1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 #include "qemu/osdep.h" 26 #include "hw/hw.h" 27 #include "hw/i386/pc.h" 28 #include "hw/pci/pci.h" 29 #include "hw/isa/isa.h" 30 #include "qemu/error-report.h" 31 #include "qemu/timer.h" 32 #include "sysemu/sysemu.h" 33 #include "sysemu/dma.h" 34 #include "hw/block/block.h" 35 #include "sysemu/block-backend.h" 36 #include "qemu/cutils.h" 37 38 #include "hw/ide/internal.h" 39 40 /* These values were based on a Seagate ST3500418AS but have been modified 41 to make more sense in QEMU */ 42 static const int smart_attributes[][12] = { 43 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */ 44 /* raw read error rate*/ 45 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06}, 46 /* spin up */ 47 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 48 /* start stop count */ 49 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14}, 50 /* remapped sectors */ 51 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24}, 52 /* power on hours */ 53 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 54 /* power cycle count */ 55 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 56 /* airflow-temperature-celsius */ 57 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32}, 58 }; 59 60 static void ide_dummy_transfer_stop(IDEState *s); 61 62 static void padstr(char *str, const char *src, int len) 63 { 64 int i, v; 65 for(i = 0; i < len; i++) { 66 if (*src) 67 v = *src++; 68 else 69 v = ' '; 70 str[i^1] = v; 71 } 72 } 73 74 static void put_le16(uint16_t *p, unsigned int v) 75 { 76 *p = cpu_to_le16(v); 77 } 78 79 static void ide_identify_size(IDEState *s) 80 { 81 uint16_t *p = (uint16_t *)s->identify_data; 82 put_le16(p + 60, s->nb_sectors); 83 put_le16(p + 61, s->nb_sectors >> 16); 84 put_le16(p + 100, s->nb_sectors); 85 put_le16(p + 101, s->nb_sectors >> 16); 86 put_le16(p + 102, s->nb_sectors >> 32); 87 put_le16(p + 103, s->nb_sectors >> 48); 88 } 89 90 static void ide_identify(IDEState *s) 91 { 92 uint16_t *p; 93 unsigned int oldsize; 94 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; 95 96 p = (uint16_t *)s->identify_data; 97 if (s->identify_set) { 98 goto fill_buffer; 99 } 100 memset(p, 0, sizeof(s->identify_data)); 101 102 put_le16(p + 0, 0x0040); 103 put_le16(p + 1, s->cylinders); 104 put_le16(p + 3, s->heads); 105 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 106 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 107 put_le16(p + 6, s->sectors); 108 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 109 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 110 put_le16(p + 21, 512); /* cache size in sectors */ 111 put_le16(p + 22, 4); /* ecc bytes */ 112 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 113 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 114 #if MAX_MULT_SECTORS > 1 115 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 116 #endif 117 put_le16(p + 48, 1); /* dword I/O */ 118 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 119 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 120 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 121 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 122 put_le16(p + 54, s->cylinders); 123 put_le16(p + 55, s->heads); 124 put_le16(p + 56, s->sectors); 125 oldsize = s->cylinders * s->heads * s->sectors; 126 put_le16(p + 57, oldsize); 127 put_le16(p + 58, oldsize >> 16); 128 if (s->mult_sectors) 129 put_le16(p + 59, 0x100 | s->mult_sectors); 130 /* *(p + 60) := nb_sectors -- see ide_identify_size */ 131 /* *(p + 61) := nb_sectors >> 16 -- see ide_identify_size */ 132 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 133 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 134 put_le16(p + 64, 0x03); /* pio3-4 supported */ 135 put_le16(p + 65, 120); 136 put_le16(p + 66, 120); 137 put_le16(p + 67, 120); 138 put_le16(p + 68, 120); 139 if (dev && dev->conf.discard_granularity) { 140 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ 141 } 142 143 if (s->ncq_queues) { 144 put_le16(p + 75, s->ncq_queues - 1); 145 /* NCQ supported */ 146 put_le16(p + 76, (1 << 8)); 147 } 148 149 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 150 put_le16(p + 81, 0x16); /* conforms to ata5 */ 151 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */ 152 put_le16(p + 82, (1 << 14) | (1 << 5) | 1); 153 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 154 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 155 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 156 if (s->wwn) { 157 put_le16(p + 84, (1 << 14) | (1 << 8) | 0); 158 } else { 159 put_le16(p + 84, (1 << 14) | 0); 160 } 161 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 162 if (blk_enable_write_cache(s->blk)) { 163 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 164 } else { 165 put_le16(p + 85, (1 << 14) | 1); 166 } 167 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 168 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10)); 169 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 170 if (s->wwn) { 171 put_le16(p + 87, (1 << 14) | (1 << 8) | 0); 172 } else { 173 put_le16(p + 87, (1 << 14) | 0); 174 } 175 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 176 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 177 /* *(p + 100) := nb_sectors -- see ide_identify_size */ 178 /* *(p + 101) := nb_sectors >> 16 -- see ide_identify_size */ 179 /* *(p + 102) := nb_sectors >> 32 -- see ide_identify_size */ 180 /* *(p + 103) := nb_sectors >> 48 -- see ide_identify_size */ 181 182 if (dev && dev->conf.physical_block_size) 183 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 184 if (s->wwn) { 185 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 186 put_le16(p + 108, s->wwn >> 48); 187 put_le16(p + 109, s->wwn >> 32); 188 put_le16(p + 110, s->wwn >> 16); 189 put_le16(p + 111, s->wwn); 190 } 191 if (dev && dev->conf.discard_granularity) { 192 put_le16(p + 169, 1); /* TRIM support */ 193 } 194 195 ide_identify_size(s); 196 s->identify_set = 1; 197 198 fill_buffer: 199 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 200 } 201 202 static void ide_atapi_identify(IDEState *s) 203 { 204 uint16_t *p; 205 206 p = (uint16_t *)s->identify_data; 207 if (s->identify_set) { 208 goto fill_buffer; 209 } 210 memset(p, 0, sizeof(s->identify_data)); 211 212 /* Removable CDROM, 50us response, 12 byte packets */ 213 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 214 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 215 put_le16(p + 20, 3); /* buffer type */ 216 put_le16(p + 21, 512); /* cache size in sectors */ 217 put_le16(p + 22, 4); /* ecc bytes */ 218 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 219 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 220 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 221 #ifdef USE_DMA_CDROM 222 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 223 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 224 put_le16(p + 62, 7); /* single word dma0-2 supported */ 225 put_le16(p + 63, 7); /* mdma0-2 supported */ 226 #else 227 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 228 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 229 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 230 #endif 231 put_le16(p + 64, 3); /* pio3-4 supported */ 232 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 233 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 234 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 235 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 236 237 put_le16(p + 71, 30); /* in ns */ 238 put_le16(p + 72, 30); /* in ns */ 239 240 if (s->ncq_queues) { 241 put_le16(p + 75, s->ncq_queues - 1); 242 /* NCQ supported */ 243 put_le16(p + 76, (1 << 8)); 244 } 245 246 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 247 if (s->wwn) { 248 put_le16(p + 84, (1 << 8)); /* supports WWN for words 108-111 */ 249 put_le16(p + 87, (1 << 8)); /* WWN enabled */ 250 } 251 252 #ifdef USE_DMA_CDROM 253 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 254 #endif 255 256 if (s->wwn) { 257 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 258 put_le16(p + 108, s->wwn >> 48); 259 put_le16(p + 109, s->wwn >> 32); 260 put_le16(p + 110, s->wwn >> 16); 261 put_le16(p + 111, s->wwn); 262 } 263 264 s->identify_set = 1; 265 266 fill_buffer: 267 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 268 } 269 270 static void ide_cfata_identify_size(IDEState *s) 271 { 272 uint16_t *p = (uint16_t *)s->identify_data; 273 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 274 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 275 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 276 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 277 } 278 279 static void ide_cfata_identify(IDEState *s) 280 { 281 uint16_t *p; 282 uint32_t cur_sec; 283 284 p = (uint16_t *)s->identify_data; 285 if (s->identify_set) { 286 goto fill_buffer; 287 } 288 memset(p, 0, sizeof(s->identify_data)); 289 290 cur_sec = s->cylinders * s->heads * s->sectors; 291 292 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 293 put_le16(p + 1, s->cylinders); /* Default cylinders */ 294 put_le16(p + 3, s->heads); /* Default heads */ 295 put_le16(p + 6, s->sectors); /* Default sectors per track */ 296 /* *(p + 7) := nb_sectors >> 16 -- see ide_cfata_identify_size */ 297 /* *(p + 8) := nb_sectors -- see ide_cfata_identify_size */ 298 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 299 put_le16(p + 22, 0x0004); /* ECC bytes */ 300 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 301 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */ 302 #if MAX_MULT_SECTORS > 1 303 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 304 #else 305 put_le16(p + 47, 0x0000); 306 #endif 307 put_le16(p + 49, 0x0f00); /* Capabilities */ 308 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 309 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 310 put_le16(p + 53, 0x0003); /* Translation params valid */ 311 put_le16(p + 54, s->cylinders); /* Current cylinders */ 312 put_le16(p + 55, s->heads); /* Current heads */ 313 put_le16(p + 56, s->sectors); /* Current sectors */ 314 put_le16(p + 57, cur_sec); /* Current capacity */ 315 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 316 if (s->mult_sectors) /* Multiple sector setting */ 317 put_le16(p + 59, 0x100 | s->mult_sectors); 318 /* *(p + 60) := nb_sectors -- see ide_cfata_identify_size */ 319 /* *(p + 61) := nb_sectors >> 16 -- see ide_cfata_identify_size */ 320 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 321 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 322 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 323 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 324 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 325 put_le16(p + 82, 0x400c); /* Command Set supported */ 326 put_le16(p + 83, 0x7068); /* Command Set supported */ 327 put_le16(p + 84, 0x4000); /* Features supported */ 328 put_le16(p + 85, 0x000c); /* Command Set enabled */ 329 put_le16(p + 86, 0x7044); /* Command Set enabled */ 330 put_le16(p + 87, 0x4000); /* Features enabled */ 331 put_le16(p + 91, 0x4060); /* Current APM level */ 332 put_le16(p + 129, 0x0002); /* Current features option */ 333 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 334 put_le16(p + 131, 0x0001); /* Initial power mode */ 335 put_le16(p + 132, 0x0000); /* User signature */ 336 put_le16(p + 160, 0x8100); /* Power requirement */ 337 put_le16(p + 161, 0x8001); /* CF command set */ 338 339 ide_cfata_identify_size(s); 340 s->identify_set = 1; 341 342 fill_buffer: 343 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 344 } 345 346 static void ide_set_signature(IDEState *s) 347 { 348 s->select &= 0xf0; /* clear head */ 349 /* put signature */ 350 s->nsector = 1; 351 s->sector = 1; 352 if (s->drive_kind == IDE_CD) { 353 s->lcyl = 0x14; 354 s->hcyl = 0xeb; 355 } else if (s->blk) { 356 s->lcyl = 0; 357 s->hcyl = 0; 358 } else { 359 s->lcyl = 0xff; 360 s->hcyl = 0xff; 361 } 362 } 363 364 typedef struct TrimAIOCB { 365 BlockAIOCB common; 366 BlockBackend *blk; 367 QEMUBH *bh; 368 int ret; 369 QEMUIOVector *qiov; 370 BlockAIOCB *aiocb; 371 int i, j; 372 } TrimAIOCB; 373 374 static void trim_aio_cancel(BlockAIOCB *acb) 375 { 376 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); 377 378 /* Exit the loop so ide_issue_trim_cb will not continue */ 379 iocb->j = iocb->qiov->niov - 1; 380 iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1; 381 382 iocb->ret = -ECANCELED; 383 384 if (iocb->aiocb) { 385 blk_aio_cancel_async(iocb->aiocb); 386 iocb->aiocb = NULL; 387 } 388 } 389 390 static const AIOCBInfo trim_aiocb_info = { 391 .aiocb_size = sizeof(TrimAIOCB), 392 .cancel_async = trim_aio_cancel, 393 }; 394 395 static void ide_trim_bh_cb(void *opaque) 396 { 397 TrimAIOCB *iocb = opaque; 398 399 iocb->common.cb(iocb->common.opaque, iocb->ret); 400 401 qemu_bh_delete(iocb->bh); 402 iocb->bh = NULL; 403 qemu_aio_unref(iocb); 404 } 405 406 static void ide_issue_trim_cb(void *opaque, int ret) 407 { 408 TrimAIOCB *iocb = opaque; 409 if (ret >= 0) { 410 while (iocb->j < iocb->qiov->niov) { 411 int j = iocb->j; 412 while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) { 413 int i = iocb->i; 414 uint64_t *buffer = iocb->qiov->iov[j].iov_base; 415 416 /* 6-byte LBA + 2-byte range per entry */ 417 uint64_t entry = le64_to_cpu(buffer[i]); 418 uint64_t sector = entry & 0x0000ffffffffffffULL; 419 uint16_t count = entry >> 48; 420 421 if (count == 0) { 422 continue; 423 } 424 425 /* Got an entry! Submit and exit. */ 426 iocb->aiocb = blk_aio_discard(iocb->blk, sector, count, 427 ide_issue_trim_cb, opaque); 428 return; 429 } 430 431 iocb->j++; 432 iocb->i = -1; 433 } 434 } else { 435 iocb->ret = ret; 436 } 437 438 iocb->aiocb = NULL; 439 if (iocb->bh) { 440 qemu_bh_schedule(iocb->bh); 441 } 442 } 443 444 BlockAIOCB *ide_issue_trim( 445 int64_t offset, QEMUIOVector *qiov, 446 BlockCompletionFunc *cb, void *cb_opaque, void *opaque) 447 { 448 BlockBackend *blk = opaque; 449 TrimAIOCB *iocb; 450 451 iocb = blk_aio_get(&trim_aiocb_info, blk, cb, cb_opaque); 452 iocb->blk = blk; 453 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); 454 iocb->ret = 0; 455 iocb->qiov = qiov; 456 iocb->i = -1; 457 iocb->j = 0; 458 ide_issue_trim_cb(iocb, 0); 459 return &iocb->common; 460 } 461 462 void ide_abort_command(IDEState *s) 463 { 464 ide_transfer_stop(s); 465 s->status = READY_STAT | ERR_STAT; 466 s->error = ABRT_ERR; 467 } 468 469 /* prepare data transfer and tell what to do after */ 470 void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 471 EndTransferFunc *end_transfer_func) 472 { 473 s->end_transfer_func = end_transfer_func; 474 s->data_ptr = buf; 475 s->data_end = buf + size; 476 if (!(s->status & ERR_STAT)) { 477 s->status |= DRQ_STAT; 478 } 479 if (s->bus->dma->ops->start_transfer) { 480 s->bus->dma->ops->start_transfer(s->bus->dma); 481 } 482 } 483 484 static void ide_cmd_done(IDEState *s) 485 { 486 if (s->bus->dma->ops->cmd_done) { 487 s->bus->dma->ops->cmd_done(s->bus->dma); 488 } 489 } 490 491 static void ide_transfer_halt(IDEState *s, 492 void(*end_transfer_func)(IDEState *), 493 bool notify) 494 { 495 s->end_transfer_func = end_transfer_func; 496 s->data_ptr = s->io_buffer; 497 s->data_end = s->io_buffer; 498 s->status &= ~DRQ_STAT; 499 if (notify) { 500 ide_cmd_done(s); 501 } 502 } 503 504 void ide_transfer_stop(IDEState *s) 505 { 506 ide_transfer_halt(s, ide_transfer_stop, true); 507 } 508 509 static void ide_transfer_cancel(IDEState *s) 510 { 511 ide_transfer_halt(s, ide_transfer_cancel, false); 512 } 513 514 int64_t ide_get_sector(IDEState *s) 515 { 516 int64_t sector_num; 517 if (s->select & 0x40) { 518 /* lba */ 519 if (!s->lba48) { 520 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 521 (s->lcyl << 8) | s->sector; 522 } else { 523 sector_num = ((int64_t)s->hob_hcyl << 40) | 524 ((int64_t) s->hob_lcyl << 32) | 525 ((int64_t) s->hob_sector << 24) | 526 ((int64_t) s->hcyl << 16) | 527 ((int64_t) s->lcyl << 8) | s->sector; 528 } 529 } else { 530 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 531 (s->select & 0x0f) * s->sectors + (s->sector - 1); 532 } 533 return sector_num; 534 } 535 536 void ide_set_sector(IDEState *s, int64_t sector_num) 537 { 538 unsigned int cyl, r; 539 if (s->select & 0x40) { 540 if (!s->lba48) { 541 s->select = (s->select & 0xf0) | (sector_num >> 24); 542 s->hcyl = (sector_num >> 16); 543 s->lcyl = (sector_num >> 8); 544 s->sector = (sector_num); 545 } else { 546 s->sector = sector_num; 547 s->lcyl = sector_num >> 8; 548 s->hcyl = sector_num >> 16; 549 s->hob_sector = sector_num >> 24; 550 s->hob_lcyl = sector_num >> 32; 551 s->hob_hcyl = sector_num >> 40; 552 } 553 } else { 554 cyl = sector_num / (s->heads * s->sectors); 555 r = sector_num % (s->heads * s->sectors); 556 s->hcyl = cyl >> 8; 557 s->lcyl = cyl; 558 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 559 s->sector = (r % s->sectors) + 1; 560 } 561 } 562 563 static void ide_rw_error(IDEState *s) { 564 ide_abort_command(s); 565 ide_set_irq(s->bus); 566 } 567 568 static bool ide_sect_range_ok(IDEState *s, 569 uint64_t sector, uint64_t nb_sectors) 570 { 571 uint64_t total_sectors; 572 573 blk_get_geometry(s->blk, &total_sectors); 574 if (sector > total_sectors || nb_sectors > total_sectors - sector) { 575 return false; 576 } 577 return true; 578 } 579 580 static void ide_buffered_readv_cb(void *opaque, int ret) 581 { 582 IDEBufferedRequest *req = opaque; 583 if (!req->orphaned) { 584 if (!ret) { 585 qemu_iovec_from_buf(req->original_qiov, 0, req->iov.iov_base, 586 req->original_qiov->size); 587 } 588 req->original_cb(req->original_opaque, ret); 589 } 590 QLIST_REMOVE(req, list); 591 qemu_vfree(req->iov.iov_base); 592 g_free(req); 593 } 594 595 #define MAX_BUFFERED_REQS 16 596 597 BlockAIOCB *ide_buffered_readv(IDEState *s, int64_t sector_num, 598 QEMUIOVector *iov, int nb_sectors, 599 BlockCompletionFunc *cb, void *opaque) 600 { 601 BlockAIOCB *aioreq; 602 IDEBufferedRequest *req; 603 int c = 0; 604 605 QLIST_FOREACH(req, &s->buffered_requests, list) { 606 c++; 607 } 608 if (c > MAX_BUFFERED_REQS) { 609 return blk_abort_aio_request(s->blk, cb, opaque, -EIO); 610 } 611 612 req = g_new0(IDEBufferedRequest, 1); 613 req->original_qiov = iov; 614 req->original_cb = cb; 615 req->original_opaque = opaque; 616 req->iov.iov_base = qemu_blockalign(blk_bs(s->blk), iov->size); 617 req->iov.iov_len = iov->size; 618 qemu_iovec_init_external(&req->qiov, &req->iov, 1); 619 620 aioreq = blk_aio_preadv(s->blk, sector_num << BDRV_SECTOR_BITS, 621 &req->qiov, 0, ide_buffered_readv_cb, req); 622 623 QLIST_INSERT_HEAD(&s->buffered_requests, req, list); 624 return aioreq; 625 } 626 627 /** 628 * Cancel all pending DMA requests. 629 * Any buffered DMA requests are instantly canceled, 630 * but any pending unbuffered DMA requests must be waited on. 631 */ 632 void ide_cancel_dma_sync(IDEState *s) 633 { 634 IDEBufferedRequest *req; 635 636 /* First invoke the callbacks of all buffered requests 637 * and flag those requests as orphaned. Ideally there 638 * are no unbuffered (Scatter Gather DMA Requests or 639 * write requests) pending and we can avoid to drain. */ 640 QLIST_FOREACH(req, &s->buffered_requests, list) { 641 if (!req->orphaned) { 642 #ifdef DEBUG_IDE 643 printf("%s: invoking cb %p of buffered request %p with" 644 " -ECANCELED\n", __func__, req->original_cb, req); 645 #endif 646 req->original_cb(req->original_opaque, -ECANCELED); 647 } 648 req->orphaned = true; 649 } 650 651 /* 652 * We can't cancel Scatter Gather DMA in the middle of the 653 * operation or a partial (not full) DMA transfer would reach 654 * the storage so we wait for completion instead (we beahve 655 * like if the DMA was completed by the time the guest trying 656 * to cancel dma with bmdma_cmd_writeb with BM_CMD_START not 657 * set). 