1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 26 #include "qemu/osdep.h" 27 #include "hw/hw.h" 28 #include "hw/pci/pci.h" 29 #include "hw/isa/isa.h" 30 #include "qemu/error-report.h" 31 #include "qemu/timer.h" 32 #include "sysemu/sysemu.h" 33 #include "sysemu/blockdev.h" 34 #include "sysemu/dma.h" 35 #include "hw/block/block.h" 36 #include "sysemu/block-backend.h" 37 #include "qapi/error.h" 38 #include "qemu/cutils.h" 39 40 #include "hw/ide/internal.h" 41 #include "trace.h" 42 43 /* These values were based on a Seagate ST3500418AS but have been modified 44 to make more sense in QEMU */ 45 static const int smart_attributes[][12] = { 46 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */ 47 /* raw read error rate*/ 48 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06}, 49 /* spin up */ 50 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 51 /* start stop count */ 52 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14}, 53 /* remapped sectors */ 54 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24}, 55 /* power on hours */ 56 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 57 /* power cycle count */ 58 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 59 /* airflow-temperature-celsius */ 60 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32}, 61 }; 62 63 const char *IDE_DMA_CMD_lookup[IDE_DMA__COUNT] = { 64 [IDE_DMA_READ] = "DMA READ", 65 [IDE_DMA_WRITE] = "DMA WRITE", 66 [IDE_DMA_TRIM] = "DMA TRIM", 67 [IDE_DMA_ATAPI] = "DMA ATAPI" 68 }; 69 70 static const char *IDE_DMA_CMD_str(enum ide_dma_cmd enval) 71 { 72 if ((unsigned)enval < IDE_DMA__COUNT) { 73 return IDE_DMA_CMD_lookup[enval]; 74 } 75 return "DMA UNKNOWN CMD"; 76 } 77 78 static void ide_dummy_transfer_stop(IDEState *s); 79 80 static void padstr(char *str, const char *src, int len) 81 { 82 int i, v; 83 for(i = 0; i < len; i++) { 84 if (*src) 85 v = *src++; 86 else 87 v = ' '; 88 str[i^1] = v; 89 } 90 } 91 92 static void put_le16(uint16_t *p, unsigned int v) 93 { 94 *p = cpu_to_le16(v); 95 } 96 97 static void ide_identify_size(IDEState *s) 98 { 99 uint16_t *p = (uint16_t *)s->identify_data; 100 put_le16(p + 60, s->nb_sectors); 101 put_le16(p + 61, s->nb_sectors >> 16); 102 put_le16(p + 100, s->nb_sectors); 103 put_le16(p + 101, s->nb_sectors >> 16); 104 put_le16(p + 102, s->nb_sectors >> 32); 105 put_le16(p + 103, s->nb_sectors >> 48); 106 } 107 108 static void ide_identify(IDEState *s) 109 { 110 uint16_t *p; 111 unsigned int oldsize; 112 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; 113 114 p = (uint16_t *)s->identify_data; 115 if (s->identify_set) { 116 goto fill_buffer; 117 } 118 memset(p, 0, sizeof(s->identify_data)); 119 120 put_le16(p + 0, 0x0040); 121 put_le16(p + 1, s->cylinders); 122 put_le16(p + 3, s->heads); 123 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 124 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 125 put_le16(p + 6, s->sectors); 126 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 127 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 128 put_le16(p + 21, 512); /* cache size in sectors */ 129 put_le16(p + 22, 4); /* ecc bytes */ 130 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 131 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 132 #if MAX_MULT_SECTORS > 1 133 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 134 #endif 135 put_le16(p + 48, 1); /* dword I/O */ 136 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 137 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 138 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 139 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 140 put_le16(p + 54, s->cylinders); 141 put_le16(p + 55, s->heads); 142 put_le16(p + 56, s->sectors); 143 oldsize = s->cylinders * s->heads * s->sectors; 144 put_le16(p + 57, oldsize); 145 put_le16(p + 58, oldsize >> 16); 146 if (s->mult_sectors) 147 put_le16(p + 59, 0x100 | s->mult_sectors); 148 /* *(p + 60) := nb_sectors -- see ide_identify_size */ 149 /* *(p + 61) := nb_sectors >> 16 -- see ide_identify_size */ 150 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 151 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 152 put_le16(p + 64, 0x03); /* pio3-4 supported */ 153 put_le16(p + 65, 120); 154 put_le16(p + 66, 120); 155 put_le16(p + 67, 120); 156 put_le16(p + 68, 120); 157 if (dev && dev->conf.discard_granularity) { 158 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ 159 } 160 161 if (s->ncq_queues) { 162 put_le16(p + 75, s->ncq_queues - 1); 163 /* NCQ supported */ 164 put_le16(p + 76, (1 << 8)); 165 } 166 167 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 168 put_le16(p + 81, 0x16); /* conforms to ata5 */ 169 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */ 170 put_le16(p + 82, (1 << 14) | (1 << 5) | 1); 171 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 172 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 173 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 174 if (s->wwn) { 175 put_le16(p + 84, (1 << 14) | (1 << 8) | 0); 176 } else { 177 put_le16(p + 84, (1 << 14) | 0); 178 } 179 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 180 if (blk_enable_write_cache(s->blk)) { 181 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 182 } else { 183 put_le16(p + 85, (1 << 14) | 1); 184 } 185 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 186 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10)); 187 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 188 if (s->wwn) { 189 put_le16(p + 87, (1 << 14) | (1 << 8) | 0); 190 } else { 191 put_le16(p + 87, (1 << 14) | 0); 192 } 193 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 194 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 195 /* *(p + 100) := nb_sectors -- see ide_identify_size */ 196 /* *(p + 101) := nb_sectors >> 16 -- see ide_identify_size */ 197 /* *(p + 102) := nb_sectors >> 32 -- see ide_identify_size */ 198 /* *(p + 103) := nb_sectors >> 48 -- see ide_identify_size */ 199 200 if (dev && dev->conf.physical_block_size) 201 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 202 if (s->wwn) { 203 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 204 put_le16(p + 108, s->wwn >> 48); 205 put_le16(p + 109, s->wwn >> 32); 206 put_le16(p + 110, s->wwn >> 16); 207 put_le16(p + 111, s->wwn); 208 } 209 if (dev && dev->conf.discard_granularity) { 210 put_le16(p + 169, 1); /* TRIM support */ 211 } 212 if (dev) { 213 put_le16(p + 217, dev->rotation_rate); /* Nominal media rotation rate */ 214 } 215 216 