1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 26 #include "qemu/osdep.h" 27 #include "hw/isa/isa.h" 28 #include "migration/vmstate.h" 29 #include "qemu/error-report.h" 30 #include "qemu/main-loop.h" 31 #include "qemu/timer.h" 32 #include "sysemu/sysemu.h" 33 #include "sysemu/blockdev.h" 34 #include "sysemu/dma.h" 35 #include "hw/block/block.h" 36 #include "sysemu/block-backend.h" 37 #include "qapi/error.h" 38 #include "qemu/cutils.h" 39 #include "sysemu/replay.h" 40 #include "sysemu/runstate.h" 41 #include "hw/ide/internal.h" 42 #include "trace.h" 43 44 /* These values were based on a Seagate ST3500418AS but have been modified 45 to make more sense in QEMU */ 46 static const int smart_attributes[][12] = { 47 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */ 48 /* raw read error rate*/ 49 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06}, 50 /* spin up */ 51 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 52 /* start stop count */ 53 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14}, 54 /* remapped sectors */ 55 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24}, 56 /* power on hours */ 57 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 58 /* power cycle count */ 59 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 60 /* airflow-temperature-celsius */ 61 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32}, 62 }; 63 64 const char *IDE_DMA_CMD_lookup[IDE_DMA__COUNT] = { 65 [IDE_DMA_READ] = "DMA READ", 66 [IDE_DMA_WRITE] = "DMA WRITE", 67 [IDE_DMA_TRIM] = "DMA TRIM", 68 [IDE_DMA_ATAPI] = "DMA ATAPI" 69 }; 70 71 static const char *IDE_DMA_CMD_str(enum ide_dma_cmd enval) 72 { 73 if ((unsigned)enval < IDE_DMA__COUNT) { 74 return IDE_DMA_CMD_lookup[enval]; 75 } 76 return "DMA UNKNOWN CMD"; 77 } 78 79 static void ide_dummy_transfer_stop(IDEState *s); 80 81 static void padstr(char *str, const char *src, int len) 82 { 83 int i, v; 84 for(i = 0; i < len; i++) { 85 if (*src) 86 v = *src++; 87 else 88 v = ' '; 89 str[i^1] = v; 90 } 91 } 92 93 static void put_le16(uint16_t *p, unsigned int v) 94 { 95 *p = cpu_to_le16(v); 96 } 97 98 static void ide_identify_size(IDEState *s) 99 { 100 uint16_t *p = (uint16_t *)s->identify_data; 101 put_le16(p + 60, s->nb_sectors); 102 put_le16(p + 61, s->nb_sectors >> 16); 103 put_le16(p + 100, s->nb_sectors); 104 put_le16(p + 101, s->nb_sectors >> 16); 105 put_le16(p + 102, s->nb_sectors >> 32); 106 put_le16(p + 103, s->nb_sectors >> 48); 107 } 108 109 static void ide_identify(IDEState *s) 110 { 111 uint16_t *p; 112 unsigned int oldsize; 113 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; 114 115 p = (uint16_t *)s->identify_data; 116 if (s->identify_set) { 117 goto fill_buffer; 118 } 119 memset(p, 0, sizeof(s->identify_data)); 120 121 put_le16(p + 0, 0x0040); 122 put_le16(p + 1, s->cylinders); 123 put_le16(p + 3, s->heads); 124 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 125 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 126 put_le16(p + 6, s->sectors); 127 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 128 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 129 put_le16(p + 21, 512); /* cache size in sectors */ 130 put_le16(p + 22, 4); /* ecc bytes */ 131 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 132 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 133 #if MAX_MULT_SECTORS > 1 134 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 135 #endif 136 put_le16(p + 48, 1); /* dword I/O */ 137 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 138 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 139 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 140 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 141 put_le16(p + 54, s->cylinders); 142 put_le16(p + 55, s->heads); 143 put_le16(p + 56, s->sectors); 144 oldsize = s->cylinders * s->heads * s->sectors; 145 put_le16(p + 57, oldsize); 146 put_le16(p + 58, oldsize >> 16); 147 if (s->mult_sectors) 148 put_le16(p + 59, 0x100 | s->mult_sectors); 149 /* *(p + 60) := nb_sectors -- see ide_identify_size */ 150 /* *(p + 61) := nb_sectors >> 16 -- see ide_identify_size */ 151 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 152 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 153 put_le16(p + 64, 0x03); /* pio3-4 supported */ 154 put_le16(p + 65, 120); 155 put_le16(p + 66, 120); 156 put_le16(p + 67, 120); 157 put_le16(p + 68, 120); 158 if (dev && dev->conf.discard_granularity) { 159 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ 160 } 161 162 if (s->ncq_queues) { 163 put_le16(p + 75, s->ncq_queues - 1); 164 /* NCQ supported */ 165 put_le16(p + 76, (1 << 8)); 166 } 167 168 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 169 put_le16(p + 81, 0x16); /* conforms to ata5 */ 170 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */ 171 put_le16(p + 82, (1 << 14) | (1 << 5) | 1); 172 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 173 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 174 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 175 if (s->wwn) { 176 put_le16(p + 84, (1 << 14) | (1 << 8) | 0); 177 } else { 178 put_le16(p + 84, (1 << 14) | 0); 179 } 180 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 181 if (blk_enable_write_cache(s->blk)) { 182 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 183 } else { 184 put_le16(p + 85, (1 << 14) | 1); 185 } 186 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 187 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10)); 188 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 189 if (s->wwn) { 190 put_le16(p + 87, (1 << 14) | (1 << 8) | 0); 191 } else { 192 put_le16(p + 87, (1 << 14) | 0); 193 } 194 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 195 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 196 /* *(p + 100) := nb_sectors -- see ide_identify_size */ 197 /* *(p + 101) := nb_sectors >> 16 -- see ide_identify_size */ 198 /* *(p + 102) := nb_sectors >> 32 -- see ide_identify_size */ 199 /* *(p + 103) := nb_sectors >> 48 -- see ide_identify_size */ 200 201 if (dev && dev->conf.physical_block_size) 202 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 203 if (s->wwn) { 204 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 205 put_le16(p + 108, s->wwn >> 48); 206 put_le16(p + 109, s->wwn >> 32); 207 put_le16(p + 110, s->wwn >> 16); 208 put_le16(p + 111, s->wwn); 209 } 210 if (dev && dev->conf.discard_granularity) { 211 put_le16(p + 169, 1); /* TRIM support */ 212 } 213 if (dev) { 214 put_le16(p + 217, dev->rotation_rate); /* Nominal media rotation rate */ 215 } 216 217 ide_identify_size(s); 218 s->identify_set = 1; 219 220 fill_buffer: 221 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 222 } 223 224 static void ide_atapi_identify(IDEState *s) 225 { 226 uint16_t *p; 227 228 p = (uint16_t *)s->identify_data; 229 if (s->identify_set) { 230 goto fill_buffer; 231 } 232 memset(p, 0, sizeof(s->identify_data)); 233 234 /* Removable CDROM, 50us response, 12 byte packets */ 235 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 236 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 237 put_le16(p + 20, 3); /* buffer type */ 238 put_le16(p + 21, 512); /* cache size in sectors */ 239 put_le16(p + 22, 4); /* ecc bytes */ 240 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 241 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 242 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 243 #ifdef USE_DMA_CDROM 244 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 245 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 246 put_le16(p + 62, 7); /* single word dma0-2 supported */ 247 put_le16(p + 63, 7); /* mdma0-2 supported */ 248 #else 249 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 250 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 251 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 252 #endif 253 put_le16(p + 64, 3); /* pio3-4 supported */ 254 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 255 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 256 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 257 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 258 259 put_le16(p + 71, 30); /* in ns */ 260 put_le16(p + 72, 30); /* in ns */ 261 262 if (s->ncq_queues) { 263 put_le16(p + 75, s->ncq_queues - 1); 264 /* NCQ supported */ 265 put_le16(p + 76, (1 << 8)); 266 } 267 268 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 269 if (s->wwn) { 270 put_le16(p + 84, (1 << 8)); /* supports WWN for words 108-111 */ 271 put_le16(p + 87, (1 << 8)); /* WWN enabled */ 272 } 273 274 #ifdef USE_DMA_CDROM 275 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 276 #endif 277 278 if (s->wwn) { 279 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 280 put_le16(p + 108, s->wwn >> 48); 281 put_le16(p + 109, s->wwn >> 32); 282 put_le16(p + 110, s->wwn >> 16); 283 put_le16(p + 111, s->wwn); 284 } 285 286 s->identify_set = 1; 287 288 fill_buffer: 289 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 290 } 291 292 static void ide_cfata_identify_size(IDEState *s) 293 { 294 uint16_t *p = (uint16_t *)s->identify_data; 295 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 296 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 297 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 298 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 299 } 300 301 static void ide_cfata_identify(IDEState *s) 302 { 303 uint16_t *p; 304 uint32_t cur_sec; 305 306 p = (uint16_t *)s->identify_data; 307 if (s->identify_set) { 308 goto fill_buffer; 309 } 310 memset(p, 0, sizeof(s->identify_data)); 311 312 cur_sec = s->cylinders * s->heads * s->sectors; 313 314 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 315 put_le16(p + 1, s->cylinders); /* Default cylinders */ 316 put_le16(p + 3, s->heads); /* Default heads */ 317 put_le16(p + 6, s->sectors); /* Default sectors per track */ 318 /* *(p + 7) := nb_sectors >> 16 -- see ide_cfata_identify_size */ 319 /* *(p + 8) := nb_sectors -- see ide_cfata_identify_size */ 320 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 321 put_le16(p + 22, 0x0004); /* ECC bytes */ 322 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 323 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */ 