From: deller@kernel.org
To: Richard Henderson <richard.henderson@linaro.org>,
qemu-devel@nongnu.org, Peter Maydell <peter.maydell@linaro.org>
Cc: "Philippe Mathieu-Daudé" <philmd@linaro.org>,
"Fam Zheng" <fam@euphon.net>,
"Soumyajyotii Ssarkar" <soumyajyotisarkar23@gmail.com>,
"Paolo Bonzini" <pbonzini@redhat.com>,
deller@gmx.de
Subject: [PULL 03/11] ncr710: Add driver for the NCR 53c710 SCSI chip
Date: Mon, 27 Oct 2025 22:15:55 +0100 [thread overview]
Message-ID: <20251027211603.7141-4-deller@kernel.org> (raw)
In-Reply-To: <20251027211603.7141-1-deller@kernel.org>
From: Soumyajyotii Ssarkar <soumyajyotisarkar23@gmail.com>
Add an emulation for the NCR 53c710 SCSI chip.
This SCSI chip was used widely in historic machines, e.g. as SCSI core
in the LASI controller in HP PA-RISC machines.
This driver was developed as part of the Google Summer of Code 2025 program.
Signed-off-by: Soumyajyotii Ssarkar <soumyajyotisarkar23@gmail.com>
Reviewed-by: Helge Deller <deller@gmx.de>
Signed-off-by: Helge Deller <deller@gmx.de>
---
MAINTAINERS | 1 +
hw/scsi/ncr53c710.c | 2432 ++++++++++++++++++++++++++++++++++++++++++
hw/scsi/ncr53c710.h | 246 +++++
hw/scsi/trace-events | 12 +
4 files changed, 2691 insertions(+)
create mode 100644 hw/scsi/ncr53c710.c
create mode 100644 hw/scsi/ncr53c710.h
diff --git a/MAINTAINERS b/MAINTAINERS
index a204c38754..2fee936fb0 100644
--- a/MAINTAINERS
+++ b/MAINTAINERS
@@ -1284,6 +1284,7 @@ F: hw/misc/lasi.c
F: hw/pci-host/astro.c
F: hw/pci-host/dino.c
F: hw/scsi/lasi_ncr710.*
+F: hw/scsi/ncr53c710.*
F: include/hw/input/lasips2.h
F: include/hw/misc/lasi.h
F: include/hw/net/lasi_82596.h
diff --git a/hw/scsi/ncr53c710.c b/hw/scsi/ncr53c710.c
new file mode 100644
index 0000000000..ade951b1d1
--- /dev/null
+++ b/hw/scsi/ncr53c710.c
@@ -0,0 +1,2432 @@
+/*
+ * QEMU NCR710 SCSI Controller
+ *
+ * Copyright (c) 2025 Soumyajyotii Ssarkar <soumyajyotisarkar23@gmail.com>
+ * This driver was developed during the Google Summer of Code 2025 program.
+ *
+ * NCR710 SCSI Controller implementation
+ * Based on the NCR53C710 Technical Manual Version 3.2, December 2000
+ *
+ * Developed from an implementation of NCR53C710 by Helge Deller
+ * which was interim based on the implementation by Toni Wilen for UAE.
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ *
+ * Contents:
+ * 1. Register Definitions
+ * 2. Register name functions
+ * 3. Parity functions
+ * 4. SCSI FIFO Structures
+ * 5. Scripts Misc functions
+ * 6. DMA functions
+ * 7. Scripts functions
+ * 8. Read and Write functions
+ * 9. QEMU Device model functions
+ *
+ */
+
+#include "qemu/osdep.h"
+#include "qapi/error.h"
+#include "qemu/timer.h"
+#include "hw/irq.h"
+#include "hw/sysbus.h"
+#include "hw/scsi/scsi.h"
+#include "hw/scsi/ncr53c710.h"
+#include "migration/vmstate.h"
+#include "system/dma.h"
+#include "qemu/log.h"
+#include "qemu/module.h"
+#include "trace.h"
+#include "qom/object.h"
+
+#define NCR710_MAX_DEVS 7
+
+/* SCNTL0 (0x00) - SCSI Control Register 0 */
+#define NCR710_SCNTL0_TRG 0x01
+#define NCR710_SCNTL0_AAP 0x02
+#define NCR710_SCNTL0_EPG 0x04
+#define NCR710_SCNTL0_EPC 0x08
+#define NCR710_SCNTL0_WATN 0x10
+#define NCR710_SCNTL0_START 0x20
+#define NCR710_SCNTL0_ARB0 0x40
+#define NCR710_SCNTL0_ARB1 0x80
+
+/* SCNTL1 (0x01) - SCSI Control Register 1 */
+#define NCR710_SCNTL1_RES0 0x01
+#define NCR710_SCNTL1_RES1 0x02
+#define NCR710_SCNTL1_AESP 0x04
+#define NCR710_SCNTL1_RST 0x08
+#define NCR710_SCNTL1_CON 0x10
+#define NCR710_SCNTL1_ESR 0x20
+#define NCR710_SCNTL1_ADB 0x40
+#define NCR710_SCNTL1_EXC 0x80
+
+/* ISTAT (0x21) - Interrupt Status Register */
+#define NCR710_ISTAT_DIP 0x01
+#define NCR710_ISTAT_SIP 0x02
+#define NCR710_ISTAT_CON 0x08
+#define NCR710_ISTAT_SIGP 0x20
+#define NCR710_ISTAT_RST 0x40
+#define NCR710_ISTAT_ABRT 0x80
+
+/* SSTAT0 (0x0D) - SCSI Status Register 0 */
+#define NCR710_SSTAT0_PAR 0x01
+#define NCR710_SSTAT0_RST 0x02
+#define NCR710_SSTAT0_UDC 0x04
+#define NCR710_SSTAT0_SGE 0x08
+#define NCR710_SSTAT0_SEL 0x10
+#define NCR710_SSTAT0_STO 0x20
+#define NCR710_SSTAT0_FCMP 0x40
+#define NCR710_SSTAT0_MA 0x80
+
+/* SSTAT1 (0x0E) - SCSI Status Register 1 */
+#define NCR710_SSTAT1_ORF 0x02
+#define NCR710_SSTAT1_ILF 0x04
+
+/* SSTAT2 (0x0F) - SCSI Status Register 2 */
+#define NCR710_SSTAT2_FF0 0x01
+#define NCR710_SSTAT2_FF1 0x02
+#define NCR710_SSTAT2_FF2 0x04
+#define NCR710_SSTAT2_FF3 0x08
+
+/* SOCL (0x07) / SBCL (0x0B) - SCSI Output/Bus Control Lines */
+#define NCR710_SOCL_IO 0x01
+#define NCR710_SOCL_CD 0x02
+#define NCR710_SOCL_MSG 0x04
+#define NCR710_SOCL_ATN 0x08
+#define NCR710_SOCL_SEL 0x10
+#define NCR710_SOCL_BSY 0x20
+#define NCR710_SOCL_ACK 0x40
+#define NCR710_SOCL_REQ 0x80
+
+/* SBCL bits same as SOCL */
+#define NCR710_SBCL_IO 0x01
+#define NCR710_SBCL_CD 0x02
+#define NCR710_SBCL_MSG 0x04
+#define NCR710_SBCL_ATN 0x08
+#define NCR710_SBCL_SEL 0x10
+#define NCR710_SBCL_BSY 0x20
+#define NCR710_SBCL_ACK 0x40
+#define NCR710_SBCL_REQ 0x80
+
+/* DSTAT (0x0C) - DMA Status Register */
+#define NCR710_DSTAT_IID 0x01
+#define NCR710_DSTAT_SIR 0x04
+#define NCR710_DSTAT_SSI 0x08
+#define NCR710_DSTAT_ABRT 0x10
+#define NCR710_DSTAT_BF 0x20
+#define NCR710_DSTAT_MDPE 0x40
+#define NCR710_DSTAT_DFE 0x80
+
+/* DCNTL (0x3B) - DMA Control Register */
+#define NCR710_DCNTL_COM 0x01
+#define NCR710_DCNTL_IRQD 0x02
+#define NCR710_DCNTL_STD 0x04
+#define NCR710_DCNTL_IRQM 0x08
+#define NCR710_DCNTL_SSM 0x10
+#define NCR710_DCNTL_PFEN 0x20
+#define NCR710_DCNTL_PFF 0x40
+
+/* DMODE (0x38) - DMA Mode Register */
+#define NCR710_DMODE_MAN 0x01
+#define NCR710_DMODE_BOF 0x02
+#define NCR710_DMODE_ERMP 0x04
+#define NCR710_DMODE_ERL 0x08
+#define NCR710_DMODE_DIOM 0x10
+#define NCR710_DMODE_SIOM 0x20
+#define NCR710_DMODE_BL_MASK 0xC0
+#define NCR710_DMODE_BL_1 0x00
+#define NCR710_DMODE_BL_2 0x40
+#define NCR710_DMODE_BL_4 0x80
+#define NCR710_DMODE_BL_8 0xC0
+
+/* CTEST2 (0x16) - Chip Test Register 2 */
+#define NCR710_CTEST2_DACK 0x01
+#define NCR710_CTEST2_DREQ 0x02
+#define NCR710_CTEST2_TEOP 0x04
+#define NCR710_CTEST2_PCICIE 0x08
+#define NCR710_CTEST2_CM 0x10
+#define NCR710_CTEST2_CIO 0x20
+#define NCR710_CTEST2_SIGP 0x40
+#define NCR710_CTEST2_DDIR 0x80
+
+/* CTEST5 (0x19) - Chip Test Register 5 */
+#define NCR710_CTEST5_BL2 0x04
+#define NCR710_CTEST5_DDIR 0x08
+#define NCR710_CTEST5_MASR 0x10
+#define NCR710_CTEST5_DFSN 0x20
+#define NCR710_CTEST5_BBCK 0x40
+#define NCR710_CTEST5_ADCK 0x80
+
+/* SCID (0x04) - SCSI Chip ID Register */
+#define NCR710_SCID_RRE 0x60
+#define NCR710_SCID_ID_MASK 0x07
+
+#define NCR710_HOST_ID 7
+
+/* NCR53C710 has 8-byte SCSI FIFO */
+#define NCR710_MAX_MSGIN_LEN 8
+#define NCR710_BUF_SIZE 4096
+
+/* Standard SCSI Message Byte Constants */
+#define SCSI_MSG_ABORT 0x06
+#define SCSI_MSG_BUS_DEVICE_RESET 0x0c
+#define SCSI_MSG_COMMAND_COMPLETE 0x00
+#define SCSI_MSG_DISCONNECT 0x04
+#define SCSI_MSG_EXTENDED_MESSAGE 0x01
+#define SCSI_MSG_IDENTIFY 0x80
+#define SCSI_MSG_IGNORE_WIDE_RESIDUE 0x23
+#define SCSI_MSG_MESSAGE_PARITY_ERROR 0x09
+#define SCSI_MSG_MESSAGE_REJECT 0x07
+#define SCSI_MSG_NO_OPERATION 0x08
+#define SCSI_MSG_RELEASE_RECOVERY 0x10
+#define SCSI_MSG_RESTORE_POINTERS 0x03
+#define SCSI_MSG_SAVE_DATA_POINTER 0x02
+#define SCSI_MSG_SYNCHRONOUS_DATA_TRANSFER 0x01
+#define SCSI_MSG_WIDE_DATA_TRANSFER 0x03
+
+/* Script interrupt codes */
+#define A_GOOD_STATUS_AFTER_STATUS 0x401
+#define A_DISCONNECT_AFTER_CMD 0x380
+#define A_DISCONNECT_AFTER_DATA 0x580
+#define A_DISCONNECT_DURING_DATA 0x780
+#define A_RESELECTION_IDENTIFIED 0x1003
+#define A_UNEXPECTED_PHASE 0x20
+#define A_FATAL 0x2000
+#define A_DEBUG_INTERRUPT 0x3000
+
+/* SCSI Script execution states */
+#define SCRIPT_STATE_IDLE 0
+#define SCRIPT_STATE_SELECTING 1
+#define SCRIPT_STATE_COMMAND 2
+#define SCRIPT_STATE_DATA 3
+#define SCRIPT_STATE_STATUS 4
+#define SCRIPT_STATE_MESSAGE 5
+#define SCRIPT_STATE_DISCONNECTED 6
+
+#define AFTER_SELECTION 0x100
+#define BEFORE_CMD 0x200
+#define AFTER_CMD 0x300
+#define AFTER_STATUS 0x400
+#define AFTER_DATA_IN 0x500
+#define AFTER_DATA_OUT 0x600
+#define DURING_DATA_IN 0x700
+
+#define NOT_MSG_OUT 0x10
+#define UNEXPECTED_PHASE 0x20
+#define NOT_MSG_IN 0x30
+#define UNEXPECTED_MSG 0x40
+#define MSG_IN 0x50
+#define SDTR_MSG_R 0x60
+#define REJECT_MSG_R 0x70
+#define DISCONNECT 0x80
+#define MSG_OUT 0x90
+#define WDTR_MSG_R 0xA0
+
+#define GOOD_STATUS 0x1
+
+#define NOT_MSG_OUT_AFTER_SELECTION 0x110
+#define UNEXPECTED_PHASE_BEFORE_CMD 0x220
+#define UNEXPECTED_PHASE_AFTER_CMD 0x320
+#define NOT_MSG_IN_AFTER_STATUS 0x430
+#define GOOD_STATUS_AFTER_STATUS 0x401
+#define UNEXPECTED_PHASE_AFTER_DATA_IN 0x520
+#define UNEXPECTED_PHASE_AFTER_DATA_OUT 0x620
+#define UNEXPECTED_MSG_BEFORE_CMD 0x240
+#define MSG_IN_BEFORE_CMD 0x250
+#define MSG_IN_AFTER_CMD 0x350
+#define SDTR_MSG_BEFORE_CMD 0x260
+#define REJECT_MSG_BEFORE_CMD 0x270
+#define DISCONNECT_AFTER_CMD 0x380
+#define SDTR_MSG_AFTER_CMD 0x360
+#define WDTR_MSG_AFTER_CMD 0x3A0
+#define MSG_IN_AFTER_STATUS 0x440
+#define DISCONNECT_AFTER_DATA 0x580
+#define MSG_IN_AFTER_DATA_IN 0x550
+#define MSG_IN_AFTER_DATA_OUT 0x650
+#define MSG_OUT_AFTER_DATA_IN 0x590
+#define DATA_IN_AFTER_DATA_IN 0x5a0
