1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 #include <hw/hw.h> 26 #include <hw/i386/pc.h> 27 #include <hw/pci/pci.h> 28 #include <hw/isa/isa.h> 29 #include "qemu/error-report.h" 30 #include "qemu/timer.h" 31 #include "sysemu/sysemu.h" 32 #include "sysemu/dma.h" 33 #include "hw/block/block.h" 34 #include "sysemu/blockdev.h" 35 36 #include <hw/ide/internal.h> 37 38 /* These values were based on a Seagate ST3500418AS but have been modified 39 to make more sense in QEMU */ 40 static const int smart_attributes[][12] = { 41 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */ 42 /* raw read error rate*/ 43 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06}, 44 /* spin up */ 45 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 46 /* start stop count */ 47 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14}, 48 /* remapped sectors */ 49 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24}, 50 /* power on hours */ 51 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 52 /* power cycle count */ 53 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 54 /* airflow-temperature-celsius */ 55 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32}, 56 }; 57 58 static int ide_handle_rw_error(IDEState *s, int error, int op); 59 static void ide_dummy_transfer_stop(IDEState *s); 60 61 static void padstr(char *str, const char *src, int len) 62 { 63 int i, v; 64 for(i = 0; i < len; i++) { 65 if (*src) 66 v = *src++; 67 else 68 v = ' '; 69 str[i^1] = v; 70 } 71 } 72 73 static void put_le16(uint16_t *p, unsigned int v) 74 { 75 *p = cpu_to_le16(v); 76 } 77 78 static void ide_identify(IDEState *s) 79 { 80 uint16_t *p; 81 unsigned int oldsize; 82 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; 83 84 if (s->identify_set) { 85 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 86 return; 87 } 88 89 memset(s->io_buffer, 0, 512); 90 p = (uint16_t *)s->io_buffer; 91 put_le16(p + 0, 0x0040); 92 put_le16(p + 1, s->cylinders); 93 put_le16(p + 3, s->heads); 94 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 95 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 96 put_le16(p + 6, s->sectors); 97 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 98 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 99 put_le16(p + 21, 512); /* cache size in sectors */ 100 put_le16(p + 22, 4); /* ecc bytes */ 101 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 102 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 103 #if MAX_MULT_SECTORS > 1 104 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 105 #endif 106 put_le16(p + 48, 1); /* dword I/O */ 107 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 108 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 109 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 110 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 111 put_le16(p + 54, s->cylinders); 112 put_le16(p + 55, s->heads); 113 put_le16(p + 56, s->sectors); 114 oldsize = s->cylinders * s->heads * s->sectors; 115 put_le16(p + 57, oldsize); 116 put_le16(p + 58, oldsize >> 16); 117 if (s->mult_sectors) 118 put_le16(p + 59, 0x100 | s->mult_sectors); 119 put_le16(p + 60, s->nb_sectors); 120 put_le16(p + 61, s->nb_sectors >> 16); 121 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 122 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 123 put_le16(p + 64, 0x03); /* pio3-4 supported */ 124 put_le16(p + 65, 120); 125 put_le16(p + 66, 120); 126 put_le16(p + 67, 120); 127 put_le16(p + 68, 120); 128 if (dev && dev->conf.discard_granularity) { 129 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ 130 } 131 132 if (s->ncq_queues) { 133 put_le16(p + 75, s->ncq_queues - 1); 134 /* NCQ supported */ 135 put_le16(p + 76, (1 << 8)); 136 } 137 138 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 139 put_le16(p + 81, 0x16); /* conforms to ata5 */ 140 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */ 141 put_le16(p + 82, (1 << 14) | (1 << 5) | 1); 142 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 143 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 144 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 145 if (s->wwn) { 146 put_le16(p + 84, (1 << 14) | (1 << 8) | 0); 147 } else { 148 put_le16(p + 84, (1 << 14) | 0); 149 } 150 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 151 if (bdrv_enable_write_cache(s->bs)) 152 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 153 else 154 put_le16(p + 85, (1 << 14) | 1); 155 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 156 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10)); 157 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 158 if (s->wwn) { 159 put_le16(p + 87, (1 << 14) | (1 << 8) | 0); 160 } else { 161 put_le16(p + 87, (1 << 14) | 0); 162 } 163 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 164 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 165 put_le16(p + 100, s->nb_sectors); 166 put_le16(p + 101, s->nb_sectors >> 16); 167 put_le16(p + 102, s->nb_sectors >> 32); 168 put_le16(p + 103, s->nb_sectors >> 48); 169 170 if (dev && dev->conf.physical_block_size) 171 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 172 if (s->wwn) { 173 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 174 put_le16(p + 108, s->wwn >> 48); 175 put_le16(p + 109, s->wwn >> 32); 176 put_le16(p + 110, s->wwn >> 16); 177 put_le16(p + 111, s->wwn); 178 } 179 if (dev && dev->conf.discard_granularity) { 180 put_le16(p + 169, 1); /* TRIM support */ 181 } 182 183 memcpy(s->identify_data, p, sizeof(s->identify_data)); 184 s->identify_set = 1; 185 } 186 187 static void ide_atapi_identify(IDEState *s) 188 { 189 uint16_t *p; 190 191 if (s->identify_set) { 192 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 193 return; 194 } 195 196 memset(s->io_buffer, 0, 512); 197 p = (uint16_t *)s->io_buffer; 198 /* Removable CDROM, 50us response, 12 byte packets */ 199 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 200 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 201 put_le16(p + 20, 3); /* buffer type */ 202 put_le16(p + 21, 512); /* cache size in sectors */ 203 put_le16(p + 22, 4); /* ecc bytes */ 204 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 205 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 206 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 207 #ifdef USE_DMA_CDROM 208 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 209 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 210 put_le16(p + 62, 7); /* single word dma0-2 supported */ 211 put_le16(p + 63, 7); /* mdma0-2 supported */ 212 #else 213 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 214 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 215 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 216 #endif 217 put_le16(p + 64, 3); /* pio3-4 supported */ 218 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 219 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 220 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 221 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 222 223 put_le16(p + 71, 30); /* in ns */ 224 put_le16(p + 72, 30); /* in ns */ 225 226 if (s->ncq_queues) { 227 put_le16(p + 75, s->ncq_queues - 1); 228 /* NCQ supported */ 229 put_le16(p + 76, (1 << 8)); 230 } 231 232 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 233 #ifdef USE_DMA_CDROM 234 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 235 #endif 236 memcpy(s->identify_data, p, sizeof(s->identify_data)); 237 s->identify_set = 1; 238 } 239 240 static void ide_cfata_identify(IDEState *s) 241 { 242 uint16_t *p; 243 uint32_t cur_sec; 244 245 p = (uint16_t *) s->identify_data; 246 if (s->identify_set) 247 goto fill_buffer; 248 249 memset(p, 0, sizeof(s->identify_data)); 250 251 cur_sec = s->cylinders * s->heads * s->sectors; 252 253 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 254 put_le16(p + 1, s->cylinders); /* Default cylinders */ 255 put_le16(p + 3, s->heads); /* Default heads */ 256 put_le16(p + 6, s->sectors); /* Default sectors per track */ 257 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 258 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 259 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 260 put_le16(p + 22, 0x0004); /* ECC bytes */ 261 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 262 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */ 263 #if MAX_MULT_SECTORS > 1 264 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 265 #else 266 put_le16(p + 47, 0x0000); 