324 #if MAX_MULT_SECTORS > 1 325 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 326 #else 327 put_le16(p + 47, 0x0000); 328 #endif 329 put_le16(p + 49, 0x0f00); /* Capabilities */ 330 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 331 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 332 put_le16(p + 53, 0x0003); /* Translation params valid */ 333 put_le16(p + 54, s->cylinders); /* Current cylinders */ 334 put_le16(p + 55, s->heads); /* Current heads */ 335 put_le16(p + 56, s->sectors); /* Current sectors */ 336 put_le16(p + 57, cur_sec); /* Current capacity */ 337 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 338 if (s->mult_sectors) /* Multiple sector setting */ 339 put_le16(p + 59, 0x100 | s->mult_sectors); 340 /* *(p + 60) := nb_sectors -- see ide_cfata_identify_size */ 341 /* *(p + 61) := nb_sectors >> 16 -- see ide_cfata_identify_size */ 342 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 343 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 344 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 345 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 346 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 347 put_le16(p + 82, 0x400c); /* Command Set supported */ 348 put_le16(p + 83, 0x7068); /* Command Set supported */ 349 put_le16(p + 84, 0x4000); /* Features supported */ 350 put_le16(p + 85, 0x000c); /* Command Set enabled */ 351 put_le16(p + 86, 0x7044); /* Command Set enabled */ 352 put_le16(p + 87, 0x4000); /* Features enabled */ 353 put_le16(p + 91, 0x4060); /* Current APM level */ 354 put_le16(p + 129, 0x0002); /* Current features option */ 355 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 356 put_le16(p + 131, 0x0001); /* Initial power mode */ 357 put_le16(p + 132, 0x0000); /* User signature */ 358 put_le16(p + 160, 0x8100); /* Power requirement */ 359 put_le16(p + 161, 0x8001); /* CF command set */ 360 361 ide_cfata_identify_size(s); 362 s->identify_set = 1; 363 364 fill_buffer: 365 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 366 } 367 368 static void ide_set_signature(IDEState *s) 369 { 370 s->select &= 0xf0; /* clear head */ 371 /* put signature */ 372 s->nsector = 1; 373 s->sector = 1; 374 if (s->drive_kind == IDE_CD) { 375 s->lcyl = 0x14; 376 s->hcyl = 0xeb; 377 } else if (s->blk) { 378 s->lcyl = 0; 379 s->hcyl = 0; 380 } else { 381 s->lcyl = 0xff; 382 s->hcyl = 0xff; 383 } 384 } 385 386 static bool ide_sect_range_ok(IDEState *s, 387 uint64_t sector, uint64_t nb_sectors) 388 { 389 uint64_t total_sectors; 390 391 blk_get_geometry(s->blk, &total_sectors); 392 if (sector > total_sectors || nb_sectors > total_sectors - sector) { 393 return false; 394 } 395 return true; 396 } 397 398 typedef struct TrimAIOCB { 399 BlockAIOCB common; 400 IDEState *s; 401 QEMUBH *bh; 402 int ret; 403 QEMUIOVector *qiov; 404 BlockAIOCB *aiocb; 405 int i, j; 406 } TrimAIOCB; 407 408 static void trim_aio_cancel(BlockAIOCB *acb) 409 { 410 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); 411 412 /* Exit the loop so ide_issue_trim_cb will not continue */ 413 iocb->j = iocb->qiov->niov - 1; 414 iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1; 415 416 iocb->ret = -ECANCELED; 417 418 if (iocb->aiocb) { 419 blk_aio_cancel_async(iocb->aiocb); 420 iocb->aiocb = NULL; 421 } 422 } 423 424 static const AIOCBInfo trim_aiocb_info = { 425 .aiocb_size = sizeof(TrimAIOCB), 426 .cancel_async = trim_aio_cancel, 427 }; 428 429 static void ide_trim_bh_cb(void *opaque) 430 { 431 TrimAIOCB *iocb = opaque; 432 433 iocb->common.cb(iocb->common.opaque, iocb->ret); 434 435 qemu_bh_delete(iocb->bh); 436 iocb->bh = NULL; 437 qemu_aio_unref(iocb); 438 } 439 440 static void ide_issue_trim_cb(void *opaque, int ret) 441 { 442 TrimAIOCB *iocb = opaque; 443 IDEState *s = iocb->s; 444 445 if (iocb->i >= 0) { 446 if (ret >= 0) { 447 block_acct_done(blk_get_stats(s->blk), &s->acct); 448 } else { 449 block_acct_failed(blk_get_stats(s->blk), &s->acct); 450 } 451 } 452 453 if (ret >= 0) { 454 while (iocb->j < iocb->qiov->niov) { 455 int j = iocb->j; 456 while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) { 457 int i = iocb->i; 458 uint64_t *buffer = iocb->qiov->iov[j].iov_base; 459 460 /* 6-byte LBA + 2-byte range per entry */ 461 uint64_t entry = le64_to_cpu(buffer[i]); 462 uint64_t sector = entry & 0x0000ffffffffffffULL; 463 uint16_t count = entry >> 48; 464 465 if (count == 0) { 466 continue; 467 } 468 469 if (!ide_sect_range_ok(s, sector, count)) { 470 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_UNMAP); 471 iocb->ret = -EINVAL; 472 goto done; 473 } 474 475 block_acct_start(blk_get_stats(s->blk), &s->acct, 476 count << BDRV_SECTOR_BITS, BLOCK_ACCT_UNMAP); 477 478 /* Got an entry! Submit and exit. */ 479 iocb->aiocb = blk_aio_pdiscard(s->blk, 480 sector << BDRV_SECTOR_BITS, 481 count << BDRV_SECTOR_BITS, 482 ide_issue_trim_cb, opaque); 483 return; 484 } 485 486 iocb->j++; 487 iocb->i = -1; 488 } 489 } else { 490 iocb->ret = ret; 491 } 492 493 done: 494 iocb->aiocb = NULL; 495 if (iocb->bh) { 496 replay_bh_schedule_event(iocb->bh); 497 } 498 } 499 500 BlockAIOCB *ide_issue_trim( 501 int64_t offset, QEMUIOVector *qiov, 502 BlockCompletionFunc *cb, void *cb_opaque, void *opaque) 503 { 504 IDEState *s = opaque; 505 TrimAIOCB *iocb; 506 507 iocb = blk_aio_get(&trim_aiocb_info, s->blk, cb, cb_opaque); 508 iocb->s = s; 509 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); 510 iocb->ret = 0; 511 iocb->qiov = qiov; 512 iocb->i = -1; 513 iocb->j = 0; 514 ide_issue_trim_cb(iocb, 0); 515 return &iocb->common; 516 } 517 518 void ide_abort_command(IDEState *s) 519 { 520 ide_transfer_stop(s); 521 s->status = READY_STAT | ERR_STAT; 522 s->error = ABRT_ERR; 523 } 524 525 static void ide_set_retry(IDEState *s) 526 { 527 s->bus->retry_unit = s->unit; 528 s->bus->retry_sector_num = ide_get_sector(s); 529 s->bus->retry_nsector = s->nsector; 530 } 531 532 static void ide_clear_retry(IDEState *s) 533 { 534 s->bus->retry_unit = -1; 535 s->bus->retry_sector_num = 0; 536 s->bus->retry_nsector = 0; 537 } 538 539 /* prepare data transfer and tell what to do after */ 540 bool ide_transfer_start_norecurse(IDEState *s, uint8_t *buf, int size, 541 EndTransferFunc *end_transfer_func) 542 { 543 s->data_ptr = buf; 544 s->data_end = buf + size; 545 ide_set_retry(s); 546 if (!(s->status & ERR_STAT)) { 547 s->status |= DRQ_STAT; 548 } 549 if (!s->bus->dma->ops->pio_transfer) { 550 s->end_transfer_func = end_transfer_func; 551 return false; 552 } 553 s->bus->dma->ops->pio_transfer(s->bus->dma); 554 return true; 555 } 556 557 void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 558 EndTransferFunc *end_transfer_func) 559 { 560 if (ide_transfer_start_norecurse(s, buf, size, end_transfer_func)) { 561 end_transfer_func(s); 562 } 563 } 564 565 static void ide_cmd_done(IDEState *s) 566 { 567 if (s->bus->dma->ops->cmd_done) { 568 s->bus->dma->ops->cmd_done(s->bus->dma); 569 } 570 } 571 572 static void ide_transfer_halt(IDEState *s) 573 { 574 s->end_transfer_func = ide_transfer_stop; 575 s->data_ptr = s->io_buffer; 576 s->data_end = s->io_buffer; 577 s->status &= ~DRQ_STAT; 578 } 579 580 void ide_transfer_stop(IDEState *s) 581 { 582 ide_transfer_halt(s); 583 ide_cmd_done(s); 584 } 585 586 int64_t ide_get_sector(IDEState *s) 587 { 588 int64_t sector_num; 589 if (s->select & 0x40) { 590 /* lba */ 591 if (!s->lba48) { 592 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 593 (s->lcyl << 8) | s->sector; 594 } else { 595 sector_num = ((int64_t)s->hob_hcyl << 40) | 596 ((int64_t) s->hob_lcyl << 32) | 597 ((int64_t) s->hob_sector << 24) | 598 ((int64_t) s->hcyl << 16) | 599 ((int64_t) s->lcyl << 8) | s->sector; 600 } 601 } else { 602 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 603 (s->select & 0x0f) * s->sectors + (s->sector - 1); 604 } 605 return sector_num; 606 } 607 608 void ide_set_sector(IDEState *s, int64_t sector_num) 609 { 610 unsigned int cyl, r; 611 if (s->select & 0x40) { 612 if (!s->lba48) { 613 s->select = (s->select & 0xf0) | (sector_num >> 24); 614 s->hcyl = (sector_num >> 16); 615 s->lcyl = (sector_num >> 8); 616 s->sector = (sector_num); 617 } else { 618 s->sector = sector_num; 619 s->lcyl = sector_num >> 8; 620 s->hcyl = sector_num >> 16; 621 s->hob_sector = sector_num >> 24; 622 s->hob_lcyl = sector_num >> 32; 623 s->hob_hcyl = sector_num >> 40; 624 } 625 } else { 626 cyl = sector_num / (s->heads * s->sectors); 627 r = sector_num % (s->heads * s->sectors); 628 s->hcyl = cyl >> 8; 629 s->lcyl = cyl; 630 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 631 s->sector = (r % s->sectors) + 1; 632 } 633 } 634 635 static void ide_rw_error(IDEState *s) { 636 ide_abort_command(s); 637 ide_set_irq(s->bus); 638 } 639 640 static void ide_buffered_readv_cb(void *opaque, int ret) 641 { 642 IDEBufferedRequest *req = opaque; 643 if (!req->orphaned) { 644 if (!ret) { 645 assert(req->qiov.size == req->original_qiov->size); 646 qemu_iovec_from_buf(req->original_qiov, 0, 647 req->qiov.local_iov.iov_base, 648 req->original_qiov->size); 649 } 650 req->original_cb(req->original_opaque, ret); 651 } 652 QLIST_REMOVE(req, list); 653 qemu_vfree(qemu_iovec_buf(&req->qiov)); 654 g_free(req); 655 } 656 657 #define MAX_BUFFERED_REQS 16 658 659 BlockAIOCB *ide_buffered_readv(IDEState *s, int64_t sector_num, 660 QEMUIOVector *iov, int nb_sectors, 661 BlockCompletionFunc *cb, void *opaque) 662 { 663 BlockAIOCB *aioreq; 664 IDEBufferedRequest *req; 665 int c = 0; 666 667 QLIST_FOREACH(req, &s->buffered_requests, list) { 668 c++; 669 } 670 if (c > MAX_BUFFERED_REQS) { 671 return blk_abort_aio_request(s->blk, cb, opaque, -EIO); 672 } 673 674 req = g_new0(IDEBufferedRequest, 1); 675 req->original_qiov = iov; 676 req->original_cb = cb; 677 req->original_opaque = opaque; 678 qemu_iovec_init_buf(&req->qiov, blk_blockalign(s->blk, iov->size), 679 iov->size); 680 681 aioreq = blk_aio_preadv(s->blk, sector_num << BDRV_SECTOR_BITS, 682 &req->qiov, 0, ide_buffered_readv_cb, req); 683 684 QLIST_INSERT_HEAD(&s->buffered_requests, req, list); 685 return aioreq; 686 } 687 688 /** 689 * Cancel all pending DMA requests. 