the following conditions 12 * are met: 13 * 1. Redistributions of source code must retain the above copyright 14 * notice, this list of conditions and the following disclaimer. 15 * 2. Redistributions in binary form must reproduce the above copyright 16 * notice, this list of conditions and the following disclaimer in the 17 * documentation and/or other materials provided with the distribution. 18 * 19 * THIS SOFTWARE IS PROVIDED BY THE NETBSD FOUNDATION, INC. AND CONTRIBUTORS 20 * ``AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED 21 * TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 22 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE FOUNDATION OR CONTRIBUTORS 23 * BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR 24 * CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF 25 * SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS 26 * INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN 27 * CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 28 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 29 * POSSIBILITY OF SUCH DAMAGE. 30 */ 31 32 /* 33 * Copyright (c) 1994 Peter Galbavy 34 * Copyright (c) 1995 Paul Kranenburg 35 * All rights reserved. 36 * 37 * Redistribution and use in source and binary forms, with or without 38 * modification, are permitted provided that the following conditions 39 * are met: 40 * 1. Redistributions of source code must retain the above copyright 41 * notice, this list of conditions and the following disclaimer. 42 * 2. Redistributions in binary form must reproduce the above copyright 43 * notice, this list of conditions and the following disclaimer in the 44 * documentation and/or other materials provided with the distribution. 45 * 3. All advertising materials mentioning features or use of this software 46 * must display the following acknowledgement: 47 * This product includes software developed by Peter Galbavy 48 * 4. The name of the author may not be used to endorse or promote products 49 * derived from this software without specific prior written permission. 50 * 51 * THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR 52 * IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED 53 * WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 54 * DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, 55 * INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES 56 * (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR 57 * SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 58 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 59 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN 60 * ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 61 * POSSIBILITY OF SUCH DAMAGE. 62 */ 63 64 /* 65 * Based on aic6360 by Jarle Greipsland 66 * 67 * Acknowledgements: Many of the algorithms used in this driver are 68 * inspired by the work of Julian Elischer (julian@tfs.com) and 69 * Charles Hannum (mycroft@duality.gnu.ai.mit.edu). Thanks a million! 70 */ 71 72 #include <sys/cdefs.h> 73 __KERNEL_RCSID(0, "$NetBSD: ncr53c9x.c,v 1.153 2020/04/13 00:27:17 chs Exp $"); 74 75 #include <sys/param.h> 76 #include <sys/systm.h> 77 #include <sys/callout.h> 78 #include <sys/kernel.h> 79 #include <sys/errno.h> 80 #include <sys/ioctl.h> 81 #include <sys/device.h> 82 #include <sys/buf.h> 83 #include <sys/malloc.h> 84 #include <sys/proc.h> 85 #include <sys/queue.h> 86 #include <sys/pool.h> 87 #include <sys/scsiio.h> 88 89 #include <dev/scsipi/scsi_spc.h> 90 #include <dev/scsipi/scsi_all.h> 91 #include <dev/scsipi/scsipi_all.h> 92 #include <dev/scsipi/scsiconf.h> 93 #include <dev/scsipi/scsi_message.h> 94 95 #include <dev/ic/ncr53c9xreg.h> 96 #include <dev/ic/ncr53c9xvar.h> 97 98 int ncr53c9x_debug = NCR_SHOWMISC; /*NCR_SHOWPHASE|NCR_SHOWMISC|NCR_SHOWTRAC|NCR_SHOWCMDS;*/ 99 #ifdef DEBUG 100 int ncr53c9x_notag = 0; 101 #endif 102 103 static void ncr53c9x_readregs(struct ncr53c9x_softc *); 104 static void ncr53c9x_select(struct ncr53c9x_softc *, struct ncr53c9x_ecb *); 105 static int ncr53c9x_reselect(struct ncr53c9x_softc *, int, int, int); 106 #if 0 107 static void ncr53c9x_scsi_reset(struct ncr53c9x_softc *); 108 #endif 109 static void ncr53c9x_clear(struct ncr53c9x_softc *, scsipi_xfer_result_t); 110 static int ncr53c9x_poll(struct ncr53c9x_softc *, 111 struct scsipi_xfer *, int); 112 static void ncr53c9x_sched(struct ncr53c9x_softc *); 113 static void ncr53c9x_done(struct ncr53c9x_softc *, struct ncr53c9x_ecb *); 114 static void ncr53c9x_msgin(struct ncr53c9x_softc *); 115 static void ncr53c9x_msgout(struct ncr53c9x_softc *); 116 static void ncr53c9x_timeout(void *arg); 117 static void ncr53c9x_watch(void *arg); 118 static void ncr53c9x_dequeue(struct ncr53c9x_softc *, 119 struct ncr53c9x_ecb *); 120 static int ncr53c9x_ioctl(struct scsipi_channel *, u_long, 121 void *, int, struct proc *); 122 123 void ncr53c9x_sense(struct ncr53c9x_softc *, struct ncr53c9x_ecb *); 124 void ncr53c9x_free_ecb(struct ncr53c9x_softc *, struct ncr53c9x_ecb *); 125 struct ncr53c9x_ecb *ncr53c9x_get_ecb(struct ncr53c9x_softc *, int); 126 127 static inline int ncr53c9x_stp2cpb(struct ncr53c9x_softc *, int); 128 static inline void ncr53c9x_setsync(struct ncr53c9x_softc *, 129 struct ncr53c9x_tinfo *); 130 void ncr53c9x_update_xfer_mode (struct ncr53c9x_softc *, int); 131 static struct ncr53c9x_linfo *ncr53c9x_lunsearch(struct ncr53c9x_tinfo *, 132 int64_t lun); 133 134 static void ncr53c9x_wrfifo(struct ncr53c9x_softc *, uint8_t *, int); 135 136 static int ncr53c9x_rdfifo(struct ncr53c9x_softc *, int); 137 #define NCR_RDFIFO_START 0 138 #define NCR_RDFIFO_CONTINUE 1 139 140 141 #define NCR_SET_COUNT(sc, size) do { \ 142 NCR_WRITE_REG((sc), NCR_TCL, (size)); \ 143 NCR_WRITE_REG((sc), NCR_TCM, (size) >> 8); \ 144 if ((sc->sc_cfg2 & NCRCFG2_FE) || \ 145 (sc->sc_rev == NCR_VARIANT_FAS366)) { \ 146 NCR_WRITE_REG((sc), NCR_TCH, (size) >> 16); \ 147 } \ 148 if (sc->sc_rev == NCR_VARIANT_FAS366) { \ 149 NCR_WRITE_REG(sc, NCR_RCH, 0); \ 150 } \ 151 } while (/* CONSTCOND */0) 152 153 static int ecb_pool_initialized = 0; 154 static struct pool ecb_pool; 155 156 /* 157 * Names for the NCR53c9x variants, corresponding to the variant tags 158 * in ncr53c9xvar.h. 159 */ 160 static const char *ncr53c9x_variant_names[] = { 161 "ESP100", 162 "ESP100A", 163 "ESP200", 164 "NCR53C94", 165 "NCR53C96", 166 "ESP406", 167 "FAS408", 168 "FAS216", 169 "AM53C974", 170 "FAS366/HME", 171 "NCR53C90 (86C01)", 172 }; 173 174 /* 175 * Search linked list for LUN info by LUN id. 176 */ 177 static struct ncr53c9x_linfo * 178 ncr53c9x_lunsearch(struct ncr53c9x_tinfo *ti, int64_t lun) 179 { 180 struct ncr53c9x_linfo *li; 181 182 LIST_FOREACH(li, &ti->luns, link) 183 if (li->lun == lun) 184 return li; 185 return NULL; 186 } 187 188 /* 189 * Attach this instance, and then all the sub-devices 190 */ 191 void 192 ncr53c9x_attach(struct ncr53c9x_softc *sc) 193 { 194 struct scsipi_adapter *adapt = &sc->sc_adapter; 195 struct scsipi_channel *chan = &sc->sc_channel; 196 197 mutex_init(&sc->sc_lock, MUTEX_DEFAULT, IPL_BIO); 198 199 callout_init(&sc->sc_watchdog, 0); 200 201 /* 202 * Note, the front-end has set us up to print the chip variation. 203 */ 204 if (sc->sc_rev >= NCR_VARIANT_MAX) { 205 aprint_error(": unknown variant %d, devices not attached\n", 206 sc->sc_rev); 207 return; 208 } 209 210 aprint_normal(": %s, %dMHz, SCSI ID %d\n", 211 ncr53c9x_variant_names[sc->sc_rev], sc->sc_freq, sc->sc_id); 212 213 sc->sc_ntarg = (sc->sc_rev == NCR_VARIANT_FAS366) ? 16 : 8; 214 215 /* 216 * Allocate SCSI message buffers. 217 * Front-ends can override allocation to avoid alignment 218 * handling in the DMA engines. Note that that ncr53c9x_msgout() 219 * can request a 1 byte DMA transfer. 220 */ 221 if (sc->sc_omess == NULL) 222 sc->sc_omess = malloc(NCR_MAX_MSG_LEN, M_DEVBUF, M_WAITOK); 223 224 if (sc->sc_imess == NULL) 225 sc->sc_imess = malloc(NCR_MAX_MSG_LEN + 1, M_DEVBUF, M_WAITOK); 226 227 sc->sc_tinfo = malloc(sc->sc_ntarg * sizeof(sc->sc_tinfo[0]), 228 M_DEVBUF, M_WAITOK | M_ZERO); 229 230 /* 231 * Treat NCR53C90 with the 86C01 DMA chip exactly as ESP100 232 * from now on. 233 */ 234 if (sc->sc_rev == NCR_VARIANT_NCR53C90_86C01) 235 sc->sc_rev = NCR_VARIANT_ESP100; 236 237 sc->sc_ccf = FREQTOCCF(sc->sc_freq); 238 239 /* The value *must not* be == 1. Make it 2 */ 240 if (sc->sc_ccf == 1) 241 sc->sc_ccf = 2; 242 243 /* 244 * The recommended timeout is 250ms. This register is loaded 245 * with a value calculated as follows, from the docs: 246 * 247 * (timout period) x (CLK frequency) 248 * reg = ------------------------------------- 249 * 8192 x (Clock Conversion Factor) 250 * 251 * Since CCF has a linear relation to CLK, this generally computes 252 * to the constant of 153. 253 */ 254 sc->sc_timeout = ((250 * 1000) * sc->sc_freq) / (8192 * sc->sc_ccf); 255 256 /* CCF register only has 3 bits; 0 is actually 8 */ 257 sc->sc_ccf &= 7; 258 259 /* 260 * Fill in the scsipi_adapter. 261 */ 262 adapt->adapt_dev = sc->sc_dev; 263 adapt->adapt_nchannels = 1; 264 adapt->adapt_openings = 256; 265 adapt->adapt_max_periph = 256; 266 adapt->adapt_ioctl = ncr53c9x_ioctl; 267 /* adapt_request initialized by front-end */ 268 /* adapt_minphys initialized by front-end */ 269 270 /* 271 * Fill in the scsipi_channel. 272 */ 273 memset(chan, 0, sizeof(*chan)); 274 chan->chan_adapter = adapt; 275 chan->chan_bustype = &scsi_bustype; 276 chan->chan_channel = 0; 277 chan->chan_ntargets = sc->sc_ntarg; 278 chan->chan_nluns = 8; 279 chan->chan_id = sc->sc_id; 280 281 /* 282 * Add reference to adapter so that we drop the reference after 283 * config_found() to make sure the adapter is disabled. 284 */ 285 if (scsipi_adapter_addref(adapt) != 0) { 286 aprint_error_dev(sc->sc_dev, "unable to enable controller\n"); 287 return; 288 } 289 290 /* Reset state & bus */ 291 sc->sc_cfflags = device_cfdata(sc->sc_dev)->cf_flags; 292 sc->sc_state = 0; 293 ncr53c9x_init(sc, 0); /* no bus reset yet, leave that to scsibus* */ 294 295 /* 296 * Now try to attach all the sub-devices 297 */ 298 sc->sc_child = config_found(sc->sc_dev, &sc->sc_channel, scsiprint); 299 300 scsipi_adapter_delref(adapt); 301 callout_reset(&sc->sc_watchdog, 60 * hz, ncr53c9x_watch, sc); 302 } 303 304 int 305 ncr53c9x_detach(struct ncr53c9x_softc *sc, int flags) 306 { 307 struct ncr53c9x_linfo *li, *nextli; 308 int t; 309 int error; 310 311 callout_stop(&sc->sc_watchdog); 312 313 if (sc->sc_tinfo) { 314 /* Cancel all commands. */ 315 ncr53c9x_clear(sc, XS_DRIVER_STUFFUP); 316 317 /* Free logical units. */ 318 for (t = 0; t < sc->sc_ntarg; t++) { 319 for (li = LIST_FIRST(&sc->sc_tinfo[t].luns); li; 320 li = nextli) { 321 nextli = LIST_NEXT(li, link); 322 free(li, M_DEVBUF); 323 } 324 } 325 } 326 327 if (sc->sc_child) { 328 error = config_detach(sc->sc_child, flags); 329 if (error) 330 return error; 331 } 332 333 if (sc->sc_imess) 334 free(sc->sc_imess, M_DEVBUF); 335 if (sc->sc_omess) 336 free(sc->sc_omess, M_DEVBUF); 337 338 mutex_destroy(&sc->sc_lock); 339 340 return 0; 341 } 342 343 /* 344 * This is the generic ncr53c9x reset function. It does not reset the SCSI bus, 345 * only this controller, but kills any on-going commands, and also stops 346 * and resets the DMA. 347 * 348 * After reset, registers are loaded with the defaults from the attach 349 * routine above. 