1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 #include <hw/hw.h> 26 #include <hw/i386/pc.h> 27 #include <hw/pci/pci.h> 28 #include <hw/isa/isa.h> 29 #include "qemu/error-report.h" 30 #include "qemu/timer.h" 31 #include "sysemu/sysemu.h" 32 #include "sysemu/dma.h" 33 #include "hw/block/block.h" 34 #include "sysemu/blockdev.h" 35 36 #include <hw/ide/internal.h> 37 38 /* These values were based on a Seagate ST3500418AS but have been modified 39 to make more sense in QEMU */ 40 static const int smart_attributes[][12] = { 41 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */ 42 /* raw read error rate*/ 43 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06}, 44 /* spin up */ 45 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 46 /* start stop count */ 47 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14}, 48 /* remapped sectors */ 49 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24}, 50 /* power on hours */ 51 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 52 /* power cycle count */ 53 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 54 /* airflow-temperature-celsius */ 55 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32}, 56 }; 57 58 static int ide_handle_rw_error(IDEState *s, int error, int op); 59 static void ide_dummy_transfer_stop(IDEState *s); 60 61 static void padstr(char *str, const char *src, int len) 62 { 63 int i, v; 64 for(i = 0; i < len; i++) { 65 if (*src) 66 v = *src++; 67 else 68 v = ' '; 69 str[i^1] = v; 70 } 71 } 72 73 static void put_le16(uint16_t *p, unsigned int v) 74 { 75 *p = cpu_to_le16(v); 76 } 77 78 static void ide_identify(IDEState *s) 79 { 80 uint16_t *p; 81 unsigned int oldsize; 82 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; 83 84 if (s->identify_set) { 85 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 86 return; 87 } 88 89 memset(s->io_buffer, 0, 512); 90 p = (uint16_t *)s->io_buffer; 91 put_le16(p + 0, 0x0040); 92 put_le16(p + 1, s->cylinders); 93 put_le16(p + 3, s->heads); 94 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 95 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 96 put_le16(p + 6, s->sectors); 97 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 98 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 99 put_le16(p + 21, 512); /* cache size in sectors */ 100 put_le16(p + 22, 4); /* ecc bytes */ 101 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 102 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 103 #if MAX_MULT_SECTORS > 1 104 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 105 #endif 106 put_le16(p + 48, 1); /* dword I/O */ 107 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 108 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 109 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 110 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 111 put_le16(p + 54, s->cylinders); 112 put_le16(p + 55, s->heads); 113 put_le16(p + 56, s->sectors); 114 oldsize = s->cylinders * s->heads * s->sectors; 115 put_le16(p + 57, oldsize); 116 put_le16(p + 58, oldsize >> 16); 117 if (s->mult_sectors) 118 put_le16(p + 59, 0x100 | s->mult_sectors); 119 put_le16(p + 60, s->nb_sectors); 120 put_le16(p + 61, s->nb_sectors >> 16); 121 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 122 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 123 put_le16(p + 64, 0x03); /* pio3-4 supported */ 124 put_le16(p + 65, 120); 125 put_le16(p + 66, 120); 126 put_le16(p + 67, 120); 127 put_le16(p + 68, 120); 128 if (dev && dev->conf.discard_granularity) { 129 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ 130 } 131 132 if (s->ncq_queues) { 133 put_le16(p + 75, s->ncq_queues - 1); 134 /* NCQ supported */ 135 put_le16(p + 76, (1 << 8)); 136 } 137 138 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 139 put_le16(p + 81, 0x16); /* conforms to ata5 */ 140 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */ 141 put_le16(p + 82, (1 << 14) | (1 << 5) | 1); 142 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 143 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 144 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 145 if (s->wwn) { 146 put_le16(p + 84, (1 << 14) | (1 << 8) | 0); 147 } else { 148 put_le16(p + 84, (1 << 14) | 0); 149 } 150 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 151 if (bdrv_enable_write_cache(s->bs)) 152 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 153 else 154 put_le16(p + 85, (1 << 14) | 1); 155 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 156 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10)); 157 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 158 if (s->wwn) { 159 put_le16(p + 87, (1 << 14) | (1 << 8) | 0); 160 } else { 161 put_le16(p + 87, (1 << 14) | 0); 162 } 163 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 164 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 165 put_le16(p + 100, s->nb_sectors); 166 put_le16(p + 101, s->nb_sectors >> 16); 167 put_le16(p + 102, s->nb_sectors >> 32); 168 put_le16(p + 103, s->nb_sectors >> 48); 169 170 if (dev && dev->conf.physical_block_size) 171 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 172 if (s->wwn) { 173 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 174 put_le16(p + 108, s->wwn >> 48); 175 put_le16(p + 109, s->wwn >> 32); 176 put_le16(p + 110, s->wwn >> 16); 177 put_le16(p + 111, s->wwn); 178 } 179 if (dev && dev->conf.discard_granularity) { 180 put_le16(p + 169, 1); /* TRIM support */ 181 } 182 183 memcpy(s->identify_data, p, sizeof(s->identify_data)); 184 s->identify_set = 1; 185 } 186 187 static void ide_atapi_identify(IDEState *s) 188 { 189 uint16_t *p; 190 191 if (s->identify_set) { 192 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 193 return; 194 } 195 196 memset(s->io_buffer, 0, 512); 197 p = (uint16_t *)s->io_buffer; 198 /* Removable CDROM, 50us response, 12 byte packets */ 199 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 200 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 201 put_le16(p + 20, 3); /* buffer type */ 202 put_le16(p + 21, 512); /* cache size in sectors */ 203 put_le16(p + 22, 4); /* ecc bytes */ 204 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 205 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 206 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 207 #ifdef USE_DMA_CDROM 208 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 209 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 210 put_le16(p + 62, 7); /* single word dma0-2 supported */ 211 put_le16(p + 63, 7); /* mdma0-2 supported */ 212 #else 213 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 214 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 215 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 216 #endif 217 put_le16(p + 64, 3); /* pio3-4 supported */ 218 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 219 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 220 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 221 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 222 223 put_le16(p + 71, 30); /* in ns */ 224 put_le16(p + 72, 30); /* in ns */ 225 226 if (s->ncq_queues) { 227 put_le16(p + 75, s->ncq_queues - 1); 228 /* NCQ supported */ 229 put_le16(p + 76, (1 << 8)); 230 } 231 232 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 233 #ifdef USE_DMA_CDROM 234 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 235 #endif 236 memcpy(s->identify_data, p, sizeof(s->identify_data)); 237 s->identify_set = 1; 238 } 239 240 static void ide_cfata_identify(IDEState *s) 241 { 242 uint16_t *p; 243 uint32_t cur_sec; 244 245 p = (uint16_t *) s->identify_data; 246 if (s->identify_set) 247 goto fill_buffer; 248 249 memset(p, 0, sizeof(s->identify_data)); 250 251 cur_sec = s->cylinders * s->heads * s->sectors; 252 253 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 254 put_le16(p + 1, s->cylinders); /* Default cylinders */ 255 put_le16(p + 3, s->heads); /* Default heads */ 256 put_le16(p + 6, s->sectors); /* Default sectors per track */ 257 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 258 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 259 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 260 put_le16(p + 22, 0x0004); /* ECC bytes */ 261 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 262 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */ 263 #if MAX_MULT_SECTORS > 1 264 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 265 #else 266 put_le16(p + 47, 0x0000); 267 #endif 268 put_le16(p + 49, 0x0f00); /* Capabilities */ 269 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 270 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 271 put_le16(p + 53, 0x0003); /* Translation params valid */ 272 put_le16(p + 54, s->cylinders); /* Current cylinders */ 273 put_le16(p + 55, s->heads); /* Current heads */ 274 put_le16(p + 56, s->sectors); /* Current sectors */ 275 put_le16(p + 57, cur_sec); /* Current capacity */ 276 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 277 if (s->mult_sectors) /* Multiple sector setting */ 278 put_le16(p + 59, 0x100 | s->mult_sectors); 279 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 280 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 281 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 282 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 283 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 284 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 285 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 286 put_le16(p + 82, 0x400c); /* Command Set supported */ 287 put_le16(p + 83, 0x7068); /* Command Set supported */ 288 put_le16(p + 84, 0x4000); /* Features supported */ 289 put_le16(p + 85, 0x000c); /* Command Set enabled */ 290 put_le16(p + 86, 0x7044); /* Command Set enabled */ 291 put_le16(p + 87, 0x4000); /* Features enabled */ 292 put_le16(p + 91, 0x4060); /* Current APM level */ 293 put_le16(p + 129, 0x0002); /* Current features option */ 294 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 295 put_le16(p + 131, 0x0001); /* Initial power mode */ 296 put_le16(p + 132, 0x0000); /* User signature */ 297 put_le16(p + 160, 0x8100); /* Power requirement */ 298 put_le16(p + 161, 0x8001); /* CF command set */ 299 300 s->identify_set = 1; 301 302 fill_buffer: 303 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 304 } 305 306 static void ide_set_signature(IDEState *s) 307 { 308 s->select &= 0xf0; /* clear head */ 309 /* put signature */ 310 s->nsector = 1; 311 s->sector = 1; 312 if (s->drive_kind == IDE_CD) { 313 s->lcyl = 0x14; 314 s->hcyl = 0xeb; 315 } else if (s->bs) { 316 s->lcyl = 0; 317 s->hcyl = 0; 318 } else { 319 s->lcyl = 0xff; 320 s->hcyl = 0xff; 321 } 322 } 323 324 typedef struct TrimAIOCB { 325 BlockDriverAIOCB common; 326 QEMUBH *bh; 327 int ret; 328 QEMUIOVector *qiov; 329 BlockDriverAIOCB *aiocb; 330 int i, j; 331 } TrimAIOCB; 332 333 static void trim_aio_cancel(BlockDriverAIOCB *acb) 334 { 335 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); 336 337 /* Exit the loop in case bdrv_aio_cancel calls ide_issue_trim_cb again. */ 338 iocb->j = iocb->qiov->niov - 1; 339 iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1; 340 341 /* Tell ide_issue_trim_cb not to trigger the completion, too. */ 342 qemu_bh_delete(iocb->bh); 343 iocb->bh = NULL; 344 345 if (iocb->aiocb) { 346 bdrv_aio_cancel(iocb->aiocb); 347 } 348 qemu_aio_release(iocb); 349 } 350 351 static const AIOCBInfo trim_aiocb_info = { 352 .aiocb_size = sizeof(TrimAIOCB), 353 .cancel = trim_aio_cancel, 354 }; 355 356 static void ide_trim_bh_cb(void *opaque) 357 { 358 TrimAIOCB *iocb = opaque; 359 360 iocb->common.cb(iocb->common.opaque, iocb->ret); 361 362 qemu_bh_delete(iocb->bh); 363 iocb->bh = NULL; 364 qemu_aio_release(iocb); 365 } 366 367 static void ide_issue_trim_cb(void *opaque, int ret) 368 { 369 TrimAIOCB *iocb = opaque; 370 if (ret >= 0) { 371 while (iocb->j < iocb->qiov->niov) { 372 int j = iocb->j; 373 while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) { 374 int i = iocb->i; 375 uint64_t *buffer = iocb->qiov->iov[j].iov_base; 376 377 /* 6-byte LBA + 2-byte range per entry */ 378 uint64_t entry = le64_to_cpu(buffer[i]); 379 uint64_t sector = entry & 0x0000ffffffffffffULL; 380 uint16_t count = entry >> 48; 381 382 if (count == 0) { 383 continue; 384 } 385 386 /* Got an entry! Submit and exit. */ 387 iocb->aiocb = bdrv_aio_discard(iocb->common.bs, sector, count, 388 ide_issue_trim_cb, opaque); 389 return; 390 } 391 392 iocb->j++; 393 iocb->i = -1; 394 } 395 } else { 396 iocb->ret = ret; 397 } 398 399 iocb->aiocb = NULL; 400 if (iocb->bh) { 401 qemu_bh_schedule(iocb->bh); 402 } 403 } 404 405 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs, 406 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors, 407 BlockDriverCompletionFunc *cb, void *opaque) 408 { 409 TrimAIOCB *iocb; 410 411 iocb = qemu_aio_get(&trim_aiocb_info, bs, cb, opaque); 412 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); 413 iocb->ret = 0; 414 iocb->qiov = qiov; 415 iocb->i = -1; 416 iocb->j = 0; 417 ide_issue_trim_cb(iocb, 0); 418 return &iocb->common; 419 } 420 421 static inline void ide_abort_command(IDEState *s) 422 { 423 s->status = READY_STAT | ERR_STAT; 424 s->error = ABRT_ERR; 425 } 426 427 /* prepare data transfer and tell what to do after */ 428 void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 429 EndTransferFunc *end_transfer_func) 430 { 431 s->end_transfer_func = end_transfer_func; 432 s->data_ptr = buf; 433 s->data_end = buf + size; 434 if (!(s->status & ERR_STAT)) { 435 s->status |= DRQ_STAT; 436 } 437 s->bus->dma->ops->start_transfer(s->bus->dma); 438 } 439 440 void ide_transfer_stop(IDEState *s) 441 { 442 s->end_transfer_func = ide_transfer_stop; 443 s->data_ptr = s->io_buffer; 444 s->data_end = s->io_buffer; 445 s->status &= ~DRQ_STAT; 446 } 447 448 int64_t ide_get_sector(IDEState *s) 449 { 450 int64_t sector_num; 451 if (s->select & 0x40) { 452 /* lba */ 453 if (!s->lba48) { 454 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 455 (s->lcyl << 8) | s->sector; 456 } else { 457 sector_num = ((int64_t)s->hob_hcyl << 40) | 458 ((int64_t) s->hob_lcyl << 32) | 459 ((int64_t) s->hob_sector << 24) | 460 ((int64_t) s->hcyl << 16) | 461 ((int64_t) s->lcyl << 8) | s->sector; 462 } 463 } else { 464 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 465 (s->select & 0x0f) * s->sectors + (s->sector - 1); 466 } 467 return sector_num; 468 } 469 470 void ide_set_sector(IDEState *s, int64_t sector_num) 471 { 472 unsigned int cyl, r; 473 if (s->select & 0x40) { 474 if (!s->lba48) { 475 s->select = (s->select & 0xf0) | (sector_num >> 24); 476 s->hcyl = (sector_num >> 16); 477 s->lcyl = (sector_num >> 8); 478 s->sector = (sector_num); 479 } else { 480 s->sector = sector_num; 481 s->lcyl = sector_num >> 8; 482 s->hcyl = sector_num >> 16; 483 s->hob_sector = sector_num >> 24; 484 s->hob_lcyl = sector_num >> 32; 485 s->hob_hcyl = sector_num >> 40; 486 } 487 } else { 488 cyl = sector_num / (s->heads * s->sectors); 489 r = sector_num % (s->heads * s->sectors); 490 s->hcyl = cyl >> 8; 491 s->lcyl = cyl; 492 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 493 s->sector = (r % s->sectors) + 1; 494 } 495 } 496 497 static void ide_rw_error(IDEState *s) { 498 ide_abort_command(s); 499 ide_set_irq(s->bus); 500 } 501 502 static void ide_sector_read_cb(void *opaque, int ret) 503 { 504 IDEState *s = opaque; 505 int n; 506 507 s->pio_aiocb = NULL; 508 s->status &= ~BUSY_STAT; 509 510 bdrv_acct_done(s->bs, &s->acct); 511 if (ret != 0) { 512 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY | 513 BM_STATUS_RETRY_READ)) { 514 return; 515 } 516 } 517 518 n = s->nsector; 519 if (n > s->req_nb_sectors) { 520 n = s->req_nb_sectors; 521 } 522 523 /* Allow the guest to read the io_buffer */ 524 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read); 525 526 ide_set_irq(s->bus); 527 528 ide_set_sector(s, ide_get_sector(s) + n); 529 s->nsector -= n; 530 } 531 532 void ide_sector_read(IDEState *s) 533 { 534 int64_t sector_num; 535 int n; 536 537 s->status = READY_STAT | SEEK_STAT; 538 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 539 sector_num = ide_get_sector(s); 540 n = s->nsector; 541 542 if (n == 0) { 543 ide_transfer_stop(s); 544 return; 545 } 546 547 s->status |= BUSY_STAT; 548 549 if (n > s->req_nb_sectors) { 550 n = s->req_nb_sectors; 551 } 552 553 #if defined(DEBUG_IDE) 554 printf("sector=%" PRId64 "\n", sector_num); 555 #endif 556 557 s->iov.iov_base = s->io_buffer; 558 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 559 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 560 561 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 562 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n, 563 ide_sector_read_cb, s); 564 } 565 566 static void dma_buf_commit(IDEState *s) 567 { 568 qemu_sglist_destroy(&s->sg); 569 } 570 571 void ide_set_inactive(IDEState *s) 572 { 573 