1 /* 2 * QEMU AHCI Emulation 3 * 4 * Copyright (c) 2010 qiaochong@loongson.cn 5 * Copyright (c) 2010 Roland Elek <elek.roland@gmail.com> 6 * Copyright (c) 2010 Sebastian Herbszt <herbszt@gmx.de> 7 * Copyright (c) 2010 Alexander Graf <agraf@suse.de> 8 * 9 * This library is free software; you can redistribute it and/or 10 * modify it under the terms of the GNU Lesser General Public 11 * License as published by the Free Software Foundation; either 12 * version 2 of the License, or (at your option) any later version. 13 * 14 * This library is distributed in the hope that it will be useful, 15 * but WITHOUT ANY WARRANTY; without even the implied warranty of 16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 17 * Lesser General Public License for more details. 18 * 19 * You should have received a copy of the GNU Lesser General Public 20 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 21 * 22 */ 23 24 #include "qemu/osdep.h" 25 #include <hw/hw.h> 26 #include <hw/pci/msi.h> 27 #include <hw/i386/pc.h> 28 #include <hw/pci/pci.h> 29 30 #include "qemu/error-report.h" 31 #include "sysemu/block-backend.h" 32 #include "sysemu/dma.h" 33 #include "internal.h" 34 #include <hw/ide/pci.h> 35 #include <hw/ide/ahci.h> 36 37 #define DEBUG_AHCI 0 38 39 #define DPRINTF(port, fmt, ...) \ 40 do { \ 41 if (DEBUG_AHCI) { \ 42 fprintf(stderr, "ahci: %s: [%d] ", __func__, port); \ 43 fprintf(stderr, fmt, ## __VA_ARGS__); \ 44 } \ 45 } while (0) 46 47 static void check_cmd(AHCIState *s, int port); 48 static int handle_cmd(AHCIState *s, int port, uint8_t slot); 49 static void ahci_reset_port(AHCIState *s, int port); 50 static bool ahci_write_fis_d2h(AHCIDevice *ad); 51 static void ahci_init_d2h(AHCIDevice *ad); 52 static int ahci_dma_prepare_buf(IDEDMA *dma, int32_t limit); 53 static bool ahci_map_clb_address(AHCIDevice *ad); 54 static bool ahci_map_fis_address(AHCIDevice *ad); 55 static void ahci_unmap_clb_address(AHCIDevice *ad); 56 static void ahci_unmap_fis_address(AHCIDevice *ad); 57 58 59 static uint32_t ahci_port_read(AHCIState *s, int port, int offset) 60 { 61 uint32_t val; 62 AHCIPortRegs *pr; 63 pr = &s->dev[port].port_regs; 64 65 switch (offset) { 66 case PORT_LST_ADDR: 67 val = pr->lst_addr; 68 break; 69 case PORT_LST_ADDR_HI: 70 val = pr->lst_addr_hi; 71 break; 72 case PORT_FIS_ADDR: 73 val = pr->fis_addr; 74 break; 75 case PORT_FIS_ADDR_HI: 76 val = pr->fis_addr_hi; 77 break; 78 case PORT_IRQ_STAT: 79 val = pr->irq_stat; 80 break; 81 case PORT_IRQ_MASK: 82 val = pr->irq_mask; 83 break; 84 case PORT_CMD: 85 val = pr->cmd; 86 break; 87 case PORT_TFDATA: 88 val = pr->tfdata; 89 break; 90 case PORT_SIG: 91 val = pr->sig; 92 break; 93 case PORT_SCR_STAT: 94 if (s->dev[port].port.ifs[0].blk) { 95 val = SATA_SCR_SSTATUS_DET_DEV_PRESENT_PHY_UP | 96 SATA_SCR_SSTATUS_SPD_GEN1 | SATA_SCR_SSTATUS_IPM_ACTIVE; 97 } else { 98 val = SATA_SCR_SSTATUS_DET_NODEV; 99 } 100 break; 101 case PORT_SCR_CTL: 102 val = pr->scr_ctl; 103 break; 104 case PORT_SCR_ERR: 105 val = pr->scr_err; 106 break; 107 case PORT_SCR_ACT: 108 val = pr->scr_act; 109 break; 110 case PORT_CMD_ISSUE: 111 val = pr->cmd_issue; 112 break; 113 case PORT_RESERVED: 114 default: 115 val = 0; 116 } 117 DPRINTF(port, "offset: 0x%x val: 0x%x\n", offset, val); 118 return val; 119 120 } 121 122 static void ahci_irq_raise(AHCIState *s, AHCIDevice *dev) 123 { 124 DeviceState *dev_state = s->container; 125 PCIDevice *pci_dev = (PCIDevice *) object_dynamic_cast(OBJECT(dev_state), 126 TYPE_PCI_DEVICE); 127 128 DPRINTF(0, "raise irq\n"); 129 130 if (pci_dev && msi_enabled(pci_dev)) { 131 msi_notify(pci_dev, 0); 132 } else { 133 qemu_irq_raise(s->irq); 134 } 135 } 136 137 static void ahci_irq_lower(AHCIState *s, AHCIDevice *dev) 138 { 139 DeviceState *dev_state = s->container; 140 PCIDevice *pci_dev = (PCIDevice *) object_dynamic_cast(OBJECT(dev_state), 141 TYPE_PCI_DEVICE); 142 143 DPRINTF(0, "lower irq\n"); 144 145 if (!pci_dev || !msi_enabled(pci_dev)) { 146 qemu_irq_lower(s->irq); 147 } 148 } 149 150 static void ahci_check_irq(AHCIState *s) 151 { 152 int i; 153 154 DPRINTF(-1, "check irq %#x\n", s->control_regs.irqstatus); 155 156 s->control_regs.irqstatus = 0; 157 for (i = 0; i < s->ports; i++) { 158 AHCIPortRegs *pr = &s->dev[i].port_regs; 159 if (pr->irq_stat & pr->irq_mask) { 160 s->control_regs.irqstatus |= (1 << i); 161 } 162 } 163 164 if (s->control_regs.irqstatus && 165 (s->control_regs.ghc & HOST_CTL_IRQ_EN)) { 166 ahci_irq_raise(s, NULL); 167 } else { 168 ahci_irq_lower(s, NULL); 169 } 170 } 171 172 static void ahci_trigger_irq(AHCIState *s, AHCIDevice *d, 173 int irq_type) 174 { 175 DPRINTF(d->port_no, "trigger irq %#x -> %x\n", 176 irq_type, d->port_regs.irq_mask & irq_type); 177 178 d->port_regs.irq_stat |= irq_type; 179 ahci_check_irq(s); 180 } 181 182 static void map_page(AddressSpace *as, uint8_t **ptr, uint64_t addr, 183 uint32_t wanted) 184 { 185 hwaddr len = wanted; 186 187 if (*ptr) { 188 dma_memory_unmap(as, *ptr, len, DMA_DIRECTION_FROM_DEVICE, len); 189 } 190 191 *ptr = dma_memory_map(as, addr, &len, DMA_DIRECTION_FROM_DEVICE); 192 if (len < wanted) { 193 dma_memory_unmap(as, *ptr, len, DMA_DIRECTION_FROM_DEVICE, len); 194 *ptr = NULL; 195 } 196 } 197 198 /** 199 * Check the cmd register to see if we should start or stop 200 * the DMA or FIS RX engines. 201 * 202 * @ad: Device to engage. 203 * @allow_stop: Allow device to transition from started to stopped? 204 * 'no' is useful for migration post_load, which does not expect a transition. 205 * 206 * @return 0 on success, -1 on error. 207 */ 208 static int ahci_cond_start_engines(AHCIDevice *ad, bool allow_stop) 209 { 210 AHCIPortRegs *pr = &ad->port_regs; 211 212 if (pr->cmd & PORT_CMD_START) { 213 if (ahci_map_clb_address(ad)) { 214 pr->cmd |= PORT_CMD_LIST_ON; 215 } else { 216 error_report("AHCI: Failed to start DMA engine: " 217 "bad command list buffer address"); 218 return -1; 219 } 220 } else if (pr->cmd & PORT_CMD_LIST_ON) { 221 if (allow_stop) { 222 ahci_unmap_clb_address(ad); 223 pr->cmd = pr->cmd & ~(PORT_CMD_LIST_ON); 224 } else { 225 error_report("AHCI: DMA engine should be off, " 226 "but appears to still be running"); 227 return -1; 228 } 229 } 230 231 if (pr->cmd & PORT_CMD_FIS_RX) { 232 if (ahci_map_fis_address(ad)) { 233 pr->cmd |= PORT_CMD_FIS_ON; 234 } else { 235 error_report("AHCI: Failed to start FIS receive engine: " 236 "bad FIS receive buffer address"); 237 return -1; 238 } 239 } else if (pr->cmd & PORT_CMD_FIS_ON) { 240 if (allow_stop) { 241 ahci_unmap_fis_address(ad); 242 pr->cmd = pr->cmd & ~(PORT_CMD_FIS_ON); 243 } else { 244 error_report("AHCI: FIS receive engine should be off, " 245 "but appears to still be