350 */ 351 void 352 ncr53c9x_reset(struct ncr53c9x_softc *sc) 353 { 354 355 /* reset DMA first */ 356 NCRDMA_RESET(sc); 357 358 /* reset SCSI chip */ 359 NCRCMD(sc, NCRCMD_RSTCHIP); 360 NCRCMD(sc, NCRCMD_NOP); 361 DELAY(500); 362 363 /* do these backwards, and fall through */ 364 switch (sc->sc_rev) { 365 case NCR_VARIANT_ESP406: 366 case NCR_VARIANT_FAS408: 367 NCR_WRITE_REG(sc, NCR_CFG5, sc->sc_cfg5 | NCRCFG5_SINT); 368 NCR_WRITE_REG(sc, NCR_CFG4, sc->sc_cfg4); 369 /* FALLTHROUGH */ 370 case NCR_VARIANT_AM53C974: 371 case NCR_VARIANT_FAS216: 372 case NCR_VARIANT_NCR53C94: 373 case NCR_VARIANT_NCR53C96: 374 case NCR_VARIANT_ESP200: 375 sc->sc_features |= NCR_F_HASCFG3; 376 NCR_WRITE_REG(sc, NCR_CFG3, sc->sc_cfg3); 377 /* FALLTHROUGH */ 378 case NCR_VARIANT_ESP100A: 379 sc->sc_features |= NCR_F_SELATN3; 380 NCR_WRITE_REG(sc, NCR_CFG2, sc->sc_cfg2); 381 /* FALLTHROUGH */ 382 case NCR_VARIANT_ESP100: 383 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1); 384 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf); 385 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0); 386 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout); 387 break; 388 389 case NCR_VARIANT_FAS366: 390 sc->sc_features |= 391 NCR_F_HASCFG3 | NCR_F_FASTSCSI | NCR_F_SELATN3; 392 sc->sc_cfg3 = NCRFASCFG3_FASTCLK | NCRFASCFG3_OBAUTO; 393 sc->sc_cfg3_fscsi = NCRFASCFG3_FASTSCSI; 394 NCR_WRITE_REG(sc, NCR_CFG3, sc->sc_cfg3); 395 sc->sc_cfg2 = 0; /* NCRCFG2_HMEFE| NCRCFG2_HME32 */ 396 NCR_WRITE_REG(sc, NCR_CFG2, sc->sc_cfg2); 397 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1); 398 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf); 399 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0); 400 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout); 401 break; 402 403 default: 404 printf("%s: unknown revision code, assuming ESP100\n", 405 device_xname(sc->sc_dev)); 406 NCR_WRITE_REG(sc, NCR_CFG1, sc->sc_cfg1); 407 NCR_WRITE_REG(sc, NCR_CCF, sc->sc_ccf); 408 NCR_WRITE_REG(sc, NCR_SYNCOFF, 0); 409 NCR_WRITE_REG(sc, NCR_TIMEOUT, sc->sc_timeout); 410 } 411 412 if (sc->sc_rev == NCR_VARIANT_AM53C974) 413 NCR_WRITE_REG(sc, NCR_AMDCFG4, sc->sc_cfg4); 414 415 #if 0 416 printf("%s: ncr53c9x_reset: revision %d\n", 417 device_xname(sc->sc_dev), sc->sc_rev); 418 printf("%s: ncr53c9x_reset: cfg1 0x%x, cfg2 0x%x, cfg3 0x%x, " 419 "ccf 0x%x, timeout 0x%x\n", 420 device_xname(sc->sc_dev), sc->sc_cfg1, sc->sc_cfg2, sc->sc_cfg3, 421 sc->sc_ccf, sc->sc_timeout); 422 #endif 423 } 424 425 #if 0 426 /* 427 * Reset the SCSI bus, but not the chip 428 */ 429 void 430 ncr53c9x_scsi_reset(struct ncr53c9x_softc *sc) 431 { 432 433 (*sc->sc_glue->gl_dma_stop)(sc); 434 435 printf("%s: resetting SCSI bus\n", device_xname(sc->sc_dev)); 436 NCRCMD(sc, NCRCMD_RSTSCSI); 437 } 438 #endif 439 440 /* 441 * Clear all commands 442 */ 443 void 444 ncr53c9x_clear(struct ncr53c9x_softc *sc, scsipi_xfer_result_t result) 445 { 446 struct ncr53c9x_ecb *ecb; 447 struct ncr53c9x_linfo *li; 448 int i, r; 449 450 /* Cancel any active commands. */ 451 sc->sc_state = NCR_CLEANING; 452 sc->sc_msgify = 0; 453 ecb = sc->sc_nexus; 454 if (ecb != NULL) { 455 ecb->xs->error = result; 456 ncr53c9x_done(sc, ecb); 457 } 458 /* Cancel outstanding disconnected commands on each LUN */ 459 for (r = 0; r < sc->sc_ntarg; r++) { 460 LIST_FOREACH(li, &sc->sc_tinfo[r].luns, link) { 461 ecb = li->untagged; 462 if (ecb != NULL) { 463 li->untagged = NULL; 464 /* 465 * XXXXXXX 466 * 467 * Should we terminate a command 468 * that never reached the disk? 469 */ 470 li->busy = 0; 471 ecb->xs->error = result; 472 ncr53c9x_done(sc, ecb); 473 } 474 for (i = 0; i < 256; i++) { 475 ecb = li->queued[i]; 476 if (ecb != NULL) { 477 li->queued[i] = NULL; 478 ecb->xs->error = result; 479 ncr53c9x_done(sc, ecb); 480 } 481 } 482 li->used = 0; 483 } 484 } 485 } 486 487 /* 488 * Initialize ncr53c9x state machine 489 */ 490 void 491 ncr53c9x_init(struct ncr53c9x_softc *sc, int doreset) 492 { 493 int r; 494 495 NCR_MISC(("[NCR_INIT(%d) %d] ", doreset, sc->sc_state)); 496 497 if (!ecb_pool_initialized) { 498 /* All instances share this pool */ 499 pool_init(&ecb_pool, sizeof(struct ncr53c9x_ecb), 0, 0, 0, 500 "ncr53c9x_ecb", NULL, IPL_BIO); 501 /* make sure to always have some items to play with */ 502 pool_prime(&ecb_pool, 1); 503 ecb_pool_initialized = 1; 504 } 505 506 if (sc->sc_state == 0) { 507 /* First time through; initialize. */ 508 509 TAILQ_INIT(&sc->ready_list); 510 sc->sc_nexus = NULL; 511 memset(sc->sc_tinfo, 0, sizeof(*sc->sc_tinfo)); 512 for (r = 0; r < sc->sc_ntarg; r++) { 513 LIST_INIT(&sc->sc_tinfo[r].luns); 514 } 515 } else { 516 ncr53c9x_clear(sc, XS_TIMEOUT); 517 } 518 519 /* 520 * reset the chip to a known state 521 */ 522 ncr53c9x_reset(sc); 523 524 sc->sc_flags = 0; 525 sc->sc_msgpriq = sc->sc_msgout = sc->sc_msgoutq = 0; 526 sc->sc_phase = sc->sc_prevphase = INVALID_PHASE; 527 528 /* XXXSMP scsipi */ 529 KERNEL_LOCK(1, curlwp); 530 531 for (r = 0; r < sc->sc_ntarg; r++) { 532 struct ncr53c9x_tinfo *ti = &sc->sc_tinfo[r]; 533 /* XXX - config flags per target: low bits: no reselect; high bits: no synch */ 534 535 ti->flags = ((sc->sc_minsync && 536 !(sc->sc_cfflags & (1 << ((r & 7) + 8)))) ? 537 0 : T_SYNCHOFF) | 538 ((sc->sc_cfflags & (1 << (r & 7))) ? T_RSELECTOFF : 0); 539 #ifdef DEBUG 540 if (ncr53c9x_notag) 541 ti->flags &= ~T_TAG; 542 #endif 543 ti->period = sc->sc_minsync; 544 ti->offset = 0; 545 ti->cfg3 = 0; 546 547 ncr53c9x_update_xfer_mode(sc, r); 548 } 549 550 if (doreset) { 551 sc->sc_state = NCR_SBR; 552 NCRCMD(sc, NCRCMD_RSTSCSI); 553 554 /* Notify upper layer */ 555 scsipi_async_event(&sc->sc_channel, ASYNC_EVENT_RESET, NULL); 556 } else { 557 sc->sc_state = NCR_IDLE; 558 ncr53c9x_sched(sc); 559 } 560 561 /* XXXSMP scsipi */ 562 KERNEL_UNLOCK_ONE(curlwp); 563 } 564 565 /* 566 * Read the NCR registers, and save their contents for later use. 567 * NCR_STAT, NCR_STEP & NCR_INTR are mostly zeroed out when reading 568 * NCR_INTR - so make sure it is the last read. 569 * 570 * I think that (from reading the docs) most bits in these registers 571 * only make sense when he DMA CSR has an interrupt showing. Call only 572 * if an interrupt is pending. 573 */ 574 inline void 575 ncr53c9x_readregs(struct ncr53c9x_softc *sc) 576 { 577 578 sc->sc_espstat = NCR_READ_REG(sc, NCR_STAT); 579 /* Only the stepo bits are of interest */ 580 sc->sc_espstep = NCR_READ_REG(sc, NCR_STEP) & NCRSTEP_MASK; 581 582 if (sc->sc_rev == NCR_VARIANT_FAS366) 583 sc->sc_espstat2 = NCR_READ_REG(sc, NCR_STAT2); 584 585 sc->sc_espintr = NCR_READ_REG(sc, NCR_INTR); 586 587 if (sc->sc_glue->gl_clear_latched_intr != NULL) 588 (*sc->sc_glue->gl_clear_latched_intr)(sc); 589 590 /* 591 * Determine the SCSI bus phase, return either a real SCSI bus phase 592 * or some pseudo phase we use to detect certain exceptions. 593 */ 594 595 sc->sc_phase = (sc->sc_espintr & NCRINTR_DIS) ? 596 /* Disconnected */ BUSFREE_PHASE : sc->sc_espstat & NCRSTAT_PHASE; 597 598 NCR_INTS(("regs[intr=%02x,stat=%02x,step=%02x,stat2=%02x] ", 599 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep, sc->sc_espstat2)); 600 } 601 602 /* 603 * Convert Synchronous Transfer Period to chip register Clock Per Byte value. 604 */ 605 static inline int 606 ncr53c9x_stp2cpb(struct ncr53c9x_softc *sc, int period) 607 { 608 int v; 609 610 v = (sc->sc_freq * period) / 250; 611 if (ncr53c9x_cpb2stp(sc, v) < period) 612 /* Correct round-down error */ 613 v++; 614 return v; 615 } 616 617 static inline void 618 ncr53c9x_setsync(struct ncr53c9x_softc *sc, struct ncr53c9x_tinfo *ti) 619 { 620 uint8_t syncoff, synctp; 621 uint8_t cfg3 = sc->sc_cfg3 | ti->cfg3; 622 623 if (ti->flags & T_SYNCMODE) { 624 syncoff = ti->offset; 625 synctp = ncr53c9x_stp2cpb(sc, ti->period); 626 if (sc->sc_features & NCR_F_FASTSCSI) { 627 /* 628 * If the period is 200ns or less (ti->period <= 50), 629 * put the chip in Fast SCSI mode. 630 */ 631 if (ti->period <= 50) 632 /* 633 * There are (at least) 4 variations of the 634 * configuration 3 register. The drive attach 635 * routine sets the appropriate bit to put the 636 * chip into Fast SCSI mode so that it doesn't 637 * have to be figured out here each time. 638 */ 639 cfg3 |= sc->sc_cfg3_fscsi; 640 } 641 642 /* 643 * Am53c974 requires different SYNCTP values when the 644 * FSCSI bit is off. 645 */ 646 if (sc->sc_rev == NCR_VARIANT_AM53C974 && 647 (cfg3 & NCRAMDCFG3_FSCSI) == 0) 648 synctp--; 649 } else { 650 syncoff = 0; 651 synctp = 0; 652 } 653 654 if (sc->sc_features & NCR_F_HASCFG3) 655 NCR_WRITE_REG(sc, NCR_CFG3, cfg3); 656 657 NCR_WRITE_REG(sc, NCR_SYNCOFF, syncoff); 658 NCR_WRITE_REG(sc, NCR_SYNCTP, synctp); 659 } 660 661 /* 662 * Send a command to a target, set the driver state to NCR_SELECTING 663 * and let the caller take care of the rest. 664 * 665 * Keeping this as a function allows me to say that this may be done 666 * by DMA instead of programmed I/O soon. 667 */ 668 void 669 ncr53c9x_select(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 670 { 671 struct scsipi_periph *periph = ecb->xs->xs_periph; 672 int target = periph->periph_target; 673 int lun = periph->periph_lun; 674 struct ncr53c9x_tinfo *ti = &sc->sc_tinfo[target]; 675 int tiflags = ti->flags; 676 uint8_t *cmd; 677 int clen; 678 bool selatn3, selatns; 679 size_t dmasize; 680 681 NCR_TRACE(("[ncr53c9x_select(t%d,l%d,cmd:%x,tag:%x,%x)] ", 682 target, lun, ecb->cmd.cmd.opcode, ecb->tag[0], ecb->tag[1])); 683 684 sc->sc_state = NCR_SELECTING; 685 /* 686 * Schedule the timeout now, the first time we will go away 687 * expecting to come back due to an interrupt, because it is 688 * always possible that the interrupt may never happen. 