1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 #include <hw/hw.h> 26 #include <hw/pc.h> 27 #include <hw/pci/pci.h> 28 #include <hw/isa.h> 29 #include "qemu/error-report.h" 30 #include "qemu/timer.h" 31 #include "sysemu/sysemu.h" 32 #include "sysemu/dma.h" 33 #include "hw/block-common.h" 34 #include "sysemu/blockdev.h" 35 36 #include <hw/ide/internal.h> 37 38 /* These values were based on a Seagate ST3500418AS but have been modified 39 to make more sense in QEMU */ 40 static const int smart_attributes[][12] = { 41 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */ 42 /* raw read error rate*/ 43 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06}, 44 /* spin up */ 45 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 46 /* start stop count */ 47 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14}, 48 /* remapped sectors */ 49 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24}, 50 /* power on hours */ 51 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 52 /* power cycle count */ 53 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 54 /* airflow-temperature-celsius */ 55 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32}, 56 }; 57 58 static int ide_handle_rw_error(IDEState *s, int error, int op); 59 static void ide_dummy_transfer_stop(IDEState *s); 60 61 static void padstr(char *str, const char *src, int len) 62 { 63 int i, v; 64 for(i = 0; i < len; i++) { 65 if (*src) 66 v = *src++; 67 else 68 v = ' '; 69 str[i^1] = v; 70 } 71 } 72 73 static void put_le16(uint16_t *p, unsigned int v) 74 { 75 *p = cpu_to_le16(v); 76 } 77 78 static void ide_identify(IDEState *s) 79 { 80 uint16_t *p; 81 unsigned int oldsize; 82 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; 83 84 if (s->identify_set) { 85 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 86 return; 87 } 88 89 memset(s->io_buffer, 0, 512); 90 p = (uint16_t *)s->io_buffer; 91 put_le16(p + 0, 0x0040); 92 put_le16(p + 1, s->cylinders); 93 put_le16(p + 3, s->heads); 94 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 95 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 96 put_le16(p + 6, s->sectors); 97 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 98 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 99 put_le16(p + 21, 512); /* cache size in sectors */ 100 put_le16(p + 22, 4); /* ecc bytes */ 101 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 102 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 103 #if MAX_MULT_SECTORS > 1 104 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 105 #endif 106 put_le16(p + 48, 1); /* dword I/O */ 107 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 108 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 109 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 110 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 111 put_le16(p + 54, s->cylinders); 112 put_le16(p + 55, s->heads); 113 put_le16(p + 56, s->sectors); 114 oldsize = s->cylinders * s->heads * s->sectors; 115 put_le16(p + 57, oldsize); 116 put_le16(p + 58, oldsize >> 16); 117 if (s->mult_sectors) 118 put_le16(p + 59, 0x100 | s->mult_sectors); 119 put_le16(p + 60, s->nb_sectors); 120 put_le16(p + 61, s->nb_sectors >> 16); 121 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 122 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 123 put_le16(p + 64, 0x03); /* pio3-4 supported */ 124 put_le16(p + 65, 120); 125 put_le16(p + 66, 120); 126 put_le16(p + 67, 120); 127 put_le16(p + 68, 120); 128 if (dev && dev->conf.discard_granularity) { 129 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ 130 } 131 132 if (s->ncq_queues) { 133 put_le16(p + 75, s->ncq_queues - 1); 134 /* NCQ supported */ 135 put_le16(p + 76, (1 << 8)); 136 } 137 138 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 139 put_le16(p + 81, 0x16); /* conforms to ata5 */ 140 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */ 141 put_le16(p + 82, (1 << 14) | (1 << 5) | 1); 142 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 143 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 144 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 145 if (s->wwn) { 146 put_le16(p + 84, (1 << 14) | (1 << 8) | 0); 147 } else { 148 put_le16(p + 84, (1 << 14) | 0); 149 } 150 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 151 if (bdrv_enable_write_cache(s->bs)) 152 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 153 else 154 put_le16(p + 85, (1 << 14) | 1); 155 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 156 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10)); 157 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 158 if (s->wwn) { 159 put_le16(p + 87, (1 << 14) | (1 << 8) | 0); 160 } else { 161 put_le16(p + 87, (1 << 14) | 0); 162 } 163 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 164 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 165 put_le16(p + 100, s->nb_sectors); 166 put_le16(p + 101, s->nb_sectors >> 16); 167 put_le16(p + 102, s->nb_sectors >> 32); 168 put_le16(p + 103, s->nb_sectors >> 48); 169 170 if (dev && dev->conf.physical_block_size) 171 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 172 if (s->wwn) { 173 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 174 put_le16(p + 108, s->wwn >> 48); 175 put_le16(p + 109, s->wwn >> 32); 176 put_le16(p + 110, s->wwn >> 16); 177 put_le16(p + 111, s->wwn); 178 } 179 if (dev && dev->conf.discard_granularity) { 180 put_le16(p + 169, 1); /* TRIM support */ 181 } 182 183 memcpy(s->identify_data, p, sizeof(s->identify_data)); 184 s->identify_set = 1; 185 } 186 187 static void ide_atapi_identify(IDEState *s) 188 { 189 uint16_t *p; 190 191 if (s->identify_set) { 192 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 193 return; 194 } 195 196 memset(s->io_buffer, 0, 512); 197 p = (uint16_t *)s->io_buffer; 198 /* Removable CDROM, 50us response, 12 byte packets */ 199 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 200 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 201 put_le16(p + 20, 3); /* buffer type */ 202 put_le16(p + 21, 512); /* cache size in sectors */ 203 put_le16(p + 22, 4); /* ecc bytes */ 204 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 205 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 206 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 207 #ifdef USE_DMA_CDROM 208 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 209 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 210 put_le16(p + 62, 7); /* single word dma0-2 supported */ 211 put_le16(p + 63, 7); /* mdma0-2 supported */ 212 #else 213 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 214 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 215 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 216 #endif 217 put_le16(p + 64, 3); /* pio3-4 supported */ 218 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 219 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 220 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 221 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 222 223 put_le16(p + 71, 30); /* in ns */ 224 put_le16(p + 72, 30); /* in ns */ 225 226 if (s->ncq_queues) { 227 put_le16(p + 75, s->ncq_queues - 1); 228 /* NCQ supported */ 229 put_le16(p + 76, (1 << 8)); 230 } 231 232 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 233 #ifdef USE_DMA_CDROM 234 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 235 #endif 236 memcpy(s->identify_data, p, sizeof(s->identify_data)); 237 s->identify_set = 1; 238 } 239 240 static void ide_cfata_identify(IDEState *s) 241 { 242 uint16_t *p; 243 uint32_t cur_sec; 244 245 p = (uint16_t *) s->identify_data; 246 if (s->identify_set) 247 goto fill_buffer; 248 249 memset(p, 0, sizeof(s->identify_data)); 250 251 cur_sec = s->cylinders * s->heads * s->sectors; 252 253 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 254 put_le16(p + 1, s->cylinders); /* Default cylinders */ 255 put_le16(p + 3, s->heads); /* Default heads */ 256 put_le16(p + 6, s->sectors); /* Default sectors per track */ 257 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 258 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 259 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 260 put_le16(p + 22, 0x0004); /* ECC bytes */ 261 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 262 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */ 263 #if MAX_MULT_SECTORS > 1 264 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 