690 * Any buffered DMA requests are instantly canceled, 691 * but any pending unbuffered DMA requests must be waited on. 692 */ 693 void ide_cancel_dma_sync(IDEState *s) 694 { 695 IDEBufferedRequest *req; 696 697 /* First invoke the callbacks of all buffered requests 698 * and flag those requests as orphaned. Ideally there 699 * are no unbuffered (Scatter Gather DMA Requests or 700 * write requests) pending and we can avoid to drain. */ 701 QLIST_FOREACH(req, &s->buffered_requests, list) { 702 if (!req->orphaned) { 703 trace_ide_cancel_dma_sync_buffered(req->original_cb, req); 704 req->original_cb(req->original_opaque, -ECANCELED); 705 } 706 req->orphaned = true; 707 } 708 709 /* 710 * We can't cancel Scatter Gather DMA in the middle of the 711 * operation or a partial (not full) DMA transfer would reach 712 * the storage so we wait for completion instead (we beahve 713 * like if the DMA was completed by the time the guest trying 714 * to cancel dma with bmdma_cmd_writeb with BM_CMD_START not 715 * set). 716 * 717 * In the future we'll be able to safely cancel the I/O if the 718 * whole DMA operation will be submitted to disk with a single 719 * aio operation with preadv/pwritev. 720 */ 721 if (s->bus->dma->aiocb) { 722 trace_ide_cancel_dma_sync_remaining(); 723 blk_drain(s->blk); 724 assert(s->bus->dma->aiocb == NULL); 725 } 726 } 727 728 static void ide_sector_read(IDEState *s); 729 730 static void ide_sector_read_cb(void *opaque, int ret) 731 { 732 IDEState *s = opaque; 733 int n; 734 735 s->pio_aiocb = NULL; 736 s->status &= ~BUSY_STAT; 737 738 if (ret != 0) { 739 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO | 740 IDE_RETRY_READ)) { 741 return; 742 } 743 } 744 745 block_acct_done(blk_get_stats(s->blk), &s->acct); 746 747 n = s->nsector; 748 if (n > s->req_nb_sectors) { 749 n = s->req_nb_sectors; 750 } 751 752 ide_set_sector(s, ide_get_sector(s) + n); 753 s->nsector -= n; 754 /* Allow the guest to read the io_buffer */ 755 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read); 756 ide_set_irq(s->bus); 757 } 758 759 static void ide_sector_read(IDEState *s) 760 { 761 int64_t sector_num; 762 int n; 763 764 s->status = READY_STAT | SEEK_STAT; 765 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 766 sector_num = ide_get_sector(s); 767 n = s->nsector; 768 769 if (n == 0) { 770 ide_transfer_stop(s); 771 return; 772 } 773 774 s->status |= BUSY_STAT; 775 776 if (n > s->req_nb_sectors) { 777 n = s->req_nb_sectors; 778 } 779 780 trace_ide_sector_read(sector_num, n); 781 782 if (!ide_sect_range_ok(s, sector_num, n)) { 783 ide_rw_error(s); 784 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_READ); 785 return; 786 } 787 788 qemu_iovec_init_buf(&s->qiov, s->io_buffer, n * BDRV_SECTOR_SIZE); 789 790 block_acct_start(blk_get_stats(s->blk), &s->acct, 791 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ); 792 s->pio_aiocb = ide_buffered_readv(s, sector_num, &s->qiov, n, 793 ide_sector_read_cb, s); 794 } 795 796 void dma_buf_commit(IDEState *s, uint32_t tx_bytes) 797 { 798 if (s->bus->dma->ops->commit_buf) { 799 s->bus->dma->ops->commit_buf(s->bus->dma, tx_bytes); 800 } 801 s->io_buffer_offset += tx_bytes; 802 qemu_sglist_destroy(&s->sg); 803 } 804 805 void ide_set_inactive(IDEState *s, bool more) 806 { 807 s->bus->dma->aiocb = NULL; 808 ide_clear_retry(s); 809 if (s->bus->dma->ops->set_inactive) { 810 s->bus->dma->ops->set_inactive(s->bus->dma, more); 811 } 812 ide_cmd_done(s); 813 } 814 815 void ide_dma_error(IDEState *s) 816 { 817 dma_buf_commit(s, 0); 818 ide_abort_command(s); 819 ide_set_inactive(s, false); 820 ide_set_irq(s->bus); 821 } 822 823 int ide_handle_rw_error(IDEState *s, int error, int op) 824 { 825 bool is_read = (op & IDE_RETRY_READ) != 0; 826 BlockErrorAction action = blk_get_error_action(s->blk, is_read, error); 827 828 if (action == BLOCK_ERROR_ACTION_STOP) { 829 assert(s->bus->retry_unit == s->unit); 830 s->bus->error_status = op; 831 } else if (action == BLOCK_ERROR_ACTION_REPORT) { 832 block_acct_failed(blk_get_stats(s->blk), &s->acct); 833 if (IS_IDE_RETRY_DMA(op)) { 834 ide_dma_error(s); 835 } else if (IS_IDE_RETRY_ATAPI(op)) { 836 ide_atapi_io_error(s, -error); 837 } else { 838 ide_rw_error(s); 839 } 840 } 841 blk_error_action(s->blk, action, is_read, error); 842 return action != BLOCK_ERROR_ACTION_IGNORE; 843 } 844 845 static void ide_dma_cb(void *opaque, int ret) 846 { 847 IDEState *s = opaque; 848 int n; 849 int64_t sector_num; 850 uint64_t offset; 851 bool stay_active = false; 852 853 if (ret == -EINVAL) { 854 ide_dma_error(s); 855 return; 856 } 857 858 if (ret < 0) { 859 if (ide_handle_rw_error(s, -ret, ide_dma_cmd_to_retry(s->dma_cmd))) { 860 s->bus->dma->aiocb = NULL; 861 dma_buf_commit(s, 0); 862 return; 863 } 864 } 865 866 n = s->io_buffer_size >> 9; 867 if (n > s->nsector) { 868 /* The PRDs were longer than needed for this request. Shorten them so 869 * we don't get a negative remainder. The Active bit must remain set 870 * after the request completes. */ 871 n = s->nsector; 872 stay_active = true; 873 } 874 875 sector_num = ide_get_sector(s); 876 if (n > 0) { 877 assert(n * 512 == s->sg.size); 878 dma_buf_commit(s, s->sg.size); 879 sector_num += n; 880 ide_set_sector(s, sector_num); 881 s->nsector -= n; 882 } 883 884 /* end of transfer ? */ 885 if (s->nsector == 0) { 886 s->status = READY_STAT | SEEK_STAT; 887 ide_set_irq(s->bus); 888 goto eot; 889 } 890 891 /* launch next transfer */ 892 n = s->nsector; 893 s->io_buffer_index = 0; 894 s->io_buffer_size = n * 512; 895 if (s->bus->dma->ops->prepare_buf(s->bus->dma, s->io_buffer_size) < 512) { 896 /* The PRDs were too short. Reset the Active bit, but don't raise an 897 * interrupt. */ 898 s->status = READY_STAT | SEEK_STAT; 899 dma_buf_commit(s, 0); 900 goto eot; 901 } 902 903 trace_ide_dma_cb(s, sector_num, n, IDE_DMA_CMD_str(s->dma_cmd)); 904 905 if ((s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) && 906 !ide_sect_range_ok(s, sector_num, n)) { 907 ide_dma_error(s); 908 block_acct_invalid(blk_get_stats(s->blk), s->acct.type); 909 return; 910 } 911 912 offset = sector_num << BDRV_SECTOR_BITS; 913 switch (s->dma_cmd) { 914 case IDE_DMA_READ: 915 s->bus->dma->aiocb = dma_blk_read(s->blk, &s->sg, offset, 916 BDRV_SECTOR_SIZE, ide_dma_cb, s); 917 break; 918 case IDE_DMA_WRITE: 919 s->bus->dma->aiocb = dma_blk_write(s->blk, &s->sg, offset, 920 BDRV_SECTOR_SIZE, ide_dma_cb, s); 921 break; 922 case IDE_DMA_TRIM: 923 s->bus->dma->aiocb = dma_blk_io(blk_get_aio_context(s->blk), 924 &s->sg, offset, BDRV_SECTOR_SIZE, 925 ide_issue_trim, s, ide_dma_cb, s, 926 DMA_DIRECTION_TO_DEVICE); 927 break; 928 default: 929 abort(); 930 } 931 return; 932 933 eot: 934 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) { 935 block_acct_done(blk_get_stats(s->blk), &s->acct); 936 } 937 ide_set_inactive(s, stay_active); 938 } 939 940 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 941 { 942 s->status = READY_STAT | SEEK_STAT | DRQ_STAT; 943 s->io_buffer_size = 0; 944 s->dma_cmd = dma_cmd; 945 946 switch (dma_cmd) { 947 case IDE_DMA_READ: 948 block_acct_start(blk_get_stats(s->blk), &s->acct, 949 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ); 950 break; 951 case IDE_DMA_WRITE: 952 block_acct_start(blk_get_stats(s->blk), &s->acct, 953 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE); 954 break; 955 default: 956 break; 957 } 958 959 ide_start_dma(s, ide_dma_cb); 960 } 961 962 void ide_start_dma(IDEState *s, BlockCompletionFunc *cb) 963 { 964 s->io_buffer_index = 0; 965 ide_set_retry(s); 966 if (s->bus->dma->ops->start_dma) { 967 s->bus->dma->ops->start_dma(s->bus->dma, s, cb); 968 } 969 } 970 971 static void ide_sector_write(IDEState *s); 972 973 static void ide_sector_write_timer_cb(void *opaque) 974 { 975 IDEState *s = opaque; 976 ide_set_irq(s->bus); 977 } 978 979 static void ide_sector_write_cb(void *opaque, int ret) 980 { 981 IDEState *s = opaque; 982 int n; 983 984 s->pio_aiocb = NULL; 985 s->status &= ~BUSY_STAT; 986 987 if (ret != 0) { 988 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO)) { 989 return; 990 } 991 } 992 993 block_acct_done(blk_get_stats(s->blk), &s->acct); 994 995 n = s->nsector; 996 if (n > s->req_nb_sectors) { 997 n = s->req_nb_sectors; 998 } 999 s->nsector -= n; 1000 1001 ide_set_sector(s, ide_get_sector(s) + n); 1002 if (s->nsector == 0) { 1003 /* no more sectors to write */ 1004 ide_transfer_stop(s); 1005 } else { 1006 int n1 = s->nsector; 1007 if (n1 > s->req_nb_sectors) { 1008 n1 = s->req_nb_sectors; 1009 } 1010 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE, 1011 ide_sector_write); 1012 } 1013 1014 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 1015 /* It seems there is a bug in the Windows 2000 installer HDD 1016 IDE driver which fills the disk with empty logs when the 1017 IDE write IRQ comes too early. This hack tries to correct 1018 that at the expense of slower write performances. Use this 1019 option _only_ to install Windows 2000. You must disable it 1020 for normal use. */ 1021 timer_mod(s->sector_write_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 1022 (NANOSECONDS_PER_SECOND / 1000)); 1023 } else { 1024 ide_set_irq(s->bus); 1025 } 1026 } 1027 1028 static void ide_sector_write(IDEState *s) 1029 { 1030 int64_t sector_num; 1031 int n; 1032 1033 s->status = READY_STAT | SEEK_STAT | BUSY_STAT; 1034 sector_num = ide_get_sector(s); 1035 1036 n = s->nsector; 1037 if (n > s->req_nb_sectors) { 1038 n = s->req_nb_sectors; 1039 } 1040 1041 trace_ide_sector_write(sector_num, n); 1042 1043 if (!ide_sect_range_ok(s, sector_num, n)) { 1044 ide_rw_error(s); 1045 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_WRITE); 1046 return; 1047 } 1048 1049 qemu_iovec_init_buf(&s->qiov, s->io_buffer, n * BDRV_SECTOR_SIZE); 1050 1051 block_acct_start(blk_get_stats(s->blk), &s->acct, 1052 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE); 1053 s->pio_aiocb = blk_aio_pwritev(s->blk, sector_num << BDRV_SECTOR_BITS, 1054 &s->qiov, 0, ide_sector_write_cb, s); 1055 } 1056 1057 static void ide_flush_cb(void *opaque, int ret) 1058 { 1059 IDEState *s = opaque; 1060 1061 s->pio_aiocb = NULL; 1062 1063 if (ret < 0) { 1064 /* XXX: What sector number to set here? */ 1065 if (ide_handle_rw_error(s, -ret, IDE_RETRY_FLUSH)) { 1066 return; 1067 } 1068 } 1069 1070 if (s->blk) { 1071 block_acct_done(blk_get_stats(s->blk), &s->acct); 1072 } 1073 s->status = READY_STAT | SEEK_STAT; 1074 ide_cmd_done(s); 1075 ide_set_irq(s->bus); 1076 } 1077 1078 static void ide_flush_cache(IDEState *s) 1079 { 1080 if (s->blk == NULL) { 1081 ide_flush_cb(s, 0); 1082 return; 1083 } 1084 1085 s->status |= BUSY_STAT; 1086 ide_set_retry(s); 1087 block_acct_start(blk_get_stats(s->blk), &s->acct, 0, BLOCK_ACCT_FLUSH); 1088 s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s); 1089 } 1090 1091 static void ide_cfata_metadata_inquiry(IDEState *s) 1092 { 1093 uint16_t *p; 1094 uint32_t spd; 1095 1096 p = (uint16_t *) s->io_buffer; 1097 memset(p, 0, 0x200); 1098 spd = ((s->mdata_size - 1) >> 9) + 1; 1099 1100 put_le16(p + 0, 0x0001); /* Data format revision */ 1101 put_le16(p + 1, 0x0000); /* Media property: silicon */ 1102 put_le16(p + 2, s->media_changed); /* Media status */ 1103 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 1104 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 1105 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 1106 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 1107 } 1108 1109 static void ide_cfata_metadata_read(IDEState *s) 1110 { 1111 uint16_t *p; 1112 1113 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 1114 s->status = ERR_STAT; 1115 s->error = ABRT_ERR; 1116 return; 1117 } 1118 1119 p = (uint16_t *) s->io_buffer; 1120 memset(p, 0, 0x200); 1121 1122 put_le16(p + 0, s->media_changed); /* Media status */ 1123 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 1124 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 1125 s->nsector << 9), 0x200 - 2)); 1126 } 1127 1128 static void ide_cfata_metadata_write(IDEState *s) 1129 { 1130 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 1131 s->status = ERR_STAT; 1132 s->error = ABRT_ERR; 1133 return; 1134 } 1135 1136 s->media_changed = 0; 1137 1138 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 1139 s->io_buffer + 2, 1140 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 1141 s->nsector << 9), 0x200 - 2)); 1142 } 1143 1144 /* called when the inserted state of the media has changed */ 1145 static void ide_cd_change_cb(void *opaque, bool load, Error **errp) 1146 { 1147 IDEState *s = opaque; 1148 uint64_t nb_sectors; 1149 1150 s->tray_open = !load; 1151 blk_get_geometry(s->blk, &nb_sectors); 1152 s->nb_sectors = nb_sectors; 1153 1154 /* 1155 * First indicate to the guest that a CD has been removed. That's 1156 * done on the next command the guest sends us. 1157 * 1158 * Then we set UNIT_ATTENTION, by which the guest will 1159 * detect a new CD in the drive. See ide_atapi_cmd() for details. 1160 */ 1161 s->cdrom_changed = 1; 1162 s->events.new_media = true; 1163 s->events.eject_request = false; 1164 ide_set_irq(s->bus); 1165 } 1166 1167 static void ide_cd_eject_request_cb(void *opaque, bool force) 1168 { 1169 IDEState *s = opaque; 1170 1171 s->events.eject_request = true; 1172 if (force) { 1173 s->tray_locked = false; 1174 } 1175 ide_set_irq(s->bus); 1176 } 1177 1178 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 1179 { 1180 s->lba48 = lba48; 1181 1182 /* handle the 'magic' 0 nsector count conversion here. to avoid 1183 * fiddling with the rest of the read logic, we just store the 1184 * full sector count in ->nsector and ignore ->hob_nsector from now 1185 */ 1186 if (!s->lba48) { 1187 if (!s->nsector) 1188 s->nsector = 256; 1189 } else { 1190 if (!s->nsector && !s->hob_nsector) 1191 s->nsector = 65536; 1192 else { 1193 int lo = s->nsector; 1194 int hi = s->hob_nsector; 1195 1196 s->nsector = (hi << 8) | lo; 1197 } 1198 } 1199 } 1200 1201 static void ide_clear_hob(IDEBus *bus) 1202 { 1203 /* any write clears HOB high bit of device control register */ 1204 bus->ifs[0].select &= ~(1 << 7); 1205 bus->ifs[1].select &= ~(1 << 7); 1206 } 1207 1208 /* IOport [W]rite [R]egisters */ 1209 enum ATA_IOPORT_WR { 1210 ATA_IOPORT_WR_DATA = 0, 1211 ATA_IOPORT_WR_FEATURES = 1, 1212 ATA_IOPORT_WR_SECTOR_COUNT = 2, 1213 ATA_IOPORT_WR_SECTOR_NUMBER = 3, 1214 ATA_IOPORT_WR_CYLINDER_LOW = 4, 1215 ATA_IOPORT_WR_CYLINDER_HIGH = 5, 1216 ATA_IOPORT_WR_DEVICE_HEAD = 6, 1217 ATA_IOPORT_WR_COMMAND = 7, 1218 ATA_IOPORT_WR_NUM_REGISTERS, 1219 }; 1220 1221 const char *ATA_IOPORT_WR_lookup[ATA_IOPORT_WR_NUM_REGISTERS] = { 1222 [ATA_IOPORT_WR_DATA] = "Data", 1223 [ATA_IOPORT_WR_FEATURES] = "Features", 1224 [ATA_IOPORT_WR_SECTOR_COUNT] = "Sector Count", 1225 [ATA_IOPORT_WR_SECTOR_NUMBER] = "Sector Number", 1226 [ATA_IOPORT_WR_CYLINDER_LOW] = "Cylinder Low", 1227 [ATA_IOPORT_WR_CYLINDER_HIGH] = "Cylinder High", 1228 [ATA_IOPORT_WR_DEVICE_HEAD] = "Device/Head", 1229 [ATA_IOPORT_WR_COMMAND] = "Command" 1230 }; 1231 1232 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 1233 { 1234 IDEBus *bus = opaque; 1235 IDEState *s = idebus_active_if(bus); 1236 int reg_num = addr & 7; 1237 1238 trace_ide_ioport_write(addr, ATA_IOPORT_WR_lookup[reg_num], val, bus, s); 1239 1240 /* ignore writes to command block while busy with previous command */ 1241 if (reg_num != 7 && (s->status & (BUSY_STAT|DRQ_STAT))) { 1242 return; 1243 } 1244 1245 switch (reg_num) { 1246 case 0: 1247 break; 1248 case ATA_IOPORT_WR_FEATURES: 1249 ide_clear_hob(bus); 1250 /* NOTE: data is written to the two drives */ 1251 bus->ifs[0].hob_feature = bus->ifs[0].feature; 1252 bus->ifs[1].hob_feature = bus->ifs[1].feature; 1253 bus->ifs[0].feature = val; 1254 bus->ifs[1].feature = val; 1255 break; 1256 case ATA_IOPORT_WR_SECTOR_COUNT: 1257 ide_clear_hob(bus); 1258 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 1259 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 1260 bus->ifs[0].nsector = val; 1261 bus->ifs[1].nsector = val; 1262 break; 1263 case ATA_IOPORT_WR_SECTOR_NUMBER: 1264 ide_clear_hob(bus); 1265 bus->ifs[0].hob_sector = bus->ifs[0].sector; 1266 bus->ifs[1].hob_sector = bus->ifs[1].sector; 1267 bus->ifs[0].sector = val; 1268 bus->ifs[1].sector = val; 1269 break; 1270 case ATA_IOPORT_WR_CYLINDER_LOW: 1271 ide_clear_hob(bus); 1272 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 1273 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 1274 bus->ifs[0].lcyl = val; 1275 bus->ifs[1].lcyl = val; 1276 break; 1277 case ATA_IOPORT_WR_CYLINDER_HIGH: 1278 ide_clear_hob(bus); 1279 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 1280 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 1281 bus->ifs[0].hcyl = val; 1282 bus->ifs[1].hcyl = val; 1283 break; 1284 case ATA_IOPORT_WR_DEVICE_HEAD: 1285 /* FIXME: HOB readback uses bit 7 */ 1286 bus->ifs[0].select = (val & ~0x10) | 0xa0; 1287 bus->ifs[1].select = (val | 0x10) | 0xa0; 1288 /* select drive */ 1289 bus->unit = (val >> 4) & 1; 1290 break; 1291 default: 1292 case ATA_IOPORT_WR_COMMAND: 1293 /* command */ 1294 ide_exec_cmd(bus, val); 1295 break; 1296 } 1297 } 1298 1299 static void ide_reset(IDEState *s) 1300 { 1301 trace_ide_reset(s); 1302 1303 if (s->pio_aiocb) { 1304 blk_aio_cancel(s->pio_aiocb); 1305 s->pio_aiocb = NULL; 1306 } 1307 1308 if (s->drive_kind == IDE_CFATA) 1309 s->mult_sectors = 0; 1310 else 1311 s->mult_sectors = MAX_MULT_SECTORS; 1312 /* ide regs */ 1313 s->feature = 0; 1314 s->error = 0; 1315 s->nsector = 0; 1316 s->sector = 0; 1317 s->lcyl = 0; 1318 s->hcyl = 0; 1319 1320 /* lba48 */ 1321 s->hob_feature = 0; 1322 s->hob_sector = 0; 1323 s->hob_nsector = 0; 1324 s->hob_lcyl = 0; 1325 s->hob_hcyl = 0; 1326 1327 s->select = 0xa0; 1328 s->status = READY_STAT | SEEK_STAT; 1329 1330 s->lba48 = 0; 1331 1332 /* ATAPI specific */ 1333 s->sense_key = 0; 1334 s->asc = 0; 1335 s->cdrom_changed = 0; 1336 s->packet_transfer_size = 0; 1337 s->elementary_transfer_size = 0; 1338 s->io_buffer_index = 0; 1339 s->cd_sector_size = 0; 1340 s->atapi_dma = 0; 1341 s->tray_locked = 0; 1342 s->tray_open = 0; 1343 /* ATA DMA state */ 1344 s->io_buffer_size = 0; 1345 s->req_nb_sectors = 0; 1346 1347 ide_set_signature(s); 1348 /* init the transfer handler so that 0xffff is returned on data 1349 accesses */ 1350 s->end_transfer_func = ide_dummy_transfer_stop; 1351 ide_dummy_transfer_stop(s); 1352 s->media_changed = 0; 1353 } 1354 1355 static bool cmd_nop(IDEState *s, uint8_t cmd) 1356 { 1357 return true; 1358 } 1359 1360 static bool cmd_device_reset(IDEState *s, uint8_t cmd) 1361 { 1362 /* Halt PIO (in the DRQ phase), then DMA */ 1363 ide_transfer_halt(s); 1364 ide_cancel_dma_sync(s); 1365 1366 /* Reset any PIO commands, reset signature, etc */ 1367 ide_reset(s); 1368 1369 /* RESET: ATA8-ACS3 7.10.4 "Normal Outputs"; 1370 * ATA8-ACS3 Table 184 "Device Signatures for Normal Output" */ 1371 s->status = 0x00; 1372 1373 /* Do not overwrite status register */ 1374 return false; 1375 } 1376 1377 static bool cmd_data_set_management(IDEState *s, uint8_t cmd) 1378 { 1379 switch (s->feature) { 1380 case DSM_TRIM: 1381 if (s->blk) { 1382 ide_sector_start_dma(s, IDE_DMA_TRIM); 1383 return false; 1384 } 1385 break; 1386 } 1387 1388 ide_abort_command(s); 1389 return true; 1390 } 1391 1392 static bool cmd_identify(IDEState *s, uint8_t cmd) 1393 { 1394 if (s->blk && s->drive_kind != IDE_CD) { 1395 if (s->drive_kind != IDE_CFATA) { 1396 ide_identify(s); 1397 } else { 1398 ide_cfata_identify(s); 1399 } 1400 s->status = READY_STAT | SEEK_STAT; 1401 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1402 ide_set_irq(s->bus); 1403 return false; 1404 } else { 1405 if (s->drive_kind == IDE_CD) { 1406 ide_set_signature(s); 1407 } 1408 ide_abort_command(s); 1409 } 1410 1411 return true; 1412 } 1413 1414 static bool cmd_verify(IDEState *s, uint8_t cmd) 1415 { 1416 bool lba48 = (cmd == WIN_VERIFY_EXT); 1417 1418 /* do sector number check ? */ 1419 ide_cmd_lba48_transform(s, lba48); 1420 1421 return true; 1422 } 1423 1424 static bool cmd_set_multiple_mode(IDEState *s, uint8_t cmd) 1425 { 1426 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1427 /* Disable Read and Write Multiple */ 1428 s->mult_sectors = 0; 1429 } else if ((s->nsector & 0xff) != 0 && 1430 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1431 (s->nsector & (s->nsector - 1)) != 0)) { 1432 ide_abort_command(s); 1433 } else { 1434 s->mult_sectors = s->nsector & 0xff; 1435 } 1436 1437 return true; 1438 } 1439 1440 static bool cmd_read_multiple(IDEState *s, uint8_t