267 #endif 268 put_le16(p + 49, 0x0f00); /* Capabilities */ 269 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 270 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 271 put_le16(p + 53, 0x0003); /* Translation params valid */ 272 put_le16(p + 54, s->cylinders); /* Current cylinders */ 273 put_le16(p + 55, s->heads); /* Current heads */ 274 put_le16(p + 56, s->sectors); /* Current sectors */ 275 put_le16(p + 57, cur_sec); /* Current capacity */ 276 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 277 if (s->mult_sectors) /* Multiple sector setting */ 278 put_le16(p + 59, 0x100 | s->mult_sectors); 279 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 280 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 281 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 282 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 283 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 284 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 285 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 286 put_le16(p + 82, 0x400c); /* Command Set supported */ 287 put_le16(p + 83, 0x7068); /* Command Set supported */ 288 put_le16(p + 84, 0x4000); /* Features supported */ 289 put_le16(p + 85, 0x000c); /* Command Set enabled */ 290 put_le16(p + 86, 0x7044); /* Command Set enabled */ 291 put_le16(p + 87, 0x4000); /* Features enabled */ 292 put_le16(p + 91, 0x4060); /* Current APM level */ 293 put_le16(p + 129, 0x0002); /* Current features option */ 294 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 295 put_le16(p + 131, 0x0001); /* Initial power mode */ 296 put_le16(p + 132, 0x0000); /* User signature */ 297 put_le16(p + 160, 0x8100); /* Power requirement */ 298 put_le16(p + 161, 0x8001); /* CF command set */ 299 300 s->identify_set = 1; 301 302 fill_buffer: 303 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 304 } 305 306 static void ide_set_signature(IDEState *s) 307 { 308 s->select &= 0xf0; /* clear head */ 309 /* put signature */ 310 s->nsector = 1; 311 s->sector = 1; 312 if (s->drive_kind == IDE_CD) { 313 s->lcyl = 0x14; 314 s->hcyl = 0xeb; 315 } else if (s->bs) { 316 s->lcyl = 0; 317 s->hcyl = 0; 318 } else { 319 s->lcyl = 0xff; 320 s->hcyl = 0xff; 321 } 322 } 323 324 typedef struct TrimAIOCB { 325 BlockDriverAIOCB common; 326 QEMUBH *bh; 327 int ret; 328 QEMUIOVector *qiov; 329 BlockDriverAIOCB *aiocb; 330 int i, j; 331 } TrimAIOCB; 332 333 static void trim_aio_cancel(BlockDriverAIOCB *acb) 334 { 335 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); 336 337 /* Exit the loop in case bdrv_aio_cancel calls ide_issue_trim_cb again. */ 338 iocb->j = iocb->qiov->niov - 1; 339 iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1; 340 341 /* Tell ide_issue_trim_cb not to trigger the completion, too. */ 342 qemu_bh_delete(iocb->bh); 343 iocb->bh = NULL; 344 345 if (iocb->aiocb) { 346 bdrv_aio_cancel(iocb->aiocb); 347 } 348 qemu_aio_release(iocb); 349 } 350 351 static const AIOCBInfo trim_aiocb_info = { 352 .aiocb_size = sizeof(TrimAIOCB), 353 .cancel = trim_aio_cancel, 354 }; 355 356 static void ide_trim_bh_cb(void *opaque) 357 { 358 TrimAIOCB *iocb = opaque; 359 360 iocb->common.cb(iocb->common.opaque, iocb->ret); 361 362 qemu_bh_delete(iocb->bh); 363 iocb->bh = NULL; 364 qemu_aio_release(iocb); 365 } 366 367 static void ide_issue_trim_cb(void *opaque, int ret) 368 { 369 TrimAIOCB *iocb = opaque; 370 if (ret >= 0) { 371 while (iocb->j < iocb->qiov->niov) { 372 int j = iocb->j; 373 while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) { 374 int i = iocb->i; 375 uint64_t *buffer = iocb->qiov->iov[j].iov_base; 376 377 /* 6-byte LBA + 2-byte range per entry */ 378 uint64_t entry = le64_to_cpu(buffer[i]); 379 uint64_t sector = entry & 0x0000ffffffffffffULL; 380 uint16_t count = entry >> 48; 381 382 if (count == 0) { 383 continue; 384 } 385 386 /* Got an entry! Submit and exit. */ 387 iocb->aiocb = bdrv_aio_discard(iocb->common.bs, sector, count, 388 ide_issue_trim_cb, opaque); 389 return; 390 } 391 392 iocb->j++; 393 iocb->i = -1; 394 } 395 } else { 396 iocb->ret = ret; 397 } 398 399 iocb->aiocb = NULL; 400 if (iocb->bh) { 401 qemu_bh_schedule(iocb->bh); 402 } 403 } 404 405 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs, 406 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors, 407 BlockDriverCompletionFunc *cb, void *opaque) 408 { 409 TrimAIOCB *iocb; 410 411 iocb = qemu_aio_get(&trim_aiocb_info, bs, cb, opaque); 412 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); 413 iocb->ret = 0; 414 iocb->qiov = qiov; 415 iocb->i = -1; 416 iocb->j = 0; 417 ide_issue_trim_cb(iocb, 0); 418 return &iocb->common; 419 } 420 421 static inline void ide_abort_command(IDEState *s) 422 { 423 s->status = READY_STAT | ERR_STAT; 424 s->error = ABRT_ERR; 425 } 426 427 /* prepare data transfer and tell what to do after */ 428 void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 429 EndTransferFunc *end_transfer_func) 430 { 431 s->end_transfer_func = end_transfer_func; 432 s->data_ptr = buf; 433 s->data_end = buf + size; 434 if (!(s->status & ERR_STAT)) { 435 s->status |= DRQ_STAT; 436 } 437 s->bus->dma->ops->start_transfer(s->bus->dma); 438 } 439 440 void ide_transfer_stop(IDEState *s) 441 { 442 s->end_transfer_func = ide_transfer_stop; 443 s->data_ptr = s->io_buffer; 444 s->data_end = s->io_buffer; 445 s->status &= ~DRQ_STAT; 446 } 447 448 int64_t ide_get_sector(IDEState *s) 449 { 450 int64_t sector_num; 451 if (s->select & 0x40) { 452 /* lba */ 453 if (!s->lba48) { 454 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 455 (s->lcyl << 8) | s->sector; 456 } else { 457 sector_num = ((int64_t)s->hob_hcyl << 40) | 458 ((int64_t) s->hob_lcyl << 32) | 459 ((int64_t) s->hob_sector << 24) | 460 ((int64_t) s->hcyl << 16) | 461 ((int64_t) s->lcyl << 8) | s->sector; 462 } 463 } else { 464 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 465 (s->select & 0x0f) * s->sectors + (s->sector - 1); 466 } 467 return sector_num; 468 } 469 470 void ide_set_sector(IDEState *s, int64_t sector_num) 471 { 472 unsigned int cyl, r; 473 if (s->select & 0x40) { 474 if (!s->lba48) { 475 s->select = (s->select & 0xf0) | (sector_num >> 24); 476 s->hcyl = (sector_num >> 16); 477 s->lcyl = (sector_num >> 8); 478 s->sector = (sector_num); 479 } else { 480 s->sector = sector_num; 481 s->lcyl = sector_num >> 8; 482 s->hcyl = sector_num >> 16; 483 s->hob_sector = sector_num >> 24; 484 s->hob_lcyl = sector_num >> 32; 485 s->hob_hcyl = sector_num >> 40; 486 } 487 } else { 488 cyl = sector_num / (s->heads * s->sectors); 489 r = sector_num % (s->heads * s->sectors); 490 s->hcyl = cyl >> 8; 491 s->lcyl = cyl; 492 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 493 s->sector = (r % s->sectors) + 1; 494 } 495 } 496 497 static void ide_rw_error(IDEState *s) { 498 ide_abort_command(s); 499 ide_set_irq(s->bus); 500 } 501 502 static void ide_sector_read_cb(void *opaque, int ret) 503 { 504 IDEState *s = opaque; 505 int n; 506 507 s->pio_aiocb = NULL; 508 s->status &= ~BUSY_STAT; 509 510 bdrv_acct_done(s->bs, &s->acct); 511 if (ret != 0) { 512 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY | 513 BM_STATUS_RETRY_READ)) { 514 return; 515 } 516 } 517 518 n = s->nsector; 519 if (n > s->req_nb_sectors) { 520 n = s->req_nb_sectors; 521 } 522 523 /* Allow the guest to read the io_buffer */ 524 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read); 525 526 ide_set_irq(s->bus); 527 528 ide_set_sector(s, ide_get_sector(s) + n); 529 s->nsector -= n; 530 } 531 532 void ide_sector_read(IDEState *s) 533 { 534 int64_t sector_num; 535 int n; 536 537 s->status = READY_STAT | SEEK_STAT; 538 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 539 sector_num = ide_get_sector(s); 540 n = s->nsector; 541 542 if (n == 0) { 543 ide_transfer_stop(s); 544 return; 545 } 546 547 s->status |= BUSY_STAT; 548 549 if (n > s->req_nb_sectors) { 550 n = s->req_nb_sectors; 551 } 552 553 #if defined(DEBUG_IDE) 554 printf("sector=%" PRId64 "\n", sector_num); 555 #endif 556 557 s->iov.iov_base = s->io_buffer; 558 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 559 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 560 561 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 562 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n, 563 ide_sector_read_cb, s); 564 } 565 566 static void dma_buf_commit(IDEState *s) 567 { 568 qemu_sglist_destroy(&s->sg); 569 } 570 571 void ide_set_inactive(IDEState *s) 572 { 573 s->bus->dma->aiocb = NULL; 574 