ide_identify_size(s); 217 s->identify_set = 1; 218 219 fill_buffer: 220 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 221 } 222 223 static void ide_atapi_identify(IDEState *s) 224 { 225 uint16_t *p; 226 227 p = (uint16_t *)s->identify_data; 228 if (s->identify_set) { 229 goto fill_buffer; 230 } 231 memset(p, 0, sizeof(s->identify_data)); 232 233 /* Removable CDROM, 50us response, 12 byte packets */ 234 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 235 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 236 put_le16(p + 20, 3); /* buffer type */ 237 put_le16(p + 21, 512); /* cache size in sectors */ 238 put_le16(p + 22, 4); /* ecc bytes */ 239 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 240 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 241 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 242 #ifdef USE_DMA_CDROM 243 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 244 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 245 put_le16(p + 62, 7); /* single word dma0-2 supported */ 246 put_le16(p + 63, 7); /* mdma0-2 supported */ 247 #else 248 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 249 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 250 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 251 #endif 252 put_le16(p + 64, 3); /* pio3-4 supported */ 253 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 254 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 255 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 256 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 257 258 put_le16(p + 71, 30); /* in ns */ 259 put_le16(p + 72, 30); /* in ns */ 260 261 if (s->ncq_queues) { 262 put_le16(p + 75, s->ncq_queues - 1); 263 /* NCQ supported */ 264 put_le16(p + 76, (1 << 8)); 265 } 266 267 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 268 if (s->wwn) { 269 put_le16(p + 84, (1 << 8)); /* supports WWN for words 108-111 */ 270 put_le16(p + 87, (1 << 8)); /* WWN enabled */ 271 } 272 273 #ifdef USE_DMA_CDROM 274 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 275 #endif 276 277 if (s->wwn) { 278 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 279 put_le16(p + 108, s->wwn >> 48); 280 put_le16(p + 109, s->wwn >> 32); 281 put_le16(p + 110, s->wwn >> 16); 282 put_le16(p + 111, s->wwn); 283 } 284 285 s->identify_set = 1; 286 287 fill_buffer: 288 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 289 } 290 291 static void ide_cfata_identify_size(IDEState *s) 292 { 293 uint16_t *p = (uint16_t *)s->identify_data; 294 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 295 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 296 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 297 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 298 } 299 300 static void ide_cfata_identify(IDEState *s) 301 { 302 uint16_t *p; 303 uint32_t cur_sec; 304 305 p = (uint16_t *)s->identify_data; 306 if (s->identify_set) { 307 goto fill_buffer; 308 } 309 memset(p, 0, sizeof(s->identify_data)); 310 311 cur_sec = s->cylinders * s->heads * s->sectors; 312 313 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 314 put_le16(p + 1, s->cylinders); /* Default cylinders */ 315 put_le16(p + 3, s->heads); /* Default heads */ 316 put_le16(p + 6, s->sectors); /* Default sectors per track */ 317 /* *(p + 7) := nb_sectors >> 16 -- see ide_cfata_identify_size */ 318 /* *(p + 8) := nb_sectors -- see ide_cfata_identify_size */ 319 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 320 put_le16(p + 22, 0x0004); /* ECC bytes */ 321 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 322 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */ 323 #if MAX_MULT_SECTORS > 1 324 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 325 #else 326 put_le16(p + 47, 0x0000); 327 #endif 328 put_le16(p + 49, 0x0f00); /* Capabilities */ 329 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 330 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 331 put_le16(p + 53, 0x0003); /* Translation params valid */ 332 put_le16(p + 54, s->cylinders); /* Current cylinders */ 333 put_le16(p + 55, s->heads); /* Current heads */ 334 put_le16(p + 56, s->sectors); /* Current sectors */ 335 put_le16(p + 57, cur_sec); /* Current capacity */ 336 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 337 if (s->mult_sectors) /* Multiple sector setting */ 338 put_le16(p + 59, 0x100 | s->mult_sectors); 339 /* *(p + 60) := nb_sectors -- see ide_cfata_identify_size */ 340 /* *(p + 61) := nb_sectors >> 16 -- see ide_cfata_identify_size */ 341 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 342 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 343 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 344 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 345 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 346 put_le16(p + 82, 0x400c); /* Command Set supported */ 347 put_le16(p + 83, 0x7068); /* Command Set supported */ 348 put_le16(p + 84, 0x4000); /* Features supported */ 349 put_le16(p + 85, 0x000c); /* Command Set enabled */ 350 put_le16(p + 86, 0x7044); /* Command Set enabled */ 351 put_le16(p + 87, 0x4000); /* Features enabled */ 352 put_le16(p + 91, 0x4060); /* Current APM level */ 353 put_le16(p + 129, 0x0002); /* Current features option */ 354 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 355 put_le16(p + 131, 0x0001); /* Initial power mode */ 356 put_le16(p + 132, 0x0000); /* User signature */ 357 put_le16(p + 160, 0x8100); /* Power requirement */ 358 put_le16(p + 161, 0x8001); /* CF command set */ 359 360 ide_cfata_identify_size(s); 361 s->identify_set = 1; 362 363 fill_buffer: 364 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 365 } 366 367 static void ide_set_signature(IDEState *s) 368 { 369 s->select &= 0xf0; /* clear head */ 370 /* put signature */ 371 s->nsector = 1; 372 s->sector = 1; 373 if (s->drive_kind == IDE_CD) { 374 s->lcyl = 0x14; 375 s->hcyl = 0xeb; 376 } else if (s->blk) { 377 s->lcyl = 0; 378 s->hcyl = 0; 379 } else { 380 s->lcyl = 0xff; 381 s->hcyl = 0xff; 382 } 383 } 384 385 static bool ide_sect_range_ok(IDEState *s, 386 uint64_t sector, uint64_t nb_sectors) 387 { 388 uint64_t total_sectors; 389 390 blk_get_geometry(s->blk, &total_sectors); 391 if (sector > total_sectors || nb_sectors > total_sectors - sector) { 392 return false; 393 } 394 return true; 395 } 396 397 typedef struct TrimAIOCB { 398 BlockAIOCB common; 399 IDEState *s; 400 QEMUBH *bh; 401 int ret; 402 QEMUIOVector *qiov; 403 BlockAIOCB *aiocb; 