s->bus->dma->aiocb = NULL; 574 s->bus->dma->ops->set_inactive(s->bus->dma); 575 } 576 577 void ide_dma_error(IDEState *s) 578 { 579 ide_transfer_stop(s); 580 s->error = ABRT_ERR; 581 s->status = READY_STAT | ERR_STAT; 582 ide_set_inactive(s); 583 ide_set_irq(s->bus); 584 } 585 586 static int ide_handle_rw_error(IDEState *s, int error, int op) 587 { 588 bool is_read = (op & BM_STATUS_RETRY_READ) != 0; 589 BlockErrorAction action = bdrv_get_error_action(s->bs, is_read, error); 590 591 if (action == BDRV_ACTION_STOP) { 592 s->bus->dma->ops->set_unit(s->bus->dma, s->unit); 593 s->bus->error_status = op; 594 } else if (action == BDRV_ACTION_REPORT) { 595 if (op & BM_STATUS_DMA_RETRY) { 596 dma_buf_commit(s); 597 ide_dma_error(s); 598 } else { 599 ide_rw_error(s); 600 } 601 } 602 bdrv_error_action(s->bs, action, is_read, error); 603 return action != BDRV_ACTION_IGNORE; 604 } 605 606 void ide_dma_cb(void *opaque, int ret) 607 { 608 IDEState *s = opaque; 609 int n; 610 int64_t sector_num; 611 bool stay_active = false; 612 613 if (ret < 0) { 614 int op = BM_STATUS_DMA_RETRY; 615 616 if (s->dma_cmd == IDE_DMA_READ) 617 op |= BM_STATUS_RETRY_READ; 618 else if (s->dma_cmd == IDE_DMA_TRIM) 619 op |= BM_STATUS_RETRY_TRIM; 620 621 if (ide_handle_rw_error(s, -ret, op)) { 622 return; 623 } 624 } 625 626 n = s->io_buffer_size >> 9; 627 if (n > s->nsector) { 628 /* The PRDs were longer than needed for this request. Shorten them so 629 * we don't get a negative remainder. The Active bit must remain set 630 * after the request completes. */ 631 n = s->nsector; 632 stay_active = true; 633 } 634 635 sector_num = ide_get_sector(s); 636 if (n > 0) { 637 dma_buf_commit(s); 638 sector_num += n; 639 ide_set_sector(s, sector_num); 640 s->nsector -= n; 641 } 642 643 /* end of transfer ? */ 644 if (s->nsector == 0) { 645 s->status = READY_STAT | SEEK_STAT; 646 ide_set_irq(s->bus); 647 goto eot; 648 } 649 650 /* launch next transfer */ 651 n = s->nsector; 652 s->io_buffer_index = 0; 653 s->io_buffer_size = n * 512; 654 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) { 655 /* The PRDs were too short. Reset the Active bit, but don't raise an 656 * interrupt. */ 657 s->status = READY_STAT | SEEK_STAT; 658 goto eot; 659 } 660 661 #ifdef DEBUG_AIO 662 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n", 663 sector_num, n, s->dma_cmd); 664 #endif 665 666 switch (s->dma_cmd) { 667 case IDE_DMA_READ: 668 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, 669 ide_dma_cb, s); 670 break; 671 case IDE_DMA_WRITE: 672 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, 673 ide_dma_cb, s); 674 break; 675 case IDE_DMA_TRIM: 676 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num, 677 ide_issue_trim, ide_dma_cb, s, 678 DMA_DIRECTION_TO_DEVICE); 679 break; 680 } 681 return; 682 683 eot: 684 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) { 685 bdrv_acct_done(s->bs, &s->acct); 686 } 687 ide_set_inactive(s); 688 if (stay_active) { 689 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_DMAING); 690 } 691 } 692 693 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 694 { 695 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; 696 s->io_buffer_index = 0; 697 s->io_buffer_size = 0; 698 s->dma_cmd = dma_cmd; 699 700 switch (dma_cmd) { 701 case IDE_DMA_READ: 702 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 703 BDRV_ACCT_READ); 704 break; 705 case IDE_DMA_WRITE: 706 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 707 BDRV_ACCT_WRITE); 708 break; 709 default: 710 break; 711 } 712 713 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb); 714 } 715 716 static void ide_sector_write_timer_cb(void *opaque) 717 { 718 IDEState *s = opaque; 719 ide_set_irq(s->bus); 720 } 721 722 static void ide_sector_write_cb(void *opaque, int ret) 723 { 724 IDEState *s = opaque; 725 int n; 726 727 bdrv_acct_done(s->bs, &s->acct); 728 729 s->pio_aiocb = NULL; 730 s->status &= ~BUSY_STAT; 731 732 if (ret != 0) { 733 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) { 734 return; 735 } 736 } 737 738 n = s->nsector; 739 if (n > s->req_nb_sectors) { 740 n = s->req_nb_sectors; 741 } 742 s->nsector -= n; 743 if (s->nsector == 0) { 744 /* no more sectors to write */ 745 ide_transfer_stop(s); 746 } else { 747 int n1 = s->nsector; 748 if (n1 > s->req_nb_sectors) { 749 n1 = s->req_nb_sectors; 750 } 751 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE, 752 ide_sector_write); 753 } 754 ide_set_sector(s, ide_get_sector(s) + n); 755 756 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 757 /* It seems there is a bug in the Windows 2000 installer HDD 758 IDE driver which fills the disk with empty logs when the 759 IDE write IRQ comes too early. This hack tries to correct 760 that at the expense of slower write performances. Use this 761 option _only_ to install Windows 2000. You must disable it 762 for normal use. */ 763 qemu_mod_timer(s->sector_write_timer, 764 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000)); 765 } else { 766 ide_set_irq(s->bus); 767 } 768 } 769 770 void ide_sector_write(IDEState *s) 771 { 772 int64_t sector_num; 773 int n; 774 775 s->status = READY_STAT | SEEK_STAT | BUSY_STAT; 776 sector_num = ide_get_sector(s); 777 #if defined(DEBUG_IDE) 778 printf("sector=%" PRId64 "\n", sector_num); 779 #endif 780 n = s->nsector; 781 if (n > s->req_nb_sectors) { 782 n = s->req_nb_sectors; 783 } 784 785 s->iov.iov_base = s->io_buffer; 786 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 787 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 788 789 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 790 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n, 791 ide_sector_write_cb, s); 792 } 793 794 static void ide_flush_cb(void *opaque, int ret) 795 { 796 IDEState *s = opaque; 797 798 if (ret < 0) { 799 /* XXX: What sector number to set here? */ 800 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) { 801 return; 802 } 803 } 804 805 bdrv_acct_done(s->bs, &s->acct); 806 s->status = READY_STAT | SEEK_STAT; 807 ide_set_irq(s->bus); 808 } 809 810 void ide_flush_cache(IDEState *s) 811 { 812 if (s->bs == NULL) { 813 ide_flush_cb(s, 0); 814 return; 815 } 816 817 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH); 818 bdrv_aio_flush(s->bs, ide_flush_cb, s); 819 } 820 821 static void ide_cfata_metadata_inquiry(IDEState *s) 822 { 823 uint16_t *p; 824 uint32_t spd; 825 826 p = (uint16_t *) s->io_buffer; 827 memset(p, 0, 0x200); 828 spd = ((s->mdata_size - 1) >> 9) + 1; 829 830 put_le16(p + 0, 0x0001); /* Data format revision */ 831 put_le16(p + 1, 0x0000); /* Media property: silicon */ 832 put_le16(p + 2, s->media_changed); /* Media status */ 833 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 834 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 835 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 836 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 837 } 838 839 static void ide_cfata_metadata_read(IDEState *s) 840 { 841 uint16_t *p; 842 843 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 844 s->status = ERR_STAT; 845 s->error = ABRT_ERR; 846 return; 847 } 848 849 p = (uint16_t *) s->io_buffer; 850 memset(p, 0, 0x200); 851 852 put_le16(p + 0, s->media_changed); /* Media status */ 853 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 854 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 855 s->nsector << 9), 0x200 - 2)); 856 } 857 858 static void ide_cfata_metadata_write(IDEState *s) 859 { 860 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 861 s->status = ERR_STAT; 862 s->error = ABRT_ERR; 863 return; 864 } 865 866 s->media_changed = 0; 867 868 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 869 s->io_buffer + 2, 870 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 871 s->nsector << 9), 0x200 - 2)); 872 } 873 874 /* called when the inserted state of the media has changed */ 875 static void ide_cd_change_cb(void *opaque, bool load) 876 { 877 IDEState *s = opaque; 878 uint64_t nb_sectors; 879 880 s->tray_open = !load; 881 bdrv_get_geometry(s->bs, &nb_sectors); 882 s->nb_sectors = nb_sectors; 883 884 /* 885 * First indicate to the guest that a CD has been removed. That's 886 * done on the next command the guest sends us. 887 * 888 * Then we set UNIT_ATTENTION, by which the guest will 889 * detect a new CD in the drive. See ide_atapi_cmd() for details. 