s->bus->dma->ops->set_inactive(s->bus->dma); 575 } 576 577 void ide_dma_error(IDEState *s) 578 { 579 ide_transfer_stop(s); 580 s->error = ABRT_ERR; 581 s->status = READY_STAT | ERR_STAT; 582 ide_set_inactive(s); 583 ide_set_irq(s->bus); 584 } 585 586 static int ide_handle_rw_error(IDEState *s, int error, int op) 587 { 588 bool is_read = (op & BM_STATUS_RETRY_READ) != 0; 589 BlockErrorAction action = bdrv_get_error_action(s->bs, is_read, error); 590 591 if (action == BDRV_ACTION_STOP) { 592 s->bus->dma->ops->set_unit(s->bus->dma, s->unit); 593 s->bus->error_status = op; 594 } else if (action == BDRV_ACTION_REPORT) { 595 if (op & BM_STATUS_DMA_RETRY) { 596 dma_buf_commit(s); 597 ide_dma_error(s); 598 } else { 599 ide_rw_error(s); 600 } 601 } 602 bdrv_error_action(s->bs, action, is_read, error); 603 return action != BDRV_ACTION_IGNORE; 604 } 605 606 void ide_dma_cb(void *opaque, int ret) 607 { 608 IDEState *s = opaque; 609 int n; 610 int64_t sector_num; 611 bool stay_active = false; 612 613 if (ret < 0) { 614 int op = BM_STATUS_DMA_RETRY; 615 616 if (s->dma_cmd == IDE_DMA_READ) 617 op |= BM_STATUS_RETRY_READ; 618 else if (s->dma_cmd == IDE_DMA_TRIM) 619 op |= BM_STATUS_RETRY_TRIM; 620 621 if (ide_handle_rw_error(s, -ret, op)) { 622 return; 623 } 624 } 625 626 n = s->io_buffer_size >> 9; 627 if (n > s->nsector) { 628 /* The PRDs were longer than needed for this request. Shorten them so 629 * we don't get a negative remainder. The Active bit must remain set 630 * after the request completes. */ 631 n = s->nsector; 632 stay_active = true; 633 } 634 635 sector_num = ide_get_sector(s); 636 if (n > 0) { 637 dma_buf_commit(s); 638 sector_num += n; 639 ide_set_sector(s, sector_num); 640 s->nsector -= n; 641 } 642 643 /* end of transfer ? */ 644 if (s->nsector == 0) { 645 s->status = READY_STAT | SEEK_STAT; 646 ide_set_irq(s->bus); 647 goto eot; 648 } 649 650 /* launch next transfer */ 651 n = s->nsector; 652 s->io_buffer_index = 0; 653 s->io_buffer_size = n * 512; 654 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) { 655 /* The PRDs were too short. Reset the Active bit, but don't raise an 656 * interrupt. */ 657 s->status = READY_STAT | SEEK_STAT; 658 goto eot; 659 } 660 661 #ifdef DEBUG_AIO 662 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n", 663 sector_num, n, s->dma_cmd); 664 #endif 665 666 switch (s->dma_cmd) { 667 case IDE_DMA_READ: 668 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, 669 ide_dma_cb, s); 670 break; 671 case IDE_DMA_WRITE: 672 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, 673 ide_dma_cb, s); 674 break; 675 case IDE_DMA_TRIM: 676 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num, 677 ide_issue_trim, ide_dma_cb, s, 678 DMA_DIRECTION_TO_DEVICE); 679 break; 680 } 681 return; 682 683 eot: 684 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) { 685 bdrv_acct_done(s->bs, &s->acct); 686 } 687 ide_set_inactive(s); 688 if (stay_active) { 689 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_DMAING); 690 } 691 } 692 693 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 694 { 695 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; 696 s->io_buffer_index = 0; 697 s->io_buffer_size = 0; 698 s->dma_cmd = dma_cmd; 699 700 switch (dma_cmd) { 701 case IDE_DMA_READ: 702 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 703 BDRV_ACCT_READ); 704 break; 705 case IDE_DMA_WRITE: 706 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 707 BDRV_ACCT_WRITE); 708 break; 709 default: 710 break; 711 } 712 713 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb); 714 } 715 716 static void ide_sector_write_timer_cb(void *opaque) 717 { 718 IDEState *s = opaque; 719 ide_set_irq(s->bus); 720 } 721 722 static void ide_sector_write_cb(void *opaque, int ret) 723 { 724 IDEState *s = opaque; 725 int n; 726 727 bdrv_acct_done(s->bs, &s->acct); 728 729 s->pio_aiocb = NULL; 730 s->status &= ~BUSY_STAT; 731 732 if (ret != 0) { 733 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) { 734 return; 735 } 736 } 737 738 n = s->nsector; 739 if (n > s->req_nb_sectors) { 740 n = s->req_nb_sectors; 741 } 742 s->nsector -= n; 743 if (s->nsector == 0) { 744 /* no more sectors to write */ 745 ide_transfer_stop(s); 746 } else { 747 int n1 = s->nsector; 748 if (n1 > s->req_nb_sectors) { 749 n1 = s->req_nb_sectors; 750 } 751 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE, 752 ide_sector_write); 753 } 754 ide_set_sector(s, ide_get_sector(s) + n); 755 756 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 757 /* It seems there is a bug in the Windows 2000 installer HDD 758 IDE driver which fills the disk with empty logs when the 759 IDE write IRQ comes too early. This hack tries to correct 760 that at the expense of slower write performances. Use this 761 option _only_ to install Windows 2000. You must disable it 762 for normal use. */ 763 qemu_mod_timer(s->sector_write_timer, 764 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000)); 765 } else { 766 ide_set_irq(s->bus); 767 } 768 } 769 770 void ide_sector_write(IDEState *s) 771 { 772 int64_t sector_num; 773 int n; 774 775 s->status = READY_STAT | SEEK_STAT | BUSY_STAT; 776 sector_num = ide_get_sector(s); 777 #if defined(DEBUG_IDE) 778 printf("sector=%" PRId64 "\n", sector_num); 779 #endif 780 n = s->nsector; 781 if (n > s->req_nb_sectors) { 782 n = s->req_nb_sectors; 783 } 784 785 s->iov.iov_base = s->io_buffer; 786 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 787 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 788 789 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 790 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n, 791 ide_sector_write_cb, s); 792 } 793 794 static void ide_flush_cb(void *opaque, int ret) 795 { 796 IDEState *s = opaque; 797 798 if (ret < 0) { 799 /* XXX: What sector number to set here? */ 800 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) { 801 return; 802 } 803 } 804 805 bdrv_acct_done(s->bs, &s->acct); 806 s->status = READY_STAT | SEEK_STAT; 807 ide_set_irq(s->bus); 808 } 809 810 void ide_flush_cache(IDEState *s) 811 { 812 if (s->bs == NULL) { 813 ide_flush_cb(s, 0); 814 return; 815 } 816 817 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH); 818 bdrv_aio_flush(s->bs, ide_flush_cb, s); 819 } 820 821 static void ide_cfata_metadata_inquiry(IDEState *s) 822 { 823 uint16_t *p; 824 uint32_t spd; 825 826 p = (uint16_t *) s->io_buffer; 827 memset(p, 0, 0x200); 828 spd = ((s->mdata_size - 1) >> 9) + 1; 829 830 put_le16(p + 0, 0x0001); /* Data format revision */ 831 put_le16(p + 1, 0x0000); /* Media property: silicon */ 832 put_le16(p + 2, s->media_changed); /* Media status */ 833 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 834 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 835 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 836 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 837 } 838 839 static void ide_cfata_metadata_read(IDEState *s) 840 { 841 uint16_t *p; 842 843 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 844 s->status = ERR_STAT; 845 s->error = ABRT_ERR; 846 return; 847 } 848 849 p = (uint16_t *) s->io_buffer; 850 memset(p, 0, 0x200); 851 852 put_le16(p + 0, s->media_changed); /* Media status */ 853 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 854 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 855 s->nsector << 9), 0x200 - 2)); 856 } 857 858 static void ide_cfata_metadata_write(IDEState *s) 859 { 860 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 861 s->status = ERR_STAT; 862 s->error = ABRT_ERR; 863 return; 864 } 865 866 s->media_changed = 0; 867 868 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 869 s->io_buffer + 2, 870 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 871 s->nsector << 9), 0x200 - 2)); 872 } 873 874 /* called when the inserted state of the media has changed */ 875 static void ide_cd_change_cb(void *opaque, bool load) 876 { 877 IDEState *s = opaque; 878 uint64_t nb_sectors; 879 880 s->tray_open = !load; 881 bdrv_get_geometry(s->bs, &nb_sectors); 882 s->nb_sectors = nb_sectors; 883 884 /* 885 * First indicate to the guest that a CD has been removed. That's 886 * done on the next command the guest sends us. 887 * 888 * Then we set UNIT_ATTENTION, by which the guest will 889 * detect a new CD in the drive. See ide_atapi_cmd() for details. 