404 int i, j; 405 bool is_invalid; 406 } TrimAIOCB; 407 408 static void trim_aio_cancel(BlockAIOCB *acb) 409 { 410 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); 411 412 /* Exit the loop so ide_issue_trim_cb will not continue */ 413 iocb->j = iocb->qiov->niov - 1; 414 iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1; 415 416 iocb->ret = -ECANCELED; 417 418 if (iocb->aiocb) { 419 blk_aio_cancel_async(iocb->aiocb); 420 iocb->aiocb = NULL; 421 } 422 } 423 424 static const AIOCBInfo trim_aiocb_info = { 425 .aiocb_size = sizeof(TrimAIOCB), 426 .cancel_async = trim_aio_cancel, 427 }; 428 429 static void ide_trim_bh_cb(void *opaque) 430 { 431 TrimAIOCB *iocb = opaque; 432 433 if (iocb->is_invalid) { 434 ide_dma_error(iocb->s); 435 } else { 436 iocb->common.cb(iocb->common.opaque, iocb->ret); 437 } 438 qemu_bh_delete(iocb->bh); 439 iocb->bh = NULL; 440 qemu_aio_unref(iocb); 441 } 442 443 static void ide_issue_trim_cb(void *opaque, int ret) 444 { 445 TrimAIOCB *iocb = opaque; 446 IDEState *s = iocb->s; 447 448 if (ret >= 0) { 449 while (iocb->j < iocb->qiov->niov) { 450 int j = iocb->j; 451 while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) { 452 int i = iocb->i; 453 uint64_t *buffer = iocb->qiov->iov[j].iov_base; 454 455 /* 6-byte LBA + 2-byte range per entry */ 456 uint64_t entry = le64_to_cpu(buffer[i]); 457 uint64_t sector = entry & 0x0000ffffffffffffULL; 458 uint16_t count = entry >> 48; 459 460 if (count == 0) { 461 continue; 462 } 463 464 if (!ide_sect_range_ok(s, sector, count)) { 465 iocb->is_invalid = true; 466 goto done; 467 } 468 469 /* Got an entry! Submit and exit. */ 470 iocb->aiocb = blk_aio_pdiscard(s->blk, 471 sector << BDRV_SECTOR_BITS, 472 count << BDRV_SECTOR_BITS, 473 ide_issue_trim_cb, opaque); 474 return; 475 } 476 477 iocb->j++; 478 iocb->i = -1; 479 } 480 } else { 481 iocb->ret = ret; 482 } 483 484 done: 485 iocb->aiocb = NULL; 486 if (iocb->bh) { 487 qemu_bh_schedule(iocb->bh); 488 } 489 } 490 491 BlockAIOCB *ide_issue_trim( 492 int64_t offset, QEMUIOVector *qiov, 493 BlockCompletionFunc *cb, void *cb_opaque, void *opaque) 494 { 495 IDEState *s = opaque; 496 TrimAIOCB *iocb; 497 498 iocb = blk_aio_get(&trim_aiocb_info, s->blk, cb, cb_opaque); 499 iocb->s = s; 500 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); 501 iocb->ret = 0; 502 iocb->qiov = qiov; 503 iocb->i = -1; 504 iocb->j = 0; 505 iocb->is_invalid = false; 506 ide_issue_trim_cb(iocb, 0); 507 return &iocb->common; 508 } 509 510 void ide_abort_command(IDEState *s) 511 { 512 ide_transfer_stop(s); 513 s->status = READY_STAT | ERR_STAT; 514 s->error = ABRT_ERR; 515 } 516 517 static void ide_set_retry(IDEState *s) 518 { 519 s->bus->retry_unit = s->unit; 520 s->bus->retry_sector_num = ide_get_sector(s); 521 s->bus->retry_nsector = s->nsector; 522 } 523 524 static void ide_clear_retry(IDEState *s) 525 { 526 s->bus->retry_unit = -1; 527 s->bus->retry_sector_num = 0; 528 s->bus->retry_nsector = 0; 529 } 530 531 /* prepare data transfer and tell what to do after */ 532 void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 533 EndTransferFunc *end_transfer_func) 534 { 535 s->end_transfer_func = end_transfer_func; 536 s->data_ptr = buf; 537 s->data_end = buf + size; 538 ide_set_retry(s); 539 if (!(s->status & ERR_STAT)) { 540 s->status |= DRQ_STAT; 541 } 542 if (s->bus->dma->ops->start_transfer) { 543 s->bus->dma->ops->start_transfer(s->bus->dma); 544 } 545 } 546 547 static void ide_cmd_done(IDEState *s) 548 { 549 if (s->bus->dma->ops->cmd_done) { 550 s->bus->dma->ops->cmd_done(s->bus->dma); 551 } 552 } 553 554 static void ide_transfer_halt(IDEState *s, 555 void(*end_transfer_func)(IDEState *), 556 bool notify) 557 { 558 s->end_transfer_func = end_transfer_func; 559 s->data_ptr = s->io_buffer; 560 s->data_end = s->io_buffer; 561 s->status &= ~DRQ_STAT; 562 if (notify) { 563 ide_cmd_done(s); 564 } 565 } 566 567 void ide_transfer_stop(IDEState *s) 568 { 569 ide_transfer_halt(s, ide_transfer_stop, true); 570 } 571 572 static void ide_transfer_cancel(IDEState *s) 573 { 574 ide_transfer_halt(s, ide_transfer_cancel, false); 575 } 576 577 int64_t ide_get_sector(IDEState *s) 578 { 579 int64_t sector_num; 580 if (s->select & 0x40) { 581 /* lba */ 582 if (!s->lba48) { 583 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 584 (s->lcyl << 8) | s->sector; 585 } else { 586 sector_num = ((int64_t)s->hob_hcyl << 40) | 587 ((int64_t) s->hob_lcyl << 32) | 588 ((int64_t) s->hob_sector << 24) | 589 ((int64_t) s->hcyl << 16) | 590 ((int64_t) s->lcyl << 8) | s->sector; 591 } 592 } else { 593 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 594 (s->select & 0x0f) * s->sectors + (s->sector - 1); 595 } 596 return sector_num; 597 } 598 599 void ide_set_sector(IDEState *s, int64_t sector_num) 600 { 601 unsigned int cyl, r; 602 if (s->select & 0x40) { 603 if (!s->lba48) { 604 s->select = (s->select & 0xf0) | (sector_num >> 24); 605 s->hcyl = (sector_num >> 16); 606 s->lcyl = (sector_num >> 8); 607 s->sector = (sector_num); 608 } else { 609 s->sector = sector_num; 610 s->lcyl = sector_num >> 8; 611 s->hcyl = sector_num >> 16; 612 s->hob_sector = sector_num >> 24; 613 s->hob_lcyl = sector_num >> 32; 614 s->hob_hcyl = sector_num >> 40; 615 } 616 } else { 617 cyl = sector_num / (s->heads * s->sectors); 618 r = sector_num % (s->heads * s->sectors); 619 s->hcyl = cyl >> 8; 620 s->lcyl = cyl; 621 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 622 s->sector = (r % s->sectors) + 1; 623 } 624 } 625 626 static void ide_rw_error(IDEState *s) { 627 ide_abort_command(s); 628 ide_set_irq(s->bus); 629 } 630 631 static void ide_buffered_readv_cb(void *opaque, int ret) 632 { 633 IDEBufferedRequest *req = opaque; 634 if (!req->orphaned) { 635 if (!ret) { 636 qemu_iovec_from_buf(req->original_qiov, 0, req->iov.iov_base, 637 req->original_qiov->size); 638 } 639 req->original_cb(req->original_opaque, ret); 640 } 641 QLIST_REMOVE(req, list); 642 qemu_vfree(req->iov.iov_base); 643 g_free(req); 644 } 645 646 #define MAX_BUFFERED_REQS 16 647 648 BlockAIOCB *ide_buffered_readv(IDEState *s, int64_t sector_num, 649 QEMUIOVector *iov, int nb_sectors, 650 BlockCompletionFunc *cb, void *opaque) 651 { 652 BlockAIOCB *aioreq; 653 IDEBufferedRequest *req; 654 int c = 0; 655 656 QLIST_FOREACH(req, &s->buffered_requests, list) { 657 c++; 658 } 659 if (c > MAX_BUFFERED_REQS) { 660 return blk_abort_aio_request(s->blk, cb, opaque, -EIO); 661 } 662 663 req = g_new0(IDEBufferedRequest, 1); 664 req->original_qiov = iov; 665 req->original_cb = cb; 666 req->original_opaque = opaque; 667 req->iov.iov_base = qemu_blockalign(blk_bs(s->blk), iov->size); 668 req->iov.iov_len = iov->size; 669 qemu_iovec_init_external(&req->qiov, &req->iov, 1); 670 671 aioreq = blk_aio_preadv(s->blk, sector_num << BDRV_SECTOR_BITS, 672 &req->qiov, 0, ide_buffered_readv_cb, req); 673 674 QLIST_INSERT_HEAD(&s->buffered_requests, req, list); 675 return aioreq; 676 } 677 678 /** 679 * Cancel all pending DMA requests. 