890 */ 891 s->cdrom_changed = 1; 892 s->events.new_media = true; 893 s->events.eject_request = false; 894 ide_set_irq(s->bus); 895 } 896 897 static void ide_cd_eject_request_cb(void *opaque, bool force) 898 { 899 IDEState *s = opaque; 900 901 s->events.eject_request = true; 902 if (force) { 903 s->tray_locked = false; 904 } 905 ide_set_irq(s->bus); 906 } 907 908 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 909 { 910 s->lba48 = lba48; 911 912 /* handle the 'magic' 0 nsector count conversion here. to avoid 913 * fiddling with the rest of the read logic, we just store the 914 * full sector count in ->nsector and ignore ->hob_nsector from now 915 */ 916 if (!s->lba48) { 917 if (!s->nsector) 918 s->nsector = 256; 919 } else { 920 if (!s->nsector && !s->hob_nsector) 921 s->nsector = 65536; 922 else { 923 int lo = s->nsector; 924 int hi = s->hob_nsector; 925 926 s->nsector = (hi << 8) | lo; 927 } 928 } 929 } 930 931 static void ide_clear_hob(IDEBus *bus) 932 { 933 /* any write clears HOB high bit of device control register */ 934 bus->ifs[0].select &= ~(1 << 7); 935 bus->ifs[1].select &= ~(1 << 7); 936 } 937 938 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 939 { 940 IDEBus *bus = opaque; 941 942 #ifdef DEBUG_IDE 943 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val); 944 #endif 945 946 addr &= 7; 947 948 /* ignore writes to command block while busy with previous command */ 949 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT))) 950 return; 951 952 switch(addr) { 953 case 0: 954 break; 955 case 1: 956 ide_clear_hob(bus); 957 /* NOTE: data is written to the two drives */ 958 bus->ifs[0].hob_feature = bus->ifs[0].feature; 959 bus->ifs[1].hob_feature = bus->ifs[1].feature; 960 bus->ifs[0].feature = val; 961 bus->ifs[1].feature = val; 962 break; 963 case 2: 964 ide_clear_hob(bus); 965 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 966 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 967 bus->ifs[0].nsector = val; 968 bus->ifs[1].nsector = val; 969 break; 970 case 3: 971 ide_clear_hob(bus); 972 bus->ifs[0].hob_sector = bus->ifs[0].sector; 973 bus->ifs[1].hob_sector = bus->ifs[1].sector; 974 bus->ifs[0].sector = val; 975 bus->ifs[1].sector = val; 976 break; 977 case 4: 978 ide_clear_hob(bus); 979 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 980 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 981 bus->ifs[0].lcyl = val; 982 bus->ifs[1].lcyl = val; 983 break; 984 case 5: 985 ide_clear_hob(bus); 986 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 987 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 988 bus->ifs[0].hcyl = val; 989 bus->ifs[1].hcyl = val; 990 break; 991 case 6: 992 /* FIXME: HOB readback uses bit 7 */ 993 bus->ifs[0].select = (val & ~0x10) | 0xa0; 994 bus->ifs[1].select = (val | 0x10) | 0xa0; 995 /* select drive */ 996 bus->unit = (val >> 4) & 1; 997 break; 998 default: 999 case 7: 1000 /* command */ 1001 ide_exec_cmd(bus, val); 1002 break; 1003 } 1004 } 1005 1006 #define HD_OK (1u << IDE_HD) 1007 #define CD_OK (1u << IDE_CD) 1008 #define CFA_OK (1u << IDE_CFATA) 1009 #define HD_CFA_OK (HD_OK | CFA_OK) 1010 #define ALL_OK (HD_OK | CD_OK | CFA_OK) 1011 1012 /* See ACS-2 T13/2015-D Table B.2 Command codes */ 1013 static const uint8_t ide_cmd_table[0x100] = { 1014 /* NOP not implemented, mandatory for CD */ 1015 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK, 1016 [WIN_DSM] = ALL_OK, 1017 [WIN_DEVICE_RESET] = CD_OK, 1018 [WIN_RECAL] = HD_CFA_OK, 1019 [WIN_READ] = ALL_OK, 1020 [WIN_READ_ONCE] = ALL_OK, 1021 [WIN_READ_EXT] = HD_CFA_OK, 1022 [WIN_READDMA_EXT] = HD_CFA_OK, 1023 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK, 1024 [WIN_MULTREAD_EXT] = HD_CFA_OK, 1025 [WIN_WRITE] = HD_CFA_OK, 1026 [WIN_WRITE_ONCE] = HD_CFA_OK, 1027 [WIN_WRITE_EXT] = HD_CFA_OK, 1028 [WIN_WRITEDMA_EXT] = HD_CFA_OK, 1029 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK, 1030 [WIN_MULTWRITE_EXT] = HD_CFA_OK, 1031 [WIN_WRITE_VERIFY] = HD_CFA_OK, 1032 [WIN_VERIFY] = HD_CFA_OK, 1033 [WIN_VERIFY_ONCE] = HD_CFA_OK, 1034 [WIN_VERIFY_EXT] = HD_CFA_OK, 1035 [WIN_SEEK] = HD_CFA_OK, 1036 [CFA_TRANSLATE_SECTOR] = CFA_OK, 1037 [WIN_DIAGNOSE] = ALL_OK, 1038 [WIN_SPECIFY] = HD_CFA_OK, 1039 [WIN_STANDBYNOW2] = ALL_OK, 1040 [WIN_IDLEIMMEDIATE2] = ALL_OK, 1041 [WIN_STANDBY2] = ALL_OK, 1042 [WIN_SETIDLE2] = ALL_OK, 1043 [WIN_CHECKPOWERMODE2] = ALL_OK, 1044 [WIN_SLEEPNOW2] = ALL_OK, 1045 [WIN_PACKETCMD] = CD_OK, 1046 [WIN_PIDENTIFY] = CD_OK, 1047 [WIN_SMART] = HD_CFA_OK, 1048 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK, 1049 [CFA_ERASE_SECTORS] = CFA_OK, 1050 [WIN_MULTREAD] = HD_CFA_OK, 1051 [WIN_MULTWRITE] = HD_CFA_OK, 1052 [WIN_SETMULT] = HD_CFA_OK, 1053 [WIN_READDMA] = HD_CFA_OK, 1054 [WIN_READDMA_ONCE] = HD_CFA_OK, 1055 [WIN_WRITEDMA] = HD_CFA_OK, 1056 [WIN_WRITEDMA_ONCE] = HD_CFA_OK, 1057 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK, 1058 [WIN_STANDBYNOW1] = ALL_OK, 1059 [WIN_IDLEIMMEDIATE] = ALL_OK, 1060 [WIN_STANDBY] = ALL_OK, 1061 [WIN_SETIDLE1] = ALL_OK, 1062 [WIN_CHECKPOWERMODE1] = ALL_OK, 1063 [WIN_SLEEPNOW1] = ALL_OK, 1064 [WIN_FLUSH_CACHE] = ALL_OK, 1065 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK, 1066 [WIN_IDENTIFY] = ALL_OK, 1067 [WIN_SETFEATURES] = ALL_OK, 1068 [IBM_SENSE_CONDITION] = CFA_OK, 1069 [CFA_WEAR_LEVEL] = HD_CFA_OK, 1070 [WIN_READ_NATIVE_MAX] = ALL_OK, 1071 }; 1072 1073 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) 1074 { 1075 return cmd < ARRAY_SIZE(ide_cmd_table) 1076 && (ide_cmd_table[cmd] & (1u << s->drive_kind)); 1077 } 1078 1079 void ide_exec_cmd(IDEBus *bus, uint32_t val) 1080 { 1081 uint16_t *identify_data; 1082 IDEState *s; 1083 int n; 1084 int lba48 = 0; 1085 1086 #if defined(DEBUG_IDE) 1087 printf("ide: CMD=%02x\n", val); 1088 #endif 1089 s = idebus_active_if(bus); 1090 /* ignore commands to non existent slave */ 1091 if (s != bus->ifs && !s->bs) 1092 return; 1093 1094 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */ 1095 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET) 1096 return; 1097 1098 if (!ide_cmd_permitted(s, val)) { 1099 goto abort_cmd; 1100 } 1101 1102 switch(val) { 1103 case WIN_DSM: 1104 switch (s->feature) { 1105 case DSM_TRIM: 1106 if (!s->bs) { 1107 goto abort_cmd; 1108 } 1109 ide_sector_start_dma(s, IDE_DMA_TRIM); 1110 break; 1111 default: 1112 goto abort_cmd; 1113 } 1114 break; 1115 case WIN_IDENTIFY: 1116 if (s->bs && s->drive_kind != IDE_CD) { 1117 if (s->drive_kind != IDE_CFATA) 1118 ide_identify(s); 1119 else 1120 ide_cfata_identify(s); 1121 s->status = READY_STAT | SEEK_STAT; 1122 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1123 } else { 1124 if (s->drive_kind == IDE_CD) { 1125 ide_set_signature(s); 1126 } 1127 ide_abort_command(s); 1128 } 1129 ide_set_irq(s->bus); 1130 break; 1131 case WIN_SPECIFY: 1132 case WIN_RECAL: 1133 s->error = 0; 1134 s->status = READY_STAT | SEEK_STAT; 1135 ide_set_irq(s->bus); 1136 break; 1137 case WIN_SETMULT: 1138 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1139 /* Disable Read and Write Multiple */ 1140 s->mult_sectors = 0; 1141 s->status = READY_STAT | SEEK_STAT; 1142 } else if ((s->nsector & 0xff) != 0 && 1143 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1144 (s->nsector & (s->nsector - 1)) != 0)) { 1145 ide_abort_command(s); 1146 } else { 1147 s->mult_sectors = s->nsector & 0xff; 1148 s->status = READY_STAT | SEEK_STAT; 1149 } 1150 ide_set_irq(s->bus); 1151 break; 1152 1153 case WIN_VERIFY_EXT: 1154 lba48 = 1; 1155 /* fall through */ 1156 case WIN_VERIFY: 1157 case WIN_VERIFY_ONCE: 1158 /* do sector number check ? */ 1159 ide_cmd_lba48_transform(s, lba48); 1160 s->status = READY_STAT | SEEK_STAT; 1161 ide_set_irq(s->bus); 1162 break; 1163 1164 case WIN_READ_EXT: 1165 lba48 = 1; 1166 /* fall through */ 1167 case WIN_READ: 1168 case WIN_READ_ONCE: 1169 if (s->drive_kind == IDE_CD) { 1170 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */ 1171 goto abort_cmd; 1172 } 1173 if (!s->bs) { 1174 goto abort_cmd; 1175 } 1176 ide_cmd_lba48_transform(s, lba48); 1177 s->req_nb_sectors = 1; 1178 ide_sector_read(s); 1179 break; 1180 1181 case WIN_WRITE_EXT: 1182 lba48 = 1; 1183 /* fall through */ 1184 case WIN_WRITE: 1185 case WIN_WRITE_ONCE: 1186 case CFA_WRITE_SECT_WO_ERASE: 1187 case WIN_WRITE_VERIFY: 1188 if (!s->bs) { 1189 goto abort_cmd; 1190 } 1191 ide_cmd_lba48_transform(s, lba48); 1192 s->error = 0; 1193 s->status = SEEK_STAT | READY_STAT; 1194 s->req_nb_sectors = 1; 1195 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1196 s->media_changed = 1; 1197 break; 1198 1199 case WIN_MULTREAD_EXT: 1200 lba48 = 1; 1201 /* fall through */ 1202 case WIN_MULTREAD: 1203 if (!s->bs) { 1204 goto abort_cmd; 1205 } 1206 if (!s->mult_sectors) { 1207 goto abort_cmd; 1208 } 1209 ide_cmd_lba48_transform(s, lba48); 1210 s->req_nb_sectors = s->mult_sectors; 1211 ide_sector_read(s); 1212 break; 1213 1214 case WIN_MULTWRITE_EXT: 1215 lba48 = 1; 1216 /* fall through */ 1217 case WIN_MULTWRITE: 1218 case CFA_WRITE_MULTI_WO_ERASE: 1219 if (!s->bs) { 1220 goto abort_cmd; 1221 } 1222 if (!s->mult_sectors) { 1223 goto abort_cmd; 1224 } 1225 ide_cmd_lba48_transform(s, lba48); 1226 s->error = 0; 1227 s->status = SEEK_STAT | READY_STAT; 1228 s->req_nb_sectors = s->mult_sectors; 1229 n = s->nsector; 1230 if (n > s->req_nb_sectors) 1231 n = s->req_nb_sectors; 1232 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1233 s->media_changed = 1; 1234 break; 1235 1236 case WIN_READDMA_EXT: 1237 lba48 = 1; 1238 /* fall through */ 1239 case WIN_READDMA: 1240 case WIN_READDMA_ONCE: 1241 if (!s->bs) { 1242 goto abort_cmd; 1243 } 1244 ide_cmd_lba48_transform(s, lba48); 1245 ide_sector_start_dma(s, IDE_DMA_READ); 1246 break; 1247 1248 case WIN_WRITEDMA_EXT: 1249 lba48 = 1; 1250 /* fall through */ 1251 case WIN_WRITEDMA: 1252 case WIN_WRITEDMA_ONCE: 1253 if (!s->bs) { 1254 goto abort_cmd; 1255 } 1256 ide_cmd_lba48_transform(s, lba48); 1257 ide_sector_start_dma(s, IDE_DMA_WRITE); 1258 s->media_changed = 1; 1259 break; 1260 1261 case WIN_READ_NATIVE_MAX_EXT: 1262 lba48 = 1; 1263 /* fall through */ 1264 case WIN_READ_NATIVE_MAX: 1265 ide_cmd_lba48_transform(s, lba48); 1266 ide_set_sector(s, s->nb_sectors - 1); 1267 s->status = READY_STAT | SEEK_STAT; 1268 ide_set_irq(s->bus); 1269 break; 1270 1271 case WIN_CHECKPOWERMODE1: 1272 case WIN_CHECKPOWERMODE2: 1273 s->error = 0; 1274 s->nsector = 0xff; /* device active or idle */ 1275 s->status = READY_STAT | SEEK_STAT; 1276 ide_set_irq(s->bus); 1277 break; 1278 case WIN_SETFEATURES: 1279 if (!s->bs) 1280 goto abort_cmd; 1281 /* XXX: valid for CDROM ? */ 1282 switch(s->feature) { 1283 case 0x02: /* write cache enable */ 1284 bdrv_set_enable_write_cache(s->bs, true); 1285 identify_data = (uint16_t *)s->identify_data; 1286 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1); 1287 s->status = READY_STAT | SEEK_STAT; 1288 ide_set_irq(s->bus); 1289 break; 1290 case 0x82: /* write cache disable */ 1291 bdrv_set_enable_write_cache(s->bs, false); 1292 identify_data = (uint16_t *)s->identify_data; 1293 put_le16(identify_data + 85, (1 << 14) | 1); 1294 ide_flush_cache(s); 1295 break; 1296 case 0xcc: /* reverting to power-on defaults enable */ 1297 case 0x66: /* reverting to power-on defaults disable */ 1298 case 0xaa: /* read look-ahead enable */ 1299 case 0x55: /* read look-ahead disable */ 1300 case 0x05: /* set advanced power management mode */ 1301 case 0x85: /* disable advanced power management mode */ 1302 case 0x69: /* NOP */ 1303 case 0x67: /* NOP */ 1304 case 0x96: /* NOP */ 1305 case 0x9a: /* NOP */ 1306 case 0x42: /* enable Automatic Acoustic Mode */ 1307 case 0xc2: /* disable Automatic Acoustic Mode */ 1308 s->status = READY_STAT | SEEK_STAT; 1309 ide_set_irq(s->bus); 1310 break; 1311 case 0x03: { /* set transfer mode */ 1312 uint8_t val = s->nsector & 0x07; 1313 identify_data = (uint16_t *)s->identify_data; 1314 1315 switch (s->nsector >> 3) { 1316 case 0x00: /* pio default */ 1317 case 0x01: /* pio mode */ 1318 put_le16(identify_data + 62,0x07); 1319 put_le16(identify_data + 63,0x07); 1320 put_le16(identify_data + 88,0x3f); 1321 break; 1322 case 0x02: /* sigle word dma mode*/ 1323 put_le16(identify_data + 62,0x07 | (1 << (val + 8))); 1324 put_le16(identify_data + 63,0x07); 1325 put_le16(identify_data + 88,0x3f); 1326 break; 1327 case 0x04: /* mdma mode */ 1328 put_le16(identify_data + 62,0x07); 1329 put_le16(identify_data + 63,0x07 | (1 << (val + 8))); 1330 put_le16(identify_data + 88,0x3f); 1331 break; 1332 case 0x08: /* udma mode */ 1333 put_le16(identify_data + 62,0x07); 1334 put_le16(identify_data + 63,0x07); 1335 put_le16(identify_data + 88,0x3f | (1 << (val + 8))); 1336 break; 1337 default: 1338 goto abort_cmd; 1339 } 1340 s->status = READY_STAT | SEEK_STAT; 1341 ide_set_irq(s->bus); 1342 break; 1343 } 1344 default: 1345 goto abort_cmd; 1346 } 1347 break; 1348 case WIN_FLUSH_CACHE: 1349 case WIN_FLUSH_CACHE_EXT: 1350 ide_flush_cache(s); 1351 break; 1352 case WIN_STANDBY: 1353 case WIN_STANDBY2: 1354 case WIN_STANDBYNOW1: 1355 case WIN_STANDBYNOW2: 1356 case WIN_IDLEIMMEDIATE: 1357 case WIN_IDLEIMMEDIATE2: 1358 case WIN_SETIDLE1: 1359 case WIN_SETIDLE2: 1360 case WIN_SLEEPNOW1: 1361 case WIN_SLEEPNOW2: 1362 s->status = READY_STAT; 1363 ide_set_irq(s->bus); 1364 break; 1365 case WIN_SEEK: 1366 /* XXX: Check that seek is within bounds */ 1367 s->status = READY_STAT | SEEK_STAT; 1368 ide_set_irq(s->bus); 1369 break; 1370 /* ATAPI commands */ 1371 case WIN_PIDENTIFY: 1372 ide_atapi_identify(s); 1373 s->status = READY_STAT | SEEK_STAT; 1374 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1375 ide_set_irq(s->bus); 1376 break; 1377 case WIN_DIAGNOSE: 1378 ide_set_signature(s); 1379 if (s->drive_kind == IDE_CD) 1380 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 1381 * devices to return a clear status register 1382 * with READY_STAT *not* set. */ 1383 else 1384 s->status = READY_STAT | SEEK_STAT; 1385 s->error = 0x01; /* Device 0 passed, Device 1 passed or not 1386 * present. 1387 */ 1388 ide_set_irq(s->bus); 1389 break; 1390 case WIN_DEVICE_RESET: 1391 ide_set_signature(s); 1392 s->status = 0x00; /* NOTE: READY is _not_ set */ 1393 s->error = 0x01; 1394 break; 1395 case WIN_PACKETCMD: 1396 /* overlapping commands not supported */ 1397 if (s->feature & 0x02) 1398 goto abort_cmd; 1399 s->status = READY_STAT | SEEK_STAT; 1400 s->atapi_dma = s->feature & 1; 1401 s->nsector = 1; 1402 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 1403 ide_atapi_cmd); 1404 break; 1405 /* CF-ATA commands */ 1406 case CFA_REQ_EXT_ERROR_CODE: 1407 s->error = 0x09; /* miscellaneous error */ 1408 s->status = READY_STAT | SEEK_STAT; 1409 ide_set_irq(s->bus); 1410 break; 1411 case CFA_ERASE_SECTORS: 1412 case CFA_WEAR_LEVEL: 1413 #if 0 1414 /* This one has the same ID as CFA_WEAR_LEVEL and is required for 1415 Windows 8 to work with AHCI */ 1416 case WIN_SECURITY_FREEZE_LOCK: 1417 #endif 1418 if (val == CFA_WEAR_LEVEL) 1419 s->nsector = 0; 1420 if (val == CFA_ERASE_SECTORS) 1421 s->media_changed = 1; 1422 s->error = 0x00; 1423 s->status = READY_STAT | SEEK_STAT; 1424 ide_set_irq(s->bus); 1425 break; 1426 case CFA_TRANSLATE_SECTOR: 1427 s->error = 0x00; 1428 s->status = READY_STAT | SEEK_STAT; 1429 memset(s->io_buffer, 0, 0x200); 1430 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 1431 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 1432 s->io_buffer[0x02] = s->select; /* Head */ 1433 s->io_buffer[0x03] = s->sector; /* Sector */ 1434 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 1435 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 1436 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 1437 s->io_buffer[0x13] = 0x00; /* Erase flag */ 1438 s->io_buffer[0x18] = 0x00; /* Hot count */ 1439 s->io_buffer[0x19] = 0x00; /* Hot count */ 1440 s->io_buffer[0x1a] = 0x01; /* Hot count */ 1441 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1442 ide_set_irq(s->bus); 1443 break; 1444 case CFA_ACCESS_METADATA_STORAGE: 1445 switch (s->feature) { 1446 case 0x02: /* Inquiry Metadata Storage */ 1447 ide_cfata_metadata_inquiry(s); 1448 break; 1449 case 0x03: /* Read Metadata Storage */ 1450 ide_cfata_metadata_read(s); 1451 break; 1452 case 0x04: /* Write Metadata Storage */ 1453 ide_cfata_metadata_write(s); 1454 break; 1455 default: 1456 goto abort_cmd; 1457 } 1458 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1459 s->status = 0x00; /* NOTE: READY is _not_ set */ 1460 ide_set_irq(s->bus); 1461 break; 1462 case IBM_SENSE_CONDITION: 1463 switch (s->feature) { 1464 case 0x01: /* sense temperature in device */ 1465 s->nsector = 0x50; /* +20 C */ 1466 break; 1467 default: 1468 goto abort_cmd; 1469 } 1470 s->status = READY_STAT | SEEK_STAT; 1471 ide_set_irq(s->bus); 1472 break; 1473 1474 case WIN_SMART: 1475 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) 1476 goto abort_cmd; 1477 if (!s->smart_enabled && s->feature != SMART_ENABLE) 1478 goto abort_cmd; 1479 switch (s->feature) { 1480 case SMART_DISABLE: 1481 s->smart_enabled = 0; 1482 s->status = READY_STAT | SEEK_STAT; 1483 ide_set_irq(s->bus); 1484 break; 