265 #else 266 put_le16(p + 47, 0x0000); 267 #endif 268 put_le16(p + 49, 0x0f00); /* Capabilities */ 269 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 270 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 271 put_le16(p + 53, 0x0003); /* Translation params valid */ 272 put_le16(p + 54, s->cylinders); /* Current cylinders */ 273 put_le16(p + 55, s->heads); /* Current heads */ 274 put_le16(p + 56, s->sectors); /* Current sectors */ 275 put_le16(p + 57, cur_sec); /* Current capacity */ 276 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 277 if (s->mult_sectors) /* Multiple sector setting */ 278 put_le16(p + 59, 0x100 | s->mult_sectors); 279 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 280 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 281 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 282 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 283 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 284 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 285 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 286 put_le16(p + 82, 0x400c); /* Command Set supported */ 287 put_le16(p + 83, 0x7068); /* Command Set supported */ 288 put_le16(p + 84, 0x4000); /* Features supported */ 289 put_le16(p + 85, 0x000c); /* Command Set enabled */ 290 put_le16(p + 86, 0x7044); /* Command Set enabled */ 291 put_le16(p + 87, 0x4000); /* Features enabled */ 292 put_le16(p + 91, 0x4060); /* Current APM level */ 293 put_le16(p + 129, 0x0002); /* Current features option */ 294 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 295 put_le16(p + 131, 0x0001); /* Initial power mode */ 296 put_le16(p + 132, 0x0000); /* User signature */ 297 put_le16(p + 160, 0x8100); /* Power requirement */ 298 put_le16(p + 161, 0x8001); /* CF command set */ 299 300 s->identify_set = 1; 301 302 fill_buffer: 303 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 304 } 305 306 static void ide_set_signature(IDEState *s) 307 { 308 s->select &= 0xf0; /* clear head */ 309 /* put signature */ 310 s->nsector = 1; 311 s->sector = 1; 312 if (s->drive_kind == IDE_CD) { 313 s->lcyl = 0x14; 314 s->hcyl = 0xeb; 315 } else if (s->bs) { 316 s->lcyl = 0; 317 s->hcyl = 0; 318 } else { 319 s->lcyl = 0xff; 320 s->hcyl = 0xff; 321 } 322 } 323 324 typedef struct TrimAIOCB { 325 BlockDriverAIOCB common; 326 QEMUBH *bh; 327 int ret; 328 QEMUIOVector *qiov; 329 BlockDriverAIOCB *aiocb; 330 int i, j; 331 } TrimAIOCB; 332 333 static void trim_aio_cancel(BlockDriverAIOCB *acb) 334 { 335 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); 336 337 /* Exit the loop in case bdrv_aio_cancel calls ide_issue_trim_cb again. */ 338 iocb->j = iocb->qiov->niov - 1; 339 iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1; 340 341 /* Tell ide_issue_trim_cb not to trigger the completion, too. */ 342 qemu_bh_delete(iocb->bh); 343 iocb->bh = NULL; 344 345 if (iocb->aiocb) { 346 bdrv_aio_cancel(iocb->aiocb); 347 } 348 qemu_aio_release(iocb); 349 } 350 351 static const AIOCBInfo trim_aiocb_info = { 352 .aiocb_size = sizeof(TrimAIOCB), 353 .cancel = trim_aio_cancel, 354 }; 355 356 static void ide_trim_bh_cb(void *opaque) 357 { 358 TrimAIOCB *iocb = opaque; 359 360 iocb->common.cb(iocb->common.opaque, iocb->ret); 361 362 qemu_bh_delete(iocb->bh); 363 iocb->bh = NULL; 364 qemu_aio_release(iocb); 365 } 366 367 static void ide_issue_trim_cb(void *opaque, int ret) 368 { 369 TrimAIOCB *iocb = opaque; 370 if (ret >= 0) { 371 while (iocb->j < iocb->qiov->niov) { 372 int j = iocb->j; 373 while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) { 374 int i = iocb->i; 375 uint64_t *buffer = iocb->qiov->iov[j].iov_base; 376 377 /* 6-byte LBA + 2-byte range per entry */ 378 uint64_t entry = le64_to_cpu(buffer[i]); 379 uint64_t sector = entry & 0x0000ffffffffffffULL; 380 uint16_t count = entry >> 48; 381 382 if (count == 0) { 383 continue; 384 } 385 386 /* Got an entry! Submit and exit. */ 387 iocb->aiocb = bdrv_aio_discard(iocb->common.bs, sector, count, 388 ide_issue_trim_cb, opaque); 389 return; 390 } 391 392 iocb->j++; 393 iocb->i = -1; 394 } 395 } else { 396 iocb->ret = ret; 397 } 398 399 iocb->aiocb = NULL; 400 if (iocb->bh) { 401 qemu_bh_schedule(iocb->bh); 402 } 403 } 404 405 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs, 406 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors, 407 BlockDriverCompletionFunc *cb, void *opaque) 408 { 409 TrimAIOCB *iocb; 410 411 iocb = qemu_aio_get(&trim_aiocb_info, bs, cb, opaque); 412 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); 413 iocb->ret = 0; 414 iocb->qiov = qiov; 415 iocb->i = -1; 416 iocb->j = 0; 417 ide_issue_trim_cb(iocb, 0); 418 return &iocb->common; 419 } 420 421 static inline void ide_abort_command(IDEState *s) 422 { 423 s->status = READY_STAT | ERR_STAT; 424 s->error = ABRT_ERR; 425 } 426 427 /* prepare data transfer and tell what to do after */ 428 void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 429 EndTransferFunc *end_transfer_func) 430 { 431 s->end_transfer_func = end_transfer_func; 432 s->data_ptr = buf; 433 s->data_end = buf + size; 434 if (!(s->status & ERR_STAT)) { 435 s->status |= DRQ_STAT; 436 } 437 s->bus->dma->ops->start_transfer(s->bus->dma); 438 } 439 440 void ide_transfer_stop(IDEState *s) 441 { 442 s->end_transfer_func = ide_transfer_stop; 443 s->data_ptr = s->io_buffer; 444 s->data_end = s->io_buffer; 445 s->status &= ~DRQ_STAT; 446 } 447 448 int64_t ide_get_sector(IDEState *s) 449 { 450 int64_t sector_num; 451 if (s->select & 0x40) { 452 /* lba */ 453 if (!s->lba48) { 454 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 455 (s->lcyl << 8) | s->sector; 456 } else { 457 sector_num = ((int64_t)s->hob_hcyl << 40) | 458 ((int64_t) s->hob_lcyl << 32) | 459 ((int64_t) s->hob_sector << 24) | 460 ((int64_t) s->hcyl << 16) | 461 ((int64_t) s->lcyl << 8) | s->sector; 462 } 463 } else { 464 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 465 (s->select & 0x0f) * s->sectors + (s->sector - 1); 466 } 467 return sector_num; 468 } 469 470 void ide_set_sector(IDEState *s, int64_t sector_num) 471 { 472 unsigned int cyl, r; 473 if (s->select & 0x40) { 474 if (!s->lba48) { 475 s->select = (s->select & 0xf0) | (sector_num >> 24); 476 s->hcyl = (sector_num >> 16); 477 s->lcyl = (sector_num >> 8); 478 s->sector = (sector_num); 479 } else { 480 s->sector = sector_num; 481 s->lcyl = sector_num >> 8; 482 s->hcyl = sector_num >> 16; 483 s->hob_sector = sector_num >> 24; 484 s->hob_lcyl = sector_num >> 32; 485 s->hob_hcyl = sector_num >> 40; 486 } 487 } else { 488 cyl = sector_num / (s->heads * s->sectors); 489 r = sector_num % (s->heads * s->sectors); 490 s->hcyl = cyl >> 8; 491 s->lcyl = cyl; 492 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 493 s->sector = (r % s->sectors) + 1; 494 } 495 } 496 497 static void ide_rw_error(IDEState *s) { 498 ide_abort_command(s); 499 ide_set_irq(s->bus); 500 } 501 502 static void ide_sector_read_cb(void *opaque, int ret) 503 { 504 IDEState *s = opaque; 505 int n; 506 507 s->pio_aiocb = NULL; 508 s->status &= ~BUSY_STAT; 509 510 bdrv_acct_done(s->bs, &s->acct); 511 if (ret != 0) { 512 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY | 513 BM_STATUS_RETRY_READ)) { 514 return; 515 } 516 } 517 518 n = s->nsector; 519 if (n > s->req_nb_sectors) { 520 n = s->req_nb_sectors; 521 } 522 523 /* Allow the guest to read the io_buffer */ 524 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read); 525 526 ide_set_irq(s->bus); 527 528 ide_set_sector(s, ide_get_sector(s) + n); 529 s->nsector -= n; 530 } 531 532 void ide_sector_read(IDEState *s) 533 { 534 int64_t sector_num; 535 int n; 536 537 s->status = READY_STAT | SEEK_STAT; 538 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 539 sector_num = ide_get_sector(s); 540 n = s->nsector; 541 542 if (n == 0) { 543 ide_transfer_stop(s); 544 return; 545 } 546 547 s->status |= BUSY_STAT; 548 549 if (n > s->req_nb_sectors) { 550 n = s->req_nb_sectors; 551 } 552 553 #if defined(DEBUG_IDE) 554 printf("sector=%" PRId64 "\n", sector_num); 555 #endif 556 557 s->iov.iov_base = s->io_buffer; 558 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 559 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 560 561 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 562 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n, 563 ide_sector_read_cb, s); 564 } 565 566 static void dma_buf_commit(IDEState *s) 567 { 568 qemu_sglist_destroy(&s->sg); 569 } 570 571 