680 * Any buffered DMA requests are instantly canceled, 681 * but any pending unbuffered DMA requests must be waited on. 682 */ 683 void ide_cancel_dma_sync(IDEState *s) 684 { 685 IDEBufferedRequest *req; 686 687 /* First invoke the callbacks of all buffered requests 688 * and flag those requests as orphaned. Ideally there 689 * are no unbuffered (Scatter Gather DMA Requests or 690 * write requests) pending and we can avoid to drain. */ 691 QLIST_FOREACH(req, &s->buffered_requests, list) { 692 if (!req->orphaned) { 693 trace_ide_cancel_dma_sync_buffered(req->original_cb, req); 694 req->original_cb(req->original_opaque, -ECANCELED); 695 } 696 req->orphaned = true; 697 } 698 699 /* 700 * We can't cancel Scatter Gather DMA in the middle of the 701 * operation or a partial (not full) DMA transfer would reach 702 * the storage so we wait for completion instead (we beahve 703 * like if the DMA was completed by the time the guest trying 704 * to cancel dma with bmdma_cmd_writeb with BM_CMD_START not 705 * set). 706 * 707 * In the future we'll be able to safely cancel the I/O if the 708 * whole DMA operation will be submitted to disk with a single 709 * aio operation with preadv/pwritev. 710 */ 711 if (s->bus->dma->aiocb) { 712 trace_ide_cancel_dma_sync_remaining(); 713 blk_drain(s->blk); 714 assert(s->bus->dma->aiocb == NULL); 715 } 716 } 717 718 static void ide_sector_read(IDEState *s); 719 720 static void ide_sector_read_cb(void *opaque, int ret) 721 { 722 IDEState *s = opaque; 723 int n; 724 725 s->pio_aiocb = NULL; 726 s->status &= ~BUSY_STAT; 727 728 if (ret == -ECANCELED) { 729 return; 730 } 731 if (ret != 0) { 732 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO | 733 IDE_RETRY_READ)) { 734 return; 735 } 736 } 737 738 block_acct_done(blk_get_stats(s->blk), &s->acct); 739 740 n = s->nsector; 741 if (n > s->req_nb_sectors) { 742 n = s->req_nb_sectors; 743 } 744 745 ide_set_sector(s, ide_get_sector(s) + n); 746 s->nsector -= n; 747 /* Allow the guest to read the io_buffer */ 748 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read); 749 ide_set_irq(s->bus); 750 } 751 752 static void ide_sector_read(IDEState *s) 753 { 754 int64_t sector_num; 755 int n; 756 757 s->status = READY_STAT | SEEK_STAT; 758 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 759 sector_num = ide_get_sector(s); 760 n = s->nsector; 761 762 if (n == 0) { 763 ide_transfer_stop(s); 764 return; 765 } 766 767 s->status |= BUSY_STAT; 768 769 if (n > s->req_nb_sectors) { 770 n = s->req_nb_sectors; 771 } 772 773 trace_ide_sector_read(sector_num, n); 774 775 if (!ide_sect_range_ok(s, sector_num, n)) { 776 ide_rw_error(s); 777 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_READ); 778 return; 779 } 780 781 s->iov.iov_base = s->io_buffer; 782 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 783 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 784 785 block_acct_start(blk_get_stats(s->blk), &s->acct, 786 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ); 787 s->pio_aiocb = ide_buffered_readv(s, sector_num, &s->qiov, n, 788 ide_sector_read_cb, s); 789 } 790 791 void dma_buf_commit(IDEState *s, uint32_t tx_bytes) 792 { 793 if (s->bus->dma->ops->commit_buf) { 794 s->bus->dma->ops->commit_buf(s->bus->dma, tx_bytes); 795 } 796 s->io_buffer_offset += tx_bytes; 797 qemu_sglist_destroy(&s->sg); 798 } 799 800 void ide_set_inactive(IDEState *s, bool more) 801 { 802 s->bus->dma->aiocb = NULL; 803 ide_clear_retry(s); 804 if (s->bus->dma->ops->set_inactive) { 805 s->bus->dma->ops->set_inactive(s->bus->dma, more); 806 } 807 ide_cmd_done(s); 808 } 809 810 void ide_dma_error(IDEState *s) 811 { 812 dma_buf_commit(s, 0); 813 ide_abort_command(s); 814 ide_set_inactive(s, false); 815 ide_set_irq(s->bus); 816 } 817 818 int ide_handle_rw_error(IDEState *s, int error, int op) 819 { 820 bool is_read = (op & IDE_RETRY_READ) != 0; 821 BlockErrorAction action = blk_get_error_action(s->blk, is_read, error); 822 823 if (action == BLOCK_ERROR_ACTION_STOP) { 824 assert(s->bus->retry_unit == s->unit); 825 s->bus->error_status = op; 826 } else if (action == BLOCK_ERROR_ACTION_REPORT) { 827 block_acct_failed(blk_get_stats(s->blk), &s->acct); 828 if (IS_IDE_RETRY_DMA(op)) { 829 ide_dma_error(s); 830 } else if (IS_IDE_RETRY_ATAPI(op)) { 831 ide_atapi_io_error(s, -error); 832 } else { 833 ide_rw_error(s); 834 } 835 } 836 blk_error_action(s->blk, action, is_read, error); 837 return action != BLOCK_ERROR_ACTION_IGNORE; 838 } 839 840 static void ide_dma_cb(void *opaque, int ret) 841 { 842 IDEState *s = opaque; 843 int n; 844 int64_t sector_num; 845 uint64_t offset; 846 bool stay_active = false; 847 848 if (ret == -ECANCELED) { 849 return; 850 } 851 if (ret < 0) { 852 if (ide_handle_rw_error(s, -ret, ide_dma_cmd_to_retry(s->dma_cmd))) { 853 s->bus->dma->aiocb = NULL; 854 dma_buf_commit(s, 0); 855 return; 856 } 857 } 858 859 n = s->io_buffer_size >> 9; 860 if (n > s->nsector) { 861 /* The PRDs were longer than needed for this request. Shorten them so 862 * we don't get a negative remainder. The Active bit must remain set 863 * after the request completes. */ 864 n = s->nsector; 865 stay_active = true; 866 } 867 868 sector_num = ide_get_sector(s); 869 if (n > 0) { 870 assert(n * 512 == s->sg.size); 871 dma_buf_commit(s, s->sg.size); 872 sector_num += n; 873 ide_set_sector(s, sector_num); 874 s->nsector -= n; 875 } 876 877 /* end of transfer ? */ 878 if (s->nsector == 0) { 879 s->status = READY_STAT | SEEK_STAT; 880 ide_set_irq(s->bus); 881 goto eot; 882 } 883 884 /* launch next transfer */ 885 n = s->nsector; 886 s->io_buffer_index = 0; 887 s->io_buffer_size = n * 512; 888 if (s->bus->dma->ops->prepare_buf(s->bus->dma, s->io_buffer_size) < 512) { 889 /* The PRDs were too short. Reset the Active bit, but don't raise an 890 * interrupt. */ 891 s->status = READY_STAT | SEEK_STAT; 892 dma_buf_commit(s, 0); 893 goto eot; 894 } 895 896 trace_ide_dma_cb(s, sector_num, n, IDE_DMA_CMD_str(s->dma_cmd)); 897 898 if ((s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) && 899 !ide_sect_range_ok(s, sector_num, n)) { 900 ide_dma_error(s); 901 block_acct_invalid(blk_get_stats(s->blk), s->acct.type); 902 return; 903 } 904 905 offset = sector_num << BDRV_SECTOR_BITS; 906 switch (s->dma_cmd) { 907 case IDE_DMA_READ: 908 s->bus->dma->aiocb = dma_blk_read(s->blk, &s->sg, offset, 909 BDRV_SECTOR_SIZE, ide_dma_cb, s); 910 break; 911 case IDE_DMA_WRITE: 912 s->bus->dma->aiocb = dma_blk_write(s->blk, &s->sg, offset, 913 BDRV_SECTOR_SIZE, ide_dma_cb, s); 914 break; 915 case IDE_DMA_TRIM: 916 s->bus->dma->aiocb = dma_blk_io(blk_get_aio_context(s->blk), 917 &s->sg, offset, BDRV_SECTOR_SIZE, 918 ide_issue_trim, s, ide_dma_cb, s, 919 DMA_DIRECTION_TO_DEVICE); 920 break; 921 default: 922 abort(); 923 } 924 return; 925 926 eot: 927 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) { 928 block_acct_done(blk_get_stats(s->blk), &s->acct); 929 } 930 ide_set_inactive(s, stay_active); 931 } 932 933 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 934 { 935 s->status = READY_STAT | SEEK_STAT | DRQ_STAT; 936 s->io_buffer_size = 0; 937 s->dma_cmd = dma_cmd; 938 939 switch (dma_cmd) { 940 case IDE_DMA_READ: 941 block_acct_start(blk_get_stats(s->blk), &s->acct, 942 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ); 943 break; 944 case IDE_DMA_WRITE: 945 block_acct_start(blk_get_stats(s->blk), &s->acct, 946 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE); 947 break; 948 default: 949 break; 950 } 951 952 ide_start_dma(s, ide_dma_cb); 953 } 954 955 void ide_start_dma(IDEState *s, BlockCompletionFunc *cb) 956 { 957 s->io_buffer_index = 0; 958 ide_set_retry(s); 959 if (s->bus->dma->ops->start_dma) { 960 s->bus->dma->ops->start_dma(s->bus->dma, s, cb); 961 } 962 } 963 964 static void ide_sector_write(IDEState *s); 965 966 static void ide_sector_write_timer_cb(void *opaque) 967 { 968 IDEState *s = opaque; 969 ide_set_irq(s->bus); 970 } 971 972 static void ide_sector_write_cb(void *opaque, int ret) 973 { 974 IDEState *s = opaque; 975 int n; 976 977 if (ret == -ECANCELED) { 978 return; 979 } 980 981 s->pio_aiocb = NULL; 982 s->status &= ~BUSY_STAT; 983 984 if (ret != 0) { 985 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO)) { 986 return; 987 } 988 } 989 990 block_acct_done(blk_get_stats(s->blk), &s->acct); 991 992 n = s->nsector; 993 if (n > s->req_nb_sectors) { 994 n = s->req_nb_sectors; 995 } 996 s->nsector -= n; 997 998 ide_set_sector(s, ide_get_sector(s) + n); 999 if (s->nsector == 0) { 1000 /* no more sectors to write */ 1001 ide_transfer_stop(s); 1002 } else { 1003 int n1 = s->nsector; 1004 if (n1 > s->req_nb_sectors) { 1005 n1 = s->req_nb_sectors; 1006 } 1007 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE, 1008 ide_sector_write); 1009 } 1010 1011 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 1012 /* It seems there is a bug in the Windows 2000 installer HDD 1013 IDE driver which fills the disk with empty logs when the 1014 IDE write IRQ comes too early. This hack tries to correct 1015 that at the expense of slower write performances. Use this 1016 option _only_ to install Windows 2000. You must disable it 1017 for normal use. */ 1018 timer_mod(s->sector_write_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 1019 (NANOSECONDS_PER_SECOND / 1000)); 1020 } else { 1021 ide_set_irq(s->bus); 1022 } 1023 } 1024 1025 static void ide_sector_write(IDEState *s) 1026 { 1027 int64_t sector_num; 1028 int n; 1029 1030 s->status = READY_STAT | SEEK_STAT | BUSY_STAT; 1031 sector_num = ide_get_sector(s); 1032 1033 n = s->nsector; 1034 if (n > s->req_nb_sectors) { 1035 n = s->req_nb_sectors; 1036 } 1037 1038 trace_ide_sector_write(sector_num, n); 1039 1040 if (!ide_sect_range_ok(s, sector_num, n)) { 1041 ide_rw_error(s); 1042 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_WRITE); 1043 return; 1044 } 1045 1046 s->iov.iov_base = s->io_buffer; 1047 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 1048 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 1049 1050 block_acct_start(blk_get_stats(s->blk), &s->acct, 1051 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE); 1052 s->pio_aiocb = blk_aio_pwritev(s->blk, sector_num << BDRV_SECTOR_BITS, 1053 &s->qiov, 0, ide_sector_write_cb, s); 1054 } 1055 1056 static void ide_flush_cb(void *opaque, int ret) 1057 { 1058 IDEState *s = opaque; 1059 1060 s->pio_aiocb = NULL; 1061 1062 if (ret == -ECANCELED) { 1063 return; 1064 } 1065 if (ret < 0) { 1066 /* XXX: What sector number to set here? */ 1067 if (ide_handle_rw_error(s, -ret, IDE_RETRY_FLUSH)) { 1068 return; 1069 } 1070 } 1071 1072 if (s->blk) { 1073 block_acct_done(blk_get_stats(s->blk), &s->acct); 1074 } 1075 s->status = READY_STAT | SEEK_STAT; 1076 ide_cmd_done(s); 1077 ide_set_irq(s->bus); 1078 } 1079 1080 static void ide_flush_cache(IDEState *s) 1081 { 1082 if (s->blk == NULL) { 1083 ide_flush_cb(s, 0); 1084 return; 1085 } 1086 1087 s->status |= BUSY_STAT; 1088 ide_set_retry(s); 1089 block_acct_start(blk_get_stats(s->blk), &s->acct, 0, BLOCK_ACCT_FLUSH); 1090 1091 if (blk_bs(s->blk)) { 1092 s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s); 1093 } else { 1094 /* XXX blk_aio_flush() crashes when blk_bs(blk) is NULL, remove this 1095 * temporary workaround when blk_aio_*() functions handle NULL blk_bs. 1096 */ 1097 ide_flush_cb(s, 0); 1098 } 1099 } 1100 1101 static void ide_cfata_metadata_inquiry(IDEState *s) 1102 { 1103 uint16_t *p; 1104 uint32_t spd; 1105 1106 p = (uint16_t *) s->io_buffer; 1107 memset(p, 0, 0x200); 1108 spd = ((s->mdata_size - 1) >> 9) + 1; 1109 1110 put_le16(p + 0, 0x0001); /* Data format revision */ 1111 put_le16(p + 1, 0x0000); /* Media property: silicon */ 1112 put_le16(p + 2, s->media_changed); /* Media status */ 1113 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 1114 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 1115 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 1116 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 1117 } 1118 1119 static void ide_cfata_metadata_read(IDEState *s) 1120 { 1121 uint16_t *p; 1122 1123 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 1124 s->status = ERR_STAT; 1125 s->error = ABRT_ERR; 1126 return; 1127 } 1128 1129 p = (uint16_t *) s->io_buffer; 1130 memset(p, 0, 0x200); 1131 1132 put_le16(p + 0, s->media_changed); /* Media status */ 1133 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 1134 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 1135 s->nsector << 9), 0x200 - 2)); 1136 } 1137 1138 static void ide_cfata_metadata_write(IDEState *s) 1139 { 1140 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 1141 s->status = ERR_STAT; 1142 s->error = ABRT_ERR; 1143 return; 1144 } 1145 1146 s->media_changed = 0; 1147 1148 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 1149 s->io_buffer + 2, 1150 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 1151 s->nsector << 9), 0x200 - 2)); 1152 } 1153 1154 /* called when the inserted state of the media has changed */ 1155 static void ide_cd_change_cb(void *opaque, bool load, Error **errp) 1156 { 1157 IDEState *s = opaque; 1158 uint64_t nb_sectors; 1159 1160 s->tray_open = !load; 1161 blk_get_geometry(s->blk, &nb_sectors); 1162 s->nb_sectors = nb_sectors; 1163 1164 /* 1165 * First indicate to the guest that a CD has been removed. That's 1166 * done on the next command the guest sends us. 1167 * 1168 * Then we set UNIT_ATTENTION, by which the guest will 1169 * detect a new CD in the drive. See ide_atapi_cmd() for details. 