890 */ 891 s->cdrom_changed = 1; 892 s->events.new_media = true; 893 s->events.eject_request = false; 894 ide_set_irq(s->bus); 895 } 896 897 static void ide_cd_eject_request_cb(void *opaque, bool force) 898 { 899 IDEState *s = opaque; 900 901 s->events.eject_request = true; 902 if (force) { 903 s->tray_locked = false; 904 } 905 ide_set_irq(s->bus); 906 } 907 908 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 909 { 910 s->lba48 = lba48; 911 912 /* handle the 'magic' 0 nsector count conversion here. to avoid 913 * fiddling with the rest of the read logic, we just store the 914 * full sector count in ->nsector and ignore ->hob_nsector from now 915 */ 916 if (!s->lba48) { 917 if (!s->nsector) 918 s->nsector = 256; 919 } else { 920 if (!s->nsector && !s->hob_nsector) 921 s->nsector = 65536; 922 else { 923 int lo = s->nsector; 924 int hi = s->hob_nsector; 925 926 s->nsector = (hi << 8) | lo; 927 } 928 } 929 } 930 931 static void ide_clear_hob(IDEBus *bus) 932 { 933 /* any write clears HOB high bit of device control register */ 934 bus->ifs[0].select &= ~(1 << 7); 935 bus->ifs[1].select &= ~(1 << 7); 936 } 937 938 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 939 { 940 IDEBus *bus = opaque; 941 942 #ifdef DEBUG_IDE 943 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val); 944 #endif 945 946 addr &= 7; 947 948 /* ignore writes to command block while busy with previous command */ 949 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT))) 950 return; 951 952 switch(addr) { 953 case 0: 954 break; 955 case 1: 956 ide_clear_hob(bus); 957 /* NOTE: data is written to the two drives */ 958 bus->ifs[0].hob_feature = bus->ifs[0].feature; 959 bus->ifs[1].hob_feature = bus->ifs[1].feature; 960 bus->ifs[0].feature = val; 961 bus->ifs[1].feature = val; 962 break; 963 case 2: 964 ide_clear_hob(bus); 965 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 966 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 967 bus->ifs[0].nsector = val; 968 bus->ifs[1].nsector = val; 969 break; 970 case 3: 971 ide_clear_hob(bus); 972 bus->ifs[0].hob_sector = bus->ifs[0].sector; 973 bus->ifs[1].hob_sector = bus->ifs[1].sector; 974 bus->ifs[0].sector = val; 975 bus->ifs[1].sector = val; 976 break; 977 case 4: 978 ide_clear_hob(bus); 979 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 980 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 981 bus->ifs[0].lcyl = val; 982 bus->ifs[1].lcyl = val; 983 break; 984 case 5: 985 ide_clear_hob(bus); 986 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 987 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 988 bus->ifs[0].hcyl = val; 989 bus->ifs[1].hcyl = val; 990 break; 991 case 6: 992 /* FIXME: HOB readback uses bit 7 */ 993 bus->ifs[0].select = (val & ~0x10) | 0xa0; 994 bus->ifs[1].select = (val | 0x10) | 0xa0; 995 /* select drive */ 996 bus->unit = (val >> 4) & 1; 997 break; 998 default: 999 case 7: 1000 /* command */ 1001 ide_exec_cmd(bus, val); 1002 break; 1003 } 1004 } 1005 1006 #define HD_OK (1u << IDE_HD) 1007 #define CD_OK (1u << IDE_CD) 1008 #define CFA_OK (1u << IDE_CFATA) 1009 #define HD_CFA_OK (HD_OK | CFA_OK) 1010 #define ALL_OK (HD_OK | CD_OK | CFA_OK) 1011 1012 /* See ACS-2 T13/2015-D Table B.2 Command codes */ 1013 static const uint8_t ide_cmd_table[0x100] = { 1014 /* NOP not implemented, mandatory for CD */ 1015 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK, 1016 [WIN_DSM] = ALL_OK, 1017 [WIN_DEVICE_RESET] = CD_OK, 1018 [WIN_RECAL] = HD_CFA_OK, 1019 [WIN_READ] = ALL_OK, 1020 [WIN_READ_ONCE] = ALL_OK, 1021 [WIN_READ_EXT] = HD_CFA_OK, 1022 [WIN_READDMA_EXT] = HD_CFA_OK, 1023 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK, 1024 [WIN_MULTREAD_EXT] = HD_CFA_OK, 1025 [WIN_WRITE] = HD_CFA_OK, 1026 [WIN_WRITE_ONCE] = HD_CFA_OK, 1027 [WIN_WRITE_EXT] = HD_CFA_OK, 1028 [WIN_WRITEDMA_EXT] = HD_CFA_OK, 1029 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK, 1030 [WIN_MULTWRITE_EXT] = HD_CFA_OK, 1031 [WIN_WRITE_VERIFY] = HD_CFA_OK, 1032 [WIN_VERIFY] = HD_CFA_OK, 1033 [WIN_VERIFY_ONCE] = HD_CFA_OK, 1034 [WIN_VERIFY_EXT] = HD_CFA_OK, 1035 [WIN_SEEK] = HD_CFA_OK, 1036 [CFA_TRANSLATE_SECTOR] = CFA_OK, 1037 [WIN_DIAGNOSE] = ALL_OK, 1038 [WIN_SPECIFY] = HD_CFA_OK, 1039 [WIN_STANDBYNOW2] = ALL_OK, 1040 [WIN_IDLEIMMEDIATE2] = ALL_OK, 1041 [WIN_STANDBY2] = ALL_OK, 1042 [WIN_SETIDLE2] = ALL_OK, 1043 [WIN_CHECKPOWERMODE2] = ALL_OK, 1044 [WIN_SLEEPNOW2] = ALL_OK, 1045 [WIN_PACKETCMD] = CD_OK, 1046 [WIN_PIDENTIFY] = CD_OK, 1047 [WIN_SMART] = HD_CFA_OK, 1048 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK, 1049 [CFA_ERASE_SECTORS] = CFA_OK, 1050 [WIN_MULTREAD] = HD_CFA_OK, 1051 [WIN_MULTWRITE] = HD_CFA_OK, 1052 [WIN_SETMULT] = HD_CFA_OK, 1053 [WIN_READDMA] = HD_CFA_OK, 1054 [WIN_READDMA_ONCE] = HD_CFA_OK, 1055 [WIN_WRITEDMA] = HD_CFA_OK, 1056 [WIN_WRITEDMA_ONCE] = HD_CFA_OK, 1057 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK, 1058 [WIN_STANDBYNOW1] = ALL_OK, 1059 [WIN_IDLEIMMEDIATE] = ALL_OK, 1060 [WIN_STANDBY] = ALL_OK, 1061 [WIN_SETIDLE1] = ALL_OK, 1062 [WIN_CHECKPOWERMODE1] = ALL_OK, 1063 [WIN_SLEEPNOW1] = ALL_OK, 1064 [WIN_FLUSH_CACHE] = ALL_OK, 1065 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK, 1066 [WIN_IDENTIFY] = ALL_OK, 1067 [WIN_SETFEATURES] = ALL_OK, 1068 [IBM_SENSE_CONDITION] = CFA_OK, 1069 [CFA_WEAR_LEVEL] = HD_CFA_OK, 1070 [WIN_READ_NATIVE_MAX] = ALL_OK, 1071 }; 1072 1073 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) 1074 { 1075 return cmd < ARRAY_SIZE(ide_cmd_table) 1076 && (ide_cmd_table[cmd] & (1u << s->drive_kind)); 1077 } 1078 1079 void ide_exec_cmd(IDEBus *bus, uint32_t val) 1080 { 1081 uint16_t *identify_data; 1082 IDEState *s; 1083 int n; 1084 int lba48 = 0; 1085 1086 #if defined(DEBUG_IDE) 1087 printf("ide: CMD=%02x\n", val); 1088 #endif 1089 s = idebus_active_if(bus); 1090 /* ignore commands to non existent slave */ 1091 if (s != bus->ifs && !s->bs) 1092 return; 1093 1094 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */ 1095 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET) 1096 return; 1097 1098 if (!ide_cmd_permitted(s, val)) { 1099 goto abort_cmd; 1100 } 1101 1102 switch(val) { 1103 case WIN_DSM: 1104 switch (s->feature) { 1105 case DSM_TRIM: 1106 if (!s->bs) { 1107 goto abort_cmd; 1108 } 1109 ide_sector_start_dma(s, IDE_DMA_TRIM); 1110 break; 1111 default: 1112 goto abort_cmd; 1113 } 1114 break; 1115 case WIN_IDENTIFY: 1116 if (s->bs && s->drive_kind != IDE_CD) { 1117 if (s->drive_kind != IDE_CFATA) 1118 ide_identify(s); 1119 else 1120 ide_cfata_identify(s); 1121 s->status = READY_STAT | SEEK_STAT; 1122 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1123 } else { 1124 if (s->drive_kind == IDE_CD) { 1125 ide_set_signature(s); 1126 } 1127 ide_abort_command(s); 1128 } 1129 ide_set_irq(s->bus); 1130 break; 1131 case WIN_SPECIFY: 1132 case WIN_RECAL: 1133 s->error = 0; 1134 s->status = READY_STAT | SEEK_STAT; 1135 ide_set_irq(s->bus); 1136 break; 1137 case WIN_SETMULT: 1138 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1139 /* Disable Read and Write Multiple */ 1140 s->mult_sectors = 0; 1141 s->status = READY_STAT | SEEK_STAT; 1142 } else if ((s->nsector & 0xff) != 0 && 1143 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1144 (s->nsector & (s->nsector - 1)) != 0)) { 1145 ide_abort_command(s); 1146 } else { 1147 s->mult_sectors = s->nsector & 0xff; 1148 s->status = READY_STAT | SEEK_STAT; 1149 } 1150 ide_set_irq(s->bus); 1151 break; 1152 1153 case WIN_VERIFY_EXT: 1154 lba48 = 1; 1155 /* fall through */ 1156 case WIN_VERIFY: 1157 case WIN_VERIFY_ONCE: 1158 /* do sector number check ? */ 1159 ide_cmd_lba48_transform(s, lba48); 1160 s->status = READY_STAT | SEEK_STAT; 1161 ide_set_irq(s->bus); 1162 break; 1163 1164 case WIN_READ_EXT: 1165 lba48 = 1; 1166 /* fall through */ 1167 case WIN_READ: 1168 case WIN_READ_ONCE: 1169 if (s->drive_kind == IDE_CD) { 1170 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */ 1171 goto abort_cmd; 1172 } 1173 if (!s->bs) { 1174 goto abort_cmd; 1175 } 1176 ide_cmd_lba48_transform(s, lba48); 1177 s->req_nb_sectors = 1; 1178 ide_sector_read(s); 1179 break; 1180 1181 case WIN_WRITE_EXT: 1182 lba48 = 1; 1183 /* fall through */ 1184 case WIN_WRITE: 1185 case WIN_WRITE_ONCE: 1186 case CFA_WRITE_SECT_WO_ERASE: 1187 case WIN_WRITE_VERIFY: 1188 if (!s->bs) { 1189 goto abort_cmd; 1190 } 1191 ide_cmd_lba48_transform(s, lba48); 1192 s->error = 0; 1193 s->status = SEEK_STAT | READY_STAT; 1194 s->req_nb_sectors = 1; 1195 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1196 s->media_changed = 1; 1197 break; 1198 1199 case WIN_MULTREAD_EXT: 1200 lba48 = 1; 1201 /* fall through */ 1202 case WIN_MULTREAD: 1203 if (!s->bs) { 1204 goto