1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 #include <hw/hw.h> 26 #include <hw/pc.h> 27 #include <hw/pci.h> 28 #include <hw/isa.h> 29 #include "qemu-error.h" 30 #include "qemu-timer.h" 31 #include "sysemu.h" 32 #include "dma.h" 33 #include "blockdev.h" 34 35 #include <hw/ide/internal.h> 36 37 /* These values were based on a Seagate ST3500418AS but have been modified 38 to make more sense in QEMU */ 39 static const int smart_attributes[][12] = { 40 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */ 41 /* raw read error rate*/ 42 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06}, 43 /* spin up */ 44 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 45 /* start stop count */ 46 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14}, 47 /* remapped sectors */ 48 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24}, 49 /* power on hours */ 50 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 51 /* power cycle count */ 52 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 53 /* airflow-temperature-celsius */ 54 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32}, 55 /* end of list */ 56 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} 57 }; 58 59 static int ide_handle_rw_error(IDEState *s, int error, int op); 60 static void ide_dummy_transfer_stop(IDEState *s); 61 62 static void padstr(char *str, const char *src, int len) 63 { 64 int i, v; 65 for(i = 0; i < len; i++) { 66 if (*src) 67 v = *src++; 68 else 69 v = ' '; 70 str[i^1] = v; 71 } 72 } 73 74 static void put_le16(uint16_t *p, unsigned int v) 75 { 76 *p = cpu_to_le16(v); 77 } 78 79 static void ide_identify(IDEState *s) 80 { 81 uint16_t *p; 82 unsigned int oldsize; 83 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; 84 85 if (s->identify_set) { 86 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 87 return; 88 } 89 90 memset(s->io_buffer, 0, 512); 91 p = (uint16_t *)s->io_buffer; 92 put_le16(p + 0, 0x0040); 93 put_le16(p + 1, s->cylinders); 94 put_le16(p + 3, s->heads); 95 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 96 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 97 put_le16(p + 6, s->sectors); 98 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 99 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 100 put_le16(p + 21, 512); /* cache size in sectors */ 101 put_le16(p + 22, 4); /* ecc bytes */ 102 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 103 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 104 #if MAX_MULT_SECTORS > 1 105 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 106 #endif 107 put_le16(p + 48, 1); /* dword I/O */ 108 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 109 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 110 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 111 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 112 put_le16(p + 54, s->cylinders); 113 put_le16(p + 55, s->heads); 114 put_le16(p + 56, s->sectors); 115 oldsize = s->cylinders * s->heads * s->sectors; 116 put_le16(p + 57, oldsize); 117 put_le16(p + 58, oldsize >> 16); 118 if (s->mult_sectors) 119 put_le16(p + 59, 0x100 | s->mult_sectors); 120 put_le16(p + 60, s->nb_sectors); 121 put_le16(p + 61, s->nb_sectors >> 16); 122 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 123 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 124 put_le16(p + 64, 0x03); /* pio3-4 supported */ 125 put_le16(p + 65, 120); 126 put_le16(p + 66, 120); 127 put_le16(p + 67, 120); 128 put_le16(p + 68, 120); 129 if (dev && dev->conf.discard_granularity) { 130 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ 131 } 132 133 if (s->ncq_queues) { 134 put_le16(p + 75, s->ncq_queues - 1); 135 /* NCQ supported */ 136 put_le16(p + 76, (1 << 8)); 137 } 138 139 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 140 put_le16(p + 81, 0x16); /* conforms to ata5 */ 141 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */ 142 put_le16(p + 82, (1 << 14) | (1 << 5) | 1); 143 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 144 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 145 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 146 if (s->wwn) { 147 put_le16(p + 84, (1 << 14) | (1 << 8) | 0); 148 } else { 149 put_le16(p + 84, (1 << 14) | 0); 150 } 151 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 152 if (bdrv_enable_write_cache(s->bs)) 153 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 154 else 155 put_le16(p + 85, (1 << 14) | 1); 156 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 157 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10)); 158 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 159 if (s->wwn) { 160 put_le16(p + 87, (1 << 14) | (1 << 8) | 0); 161 } else { 162 put_le16(p + 87, (1 << 14) | 0); 163 } 164 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 165 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 166 put_le16(p + 100, s->nb_sectors); 167 put_le16(p + 101, s->nb_sectors >> 16); 168 put_le16(p + 102, s->nb_sectors >> 32); 169 put_le16(p + 103, s->nb_sectors >> 48); 170 171 if (dev && dev->conf.physical_block_size) 172 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 173 if (s->wwn) { 174 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 175 put_le16(p + 108, s->wwn >> 48); 176 put_le16(p + 109, s->wwn >> 32); 177 put_le16(p + 110, s->wwn >> 16); 178 put_le16(p + 111, s->wwn); 179 } 180 if (dev && dev->conf.discard_granularity) { 181 put_le16(p + 169, 1); /* TRIM support */ 182 } 183 184 memcpy(s->identify_data, p, sizeof(s->identify_data)); 185 s->identify_set = 1; 186 } 187 188 static void ide_atapi_identify(IDEState *s) 189 { 190 uint16_t *p; 191 192 if (s->identify_set) { 193 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 194 return; 195 } 196 197 memset(s->io_buffer, 0, 512); 198 p = (uint16_t *)s->io_buffer; 199 /* Removable CDROM, 50us response, 12 byte packets */ 200 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 201 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 202 put_le16(p + 20, 3); /* buffer type */ 203 put_le16(p + 21, 512); /* cache size in sectors */ 204 put_le16(p + 22, 4); /* ecc bytes */ 205 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 206 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 207 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 208 #ifdef USE_DMA_CDROM 209 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 210 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 211 put_le16(p + 62, 7); /* single word dma0-2 supported */ 212 put_le16(p + 63, 7); /* mdma0-2 supported */ 213 #else 214 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 215 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 216 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 217 #endif 218 put_le16(p + 64, 3); /* pio3-4 supported */ 219 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 220 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 221 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 222 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 223 224 put_le16(p + 71, 30); /* in ns */ 225 put_le16(p + 72, 30); /* in ns */ 226 227 if (s->ncq_queues) { 228 put_le16(p + 75, s->ncq_queues - 1); 229 /* NCQ supported */ 230 put_le16(p + 76, (1 << 8)); 231 } 232 233 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 234 #ifdef USE_DMA_CDROM 235 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 236 #endif 237 memcpy(s->identify_data, p, sizeof(s->identify_data)); 238 s->identify_set = 1; 239 } 240 241 static void ide_cfata_identify(IDEState *s) 242 { 243 uint16_t *p; 244 uint32_t cur_sec; 245 246 p = (uint16_t *) s->identify_data; 247 if (s->identify_set) 248 goto fill_buffer; 249 250 memset(p, 0, sizeof(s->identify_data)); 251 252 cur_sec = s->cylinders * s->heads * s->sectors; 253 254 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 255 put_le16(p + 1, s->cylinders); /* Default cylinders */ 256 put_le16(p + 3, s->heads); /* Default heads */ 257 put_le16(p + 6, s->sectors); /* Default sectors per track */ 258 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 259 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 260 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 261 put_le16(p + 