running"); 246 return -1; 247 } 248 } 249 250 return 0; 251 } 252 253 static void ahci_port_write(AHCIState *s, int port, int offset, uint32_t val) 254 { 255 AHCIPortRegs *pr = &s->dev[port].port_regs; 256 257 DPRINTF(port, "offset: 0x%x val: 0x%x\n", offset, val); 258 switch (offset) { 259 case PORT_LST_ADDR: 260 pr->lst_addr = val; 261 break; 262 case PORT_LST_ADDR_HI: 263 pr->lst_addr_hi = val; 264 break; 265 case PORT_FIS_ADDR: 266 pr->fis_addr = val; 267 break; 268 case PORT_FIS_ADDR_HI: 269 pr->fis_addr_hi = val; 270 break; 271 case PORT_IRQ_STAT: 272 pr->irq_stat &= ~val; 273 ahci_check_irq(s); 274 break; 275 case PORT_IRQ_MASK: 276 pr->irq_mask = val & 0xfdc000ff; 277 ahci_check_irq(s); 278 break; 279 case PORT_CMD: 280 /* Block any Read-only fields from being set; 281 * including LIST_ON and FIS_ON. 282 * The spec requires to set ICC bits to zero after the ICC change 283 * is done. We don't support ICC state changes, therefore always 284 * force the ICC bits to zero. 285 */ 286 pr->cmd = (pr->cmd & PORT_CMD_RO_MASK) | 287 (val & ~(PORT_CMD_RO_MASK|PORT_CMD_ICC_MASK)); 288 289 /* Check FIS RX and CLB engines, allow transition to false: */ 290 ahci_cond_start_engines(&s->dev[port], true); 291 292 /* XXX usually the FIS would be pending on the bus here and 293 issuing deferred until the OS enables FIS receival. 294 Instead, we only submit it once - which works in most 295 cases, but is a hack. */ 296 if ((pr->cmd & PORT_CMD_FIS_ON) && 297 !s->dev[port].init_d2h_sent) { 298 ahci_init_d2h(&s->dev[port]); 299 } 300 301 check_cmd(s, port); 302 break; 303 case PORT_TFDATA: 304 /* Read Only. */ 305 break; 306 case PORT_SIG: 307 /* Read Only */ 308 break; 309 case PORT_SCR_STAT: 310 /* Read Only */ 311 break; 312 case PORT_SCR_CTL: 313 if (((pr->scr_ctl & AHCI_SCR_SCTL_DET) == 1) && 314 ((val & AHCI_SCR_SCTL_DET) == 0)) { 315 ahci_reset_port(s, port); 316 } 317 pr->scr_ctl = val; 318 break; 319 case PORT_SCR_ERR: 320 pr->scr_err &= ~val; 321 break; 322 case PORT_SCR_ACT: 323 /* RW1 */ 324 pr->scr_act |= val; 325 break; 326 case PORT_CMD_ISSUE: 327 pr->cmd_issue |= val; 328 check_cmd(s, port); 329 break; 330 default: 331 break; 332 } 333 } 334 335 static uint64_t ahci_mem_read_32(void *opaque, hwaddr addr) 336 { 337 AHCIState *s = opaque; 338 uint32_t val = 0; 339 340 if (addr < AHCI_GENERIC_HOST_CONTROL_REGS_MAX_ADDR) { 341 switch (addr) { 342 case HOST_CAP: 343 val = s->control_regs.cap; 344 break; 345 case HOST_CTL: 346 val = s->control_regs.ghc; 347 break; 348 case HOST_IRQ_STAT: 349 val = s->control_regs.irqstatus; 350 break; 351 case HOST_PORTS_IMPL: 352 val = s->control_regs.impl; 353 break; 354 case HOST_VERSION: 355 val = s->control_regs.version; 356 break; 357 } 358 359 DPRINTF(-1, "(addr 0x%08X), val 0x%08X\n", (unsigned) addr, val); 360 } else if ((addr >= AHCI_PORT_REGS_START_ADDR) && 361 (addr < (AHCI_PORT_REGS_START_ADDR + 362 (s->ports * AHCI_PORT_ADDR_OFFSET_LEN)))) { 363 val = ahci_port_read(s, (addr - AHCI_PORT_REGS_START_ADDR) >> 7, 364 addr & AHCI_PORT_ADDR_OFFSET_MASK); 365 } 366 367 return val; 368 } 369 370 371 /** 372 * AHCI 1.3 section 3 ("HBA Memory Registers") 373 * Support unaligned 8/16/32 bit reads, and 64 bit aligned reads. 374 * Caller is responsible for masking unwanted higher order bytes. 375 */ 376 static uint64_t ahci_mem_read(void *opaque, hwaddr addr, unsigned size) 377 { 378 hwaddr aligned = addr & ~0x3; 379 int ofst = addr - aligned; 380 uint64_t lo = ahci_mem_read_32(opaque, aligned); 381 uint64_t hi; 382 uint64_t val; 383 384 /* if < 8 byte read does not cross 4 byte boundary */ 385 if (ofst + size <= 4) { 386 val = lo >> (ofst * 8); 387 } else { 388 g_assert_cmpint(size, >, 1); 389 390 /* If the 64bit read is unaligned, we will produce undefined 391 * results. AHCI does not support unaligned 64bit reads. */ 392 hi = ahci_mem_read_32(opaque, aligned + 4); 393 val = (hi << 32 | lo) >> (ofst * 8); 394 } 395 396 DPRINTF(-1, "addr=0x%" HWADDR_PRIx " val=0x%" PRIx64 ", size=%d\n", 397 addr, val, size); 398 return val; 399 } 400 401 402 static void ahci_mem_write(void *opaque, hwaddr addr, 403 uint64_t val, unsigned size) 404 { 405 AHCIState *s = opaque; 406 407 DPRINTF(-1, "addr=0x%" HWADDR_PRIx " val=0x%" PRIx64 ", size=%d\n", 408 addr, val, size); 409 410 /* Only aligned reads are allowed on AHCI */ 411 if (addr & 3) { 412 fprintf(stderr, "ahci: Mis-aligned write to addr 0x" 413 TARGET_FMT_plx "\n", addr); 414 return; 415 } 416 417 if (addr < AHCI_GENERIC_HOST_CONTROL_REGS_MAX_ADDR) { 418 DPRINTF(-1, "(addr 0x%08X), val 0x%08"PRIX64"\n", (unsigned) addr, val); 419 420 switch (addr) { 421 case HOST_CAP: /* R/WO, RO */ 422 /* FIXME handle R/WO */ 423 break; 424 case HOST_CTL: /* R/W */ 425 if (val & HOST_CTL_RESET) { 426 DPRINTF(-1, "HBA Reset\n"); 427 ahci_reset(s); 428 } else { 429 s->control_regs.ghc = (val & 0x3) | HOST_CTL_AHCI_EN; 430 ahci_check_irq(s); 431 } 432 break; 433 case HOST_IRQ_STAT: /* R/WC, RO */ 434 s->control_regs.irqstatus &= ~val; 435 ahci_check_irq(s); 436 break; 437 case HOST_PORTS_IMPL: /* R/WO, RO */ 438 /* FIXME handle R/WO */ 439 break; 440 case HOST_VERSION: /* RO */ 441 /* FIXME report write? */ 442 break; 443 default: 444 DPRINTF(-1, "write to unknown register 0x%x\n", (unsigned)addr); 445 } 446 } else if ((addr >= AHCI_PORT_REGS_START_ADDR) && 447 (addr < (AHCI_PORT_REGS_START_ADDR + 448 (s->ports * AHCI_PORT_ADDR_OFFSET_LEN)))) { 449 ahci_port_write(s, (addr - AHCI_PORT_REGS_START_ADDR) >> 7, 450 addr & AHCI_PORT_ADDR_OFFSET_MASK, val); 451 } 452 453 } 454 455 static const MemoryRegionOps ahci_mem_ops = { 456 .read = ahci_mem_read, 457 .write = ahci_mem_write, 458 .endianness = DEVICE_LITTLE_ENDIAN, 459 }; 460 461 static uint64_t ahci_idp_read(void *opaque, hwaddr addr, 462 unsigned size) 463 { 464 AHCIState *s = opaque; 465 466 if (addr == s->idp_offset) { 467 /* index register */ 468 return s->idp_index; 469 } else if (addr == s->idp_offset + 4) { 470 /* data register - do memory read at location selected by index */ 471 return ahci_mem_read(opaque, s->idp_index, size); 472 } else { 473 return 0; 474 } 475 } 476 477 static void ahci_idp_write(void *opaque, hwaddr addr, 478 uint64_t val, unsigned size) 479 { 480 AHCIState *s = opaque; 481 482 if (addr == s->idp_offset) { 483 /* index register - mask off reserved bits */ 484 s->idp_index = (uint32_t)val & ((AHCI_MEM_BAR_SIZE - 1) & ~3); 485 } else if (addr == s->idp_offset + 4) { 486 /* data register - do memory write at location selected by index */ 487 ahci_mem_write(opaque, s->idp_index, val, size); 488 } 489 } 490 491 static const MemoryRegionOps ahci_idp_ops = { 492 .read = ahci_idp_read, 493 .write = ahci_idp_write, 