658 * 659 * In the future we'll be able to safely cancel the I/O if the 660 * whole DMA operation will be submitted to disk with a single 661 * aio operation with preadv/pwritev. 662 */ 663 if (s->bus->dma->aiocb) { 664 #ifdef DEBUG_IDE 665 printf("%s: draining all remaining requests", __func__); 666 #endif 667 blk_drain(s->blk); 668 assert(s->bus->dma->aiocb == NULL); 669 } 670 } 671 672 static void ide_sector_read(IDEState *s); 673 674 static void ide_sector_read_cb(void *opaque, int ret) 675 { 676 IDEState *s = opaque; 677 int n; 678 679 s->pio_aiocb = NULL; 680 s->status &= ~BUSY_STAT; 681 682 if (ret == -ECANCELED) { 683 return; 684 } 685 if (ret != 0) { 686 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO | 687 IDE_RETRY_READ)) { 688 return; 689 } 690 } 691 692 block_acct_done(blk_get_stats(s->blk), &s->acct); 693 694 n = s->nsector; 695 if (n > s->req_nb_sectors) { 696 n = s->req_nb_sectors; 697 } 698 699 ide_set_sector(s, ide_get_sector(s) + n); 700 s->nsector -= n; 701 /* Allow the guest to read the io_buffer */ 702 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read); 703 ide_set_irq(s->bus); 704 } 705 706 static void ide_sector_read(IDEState *s) 707 { 708 int64_t sector_num; 709 int n; 710 711 s->status = READY_STAT | SEEK_STAT; 712 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 713 sector_num = ide_get_sector(s); 714 n = s->nsector; 715 716 if (n == 0) { 717 ide_transfer_stop(s); 718 return; 719 } 720 721 s->status |= BUSY_STAT; 722 723 if (n > s->req_nb_sectors) { 724 n = s->req_nb_sectors; 725 } 726 727 #if defined(DEBUG_IDE) 728 printf("sector=%" PRId64 "\n", sector_num); 729 #endif 730 731 if (!ide_sect_range_ok(s, sector_num, n)) { 732 ide_rw_error(s); 733 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_READ); 734 return; 735 } 736 737 s->iov.iov_base = s->io_buffer; 738 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 739 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 740 741 block_acct_start(blk_get_stats(s->blk), &s->acct, 742 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ); 743 s->pio_aiocb = ide_buffered_readv(s, sector_num, &s->qiov, n, 744 ide_sector_read_cb, s); 745 } 746 747 void dma_buf_commit(IDEState *s, uint32_t tx_bytes) 748 { 749 if (s->bus->dma->ops->commit_buf) { 750 s->bus->dma->ops->commit_buf(s->bus->dma, tx_bytes); 751 } 752 s->io_buffer_offset += tx_bytes; 753 qemu_sglist_destroy(&s->sg); 754 } 755 756 void ide_set_inactive(IDEState *s, bool more) 757 { 758 s->bus->dma->aiocb = NULL; 759 s->bus->retry_unit = -1; 760 s->bus->retry_sector_num = 0; 761 s->bus->retry_nsector = 0; 762 if (s->bus->dma->ops->set_inactive) { 763 s->bus->dma->ops->set_inactive(s->bus->dma, more); 764 } 765 ide_cmd_done(s); 766 } 767 768 void ide_dma_error(IDEState *s) 769 { 770 dma_buf_commit(s, 0); 771 ide_abort_command(s); 772 ide_set_inactive(s, false); 773 ide_set_irq(s->bus); 774 } 775 776 int ide_handle_rw_error(IDEState *s, int error, int op) 777 { 778 bool is_read = (op & IDE_RETRY_READ) != 0; 779 BlockErrorAction action = blk_get_error_action(s->blk, is_read, error); 780 781 if (action == BLOCK_ERROR_ACTION_STOP) { 782 assert(s->bus->retry_unit == s->unit); 783 s->bus->error_status = op; 784 } else if (action == BLOCK_ERROR_ACTION_REPORT) { 785 block_acct_failed(blk_get_stats(s->blk), &s->acct); 786 if (IS_IDE_RETRY_DMA(op)) { 787 ide_dma_error(s); 788 } else if (IS_IDE_RETRY_ATAPI(op)) { 789 ide_atapi_io_error(s, -error); 790 } else { 791 ide_rw_error(s); 792 } 793 } 794 blk_error_action(s->blk, action, is_read, error); 795 return action != BLOCK_ERROR_ACTION_IGNORE; 796 } 797 798 static void ide_dma_cb(void *opaque, int ret) 799 { 800 IDEState *s = opaque; 801 int n; 802 int64_t sector_num; 803 uint64_t offset; 804 bool stay_active = false; 805 806 if (ret == -ECANCELED) { 807 return; 808 } 809 if (ret < 0) { 810 if (ide_handle_rw_error(s, -ret, ide_dma_cmd_to_retry(s->dma_cmd))) { 811 return; 812 } 813 } 814 815 n = s->io_buffer_size >> 9; 816 if (n > s->nsector) { 817 /* The PRDs were longer than needed for this request. Shorten them so 818 * we don't get a negative remainder. The Active bit must remain set 819 * after the request completes. */ 820 n = s->nsector; 821 stay_active = true; 822 } 823 824 sector_num = ide_get_sector(s); 825 if (n > 0) { 826 assert(n * 512 == s->sg.size); 827 dma_buf_commit(s, s->sg.size); 828 sector_num += n; 829 ide_set_sector(s, sector_num); 830 s->nsector -= n; 831 } 832 833 /* end of transfer ? */ 834 if (s->nsector == 0) { 835 s->status = READY_STAT | SEEK_STAT; 836 ide_set_irq(s->bus); 837 goto eot; 838 } 839 840 /* launch next transfer */ 841 n = s->nsector; 842 s->io_buffer_index = 0; 843 s->io_buffer_size = n * 512; 844 if (s->bus->dma->ops->prepare_buf(s->bus->dma, s->io_buffer_size) < 512) { 845 /* The PRDs were too short. Reset the Active bit, but don't raise an 846 * interrupt. */ 847 s->status = READY_STAT | SEEK_STAT; 848 dma_buf_commit(s, 0); 849 goto eot; 850 } 851 852 #ifdef DEBUG_AIO 853 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n", 854 sector_num, n, s->dma_cmd); 855 #endif 856 857 if ((s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) && 858 !ide_sect_range_ok(s, sector_num, n)) { 859 ide_dma_error(s); 860 block_acct_invalid(blk_get_stats(s->blk), s->acct.type); 861 return; 862 } 863 864 offset = sector_num << BDRV_SECTOR_BITS; 865 switch (s->dma_cmd) { 866 case IDE_DMA_READ: 867 s->bus->dma->aiocb = dma_blk_read(s->blk, &s->sg, offset, 868 ide_dma_cb, s); 869 break; 870 case IDE_DMA_WRITE: 871 s->bus->dma->aiocb = dma_blk_write(s->blk, &s->sg, offset, 872 ide_dma_cb, s); 873 break; 874 case IDE_DMA_TRIM: 875 s->bus->dma->aiocb = dma_blk_io(blk_get_aio_context(s->blk), 876 &s->sg, offset, 877 ide_issue_trim, s->blk, ide_dma_cb, s, 878 DMA_DIRECTION_TO_DEVICE); 879 break; 880 default: 881 abort(); 882 } 883 return; 884 885 eot: 886 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) { 887 block_acct_done(blk_get_stats(s->blk), &s->acct); 888 } 889 ide_set_inactive(s, stay_active); 890 } 891 892 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 893 { 894 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; 895 s->io_buffer_size = 0; 896 s->dma_cmd = dma_cmd; 897 898 switch (dma_cmd) { 899 case IDE_DMA_READ: 900 block_acct_start(blk_get_stats(s->blk), &s->acct, 901 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ); 902 break; 903 case IDE_DMA_WRITE: 904 block_acct_start(blk_get_stats(s->blk), &s->acct, 905 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE); 906 break; 907 default: 908 break; 909 } 910 911 ide_start_dma(s, ide_dma_cb); 912 } 913 914 void ide_start_dma(IDEState *s, BlockCompletionFunc *cb) 915 { 916 s->io_buffer_index = 0; 917 s->bus->retry_unit = s->unit; 918 s->bus->retry_sector_num = ide_get_sector(s); 919 s->bus->retry_nsector = s->nsector; 920 if (s->bus->dma->ops->start_dma) { 921 s->bus->dma->ops->start_dma(s->bus->dma, s, cb); 922 } 923 } 924 925 static void ide_sector_write(IDEState *s); 926 927 static void ide_sector_write_timer_cb(void *opaque) 928 { 929 IDEState *s = opaque; 930 ide_set_irq(s->bus); 931 } 932 933 static void ide_sector_write_cb(void *opaque, int ret) 934 { 935 IDEState *s = opaque; 936 int n; 937 938 if (ret == -ECANCELED) { 939 return; 940 } 941 942 s->pio_aiocb = NULL; 943 s->status &= ~BUSY_STAT; 944 945 if (ret != 0) { 946 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO)) { 947 return; 948 } 949 } 950 951 block_acct_done(blk_get_stats(s->blk), &s->acct); 952 953 n = s->nsector; 954 if (n > s->req_nb_sectors) { 955 n = s->req_nb_sectors; 956 } 957 s->nsector -= n; 958 959 ide_set_sector(s, ide_get_sector(s) + n); 960 if (s->nsector == 0) { 961 /* no more sectors to write */ 962 ide_transfer_stop(s); 963 } else { 964 int n1 = s->nsector; 965 if (n1 > s->req_nb_sectors) { 966 n1 = s->req_nb_sectors; 967 } 968 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE, 969 ide_sector_write); 970 } 971 972 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 973 /* It seems there is a bug in the Windows 2000 installer HDD 974 IDE driver which fills the disk with empty logs when the 975 IDE write IRQ comes too early. This hack tries to correct 976 that at the expense of slower write performances. Use this 977 option _only_ to install Windows 2000. You must disable it 978 for normal use. */ 979 timer_mod(s->sector_write_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 980 (NANOSECONDS_PER_SECOND / 1000)); 981 } else { 982 ide_set_irq(s->bus); 983 } 984 } 985 986 static void ide_sector_write(IDEState *s) 987 { 988 int64_t sector_num; 989 int n; 990 991 s->status = READY_STAT | SEEK_STAT | BUSY_STAT; 992 sector_num = ide_get_sector(s); 993 #if defined(DEBUG_IDE) 994 printf("sector=%" PRId64 "\n", sector_num); 995 #endif 996 n = s->nsector; 997 if (n > s->req_nb_sectors) { 998 n = s->req_nb_sectors; 999 } 1000 1001 if (!ide_sect_range_ok(s, sector_num, n)) { 1002 ide_rw_error(s); 1003 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_WRITE); 1004 return; 1005 } 1006 1007 s->iov.iov_base = s->io_buffer; 1008 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 1009 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 1010 1011 block_acct_start(blk_get_stats(s->blk), &s->acct, 1012 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE); 1013 s->pio_aiocb = blk_aio_pwritev(s->blk, sector_num << BDRV_SECTOR_BITS, 1014 &s->qiov, 0, ide_sector_write_cb, s); 1015 } 1016 1017 static void ide_flush_cb(void *opaque, int ret) 1018 { 1019 IDEState *s = opaque; 1020 1021 s->pio_aiocb = NULL; 1022 1023 if (ret == -ECANCELED) { 1024 return; 1025 } 1026 if (ret < 0) { 1027 /* XXX: What sector number to set here? */ 1028 if (ide_handle_rw_error(s, -ret, IDE_RETRY_FLUSH)) { 1029 return; 1030 } 1031 } 1032 1033 if (s->blk) { 1034 block_acct_done(blk_get_stats(s->blk), &s->acct); 1035 } 1036 s->status = READY_STAT | SEEK_STAT; 1037 ide_cmd_done(s); 1038 ide_set_irq(s->bus); 1039 } 1040 1041 static void ide_flush_cache(IDEState *s) 1042 { 1043 if (s->blk == NULL) { 