abort_cmd; 1205 } 1206 if (!s->mult_sectors) { 1207 goto abort_cmd; 1208 } 1209 ide_cmd_lba48_transform(s, lba48); 1210 s->req_nb_sectors = s->mult_sectors; 1211 ide_sector_read(s); 1212 break; 1213 1214 case WIN_MULTWRITE_EXT: 1215 lba48 = 1; 1216 /* fall through */ 1217 case WIN_MULTWRITE: 1218 case CFA_WRITE_MULTI_WO_ERASE: 1219 if (!s->bs) { 1220 goto abort_cmd; 1221 } 1222 if (!s->mult_sectors) { 1223 goto abort_cmd; 1224 } 1225 ide_cmd_lba48_transform(s, lba48); 1226 s->error = 0; 1227 s->status = SEEK_STAT | READY_STAT; 1228 s->req_nb_sectors = s->mult_sectors; 1229 n = s->nsector; 1230 if (n > s->req_nb_sectors) 1231 n = s->req_nb_sectors; 1232 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1233 s->media_changed = 1; 1234 break; 1235 1236 case WIN_READDMA_EXT: 1237 lba48 = 1; 1238 /* fall through */ 1239 case WIN_READDMA: 1240 case WIN_READDMA_ONCE: 1241 if (!s->bs) { 1242 goto abort_cmd; 1243 } 1244 ide_cmd_lba48_transform(s, lba48); 1245 ide_sector_start_dma(s, IDE_DMA_READ); 1246 break; 1247 1248 case WIN_WRITEDMA_EXT: 1249 lba48 = 1; 1250 /* fall through */ 1251 case WIN_WRITEDMA: 1252 case WIN_WRITEDMA_ONCE: 1253 if (!s->bs) { 1254 goto abort_cmd; 1255 } 1256 ide_cmd_lba48_transform(s, lba48); 1257 ide_sector_start_dma(s, IDE_DMA_WRITE); 1258 s->media_changed = 1; 1259 break; 1260 1261 case WIN_READ_NATIVE_MAX_EXT: 1262 lba48 = 1; 1263 /* fall through */ 1264 case WIN_READ_NATIVE_MAX: 1265 /* Refuse if no sectors are addressable (e.g. medium not inserted) */ 1266 if (s->nb_sectors == 0) { 1267 goto abort_cmd; 1268 } 1269 ide_cmd_lba48_transform(s, lba48); 1270 ide_set_sector(s, s->nb_sectors - 1); 1271 s->status = READY_STAT | SEEK_STAT; 1272 ide_set_irq(s->bus); 1273 break; 1274 1275 case WIN_CHECKPOWERMODE1: 1276 case WIN_CHECKPOWERMODE2: 1277 s->error = 0; 1278 s->nsector = 0xff; /* device active or idle */ 1279 s->status = READY_STAT | SEEK_STAT; 1280 ide_set_irq(s->bus); 1281 break; 1282 case WIN_SETFEATURES: 1283 if (!s->bs) 1284 goto abort_cmd; 1285 /* XXX: valid for CDROM ? */ 1286 switch(s->feature) { 1287 case 0x02: /* write cache enable */ 1288 bdrv_set_enable_write_cache(s->bs, true); 1289 identify_data = (uint16_t *)s->identify_data; 1290 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1); 1291 s->status = READY_STAT | SEEK_STAT; 1292 ide_set_irq(s->bus); 1293 break; 1294 case 0x82: /* write cache disable */ 1295 bdrv_set_enable_write_cache(s->bs, false); 1296 identify_data = (uint16_t *)s->identify_data; 1297 put_le16(identify_data + 85, (1 << 14) | 1); 1298 ide_flush_cache(s); 1299 break; 1300 case 0xcc: /* reverting to power-on defaults enable */ 1301 case 0x66: /* reverting to power-on defaults disable */ 1302 case 0xaa: /* read look-ahead enable */ 1303 case 0x55: /* read look-ahead disable */ 1304 case 0x05: /* set advanced power management mode */ 1305 case 0x85: /* disable advanced power management mode */ 1306 case 0x69: /* NOP */ 1307 case 0x67: /* NOP */ 1308 case 0x96: /* NOP */ 1309 case 0x9a: /* NOP */ 1310 case 0x42: /* enable Automatic Acoustic Mode */ 1311 case 0xc2: /* disable Automatic Acoustic Mode */ 1312 s->status = READY_STAT | SEEK_STAT; 1313 ide_set_irq(s->bus); 1314 break; 1315 case 0x03: { /* set transfer mode */ 1316 uint8_t val = s->nsector & 0x07; 1317 identify_data = (uint16_t *)s->identify_data; 1318 1319 switch (s->nsector >> 3) { 1320 case 0x00: /* pio default */ 1321 case 0x01: /* pio mode */ 1322 put_le16(identify_data + 62,0x07); 1323 put_le16(identify_data + 63,0x07); 1324 put_le16(identify_data + 88,0x3f); 1325 break; 1326 case 0x02: /* sigle word dma mode*/ 1327 put_le16(identify_data + 62,0x07 | (1 << (val + 8))); 1328 put_le16(identify_data + 63,0x07); 1329 put_le16(identify_data + 88,0x3f); 1330 break; 1331 case 0x04: /* mdma mode */ 1332 put_le16(identify_data + 62,0x07); 1333 put_le16(identify_data + 63,0x07 | (1 << (val + 8))); 1334 put_le16(identify_data + 88,0x3f); 1335 break; 1336 case 0x08: /* udma mode */ 1337 put_le16(identify_data + 62,0x07); 1338 put_le16(identify_data + 63,0x07); 1339 put_le16(identify_data + 88,0x3f | (1 << (val + 8))); 1340 break; 1341 default: 1342 goto abort_cmd; 1343 } 1344 s->status = READY_STAT | SEEK_STAT; 1345 ide_set_irq(s->bus); 1346 break; 1347 } 1348 default: 1349 goto abort_cmd; 1350 } 1351 break; 1352 case WIN_FLUSH_CACHE: 1353 case WIN_FLUSH_CACHE_EXT: 1354 ide_flush_cache(s); 1355 break; 1356 case WIN_STANDBY: 1357 case WIN_STANDBY2: 1358 case WIN_STANDBYNOW1: 1359 case WIN_STANDBYNOW2: 1360 case WIN_IDLEIMMEDIATE: 1361 case WIN_IDLEIMMEDIATE2: 1362 case WIN_SETIDLE1: 1363 case WIN_SETIDLE2: 1364 case WIN_SLEEPNOW1: 1365 case WIN_SLEEPNOW2: 1366 s->status = READY_STAT; 1367 ide_set_irq(s->bus); 1368 break; 1369 case WIN_SEEK: 1370 /* XXX: Check that seek is within bounds */ 1371 s->status = READY_STAT | SEEK_STAT; 1372 ide_set_irq(s->bus); 1373 break; 1374 /* ATAPI commands */ 1375 case WIN_PIDENTIFY: 1376 ide_atapi_identify(s); 1377 s->status = READY_STAT | SEEK_STAT; 1378 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1379 ide_set_irq(s->bus); 1380 break; 1381 case WIN_DIAGNOSE: 1382 ide_set_signature(s); 1383 if (s->drive_kind == IDE_CD) 1384 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 1385 * devices to return a clear status register 1386 * with READY_STAT *not* set. */ 1387 else 1388 s->status = READY_STAT | SEEK_STAT; 1389 s->error = 0x01; /* Device 0 passed, Device 1 passed or not 1390 * present. 1391 */ 1392 ide_set_irq(s->bus); 1393 break; 1394 case WIN_DEVICE_RESET: 1395 ide_set_signature(s); 1396 s->status = 0x00; /* NOTE: READY is _not_ set */ 1397 s->error = 0x01; 1398 break; 1399 case WIN_PACKETCMD: 1400 /* overlapping commands not supported */ 1401 if (s->feature & 0x02) 1402 goto abort_cmd; 1403 s->status = READY_STAT | SEEK_STAT; 1404 s->atapi_dma = s->feature & 1; 1405 s->nsector = 1; 1406 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 1407 ide_atapi_cmd); 1408 break; 1409 /* CF-ATA commands */ 1410 case CFA_REQ_EXT_ERROR_CODE: 1411 s->error = 0x09; /* miscellaneous error */ 1412 s->status = READY_STAT | SEEK_STAT; 1413 ide_set_irq(s->bus); 1414 break; 1415 case CFA_ERASE_SECTORS: 1416 case CFA_WEAR_LEVEL: 1417 #if 0 1418 /* This one has the same ID as CFA_WEAR_LEVEL and is required for 1419 Windows 8 to work with AHCI */ 1420 case WIN_SECURITY_FREEZE_LOCK: 1421 #endif 1422 if (val == CFA_WEAR_LEVEL) 1423 s->nsector = 0; 1424 if (val == CFA_ERASE_SECTORS) 1425 s->media_changed = 1; 1426 s->error = 0x00; 1427 s->status = READY_STAT | SEEK_STAT; 1428 ide_set_irq(s->bus); 1429 break; 1430 case CFA_TRANSLATE_SECTOR: 1431 s->error = 0x00; 1432 s->status = READY_STAT | SEEK_STAT; 1433 memset(s->io_buffer, 0, 0x200); 1434 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 1435 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 1436 s->io_buffer[0x02] = s->select; /* Head */ 1437 s->io_buffer[0x03] = s->sector; /* Sector */ 1438 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 1439 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 1440 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 1441 s->io_buffer[0x13] = 0x00; /* Erase flag */ 1442 s->io_buffer[0x18] = 0x00; /* Hot count */ 1443 s->io_buffer[0x19] = 0x00; /* Hot count */ 1444 s->io_buffer[0x1a] = 0x01; /* Hot count */ 1445 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1446 ide_set_irq(s->bus); 1447 break; 1448 case CFA_ACCESS_METADATA_STORAGE: 1449 switch (s->feature) { 1450 case 0x02: /* Inquiry Metadata Storage */ 1451 ide_cfata_metadata_inquiry(s); 1452 break; 1453 case 0x03: /* Read Metadata Storage */ 1454 ide_cfata_metadata_read(s); 1455 break; 1456 case 0x04: /* Write Metadata Storage */ 1457 ide_cfata_metadata_write(s); 1458 break; 1459 default: 1460 goto abort_cmd; 1461 } 1462 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1463 s->status = 0x00; /* NOTE: READY is _not_ set */ 1464 ide_set_irq(s->bus); 1465 break; 1466 case IBM_SENSE_CONDITION: 1467 switch (s->feature) { 1468 case 0x01: /* sense temperature in device */ 1469 s->nsector = 0x50; /* +20 C */ 1470 break; 1471 default: 1472 goto abort_cmd; 1473 } 1474 s->status = READY_STAT | SEEK_STAT; 1475 ide_set_irq(s->bus); 1476 break; 1477 1478 case WIN_SMART: 1479 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) 1480 goto abort_cmd; 1481 if (!s->smart_enabled && s->feature != SMART_ENABLE) 1482 goto abort_cmd; 1483 switch (s->feature) { 1484 case SMART_DISABLE: 1485 s->smart_enabled = 0; 1486 s->status = READY_STAT | SEEK_STAT; 1487 ide_set_irq(s->bus); 1488 break; 1489 case SMART_ENABLE: 1490 s->smart_enabled = 1; 1491 s->status = READY_STAT | SEEK_STAT; 1492 ide_set_irq(s->bus); 1493 break; 1494 case SMART_ATTR_AUTOSAVE: 1495 switch (s->sector) { 1496 case 0x00: 1497 s->smart_autosave = 0; 1498 break; 1499 case 0xf1: 1500 s->smart_autosave = 1; 1501 break; 1502 default: 1503 goto abort_cmd; 1504 } 1505 s->status = READY_STAT | SEEK_STAT; 1506 ide_set_irq(s->bus); 1507 break; 1508 case SMART_STATUS: 1509 if (!s->smart_errors) { 1510 s->hcyl = 0xc2; 1511 s->lcyl = 0x4f; 1512 } else { 1513 s->hcyl = 0x2c; 1514 s->lcyl = 0xf4; 1515 } 1516 s->status = READY_STAT | SEEK_STAT; 1517 ide_set_irq(s->bus); 1518 break; 1519 case SMART_READ_THRESH: 1520 memset(s->io_buffer, 0, 0x200); 1521 s->io_buffer[0] = 0x01; /* smart struct version */ 1522 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1523 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0]; 1524 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11]; 1525 } 1526 for (n=0; n<511; n++) /* checksum */ 1527 s->io_buffer[511] += s->io_buffer[n]; 1528 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1529 s->status = READY_STAT | SEEK_STAT; 1530 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1531 ide_set_irq(s->bus); 1532 break; 1533 case SMART_READ_DATA: 1534 memset(s->io_buffer, 0, 0x200); 1535 s->io_buffer[0] = 0x01; /* smart struct version */ 1536 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1537 int i; 1538 for(i = 0; i < 11; i++) { 1539 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i]; 1540 } 1541 } 1542 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00); 1543 if (s->smart_selftest_count == 0) { 1544 s->io_buffer[363] = 0; 1545 } else { 1546 s->io_buffer[363] = 1547 s->smart_selftest_data[3 + 1548 (s->smart_selftest_count - 1) * 1549 24]; 1550 } 1551 s->io_buffer[364] = 0x20; 1552 s->io_buffer[365] = 0x01; 1553 /* offline data collection capacity: execute + self-test*/ 1554 s->io_buffer[367] = (1<<4 | 1<<3 | 1); 1555 s->io_buffer[368] = 0x03; /* smart capability (1) */ 1556 s->io_buffer[369] = 0x00; /* smart capability (2) */ 1557 s->io_buffer[370] = 0x01; /* error logging supported */ 1558 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 1559 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 1560 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 1561 1562 for (n=0; n<511; n++) 1563 s->io_buffer[511] += s->io_buffer[n]; 1564 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1565 s->status = READY_STAT | SEEK_STAT; 1566 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1567 ide_set_irq(s->bus); 1568 break; 1569 case SMART_READ_LOG: 1570 switch (s->sector) { 1571 case 0x01: /* summary smart error log */ 1572 memset(s->io_buffer, 0, 0x200); 1573 s->io_buffer[0] = 0x01; 1574 s->io_buffer[1] = 0x00; /* no error entries */ 1575 s->io_buffer[452] = s->smart_errors & 0xff; 1576 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 1577 1578 for (n=0; n<511; n++) 1579 s->io_buffer[511] += s->io_buffer[n]; 1580 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1581 break; 1582 case 0x06: /* smart self test log */ 1583 memset(s->io_buffer, 0, 0x200); 1584 s->io_buffer[0] = 0x01; 1585 if (s->smart_selftest_count == 0) { 1586 s->io_buffer[508] = 0; 1587 } else { 1588 s->io_buffer[508] = s->smart_selftest_count; 1589 for (n=2; n<506; n++) 1590 s->io_buffer[n] = s->smart_selftest_data[n]; 1591 } 1592 for (n=0; n<511; n++) 1593 s->io_buffer[511] += s->io_buffer[n]; 1594 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1595 break; 1596 default: 1597 goto abort_cmd; 1598 } 1599 s->status = READY_STAT | SEEK_STAT; 1600 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1601 ide_set_irq(s->bus); 1602 break; 1603 case SMART_EXECUTE_OFFLINE: 1604 switch (s->sector) { 1605 case 0: /* off-line routine */ 1606 case 1: /* short self test */ 1607 case 2: /* extended self test */ 1608 s->smart_selftest_count++; 1609 if(s->smart_selftest_count > 21) 1610 s->smart_selftest_count = 0; 1611 n = 2 + (s->smart_selftest_count - 1) * 24; 1612 s->smart_selftest_data[n] = s->sector; 1613 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */ 1614 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */ 1615 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */ 1616 s->status = READY_STAT | SEEK_STAT; 1617 ide_set_irq(s->bus); 1618 break; 1619 default: 1620 goto abort_cmd; 1621 } 1622 break; 1623 default: 1624 goto abort_cmd; 1625 } 1626 break; 1627 default: 1628 /* should not be reachable */ 1629 abort_cmd: 1630 ide_abort_command(s); 1631 ide_set_irq(s->bus); 1632 break; 1633 } 1634 } 1635 1636 uint32_t ide_ioport_read(void *opaque, uint32_t addr1) 1637 { 1638 IDEBus *bus = opaque; 1639 IDEState *s = idebus_active_if(bus); 1640 uint32_t addr; 1641 int ret, hob; 1642 1643 addr = addr1 & 7; 1644 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 1645 //hob = s->select & (1 << 7); 1646 hob = 0; 1647 switch(addr) { 1648 case 0: 1649 ret = 0xff; 1650 break; 1651 case 1: 1652 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1653 (s != bus->ifs && !s->bs)) 1654 ret = 0; 1655 else if (!hob) 1656 ret = s->error; 1657 else 1658 ret = s->hob_feature; 1659 break; 1660 case 2: 1661 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1662 ret = 0; 1663 else if (!hob) 1664 ret = s->nsector & 0xff; 1665 else 1666 ret = s->hob_nsector; 1667 break; 1668 case 3: 1669 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1670 ret = 0; 1671 else if (!hob) 1672 ret = s->sector; 1673 else 1674 ret = s->hob_sector; 1675 break; 1676 case 4: 1677 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1678 ret = 0; 1679 else if (!hob) 1680 ret = s->lcyl; 1681 else 1682 ret = s->hob_lcyl; 1683 break; 1684 case 5: 1685 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1686 ret = 0; 1687 else if (!hob) 1688 ret = s->hcyl; 1689 else 1690 ret = s->hob_hcyl; 1691 break; 1692 case 6: 1693 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1694 ret = 0; 1695 else 1696 ret = s->select; 1697 break; 1698 default: 1699 case 7: 1700 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1701 (s != bus->ifs && !s->bs)) 1702 ret = 0; 1703 else 1704 ret = s->status; 1705 qemu_irq_lower(bus->irq); 1706 break; 1707 } 1708 #ifdef DEBUG_IDE 1709 printf("ide: read addr=0x%x val=%02x\n", addr1, ret); 1710 #endif 1711 return ret; 1712 } 1713 1714 uint32_t ide_status_read(void *opaque, uint32_t addr) 1715 { 1716 IDEBus *bus = opaque; 1717 IDEState *s = idebus_active_if(bus); 1718 int ret; 1719 1720 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1721 (s != bus->ifs && !s->bs)) 1722 ret = 0; 1723 else 1724 ret = s->status; 1725 #ifdef DEBUG_IDE 1726 printf("ide: read status addr=0x%x val=%02x\n", addr, ret); 1727 #endif 1728 return ret; 1729 } 1730 1731 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 1732 { 1733 IDEBus *bus = opaque; 1734 IDEState *s; 1735 int i; 1736 1737 #ifdef DEBUG_IDE 1738 printf("ide: write control addr=0x%x val=%02x\n", addr, val); 1739 #endif 1740 /* common for both drives */ 1741 if (!(bus->cmd & IDE_CMD_RESET) && 1742 (val & IDE_CMD_RESET)) { 1743 /* reset low to high */ 1744 for(i = 0;i < 2; i++) { 1745 s = &bus->ifs[i]; 1746 s->status = BUSY_STAT | SEEK_STAT; 1747 s->error = 0x01; 1748 } 1749 } else if ((bus->cmd & IDE_CMD_RESET) && 1750 !