22, 0x0004); /* ECC bytes */ 262 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 263 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */ 264 #if MAX_MULT_SECTORS > 1 265 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 266 #else 267 put_le16(p + 47, 0x0000); 268 #endif 269 put_le16(p + 49, 0x0f00); /* Capabilities */ 270 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 271 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 272 put_le16(p + 53, 0x0003); /* Translation params valid */ 273 put_le16(p + 54, s->cylinders); /* Current cylinders */ 274 put_le16(p + 55, s->heads); /* Current heads */ 275 put_le16(p + 56, s->sectors); /* Current sectors */ 276 put_le16(p + 57, cur_sec); /* Current capacity */ 277 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 278 if (s->mult_sectors) /* Multiple sector setting */ 279 put_le16(p + 59, 0x100 | s->mult_sectors); 280 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 281 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 282 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 283 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 284 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 285 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 286 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 287 put_le16(p + 82, 0x400c); /* Command Set supported */ 288 put_le16(p + 83, 0x7068); /* Command Set supported */ 289 put_le16(p + 84, 0x4000); /* Features supported */ 290 put_le16(p + 85, 0x000c); /* Command Set enabled */ 291 put_le16(p + 86, 0x7044); /* Command Set enabled */ 292 put_le16(p + 87, 0x4000); /* Features enabled */ 293 put_le16(p + 91, 0x4060); /* Current APM level */ 294 put_le16(p + 129, 0x0002); /* Current features option */ 295 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 296 put_le16(p + 131, 0x0001); /* Initial power mode */ 297 put_le16(p + 132, 0x0000); /* User signature */ 298 put_le16(p + 160, 0x8100); /* Power requirement */ 299 put_le16(p + 161, 0x8001); /* CF command set */ 300 301 s->identify_set = 1; 302 303 fill_buffer: 304 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 305 } 306 307 static void ide_set_signature(IDEState *s) 308 { 309 s->select &= 0xf0; /* clear head */ 310 /* put signature */ 311 s->nsector = 1; 312 s->sector = 1; 313 if (s->drive_kind == IDE_CD) { 314 s->lcyl = 0x14; 315 s->hcyl = 0xeb; 316 } else if (s->bs) { 317 s->lcyl = 0; 318 s->hcyl = 0; 319 } else { 320 s->lcyl = 0xff; 321 s->hcyl = 0xff; 322 } 323 } 324 325 typedef struct TrimAIOCB { 326 BlockDriverAIOCB common; 327 QEMUBH *bh; 328 int ret; 329 } TrimAIOCB; 330 331 static void trim_aio_cancel(BlockDriverAIOCB *acb) 332 { 333 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); 334 335 qemu_bh_delete(iocb->bh); 336 iocb->bh = NULL; 337 qemu_aio_release(iocb); 338 } 339 340 static AIOPool trim_aio_pool = { 341 .aiocb_size = sizeof(TrimAIOCB), 342 .cancel = trim_aio_cancel, 343 }; 344 345 static void ide_trim_bh_cb(void *opaque) 346 { 347 TrimAIOCB *iocb = opaque; 348 349 iocb->common.cb(iocb->common.opaque, iocb->ret); 350 351 qemu_bh_delete(iocb->bh); 352 iocb->bh = NULL; 353 354 qemu_aio_release(iocb); 355 } 356 357 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs, 358 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors, 359 BlockDriverCompletionFunc *cb, void *opaque) 360 { 361 TrimAIOCB *iocb; 362 int i, j, ret; 363 364 iocb = qemu_aio_get(&trim_aio_pool, bs, cb, opaque); 365 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); 366 iocb->ret = 0; 367 368 for (j = 0; j < qiov->niov; j++) { 369 uint64_t *buffer = qiov->iov[j].iov_base; 370 371 for (i = 0; i < qiov->iov[j].iov_len / 8; i++) { 372 /* 6-byte LBA + 2-byte range per entry */ 373 uint64_t entry = le64_to_cpu(buffer[i]); 374 uint64_t sector = entry & 0x0000ffffffffffffULL; 375 uint16_t count = entry >> 48; 376 377 if (count == 0) { 378 break; 379 } 380 381 ret = bdrv_discard(bs, sector, count); 382 if (!iocb->ret) { 383 iocb->ret = ret; 384 } 385 } 386 } 387 388 qemu_bh_schedule(iocb->bh); 389 390 return &iocb->common; 391 } 392 393 static inline void ide_abort_command(IDEState *s) 394 { 395 s->status = READY_STAT | ERR_STAT; 396 s->error = ABRT_ERR; 397 } 398 399 /* prepare data transfer and tell what to do after */ 400 void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 401 EndTransferFunc *end_transfer_func) 402 { 403 s->end_transfer_func = end_transfer_func; 404 s->data_ptr = buf; 405 s->data_end = buf + size; 406 if (!(s->status & ERR_STAT)) { 407 s->status |= DRQ_STAT; 408 } 409 s->bus->dma->ops->start_transfer(s->bus->dma); 410 } 411 412 void ide_transfer_stop(IDEState *s) 413 { 414 s->end_transfer_func = ide_transfer_stop; 415 s->data_ptr = s->io_buffer; 416 s->data_end = s->io_buffer; 417 s->status &= ~DRQ_STAT; 418 } 419 420 int64_t ide_get_sector(IDEState *s) 421 { 422 int64_t sector_num; 423 if (s->select & 0x40) { 424 /* lba */ 425 if (!s->lba48) { 426 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 427 (s->lcyl << 8) | s->sector; 428 } else { 429 sector_num = ((int64_t)s->hob_hcyl << 40) | 430 ((int64_t) s->hob_lcyl << 32) | 431 ((int64_t) s->hob_sector << 24) | 432 ((int64_t) s->hcyl << 16) | 433 ((int64_t) s->lcyl << 8) | s->sector; 434 } 435 } else { 436 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 437 (s->select & 0x0f) * s->sectors + (s->sector - 1); 438 } 439 return sector_num; 440 } 441 442 void ide_set_sector(IDEState *s, int64_t sector_num) 443 { 444 unsigned int cyl, r; 445 if (s->select & 0x40) { 446 if (!s->lba48) { 447 s->select = (s->select & 0xf0) | (sector_num >> 24); 448 s->hcyl = (sector_num >> 16); 449 s->lcyl = (sector_num >> 8); 450 s->sector = (sector_num); 451 } else { 452 s->sector = sector_num; 453 s->lcyl = sector_num >> 8; 454 s->hcyl = sector_num >> 16; 455 s->hob_sector = sector_num >> 24; 456 s->hob_lcyl = sector_num >> 32; 457 s->hob_hcyl = sector_num >> 40; 458 } 459 } else { 460 cyl = sector_num / (s->heads * s->sectors); 461 r = sector_num % (s->heads * s->sectors); 462 s->hcyl = cyl >> 8; 463 s->lcyl = cyl; 464 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 465 s->sector = (r % s->sectors) + 1; 466 } 467 } 468 469 static void ide_rw_error(IDEState *s) { 470 ide_abort_command(s); 471 ide_set_irq(s->bus); 472 } 473 474 static void ide_sector_read_cb(void *opaque, int ret) 475 { 476 IDEState *s = opaque; 477 int n; 478 479 s->pio_aiocb = NULL; 480 s->status &= ~BUSY_STAT; 481 482 bdrv_acct_done(s->bs, &s->acct); 483 if (ret != 0) { 484 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY | 485 BM_STATUS_RETRY_READ)) { 486 return; 487 } 488 } 489 490 n = s->nsector; 491 if (n > s->req_nb_sectors) { 492 n = s->req_nb_sectors; 493 } 494 495 /* Allow the guest to read the io_buffer */ 496 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read); 497 498 ide_set_irq(s->bus); 499 500 ide_set_sector(s, ide_get_sector(s) + n); 501 s->nsector -= n; 502 } 503 504 void ide_sector_read(IDEState *s) 505 { 506 int64_t sector_num; 507 int n; 508 509 s->status = READY_STAT | SEEK_STAT; 510 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 511 sector_num = ide_get_sector(s); 512 n = s->nsector; 513 514 if (n == 0) { 515 ide_transfer_stop(s); 516 return; 517 } 518 519 s->status |= BUSY_STAT; 520 521 if (n > s->req_nb_sectors) { 522 n = s->req_nb_sectors; 523 } 524 525 #if defined(DEBUG_IDE) 526 printf("sector=%" PRId64 "\n", sector_num); 527 #endif 528 529 s->iov.iov_base = s->io_buffer; 530 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 531 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 532 533 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 534 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n, 535 ide_sector_read_cb, s); 536 } 537 538 static void dma_buf_commit(IDEState *s) 539 { 540 qemu_sglist_destroy(&s->sg); 541 } 542 543 void ide_set_inactive(IDEState *s) 544 { 545 s->bus->dma->aiocb = NULL; 546 s->bus->dma->ops->set_inactive(s->bus->dma); 547 } 548 549 void ide_dma_error(IDEState *s) 550 { 551 ide_transfer_stop(s); 552 s->error = ABRT_ERR; 553 s->status = READY_STAT | ERR_STAT; 554 ide_set_inactive(s); 555 ide_set_irq(s->bus); 556 } 557 558 static int ide_handle_rw_error(IDEState *s, int error, int