+#define MSG_IN_DURING_DATA_IN 0x750
+#define DISCONNECT_DURING_DATA 0x780
+
+#define RESELECTED_DURING_SELECTION 0x1000
+#define COMPLETED_SELECTION_AS_TARGET 0x1001
+#define RESELECTION_IDENTIFIED 0x1003
+
+#define FATAL 0x2000
+#define FATAL_UNEXPECTED_RESELECTION_MSG 0x2000
+#define FATAL_SEND_MSG 0x2001
+#define FATAL_NOT_MSG_IN_AFTER_SELECTION 0x2002
+#define FATAL_ILLEGAL_MSG_LENGTH 0x2003
+
+#define DEBUG_INTERRUPT 0x3000
+#define DEBUG_INTERRUPT1 0x3001
+#define DEBUG_INTERRUPT2 0x3002
+#define DEBUG_INTERRUPT3 0x3003
+#define DEBUG_INTERRUPT4 0x3004
+#define DEBUG_INTERRUPT5 0x3005
+#define DEBUG_INTERRUPT6 0x3006
+
+#define COMMAND_COMPLETE_MSG 0x00
+#define EXTENDED_MSG 0x01
+#define SDTR_MSG 0x01
+#define SAVE_DATA_PTRS_MSG 0x02
+#define RESTORE_DATA_PTRS_MSG 0x03
+#define WDTR_MSG 0x03
+#define DISCONNECT_MSG 0x04
+#define REJECT_MSG 0x07
+#define PARITY_ERROR_MSG 0x09
+#define SIMPLE_TAG_MSG 0x20
+#define IDENTIFY_MSG 0x80
+#define IDENTIFY_MSG_MASK 0x7F
+#define TWO_BYTE_MSG 0x20
+#define TWO_BYTE_MSG_MASK 0x0F
+
+/* SCSI phases */
+#define PHASE_DO 0 /* Data out phase */
+#define PHASE_DI 1 /* Data in phase */
+#define PHASE_CO 2 /* Command phase */
+#define PHASE_SI 3 /* Status phase */
+#define PHASE_ST 3 /* Status phase (alias) */
+#define PHASE_MO 6 /* Message out phase */
+#define PHASE_MI 7 /* Message in phase */
+#define PHASE_MASK 7 /* Mask for phase bits */
+
+#define NCR710_TAG_VALID (1 << 16)
+
+static void ncr710_scsi_fifo_init(NCR710_SCSI_FIFO *fifo);
+static const char *ncr710_reg_name(int offset);
+static void ncr710_script_scsi_interrupt(NCR710State *s, int stat0);
+static void ncr710_update_irq(NCR710State *s);
+static void ncr710_script_dma_interrupt(NCR710State *s, int stat);
+static void ncr710_request_free(NCR710State *s, NCR710Request *p);
+static inline void ncr710_dma_read(NCR710State *s, uint32_t addr,
+ void *buf, uint32_t len);
+static inline void ncr710_dma_write(NCR710State *s, uint32_t addr,
+ const void *buf, uint32_t len);
+static uint8_t ncr710_reg_readb(NCR710State *s, int offset);
+static void ncr710_reg_writeb(NCR710State *s, int offset, uint8_t val);
+
+
+static inline int ncr710_irq_on_rsl(NCR710State *s)
+{
+ return (s->sien0 & NCR710_SSTAT0_SEL) != 0;
+}
+
+static void ncr710_clear_pending_irq(NCR710State *s)
+{
+ if (s->current) {
+ if (s->current->req) {
+ s->current->req->hba_private = NULL;
+ }
+ ncr710_request_free(s, s->current);
+ s->current = NULL;
+ }
+}
+
+void ncr710_soft_reset(NCR710State *s)
+{
+ trace_ncr710_reset();
+ s->carry = 0;
+ s->msg_action = NCR710_MSG_ACTION_NONE;
+ s->msg_len = 0;
+ s->waiting = NCR710_WAIT_NONE;
+ s->wait_reselect = false;
+ s->reselection_id = 0;
+ s->dsa = 0;
+ s->dnad = 0;
+ s->dbc = 0;
+ s->temp = 0;
+ s->scratch = 0;
+ s->istat &= 0x40;
+ s->dcmd = 0x40;
+ s->dstat = NCR710_DSTAT_DFE;
+ s->dien = 0x04;
+ s->sien0 = 0;
+ s->ctest2 = NCR710_CTEST2_DACK;
+ s->ctest3 = 0;
+ s->ctest4 = 0;
+ s->ctest5 = 0;
+ s->dsp = 0;
+ s->dsps = 0;
+ s->dmode = 0;
+ s->dcntl = 0;
+ s->scntl0 = 0xc0;
+ s->scntl1 = 0;
+ s->sstat0 = 0;
+ s->sstat1 = 0;
+ s->sstat2 = 0;
+ s->scid = 0x80;
+ s->sxfer = 0;
+ s->socl = 0;
+ s->sdid = 0;
+ s->sbcl = 0;
+ s->sidl = 0;
+ s->sfbr = 0;
+ qemu_set_irq(s->irq, 0);
+ ncr710_clear_pending_irq(s);
+ ncr710_scsi_fifo_init(&s->scsi_fifo);
+}
+
+static const char *ncr710_reg_name(int offset)
+{
+ switch (offset) {
+ case NCR710_SCNTL0_REG: return "SCNTL0";
+ case NCR710_SCNTL1_REG: return "SCNTL1";
+ case NCR710_SDID_REG: return "SDID";
+ case NCR710_SIEN_REG: return "SIEN";
+ case NCR710_SCID_REG: return "SCID";
+ case NCR710_SXFER_REG: return "SXFER";
+ case NCR710_SODL_REG: return "SODL";
+ case NCR710_SOCL_REG: return "SOCL";
+ case NCR710_SFBR_REG: return "SFBR";
+ case NCR710_SIDL_REG: return "SIDL";
+ case NCR710_SBDL_REG: return "SBDL";
+ case NCR710_SBCL_REG: return "SBCL";
+ case NCR710_DSTAT_REG: return "DSTAT";
+ case NCR710_SSTAT0_REG: return "SSTAT0";
+ case NCR710_SSTAT1_REG: return "SSTAT1";
+ case NCR710_SSTAT2_REG: return "SSTAT2";
+ case NCR710_DSA_REG: return "DSA";
+ case NCR710_DSA_REG + 1: return "DSA+1";
+ case NCR710_DSA_REG + 2: return "DSA+2";
+ case NCR710_DSA_REG + 3: return "DSA+3";
+ case NCR710_CTEST0_REG: return "CTEST0";
+ case NCR710_CTEST1_REG: return "CTEST1";
+ case NCR710_CTEST2_REG: return "CTEST2";
+ case NCR710_CTEST3_REG: return "CTEST3";
+ case NCR710_CTEST4_REG: return "CTEST4";
+ case NCR710_CTEST5_REG: return "CTEST5";
+ case NCR710_CTEST6_REG: return "CTEST6";
+ case NCR710_CTEST7_REG: return "CTEST7";
+ case NCR710_TEMP_REG: return "TEMP";
+ case NCR710_TEMP_REG + 1: return "TEMP+1";
+ case NCR710_TEMP_REG + 2: return "TEMP+2";
+ case NCR710_TEMP_REG + 3: return "TEMP+3";
+ case NCR710_DFIFO_REG: return "DFIFO";
+ case NCR710_ISTAT_REG: return "ISTAT";
+ case NCR710_CTEST8_REG: return "CTEST8";
+ case NCR710_LCRC_REG: return "LCRC";
+ case NCR710_DBC_REG: return "DBC";
+ case NCR710_DBC_REG + 1: return "DBC+1";
+ case NCR710_DBC_REG + 2: return "DBC+2";
+ case NCR710_DCMD_REG: return "DCMD";
+ case NCR710_DNAD_REG: return "DNAD";
+ case NCR710_DNAD_REG + 1: return "DNAD+1";
+ case NCR710_DNAD_REG + 2: return "DNAD+2";
+ case NCR710_DNAD_REG + 3: return "DNAD+3";
+ case NCR710_DSP_REG: return "DSP";
+ case NCR710_DSP_REG + 1: return "DSP+1";
+ case NCR710_DSP_REG + 2: return "DSP+2";
+ case NCR710_DSP_REG + 3: return "DSP+3";
+ case NCR710_DSPS_REG: return "DSPS";
+ case NCR710_DSPS_REG + 1: return "DSPS+1";
+ case NCR710_DSPS_REG + 2: return "DSPS+2";
+ case NCR710_DSPS_REG + 3: return "DSPS+3";
+ case NCR710_SCRATCH_REG: return "SCRATCH";
+ case NCR710_SCRATCH_REG + 1: return "SCRATCH+1";
+ case NCR710_SCRATCH_REG + 2: return "SCRATCH+2";
+ case NCR710_SCRATCH_REG + 3: return "SCRATCH+3";
+ case NCR710_DMODE_REG: return "DMODE";
+ case NCR710_DIEN_REG: return "DIEN";
+ case NCR710_DWT_REG: return "DWT";
+ case NCR710_DCNTL_REG: return "DCNTL";
+ case NCR710_ADDER_REG: return "ADDER";
+ case NCR710_ADDER_REG + 1: return "ADDER+1";
+ case NCR710_ADDER_REG + 2: return "ADDER+2";
+ case NCR710_ADDER_REG + 3: return "ADDER+3";
+ default: return "UNKNOWN";
+ }
+}
+
+static uint8_t ncr710_generate_scsi_parity(NCR710State *s, uint8_t data)
+{
+ uint8_t parity = parity8(data);
+
+ if (s->scntl1 & NCR710_SCNTL1_AESP) {
+ parity = !parity;
+ }
+
+ return parity;
+}
+
+static bool ncr710_check_scsi_parity(NCR710State *s, uint8_t data,
+ uint8_t parity)
+{
+ if (!(s->scntl0 & NCR710_SCNTL0_EPC)) {
+ return true;
+ }
+
+ uint8_t expected_parity = ncr710_generate_scsi_parity(s, data);
+ return parity == expected_parity;
+}
+
+static void ncr710_handle_parity_error(NCR710State *s)
+{
+ s->sstat0 |= NCR710_SSTAT0_PAR;
+
+ /* If parity error ATN is enabled, assert ATN */
+ if (s->scntl0 & NCR710_SCNTL0_AAP) {
+ s->socl |= NCR710_SOCL_ATN;
+ }
+
+ ncr710_script_scsi_interrupt(s, NCR710_SSTAT0_PAR);
+}
+
+/*
+ * NCR710 SCSI FIFO IMPLEMENTATION
+ *
+ * Hardware Specifications (NCR53C710 datasheet):
+ * - Width: 9 bits (8 data bits + 1 parity bit)
+ * - Depth: 8 bytes
+ * - Type: Circular buffer
+ *
+ * Implementation:
+ * - Enqueue: Add byte at tail position ((head + count) % 8)
+ * - Dequeue: Remove byte from head position, advance head
+ * - Status: Empty (count=0), Full (count=8)
+ *
+ * FIFO Operations:
+ * - ncr710_scsi_fifo_init() - Reset FIFO to empty state
+ * - ncr710_scsi_fifo_enqueue() - Add byte with parity to tail
+ * - ncr710_scsi_fifo_dequeue() - Remove byte with parity from head
+ * - ncr710_scsi_fifo_empty() - Check if FIFO is empty
+ * - ncr710_scsi_fifo_full() - Check if FIFO is full
+ */
+
+static void ncr710_scsi_fifo_init(NCR710_SCSI_FIFO *fifo)
+{
+ memset(fifo->data, 0, NCR710_SCSI_FIFO_SIZE);
+ memset(fifo->parity, 0, NCR710_SCSI_FIFO_SIZE);
+ fifo->head = 0;
+ fifo->count = 0;
+}
+
+static inline bool ncr710_scsi_fifo_empty(NCR710_SCSI_FIFO *fifo)
+{
+ return fifo->count == 0;
+}
+
+static inline bool ncr710_scsi_fifo_full(NCR710_SCSI_FIFO *fifo)
+{
+ return fifo->count == NCR710_SCSI_FIFO_SIZE;
+}
+
+static inline int ncr710_scsi_fifo_enqueue(NCR710_SCSI_FIFO *fifo,
+ uint8_t data, uint8_t parity)
+{
+ if (ncr710_scsi_fifo_full(fifo)) {
+ return -1; /* FIFO full - 8 transfers deep */
+ }
+
+ /* Add data at the tail (head + count) */
+ int tail_pos = (fifo->head + fifo->count) % NCR710_SCSI_FIFO_SIZE;
+ fifo->data[tail_pos] = data;
+ fifo->parity[tail_pos] = parity;
+ fifo->count++;
+
+ return 0;
+}
+
+static inline uint8_t ncr710_scsi_fifo_dequeue(NCR710_SCSI_FIFO *fifo,
+ uint8_t *parity)
+{
+ uint8_t data;
+
+ if (ncr710_scsi_fifo_empty(fifo)) {
+ *parity = 0;
+ return 0; /* FIFO empty */
+ }
+
+ /* Taking data from the head position */
+ data = fifo->data[fifo->head];
+ *parity = fifo->parity[fifo->head];
+ fifo->head = (fifo->head + 1) % NCR710_SCSI_FIFO_SIZE;
+ fifo->count--;
+
+ return data;
+}
+
+static inline uint32_t ncr710_read_dword(NCR710State *s, uint32_t addr)
+{
+ uint32_t buf;
+ address_space_read(&address_space_memory, addr, MEMTXATTRS_UNSPECIFIED,
+ (uint8_t *)&buf, 4);
+ /*
+ * The NCR710 datasheet saying "operates internally in LE mode"
+ * refers to its internal register organization,
+ * not how it reads SCRIPTS from host memory.