1044 ide_flush_cb(s, 0); 1045 return; 1046 } 1047 1048 s->status |= BUSY_STAT; 1049 block_acct_start(blk_get_stats(s->blk), &s->acct, 0, BLOCK_ACCT_FLUSH); 1050 s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s); 1051 } 1052 1053 static void ide_cfata_metadata_inquiry(IDEState *s) 1054 { 1055 uint16_t *p; 1056 uint32_t spd; 1057 1058 p = (uint16_t *) s->io_buffer; 1059 memset(p, 0, 0x200); 1060 spd = ((s->mdata_size - 1) >> 9) + 1; 1061 1062 put_le16(p + 0, 0x0001); /* Data format revision */ 1063 put_le16(p + 1, 0x0000); /* Media property: silicon */ 1064 put_le16(p + 2, s->media_changed); /* Media status */ 1065 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 1066 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 1067 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 1068 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 1069 } 1070 1071 static void ide_cfata_metadata_read(IDEState *s) 1072 { 1073 uint16_t *p; 1074 1075 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 1076 s->status = ERR_STAT; 1077 s->error = ABRT_ERR; 1078 return; 1079 } 1080 1081 p = (uint16_t *) s->io_buffer; 1082 memset(p, 0, 0x200); 1083 1084 put_le16(p + 0, s->media_changed); /* Media status */ 1085 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 1086 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 1087 s->nsector << 9), 0x200 - 2)); 1088 } 1089 1090 static void ide_cfata_metadata_write(IDEState *s) 1091 { 1092 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 1093 s->status = ERR_STAT; 1094 s->error = ABRT_ERR; 1095 return; 1096 } 1097 1098 s->media_changed = 0; 1099 1100 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 1101 s->io_buffer + 2, 1102 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 1103 s->nsector << 9), 0x200 - 2)); 1104 } 1105 1106 /* called when the inserted state of the media has changed */ 1107 static void ide_cd_change_cb(void *opaque, bool load) 1108 { 1109 IDEState *s = opaque; 1110 uint64_t nb_sectors; 1111 1112 s->tray_open = !load; 1113 blk_get_geometry(s->blk, &nb_sectors); 1114 s->nb_sectors = nb_sectors; 1115 1116 /* 1117 * First indicate to the guest that a CD has been removed. That's 1118 * done on the next command the guest sends us. 1119 * 1120 * Then we set UNIT_ATTENTION, by which the guest will 1121 * detect a new CD in the drive. See ide_atapi_cmd() for details. 1122 */ 1123 s->cdrom_changed = 1; 1124 s->events.new_media = true; 1125 s->events.eject_request = false; 1126 ide_set_irq(s->bus); 1127 } 1128 1129 static void ide_cd_eject_request_cb(void *opaque, bool force) 1130 { 1131 IDEState *s = opaque; 1132 1133 s->events.eject_request = true; 1134 if (force) { 1135 s->tray_locked = false; 1136 } 1137 ide_set_irq(s->bus); 1138 } 1139 1140 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 1141 { 1142 s->lba48 = lba48; 1143 1144 /* handle the 'magic' 0 nsector count conversion here. to avoid 1145 * fiddling with the rest of the read logic, we just store the 1146 * full sector count in ->nsector and ignore ->hob_nsector from now 1147 */ 1148 if (!s->lba48) { 1149 if (!s->nsector) 1150 s->nsector = 256; 1151 } else { 1152 if (!s->nsector && !s->hob_nsector) 1153 s->nsector = 65536; 1154 else { 1155 int lo = s->nsector; 1156 int hi = s->hob_nsector; 1157 1158 s->nsector = (hi << 8) | lo; 1159 } 1160 } 1161 } 1162 1163 static void ide_clear_hob(IDEBus *bus) 1164 { 1165 /* any write clears HOB high bit of device control register */ 1166 bus->ifs[0].select &= ~(1 << 7); 1167 bus->ifs[1].select &= ~(1 << 7); 1168 } 1169 1170 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 1171 { 1172 IDEBus *bus = opaque; 1173 1174 #ifdef DEBUG_IDE 1175 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val); 1176 #endif 1177 1178 addr &= 7; 1179 1180 /* ignore writes to command block while busy with previous command */ 1181 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT))) 1182 return; 1183 1184 switch(addr) { 1185 case 0: 1186 break; 1187 case 1: 1188 ide_clear_hob(bus); 1189 /* NOTE: data is written to the two drives */ 1190 bus->ifs[0].hob_feature = bus->ifs[0].feature; 1191 bus->ifs[1].hob_feature = bus->ifs[1].feature; 1192 bus->ifs[0].feature = val; 1193 bus->ifs[1].feature = val; 1194 break; 1195 case 2: 1196 ide_clear_hob(bus); 1197 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 1198 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 1199 bus->ifs[0].nsector = val; 1200 bus->ifs[1].nsector = val; 1201 break; 1202 case 3: 1203 ide_clear_hob(bus); 1204 bus->ifs[0].hob_sector = bus->ifs[0].sector; 1205 bus->ifs[1].hob_sector = bus->ifs[1].sector; 1206 bus->ifs[0].sector = val; 1207 bus->ifs[1].sector = val; 1208 break; 1209 case 4: 1210 ide_clear_hob(bus); 1211 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 1212 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 1213 bus->ifs[0].lcyl = val; 1214 bus->ifs[1].lcyl = val; 1215 break; 1216 case 5: 1217 ide_clear_hob(bus); 1218 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 1219 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 1220 bus->ifs[0].hcyl = val; 1221 bus->ifs[1].hcyl = val; 1222 break; 1223 case 6: 1224 /* FIXME: HOB readback uses bit 7 */ 1225 bus->ifs[0].select = (val & ~0x10) | 0xa0; 1226 bus->ifs[1].select = (val | 0x10) | 0xa0; 1227 /* select drive */ 1228 bus->unit = (val >> 4) & 1; 1229 break; 1230 default: 1231 case 7: 1232 /* command */ 1233 ide_exec_cmd(bus, val); 1234 break; 1235 } 1236 } 1237 1238 static void ide_reset(IDEState *s) 1239 { 1240 #ifdef DEBUG_IDE 1241 printf("ide: reset\n"); 1242 #endif 1243 1244 if (s->pio_aiocb) { 1245 blk_aio_cancel(s->pio_aiocb); 1246 s->pio_aiocb = NULL; 1247 } 1248 1249 if (s->drive_kind == IDE_CFATA) 1250 s->mult_sectors = 0; 1251 else 1252 s->mult_sectors = MAX_MULT_SECTORS; 1253 /* ide regs */ 1254 s->feature = 0; 1255 s->error = 0; 1256 s->nsector = 0; 1257 s->sector = 0; 1258 s->lcyl = 0; 1259 s->hcyl = 0; 1260 1261 /* lba48 */ 1262 s->hob_feature = 0; 1263 s->hob_sector = 0; 1264 s->hob_nsector = 0; 1265 s->hob_lcyl = 0; 1266 s->hob_hcyl = 0; 1267 1268 s->select = 0xa0; 1269 s->status = READY_STAT | SEEK_STAT; 1270 1271 s->lba48 = 0; 1272 1273 /* ATAPI specific */ 1274 s->sense_key = 0; 1275 s->asc = 0; 1276 s->cdrom_changed = 0; 1277 s->packet_transfer_size = 0; 1278 s->elementary_transfer_size = 0; 1279 s->io_buffer_index = 0; 1280 s->cd_sector_size = 0; 1281 s->atapi_dma = 0; 1282 s->tray_locked = 0; 1283 s->tray_open = 0; 1284 /* ATA DMA state */ 1285 s->io_buffer_size = 0; 1286 s->req_nb_sectors = 0; 1287 1288 ide_set_signature(s); 1289 /* init the transfer handler so that 0xffff is returned on data 1290 accesses */ 1291 s->end_transfer_func = ide_dummy_transfer_stop; 1292 ide_dummy_transfer_stop(s); 1293 s->media_changed = 0; 1294 } 1295 1296 static bool cmd_nop(IDEState *s, uint8_t cmd) 1297 { 1298 return true; 1299 } 1300 1301 static bool cmd_device_reset(IDEState *s, uint8_t cmd) 1302 { 1303 /* Halt PIO (in the DRQ phase), then DMA */ 1304 ide_transfer_cancel(s); 1305 ide_cancel_dma_sync(s); 1306 1307 /* Reset any PIO commands, reset signature, etc */ 1308 ide_reset(s); 1309 1310 /* RESET: ATA8-ACS3 7.10.4 "Normal Outputs"; 1311 * ATA8-ACS3 Table 184 "Device Signatures for Normal Output" */ 1312 s->status = 0x00; 1313 1314 /* Do not overwrite status register */ 1315 return false; 1316 } 1317 1318 static bool cmd_data_set_management(IDEState *s, uint8_t cmd) 1319 { 1320 switch (s->feature) { 1321 case DSM_TRIM: 1322 if (s->blk) { 1323 ide_sector_start_dma(s, IDE_DMA_TRIM); 1324 return false; 1325 } 1326 break; 1327 } 1328 1329 ide_abort_command(s); 1330 return true; 1331 } 1332 1333 static bool cmd_identify(IDEState *s, uint8_t cmd) 1334 { 1335 if (s->blk && s->drive_kind != IDE_CD) { 1336 if (s->drive_kind != IDE_CFATA) { 1337 ide_identify(s); 1338 } else { 1339 ide_cfata_identify(s); 1340 } 1341 s->status = READY_STAT | SEEK_STAT; 1342 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1343 ide_set_irq(s->bus); 1344 return false; 1345 } else { 1346 if (s->drive_kind == IDE_CD) { 1347 ide_set_signature(s); 1348 } 1349 ide_abort_command(s); 1350 } 1351 1352 return true; 1353 } 1354 1355 static bool cmd_verify(IDEState *s, uint8_t cmd) 1356 { 1357 bool lba48 = (cmd == WIN_VERIFY_EXT); 1358 1359 /* do sector number check ? */ 1360 ide_cmd_lba48_transform(s, lba48); 1361 1362 return true; 1363 } 1364 1365 static bool cmd_set_multiple_mode(IDEState *s, uint8_t cmd) 1366 { 1367 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1368 /* Disable Read and Write Multiple */ 1369 s->mult_sectors = 0; 1370 } else if ((s->nsector & 0xff) != 0 && 1371 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1372 (s->nsector & (s->nsector - 1)) != 0)) { 1373 ide_abort_command(s); 1374 } else { 1375 s->mult_sectors = s->nsector & 0xff; 1376 } 1377 1378 return true; 1379 } 1380 1381 static bool cmd_read_multiple(IDEState *s, uint8_t cmd) 1382 { 1383 bool lba48 = (cmd == WIN_MULTREAD_EXT); 1384 1385 if (!s->blk || !s->mult_sectors) { 1386 ide_abort_command(s); 1387 return true; 1388 } 1389 1390 ide_cmd_lba48_transform(s, lba48); 1391 s->req_nb_sectors = s->mult_sectors; 1392 ide_sector_read(s); 1393 return false; 1394 } 1395 1396 static bool cmd_write_multiple(IDEState *s, uint8_t cmd) 1397 { 1398 bool lba48 = (cmd == WIN_MULTWRITE_EXT); 1399 int n; 1400 1401 if (!s->blk || !s->mult_sectors) { 1402 ide_abort_command(s); 1403 return true; 1404 } 1405 1406 ide_cmd_lba48_transform(s, lba48); 1407 1408 s->req_nb_sectors = s->mult_sectors; 1409 n = MIN(s->nsector, s->req_nb_sectors); 1410 1411 s->status = SEEK_STAT | READY_STAT; 1412 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1413 1414 s->media_changed = 1; 1415 1416 return false; 1417 } 1418 1419 static bool cmd_read_pio(IDEState *s, uint8_t cmd) 1420 { 1421 bool lba48 = (cmd == WIN_READ_EXT); 1422 1423 if (s->drive_kind == IDE_CD) { 1424 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */ 1425 ide_abort_command(s); 1426 