689 */ 690 if ((ecb->xs->xs_control & XS_CTL_POLL) == 0) { 691 callout_reset(&ecb->xs->xs_callout, mstohz(ecb->timeout), 692 ncr53c9x_timeout, ecb); 693 } 694 695 /* 696 * The docs say the target register is never reset, and I 697 * can't think of a better place to set it 698 */ 699 if (sc->sc_rev == NCR_VARIANT_FAS366) { 700 NCRCMD(sc, NCRCMD_FLUSH); 701 NCR_WRITE_REG(sc, NCR_SELID, target | NCR_BUSID_HME); 702 } else { 703 NCR_WRITE_REG(sc, NCR_SELID, target); 704 } 705 ncr53c9x_setsync(sc, ti); 706 707 if ((ecb->flags & ECB_SENSE) != 0) { 708 /* 709 * For REQUEST SENSE, we should not send an IDENTIFY or 710 * otherwise mangle the target. There should be no MESSAGE IN 711 * phase. 712 */ 713 if (sc->sc_features & NCR_F_DMASELECT) { 714 /* setup DMA transfer for command */ 715 dmasize = clen = ecb->clen; 716 sc->sc_cmdlen = clen; 717 sc->sc_cmdp = (void *)&ecb->cmd.cmd; 718 719 NCRDMA_SETUP(sc, &sc->sc_cmdp, &sc->sc_cmdlen, 0, 720 &dmasize); 721 /* Program the SCSI counter */ 722 NCR_SET_COUNT(sc, dmasize); 723 724 if (sc->sc_rev != NCR_VARIANT_FAS366) 725 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 726 727 /* And get the targets attention */ 728 NCRCMD(sc, NCRCMD_SELNATN | NCRCMD_DMA); 729 NCRDMA_GO(sc); 730 } else { 731 ncr53c9x_wrfifo(sc, (uint8_t *)&ecb->cmd.cmd, 732 ecb->clen); 733 sc->sc_cmdlen = 0; 734 NCRCMD(sc, NCRCMD_SELNATN); 735 } 736 return; 737 } 738 739 selatn3 = selatns = false; 740 if (ecb->tag[0] != 0) { 741 if (sc->sc_features & NCR_F_SELATN3) 742 /* use SELATN3 to send tag messages */ 743 selatn3 = true; 744 else 745 /* We don't have SELATN3; use SELATNS to send tags */ 746 selatns = true; 747 } 748 749 if (ti->flags & T_NEGOTIATE) { 750 /* We have to use SELATNS to send sync/wide messages */ 751 selatn3 = false; 752 selatns = true; 753 } 754 755 cmd = (uint8_t *)&ecb->cmd.cmd; 756 757 if (selatn3) { 758 /* We'll use tags with SELATN3 */ 759 clen = ecb->clen + 3; 760 cmd -= 3; 761 cmd[0] = MSG_IDENTIFY(lun, 1); /* msg[0] */ 762 cmd[1] = ecb->tag[0]; /* msg[1] */ 763 cmd[2] = ecb->tag[1]; /* msg[2] */ 764 } else { 765 /* We don't have tags, or will send messages with SELATNS */ 766 clen = ecb->clen + 1; 767 cmd -= 1; 768 cmd[0] = MSG_IDENTIFY(lun, (tiflags & T_RSELECTOFF) == 0); 769 } 770 771 if ((sc->sc_features & NCR_F_DMASELECT) && !selatns) { 772 773 /* setup DMA transfer for command */ 774 dmasize = clen; 775 sc->sc_cmdlen = clen; 776 sc->sc_cmdp = cmd; 777 778 NCRDMA_SETUP(sc, &sc->sc_cmdp, &sc->sc_cmdlen, 0, &dmasize); 779 /* Program the SCSI counter */ 780 NCR_SET_COUNT(sc, dmasize); 781 782 /* load the count in */ 783 /* if (sc->sc_rev != NCR_VARIANT_FAS366) */ 784 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 785 786 /* And get the targets attention */ 787 if (selatn3) { 788 sc->sc_msgout = SEND_TAG; 789 sc->sc_flags |= NCR_ATN; 790 NCRCMD(sc, NCRCMD_SELATN3 | NCRCMD_DMA); 791 } else 792 NCRCMD(sc, NCRCMD_SELATN | NCRCMD_DMA); 793 NCRDMA_GO(sc); 794 return; 795 } 796 797 /* 798 * Who am I. This is where we tell the target that we are 799 * happy for it to disconnect etc. 800 */ 801 802 /* Now get the command into the FIFO */ 803 sc->sc_cmdlen = 0; 804 ncr53c9x_wrfifo(sc, cmd, clen); 805 806 /* And get the targets attention */ 807 if (selatns) { 808 NCR_MSGS(("SELATNS \n")); 809 /* Arbitrate, select and stop after IDENTIFY message */ 810 NCRCMD(sc, NCRCMD_SELATNS); 811 } else if (selatn3) { 812 sc->sc_msgout = SEND_TAG; 813 sc->sc_flags |= NCR_ATN; 814 NCRCMD(sc, NCRCMD_SELATN3); 815 } else 816 NCRCMD(sc, NCRCMD_SELATN); 817 } 818 819 void 820 ncr53c9x_free_ecb(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 821 { 822 int s; 823 824 s = splbio(); 825 ecb->flags = 0; 826 pool_put(&ecb_pool, (void *)ecb); 827 splx(s); 828 return; 829 } 830 831 struct ncr53c9x_ecb * 832 ncr53c9x_get_ecb(struct ncr53c9x_softc *sc, int flags) 833 { 834 struct ncr53c9x_ecb *ecb; 835 int s; 836 837 s = splbio(); 838 ecb = pool_get(&ecb_pool, PR_NOWAIT | PR_ZERO); 839 if (ecb) 840 ecb->flags |= ECB_ALLOC; 841 splx(s); 842 return ecb; 843 } 844 845 /* 846 * DRIVER FUNCTIONS CALLABLE FROM HIGHER LEVEL DRIVERS 847 */ 848 849 /* 850 * Start a SCSI-command 851 * This function is called by the higher level SCSI-driver to queue/run 852 * SCSI-commands. 853 */ 854 855 void 856 ncr53c9x_scsipi_request(struct scsipi_channel *chan, scsipi_adapter_req_t req, 857 void *arg) 858 { 859 struct scsipi_xfer *xs; 860 struct scsipi_periph *periph; 861 struct ncr53c9x_softc *sc; 862 struct ncr53c9x_ecb *ecb; 863 int flags; 864 865 NCR_TRACE(("[ncr53c9x_scsipi_request] ")); 866 867 sc = device_private(chan->chan_adapter->adapt_dev); 868 mutex_enter(&sc->sc_lock); 869 870 switch (req) { 871 case ADAPTER_REQ_RUN_XFER: 872 xs = arg; 873 periph = xs->xs_periph; 874 flags = xs->xs_control; 875 876 NCR_CMDS(("[0x%x, %d]->%d ", (int)xs->cmd->opcode, xs->cmdlen, 877 periph->periph_target)); 878 879 /* Get an ECB to use. */ 880 ecb = ncr53c9x_get_ecb(sc, xs->xs_control); 881 /* 882 * This should never happen as we track resources 883 * in the mid-layer, but for now it can as pool_get() 884 * can fail. 885 */ 886 if (ecb == NULL) { 887 scsipi_printaddr(periph); 888 printf("%s: unable to allocate ecb\n", 889 device_xname(sc->sc_dev)); 890 xs->error = XS_RESOURCE_SHORTAGE; 891 mutex_exit(&sc->sc_lock); 892 scsipi_done(xs); 893 return; 894 } 895 896 /* Initialize ecb */ 897 ecb->xs = xs; 898 ecb->timeout = xs->timeout; 899 900 if (flags & XS_CTL_RESET) { 901 ecb->flags |= ECB_RESET; 902 ecb->clen = 0; 903 ecb->dleft = 0; 904 } else { 905 memcpy(&ecb->cmd.cmd, xs->cmd, xs->cmdlen); 906 ecb->clen = xs->cmdlen; 907 ecb->daddr = xs->data; 908 ecb->dleft = xs->datalen; 909 } 910 ecb->stat = 0; 911 912 TAILQ_INSERT_TAIL(&sc->ready_list, ecb, chain); 913 ecb->flags |= ECB_READY; 914 if (sc->sc_state == NCR_IDLE) 915 ncr53c9x_sched(sc); 916 917 if ((flags & XS_CTL_POLL) == 0) 918 break; 919 920 /* Not allowed to use interrupts, use polling instead */ 921 if (ncr53c9x_poll(sc, xs, ecb->timeout)) { 922 ncr53c9x_timeout(ecb); 923 if (ncr53c9x_poll(sc, xs, ecb->timeout)) 924 ncr53c9x_timeout(ecb); 925 } 926 break; 927 928 case ADAPTER_REQ_GROW_RESOURCES: 929 /* XXX Not supported. */ 930 break; 931 932 case ADAPTER_REQ_SET_XFER_MODE: 933 { 934 struct ncr53c9x_tinfo *ti; 935 struct scsipi_xfer_mode *xm = arg; 936 937 ti = &sc->sc_tinfo[xm->xm_target]; 938 ti->flags &= ~(T_NEGOTIATE|T_SYNCMODE); 939 ti->period = 0; 940 ti->offset = 0; 941 942 if ((sc->sc_cfflags & (1 << ((xm->xm_target & 7) + 16))) == 0 && 943 (xm->xm_mode & PERIPH_CAP_TQING)) { 944 NCR_MISC(("%s: target %d: tagged queuing\n", 945 device_xname(sc->sc_dev), xm->xm_target)); 946 ti->flags |= T_TAG; 947 } else 948 ti->flags &= ~T_TAG; 949 950 if ((xm->xm_mode & PERIPH_CAP_WIDE16) != 0) { 951 NCR_MISC(("%s: target %d: wide scsi negotiation\n", 952 device_xname(sc->sc_dev), xm->xm_target)); 953 if (sc->sc_rev == NCR_VARIANT_FAS366) { 954 ti->flags |= T_WIDE; 955 ti->width = 1; 956 } 957 } 958 959 if ((xm->xm_mode & PERIPH_CAP_SYNC) != 0 && 960 (ti->flags & T_SYNCHOFF) == 0 && sc->sc_minsync != 0) { 961 NCR_MISC(("%s: target %d: sync negotiation\n", 962 device_xname(sc->sc_dev), xm->xm_target)); 963 ti->flags |= T_NEGOTIATE; 964 ti->period = sc->sc_minsync; 965 } 966 /* 967 * If we're not going to negotiate, send the notification 968 * now, since it won't happen later. 969 */ 970 if ((ti->flags & T_NEGOTIATE) == 0) 971 ncr53c9x_update_xfer_mode(sc, xm->xm_target); 972 } 973 break; 974 } 975 976 mutex_exit(&sc->sc_lock); 977 } 978 979 void 980 ncr53c9x_update_xfer_mode(struct ncr53c9x_softc *sc, int target) 981 { 982 struct scsipi_xfer_mode xm; 983 struct ncr53c9x_tinfo *ti = &sc->sc_tinfo[target]; 984 985 xm.xm_target = target; 986 xm.xm_mode = 0; 987 xm.xm_period = 0; 988 xm.xm_offset = 0; 989 990 if (ti->flags & T_SYNCMODE) { 991 xm.xm_mode |= PERIPH_CAP_SYNC; 992 xm.xm_period = ti->period; 993 xm.xm_offset = ti->offset; 994 } 995 if (ti->width) 996 xm.xm_mode |= PERIPH_CAP_WIDE16; 997 998 if ((ti->flags & (T_RSELECTOFF|T_TAG)) == T_TAG) 999 xm.xm_mode |= PERIPH_CAP_TQING; 1000 1001 scsipi_async_event(&sc->sc_channel, ASYNC_EVENT_XFER_MODE, &xm); 1002 } 1003 1004 /* 1005 * Used when interrupt driven I/O isn't allowed, e.g. during boot. 1006 */ 1007 int 1008 ncr53c9x_poll(struct ncr53c9x_softc *sc, struct scsipi_xfer *xs, int count) 1009 { 1010 1011 NCR_TRACE(("[ncr53c9x_poll] ")); 1012 while (count) { 1013 if (NCRDMA_ISINTR(sc)) { 1014 mutex_exit(&sc->sc_lock); 1015 ncr53c9x_intr(sc); 1016 mutex_enter(&sc->sc_lock); 1017 } 1018 #if alternatively 1019 if (NCR_READ_REG(sc, NCR_STAT) & NCRSTAT_INT) 1020 ncr53c9x_intr(sc); 1021 #endif 1022 if ((xs->xs_status & XS_STS_DONE) != 0) 1023 return 0; 1024 if (sc->sc_state == NCR_IDLE) { 1025 NCR_TRACE(("[ncr53c9x_poll: rescheduling] ")); 1026 ncr53c9x_sched(sc); 1027 } 1028 DELAY(1000); 1029 count--; 1030 } 1031 return 1; 1032 } 1033 1034 int 1035 ncr53c9x_ioctl(struct scsipi_channel *chan, u_long cmd, void *arg, 1036 int flag, struct proc *p) 1037 { 1038 struct ncr53c9x_softc *sc; 1039 int error = 0; 1040 1041 sc = device_private(chan->chan_adapter->adapt_dev); 1042 switch (cmd) { 1043 case SCBUSIORESET: 1044 mutex_enter(&sc->sc_lock); 1045 ncr53c9x_init(sc, 1); 1046 mutex_exit(&sc->sc_lock); 1047 break; 1048 default: 1049 error = ENOTTY; 1050 break; 1051 } 1052 return error; 1053 } 1054 1055 1056 /* 1057 * LOW LEVEL SCSI UTILITIES 1058 */ 1059 1060 /* 1061 * Schedule a scsi operation. This has now been pulled out of the interrupt 1062 * handler so that we may call it from ncr53c9x_scsipi_request and 1063 * ncr53c9x_done. This may save us an unnecessary interrupt just to get 1064 * things going. Should only be called when state == NCR_IDLE and at bio pl. 1065 */ 1066 void 1067 ncr53c9x_sched(struct ncr53c9x_softc *sc) 1068 { 1069 struct ncr53c9x_ecb *ecb; 1070 struct scsipi_periph *periph; 1071 struct ncr53c9x_tinfo *ti; 1072 struct ncr53c9x_linfo *li; 1073 int lun; 1074 int tag; 1075 1076 NCR_TRACE(("[ncr53c9x_sched] ")); 1077 if (sc->sc_state != NCR_IDLE) 1078 panic("%s: not IDLE (state=%d)", __func__, sc->sc_state); 1079 1080 /* 1081 * Find first ecb in ready queue that is for a target/lunit 1082 * combinations that is not busy. 1083 */ 1084 for (ecb = TAILQ_FIRST(&sc->ready_list); ecb != NULL; 1085 ecb = TAILQ_NEXT(ecb, chain)) { 1086 periph = ecb->xs->xs_periph; 1087 ti = &sc->sc_tinfo[periph->periph_target]; 1088 lun = periph->periph_lun; 1089 1090 /* Select type of tag for this command */ 1091 if ((ti->flags & T_RSELECTOFF) != 0) 1092 tag = 0; 1093 else if ((ti->flags & T_TAG) == 