1485 case SMART_ENABLE: 1486 s->smart_enabled = 1; 1487 s->status = READY_STAT | SEEK_STAT; 1488 ide_set_irq(s->bus); 1489 break; 1490 case SMART_ATTR_AUTOSAVE: 1491 switch (s->sector) { 1492 case 0x00: 1493 s->smart_autosave = 0; 1494 break; 1495 case 0xf1: 1496 s->smart_autosave = 1; 1497 break; 1498 default: 1499 goto abort_cmd; 1500 } 1501 s->status = READY_STAT | SEEK_STAT; 1502 ide_set_irq(s->bus); 1503 break; 1504 case SMART_STATUS: 1505 if (!s->smart_errors) { 1506 s->hcyl = 0xc2; 1507 s->lcyl = 0x4f; 1508 } else { 1509 s->hcyl = 0x2c; 1510 s->lcyl = 0xf4; 1511 } 1512 s->status = READY_STAT | SEEK_STAT; 1513 ide_set_irq(s->bus); 1514 break; 1515 case SMART_READ_THRESH: 1516 memset(s->io_buffer, 0, 0x200); 1517 s->io_buffer[0] = 0x01; /* smart struct version */ 1518 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1519 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0]; 1520 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11]; 1521 } 1522 for (n=0; n<511; n++) /* checksum */ 1523 s->io_buffer[511] += s->io_buffer[n]; 1524 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1525 s->status = READY_STAT | SEEK_STAT; 1526 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1527 ide_set_irq(s->bus); 1528 break; 1529 case SMART_READ_DATA: 1530 memset(s->io_buffer, 0, 0x200); 1531 s->io_buffer[0] = 0x01; /* smart struct version */ 1532 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1533 int i; 1534 for(i = 0; i < 11; i++) { 1535 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i]; 1536 } 1537 } 1538 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00); 1539 if (s->smart_selftest_count == 0) { 1540 s->io_buffer[363] = 0; 1541 } else { 1542 s->io_buffer[363] = 1543 s->smart_selftest_data[3 + 1544 (s->smart_selftest_count - 1) * 1545 24]; 1546 } 1547 s->io_buffer[364] = 0x20; 1548 s->io_buffer[365] = 0x01; 1549 /* offline data collection capacity: execute + self-test*/ 1550 s->io_buffer[367] = (1<<4 | 1<<3 | 1); 1551 s->io_buffer[368] = 0x03; /* smart capability (1) */ 1552 s->io_buffer[369] = 0x00; /* smart capability (2) */ 1553 s->io_buffer[370] = 0x01; /* error logging supported */ 1554 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 1555 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 1556 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 1557 1558 for (n=0; n<511; n++) 1559 s->io_buffer[511] += s->io_buffer[n]; 1560 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1561 s->status = READY_STAT | SEEK_STAT; 1562 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1563 ide_set_irq(s->bus); 1564 break; 1565 case SMART_READ_LOG: 1566 switch (s->sector) { 1567 case 0x01: /* summary smart error log */ 1568 memset(s->io_buffer, 0, 0x200); 1569 s->io_buffer[0] = 0x01; 1570 s->io_buffer[1] = 0x00; /* no error entries */ 1571 s->io_buffer[452] = s->smart_errors & 0xff; 1572 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 1573 1574 for (n=0; n<511; n++) 1575 s->io_buffer[511] += s->io_buffer[n]; 1576 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1577 break; 1578 case 0x06: /* smart self test log */ 1579 memset(s->io_buffer, 0, 0x200); 1580 s->io_buffer[0] = 0x01; 1581 if (s->smart_selftest_count == 0) { 1582 s->io_buffer[508] = 0; 1583 } else { 1584 s->io_buffer[508] = s->smart_selftest_count; 1585 for (n=2; n<506; n++) 1586 s->io_buffer[n] = s->smart_selftest_data[n]; 1587 } 1588 for (n=0; n<511; n++) 1589 s->io_buffer[511] += s->io_buffer[n]; 1590 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1591 break; 1592 default: 1593 goto abort_cmd; 1594 } 1595 s->status = READY_STAT | SEEK_STAT; 1596 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1597 ide_set_irq(s->bus); 1598 break; 1599 case SMART_EXECUTE_OFFLINE: 1600 switch (s->sector) { 1601 case 0: /* off-line routine */ 1602 case 1: /* short self test */ 1603 case 2: /* extended self test */ 1604 s->smart_selftest_count++; 1605 if(s->smart_selftest_count > 21) 1606 s->smart_selftest_count = 0; 1607 n = 2 + (s->smart_selftest_count - 1) * 24; 1608 s->smart_selftest_data[n] = s->sector; 1609 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */ 1610 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */ 1611 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */ 1612 s->status = READY_STAT | SEEK_STAT; 1613 ide_set_irq(s->bus); 1614 break; 1615 default: 1616 goto abort_cmd; 1617 } 1618 break; 1619 default: 1620 goto abort_cmd; 1621 } 1622 break; 1623 default: 1624 /* should not be reachable */ 1625 abort_cmd: 1626 ide_abort_command(s); 1627 ide_set_irq(s->bus); 1628 break; 1629 } 1630 } 1631 1632 uint32_t ide_ioport_read(void *opaque, uint32_t addr1) 1633 { 1634 IDEBus *bus = opaque; 1635 IDEState *s = idebus_active_if(bus); 1636 uint32_t addr; 1637 int ret, hob; 1638 1639 addr = addr1 & 7; 1640 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 1641 //hob = s->select & (1 << 7); 1642 hob = 0; 1643 switch(addr) { 1644 case 0: 1645 ret = 0xff; 1646 break; 1647 case 1: 1648 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1649 (s != bus->ifs && !s->bs)) 1650 ret = 0; 1651 else if (!hob) 1652 ret = s->error; 1653 else 1654 ret = s->hob_feature; 1655 break; 1656 case 2: 1657 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1658 ret = 0; 1659 else if (!hob) 1660 ret = s->nsector & 0xff; 1661 else 1662 ret = s->hob_nsector; 1663 break; 1664 case 3: 1665 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1666 ret = 0; 1667 else if (!hob) 1668 ret = s->sector; 1669 else 1670 ret = s->hob_sector; 1671 break; 1672 case 4: 1673 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1674 ret = 0; 1675 else if (!hob) 1676 ret = s->lcyl; 1677 else 1678 ret = s->hob_lcyl; 1679 break; 1680 case 5: 1681 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1682 ret = 0; 1683 else if (!hob) 1684 ret = s->hcyl; 1685 else 1686 ret = s->hob_hcyl; 1687 break; 1688 case 6: 1689 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1690 ret = 0; 1691 else 1692 ret = s->select; 1693 break; 1694 default: 1695 case 7: 1696 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1697 (s != bus->ifs && !s->bs)) 1698 ret = 0; 1699 else 1700 ret = s->status; 1701 qemu_irq_lower(bus->irq); 1702 break; 1703 } 1704 #ifdef DEBUG_IDE 1705 printf("ide: read addr=0x%x val=%02x\n", addr1, ret); 1706 #endif 1707 return ret; 1708 } 1709 1710 uint32_t ide_status_read(void *opaque, uint32_t addr) 1711 { 1712 IDEBus *bus = opaque; 1713 IDEState *s = idebus_active_if(bus); 1714 int ret; 1715 1716 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1717 (s != bus->ifs && !s->bs)) 1718 ret = 0; 1719 else 1720 ret = s->status; 1721 #ifdef DEBUG_IDE 1722 printf("ide: read status addr=0x%x val=%02x\n", addr, ret); 1723 #endif 1724 return ret; 1725 } 1726 1727 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 1728 { 1729 IDEBus *bus = opaque; 1730 IDEState *s; 1731 int i; 1732 1733 #ifdef DEBUG_IDE 1734 printf("ide: write control addr=0x%x val=%02x\n", addr, val); 1735 #endif 1736 /* common for both drives */ 1737 if (!(bus->cmd & IDE_CMD_RESET) && 1738 (val & IDE_CMD_RESET)) { 1739 /* reset low to high */ 1740 for(i = 0;i < 2; i++) { 1741 s = &bus->ifs[i]; 1742 s->status = BUSY_STAT | SEEK_STAT; 1743 s->error = 0x01; 1744 } 1745 } else if ((bus->cmd & IDE_CMD_RESET) && 1746 !