void ide_set_inactive(IDEState *s) 572 { 573 s->bus->dma->aiocb = NULL; 574 s->bus->dma->ops->set_inactive(s->bus->dma); 575 } 576 577 void ide_dma_error(IDEState *s) 578 { 579 ide_transfer_stop(s); 580 s->error = ABRT_ERR; 581 s->status = READY_STAT | ERR_STAT; 582 ide_set_inactive(s); 583 ide_set_irq(s->bus); 584 } 585 586 static int ide_handle_rw_error(IDEState *s, int error, int op) 587 { 588 bool is_read = (op & BM_STATUS_RETRY_READ) != 0; 589 BlockErrorAction action = bdrv_get_error_action(s->bs, is_read, error); 590 591 if (action == BDRV_ACTION_STOP) { 592 s->bus->dma->ops->set_unit(s->bus->dma, s->unit); 593 s->bus->error_status = op; 594 } else if (action == BDRV_ACTION_REPORT) { 595 if (op & BM_STATUS_DMA_RETRY) { 596 dma_buf_commit(s); 597 ide_dma_error(s); 598 } else { 599 ide_rw_error(s); 600 } 601 } 602 bdrv_error_action(s->bs, action, is_read, error); 603 return action != BDRV_ACTION_IGNORE; 604 } 605 606 void ide_dma_cb(void *opaque, int ret) 607 { 608 IDEState *s = opaque; 609 int n; 610 int64_t sector_num; 611 bool stay_active = false; 612 613 if (ret < 0) { 614 int op = BM_STATUS_DMA_RETRY; 615 616 if (s->dma_cmd == IDE_DMA_READ) 617 op |= BM_STATUS_RETRY_READ; 618 else if (s->dma_cmd == IDE_DMA_TRIM) 619 op |= BM_STATUS_RETRY_TRIM; 620 621 if (ide_handle_rw_error(s, -ret, op)) { 622 return; 623 } 624 } 625 626 n = s->io_buffer_size >> 9; 627 if (n > s->nsector) { 628 /* The PRDs were longer than needed for this request. Shorten them so 629 * we don't get a negative remainder. The Active bit must remain set 630 * after the request completes. */ 631 n = s->nsector; 632 stay_active = true; 633 } 634 635 sector_num = ide_get_sector(s); 636 if (n > 0) { 637 dma_buf_commit(s); 638 sector_num += n; 639 ide_set_sector(s, sector_num); 640 s->nsector -= n; 641 } 642 643 /* end of transfer ? */ 644 if (s->nsector == 0) { 645 s->status = READY_STAT | SEEK_STAT; 646 ide_set_irq(s->bus); 647 goto eot; 648 } 649 650 /* launch next transfer */ 651 n = s->nsector; 652 s->io_buffer_index = 0; 653 s->io_buffer_size = n * 512; 654 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) { 655 /* The PRDs were too short. Reset the Active bit, but don't raise an 656 * interrupt. */ 657 s->status = READY_STAT | SEEK_STAT; 658 goto eot; 659 } 660 661 #ifdef DEBUG_AIO 662 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n", 663 sector_num, n, s->dma_cmd); 664 #endif 665 666 switch (s->dma_cmd) { 667 case IDE_DMA_READ: 668 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, 669 ide_dma_cb, s); 670 break; 671 case IDE_DMA_WRITE: 672 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, 673 ide_dma_cb, s); 674 break; 675 case IDE_DMA_TRIM: 676 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num, 677 ide_issue_trim, ide_dma_cb, s, 678 DMA_DIRECTION_TO_DEVICE); 679 break; 680 } 681 return; 682 683 eot: 684 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) { 685 bdrv_acct_done(s->bs, &s->acct); 686 } 687 ide_set_inactive(s); 688 if (stay_active) { 689 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_DMAING); 690 } 691 } 692 693 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 694 { 695 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; 696 s->io_buffer_index = 0; 697 s->io_buffer_size = 0; 698 s->dma_cmd = dma_cmd; 699 700 switch (dma_cmd) { 701 case IDE_DMA_READ: 702 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 703 BDRV_ACCT_READ); 704 break; 705 case IDE_DMA_WRITE: 706 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 707 BDRV_ACCT_WRITE); 708 break; 709 default: 710 break; 711 } 712 713 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb); 714 } 715 716 static void ide_sector_write_timer_cb(void *opaque) 717 { 718 IDEState *s = opaque; 719 ide_set_irq(s->bus); 720 } 721 722 static void ide_sector_write_cb(void *opaque, int ret) 723 { 724 IDEState *s = opaque; 725 int n; 726 727 bdrv_acct_done(s->bs, &s->acct); 728 729 s->pio_aiocb = NULL; 730 s->status &= ~BUSY_STAT; 731 732 if (ret != 0) { 733 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) { 734 return; 735 } 736 } 737 738 n = s->nsector; 739 if (n > s->req_nb_sectors) { 740 n = s->req_nb_sectors; 741 } 742 s->nsector -= n; 743 if (s->nsector == 0) { 744 /* no more sectors to write */ 745 ide_transfer_stop(s); 746 } else { 747 int n1 = s->nsector; 748 if (n1 > s->req_nb_sectors) { 749 n1 = s->req_nb_sectors; 750 } 751 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE, 752 ide_sector_write); 753 } 754 ide_set_sector(s, ide_get_sector(s) + n); 755 756 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 757 /* It seems there is a bug in the Windows 2000 installer HDD 758 IDE driver which fills the disk with empty logs when the 759 IDE write IRQ comes too early. This hack tries to correct 760 that at the expense of slower write performances. Use this 761 option _only_ to install Windows 2000. You must disable it 762 for normal use. */ 763 qemu_mod_timer(s->sector_write_timer, 764 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000)); 765 } else { 766 ide_set_irq(s->bus); 767 } 768 } 769 770 void ide_sector_write(IDEState *s) 771 { 772 int64_t sector_num; 773 int n; 774 775 s->status = READY_STAT | SEEK_STAT | BUSY_STAT; 776 sector_num = ide_get_sector(s); 777 #if defined(DEBUG_IDE) 778 printf("sector=%" PRId64 "\n", sector_num); 779 #endif 780 n = s->nsector; 781 if (n > s->req_nb_sectors) { 782 n = s->req_nb_sectors; 783 } 784 785 s->iov.iov_base = s->io_buffer; 786 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 787 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 788 789 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 790 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n, 791 ide_sector_write_cb, s); 792 } 793 794 static void ide_flush_cb(void *opaque, int ret) 795 { 796 IDEState *s = opaque; 797 798 if (ret < 0) { 799 /* XXX: What sector number to set here? */ 800 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) { 801 return; 802 } 803 } 804 805 bdrv_acct_done(s->bs, &s->acct); 806 s->status = READY_STAT | SEEK_STAT; 807 ide_set_irq(s->bus); 808 } 809 810 void ide_flush_cache(IDEState *s) 811 { 812 if (s->bs == NULL) { 813 ide_flush_cb(s, 0); 814 return; 815 } 816 817 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH); 818 bdrv_aio_flush(s->bs, ide_flush_cb, s); 819 } 820 821 static void ide_cfata_metadata_inquiry(IDEState *s) 822 { 823 uint16_t *p; 824 uint32_t spd; 825 826 p = (uint16_t *) s->io_buffer; 827 memset(p, 0, 0x200); 828 spd = ((s->mdata_size - 1) >> 9) + 1; 829 830 put_le16(p + 0, 0x0001); /* Data format revision */ 831 put_le16(p + 1, 0x0000); /* Media property: silicon */ 832 put_le16(p + 2, s->media_changed); /* Media status */ 833 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 834 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 835 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 836 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 837 } 838 839 static void ide_cfata_metadata_read(IDEState *s) 840 { 841 uint16_t *p; 842 843 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 844 s->status = ERR_STAT; 845 s->error = ABRT_ERR; 846 return; 847 } 848 849 p = (uint16_t *) s->io_buffer; 850 memset(p, 0, 0x200); 851 852 put_le16(p + 0, s->media_changed); /* Media status */ 853 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 854 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 855 s->nsector << 9), 0x200 - 2)); 856 } 857 858 static void ide_cfata_metadata_write(IDEState *s) 859 { 860 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 861 s->status = ERR_STAT; 862 s->error = ABRT_ERR; 863 return; 864 } 865 866 s->media_changed = 0; 867 868 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 869 s->io_buffer + 2, 870 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 871 s->nsector << 9), 0x200 - 2)); 872 } 873 874 /* called when the inserted state of the media has changed */ 875 static void ide_cd_change_cb(void *opaque, bool load) 876 { 877 IDEState *s = opaque; 878 uint64_t nb_sectors; 879 880 s->tray_open = !load; 881 bdrv_get_geometry(s->bs, &nb_sectors); 882 s->nb_sectors = nb_sectors; 883 884 /* 885 * First indicate to the guest that a CD has been removed. That's 886 * done on the next command the guest sends us. 887 * 888 * Then we set UNIT_ATTENTION, by which the guest will 889 * detect a new CD in the drive. See ide_atapi_cmd() for details. 