0) 1094 tag = 0; 1095 else if ((ecb->flags & ECB_SENSE) != 0) 1096 tag = 0; 1097 else 1098 tag = ecb->xs->xs_tag_type; 1099 #if 0 1100 /* XXXX Use tags for polled commands? */ 1101 if (ecb->xs->xs_control & XS_CTL_POLL) 1102 tag = 0; 1103 #endif 1104 1105 li = TINFO_LUN(ti, lun); 1106 if (li == NULL) { 1107 /* Initialize LUN info and add to list. */ 1108 li = malloc(sizeof(*li), M_DEVBUF, M_NOWAIT|M_ZERO); 1109 if (li == NULL) { 1110 continue; 1111 } 1112 li->lun = lun; 1113 1114 LIST_INSERT_HEAD(&ti->luns, li, link); 1115 if (lun < NCR_NLUN) 1116 ti->lun[lun] = li; 1117 } 1118 li->last_used = time_second; 1119 if (tag == 0) { 1120 /* Try to issue this as an un-tagged command */ 1121 if (li->untagged == NULL) 1122 li->untagged = ecb; 1123 } 1124 if (li->untagged != NULL) { 1125 tag = 0; 1126 if ((li->busy != 1) && li->used == 0) { 1127 /* We need to issue this untagged command now */ 1128 ecb = li->untagged; 1129 periph = ecb->xs->xs_periph; 1130 } else { 1131 /* Not ready yet */ 1132 continue; 1133 } 1134 } 1135 ecb->tag[0] = tag; 1136 if (tag != 0) { 1137 li->queued[ecb->xs->xs_tag_id] = ecb; 1138 ecb->tag[1] = ecb->xs->xs_tag_id; 1139 li->used++; 1140 } 1141 if (li->untagged != NULL && (li->busy != 1)) { 1142 li->busy = 1; 1143 TAILQ_REMOVE(&sc->ready_list, ecb, chain); 1144 ecb->flags &= ~ECB_READY; 1145 sc->sc_nexus = ecb; 1146 ncr53c9x_select(sc, ecb); 1147 break; 1148 } 1149 if (li->untagged == NULL && tag != 0) { 1150 TAILQ_REMOVE(&sc->ready_list, ecb, chain); 1151 ecb->flags &= ~ECB_READY; 1152 sc->sc_nexus = ecb; 1153 ncr53c9x_select(sc, ecb); 1154 break; 1155 } else { 1156 NCR_TRACE(("%d:%d busy\n", 1157 periph->periph_target, 1158 periph->periph_lun)); 1159 } 1160 } 1161 } 1162 1163 void 1164 ncr53c9x_sense(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 1165 { 1166 struct scsipi_xfer *xs = ecb->xs; 1167 struct scsipi_periph *periph = xs->xs_periph; 1168 struct ncr53c9x_tinfo *ti = &sc->sc_tinfo[periph->periph_target]; 1169 struct scsi_request_sense *ss = (void *)&ecb->cmd.cmd; 1170 struct ncr53c9x_linfo *li; 1171 int lun = periph->periph_lun; 1172 1173 NCR_TRACE(("requesting sense ")); 1174 /* Next, setup a request sense command block */ 1175 memset(ss, 0, sizeof(*ss)); 1176 ss->opcode = SCSI_REQUEST_SENSE; 1177 ss->byte2 = periph->periph_lun << SCSI_CMD_LUN_SHIFT; 1178 ss->length = sizeof(struct scsi_sense_data); 1179 ecb->clen = sizeof(*ss); 1180 ecb->daddr = (uint8_t *)&xs->sense.scsi_sense; 1181 ecb->dleft = sizeof(struct scsi_sense_data); 1182 ecb->flags |= ECB_SENSE; 1183 ecb->timeout = NCR_SENSE_TIMEOUT; 1184 ti->senses++; 1185 li = TINFO_LUN(ti, lun); 1186 if (li->busy) 1187 li->busy = 0; 1188 ncr53c9x_dequeue(sc, ecb); 1189 li->untagged = ecb; /* must be executed first to fix C/A */ 1190 li->busy = 2; 1191 if (ecb == sc->sc_nexus) { 1192 ncr53c9x_select(sc, ecb); 1193 } else { 1194 TAILQ_INSERT_HEAD(&sc->ready_list, ecb, chain); 1195 ecb->flags |= ECB_READY; 1196 if (sc->sc_state == NCR_IDLE) 1197 ncr53c9x_sched(sc); 1198 } 1199 } 1200 1201 /* 1202 * POST PROCESSING OF SCSI_CMD (usually current) 1203 */ 1204 void 1205 ncr53c9x_done(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 1206 { 1207 struct scsipi_xfer *xs = ecb->xs; 1208 struct scsipi_periph *periph = xs->xs_periph; 1209 struct ncr53c9x_tinfo *ti = &sc->sc_tinfo[periph->periph_target]; 1210 int lun = periph->periph_lun; 1211 struct ncr53c9x_linfo *li = TINFO_LUN(ti, lun); 1212 1213 NCR_TRACE(("[ncr53c9x_done(error:%x)] ", xs->error)); 1214 1215 if ((xs->xs_control & XS_CTL_POLL) == 0) 1216 callout_stop(&xs->xs_callout); 1217 1218 /* 1219 * Now, if we've come here with no error code, i.e. we've kept the 1220 * initial XS_NOERROR, and the status code signals that we should 1221 * check sense, we'll need to set up a request sense cmd block and 1222 * push the command back into the ready queue *before* any other 1223 * commands for this target/lunit, else we lose the sense info. 1224 * We don't support chk sense conditions for the request sense cmd. 1225 */ 1226 if (xs->error == XS_NOERROR) { 1227 xs->status = ecb->stat; 1228 if ((ecb->flags & ECB_ABORT) != 0) { 1229 xs->error = XS_TIMEOUT; 1230 } else if ((ecb->flags & ECB_SENSE) != 0) { 1231 xs->error = XS_SENSE; 1232 } else if ((ecb->stat & ST_MASK) == SCSI_CHECK) { 1233 /* First, save the return values */ 1234 xs->resid = ecb->dleft; 1235 ncr53c9x_sense(sc, ecb); 1236 return; 1237 } else { 1238 xs->resid = ecb->dleft; 1239 } 1240 if (xs->status == SCSI_QUEUE_FULL || xs->status == XS_BUSY) 1241 xs->error = XS_BUSY; 1242 } 1243 1244 #ifdef NCR53C9X_DEBUG 1245 if (ncr53c9x_debug & NCR_SHOWTRAC) { 1246 if (xs->resid != 0) 1247 printf("resid=%d ", xs->resid); 1248 if (xs->error == XS_SENSE) 1249 printf("sense=0x%02x\n", 1250 xs->sense.scsi_sense.response_code); 1251 else 1252 printf("error=%d\n", xs->error); 1253 } 1254 #endif 1255 1256 /* 1257 * Remove the ECB from whatever queue it's on. 1258 */ 1259 ncr53c9x_dequeue(sc, ecb); 1260 if (ecb == sc->sc_nexus) { 1261 sc->sc_nexus = NULL; 1262 if (sc->sc_state != NCR_CLEANING) { 1263 sc->sc_state = NCR_IDLE; 1264 ncr53c9x_sched(sc); 1265 } 1266 } 1267 1268 if (xs->error == XS_SELTIMEOUT) { 1269 /* Selection timeout -- discard this LUN if empty */ 1270 if (li->untagged == NULL && li->used == 0) { 1271 if (lun < NCR_NLUN) 1272 ti->lun[lun] = NULL; 1273 LIST_REMOVE(li, link); 1274 free(li, M_DEVBUF); 1275 } 1276 } 1277 1278 ncr53c9x_free_ecb(sc, ecb); 1279 ti->cmds++; 1280 mutex_exit(&sc->sc_lock); 1281 scsipi_done(xs); 1282 mutex_enter(&sc->sc_lock); 1283 } 1284 1285 void 1286 ncr53c9x_dequeue(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 1287 { 1288 struct ncr53c9x_tinfo *ti = 1289 &sc->sc_tinfo[ecb->xs->xs_periph->periph_target]; 1290 struct ncr53c9x_linfo *li; 1291 int64_t lun = ecb->xs->xs_periph->periph_lun; 1292 1293 li = TINFO_LUN(ti, lun); 1294 #ifdef DIAGNOSTIC 1295 if (li == NULL || li->lun != lun) 1296 panic("%s: lun %" PRIx64 " for ecb %p does not exist", 1297 __func__, lun, ecb); 1298 #endif 1299 if (li->untagged == ecb) { 1300 li->busy = 0; 1301 li->untagged = NULL; 1302 } 1303 if (ecb->tag[0] && li->queued[ecb->tag[1]] != NULL) { 1304 #ifdef DIAGNOSTIC 1305 if (li->queued[ecb->tag[1]] != NULL && 1306 (li->queued[ecb->tag[1]] != ecb)) 1307 panic("%s: slot %d for lun %" PRIx64 " has %p " 1308 "instead of ecb %p\n", __func__, ecb->tag[1], 1309 lun, 1310 li->queued[ecb->tag[1]], ecb); 1311 #endif 1312 li->queued[ecb->tag[1]] = NULL; 1313 li->used--; 1314 } 1315 1316 if ((ecb->flags & ECB_READY) != 0) { 1317 ecb->flags &= ~ECB_READY; 1318 TAILQ_REMOVE(&sc->ready_list, ecb, chain); 1319 } 1320 } 1321 1322 /* 1323 * INTERRUPT/PROTOCOL ENGINE 1324 */ 1325 1326 /* 1327 * Schedule an outgoing message by prioritizing it, and asserting 1328 * attention on the bus. We can only do this when we are the initiator 1329 * else there will be an illegal command interrupt. 1330 */ 1331 #define ncr53c9x_sched_msgout(m) \ 1332 do { \ 1333 NCR_MSGS(("ncr53c9x_sched_msgout %x %d", m, __LINE__)); \ 1334 NCRCMD(sc, NCRCMD_SETATN); \ 1335 sc->sc_flags |= NCR_ATN; \ 1336 sc->sc_msgpriq |= (m); \ 1337 } while (/* CONSTCOND */0) 1338 1339 static void 1340 ncr53c9x_flushfifo(struct ncr53c9x_softc *sc) 1341 { 1342 1343 NCR_TRACE(("[flushfifo] ")); 1344 1345 NCRCMD(sc, NCRCMD_FLUSH); 1346 1347 if (sc->sc_phase == COMMAND_PHASE || 1348 sc->sc_phase == MESSAGE_OUT_PHASE) 1349 DELAY(2); 1350 } 1351 1352 static int 1353 ncr53c9x_rdfifo(struct ncr53c9x_softc *sc, int how) 1354 { 1355 int i, n; 1356 uint8_t *ibuf; 1357 1358 switch (how) { 1359 case NCR_RDFIFO_START: 1360 ibuf = sc->sc_imess; 1361 sc->sc_imlen = 0; 1362 break; 1363 case NCR_RDFIFO_CONTINUE: 1364 ibuf = sc->sc_imess + sc->sc_imlen; 1365 break; 1366 default: 1367 panic("%s: bad flag", __func__); 1368 break; 1369 } 1370 1371 /* 1372 * XXX buffer (sc_imess) size for message 1373 */ 1374 1375 n = NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF; 1376 1377 if (sc->sc_rev == NCR_VARIANT_FAS366) { 1378 n *= 2; 1379 1380 for (i = 0; i < n; i++) 1381 ibuf[i] = NCR_READ_REG(sc, NCR_FIFO); 1382 1383 if (sc->sc_espstat2 & NCRFAS_STAT2_ISHUTTLE) { 1384 1385 NCR_WRITE_REG(sc, NCR_FIFO, 0); 1386 ibuf[i++] = NCR_READ_REG(sc, NCR_FIFO); 1387 1388 NCR_READ_REG(sc, NCR_FIFO); 1389 1390 ncr53c9x_flushfifo(sc); 1391 } 1392 } else { 1393 for (i = 0; i < n; i++) 1394 ibuf[i] = NCR_READ_REG(sc, NCR_FIFO); 1395 } 1396 1397 sc->sc_imlen += i; 1398 1399 #if 0 1400 #ifdef NCR53C9X_DEBUG 1401 { 1402 int j; 1403 1404 NCR_TRACE(("\n[rdfifo %s (%d):", 1405 (how == NCR_RDFIFO_START) ? "start" : "cont", 1406 (int)sc->sc_imlen)); 1407 if (ncr53c9x_debug & NCR_SHOWTRAC) { 1408 for (j = 0; j < sc->sc_imlen; j++) 1409 printf(" %02x", sc->sc_imess[j]); 1410 printf("]\n"); 1411 } 1412 } 1413 #endif 1414 #endif 1415 return sc->sc_imlen; 1416 } 1417 1418 static void 1419 ncr53c9x_wrfifo(struct ncr53c9x_softc *sc, uint8_t *p, int len) 1420 { 1421 int i; 1422 1423 #ifdef NCR53C9X_DEBUG 1424 NCR_MSGS(("[wrfifo(%d):", len)); 1425 if (ncr53c9x_debug & NCR_SHOWMSGS) { 1426 for (i = 0; i < len; i++) 1427 printf(" %02x", p[i]); 1428 printf("]\n"); 1429 } 1430 #endif 1431 1432 for (i = 0; i < len; i++) { 1433 NCR_WRITE_REG(sc, NCR_FIFO, p[i]); 1434 1435 if (sc->sc_rev == NCR_VARIANT_FAS366) 1436 NCR_WRITE_REG(sc, NCR_FIFO, 0); 1437 } 1438 } 1439 1440 int 1441 ncr53c9x_reselect(struct ncr53c9x_softc *sc, int message, int tagtype, 1442 int tagid) 1443 { 1444 uint8_t selid, target, lun; 1445 struct ncr53c9x_ecb *ecb = NULL; 1446 struct ncr53c9x_tinfo *ti; 1447 struct ncr53c9x_linfo *li; 1448 1449 if (sc->sc_rev == NCR_VARIANT_FAS366) { 1450 target = sc->sc_selid; 1451 } else { 1452 /* 1453 * The SCSI chip made a snapshot of the data bus 1454 * while the reselection was being negotiated. 1455 * This enables us to determine which target did 1456 * the reselect. 1457 */ 1458 selid = sc->sc_selid & ~(1 << sc->sc_id); 1459 if (selid & (selid - 1)) { 1460 printf("%s: reselect with invalid selid %02x;" 1461 " sending DEVICE RESET\n", 1462 device_xname(sc->sc_dev), selid); 1463 goto reset; 1464 } 1465 1466 target = ffs(selid) - 1; 1467 } 1468 lun = message & 0x07; 1469 1470 /* 1471 * Search wait queue for disconnected cmd 1472 * The list should be short, so I haven't bothered with 1473 * any more sophisticated structures than a simple 1474 * singly linked list. 1475 */ 1476 ti = &sc->sc_tinfo[target]; 1477 li = TINFO_LUN(ti, lun); 1478 1479 /* 1480 * We can get as far as the LUN with the IDENTIFY 1481 * message. Check to see if we're running an 1482 * un-tagged command. Otherwise ack the IDENTIFY 1483 * and wait for a tag message. 