cmd) 1441 { 1442 bool lba48 = (cmd == WIN_MULTREAD_EXT); 1443 1444 if (!s->blk || !s->mult_sectors) { 1445 ide_abort_command(s); 1446 return true; 1447 } 1448 1449 ide_cmd_lba48_transform(s, lba48); 1450 s->req_nb_sectors = s->mult_sectors; 1451 ide_sector_read(s); 1452 return false; 1453 } 1454 1455 static bool cmd_write_multiple(IDEState *s, uint8_t cmd) 1456 { 1457 bool lba48 = (cmd == WIN_MULTWRITE_EXT); 1458 int n; 1459 1460 if (!s->blk || !s->mult_sectors) { 1461 ide_abort_command(s); 1462 return true; 1463 } 1464 1465 ide_cmd_lba48_transform(s, lba48); 1466 1467 s->req_nb_sectors = s->mult_sectors; 1468 n = MIN(s->nsector, s->req_nb_sectors); 1469 1470 s->status = SEEK_STAT | READY_STAT; 1471 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1472 1473 s->media_changed = 1; 1474 1475 return false; 1476 } 1477 1478 static bool cmd_read_pio(IDEState *s, uint8_t cmd) 1479 { 1480 bool lba48 = (cmd == WIN_READ_EXT); 1481 1482 if (s->drive_kind == IDE_CD) { 1483 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */ 1484 ide_abort_command(s); 1485 return true; 1486 } 1487 1488 if (!s->blk) { 1489 ide_abort_command(s); 1490 return true; 1491 } 1492 1493 ide_cmd_lba48_transform(s, lba48); 1494 s->req_nb_sectors = 1; 1495 ide_sector_read(s); 1496 1497 return false; 1498 } 1499 1500 static bool cmd_write_pio(IDEState *s, uint8_t cmd) 1501 { 1502 bool lba48 = (cmd == WIN_WRITE_EXT); 1503 1504 if (!s->blk) { 1505 ide_abort_command(s); 1506 return true; 1507 } 1508 1509 ide_cmd_lba48_transform(s, lba48); 1510 1511 s->req_nb_sectors = 1; 1512 s->status = SEEK_STAT | READY_STAT; 1513 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1514 1515 s->media_changed = 1; 1516 1517 return false; 1518 } 1519 1520 static bool cmd_read_dma(IDEState *s, uint8_t cmd) 1521 { 1522 bool lba48 = (cmd == WIN_READDMA_EXT); 1523 1524 if (!s->blk) { 1525 ide_abort_command(s); 1526 return true; 1527 } 1528 1529 ide_cmd_lba48_transform(s, lba48); 1530 ide_sector_start_dma(s, IDE_DMA_READ); 1531 1532 return false; 1533 } 1534 1535 static bool cmd_write_dma(IDEState *s, uint8_t cmd) 1536 { 1537 bool lba48 = (cmd == WIN_WRITEDMA_EXT); 1538 1539 if (!s->blk) { 1540 ide_abort_command(s); 1541 return true; 1542 } 1543 1544 ide_cmd_lba48_transform(s, lba48); 1545 ide_sector_start_dma(s, IDE_DMA_WRITE); 1546 1547 s->media_changed = 1; 1548 1549 return false; 1550 } 1551 1552 static bool cmd_flush_cache(IDEState *s, uint8_t cmd) 1553 { 1554 ide_flush_cache(s); 1555 return false; 1556 } 1557 1558 static bool cmd_seek(IDEState *s, uint8_t cmd) 1559 { 1560 /* XXX: Check that seek is within bounds */ 1561 return true; 1562 } 1563 1564 static bool cmd_read_native_max(IDEState *s, uint8_t cmd) 1565 { 1566 bool lba48 = (cmd == WIN_READ_NATIVE_MAX_EXT); 1567 1568 /* Refuse if no sectors are addressable (e.g. medium not inserted) */ 1569 if (s->nb_sectors == 0) { 1570 ide_abort_command(s); 1571 return true; 1572 } 1573 1574 ide_cmd_lba48_transform(s, lba48); 1575 ide_set_sector(s, s->nb_sectors - 1); 1576 1577 return true; 1578 } 1579 1580 static bool cmd_check_power_mode(IDEState *s, uint8_t cmd) 1581 { 1582 s->nsector = 0xff; /* device active or idle */ 1583 return true; 1584 } 1585 1586 static bool cmd_set_features(IDEState *s, uint8_t cmd) 1587 { 1588 uint16_t *identify_data; 1589 1590 if (!s->blk) { 1591 ide_abort_command(s); 1592 return true; 1593 } 1594 1595 /* XXX: valid for CDROM ? */ 1596 switch (s->feature) { 1597 case 0x02: /* write cache enable */ 1598 blk_set_enable_write_cache(s->blk, true); 1599 identify_data = (uint16_t *)s->identify_data; 1600 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1); 1601 return true; 1602 case 0x82: /* write cache disable */ 1603 blk_set_enable_write_cache(s->blk, false); 1604 identify_data = (uint16_t *)s->identify_data; 1605 put_le16(identify_data + 85, (1 << 14) | 1); 1606 ide_flush_cache(s); 1607 return false; 1608 case 0xcc: /* reverting to power-on defaults enable */ 1609 case 0x66: /* reverting to power-on defaults disable */ 1610 case 0xaa: /* read look-ahead enable */ 1611 case 0x55: /* read look-ahead disable */ 1612 case 0x05: /* set advanced power management mode */ 1613 case 0x85: /* disable advanced power management mode */ 1614 case 0x69: /* NOP */ 1615 case 0x67: /* NOP */ 1616 case 0x96: /* NOP */ 1617 case 0x9a: /* NOP */ 1618 case 0x42: /* enable Automatic Acoustic Mode */ 1619 case 0xc2: /* disable Automatic Acoustic Mode */ 1620 return true; 1621 case 0x03: /* set transfer mode */ 1622 { 1623 uint8_t val = s->nsector & 0x07; 1624 identify_data = (uint16_t *)s->identify_data; 1625 1626 switch (s->nsector >> 3) { 1627 case 0x00: /* pio default */ 1628 case 0x01: /* pio mode */ 1629 put_le16(identify_data + 62, 0x07); 1630 put_le16(identify_data + 63, 0x07); 1631 put_le16(identify_data + 88, 0x3f); 1632 break; 1633 case 0x02: /* sigle word dma mode*/ 1634 put_le16(identify_data + 62, 0x07 | (1 << (val + 8))); 1635 put_le16(identify_data + 63, 0x07); 1636 put_le16(identify_data + 88, 0x3f); 1637 break; 1638 case 0x04: /* mdma mode */ 1639 put_le16(identify_data + 62, 0x07); 1640 put_le16(identify_data + 63, 0x07 | (1 << (val + 8))); 1641 put_le16(identify_data + 88, 0x3f); 1642 break; 1643 case 0x08: /* udma mode */ 1644 put_le16(identify_data + 62, 0x07); 1645 put_le16(identify_data + 63, 0x07); 1646 put_le16(identify_data + 88, 0x3f | (1 << (val + 8))); 1647 break; 1648 default: 1649 goto abort_cmd; 1650 } 1651 return true; 1652 } 1653 } 1654 1655 abort_cmd: 1656 ide_abort_command(s); 1657 return true; 1658 } 1659 1660 1661 /*** ATAPI commands ***/ 1662 1663 static bool cmd_identify_packet(IDEState *s, uint8_t cmd) 1664 { 1665 ide_atapi_identify(s); 1666 s->status = READY_STAT | SEEK_STAT; 1667 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1668 ide_set_irq(s->bus); 1669 return false; 1670 } 1671 1672 static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t cmd) 1673 { 1674 ide_set_signature(s); 1675 1676 if (s->drive_kind == IDE_CD) { 1677 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 1678 * devices to return a clear status register 1679 * with READY_STAT *not* set. */ 1680 s->error = 0x01; 1681 } else { 1682 s->status = READY_STAT | SEEK_STAT; 1683 /* The bits of the error register are not as usual for this command! 1684 * They are part of the regular output (this is why ERR_STAT isn't set) 1685 * Device 0 passed, Device 1 passed or not present. */ 1686 s->error = 0x01; 1687 ide_set_irq(s->bus); 1688 } 1689 1690 return false; 1691 } 1692 1693 static bool cmd_packet(IDEState *s, uint8_t cmd) 1694 { 1695 /* overlapping commands not supported */ 1696 if (s->feature & 0x02) { 1697 ide_abort_command(s); 1698 return true; 1699 } 1700 1701 s->status = READY_STAT | SEEK_STAT; 1702 s->atapi_dma = s->feature & 1; 1703 if (s->atapi_dma) { 1704 s->dma_cmd = IDE_DMA_ATAPI; 1705 } 1706 s->nsector = 1; 1707 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 1708 ide_atapi_cmd); 1709 return false; 1710 } 1711 1712 1713 /*** CF-ATA commands ***/ 1714 1715 static bool cmd_cfa_req_ext_error_code(IDEState *s, uint8_t cmd) 1716 { 1717 s->error = 0x09; /* miscellaneous error */ 1718 s->status = READY_STAT | SEEK_STAT; 1719 ide_set_irq(s->bus); 1720 1721 return false; 1722 } 1723 1724 static bool cmd_cfa_erase_sectors(IDEState *s, uint8_t cmd) 1725 { 1726 /* WIN_SECURITY_FREEZE_LOCK has the same ID as CFA_WEAR_LEVEL and is 1727 * required for Windows 8 to work with AHCI */ 1728 1729 if (cmd == CFA_WEAR_LEVEL) { 1730 s->nsector = 0; 1731 } 1732 1733 if (cmd == CFA_ERASE_SECTORS) { 1734 s->media_changed = 1; 1735 } 1736 1737 return true; 1738 } 1739 1740 static bool cmd_cfa_translate_sector(IDEState *s, uint8_t cmd) 1741 { 1742 s->status = READY_STAT | SEEK_STAT; 1743 1744 memset(s->io_buffer, 0, 0x200); 1745 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 1746 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 1747 s->io_buffer[0x02] = s->select; /* Head */ 1748 s->io_buffer[0x03] = s->sector; /* Sector */ 1749 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 1750 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 1751 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 1752 s->io_buffer[0x13] = 0x00; /* Erase flag */ 1753 s->io_buffer[0x18] = 0x00; /* Hot count */ 1754 s->io_buffer[0x19] = 0x00; /* Hot count */ 1755 s->io_buffer[0x1a] = 0x01; /* Hot count */ 1756 1757 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1758 ide_set_irq(s->bus); 1759 1760 return false; 1761 } 1762 1763 static bool cmd_cfa_access_metadata_storage(IDEState *s, uint8_t cmd) 1764 { 1765 switch (s->feature) { 1766 case 0x02: /* Inquiry Metadata Storage */ 1767 ide_cfata_metadata_inquiry(s); 1768 break; 1769 case 0x03: /* Read Metadata Storage */ 1770 ide_cfata_metadata_read(s); 1771 break; 1772 case 0x04: /* Write Metadata Storage */ 1773 ide_cfata_metadata_write(s); 1774 break; 1775 default: 1776 ide_abort_command(s); 1777 return true; 1778 } 1779 1780 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1781 s->status = 0x00; /* NOTE: READY is _not_ set */ 1782 ide_set_irq(s->bus); 1783 1784 return false; 1785 } 1786 1787 static bool cmd_ibm_sense_condition(IDEState *s, uint8_t cmd) 1788 { 1789 switch (s->feature) { 1790 case 0x01: /* sense temperature in device */ 1791 s->nsector = 0x50; /* +20 C */ 1792 break; 1793 default: 1794 ide_abort_command(s); 1795 return true; 1796 } 1797 1798 return true; 1799 } 1800 1801 1802 /*** SMART commands ***/ 1803 1804 static bool cmd_smart(IDEState *s, uint8_t cmd) 1805 { 1806 int n; 1807 1808 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) { 1809 goto abort_cmd; 1810 } 1811 1812 if (!s->smart_enabled && s->feature != SMART_ENABLE) { 1813 goto abort_cmd; 1814 } 1815 1816 switch (s->feature) { 1817 case SMART_DISABLE: 1818 s->smart_enabled = 0; 1819 return true; 1820 1821 case SMART_ENABLE: 1822 s->smart_enabled = 1; 1823 return true; 1824 1825 case SMART_ATTR_AUTOSAVE: 1826 switch (s->sector) { 1827 case 0x00: 1828 s->smart_autosave = 0; 1829 break; 1830 case 0xf1: 1831 s->smart_autosave = 1; 1832 break; 1833 default: 1834 goto abort_cmd; 1835 } 1836 return true; 1837 1838 case SMART_STATUS: 1839 if (!s->smart_errors) { 1840 s->hcyl = 0xc2; 1841 s->lcyl = 0x4f; 1842 } else { 1843 s->hcyl = 0x2c; 1844 s->lcyl = 0xf4; 1845 } 1846 return true; 1847 1848 case SMART_READ_THRESH: 1849 memset(s->io_buffer, 0, 0x200); 1850 s->io_buffer[0] = 0x01; /* smart struct version */ 1851 1852 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1853 s->io_buffer[2 + 0 + (n * 12)] = smart_attributes[n][0]; 1854 s->io_buffer[2 + 1 + (n * 12)] = smart_attributes[n][11]; 1855 } 1856 1857 /* checksum */ 1858 for (n = 0; n < 511; n++) { 1859 s->io_buffer[511] += s->io_buffer[n]; 1860 } 1861 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1862 1863 s->status = READY_STAT | SEEK_STAT; 1864 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1865 ide_set_irq(s->bus); 1866 return false; 1867 1868 case SMART_READ_DATA: 1869 memset(s->io_buffer, 0, 0x200); 1870 s->io_buffer[0] = 0x01; /* smart struct version */ 1871 1872 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1873 int i; 1874 for (i = 0; i < 11; i++) { 1875 s->io_buffer[2 + i + (n * 12)] = smart_attributes[n][i]; 1876 } 1877 } 1878 1879 s->io_buffer[362] = 0x02 | (s->smart_autosave ? 