1170 */ 1171 s->cdrom_changed = 1; 1172 s->events.new_media = true; 1173 s->events.eject_request = false; 1174 ide_set_irq(s->bus); 1175 } 1176 1177 static void ide_cd_eject_request_cb(void *opaque, bool force) 1178 { 1179 IDEState *s = opaque; 1180 1181 s->events.eject_request = true; 1182 if (force) { 1183 s->tray_locked = false; 1184 } 1185 ide_set_irq(s->bus); 1186 } 1187 1188 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 1189 { 1190 s->lba48 = lba48; 1191 1192 /* handle the 'magic' 0 nsector count conversion here. to avoid 1193 * fiddling with the rest of the read logic, we just store the 1194 * full sector count in ->nsector and ignore ->hob_nsector from now 1195 */ 1196 if (!s->lba48) { 1197 if (!s->nsector) 1198 s->nsector = 256; 1199 } else { 1200 if (!s->nsector && !s->hob_nsector) 1201 s->nsector = 65536; 1202 else { 1203 int lo = s->nsector; 1204 int hi = s->hob_nsector; 1205 1206 s->nsector = (hi << 8) | lo; 1207 } 1208 } 1209 } 1210 1211 static void ide_clear_hob(IDEBus *bus) 1212 { 1213 /* any write clears HOB high bit of device control register */ 1214 bus->ifs[0].select &= ~(1 << 7); 1215 bus->ifs[1].select &= ~(1 << 7); 1216 } 1217 1218 /* IOport [W]rite [R]egisters */ 1219 enum ATA_IOPORT_WR { 1220 ATA_IOPORT_WR_DATA = 0, 1221 ATA_IOPORT_WR_FEATURES = 1, 1222 ATA_IOPORT_WR_SECTOR_COUNT = 2, 1223 ATA_IOPORT_WR_SECTOR_NUMBER = 3, 1224 ATA_IOPORT_WR_CYLINDER_LOW = 4, 1225 ATA_IOPORT_WR_CYLINDER_HIGH = 5, 1226 ATA_IOPORT_WR_DEVICE_HEAD = 6, 1227 ATA_IOPORT_WR_COMMAND = 7, 1228 ATA_IOPORT_WR_NUM_REGISTERS, 1229 }; 1230 1231 const char *ATA_IOPORT_WR_lookup[ATA_IOPORT_WR_NUM_REGISTERS] = { 1232 [ATA_IOPORT_WR_DATA] = "Data", 1233 [ATA_IOPORT_WR_FEATURES] = "Features", 1234 [ATA_IOPORT_WR_SECTOR_COUNT] = "Sector Count", 1235 [ATA_IOPORT_WR_SECTOR_NUMBER] = "Sector Number", 1236 [ATA_IOPORT_WR_CYLINDER_LOW] = "Cylinder Low", 1237 [ATA_IOPORT_WR_CYLINDER_HIGH] = "Cylinder High", 1238 [ATA_IOPORT_WR_DEVICE_HEAD] = "Device/Head", 1239 [ATA_IOPORT_WR_COMMAND] = "Command" 1240 }; 1241 1242 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 1243 { 1244 IDEBus *bus = opaque; 1245 IDEState *s = idebus_active_if(bus); 1246 int reg_num = addr & 7; 1247 1248 trace_ide_ioport_write(addr, ATA_IOPORT_WR_lookup[reg_num], val, bus, s); 1249 1250 /* ignore writes to command block while busy with previous command */ 1251 if (reg_num != 7 && (s->status & (BUSY_STAT|DRQ_STAT))) { 1252 return; 1253 } 1254 1255 switch (reg_num) { 1256 case 0: 1257 break; 1258 case ATA_IOPORT_WR_FEATURES: 1259 ide_clear_hob(bus); 1260 /* NOTE: data is written to the two drives */ 1261 bus->ifs[0].hob_feature = bus->ifs[0].feature; 1262 bus->ifs[1].hob_feature = bus->ifs[1].feature; 1263 bus->ifs[0].feature = val; 1264 bus->ifs[1].feature = val; 1265 break; 1266 case ATA_IOPORT_WR_SECTOR_COUNT: 1267 ide_clear_hob(bus); 1268 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 1269 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 1270 bus->ifs[0].nsector = val; 1271 bus->ifs[1].nsector = val; 1272 break; 1273 case ATA_IOPORT_WR_SECTOR_NUMBER: 1274 ide_clear_hob(bus); 1275 bus->ifs[0].hob_sector = bus->ifs[0].sector; 1276 bus->ifs[1].hob_sector = bus->ifs[1].sector; 1277 bus->ifs[0].sector = val; 1278 bus->ifs[1].sector = val; 1279 break; 1280 case ATA_IOPORT_WR_CYLINDER_LOW: 1281 ide_clear_hob(bus); 1282 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 1283 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 1284 bus->ifs[0].lcyl = val; 1285 bus->ifs[1].lcyl = val; 1286 break; 1287 case ATA_IOPORT_WR_CYLINDER_HIGH: 1288 ide_clear_hob(bus); 1289 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 1290 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 1291 bus->ifs[0].hcyl = val; 1292 bus->ifs[1].hcyl = val; 1293 break; 1294 case ATA_IOPORT_WR_DEVICE_HEAD: 1295 /* FIXME: HOB readback uses bit 7 */ 1296 bus->ifs[0].select = (val & ~0x10) | 0xa0; 1297 bus->ifs[1].select = (val | 0x10) | 0xa0; 1298 /* select drive */ 1299 bus->unit = (val >> 4) & 1; 1300 break; 1301 default: 1302 case ATA_IOPORT_WR_COMMAND: 1303 /* command */ 1304 ide_exec_cmd(bus, val); 1305 break; 1306 } 1307 } 1308 1309 static void ide_reset(IDEState *s) 1310 { 1311 trace_ide_reset(s); 1312 1313 if (s->pio_aiocb) { 1314 blk_aio_cancel(s->pio_aiocb); 1315 s->pio_aiocb = NULL; 1316 } 1317 1318 if (s->drive_kind == IDE_CFATA) 1319 s->mult_sectors = 0; 1320 else 1321 s->mult_sectors = MAX_MULT_SECTORS; 1322 /* ide regs */ 1323 s->feature = 0; 1324 s->error = 0; 1325 s->nsector = 0; 1326 s->sector = 0; 1327 s->lcyl = 0; 1328 s->hcyl = 0; 1329 1330 /* lba48 */ 1331 s->hob_feature = 0; 1332 s->hob_sector = 0; 1333 s->hob_nsector = 0; 1334 s->hob_lcyl = 0; 1335 s->hob_hcyl = 0; 1336 1337 s->select = 0xa0; 1338 s->status = READY_STAT | SEEK_STAT; 1339 1340 s->lba48 = 0; 1341 1342 /* ATAPI specific */ 1343 s->sense_key = 0; 1344 s->asc = 0; 1345 s->cdrom_changed = 0; 1346 s->packet_transfer_size = 0; 1347 s->elementary_transfer_size = 0; 1348 s->io_buffer_index = 0; 1349 s->cd_sector_size = 0; 1350 s->atapi_dma = 0; 1351 s->tray_locked = 0; 1352 s->tray_open = 0; 1353 /* ATA DMA state */ 1354 s->io_buffer_size = 0; 1355 s->req_nb_sectors = 0; 1356 1357 ide_set_signature(s); 1358 /* init the transfer handler so that 0xffff is returned on data 1359 accesses */ 1360 s->end_transfer_func = ide_dummy_transfer_stop; 1361 ide_dummy_transfer_stop(s); 1362 s->media_changed = 0; 1363 } 1364 1365 static bool cmd_nop(IDEState *s, uint8_t cmd) 1366 { 1367 return true; 1368 } 1369 1370 static bool cmd_device_reset(IDEState *s, uint8_t