890 */ 891 s->cdrom_changed = 1; 892 s->events.new_media = true; 893 s->events.eject_request = false; 894 ide_set_irq(s->bus); 895 } 896 897 static void ide_cd_eject_request_cb(void *opaque, bool force) 898 { 899 IDEState *s = opaque; 900 901 s->events.eject_request = true; 902 if (force) { 903 s->tray_locked = false; 904 } 905 ide_set_irq(s->bus); 906 } 907 908 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 909 { 910 s->lba48 = lba48; 911 912 /* handle the 'magic' 0 nsector count conversion here. to avoid 913 * fiddling with the rest of the read logic, we just store the 914 * full sector count in ->nsector and ignore ->hob_nsector from now 915 */ 916 if (!s->lba48) { 917 if (!s->nsector) 918 s->nsector = 256; 919 } else { 920 if (!s->nsector && !s->hob_nsector) 921 s->nsector = 65536; 922 else { 923 int lo = s->nsector; 924 int hi = s->hob_nsector; 925 926 s->nsector = (hi << 8) | lo; 927 } 928 } 929 } 930 931 static void ide_clear_hob(IDEBus *bus) 932 { 933 /* any write clears HOB high bit of device control register */ 934 bus->ifs[0].select &= ~(1 << 7); 935 bus->ifs[1].select &= ~(1 << 7); 936 } 937 938 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 939 { 940 IDEBus *bus = opaque; 941 942 #ifdef DEBUG_IDE 943 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val); 944 #endif 945 946 addr &= 7; 947 948 /* ignore writes to command block while busy with previous command */ 949 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT))) 950 return; 951 952 switch(addr) { 953 case 0: 954 break; 955 case 1: 956 ide_clear_hob(bus); 957 /* NOTE: data is written to the two drives */ 958 bus->ifs[0].hob_feature = bus->ifs[0].feature; 959 bus->ifs[1].hob_feature = bus->ifs[1].feature; 960 bus->ifs[0].feature = val; 961 bus->ifs[1].feature = val; 962 break; 963 case 2: 964 ide_clear_hob(bus); 965 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 966 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 967 bus->ifs[0].nsector = val; 968 bus->ifs[1].nsector = val; 969 break; 970 case 3: 971 ide_clear_hob(bus); 972 bus->ifs[0].hob_sector = bus->ifs[0].sector; 973 bus->ifs[1].hob_sector = bus->ifs[1].sector; 974 bus->ifs[0].sector = val; 975 bus->ifs[1].sector = val; 976 break; 977 case 4: 978 ide_clear_hob(bus); 979 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 980 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 981 bus->ifs[0].lcyl = val; 982 bus->ifs[1].lcyl = val; 983 break; 984 case 5: 985 ide_clear_hob(bus); 986 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 987 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 988 bus->ifs[0].hcyl = val; 989 bus->ifs[1].hcyl = val; 990 break; 991 case 6: 992 /* FIXME: HOB readback uses bit 7 */ 993 bus->ifs[0].select = (val & ~0x10) | 0xa0; 994 bus->ifs[1].select = (val | 0x10) | 0xa0; 995 /* select drive */ 996 bus->unit = (val >> 4) & 1; 997 break; 998 default: 999 case 7: 1000 /* command */ 1001 ide_exec_cmd(bus, val); 1002 break; 1003 } 1004 } 1005 1006 #define HD_OK (1u << IDE_HD) 1007 #define CD_OK (1u << IDE_CD) 1008 #define CFA_OK (1u << IDE_CFATA) 1009 #define HD_CFA_OK (HD_OK | CFA_OK) 1010 #define ALL_OK (HD_OK | CD_OK | CFA_OK) 1011 1012 /* See ACS-2 T13/2015-D Table B.2 Command codes */ 1013 static const uint8_t ide_cmd_table[0x100] = { 1014 /* NOP not implemented, mandatory for CD */ 1015 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK, 1016 [WIN_DSM] = ALL_OK, 1017 [WIN_DEVICE_RESET] = CD_OK, 1018 [WIN_RECAL] = HD_CFA_OK, 1019 [WIN_READ] = ALL_OK, 1020 [WIN_READ_ONCE] = ALL_OK, 1021 [WIN_READ_EXT] = HD_CFA_OK, 1022 [WIN_READDMA_EXT] = HD_CFA_OK, 1023 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK, 1024 [WIN_MULTREAD_EXT] = HD_CFA_OK, 1025 [WIN_WRITE] = HD_CFA_OK, 1026 [WIN_WRITE_ONCE] = HD_CFA_OK, 1027 [WIN_WRITE_EXT] = HD_CFA_OK, 1028 [WIN_WRITEDMA_EXT] = HD_CFA_OK, 1029 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK, 1030 [WIN_MULTWRITE_EXT] = HD_CFA_OK, 1031 [WIN_WRITE_VERIFY] = HD_CFA_OK, 1032 [WIN_VERIFY] = HD_CFA_OK, 1033 [WIN_VERIFY_ONCE] = HD_CFA_OK, 1034 [WIN_VERIFY_EXT] = HD_CFA_OK, 1035 [WIN_SEEK] = HD_CFA_OK, 1036 [CFA_TRANSLATE_SECTOR] = CFA_OK, 1037 [WIN_DIAGNOSE] = ALL_OK, 1038 [WIN_SPECIFY] = HD_CFA_OK, 1039 [WIN_STANDBYNOW2] = ALL_OK, 1040 [WIN_IDLEIMMEDIATE2] = ALL_OK, 1041 [WIN_STANDBY2] = ALL_OK, 1042 [WIN_SETIDLE2] = ALL_OK, 1043 [WIN_CHECKPOWERMODE2] = ALL_OK, 1044 [WIN_SLEEPNOW2] = ALL_OK, 1045 [WIN_PACKETCMD] = CD_OK, 1046 [WIN_PIDENTIFY] = CD_OK, 1047 [WIN_SMART] = HD_CFA_OK, 1048 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK, 1049 [CFA_ERASE_SECTORS] = CFA_OK, 1050 [WIN_MULTREAD] = HD_CFA_OK, 1051 [WIN_MULTWRITE] = HD_CFA_OK, 1052 [WIN_SETMULT] = HD_CFA_OK, 1053 [WIN_READDMA] = HD_CFA_OK, 1054 [WIN_READDMA_ONCE] = HD_CFA_OK, 1055 [WIN_WRITEDMA] = HD_CFA_OK, 1056 [WIN_WRITEDMA_ONCE] = HD_CFA_OK, 1057 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK, 1058 [WIN_STANDBYNOW1] = ALL_OK, 1059 [WIN_IDLEIMMEDIATE] = ALL_OK, 1060 [WIN_STANDBY] = ALL_OK, 1061 [WIN_SETIDLE1] = ALL_OK, 1062 [WIN_CHECKPOWERMODE1] = ALL_OK, 1063 [WIN_SLEEPNOW1] = ALL_OK, 1064 [WIN_FLUSH_CACHE] = ALL_OK, 1065 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK, 1066 [WIN_IDENTIFY] = ALL_OK, 1067 [WIN_SETFEATURES] = ALL_OK, 1068 [IBM_SENSE_CONDITION] = CFA_OK, 1069 [CFA_WEAR_LEVEL] = HD_CFA_OK, 1070 [WIN_READ_NATIVE_MAX] = ALL_OK, 1071 }; 1072 1073 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) 1074 { 1075 return cmd < ARRAY_SIZE(ide_cmd_table) 1076 && (ide_cmd_table[cmd] & (1u << s->drive_kind)); 1077 } 1078 1079 void ide_exec_cmd(IDEBus *bus, uint32_t val) 1080 { 1081 uint16_t *identify_data; 1082 IDEState *s; 1083 int n; 1084 int lba48 = 0; 1085 1086 #if defined(DEBUG_IDE) 1087 printf("ide: CMD=%02x\n", val); 1088 #endif 1089 s = idebus_active_if(bus); 1090 /* ignore commands to non existent slave */ 1091 if (s != bus->ifs && !s->bs) 1092 return; 1093 1094 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */ 1095 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET) 1096 return; 1097 1098 if (!ide_cmd_permitted(s, val)) { 1099 goto abort_cmd; 1100 } 1101 1102 switch(val) { 1103 case WIN_DSM: 1104 switch (s->feature) { 1105 case DSM_TRIM: 1106 if (!s->bs) { 1107 goto abort_cmd; 1108 } 1109 ide_sector_start_dma(s, IDE_DMA_TRIM); 1110 break; 1111 default: 1112 goto abort_cmd; 1113 } 1114 break; 1115 case WIN_IDENTIFY: 1116 if (s->bs && s->drive_kind != IDE_CD) { 1117 if (s->drive_kind != IDE_CFATA) 1118 ide_identify(s); 1119 else 1120 ide_cfata_identify(s); 1121 s->status = READY_STAT | SEEK_STAT; 1122 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1123 } else { 1124 if (s->drive_kind == IDE_CD) { 1125 ide_set_signature(s); 1126 } 1127 ide_abort_command(s); 1128 } 1129 ide_set_irq(s->bus); 1130 break; 1131 case WIN_SPECIFY: 1132 case WIN_RECAL: 1133 s->error = 0; 1134 s->status = READY_STAT | SEEK_STAT; 1135 ide_set_irq(s->bus); 1136 break; 1137 case WIN_SETMULT: 1138 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1139 /* Disable Read and Write Multiple */ 1140 s->mult_sectors = 0; 1141 s->status = READY_STAT | SEEK_STAT; 1142 } else if ((s->nsector & 0xff) != 0 && 1143 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1144 (s->nsector & (s->nsector - 1)) != 0)) { 1145 ide_abort_command(s); 1146 } else { 1147 s->mult_sectors = s->nsector & 0xff; 1148 s->status = READY_STAT | SEEK_STAT; 1149 } 1150 ide_set_irq(s->bus); 1151 break; 1152 case WIN_VERIFY_EXT: 1153 lba48 = 1; 1154 case WIN_VERIFY: 1155 case WIN_VERIFY_ONCE: 1156 /* do sector number check ? */ 1157 ide_cmd_lba48_transform(s, lba48); 1158 s->status = READY_STAT | SEEK_STAT; 1159 ide_set_irq(s->bus); 1160 break; 1161 case WIN_READ_EXT: 1162 lba48 = 1; 1163 case WIN_READ: 1164 case WIN_READ_ONCE: 1165 if (s->drive_kind == IDE_CD) { 1166 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */ 1167 goto abort_cmd; 1168 } 1169 if (!s->bs) { 1170 goto abort_cmd; 1171 } 1172 ide_cmd_lba48_transform(s, lba48); 1173 s->req_nb_sectors = 1; 1174 ide_sector_read(s); 1175 break; 1176 case WIN_WRITE_EXT: 1177 lba48 = 1; 1178 case WIN_WRITE: 1179 case WIN_WRITE_ONCE: 1180 case CFA_WRITE_SECT_WO_ERASE: 1181 case WIN_WRITE_VERIFY: 1182 if (!s->bs) { 1183 goto abort_cmd; 1184 } 1185 ide_cmd_lba48_transform(s, lba48); 1186 s->error = 0; 1187 s->status = SEEK_STAT | READY_STAT; 1188 s->req_nb_sectors = 1; 1189 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1190 s->media_changed = 1; 1191 break; 1192 case WIN_MULTREAD_EXT: 