1484 */ 1485 if (li != NULL) { 1486 if (li->untagged != NULL && li->busy) 1487 ecb = li->untagged; 1488 else if (tagtype != MSG_SIMPLE_Q_TAG) { 1489 /* Wait for tag to come by */ 1490 sc->sc_state = NCR_IDENTIFIED; 1491 return 0; 1492 } else if (tagtype) 1493 ecb = li->queued[tagid]; 1494 } 1495 if (ecb == NULL) { 1496 printf("%s: reselect from target %d lun %d tag %x:%x " 1497 "with no nexus; sending ABORT\n", 1498 device_xname(sc->sc_dev), target, lun, tagtype, tagid); 1499 goto abort; 1500 } 1501 1502 /* Make this nexus active again. */ 1503 sc->sc_state = NCR_CONNECTED; 1504 sc->sc_nexus = ecb; 1505 ncr53c9x_setsync(sc, ti); 1506 1507 if (ecb->flags & ECB_RESET) 1508 ncr53c9x_sched_msgout(SEND_DEV_RESET); 1509 else if (ecb->flags & ECB_ABORT) 1510 ncr53c9x_sched_msgout(SEND_ABORT); 1511 1512 /* Do an implicit RESTORE POINTERS. */ 1513 sc->sc_dp = ecb->daddr; 1514 sc->sc_dleft = ecb->dleft; 1515 1516 return 0; 1517 1518 reset: 1519 ncr53c9x_sched_msgout(SEND_DEV_RESET); 1520 return 1; 1521 1522 abort: 1523 ncr53c9x_sched_msgout(SEND_ABORT); 1524 return 1; 1525 } 1526 1527 static inline int 1528 __verify_msg_format(uint8_t *p, int len) 1529 { 1530 1531 if (len == 1 && MSG_IS1BYTE(p[0])) 1532 return 1; 1533 if (len == 2 && MSG_IS2BYTE(p[0])) 1534 return 1; 1535 if (len >= 3 && MSG_ISEXTENDED(p[0]) && 1536 len == p[1] + 2) 1537 return 1; 1538 1539 return 0; 1540 } 1541 1542 /* 1543 * Get an incoming message as initiator. 1544 * 1545 * The SCSI bus must already be in MESSAGE_IN_PHASE and there is a 1546 * byte in the FIFO 1547 */ 1548 void 1549 ncr53c9x_msgin(struct ncr53c9x_softc *sc) 1550 { 1551 1552 NCR_TRACE(("[ncr53c9x_msgin(curmsglen:%ld)] ", (long)sc->sc_imlen)); 1553 1554 if (sc->sc_imlen == 0) { 1555 printf("%s: msgin: no msg byte available\n", 1556 device_xname(sc->sc_dev)); 1557 return; 1558 } 1559 1560 /* 1561 * Prepare for a new message. A message should (according 1562 * to the SCSI standard) be transmitted in one single 1563 * MESSAGE_IN_PHASE. If we have been in some other phase, 1564 * then this is a new message. 1565 */ 1566 if (sc->sc_prevphase != MESSAGE_IN_PHASE && 1567 sc->sc_state != NCR_RESELECTED) { 1568 printf("%s: phase change, dropping message, " 1569 "prev %d, state %d\n", 1570 device_xname(sc->sc_dev), sc->sc_prevphase, sc->sc_state); 1571 sc->sc_flags &= ~NCR_DROP_MSGI; 1572 sc->sc_imlen = 0; 1573 } 1574 1575 /* 1576 * If we're going to reject the message, don't bother storing 1577 * the incoming bytes. But still, we need to ACK them. 1578 */ 1579 if ((sc->sc_flags & NCR_DROP_MSGI) != 0) { 1580 NCRCMD(sc, NCRCMD_MSGOK); 1581 printf("<dropping msg byte %x>", sc->sc_imess[sc->sc_imlen]); 1582 return; 1583 } 1584 1585 if (sc->sc_imlen >= NCR_MAX_MSG_LEN) { 1586 ncr53c9x_sched_msgout(SEND_REJECT); 1587 sc->sc_flags |= NCR_DROP_MSGI; 1588 } else { 1589 uint8_t *pb; 1590 int plen; 1591 1592 switch (sc->sc_state) { 1593 /* 1594 * if received message is the first of reselection 1595 * then first byte is selid, and then message 1596 */ 1597 case NCR_RESELECTED: 1598 pb = sc->sc_imess + 1; 1599 plen = sc->sc_imlen - 1; 1600 break; 1601 default: 1602 pb = sc->sc_imess; 1603 plen = sc->sc_imlen; 1604 break; 1605 } 1606 1607 if (__verify_msg_format(pb, plen)) 1608 goto gotit; 1609 } 1610 1611 /* Ack what we have so far */ 1612 NCRCMD(sc, NCRCMD_MSGOK); 1613 return; 1614 1615 gotit: 1616 NCR_MSGS(("gotmsg(%x) state %d", sc->sc_imess[0], sc->sc_state)); 1617 /* we got complete message, flush the imess, */ 1618 /* XXX nobody uses imlen below */ 1619 sc->sc_imlen = 0; 1620 /* 1621 * Now we should have a complete message (1 byte, 2 byte 1622 * and moderately long extended messages). We only handle 1623 * extended messages which total length is shorter than 1624 * NCR_MAX_MSG_LEN. Longer messages will be amputated. 1625 */ 1626 switch (sc->sc_state) { 1627 struct ncr53c9x_ecb *ecb; 1628 struct ncr53c9x_tinfo *ti; 1629 struct ncr53c9x_linfo *li; 1630 int lun; 1631 1632 case NCR_CONNECTED: 1633 ecb = sc->sc_nexus; 1634 ti = &sc->sc_tinfo[ecb->xs->xs_periph->periph_target]; 1635 1636 switch (sc->sc_imess[0]) { 1637 case MSG_CMDCOMPLETE: 1638 NCR_MSGS(("cmdcomplete ")); 1639 if (sc->sc_dleft < 0) { 1640 scsipi_printaddr(ecb->xs->xs_periph); 1641 printf("%s: got %ld extra bytes\n", 1642 device_xname(sc->sc_dev), 1643 -(long)sc->sc_dleft); 1644 sc->sc_dleft = 0; 1645 } 1646 ecb->dleft = (ecb->flags & ECB_TENTATIVE_DONE) ? 1647 0 : sc->sc_dleft; 1648 if ((ecb->flags & ECB_SENSE) == 0) 1649 ecb->xs->resid = ecb->dleft; 1650 sc->sc_state = NCR_CMDCOMPLETE; 1651 break; 1652 1653 case MSG_MESSAGE_REJECT: 1654 NCR_MSGS(("msg reject (msgout=%x) ", sc->sc_msgout)); 1655 switch (sc->sc_msgout) { 1656 case SEND_TAG: 1657 /* 1658 * Target does not like tagged queuing. 1659 * - Flush the command queue 1660 * - Disable tagged queuing for the target 1661 * - Dequeue ecb from the queued array. 1662 */ 1663 printf("%s: tagged queuing rejected: " 1664 "target %d\n", 1665 device_xname(sc->sc_dev), 1666 ecb->xs->xs_periph->periph_target); 1667 1668 NCR_MSGS(("(rejected sent tag)")); 1669 NCRCMD(sc, NCRCMD_FLUSH); 1670 DELAY(1); 1671 ti->flags &= ~T_TAG; 1672 lun = ecb->xs->xs_periph->periph_lun; 1673 li = TINFO_LUN(ti, lun); 1674 if (ecb->tag[0] && 1675 li->queued[ecb->tag[1]] != NULL) { 1676 li->queued[ecb->tag[1]] = NULL; 1677 li->used--; 1678 } 1679 ecb->tag[0] = ecb->tag[1] = 0; 1680 li->untagged = ecb; 1681 li->busy = 1; 1682 break; 1683 1684 case SEND_SDTR: 1685 printf("%s: sync transfer rejected: " 1686 "target %d\n", 1687 device_xname(sc->sc_dev), 1688 ecb->xs->xs_periph->periph_target); 1689 1690 sc->sc_flags &= ~NCR_SYNCHNEGO; 1691 ti->flags &= ~(T_NEGOTIATE | T_SYNCMODE); 1692 ncr53c9x_setsync(sc, ti); 1693 ncr53c9x_update_xfer_mode(sc, 1694 ecb->xs->xs_periph->periph_target); 1695 break; 1696 1697 case SEND_WDTR: 1698 printf("%s: wide transfer rejected: " 1699 "target %d\n", 1700 device_xname(sc->sc_dev), 1701 ecb->xs->xs_periph->periph_target); 1702 ti->flags &= ~(T_WIDE | T_WDTRSENT); 1703 ti->width = 0; 1704 break; 1705 1706 case SEND_INIT_DET_ERR: 1707 goto abort; 1708 } 1709 break; 1710 1711 case MSG_NOOP: 1712 NCR_MSGS(("noop ")); 1713 break; 1714 1715 case MSG_HEAD_OF_Q_TAG: 1716 case MSG_SIMPLE_Q_TAG: 1717 case MSG_ORDERED_Q_TAG: 1718 NCR_MSGS(("TAG %x:%x", 1719 sc->sc_imess[0], sc->sc_imess[1])); 1720 break; 1721 1722 case MSG_DISCONNECT: 1723 NCR_MSGS(("disconnect ")); 1724 ti->dconns++; 1725 sc->sc_state = NCR_DISCONNECT; 1726 1727 /* 1728 * Mark the fact that all bytes have moved. The 1729 * target may not bother to do a SAVE POINTERS 1730 * at this stage. This flag will set the residual 1731 * count to zero on MSG COMPLETE. 1732 */ 1733 if (sc->sc_dleft == 0) 1734 ecb->flags |= ECB_TENTATIVE_DONE; 1735 1736 break; 1737 1738 case MSG_SAVEDATAPOINTER: 1739 NCR_MSGS(("save datapointer ")); 1740 ecb->daddr = sc->sc_dp; 1741 ecb->dleft = sc->sc_dleft; 1742 break; 1743 1744 case MSG_RESTOREPOINTERS: 1745 NCR_MSGS(("restore datapointer ")); 1746 sc->sc_dp = ecb->daddr; 1747 sc->sc_dleft = ecb->dleft; 1748 break; 1749 1750 case MSG_EXTENDED: 1751 NCR_MSGS(("extended(%x) ", sc->sc_imess[2])); 1752 switch (sc->sc_imess[2]) { 1753 case MSG_EXT_SDTR: 1754 NCR_MSGS(("SDTR period %d, offset %d ", 1755 sc->sc_imess[3], sc->sc_imess[4])); 1756 if (sc->sc_imess[1] != 3) 1757 goto reject; 1758 ti->period = sc->sc_imess[3]; 1759 ti->offset = sc->sc_imess[4]; 1760 ti->flags &= ~T_NEGOTIATE; 1761 if (sc->sc_minsync == 0 || 1762 ti->offset == 0 || 1763 ti->period > 124) { 1764 #if 0 1765 #ifdef NCR53C9X_DEBUG 1766 scsipi_printaddr(ecb->xs->xs_periph); 1767 printf("async mode\n"); 1768 #endif 1769 #endif 1770 ti->flags &= ~T_SYNCMODE; 1771 if ((sc->sc_flags&NCR_SYNCHNEGO) == 0) { 1772 /* 1773 * target initiated negotiation 1774 */ 1775 ti->offset = 0; 1776 ncr53c9x_sched_msgout( 1777 SEND_SDTR); 1778 } 1779 } else { 1780 int p; 1781 1782 p = ncr53c9x_stp2cpb(sc, ti->period); 1783 ti->period = ncr53c9x_cpb2stp(sc, p); 1784 if ((sc->sc_flags&NCR_SYNCHNEGO) == 0) { 1785 /* 1786 * target initiated negotiation 1787 */ 1788 if (ti->period < 1789 sc->sc_minsync) 1790 ti->period = 1791 sc->sc_minsync; 1792 if (ti->offset > 15) 1793 ti->offset = 15; 1794 ti->flags &= ~T_SYNCMODE; 1795 ncr53c9x_sched_msgout( 1796 SEND_SDTR); 1797 } else { 1798 /* we are sync */ 1799 ti->flags |= T_SYNCMODE; 1800 } 1801 } 1802 ncr53c9x_update_xfer_mode(sc, 1803 ecb->xs->xs_periph->periph_target); 1804 sc->sc_flags &= ~NCR_SYNCHNEGO; 1805 ncr53c9x_setsync(sc, ti); 1806 break; 1807 1808 case MSG_EXT_WDTR: 1809 #ifdef NCR53C9X_DEBUG 1810 printf("%s: wide mode %d\n", 1811 device_xname(sc->sc_dev), sc->sc_imess[3]); 1812 #endif 1813 if (sc->sc_imess[3] == 1) { 1814 ti->cfg3 |= NCRFASCFG3_EWIDE; 1815 ncr53c9x_setsync(sc, ti); 1816 } else 1817 ti->width = 0; 1818 /* 1819 * Device started width negotiation. 1820 */ 1821 if ((ti->flags & T_WDTRSENT) == 0) 1822 ncr53c9x_sched_msgout(SEND_WDTR); 1823 ti->flags &= ~(T_WIDE | T_WDTRSENT); 1824 break; 1825 default: 1826 scsipi_printaddr(ecb->xs->xs_periph); 1827 printf("%s: unrecognized MESSAGE EXTENDED;" 1828 " sending REJECT\n", 1829 device_xname(sc->sc_dev)); 1830 goto reject; 1831 } 1832 break; 1833 case MSG_IGN_WIDE_RESIDUE: 1834 NCR_MSGS(("ignore wide residue ")); 1835 break; 1836 1837 default: 1838 NCR_MSGS(("ident ")); 1839 scsipi_printaddr(ecb->xs->xs_periph); 1840 printf("%s: unrecognized MESSAGE (%x); sending REJECT\n", 1841 device_xname(sc->sc_dev), sc->sc_imess[0]); 1842 reject: 1843 ncr53c9x_sched_msgout(SEND_REJECT); 1844 break; 1845 } 1846 break; 1847 1848 case NCR_IDENTIFIED: 1849 /* 1850 * IDENTIFY message was received and queue tag is expected now 1851 */ 1852 if ((sc->sc_imess[0] != MSG_SIMPLE_Q_TAG) || 1853 (sc->sc_msgify == 0)) { 1854 printf("%s: TAG reselect without IDENTIFY;" 1855 " MSG %x;" 1856 " sending DEVICE RESET\n", 1857 device_xname(sc->sc_dev), 1858 sc->sc_imess[0]); 1859 goto reset; 1860 } 1861 (void)ncr53c9x_reselect(sc, sc->sc_msgify, 1862 sc->sc_imess[0], sc->sc_imess[1]); 1863 break; 1864 1865 case NCR_RESELECTED: 1866 if (MSG_ISIDENTIFY(sc->sc_imess[1])) { 1867 sc->sc_msgify = sc->sc_imess[1]; 1868 } else { 1869 printf("%s: reselect without IDENTIFY;" 1870 " MSG %x;" 1871 " sending DEVICE RESET\n", 1872 device_xname(sc->sc_dev), 1873 sc->sc_imess[1]); 1874 goto reset; 1875 } 1876 (void)ncr53c9x_reselect(sc, sc->sc_msgify, 0, 0); 1877 break; 1878 1879 default: 1880 printf("%s: unexpected MESSAGE IN; sending DEVICE RESET\n", 1881 device_xname(sc->sc_dev)); 1882 reset: 1883 ncr53c9x_sched_msgout(SEND_DEV_RESET); 1884 break; 1885 1886 abort: 1887 ncr53c9x_sched_msgout(SEND_ABORT); 1888 break; 1889 } 1890 1891 /* if we have more messages to send set ATN */ 1892 if (sc->sc_msgpriq) 1893 NCRCMD(sc, NCRCMD_SETATN); 1894 1895 /* Ack last message byte */ 1896 NCRCMD(sc, NCRCMD_MSGOK); 1897 1898 /* Done, reset message pointer. */ 1899 sc->sc_flags &= ~NCR_DROP_MSGI; 1900 sc->sc_imlen = 0; 1901 } 1902 1903 1904 /* 1905 * Send the highest priority, scheduled message 1906 */ 1907 void 1908 ncr53c9x_msgout(struct ncr53c9x_softc *sc) 1909 { 1910 struct ncr53c9x_tinfo *ti; 1911 struct ncr53c9x_ecb *ecb; 1912 size_t size; 1913 1914 NCR_TRACE(("[ncr53c9x_msgout(priq:%x, prevphase:%x)]", 1915 sc->sc_msgpriq, sc->sc_prevphase)); 1916 1917 /* 1918 * XXX - the NCR_ATN flag is not in sync with the actual ATN 1919 * condition on the SCSI bus. The 53c9x chip 1920 * automatically turns off ATN before sending the 1921 * message byte. (see also the comment below in the 1922 * default case when picking out a message to send) 1923 */ 1924 if (sc->sc_flags & NCR_ATN) { 1925 if (sc->sc_prevphase != MESSAGE_OUT_PHASE) { 1926 new: 1927 NCRCMD(sc, NCRCMD_FLUSH); 1928 #if 0 1929 DELAY(1); 1930 #endif 1931 sc->sc_msgoutq = 0; 1932 sc->sc_omlen = 0; 1933 } 1934 } else { 1935 if (sc->sc_prevphase == MESSAGE_OUT_PHASE) { 1936 ncr53c9x_sched_msgout(sc->sc_msgoutq); 1937 goto new; 1938 } else { 1939 printf("%s at line %d: unexpected MESSAGE OUT phase\n", 1940 device_xname(sc->sc_dev), __LINE__); 1941 } 1942 } 1943 1944 if (sc->sc_omlen == 0) { 1945 /* Pick up highest priority message */ 1946 sc->sc_msgout = sc->sc_msgpriq & -sc->sc_msgpriq; 1947 sc->sc_msgoutq |= sc->sc_msgout; 1948 sc->sc_msgpriq &= ~sc->sc_msgout; 1949 sc->sc_omlen = 1; /* "Default" message len */ 1950 switch (sc->sc_msgout) { 1951 case SEND_SDTR: 1952 ecb = sc->sc_nexus; 1953 ti = &sc->sc_tinfo[ecb->xs->xs_periph->periph_target]; 1954 sc->sc_omess[0] = MSG_EXTENDED; 1955 sc->sc_omess[1] = MSG_EXT_SDTR_LEN; 1956 sc->sc_omess[2] = MSG_EXT_SDTR; 1957 sc->sc_omess[3] = ti->period; 1958 sc->sc_omess[4] = ti->offset; 1959 sc->sc_omlen = 5; 1960 if ((sc->sc_flags & NCR_SYNCHNEGO) == 0) { 1961 ti->flags |= T_SYNCMODE; 1962 ncr53c9x_setsync(sc, ti); 1963 } 1964 break; 1965 case SEND_WDTR: 1966 ecb = sc->sc_nexus; 1967 ti = &sc->sc_tinfo[ecb->xs->xs_periph->periph_target]; 1968 sc->sc_omess[0] = MSG_EXTENDED; 1969 sc->sc_omess[1] = MSG_EXT_WDTR_LEN; 1970 sc->sc_omess[2] = MSG_EXT_WDTR; 1971 sc->sc_omess[3] = ti->width; 1972 sc->sc_omlen = 4; 1973 break; 1974 case SEND_IDENTIFY: 1975 if (sc->sc_state != NCR_CONNECTED) { 1976 printf("%s at line %d: no nexus\n", 1977 device_xname(sc->sc_dev), __LINE__); 1978 } 1979 ecb = sc->sc_nexus; 1980 sc->sc_omess[0] = 1981 MSG_IDENTIFY(ecb->xs->xs_periph->periph_lun, 0); 1982 break; 1983 case SEND_TAG: 1984 if (sc->sc_state != NCR_CONNECTED) { 1985 printf("%s at line %d: no nexus\n", 1986 device_xname(sc->sc_dev), __LINE__); 1987 } 1988 ecb = sc->sc_nexus; 1989 sc->sc_omess[0] = ecb->tag[0]; 1990 sc->sc_omess[1] = ecb->tag[1]; 1991 sc->sc_omlen = 2; 1992 break; 1993 case SEND_DEV_RESET: 1994 sc->sc_flags |= NCR_ABORTING; 1995 sc->sc_omess[0] = MSG_BUS_DEV_RESET; 1996 ecb = sc->sc_nexus; 1997 ti = &sc->sc_tinfo[ecb->xs->xs_periph->periph_target]; 1998 ti->flags &= ~T_SYNCMODE; 1999 ncr53c9x_update_xfer_mode(sc, 2000 ecb->xs->xs_periph->periph_target); 2001 if ((ti->flags & T_SYNCHOFF) == 0) 2002 /* We can re-start sync negotiation */ 2003 ti->flags |= T_NEGOTIATE; 2004 break; 2005 case SEND_PARITY_ERROR: 2006 sc->sc_omess[0] = MSG_PARITY_ERROR; 2007 break; 2008 case SEND_ABORT: 2009 sc->sc_flags |= NCR_ABORTING; 2010 sc->sc_omess[0] = MSG_ABORT; 2011 break; 2012 case SEND_INIT_DET_ERR: 2013 sc->sc_omess[0] = MSG_INITIATOR_DET_ERR; 2014 break; 2015 case SEND_REJECT: 2016 sc->sc_omess[0] = MSG_MESSAGE_REJECT; 2017 break; 2018 default: 2019 /* 2020 * We normally do not get here, since the chip 2021 * automatically turns off ATN before the last 2022 * byte of a message is sent to the target. 2023 * However, if the target rejects our (multi-byte) 2024 * message early by switching to MSG IN phase 2025 * ATN remains on, so the target may return to 2026 * MSG OUT phase. If there are no scheduled messages 2027 * left we send a NO-OP. 2028 * 2029 * XXX - Note that this leaves no useful purpose for 2030 * the NCR_ATN flag. 2031 */ 2032 sc->sc_flags &= ~NCR_ATN; 2033 sc->sc_omess[0] = MSG_NOOP; 2034 break; 2035 } 2036 sc->sc_omp = sc->sc_omess; 2037 } 2038 2039 #ifdef DEBUG 2040 if (ncr53c9x_debug & NCR_SHOWMSGS) { 2041 int i; 2042 2043 NCR_MSGS(("<msgout:")); 2044 for (i = 0; i < sc->sc_omlen; i++) 2045 NCR_MSGS((" %02x", sc->sc_omess[i])); 2046 NCR_MSGS(("> ")); 2047 } 2048 #endif 2049 if (sc->sc_rev == NCR_VARIANT_FAS366) { 2050 /* 2051 * XXX fifo size 2052 */ 2053 ncr53c9x_flushfifo(sc); 2054 ncr53c9x_wrfifo(sc, sc->sc_omp, sc->sc_omlen); 2055 sc->sc_cmdlen = 0; 2056 NCRCMD(sc, NCRCMD_TRANS); 2057 } else { 2058 /* (re)send the message */ 2059 size = uimin(sc->sc_omlen, sc->sc_maxxfer); 2060 NCRDMA_SETUP(sc, &sc->sc_omp, &sc->sc_omlen, 0, &size); 2061 /* Program the SCSI counter */ 2062 NCR_SET_COUNT(sc, size); 2063 2064 /* Load the count in and start the message-out transfer */ 2065 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 2066 NCRCMD(sc, NCRCMD_TRANS | NCRCMD_DMA); 2067 NCRDMA_GO(sc); 2068 } 2069 } 2070 2071 /* 2072 * This is the most critical part of the driver, and has to know 2073 * how to deal with *all* error conditions and phases from the SCSI 2074 * bus. If there are no errors and the DMA was active, then call the 2075 * DMA pseudo-interrupt handler. If this returns 1, then that was it 2076 * and we can return from here without further processing. 2077 * 2078 * Most of this needs verifying. 2079 */ 2080 int 2081 ncr53c9x_intr(void *arg) 2082 { 2083 struct ncr53c9x_softc *sc = arg; 2084 struct ncr53c9x_ecb *ecb; 2085 struct scsipi_periph *periph; 2086 struct ncr53c9x_tinfo *ti; 2087 size_t size; 2088 int nfifo; 2089 2090 NCR_INTS(("[ncr53c9x_intr: state %d]", sc->sc_state)); 2091 2092 if (!NCRDMA_ISINTR(sc)) 2093 return 0; 2094 2095 mutex_enter(&sc->sc_lock); 2096 again: 2097 /* and what do the registers say... */ 2098 ncr53c9x_readregs(sc); 2099 2100 sc->sc_intrcnt.ev_count++; 2101 2102 /* 2103 * At the moment, only a SCSI Bus Reset or Illegal 2104 * Command are classed as errors. A disconnect is a 2105 * valid condition, and we let the code check is the 2106 * "NCR_BUSFREE_OK" flag was set before declaring it 2107 * and error. 2108 * 2109 * Also, the status register tells us about "Gross 2110 * Errors" and "Parity errors". Only the Gross Error 2111 * is really bad, and the parity errors are dealt 2112 * with later 2113 * 2114 * TODO 2115 * If there are too many parity error, go to slow 2116 * cable mode ? 2117 */ 2118 2119 /* SCSI Reset */ 2120 if ((sc->sc_espintr & NCRINTR_SBR) != 0) { 2121 if ((NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) != 0) { 2122 NCRCMD(sc, NCRCMD_FLUSH); 2123 DELAY(1); 2124 } 2125 if (sc->sc_state != NCR_SBR) { 2126 printf("%s: SCSI bus reset\n", 2127 device_xname(sc->sc_dev)); 2128 ncr53c9x_init(sc, 0); /* Restart everything */ 2129 goto out; 2130 } 2131 #if 0 2132 /*XXX*/ printf("<expected bus reset: " 2133 "[intr %x, stat %x, step %d]>\n", 2134 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep); 2135 #endif 2136 if (sc->sc_nexus != NULL) 2137 panic("%s: nexus in reset state", 2138 device_xname(sc->sc_dev)); 2139 goto sched; 2140 } 2141 2142 ecb = sc->sc_nexus; 2143 2144 #define NCRINTR_ERR (NCRINTR_SBR|NCRINTR_ILL) 2145 if (sc->sc_espintr & NCRINTR_ERR || 2146 sc->sc_espstat & NCRSTAT_GE) { 2147 2148 if ((sc->sc_espstat & NCRSTAT_GE) != 0) { 2149 /* Gross Error; no target ? */ 2150 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2151 NCRCMD(sc, NCRCMD_FLUSH); 2152 DELAY(1); 2153 } 2154 if (sc->sc_state == NCR_CONNECTED || 2155 sc->sc_state == NCR_SELECTING) { 2156 ecb->xs->error = XS_TIMEOUT; 2157 ncr53c9x_done(sc, ecb); 2158 } 2159 goto out; 2160 } 2161 2162 if ((sc->sc_espintr & NCRINTR_ILL) != 0) { 2163 if ((sc->sc_flags & NCR_EXPECT_ILLCMD) != 0) { 2164 /* 2165 * Eat away "Illegal command" interrupt 2166 * on a ESP100 caused by a re-selection 2167 * while we were trying to select 2168 * another target. 2169 */ 2170 #ifdef NCR53C9X_DEBUG 2171 printf("%s: ESP100 work-around activated\n", 2172 device_xname(sc->sc_dev)); 2173 #endif 2174 sc->sc_flags &= ~NCR_EXPECT_ILLCMD; 2175 goto out; 2176 } 2177 /* illegal command, out of sync ? */ 2178 printf("%s: illegal command: 0x%x " 2179 "(state %d, phase %x, prevphase %x)\n", 2180 device_xname(sc->sc_dev), sc->sc_lastcmd, 2181 sc->sc_state, sc->sc_phase, sc->sc_prevphase); 2182 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2183 NCRCMD(sc, NCRCMD_FLUSH); 2184 DELAY(1); 2185 } 2186 ncr53c9x_init(sc, 1); /* Restart everything */ 2187 goto out; 2188 } 2189 } 2190 sc->sc_flags &= ~NCR_EXPECT_ILLCMD; 2191 2192 /* 2193 * Call if DMA is active. 2194 * 2195 * If DMA_INTR returns true, then maybe go 'round the loop 2196 * again in case there is no more DMA queued, but a phase 2197 * change is expected. 2198 */ 2199 if (NCRDMA_ISACTIVE(sc)) { 2200 int r = NCRDMA_INTR(sc); 2201 if (r == -1) { 2202 printf("%s: DMA error; resetting\n", 2203 device_xname(sc->sc_dev)); 2204 ncr53c9x_init(sc, 1); 2205 goto out; 2206 } 2207 /* If DMA active here, then go back to work... */ 2208 if (NCRDMA_ISACTIVE(sc)) 2209 goto out; 2210 2211 if ((sc->sc_espstat & NCRSTAT_TC) == 0) { 2212 /* 2213 * DMA not completed. If we can not find a 2214 * acceptable explanation, print a diagnostic. 2215 */ 2216 if (sc->sc_state == NCR_SELECTING) 2217 /* 2218 * This can happen if we are reselected 2219 * while using DMA to select a target. 2220 */ 2221 /*void*/; 2222 else if (sc->sc_prevphase == MESSAGE_OUT_PHASE) { 2223 /* 2224 * Our (multi-byte) message (eg SDTR) was 2225 * interrupted by the target to send 2226 * a MSG REJECT. 