+ */
+ buf = be32_to_cpu(buf);
+ NCR710_DPRINTF("Read dword %08x from %08x\n", buf, addr);
+ return buf;
+}
+
+static inline void ncr710_dma_read(NCR710State *s, uint32_t addr,
+ void *buf, uint32_t len)
+{
+ address_space_read(&address_space_memory, addr, MEMTXATTRS_UNSPECIFIED,
+ buf, len);
+ NCR710_DPRINTF("Read %d bytes from %08x: ", len, addr);
+ for (int i = 0; i < len && i < 16; i++) {
+ NCR710_DPRINTF("%02x ", ((uint8_t *)buf)[i]);
+ }
+ NCR710_DPRINTF("\n");
+}
+
+static inline void ncr710_dma_write(NCR710State *s, uint32_t addr,
+ const void *buf, uint32_t len)
+{
+ address_space_write(&address_space_memory, addr, MEMTXATTRS_UNSPECIFIED,
+ buf, len);
+ NCR710_DPRINTF("Wrote %d bytes to %08x\n", len, addr);
+}
+
+static void ncr710_stop_script(NCR710State *s)
+{
+ s->script_active = 0;
+ s->scntl1 &= ~NCR710_SCNTL1_CON;
+ s->istat &= ~NCR710_ISTAT_CON;
+}
+
+static void ncr710_update_irq(NCR710State *s)
+{
+ int level = 0;
+
+ if (s->dstat) {
+ if (s->dstat & s->dien) {
+ level = 1;
+ }
+ s->istat |= NCR710_ISTAT_DIP;
+ } else {
+ s->istat &= ~NCR710_ISTAT_DIP;
+ }
+
+ if (s->sstat0) {
+ if ((s->sstat0 & s->sien0)) {
+ level = 1;
+ }
+ s->istat |= NCR710_ISTAT_SIP;
+ } else {
+ s->istat &= ~NCR710_ISTAT_SIP;
+ }
+
+ qemu_set_irq(s->irq, level);
+}
+
+static void ncr710_script_scsi_interrupt(NCR710State *s, int stat0)
+{
+ uint32_t mask0;
+
+ trace_ncr710_script_scsi_interrupt(stat0, s->sstat0);
+ s->sstat0 |= stat0;
+ mask0 = stat0 & s->sien0;
+ if (mask0) {
+ ncr710_stop_script(s);
+ s->istat |= NCR710_ISTAT_SIP;
+ ncr710_update_irq(s);
+ }
+}
+
+static void ncr710_script_dma_interrupt(NCR710State *s, int stat)
+{
+ trace_ncr710_script_dma_interrupt(stat, s->dstat);
+ if (stat == NCR710_DSTAT_SIR && (s->dstat & NCR710_DSTAT_DFE)) {
+ s->dstat &= ~NCR710_DSTAT_DFE;
+ }
+
+ s->dstat |= stat;
+ s->istat |= NCR710_ISTAT_DIP;
+ ncr710_update_irq(s);
+ ncr710_stop_script(s);
+}
+
+inline void ncr710_set_phase(NCR710State *s, int phase)
+{
+ s->sstat2 = (s->sstat2 & ~PHASE_MASK) | phase;
+ s->ctest0 &= ~1;
+ if (phase == PHASE_DI) {
+ s->ctest0 |= 1;
+ }
+ s->sbcl &= ~NCR710_SBCL_REQ;
+}
+
+static void ncr710_disconnect(NCR710State *s)
+{
+ trace_ncr710_disconnect(s->waiting);
+ if (s->waiting == NCR710_WAIT_NONE) {
+ s->scntl1 &= ~NCR710_SCNTL1_CON;
+ s->istat &= ~NCR710_ISTAT_CON;
+ }
+ s->sstat2 &= ~PHASE_MASK;
+}
+
+static void ncr710_bad_selection(NCR710State *s, uint32_t id)
+{
+ trace_ncr710_bad_selection(id);
+ s->dstat = 0;
+ s->dsps = 0;
+ ncr710_script_scsi_interrupt(s, NCR710_SSTAT0_STO);
+ ncr710_disconnect(s);
+}
+
+static void ncr710_clear_selection_timeout(NCR710State *s)
+{
+ if (s->sstat0 & NCR710_SSTAT0_STO) {
+ s->sstat0 &= ~NCR710_SSTAT0_STO;
+ ncr710_clear_pending_irq(s);
+ if (s->sstat0 == 0) {
+ s->istat &= ~NCR710_ISTAT_SIP;
+ }
+ ncr710_update_irq(s);
+ }
+}
+
+static void ncr710_do_dma(NCR710State *s, int out)
+{
+ uint32_t count;
+ uint32_t addr;
+ SCSIDevice *dev;
+ assert(s->current);
+ if (!s->current->dma_len) {
+ /* We wait until data is available. */
+ return;
+ }
+
+ dev = s->current->req->dev;
+ assert(dev);
+
+ count = s->dbc;
+ if (count > s->current->dma_len) {
+ count = s->current->dma_len;
+ }
+
+ addr = s->dnad;
+
+ s->dnad += count;
+ s->dbc -= count;
+ if (s->current->dma_buf == NULL) {
+ s->current->dma_buf = scsi_req_get_buf(s->current->req);
+ }
+ /* ??? Set SFBR to first data byte. */
+ if (out) {
+ ncr710_dma_read(s, addr, s->current->dma_buf, count);
+ } else {
+ ncr710_dma_write(s, addr, s->current->dma_buf, count);
+ }
+ s->current->dma_len -= count;
+ if (s->current->dma_len == 0) {
+ s->current->dma_buf = NULL;
+ s->current->pending = 0;
+ scsi_req_continue(s->current->req);
+ } else {
+ s->current->dma_buf += count;
+ s->waiting = NCR710_WAIT_NONE;
+ ncr710_execute_script(s);
+ }
+}
+
+static void ncr710_add_msg_byte(NCR710State *s, uint8_t data)
+{
+ if (s->msg_len >= NCR710_MAX_MSGIN_LEN) {
+ BADF("MSG IN data too long\n");
+ } else {
+ s->msg[s->msg_len++] = data;
+ }
+}
+
+static void ncr710_request_free(NCR710State *s, NCR710Request *p)
+{
+ if (p == s->current) {
+ s->current = NULL;
+ }
+ g_free(p);
+}
+
+void ncr710_request_cancelled(SCSIRequest *req)
+{
+ NCR710State *s = ncr710_from_scsi_bus(req->bus);
+ NCR710Request *p = (NCR710Request *)req->hba_private;
+ req->hba_private = NULL;
+ ncr710_request_free(s, p);
+ scsi_req_unref(req);
+}
+
+static int ncr710_queue_req(NCR710State *s, SCSIRequest *req, uint32_t len)
+{
+ NCR710Request *p = (NCR710Request *)req->hba_private;
+
+ if (!p) {
+ return -1;
+ }
+ p->pending = len;
+ if ((s->waiting == NCR710_WAIT_RESELECT &&
+ !(s->istat & (NCR710_ISTAT_SIP | NCR710_ISTAT_DIP))) ||
+ (ncr710_irq_on_rsl(s) && !(s->scntl1 & NCR710_SCNTL1_CON) &&
+ !(s->istat & (NCR710_ISTAT_SIP | NCR710_ISTAT_DIP)))) {
+ s->current = p;
+ return 0;
+ } else {
+ s->current = p;
+ return 1;
+ }
+}
+
+void ncr710_command_complete(SCSIRequest *req, size_t resid)
+{
+ NCR710State *s = ncr710_from_scsi_bus(req->bus);
+ NCR710Request *p = (NCR710Request *)req->hba_private;
+
+ trace_ncr710_command_complete(req->tag, req->status);
+
+ s->lcrc = 0;
+ s->status = req->status;
+ s->command_complete = NCR710_CMD_COMPLETE;
+
+ if (p) {
+ p->pending = 0;
+ }
+
+ ncr710_set_phase(s, PHASE_ST);
+
+ if (req->hba_private == s->current) {
+ scsi_req_unref(req);
+ }
+
+ if (s->waiting == NCR710_WAIT_RESELECT || s->waiting == NCR710_WAIT_DMA) {
+ s->waiting = NCR710_WAIT_NONE;
+ ncr710_execute_script(s);
+ }
+}
+
+void ncr710_transfer_data(SCSIRequest *req, uint32_t len)
+{
+ NCR710State *s = ncr710_from_scsi_bus(req->bus);
+
+ assert(req->hba_private);
+
+ if (s->waiting == NCR710_WAIT_DMA) {
+ NCR710Request *p = (NCR710Request *)req->hba_private;
+ if (p) {
+ p->dma_len = len;
+ }
+ s->dsp -= 8;
+ s->waiting = NCR710_WAIT_NONE;
+ ncr710_execute_script(s);
+ return;
+ }
+
+ if (s->wait_reselect) {
+ s->current = (NCR710Request *)req->hba_private;
+ s->current->dma_len = len;
+ s->waiting = NCR710_WAIT_RESELECT;
+ }
+
+ if (req->hba_private != s->current ||
+ (ncr710_irq_on_rsl(s) && !(s->scntl1 & NCR710_SCNTL1_CON)) ||
+ s->waiting == NCR710_WAIT_RESELECT) {
+ int queue_result = ncr710_queue_req(s, req, len);
+ if (queue_result != 0) {
+ return;
+ }
+ }
+
+ /* Host adapter (re)connected */
+ s->current->dma_len = len;
+ s->command_complete = NCR710_CMD_DATA_READY;
+
+ if (!s->current) {
+ return;
+ }
+
+ if (s->waiting) {
+ s->scntl1 |= NCR710_SCNTL1_CON;
+ s->istat |= NCR710_ISTAT_CON;
+ s->sbcl = NCR710_SBCL_IO | NCR710_SBCL_CD | NCR710_SBCL_MSG |
+ NCR710_SBCL_BSY | NCR710_SBCL_SEL | NCR710_SBCL_REQ;
+ uint8_t host_id = (s->scid & 0x07);
+
+ /* Special case: both target and host are ID 0 */
+ if (req->dev->id == 0 && host_id == 0) {
+ s->sfbr = 0x00;
+ } else {
+ s->sfbr = (req->dev->id == 0 ? 0 : (1 << req->dev->id)) |
+ (host_id == 0 ? 0 : (1 << host_id));
+ }
+
+ ncr710_set_phase(s, PHASE_MI);
+
+ if (s->current) {
+ uint8_t identify_msg = 0x80 | (req->lun & 0x07);
+ ncr710_add_msg_byte(s, identify_msg);
+
+ if (s->current->tag) {
+ ncr710_add_msg_byte(s, 0x20); /* SIMPLE_TAG_MSG */
+ ncr710_add_msg_byte(s, s->current->tag & 0xff);
+ }
+ }
+
+ s->sstat0 |= NCR710_SSTAT0_SEL;
+ s->istat |= NCR710_ISTAT_SIP;
+ s->dsps = RESELECTED_DURING_SELECTION;
+ s->waiting = NCR710_WAIT_NONE;
+ ncr710_update_irq(s);
+ return;
+ }
+ if (!s->script_active && !s->waiting) {
+ ncr710_execute_script(s);
+ }
+}
+
+static int idbitstonum(uint8_t id)
+{
+ return 7 - clz8(id);
+}
+
+static void ncr710_do_command(NCR710State *s)
+{
+ SCSIDevice *dev;
+ uint8_t buf[16];
+ uint32_t id;
+ int n;
+ int bytes_read;
+ if (s->dbc > 16) {
+ s->dbc = 16;
+ }
+
+ /*
+ * Reading command data directly from memory
+ * NOTE: SCSI commands can be up to 16 bytes
+ * (e.g., READ_CAPACITY_10 is 10 bytes) but the NCR710 SCSI FIFO is
+ * only 8 bytes deep. For command phase, we bypass the FIFO and read
+ * directly from memory since commands don't need FIFO buffering.