(val & IDE_CMD_RESET)) { 1747 /* high to low */ 1748 for(i = 0;i < 2; i++) { 1749 s = &bus->ifs[i]; 1750 if (s->drive_kind == IDE_CD) 1751 s->status = 0x00; /* NOTE: READY is _not_ set */ 1752 else 1753 s->status = READY_STAT | SEEK_STAT; 1754 ide_set_signature(s); 1755 } 1756 } 1757 1758 bus->cmd = val; 1759 } 1760 1761 /* 1762 * Returns true if the running PIO transfer is a PIO out (i.e. data is 1763 * transferred from the device to the guest), false if it's a PIO in 1764 */ 1765 static bool ide_is_pio_out(IDEState *s) 1766 { 1767 if (s->end_transfer_func == ide_sector_write || 1768 s->end_transfer_func == ide_atapi_cmd) { 1769 return false; 1770 } else if (s->end_transfer_func == ide_sector_read || 1771 s->end_transfer_func == ide_transfer_stop || 1772 s->end_transfer_func == ide_atapi_cmd_reply_end || 1773 s->end_transfer_func == ide_dummy_transfer_stop) { 1774 return true; 1775 } 1776 1777 abort(); 1778 } 1779 1780 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 1781 { 1782 IDEBus *bus = opaque; 1783 IDEState *s = idebus_active_if(bus); 1784 uint8_t *p; 1785 1786 /* PIO data access allowed only when DRQ bit is set. The result of a write 1787 * during PIO out is indeterminate, just ignore it. */ 1788 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1789 return; 1790 } 1791 1792 p = s->data_ptr; 1793 *(uint16_t *)p = le16_to_cpu(val); 1794 p += 2; 1795 s->data_ptr = p; 1796 if (p >= s->data_end) 1797 s->end_transfer_func(s); 1798 } 1799 1800 uint32_t ide_data_readw(void *opaque, uint32_t addr) 1801 { 1802 IDEBus *bus = opaque; 1803 IDEState *s = idebus_active_if(bus); 1804 uint8_t *p; 1805 int ret; 1806 1807 /* PIO data access allowed only when DRQ bit is set. The result of a read 1808 * during PIO in is indeterminate, return 0 and don't move forward. */ 1809 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1810 return 0; 1811 } 1812 1813 p = s->data_ptr; 1814 ret = cpu_to_le16(*(uint16_t *)p); 1815 p += 2; 1816 s->data_ptr = p; 1817 if (p >= s->data_end) 1818 s->end_transfer_func(s); 1819 return ret; 1820 } 1821 1822 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 1823 { 1824 IDEBus *bus = opaque; 1825 IDEState *s = idebus_active_if(bus); 1826 uint8_t *p; 1827 1828 /* PIO data access allowed only when DRQ bit is set. The result of a write 1829 * during PIO out is indeterminate, just ignore it. */ 1830 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1831 return; 1832 } 1833 1834 p = s->data_ptr; 1835 *(uint32_t *)p = le32_to_cpu(val); 1836 p += 4; 1837 s->data_ptr = p; 1838 if (p >= s->data_end) 1839 s->end_transfer_func(s); 1840 } 1841 1842 uint32_t ide_data_readl(void *opaque, uint32_t addr) 1843 { 1844 IDEBus *bus = opaque; 1845 IDEState *s = idebus_active_if(bus); 1846 uint8_t *p; 1847 int ret; 1848 1849 /* PIO data access allowed only when DRQ bit is set. The result of a read 1850 * during PIO in is indeterminate, return 0 and don't move forward. */ 1851 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1852 return 0; 1853 } 1854 1855 p = s->data_ptr; 1856 ret = cpu_to_le32(*(uint32_t *)p); 1857 p += 4; 1858 s->data_ptr = p; 1859 if (p >= s->data_end) 1860 s->end_transfer_func(s); 1861 return ret; 1862 } 1863 1864 static void ide_dummy_transfer_stop(IDEState *s) 1865 { 1866 s->data_ptr = s->io_buffer; 1867 s->data_end = s->io_buffer; 1868 s->io_buffer[0] = 0xff; 1869 s->io_buffer[1] = 0xff; 1870 s->io_buffer[2] = 0xff; 1871 s->io_buffer[3] = 0xff; 1872 } 1873 1874 static void ide_reset(IDEState *s) 1875 { 1876 #ifdef DEBUG_IDE 1877 printf("ide: reset\n"); 1878 #endif 1879 1880 if (s->pio_aiocb) { 1881 bdrv_aio_cancel(s->pio_aiocb); 1882 s->pio_aiocb = NULL; 1883 } 1884 1885 if (s->drive_kind == IDE_CFATA) 1886 s->mult_sectors = 0; 1887 else 1888 s->mult_sectors = MAX_MULT_SECTORS; 1889 /* ide regs */ 1890 s->feature = 0; 1891 s->error = 0; 1892 s->nsector = 0; 1893 s->sector = 0; 1894 s->lcyl = 0; 1895 s->hcyl = 0; 1896 1897 /* lba48 */ 1898 s->hob_feature = 0; 1899 s->hob_sector = 0; 1900 s->hob_nsector = 0; 1901 s->hob_lcyl = 0; 1902 s->hob_hcyl = 0; 1903 1904 s->select = 0xa0; 1905 s->status = READY_STAT | SEEK_STAT; 1906 1907 s->lba48 = 0; 1908 1909 /* ATAPI specific */ 1910 s->sense_key = 0; 1911 s->asc = 0; 1912 s->cdrom_changed = 0; 1913 s->packet_transfer_size = 0; 1914 s->elementary_transfer_size = 0; 1915 s->io_buffer_index = 0; 1916 s->cd_sector_size = 0; 1917 s->atapi_dma = 0; 1918 s->tray_locked = 0; 1919 s->tray_open = 0; 1920 /* ATA DMA state */ 1921 s->io_buffer_size = 0; 1922 s->req_nb_sectors = 0; 1923 1924 ide_set_signature(s); 1925 /* init the transfer handler so that 0xffff is returned on data 1926 accesses */ 1927 s->end_transfer_func = ide_dummy_transfer_stop; 1928 ide_dummy_transfer_stop(s); 1929 s->media_changed = 0; 1930 } 1931 1932 void ide_bus_reset(IDEBus *bus) 1933 { 1934 bus->unit = 0; 1935 bus->cmd = 0; 1936 ide_reset(&bus->ifs[0]); 1937 ide_reset(&bus->ifs[1]); 1938 ide_clear_hob(bus); 1939 1940 /* pending async DMA */ 1941 if (bus->dma->aiocb) { 1942 #ifdef DEBUG_AIO 1943 printf("aio_cancel\n"); 1944 #endif 1945 bdrv_aio_cancel(bus->dma->aiocb); 1946 bus->dma->aiocb = NULL; 1947 } 1948 1949 /* reset dma provider too */ 1950 bus->dma->ops->reset(bus->dma); 1951 } 1952 1953 static bool ide_cd_is_tray_open(void *opaque) 1954 { 1955 return ((IDEState *)opaque)->tray_open; 1956 } 1957 1958 static bool ide_cd_is_medium_locked(void *opaque) 1959 { 1960 return ((IDEState *)opaque)->tray_locked; 1961 } 1962 1963 static const BlockDevOps ide_cd_block_ops = { 1964 .change_media_cb = ide_cd_change_cb, 1965 .eject_request_cb = ide_cd_eject_request_cb, 1966 .is_tray_open = ide_cd_is_tray_open, 1967 .is_medium_locked = ide_cd_is_medium_locked, 1968 }; 1969 1970 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind, 1971 const char *version, const char *serial, const char *model, 1972 uint64_t wwn, 1973 uint32_t cylinders, uint32_t heads, uint32_t secs, 1974 int chs_trans) 1975 { 1976 uint64_t nb_sectors; 1977 1978 s->bs = bs; 1979 s->drive_kind = kind; 1980 1981 bdrv_get_geometry(bs, &nb_sectors); 1982 s->cylinders = cylinders; 1983 s->heads = heads; 1984 s->sectors = secs; 1985 s->chs_trans = chs_trans; 1986 s->nb_sectors = nb_sectors; 1987 s->wwn = wwn; 1988 /* The SMART values should be preserved across power cycles 1989 but they aren't. */ 1990 s->smart_enabled = 1; 1991 s->smart_autosave = 1; 1992 s->smart_errors = 0; 1993 s->smart_selftest_count = 0; 1994 if (kind == IDE_CD) { 1995 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s); 1996 bdrv_set_buffer_alignment(bs, 2048); 1997 } else { 1998 if (!bdrv_is_inserted(s->bs)) { 1999 error_report("Device needs media, but drive is empty"); 2000 return -1; 2001 } 2002 if (bdrv_is_read_only(bs)) { 2003 error_report("Can't use a read-only drive"); 2004 return -1; 2005 } 2006 } 2007 if (serial) { 2008 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial); 2009 } else { 2010 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 2011 "QM%05d", s->drive_serial); 2012 } 2013 if (model) { 2014 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model); 2015 } else { 2016 switch (kind) { 2017 case IDE_CD: 2018 strcpy(s->drive_model_str, "QEMU DVD-ROM"); 2019 break; 2020 case IDE_CFATA: 2021 strcpy(s->drive_model_str, "QEMU MICRODRIVE"); 2022 break; 2023 default: 2024 strcpy(s->drive_model_str, "QEMU HARDDISK"); 2025 break; 2026 } 2027 } 2028 2029 if (version) { 2030 pstrcpy(s->version, sizeof(s->version), version); 2031 } else { 2032 pstrcpy(s->version, sizeof(s->version), qemu_get_version()); 2033 } 2034 2035 ide_reset(s); 2036 bdrv_iostatus_enable(bs); 2037 return 0; 2038 } 2039 2040 static void ide_init1(IDEBus *bus, int unit) 2041 { 2042 static int drive_serial = 1; 2043 IDEState *s = &bus->ifs[unit]; 2044 2045 s->bus = bus; 2046 s->unit = unit; 2047 s->drive_serial = drive_serial++; 2048 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */ 2049 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 2050 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len); 2051 memset(s->io_buffer, 0, s->io_buffer_total_len); 2052 2053 s->smart_selftest_data = qemu_blockalign(s->bs, 512); 2054 memset(s->smart_selftest_data, 0, 512); 2055 2056 s->sector_write_timer = qemu_new_timer_ns(vm_clock, 2057 ide_sector_write_timer_cb, s); 2058 } 2059 2060 static void ide_nop_start(IDEDMA *dma, IDEState *s, 2061 BlockDriverCompletionFunc *cb) 2062 { 2063 } 2064 2065 static int ide_nop(IDEDMA *dma) 2066 { 2067 return 0; 2068 } 2069 2070 static int ide_nop_int(IDEDMA *dma, int x) 2071 { 2072 return 0; 2073 } 2074 2075 static void ide_nop_restart(void *opaque, int x, RunState y) 2076 { 2077 } 2078 2079 static const IDEDMAOps ide_dma_nop_ops = { 2080 .start_dma = ide_nop_start, 2081 .start_transfer = ide_nop, 2082 .prepare_buf = ide_nop_int, 2083 .rw_buf = ide_nop_int, 2084 .set_unit = ide_nop_int, 2085 .add_status = ide_nop_int, 2086 .set_inactive = ide_nop, 2087 .restart_cb = ide_nop_restart, 2088 .reset = ide_nop, 2089 }; 2090 2091 static IDEDMA ide_dma_nop = { 2092 .ops = &ide_dma_nop_ops, 2093 .aiocb = NULL, 2094 }; 2095 2096 void ide_init2(IDEBus *bus, qemu_irq irq) 2097 { 2098 int i; 2099 2100 for(i = 0; i < 2; i++) { 2101 ide_init1(bus, i); 2102 ide_reset(&bus->ifs[i]); 2103 } 2104 bus->irq = irq; 2105 bus->dma = &ide_dma_nop; 2106 } 2107 2108 /* TODO convert users to qdev and remove */ 2109 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0, 2110 DriveInfo *hd1, qemu_irq irq) 2111 { 2112 int i, trans; 2113 DriveInfo *dinfo; 2114 uint32_t cyls, heads, secs; 2115 2116 for(i = 0; i < 2; i++) { 2117 dinfo = i == 0 ? hd0 : hd1; 2118 ide_init1(bus, i); 2119 if (dinfo) { 