op) 559 { 560 int is_read = (op & BM_STATUS_RETRY_READ); 561 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read); 562 563 if (action == BLOCK_ERR_IGNORE) { 564 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_IGNORE, is_read); 565 return 0; 566 } 567 568 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC) 569 || action == BLOCK_ERR_STOP_ANY) { 570 s->bus->dma->ops->set_unit(s->bus->dma, s->unit); 571 s->bus->error_status = op; 572 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_STOP, is_read); 573 vm_stop(RUN_STATE_IO_ERROR); 574 bdrv_iostatus_set_err(s->bs, error); 575 } else { 576 if (op & BM_STATUS_DMA_RETRY) { 577 dma_buf_commit(s); 578 ide_dma_error(s); 579 } else { 580 ide_rw_error(s); 581 } 582 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_REPORT, is_read); 583 } 584 585 return 1; 586 } 587 588 void ide_dma_cb(void *opaque, int ret) 589 { 590 IDEState *s = opaque; 591 int n; 592 int64_t sector_num; 593 594 if (ret < 0) { 595 int op = BM_STATUS_DMA_RETRY; 596 597 if (s->dma_cmd == IDE_DMA_READ) 598 op |= BM_STATUS_RETRY_READ; 599 else if (s->dma_cmd == IDE_DMA_TRIM) 600 op |= BM_STATUS_RETRY_TRIM; 601 602 if (ide_handle_rw_error(s, -ret, op)) { 603 return; 604 } 605 } 606 607 n = s->io_buffer_size >> 9; 608 sector_num = ide_get_sector(s); 609 if (n > 0) { 610 dma_buf_commit(s); 611 sector_num += n; 612 ide_set_sector(s, sector_num); 613 s->nsector -= n; 614 } 615 616 /* end of transfer ? */ 617 if (s->nsector == 0) { 618 s->status = READY_STAT | SEEK_STAT; 619 ide_set_irq(s->bus); 620 goto eot; 621 } 622 623 /* launch next transfer */ 624 n = s->nsector; 625 s->io_buffer_index = 0; 626 s->io_buffer_size = n * 512; 627 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) { 628 /* The PRDs were too short. Reset the Active bit, but don't raise an 629 * interrupt. */ 630 goto eot; 631 } 632 633 #ifdef DEBUG_AIO 634 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n", 635 sector_num, n, s->dma_cmd); 636 #endif 637 638 switch (s->dma_cmd) { 639 case IDE_DMA_READ: 640 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, 641 ide_dma_cb, s); 642 break; 643 case IDE_DMA_WRITE: 644 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, 645 ide_dma_cb, s); 646 break; 647 case IDE_DMA_TRIM: 648 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num, 649 ide_issue_trim, ide_dma_cb, s, 650 DMA_DIRECTION_TO_DEVICE); 651 break; 652 } 653 return; 654 655 eot: 656 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) { 657 bdrv_acct_done(s->bs, &s->acct); 658 } 659 ide_set_inactive(s); 660 } 661 662 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 663 { 664 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; 665 s->io_buffer_index = 0; 666 s->io_buffer_size = 0; 667 s->dma_cmd = dma_cmd; 668 669 switch (dma_cmd) { 670 case IDE_DMA_READ: 671 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 672 BDRV_ACCT_READ); 673 break; 674 case IDE_DMA_WRITE: 675 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 676 BDRV_ACCT_WRITE); 677 break; 678 default: 679 break; 680 } 681 682 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb); 683 } 684 685 static void ide_sector_write_timer_cb(void *opaque) 686 { 687 IDEState *s = opaque; 688 ide_set_irq(s->bus); 689 } 690 691 static void ide_sector_write_cb(void *opaque, int ret) 692 { 693 IDEState *s = opaque; 694 int n; 695 696 bdrv_acct_done(s->bs, &s->acct); 697 698 s->pio_aiocb = NULL; 699 s->status &= ~BUSY_STAT; 700 701 if (ret != 0) { 702 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) { 703 return; 704 } 705 } 706 707 n = s->nsector; 708 if (n > s->req_nb_sectors) { 709 n = s->req_nb_sectors; 710 } 711 s->nsector -= n; 712 if (s->nsector == 0) { 713 /* no more sectors to write */ 714 ide_transfer_stop(s); 715 } else { 716 int n1 = s->nsector; 717 if (n1 > s->req_nb_sectors) { 718 n1 = s->req_nb_sectors; 719 } 720 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE, 721 ide_sector_write); 722 } 723 ide_set_sector(s, ide_get_sector(s) + n); 724 725 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 726 /* It seems there is a bug in the Windows 2000 installer HDD 727 IDE driver which fills the disk with empty logs when the 728 IDE write IRQ comes too early. This hack tries to correct 729 that at the expense of slower write performances. Use this 730 option _only_ to install Windows 2000. You must disable it 731 for normal use. */ 732 qemu_mod_timer(s->sector_write_timer, 733 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000)); 734 } else { 735 ide_set_irq(s->bus); 736 } 737 } 738 739 void ide_sector_write(IDEState *s) 740 { 741 int64_t sector_num; 742 int n; 743 744 s->status = READY_STAT | SEEK_STAT | BUSY_STAT; 745 sector_num = ide_get_sector(s); 746 #if defined(DEBUG_IDE) 747 printf("sector=%" PRId64 "\n", sector_num); 748 #endif 749 n = s->nsector; 750 if (n > s->req_nb_sectors) { 751 n = s->req_nb_sectors; 752 } 753 754 s->iov.iov_base = s->io_buffer; 755 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 756 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 757 758 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 759 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n, 760 ide_sector_write_cb, s); 761 } 762 763 static void ide_flush_cb(void *opaque, int ret) 764 { 765 IDEState *s = opaque; 766 767 if (ret < 0) { 768 /* XXX: What sector number to set here? */ 769 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) { 770 return; 771 } 772 } 773 774 bdrv_acct_done(s->bs, &s->acct); 775 s->status = READY_STAT | SEEK_STAT; 776 ide_set_irq(s->bus); 777 } 778 779 void ide_flush_cache(IDEState *s) 780 { 781 if (s->bs == NULL) { 782 ide_flush_cb(s, 0); 783 return; 784 } 785 786 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH); 787 bdrv_aio_flush(s->bs, ide_flush_cb, s); 788 } 789 790 static void ide_cfata_metadata_inquiry(IDEState *s) 791 { 792 uint16_t *p; 793 uint32_t spd; 794 795 p = (uint16_t *) s->io_buffer; 796 memset(p, 0, 0x200); 797 spd = ((s->mdata_size - 1) >> 9) + 1; 798 799 put_le16(p + 0, 0x0001); /* Data format revision */ 800 put_le16(p + 1, 0x0000); /* Media property: silicon */ 801 put_le16(p + 2, s->media_changed); /* Media status */ 802 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 803 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 804 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 805 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 806 } 807 808 static void ide_cfata_metadata_read(IDEState *s) 809 { 810 uint16_t *p; 811 812 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 813 s->status = ERR_STAT; 814 s->error = ABRT_ERR; 815 return; 816 } 817 818 p = (uint16_t *) s->io_buffer; 819 memset(p, 0, 0x200); 820 821 put_le16(p + 0, s->media_changed); /* Media status */ 822 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 823 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 824 s->nsector << 9), 0x200 - 2)); 825 } 826 827 static void ide_cfata_metadata_write(IDEState *s) 828 { 829 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 830 s->status = ERR_STAT; 831 s->error = ABRT_ERR; 832 return; 833 } 834 835 s->media_changed = 0; 836 837 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 838 s->io_buffer + 2, 839 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 840 s->nsector << 9), 0x200 - 2)); 841 } 842 843 /* called when the inserted state of the media has changed */ 844 static void ide_cd_change_cb(void *opaque, bool load) 845 { 846 IDEState *s = opaque; 847 uint64_t nb_sectors; 848 849 s->tray_open = !load; 850 bdrv_get_geometry(s->bs, &nb_sectors); 851 s->nb_sectors = nb_sectors; 852 853 /* 854 * First indicate to the guest that a CD has been removed. That's 855 * done on the next command the guest sends us. 856 * 857 * Then we set UNIT_ATTENTION, by which the guest will 858 * detect a new CD in the drive. See ide_atapi_cmd() for details. 