1193 lba48 = 1; 1194 case WIN_MULTREAD: 1195 if (!s->bs) { 1196 goto abort_cmd; 1197 } 1198 if (!s->mult_sectors) { 1199 goto abort_cmd; 1200 } 1201 ide_cmd_lba48_transform(s, lba48); 1202 s->req_nb_sectors = s->mult_sectors; 1203 ide_sector_read(s); 1204 break; 1205 case WIN_MULTWRITE_EXT: 1206 lba48 = 1; 1207 case WIN_MULTWRITE: 1208 case CFA_WRITE_MULTI_WO_ERASE: 1209 if (!s->bs) { 1210 goto abort_cmd; 1211 } 1212 if (!s->mult_sectors) { 1213 goto abort_cmd; 1214 } 1215 ide_cmd_lba48_transform(s, lba48); 1216 s->error = 0; 1217 s->status = SEEK_STAT | READY_STAT; 1218 s->req_nb_sectors = s->mult_sectors; 1219 n = s->nsector; 1220 if (n > s->req_nb_sectors) 1221 n = s->req_nb_sectors; 1222 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1223 s->media_changed = 1; 1224 break; 1225 case WIN_READDMA_EXT: 1226 lba48 = 1; 1227 case WIN_READDMA: 1228 case WIN_READDMA_ONCE: 1229 if (!s->bs) { 1230 goto abort_cmd; 1231 } 1232 ide_cmd_lba48_transform(s, lba48); 1233 ide_sector_start_dma(s, IDE_DMA_READ); 1234 break; 1235 case WIN_WRITEDMA_EXT: 1236 lba48 = 1; 1237 case WIN_WRITEDMA: 1238 case WIN_WRITEDMA_ONCE: 1239 if (!s->bs) { 1240 goto abort_cmd; 1241 } 1242 ide_cmd_lba48_transform(s, lba48); 1243 ide_sector_start_dma(s, IDE_DMA_WRITE); 1244 s->media_changed = 1; 1245 break; 1246 case WIN_READ_NATIVE_MAX_EXT: 1247 lba48 = 1; 1248 case WIN_READ_NATIVE_MAX: 1249 ide_cmd_lba48_transform(s, lba48); 1250 ide_set_sector(s, s->nb_sectors - 1); 1251 s->status = READY_STAT | SEEK_STAT; 1252 ide_set_irq(s->bus); 1253 break; 1254 case WIN_CHECKPOWERMODE1: 1255 case WIN_CHECKPOWERMODE2: 1256 s->error = 0; 1257 s->nsector = 0xff; /* device active or idle */ 1258 s->status = READY_STAT | SEEK_STAT; 1259 ide_set_irq(s->bus); 1260 break; 1261 case WIN_SETFEATURES: 1262 if (!s->bs) 1263 goto abort_cmd; 1264 /* XXX: valid for CDROM ? */ 1265 switch(s->feature) { 1266 case 0x02: /* write cache enable */ 1267 bdrv_set_enable_write_cache(s->bs, true); 1268 identify_data = (uint16_t *)s->identify_data; 1269 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1); 1270 s->status = READY_STAT | SEEK_STAT; 1271 ide_set_irq(s->bus); 1272 break; 1273 case 0x82: /* write cache disable */ 1274 bdrv_set_enable_write_cache(s->bs, false); 1275 identify_data = (uint16_t *)s->identify_data; 1276 put_le16(identify_data + 85, (1 << 14) | 1); 1277 ide_flush_cache(s); 1278 break; 1279 case 0xcc: /* reverting to power-on defaults enable */ 1280 case 0x66: /* reverting to power-on defaults disable */ 1281 case 0xaa: /* read look-ahead enable */ 1282 case 0x55: /* read look-ahead disable */ 1283 case 0x05: /* set advanced power management mode */ 1284 case 0x85: /* disable advanced power management mode */ 1285 case 0x69: /* NOP */ 1286 case 0x67: /* NOP */ 1287 case 0x96: /* NOP */ 1288 case 0x9a: /* NOP */ 1289 case 0x42: /* enable Automatic Acoustic Mode */ 1290 case 0xc2: /* disable Automatic Acoustic Mode */ 1291 s->status = READY_STAT | SEEK_STAT; 1292 ide_set_irq(s->bus); 1293 break; 1294 case 0x03: { /* set transfer mode */ 1295 uint8_t val = s->nsector & 0x07; 1296 identify_data = (uint16_t *)s->identify_data; 1297 1298 switch (s->nsector >> 3) { 1299 case 0x00: /* pio default */ 1300 case 0x01: /* pio mode */ 1301 put_le16(identify_data + 62,0x07); 1302 put_le16(identify_data + 63,0x07); 1303 put_le16(identify_data + 88,0x3f); 1304 break; 1305 case 0x02: /* sigle word dma mode*/ 1306 put_le16(identify_data + 62,0x07 | (1 << (val + 8))); 1307 put_le16(identify_data + 63,0x07); 1308 put_le16(identify_data + 88,0x3f); 1309 break; 1310 case 0x04: /* mdma mode */ 1311 put_le16(identify_data + 62,0x07); 1312 put_le16(identify_data + 63,0x07 | (1 << (val + 8))); 1313 put_le16(identify_data + 88,0x3f); 1314 break; 1315 case 0x08: /* udma mode */ 1316 put_le16(identify_data + 62,0x07); 1317 put_le16(identify_data + 63,0x07); 1318 put_le16(identify_data + 88,0x3f | (1 << (val + 8))); 1319 break; 1320 default: 1321 goto abort_cmd; 1322 } 1323 s->status = READY_STAT | SEEK_STAT; 1324 ide_set_irq(s->bus); 1325 break; 1326 } 1327 default: 1328 goto abort_cmd; 1329 } 1330 break; 1331 case WIN_FLUSH_CACHE: 1332 case WIN_FLUSH_CACHE_EXT: 1333 ide_flush_cache(s); 1334 break; 1335 case WIN_STANDBY: 1336 case WIN_STANDBY2: 1337 case WIN_STANDBYNOW1: 1338 case WIN_STANDBYNOW2: 1339 case WIN_IDLEIMMEDIATE: 1340 case WIN_IDLEIMMEDIATE2: 1341 case WIN_SETIDLE1: 1342 case WIN_SETIDLE2: 1343 case WIN_SLEEPNOW1: 1344 case WIN_SLEEPNOW2: 1345 s->status = READY_STAT; 1346 ide_set_irq(s->bus); 1347 break; 1348 case WIN_SEEK: 1349 /* XXX: Check that seek is within bounds */ 1350 s->status = READY_STAT | SEEK_STAT; 1351 ide_set_irq(s->bus); 1352 break; 1353 /* ATAPI commands */ 1354 case WIN_PIDENTIFY: 1355 ide_atapi_identify(s); 1356 s->status = READY_STAT | SEEK_STAT; 1357 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1358 ide_set_irq(s->bus); 1359 break; 1360 case WIN_DIAGNOSE: 1361 ide_set_signature(s); 1362 if (s->drive_kind == IDE_CD) 1363 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 1364 * devices to return a clear status register 1365 * with READY_STAT *not* set. */ 1366 else 1367 s->status = READY_STAT | SEEK_STAT; 1368 s->error = 0x01; /* Device 0 passed, Device 1 passed or not 1369 * present. 1370 */ 1371 ide_set_irq(s->bus); 1372 break; 1373 case WIN_DEVICE_RESET: 1374 ide_set_signature(s); 1375 s->status = 0x00; /* NOTE: READY is _not_ set */ 1376 s->error = 0x01; 1377 break; 1378 case WIN_PACKETCMD: 1379 /* overlapping commands not supported */ 1380 if (s->feature & 0x02) 1381 goto abort_cmd; 1382 s->status = READY_STAT | SEEK_STAT; 1383 s->atapi_dma = s->feature & 1; 1384 s->nsector = 1; 1385 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 1386 ide_atapi_cmd); 1387 break; 1388 /* CF-ATA commands */ 1389 case CFA_REQ_EXT_ERROR_CODE: 1390 s->error = 0x09; /* miscellaneous error */ 1391 s->status = READY_STAT | SEEK_STAT; 1392 ide_set_irq(s->bus); 1393 break; 1394 case CFA_ERASE_SECTORS: 1395 case CFA_WEAR_LEVEL: 1396 #if 0 1397 /* This one has the same ID as CFA_WEAR_LEVEL and is required for 1398 Windows 8 to work with AHCI */ 1399 case WIN_SECURITY_FREEZE_LOCK: 1400 #endif 1401 if (val == CFA_WEAR_LEVEL) 1402 s->nsector = 0; 1403 if (val == CFA_ERASE_SECTORS) 1404 s->media_changed = 1; 1405 s->error = 0x00; 1406 s->status = READY_STAT | SEEK_STAT; 1407 ide_set_irq(s->bus); 1408 break; 1409 case CFA_TRANSLATE_SECTOR: 1410 s->error = 0x00; 1411 s->status = READY_STAT | SEEK_STAT; 1412 memset(s->io_buffer, 0, 0x200); 1413 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 1414 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 1415 s->io_buffer[0x02] = s->select; /* Head */ 1416 s->io_buffer[0x03] = s->sector; /* Sector */ 1417 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 1418 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 1419 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 1420 s->io_buffer[0x13] = 0x00; /* Erase flag */ 1421 s->io_buffer[0x18] = 0x00; /* Hot count */ 1422 s->io_buffer[0x19] = 0x00; /* Hot count */ 1423 s->io_buffer[0x1a] = 0x01; /* Hot count */ 1424 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1425 ide_set_irq(s->bus); 1426 break; 1427 case CFA_ACCESS_METADATA_STORAGE: 1428 switch (s->feature) { 1429 case 0x02: /* Inquiry Metadata Storage */ 1430 ide_cfata_metadata_inquiry(s); 1431 break; 1432 case 0x03: /* Read Metadata Storage */ 1433 ide_cfata_metadata_read(s); 1434 break; 1435 case 0x04: /* Write Metadata Storage */ 1436 ide_cfata_metadata_write(s); 1437 break; 1438 default: 1439 goto abort_cmd; 1440 } 1441 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1442 s->status = 0x00; /* NOTE: READY is _not_ set */ 1443 ide_set_irq(s->bus); 1444 break; 1445 case IBM_SENSE_CONDITION: 1446 switch (s->feature) { 1447 case 0x01: /* sense temperature in device */ 1448 s->nsector = 0x50; /* +20 C */ 1449 break; 1450 default: 1451 goto abort_cmd; 1452 } 1453 s->status = READY_STAT | SEEK_STAT; 1454 ide_set_irq(s->bus); 1455 break; 1456 1457 case WIN_SMART: 1458 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) 1459 goto abort_cmd; 1460 if (!s->smart_enabled && s->feature != SMART_ENABLE) 1461 goto abort_cmd; 1462 switch (s->feature) { 1463 case SMART_DISABLE: 1464 s->smart_enabled = 0; 1465 s->status = READY_STAT | SEEK_STAT; 1466 ide_set_irq(s->bus); 1467 break; 1468 case SMART_ENABLE: 1469 s->smart_enabled = 1; 1470 s->status = READY_STAT | SEEK_STAT; 