2120 cyls = dinfo->cyls; 2121 heads = dinfo->heads; 2122 secs = dinfo->secs; 2123 trans = dinfo->trans; 2124 if (!cyls && !heads && !secs) { 2125 hd_geometry_guess(dinfo->bdrv, &cyls, &heads, &secs, &trans); 2126 } else if (trans == BIOS_ATA_TRANSLATION_AUTO) { 2127 trans = hd_bios_chs_auto_trans(cyls, heads, secs); 2128 } 2129 if (cyls < 1 || cyls > 65535) { 2130 error_report("cyls must be between 1 and 65535"); 2131 exit(1); 2132 } 2133 if (heads < 1 || heads > 16) { 2134 error_report("heads must be between 1 and 16"); 2135 exit(1); 2136 } 2137 if (secs < 1 || secs > 255) { 2138 error_report("secs must be between 1 and 255"); 2139 exit(1); 2140 } 2141 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, 2142 dinfo->media_cd ? IDE_CD : IDE_HD, 2143 NULL, dinfo->serial, NULL, 0, 2144 cyls, heads, secs, trans) < 0) { 2145 error_report("Can't set up IDE drive %s", dinfo->id); 2146 exit(1); 2147 } 2148 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]); 2149 } else { 2150 ide_reset(&bus->ifs[i]); 2151 } 2152 } 2153 bus->irq = irq; 2154 bus->dma = &ide_dma_nop; 2155 } 2156 2157 static const MemoryRegionPortio ide_portio_list[] = { 2158 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write }, 2159 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew }, 2160 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel }, 2161 PORTIO_END_OF_LIST(), 2162 }; 2163 2164 static const MemoryRegionPortio ide_portio2_list[] = { 2165 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write }, 2166 PORTIO_END_OF_LIST(), 2167 }; 2168 2169 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2) 2170 { 2171 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA 2172 bridge has been setup properly to always register with ISA. */ 2173 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide"); 2174 2175 if (iobase2) { 2176 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide"); 2177 } 2178 } 2179 2180 static bool is_identify_set(void *opaque, int version_id) 2181 { 2182 IDEState *s = opaque; 2183 2184 return s->identify_set != 0; 2185 } 2186 2187 static EndTransferFunc* transfer_end_table[] = { 2188 ide_sector_read, 2189 ide_sector_write, 2190 ide_transfer_stop, 2191 ide_atapi_cmd_reply_end, 2192 ide_atapi_cmd, 2193 ide_dummy_transfer_stop, 2194 }; 2195 2196 static int transfer_end_table_idx(EndTransferFunc *fn) 2197 { 2198 int i; 2199 2200 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2201 if (transfer_end_table[i] == fn) 2202 return i; 2203 2204 return -1; 2205 } 2206 2207 static int ide_drive_post_load(void *opaque, int version_id) 2208 { 2209 IDEState *s = opaque; 2210 2211 if (s->identify_set) { 2212 bdrv_set_enable_write_cache(s->bs, !!(s->identify_data[85] & (1 << 5))); 2213 } 2214 return 0; 2215 } 2216 2217 static int ide_drive_pio_post_load(void *opaque, int version_id) 2218 { 2219 IDEState *s = opaque; 2220 2221 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { 2222 return -EINVAL; 2223 } 2224 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2225 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2226 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2227 2228 return 0; 2229 } 2230 2231 static void ide_drive_pio_pre_save(void *opaque) 2232 { 2233 IDEState *s = opaque; 2234 int idx; 2235 2236 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2237 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2238 2239 idx = transfer_end_table_idx(s->end_transfer_func); 2240 if (idx == -1) { 2241 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2242 __func__); 2243 s->end_transfer_fn_idx = 2; 2244 } else { 2245 s->end_transfer_fn_idx = idx; 2246 } 2247 } 2248 2249 static bool ide_drive_pio_state_needed(void *opaque) 2250 { 2251 IDEState *s = opaque; 2252 2253 return ((s->status & DRQ_STAT) != 0) 2254 || (s->bus->error_status & BM_STATUS_PIO_RETRY); 2255 } 2256 2257 static bool ide_tray_state_needed(void *opaque) 2258 { 2259 IDEState *s = opaque; 2260 2261 return s->tray_open || s->tray_locked; 2262 } 2263 2264 static bool ide_atapi_gesn_needed(void *opaque) 2265 { 2266 IDEState *s = opaque; 2267 2268 return s->events.new_media || s->events.eject_request; 2269 } 2270 2271 static bool ide_error_needed(void *opaque) 2272 { 2273 IDEBus *bus = opaque; 2274 2275 return (bus->error_status != 0); 2276 } 2277 2278 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ 2279 static const VMStateDescription vmstate_ide_atapi_gesn_state = { 2280 .name ="ide_drive/atapi/gesn_state", 2281 .version_id = 1, 2282 .minimum_version_id = 1, 2283 .minimum_version_id_old = 1, 2284 .fields = (VMStateField []) { 2285 VMSTATE_BOOL(events.new_media, IDEState), 2286 VMSTATE_BOOL(events.eject_request, IDEState), 2287 VMSTATE_END_OF_LIST() 2288 } 2289 }; 2290 2291 static const VMStateDescription vmstate_ide_tray_state = { 2292 .name = "ide_drive/tray_state", 2293 .version_id = 1, 2294 .minimum_version_id = 1, 2295 .minimum_version_id_old = 1, 2296 .fields = (VMStateField[]) { 2297 VMSTATE_BOOL(tray_open, IDEState), 2298 VMSTATE_BOOL(tray_locked, IDEState), 2299 VMSTATE_END_OF_LIST() 2300 } 2301 }; 2302 2303 static const VMStateDescription vmstate_ide_drive_pio_state = { 2304 .name = "ide_drive/pio_state", 2305 .version_id = 1, 2306 .minimum_version_id = 1, 2307 .minimum_version_id_old = 1, 2308 .pre_save = ide_drive_pio_pre_save, 2309 .post_load = ide_drive_pio_post_load, 2310 .fields = (VMStateField []) { 2311 VMSTATE_INT32(req_nb_sectors, IDEState), 2312 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2313 vmstate_info_uint8, uint8_t), 2314 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2315 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2316 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2317 VMSTATE_INT32(elementary_transfer_size, IDEState), 2318 VMSTATE_INT32(packet_transfer_size, IDEState), 2319 VMSTATE_END_OF_LIST() 2320 } 2321 }; 2322 2323 const VMStateDescription vmstate_ide_drive = { 2324 .name = "ide_drive", 2325 .version_id = 3, 2326 .minimum_version_id = 0, 2327 .minimum_version_id_old = 0, 2328 .post_load = ide_drive_post_load, 2329 .fields = (VMStateField []) { 2330 VMSTATE_INT32(mult_sectors, IDEState), 2331 VMSTATE_INT32(identify_set, IDEState), 2332 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2333 VMSTATE_UINT8(feature, IDEState), 2334 VMSTATE_UINT8(error, IDEState), 2335 VMSTATE_UINT32(nsector, IDEState), 2336 VMSTATE_UINT8(sector, IDEState), 2337 VMSTATE_UINT8(lcyl, IDEState), 2338 VMSTATE_UINT8(hcyl, IDEState), 2339 VMSTATE_UINT8(hob_feature, IDEState), 2340 VMSTATE_UINT8(hob_sector, IDEState), 2341 VMSTATE_UINT8(hob_nsector, IDEState), 2342 VMSTATE_UINT8(hob_lcyl, IDEState), 2343 VMSTATE_UINT8(hob_hcyl, IDEState), 2344 VMSTATE_UINT8(select, IDEState), 2345 VMSTATE_UINT8(status, IDEState), 2346 VMSTATE_UINT8(lba48, IDEState), 2347 VMSTATE_UINT8(sense_key, IDEState), 2348 VMSTATE_UINT8(asc, IDEState), 2349 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2350 VMSTATE_END_OF_LIST() 2351 }, 2352 .subsections = (VMStateSubsection []) { 2353 { 2354 .vmsd = &vmstate_ide_drive_pio_state, 2355 .needed = ide_drive_pio_state_needed, 2356 }, { 2357 .vmsd = &vmstate_ide_tray_state, 2358 .needed = ide_tray_state_needed, 2359 }, { 2360 .vmsd = &vmstate_ide_atapi_gesn_state, 2361 .needed = ide_atapi_gesn_needed, 2362 }, { 2363 /* empty */ 2364 } 2365 } 2366 }; 2367 2368 static const VMStateDescription vmstate_ide_error_status = { 2369 .name ="ide_bus/error", 2370 .version_id = 1, 2371 .minimum_version_id = 1, 2372 .minimum_version_id_old = 1, 2373 .fields = (VMStateField []) { 2374 VMSTATE_INT32(error_status, IDEBus), 2375 VMSTATE_END_OF_LIST() 2376 } 2377 }; 2378 2379 const VMStateDescription vmstate_ide_bus = { 2380 .name = "ide_bus", 2381 .version_id = 1, 2382 .minimum_version_id = 1, 2383 .minimum_version_id_old = 1, 2384 .fields = (VMStateField []) { 2385 VMSTATE_UINT8(cmd, IDEBus), 2386 VMSTATE_UINT8(unit, IDEBus), 2387 VMSTATE_END_OF_LIST() 2388 }, 2389 .subsections = (VMStateSubsection []) { 2390 { 2391 .vmsd = &vmstate_ide_error_status, 2392 .needed = ide_error_needed, 2393 }, { 2394 /* empty */ 2395 } 2396 } 2397 }; 2398 2399 void ide_drive_get(DriveInfo **hd, int max_bus) 2400 { 2401 int i; 2402 2403 if (drive_get_max_bus(IF_IDE) >= max_bus) { 2404 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus); 2405 exit(1); 2406 } 2407 2408 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) { 2409 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS); 2410 } 2411 } 2412