+ */
+ bytes_read = MIN(s->dbc, sizeof(buf));
+ ncr710_dma_read(s, s->dnad, buf, bytes_read);
+
+ s->dnad += bytes_read;
+ s->dbc -= bytes_read;
+ s->sfbr = buf[0];
+
+ s->command_complete = NCR710_CMD_PENDING;
+ id = (s->select_tag >> 8) & 0xff;
+ s->lcrc = id;
+
+ dev = scsi_device_find(&s->bus, 0, idbitstonum(id), s->current_lun);
+
+ if (!dev) {
+ ncr710_bad_selection(s, id);
+ return;
+ }
+
+ if (s->current) {
+ ncr710_request_free(s, s->current);
+ s->current = NULL;
+ }
+
+ s->current = g_new0(NCR710Request, 1);
+ s->current->tag = s->select_tag;
+ s->current->resume_offset = 0;
+
+ s->current->req = scsi_req_new(dev, s->current->tag, s->current_lun, buf,
+ bytes_read, s->current);
+ n = scsi_req_enqueue(s->current->req);
+ if (n) {
+ if (n > 0) {
+ ncr710_set_phase(s, PHASE_DI);
+ } else if (n < 0) {
+ ncr710_set_phase(s, PHASE_DO);
+ }
+ scsi_req_continue(s->current->req);
+ }
+
+ if (!s->command_complete) {
+ if (!n) {
+ ncr710_set_phase(s, PHASE_SI);
+ } else {
+ NCR710_DPRINTF("Data transfer phase\n");
+ }
+ }
+}
+
+static void ncr710_do_status(NCR710State *s)
+{
+ uint8_t status = s->status;
+ uint8_t parity = 0;
+
+ if (s->dbc != 1) {
+ BADF("Bad Status move\n");
+ }
+ s->dbc = 1;
+ s->sfbr = status;
+
+ /* Generate parity if enabled and enqueue status byte */
+ if (s->scntl0 & NCR710_SCNTL0_EPG) {
+ parity = ncr710_generate_scsi_parity(s, status);
+ }
+ ncr710_scsi_fifo_enqueue(&s->scsi_fifo, status, parity);
+
+ /* Dequeue status byte and write to memory */
+ status = ncr710_scsi_fifo_dequeue(&s->scsi_fifo, &parity);
+ if (s->scntl0 & NCR710_SCNTL0_EPC) {
+ if (!ncr710_check_scsi_parity(s, status, parity)) {
+ ncr710_handle_parity_error(s);
+ }
+ }
+ ncr710_dma_write(s, s->dnad, &status, 1);
+
+ s->dnad += 1;
+ s->dbc -= 1;
+
+ ncr710_set_phase(s, PHASE_MI);
+ s->msg_action = NCR710_MSG_ACTION_DISCONNECT;
+ ncr710_add_msg_byte(s, 0); /* COMMAND COMPLETE */
+}
+
+static void ncr710_do_msgin(NCR710State *s)
+{
+ int len;
+ len = s->msg_len;
+ if (len > s->dbc) {
+ len = s->dbc;
+ }
+ s->sfbr = s->msg[0];
+
+ for (int i = 0; i < len; i++) {
+ uint8_t parity = 0;
+ if (s->scntl0 & NCR710_SCNTL0_EPG) {
+ parity = ncr710_generate_scsi_parity(s, s->msg[i]);
+ }
+ ncr710_scsi_fifo_enqueue(&s->scsi_fifo, s->msg[i], parity);
+ }
+
+ uint8_t buf[NCR710_MAX_MSGIN_LEN];
+ for (int i = 0; i < len; i++) {
+ uint8_t parity;
+ buf[i] = ncr710_scsi_fifo_dequeue(&s->scsi_fifo, &parity);
+ if (s->scntl0 & NCR710_SCNTL0_EPC) {
+ if (!ncr710_check_scsi_parity(s, buf[i], parity)) {
+ ncr710_handle_parity_error(s);
+ }
+ }
+ }
+ ncr710_dma_write(s, s->dnad, buf, len);
+
+ s->dnad += len;
+ s->dbc -= len;
+ s->sidl = s->msg[len - 1];
+ s->msg_len -= len;
+ if (s->msg_len) {
+ memmove(s->msg, s->msg + len, s->msg_len);
+ return;
+ }
+ switch (s->msg_action) {
+ case NCR710_MSG_ACTION_NONE:
+ ncr710_set_phase(s, PHASE_CO);
+ break;
+ case NCR710_MSG_ACTION_DISCONNECT:
+ ncr710_disconnect(s);
+ break;
+ case NCR710_MSG_ACTION_DATA_OUT:
+ ncr710_set_phase(s, PHASE_DO);
+ break;
+ case NCR710_MSG_ACTION_DATA_IN:
+ ncr710_set_phase(s, PHASE_DI);
+ break;
+ default:
+ abort();
+ }
+}
+
+static void ncr710_do_msgout(NCR710State *s)
+{
+ NCR710Request *current_req = s->current;
+
+ while (s->dbc > 0) {
+ int to_move = MIN((int)s->dbc, NCR710_SCSI_FIFO_SIZE);
+ uint8_t temp_buf[NCR710_SCSI_FIFO_SIZE];
+ ncr710_dma_read(s, s->dnad, temp_buf, to_move);
+ int filled = 0;
+ for (int j = 0; j < to_move &&
+ !ncr710_scsi_fifo_full(&s->scsi_fifo); j++) {
+ uint8_t parity = 0;
+ if (s->scntl0 & NCR710_SCNTL0_EPG) {
+ parity = ncr710_generate_scsi_parity(s, temp_buf[j]);
+ }
+ if (ncr710_scsi_fifo_enqueue(&s->scsi_fifo, temp_buf[j],
+ parity) == 0) {
+ filled++;
+ } else {
+ break;
+ }
+ }
+
+ if (filled <= 0) {
+ break;
+ }
+ uint8_t buf[NCR710_SCSI_FIFO_SIZE];
+ int bytes = 0;
+ for (int j = 0; j < filled &&
+ !ncr710_scsi_fifo_empty(&s->scsi_fifo); j++) {
+ uint8_t parity;
+ buf[bytes] = ncr710_scsi_fifo_dequeue(&s->scsi_fifo, &parity);
+ if (s->scntl0 & NCR710_SCNTL0_EPC) {
+ if (!ncr710_check_scsi_parity(s, buf[bytes], parity)) {
+ ncr710_handle_parity_error(s);
+ }
+ }
+ bytes++;
+ }
+
+ s->dnad += bytes;
+ s->dbc -= bytes;
+ int i = 0;
+ while (i < bytes) {
+ uint8_t msg = buf[i++];
+ s->sfbr = msg;
+
+ switch (msg) {
+ case SCSI_MSG_COMMAND_COMPLETE:
+ /* 0x00 - NOP / padding byte / Command Complete */
+ /* Just gonna ignore padding bytes, continue processing */
+ break;
+
+ case SCSI_MSG_DISCONNECT: /* 0x04 - Disconnect */
+ ncr710_disconnect(s);
+ break;
+
+ case SCSI_MSG_MESSAGE_REJECT: /* 0x07 - Message Reject */
+ /* Target is rejecting our last message */
+ ncr710_set_phase(s, PHASE_CO);
+ break;
+
+ case SCSI_MSG_NO_OPERATION: /* 0x08 - NOP */
+ ncr710_set_phase(s, PHASE_CO);
+ break;
+
+ case SCSI_MSG_SAVE_DATA_POINTER: /* 0x02 - Save Data Pointer */
+ /* Save current data pointer for later restore */
+ break;
+
+ case SCSI_MSG_RESTORE_POINTERS: /* 0x03 - Restore Pointers */
+ /* Restore previously saved data pointer */
+ break;
+
+ case SCSI_MSG_EXTENDED_MESSAGE: { /* 0x01 - Extended message */
+ if (i >= bytes) {
+ /* Not enough data; let next chunk continue parsing */
+ i--; /* rewind one to reparse later */
+ goto out_chunk;
+ }
+ i++; /* skip ext_len */
+
+ if (i >= bytes) {
+ i -= 2; /* rewind msg + ext_len for next chunk */
+ goto out_chunk;
+ }
+ uint8_t ext_code = buf[i++];
+
+ switch (ext_code) {
+ case 1: /* SDTR (ignore body) */
+ /* Body has 2 bytes, may span chunks: skip what we have */
+ {
+ int skip = MIN(2, bytes - i);
+ i += skip;
+ /*
+ * If not all skipped this chunk, rest will arrive
+ * in next loop
+ */
+ }
+ break;
+ case 3: /* WDTR (ignore body) */
+ if (i < bytes) {
+ i++; /* skip one param byte if present this chunk */
+ }
+ break;
+ default:
+ goto bad;
+ }
+ break;
+ }
+
+ case 0x20: /* SIMPLE queue tag */
+ case 0x21: /* HEAD of queue tag */
+ case 0x22: /* ORDERED queue tag */
+ if (i < bytes) {
+ uint8_t tag = buf[i++];
+ s->select_tag = (s->select_tag & 0xFF00) | tag |
+ NCR710_TAG_VALID;
+ NCR710_DPRINTF("Tagged command: tag=0x%02x, "
+ "type=0x%02x\n", tag, msg);
+ } else {
+ /*
+ * Tag byte not in this chunk; rewind and reparse
+ * next loop
+ */
+ i--;
+ goto out_chunk;
+ }
+ break;
+
+ case 0x0d: /* ABORT TAG */
+ if (current_req) {
+ scsi_req_cancel(current_req->req);
+ }
+ ncr710_disconnect(s);
+ break;
+
+ case SCSI_MSG_ABORT: /* 0x06 - ABORT */
+ case 0x0e: /* CLEAR QUEUE */
+ case SCSI_MSG_BUS_DEVICE_RESET: /* 0x0c - BUS DEVICE RESET */
+ if (s->current) {
+ scsi_req_cancel(s->current->req);
+ }
+ ncr710_disconnect(s);
+ break;
+
+ default:
+ if (msg & SCSI_MSG_IDENTIFY) {
+ uint8_t lun = msg & 0x07;
+ s->current_lun = lun;
+ ncr710_set_phase(s, PHASE_CO);
+ break;
+ }
+
+ /* Unknown message - reject it */
+ goto bad;
+ }
+ }
+
+out_chunk:
+ continue;
+ }
+
+ return;
+
+bad:
+ BADF("Unimplemented/Invalid message 0x%02x\n", s->sfbr);
+ ncr710_set_phase(s, PHASE_MI);
+ ncr710_add_msg_byte(s, 7);
+ s->msg_action = NCR710_MSG_ACTION_NONE;
+}
+
+static void ncr710_memcpy(NCR710State *s, uint32_t dest, uint32_t src,
+ int count)
+{
+ uint8_t buf[NCR710_BUF_SIZE];
+
+ while (count) {
+ int chunk = MIN(count, NCR710_BUF_SIZE);
+ /* Read from source */
+ ncr710_dma_read(s, src, buf, chunk);
+
+ /* Write to destination */
+ ncr710_dma_write(s, dest, buf, chunk);
+
+ src += chunk;
+ dest += chunk;
+ count -= chunk;
+ }
+}
+
+static void ncr710_wait_reselect(NCR710State *s)
+{
+ s->wait_reselect = true;
+ s->waiting = NCR710_WAIT_RESELECT;
+ s->script_active = false;
+
+ s->scntl1 &= ~NCR710_SCNTL1_CON;
+ s->istat &= ~NCR710_ISTAT_CON;
+}
+
+void ncr710_reselection_retry_callback(void *opaque)
+{
+ NCR710State *s = opaque;
+
+ if (!s->current || s->current->pending == 0) {
+ return;
+ }
+
+ if (s->waiting != NCR710_WAIT_RESELECT) {
+ return;
+ }
+
+ if (s->istat & (NCR710_ISTAT_SIP | NCR710_ISTAT_DIP)) {
+ timer_mod(s->reselection_retry_timer,
+ qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 1000);
+ return;
+ }
+
+ NCR710Request *p = s->current;
+ uint32_t len = p->pending;
+ p->pending = 0;
+
+ SCSIRequest *req = p->req;
+ s->command_complete = NCR710_CMD_PENDING;
+ p->dma_len = len;
+
+ s->scntl1 |= NCR710_SCNTL1_CON;
+ s->istat |= NCR710_ISTAT_CON;
+ s->sbcl = NCR710_SBCL_IO | NCR710_SBCL_CD | NCR710_SBCL_MSG |
+ NCR710_SBCL_BSY | NCR710_SBCL_SEL | NCR710_SBCL_REQ;
+
+ uint8_t host_id = (s->scid & 0x07);
+ if (req->dev->id == 0 && host_id == 0) {
+ s->sfbr = 0x00;
+ } else {
+ s->sfbr = (req->dev->id == 0 ? 0 : (1 << req->dev->id)) |
+ (host_id == 0 ? 0 : (1 << host_id));
+ }
+
+ ncr710_set_phase(s, PHASE_MI);
+
+ uint8_t identify_msg = 0x80 | (req->lun & 0x07);
+ ncr710_add_msg_byte(s, identify_msg);
+
+ if (p->tag) {
+ ncr710_add_msg_byte(s, 0x20); /* SIMPLE_TAG_MSG */
+ ncr710_add_msg_byte(s, p->tag & 0xff);
+ }
+
+ s->dsp = p->resume_offset - 8;
+
+ s->dsps = RESELECTED_DURING_SELECTION;
+ s->sstat0 |= NCR710_SSTAT0_SEL;
+ s->istat |= NCR710_ISTAT_SIP;
+ ncr710_update_irq(s);
+ s->waiting = NCR710_WAIT_NONE;
+}
+
+void ncr710_execute_script(NCR710State *s)
+{
+ uint32_t insn;
+ uint32_t addr;
+ int opcode;
+ s->script_active = 1;
+
+again:
+ insn = ncr710_read_dword(s, s->dsp);
+ if (!insn) {
+ /*
+ * If we receive an empty opcode increment the DSP by 4 bytes
+ * and execute the next opcode at that location
+ */
+ s->dsp += 4;
+ goto again;
+ }
+ addr = ncr710_read_dword(s, s->dsp + 4);
+ s->dsps = addr;
+ s->dcmd = insn >> 24;
+ s->dsp += 8;
+ switch (insn >> 30) {
+ case 0: /* Block move. */
+ if (s->sstat0 & NCR710_SSTAT0_STO) {
+ NCR710_DPRINTF("Delayed select timeout\n");
+ ncr710_stop_script(s);
+ ncr710_update_irq(s);
+ break;
+ }
+ s->dbc = insn & 0xffffff;
+ if (insn & (1 << 29)) {
+ /* Indirect addressing. */
+ addr = ncr710_read_dword(s, addr);
+ } else if (insn & (1 << 28)) {
+ uint32_t buf[2];
+ int32_t offset;
+ /* Table indirect addressing. */
+
+ /* 32-bit Table indirect */
+ offset = sextract32(addr, 0, 24);
+ ncr710_dma_read(s, s->dsa + offset, buf, 8);
+ /* byte count is stored in bits 0:23 only */
+ s->dbc = cpu_to_le32(buf[0]) & 0xffffff;
+ addr = cpu_to_le32(buf[1]);
+ }
+ /* Check phase match for block move instructions */
+ if ((s->sstat2 & PHASE_MASK) != ((insn >> 24) & 7)) {
+ uint8_t current_phase = s->sstat2 & PHASE_MASK;
+
+ ncr710_set_phase(s, current_phase);
+ s->sbcl |= NCR710_SBCL_REQ;
+ ncr710_script_scsi_interrupt(s, NCR710_SSTAT0_MA);
+ ncr710_stop_script(s);
+ break;
+ }
+
+ s->dnad = addr;
+ switch (s->sstat2 & 0x7) {
+ case PHASE_DO:
+ s->waiting = NCR710_WAIT_DMA;
+ ncr710_do_dma(s, 1);
+ break;
+ case PHASE_DI:
+ s->waiting = NCR710_WAIT_DMA;
+ ncr710_do_dma(s, 0);
+ if (s->waiting != NCR710_WAIT_NONE) {
+ /* Async - stop and wait */
+ break;
+ }
+ /* Sync - continue execution */
+ break;
+ case PHASE_CO:
+ ncr710_do_command(s);
+ break;
+ case PHASE_SI:
+ ncr710_do_status(s);
+ break;
+ case PHASE_MO:
+ ncr710_do_msgout(s);
+ break;
+ case PHASE_MI:
+ ncr710_do_msgin(s);
+ break;
+ default:
+ BADF("Unimplemented phase %d\n", s->sstat2 & PHASE_MASK);
+ }
+ s->ctest5 = (s->ctest5 & 0xfc) | ((s->dbc >> 8) & 3);
+ s->sbcl = s->dbc;
+ break;
+
+ case 1: /* IO or Read/Write instruction. */
+ opcode = (insn >> 27) & 7;
+ if (opcode < 5) {
+ uint32_t id;
+
+ if (insn & (1 << 25)) {
+ id = ncr710_read_dword(s, s->dsa + sextract32(insn, 0, 24));
+ } else {
+ id = insn;
+ }
+ id = (id >> 16) & 0xff;
+ if (insn & (1 << 26)) {
+ addr = s->dsp + sextract32(addr, 0, 24);
+ }
+ s->dnad = addr;
+ switch (opcode) {
+ case 0: /* Select */
+ s->sdid = id;
+ if (s->scntl1 & NCR710_SCNTL1_CON) {
+ if (!(insn & (1 << 24))) {
+ s->dsp = s->dnad;
+ break;
+ }
+ } else if (!scsi_device_find(&s->bus, 0, idbitstonum(id), 0)) {
+ ncr710_bad_selection(s, id);
+ break;
+ } else {
+ /*
+ * ??? Linux drivers compain when this is set. Maybe
+ * it only applies in low-level mode (unimplemented).