494 .endianness = DEVICE_LITTLE_ENDIAN, 495 }; 496 497 498 static void ahci_reg_init(AHCIState *s) 499 { 500 int i; 501 502 s->control_regs.cap = (s->ports - 1) | 503 (AHCI_NUM_COMMAND_SLOTS << 8) | 504 (AHCI_SUPPORTED_SPEED_GEN1 << AHCI_SUPPORTED_SPEED) | 505 HOST_CAP_NCQ | HOST_CAP_AHCI; 506 507 s->control_regs.impl = (1 << s->ports) - 1; 508 509 s->control_regs.version = AHCI_VERSION_1_0; 510 511 for (i = 0; i < s->ports; i++) { 512 s->dev[i].port_state = STATE_RUN; 513 } 514 } 515 516 static void check_cmd(AHCIState *s, int port) 517 { 518 AHCIPortRegs *pr = &s->dev[port].port_regs; 519 uint8_t slot; 520 521 if ((pr->cmd & PORT_CMD_START) && pr->cmd_issue) { 522 for (slot = 0; (slot < 32) && pr->cmd_issue; slot++) { 523 if ((pr->cmd_issue & (1U << slot)) && 524 !handle_cmd(s, port, slot)) { 525 pr->cmd_issue &= ~(1U << slot); 526 } 527 } 528 } 529 } 530 531 static void ahci_check_cmd_bh(void *opaque) 532 { 533 AHCIDevice *ad = opaque; 534 535 qemu_bh_delete(ad->check_bh); 536 ad->check_bh = NULL; 537 538 if ((ad->busy_slot != -1) && 539 !(ad->port.ifs[0].status & (BUSY_STAT|DRQ_STAT))) { 540 /* no longer busy */ 541 ad->port_regs.cmd_issue &= ~(1 << ad->busy_slot); 542 ad->busy_slot = -1; 543 } 544 545 check_cmd(ad->hba, ad->port_no); 546 } 547 548 static void ahci_init_d2h(AHCIDevice *ad) 549 { 550 IDEState *ide_state = &ad->port.ifs[0]; 551 AHCIPortRegs *pr = &ad->port_regs; 552 553 if (ad->init_d2h_sent) { 554 return; 555 } 556 557 if (ahci_write_fis_d2h(ad)) { 558 ad->init_d2h_sent = true; 559 /* We're emulating receiving the first Reg H2D Fis from the device; 560 * Update the SIG register, but otherwise proceed as normal. */ 561 pr->sig = ((uint32_t)ide_state->hcyl << 24) | 562 (ide_state->lcyl << 16) | 563 (ide_state->sector << 8) | 564 (ide_state->nsector & 0xFF); 565 } 566 } 567 568 static void ahci_set_signature(AHCIDevice *ad, uint32_t sig) 569 { 570 IDEState *s = &ad->port.ifs[0]; 571 s->hcyl = sig >> 24 & 0xFF; 572 s->lcyl = sig >> 16 & 0xFF; 573 s->sector = sig >> 8 & 0xFF; 574 s->nsector = sig & 0xFF; 575 576 DPRINTF(ad->port_no, "set hcyl:lcyl:sect:nsect = 0x%08x\n", sig); 577 } 578 579 static void ahci_reset_port(AHCIState *s, int port) 580 { 581 AHCIDevice *d = &s->dev[port]; 582 AHCIPortRegs *pr = &d->port_regs; 583 IDEState *ide_state = &d->port.ifs[0]; 584 int i; 585 586 DPRINTF(port, "reset port\n"); 587 588 ide_bus_reset(&d->port); 589 ide_state->ncq_queues = AHCI_MAX_CMDS; 590 591 pr->scr_stat = 0; 592 pr->scr_err = 0; 593 pr->scr_act = 0; 594 pr->tfdata = 0x7F; 595 pr->sig = 0xFFFFFFFF; 596 d->busy_slot = -1; 597 d->init_d2h_sent = false; 598 599 ide_state = &s->dev[port].port.ifs[0]; 600 if (!ide_state->blk) { 601 return; 602 } 603 604 /* reset ncq queue */ 605 for (i = 0; i < AHCI_MAX_CMDS; i++) { 606 NCQTransferState *ncq_tfs = &s->dev[port].ncq_tfs[i]; 607 ncq_tfs->halt = false; 608 if (!ncq_tfs->used) { 609 continue; 610 } 611 612 if (ncq_tfs->aiocb) { 613 blk_aio_cancel(ncq_tfs->aiocb); 614 ncq_tfs->aiocb = NULL; 615 } 616 617 /* Maybe we just finished the request thanks to blk_aio_cancel() */ 618 if (!ncq_tfs->used) { 619 continue; 620 } 621 622 qemu_sglist_destroy(&ncq_tfs->sglist); 623 ncq_tfs->used = 0; 624 } 625 626 s->dev[port].port_state = STATE_RUN; 627 if (ide_state->drive_kind == IDE_CD) { 628 ahci_set_signature(d, SATA_SIGNATURE_CDROM);\ 629 ide_state->status = SEEK_STAT | WRERR_STAT | READY_STAT; 630 } else { 631 ahci_set_signature(d, SATA_SIGNATURE_DISK); 632 ide_state->status = SEEK_STAT | WRERR_STAT; 633 } 634 635 ide_state->error = 1; 636 ahci_init_d2h(d); 637 } 638 639 static void debug_print_fis(uint8_t *fis, int cmd_len) 640 { 641 #if DEBUG_AHCI 642 int i; 643 644 fprintf(stderr, "fis:"); 645 for (i = 0; i < cmd_len; i++) { 646 if ((i & 0xf) == 0) { 647 fprintf(stderr, "\n%02x:",i); 648 } 649 fprintf(stderr, "%02x ",fis[i]); 650 } 651 fprintf(stderr, "\n"); 652 #endif 653 } 654 655 static bool ahci_map_fis_address(AHCIDevice *ad) 656 { 657 AHCIPortRegs *pr = &ad->port_regs; 658 map_page(ad->hba->as, &ad->res_fis, 659 ((uint64_t)pr->fis_addr_hi << 32) | pr->fis_addr, 256); 660 return ad->res_fis != NULL; 661 } 662 663 static void ahci_unmap_fis_address(AHCIDevice *ad) 664 { 665 dma_memory_unmap(ad->hba->as, ad->res_fis, 256, 666 DMA_DIRECTION_FROM_DEVICE, 256); 667 ad->res_fis = NULL; 668 } 669 670 static bool ahci_map_clb_address(AHCIDevice *ad) 671 { 672 AHCIPortRegs *pr = &ad->port_regs; 673 ad->cur_cmd = NULL; 674 map_page(ad->hba->as, &ad->lst, 675 ((uint64_t)pr->lst_addr_hi << 32) | pr->lst_addr, 1024); 676 return ad->lst != NULL; 677 } 678 679 static void ahci_unmap_clb_address(AHCIDevice *ad) 680 { 681 dma_memory_unmap(ad->hba->as, ad->lst, 1024, 682 DMA_DIRECTION_FROM_DEVICE, 1024); 683 ad->lst = NULL; 684 } 685 686 static void ahci_write_fis_sdb(AHCIState *s, NCQTransferState *ncq_tfs) 687 { 688 AHCIDevice *ad = ncq_tfs->drive; 689 AHCIPortRegs *pr = &ad->port_regs; 690 IDEState *ide_state; 691 SDBFIS *sdb_fis; 692 693 if (!ad->res_fis || 694 !(pr->cmd & PORT_CMD_FIS_RX)) { 695 return; 696 } 697 698 sdb_fis = (SDBFIS *)&ad->res_fis[RES_FIS_SDBFIS]; 699 ide_state = &ad->port.ifs[0]; 700 701 sdb_fis->type = SATA_FIS_TYPE_SDB; 702 /* Interrupt pending & Notification bit */ 703 sdb_fis->flags = 0x40; /* Interrupt bit, always 1 for NCQ */ 704 sdb_fis->status = ide_state->status & 0x77; 705 sdb_fis->error = ide_state->error; 706 /* update SAct field in SDB_FIS */ 707 sdb_fis->payload = cpu_to_le32(ad->finished); 708 709 /* Update shadow registers (except BSY 0x80 and DRQ 0x08) */ 710 pr->tfdata = (ad->port.ifs[0].error << 8) | 711 (ad->port.ifs[0].status & 0x77) | 712 (pr->tfdata & 0x88); 713 pr->scr_act &= ~ad->finished; 714 ad->finished = 0; 715 716 /* Trigger IRQ if interrupt bit is set (which currently, it always is) */ 717 if (sdb_fis->flags & 0x40) { 718 ahci_trigger_irq(s, ad, PORT_IRQ_SDB_FIS); 719 } 720 } 721 722 static void ahci_write_fis_pio(AHCIDevice *ad, uint16_t len) 723 { 724 AHCIPortRegs *pr = &ad->port_regs; 725 uint8_t *pio_fis; 726 IDEState *s = &ad->port.ifs[0]; 727 728 if (!ad->res_fis || !