return true; 1427 } 1428 1429 if (!s->blk) { 1430 ide_abort_command(s); 1431 return true; 1432 } 1433 1434 ide_cmd_lba48_transform(s, lba48); 1435 s->req_nb_sectors = 1; 1436 ide_sector_read(s); 1437 1438 return false; 1439 } 1440 1441 static bool cmd_write_pio(IDEState *s, uint8_t cmd) 1442 { 1443 bool lba48 = (cmd == WIN_WRITE_EXT); 1444 1445 if (!s->blk) { 1446 ide_abort_command(s); 1447 return true; 1448 } 1449 1450 ide_cmd_lba48_transform(s, lba48); 1451 1452 s->req_nb_sectors = 1; 1453 s->status = SEEK_STAT | READY_STAT; 1454 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1455 1456 s->media_changed = 1; 1457 1458 return false; 1459 } 1460 1461 static bool cmd_read_dma(IDEState *s, uint8_t cmd) 1462 { 1463 bool lba48 = (cmd == WIN_READDMA_EXT); 1464 1465 if (!s->blk) { 1466 ide_abort_command(s); 1467 return true; 1468 } 1469 1470 ide_cmd_lba48_transform(s, lba48); 1471 ide_sector_start_dma(s, IDE_DMA_READ); 1472 1473 return false; 1474 } 1475 1476 static bool cmd_write_dma(IDEState *s, uint8_t cmd) 1477 { 1478 bool lba48 = (cmd == WIN_WRITEDMA_EXT); 1479 1480 if (!s->blk) { 1481 ide_abort_command(s); 1482 return true; 1483 } 1484 1485 ide_cmd_lba48_transform(s, lba48); 1486 ide_sector_start_dma(s, IDE_DMA_WRITE); 1487 1488 s->media_changed = 1; 1489 1490 return false; 1491 } 1492 1493 static bool cmd_flush_cache(IDEState *s, uint8_t cmd) 1494 { 1495 ide_flush_cache(s); 1496 return false; 1497 } 1498 1499 static bool cmd_seek(IDEState *s, uint8_t cmd) 1500 { 1501 /* XXX: Check that seek is within bounds */ 1502 return true; 1503 } 1504 1505 static bool cmd_read_native_max(IDEState *s, uint8_t cmd) 1506 { 1507 bool lba48 = (cmd == WIN_READ_NATIVE_MAX_EXT); 1508 1509 /* Refuse if no sectors are addressable (e.g. medium not inserted) */ 1510 if (s->nb_sectors == 0) { 1511 ide_abort_command(s); 1512 return true; 1513 } 1514 1515 ide_cmd_lba48_transform(s, lba48); 1516 ide_set_sector(s, s->nb_sectors - 1); 1517 1518 return true; 1519 } 1520 1521 static bool cmd_check_power_mode(IDEState *s, uint8_t cmd) 1522 { 1523 s->nsector = 0xff; /* device active or idle */ 1524 return true; 1525 } 1526 1527 static bool cmd_set_features(IDEState *s, uint8_t cmd) 1528 { 1529 uint16_t *identify_data; 1530 1531 if (!s->blk) { 1532 ide_abort_command(s); 1533 return true; 1534 } 1535 1536 /* XXX: valid for CDROM ? */ 1537 switch (s->feature) { 1538 case 0x02: /* write cache enable */ 1539 blk_set_enable_write_cache(s->blk, true); 1540 identify_data = (uint16_t *)s->identify_data; 1541 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1); 1542 return true; 1543 case 0x82: /* write cache disable */ 1544 blk_set_enable_write_cache(s->blk, false); 1545 identify_data = (uint16_t *)s->identify_data; 1546 put_le16(identify_data + 85, (1 << 14) | 1); 1547 ide_flush_cache(s); 1548 return false; 1549 case 0xcc: /* reverting to power-on defaults enable */ 1550 case 0x66: /* reverting to power-on defaults disable */ 1551 case 0xaa: /* read look-ahead enable */ 1552 case 0x55: /* read look-ahead disable */ 1553 case 0x05: /* set advanced power management mode */ 1554 case 0x85: /* disable advanced power management mode */ 1555 case 0x69: /* NOP */ 1556 case 0x67: /* NOP */ 1557 case 0x96: /* NOP */ 1558 case 0x9a: /* NOP */ 1559 case 0x42: /* enable Automatic Acoustic Mode */ 1560 case 0xc2: /* disable Automatic Acoustic Mode */ 1561 return true; 1562 case 0x03: /* set transfer mode */ 1563 { 1564 uint8_t val = s->nsector & 0x07; 1565 identify_data = (uint16_t *)s->identify_data; 1566 1567 switch (s->nsector >> 3) { 1568 case 0x00: /* pio default */ 1569 case 0x01: /* pio mode */ 1570 put_le16(identify_data + 62, 0x07); 1571 put_le16(identify_data + 63, 0x07); 1572 put_le16(identify_data + 88, 0x3f); 1573 break; 1574 case 0x02: /* sigle word dma mode*/ 1575 put_le16(identify_data + 62, 0x07 | (1 << (val + 8))); 1576 put_le16(identify_data + 63, 0x07); 1577 put_le16(identify_data + 88, 0x3f); 1578 break; 1579 case 0x04: /* mdma mode */ 1580 put_le16(identify_data + 62, 0x07); 1581 put_le16(identify_data + 63, 0x07 | (1 << (val + 8))); 1582 put_le16(identify_data + 88, 0x3f); 1583 break; 1584 case 0x08: /* udma mode */ 1585 put_le16(identify_data + 62, 0x07); 1586 put_le16(identify_data + 63, 0x07); 1587 put_le16(identify_data + 88, 0x3f | (1 << (val + 8))); 1588 break; 1589 default: 1590 goto abort_cmd; 1591 } 1592 return true; 1593 } 1594 } 1595 1596 abort_cmd: 1597 ide_abort_command(s); 1598 return true; 1599 } 1600 1601 1602 /*** ATAPI commands ***/ 1603 1604 static bool cmd_identify_packet(IDEState *s, uint8_t cmd) 1605 { 1606 ide_atapi_identify(s); 1607 s->status = READY_STAT | SEEK_STAT; 1608 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1609 ide_set_irq(s->bus); 1610 return false; 1611 } 1612 1613 static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t cmd) 1614 { 1615 ide_set_signature(s); 1616 1617 if (s->drive_kind == IDE_CD) { 1618 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 1619 * devices to return a clear status register 1620 * with READY_STAT *not* set. */ 1621 s->error = 0x01; 1622 } else { 1623 s->status = READY_STAT | SEEK_STAT; 1624 /* The bits of the error register are not as usual for this command! 1625 * They are part of the regular output (this is why ERR_STAT isn't set) 1626 * Device 0 passed, Device 1 passed or not present. */ 1627 s->error = 0x01; 1628 ide_set_irq(s->bus); 1629 } 1630 1631 return false; 1632 } 1633 1634 static bool cmd_packet(IDEState *s, uint8_t cmd) 1635 { 1636 /* overlapping commands not supported */ 1637 if (s->feature & 0x02) { 1638 ide_abort_command(s); 1639 return true; 1640 } 1641 1642 s->status = READY_STAT | SEEK_STAT; 1643 s->atapi_dma = s->feature & 1; 1644 if (s->atapi_dma) { 1645 s->dma_cmd = IDE_DMA_ATAPI; 1646 } 1647 s->nsector = 1; 1648 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 1649 ide_atapi_cmd); 1650 return false; 1651 } 1652 1653 1654 /*** CF-ATA commands ***/ 1655 1656 static bool cmd_cfa_req_ext_error_code(IDEState *s, uint8_t cmd) 1657 { 1658 s->error = 0x09; /* miscellaneous error */ 1659 s->status = READY_STAT | SEEK_STAT; 1660 ide_set_irq(s->bus); 1661 1662 return false; 1663 } 1664 1665 static bool cmd_cfa_erase_sectors(IDEState *s, uint8_t cmd) 1666 { 1667 /* WIN_SECURITY_FREEZE_LOCK has the same ID as CFA_WEAR_LEVEL and is 1668 * required for Windows 8 to work with AHCI */ 1669 1670 if (cmd == CFA_WEAR_LEVEL) { 1671 s->nsector = 0; 1672 } 1673 1674 if (cmd == CFA_ERASE_SECTORS) { 1675 s->media_changed = 1; 1676 } 1677 1678 return true; 1679 } 1680 1681 static bool cmd_cfa_translate_sector(IDEState *s, uint8_t cmd) 1682 { 1683 s->status = READY_STAT | SEEK_STAT; 1684 1685 memset(s->io_buffer, 0, 0x200); 1686 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 1687 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 1688 s->io_buffer[0x02] = s->select; /* Head */ 1689 s->io_buffer[0x03] = s->sector; /* Sector */ 1690 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 1691 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 1692 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 1693 s->io_buffer[0x13] = 0x00; /* Erase flag */ 1694 s->io_buffer[0x18] = 0x00; /* Hot count */ 1695 s->io_buffer[0x19] = 0x00; /* Hot count */ 1696 s->io_buffer[0x1a] = 0x01; /* Hot count */ 1697 1698 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1699 ide_set_irq(s->bus); 1700 1701 return false; 1702 } 1703 1704 static bool cmd_cfa_access_metadata_storage(IDEState *s, uint8_t cmd) 1705 { 1706 switch (s->feature) { 1707 case 0x02: /* Inquiry Metadata Storage */ 1708 ide_cfata_metadata_inquiry(s); 1709 break; 1710 case 0x03: /* Read Metadata Storage */ 1711 ide_cfata_metadata_read(s); 1712 break; 1713 case 0x04: /* Write Metadata Storage */ 1714 ide_cfata_metadata_write(s); 1715 break; 1716 default: 1717 ide_abort_command(s); 1718 return true; 1719 } 1720 1721 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1722 s->status = 0x00; /* NOTE: READY is _not_ set */ 1723 ide_set_irq(s->bus); 1724 1725 return false; 1726 } 1727 1728 static bool cmd_ibm_sense_condition(IDEState *s, uint8_t cmd) 1729 { 1730 switch (s->feature) { 1731 case 0x01: /* sense temperature in device */ 1732 s->nsector = 0x50; /* +20 C */ 1733 break; 1734 default: 1735 ide_abort_command(s); 1736 return true; 1737 } 1738 1739 return true; 1740 } 1741 1742 1743 /*** SMART commands ***/ 1744 1745 static bool cmd_smart(IDEState *s, uint8_t cmd) 1746 { 1747 int n; 1748 1749 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) { 1750 goto abort_cmd; 1751 } 1752 1753 if (!s->smart_enabled && s->feature != SMART_ENABLE) { 1754 goto abort_cmd; 1755 } 1756 1757 switch (s->feature) { 1758 case SMART_DISABLE: 1759 s->smart_enabled = 0; 1760 return true; 1761 1762 case SMART_ENABLE: 1763 s->smart_enabled = 1; 1764 return true; 1765 1766 case SMART_ATTR_AUTOSAVE: 1767 switch (s->sector) { 1768 case 0x00: 1769 s->smart_autosave = 0; 1770 break; 1771 case 0xf1: 1772 s->smart_autosave = 1; 1773 break; 1774 default: 1775 goto abort_cmd; 1776 } 1777 return true; 1778 1779 case SMART_STATUS: 1780 if (!s->smart_errors) { 1781 s->hcyl = 0xc2; 1782 s->lcyl = 0x4f; 1783 } else { 1784 s->hcyl = 0x2c; 1785 s->lcyl = 0xf4; 1786 } 1787 return true; 1788 1789 case SMART_READ_THRESH: 1790 memset(s->io_buffer, 0, 0x200); 1791 s->io_buffer[0] = 0x01; /* smart struct version */ 1792 1793 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1794 s->io_buffer[2 + 0 + (n * 12)] = smart_attributes[n][0]; 1795 s->io_buffer[2 + 1 + (n * 12)] = smart_attributes[n][11]; 1796 } 1797 1798 /* checksum */ 1799 for (n = 0; n < 511; n++) { 1800 s->io_buffer[511] += s->io_buffer[n]; 1801 } 1802 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1803 1804 s->status = READY_STAT | SEEK_STAT; 1805 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1806 ide_set_irq(s->bus); 1807 return false; 1808 1809 case SMART_READ_DATA: 1810 memset(s->io_buffer, 0, 0x200); 1811 s->io_buffer[0] = 0x01; /* smart struct version */ 1812 1813 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1814 int i; 1815 for (i = 0; i < 11; i++) { 1816 s->io_buffer[2 + i + (n * 12)] = smart_attributes[n][i]; 1817 } 1818 } 1819 1820 s->io_buffer[362] = 0x02 | (s->smart_autosave ? 