+ * ncr710_script_scsi_interrupt(s, NCR710_SIST0_CMP, 0);
+ */
+ s->select_tag = id << 8;
+ s->scntl1 |= NCR710_SCNTL1_CON;
+
+ if (insn & (1 << 24)) {
+ s->socl |= NCR710_SOCL_ATN;
+ ncr710_set_phase(s, PHASE_MO);
+ } else {
+ ncr710_set_phase(s, PHASE_CO);
+ }
+ }
+ break;
+ case 1: /* Disconnect */
+
+ if (s->command_complete != NCR710_CMD_PENDING) {
+ s->scntl1 &= ~NCR710_SCNTL1_CON;
+ s->istat &= ~NCR710_ISTAT_CON;
+ if (s->waiting == NCR710_WAIT_RESELECT) {
+ s->waiting = NCR710_WAIT_NONE;
+ }
+ } else {
+ if (s->current) {
+ s->current->resume_offset = s->dsp;
+ }
+
+ s->waiting = NCR710_WAIT_RESELECT;
+ ncr710_stop_script(s);
+ NCR710_DPRINTF("SCRIPTS paused at WAIT DISCONNECT\n");
+ }
+ break;
+ case 2: /* Wait Reselect */
+ if (!ncr710_irq_on_rsl(s)) {
+ ncr710_wait_reselect(s);
+ }
+ break;
+ case 3: /* Set */
+ if (insn & (1 << 3)) {
+ s->socl |= NCR710_SOCL_ATN;
+ ncr710_set_phase(s, PHASE_MO);
+ }
+ if (insn & (1 << 10)) {
+ s->carry = 1;
+ }
+ break;
+ case 4: /* Clear */
+ if (insn & (1 << 3)) {
+ s->socl &= ~NCR710_SOCL_ATN;
+ }
+ if (insn & (1 << 10)) {
+ s->carry = 0;
+ }
+ break;
+ }
+ } else {
+ uint8_t op0;
+ uint8_t op1;
+ uint8_t data8;
+ int reg;
+ int xoperator;
+
+ reg = ((insn >> 16) & 0x7f) | (insn & 0x80);
+ data8 = (insn >> 8) & 0xff;
+ opcode = (insn >> 27) & 7;
+ xoperator = (insn >> 24) & 7;
+ op0 = op1 = 0;
+ switch (opcode) {
+ case 5: /* From SFBR */
+ op0 = s->sfbr;
+ op1 = data8;
+ break;
+ case 6: /* To SFBR */
+ if (xoperator) {
+ op0 = ncr710_reg_readb(s, reg);
+ }
+ op1 = data8;
+ break;
+ case 7: /* Read-modify-write */
+ if (xoperator) {
+ op0 = ncr710_reg_readb(s, reg);
+ }
+ if (insn & (1 << 23)) {
+ op1 = s->sfbr;
+ } else {
+ op1 = data8;
+ }
+ break;
+ }
+
+ switch (xoperator) {
+ case 0: /* move */
+ op0 = op1;
+ break;
+ case 1: /* Shift left */
+ op1 = op0 >> 7;
+ op0 = (op0 << 1) | s->carry;
+ s->carry = op1;
+ break;
+ case 2: /* OR */
+ op0 |= op1;
+ break;
+ case 3: /* XOR */
+ op0 ^= op1;
+ break;
+ case 4: /* AND */
+ op0 &= op1;
+ break;
+ case 5: /* SHR */
+ op1 = op0 & 1;
+ op0 = (op0 >> 1) | (s->carry << 7);
+ s->carry = op1;
+ break;
+ case 6: /* ADD */
+ op0 += op1;
+ s->carry = op0 < op1;
+ break;
+ case 7: /* ADC */
+ op0 += op1 + s->carry;
+ if (s->carry) {
+ s->carry = op0 <= op1;
+ } else {
+ s->carry = op0 < op1;
+ }
+ break;
+ }
+
+ switch (opcode) {
+ case 5: /* From SFBR */
+ case 7: /* Read-modify-write */
+ ncr710_reg_writeb(s, reg, op0);
+ break;
+ case 6: /* To SFBR */
+ s->sfbr = op0;
+ break;
+ }
+ }
+ break;
+
+ case 2: /* Transfer Control. */
+ {
+ int cond;
+ int jmp;
+
+
+ if (s->sstat0 & NCR710_SSTAT0_STO) {
+ break;
+ }
+ cond = jmp = (insn & (1 << 19)) != 0;
+ if (cond == jmp && (insn & (1 << 21))) {
+ cond = s->carry != 0;
+ }
+ if (cond == jmp && (insn & (1 << 17))) {
+ cond = (s->sstat2 & PHASE_MASK) == ((insn >> 24) & 7);
+ }
+ if (cond == jmp && (insn & (1 << 18))) {
+ uint8_t mask;
+
+ mask = (~insn >> 8) & 0xff;
+ cond = (s->sfbr & mask) == (insn & mask);
+ }
+ if (cond == jmp) {
+ if (insn & (1 << 23)) {
+ /* Relative address. */
+ addr = s->dsp + sextract32(addr, 0, 24);
+ }
+ switch ((insn >> 27) & 7) {
+ case 0: /* Jump */
+ s->dsp = addr;
+ break;
+ case 1: /* Call */
+ s->temp = s->dsp;
+ s->dsp = addr;
+ break;
+ case 2: /* Return */
+ if (s->temp == 0) {
+ ncr710_script_dma_interrupt(s, NCR710_DSTAT_IID);
+ break;
+ }
+ s->dsp = s->temp;
+ break;
+ case 3: /* Interrupt */
+ if ((insn & (1 << 20)) != 0) {
+ ncr710_update_irq(s);
+ } else {
+ if (s->dsps == GOOD_STATUS_AFTER_STATUS) {
+ NCR710_DPRINTF("Script completion: Processing "
+ "GOOD_STATUS_AFTER_STATUS\n");
+ NCR710_DPRINTF("Script completion: Command state "
+ "preserved for driver processing\n");
+ ncr710_script_dma_interrupt(s,
+ NCR710_DSTAT_SIR);
+ s->command_complete = NCR710_CMD_PENDING;
+ } else {
+ ncr710_script_dma_interrupt(s, NCR710_DSTAT_SIR);
+ }
+ }
+ break;
+ default:
+ ncr710_script_dma_interrupt(s, NCR710_DSTAT_IID);
+ break;
+ }
+ }
+ }
+ break;
+
+ case 3:
+ if ((insn & (1 << 29)) == 0) {
+ /* Memory move. */
+ uint32_t dest;
+ /*
+ * ??? The docs imply the destination address is loaded into
+ * the TEMP register. However the Linux drivers rely on
+ * the value being preserved.
+ */
+ dest = ncr710_read_dword(s, s->dsp);
+ s->dsp += 4;
+ ncr710_memcpy(s, dest, addr, insn & 0xffffff);
+ } else {
+ uint8_t data[8];
+ int reg;
+ int n;
+ int i;
+ bool dsa_relative = (insn & (1 << 28)) != 0;
+ bool is_load = (insn & (1 << 24)) != 0;
+
+ if (dsa_relative) {
+ addr = s->dsa + sextract32(addr, 0, 24);
+ }
+
+ n = (insn & 7);
+ if (n == 0) {
+ n = 8; /* 0 means 8 bytes */
+ }
+
+ reg = (insn >> 16) & 0xff;
+
+ if (is_load) {
+ ncr710_dma_read(s, addr, data, n);
+ for (i = 0; i < n; i++) {
+ ncr710_reg_writeb(s, reg + i, data[i]);
+ }
+ } else {
+ for (i = 0; i < n; i++) {
+ data[i] = ncr710_reg_readb(s, reg + i);
+ }
+ ncr710_dma_write(s, addr, data, n);
+ }
+ }
+ }
+
+ if (s->script_active && s->waiting == NCR710_WAIT_NONE) {
+ if (s->dcntl & NCR710_DCNTL_SSM) {
+ ncr710_script_dma_interrupt(s, NCR710_DSTAT_SSI);
+ return;
+ } else {
+ goto again;
+ }
+ } else if (s->waiting == NCR710_WAIT_RESELECT) {
+ return;
+ } else if (s->waiting == NCR710_WAIT_DMA ||
+ s->waiting == NCR710_WAIT_RESERVED) {
+ if (s->command_complete == NCR710_CMD_COMPLETE) {
+ s->waiting = NCR710_WAIT_NONE;
+ goto again;
+ }
+ return;
+ }
+}
+
+static uint8_t ncr710_reg_readb(NCR710State *s, int offset)
+{
+ uint8_t ret = 0;
+
+#define CASE_GET_REG24(name, addr) \
+ case addr: \
+ ret = s->name & 0xff; \
+ break; \
+ case addr + 1: \
+ ret = (s->name >> 8) & 0xff; \
+ break; \
+ case addr + 2: \
+ ret = (s->name >> 16) & 0xff; \
+ break;
+
+#define CASE_GET_REG32(name, addr) \
+ case addr: \
+ ret = s->name & 0xff; \
+ break; \
+ case addr + 1: \
+ ret = (s->name >> 8) & 0xff; \
+ break; \
+ case addr + 2: \
+ ret = (s->name >> 16) & 0xff; \
+ break; \
+ case addr + 3: \
+ ret = (s->name >> 24) & 0xff; \
+ break;
+
+ switch (offset) {
+ case NCR710_SCNTL0_REG: /* SCNTL0 */
+ ret = s->scntl0;
+ break;
+ case NCR710_SCNTL1_REG: /* SCNTL1 */
+ ret = s->scntl1;
+ break;
+ case NCR710_SDID_REG: /* SDID */
+ ret = s->sdid;
+ break;
+ case NCR710_SIEN_REG: /* SIEN */
+ ret = s->sien0;
+ break;
+ case NCR710_SCID_REG:
+ ret = s->scid;
+ if ((ret & 0x7F) == 0) {
+ ret = 0x80 | NCR710_HOST_ID;
+ } else {
+ ret |= 0x80;
+ }
+ break;
+ case NCR710_SXFER_REG: /* SXFER */
+ ret = s->sxfer;
+ break;
+ case NCR710_SODL_REG: /* SODL */
+ ret = s->sodl;
+ break;
+ case NCR710_SOCL_REG: /* SOCL */
+ ret = s->socl;
+ break;
+ case NCR710_SFBR_REG: /* SFBR */
+ ret = s->sfbr;
+ break;
+ case NCR710_SIDL_REG: /* SIDL */
+ ret = s->sidl;
+ break;
+ case NCR710_SBDL_REG: /* SBDL */
+ ret = s->sbdl;
+ break;
+ case NCR710_SBCL_REG: /* SBCL */
+ ret = 0;
+ if (s->scntl1 & NCR710_SCNTL1_CON) {
+ ret = s->sstat2 & PHASE_MASK;
+ ret |= s->sbcl;
+ if (s->socl & NCR710_SOCL_ATN) {
+ ret |= NCR710_SBCL_ATN;
+ }
+ }
+ break;
+ case NCR710_DSTAT_REG: /* DSTAT */
+ ret = s->dstat;
+
+ /*
+ * Not freeing s->current here:: driver needs it for completion
+ * processing. It will be freed when the next command starts.