(pr->cmd & PORT_CMD_FIS_RX)) { 729 return; 730 } 731 732 pio_fis = &ad->res_fis[RES_FIS_PSFIS]; 733 734 pio_fis[0] = SATA_FIS_TYPE_PIO_SETUP; 735 pio_fis[1] = (ad->hba->control_regs.irqstatus ? (1 << 6) : 0); 736 pio_fis[2] = s->status; 737 pio_fis[3] = s->error; 738 739 pio_fis[4] = s->sector; 740 pio_fis[5] = s->lcyl; 741 pio_fis[6] = s->hcyl; 742 pio_fis[7] = s->select; 743 pio_fis[8] = s->hob_sector; 744 pio_fis[9] = s->hob_lcyl; 745 pio_fis[10] = s->hob_hcyl; 746 pio_fis[11] = 0; 747 pio_fis[12] = s->nsector & 0xFF; 748 pio_fis[13] = (s->nsector >> 8) & 0xFF; 749 pio_fis[14] = 0; 750 pio_fis[15] = s->status; 751 pio_fis[16] = len & 255; 752 pio_fis[17] = len >> 8; 753 pio_fis[18] = 0; 754 pio_fis[19] = 0; 755 756 /* Update shadow registers: */ 757 pr->tfdata = (ad->port.ifs[0].error << 8) | 758 ad->port.ifs[0].status; 759 760 if (pio_fis[2] & ERR_STAT) { 761 ahci_trigger_irq(ad->hba, ad, PORT_IRQ_TF_ERR); 762 } 763 764 ahci_trigger_irq(ad->hba, ad, PORT_IRQ_PIOS_FIS); 765 } 766 767 static bool ahci_write_fis_d2h(AHCIDevice *ad) 768 { 769 AHCIPortRegs *pr = &ad->port_regs; 770 uint8_t *d2h_fis; 771 int i; 772 IDEState *s = &ad->port.ifs[0]; 773 774 if (!ad->res_fis || !(pr->cmd & PORT_CMD_FIS_RX)) { 775 return false; 776 } 777 778 d2h_fis = &ad->res_fis[RES_FIS_RFIS]; 779 780 d2h_fis[0] = SATA_FIS_TYPE_REGISTER_D2H; 781 d2h_fis[1] = (ad->hba->control_regs.irqstatus ? (1 << 6) : 0); 782 d2h_fis[2] = s->status; 783 d2h_fis[3] = s->error; 784 785 d2h_fis[4] = s->sector; 786 d2h_fis[5] = s->lcyl; 787 d2h_fis[6] = s->hcyl; 788 d2h_fis[7] = s->select; 789 d2h_fis[8] = s->hob_sector; 790 d2h_fis[9] = s->hob_lcyl; 791 d2h_fis[10] = s->hob_hcyl; 792 d2h_fis[11] = 0; 793 d2h_fis[12] = s->nsector & 0xFF; 794 d2h_fis[13] = (s->nsector >> 8) & 0xFF; 795 for (i = 14; i < 20; i++) { 796 d2h_fis[i] = 0; 797 } 798 799 /* Update shadow registers: */ 800 pr->tfdata = (ad->port.ifs[0].error << 8) | 801 ad->port.ifs[0].status; 802 803 if (d2h_fis[2] & ERR_STAT) { 804 ahci_trigger_irq(ad->hba, ad, PORT_IRQ_TF_ERR); 805 } 806 807 ahci_trigger_irq(ad->hba, ad, PORT_IRQ_D2H_REG_FIS); 808 return true; 809 } 810 811 static int prdt_tbl_entry_size(const AHCI_SG *tbl) 812 { 813 /* flags_size is zero-based */ 814 return (le32_to_cpu(tbl->flags_size) & AHCI_PRDT_SIZE_MASK) + 1; 815 } 816 817 /** 818 * Fetch entries in a guest-provided PRDT and convert it into a QEMU SGlist. 819 * @ad: The AHCIDevice for whom we are building the SGList. 820 * @sglist: The SGList target to add PRD entries to. 821 * @cmd: The AHCI Command Header that describes where the PRDT is. 822 * @limit: The remaining size of the S/ATA transaction, in bytes. 823 * @offset: The number of bytes already transferred, in bytes. 824 * 825 * The AHCI PRDT can describe up to 256GiB. S/ATA only support transactions of 826 * up to 32MiB as of ATA8-ACS3 rev 1b, assuming a 512 byte sector size. We stop 827 * building the sglist from the PRDT as soon as we hit @limit bytes, 828 * which is <= INT32_MAX/2GiB. 829 */ 830 static int ahci_populate_sglist(AHCIDevice *ad, QEMUSGList *sglist, 831 AHCICmdHdr *cmd, int64_t limit, uint64_t offset) 832 { 833 uint16_t opts = le16_to_cpu(cmd->opts); 834 uint16_t prdtl = le16_to_cpu(cmd->prdtl); 835 uint64_t cfis_addr = le64_to_cpu(cmd->tbl_addr); 836 uint64_t prdt_addr = cfis_addr + 0x80; 837 dma_addr_t prdt_len = (prdtl * sizeof(AHCI_SG)); 838 dma_addr_t real_prdt_len = prdt_len; 839 uint8_t *prdt; 840 int i; 841 int r = 0; 842 uint64_t sum = 0; 843 int off_idx = -1; 844 int64_t off_pos = -1; 845 int tbl_entry_size; 846 IDEBus *bus = &ad->port; 847 BusState *qbus = BUS(bus); 848 849 if (!prdtl) { 850 DPRINTF(ad->port_no, "no sg list given by guest: 0x%08x\n", opts); 851 return -1; 852 } 853 854 /* map PRDT */ 855 if (!(prdt = dma_memory_map(ad->hba->as, prdt_addr, &prdt_len, 856 DMA_DIRECTION_TO_DEVICE))){ 857 DPRINTF(ad->port_no, "map failed\n"); 858 return -1; 859 } 860 861 if (prdt_len < real_prdt_len) { 862 DPRINTF(ad->port_no, "mapped less than expected\n"); 863 r = -1; 864 goto out; 865 } 866 867 /* Get entries in the PRDT, init a qemu sglist accordingly */ 868 if (prdtl > 0) { 869 AHCI_SG *tbl = (AHCI_SG *)prdt; 870 sum = 0; 871 for (i = 0; i < prdtl; i++) { 872 tbl_entry_size = prdt_tbl_entry_size(&tbl[i]); 873 if (offset < (sum + tbl_entry_size)) { 874 off_idx = i; 875 off_pos = offset - sum; 876 break; 877 } 878 sum += tbl_entry_size; 879 } 880 if ((off_idx == -1) || (off_pos < 0) || (off_pos > tbl_entry_size)) { 881 DPRINTF(ad->port_no, "%s: Incorrect offset! " 882 "off_idx: %d, off_pos: %"PRId64"\n", 883 __func__, off_idx, off_pos); 884 r = -1; 885 goto out; 886 } 887 888 qemu_sglist_init(sglist, qbus->parent, (prdtl - off_idx), 889 ad->hba->as); 890 qemu_sglist_add(sglist, le64_to_cpu(tbl[off_idx].addr) + off_pos, 891 MIN(prdt_tbl_entry_size(&tbl[off_idx]) - off_pos, 892 limit)); 893 894 for (i = off_idx + 1; i < prdtl && sglist->size < limit; i++) { 895 qemu_sglist_add(sglist, le64_to_cpu(tbl[i].addr), 896 MIN(prdt_tbl_entry_size(&tbl[i]), 897 limit - sglist->size)); 898 } 899 } 900 901 out: 902 dma_memory_unmap(ad->hba->as, prdt, prdt_len, 903 DMA_DIRECTION_TO_DEVICE, prdt_len); 904 return r; 905 } 906 907 static void ncq_err(NCQTransferState *ncq_tfs) 908 { 909 IDEState *ide_state = &ncq_tfs->drive->port.ifs[0]; 910 911 ide_state->error = ABRT_ERR; 912 ide_state->status = READY_STAT | ERR_STAT; 913 ncq_tfs->drive->port_regs.scr_err |= (1 << ncq_tfs->tag); 914 ncq_tfs->used = 0; 915 } 916 917 static void ncq_finish(NCQTransferState *ncq_tfs) 918 { 919 /* If we didn't error out, set our finished bit. Errored commands 920 * do not get a bit set for the SDB FIS ACT register, nor do they 921 * clear the outstanding bit in scr_act (PxSACT). */ 922 if (!(ncq_tfs->drive->port_regs.scr_err & (1 << ncq_tfs->tag))) { 923 ncq_tfs->drive->finished |= (1 << ncq_tfs->tag); 924 } 925 926 ahci_write_fis_sdb(ncq_tfs->drive->hba, ncq_tfs); 927 928 DPRINTF(ncq_tfs->drive->port_no, "NCQ transfer tag %d finished\n", 929 ncq_tfs->tag); 930 931 block_acct_done(blk_get_stats(ncq_tfs->drive->port.ifs[0].blk), 932 &ncq_tfs->acct); 933 qemu_sglist_destroy(&ncq_tfs->sglist); 934 ncq_tfs->used = 0; 935 } 936 937 static void ncq_cb(void *opaque, int ret) 938 { 939 NCQTransferState *ncq_tfs = (NCQTransferState *)opaque; 940 IDEState *ide_state = &ncq_tfs->drive->port.ifs[0]; 941 942 if (ret == -ECANCELED) { 943 return; 944 } 945 946 if (ret < 0) { 947 bool is_read = ncq_tfs->cmd == READ_FPDMA_QUEUED; 948 BlockErrorAction action = blk_get_error_action(ide_state->blk, 949 is_read, -ret); 950 if (action == BLOCK_ERROR_ACTION_STOP) { 951 ncq_tfs->halt = true; 952 ide_state->bus->error_status = IDE_RETRY_HBA; 953 } else if (action == BLOCK_ERROR_ACTION_REPORT) { 954 ncq_err(ncq_tfs); 955 } 956 blk_error_action(ide_state->blk, action, is_read, -ret); 957 } else { 958 ide_state->status = READY_STAT | SEEK_STAT; 959 } 960 961 if (!ncq_tfs->halt) { 962 ncq_finish(ncq_tfs); 963 } 964 } 965 966 static int is_ncq(uint8_t ata_cmd) 967 { 968 /* Based on SATA 3.2 section 13.6.3.2 */ 969 switch (ata_cmd) { 970 case READ_FPDMA_QUEUED: 971 case WRITE_FPDMA_QUEUED: 972 case NCQ_NON_DATA: 973 case RECEIVE_FPDMA_QUEUED: 974 case SEND_FPDMA_QUEUED: 975 return 1; 976 default: 977 