0x80 : 0x00); 1880 if (s->smart_selftest_count == 0) { 1881 s->io_buffer[363] = 0; 1882 } else { 1883 s->io_buffer[363] = 1884 s->smart_selftest_data[3 + 1885 (s->smart_selftest_count - 1) * 1886 24]; 1887 } 1888 s->io_buffer[364] = 0x20; 1889 s->io_buffer[365] = 0x01; 1890 /* offline data collection capacity: execute + self-test*/ 1891 s->io_buffer[367] = (1 << 4 | 1 << 3 | 1); 1892 s->io_buffer[368] = 0x03; /* smart capability (1) */ 1893 s->io_buffer[369] = 0x00; /* smart capability (2) */ 1894 s->io_buffer[370] = 0x01; /* error logging supported */ 1895 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 1896 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 1897 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 1898 1899 for (n = 0; n < 511; n++) { 1900 s->io_buffer[511] += s->io_buffer[n]; 1901 } 1902 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1903 1904 s->status = READY_STAT | SEEK_STAT; 1905 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1906 ide_set_irq(s->bus); 1907 return false; 1908 1909 case SMART_READ_LOG: 1910 switch (s->sector) { 1911 case 0x01: /* summary smart error log */ 1912 memset(s->io_buffer, 0, 0x200); 1913 s->io_buffer[0] = 0x01; 1914 s->io_buffer[1] = 0x00; /* no error entries */ 1915 s->io_buffer[452] = s->smart_errors & 0xff; 1916 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 1917 1918 for (n = 0; n < 511; n++) { 1919 s->io_buffer[511] += s->io_buffer[n]; 1920 } 1921 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1922 break; 1923 case 0x06: /* smart self test log */ 1924 memset(s->io_buffer, 0, 0x200); 1925 s->io_buffer[0] = 0x01; 1926 if (s->smart_selftest_count == 0) { 1927 s->io_buffer[508] = 0; 1928 } else { 1929 s->io_buffer[508] = s->smart_selftest_count; 1930 for (n = 2; n < 506; n++) { 1931 s->io_buffer[n] = s->smart_selftest_data[n]; 1932 } 1933 } 1934 1935 for (n = 0; n < 511; n++) { 1936 s->io_buffer[511] += s->io_buffer[n]; 1937 } 1938 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1939 break; 1940 default: 1941 goto abort_cmd; 1942 } 1943 s->status = READY_STAT | SEEK_STAT; 1944 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1945 ide_set_irq(s->bus); 1946 return false; 1947 1948 case SMART_EXECUTE_OFFLINE: 1949 switch (s->sector) { 1950 case 0: /* off-line routine */ 1951 case 1: /* short self test */ 1952 case 2: /* extended self test */ 1953 s->smart_selftest_count++; 1954 if (s->smart_selftest_count > 21) { 1955 s->smart_selftest_count = 1; 1956 } 1957 n = 2 + (s->smart_selftest_count - 1) * 24; 1958 s->smart_selftest_data[n] = s->sector; 1959 s->smart_selftest_data[n + 1] = 0x00; /* OK and finished */ 1960 s->smart_selftest_data[n + 2] = 0x34; /* hour count lsb */ 1961 s->smart_selftest_data[n + 3] = 0x12; /* hour count msb */ 1962 break; 1963 default: 1964 goto abort_cmd; 1965 } 1966 return true; 1967 } 1968 1969 abort_cmd: 1970 ide_abort_command(s); 1971 return true; 1972 } 1973 1974 #define HD_OK (1u << IDE_HD) 1975 #define CD_OK (1u << IDE_CD) 1976 #define CFA_OK (1u << IDE_CFATA) 1977 #define HD_CFA_OK (HD_OK | CFA_OK) 1978 #define ALL_OK (HD_OK | CD_OK | CFA_OK) 1979 1980 /* Set the Disk Seek Completed status bit during completion */ 1981 #define SET_DSC (1u << 8) 1982 1983 /* See ACS-2 T13/2015-D Table B.2 Command codes */ 1984 static const struct { 1985 /* Returns true if the completion code should be run */ 1986 bool (*handler)(IDEState *s, uint8_t cmd); 1987 int flags; 1988 } ide_cmd_table[0x100] = { 1989 /* NOP not implemented, mandatory for CD */ 1990 [CFA_REQ_EXT_ERROR_CODE] = { cmd_cfa_req_ext_error_code, CFA_OK }, 1991 [WIN_DSM] = { cmd_data_set_management, HD_CFA_OK }, 1992 [WIN_DEVICE_RESET] = { cmd_device_reset, CD_OK }, 1993 [WIN_RECAL] = { cmd_nop, HD_CFA_OK | SET_DSC}, 1994 [WIN_READ] = { cmd_read_pio, ALL_OK }, 1995 [WIN_READ_ONCE] = { cmd_read_pio, HD_CFA_OK }, 1996 [WIN_READ_EXT] = { cmd_read_pio, HD_CFA_OK }, 1997 [WIN_READDMA_EXT] = { cmd_read_dma, HD_CFA_OK }, 1998 [WIN_READ_NATIVE_MAX_EXT] = { cmd_read_native_max, HD_CFA_OK | SET_DSC }, 1999 [WIN_MULTREAD_EXT] = { cmd_read_multiple, HD_CFA_OK }, 2000 [WIN_WRITE] = { cmd_write_pio, HD_CFA_OK }, 2001 [WIN_WRITE_ONCE] = { cmd_write_pio, HD_CFA_OK }, 2002 [WIN_WRITE_EXT] = { cmd_write_pio, HD_CFA_OK }, 2003 [WIN_WRITEDMA_EXT] = { cmd_write_dma, HD_CFA_OK }, 2004 [CFA_WRITE_SECT_WO_ERASE] = { cmd_write_pio, CFA_OK }, 2005 [WIN_MULTWRITE_EXT] = { cmd_write_multiple, HD_CFA_OK }, 2006 [WIN_WRITE_VERIFY] = { cmd_write_pio, HD_CFA_OK }, 2007 [WIN_VERIFY] = { cmd_verify, HD_CFA_OK | SET_DSC }, 2008 [WIN_VERIFY_ONCE] = { cmd_verify, HD_CFA_OK | SET_DSC }, 2009 [WIN_VERIFY_EXT] = { cmd_verify, HD_CFA_OK | SET_DSC }, 2010 [WIN_SEEK] = { cmd_seek, HD_CFA_OK | SET_DSC }, 2011 [CFA_TRANSLATE_SECTOR] = { cmd_cfa_translate_sector, CFA_OK }, 2012 [WIN_DIAGNOSE] = { cmd_exec_dev_diagnostic, ALL_OK }, 2013 [WIN_SPECIFY] = { cmd_nop, HD_CFA_OK | SET_DSC }, 2014 [WIN_STANDBYNOW2] = { cmd_nop, HD_CFA_OK }, 2015 [WIN_IDLEIMMEDIATE2] = { cmd_nop, HD_CFA_OK }, 2016 [WIN_STANDBY2] = { cmd_nop, HD_CFA_OK }, 2017 [WIN_SETIDLE2] = { cmd_nop, HD_CFA_OK }, 2018 [WIN_CHECKPOWERMODE2] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC }, 2019 [WIN_SLEEPNOW2] = { cmd_nop, HD_CFA_OK }, 2020 [WIN_PACKETCMD] = { cmd_packet, CD_OK }, 2021 [WIN_PIDENTIFY] = { cmd_identify_packet, CD_OK }, 2022 [WIN_SMART] = { cmd_smart, HD_CFA_OK | SET_DSC }, 2023 [CFA_ACCESS_METADATA_STORAGE] = { cmd_cfa_access_metadata_storage, CFA_OK }, 2024 [CFA_ERASE_SECTORS] = { cmd_cfa_erase_sectors, CFA_OK | SET_DSC }, 2025 [WIN_MULTREAD] = { cmd_read_multiple, HD_CFA_OK }, 2026 [WIN_MULTWRITE] = { cmd_write_multiple, HD_CFA_OK }, 2027 [WIN_SETMULT] = { cmd_set_multiple_mode, HD_CFA_OK | SET_DSC }, 2028 [WIN_READDMA] = { cmd_read_dma, HD_CFA_OK }, 2029 [WIN_READDMA_ONCE] = { cmd_read_dma, HD_CFA_OK }, 2030 [WIN_WRITEDMA] = { cmd_write_dma, HD_CFA_OK }, 2031 [WIN_WRITEDMA_ONCE] = { cmd_write_dma, HD_CFA_OK }, 2032 [CFA_WRITE_MULTI_WO_ERASE] = { cmd_write_multiple, CFA_OK }, 2033 [WIN_STANDBYNOW1] = { cmd_nop, HD_CFA_OK }, 2034 [WIN_IDLEIMMEDIATE] = { cmd_nop, HD_CFA_OK }, 2035 [WIN_STANDBY] = { cmd_nop, HD_CFA_OK }, 2036 [WIN_SETIDLE1] = { cmd_nop, HD_CFA_OK }, 2037 [WIN_CHECKPOWERMODE1] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC }, 2038 [WIN_SLEEPNOW1] = { cmd_nop, HD_CFA_OK }, 2039 [WIN_FLUSH_CACHE] = { cmd_flush_cache, ALL_OK }, 2040 [WIN_FLUSH_CACHE_EXT] = { cmd_flush_cache, HD_CFA_OK }, 2041 [WIN_IDENTIFY] = { cmd_identify, ALL_OK }, 2042 [WIN_SETFEATURES] = { cmd_set_features, ALL_OK | SET_DSC }, 2043 [IBM_SENSE_CONDITION] = { cmd_ibm_sense_condition, CFA_OK | SET_DSC }, 2044 [CFA_WEAR_LEVEL] = { cmd_cfa_erase_sectors, HD_CFA_OK | SET_DSC }, 2045 [WIN_READ_NATIVE_MAX] = { cmd_read_native_max, HD_CFA_OK | SET_DSC }, 2046 }; 2047 2048 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) 2049 { 2050 return cmd < ARRAY_SIZE(ide_cmd_table) 2051 && (ide_cmd_table[cmd].flags & (1u << s->drive_kind)); 2052 } 2053 2054 void ide_exec_cmd(IDEBus *bus, uint32_t val) 2055 { 2056 IDEState *s; 2057 bool complete; 2058 2059 s = idebus_active_if(bus); 2060 trace_ide_exec_cmd(bus, s, val); 2061 2062 /* ignore commands to non existent slave */ 2063 if (s != bus->ifs && !s->blk) { 2064 return; 2065 } 2066 2067 /* Only RESET is allowed while BSY and/or DRQ are set, 2068 * and only to ATAPI devices. */ 2069 if (s->status & (BUSY_STAT|DRQ_STAT)) { 2070 if (val != WIN_DEVICE_RESET || s->drive_kind != IDE_CD) { 2071 return; 2072 } 2073 } 2074 2075 if (!ide_cmd_permitted(s, val)) { 2076 ide_abort_command(s); 2077 ide_set_irq(s->bus); 2078 return; 2079 } 2080 2081 s->status = READY_STAT | BUSY_STAT; 2082 s->error = 0; 2083 s->io_buffer_offset = 0; 2084 2085 complete = ide_cmd_table[val].handler(s, val); 2086 if (complete) { 2087 s->status &= ~BUSY_STAT; 2088 assert(!!s->error == !!