+ */
+ if (s->dstat & NCR710_DSTAT_SIR) {
+ /* SIR bit set */
+ }
+ s->dstat = 0; /* Clear all DMA interrupt status bits */
+ s->dstat |= NCR710_DSTAT_DFE;
+ s->istat &= ~NCR710_ISTAT_DIP;
+ ncr710_update_irq(s);
+
+ if (s->waiting == NCR710_WAIT_RESELECT && s->current &&
+ s->current->pending > 0) {
+ timer_mod(s->reselection_retry_timer,
+ qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL));
+ }
+
+ if (!s->script_active && s->current && s->current->pending > 0 &&
+ s->command_complete == NCR710_CMD_COMPLETE) {
+ s->current->pending = 0;
+ s->waiting = NCR710_WAIT_NONE;
+ ncr710_execute_script(s);
+ }
+
+ if (s->waiting && s->current && s->current->pending > 0 &&
+ s->command_complete == NCR710_CMD_COMPLETE) {
+ s->current->pending = 0;
+ s->waiting = NCR710_WAIT_NONE;
+ ncr710_execute_script(s);
+ }
+
+ return ret;
+ case NCR710_SSTAT0_REG: /* SSTAT0 */
+ ret = s->sstat0;
+ if (s->sstat0 != 0 && !(s->sstat0 & NCR710_SSTAT0_STO)) {
+ s->sstat0 = 0;
+ s->istat &= ~NCR710_ISTAT_SIP;
+ ncr710_update_irq(s);
+ if (s->sbcl != 0) {
+ s->sbcl = 0;
+ }
+ }
+ break;
+ case NCR710_SSTAT1_REG: /* SSTAT1 */
+ ret = s->sstat0;
+ break;
+ case NCR710_SSTAT2_REG: /* SSTAT2 */
+ ret = s->dstat;
+
+ if (s->dstat & NCR710_DSTAT_SIR) {
+ /* SIR bit processing */
+ }
+ s->dstat = 0;
+ s->istat &= ~NCR710_ISTAT_DIP;
+ ncr710_update_irq(s);
+ break;
+ CASE_GET_REG32(dsa, NCR710_DSA_REG)
+ break;
+ case NCR710_CTEST0_REG: /* CTEST0 */
+ ret = s->ctest0;
+ break;
+ case NCR710_CTEST1_REG: /* CTEST1 */
+ ret = s->ctest1;
+ break;
+ case NCR710_CTEST2_REG: /* CTEST2 */
+ ret = s->ctest2;
+ s->ctest2 |= 0x04;
+ break;
+ case NCR710_CTEST3_REG: /* CTEST3 */
+ ret = s->ctest3;
+ if (!ncr710_scsi_fifo_empty(&s->scsi_fifo)) {
+ uint8_t parity;
+ ret = ncr710_scsi_fifo_dequeue(&s->scsi_fifo, &parity);
+ if (parity) {
+ s->ctest2 |= 0x10;
+ } else {
+ s->ctest2 &= ~0x10;
+ }
+ }
+ break;
+ case NCR710_CTEST4_REG: /* CTEST4 */
+ ret = s->ctest4;
+ break;
+ case NCR710_CTEST5_REG: /* CTEST5 */
+ ret = s->ctest5;
+ break;
+ case NCR710_CTEST6_REG: /* CTEST6 */
+ ret = s->ctest6;
+ break;
+ case NCR710_CTEST7_REG: /* CTEST7 */
+ ret = s->ctest7;
+ break;
+ CASE_GET_REG32(temp, NCR710_TEMP_REG)
+ case NCR710_DFIFO_REG: /* DFIFO */
+ ret = s->dfifo;
+ s->dfifo = 0; /* DMA FIFO count is always 0 */
+ break;
+ case NCR710_ISTAT_REG: /* ISTAT */
+ ret = s->istat;
+ break;
+ case NCR710_CTEST8_REG: /* CTEST8 */
+ ret = s->istat;
+ break;
+ case NCR710_LCRC_REG: /* LCRC */
+ ret = s->lcrc;
+ break;
+ CASE_GET_REG24(dbc, NCR710_DBC_REG)
+ case NCR710_DCMD_REG: /* DCMD */
+ ret = s->dcmd;
+ break;
+ CASE_GET_REG32(dnad, NCR710_DNAD_REG)
+ case NCR710_DSP_REG:
+ ret = s->dsp & 0xff;
+ break;
+ case NCR710_DSP_REG + 1:
+ ret = (s->dsp >> 8) & 0xff;
+ break;
+ case NCR710_DSP_REG + 2:
+ ret = (s->dsp >> 16) & 0xff;
+ break;
+ case NCR710_DSP_REG + 3:
+ ret = (s->dsp >> 24) & 0xff;
+ if (s->dsps == GOOD_STATUS_AFTER_STATUS &&
+ (s->dstat & NCR710_DSTAT_SIR)) {
+ s->dstat &= ~NCR710_DSTAT_SIR;
+ s->istat &= ~NCR710_ISTAT_DIP;
+ ncr710_update_irq(s);
+ }
+ break;
+ case NCR710_DSPS_REG:
+ ret = s->dsps & 0xff;
+ break;
+ case NCR710_DSPS_REG + 1:
+ ret = (s->dsps >> 8) & 0xff;
+ break;
+ case NCR710_DSPS_REG + 2:
+ ret = (s->dsps >> 16) & 0xff;
+ break;
+ case NCR710_DSPS_REG + 3:
+ ret = (s->dsps >> 24) & 0xff;
+ if (!(s->dstat & NCR710_DSTAT_SIR) && s->dsps != 0) {
+ s->dsps = 0;
+ }
+ break;
+ CASE_GET_REG32(scratch, NCR710_SCRATCH_REG)
+ break;
+ case NCR710_DMODE_REG: /* DMODE */
+ ret = s->dmode;
+ break;
+ case NCR710_DIEN_REG: /* DIEN */
+ ret = s->dien;
+ break;
+ case NCR710_DWT_REG: /* DWT */
+ ret = s->dwt;
+ break;
+ case NCR710_DCNTL_REG: /* DCNTL */
+ ret = s->dcntl;
+ return ret;
+ CASE_GET_REG32(adder, NCR710_ADDER_REG)
+ break;
+ default:
+ ret = 0;
+ break;
+ }
+
+#undef CASE_GET_REG24
+#undef CASE_GET_REG32
+ return ret;
+}
+
+static void ncr710_reg_writeb(NCR710State *s, int offset, uint8_t val)
+{
+ uint8_t old_val;
+
+#define CASE_SET_REG24(name, addr) \
+ case addr: \
+ s->name &= 0xffffff00; \
+ s->name |= val; \
+ break; \
+ case addr + 1: \
+ s->name &= 0xffff00ff; \
+ s->name |= val << 8; \
+ break; \
+ case addr + 2: \
+ s->name &= 0xff00ffff; \
+ s->name |= val << 16; \
+ break;
+
+#define CASE_SET_REG32(name, addr) \
+ case addr: \
+ s->name &= 0xffffff00; \
+ s->name |= val; \
+ break; \
+ case addr + 1: \
+ s->name &= 0xffff00ff; \
+ s->name |= val << 8; \
+ break; \
+ case addr + 2: \
+ s->name &= 0xff00ffff; \
+ s->name |= val << 16; \
+ break; \
+ case addr + 3: \
+ s->name &= 0x00ffffff; \
+ s->name |= val << 24; \
+ break;
+
+ trace_ncr710_reg_write(ncr710_reg_name(offset), offset, val);
+
+ switch (offset) {
+ case NCR710_SCNTL0_REG: /* SCNTL0 */
+ old_val = s->scntl0;
+ s->scntl0 = val;
+ break;
+
+ case NCR710_SCNTL1_REG: /* SCNTL1 */
+ old_val = s->scntl1;
+ s->scntl1 = val;
+
+
+ /* Handle Assert Even SCSI Parity (AESP) bit changes */
+ if ((val & NCR710_SCNTL1_AESP) != (old_val & NCR710_SCNTL1_AESP)) {
+ trace_ncr710_parity_sense_changed((val & NCR710_SCNTL1_AESP)
+ != 0 ? "even" : "odd");
+ }
+
+ if (val & NCR710_SCNTL1_RST) {
+ if (!(s->sstat0 & NCR710_SSTAT0_RST)) {
+ s->sstat0 |= NCR710_SSTAT0_RST;
+ ncr710_script_scsi_interrupt(s, NCR710_SSTAT0_RST);
+ }
+ if (!(old_val & NCR710_SCNTL1_RST)) {
+ NCR710_DPRINTF("NCR710: SCNTL1: SCSI bus reset "
+ "initiated\n");
+ ncr710_soft_reset(s);
+ }
+ } else {
+ s->sstat0 &= ~NCR710_SSTAT0_RST;
+ }
+ break;
+
+ case NCR710_SDID_REG: /* SDID */
+ s->sdid = val & 0x0F; /* Only lower 4 bits are valid */
+ break;
+
+ case NCR710_SIEN_REG: /* SIEN */
+ s->sien0 = val;
+ NCR710_DPRINTF("SIEN: interrupt mask=0x%02x\n", val);
+ ncr710_update_irq(s);
+ break;
+
+ case NCR710_SCID_REG: /* SCID */
+ s->scid = val;
+ break;
+
+ case NCR710_SXFER_REG: /* SXFER */
+ s->sxfer = val;
+ break;
+
+ case NCR710_SODL_REG: /* SODL */
+ s->sodl = val;
+ s->sstat1 |= NCR710_SSTAT1_ORF; /* SCSI Output Register Full */
+ break;
+
+ case NCR710_SOCL_REG: /* SOCL */
+ s->socl = val;
+ break;
+
+ case NCR710_SFBR_REG: /* SFBR */
+ s->sfbr = val;
+ break;
+
+ case NCR710_SIDL_REG: /* SIDL */
+ case NCR710_SBDL_REG: /* SBDL */
+ break;
+
+ case NCR710_SBCL_REG: /* SBCL */
+ s->sbcl = val;
+ ncr710_set_phase(s, val & PHASE_MASK);
+ break;
+
+ case NCR710_DSTAT_REG:
+ case NCR710_SSTAT0_REG:
+ case NCR710_SSTAT1_REG:
+ case NCR710_SSTAT2_REG:
+ /* Linux writes to these readonly registers on startup */
+ return;
+
+ CASE_SET_REG32(dsa, NCR710_DSA_REG)
+ break;
+
+ case NCR710_CTEST0_REG: /* CTEST0 */
+ s->ctest0 = val;
+ break;
+
+ case NCR710_CTEST1_REG: /* CTEST1, read-only */
+ s->ctest1 = val;
+ break;
+
+ case NCR710_CTEST2_REG: /* CTEST2, read-only */
+ s->ctest2 = val;
+ break;
+
+ case NCR710_CTEST3_REG: /* CTEST3 */
+ s->ctest3 = val;
+ break;
+
+ case NCR710_CTEST4_REG: /* CTEST4 */
+ s->ctest4 = val;
+ break;
+
+ case NCR710_CTEST5_REG: /* CTEST5 */
+ s->ctest5 = val;
+ break;
+
+ case NCR710_CTEST6_REG: /* CTEST6 */
+ s->ctest6 = val;
+ break;
+
+ case NCR710_CTEST7_REG: /* CTEST7 */
+ s->ctest7 = val;
+ break;
+
+ CASE_SET_REG32(temp, NCR710_TEMP_REG)
+
+ case NCR710_DFIFO_REG: /* DFIFO, read-only */
+ break;
+
+ case NCR710_ISTAT_REG: /* ISTAT */
+ old_val = s->istat;
+
+ if ((old_val & NCR710_ISTAT_DIP) && !(val & NCR710_ISTAT_DIP)) {
+ /* Clear script interrupt data after Linux processes it */
+ s->dstat = 0;
+ s->dsps = 0;
+ }
+
+ if ((old_val & NCR710_ISTAT_SIP) && !(val & NCR710_ISTAT_SIP)) {
+ s->sstat0 = 0;
+ }
+
+ s->istat = (val & ~(NCR710_ISTAT_DIP | NCR710_ISTAT_SIP)) |
+ (s->istat & (NCR710_ISTAT_DIP | NCR710_ISTAT_SIP));
+ ncr710_update_irq(s);
+
+ if (val & NCR710_ISTAT_ABRT) {
+ ncr710_script_dma_interrupt(s, NCR710_DSTAT_ABRT);
+ }
+ break;
+
+ case NCR710_CTEST8_REG: /* CTEST8 */
+ if (val & 0x08) {
+ s->dstat |= NCR710_DSTAT_DFE;
+ }
+ if (val & 0x04) {
+ ncr710_scsi_fifo_init(&s->scsi_fifo);
+ s->dstat |= NCR710_DSTAT_DFE;
+ }
+ break;
+ case NCR710_LCRC_REG: /* LCRC */
+ s->lcrc = val;
+ break;
+
+ CASE_SET_REG24(dbc, NCR710_DBC_REG)
+
+ case NCR710_DCMD_REG: /* DCMD */
+ s->dcmd = val;
+ break;
+
+ CASE_SET_REG32(dnad, NCR710_DNAD_REG)
+ case 0x2c: /* DSP[0:7] */
+ s->dsp &= 0xffffff00;
+ s->dsp |= val;
+ break;
+ case 0x2d: /* DSP[8:15] */
+ s->dsp &= 0xffff00ff;
+ s->dsp |= val << 8;
+ break;
+ case 0x2e: /* DSP[16:23] */
+ s->dsp &= 0xff00ffff;
+ s->dsp |= val << 16;
+ break;
+ case 0x2f: /* DSP[24:31] */
+ s->dsp &= 0x00ffffff;
+ s->dsp |= val << 24;
+ s->waiting = NCR710_WAIT_NONE;
+ s->script_active = 1;
+ s->istat |= NCR710_ISTAT_CON;
+ ncr710_clear_selection_timeout(s);
+ ncr710_execute_script(s);
+ break;
+ CASE_SET_REG32(dsps, NCR710_DSPS_REG)
+ CASE_SET_REG32(scratch, NCR710_SCRATCH_REG)
+ break;
+
+ case NCR710_DMODE_REG: /* DMODE */
+ s->dmode = val;
+ break;