return 0; 978 } 979 } 980 981 static void execute_ncq_command(NCQTransferState *ncq_tfs) 982 { 983 AHCIDevice *ad = ncq_tfs->drive; 984 IDEState *ide_state = &ad->port.ifs[0]; 985 int port = ad->port_no; 986 987 g_assert(is_ncq(ncq_tfs->cmd)); 988 ncq_tfs->halt = false; 989 990 switch (ncq_tfs->cmd) { 991 case READ_FPDMA_QUEUED: 992 DPRINTF(port, "NCQ reading %d sectors from LBA %"PRId64", tag %d\n", 993 ncq_tfs->sector_count, ncq_tfs->lba, ncq_tfs->tag); 994 995 DPRINTF(port, "tag %d aio read %"PRId64"\n", 996 ncq_tfs->tag, ncq_tfs->lba); 997 998 dma_acct_start(ide_state->blk, &ncq_tfs->acct, 999 &ncq_tfs->sglist, BLOCK_ACCT_READ); 1000 ncq_tfs->aiocb = dma_blk_read(ide_state->blk, &ncq_tfs->sglist, 1001 ncq_tfs->lba, ncq_cb, ncq_tfs); 1002 break; 1003 case WRITE_FPDMA_QUEUED: 1004 DPRINTF(port, "NCQ writing %d sectors to LBA %"PRId64", tag %d\n", 1005 ncq_tfs->sector_count, ncq_tfs->lba, ncq_tfs->tag); 1006 1007 DPRINTF(port, "tag %d aio write %"PRId64"\n", 1008 ncq_tfs->tag, ncq_tfs->lba); 1009 1010 dma_acct_start(ide_state->blk, &ncq_tfs->acct, 1011 &ncq_tfs->sglist, BLOCK_ACCT_WRITE); 1012 ncq_tfs->aiocb = dma_blk_write(ide_state->blk, &ncq_tfs->sglist, 1013 ncq_tfs->lba, ncq_cb, ncq_tfs); 1014 break; 1015 default: 1016 DPRINTF(port, "error: unsupported NCQ command (0x%02x) received\n", 1017 ncq_tfs->cmd); 1018 qemu_sglist_destroy(&ncq_tfs->sglist); 1019 ncq_err(ncq_tfs); 1020 } 1021 } 1022 1023 1024 static void process_ncq_command(AHCIState *s, int port, uint8_t *cmd_fis, 1025 uint8_t slot) 1026 { 1027 AHCIDevice *ad = &s->dev[port]; 1028 IDEState *ide_state = &ad->port.ifs[0]; 1029 NCQFrame *ncq_fis = (NCQFrame*)cmd_fis; 1030 uint8_t tag = ncq_fis->tag >> 3; 1031 NCQTransferState *ncq_tfs = &ad->ncq_tfs[tag]; 1032 size_t size; 1033 1034 g_assert(is_ncq(ncq_fis->command)); 1035 if (ncq_tfs->used) { 1036 /* error - already in use */ 1037 fprintf(stderr, "%s: tag %d already used\n", __FUNCTION__, tag); 1038 return; 1039 } 1040 1041 ncq_tfs->used = 1; 1042 ncq_tfs->drive = ad; 1043 ncq_tfs->slot = slot; 1044 ncq_tfs->cmdh = &((AHCICmdHdr *)ad->lst)[slot]; 1045 ncq_tfs->cmd = ncq_fis->command; 1046 ncq_tfs->lba = ((uint64_t)ncq_fis->lba5 << 40) | 1047 ((uint64_t)ncq_fis->lba4 << 32) | 1048 ((uint64_t)ncq_fis->lba3 << 24) | 1049 ((uint64_t)ncq_fis->lba2 << 16) | 1050 ((uint64_t)ncq_fis->lba1 << 8) | 1051 (uint64_t)ncq_fis->lba0; 1052 ncq_tfs->tag = tag; 1053 1054 /* Sanity-check the NCQ packet */ 1055 if (tag != slot) { 1056 DPRINTF(port, "Warn: NCQ slot (%d) did not match the given tag (%d)\n", 1057 slot, tag); 1058 } 1059 1060 if (ncq_fis->aux0 || ncq_fis->aux1 || ncq_fis->aux2 || ncq_fis->aux3) { 1061 DPRINTF(port, "Warn: Attempt to use NCQ auxiliary fields.\n"); 1062 } 1063 if (ncq_fis->prio || ncq_fis->icc) { 1064 DPRINTF(port, "Warn: Unsupported attempt to use PRIO/ICC fields\n"); 1065 } 1066 if (ncq_fis->fua & NCQ_FIS_FUA_MASK) { 1067 DPRINTF(port, "Warn: Unsupported attempt to use Force Unit Access\n"); 1068 } 1069 if (ncq_fis->tag & NCQ_FIS_RARC_MASK) { 1070 DPRINTF(port, "Warn: Unsupported attempt to use Rebuild Assist\n"); 1071 } 1072 1073 ncq_tfs->sector_count = ((ncq_fis->sector_count_high << 8) | 1074 ncq_fis->sector_count_low); 1075 if (!ncq_tfs->sector_count) { 1076 ncq_tfs->sector_count = 0x10000; 1077 } 1078 size = ncq_tfs->sector_count * 512; 1079 ahci_populate_sglist(ad, &ncq_tfs->sglist, ncq_tfs->cmdh, size, 0); 1080 1081 if (ncq_tfs->sglist.size < size) { 1082 error_report("ahci: PRDT length for NCQ command (0x%zx) " 1083 "is smaller than the requested size (0x%zx)", 1084 ncq_tfs->sglist.size, size); 1085 qemu_sglist_destroy(&ncq_tfs->sglist); 1086 ncq_err(ncq_tfs); 1087 ahci_trigger_irq(ad->hba, ad, PORT_IRQ_OVERFLOW); 1088 return; 1089 } else if (ncq_tfs->sglist.size != size) { 1090 DPRINTF(port, "Warn: PRDTL (0x%zx)" 1091 " does not match requested size (0x%zx)", 1092 ncq_tfs->sglist.size, size); 1093 } 1094 1095 DPRINTF(port, "NCQ transfer LBA from %"PRId64" to %"PRId64", " 1096 "drive max %"PRId64"\n", 1097 ncq_tfs->lba, ncq_tfs->lba + ncq_tfs->sector_count - 1, 1098 ide_state->nb_sectors - 1); 1099 1100 execute_ncq_command(ncq_tfs); 1101 } 1102 1103 static AHCICmdHdr *get_cmd_header(AHCIState *s, uint8_t port, uint8_t slot) 1104 { 1105 if (port >= s->ports || slot >= AHCI_MAX_CMDS) { 1106 return NULL; 1107 } 1108 1109 return s->dev[port].lst ? &((AHCICmdHdr *)s->dev[port].lst)[slot] : NULL; 1110 } 1111 1112 static void handle_reg_h2d_fis(AHCIState *s, int port, 1113 uint8_t slot, uint8_t *cmd_fis) 1114 { 1115 IDEState *ide_state = &s->dev[port].port.ifs[0]; 1116 AHCICmdHdr *cmd = get_cmd_header(s, port, slot); 1117 uint16_t opts = le16_to_cpu(cmd->opts); 1118 1119 if (cmd_fis[1] & 0x0F) { 1120 DPRINTF(port, "Port Multiplier not supported." 1121 " cmd_fis[0]=%02x cmd_fis[1]=%02x cmd_fis[2]=%02x\n", 1122 cmd_fis[0], cmd_fis[1], cmd_fis[2]); 1123 return; 1124 } 1125 1126 if (cmd_fis[1] & 0x70) { 1127 DPRINTF(port, "Reserved flags set in H2D Register FIS." 1128 " cmd_fis[0]=%02x cmd_fis[1]=%02x cmd_fis[2]=%02x\n", 1129 cmd_fis[0], cmd_fis[1], cmd_fis[2]); 1130 return; 1131 } 1132 1133 if (!(cmd_fis[1] & SATA_FIS_REG_H2D_UPDATE_COMMAND_REGISTER)) { 1134 switch (s->dev[port].port_state) { 1135 case STATE_RUN: 1136 if (cmd_fis[15] & ATA_SRST) { 1137 s->dev[port].port_state = STATE_RESET; 1138 } 1139 break; 1140 case STATE_RESET: 1141 if (!(cmd_fis[15] & ATA_SRST)) { 1142 ahci_reset_port(s, port); 1143 } 1144 break; 1145 } 1146 return; 1147 } 1148 1149 /* Check for NCQ command */ 1150 if (is_ncq(cmd_fis[2])) { 1151 process_ncq_command(s, port, cmd_fis, slot); 1152 return; 1153 } 1154 1155 /* Decompose the FIS: 1156 * AHCI does not interpret FIS packets, it only forwards them. 1157 * SATA 1.0 describes how to decode LBA28 and CHS FIS packets. 1158 * Later specifications, e.g, SATA 3.2, describe LBA48 FIS packets. 1159 * 1160 * ATA4 describes sector number for LBA28/CHS commands. 1161 * ATA6 describes sector number for LBA48 commands. 1162 * ATA8 deprecates CHS fully, describing only LBA28/48. 