(s->status & ERR_STAT)); 2089 2090 if ((ide_cmd_table[val].flags & SET_DSC) && !s->error) { 2091 s->status |= SEEK_STAT; 2092 } 2093 2094 ide_cmd_done(s); 2095 ide_set_irq(s->bus); 2096 } 2097 } 2098 2099 /* IOport [R]ead [R]egisters */ 2100 enum ATA_IOPORT_RR { 2101 ATA_IOPORT_RR_DATA = 0, 2102 ATA_IOPORT_RR_ERROR = 1, 2103 ATA_IOPORT_RR_SECTOR_COUNT = 2, 2104 ATA_IOPORT_RR_SECTOR_NUMBER = 3, 2105 ATA_IOPORT_RR_CYLINDER_LOW = 4, 2106 ATA_IOPORT_RR_CYLINDER_HIGH = 5, 2107 ATA_IOPORT_RR_DEVICE_HEAD = 6, 2108 ATA_IOPORT_RR_STATUS = 7, 2109 ATA_IOPORT_RR_NUM_REGISTERS, 2110 }; 2111 2112 const char *ATA_IOPORT_RR_lookup[ATA_IOPORT_RR_NUM_REGISTERS] = { 2113 [ATA_IOPORT_RR_DATA] = "Data", 2114 [ATA_IOPORT_RR_ERROR] = "Error", 2115 [ATA_IOPORT_RR_SECTOR_COUNT] = "Sector Count", 2116 [ATA_IOPORT_RR_SECTOR_NUMBER] = "Sector Number", 2117 [ATA_IOPORT_RR_CYLINDER_LOW] = "Cylinder Low", 2118 [ATA_IOPORT_RR_CYLINDER_HIGH] = "Cylinder High", 2119 [ATA_IOPORT_RR_DEVICE_HEAD] = "Device/Head", 2120 [ATA_IOPORT_RR_STATUS] = "Status" 2121 }; 2122 2123 uint32_t ide_ioport_read(void *opaque, uint32_t addr) 2124 { 2125 IDEBus *bus = opaque; 2126 IDEState *s = idebus_active_if(bus); 2127 uint32_t reg_num; 2128 int ret, hob; 2129 2130 reg_num = addr & 7; 2131 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 2132 //hob = s->select & (1 << 7); 2133 hob = 0; 2134 switch (reg_num) { 2135 case ATA_IOPORT_RR_DATA: 2136 ret = 0xff; 2137 break; 2138 case ATA_IOPORT_RR_ERROR: 2139 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2140 (s != bus->ifs && !s->blk)) { 2141 ret = 0; 2142 } else if (!hob) { 2143 ret = s->error; 2144 } else { 2145 ret = s->hob_feature; 2146 } 2147 break; 2148 case ATA_IOPORT_RR_SECTOR_COUNT: 2149 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2150 ret = 0; 2151 } else if (!hob) { 2152 ret = s->nsector & 0xff; 2153 } else { 2154 ret = s->hob_nsector; 2155 } 2156 break; 2157 case ATA_IOPORT_RR_SECTOR_NUMBER: 2158 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2159 ret = 0; 2160 } else if (!hob) { 2161 ret = s->sector; 2162 } else { 2163 ret = s->hob_sector; 2164 } 2165 break; 2166 case ATA_IOPORT_RR_CYLINDER_LOW: 2167 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2168 ret = 0; 2169 } else if (!hob) { 2170 ret = s->lcyl; 2171 } else { 2172 ret = s->hob_lcyl; 2173 } 2174 break; 2175 case ATA_IOPORT_RR_CYLINDER_HIGH: 2176 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2177 ret = 0; 2178 } else if (!hob) { 2179 ret = s->hcyl; 2180 } else { 2181 ret = s->hob_hcyl; 2182 } 2183 break; 2184 case ATA_IOPORT_RR_DEVICE_HEAD: 2185 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2186 ret = 0; 2187 } else { 2188 ret = s->select; 2189 } 2190 break; 2191 default: 2192 case ATA_IOPORT_RR_STATUS: 2193 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2194 (s != bus->ifs && !s->blk)) { 2195 ret = 0; 2196 } else { 2197 ret = s->status; 2198 } 2199 qemu_irq_lower(bus->irq); 2200 break; 2201 } 2202 2203 trace_ide_ioport_read(addr, ATA_IOPORT_RR_lookup[reg_num], ret, bus, s); 2204 return ret; 2205 } 2206 2207 uint32_t ide_status_read(void *opaque, uint32_t addr) 2208 { 2209 IDEBus *bus = opaque; 2210 IDEState *s = idebus_active_if(bus); 2211 int ret; 2212 2213 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2214 (s != bus->ifs && !s->blk)) { 2215 ret = 0; 2216 } else { 2217 ret = s->status; 2218 } 2219 2220 trace_ide_status_read(addr, ret, bus, s); 2221 return ret; 2222 } 2223 2224 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 2225 { 2226 IDEBus *bus = opaque; 2227 IDEState *s; 2228 int i; 2229 2230 trace_ide_cmd_write(addr, val, bus); 2231 2232 /* common for both drives */ 2233 if (!(bus->cmd & IDE_CMD_RESET) && 2234 (val & IDE_CMD_RESET)) { 2235 /* reset low to high */ 2236 for(i = 0;i < 2; i++) { 2237 s = &bus->ifs[i]; 2238 s->status = BUSY_STAT | SEEK_STAT; 2239 s->error = 0x01; 2240 } 2241 } else if ((bus->cmd & IDE_CMD_RESET) && 2242 !(val & IDE_CMD_RESET)) { 2243 /* high to low */ 2244 for(i = 0;i < 2; i++) { 2245 s = &bus->ifs[i]; 2246 if (s->drive_kind == IDE_CD) 2247 s->status = 0x00; /* NOTE: READY is _not_ set */ 2248 else 2249 s->status = READY_STAT | SEEK_STAT; 2250 ide_set_signature(s); 2251 } 2252 } 2253 2254 bus->cmd = val; 2255 } 2256 2257 /* 2258 * Returns true if the running PIO transfer is a PIO out (i.e. data is 2259 * transferred from the device to the guest), false if it's a PIO in 2260 */ 2261 static bool ide_is_pio_out(IDEState *s) 2262 { 2263 if (s->end_transfer_func == ide_sector_write || 2264 s->end_transfer_func == ide_atapi_cmd) { 2265 return false; 2266 } else if (s->end_transfer_func == ide_sector_read || 2267 s->end_transfer_func == ide_transfer_stop || 2268 s->end_transfer_func == ide_atapi_cmd_reply_end || 2269 s->end_transfer_func == ide_dummy_transfer_stop) { 2270 return true; 2271 } 2272 2273 abort(); 2274 } 2275 2276 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 2277 { 2278 IDEBus *bus = opaque; 2279 IDEState *s = idebus_active_if(bus); 2280 uint8_t *p; 2281 2282 trace_ide_data_writew(addr, val, bus, s); 2283 2284 /* PIO data access allowed only when DRQ bit is set. The result of a write 2285 * during PIO out is indeterminate, just ignore it. */ 2286 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 2287 return; 2288 } 2289 2290 p = s->data_ptr; 2291 if (p + 2 > s->data_end) { 2292 return; 2293 } 2294 2295 *(uint16_t *)p = le16_to_cpu(val); 2296 p += 2; 2297 s->data_ptr = p; 2298 if (p >= s->data_end) { 2299 s->status &= ~DRQ_STAT; 2300 s->end_transfer_func(s); 2301 } 2302 } 2303 2304 uint32_t ide_data_readw(void *opaque, uint32_t addr) 2305 { 2306 IDEBus *bus = opaque; 2307 IDEState *s = idebus_active_if(bus); 2308 uint8_t *p; 2309 int ret; 2310 2311 /* PIO data access allowed only when DRQ bit is set. The result of a read 2312 * during PIO in is indeterminate, return 0 and don't move forward. */ 2313 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 2314 return 0; 2315 } 2316 2317 p = s->data_ptr; 2318 if (p + 2 > s->data_end) { 2319 return 0; 2320 } 2321 2322 ret = cpu_to_le16(*(uint16_t *)p); 2323 p += 2; 2324 s->data_ptr = p; 2325 if (p >= s->data_end) { 2326 s->status &= ~DRQ_STAT; 2327 s->end_transfer_func(s); 2328 } 2329 2330 trace_ide_data_readw(addr, ret, bus, s); 2331 return ret; 2332 } 2333 2334 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 2335 { 2336 IDEBus *bus = opaque; 2337 IDEState *s = idebus_active_if(bus); 2338 uint8_t *p; 2339 2340 trace_ide_data_writel(addr, val, bus, s); 2341 2342 /* PIO data access allowed only when DRQ bit is set. The result of a write 2343 * during PIO out is indeterminate, just ignore it. */ 2344 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 2345 return; 2346 } 2347 2348 p = s->data_ptr; 2349 if (p + 4 > s->data_end) { 2350 return; 2351 } 2352 2353 *(uint32_t *)p = le32_to_cpu(val); 2354 p += 4; 2355 s->data_ptr = p; 2356 if (p >= s->data_end) { 2357 s->status &= ~DRQ_STAT; 2358 s->end_transfer_func(s); 2359 } 2360 } 2361 2362 uint32_t ide_data_readl(void *opaque, uint32_t addr) 2363 { 2364 IDEBus *bus = opaque; 2365 IDEState *s = idebus_active_if(bus); 2366 uint8_t *p; 2367 int ret; 2368 2369 /* PIO data access allowed only when DRQ bit is set. The result of a read 2370 * during PIO in is indeterminate, return 0 and don't move forward. */ 2371 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 2372 ret = 0; 2373 goto out; 2374 } 2375 2376 p = s->data_ptr; 2377 if (p + 4 > s->data_end) { 2378 return 0; 2379 } 2380 2381 ret = cpu_to_le32(*(uint32_t *)p); 2382 p += 4; 2383 s->data_ptr = p; 2384 if (p >= s->data_end) { 2385 s->status &= ~DRQ_STAT; 2386 s->end_transfer_func(s); 2387 } 2388 2389 out: 2390 trace_ide_data_readl(addr, ret, bus, s); 2391 return ret; 2392 } 2393 2394 static void ide_dummy_transfer_stop(IDEState *s) 2395 { 2396 s->data_ptr = s->io_buffer; 2397 s->data_end = s->io_buffer; 2398 s->io_buffer[0] = 0xff; 2399 s->io_buffer[1] = 0xff; 2400 s->io_buffer[2] = 0xff; 2401 s->io_buffer[3] = 0xff; 2402 } 2403 2404 void ide_bus_reset(IDEBus *bus) 2405 { 2406 bus->unit = 0; 2407 bus->cmd = 0; 2408 ide_reset(&bus->ifs[0]); 2409 ide_reset(&bus->ifs[1]); 2410 ide_clear_hob(bus); 2411 2412 /* pending async DMA */ 2413 if (bus->dma->aiocb) { 2414 trace_ide_bus_reset_aio(); 2415 blk_aio_cancel(bus->dma->aiocb); 2416 bus->dma->aiocb = NULL; 2417 } 2418 2419 /* reset dma provider too */ 2420 if (bus->dma->ops->reset) { 2421 bus->dma->ops->reset(bus->dma); 2422 } 2423 } 2424 2425 static bool ide_cd_is_tray_open(void *opaque) 2426 { 2427 return ((IDEState *)opaque)->tray_open; 2428 } 2429 2430 static bool ide_cd_is_medium_locked(void *opaque) 2431 { 2432 return ((IDEState *)opaque)->tray_locked; 2433 } 2434 2435 static void ide_resize_cb(void *opaque) 2436 { 2437 IDEState *s = opaque; 2438 uint64_t nb_sectors; 2439 2440 if (!s->identify_set) { 2441 return; 2442 } 2443 2444 blk_get_geometry(s->blk, &nb_sectors); 2445 s->nb_sectors = nb_sectors; 2446 2447 /* Update the identify data buffer. */ 2448 if (s->drive_kind == IDE_CFATA) { 2449 ide_cfata_identify_size(s); 2450 } else { 2451 /* IDE_CD uses a different set of callbacks entirely. */ 2452 assert(s->drive_kind != IDE_CD); 2453 ide_identify_size(s); 2454 } 2455 } 2456 2457 static const BlockDevOps ide_cd_block_ops = { 2458 .change_media_cb = ide_cd_change_cb, 2459 .eject_request_cb = ide_cd_eject_request_cb, 2460 .is_tray_open = ide_cd_is_tray_open, 2461 .is_medium_locked = ide_cd_is_medium_locked, 2462 }; 2463 2464 static const BlockDevOps ide_hd_block_ops = { 2465 .resize_cb = ide_resize_cb, 2466 }; 2467 2468 int ide_init_drive(IDEState *s, BlockBackend *blk, IDEDriveKind kind, 2469 const char *version, const char *serial, const char *model, 2470 uint64_t wwn, 2471 uint32_t cylinders, uint32_t heads, uint32_t secs, 2472 int chs_trans, Error **errp) 2473 { 2474 uint64_t nb_sectors; 2475 2476 s->blk = blk; 2477 s->drive_kind = kind; 2478 2479 blk_get_geometry(blk, &nb_sectors); 2480 s->cylinders = cylinders; 2481 s->heads = heads; 2482 s->sectors = secs; 2483 s->chs_trans = chs_trans; 2484 s->nb_sectors = nb_sectors; 2485 s->wwn = wwn; 2486 /* The SMART values should be preserved across power cycles 2487 but they aren't. */ 2488 s->smart_enabled = 1; 2489 s->smart_autosave = 1; 2490 s->smart_errors = 0; 2491 s->smart_selftest_count = 0; 2492 if (kind == IDE_CD) { 2493 blk_set_dev_ops(blk, &ide_cd_block_ops, s); 2494 blk_set_guest_block_size(blk, 2048); 2495 } else { 2496 if (!blk_is_inserted(s->blk)) { 2497 error_setg(errp, "Device needs media, but drive is empty"); 2498 return -1; 2499 } 2500 if (blk_is_read_only(blk)) { 2501 error_setg(errp, "Can't use a read-only drive"); 2502 return -1; 2503 } 2504 blk_set_dev_ops(blk, &ide_hd_block_ops, s); 2505 } 2506 if (serial) { 2507 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial); 2508 } else { 2509 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 2510 "QM%05d", s->drive_serial); 2511 } 2512 if (model) { 2513 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model); 2514 } else { 2515 switch (kind) { 2516 case IDE_CD: 2517 strcpy(s->drive_model_str, "QEMU DVD-ROM"); 2518 break; 2519 case IDE_CFATA: 2520 strcpy(s->drive_model_str, "QEMU MICRODRIVE"); 2521 break; 2522 default: 2523 strcpy(s->drive_model_str, "QEMU HARDDISK"); 2524 break; 2525 } 2526 } 2527 2528 if (version) { 2529 pstrcpy(s->version, sizeof(s->version), version); 2530 } else { 2531 pstrcpy(s->version, sizeof(s->version), qemu_hw_version()); 2532 } 2533 2534 