1471 ide_set_irq(s->bus); 1472 break; 1473 case SMART_ATTR_AUTOSAVE: 1474 switch (s->sector) { 1475 case 0x00: 1476 s->smart_autosave = 0; 1477 break; 1478 case 0xf1: 1479 s->smart_autosave = 1; 1480 break; 1481 default: 1482 goto abort_cmd; 1483 } 1484 s->status = READY_STAT | SEEK_STAT; 1485 ide_set_irq(s->bus); 1486 break; 1487 case SMART_STATUS: 1488 if (!s->smart_errors) { 1489 s->hcyl = 0xc2; 1490 s->lcyl = 0x4f; 1491 } else { 1492 s->hcyl = 0x2c; 1493 s->lcyl = 0xf4; 1494 } 1495 s->status = READY_STAT | SEEK_STAT; 1496 ide_set_irq(s->bus); 1497 break; 1498 case SMART_READ_THRESH: 1499 memset(s->io_buffer, 0, 0x200); 1500 s->io_buffer[0] = 0x01; /* smart struct version */ 1501 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1502 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0]; 1503 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11]; 1504 } 1505 for (n=0; n<511; n++) /* checksum */ 1506 s->io_buffer[511] += s->io_buffer[n]; 1507 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1508 s->status = READY_STAT | SEEK_STAT; 1509 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1510 ide_set_irq(s->bus); 1511 break; 1512 case SMART_READ_DATA: 1513 memset(s->io_buffer, 0, 0x200); 1514 s->io_buffer[0] = 0x01; /* smart struct version */ 1515 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1516 int i; 1517 for(i = 0; i < 11; i++) { 1518 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i]; 1519 } 1520 } 1521 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00); 1522 if (s->smart_selftest_count == 0) { 1523 s->io_buffer[363] = 0; 1524 } else { 1525 s->io_buffer[363] = 1526 s->smart_selftest_data[3 + 1527 (s->smart_selftest_count - 1) * 1528 24]; 1529 } 1530 s->io_buffer[364] = 0x20; 1531 s->io_buffer[365] = 0x01; 1532 /* offline data collection capacity: execute + self-test*/ 1533 s->io_buffer[367] = (1<<4 | 1<<3 | 1); 1534 s->io_buffer[368] = 0x03; /* smart capability (1) */ 1535 s->io_buffer[369] = 0x00; /* smart capability (2) */ 1536 s->io_buffer[370] = 0x01; /* error logging supported */ 1537 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 1538 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 1539 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 1540 1541 for (n=0; n<511; n++) 1542 s->io_buffer[511] += s->io_buffer[n]; 1543 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1544 s->status = READY_STAT | SEEK_STAT; 1545 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1546 ide_set_irq(s->bus); 1547 break; 1548 case SMART_READ_LOG: 1549 switch (s->sector) { 1550 case 0x01: /* summary smart error log */ 1551 memset(s->io_buffer, 0, 0x200); 1552 s->io_buffer[0] = 0x01; 1553 s->io_buffer[1] = 0x00; /* no error entries */ 1554 s->io_buffer[452] = s->smart_errors & 0xff; 1555 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 1556 1557 for (n=0; n<511; n++) 1558 s->io_buffer[511] += s->io_buffer[n]; 1559 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1560 break; 1561 case 0x06: /* smart self test log */ 1562 memset(s->io_buffer, 0, 0x200); 1563 s->io_buffer[0] = 0x01; 1564 if (s->smart_selftest_count == 0) { 1565 s->io_buffer[508] = 0; 1566 } else { 1567 s->io_buffer[508] = s->smart_selftest_count; 1568 for (n=2; n<506; n++) 1569 s->io_buffer[n] = s->smart_selftest_data[n]; 1570 } 1571 for (n=0; n<511; n++) 1572 s->io_buffer[511] += s->io_buffer[n]; 1573 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1574 break; 1575 default: 1576 goto abort_cmd; 1577 } 1578 s->status = READY_STAT | SEEK_STAT; 1579 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1580 ide_set_irq(s->bus); 1581 break; 1582 case SMART_EXECUTE_OFFLINE: 1583 switch (s->sector) { 1584 case 0: /* off-line routine */ 1585 case 1: /* short self test */ 1586 case 2: /* extended self test */ 1587 s->smart_selftest_count++; 1588 if(s->smart_selftest_count > 21) 1589 s->smart_selftest_count = 0; 1590 n = 2 + (s->smart_selftest_count - 1) * 24; 1591 s->smart_selftest_data[n] = s->sector; 1592 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */ 1593 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */ 1594 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */ 1595 s->status = READY_STAT | SEEK_STAT; 1596 ide_set_irq(s->bus); 1597 break; 1598 default: 1599 goto abort_cmd; 1600 } 1601 break; 1602 default: 1603 goto abort_cmd; 1604 } 1605 break; 1606 default: 1607 /* should not be reachable */ 1608 abort_cmd: 1609 ide_abort_command(s); 1610 ide_set_irq(s->bus); 1611 break; 1612 } 1613 } 1614 1615 uint32_t ide_ioport_read(void *opaque, uint32_t addr1) 1616 { 1617 IDEBus *bus = opaque; 1618 IDEState *s = idebus_active_if(bus); 1619 uint32_t addr; 1620 int ret, hob; 1621 1622 addr = addr1 & 7; 1623 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 1624 //hob = s->select & (1 << 7); 1625 hob = 0; 1626 switch(addr) { 1627 case 0: 1628 ret = 0xff; 1629 break; 1630 case 1: 1631 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1632 (s != bus->ifs && !s->bs)) 1633 ret = 0; 1634 else if (!hob) 1635 ret = s->error; 1636 else 1637 ret = s->hob_feature; 1638 break; 1639 case 2: 1640 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1641 ret = 0; 1642 else if (!hob) 1643 ret = s->nsector & 0xff; 1644 else 1645 ret = s->hob_nsector; 1646 break; 1647 case 3: 1648 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1649 ret = 0; 1650 else if (!hob) 1651 ret = s->sector; 1652 else 1653 ret = s->hob_sector; 1654 break; 1655 case 4: 1656 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1657 ret = 0; 1658 else if (!hob) 1659 ret = s->lcyl; 1660 else 1661 ret = s->hob_lcyl; 1662 break; 1663 case 5: 1664 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1665 ret = 0; 1666 else if (!hob) 1667 ret = s->hcyl; 1668 else 1669 ret = s->hob_hcyl; 1670 break; 1671 case 6: 1672 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1673 ret = 0; 1674 else 1675 ret = s->select; 1676 break; 1677 default: 1678 case 7: 1679 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1680 (s != bus->ifs && !s->bs)) 1681 ret = 0; 1682 else 1683 ret = s->status; 1684 qemu_irq_lower(bus->irq); 1685 break; 1686 } 1687 #ifdef DEBUG_IDE 1688 printf("ide: read addr=0x%x val=%02x\n", addr1, ret); 1689 #endif 1690 return ret; 1691 } 1692 1693 uint32_t ide_status_read(void *opaque, uint32_t addr) 1694 { 1695 IDEBus *bus = opaque; 1696 IDEState *s = idebus_active_if(bus); 1697 int ret; 1698 1699 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1700 (s != bus->ifs && !s->bs)) 1701 ret = 0; 1702 else 1703 ret = s->status; 1704 #ifdef DEBUG_IDE 1705 printf("ide: read status addr=0x%x val=%02x\n", addr, ret); 1706 #endif 1707 return ret; 1708 } 1709 1710 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 1711 { 1712 IDEBus *bus = opaque; 1713 IDEState *s; 1714 int i; 1715 1716 #ifdef DEBUG_IDE 1717 printf("ide: write control addr=0x%x val=%02x\n", addr, val); 1718 #endif 1719 /* common for both drives */ 1720 if (!(bus->cmd & IDE_CMD_RESET) && 1721 (val & IDE_CMD_RESET)) { 1722 /* reset low to high */ 1723 for(i = 0;i < 2; i++) { 1724 s = &bus->ifs[i]; 1725 s->status = BUSY_STAT | SEEK_STAT; 1726 s->error = 0x01; 1727 } 1728 } else if ((bus->cmd & IDE_CMD_RESET) && 1729 !