859 */ 860 s->cdrom_changed = 1; 861 s->events.new_media = true; 862 s->events.eject_request = false; 863 ide_set_irq(s->bus); 864 } 865 866 static void ide_cd_eject_request_cb(void *opaque, bool force) 867 { 868 IDEState *s = opaque; 869 870 s->events.eject_request = true; 871 if (force) { 872 s->tray_locked = false; 873 } 874 ide_set_irq(s->bus); 875 } 876 877 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 878 { 879 s->lba48 = lba48; 880 881 /* handle the 'magic' 0 nsector count conversion here. to avoid 882 * fiddling with the rest of the read logic, we just store the 883 * full sector count in ->nsector and ignore ->hob_nsector from now 884 */ 885 if (!s->lba48) { 886 if (!s->nsector) 887 s->nsector = 256; 888 } else { 889 if (!s->nsector && !s->hob_nsector) 890 s->nsector = 65536; 891 else { 892 int lo = s->nsector; 893 int hi = s->hob_nsector; 894 895 s->nsector = (hi << 8) | lo; 896 } 897 } 898 } 899 900 static void ide_clear_hob(IDEBus *bus) 901 { 902 /* any write clears HOB high bit of device control register */ 903 bus->ifs[0].select &= ~(1 << 7); 904 bus->ifs[1].select &= ~(1 << 7); 905 } 906 907 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 908 { 909 IDEBus *bus = opaque; 910 911 #ifdef DEBUG_IDE 912 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val); 913 #endif 914 915 addr &= 7; 916 917 /* ignore writes to command block while busy with previous command */ 918 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT))) 919 return; 920 921 switch(addr) { 922 case 0: 923 break; 924 case 1: 925 ide_clear_hob(bus); 926 /* NOTE: data is written to the two drives */ 927 bus->ifs[0].hob_feature = bus->ifs[0].feature; 928 bus->ifs[1].hob_feature = bus->ifs[1].feature; 929 bus->ifs[0].feature = val; 930 bus->ifs[1].feature = val; 931 break; 932 case 2: 933 ide_clear_hob(bus); 934 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 935 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 936 bus->ifs[0].nsector = val; 937 bus->ifs[1].nsector = val; 938 break; 939 case 3: 940 ide_clear_hob(bus); 941 bus->ifs[0].hob_sector = bus->ifs[0].sector; 942 bus->ifs[1].hob_sector = bus->ifs[1].sector; 943 bus->ifs[0].sector = val; 944 bus->ifs[1].sector = val; 945 break; 946 case 4: 947 ide_clear_hob(bus); 948 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 949 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 950 bus->ifs[0].lcyl = val; 951 bus->ifs[1].lcyl = val; 952 break; 953 case 5: 954 ide_clear_hob(bus); 955 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 956 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 957 bus->ifs[0].hcyl = val; 958 bus->ifs[1].hcyl = val; 959 break; 960 case 6: 961 /* FIXME: HOB readback uses bit 7 */ 962 bus->ifs[0].select = (val & ~0x10) | 0xa0; 963 bus->ifs[1].select = (val | 0x10) | 0xa0; 964 /* select drive */ 965 bus->unit = (val >> 4) & 1; 966 break; 967 default: 968 case 7: 969 /* command */ 970 ide_exec_cmd(bus, val); 971 break; 972 } 973 } 974 975 #define HD_OK (1u << IDE_HD) 976 #define CD_OK (1u << IDE_CD) 977 #define CFA_OK (1u << IDE_CFATA) 978 #define HD_CFA_OK (HD_OK | CFA_OK) 979 #define ALL_OK (HD_OK | CD_OK | CFA_OK) 980 981 /* See ACS-2 T13/2015-D Table B.2 Command codes */ 982 static const uint8_t ide_cmd_table[0x100] = { 983 /* NOP not implemented, mandatory for CD */ 984 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK, 985 [WIN_DSM] = ALL_OK, 986 [WIN_DEVICE_RESET] = CD_OK, 987 [WIN_RECAL] = HD_CFA_OK, 988 [WIN_READ] = ALL_OK, 989 [WIN_READ_ONCE] = ALL_OK, 990 [WIN_READ_EXT] = HD_CFA_OK, 991 [WIN_READDMA_EXT] = HD_CFA_OK, 992 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK, 993 [WIN_MULTREAD_EXT] = HD_CFA_OK, 994 [WIN_WRITE] = HD_CFA_OK, 995 [WIN_WRITE_ONCE] = HD_CFA_OK, 996 [WIN_WRITE_EXT] = HD_CFA_OK, 997 [WIN_WRITEDMA_EXT] = HD_CFA_OK, 998 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK, 999 [WIN_MULTWRITE_EXT] = HD_CFA_OK, 1000 [WIN_WRITE_VERIFY] = HD_CFA_OK, 1001 [WIN_VERIFY] = HD_CFA_OK, 1002 [WIN_VERIFY_ONCE] = HD_CFA_OK, 1003 [WIN_VERIFY_EXT] = HD_CFA_OK, 1004 [WIN_SEEK] = HD_CFA_OK, 1005 [CFA_TRANSLATE_SECTOR] = CFA_OK, 1006 [WIN_DIAGNOSE] = ALL_OK, 1007 [WIN_SPECIFY] = HD_CFA_OK, 1008 [WIN_STANDBYNOW2] = ALL_OK, 1009 [WIN_IDLEIMMEDIATE2] = ALL_OK, 1010 [WIN_STANDBY2] = ALL_OK, 1011 [WIN_SETIDLE2] = ALL_OK, 1012 [WIN_CHECKPOWERMODE2] = ALL_OK, 1013 [WIN_SLEEPNOW2] = ALL_OK, 1014 [WIN_PACKETCMD] = CD_OK, 1015 [WIN_PIDENTIFY] = CD_OK, 1016 [WIN_SMART] = HD_CFA_OK, 1017 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK, 1018 [CFA_ERASE_SECTORS] = CFA_OK, 1019 [WIN_MULTREAD] = HD_CFA_OK, 1020 [WIN_MULTWRITE] = HD_CFA_OK, 1021 [WIN_SETMULT] = HD_CFA_OK, 1022 [WIN_READDMA] = HD_CFA_OK, 1023 [WIN_READDMA_ONCE] = HD_CFA_OK, 1024 [WIN_WRITEDMA] = HD_CFA_OK, 1025 [WIN_WRITEDMA_ONCE] = HD_CFA_OK, 1026 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK, 1027 [WIN_STANDBYNOW1] = ALL_OK, 1028 [WIN_IDLEIMMEDIATE] = ALL_OK, 1029 [WIN_STANDBY] = ALL_OK, 1030 [WIN_SETIDLE1] = ALL_OK, 1031 [WIN_CHECKPOWERMODE1] = ALL_OK, 1032 [WIN_SLEEPNOW1] = ALL_OK, 1033 [WIN_FLUSH_CACHE] = ALL_OK, 1034 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK, 1035 [WIN_IDENTIFY] = ALL_OK, 1036 [WIN_SETFEATURES] = ALL_OK, 1037 [IBM_SENSE_CONDITION] = CFA_OK, 1038 [CFA_WEAR_LEVEL] = HD_CFA_OK, 1039 [WIN_READ_NATIVE_MAX] = ALL_OK, 1040 }; 1041 1042 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) 1043 { 1044 return cmd < ARRAY_SIZE(ide_cmd_table) 1045 && (ide_cmd_table[cmd] & (1u << s->drive_kind)); 1046 } 1047 1048 void ide_exec_cmd(IDEBus *bus, uint32_t val) 1049 { 1050 IDEState *s; 1051 int n; 1052 int lba48 = 0; 1053 1054 #if defined(DEBUG_IDE) 1055 printf("ide: CMD=%02x\n", val); 1056 #endif 1057 s = idebus_active_if(bus); 1058 /* ignore commands to non existent slave */ 1059 if (s != bus->ifs && !s->bs) 1060 return; 1061 1062 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */ 1063 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET) 1064 return; 1065 1066 if (!ide_cmd_permitted(s, val)) { 1067 goto abort_cmd; 1068 } 1069 1070 switch(val) { 1071 case WIN_DSM: 1072 switch (s->feature) { 1073 case DSM_TRIM: 1074 if (!s->bs) { 1075 goto abort_cmd; 1076 } 1077 ide_sector_start_dma(s, IDE_DMA_TRIM); 1078 break; 1079 default: 1080 goto abort_cmd; 1081 } 1082 break; 1083 case WIN_IDENTIFY: 1084 if (s->bs && s->drive_kind != IDE_CD) { 1085 if (s->drive_kind != IDE_CFATA) 1086 ide_identify(s); 1087 else 1088 ide_cfata_identify(s); 1089 s->status = READY_STAT | SEEK_STAT; 1090 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1091 } else { 1092 if (s->drive_kind == IDE_CD) { 1093 ide_set_signature(s); 1094 } 1095 ide_abort_command(s); 1096 } 1097 ide_set_irq(s->bus); 1098 break; 1099 case WIN_SPECIFY: 1100 case WIN_RECAL: 1101 s->error = 0; 1102 s->status = READY_STAT | SEEK_STAT; 1103 ide_set_irq(s->bus); 1104 break; 1105 case WIN_SETMULT: 1106 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1107 /* Disable Read and Write Multiple */ 1108 s->mult_sectors = 0; 1109 s->status = READY_STAT | SEEK_STAT; 1110 } else if ((s->nsector & 0xff) != 0 && 1111 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1112 (s->nsector & (s->nsector - 1)) != 0)) { 1113 ide_abort_command(s); 1114 } else { 1115 s->mult_sectors = s->nsector & 0xff; 1116 s->status = READY_STAT | SEEK_STAT; 1117 } 1118 ide_set_irq(s->bus); 1119 break; 1120 case WIN_VERIFY_EXT: 1121 lba48 = 1; 1122 case WIN_VERIFY: 1123 case WIN_VERIFY_ONCE: 1124 /* do sector number check ? */ 1125 ide_cmd_lba48_transform(s, lba48); 1126 s->status = READY_STAT | SEEK_STAT; 1127 ide_set_irq(s->bus); 1128 break; 1129 case WIN_READ_EXT: 1130 lba48 = 1; 1131 case WIN_READ: 1132 case WIN_READ_ONCE: 1133 if (s->drive_kind == IDE_CD) { 1134 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */ 1135 goto abort_cmd; 1136 } 1137 if (!s->bs) { 1138 goto abort_cmd; 1139 } 1140 ide_cmd_lba48_transform(s, lba48); 1141 s->req_nb_sectors = 1; 1142 ide_sector_read(s); 1143 break; 1144 case WIN_WRITE_EXT: 1145 lba48 = 1; 1146 case WIN_WRITE: 1147 case WIN_WRITE_ONCE: 1148 case CFA_WRITE_SECT_WO_ERASE: 1149 case WIN_WRITE_VERIFY: 1150 if (!s->bs) { 1151 goto abort_cmd; 1152 } 1153 ide_cmd_lba48_transform(s, lba48); 1154 s->error = 0; 1155 s->status = SEEK_STAT | READY_STAT; 1156 s->req_nb_sectors = 1; 1157 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1158 s->media_changed = 1; 1159 break; 1160 case WIN_MULTREAD_EXT: 1161 lba48 = 1; 1162 case WIN_MULTREAD: 1163 if (!s->bs) { 1164 goto abort_cmd; 1165 } 1166 if (!s->mult_sectors) { 1167 goto abort_cmd; 1168 } 