0x80 : 0x00); 1821 if (s->smart_selftest_count == 0) { 1822 s->io_buffer[363] = 0; 1823 } else { 1824 s->io_buffer[363] = 1825 s->smart_selftest_data[3 + 1826 (s->smart_selftest_count - 1) * 1827 24]; 1828 } 1829 s->io_buffer[364] = 0x20; 1830 s->io_buffer[365] = 0x01; 1831 /* offline data collection capacity: execute + self-test*/ 1832 s->io_buffer[367] = (1 << 4 | 1 << 3 | 1); 1833 s->io_buffer[368] = 0x03; /* smart capability (1) */ 1834 s->io_buffer[369] = 0x00; /* smart capability (2) */ 1835 s->io_buffer[370] = 0x01; /* error logging supported */ 1836 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 1837 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 1838 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 1839 1840 for (n = 0; n < 511; n++) { 1841 s->io_buffer[511] += s->io_buffer[n]; 1842 } 1843 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1844 1845 s->status = READY_STAT | SEEK_STAT; 1846 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1847 ide_set_irq(s->bus); 1848 return false; 1849 1850 case SMART_READ_LOG: 1851 switch (s->sector) { 1852 case 0x01: /* summary smart error log */ 1853 memset(s->io_buffer, 0, 0x200); 1854 s->io_buffer[0] = 0x01; 1855 s->io_buffer[1] = 0x00; /* no error entries */ 1856 s->io_buffer[452] = s->smart_errors & 0xff; 1857 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 1858 1859 for (n = 0; n < 511; n++) { 1860 s->io_buffer[511] += s->io_buffer[n]; 1861 } 1862 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1863 break; 1864 case 0x06: /* smart self test log */ 1865 memset(s->io_buffer, 0, 0x200); 1866 s->io_buffer[0] = 0x01; 1867 if (s->smart_selftest_count == 0) { 1868 s->io_buffer[508] = 0; 1869 } else { 1870 s->io_buffer[508] = s->smart_selftest_count; 1871 for (n = 2; n < 506; n++) { 1872 s->io_buffer[n] = s->smart_selftest_data[n]; 1873 } 1874 } 1875 1876 for (n = 0; n < 511; n++) { 1877 s->io_buffer[511] += s->io_buffer[n]; 1878 } 1879 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1880 break; 1881 default: 1882 goto abort_cmd; 1883 } 1884 s->status = READY_STAT | SEEK_STAT; 1885 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1886 ide_set_irq(s->bus); 1887 return false; 1888 1889 case SMART_EXECUTE_OFFLINE: 1890 switch (s->sector) { 1891 case 0: /* off-line routine */ 1892 case 1: /* short self test */ 1893 case 2: /* extended self test */ 1894 s->smart_selftest_count++; 1895 if (s->smart_selftest_count > 21) { 1896 s->smart_selftest_count = 1; 1897 } 1898 n = 2 + (s->smart_selftest_count - 1) * 24; 1899 s->smart_selftest_data[n] = s->sector; 1900 s->smart_selftest_data[n + 1] = 0x00; /* OK and finished */ 1901 s->smart_selftest_data[n + 2] = 0x34; /* hour count lsb */ 1902 s->smart_selftest_data[n + 3] = 0x12; /* hour count msb */ 1903 break; 1904 default: 1905 goto abort_cmd; 1906 } 1907 return true; 1908 } 1909 1910 abort_cmd: 1911 ide_abort_command(s); 1912 return true; 1913 } 1914 1915 #define HD_OK (1u << IDE_HD) 1916 #define CD_OK (1u << IDE_CD) 1917 #define CFA_OK (1u << IDE_CFATA) 1918 #define HD_CFA_OK (HD_OK | CFA_OK) 1919 #define ALL_OK (HD_OK | CD_OK | CFA_OK) 1920 1921 /* Set the Disk Seek Completed status bit during completion */ 1922 #define SET_DSC (1u << 8) 1923 1924 /* See ACS-2 T13/2015-D Table B.2 Command codes */ 1925 static const struct { 1926 /* Returns true if the completion code should be run */ 1927 bool (*handler)(IDEState *s, uint8_t cmd); 1928 int flags; 1929 } ide_cmd_table[0x100] = { 1930 /* NOP not implemented, mandatory for CD */ 1931 [CFA_REQ_EXT_ERROR_CODE] = { cmd_cfa_req_ext_error_code, CFA_OK }, 1932 [WIN_DSM] = { cmd_data_set_management, HD_CFA_OK }, 1933 [WIN_DEVICE_RESET] = { cmd_device_reset, CD_OK }, 1934 [WIN_RECAL] = { cmd_nop, HD_CFA_OK | SET_DSC}, 1935 [WIN_READ] = { cmd_read_pio, ALL_OK }, 1936 [WIN_READ_ONCE] = { cmd_read_pio, HD_CFA_OK }, 1937 [WIN_READ_EXT] = { cmd_read_pio, HD_CFA_OK }, 1938 [WIN_READDMA_EXT] = { cmd_read_dma, HD_CFA_OK }, 1939 [WIN_READ_NATIVE_MAX_EXT] = { cmd_read_native_max, HD_CFA_OK | SET_DSC }, 1940 [WIN_MULTREAD_EXT] = { cmd_read_multiple, HD_CFA_OK }, 1941 [WIN_WRITE] = { cmd_write_pio, HD_CFA_OK }, 1942 [WIN_WRITE_ONCE] = { cmd_write_pio, HD_CFA_OK }, 1943 [WIN_WRITE_EXT] = { cmd_write_pio, HD_CFA_OK }, 1944 [WIN_WRITEDMA_EXT] = { cmd_write_dma, HD_CFA_OK }, 1945 [CFA_WRITE_SECT_WO_ERASE] = { cmd_write_pio, CFA_OK }, 1946 [WIN_MULTWRITE_EXT] = { cmd_write_multiple, HD_CFA_OK }, 1947 [WIN_WRITE_VERIFY] = { cmd_write_pio, HD_CFA_OK }, 1948 [WIN_VERIFY] = { cmd_verify, HD_CFA_OK | SET_DSC }, 1949 [WIN_VERIFY_ONCE] = { cmd_verify, HD_CFA_OK | SET_DSC }, 1950 [WIN_VERIFY_EXT] = { cmd_verify, HD_CFA_OK | SET_DSC }, 1951 [WIN_SEEK] = { cmd_seek, HD_CFA_OK | SET_DSC }, 1952 [CFA_TRANSLATE_SECTOR] = { cmd_cfa_translate_sector, CFA_OK }, 1953 [WIN_DIAGNOSE] = { cmd_exec_dev_diagnostic, ALL_OK }, 1954 [WIN_SPECIFY] = { cmd_nop, HD_CFA_OK | SET_DSC }, 1955 [WIN_STANDBYNOW2] = { cmd_nop, HD_CFA_OK }, 1956 [WIN_IDLEIMMEDIATE2] = { cmd_nop, HD_CFA_OK }, 1957 [WIN_STANDBY2] = { cmd_nop, HD_CFA_OK }, 1958 [WIN_SETIDLE2] = { cmd_nop, HD_CFA_OK }, 1959 [WIN_CHECKPOWERMODE2] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC }, 1960 [WIN_SLEEPNOW2] = { cmd_nop, HD_CFA_OK }, 1961 [WIN_PACKETCMD] = { cmd_packet, CD_OK }, 1962 [WIN_PIDENTIFY] = { cmd_identify_packet, CD_OK }, 1963 [WIN_SMART] = { cmd_smart, HD_CFA_OK | SET_DSC }, 1964 [CFA_ACCESS_METADATA_STORAGE] = { cmd_cfa_access_metadata_storage, CFA_OK }, 1965 [CFA_ERASE_SECTORS] = { cmd_cfa_erase_sectors, CFA_OK | SET_DSC }, 1966 [WIN_MULTREAD] = { cmd_read_multiple, HD_CFA_OK }, 1967 [WIN_MULTWRITE] = { cmd_write_multiple, HD_CFA_OK }, 1968 [WIN_SETMULT] = { cmd_set_multiple_mode, HD_CFA_OK | SET_DSC }, 1969 [WIN_READDMA] = { cmd_read_dma, HD_CFA_OK }, 1970 [WIN_READDMA_ONCE] = { cmd_read_dma, HD_CFA_OK }, 1971 [WIN_WRITEDMA] = { cmd_write_dma, HD_CFA_OK }, 1972 [WIN_WRITEDMA_ONCE] = { cmd_write_dma, HD_CFA_OK }, 1973 [CFA_WRITE_MULTI_WO_ERASE] = { cmd_write_multiple, CFA_OK }, 1974 [WIN_STANDBYNOW1] = { cmd_nop, HD_CFA_OK }, 1975 [WIN_IDLEIMMEDIATE] = { cmd_nop, HD_CFA_OK }, 1976 [WIN_STANDBY] = { cmd_nop, HD_CFA_OK }, 1977 [WIN_SETIDLE1] = { cmd_nop, HD_CFA_OK }, 1978 [WIN_CHECKPOWERMODE1] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC }, 1979 [WIN_SLEEPNOW1] = { cmd_nop, HD_CFA_OK }, 1980 [WIN_FLUSH_CACHE] = { cmd_flush_cache, ALL_OK }, 1981 [WIN_FLUSH_CACHE_EXT] = { cmd_flush_cache, HD_CFA_OK }, 1982 [WIN_IDENTIFY] = { cmd_identify, ALL_OK }, 1983 [WIN_SETFEATURES] = { cmd_set_features, ALL_OK | SET_DSC }, 1984 [IBM_SENSE_CONDITION] = { cmd_ibm_sense_condition, CFA_OK | SET_DSC }, 1985 [CFA_WEAR_LEVEL] = { cmd_cfa_erase_sectors, HD_CFA_OK | SET_DSC }, 1986 [WIN_READ_NATIVE_MAX] = { cmd_read_native_max, HD_CFA_OK | SET_DSC }, 1987 }; 1988 1989 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) 1990 { 1991 return cmd < ARRAY_SIZE(ide_cmd_table) 1992 && (ide_cmd_table[cmd].flags & (1u << s->drive_kind)); 1993 } 1994 1995 void ide_exec_cmd(IDEBus *bus, uint32_t val) 1996 { 1997 IDEState *s; 1998 bool complete; 1999 2000 #if defined(DEBUG_IDE) 2001 printf("ide: CMD=%02x\n", val); 2002 #endif 2003 s = idebus_active_if(bus); 2004 /* ignore commands to non existent slave */ 2005 if (s != bus->ifs && !s->blk) { 2006 return; 2007 } 2008 2009 /* Only RESET is allowed while BSY and/or DRQ are set, 2010 * and only to ATAPI devices. */ 2011 if (s->status & (BUSY_STAT|DRQ_STAT)) { 2012 if (val != WIN_DEVICE_RESET || s->drive_kind != IDE_CD) { 2013 return; 2014 } 2015 } 2016 2017 if (!ide_cmd_permitted(s, val)) { 2018 ide_abort_command(s); 2019 ide_set_irq(s->bus); 2020 return; 2021 } 2022 2023 s->status = READY_STAT | BUSY_STAT; 2024 s->error = 0; 2025 s->io_buffer_offset = 0; 2026 2027 complete = ide_cmd_table[val].handler(s, val); 2028 if (complete) { 2029 s->status &= ~BUSY_STAT; 2030 assert(!!s->error == !!(s->status & ERR_STAT)); 2031 2032 if ((ide_cmd_table[val].flags & SET_DSC) && !s->error) { 2033 s->status |= SEEK_STAT; 2034 } 2035 2036 ide_cmd_done(s); 2037 ide_set_irq(s->bus); 2038 } 2039 } 2040 2041 uint32_t ide_ioport_read(void *opaque, uint32_t addr1) 2042 { 2043 IDEBus *bus = opaque; 2044 IDEState *s = idebus_active_if(bus); 2045 uint32_t addr; 2046 int ret, hob; 2047 2048 addr = addr1 & 7; 2049 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 2050 //hob = s->select & (1 << 7); 2051 hob = 0; 2052 switch(addr) { 2053 case 0: 2054 ret = 0xff; 2055 break; 2056 case 1: 2057 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2058 (s != bus->ifs && !s->blk)) { 2059 ret = 0; 2060 } else if (!hob) { 2061 ret = s->error; 2062 } else { 2063 ret = s->hob_feature; 2064 } 2065 break; 2066 case 2: 2067 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2068 ret = 0; 2069 } else if (!hob) { 2070 ret = s->nsector & 0xff; 2071 } else { 2072 ret = s->hob_nsector; 2073 } 2074 break; 2075 case 3: 2076 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2077 ret = 0; 2078 } else if (!hob) { 2079 ret = s->sector; 2080 } else { 2081 ret = s->hob_sector; 2082 } 2083 break; 2084 case 4: 2085 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2086 ret = 0; 2087 } else if (!hob) { 2088 ret = s->lcyl; 2089 } else { 2090 ret = s->hob_lcyl; 2091 } 2092 break; 2093 case 5: 2094 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2095 ret = 0; 2096 } else if (!hob) { 2097 ret = s->hcyl; 2098 } else { 2099 ret = s->hob_hcyl; 2100 } 2101 break; 2102 case 6: 2103 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2104 ret = 0; 2105 } else { 2106 ret = s->select; 2107 } 2108 break; 2109 default: 2110 case 7: 2111 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2112 (s != bus->ifs && !s->blk)) { 2113 ret = 0; 2114 } else { 2115 ret = s->status; 2116 } 2117 qemu_irq_lower(bus->irq); 2118 break; 2119 } 2120 #ifdef DEBUG_IDE 2121 printf("ide: read addr=0x%x val=%02x\n", addr1, ret); 2122 #endif 2123 return ret; 2124 } 2125 2126 uint32_t ide_status_read(void *opaque, uint32_t addr) 2127 { 2128 IDEBus *bus = opaque; 2129 IDEState *s = idebus_active_if(bus); 2130 int ret; 2131 2132 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2133 (s != bus->ifs && !s->blk)) { 2134 ret = 0; 2135 } else { 2136 ret = s->status; 2137 } 2138 #ifdef DEBUG_IDE 2139 printf("ide: read status addr=0x%x val=%02x\n", addr, ret); 2140 #endif 2141 return ret; 2142 } 2143 2144 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 2145 { 2146 IDEBus *bus = opaque; 2147 IDEState *s; 2148 int i; 2149 2150 #ifdef DEBUG_IDE 2151 printf("ide: write control addr=0x%x val=%02x\n", addr, val); 2152 #endif 2153 /* common for both drives */ 2154 if (!