(val & IDE_CMD_RESET)) { 1730 /* high to low */ 1731 for(i = 0;i < 2; i++) { 1732 s = &bus->ifs[i]; 1733 if (s->drive_kind == IDE_CD) 1734 s->status = 0x00; /* NOTE: READY is _not_ set */ 1735 else 1736 s->status = READY_STAT | SEEK_STAT; 1737 ide_set_signature(s); 1738 } 1739 } 1740 1741 bus->cmd = val; 1742 } 1743 1744 /* 1745 * Returns true if the running PIO transfer is a PIO out (i.e. data is 1746 * transferred from the device to the guest), false if it's a PIO in 1747 */ 1748 static bool ide_is_pio_out(IDEState *s) 1749 { 1750 if (s->end_transfer_func == ide_sector_write || 1751 s->end_transfer_func == ide_atapi_cmd) { 1752 return false; 1753 } else if (s->end_transfer_func == ide_sector_read || 1754 s->end_transfer_func == ide_transfer_stop || 1755 s->end_transfer_func == ide_atapi_cmd_reply_end || 1756 s->end_transfer_func == ide_dummy_transfer_stop) { 1757 return true; 1758 } 1759 1760 abort(); 1761 } 1762 1763 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 1764 { 1765 IDEBus *bus = opaque; 1766 IDEState *s = idebus_active_if(bus); 1767 uint8_t *p; 1768 1769 /* PIO data access allowed only when DRQ bit is set. The result of a write 1770 * during PIO out is indeterminate, just ignore it. */ 1771 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1772 return; 1773 } 1774 1775 p = s->data_ptr; 1776 *(uint16_t *)p = le16_to_cpu(val); 1777 p += 2; 1778 s->data_ptr = p; 1779 if (p >= s->data_end) 1780 s->end_transfer_func(s); 1781 } 1782 1783 uint32_t ide_data_readw(void *opaque, uint32_t addr) 1784 { 1785 IDEBus *bus = opaque; 1786 IDEState *s = idebus_active_if(bus); 1787 uint8_t *p; 1788 int ret; 1789 1790 /* PIO data access allowed only when DRQ bit is set. The result of a read 1791 * during PIO in is indeterminate, return 0 and don't move forward. */ 1792 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1793 return 0; 1794 } 1795 1796 p = s->data_ptr; 1797 ret = cpu_to_le16(*(uint16_t *)p); 1798 p += 2; 1799 s->data_ptr = p; 1800 if (p >= s->data_end) 1801 s->end_transfer_func(s); 1802 return ret; 1803 } 1804 1805 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 1806 { 1807 IDEBus *bus = opaque; 1808 IDEState *s = idebus_active_if(bus); 1809 uint8_t *p; 1810 1811 /* PIO data access allowed only when DRQ bit is set. The result of a write 1812 * during PIO out is indeterminate, just ignore it. */ 1813 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1814 return; 1815 } 1816 1817 p = s->data_ptr; 1818 *(uint32_t *)p = le32_to_cpu(val); 1819 p += 4; 1820 s->data_ptr = p; 1821 if (p >= s->data_end) 1822 s->end_transfer_func(s); 1823 } 1824 1825 uint32_t ide_data_readl(void *opaque, uint32_t addr) 1826 { 1827 IDEBus *bus = opaque; 1828 IDEState *s = idebus_active_if(bus); 1829 uint8_t *p; 1830 int ret; 1831 1832 /* PIO data access allowed only when DRQ bit is set. The result of a read 1833 * during PIO in is indeterminate, return 0 and don't move forward. */ 1834 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1835 return 0; 1836 } 1837 1838 p = s->data_ptr; 1839 ret = cpu_to_le32(*(uint32_t *)p); 1840 p += 4; 1841 s->data_ptr = p; 1842 if (p >= s->data_end) 1843 s->end_transfer_func(s); 1844 return ret; 1845 } 1846 1847 static void ide_dummy_transfer_stop(IDEState *s) 1848 { 1849 s->data_ptr = s->io_buffer; 1850 s->data_end = s->io_buffer; 1851 s->io_buffer[0] = 0xff; 1852 s->io_buffer[1] = 0xff; 1853 s->io_buffer[2] = 0xff; 1854 s->io_buffer[3] = 0xff; 1855 } 1856 1857 static void ide_reset(IDEState *s) 1858 { 1859 #ifdef DEBUG_IDE 1860 printf("ide: reset\n"); 1861 #endif 1862 1863 if (s->pio_aiocb) { 1864 bdrv_aio_cancel(s->pio_aiocb); 1865 s->pio_aiocb = NULL; 1866 } 1867 1868 if (s->drive_kind == IDE_CFATA) 1869 s->mult_sectors = 0; 1870 else 1871 s->mult_sectors = MAX_MULT_SECTORS; 1872 /* ide regs */ 1873 s->feature = 0; 1874 s->error = 0; 1875 s->nsector = 0; 1876 s->sector = 0; 1877 s->lcyl = 0; 1878 s->hcyl = 0; 1879 1880 /* lba48 */ 1881 s->hob_feature = 0; 1882 s->hob_sector = 0; 1883 s->hob_nsector = 0; 1884 s->hob_lcyl = 0; 1885 s->hob_hcyl = 0; 1886 1887 s->select = 0xa0; 1888 s->status = READY_STAT | SEEK_STAT; 1889 1890 s->lba48 = 0; 1891 1892 /* ATAPI specific */ 1893 s->sense_key = 0; 1894 s->asc = 0; 1895 s->cdrom_changed = 0; 1896 s->packet_transfer_size = 0; 1897 s->elementary_transfer_size = 0; 1898 s->io_buffer_index = 0; 1899 s->cd_sector_size = 0; 1900 s->atapi_dma = 0; 1901 s->tray_locked = 0; 1902 s->tray_open = 0; 1903 /* ATA DMA state */ 1904 s->io_buffer_size = 0; 1905 s->req_nb_sectors = 0; 1906 1907 ide_set_signature(s); 1908 /* init the transfer handler so that 0xffff is returned on data 1909 accesses */ 1910 s->end_transfer_func = ide_dummy_transfer_stop; 1911 ide_dummy_transfer_stop(s); 1912 s->media_changed = 0; 1913 } 1914 1915 void ide_bus_reset(IDEBus *bus) 1916 { 1917 bus->unit = 0; 1918 bus->cmd = 0; 1919 ide_reset(&bus->ifs[0]); 1920 ide_reset(&bus->ifs[1]); 1921 ide_clear_hob(bus); 1922 1923 /* pending async DMA */ 1924 if (bus->dma->aiocb) { 1925 #ifdef DEBUG_AIO 1926 printf("aio_cancel\n"); 1927 #endif 1928 bdrv_aio_cancel(bus->dma->aiocb); 1929 bus->dma->aiocb = NULL; 1930 } 1931 1932 /* reset dma provider too */ 1933 bus->dma->ops->reset(bus->dma); 1934 } 1935 1936 static bool ide_cd_is_tray_open(void *opaque) 1937 { 1938 return ((IDEState *)opaque)->tray_open; 1939 } 1940 1941 static bool ide_cd_is_medium_locked(void *opaque) 1942 { 1943 return ((IDEState *)opaque)->tray_locked; 1944 } 1945 1946 static const BlockDevOps ide_cd_block_ops = { 1947 .change_media_cb = ide_cd_change_cb, 1948 .eject_request_cb = ide_cd_eject_request_cb, 1949 .is_tray_open = ide_cd_is_tray_open, 1950 .is_medium_locked = ide_cd_is_medium_locked, 1951 }; 1952 1953 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind, 1954 const char *version, const char *serial, const char *model, 1955 uint64_t wwn, 1956 uint32_t cylinders, uint32_t heads, uint32_t secs, 1957 int chs_trans) 1958 { 1959 uint64_t nb_sectors; 1960 1961 s->bs = bs; 1962 s->drive_kind = kind; 1963 1964 bdrv_get_geometry(bs, &nb_sectors); 1965 s->cylinders = cylinders; 1966 s->heads = heads; 1967 s->sectors = secs; 1968 s->chs_trans = chs_trans; 1969 s->nb_sectors = nb_sectors; 1970 s->wwn = wwn; 1971 /* The SMART values should be preserved across power cycles 1972 but they aren't. */ 1973 s->smart_enabled = 1; 1974 s->smart_autosave = 1; 1975 s->smart_errors = 0; 1976 s->smart_selftest_count = 0; 1977 if (kind == IDE_CD) { 1978 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s); 1979 bdrv_set_buffer_alignment(bs, 2048); 1980 } else { 1981 if (!bdrv_is_inserted(s->bs)) { 1982 error_report("Device needs media, but drive is empty"); 1983 return -1; 1984 } 1985 if (bdrv_is_read_only(bs)) { 1986 error_report("Can't use a read-only drive"); 1987 return -1; 1988 } 1989 } 1990 if (serial) { 1991 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial); 1992 } else { 1993 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 1994 "QM%05d", s->drive_serial); 1995 } 1996 if (model) { 1997 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model); 1998 } else { 1999 switch (kind) { 2000 case IDE_CD: 2001 strcpy(s->drive_model_str, "QEMU DVD-ROM"); 2002 break; 2003 case IDE_CFATA: 2004 strcpy(s->drive_model_str, "QEMU MICRODRIVE"); 2005 break; 2006 default: 2007 strcpy(s->drive_model_str, "QEMU HARDDISK"); 2008 break; 2009 } 2010 } 2011 2012 if (version) { 2013 pstrcpy(s->version, sizeof(s->version), version); 2014 } else { 2015 pstrcpy(s->version, sizeof(s->version), qemu_get_version()); 2016 } 2017 2018 ide_reset(s); 2019 bdrv_iostatus_enable(bs); 2020 return 0; 2021 } 2022 2023 static void ide_init1(IDEBus *bus, int unit) 2024 { 2025 static int drive_serial = 1; 2026 IDEState *s = &bus->ifs[unit]; 2027 2028 s->bus = bus; 2029 s->unit = unit; 2030 s->drive_serial = drive_serial++; 2031 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */ 2032 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 2033 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len); 2034 memset(s->io_buffer, 0, s->io_buffer_total_len); 2035 2036 s->smart_selftest_data = qemu_blockalign(s->bs, 512); 2037 memset(s->smart_selftest_data, 0, 512); 2038 2039 s->sector_write_timer = qemu_new_timer_ns(vm_clock, 2040 ide_sector_write_timer_cb, s); 2041 } 2042 2043 static void ide_nop_start(IDEDMA *dma, IDEState *s, 2044 BlockDriverCompletionFunc *cb) 2045 { 2046 } 2047 2048 static int ide_nop(IDEDMA *dma) 2049 { 2050 return 0; 2051 } 2052 2053 static int ide_nop_int(IDEDMA *dma, int x) 2054 { 2055 return 0; 2056 } 2057 2058 static void ide_nop_restart(void *opaque, int x, RunState y) 2059 { 2060 } 2061 2062 static const IDEDMAOps ide_dma_nop_ops = { 2063 .start_dma = ide_nop_start, 2064 .start_transfer = ide_nop, 2065 .prepare_buf = ide_nop_int, 2066 .rw_buf = ide_nop_int, 2067 .set_unit = ide_nop_int, 2068 .add_status = ide_nop_int, 2069 .set_inactive = ide_nop, 2070 .restart_cb = ide_nop_restart, 2071 .reset = ide_nop, 2072 }; 2073 2074 static IDEDMA ide_dma_nop = { 2075 .ops = &ide_dma_nop_ops, 2076 .aiocb = NULL, 2077 }; 2078 2079 void ide_init2(IDEBus *bus, qemu_irq irq) 2080 { 2081 int i; 2082 2083 for(i = 0; i < 2; i++) { 2084 ide_init1(bus, i); 2085 ide_reset(&bus->ifs[i]); 2086 } 2087 bus->irq = irq; 2088 bus->dma = &ide_dma_nop; 2089 } 2090 2091 /* TODO convert users to qdev and remove */ 2092 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0, 2093 DriveInfo *hd1, qemu_irq irq) 2094 { 2095 int i, trans; 2096 DriveInfo *dinfo; 2097 uint32_t cyls, heads, secs; 2098 2099 for(i = 0; i < 2; i++) { 2100 dinfo = i == 0 ? hd0 : hd1; 2101 ide_init1(bus, i); 2102 if (dinfo) { 2103 cyls = dinfo->cyls; 2104 