1169 ide_cmd_lba48_transform(s, lba48); 1170 s->req_nb_sectors = s->mult_sectors; 1171 ide_sector_read(s); 1172 break; 1173 case WIN_MULTWRITE_EXT: 1174 lba48 = 1; 1175 case WIN_MULTWRITE: 1176 case CFA_WRITE_MULTI_WO_ERASE: 1177 if (!s->bs) { 1178 goto abort_cmd; 1179 } 1180 if (!s->mult_sectors) { 1181 goto abort_cmd; 1182 } 1183 ide_cmd_lba48_transform(s, lba48); 1184 s->error = 0; 1185 s->status = SEEK_STAT | READY_STAT; 1186 s->req_nb_sectors = s->mult_sectors; 1187 n = s->nsector; 1188 if (n > s->req_nb_sectors) 1189 n = s->req_nb_sectors; 1190 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1191 s->media_changed = 1; 1192 break; 1193 case WIN_READDMA_EXT: 1194 lba48 = 1; 1195 case WIN_READDMA: 1196 case WIN_READDMA_ONCE: 1197 if (!s->bs) { 1198 goto abort_cmd; 1199 } 1200 ide_cmd_lba48_transform(s, lba48); 1201 ide_sector_start_dma(s, IDE_DMA_READ); 1202 break; 1203 case WIN_WRITEDMA_EXT: 1204 lba48 = 1; 1205 case WIN_WRITEDMA: 1206 case WIN_WRITEDMA_ONCE: 1207 if (!s->bs) { 1208 goto abort_cmd; 1209 } 1210 ide_cmd_lba48_transform(s, lba48); 1211 ide_sector_start_dma(s, IDE_DMA_WRITE); 1212 s->media_changed = 1; 1213 break; 1214 case WIN_READ_NATIVE_MAX_EXT: 1215 lba48 = 1; 1216 case WIN_READ_NATIVE_MAX: 1217 ide_cmd_lba48_transform(s, lba48); 1218 ide_set_sector(s, s->nb_sectors - 1); 1219 s->status = READY_STAT | SEEK_STAT; 1220 ide_set_irq(s->bus); 1221 break; 1222 case WIN_CHECKPOWERMODE1: 1223 case WIN_CHECKPOWERMODE2: 1224 s->error = 0; 1225 s->nsector = 0xff; /* device active or idle */ 1226 s->status = READY_STAT | SEEK_STAT; 1227 ide_set_irq(s->bus); 1228 break; 1229 case WIN_SETFEATURES: 1230 if (!s->bs) 1231 goto abort_cmd; 1232 /* XXX: valid for CDROM ? */ 1233 switch(s->feature) { 1234 case 0xcc: /* reverting to power-on defaults enable */ 1235 case 0x66: /* reverting to power-on defaults disable */ 1236 case 0x02: /* write cache enable */ 1237 case 0x82: /* write cache disable */ 1238 case 0xaa: /* read look-ahead enable */ 1239 case 0x55: /* read look-ahead disable */ 1240 case 0x05: /* set advanced power management mode */ 1241 case 0x85: /* disable advanced power management mode */ 1242 case 0x69: /* NOP */ 1243 case 0x67: /* NOP */ 1244 case 0x96: /* NOP */ 1245 case 0x9a: /* NOP */ 1246 case 0x42: /* enable Automatic Acoustic Mode */ 1247 case 0xc2: /* disable Automatic Acoustic Mode */ 1248 s->status = READY_STAT | SEEK_STAT; 1249 ide_set_irq(s->bus); 1250 break; 1251 case 0x03: { /* set transfer mode */ 1252 uint8_t val = s->nsector & 0x07; 1253 uint16_t *identify_data = (uint16_t *)s->identify_data; 1254 1255 switch (s->nsector >> 3) { 1256 case 0x00: /* pio default */ 1257 case 0x01: /* pio mode */ 1258 put_le16(identify_data + 62,0x07); 1259 put_le16(identify_data + 63,0x07); 1260 put_le16(identify_data + 88,0x3f); 1261 break; 1262 case 0x02: /* sigle word dma mode*/ 1263 put_le16(identify_data + 62,0x07 | (1 << (val + 8))); 1264 put_le16(identify_data + 63,0x07); 1265 put_le16(identify_data + 88,0x3f); 1266 break; 1267 case 0x04: /* mdma mode */ 1268 put_le16(identify_data + 62,0x07); 1269 put_le16(identify_data + 63,0x07 | (1 << (val + 8))); 1270 put_le16(identify_data + 88,0x3f); 1271 break; 1272 case 0x08: /* udma mode */ 1273 put_le16(identify_data + 62,0x07); 1274 put_le16(identify_data + 63,0x07); 1275 put_le16(identify_data + 88,0x3f | (1 << (val + 8))); 1276 break; 1277 default: 1278 goto abort_cmd; 1279 } 1280 s->status = READY_STAT | SEEK_STAT; 1281 ide_set_irq(s->bus); 1282 break; 1283 } 1284 default: 1285 goto abort_cmd; 1286 } 1287 break; 1288 case WIN_FLUSH_CACHE: 1289 case WIN_FLUSH_CACHE_EXT: 1290 ide_flush_cache(s); 1291 break; 1292 case WIN_STANDBY: 1293 case WIN_STANDBY2: 1294 case WIN_STANDBYNOW1: 1295 case WIN_STANDBYNOW2: 1296 case WIN_IDLEIMMEDIATE: 1297 case WIN_IDLEIMMEDIATE2: 1298 case WIN_SETIDLE1: 1299 case WIN_SETIDLE2: 1300 case WIN_SLEEPNOW1: 1301 case WIN_SLEEPNOW2: 1302 s->status = READY_STAT; 1303 ide_set_irq(s->bus); 1304 break; 1305 case WIN_SEEK: 1306 /* XXX: Check that seek is within bounds */ 1307 s->status = READY_STAT | SEEK_STAT; 1308 ide_set_irq(s->bus); 1309 break; 1310 /* ATAPI commands */ 1311 case WIN_PIDENTIFY: 1312 ide_atapi_identify(s); 1313 s->status = READY_STAT | SEEK_STAT; 1314 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1315 ide_set_irq(s->bus); 1316 break; 1317 case WIN_DIAGNOSE: 1318 ide_set_signature(s); 1319 if (s->drive_kind == IDE_CD) 1320 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 1321 * devices to return a clear status register 1322 * with READY_STAT *not* set. */ 1323 else 1324 s->status = READY_STAT | SEEK_STAT; 1325 s->error = 0x01; /* Device 0 passed, Device 1 passed or not 1326 * present. 1327 */ 1328 ide_set_irq(s->bus); 1329 break; 1330 case WIN_DEVICE_RESET: 1331 ide_set_signature(s); 1332 s->status = 0x00; /* NOTE: READY is _not_ set */ 1333 s->error = 0x01; 1334 break; 1335 case WIN_PACKETCMD: 1336 /* overlapping commands not supported */ 1337 if (s->feature & 0x02) 1338 goto abort_cmd; 1339 s->status = READY_STAT | SEEK_STAT; 1340 s->atapi_dma = s->feature & 1; 1341 s->nsector = 1; 1342 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 1343 ide_atapi_cmd); 1344 break; 1345 /* CF-ATA commands */ 1346 case CFA_REQ_EXT_ERROR_CODE: 1347 s->error = 0x09; /* miscellaneous error */ 1348 s->status = READY_STAT | SEEK_STAT; 1349 ide_set_irq(s->bus); 1350 break; 1351 case CFA_ERASE_SECTORS: 1352 case CFA_WEAR_LEVEL: 1353 #if 0 1354 /* This one has the same ID as CFA_WEAR_LEVEL and is required for 1355 Windows 8 to work with AHCI */ 1356 case WIN_SECURITY_FREEZE_LOCK: 1357 #endif 1358 if (val == CFA_WEAR_LEVEL) 1359 s->nsector = 0; 1360 if (val == CFA_ERASE_SECTORS) 1361 s->media_changed = 1; 1362 s->error = 0x00; 1363 s->status = READY_STAT | SEEK_STAT; 1364 ide_set_irq(s->bus); 1365 break; 1366 case CFA_TRANSLATE_SECTOR: 1367 s->error = 0x00; 1368 s->status = READY_STAT | SEEK_STAT; 1369 memset(s->io_buffer, 0, 0x200); 1370 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 1371 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 1372 s->io_buffer[0x02] = s->select; /* Head */ 1373 s->io_buffer[0x03] = s->sector; /* Sector */ 1374 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 1375 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 1376 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 1377 s->io_buffer[0x13] = 0x00; /* Erase flag */ 1378 s->io_buffer[0x18] = 0x00; /* Hot count */ 1379 s->io_buffer[0x19] = 0x00; /* Hot count */ 1380 s->io_buffer[0x1a] = 0x01; /* Hot count */ 1381 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1382 ide_set_irq(s->bus); 1383 break; 1384 case CFA_ACCESS_METADATA_STORAGE: 1385 switch (s->feature) { 1386 case 0x02: /* Inquiry Metadata Storage */ 1387 ide_cfata_metadata_inquiry(s); 1388 break; 1389 case 0x03: /* Read Metadata Storage */ 1390 ide_cfata_metadata_read(s); 1391 break; 1392 case 0x04: /* Write Metadata Storage */ 1393 ide_cfata_metadata_write(s); 1394 break; 1395 default: 1396 goto abort_cmd; 1397 } 1398 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1399 s->status = 0x00; /* NOTE: READY is _not_ set */ 1400 ide_set_irq(s->bus); 1401 break; 1402 case IBM_SENSE_CONDITION: 1403 switch (s->feature) { 1404 case 0x01: /* sense temperature in device */ 1405 s->nsector = 0x50; /* +20 C */ 1406 break; 1407 default: 1408 goto abort_cmd; 1409 } 1410 s->status = READY_STAT | SEEK_STAT; 1411 ide_set_irq(s->bus); 1412 break; 1413 1414 case WIN_SMART: 1415 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) 1416 goto abort_cmd; 1417 if (!s->smart_enabled && s->feature != SMART_ENABLE) 1418 goto abort_cmd; 1419 switch (s->feature) { 1420 case SMART_DISABLE: 1421 s->smart_enabled = 0; 1422 s->status = READY_STAT | SEEK_STAT; 1423 ide_set_irq(s->bus); 1424 break; 1425 case SMART_ENABLE: 1426 s->smart_enabled = 1; 1427 s->status = READY_STAT | SEEK_STAT; 1428 ide_set_irq(s->bus); 1429 break; 1430 case SMART_ATTR_AUTOSAVE: 1431 switch (s->sector) { 1432 case 0x00: 1433 s->smart_autosave = 0; 1434 break; 1435 case 0xf1: 1436 s->smart_autosave = 1; 1437 break; 1438 default: 1439 goto abort_cmd; 1440 } 1441 s->status = READY_STAT | SEEK_STAT; 1442 ide_set_irq(s->bus); 1443 break; 1444 case