(bus->cmd & IDE_CMD_RESET) && 2155 (val & IDE_CMD_RESET)) { 2156 /* reset low to high */ 2157 for(i = 0;i < 2; i++) { 2158 s = &bus->ifs[i]; 2159 s->status = BUSY_STAT | SEEK_STAT; 2160 s->error = 0x01; 2161 } 2162 } else if ((bus->cmd & IDE_CMD_RESET) && 2163 !(val & IDE_CMD_RESET)) { 2164 /* high to low */ 2165 for(i = 0;i < 2; i++) { 2166 s = &bus->ifs[i]; 2167 if (s->drive_kind == IDE_CD) 2168 s->status = 0x00; /* NOTE: READY is _not_ set */ 2169 else 2170 s->status = READY_STAT | SEEK_STAT; 2171 ide_set_signature(s); 2172 } 2173 } 2174 2175 bus->cmd = val; 2176 } 2177 2178 /* 2179 * Returns true if the running PIO transfer is a PIO out (i.e. data is 2180 * transferred from the device to the guest), false if it's a PIO in 2181 */ 2182 static bool ide_is_pio_out(IDEState *s) 2183 { 2184 if (s->end_transfer_func == ide_sector_write || 2185 s->end_transfer_func == ide_atapi_cmd) { 2186 return false; 2187 } else if (s->end_transfer_func == ide_sector_read || 2188 s->end_transfer_func == ide_transfer_stop || 2189 s->end_transfer_func == ide_atapi_cmd_reply_end || 2190 s->end_transfer_func == ide_dummy_transfer_stop) { 2191 return true; 2192 } 2193 2194 abort(); 2195 } 2196 2197 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 2198 { 2199 IDEBus *bus = opaque; 2200 IDEState *s = idebus_active_if(bus); 2201 uint8_t *p; 2202 2203 /* PIO data access allowed only when DRQ bit is set. The result of a write 2204 * during PIO out is indeterminate, just ignore it. */ 2205 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 2206 return; 2207 } 2208 2209 p = s->data_ptr; 2210 if (p + 2 > s->data_end) { 2211 return; 2212 } 2213 2214 *(uint16_t *)p = le16_to_cpu(val); 2215 p += 2; 2216 s->data_ptr = p; 2217 if (p >= s->data_end) { 2218 s->status &= ~DRQ_STAT; 2219 s->end_transfer_func(s); 2220 } 2221 } 2222 2223 uint32_t ide_data_readw(void *opaque, uint32_t addr) 2224 { 2225 IDEBus *bus = opaque; 2226 IDEState *s = idebus_active_if(bus); 2227 uint8_t *p; 2228 int ret; 2229 2230 /* PIO data access allowed only when DRQ bit is set. The result of a read 2231 * during PIO in is indeterminate, return 0 and don't move forward. */ 2232 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 2233 return 0; 2234 } 2235 2236 p = s->data_ptr; 2237 if (p + 2 > s->data_end) { 2238 return 0; 2239 } 2240 2241 ret = cpu_to_le16(*(uint16_t *)p); 2242 p += 2; 2243 s->data_ptr = p; 2244 if (p >= s->data_end) { 2245 s->status &= ~DRQ_STAT; 2246 s->end_transfer_func(s); 2247 } 2248 return ret; 2249 } 2250 2251 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 2252 { 2253 IDEBus *bus = opaque; 2254 IDEState *s = idebus_active_if(bus); 2255 uint8_t *p; 2256 2257 /* PIO data access allowed only when DRQ bit is set. The result of a write 2258 * during PIO out is indeterminate, just ignore it. */ 2259 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 2260 return; 2261 } 2262 2263 p = s->data_ptr; 2264 if (p + 4 > s->data_end) { 2265 return; 2266 } 2267 2268 *(uint32_t *)p = le32_to_cpu(val); 2269 p += 4; 2270 s->data_ptr = p; 2271 if (p >= s->data_end) { 2272 s->status &= ~DRQ_STAT; 2273 s->end_transfer_func(s); 2274 } 2275 } 2276 2277 uint32_t ide_data_readl(void *opaque, uint32_t addr) 2278 { 2279 IDEBus *bus = opaque; 2280 IDEState *s = idebus_active_if(bus); 2281 uint8_t *p; 2282 int ret; 2283 2284 /* PIO data access allowed only when DRQ bit is set. The result of a read 2285 * during PIO in is indeterminate, return 0 and don't move forward. */ 2286 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 2287 return 0; 2288 } 2289 2290 p = s->data_ptr; 2291 if (p + 4 > s->data_end) { 2292 return 0; 2293 } 2294 2295 ret = cpu_to_le32(*(uint32_t *)p); 2296 p += 4; 2297 s->data_ptr = p; 2298 if (p >= s->data_end) { 2299 s->status &= ~DRQ_STAT; 2300 s->end_transfer_func(s); 2301 } 2302 return ret; 2303 } 2304 2305 static void ide_dummy_transfer_stop(IDEState *s) 2306 { 2307 s->data_ptr = s->io_buffer; 2308 s->data_end = s->io_buffer; 2309 s->io_buffer[0] = 0xff; 2310 s->io_buffer[1] = 0xff; 2311 s->io_buffer[2] = 0xff; 2312 s->io_buffer[3] = 0xff; 2313 } 2314 2315 void ide_bus_reset(IDEBus *bus) 2316 { 2317 bus->unit = 0; 2318 bus->cmd = 0; 2319 ide_reset(&bus->ifs[0]); 2320 ide_reset(&bus->ifs[1]); 2321 ide_clear_hob(bus); 2322 2323 /* pending async DMA */ 2324 if (bus->dma->aiocb) { 2325 #ifdef DEBUG_AIO 2326 printf("aio_cancel\n"); 2327 #endif 2328 blk_aio_cancel(bus->dma->aiocb); 2329 bus->dma->aiocb = NULL; 2330 } 2331 2332 /* reset dma provider too */ 2333 if (bus->dma->ops->reset) { 2334 bus->dma->ops->reset(bus->dma); 2335 } 2336 } 2337 2338 static bool ide_cd_is_tray_open(void *opaque) 2339 { 2340 return ((IDEState *)opaque)->tray_open; 2341 } 2342 2343 static bool ide_cd_is_medium_locked(void *opaque) 2344 { 2345 return ((IDEState *)opaque)->tray_locked; 2346 } 2347 2348 static void ide_resize_cb(void *opaque) 2349 { 2350 IDEState *s = opaque; 2351 uint64_t nb_sectors; 2352 2353 if (!s->identify_set) { 2354 return; 2355 } 2356 2357 blk_get_geometry(s->blk, &nb_sectors); 2358 s->nb_sectors = nb_sectors; 2359 2360 /* Update the identify data buffer. */ 2361 if (s->drive_kind == IDE_CFATA) { 2362 ide_cfata_identify_size(s); 2363 } else { 2364 /* IDE_CD uses a different set of callbacks entirely. */ 2365 assert(s->drive_kind != IDE_CD); 2366 ide_identify_size(s); 2367 } 2368 } 2369 2370 static const BlockDevOps ide_cd_block_ops = { 2371 .change_media_cb = ide_cd_change_cb, 2372 .eject_request_cb = ide_cd_eject_request_cb, 2373 .is_tray_open = ide_cd_is_tray_open, 2374 .is_medium_locked = ide_cd_is_medium_locked, 2375 }; 2376 2377 static const BlockDevOps ide_hd_block_ops = { 2378 .resize_cb = ide_resize_cb, 2379 }; 2380 2381 int ide_init_drive(IDEState *s, BlockBackend *blk, IDEDriveKind kind, 2382 const char *version, const char *serial, const char *model, 2383 uint64_t wwn, 2384 uint32_t cylinders, uint32_t heads, uint32_t secs, 2385 int chs_trans) 2386 { 2387 uint64_t nb_sectors; 2388 2389 s->blk = blk; 2390 s->drive_kind = kind; 2391 2392 blk_get_geometry(blk, &nb_sectors); 2393 s->cylinders = cylinders; 2394 s->heads = heads; 2395 s->sectors = secs; 2396 s->chs_trans = chs_trans; 2397 s->nb_sectors = nb_sectors; 2398 s->wwn = wwn; 2399 /* The SMART values should be preserved across power cycles 2400 but they aren't. */ 2401 s->smart_enabled = 1; 2402 s->smart_autosave = 1; 2403 s->smart_errors = 0; 2404 s->smart_selftest_count = 0; 2405 if (kind == IDE_CD) { 2406 blk_set_dev_ops(blk, &ide_cd_block_ops, s); 2407 blk_set_guest_block_size(blk, 2048); 2408 } else { 2409 if (!blk_is_inserted(s->blk)) { 2410 error_report("Device needs media, but drive is empty"); 2411 return -1; 2412 } 2413 if (blk_is_read_only(blk)) { 2414 error_report("Can't use a read-only drive"); 2415 return -1; 2416 } 2417 blk_set_dev_ops(blk, &ide_hd_block_ops, s); 2418 } 2419 if (serial) { 2420 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial); 2421 } else { 2422 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 2423 "QM%05d", s->drive_serial); 2424 } 2425 if (model) { 2426 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model); 2427 } else { 2428 switch (kind) { 2429 case IDE_CD: 2430 strcpy(s->drive_model_str, "QEMU DVD-ROM"); 2431 break; 2432 case IDE_CFATA: 2433 strcpy(s->drive_model_str, "QEMU MICRODRIVE"); 2434 break; 2435 default: 2436 strcpy(s->drive_model_str, "QEMU HARDDISK"); 2437 break; 2438 } 2439 } 2440 2441 if (version) { 2442 pstrcpy(s->version, sizeof(s->version), version); 2443 } else { 2444 pstrcpy(s->version, sizeof(s->version), qemu_hw_version()); 2445 } 2446 2447 ide_reset(s); 2448 blk_iostatus_enable(blk); 2449 return 0; 2450 } 2451 2452 static void ide_init1(IDEBus *bus, int unit) 2453 { 2454 static int drive_serial = 1; 2455 IDEState *s = &bus->ifs[unit]; 2456 2457 s->bus = bus; 2458 s->unit = unit; 2459 s->drive_serial = drive_serial++; 2460 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */ 2461 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 2462 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len); 2463 memset(s->io_buffer, 0, s->io_buffer_total_len); 2464 2465 s->smart_selftest_data = blk_blockalign(s->blk, 512); 2466 memset(s->smart_selftest_data, 0, 512); 2467 2468 s->sector_write_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, 2469 ide_sector_write_timer_cb, s); 2470 } 2471 2472 static int ide_nop_int(IDEDMA *dma, int x) 2473 { 2474 return 0; 2475 } 2476 2477 static void ide_nop(IDEDMA *dma) 2478 { 2479 } 2480 2481 static int32_t ide_nop_int32(IDEDMA *dma, int32_t l) 2482 { 2483 return 0; 2484 } 2485 2486 static const IDEDMAOps ide_dma_nop_ops = { 2487 .prepare_buf = ide_nop_int32, 2488 .restart_dma = ide_nop, 2489 .rw_buf = ide_nop_int, 2490 }; 2491 2492 static void ide_restart_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 2493 { 2494 s->unit = s->bus->retry_unit; 2495 ide_set_sector(s, s->bus->retry_sector_num); 2496 s->nsector = s->bus->retry_nsector; 2497 s->bus->dma->ops->restart_dma(s->bus->dma); 2498 s->io_buffer_size = 0; 2499 s->dma_cmd = dma_cmd; 2500 ide_start_dma(s, ide_dma_cb); 2501 } 2502 2503 static void ide_restart_bh(void *opaque) 2504 { 2505 IDEBus *bus = opaque; 2506 IDEState *s; 2507 bool is_read; 2508 int error_status; 2509 2510 qemu_bh_delete(bus->bh); 2511 bus->bh = NULL; 2512 2513 error_status = bus->error_status; 2514 if (bus->error_status == 0) { 2515 return; 2516 } 2517 2518 s = idebus_active_if(bus); 2519 is_read = (bus->error_status & IDE_RETRY_READ) != 0; 2520 2521 /* The error status must be cleared before resubmitting the request: The 2522 * request may fail again, and this case can only be distinguished if the 2523 * called function can set a new error status. */ 2524 bus->error_status = 0; 2525 2526 /* The HBA has generically asked to be kicked on retry */ 2527 if (error_status & IDE_RETRY_HBA) { 2528 if (s->bus->dma->ops->restart) { 2529 s->bus->dma->ops->restart(s->bus->dma); 2530 } 2531 } else if (IS_IDE_RETRY_DMA(error_status)) { 2532 if (error_status & IDE_RETRY_TRIM) { 2533 ide_restart_dma(s, IDE_DMA_TRIM); 2534 } else { 2535 ide_restart_dma(s, is_read ? IDE_DMA_READ : IDE_DMA_WRITE); 2536 } 2537 } else if (IS_IDE_RETRY_PIO(error_status)) { 2538 if (is_read) { 2539 ide_sector_read(s); 2540 } else { 2541 ide_sector_write(s); 2542 } 2543 } else if (error_status & IDE_RETRY_FLUSH) { 2544 ide_flush_cache(s); 2545 } else if (IS_IDE_RETRY_ATAPI(error_status)) { 2546 assert(s->end_transfer_func == ide_atapi_cmd); 2547 ide_atapi_dma_restart(s); 2548 } else { 2549 abort(); 2550 } 2551 } 2552 2553 static void ide_restart_cb(void *opaque, int running, RunState state) 2554 { 2555 IDEBus *bus = opaque; 2556 2557 if (!running) 2558 return; 2559 2560 if (!bus->bh) { 2561 bus->bh = qemu_bh_new(ide_restart_bh, bus); 2562 qemu_bh_schedule(bus->bh); 2563 } 2564 } 2565 2566 void ide_register_restart_cb(IDEBus *bus) 2567 { 2568 if (bus->dma->ops->restart_dma) { 2569 qemu_add_vm_change_state_handler(ide_restart_cb, bus); 2570 } 2571 } 2572 2573 static IDEDMA ide_dma_nop = { 2574 .ops = &ide_dma_nop_ops, 2575 .aiocb = NULL, 2576 }; 2577 2578 void ide_init2(IDEBus *bus, qemu_irq irq) 2579 { 2580 int i; 2581 2582 for(i = 0; i < 2; i++) { 2583 ide_init1(bus, i); 2584 ide_reset(&bus->ifs[i]); 2585 } 2586 bus->irq = irq; 2587 bus->dma = &ide_dma_nop; 2588 } 2589 2590 static const MemoryRegionPortio ide_portio_list[] = { 2591 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write }, 2592 { 0, 1, 2, .read = ide_data_readw, .write = ide_data_writew }, 2593 { 0, 1, 4, .read = ide_data_readl, .write = ide_data_writel }, 2594 PORTIO_END_OF_LIST(), 2595 }; 2596 2597 static const MemoryRegionPortio ide_portio2_list[] = { 2598 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write }, 2599 PORTIO_END_OF_LIST(), 2600 }; 2601 2602 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2) 2603 { 2604 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA 2605 bridge has been setup properly to always register with ISA. */ 2606 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide"); 2607 2608 if (iobase2) { 2609 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide"); 2610 } 2611 } 2612 2613 static bool is_identify_set(void *opaque, int version_id) 2614 { 2615 IDEState *s = opaque; 2616 2617 return s->identify_set != 0; 2618 } 2619 2620 static EndTransferFunc* transfer_end_table[] = { 2621 ide_sector_read, 2622 ide_sector_write, 2623 ide_transfer_stop, 2624 ide_atapi_cmd_reply_end, 2625 ide_atapi_cmd, 2626 ide_dummy_transfer_stop, 2627 }; 2628 2629 static int transfer_end_table_idx(EndTransferFunc *fn) 2630 { 2631 int i; 2632 2633 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2634 if (transfer_end_table[i] == fn) 2635 return i; 2636 2637 return -1; 2638 } 2639 2640 static int ide_drive_post_load(void *opaque, int version_id) 2641 { 2642 IDEState *s = opaque; 2643 2644 if (s->blk && s->identify_set) { 2645 blk_set_enable_write_cache(s->blk, !!(s->identify_data[85] & (1 << 5))); 2646 } 2647 return 0; 2648 } 2649 2650 static int ide_drive_pio_post_load(void *opaque, int version_id) 2651 { 2652 IDEState *s = opaque; 2653 2654 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { 2655 return -EINVAL; 2656 } 2657 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2658 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2659 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2660 s->atapi_dma = s->feature & 1; /* as per cmd_packet */ 2661 2662 return 0; 2663 } 2664 2665 static void ide_drive_pio_pre_save(void *opaque) 2666 { 2667 IDEState *s = opaque; 2668 int idx; 2669 2670 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2671 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2672 2673 idx = transfer_end_table_idx(s->end_transfer_func); 2674 if (idx == -1) { 2675 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2676 __func__); 2677 s->end_transfer_fn_idx = 2; 2678 } else { 2679 s->end_transfer_fn_idx = idx; 2680 } 2681 } 2682 2683 static bool ide_drive_pio_state_needed(void *opaque) 2684 { 2685 IDEState *s = opaque; 2686 2687 return ((s->status & DRQ_STAT) != 0) 2688 || (s->bus->error_status & IDE_RETRY_PIO); 2689 } 2690 2691 static bool ide_tray_state_needed(void *opaque) 2692 { 2693 IDEState *s = opaque; 2694 2695 return s->tray_open || s->tray_locked; 2696 } 2697 2698 static bool ide_atapi_gesn_needed(void *opaque) 2699 { 2700 IDEState *s = opaque; 2701 2702 return s->events.new_media || s->events.eject_request; 2703 } 2704 2705 static bool ide_error_needed(void *opaque) 2706 { 2707 IDEBus *bus = opaque; 2708 2709 return (bus->error_status != 0); 2710 } 2711 2712 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ 2713 static const VMStateDescription vmstate_ide_atapi_gesn_state = { 2714 .name ="ide_drive/atapi/gesn_state", 2715 .version_id = 1, 2716 .minimum_version_id = 1, 2717 .needed = ide_atapi_gesn_needed, 2718 .fields = (VMStateField[]) { 2719 VMSTATE_BOOL(events.new_media, IDEState), 2720 VMSTATE_BOOL(events.eject_request, IDEState), 2721 VMSTATE_END_OF_LIST() 2722 } 2723 }; 2724 2725 static const VMStateDescription vmstate_ide_tray_state = { 2726 .name = "ide_drive/tray_state", 2727 .version_id = 1, 2728 .minimum_version_id = 1, 2729 .needed = ide_tray_state_needed, 2730 .fields = (VMStateField[]) { 2731 VMSTATE_BOOL(tray_open, IDEState), 2732 VMSTATE_BOOL(tray_locked, IDEState), 2733 VMSTATE_END_OF_LIST() 2734 } 2735 }; 2736 2737 static const VMStateDescription vmstate_ide_drive_pio_state = { 2738 .name = "ide_drive/pio_state", 2739 .version_id = 1, 2740 .minimum_version_id = 1, 2741 .pre_save = ide_drive_pio_pre_save, 2742 .post_load = ide_drive_pio_post_load, 2743 .needed = ide_drive_pio_state_needed, 2744 .fields = (VMStateField[]) { 2745 VMSTATE_INT32(req_nb_sectors, IDEState), 2746 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2747 vmstate_info_uint8, uint8_t), 2748 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2749 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2750 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2751 VMSTATE_INT32(elementary_transfer_size, IDEState), 2752 VMSTATE_INT32(packet_transfer_size, IDEState), 2753 VMSTATE_END_OF_LIST() 2754 } 2755 }; 2756 2757 const VMStateDescription vmstate_ide_drive = { 2758 .name = "ide_drive", 2759 .version_id = 3, 2760 .minimum_version_id = 0, 2761 .post_load = ide_drive_post_load, 2762 .fields = (VMStateField[]) { 2763 VMSTATE_INT32(mult_sectors, IDEState), 2764 VMSTATE_INT32(identify_set, IDEState), 2765 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2766 VMSTATE_UINT8(feature, IDEState), 2767 VMSTATE_UINT8(error, IDEState), 2768 VMSTATE_UINT32(nsector, IDEState), 2769 VMSTATE_UINT8(sector, IDEState), 2770 VMSTATE_UINT8(lcyl, IDEState), 2771 VMSTATE_UINT8(hcyl, IDEState), 2772 VMSTATE_UINT8(hob_feature, IDEState), 2773 VMSTATE_UINT8(hob_sector, IDEState), 2774 VMSTATE_UINT8(hob_nsector, IDEState), 2775 VMSTATE_UINT8(hob_lcyl, IDEState), 2776 VMSTATE_UINT8(hob_hcyl, IDEState), 2777 VMSTATE_UINT8(select, IDEState), 2778 VMSTATE_UINT8(status, IDEState), 2779 VMSTATE_UINT8(lba48, IDEState), 2780 VMSTATE_UINT8(sense_key, IDEState), 2781 VMSTATE_UINT8(asc, IDEState), 2782 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2783 VMSTATE_END_OF_LIST() 2784 }, 2785 .subsections = (const VMStateDescription*[]) { 2786 &vmstate_ide_drive_pio_state, 2787 &vmstate_ide_tray_state, 2788 &vmstate_ide_atapi_gesn_state, 2789 NULL 2790 } 2791 }; 2792 2793 static const VMStateDescription vmstate_ide_error_status = { 2794 .name ="ide_bus/error", 2795 .version_id = 2, 2796 .minimum_version_id = 1, 2797 .needed = ide_error_needed, 2798 .fields = (VMStateField[]) { 2799 VMSTATE_INT32(error_status, IDEBus), 2800 VMSTATE_INT64_V(retry_sector_num, IDEBus, 2), 2801 VMSTATE_UINT32_V(retry_nsector, IDEBus, 2), 2802 VMSTATE_UINT8_V(retry_unit, IDEBus, 2), 2803 VMSTATE_END_OF_LIST() 2804 } 2805 }; 2806 2807 const VMStateDescription vmstate_ide_bus = { 2808 .name = "ide_bus", 2809 .version_id = 1, 2810 .minimum_version_id = 1, 2811 .fields = (VMStateField[]) { 2812 VMSTATE_UINT8(cmd, IDEBus), 2813 VMSTATE_UINT8(unit, IDEBus), 2814 VMSTATE_END_OF_LIST() 2815 }, 2816 .subsections = (const VMStateDescription*[]) { 2817 &vmstate_ide_error_status, 2818 NULL 2819 } 2820 }; 2821 2822 void ide_drive_get(DriveInfo **hd, int n) 2823 { 2824 int i; 2825 int highest_bus = drive_get_max_bus(IF_IDE) + 1; 2826 int max_devs = drive_get_max_devs(IF_IDE); 2827 int n_buses = max_devs ? (n / max_devs) : n; 2828 2829 /* 2830 * Note: The number of actual buses available is not known. 2831 * We compute this based on the size of the DriveInfo* array, n. 2832 * If it is less than max_devs * <num_real_buses>, 2833 * We will stop looking for drives prematurely instead of overfilling 2834 * the array. 2835 */ 2836 2837 if (highest_bus > n_buses) { 2838 error_report("Too many IDE buses defined (%d > %d)", 2839 highest_bus, n_buses); 2840 exit(1); 2841 } 2842 2843 for (i = 0; i < n; i++) { 2844 hd[i] = drive_get_by_index(IF_IDE, i); 2845 } 2846 } 2847