1163 * 1164 * We dutifully convert the FIS into IDE registers, and allow the 1165 * core layer to interpret them as needed. */ 1166 ide_state->feature = cmd_fis[3]; 1167 ide_state->sector = cmd_fis[4]; /* LBA 7:0 */ 1168 ide_state->lcyl = cmd_fis[5]; /* LBA 15:8 */ 1169 ide_state->hcyl = cmd_fis[6]; /* LBA 23:16 */ 1170 ide_state->select = cmd_fis[7]; /* LBA 27:24 (LBA28) */ 1171 ide_state->hob_sector = cmd_fis[8]; /* LBA 31:24 */ 1172 ide_state->hob_lcyl = cmd_fis[9]; /* LBA 39:32 */ 1173 ide_state->hob_hcyl = cmd_fis[10]; /* LBA 47:40 */ 1174 ide_state->hob_feature = cmd_fis[11]; 1175 ide_state->nsector = (int64_t)((cmd_fis[13] << 8) | cmd_fis[12]); 1176 /* 14, 16, 17, 18, 19: Reserved (SATA 1.0) */ 1177 /* 15: Only valid when UPDATE_COMMAND not set. */ 1178 1179 /* Copy the ACMD field (ATAPI packet, if any) from the AHCI command 1180 * table to ide_state->io_buffer */ 1181 if (opts & AHCI_CMD_ATAPI) { 1182 memcpy(ide_state->io_buffer, &cmd_fis[AHCI_COMMAND_TABLE_ACMD], 0x10); 1183 debug_print_fis(ide_state->io_buffer, 0x10); 1184 s->dev[port].done_atapi_packet = false; 1185 /* XXX send PIO setup FIS */ 1186 } 1187 1188 ide_state->error = 0; 1189 1190 /* Reset transferred byte counter */ 1191 cmd->status = 0; 1192 1193 /* We're ready to process the command in FIS byte 2. */ 1194 ide_exec_cmd(&s->dev[port].port, cmd_fis[2]); 1195 } 1196 1197 static int handle_cmd(AHCIState *s, int port, uint8_t slot) 1198 { 1199 IDEState *ide_state; 1200 uint64_t tbl_addr; 1201 AHCICmdHdr *cmd; 1202 uint8_t *cmd_fis; 1203 dma_addr_t cmd_len; 1204 1205 if (s->dev[port].port.ifs[0].status & (BUSY_STAT|DRQ_STAT)) { 1206 /* Engine currently busy, try again later */ 1207 DPRINTF(port, "engine busy\n"); 1208 return -1; 1209 } 1210 1211 if (!s->dev[port].lst) { 1212 DPRINTF(port, "error: lst not given but cmd handled"); 1213 return -1; 1214 } 1215 cmd = get_cmd_header(s, port, slot); 1216 /* remember current slot handle for later */ 1217 s->dev[port].cur_cmd = cmd; 1218 1219 /* The device we are working for */ 1220 ide_state = &s->dev[port].port.ifs[0]; 1221 if (!ide_state->blk) { 1222 DPRINTF(port, "error: guest accessed unused port"); 1223 return -1; 1224 } 1225 1226 tbl_addr = le64_to_cpu(cmd->tbl_addr); 1227 cmd_len = 0x80; 1228 cmd_fis = dma_memory_map(s->as, tbl_addr, &cmd_len, 1229 DMA_DIRECTION_FROM_DEVICE); 1230 if (!cmd_fis) { 1231 DPRINTF(port, "error: guest passed us an invalid cmd fis\n"); 1232 return -1; 1233 } else if (cmd_len != 0x80) { 1234 ahci_trigger_irq(s, &s->dev[port], PORT_IRQ_HBUS_ERR); 1235 DPRINTF(port, "error: dma_memory_map failed: " 1236 "(len(%02"PRIx64") != 0x80)\n", 1237 cmd_len); 1238 goto out; 1239 } 1240 debug_print_fis(cmd_fis, 0x80); 1241 1242 switch (cmd_fis[0]) { 1243 case SATA_FIS_TYPE_REGISTER_H2D: 1244 handle_reg_h2d_fis(s, port, slot, cmd_fis); 1245 break; 1246 default: 1247 DPRINTF(port, "unknown command cmd_fis[0]=%02x cmd_fis[1]=%02x " 1248 "cmd_fis[2]=%02x\n", cmd_fis[0], cmd_fis[1], 1249 cmd_fis[2]); 1250 break; 1251 } 1252 1253 out: 1254 dma_memory_unmap(s->as, cmd_fis, cmd_len, DMA_DIRECTION_FROM_DEVICE, 1255 cmd_len); 1256 1257 if (s->dev[port].port.ifs[0].status & (BUSY_STAT|DRQ_STAT)) { 1258 /* async command, complete later */ 1259 s->dev[port].busy_slot = slot; 1260 return -1; 1261 } 1262 1263 /* done handling the command */ 1264 return 0; 1265 } 1266 1267 /* DMA dev <-> ram */ 1268 static void ahci_start_transfer(IDEDMA *dma) 1269 { 1270 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma); 1271 IDEState *s = &ad->port.ifs[0]; 1272 uint32_t size = (uint32_t)(s->data_end - s->data_ptr); 1273 /* write == ram -> device */ 1274 uint16_t opts = le16_to_cpu(ad->cur_cmd->opts); 1275 int is_write = opts & AHCI_CMD_WRITE; 1276 int is_atapi = opts & AHCI_CMD_ATAPI; 1277 int has_sglist = 0; 1278 1279 if (is_atapi && !ad->done_atapi_packet) { 1280 /* already prepopulated iobuffer */ 1281 ad->done_atapi_packet = true; 1282 size = 0; 1283 goto out; 1284 } 1285 1286 if (ahci_dma_prepare_buf(dma, size)) { 1287 has_sglist = 1; 1288 } 1289 1290 DPRINTF(ad->port_no, "%sing %d bytes on %s w/%s sglist\n", 1291 is_write ? "writ" : "read", size, is_atapi ? "atapi" : "ata", 1292 has_sglist ? "" : "o"); 1293 1294 if (has_sglist && size) { 1295 if (is_write) { 1296 dma_buf_write(s->data_ptr, size, &s->sg); 1297 } else { 1298 dma_buf_read(s->data_ptr, size, &s->sg); 1299 } 1300 } 1301 1302 out: 1303 /* declare that we processed everything */ 1304 s->data_ptr = s->data_end; 1305 1306 /* Update number of transferred bytes, destroy sglist */ 1307 dma_buf_commit(s, size); 1308 1309 s->end_transfer_func(s); 1310 1311 if (!(s->status & DRQ_STAT)) { 1312 /* done with PIO send/receive */ 1313 ahci_write_fis_pio(ad, le32_to_cpu(ad->cur_cmd->status)); 1314 } 1315 } 1316 1317 static void ahci_start_dma(IDEDMA *dma, IDEState *s, 1318 BlockCompletionFunc *dma_cb) 1319 { 1320 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma); 1321 DPRINTF(ad->port_no, "\n"); 1322 s->io_buffer_offset = 0; 1323 dma_cb(s, 0); 1324 } 1325 1326 static void ahci_restart_dma(IDEDMA *dma) 1327 { 1328 /* Nothing to do, ahci_start_dma already resets s->io_buffer_offset. */ 1329 } 1330 1331 /** 1332 * IDE/PIO restarts are handled by the core layer, but NCQ commands 1333 * need an extra kick from the AHCI HBA. 1334 */ 1335 static void ahci_restart(IDEDMA *dma) 1336 { 1337 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma); 1338 int i; 1339 1340 for (i = 0; i < AHCI_MAX_CMDS; i++) { 1341 NCQTransferState *ncq_tfs = &ad->ncq_tfs[i]; 1342 if (ncq_tfs->halt) { 1343 execute_ncq_command(ncq_tfs); 1344 } 1345 } 1346 } 1347 1348 /** 1349 * Called in DMA and PIO R/W chains to read the PRDT. 1350 * Not shared with NCQ pathways. 1351 */ 1352 static int32_t ahci_dma_prepare_buf(IDEDMA *dma, int32_t limit) 1353 { 1354 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma); 1355 IDEState *s = &ad->port.ifs[0]; 1356 1357 if (ahci_populate_sglist(ad, &s->sg, ad->cur_cmd, 1358 limit, s->io_buffer_offset) == -1) { 1359 DPRINTF(ad->port_no, "ahci_dma_prepare_buf failed.\n"); 1360 return -1; 1361 } 1362 s->io_buffer_size = s->sg.size; 1363 1364 DPRINTF(ad->port_no, "len=%#x\n", s->io_buffer_size); 1365 return s->io_buffer_size; 1366 } 1367 1368 /** 1369 * Updates the command header with a bytes-read value. 1370 * Called via dma_buf_commit, for both DMA and PIO paths. 1371 * sglist destruction is handled within dma_buf_commit. 