+
+ case NCR710_DIEN_REG: /* DIEN */
+ s->dien = val;
+ NCR710_DPRINTF("DIEN: interrupt enable=0x%02x\n", val);
+ ncr710_update_irq(s);
+ break;
+
+ case NCR710_DWT_REG: /* DWT */
+ s->dwt = val;
+ break;
+
+ case NCR710_DCNTL_REG: /* DCNTL */
+ s->dcntl = val & ~(NCR710_DCNTL_PFF);
+ if (val & NCR710_DCNTL_STD) {
+ s->waiting = NCR710_WAIT_NONE;
+ ncr710_execute_script(s);
+ s->dcntl &= ~NCR710_DCNTL_STD;
+ }
+ break;
+
+ CASE_SET_REG32(adder, NCR710_ADDER_REG)
+ break;
+
+ default:
+ break;
+ }
+
+#undef CASE_SET_REG24
+#undef CASE_SET_REG32
+}
+
+/* Memory region wrapper for NCR710 registers */
+uint64_t ncr710_reg_read(void *opaque, hwaddr addr, unsigned size)
+{
+ NCR710State *s = opaque;
+ uint8_t offset = addr & 0xff;
+ uint8_t val = ncr710_reg_readb(s, offset);
+ trace_ncr710_reg_read(ncr710_reg_name(offset), offset, val);
+ return val;
+}
+
+void ncr710_reg_write(void *opaque, hwaddr addr, uint64_t val, unsigned size)
+{
+ NCR710State *s = opaque;
+ uint8_t offset = addr & 0xff;
+ uint8_t val8 = val & 0xff;
+ trace_ncr710_reg_write(ncr710_reg_name(offset), offset, val8);
+ ncr710_reg_writeb(s, offset, val8);
+}
+
+/* Device reset */
+static void ncr710_device_reset(DeviceState *dev)
+{
+ SysBusNCR710State *sysbus_dev = SYSBUS_NCR710_SCSI(dev);
+ NCR710State *s = &sysbus_dev->ncr710;
+
+ ncr710_soft_reset(s);
+}
+
+static const struct SCSIBusInfo ncr710_scsi_info = {
+ .tcq = true,
+ .max_target = 8,
+ .max_lun = 8, /* Full LUN support */
+
+ .transfer_data = ncr710_transfer_data,
+ .complete = ncr710_command_complete,
+ .cancel = ncr710_request_cancelled,
+};
+
+static const MemoryRegionOps ncr710_mmio_ops = {
+ .read = ncr710_reg_read,
+ .write = ncr710_reg_write,
+ .endianness = DEVICE_LITTLE_ENDIAN,
+ .valid = {
+ .min_access_size = 1,
+ .max_access_size = 4,
+ },
+};
+
+static const VMStateDescription vmstate_ncr710_scsi_fifo = {
+ .name = "ncr710_scsi_fifo",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT8_ARRAY(data, NCR710_SCSI_FIFO, NCR710_SCSI_FIFO_SIZE),
+ VMSTATE_UINT8_ARRAY(parity, NCR710_SCSI_FIFO, NCR710_SCSI_FIFO_SIZE),
+ VMSTATE_INT32(count, NCR710_SCSI_FIFO),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static const VMStateDescription vmstate_ncr710 = {
+ .name = "ncr710",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (VMStateField[]) {
+ VMSTATE_UINT8(scntl0, NCR710State),
+ VMSTATE_UINT8(scntl1, NCR710State),
+ VMSTATE_UINT8(sdid, NCR710State),
+ VMSTATE_UINT8(sien0, NCR710State),
+ VMSTATE_UINT8(scid, NCR710State),
+ VMSTATE_UINT8(sxfer, NCR710State),
+ VMSTATE_UINT8(sodl, NCR710State),
+ VMSTATE_UINT8(socl, NCR710State),
+ VMSTATE_UINT8(sfbr, NCR710State),
+ VMSTATE_UINT8(sidl, NCR710State),
+ VMSTATE_UINT8(sbdl, NCR710State),
+ VMSTATE_UINT8(sbcl, NCR710State),
+ VMSTATE_UINT8(dstat, NCR710State),
+ VMSTATE_UINT8(sstat0, NCR710State),
+ VMSTATE_UINT8(sstat1, NCR710State),
+ VMSTATE_UINT8(sstat2, NCR710State),
+ VMSTATE_UINT8(ctest0, NCR710State),
+ VMSTATE_UINT8(ctest1, NCR710State),
+ VMSTATE_UINT8(ctest2, NCR710State),
+ VMSTATE_UINT8(ctest3, NCR710State),
+ VMSTATE_UINT8(ctest4, NCR710State),
+ VMSTATE_UINT8(ctest5, NCR710State),
+ VMSTATE_UINT8(ctest6, NCR710State),
+ VMSTATE_UINT8(ctest7, NCR710State),
+ VMSTATE_UINT8(ctest8, NCR710State),
+ VMSTATE_UINT32(temp, NCR710State),
+ VMSTATE_UINT8(dfifo, NCR710State),
+ VMSTATE_UINT8(istat, NCR710State),
+ VMSTATE_UINT8(lcrc, NCR710State),
+ VMSTATE_UINT8(dcmd, NCR710State),
+ VMSTATE_UINT8(dmode, NCR710State),
+ VMSTATE_UINT8(dien, NCR710State),
+ VMSTATE_UINT8(dwt, NCR710State),
+ VMSTATE_UINT8(dcntl, NCR710State),
+ VMSTATE_UINT32(dsa, NCR710State),
+ VMSTATE_UINT32(dbc, NCR710State),
+ VMSTATE_UINT32(dnad, NCR710State),
+ VMSTATE_UINT32(dsp, NCR710State),
+ VMSTATE_UINT32(dsps, NCR710State),
+ VMSTATE_UINT32(scratch, NCR710State),
+ VMSTATE_UINT32(adder, NCR710State),
+ VMSTATE_STRUCT(scsi_fifo, NCR710State, 1,
+ vmstate_ncr710_scsi_fifo, NCR710_SCSI_FIFO),
+ VMSTATE_UINT8(status, NCR710State),
+ VMSTATE_UINT8_ARRAY(msg, NCR710State,
+ NCR710_MAX_MSGIN_LEN),
+ VMSTATE_UINT8(msg_len, NCR710State),
+ VMSTATE_UINT8(msg_action, NCR710State),
+ VMSTATE_INT32(carry, NCR710State),
+ VMSTATE_BOOL(script_active, NCR710State),
+ VMSTATE_INT32(waiting, NCR710State),
+ VMSTATE_UINT8(command_complete, NCR710State),
+ VMSTATE_UINT32(select_tag, NCR710State),
+ VMSTATE_UINT8(current_lun, NCR710State),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+static const VMStateDescription vmstate_sysbus_ncr710 = {
+ .name = "sysbus_ncr710",
+ .version_id = 1,
+ .minimum_version_id = 1,
+ .fields = (VMStateField[]) {
+ VMSTATE_STRUCT(ncr710, SysBusNCR710State, 1, vmstate_ncr710,
+ NCR710State),
+ VMSTATE_END_OF_LIST()
+ }
+};
+
+DeviceState *ncr710_device_create_sysbus(hwaddr addr, qemu_irq irq)
+{
+ DeviceState *dev;
+ SysBusDevice *sysbus;
+
+ dev = qdev_new(TYPE_SYSBUS_NCR710_SCSI);
+ sysbus = SYS_BUS_DEVICE(dev);
+
+ qdev_realize_and_unref(dev, NULL, &error_abort);
+ sysbus_mmio_map(sysbus, 0, addr);
+ sysbus_connect_irq(sysbus, 0, irq);
+ return dev;
+}
+
+DeviceState *ncr53c710_init(MemoryRegion *address_space, hwaddr addr,
+ qemu_irq irq)
+{
+ DeviceState *dev;
+ SysBusDevice *sysbus;
+ SysBusNCR710State *s;
+
+ /* trace_ncr710_device_init(addr); */
+
+ dev = qdev_new(TYPE_SYSBUS_NCR710_SCSI);
+ sysbus = SYS_BUS_DEVICE(dev);
+
+ qdev_realize_and_unref(dev, NULL, &error_abort);
+ sysbus_mmio_map(sysbus, 0, addr);
+ sysbus_connect_irq(sysbus, 0, irq);
+
+ s = SYSBUS_NCR710_SCSI(dev);
+ if (!s->ncr710.as) {
+ s->ncr710.as = &address_space_memory;
+ }
+
+ return dev;
+}
+
+static void sysbus_ncr710_realize(DeviceState *dev, Error **errp)
+{
+ SysBusNCR710State *s = SYSBUS_NCR710_SCSI(dev);
+
+ trace_ncr710_device_realize();
+ scsi_bus_init(&s->ncr710.bus, sizeof(s->ncr710.bus), dev,
+ &ncr710_scsi_info);
+ s->ncr710.as = &address_space_memory;
+
+ ncr710_scsi_fifo_init(&s->ncr710.scsi_fifo);
+ s->ncr710.dcntl &= ~NCR710_DCNTL_COM;
+ s->ncr710.scid = 0x80 | NCR710_HOST_ID;
+
+ s->ncr710.reselection_retry_timer =
+ timer_new_ns(QEMU_CLOCK_VIRTUAL,
+ ncr710_reselection_retry_callback,
+ &s->ncr710);
+
+ memset(s->ncr710.msg, 0, sizeof(s->ncr710.msg));
+
+ memory_region_init_io(&s->iomem, OBJECT(s), &ncr710_mmio_ops, &s->ncr710,
+ "ncr710", 0x100);
+ sysbus_init_mmio(SYS_BUS_DEVICE(s), &s->iomem);
+ sysbus_init_irq(SYS_BUS_DEVICE(s), &s->ncr710.irq);
+
+}
+
+static void sysbus_ncr710_init(Object *obj)
+{
+ SysBusNCR710State *s = SYSBUS_NCR710_SCSI(obj);
+ memset(&s->ncr710, 0, sizeof(NCR710State));
+ s->ncr710.ctest0 = 0x01;
+ s->ncr710.scid = 0x80 | NCR710_HOST_ID;
+ s->ncr710.dstat = NCR710_DSTAT_DFE;
+}
+
+static void sysbus_ncr710_class_init(ObjectClass *oc, const void *data)
+{
+ DeviceClass *dc = DEVICE_CLASS(oc);
+
+ dc->realize = sysbus_ncr710_realize;
+ device_class_set_legacy_reset(dc, ncr710_device_reset);
+ dc->bus_type = NULL;
+ set_bit(DEVICE_CATEGORY_STORAGE, dc->categories);
+ dc->desc = "NCR53C710 SCSI I/O Processor (SysBus)";
+ dc->vmsd = &vmstate_sysbus_ncr710;
+}
+
+static const TypeInfo sysbus_ncr710_info = {
+ .name = TYPE_SYSBUS_NCR710_SCSI,
+ .parent = TYPE_SYS_BUS_DEVICE,
+ .instance_size = sizeof(SysBusNCR710State),
+ .instance_init = sysbus_ncr710_init,
+ .class_init = sysbus_ncr710_class_init,
+};
+
+static void ncr710_register_types(void)
+{
+ type_register_static(&sysbus_ncr710_info);
+}
+
+type_init(ncr710_register_types)
diff --git a/hw/scsi/ncr53c710.h b/hw/scsi/ncr53c710.h
new file mode 100644
index 0000000000..380e3959b3
--- /dev/null
+++ b/hw/scsi/ncr53c710.h
@@ -0,0 +1,246 @@
+/*
+ * QEMU NCR710 SCSI Controller
+ *
+ * Copyright (c) 2025 Soumyajyotii Ssarkar <soumyajyotisarkar23@gmail.com>
+ *
+ * NCR710 SCSI Controller implementation
+ * Based on the NCR53C710 Technical Manual Version 3.2, December 2000
+ *
+ * Developed from the hackish implementation of NCR53C710 by Helge Deller
+ * which was interim based on the hackish implementation by Toni Wilen for UAE
+ *
+ * SPDX-License-Identifier: GPL-2.0-or-later
+ */
+
+#ifndef HW_NCR53C710_H
+#define HW_NCR53C710_H
+
+#include "qemu/osdep.h"
+#include "hw/sysbus.h"
+#include "hw/scsi/scsi.h"
+#include "qemu/fifo8.h"
+#include "qom/object.h"
+#include "system/memory.h"
+#include "hw/irq.h"
+#include "qemu/timer.h"
+
+#define TYPE_NCR710_SCSI "ncr710-scsi"
+#define TYPE_SYSBUS_NCR710_SCSI "sysbus-ncr710-scsi"
+
+#define SYSBUS_NCR710_SCSI(obj) \
+ OBJECT_CHECK(SysBusNCR710State, (obj), TYPE_SYSBUS_NCR710_SCSI)
+
+#define ENABLE_DEBUG 0
+#if ENABLE_DEBUG
+#define DBG(x) x
+#define NCR710_DPRINTF(fmt, ...) \
+ fprintf(stderr, "QEMU: " fmt, ## __VA_ARGS__)
+#define BADF(fmt, ...) \
+ fprintf(stderr, "QEMU: error: " fmt, ## __VA_ARGS__)
+#else
+#define DBG(x) do { } while (0)
+#define NCR710_DPRINTF(fmt, ...) do { } while (0)
+#define BADF(fmt, ...) do { } while (0)