2227 * Print diagnostic if current phase 2228 * is not MESSAGE IN. 2229 */ 2230 if (sc->sc_phase != MESSAGE_IN_PHASE) 2231 printf("%s: !TC on MSG OUT" 2232 " [intr %x, stat %x, step %d]" 2233 " prevphase %x, resid %lx\n", 2234 device_xname(sc->sc_dev), 2235 sc->sc_espintr, 2236 sc->sc_espstat, 2237 sc->sc_espstep, 2238 sc->sc_prevphase, 2239 (u_long)sc->sc_omlen); 2240 } else if (sc->sc_dleft == 0) { 2241 /* 2242 * The DMA operation was started for 2243 * a DATA transfer. Print a diagnostic 2244 * if the DMA counter and TC bit 2245 * appear to be out of sync. 2246 */ 2247 printf("%s: !TC on DATA XFER" 2248 " [intr %x, stat %x, step %d]" 2249 " prevphase %x, resid %x\n", 2250 device_xname(sc->sc_dev), 2251 sc->sc_espintr, 2252 sc->sc_espstat, 2253 sc->sc_espstep, 2254 sc->sc_prevphase, 2255 ecb ? ecb->dleft : -1); 2256 } 2257 } 2258 } 2259 2260 /* 2261 * Check for less serious errors. 2262 */ 2263 if ((sc->sc_espstat & NCRSTAT_PE) != 0) { 2264 printf("%s: SCSI bus parity error\n", device_xname(sc->sc_dev)); 2265 if (sc->sc_prevphase == MESSAGE_IN_PHASE) 2266 ncr53c9x_sched_msgout(SEND_PARITY_ERROR); 2267 else 2268 ncr53c9x_sched_msgout(SEND_INIT_DET_ERR); 2269 } 2270 2271 if ((sc->sc_espintr & NCRINTR_DIS) != 0) { 2272 sc->sc_msgify = 0; 2273 NCR_INTS(("<DISC [intr %x, stat %x, step %d]>", 2274 sc->sc_espintr,sc->sc_espstat,sc->sc_espstep)); 2275 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2276 NCRCMD(sc, NCRCMD_FLUSH); 2277 #if 0 2278 DELAY(1); 2279 #endif 2280 } 2281 /* 2282 * This command must (apparently) be issued within 2283 * 250mS of a disconnect. So here you are... 2284 */ 2285 NCRCMD(sc, NCRCMD_ENSEL); 2286 2287 switch (sc->sc_state) { 2288 case NCR_RESELECTED: 2289 goto sched; 2290 2291 case NCR_SELECTING: 2292 { 2293 struct ncr53c9x_linfo *li; 2294 2295 ecb->xs->error = XS_SELTIMEOUT; 2296 2297 /* Selection timeout -- discard all LUNs if empty */ 2298 periph = ecb->xs->xs_periph; 2299 ti = &sc->sc_tinfo[periph->periph_target]; 2300 li = LIST_FIRST(&ti->luns); 2301 while (li != NULL) { 2302 if (li->untagged == NULL && li->used == 0) { 2303 if (li->lun < NCR_NLUN) 2304 ti->lun[li->lun] = NULL; 2305 LIST_REMOVE(li, link); 2306 free(li, M_DEVBUF); 2307 /* 2308 * Restart the search at the beginning 2309 */ 2310 li = LIST_FIRST(&ti->luns); 2311 continue; 2312 } 2313 li = LIST_NEXT(li, link); 2314 } 2315 goto finish; 2316 } 2317 case NCR_CONNECTED: 2318 if ((sc->sc_flags & NCR_SYNCHNEGO) != 0) { 2319 #ifdef NCR53C9X_DEBUG 2320 if (ecb != NULL) 2321 scsipi_printaddr(ecb->xs->xs_periph); 2322 printf("sync nego not completed!\n"); 2323 #endif 2324 ti = &sc->sc_tinfo[ 2325 ecb->xs->xs_periph->periph_target]; 2326 sc->sc_flags &= ~NCR_SYNCHNEGO; 2327 ti->flags &= ~(T_NEGOTIATE | T_SYNCMODE); 2328 } 2329 2330 /* it may be OK to disconnect */ 2331 if ((sc->sc_flags & NCR_ABORTING) == 0) { 2332 /* 2333 * Section 5.1.1 of the SCSI 2 spec 2334 * suggests issuing a REQUEST SENSE 2335 * following an unexpected disconnect. 2336 * Some devices go into a contingent 2337 * allegiance condition when 2338 * disconnecting, and this is necessary 2339 * to clean up their state. 2340 */ 2341 printf("%s: unexpected disconnect " 2342 "[state %d, intr %x, stat %x, phase(c %x, p %x)]; ", 2343 device_xname(sc->sc_dev), sc->sc_state, 2344 sc->sc_espintr, sc->sc_espstat, 2345 sc->sc_phase, sc->sc_prevphase); 2346 2347 if ((ecb->flags & ECB_SENSE) != 0) { 2348 printf("resetting\n"); 2349 goto reset; 2350 } 2351 printf("sending REQUEST SENSE\n"); 2352 callout_stop(&ecb->xs->xs_callout); 2353 ncr53c9x_sense(sc, ecb); 2354 goto out; 2355 } 2356 2357 ecb->xs->error = XS_TIMEOUT; 2358 goto finish; 2359 2360 case NCR_DISCONNECT: 2361 sc->sc_nexus = NULL; 2362 goto sched; 2363 2364 case NCR_CMDCOMPLETE: 2365 goto finish; 2366 } 2367 } 2368 2369 switch (sc->sc_state) { 2370 2371 case NCR_SBR: 2372 printf("%s: waiting for SCSI Bus Reset to happen\n", 2373 device_xname(sc->sc_dev)); 2374 goto out; 2375 2376 case NCR_RESELECTED: 2377 /* 2378 * we must be continuing a message ? 2379 */ 2380 printf("%s: unhandled reselect continuation, " 2381 "state %d, intr %02x\n", 2382 device_xname(sc->sc_dev), sc->sc_state, sc->sc_espintr); 2383 ncr53c9x_init(sc, 1); 2384 goto out; 2385 2386 case NCR_IDENTIFIED: 2387 ecb = sc->sc_nexus; 2388 if (sc->sc_phase != MESSAGE_IN_PHASE) { 2389 int i = (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF); 2390 /* 2391 * Things are seriously screwed up. 2392 * Pull the brakes, i.e. reset 2393 */ 2394 printf("%s: target didn't send tag: %d bytes in fifo\n", 2395 device_xname(sc->sc_dev), i); 2396 /* Drain and display fifo */ 2397 while (i-- > 0) 2398 printf("[%d] ", NCR_READ_REG(sc, NCR_FIFO)); 2399 2400 ncr53c9x_init(sc, 1); 2401 goto out; 2402 } else 2403 goto msgin; 2404 2405 case NCR_IDLE: 2406 case NCR_SELECTING: 2407 ecb = sc->sc_nexus; 2408 if (sc->sc_espintr & NCRINTR_RESEL) { 2409 sc->sc_msgpriq = sc->sc_msgout = sc->sc_msgoutq = 0; 2410 sc->sc_flags = 0; 2411 /* 2412 * If we're trying to select a 2413 * target ourselves, push our command 2414 * back into the ready list. 2415 */ 2416 if (sc->sc_state == NCR_SELECTING) { 2417 NCR_INTS(("backoff selector ")); 2418 callout_stop(&ecb->xs->xs_callout); 2419 ncr53c9x_dequeue(sc, ecb); 2420 TAILQ_INSERT_HEAD(&sc->ready_list, ecb, chain); 2421 ecb->flags |= ECB_READY; 2422 ecb = sc->sc_nexus = NULL; 2423 } 2424 sc->sc_state = NCR_RESELECTED; 2425 if (sc->sc_phase != MESSAGE_IN_PHASE) { 2426 /* 2427 * Things are seriously screwed up. 2428 * Pull the brakes, i.e. reset 2429 */ 2430 printf("%s: target didn't identify\n", 2431 device_xname(sc->sc_dev)); 2432 ncr53c9x_init(sc, 1); 2433 goto out; 2434 } 2435 /* 2436 * The C90 only inhibits FIFO writes until reselection 2437 * is complete, instead of waiting until the interrupt 2438 * status register has been read. So, if the reselect 2439 * happens while we were entering command bytes (for 2440 * another target) some of those bytes can appear in 2441 * the FIFO here, after the interrupt is taken. 2442 * 2443 * To remedy this situation, pull the Selection ID 2444 * and Identify message from the FIFO directly, and 2445 * ignore any extraneous fifo contents. Also, set 2446 * a flag that allows one Illegal Command Interrupt 2447 * to occur which the chip also generates as a result 2448 * of writing to the FIFO during a reselect. 2449 */ 2450 if (sc->sc_rev == NCR_VARIANT_ESP100) { 2451 nfifo = NCR_READ_REG(sc, NCR_FFLAG) & 2452 NCRFIFO_FF; 2453 sc->sc_imess[0] = NCR_READ_REG(sc, NCR_FIFO); 2454 sc->sc_imess[1] = NCR_READ_REG(sc, NCR_FIFO); 2455 sc->sc_imlen = 2; 2456 if (nfifo != 2) { 2457 /* Flush the rest */ 2458 NCRCMD(sc, NCRCMD_FLUSH); 2459 } 2460 sc->sc_flags |= NCR_EXPECT_ILLCMD; 2461 if (nfifo > 2) 2462 nfifo = 2; /* We fixed it.. */ 2463 } else 2464 nfifo = ncr53c9x_rdfifo(sc, NCR_RDFIFO_START); 2465 2466 if (nfifo != 2) { 2467 printf("%s: RESELECT: %d bytes in FIFO! " 2468 "[intr %x, stat %x, step %d, " 2469 "prevphase %x]\n", 2470 device_xname(sc->sc_dev), 2471 nfifo, 2472 sc->sc_espintr, 2473 sc->sc_espstat, 2474 sc->sc_espstep, 2475 sc->sc_prevphase); 2476 ncr53c9x_init(sc, 1); 2477 goto out; 2478 } 2479 sc->sc_selid = sc->sc_imess[0]; 2480 NCR_INTS(("selid=%02x ", sc->sc_selid)); 2481 2482 /* Handle identify message */ 2483 ncr53c9x_msgin(sc); 2484 2485 if (sc->sc_state != NCR_CONNECTED && 2486 sc->sc_state != NCR_IDENTIFIED) { 2487 /* IDENTIFY fail?! */ 2488 printf("%s: identify failed, " 2489 "state %d, intr %02x\n", 2490 device_xname(sc->sc_dev), 2491 sc->sc_state, sc->sc_espintr); 2492 ncr53c9x_init(sc, 1); 2493 goto out; 2494 } 2495 goto shortcut; /* ie. next phase expected soon */ 2496 } 2497 2498 #define NCRINTR_DONE (NCRINTR_FC | NCRINTR_BS) 2499 if ((sc->sc_espintr & NCRINTR_DONE) == NCRINTR_DONE) { 2500 /* 2501 * Arbitration won; examine the `step' register 2502 * to determine how far the selection could progress. 2503 */ 2504 ecb = sc->sc_nexus; 2505 if (ecb == NULL) 2506 panic("%s: no nexus", __func__); 2507 2508 periph = ecb->xs->xs_periph; 2509 ti = &sc->sc_tinfo[periph->periph_target]; 2510 2511 switch (sc->sc_espstep) { 2512 case 0: 2513 /* 2514 * The target did not respond with a 2515 * message out phase - probably an old 2516 * device that doesn't recognize ATN. 2517 * Clear ATN and just continue, the 2518 * target should be in the command 2519 * phase. 2520 * XXXX check for command phase? 2521 */ 2522 NCRCMD(sc, NCRCMD_RSTATN); 2523 break; 2524 case 1: 2525 if ((ti->flags & T_NEGOTIATE) == 0 && 2526 ecb->tag[0] == 0) { 2527 printf("%s: step 1 & !NEG\n", 2528 device_xname(sc->sc_dev)); 2529 goto reset; 2530 } 2531 if (sc->sc_phase != MESSAGE_OUT_PHASE) { 2532 printf("%s: !MSGOUT\n", 2533 device_xname(sc->sc_dev)); 2534 goto reset; 2535 } 2536 if (ti->flags & T_WIDE) { 2537 ti->flags |= T_WDTRSENT; 2538 ncr53c9x_sched_msgout(SEND_WDTR); 2539 } 2540 if (ti->flags & T_NEGOTIATE) { 2541 /* Start negotiating */ 2542 ti->period = sc->sc_minsync; 2543 ti->offset = 15; 2544 sc->sc_flags |= NCR_SYNCHNEGO; 2545 if (ecb->tag[0]) 2546 ncr53c9x_sched_msgout( 2547 SEND_TAG | SEND_SDTR); 2548 else 2549 ncr53c9x_sched_msgout( 2550 SEND_SDTR); 2551 } else { 2552 /* Could not do ATN3 so send TAG */ 2553 ncr53c9x_sched_msgout(SEND_TAG); 2554 } 2555 sc->sc_prevphase = MESSAGE_OUT_PHASE; /* XXXX */ 2556 break; 2557 case 3: 2558 /* 2559 * Grr, this is supposed to mean 2560 * "target left command phase prematurely". 2561 * It seems to happen regularly when 2562 * sync mode is on. 2563 * Look at FIFO to see if command went out. 2564 * (Timing problems?) 2565 */ 2566 if (sc->sc_features & NCR_F_DMASELECT) { 2567 if (sc->sc_cmdlen == 0) 2568 /* Hope for the best.. */ 2569 break; 2570 } else if ((NCR_READ_REG(sc, NCR_FFLAG) 2571 & NCRFIFO_FF) == 0) { 2572 /* Hope for the best.. */ 2573 break; 2574 } 2575 printf("(%s:%d:%d): selection failed;" 2576 " %d left in FIFO " 2577 "[intr %x, stat %x, step %d]\n", 2578 device_xname(sc->sc_dev), 2579 periph->periph_target, 2580 periph->periph_lun, 2581 NCR_READ_REG(sc, NCR_FFLAG) 2582 & NCRFIFO_FF, 2583 sc->sc_espintr, sc->sc_espstat, 2584 sc->sc_espstep); 2585 NCRCMD(sc, NCRCMD_FLUSH); 2586 ncr53c9x_sched_msgout(SEND_ABORT); 2587 goto out; 2588 case 2: 2589 /* Select stuck at Command Phase */ 2590 NCRCMD(sc, NCRCMD_FLUSH); 2591 break; 2592 case 4: 2593 if (sc->sc_features & NCR_F_DMASELECT && 2594 sc->sc_cmdlen != 0) 2595 printf("(%s:%d:%d): select; " 2596 "%lu left in DMA buffer " 2597 "[intr %x, stat %x, step %d]\n", 2598 device_xname(sc->sc_dev), 2599 periph->periph_target, 2600 periph->periph_lun, 2601 (u_long)sc->sc_cmdlen, 2602 sc->sc_espintr, 2603 sc->sc_espstat, 2604 sc->sc_espstep); 2605 /* So far, everything went fine */ 2606 break; 2607 } 2608 2609 sc->sc_prevphase = INVALID_PHASE; /* ?? */ 2610 /* Do an implicit RESTORE POINTERS. */ 2611 sc->sc_dp = ecb->daddr; 2612 sc->sc_dleft = ecb->dleft; 2613 sc->sc_state = NCR_CONNECTED; 2614 break; 2615 2616 } else { 2617 2618 printf("%s: unexpected status after select" 2619 ": [intr %x, stat %x, step %x]\n", 2620 device_xname(sc->sc_dev), 2621 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep); 2622 NCRCMD(sc, NCRCMD_FLUSH); 2623 DELAY(1); 2624 goto reset; 2625 } 2626 if (sc->sc_state == NCR_IDLE) { 2627 printf("%s: stray interrupt\n", 2628 device_xname(sc->sc_dev)); 2629 mutex_exit(&sc->sc_lock); 2630 return 0; 2631 } 2632 break; 2633 2634 case NCR_CONNECTED: 2635 if ((sc->sc_flags & NCR_ICCS) != 0) { 2636 /* "Initiate Command Complete Steps" in progress */ 2637 uint8_t msg; 2638 2639 sc->sc_flags &= ~NCR_ICCS; 2640 2641 if ((sc->sc_espintr & NCRINTR_DONE) == 0) { 2642 printf("%s: ICCS: " 2643 ": [intr %x, stat %x, step %x]\n", 2644 device_xname(sc->sc_dev), 2645 sc->sc_espintr, sc->sc_espstat, 2646 sc->sc_espstep); 2647 } 2648 ncr53c9x_rdfifo(sc, NCR_RDFIFO_START); 2649 if (sc->sc_imlen < 2) 2650 printf("%s: can't get status, only %d bytes\n", 2651 device_xname(sc->sc_dev), 2652 (int)sc->sc_imlen); 2653 ecb->stat = sc->sc_imess[sc->sc_imlen - 2]; 2654 msg = sc->sc_imess[sc->sc_imlen - 1]; 2655 NCR_PHASE(("<stat:(%x,%x)>", ecb->stat, msg)); 2656 if (msg == MSG_CMDCOMPLETE) { 2657 ecb->dleft = (ecb->flags & ECB_TENTATIVE_DONE) 2658 ? 