1372 */ 1373 static void ahci_commit_buf(IDEDMA *dma, uint32_t tx_bytes) 1374 { 1375 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma); 1376 1377 tx_bytes += le32_to_cpu(ad->cur_cmd->status); 1378 ad->cur_cmd->status = cpu_to_le32(tx_bytes); 1379 } 1380 1381 static int ahci_dma_rw_buf(IDEDMA *dma, int is_write) 1382 { 1383 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma); 1384 IDEState *s = &ad->port.ifs[0]; 1385 uint8_t *p = s->io_buffer + s->io_buffer_index; 1386 int l = s->io_buffer_size - s->io_buffer_index; 1387 1388 if (ahci_populate_sglist(ad, &s->sg, ad->cur_cmd, l, s->io_buffer_offset)) { 1389 return 0; 1390 } 1391 1392 if (is_write) { 1393 dma_buf_read(p, l, &s->sg); 1394 } else { 1395 dma_buf_write(p, l, &s->sg); 1396 } 1397 1398 /* free sglist, update byte count */ 1399 dma_buf_commit(s, l); 1400 1401 s->io_buffer_index += l; 1402 1403 DPRINTF(ad->port_no, "len=%#x\n", l); 1404 1405 return 1; 1406 } 1407 1408 static void ahci_cmd_done(IDEDMA *dma) 1409 { 1410 AHCIDevice *ad = DO_UPCAST(AHCIDevice, dma, dma); 1411 1412 DPRINTF(ad->port_no, "cmd done\n"); 1413 1414 /* update d2h status */ 1415 ahci_write_fis_d2h(ad); 1416 1417 if (!ad->check_bh) { 1418 /* maybe we still have something to process, check later */ 1419 ad->check_bh = qemu_bh_new(ahci_check_cmd_bh, ad); 1420 qemu_bh_schedule(ad->check_bh); 1421 } 1422 } 1423 1424 static void ahci_irq_set(void *opaque, int n, int level) 1425 { 1426 } 1427 1428 static const IDEDMAOps ahci_dma_ops = { 1429 .start_dma = ahci_start_dma, 1430 .restart = ahci_restart, 1431 .restart_dma = ahci_restart_dma, 1432 .start_transfer = ahci_start_transfer, 1433 .prepare_buf = ahci_dma_prepare_buf, 1434 .commit_buf = ahci_commit_buf, 1435 .rw_buf = ahci_dma_rw_buf, 1436 .cmd_done = ahci_cmd_done, 1437 }; 1438 1439 void ahci_init(AHCIState *s, DeviceState *qdev) 1440 { 1441 s->container = qdev; 1442 /* XXX BAR size should be 1k, but that breaks, so bump it to 4k for now */ 1443 memory_region_init_io(&s->mem, OBJECT(qdev), &ahci_mem_ops, s, 1444 "ahci", AHCI_MEM_BAR_SIZE); 1445 memory_region_init_io(&s->idp, OBJECT(qdev), &ahci_idp_ops, s, 1446 "ahci-idp", 32); 1447 } 1448 1449 void ahci_realize(AHCIState *s, DeviceState *qdev, AddressSpace *as, int ports) 1450 { 1451 qemu_irq *irqs; 1452 int i; 1453 1454 s->as = as; 1455 s->ports = ports; 1456 s->dev = g_new0(AHCIDevice, ports); 1457 ahci_reg_init(s); 1458 irqs = qemu_allocate_irqs(ahci_irq_set, s, s->ports); 1459 for (i = 0; i < s->ports; i++) { 1460 AHCIDevice *ad = &s->dev[i]; 1461 1462 ide_bus_new(&ad->port, sizeof(ad->port), qdev, i, 1); 1463 ide_init2(&ad->port, irqs[i]); 1464 1465 ad->hba = s; 1466 ad->port_no = i; 1467 ad->port.dma = &ad->dma; 1468 ad->port.dma->ops = &ahci_dma_ops; 1469 ide_register_restart_cb(&ad->port); 1470 } 1471 } 1472 1473 void ahci_uninit(AHCIState *s) 1474 { 1475 g_free(s->dev); 1476 } 1477 1478 void ahci_reset(AHCIState *s) 1479 { 1480 AHCIPortRegs *pr; 1481 int i; 1482 1483 s->control_regs.irqstatus = 0; 1484 /* AHCI Enable (AE) 1485 * The implementation of this bit is dependent upon the value of the 1486 * CAP.SAM bit. If CAP.SAM is '0', then GHC.AE shall be read-write and 1487 * shall have a reset value of '0'. If CAP.SAM is '1', then AE shall be 1488 * read-only and shall have a reset value of '1'. 1489 * 1490 * We set HOST_CAP_AHCI so we must enable AHCI at reset. 1491 */ 1492 s->control_regs.ghc = HOST_CTL_AHCI_EN; 1493 1494 for (i = 0; i < s->ports; i++) { 1495 pr = &s->dev[i].port_regs; 1496 pr->irq_stat = 0; 1497 pr->irq_mask = 0; 1498 pr->scr_ctl = 0; 1499 pr->cmd = PORT_CMD_SPIN_UP | PORT_CMD_POWER_ON; 1500 ahci_reset_port(s, i); 1501 } 1502 } 1503 1504 static const VMStateDescription vmstate_ncq_tfs = { 1505 .name = "ncq state", 1506 .version_id = 1, 1507 .fields = (VMStateField[]) { 1508 VMSTATE_UINT32(sector_count, NCQTransferState), 1509 VMSTATE_UINT64(lba, NCQTransferState), 1510 VMSTATE_UINT8(tag, NCQTransferState), 1511 VMSTATE_UINT8(cmd, NCQTransferState), 1512 VMSTATE_UINT8(slot, NCQTransferState), 1513 VMSTATE_BOOL(used, NCQTransferState), 1514 VMSTATE_BOOL(halt, NCQTransferState), 1515 VMSTATE_END_OF_LIST() 1516 }, 1517 }; 1518 1519 static const VMStateDescription vmstate_ahci_device = { 1520 .name = "ahci port", 1521 .version_id = 1, 1522 .fields = (VMStateField[]) { 1523 VMSTATE_IDE_BUS(port, AHCIDevice), 1524 VMSTATE_IDE_DRIVE(port.ifs[0], AHCIDevice), 1525 VMSTATE_UINT32(port_state, AHCIDevice), 1526 VMSTATE_UINT32(finished, AHCIDevice), 1527 VMSTATE_UINT32(port_regs.lst_addr, AHCIDevice), 1528 VMSTATE_UINT32(port_regs.lst_addr_hi, AHCIDevice), 1529 VMSTATE_UINT32(port_regs.fis_addr, AHCIDevice), 1530 VMSTATE_UINT32(port_regs.fis_addr_hi, AHCIDevice), 1531 VMSTATE_UINT32(port_regs.irq_stat, AHCIDevice), 1532 VMSTATE_UINT32(port_regs.irq_mask, AHCIDevice), 1533 VMSTATE_UINT32(port_regs.cmd, AHCIDevice), 1534 VMSTATE_UINT32(port_regs.tfdata, AHCIDevice), 1535 VMSTATE_UINT32(port_regs.sig, AHCIDevice), 1536 VMSTATE_UINT32(port_regs.scr_stat, AHCIDevice), 1537 VMSTATE_UINT32(port_regs.scr_ctl, AHCIDevice), 1538 VMSTATE_UINT32(port_regs.scr_err, AHCIDevice), 1539 VMSTATE_UINT32(port_regs.scr_act, AHCIDevice), 1540 VMSTATE_UINT32(port_regs.cmd_issue, AHCIDevice), 1541 VMSTATE_BOOL(done_atapi_packet, AHCIDevice), 1542 VMSTATE_INT32(busy_slot, AHCIDevice), 1543 VMSTATE_BOOL(init_d2h_sent, AHCIDevice), 1544 VMSTATE_STRUCT_ARRAY(ncq_tfs, AHCIDevice, AHCI_MAX_CMDS, 1545 1, vmstate_ncq_tfs, NCQTransferState), 1546 VMSTATE_END_OF_LIST() 1547 }, 1548 }; 1549 1550 static int ahci_state_post_load(void *opaque, int version_id) 1551 { 1552 int i, j; 1553 struct AHCIDevice *ad; 1554 NCQTransferState *ncq_tfs; 1555 AHCIState *s = opaque; 1556 1557 for (i = 0; i < s->ports; i++) { 1558 ad = &s->dev[i]; 1559 1560 /* Only remap the CLB address if appropriate, disallowing a state 1561 * transition from 'on' to 'off' it should be consistent here. */ 1562 if (ahci_cond_start_engines(ad, false) != 0) { 1563 return -1; 1564 } 1565 1566 for (j = 0; j < AHCI_MAX_CMDS; j++) { 1567 ncq_tfs = &ad->ncq_tfs[j]; 1568 ncq_tfs->drive = ad; 1569 1570 if (ncq_tfs->used != ncq_tfs->halt) { 1571 return -1; 1572 } 1573 if (!ncq_tfs->halt) { 1574 continue; 1575 } 1576 if (!is_ncq(ncq_tfs->cmd)) { 1577 return -1; 1578 } 1579 if (ncq_tfs->slot != ncq_tfs->tag) { 1580 return -1; 1581 } 1582 /* If ncq_tfs->halt is justly set, the engine should be engaged, 1583 * and the command list buffer should be mapped. */ 1584 ncq_tfs->cmdh = get_cmd_header(s, i, ncq_tfs->slot); 1585 if (!ncq_tfs->cmdh) { 1586 return -1; 1587 } 1588 ahci_populate_sglist(ncq_tfs->drive, &ncq_tfs->sglist, 1589 ncq_tfs->cmdh, ncq_tfs->sector_count * 512, 1590 0); 1591 if (ncq_tfs->sector_count != ncq_tfs->sglist.size >> 9) { 1592 return -1; 1593 } 1594 } 1595 1596 1597 /* 1598 * If an error is present, ad->busy_slot will be valid and not -1. 1599 * In this case, an operation is waiting to resume and will re-check 1600 * for additional AHCI commands to execute upon completion. 1601 * 1602 * In the case where no error was present, busy_slot will be -1, 1603 * and we should check to see if there are additional commands waiting. 