SMART_STATUS: 1445 if (!s->smart_errors) { 1446 s->hcyl = 0xc2; 1447 s->lcyl = 0x4f; 1448 } else { 1449 s->hcyl = 0x2c; 1450 s->lcyl = 0xf4; 1451 } 1452 s->status = READY_STAT | SEEK_STAT; 1453 ide_set_irq(s->bus); 1454 break; 1455 case SMART_READ_THRESH: 1456 memset(s->io_buffer, 0, 0x200); 1457 s->io_buffer[0] = 0x01; /* smart struct version */ 1458 for (n=0; n<30; n++) { 1459 if (smart_attributes[n][0] == 0) 1460 break; 1461 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0]; 1462 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11]; 1463 } 1464 for (n=0; n<511; n++) /* checksum */ 1465 s->io_buffer[511] += s->io_buffer[n]; 1466 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1467 s->status = READY_STAT | SEEK_STAT; 1468 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1469 ide_set_irq(s->bus); 1470 break; 1471 case SMART_READ_DATA: 1472 memset(s->io_buffer, 0, 0x200); 1473 s->io_buffer[0] = 0x01; /* smart struct version */ 1474 for (n=0; n<30; n++) { 1475 if (smart_attributes[n][0] == 0) { 1476 break; 1477 } 1478 int i; 1479 for(i = 0; i < 11; i++) { 1480 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i]; 1481 } 1482 } 1483 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00); 1484 if (s->smart_selftest_count == 0) { 1485 s->io_buffer[363] = 0; 1486 } else { 1487 s->io_buffer[363] = 1488 s->smart_selftest_data[3 + 1489 (s->smart_selftest_count - 1) * 1490 24]; 1491 } 1492 s->io_buffer[364] = 0x20; 1493 s->io_buffer[365] = 0x01; 1494 /* offline data collection capacity: execute + self-test*/ 1495 s->io_buffer[367] = (1<<4 | 1<<3 | 1); 1496 s->io_buffer[368] = 0x03; /* smart capability (1) */ 1497 s->io_buffer[369] = 0x00; /* smart capability (2) */ 1498 s->io_buffer[370] = 0x01; /* error logging supported */ 1499 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 1500 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 1501 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 1502 1503 for (n=0; n<511; n++) 1504 s->io_buffer[511] += s->io_buffer[n]; 1505 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1506 s->status = READY_STAT | SEEK_STAT; 1507 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1508 ide_set_irq(s->bus); 1509 break; 1510 case SMART_READ_LOG: 1511 switch (s->sector) { 1512 case 0x01: /* summary smart error log */ 1513 memset(s->io_buffer, 0, 0x200); 1514 s->io_buffer[0] = 0x01; 1515 s->io_buffer[1] = 0x00; /* no error entries */ 1516 s->io_buffer[452] = s->smart_errors & 0xff; 1517 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 1518 1519 for (n=0; n<511; n++) 1520 s->io_buffer[511] += s->io_buffer[n]; 1521 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1522 break; 1523 case 0x06: /* smart self test log */ 1524 memset(s->io_buffer, 0, 0x200); 1525 s->io_buffer[0] = 0x01; 1526 if (s->smart_selftest_count == 0) { 1527 s->io_buffer[508] = 0; 1528 } else { 1529 s->io_buffer[508] = s->smart_selftest_count; 1530 for (n=2; n<506; n++) 1531 s->io_buffer[n] = s->smart_selftest_data[n]; 1532 } 1533 for (n=0; n<511; n++) 1534 s->io_buffer[511] += s->io_buffer[n]; 1535 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1536 break; 1537 default: 1538 goto abort_cmd; 1539 } 1540 s->status = READY_STAT | SEEK_STAT; 1541 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1542 ide_set_irq(s->bus); 1543 break; 1544 case SMART_EXECUTE_OFFLINE: 1545 switch (s->sector) { 1546 case 0: /* off-line routine */ 1547 case 1: /* short self test */ 1548 case 2: /* extended self test */ 1549 s->smart_selftest_count++; 1550 if(s->smart_selftest_count > 21) 1551 s->smart_selftest_count = 0; 1552 n = 2 + (s->smart_selftest_count - 1) * 24; 1553 s->smart_selftest_data[n] = s->sector; 1554 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */ 1555 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */ 1556 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */ 1557 s->status = READY_STAT | SEEK_STAT; 1558 ide_set_irq(s->bus); 1559 break; 1560 default: 1561 goto abort_cmd; 1562 } 1563 break; 1564 default: 1565 goto abort_cmd; 1566 } 1567 break; 1568 default: 1569 /* should not be reachable */ 1570 abort_cmd: 1571 ide_abort_command(s); 1572 ide_set_irq(s->bus); 1573 break; 1574 } 1575 } 1576 1577 uint32_t ide_ioport_read(void *opaque, uint32_t addr1) 1578 { 1579 IDEBus *bus = opaque; 1580 IDEState *s = idebus_active_if(bus); 1581 uint32_t addr; 1582 int ret, hob; 1583 1584 addr = addr1 & 7; 1585 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 1586 //hob = s->select & (1 << 7); 1587 hob = 0; 1588 switch(addr) { 1589 case 0: 1590 ret = 0xff; 1591 break; 1592 case 1: 1593 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1594 (s != bus->ifs && !s->bs)) 1595 ret = 0; 1596 else if (!hob) 1597 ret = s->error; 1598 else 1599 ret = s->hob_feature; 1600 break; 1601 case 2: 1602 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1603 ret = 0; 1604 else if (!hob) 1605 ret = s->nsector & 0xff; 1606 else 1607 ret = s->hob_nsector; 1608 break; 1609 case 3: 1610 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1611 ret = 0; 1612 else if (!hob) 1613 ret = s->sector; 1614 else 1615 ret = s->hob_sector; 1616 break; 1617 case 4: 1618 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1619 ret = 0; 1620 else if (!hob) 1621 ret = s->lcyl; 1622 else 1623 ret = s->hob_lcyl; 1624 break; 1625 case 5: 1626 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1627 ret = 0; 1628 else if (!hob) 1629 ret = s->hcyl; 1630 else 1631 ret = s->hob_hcyl; 1632 break; 1633 case 6: 1634 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1635 ret = 0; 1636 else 1637 ret = s->select; 1638 break; 1639 default: 1640 case 7: 1641 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1642 (s != bus->ifs && !s->bs)) 1643 ret = 0; 1644 else 1645 ret = s->status; 1646 qemu_irq_lower(bus->irq); 1647 break; 1648 } 1649 #ifdef DEBUG_IDE 1650 printf("ide: read addr=0x%x val=%02x\n", addr1, ret); 1651 #endif 1652 return ret; 1653 } 1654 1655 uint32_t ide_status_read(void *opaque, uint32_t addr) 1656 { 1657 IDEBus *bus = opaque; 1658 IDEState *s = idebus_active_if(bus); 1659 int ret; 1660 1661 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1662 (s != bus->ifs && !s->bs)) 1663 ret = 0; 1664 else 1665 ret = s->status; 1666 #ifdef DEBUG_IDE 1667 printf("ide: read status addr=0x%x val=%02x\n", addr, ret); 1668 #endif 1669 return ret; 1670 } 1671 1672 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 1673 { 1674 IDEBus *bus = opaque; 1675 IDEState *s; 1676 int i; 1677 1678 #ifdef DEBUG_IDE 1679 printf("ide: write control addr=0x%x val=%02x\n", addr, val); 1680 #endif 1681 /* common for both drives */ 1682 if (!(bus->cmd & IDE_CMD_RESET) && 1683 (val & IDE_CMD_RESET)) { 1684 /* reset low to high */ 1685 for(i = 0;i < 2; i++) { 1686 s = &bus->ifs[i]; 1687 s->status = BUSY_STAT | SEEK_STAT; 1688 s->error = 0x01; 1689 } 1690 } else if ((bus->cmd & IDE_CMD_RESET) && 1691 !(val & IDE_CMD_RESET)) { 1692 /* high to low */ 1693 for(i = 0;i < 2; i++) { 1694 s = &bus->ifs[i]; 1695 if (s->drive_kind == IDE_CD) 1696 s->status = 0x00; /* NOTE: READY is _not_ set */ 1697 else 1698 s->status = READY_STAT | SEEK_STAT; 1699 ide_set_signature(s); 1700 } 1701 } 1702 1703 bus->cmd = val; 1704 } 1705 1706 /* 1707 * Returns true if the running PIO transfer is a PIO out (i.e. data is 1708 * transferred from the device to the guest), false if it's a PIO in 1709 */ 1710 static bool ide_is_pio_out(IDEState *s) 1711 { 1712 if (s->end_transfer_func == ide_sector_write || 1713 s->end_transfer_func == ide_atapi_cmd) { 1714 return false; 1715 } else if (s->end_transfer_func == ide_sector_read || 1716 s->end_transfer_func == ide_transfer_stop || 1717 s->end_transfer_func == ide_atapi_cmd_reply_end || 1718 s->end_transfer_func == ide_dummy_transfer_stop) { 1719 return true; 1720 } 1721 1722 abort(); 1723 } 1724 1725 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 1726 { 1727 IDEBus *bus = opaque; 1728 IDEState *s = idebus_active_if(bus); 1729 uint8_t *p; 1730 1731 /* PIO data access allowed only when DRQ bit is set. The result of a write 1732 * during PIO out is indeterminate, just ignore it. */ 1733 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1734 return; 1735 } 1736 1737 p = s->data_ptr; 1738 *(uint16_t *)p = le16_to_cpu(val); 1739 p += 2; 1740 s->data_ptr = p; 1741 if (p >= s->data_end) 1742 s->end_transfer_func(s); 1743 } 1744 1745 uint32_t ide_data_readw(void *opaque, uint32_t addr) 1746 { 1747 IDEBus *bus = opaque; 1748 IDEState *s = idebus_active_if(bus); 1749 uint8_t *p; 1750 int ret; 1751 1752 /* PIO data access allowed only when DRQ bit is set. The result of a read 1753 * during PIO in is indeterminate, return 0 and don't move forward. */ 1754 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1755 return 0; 1756 } 1757 1758 p = s->data_ptr; 1759 ret = cpu_to_le16(*(uint16_t *)p); 1760 p += 2; 1761 s->data_ptr = p; 1762 if (p >= s->data_end) 1763 s->end_transfer_func(s); 1764 return ret; 1765 } 1766 1767 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 1768 { 1769 IDEBus *bus = opaque; 1770 IDEState *s = idebus_active_if(bus); 1771 uint8_t *p; 1772 1773 /* PIO data access allowed only when DRQ bit is set. The result of a write 1774 * during PIO out is indeterminate, just ignore it. */ 1775 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1776 return; 1777 } 1778 1779 p = s->data_ptr; 1780 *(uint32_t *)p = le32_to_cpu(val); 1781 p += 4; 1782 s->data_ptr = p; 1783 if (p >= s->data_end) 1784 s->end_transfer_func(s); 1785 } 1786 1787 uint32_t ide_data_readl(void *opaque, uint32_t addr) 1788 { 1789 IDEBus *bus = opaque; 1790 IDEState *s = idebus_active_if(bus); 1791 uint8_t *p; 1792 int ret; 1793 1794 /* PIO data access allowed only when DRQ bit is set. The result of a read 1795 * during PIO in is indeterminate, return 0 and don't move forward. */ 1796 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1797 return 0; 1798 } 1799 1800 p = s->data_ptr; 1801 ret = cpu_to_le32(*(uint32_t *)p); 1802 p += 4; 1803 s->data_ptr = p; 1804 if (p >= s->data_end) 1805 s->end_transfer_func(s); 1806 return ret; 1807 } 1808 1809 static void ide_dummy_transfer_stop(IDEState *s) 1810 { 1811 s->data_ptr = s->io_buffer; 1812 s->data_end = s->io_buffer; 1813 s->io_buffer[0] = 0xff; 1814 s->io_buffer[1] = 0xff; 1815 s->io_buffer[2] = 0xff; 1816 s->io_buffer[3] = 0xff; 1817 } 1818 1819 static void ide_reset(IDEState *s) 1820 { 1821 #ifdef DEBUG_IDE 1822 printf("ide: reset\n"); 1823 #endif 1824 1825 if (s->pio_aiocb) { 1826 bdrv_aio_cancel(s->pio_aiocb); 1827 s->pio_aiocb = NULL; 1828 } 1829 1830 if (s->drive_kind == IDE_CFATA) 1831 s->mult_sectors = 0; 1832 else 1833 s->mult_sectors = MAX_MULT_SECTORS; 1834 /* ide regs */ 1835 s->feature = 0; 1836 s->error = 0; 1837 s->nsector = 0; 1838 s->sector = 0; 1839 s->lcyl = 0; 1840 s->hcyl = 0; 1841 1842 /* lba48 */ 1843 s->hob_feature = 0; 1844 s->hob_sector = 0; 1845 s->hob_nsector = 0; 1846 s->hob_lcyl = 0; 1847 s->hob_hcyl = 0; 1848 1849 s->select = 0xa0; 1850 s->status = READY_STAT | SEEK_STAT; 1851 1852 s->lba48 = 0; 1853 1854 /* ATAPI specific */ 1855 s->sense_key = 0; 1856 s->asc = 0; 1857 s->cdrom_changed = 0; 1858 s->packet_transfer_size = 0; 1859 s->elementary_transfer_size = 0; 1860 s->io_buffer_index = 0; 1861 s->cd_sector_size = 0; 1862 s->atapi_dma = 0; 1863 /* ATA DMA state */ 1864 s->io_buffer_size = 0; 1865 s->req_nb_sectors = 0; 1866 1867 ide_set_signature(s); 1868 /* init the transfer handler so that 0xffff is returned on data 1869 accesses */ 1870 s->end_transfer_func = ide_dummy_transfer_stop; 1871 ide_dummy_transfer_stop(s); 1872 s->media_changed = 0; 1873 } 1874 1875 void ide_bus_reset(IDEBus *bus) 1876 { 1877 bus->unit = 0; 1878 bus->cmd = 0; 1879 ide_reset(&bus->ifs[0]); 1880 ide_reset(&bus->ifs[1]); 1881 ide_clear_hob(bus); 1882 1883 /* pending async DMA */ 1884 if (bus->dma->aiocb) { 1885 #ifdef DEBUG_AIO 1886 printf("aio_cancel\n"); 1887 #endif 1888 bdrv_aio_cancel(bus->dma->aiocb); 1889 bus->dma->aiocb = NULL; 1890 } 1891 1892 /* reset dma provider too */ 1893 bus->dma->ops->reset(bus->dma); 1894 } 1895 1896 static bool ide_cd_is_tray_open(void *opaque) 1897 { 1898 return ((IDEState *)opaque)->tray_open; 1899 } 1900 1901 static bool ide_cd_is_medium_locked(void *opaque) 1902 { 1903 return ((IDEState *)opaque)->tray_locked; 1904 } 1905 1906 static const BlockDevOps ide_cd_block_ops = { 1907 .change_media_cb = ide_cd_change_cb, 1908 .eject_request_cb = ide_cd_eject_request_cb, 1909 .is_tray_open = ide_cd_is_tray_open, 1910 .is_medium_locked = ide_cd_is_medium_locked, 1911 }; 1912 1913 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind, 1914 const char *version, const char *serial, const char *model, 1915 uint64_t wwn) 1916 { 1917 int cylinders, heads, secs; 1918 uint64_t nb_sectors; 1919 1920 s->bs = bs; 1921 s->drive_kind = kind; 1922 1923 bdrv_get_geometry(bs, &nb_sectors); 1924 bdrv_guess_geometry(bs, &cylinders, &heads, &secs); 1925 if (cylinders < 1 || cylinders > 16383) { 1926 error_report("cyls must be between 1 and 16383"); 1927 return -1; 1928 } 1929 if (heads < 1 || heads > 16) { 1930 error_report("heads must be between 1 and 16"); 1931 return -1; 1932 } 1933 if (secs < 1 || secs > 63) { 1934 error_report("secs must be between 1 and 63"); 1935 return -1; 1936 } 1937 s->cylinders = cylinders; 1938 s->heads = heads; 1939 s->sectors = secs; 1940 s->nb_sectors = nb_sectors; 1941 s->wwn = wwn; 1942 /* The SMART values should be preserved across power cycles 1943 but they aren't. */ 1944 s->smart_enabled = 1; 1945 s->smart_autosave = 1; 1946 s->smart_errors = 0; 1947 s->smart_selftest_count = 0; 1948 if (kind == IDE_CD) { 1949 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s); 1950 bdrv_set_buffer_alignment(bs, 2048); 1951 } else { 1952 if (!bdrv_is_inserted(s->bs)) { 1953 error_report("Device needs media, but drive is empty"); 1954 return -1; 1955 } 1956 if (bdrv_is_read_only(bs)) { 1957 error_report("Can't use a read-only drive"); 1958 return -1; 1959 } 1960 } 1961 if (serial) { 1962 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial); 1963 } else { 1964 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 1965 "QM%05d", s->drive_serial); 1966 } 1967 if (model) { 1968 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model); 1969 } else { 1970 switch (kind) { 1971 case IDE_CD: 1972 strcpy(s->drive_model_str, "QEMU DVD-ROM"); 1973 break; 1974 case IDE_CFATA: 1975 strcpy(s->drive_model_str, "QEMU MICRODRIVE"); 1976 break; 1977 default: 1978 strcpy(s->drive_model_str, "QEMU HARDDISK"); 1979 break; 1980 } 1981 } 1982 1983 if (version) { 1984 pstrcpy(s->version, sizeof(s->version), version); 1985 } else { 1986 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION); 1987 } 1988 1989 ide_reset(s); 1990 bdrv_iostatus_enable(bs); 1991 return 0; 1992 } 1993 1994 static void ide_init1(IDEBus *bus, int unit) 1995 { 1996 static int drive_serial = 1; 1997 IDEState *s = &bus->ifs[unit]; 1998 1999 s->bus = bus; 2000 s->unit = unit; 2001 s->drive_serial = drive_serial++; 2002 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */ 2003 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 2004 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len); 2005 memset(s->io_buffer, 0, s->io_buffer_total_len); 2006 2007 s->smart_selftest_data = qemu_blockalign(s->bs, 512); 2008 memset(s->smart_selftest_data, 0, 512); 2009 2010 s->sector_write_timer = qemu_new_timer_ns(vm_clock, 2011 ide_sector_write_timer_cb, s); 2012 } 2013 2014 static void ide_nop_start(IDEDMA *dma, IDEState *s, 2015 BlockDriverCompletionFunc *cb) 2016 { 2017 } 2018 2019 static int ide_nop(IDEDMA *dma) 2020 { 2021 return 0; 2022 } 2023 2024 static int ide_nop_int(IDEDMA *dma, int x) 2025 { 2026 return 0; 2027 } 2028 2029 static void ide_nop_restart(void *opaque, int x, RunState y) 2030 { 2031 } 2032 2033 static const IDEDMAOps ide_dma_nop_ops = { 2034 .start_dma = ide_nop_start, 2035 .start_transfer = ide_nop, 2036 .prepare_buf = ide_nop_int, 2037 .rw_buf = ide_nop_int, 2038 .set_unit = ide_nop_int, 2039 .add_status = ide_nop_int, 2040 .set_inactive = ide_nop, 2041 .restart_cb = ide_nop_restart, 2042 .reset = ide_nop, 2043 }; 2044 2045 static IDEDMA ide_dma_nop = { 2046 .ops = &ide_dma_nop_ops, 2047 .aiocb = NULL, 2048 }; 2049 2050 void ide_init2(IDEBus *bus, qemu_irq irq) 2051 { 2052 int i; 2053 2054 for(i = 0; i < 2; i++) { 2055 ide_init1(bus, i); 2056 ide_reset(&bus->ifs[i]); 2057 } 2058 bus->irq = irq; 2059 bus->dma = &ide_dma_nop; 2060 } 2061 2062 /* TODO convert users to qdev and remove */ 2063 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0, 2064 DriveInfo *hd1, qemu_irq irq) 2065 { 2066 int i; 2067 DriveInfo *dinfo; 2068 2069 for(i = 0; i < 2; i++) { 2070 dinfo = i == 0 ? hd0 : hd1; 2071 ide_init1(bus, i); 2072 if (dinfo) { 2073 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, 2074 dinfo->media_cd ? IDE_CD : IDE_HD, NULL, 2075 *dinfo->serial ? dinfo->serial : NULL, 2076 NULL, 0) < 0) { 2077 error_report("Can't set up IDE drive %s", dinfo->id); 2078 exit(1); 2079 } 2080 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]); 2081 } else { 2082 ide_reset(&bus->ifs[i]); 2083 } 2084 } 2085 bus->irq = irq; 2086 bus->dma = &ide_dma_nop; 2087 } 2088 2089 static const MemoryRegionPortio ide_portio_list[] = { 2090 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write }, 2091 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew }, 2092 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel }, 2093 PORTIO_END_OF_LIST(), 2094 }; 2095 2096 static const MemoryRegionPortio ide_portio2_list[] = { 2097 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write }, 2098 PORTIO_END_OF_LIST(), 2099 }; 2100 2101 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2) 2102 { 2103 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA 2104 bridge has been setup properly to always register with ISA. */ 2105 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide"); 2106 2107 if (iobase2) { 2108 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide"); 2109 } 2110 } 2111 2112 static bool is_identify_set(void *opaque, int version_id) 2113 { 2114 IDEState *s = opaque; 2115 2116 return s->identify_set != 0; 2117 } 2118 2119 static EndTransferFunc* transfer_end_table[] = { 2120 ide_sector_read, 2121 ide_sector_write, 2122 ide_transfer_stop, 2123 ide_atapi_cmd_reply_end, 2124 ide_atapi_cmd, 2125 ide_dummy_transfer_stop, 2126 }; 2127 2128 static int transfer_end_table_idx(EndTransferFunc *fn) 2129 { 2130 int i; 2131 2132 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2133 if (transfer_end_table[i] == fn) 2134 return i; 2135 2136 return -1; 2137 } 2138 2139 static int ide_drive_post_load(void *opaque, int version_id) 2140 { 2141 IDEState *s = opaque; 2142 2143 if (version_id < 3) { 2144 if (s->sense_key == UNIT_ATTENTION && 2145 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) { 2146 s->cdrom_changed = 1; 2147 } 2148 } 2149 return 0; 2150 } 2151 2152 static int ide_drive_pio_post_load(void *opaque, int version_id) 2153 { 2154 IDEState *s = opaque; 2155 2156 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { 2157 return -EINVAL; 2158 } 2159 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2160 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2161 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2162 2163 return 0; 2164 } 2165 2166 static void ide_drive_pio_pre_save(void *opaque) 2167 { 2168 IDEState *s = opaque; 2169 int idx; 2170 2171 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2172 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2173 2174 idx = transfer_end_table_idx(s->end_transfer_func); 2175 if (idx == -1) { 2176 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2177 __func__); 2178 s->end_transfer_fn_idx = 2; 2179 } else { 2180 s->end_transfer_fn_idx = idx; 2181 } 2182 } 2183 2184 static bool ide_drive_pio_state_needed(void *opaque) 2185 { 2186 IDEState *s = opaque; 2187 2188 return ((s->status & DRQ_STAT) != 0) 2189 || (s->bus->error_status & BM_STATUS_PIO_RETRY); 2190 } 2191 2192 static bool ide_tray_state_needed(void *opaque) 2193 { 2194 IDEState *s = opaque; 2195 2196 return s->tray_open || s->tray_locked; 2197 } 2198 2199 static bool ide_atapi_gesn_needed(void *opaque) 2200 { 2201 IDEState *s = opaque; 2202 2203 return s->events.new_media || s->events.eject_request; 2204 } 2205 2206 static bool ide_error_needed(void *opaque) 2207 { 2208 IDEBus *bus = opaque; 2209 2210 return (bus->error_status != 0); 2211 } 2212 2213 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ 2214 static const VMStateDescription vmstate_ide_atapi_gesn_state = { 2215 .name ="ide_drive/atapi/gesn_state", 2216 .version_id = 1, 2217 .minimum_version_id = 1, 2218 .minimum_version_id_old = 1, 2219 .fields = (VMStateField []) { 2220 VMSTATE_BOOL(events.new_media, IDEState), 2221 VMSTATE_BOOL(events.eject_request, IDEState), 2222 VMSTATE_END_OF_LIST() 2223 } 2224 }; 2225 2226 static const VMStateDescription vmstate_ide_tray_state = { 2227 .name = "ide_drive/tray_state", 2228 .version_id = 1, 2229 .minimum_version_id = 1, 2230 .minimum_version_id_old = 1, 2231 .fields = (VMStateField[]) { 2232 VMSTATE_BOOL(tray_open, IDEState), 2233 VMSTATE_BOOL(tray_locked, IDEState), 2234 VMSTATE_END_OF_LIST() 2235 } 2236 }; 2237 2238 static const VMStateDescription vmstate_ide_drive_pio_state = { 2239 .name = "ide_drive/pio_state", 2240 .version_id = 1, 2241 .minimum_version_id = 1, 2242 .minimum_version_id_old = 1, 2243 .pre_save = ide_drive_pio_pre_save, 2244 .post_load = ide_drive_pio_post_load, 2245 .fields = (VMStateField []) { 2246 VMSTATE_INT32(req_nb_sectors, IDEState), 2247 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2248 vmstate_info_uint8, uint8_t), 2249 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2250 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2251 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2252 VMSTATE_INT32(elementary_transfer_size, IDEState), 2253 VMSTATE_INT32(packet_transfer_size, IDEState), 2254 VMSTATE_END_OF_LIST() 2255 } 2256 }; 2257 2258 const VMStateDescription vmstate_ide_drive = { 2259 .name = "ide_drive", 2260 .version_id = 3, 2261 .minimum_version_id = 0, 2262 .minimum_version_id_old = 0, 2263 .post_load = ide_drive_post_load, 2264 .fields = (VMStateField []) { 2265 VMSTATE_INT32(mult_sectors, IDEState), 2266 VMSTATE_INT32(identify_set, IDEState), 2267 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2268 VMSTATE_UINT8(feature, IDEState), 2269 VMSTATE_UINT8(error, IDEState), 2270 VMSTATE_UINT32(nsector, IDEState), 2271 VMSTATE_UINT8(sector, IDEState), 2272 VMSTATE_UINT8(lcyl, IDEState), 2273 VMSTATE_UINT8(hcyl, IDEState), 2274 VMSTATE_UINT8(hob_feature, IDEState), 2275 VMSTATE_UINT8(hob_sector, IDEState), 2276 VMSTATE_UINT8(hob_nsector, IDEState), 2277 VMSTATE_UINT8(hob_lcyl, IDEState), 2278 VMSTATE_UINT8(hob_hcyl, IDEState), 2279 VMSTATE_UINT8(select, IDEState), 2280 VMSTATE_UINT8(status, IDEState), 2281 VMSTATE_UINT8(lba48, IDEState), 2282 VMSTATE_UINT8(sense_key, IDEState), 2283 VMSTATE_UINT8(asc, IDEState), 2284 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2285 VMSTATE_END_OF_LIST() 2286 }, 2287 .subsections = (VMStateSubsection []) { 2288 { 2289 .vmsd = &vmstate_ide_drive_pio_state, 2290 .needed = ide_drive_pio_state_needed, 2291 }, { 2292 .vmsd = &vmstate_ide_tray_state, 2293 .needed = ide_tray_state_needed, 2294 }, { 2295 .vmsd = &vmstate_ide_atapi_gesn_state, 2296 .needed = ide_atapi_gesn_needed, 2297 }, { 2298 /* empty */ 2299 } 2300 } 2301 }; 2302 2303 static const VMStateDescription vmstate_ide_error_status = { 2304 .name ="ide_bus/error", 2305 .version_id = 1, 2306 .minimum_version_id = 1, 2307 .minimum_version_id_old = 1, 2308 .fields = (VMStateField []) { 2309 VMSTATE_INT32(error_status, IDEBus), 2310 VMSTATE_END_OF_LIST() 2311 } 2312 }; 2313 2314 const VMStateDescription vmstate_ide_bus = { 2315 .name = "ide_bus", 2316 .version_id = 1, 2317 .minimum_version_id = 1, 2318 .minimum_version_id_old = 1, 2319 .fields = (VMStateField []) { 2320 VMSTATE_UINT8(cmd, IDEBus), 2321 VMSTATE_UINT8(unit, IDEBus), 2322 VMSTATE_END_OF_LIST() 2323 }, 2324 .subsections = (VMStateSubsection []) { 2325 { 2326 .vmsd = &vmstate_ide_error_status, 2327 .needed = ide_error_needed, 2328 }, { 2329 /* empty */ 2330 } 2331 } 2332 }; 2333 2334 void ide_drive_get(DriveInfo **hd, int max_bus) 2335 { 2336 int i; 2337 2338 if (drive_get_max_bus(IF_IDE) >= max_bus) { 2339 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus); 2340 exit(1); 2341 } 2342 2343 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) { 2344 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS); 2345 } 2346 } 2347