0 : sc->sc_dleft; 2659 if ((ecb->flags & ECB_SENSE) == 0) 2660 ecb->xs->resid = ecb->dleft; 2661 sc->sc_state = NCR_CMDCOMPLETE; 2662 } else 2663 printf("%s: STATUS_PHASE: msg %d\n", 2664 device_xname(sc->sc_dev), msg); 2665 sc->sc_imlen = 0; 2666 NCRCMD(sc, NCRCMD_MSGOK); 2667 goto shortcut; /* ie. wait for disconnect */ 2668 } 2669 break; 2670 2671 default: 2672 printf("%s: invalid state: %d [intr %x, phase(c %x, p %x)]\n", 2673 device_xname(sc->sc_dev), sc->sc_state, 2674 sc->sc_espintr, sc->sc_phase, sc->sc_prevphase); 2675 goto reset; 2676 } 2677 2678 /* 2679 * Driver is now in state NCR_CONNECTED, i.e. we 2680 * have a current command working the SCSI bus. 2681 */ 2682 if (sc->sc_state != NCR_CONNECTED || ecb == NULL) { 2683 panic("%s: no nexus", __func__); 2684 } 2685 2686 switch (sc->sc_phase) { 2687 case MESSAGE_OUT_PHASE: 2688 NCR_PHASE(("MESSAGE_OUT_PHASE ")); 2689 ncr53c9x_msgout(sc); 2690 sc->sc_prevphase = MESSAGE_OUT_PHASE; 2691 break; 2692 2693 case MESSAGE_IN_PHASE: 2694 msgin: 2695 NCR_PHASE(("MESSAGE_IN_PHASE ")); 2696 if ((sc->sc_espintr & NCRINTR_BS) != 0) { 2697 if ((sc->sc_rev != NCR_VARIANT_FAS366) || 2698 (sc->sc_espstat2 & NCRFAS_STAT2_EMPTY) == 0) { 2699 NCRCMD(sc, NCRCMD_FLUSH); 2700 } 2701 sc->sc_flags |= NCR_WAITI; 2702 NCRCMD(sc, NCRCMD_TRANS); 2703 } else if ((sc->sc_espintr & NCRINTR_FC) != 0) { 2704 if ((sc->sc_flags & NCR_WAITI) == 0) { 2705 printf("%s: MSGIN: unexpected FC bit: " 2706 "[intr %x, stat %x, step %x]\n", 2707 device_xname(sc->sc_dev), 2708 sc->sc_espintr, sc->sc_espstat, 2709 sc->sc_espstep); 2710 } 2711 sc->sc_flags &= ~NCR_WAITI; 2712 ncr53c9x_rdfifo(sc, 2713 (sc->sc_prevphase == sc->sc_phase) ? 2714 NCR_RDFIFO_CONTINUE : NCR_RDFIFO_START); 2715 ncr53c9x_msgin(sc); 2716 } else { 2717 printf("%s: MSGIN: weird bits: " 2718 "[intr %x, stat %x, step %x]\n", 2719 device_xname(sc->sc_dev), 2720 sc->sc_espintr, sc->sc_espstat, sc->sc_espstep); 2721 } 2722 sc->sc_prevphase = MESSAGE_IN_PHASE; 2723 goto shortcut; /* i.e. expect data to be ready */ 2724 2725 case COMMAND_PHASE: 2726 /* 2727 * Send the command block. Normally we don't see this 2728 * phase because the SEL_ATN command takes care of 2729 * all this. However, we end up here if either the 2730 * target or we wanted to exchange some more messages 2731 * first (e.g. to start negotiations). 2732 */ 2733 2734 NCR_PHASE(("COMMAND_PHASE 0x%02x (%d) ", 2735 ecb->cmd.cmd.opcode, ecb->clen)); 2736 if (NCR_READ_REG(sc, NCR_FFLAG) & NCRFIFO_FF) { 2737 NCRCMD(sc, NCRCMD_FLUSH); 2738 #if 0 2739 DELAY(1); 2740 #endif 2741 } 2742 if (sc->sc_features & NCR_F_DMASELECT) { 2743 /* setup DMA transfer for command */ 2744 size = ecb->clen; 2745 sc->sc_cmdlen = size; 2746 sc->sc_cmdp = (void *)&ecb->cmd.cmd; 2747 NCRDMA_SETUP(sc, &sc->sc_cmdp, &sc->sc_cmdlen, 2748 0, &size); 2749 /* Program the SCSI counter */ 2750 NCR_SET_COUNT(sc, size); 2751 2752 /* load the count in */ 2753 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 2754 2755 /* start the command transfer */ 2756 NCRCMD(sc, NCRCMD_TRANS | NCRCMD_DMA); 2757 NCRDMA_GO(sc); 2758 } else { 2759 ncr53c9x_wrfifo(sc, (uint8_t *)&ecb->cmd.cmd, 2760 ecb->clen); 2761 sc->sc_cmdlen = 0; 2762 NCRCMD(sc, NCRCMD_TRANS); 2763 } 2764 sc->sc_prevphase = COMMAND_PHASE; 2765 break; 2766 2767 case DATA_OUT_PHASE: 2768 NCR_PHASE(("DATA_OUT_PHASE [%ld] ",(long)sc->sc_dleft)); 2769 NCRCMD(sc, NCRCMD_FLUSH); 2770 size = uimin(sc->sc_dleft, sc->sc_maxxfer); 2771 NCRDMA_SETUP(sc, &sc->sc_dp, &sc->sc_dleft, 0, &size); 2772 sc->sc_prevphase = DATA_OUT_PHASE; 2773 goto setup_xfer; 2774 2775 case DATA_IN_PHASE: 2776 NCR_PHASE(("DATA_IN_PHASE ")); 2777 if (sc->sc_rev == NCR_VARIANT_ESP100) 2778 NCRCMD(sc, NCRCMD_FLUSH); 2779 size = uimin(sc->sc_dleft, sc->sc_maxxfer); 2780 NCRDMA_SETUP(sc, &sc->sc_dp, &sc->sc_dleft, 1, &size); 2781 sc->sc_prevphase = DATA_IN_PHASE; 2782 setup_xfer: 2783 /* Target returned to data phase: wipe "done" memory */ 2784 ecb->flags &= ~ECB_TENTATIVE_DONE; 2785 2786 /* Program the SCSI counter */ 2787 NCR_SET_COUNT(sc, size); 2788 2789 /* load the count in */ 2790 NCRCMD(sc, NCRCMD_NOP | NCRCMD_DMA); 2791 2792 /* 2793 * Note that if `size' is 0, we've already transceived 2794 * all the bytes we want but we're still in DATA PHASE. 2795 * Apparently, the device needs padding. Also, a 2796 * transfer size of 0 means "maximum" to the chip 2797 * DMA logic. 2798 */ 2799 NCRCMD(sc, 2800 (size == 0 ? NCRCMD_TRPAD : NCRCMD_TRANS) | NCRCMD_DMA); 2801 NCRDMA_GO(sc); 2802 goto out; 2803 2804 case STATUS_PHASE: 2805 NCR_PHASE(("STATUS_PHASE ")); 2806 sc->sc_flags |= NCR_ICCS; 2807 NCRCMD(sc, NCRCMD_ICCS); 2808 sc->sc_prevphase = STATUS_PHASE; 2809 goto shortcut; /* i.e. expect status results soon */ 2810 2811 case INVALID_PHASE: 2812 break; 2813 2814 default: 2815 printf("%s: unexpected bus phase; resetting\n", 2816 device_xname(sc->sc_dev)); 2817 goto reset; 2818 } 2819 2820 out: 2821 mutex_exit(&sc->sc_lock); 2822 return 1; 2823 2824 reset: 2825 ncr53c9x_init(sc, 1); 2826 goto out; 2827 2828 finish: 2829 ncr53c9x_done(sc, ecb); 2830 goto out; 2831 2832 sched: 2833 sc->sc_state = NCR_IDLE; 2834 ncr53c9x_sched(sc); 2835 goto out; 2836 2837 shortcut: 2838 /* 2839 * The idea is that many of the SCSI operations take very little 2840 * time, and going away and getting interrupted is too high an 2841 * overhead to pay. For example, selecting, sending a message 2842 * and command and then doing some work can be done in one "pass". 2843 * 2844 * The delay is a heuristic. It is 2 when at 20MHz, 2 at 25MHz and 1 2845 * at 40MHz. This needs testing. 2846 */ 2847 { 2848 struct timeval wait, cur; 2849 2850 microtime(&wait); 2851 wait.tv_usec += 50 / sc->sc_freq; 2852 if (wait.tv_usec > 1000000) { 2853 wait.tv_sec++; 2854 wait.tv_usec -= 1000000; 2855 } 2856 do { 2857 if (NCRDMA_ISINTR(sc)) 2858 goto again; 2859 microtime(&cur); 2860 } while (timercmp(&cur, &wait, <=)); 2861 } 2862 goto out; 2863 } 2864 2865 void 2866 ncr53c9x_abort(struct ncr53c9x_softc *sc, struct ncr53c9x_ecb *ecb) 2867 { 2868 2869 /* 2 secs for the abort */ 2870 ecb->timeout = NCR_ABORT_TIMEOUT; 2871 ecb->flags |= ECB_ABORT; 2872 2873 if (ecb == sc->sc_nexus) { 2874 /* 2875 * If we're still selecting, the message will be scheduled 2876 * after selection is complete. 2877 */ 2878 if (sc->sc_state == NCR_CONNECTED) 2879 ncr53c9x_sched_msgout(SEND_ABORT); 2880 2881 /* 2882 * Reschedule timeout. 2883 */ 2884 callout_reset(&ecb->xs->xs_callout, mstohz(ecb->timeout), 2885 ncr53c9x_timeout, ecb); 2886 } else { 2887 /* 2888 * Just leave the command where it is. 2889 * XXX - what choice do we have but to reset the SCSI 2890 * eventually? 2891 */ 2892 if (sc->sc_state == NCR_IDLE) 2893 ncr53c9x_sched(sc); 2894 } 2895 } 2896 2897 void 2898 ncr53c9x_timeout(void *arg) 2899 { 2900 struct ncr53c9x_ecb *ecb = arg; 2901 struct scsipi_xfer *xs = ecb->xs; 2902 struct scsipi_periph *periph = xs->xs_periph; 2903 struct ncr53c9x_softc *sc; 2904 struct ncr53c9x_tinfo *ti; 2905 2906 sc = device_private(periph->periph_channel->chan_adapter->adapt_dev); 2907 ti = &sc->sc_tinfo[periph->periph_target]; 2908 2909 scsipi_printaddr(periph); 2910 printf("%s: timed out [ecb %p (flags 0x%x, dleft %x, stat %x)], " 2911 "<state %d, nexus %p, phase(l %x, c %x, p %x), resid %lx, " 2912 "msg(q %x,o %x) %s>", 2913 device_xname(sc->sc_dev), 2914 ecb, ecb->flags, ecb->dleft, ecb->stat, 2915 sc->sc_state, sc->sc_nexus, 2916 NCR_READ_REG(sc, NCR_STAT), 2917 sc->sc_phase, sc->sc_prevphase, 2918 (long)sc->sc_dleft, sc->sc_msgpriq, sc->sc_msgout, 2919 NCRDMA_ISACTIVE(sc) ? "DMA active" : ""); 2920 #if NCR53C9X_DEBUG > 1 2921 printf("TRACE: %s.", ecb->trace); 2922 #endif 2923 2924 mutex_enter(&sc->sc_lock); 2925 2926 if (ecb->flags & ECB_ABORT) { 2927 /* abort timed out */ 2928 printf(" AGAIN\n"); 2929 2930 ncr53c9x_init(sc, 1); 2931 } else { 2932 /* abort the operation that has timed out */ 2933 printf("\n"); 2934 xs->error = XS_TIMEOUT; 2935 ncr53c9x_abort(sc, ecb); 2936 2937 /* Disable sync mode if stuck in a data phase */ 2938 if (ecb == sc->sc_nexus && 2939 (ti->flags & T_SYNCMODE) != 0 && 2940 (sc->sc_phase & (MSGI | CDI)) == 0) { 2941 /* XXX ASYNC CALLBACK! */ 2942 scsipi_printaddr(periph); 2943 printf("sync negotiation disabled\n"); 2944 sc->sc_cfflags |= 2945 (1 << ((periph->periph_target & 7) + 8)); 2946 ncr53c9x_update_xfer_mode(sc, periph->periph_target); 2947 } 2948 } 2949 2950 mutex_exit(&sc->sc_lock); 2951 } 2952 2953 void 2954 ncr53c9x_watch(void *arg) 2955 { 2956 struct ncr53c9x_softc *sc = arg; 2957 struct ncr53c9x_tinfo *ti; 2958 struct ncr53c9x_linfo *li; 2959 int t; 2960 /* Delete any structures that have not been used in 10min. */ 2961 time_t old = time_second - (10 * 60); 2962 2963 mutex_enter(&sc->sc_lock); 2964 for (t = 0; t < sc->sc_ntarg; t++) { 2965 ti = &sc->sc_tinfo[t]; 2966 li = LIST_FIRST(&ti->luns); 2967 while (li) { 2968 if (li->last_used < old && 2969 li->untagged == NULL && 2970 li->used == 0) { 2971 if (li->lun < NCR_NLUN) 2972 ti->lun[li->lun] = NULL; 2973 LIST_REMOVE(li, link); 2974 free(li, M_DEVBUF); 2975 /* Restart the search at the beginning */ 2976 li = LIST_FIRST(&ti->luns); 2977 continue; 2978 } 2979 li = LIST_NEXT(li, link); 2980 } 2981 } 2982 mutex_exit(&sc->sc_lock); 2983 callout_reset(&sc->sc_watchdog, 60 * hz, ncr53c9x_watch, sc); 2984 } 2985