1604 */ 1605 if (ad->busy_slot == -1) { 1606 check_cmd(s, i); 1607 } else { 1608 /* We are in the middle of a command, and may need to access 1609 * the command header in guest memory again. */ 1610 if (ad->busy_slot < 0 || ad->busy_slot >= AHCI_MAX_CMDS) { 1611 return -1; 1612 } 1613 ad->cur_cmd = get_cmd_header(s, i, ad->busy_slot); 1614 } 1615 } 1616 1617 return 0; 1618 } 1619 1620 const VMStateDescription vmstate_ahci = { 1621 .name = "ahci", 1622 .version_id = 1, 1623 .post_load = ahci_state_post_load, 1624 .fields = (VMStateField[]) { 1625 VMSTATE_STRUCT_VARRAY_POINTER_INT32(dev, AHCIState, ports, 1626 vmstate_ahci_device, AHCIDevice), 1627 VMSTATE_UINT32(control_regs.cap, AHCIState), 1628 VMSTATE_UINT32(control_regs.ghc, AHCIState), 1629 VMSTATE_UINT32(control_regs.irqstatus, AHCIState), 1630 VMSTATE_UINT32(control_regs.impl, AHCIState), 1631 VMSTATE_UINT32(control_regs.version, AHCIState), 1632 VMSTATE_UINT32(idp_index, AHCIState), 1633 VMSTATE_INT32_EQUAL(ports, AHCIState), 1634 VMSTATE_END_OF_LIST() 1635 }, 1636 }; 1637 1638 static const VMStateDescription vmstate_sysbus_ahci = { 1639 .name = "sysbus-ahci", 1640 .fields = (VMStateField[]) { 1641 VMSTATE_AHCI(ahci, SysbusAHCIState), 1642 VMSTATE_END_OF_LIST() 1643 }, 1644 }; 1645 1646 static void sysbus_ahci_reset(DeviceState *dev) 1647 { 1648 SysbusAHCIState *s = SYSBUS_AHCI(dev); 1649 1650 ahci_reset(&s->ahci); 1651 } 1652 1653 static void sysbus_ahci_init(Object *obj) 1654 { 1655 SysbusAHCIState *s = SYSBUS_AHCI(obj); 1656 SysBusDevice *sbd = SYS_BUS_DEVICE(obj); 1657 1658 ahci_init(&s->ahci, DEVICE(obj)); 1659 1660 sysbus_init_mmio(sbd, &s->ahci.mem); 1661 sysbus_init_irq(sbd, &s->ahci.irq); 1662 } 1663 1664 static void sysbus_ahci_realize(DeviceState *dev, Error **errp) 1665 { 1666 SysbusAHCIState *s = SYSBUS_AHCI(dev); 1667 1668 ahci_realize(&s->ahci, dev, &address_space_memory, s->num_ports); 1669 } 1670 1671 static Property sysbus_ahci_properties[] = { 1672 DEFINE_PROP_UINT32("num-ports", SysbusAHCIState, num_ports, 1), 1673 DEFINE_PROP_END_OF_LIST(), 1674 }; 1675 1676 static void sysbus_ahci_class_init(ObjectClass *klass, void *data) 1677 { 1678 DeviceClass *dc = DEVICE_CLASS(klass); 1679 1680 dc->realize = sysbus_ahci_realize; 1681 dc->vmsd = &vmstate_sysbus_ahci; 1682 dc->props = sysbus_ahci_properties; 1683 dc->reset = sysbus_ahci_reset; 1684 set_bit(DEVICE_CATEGORY_STORAGE, dc->categories); 1685 } 1686 1687 static const TypeInfo sysbus_ahci_info = { 1688 .name = TYPE_SYSBUS_AHCI, 1689 .parent = TYPE_SYS_BUS_DEVICE, 1690 .instance_size = sizeof(SysbusAHCIState), 1691 .instance_init = sysbus_ahci_init, 1692 .class_init = sysbus_ahci_class_init, 1693 }; 1694 1695 #define ALLWINNER_AHCI_BISTAFR ((0xa0 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1696 #define ALLWINNER_AHCI_BISTCR ((0xa4 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1697 #define ALLWINNER_AHCI_BISTFCTR ((0xa8 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1698 #define ALLWINNER_AHCI_BISTSR ((0xac - ALLWINNER_AHCI_MMIO_OFF) / 4) 1699 #define ALLWINNER_AHCI_BISTDECR ((0xb0 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1700 #define ALLWINNER_AHCI_DIAGNR0 ((0xb4 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1701 #define ALLWINNER_AHCI_DIAGNR1 ((0xb8 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1702 #define ALLWINNER_AHCI_OOBR ((0xbc - ALLWINNER_AHCI_MMIO_OFF) / 4) 1703 #define ALLWINNER_AHCI_PHYCS0R ((0xc0 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1704 #define ALLWINNER_AHCI_PHYCS1R ((0xc4 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1705 #define ALLWINNER_AHCI_PHYCS2R ((0xc8 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1706 #define ALLWINNER_AHCI_TIMER1MS ((0xe0 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1707 #define ALLWINNER_AHCI_GPARAM1R ((0xe8 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1708 #define ALLWINNER_AHCI_GPARAM2R ((0xec - ALLWINNER_AHCI_MMIO_OFF) / 4) 1709 #define ALLWINNER_AHCI_PPARAMR ((0xf0 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1710 #define ALLWINNER_AHCI_TESTR ((0xf4 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1711 #define ALLWINNER_AHCI_VERSIONR ((0xf8 - ALLWINNER_AHCI_MMIO_OFF) / 4) 1712 #define ALLWINNER_AHCI_IDR ((0xfc - ALLWINNER_AHCI_MMIO_OFF) / 4) 1713 #define ALLWINNER_AHCI_RWCR ((0xfc - ALLWINNER_AHCI_MMIO_OFF) / 4) 1714 1715 static uint64_t allwinner_ahci_mem_read(void *opaque, hwaddr addr, 1716 unsigned size) 1717 { 1718 AllwinnerAHCIState *a = opaque; 1719 uint64_t val = a->regs[addr/4]; 1720 1721 switch (addr / 4) { 1722 case ALLWINNER_AHCI_PHYCS0R: 1723 val |= 0x2 << 28; 1724 break; 1725 case ALLWINNER_AHCI_PHYCS2R: 1726 val &= ~(0x1 << 24); 1727 break; 1728 } 1729 DPRINTF(-1, "addr=0x%" HWADDR_PRIx " val=0x%" PRIx64 ", size=%d\n", 1730 addr, val, size); 1731 return val; 1732 } 1733 1734 static void allwinner_ahci_mem_write(void *opaque, hwaddr addr, 1735 uint64_t val, unsigned size) 1736 { 1737 AllwinnerAHCIState *a = opaque; 1738 1739 DPRINTF(-1, "addr=0x%" HWADDR_PRIx " val=0x%" PRIx64 ", size=%d\n", 1740 addr, val, size); 1741 a->regs[addr/4] = val; 1742 } 1743 1744 static const MemoryRegionOps allwinner_ahci_mem_ops = { 1745 .read = allwinner_ahci_mem_read, 1746 .write = allwinner_ahci_mem_write, 1747 .valid.min_access_size = 4, 1748 .valid.max_access_size = 4, 1749 .endianness = DEVICE_LITTLE_ENDIAN, 1750 }; 1751 1752 static void allwinner_ahci_init(Object *obj) 1753 { 1754 SysbusAHCIState *s = SYSBUS_AHCI(obj); 1755 AllwinnerAHCIState *a = ALLWINNER_AHCI(obj); 1756 1757 memory_region_init_io(&a->mmio, OBJECT(obj), &allwinner_ahci_mem_ops, a, 1758 "allwinner-ahci", ALLWINNER_AHCI_MMIO_SIZE); 1759 memory_region_add_subregion(&s->ahci.mem, ALLWINNER_AHCI_MMIO_OFF, 1760 &a->mmio); 1761 } 1762 1763 static const VMStateDescription vmstate_allwinner_ahci = { 1764 .name = "allwinner-ahci", 1765 .version_id = 1, 1766 .minimum_version_id = 1, 1767 .fields = (VMStateField[]) { 1768 VMSTATE_UINT32_ARRAY(regs, AllwinnerAHCIState, 1769 ALLWINNER_AHCI_MMIO_SIZE/4), 1770 VMSTATE_END_OF_LIST() 1771 } 1772 }; 1773 1774 static void allwinner_ahci_class_init(ObjectClass *klass, void *data) 1775 { 1776 DeviceClass *dc = DEVICE_CLASS(klass); 1777 1778 dc->vmsd = &vmstate_allwinner_ahci; 1779 } 1780 1781 static const TypeInfo allwinner_ahci_info = { 1782 .name = TYPE_ALLWINNER_AHCI, 1783 .parent = TYPE_SYSBUS_AHCI, 1784 .instance_size = sizeof(AllwinnerAHCIState), 1785 .instance_init = allwinner_ahci_init, 1786 .class_init = allwinner_ahci_class_init, 1787 }; 1788 1789 static void sysbus_ahci_register_types(void) 1790 { 1791 type_register_static(&sysbus_ahci_info); 1792 type_register_static(&allwinner_ahci_info); 1793 } 1794 1795 type_init(sysbus_ahci_register_types) 1796 1797 void ahci_ide_create_devs(PCIDevice *dev, DriveInfo **hd) 1798 { 1799 AHCIPCIState *d = ICH_AHCI(dev); 1800 AHCIState *ahci = &d->ahci; 1801 int i; 1802 1803 for (i = 0; i < ahci->ports; i++) { 1804 if (hd[i] == NULL) { 1805 continue; 1806 } 1807 ide_create_drive(&ahci->dev[i].port, 0, hd[i]); 1808 } 1809 1810 } 1811