(val & IDE_CMD_RESET)) { 1751 /* high to low */ 1752 for(i = 0;i < 2; i++) { 1753 s = &bus->ifs[i]; 1754 if (s->drive_kind == IDE_CD) 1755 s->status = 0x00; /* NOTE: READY is _not_ set */ 1756 else 1757 s->status = READY_STAT | SEEK_STAT; 1758 ide_set_signature(s); 1759 } 1760 } 1761 1762 bus->cmd = val; 1763 } 1764 1765 /* 1766 * Returns true if the running PIO transfer is a PIO out (i.e. data is 1767 * transferred from the device to the guest), false if it's a PIO in 1768 */ 1769 static bool ide_is_pio_out(IDEState *s) 1770 { 1771 if (s->end_transfer_func == ide_sector_write || 1772 s->end_transfer_func == ide_atapi_cmd) { 1773 return false; 1774 } else if (s->end_transfer_func == ide_sector_read || 1775 s->end_transfer_func == ide_transfer_stop || 1776 s->end_transfer_func == ide_atapi_cmd_reply_end || 1777 s->end_transfer_func == ide_dummy_transfer_stop) { 1778 return true; 1779 } 1780 1781 abort(); 1782 } 1783 1784 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 1785 { 1786 IDEBus *bus = opaque; 1787 IDEState *s = idebus_active_if(bus); 1788 uint8_t *p; 1789 1790 /* PIO data access allowed only when DRQ bit is set. The result of a write 1791 * during PIO out is indeterminate, just ignore it. */ 1792 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1793 return; 1794 } 1795 1796 p = s->data_ptr; 1797 *(uint16_t *)p = le16_to_cpu(val); 1798 p += 2; 1799 s->data_ptr = p; 1800 if (p >= s->data_end) 1801 s->end_transfer_func(s); 1802 } 1803 1804 uint32_t ide_data_readw(void *opaque, uint32_t addr) 1805 { 1806 IDEBus *bus = opaque; 1807 IDEState *s = idebus_active_if(bus); 1808 uint8_t *p; 1809 int ret; 1810 1811 /* PIO data access allowed only when DRQ bit is set. The result of a read 1812 * during PIO in is indeterminate, return 0 and don't move forward. */ 1813 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1814 return 0; 1815 } 1816 1817 p = s->data_ptr; 1818 ret = cpu_to_le16(*(uint16_t *)p); 1819 p += 2; 1820 s->data_ptr = p; 1821 if (p >= s->data_end) 1822 s->end_transfer_func(s); 1823 return ret; 1824 } 1825 1826 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 1827 { 1828 IDEBus *bus = opaque; 1829 IDEState *s = idebus_active_if(bus); 1830 uint8_t *p; 1831 1832 /* PIO data access allowed only when DRQ bit is set. The result of a write 1833 * during PIO out is indeterminate, just ignore it. */ 1834 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1835 return; 1836 } 1837 1838 p = s->data_ptr; 1839 *(uint32_t *)p = le32_to_cpu(val); 1840 p += 4; 1841 s->data_ptr = p; 1842 if (p >= s->data_end) 1843 s->end_transfer_func(s); 1844 } 1845 1846 uint32_t ide_data_readl(void *opaque, uint32_t addr) 1847 { 1848 IDEBus *bus = opaque; 1849 IDEState *s = idebus_active_if(bus); 1850 uint8_t *p; 1851 int ret; 1852 1853 /* PIO data access allowed only when DRQ bit is set. The result of a read 1854 * during PIO in is indeterminate, return 0 and don't move forward. */ 1855 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1856 return 0; 1857 } 1858 1859 p = s->data_ptr; 1860 ret = cpu_to_le32(*(uint32_t *)p); 1861 p += 4; 1862 s->data_ptr = p; 1863 if (p >= s->data_end) 1864 s->end_transfer_func(s); 1865 return ret; 1866 } 1867 1868 static void ide_dummy_transfer_stop(IDEState *s) 1869 { 1870 s->data_ptr = s->io_buffer; 1871 s->data_end = s->io_buffer; 1872 s->io_buffer[0] = 0xff; 1873 s->io_buffer[1] = 0xff; 1874 s->io_buffer[2] = 0xff; 1875 s->io_buffer[3] = 0xff; 1876 } 1877 1878 static void ide_reset(IDEState *s) 1879 { 1880 #ifdef DEBUG_IDE 1881 printf("ide: reset\n"); 1882 #endif 1883 1884 if (s->pio_aiocb) { 1885 bdrv_aio_cancel(s->pio_aiocb); 1886 s->pio_aiocb = NULL; 1887 } 1888 1889 if (s->drive_kind == IDE_CFATA) 1890 s->mult_sectors = 0; 1891 else 1892 s->mult_sectors = MAX_MULT_SECTORS; 1893 /* ide regs */ 1894 s->feature = 0; 1895 s->error = 0; 1896 s->nsector = 0; 1897 s->sector = 0; 1898 s->lcyl = 0; 1899 s->hcyl = 0; 1900 1901 /* lba48 */ 1902 s->hob_feature = 0; 1903 s->hob_sector = 0; 1904 s->hob_nsector = 0; 1905 s->hob_lcyl = 0; 1906 s->hob_hcyl = 0; 1907 1908 s->select = 0xa0; 1909 s->status = READY_STAT | SEEK_STAT; 1910 1911 s->lba48 = 0; 1912 1913 /* ATAPI specific */ 1914 s->sense_key = 0; 1915 s->asc = 0; 1916 s->cdrom_changed = 0; 1917 s->packet_transfer_size = 0; 1918 s->elementary_transfer_size = 0; 1919 s->io_buffer_index = 0; 1920 s->cd_sector_size = 0; 1921 s->atapi_dma = 0; 1922 s->tray_locked = 0; 1923 s->tray_open = 0; 1924 /* ATA DMA state */ 1925 s->io_buffer_size = 0; 1926 s->req_nb_sectors = 0; 1927 1928 ide_set_signature(s); 1929 /* init the transfer handler so that 0xffff is returned on data 1930 accesses */ 1931 s->end_transfer_func = ide_dummy_transfer_stop; 1932 ide_dummy_transfer_stop(s); 1933 s->media_changed = 0; 1934 } 1935 1936 void ide_bus_reset(IDEBus *bus) 1937 { 1938 bus->unit = 0; 1939 bus->cmd = 0; 1940 ide_reset(&bus->ifs[0]); 1941 ide_reset(&bus->ifs[1]); 1942 ide_clear_hob(bus); 1943 1944 /* pending async DMA */ 1945 if (bus->dma->aiocb) { 1946 #ifdef DEBUG_AIO 1947 printf("aio_cancel\n"); 1948 #endif 1949 bdrv_aio_cancel(bus->dma->aiocb); 1950 bus->dma->aiocb = NULL; 1951 } 1952 1953 /* reset dma provider too */ 1954 bus->dma->ops->reset(bus->dma); 1955 } 1956 1957 static bool ide_cd_is_tray_open(void *opaque) 1958 { 1959 return ((IDEState *)opaque)->tray_open; 1960 } 1961 1962 static bool ide_cd_is_medium_locked(void *opaque) 1963 { 1964 return ((IDEState *)opaque)->tray_locked; 1965 } 1966 1967 static const BlockDevOps ide_cd_block_ops = { 1968 .change_media_cb = ide_cd_change_cb, 1969 .eject_request_cb = ide_cd_eject_request_cb, 1970 .is_tray_open = ide_cd_is_tray_open, 1971 .is_medium_locked = ide_cd_is_medium_locked, 1972 }; 1973 1974 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind, 1975 const char *version, const char *serial, const char *model, 1976 uint64_t wwn, 1977 uint32_t cylinders, uint32_t heads, uint32_t secs, 1978 int chs_trans) 1979 { 1980 uint64_t nb_sectors; 1981 1982 s->bs = bs; 1983 s->drive_kind = kind; 1984 1985 bdrv_get_geometry(bs, &nb_sectors); 1986 s->cylinders = cylinders; 1987 s->heads = heads; 1988 s->sectors = secs; 1989 s->chs_trans = chs_trans; 1990 s->nb_sectors = nb_sectors; 1991 s->wwn = wwn; 1992 /* The SMART values should be preserved across power cycles 1993 but they aren't. */ 1994 s->smart_enabled = 1; 1995 s->smart_autosave = 1; 1996 s->smart_errors = 0; 1997 s->smart_selftest_count = 0; 1998 if (kind == IDE_CD) { 1999 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s); 2000 bdrv_set_buffer_alignment(bs, 2048); 2001 } else { 2002 if (!bdrv_is_inserted(s->bs)) { 2003 error_report("Device needs media, but drive is empty"); 2004 return -1; 2005 } 2006 if (bdrv_is_read_only(bs)) { 2007 error_report("Can't use a read-only drive"); 2008 return -1; 2009 } 2010 } 2011 if (serial) { 2012 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial); 2013 } else { 2014 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 2015 "QM%05d", s->drive_serial); 2016 } 2017 if (model) { 2018 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model); 2019 } else { 2020 switch (kind) { 2021 case IDE_CD: 2022 strcpy(s->drive_model_str, "QEMU DVD-ROM"); 2023 break; 2024 case IDE_CFATA: 2025 strcpy(s->drive_model_str, "QEMU MICRODRIVE"); 2026 break; 2027 default: 2028 strcpy(s->drive_model_str, "QEMU HARDDISK"); 2029 break; 2030 } 2031 } 2032 2033 if (version) { 2034 pstrcpy(s->version, sizeof(s->version), version); 2035 } else { 2036 pstrcpy(s->version, sizeof(s->version), qemu_get_version()); 2037 } 2038 2039 ide_reset(s); 2040 bdrv_iostatus_enable(bs); 2041 return 0; 2042 } 2043 2044 static void ide_init1(IDEBus *bus, int unit) 2045 { 2046 static int drive_serial = 1; 2047 IDEState *s = &bus->ifs[unit]; 2048 2049 s->bus = bus; 2050 s->unit = unit; 2051 s->drive_serial = drive_serial++; 2052 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */ 2053 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 2054 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len); 2055 memset(s->io_buffer, 0, s->io_buffer_total_len); 2056 2057 s->smart_selftest_data = qemu_blockalign(s->bs, 512); 2058 memset(s->smart_selftest_data, 0, 512); 2059 2060 s->sector_write_timer = qemu_new_timer_ns(vm_clock, 2061 ide_sector_write_timer_cb, s); 2062 } 2063 2064 static void ide_nop_start(IDEDMA *dma, IDEState *s, 2065 BlockDriverCompletionFunc *cb) 2066 { 2067 } 2068 2069 static int ide_nop(IDEDMA *dma) 2070 { 2071 return 0; 2072 } 2073 2074 static int ide_nop_int(IDEDMA *dma, int x) 2075 { 2076 return 0; 2077 } 2078 2079 static void ide_nop_restart(void *opaque, int x, RunState y) 2080 { 2081 } 2082 2083 static const IDEDMAOps ide_dma_nop_ops = { 2084 .start_dma = ide_nop_start, 2085 .start_transfer = ide_nop, 2086 .prepare_buf = ide_nop_int, 2087 .rw_buf = ide_nop_int, 2088 .set_unit = ide_nop_int, 2089 .add_status = ide_nop_int, 2090 .set_inactive = ide_nop, 2091 .restart_cb = ide_nop_restart, 2092 .reset = ide_nop, 2093 }; 2094 2095 static IDEDMA ide_dma_nop = { 2096 .ops = &ide_dma_nop_ops, 2097 .aiocb = NULL, 2098 }; 2099 2100 void ide_init2(IDEBus *bus, qemu_irq irq) 2101 { 2102 int i; 2103 2104 for(i = 0; i < 2; i++) { 2105 ide_init1(bus, i); 2106 ide_reset(&bus->ifs[i]); 2107 } 2108 bus->irq = irq; 2109 bus->dma = &ide_dma_nop; 2110 } 2111 2112 /* TODO convert users to qdev and remove */ 2113 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0, 2114 DriveInfo *hd1, qemu_irq irq) 2115 { 2116 int i, trans; 2117 DriveInfo *dinfo; 2118 uint32_t cyls, heads, secs; 2119 2120 for(i = 0; i < 2; i++) { 2121 dinfo = i == 0 ? hd0 : hd1; 2122 ide_init1(bus, i); 2123 