+#endif
+
+/* NCR710 - Little Endian register Ordering */
+#define NCR710_SCNTL0_REG 0x00 /* SCSI Control Zero */
+#define NCR710_SCNTL1_REG 0x01 /* SCSI Control One */
+#define NCR710_SDID_REG 0x02 /* SCSI Destination ID */
+#define NCR710_SIEN_REG 0x03 /* SCSI Interrupt Enable */
+#define NCR710_SCID_REG 0x04 /* SCSI Chip ID */
+#define NCR710_SXFER_REG 0x05 /* SCSI Transfer */
+#define NCR710_SODL_REG 0x06 /* SCSI Output Data Latch */
+#define NCR710_SOCL_REG 0x07 /* SCSI Output Control Latch */
+#define NCR710_SFBR_REG 0x08 /* SCSI First Byte Received */
+#define NCR710_SIDL_REG 0x09 /* SCSI Input Data Latch */
+#define NCR710_SBDL_REG 0x0A /* SCSI Bus Data Lines */
+#define NCR710_SBCL_REG 0x0B /* SCSI Bus Control Lines */
+#define NCR710_DSTAT_REG 0x0C /* DMA Status */
+#define NCR710_SSTAT0_REG 0x0D /* SCSI Status Zero */
+#define NCR710_SSTAT1_REG 0x0E /* SCSI Status One */
+#define NCR710_SSTAT2_REG 0x0F /* SCSI Status Two */
+#define NCR710_DSA_REG 0x10 /* Data Structure Address */
+#define NCR710_CTEST0_REG 0x14 /* Chip Test Zero */
+#define NCR710_CTEST1_REG 0x15 /* Chip Test One */
+#define NCR710_CTEST2_REG 0x16 /* Chip Test Two */
+#define NCR710_CTEST3_REG 0x17 /* Chip Test Three */
+#define NCR710_CTEST4_REG 0x18 /* Chip Test Four */
+#define NCR710_CTEST5_REG 0x19 /* Chip Test Five */
+#define NCR710_CTEST6_REG 0x1A /* Chip Test Six */
+#define NCR710_CTEST7_REG 0x1B /* Chip Test Seven */
+#define NCR710_TEMP_REG 0x1C /* Temporary Stack */
+#define NCR710_DFIFO_REG 0x20 /* DMA FIFO */
+#define NCR710_ISTAT_REG 0x21 /* Interrupt Status */
+#define NCR710_CTEST8_REG 0x22 /* Chip Test Eight */
+#define NCR710_LCRC_REG 0x23 /* Longitudinal Parity */
+#define NCR710_DBC_REG 0x24 /* DMA Byte Counter (24-bit, LE) */
+#define NCR710_DCMD_REG 0x27 /* DMA Command */
+#define NCR710_DNAD_REG 0x28 /* DMA Next Data Address (32-bit, LE) */
+#define NCR710_DSP_REG 0x2C /* DMA SCRIPTS Pointer (32-bit, LE) */
+#define NCR710_DSPS_REG 0x30 /* DMA SCRIPTS Pointer Save */
+#define NCR710_SCRATCH_REG 0x34 /* Scratch (32-bit, LE) */
+#define NCR710_DMODE_REG 0x38 /* DMA Mode */
+#define NCR710_DIEN_REG 0x39 /* DMA Interrupt Enable */
+#define NCR710_DWT_REG 0x3A /* DMA Watchdog Timer */
+#define NCR710_DCNTL_REG 0x3B /* DMA Control */
+#define NCR710_ADDER_REG 0x3C /* Adder Sum Output (32-bit, LE) */
+
+#define NCR710_REG_SIZE 0x100
+
+#define NCR710_BUF_SIZE 4096
+#define NCR710_HOST_ID 7
+#define NCR710_MAX_MSGIN_LEN 8
+#define NCR710_SCSI_FIFO_SIZE 8
+
+typedef enum {
+ NCR710_WAIT_NONE = 0,
+ NCR710_WAIT_RESELECT = 1,
+ NCR710_WAIT_DMA = 2,
+ NCR710_WAIT_RESERVED = 3
+} NCR710WaitState;
+
+typedef enum {
+ NCR710_CMD_PENDING = 0,
+ NCR710_CMD_DATA_READY = 1,
+ NCR710_CMD_COMPLETE = 2
+} NCR710CommandState;
+
+typedef enum {
+ NCR710_MSG_ACTION_NONE = 0,
+ NCR710_MSG_ACTION_DISCONNECT = 1,
+ NCR710_MSG_ACTION_DATA_OUT = 2,
+ NCR710_MSG_ACTION_DATA_IN = 3
+} NCR710MessageAction;
+
+typedef struct NCR710State NCR710State;
+typedef struct NCR710Request NCR710Request;
+
+/*
+ * SCSI FIFO structure - 8 transfers deep, 1 byte per transfer
+ * (9-bit wide with parity)
+ */
+typedef struct {
+ uint8_t data[NCR710_SCSI_FIFO_SIZE];
+ uint8_t parity[NCR710_SCSI_FIFO_SIZE];
+ int head;
+ int count;
+} NCR710_SCSI_FIFO;
+
+struct NCR710Request {
+ SCSIRequest *req;
+ uint32_t tag;
+ uint32_t dma_len;
+ uint32_t pending;
+ uint8_t status;
+ bool active;
+ uint8_t *dma_buf;
+ bool out;
+ uint32_t resume_offset;
+ uint32_t saved_dnad;
+};
+
+struct NCR710State {
+ SysBusDevice parent_obj;
+ MemoryRegion mmio;
+ qemu_irq irq;
+
+ SCSIBus bus;
+ AddressSpace *as;
+
+ /* Registers */
+ uint8_t scntl0;
+ uint8_t scntl1;
+ uint8_t sdid;
+ uint8_t sien0;
+ uint8_t scid;
+ uint8_t sxfer;
+ uint8_t sodl;
+ uint8_t socl;
+ uint8_t sfbr;
+ uint8_t sidl;
+ uint8_t sbdl;
+ uint8_t sbcl;
+ uint8_t dstat;
+ uint8_t sstat0;
+ uint8_t sstat1;
+ uint8_t sstat2;
+ uint32_t dsa;
+ uint8_t ctest0;
+ uint8_t ctest1;
+ uint8_t ctest2;
+ uint8_t ctest3;
+ uint8_t ctest4;
+ uint8_t ctest5;
+ uint8_t ctest6;
+ uint8_t ctest7;
+ uint8_t ctest8;
+ uint32_t temp;
+ uint8_t dfifo;
+ uint8_t istat;
+ uint8_t lcrc;
+ uint32_t dbc;
+ uint8_t dcmd;
+ uint32_t dnad;
+ uint32_t dsp;
+ uint32_t dsps;
+ uint32_t scratch;
+ uint8_t dmode;
+ uint8_t dien;
+ uint8_t dwt;
+ uint8_t dcntl;
+ uint32_t adder;
+
+ NCR710_SCSI_FIFO scsi_fifo;
+
+ NCR710Request *current;
+ uint8_t status;
+ uint8_t msg[NCR710_MAX_MSGIN_LEN];
+ uint8_t msg_len;
+ uint8_t msg_action; /* NCR710MessageAction values */
+ int carry;
+ bool script_active;
+ int32_t waiting; /* NCR710WaitState values */
+ uint8_t command_complete; /* NCR710CommandState values */
+
+ QEMUTimer *reselection_retry_timer;
+ uint32_t saved_dsps;
+
+ uint32_t select_tag;
+ uint8_t current_lun;
+ uint8_t reselection_id;
+ bool wait_reselect;
+};
+
+typedef struct SysBusNCR710State {
+ SysBusDevice parent_obj;
+ MemoryRegion mmio;
+ MemoryRegion iomem;
+ qemu_irq irq;
+ NCR710State ncr710;
+} SysBusNCR710State;
+
+static inline NCR710State *ncr710_from_scsi_bus(SCSIBus *bus)
+{
+ return container_of(bus, NCR710State, bus);
+}
+
+static inline SysBusNCR710State *sysbus_from_ncr710(NCR710State *s)
+{
+ return container_of(s, SysBusNCR710State, ncr710);
+}
+
+DeviceState *ncr53c710_init(MemoryRegion *address_space, hwaddr addr,
+ qemu_irq irq);
+DeviceState *ncr710_device_create_sysbus(hwaddr addr, qemu_irq irq);
+void ncr710_reg_write(void *opaque, hwaddr addr, uint64_t val, unsigned size);
+uint64_t ncr710_reg_read(void *opaque, hwaddr addr, unsigned size);
+void ncr710_soft_reset(NCR710State *s);
+void ncr710_request_cancelled(SCSIRequest *req);
+void ncr710_command_complete(SCSIRequest *req, size_t resid);
+void ncr710_transfer_data(SCSIRequest *req, uint32_t len);
+void ncr710_execute_script(NCR710State *s);
+void ncr710_set_phase(NCR710State *s, int phase);
+void ncr710_reselection_retry_callback(void *opaque);
+
+#endif /* HW_NCR53C710_H */
diff --git a/hw/scsi/trace-events b/hw/scsi/trace-events
index 0604050a67..3e81f44dad 100644
--- a/hw/scsi/trace-events
+++ b/hw/scsi/trace-events
@@ -306,6 +306,18 @@ lsi_reg_write(const char *name, int offset, uint8_t val) "Write reg %s 0x%x = 0x
lsi_scripts_timer_triggered(void) "SCRIPTS timer triggered"
lsi_scripts_timer_start(void) "SCRIPTS timer started"
+# ncr53c710.c
+ncr710_reset(void) "Reset"
+ncr710_reg_read(const char *name, int offset, uint8_t ret) "Read %s [0x%02x] = 0x%02x"
+ncr710_reg_write(const char *name, int offset, uint8_t val) "Write %s [0x%02x] = 0x%02x"
+ncr710_script_scsi_interrupt(uint8_t stat0, uint8_t sstat0) "SCSI interrupt stat=0x%02x sstat=0x%02x"
+ncr710_script_dma_interrupt(uint8_t stat, uint8_t dstat) "DMA interrupt stat=0x%02x dstat=0x%02x"
+ncr710_command_complete(uint32_t tag, uint8_t status) "tag=0x%x status=0x%02x"
+ncr710_disconnect(uint8_t waiting) "waiting=%d"
+ncr710_bad_selection(uint32_t target) "target=%d"
+ncr710_parity_sense_changed(const char *parity) "Parity sense changed to %s"
+ncr710_device_realize(void) "Device realized"
+
# lasi_ncr710.c
lasi_ncr710_device_realize(void) "Device realized"
lasi_ncr710_device_reset(void) "Device reset"
--
2.51.0
next prev parent reply other threads:[~2025-10-27 21:18 UTC|newest]
Thread overview: 13+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-10-27 21:15 [PULL 00/11] Devel scsi ncr710 patches deller
2025-10-27 21:15 ` [PULL 01/11] target/hppa: Update SeaBIOS-hppa to version 19 deller
2025-10-27 21:15 ` [PULL 02/11] lasi_ncr710: Add LASI wrapper for NCR 53c710 SCSI chip deller
2025-10-27 21:15 ` deller [this message]
2025-10-27 21:15 ` [PULL 04/11] lasi: Forward LASI SCSI ports to NCR 53c710 driver deller
2025-10-27 21:15 ` [PULL 05/11] hw/scsi: Add config option for new ncr710 driver deller
2025-10-27 21:15 ` [PULL 06/11] hw/hppa: Fix firmware end address for LASI chip deller
2025-10-27 21:15 ` [PULL 07/11] hw/hppa: Fix interrupt of LASI parallel port deller
2025-10-27 21:16 ` [PULL 08/11] hw/hppa: Add NCR 710 SCSI driver to LASI chip Kconfig entry deller
2025-10-27 21:16 ` [PULL 09/11] hw/hppa: PCI devices depend on availability of PCI bus deller
2025-10-27 21:16 ` [PULL 10/11] hw/hppa: Require SeaBIOS version 19 for 715 machine deller
2025-10-27 21:16 ` [PULL 11/11] hw/hppa: Add 715 machine type including NCR710 SCSI deller
2025-10-28 12:12 ` [PULL 00/11] Devel scsi ncr710 patches Richard Henderson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20251027211603.7141-4-deller@kernel.org \
--to=deller@kernel.org \
--cc=deller@gmx.de \
--cc=fam@euphon.net \
--cc=pbonzini@redhat.com \
--cc=peter.maydell@linaro.org \
--cc=philmd@linaro.org \
--cc=qemu-devel@nongnu.org \
--cc=richard.henderson@linaro.org \
--cc=soumyajyotisarkar23@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.