ide_reset(s); 2535 blk_iostatus_enable(blk); 2536 return 0; 2537 } 2538 2539 static void ide_init1(IDEBus *bus, int unit) 2540 { 2541 static int drive_serial = 1; 2542 IDEState *s = &bus->ifs[unit]; 2543 2544 s->bus = bus; 2545 s->unit = unit; 2546 s->drive_serial = drive_serial++; 2547 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */ 2548 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 2549 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len); 2550 memset(s->io_buffer, 0, s->io_buffer_total_len); 2551 2552 s->smart_selftest_data = blk_blockalign(s->blk, 512); 2553 memset(s->smart_selftest_data, 0, 512); 2554 2555 s->sector_write_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, 2556 ide_sector_write_timer_cb, s); 2557 } 2558 2559 static int ide_nop_int(IDEDMA *dma, int x) 2560 { 2561 return 0; 2562 } 2563 2564 static void ide_nop(IDEDMA *dma) 2565 { 2566 } 2567 2568 static int32_t ide_nop_int32(IDEDMA *dma, int32_t l) 2569 { 2570 return 0; 2571 } 2572 2573 static const IDEDMAOps ide_dma_nop_ops = { 2574 .prepare_buf = ide_nop_int32, 2575 .restart_dma = ide_nop, 2576 .rw_buf = ide_nop_int, 2577 }; 2578 2579 static void ide_restart_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 2580 { 2581 s->unit = s->bus->retry_unit; 2582 ide_set_sector(s, s->bus->retry_sector_num); 2583 s->nsector = s->bus->retry_nsector; 2584 s->bus->dma->ops->restart_dma(s->bus->dma); 2585 s->io_buffer_size = 0; 2586 s->dma_cmd = dma_cmd; 2587 ide_start_dma(s, ide_dma_cb); 2588 } 2589 2590 static void ide_restart_bh(void *opaque) 2591 { 2592 IDEBus *bus = opaque; 2593 IDEState *s; 2594 bool is_read; 2595 int error_status; 2596 2597 qemu_bh_delete(bus->bh); 2598 bus->bh = NULL; 2599 2600 error_status = bus->error_status; 2601 if (bus->error_status == 0) { 2602 return; 2603 } 2604 2605 s = idebus_active_if(bus); 2606 is_read = (bus->error_status & IDE_RETRY_READ) != 0; 2607 2608 /* The error status must be cleared before resubmitting the request: The 2609 * request may fail again, and this case can only be distinguished if the 2610 * called function can set a new error status. */ 2611 bus->error_status = 0; 2612 2613 /* The HBA has generically asked to be kicked on retry */ 2614 if (error_status & IDE_RETRY_HBA) { 2615 if (s->bus->dma->ops->restart) { 2616 s->bus->dma->ops->restart(s->bus->dma); 2617 } 2618 } else if (IS_IDE_RETRY_DMA(error_status)) { 2619 if (error_status & IDE_RETRY_TRIM) { 2620 ide_restart_dma(s, IDE_DMA_TRIM); 2621 } else { 2622 ide_restart_dma(s, is_read ? IDE_DMA_READ : IDE_DMA_WRITE); 2623 } 2624 } else if (IS_IDE_RETRY_PIO(error_status)) { 2625 if (is_read) { 2626 ide_sector_read(s); 2627 } else { 2628 ide_sector_write(s); 2629 } 2630 } else if (error_status & IDE_RETRY_FLUSH) { 2631 ide_flush_cache(s); 2632 } else if (IS_IDE_RETRY_ATAPI(error_status)) { 2633 assert(s->end_transfer_func == ide_atapi_cmd); 2634 ide_atapi_dma_restart(s); 2635 } else { 2636 abort(); 2637 } 2638 } 2639 2640 static void ide_restart_cb(void *opaque, int running, RunState state) 2641 { 2642 IDEBus *bus = opaque; 2643 2644 if (!running) 2645 return; 2646 2647 if (!bus->bh) { 2648 bus->bh = qemu_bh_new(ide_restart_bh, bus); 2649 qemu_bh_schedule(bus->bh); 2650 } 2651 } 2652 2653 void ide_register_restart_cb(IDEBus *bus) 2654 { 2655 if (bus->dma->ops->restart_dma) { 2656 bus->vmstate = qemu_add_vm_change_state_handler(ide_restart_cb, bus); 2657 } 2658 } 2659 2660 static IDEDMA ide_dma_nop = { 2661 .ops = &ide_dma_nop_ops, 2662 .aiocb = NULL, 2663 }; 2664 2665 void ide_init2(IDEBus *bus, qemu_irq irq) 2666 { 2667 int i; 2668 2669 for(i = 0; i < 2; i++) { 2670 ide_init1(bus, i); 2671 ide_reset(&bus->ifs[i]); 2672 } 2673 bus->irq = irq; 2674 bus->dma = &ide_dma_nop; 2675 } 2676 2677 void ide_exit(IDEState *s) 2678 { 2679 timer_del(s->sector_write_timer); 2680 timer_free(s->sector_write_timer); 2681 qemu_vfree(s->smart_selftest_data); 2682 qemu_vfree(s->io_buffer); 2683 } 2684 2685 static bool is_identify_set(void *opaque, int version_id) 2686 { 2687 IDEState *s = opaque; 2688 2689 return s->identify_set != 0; 2690 } 2691 2692 static EndTransferFunc* transfer_end_table[] = { 2693 ide_sector_read, 2694 ide_sector_write, 2695 ide_transfer_stop, 2696 ide_atapi_cmd_reply_end, 2697 ide_atapi_cmd, 2698 ide_dummy_transfer_stop, 2699 }; 2700 2701 static int transfer_end_table_idx(EndTransferFunc *fn) 2702 { 2703 int i; 2704 2705 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2706 if (transfer_end_table[i] == fn) 2707 return i; 2708 2709 return -1; 2710 } 2711 2712 static int ide_drive_post_load(void *opaque, int version_id) 2713 { 2714 IDEState *s = opaque; 2715 2716 if (s->blk && s->identify_set) { 2717 blk_set_enable_write_cache(s->blk, !!(s->identify_data[85] & (1 << 5))); 2718 } 2719 return 0; 2720 } 2721 2722 static int ide_drive_pio_post_load(void *opaque, int version_id) 2723 { 2724 IDEState *s = opaque; 2725 2726 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { 2727 return -EINVAL; 2728 } 2729 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2730 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2731 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2732 s->atapi_dma = s->feature & 1; /* as per cmd_packet */ 2733 2734 return 0; 2735 } 2736 2737 static int ide_drive_pio_pre_save(void *opaque) 2738 { 2739 IDEState *s = opaque; 2740 int idx; 2741 2742 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2743 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2744 2745 idx = transfer_end_table_idx(s->end_transfer_func); 2746 if (idx == -1) { 2747 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2748 __func__); 2749 s->end_transfer_fn_idx = 2; 2750 } else { 2751 s->end_transfer_fn_idx = idx; 2752 } 2753 2754 return 0; 2755 } 2756 2757 static bool ide_drive_pio_state_needed(void *opaque) 2758 { 2759 IDEState *s = opaque; 2760 2761 return ((s->status & DRQ_STAT) != 0) 2762 || (s->bus->error_status & IDE_RETRY_PIO); 2763 } 2764 2765 static bool ide_tray_state_needed(void *opaque) 2766 { 2767 IDEState *s = opaque; 2768 2769 return s->tray_open || s->tray_locked; 2770 } 2771 2772 static bool ide_atapi_gesn_needed(void *opaque) 2773 { 2774 IDEState *s = opaque; 2775 2776 return s->events.new_media || s->events.eject_request; 2777 } 2778 2779 static bool ide_error_needed(void *opaque) 2780 { 2781 IDEBus *bus = opaque; 2782 2783 return (bus->error_status != 0); 2784 } 2785 2786 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ 2787 static const VMStateDescription vmstate_ide_atapi_gesn_state = { 2788 .name ="ide_drive/atapi/gesn_state", 2789 .version_id = 1, 2790 .minimum_version_id = 1, 2791 .needed = ide_atapi_gesn_needed, 2792 .fields = (VMStateField[]) { 2793 VMSTATE_BOOL(events.new_media, IDEState), 2794 VMSTATE_BOOL(events.eject_request, IDEState), 2795 VMSTATE_END_OF_LIST() 2796 } 2797 }; 2798 2799 static const VMStateDescription vmstate_ide_tray_state = { 2800 .name = "ide_drive/tray_state", 2801 .version_id = 1, 2802 .minimum_version_id = 1, 2803 .needed = ide_tray_state_needed, 2804 .fields = (VMStateField[]) { 2805 VMSTATE_BOOL(tray_open, IDEState), 2806 VMSTATE_BOOL(tray_locked, IDEState), 2807 VMSTATE_END_OF_LIST() 2808 } 2809 }; 2810 2811 static const VMStateDescription vmstate_ide_drive_pio_state = { 2812 .name = "ide_drive/pio_state", 2813 .version_id = 1, 2814 .minimum_version_id = 1, 2815 .pre_save = ide_drive_pio_pre_save, 2816 .post_load = ide_drive_pio_post_load, 2817 .needed = ide_drive_pio_state_needed, 2818 .fields = (VMStateField[]) { 2819 VMSTATE_INT32(req_nb_sectors, IDEState), 2820 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2821 vmstate_info_uint8, uint8_t), 2822 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2823 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2824 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2825 VMSTATE_INT32(elementary_transfer_size, IDEState), 2826 VMSTATE_INT32(packet_transfer_size, IDEState), 2827 VMSTATE_END_OF_LIST() 2828 } 2829 }; 2830 2831 const VMStateDescription vmstate_ide_drive = { 2832 .name = "ide_drive", 2833 .version_id = 3, 2834 .minimum_version_id = 0, 2835 .post_load = ide_drive_post_load, 2836 .fields = (VMStateField[]) { 2837 VMSTATE_INT32(mult_sectors, IDEState), 2838 VMSTATE_INT32(identify_set, IDEState), 2839 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2840 VMSTATE_UINT8(feature, IDEState), 2841 VMSTATE_UINT8(error, IDEState), 2842 VMSTATE_UINT32(nsector, IDEState), 2843 VMSTATE_UINT8(sector, IDEState), 2844 VMSTATE_UINT8(lcyl, IDEState), 2845 VMSTATE_UINT8(hcyl, IDEState), 2846 VMSTATE_UINT8(hob_feature, IDEState), 2847 VMSTATE_UINT8(hob_sector, IDEState), 2848 VMSTATE_UINT8(hob_nsector, IDEState), 2849 VMSTATE_UINT8(hob_lcyl, IDEState), 2850 VMSTATE_UINT8(hob_hcyl, IDEState), 2851 VMSTATE_UINT8(select, IDEState), 2852 VMSTATE_UINT8(status, IDEState), 2853 VMSTATE_UINT8(lba48, IDEState), 2854 VMSTATE_UINT8(sense_key, IDEState), 2855 VMSTATE_UINT8(asc, IDEState), 2856 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2857 VMSTATE_END_OF_LIST() 2858 }, 2859 .subsections = (const VMStateDescription*[]) { 2860 &vmstate_ide_drive_pio_state, 2861 &vmstate_ide_tray_state, 2862 &vmstate_ide_atapi_gesn_state, 2863 NULL 2864 } 2865 }; 2866 2867 static const VMStateDescription vmstate_ide_error_status = { 2868 .name ="ide_bus/error", 2869 .version_id = 2, 2870 .minimum_version_id = 1, 2871 .needed = ide_error_needed, 2872 .fields = (VMStateField[]) { 2873 VMSTATE_INT32(error_status, IDEBus), 2874 VMSTATE_INT64_V(retry_sector_num, IDEBus, 2), 2875 VMSTATE_UINT32_V(retry_nsector, IDEBus, 2), 2876 VMSTATE_UINT8_V(retry_unit, IDEBus, 2), 2877 VMSTATE_END_OF_LIST() 2878 } 2879 }; 2880 2881 const VMStateDescription vmstate_ide_bus = { 2882 .name = "ide_bus", 2883 .version_id = 1, 2884 .minimum_version_id = 1, 2885 .fields = (VMStateField[]) { 2886 VMSTATE_UINT8(cmd, IDEBus), 2887 VMSTATE_UINT8(unit, IDEBus), 2888 VMSTATE_END_OF_LIST() 2889 }, 2890 .subsections = (const VMStateDescription*[]) { 2891 &vmstate_ide_error_status, 2892 NULL 2893 } 2894 }; 2895 2896 void ide_drive_get(DriveInfo **hd, int n) 2897 { 2898 int i; 2899 2900 for (i = 0; i < n; i++) { 2901 hd[i] = drive_get_by_index(IF_IDE, i); 2902 } 2903 } 2904