heads = dinfo->heads; 2105 secs = dinfo->secs; 2106 trans = dinfo->trans; 2107 if (!cyls && !heads && !secs) { 2108 hd_geometry_guess(dinfo->bdrv, &cyls, &heads, &secs, &trans); 2109 } else if (trans == BIOS_ATA_TRANSLATION_AUTO) { 2110 trans = hd_bios_chs_auto_trans(cyls, heads, secs); 2111 } 2112 if (cyls < 1 || cyls > 65535) { 2113 error_report("cyls must be between 1 and 65535"); 2114 exit(1); 2115 } 2116 if (heads < 1 || heads > 16) { 2117 error_report("heads must be between 1 and 16"); 2118 exit(1); 2119 } 2120 if (secs < 1 || secs > 255) { 2121 error_report("secs must be between 1 and 255"); 2122 exit(1); 2123 } 2124 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, 2125 dinfo->media_cd ? IDE_CD : IDE_HD, 2126 NULL, dinfo->serial, NULL, 0, 2127 cyls, heads, secs, trans) < 0) { 2128 error_report("Can't set up IDE drive %s", dinfo->id); 2129 exit(1); 2130 } 2131 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]); 2132 } else { 2133 ide_reset(&bus->ifs[i]); 2134 } 2135 } 2136 bus->irq = irq; 2137 bus->dma = &ide_dma_nop; 2138 } 2139 2140 static const MemoryRegionPortio ide_portio_list[] = { 2141 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write }, 2142 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew }, 2143 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel }, 2144 PORTIO_END_OF_LIST(), 2145 }; 2146 2147 static const MemoryRegionPortio ide_portio2_list[] = { 2148 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write }, 2149 PORTIO_END_OF_LIST(), 2150 }; 2151 2152 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2) 2153 { 2154 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA 2155 bridge has been setup properly to always register with ISA. */ 2156 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide"); 2157 2158 if (iobase2) { 2159 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide"); 2160 } 2161 } 2162 2163 static bool is_identify_set(void *opaque, int version_id) 2164 { 2165 IDEState *s = opaque; 2166 2167 return s->identify_set != 0; 2168 } 2169 2170 static EndTransferFunc* transfer_end_table[] = { 2171 ide_sector_read, 2172 ide_sector_write, 2173 ide_transfer_stop, 2174 ide_atapi_cmd_reply_end, 2175 ide_atapi_cmd, 2176 ide_dummy_transfer_stop, 2177 }; 2178 2179 static int transfer_end_table_idx(EndTransferFunc *fn) 2180 { 2181 int i; 2182 2183 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2184 if (transfer_end_table[i] == fn) 2185 return i; 2186 2187 return -1; 2188 } 2189 2190 static int ide_drive_post_load(void *opaque, int version_id) 2191 { 2192 IDEState *s = opaque; 2193 2194 if (s->identify_set) { 2195 bdrv_set_enable_write_cache(s->bs, !!(s->identify_data[85] & (1 << 5))); 2196 } 2197 return 0; 2198 } 2199 2200 static int ide_drive_pio_post_load(void *opaque, int version_id) 2201 { 2202 IDEState *s = opaque; 2203 2204 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { 2205 return -EINVAL; 2206 } 2207 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2208 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2209 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2210 2211 return 0; 2212 } 2213 2214 static void ide_drive_pio_pre_save(void *opaque) 2215 { 2216 IDEState *s = opaque; 2217 int idx; 2218 2219 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2220 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2221 2222 idx = transfer_end_table_idx(s->end_transfer_func); 2223 if (idx == -1) { 2224 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2225 __func__); 2226 s->end_transfer_fn_idx = 2; 2227 } else { 2228 s->end_transfer_fn_idx = idx; 2229 } 2230 } 2231 2232 static bool ide_drive_pio_state_needed(void *opaque) 2233 { 2234 IDEState *s = opaque; 2235 2236 return ((s->status & DRQ_STAT) != 0) 2237 || (s->bus->error_status & BM_STATUS_PIO_RETRY); 2238 } 2239 2240 static bool ide_tray_state_needed(void *opaque) 2241 { 2242 IDEState *s = opaque; 2243 2244 return s->tray_open || s->tray_locked; 2245 } 2246 2247 static bool ide_atapi_gesn_needed(void *opaque) 2248 { 2249 IDEState *s = opaque; 2250 2251 return s->events.new_media || s->events.eject_request; 2252 } 2253 2254 static bool ide_error_needed(void *opaque) 2255 { 2256 IDEBus *bus = opaque; 2257 2258 return (bus->error_status != 0); 2259 } 2260 2261 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ 2262 static const VMStateDescription vmstate_ide_atapi_gesn_state = { 2263 .name ="ide_drive/atapi/gesn_state", 2264 .version_id = 1, 2265 .minimum_version_id = 1, 2266 .minimum_version_id_old = 1, 2267 .fields = (VMStateField []) { 2268 VMSTATE_BOOL(events.new_media, IDEState), 2269 VMSTATE_BOOL(events.eject_request, IDEState), 2270 VMSTATE_END_OF_LIST() 2271 } 2272 }; 2273 2274 static const VMStateDescription vmstate_ide_tray_state = { 2275 .name = "ide_drive/tray_state", 2276 .version_id = 1, 2277 .minimum_version_id = 1, 2278 .minimum_version_id_old = 1, 2279 .fields = (VMStateField[]) { 2280 VMSTATE_BOOL(tray_open, IDEState), 2281 VMSTATE_BOOL(tray_locked, IDEState), 2282 VMSTATE_END_OF_LIST() 2283 } 2284 }; 2285 2286 static const VMStateDescription vmstate_ide_drive_pio_state = { 2287 .name = "ide_drive/pio_state", 2288 .version_id = 1, 2289 .minimum_version_id = 1, 2290 .minimum_version_id_old = 1, 2291 .pre_save = ide_drive_pio_pre_save, 2292 .post_load = ide_drive_pio_post_load, 2293 .fields = (VMStateField []) { 2294 VMSTATE_INT32(req_nb_sectors, IDEState), 2295 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2296 vmstate_info_uint8, uint8_t), 2297 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2298 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2299 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2300 VMSTATE_INT32(elementary_transfer_size, IDEState), 2301 VMSTATE_INT32(packet_transfer_size, IDEState), 2302 VMSTATE_END_OF_LIST() 2303 } 2304 }; 2305 2306 const VMStateDescription vmstate_ide_drive = { 2307 .name = "ide_drive", 2308 .version_id = 3, 2309 .minimum_version_id = 0, 2310 .minimum_version_id_old = 0, 2311 .post_load = ide_drive_post_load, 2312 .fields = (VMStateField []) { 2313 VMSTATE_INT32(mult_sectors, IDEState), 2314 VMSTATE_INT32(identify_set, IDEState), 2315 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2316 VMSTATE_UINT8(feature, IDEState), 2317 VMSTATE_UINT8(error, IDEState), 2318 VMSTATE_UINT32(nsector, IDEState), 2319 VMSTATE_UINT8(sector, IDEState), 2320 VMSTATE_UINT8(lcyl, IDEState), 2321 VMSTATE_UINT8(hcyl, IDEState), 2322 VMSTATE_UINT8(hob_feature, IDEState), 2323 VMSTATE_UINT8(hob_sector, IDEState), 2324 VMSTATE_UINT8(hob_nsector, IDEState), 2325 VMSTATE_UINT8(hob_lcyl, IDEState), 2326 VMSTATE_UINT8(hob_hcyl, IDEState), 2327 VMSTATE_UINT8(select, IDEState), 2328 VMSTATE_UINT8(status, IDEState), 2329 VMSTATE_UINT8(lba48, IDEState), 2330 VMSTATE_UINT8(sense_key, IDEState), 2331 VMSTATE_UINT8(asc, IDEState), 2332 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2333 VMSTATE_END_OF_LIST() 2334 }, 2335 .subsections = (VMStateSubsection []) { 2336 { 2337 .vmsd = &vmstate_ide_drive_pio_state, 2338 .needed = ide_drive_pio_state_needed, 2339 }, { 2340 .vmsd = &vmstate_ide_tray_state, 2341 .needed = ide_tray_state_needed, 2342 }, { 2343 .vmsd = &vmstate_ide_atapi_gesn_state, 2344 .needed = ide_atapi_gesn_needed, 2345 }, { 2346 /* empty */ 2347 } 2348 } 2349 }; 2350 2351 static const VMStateDescription vmstate_ide_error_status = { 2352 .name ="ide_bus/error", 2353 .version_id = 1, 2354 .minimum_version_id = 1, 2355 .minimum_version_id_old = 1, 2356 .fields = (VMStateField []) { 2357 VMSTATE_INT32(error_status, IDEBus), 2358 VMSTATE_END_OF_LIST() 2359 } 2360 }; 2361 2362 const VMStateDescription vmstate_ide_bus = { 2363 .name = "ide_bus", 2364 .version_id = 1, 2365 .minimum_version_id = 1, 2366 .minimum_version_id_old = 1, 2367 .fields = (VMStateField []) { 2368 VMSTATE_UINT8(cmd, IDEBus), 2369 VMSTATE_UINT8(unit, IDEBus), 2370 VMSTATE_END_OF_LIST() 2371 }, 2372 .subsections = (VMStateSubsection []) { 2373 { 2374 .vmsd = &vmstate_ide_error_status, 2375 .needed = ide_error_needed, 2376 }, { 2377 /* empty */ 2378 } 2379 } 2380 }; 2381 2382 void ide_drive_get(DriveInfo **hd, int max_bus) 2383 { 2384 int i; 2385 2386 if (drive_get_max_bus(IF_IDE) >= max_bus) { 2387 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus); 2388 exit(1); 2389 } 2390 2391 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) { 2392 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS); 2393 } 2394 } 2395