if (dinfo) { 2124 cyls = dinfo->cyls; 2125 heads = dinfo->heads; 2126 secs = dinfo->secs; 2127 trans = dinfo->trans; 2128 if (!cyls && !heads && !secs) { 2129 hd_geometry_guess(dinfo->bdrv, &cyls, &heads, &secs, &trans); 2130 } else if (trans == BIOS_ATA_TRANSLATION_AUTO) { 2131 trans = hd_bios_chs_auto_trans(cyls, heads, secs); 2132 } 2133 if (cyls < 1 || cyls > 65535) { 2134 error_report("cyls must be between 1 and 65535"); 2135 exit(1); 2136 } 2137 if (heads < 1 || heads > 16) { 2138 error_report("heads must be between 1 and 16"); 2139 exit(1); 2140 } 2141 if (secs < 1 || secs > 255) { 2142 error_report("secs must be between 1 and 255"); 2143 exit(1); 2144 } 2145 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, 2146 dinfo->media_cd ? IDE_CD : IDE_HD, 2147 NULL, dinfo->serial, NULL, 0, 2148 cyls, heads, secs, trans) < 0) { 2149 error_report("Can't set up IDE drive %s", dinfo->id); 2150 exit(1); 2151 } 2152 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]); 2153 } else { 2154 ide_reset(&bus->ifs[i]); 2155 } 2156 } 2157 bus->irq = irq; 2158 bus->dma = &ide_dma_nop; 2159 } 2160 2161 static const MemoryRegionPortio ide_portio_list[] = { 2162 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write }, 2163 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew }, 2164 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel }, 2165 PORTIO_END_OF_LIST(), 2166 }; 2167 2168 static const MemoryRegionPortio ide_portio2_list[] = { 2169 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write }, 2170 PORTIO_END_OF_LIST(), 2171 }; 2172 2173 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2) 2174 { 2175 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA 2176 bridge has been setup properly to always register with ISA. */ 2177 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide"); 2178 2179 if (iobase2) { 2180 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide"); 2181 } 2182 } 2183 2184 static bool is_identify_set(void *opaque, int version_id) 2185 { 2186 IDEState *s = opaque; 2187 2188 return s->identify_set != 0; 2189 } 2190 2191 static EndTransferFunc* transfer_end_table[] = { 2192 ide_sector_read, 2193 ide_sector_write, 2194 ide_transfer_stop, 2195 ide_atapi_cmd_reply_end, 2196 ide_atapi_cmd, 2197 ide_dummy_transfer_stop, 2198 }; 2199 2200 static int transfer_end_table_idx(EndTransferFunc *fn) 2201 { 2202 int i; 2203 2204 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2205 if (transfer_end_table[i] == fn) 2206 return i; 2207 2208 return -1; 2209 } 2210 2211 static int ide_drive_post_load(void *opaque, int version_id) 2212 { 2213 IDEState *s = opaque; 2214 2215 if (s->identify_set) { 2216 bdrv_set_enable_write_cache(s->bs, !!(s->identify_data[85] & (1 << 5))); 2217 } 2218 return 0; 2219 } 2220 2221 static int ide_drive_pio_post_load(void *opaque, int version_id) 2222 { 2223 IDEState *s = opaque; 2224 2225 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { 2226 return -EINVAL; 2227 } 2228 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2229 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2230 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2231 2232 return 0; 2233 } 2234 2235 static void ide_drive_pio_pre_save(void *opaque) 2236 { 2237 IDEState *s = opaque; 2238 int idx; 2239 2240 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2241 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2242 2243 idx = transfer_end_table_idx(s->end_transfer_func); 2244 if (idx == -1) { 2245 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2246 __func__); 2247 s->end_transfer_fn_idx = 2; 2248 } else { 2249 s->end_transfer_fn_idx = idx; 2250 } 2251 } 2252 2253 static bool ide_drive_pio_state_needed(void *opaque) 2254 { 2255 IDEState *s = opaque; 2256 2257 return ((s->status & DRQ_STAT) != 0) 2258 || (s->bus->error_status & BM_STATUS_PIO_RETRY); 2259 } 2260 2261 static bool ide_tray_state_needed(void *opaque) 2262 { 2263 IDEState *s = opaque; 2264 2265 return s->tray_open || s->tray_locked; 2266 } 2267 2268 static bool ide_atapi_gesn_needed(void *opaque) 2269 { 2270 IDEState *s = opaque; 2271 2272 return s->events.new_media || s->events.eject_request; 2273 } 2274 2275 static bool ide_error_needed(void *opaque) 2276 { 2277 IDEBus *bus = opaque; 2278 2279 return (bus->error_status != 0); 2280 } 2281 2282 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ 2283 static const VMStateDescription vmstate_ide_atapi_gesn_state = { 2284 .name ="ide_drive/atapi/gesn_state", 2285 .version_id = 1, 2286 .minimum_version_id = 1, 2287 .minimum_version_id_old = 1, 2288 .fields = (VMStateField []) { 2289 VMSTATE_BOOL(events.new_media, IDEState), 2290 VMSTATE_BOOL(events.eject_request, IDEState), 2291 VMSTATE_END_OF_LIST() 2292 } 2293 }; 2294 2295 static const VMStateDescription vmstate_ide_tray_state = { 2296 .name = "ide_drive/tray_state", 2297 .version_id = 1, 2298 .minimum_version_id = 1, 2299 .minimum_version_id_old = 1, 2300 .fields = (VMStateField[]) { 2301 VMSTATE_BOOL(tray_open, IDEState), 2302 VMSTATE_BOOL(tray_locked, IDEState), 2303 VMSTATE_END_OF_LIST() 2304 } 2305 }; 2306 2307 static const VMStateDescription vmstate_ide_drive_pio_state = { 2308 .name = "ide_drive/pio_state", 2309 .version_id = 1, 2310 .minimum_version_id = 1, 2311 .minimum_version_id_old = 1, 2312 .pre_save = ide_drive_pio_pre_save, 2313 .post_load = ide_drive_pio_post_load, 2314 .fields = (VMStateField []) { 2315 VMSTATE_INT32(req_nb_sectors, IDEState), 2316 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2317 vmstate_info_uint8, uint8_t), 2318 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2319 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2320 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2321 VMSTATE_INT32(elementary_transfer_size, IDEState), 2322 VMSTATE_INT32(packet_transfer_size, IDEState), 2323 VMSTATE_END_OF_LIST() 2324 } 2325 }; 2326 2327 const VMStateDescription vmstate_ide_drive = { 2328 .name = "ide_drive", 2329 .version_id = 3, 2330 .minimum_version_id = 0, 2331 .minimum_version_id_old = 0, 2332 .post_load = ide_drive_post_load, 2333 .fields = (VMStateField []) { 2334 VMSTATE_INT32(mult_sectors, IDEState), 2335 VMSTATE_INT32(identify_set, IDEState), 2336 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2337 VMSTATE_UINT8(feature, IDEState), 2338 VMSTATE_UINT8(error, IDEState), 2339 VMSTATE_UINT32(nsector, IDEState), 2340 VMSTATE_UINT8(sector, IDEState), 2341 VMSTATE_UINT8(lcyl, IDEState), 2342 VMSTATE_UINT8(hcyl, IDEState), 2343 VMSTATE_UINT8(hob_feature, IDEState), 2344 VMSTATE_UINT8(hob_sector, IDEState), 2345 VMSTATE_UINT8(hob_nsector, IDEState), 2346 VMSTATE_UINT8(hob_lcyl, IDEState), 2347 VMSTATE_UINT8(hob_hcyl, IDEState), 2348 VMSTATE_UINT8(select, IDEState), 2349 VMSTATE_UINT8(status, IDEState), 2350 VMSTATE_UINT8(lba48, IDEState), 2351 VMSTATE_UINT8(sense_key, IDEState), 2352 VMSTATE_UINT8(asc, IDEState), 2353 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2354 VMSTATE_END_OF_LIST() 2355 }, 2356 .subsections = (VMStateSubsection []) { 2357 { 2358 .vmsd = &vmstate_ide_drive_pio_state, 2359 .needed = ide_drive_pio_state_needed, 2360 }, { 2361 .vmsd = &vmstate_ide_tray_state, 2362 .needed = ide_tray_state_needed, 2363 }, { 2364 .vmsd = &vmstate_ide_atapi_gesn_state, 2365 .needed = ide_atapi_gesn_needed, 2366 }, { 2367 /* empty */ 2368 } 2369 } 2370 }; 2371 2372 static const VMStateDescription vmstate_ide_error_status = { 2373 .name ="ide_bus/error", 2374 .version_id = 1, 2375 .minimum_version_id = 1, 2376 .minimum_version_id_old = 1, 2377 .fields = (VMStateField []) { 2378 VMSTATE_INT32(error_status, IDEBus), 2379 VMSTATE_END_OF_LIST() 2380 } 2381 }; 2382 2383 const VMStateDescription vmstate_ide_bus = { 2384 .name = "ide_bus", 2385 .version_id = 1, 2386 .minimum_version_id = 1, 2387 .minimum_version_id_old = 1, 2388 .fields = (VMStateField []) { 2389 VMSTATE_UINT8(cmd, IDEBus), 2390 VMSTATE_UINT8(unit, IDEBus), 2391 VMSTATE_END_OF_LIST() 2392 }, 2393 .subsections = (VMStateSubsection []) { 2394 { 2395 .vmsd = &vmstate_ide_error_status, 2396 .needed = ide_error_needed, 2397 }, { 2398 /* empty */ 2399 } 2400 } 2401 }; 2402 2403 void ide_drive_get(DriveInfo **hd, int max_bus) 2404 { 2405 int i; 2406 2407 if (drive_get_max_bus(IF_IDE) >= max_bus) { 2408 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus); 2409 exit(1); 2410 } 2411 2412 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) { 2413 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS); 2414 } 2415 } 2416