cmd) 1371 { 1372 /* Halt PIO (in the DRQ phase), then DMA */ 1373 ide_transfer_cancel(s); 1374 ide_cancel_dma_sync(s); 1375 1376 /* Reset any PIO commands, reset signature, etc */ 1377 ide_reset(s); 1378 1379 /* RESET: ATA8-ACS3 7.10.4 "Normal Outputs"; 1380 * ATA8-ACS3 Table 184 "Device Signatures for Normal Output" */ 1381 s->status = 0x00; 1382 1383 /* Do not overwrite status register */ 1384 return false; 1385 } 1386 1387 static bool cmd_data_set_management(IDEState *s, uint8_t cmd) 1388 { 1389 switch (s->feature) { 1390 case DSM_TRIM: 1391 if (s->blk) { 1392 ide_sector_start_dma(s, IDE_DMA_TRIM); 1393 return false; 1394 } 1395 break; 1396 } 1397 1398 ide_abort_command(s); 1399 return true; 1400 } 1401 1402 static bool cmd_identify(IDEState *s, uint8_t cmd) 1403 { 1404 if (s->blk && s->drive_kind != IDE_CD) { 1405 if (s->drive_kind != IDE_CFATA) { 1406 ide_identify(s); 1407 } else { 1408 ide_cfata_identify(s); 1409 } 1410 s->status = READY_STAT | SEEK_STAT; 1411 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1412 ide_set_irq(s->bus); 1413 return false; 1414 } else { 1415 if (s->drive_kind == IDE_CD) { 1416 ide_set_signature(s); 1417 } 1418 ide_abort_command(s); 1419 } 1420 1421 return true; 1422 } 1423 1424 static bool cmd_verify(IDEState *s, uint8_t cmd) 1425 { 1426 bool lba48 = (cmd == WIN_VERIFY_EXT); 1427 1428 /* do sector number check ? */ 1429 ide_cmd_lba48_transform(s, lba48); 1430 1431 return true; 1432 } 1433 1434 static bool cmd_set_multiple_mode(IDEState *s, uint8_t cmd) 1435 { 1436 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1437 /* Disable Read and Write Multiple */ 1438 s->mult_sectors = 0; 1439 } else if ((s->nsector & 0xff) != 0 && 1440 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1441 (s->nsector & (s->nsector - 1)) != 0)) { 1442 ide_abort_command(s); 1443 } else { 1444 s->mult_sectors = s->nsector & 0xff; 1445 } 1446 1447 return true; 1448 } 1449 1450 static bool cmd_read_multiple(IDEState *s, uint8_t cmd) 1451 { 1452 bool lba48 = (cmd == WIN_MULTREAD_EXT); 1453 1454 if (!s->blk || !s->mult_sectors) { 1455 ide_abort_command(s); 1456 return true; 1457 } 1458 1459 ide_cmd_lba48_transform(s, lba48); 1460 s->req_nb_sectors = s->mult_sectors; 1461 ide_sector_read(s); 1462 return false; 1463 } 1464 1465 static bool cmd_write_multiple(IDEState *s, uint8_t cmd) 1466 { 1467 bool lba48 = (cmd == WIN_MULTWRITE_EXT); 1468 int n; 1469 1470 if (!s->blk || !s->mult_sectors) { 1471 ide_abort_command(s); 1472 return true; 1473 } 1474 1475 ide_cmd_lba48_transform(s, lba48); 1476 1477 s->req_nb_sectors = s->mult_sectors; 1478 n = MIN(s->nsector, s->req_nb_sectors); 1479 1480 s->status = SEEK_STAT | READY_STAT; 1481 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1482 1483 s->media_changed = 1; 1484 1485 return false; 1486 } 1487 1488 static bool cmd_read_pio(IDEState *s, uint8_t cmd) 1489 { 1490 bool lba48 = (cmd == WIN_READ_EXT); 1491 1492 if (s->drive_kind == IDE_CD) { 1493 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */ 1494 ide_abort_command(s); 1495 return true; 1496 } 1497 1498 if (!s->blk) { 1499 ide_abort_command(s); 1500 return true; 1501 } 1502 1503 ide_cmd_lba48_transform(s, lba48); 1504 s->req_nb_sectors = 1; 1505 ide_sector_read(s); 1506 1507 return false; 1508 } 1509 1510 static bool cmd_write_pio(IDEState *s, uint8_t cmd) 1511 { 1512 bool lba48 = (cmd == WIN_WRITE_EXT); 1513 1514 if (!s->blk) { 1515 ide_abort_command(s); 1516 return true; 1517 } 1518 1519 ide_cmd_lba48_transform(s, lba48); 1520 1521 s->req_nb_sectors = 1; 1522 s->status = SEEK_STAT | READY_STAT; 1523 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1524 1525 s->media_changed = 1; 1526 1527 return false; 1528 } 1529 1530 static bool cmd_read_dma(IDEState *s, uint8_t cmd) 1531 { 1532 bool lba48 = (cmd == WIN_READDMA_EXT); 1533 1534 if (!s->blk) { 1535 ide_abort_command(s); 1536 return true; 1537 } 1538 1539 ide_cmd_lba48_transform(s, lba48); 1540 ide_sector_start_dma(s, IDE_DMA_READ); 1541 1542 return false; 1543 } 1544 1545 static bool cmd_write_dma(IDEState *s, uint8_t cmd) 1546 { 1547 bool lba48 = (cmd == WIN_WRITEDMA_EXT); 1548 1549 if (!s->blk) { 1550 ide_abort_command(s); 1551 return true; 1552 } 1553 1554 ide_cmd_lba48_transform(s, lba48); 1555 ide_sector_start_dma(s, IDE_DMA_WRITE); 1556 1557 s->media_changed = 1; 1558 1559 return false; 1560 } 1561 1562 static bool cmd_flush_cache(IDEState *s, uint8_t cmd) 1563 { 1564 ide_flush_cache(s); 1565 return false; 1566 } 1567 1568 static bool cmd_seek(IDEState *s, uint8_t cmd) 1569 { 1570 /* XXX: Check that seek is within bounds */ 1571 return true; 1572 } 1573 1574 static bool cmd_read_native_max(IDEState *s, uint8_t cmd) 1575 { 1576 bool lba48 = (cmd == WIN_READ_NATIVE_MAX_EXT); 1577 1578 /* Refuse if no sectors are addressable (e.g. medium not inserted) */ 1579 if (s->nb_sectors == 0) { 1580 ide_abort_command(s); 1581 return true; 1582 } 1583 1584 ide_cmd_lba48_transform(s, lba48); 1585 ide_set_sector(s, s->nb_sectors - 1); 1586 1587 return true; 1588 } 1589 1590 static bool cmd_check_power_mode(IDEState *s, uint8_t cmd) 1591 { 1592 s->nsector = 0xff; /* device active or idle */ 1593 return true; 1594 } 1595 1596 static bool cmd_set_features(IDEState *s, uint8_t cmd) 1597 { 1598 uint16_t *identify_data; 1599 1600 if (!s->blk) { 1601 ide_abort_command(s); 1602 return true; 1603 } 1604 1605 /* XXX: valid for CDROM ? */ 1606 switch (s->feature) { 1607 case 0x02: /* write cache enable */ 1608 blk_set_enable_write_cache(s->blk, true); 1609 identify_data = (uint16_t *)s->identify_data; 1610 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1); 1611 return true; 1612 case 0x82: /* write cache disable */ 1613 blk_set_enable_write_cache(s->blk, false); 1614 identify_data = (uint16_t *)s->identify_data; 1615 put_le16(identify_data + 85, (1 << 14) | 1); 1616 ide_flush_cache(s); 1617 return false; 1618 case 0xcc: /* reverting to power-on defaults enable */ 1619 case 0x66: /* reverting to power-on defaults disable */ 1620 case 0xaa: /* read look-ahead enable */ 1621 case 0x55: /* read look-ahead disable */ 1622 case 0x05: /* set advanced power management mode */ 1623 case 0x85: /* disable advanced power management mode */ 1624 case 0x69: /* NOP */ 1625 case 0x67: /* NOP */ 1626 case 0x96: /* NOP */ 1627 case 0x9a: /* NOP */ 1628 case 0x42: /* enable Automatic Acoustic Mode */ 1629 case 0xc2: /* disable Automatic Acoustic Mode */ 1630 return true; 1631 case 0x03: /* set transfer mode */ 1632 { 1633 uint8_t val = s->nsector & 0x07; 1634 identify_data = (uint16_t *)s->identify_data; 1635 1636 switch (s->nsector >> 3) { 1637 case 0x00: /* pio default */ 1638 case 0x01: /* pio mode */ 1639 put_le16(identify_data + 62, 0x07); 1640 put_le16(identify_data + 63, 0x07); 1641 put_le16(identify_data + 88, 0x3f); 1642 break; 1643 case 0x02: /* sigle word dma mode*/ 1644 put_le16(identify_data + 62, 0x07 | (1 << (val + 8))); 1645 put_le16(identify_data + 63, 0x07); 1646 put_le16(identify_data + 88, 0x3f); 1647 break; 1648 case 0x04: /* mdma mode */ 1649 put_le16(identify_data + 62, 0x07); 1650 put_le16(identify_data + 63, 0x07 | (1 << (val + 8))); 1651 put_le16(identify_data + 88, 0x3f); 1652 break; 1653 case 0x08: /* udma mode */ 1654 put_le16(identify_data + 62, 0x07); 1655 put_le16(identify_data + 63, 0x07); 1656 put_le16(identify_data + 88, 0x3f | (1 << (val + 8))); 1657 break; 1658 default: 1659 goto abort_cmd; 1660 } 1661 return true; 1662 } 1663 } 1664 1665 abort_cmd: 1666 ide_abort_command(s); 1667 return true; 1668 } 1669 1670 1671 /*** ATAPI commands ***/ 1672 1673 static bool cmd_identify_packet(IDEState *s, uint8_t cmd) 1674 { 1675 ide_atapi_identify(s); 1676 s->status = READY_STAT | SEEK_STAT; 1677 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1678 ide_set_irq(s->bus); 1679 return false; 1680 } 1681 1682 static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t cmd) 1683 { 1684 ide_set_signature(s); 1685 1686 if (s->drive_kind == IDE_CD) { 1687 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 1688 * devices to return a clear status register 1689 * with READY_STAT *not* set. */ 1690 s->error = 0x01; 1691 } else { 1692 s->status = READY_STAT | SEEK_STAT; 1693 /* The bits of the error register are not as usual for this command! 1694 * They are part of the regular output (this is why ERR_STAT isn't set) 1695 * Device 0 passed, Device 1 passed or not present. */ 1696 s->error = 0x01; 1697 ide_set_irq(s->bus); 1698 } 1699 1700 return false; 1701 } 1702 1703 static bool cmd_packet(IDEState *s, uint8_t cmd) 1704 { 1705 /* overlapping commands not supported */ 1706 if (s->feature & 0x02) { 1707 ide_abort_command(s); 1708 return true; 1709 } 1710 1711 s->status = READY_STAT | SEEK_STAT; 1712 s->atapi_dma = s->feature & 1; 1713 if (s->atapi_dma) { 1714 s->dma_cmd = IDE_DMA_ATAPI; 1715 } 1716 s->nsector = 1; 1717 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 1718 ide_atapi_cmd); 1719 return false; 1720 } 1721 1722 1723 /*** CF-ATA commands ***/ 1724 1725 static bool cmd_cfa_req_ext_error_code(IDEState *s, uint8_t cmd) 1726 { 1727 s->error = 0x09; /* miscellaneous error */ 1728 s->status = READY_STAT | SEEK_STAT; 1729 ide_set_irq(s->bus); 1730 1731 return false; 1732 } 1733 1734 static bool cmd_cfa_erase_sectors(IDEState *s, uint8_t cmd) 1735 { 1736 /* WIN_SECURITY_FREEZE_LOCK has the same ID as CFA_WEAR_LEVEL and is 1737 * required for Windows 8 to work with AHCI */ 1738 1739 if (cmd == CFA_WEAR_LEVEL) { 1740 s->nsector = 0; 1741 } 1742 1743 if (cmd == CFA_ERASE_SECTORS) { 1744 s->media_changed = 1; 1745 } 1746 1747 return true; 1748 } 1749 1750 static bool cmd_cfa_translate_sector(IDEState *s, uint8_t cmd) 1751 { 1752 s->status = READY_STAT | SEEK_STAT; 1753 1754 memset(s->io_buffer, 0, 0x200); 1755 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 1756 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 1757 s->io_buffer[0x02] = s->select; /* Head */ 1758 s->io_buffer[0x03] = s->sector; /* Sector */ 1759 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 1760 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 1761 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 1762 s->io_buffer[0x13] = 0x00; /* Erase flag */ 1763 s->io_buffer[0x18] = 0x00; /* Hot count */ 1764 s->io_buffer[0x19] = 0x00; /* Hot count */ 1765 s->io_buffer[0x1a] = 0x01; /* Hot count */ 1766 1767 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1768 ide_set_irq(s->bus); 1769 1770 return false; 1771 } 1772 1773 static bool cmd_cfa_access_metadata_storage(IDEState *s, uint8_t cmd) 1774 { 1775 switch (s->feature) { 1776 case 0x02: /* Inquiry Metadata Storage */ 1777 ide_cfata_metadata_inquiry(s); 1778 break; 1779 case 0x03: /* Read Metadata Storage */ 1780 ide_cfata_metadata_read(s); 1781 break; 1782 case 0x04: /* Write Metadata Storage */ 1783 ide_cfata_metadata_write(s); 1784 break; 1785 default: 1786 ide_abort_command(s); 1787 return true; 1788 } 1789 1790 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1791 s->status = 0x00; /* NOTE: READY is _not_ set */ 1792 ide_set_irq(s->bus); 1793 1794 return false; 1795 } 1796 1797 static bool cmd_ibm_sense_condition(IDEState *s, uint8_t cmd) 1798 { 1799 switch (s->feature) { 1800 case 0x01: /* sense temperature in device */ 1801 s->nsector = 0x50; /* +20 C */ 1802 break; 1803 default: 1804 ide_abort_command(s); 1805 return true; 1806 } 1807 1808 return true; 1809 } 1810 1811 1812 /*** SMART commands ***/ 1813 1814 static bool cmd_smart(IDEState *s, uint8_t cmd) 1815 { 1816 int n; 1817 1818 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) { 1819 goto abort_cmd; 1820 } 1821 1822 if (!s->smart_enabled && s->feature != SMART_ENABLE) { 1823 goto abort_cmd; 1824 } 1825 1826 switch (s->feature) { 1827 case SMART_DISABLE: 1828 s->smart_enabled = 0; 1829 return true; 1830 1831 case SMART_ENABLE: 1832 s->smart_enabled = 1; 1833 return true; 1834 1835 case SMART_ATTR_AUTOSAVE: 1836 switch (s->sector) { 1837 case 0x00: 1838 s->smart_autosave = 0; 1839 break; 1840 case 0xf1: 1841 s->smart_autosave = 1; 1842 break; 1843 default: 1844 goto abort_cmd; 1845 } 1846 return true; 1847 1848 case SMART_STATUS: 1849 if (!s->smart_errors) { 1850 s->hcyl = 0xc2; 1851 s->lcyl = 0x4f; 1852 } else { 1853 s->hcyl = 0x2c; 1854 s->lcyl = 0xf4; 1855 } 1856 return true; 1857 1858 case SMART_READ_THRESH: 1859 memset(s->io_buffer, 0, 0x200); 1860 s->io_buffer[0] = 0x01; /* smart struct version */ 1861 1862 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1863 s->io_buffer[2 + 0 + (n * 12)] = smart_attributes[n][0]; 1864 s->io_buffer[2 + 1 + (n * 12)] = smart_attributes[n][11]; 1865 } 1866 1867 /* checksum */ 1868 for (n = 0; n < 511; n++) { 1869 s->io_buffer[511] += s->io_buffer[n]; 1870 } 1871 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1872 1873 s->status = READY_STAT | SEEK_STAT; 1874 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1875 ide_set_irq(s->bus); 1876 return false; 1877 1878 case SMART_READ_DATA: 1879 memset(s->io_buffer, 0, 0x200); 1880 s->io_buffer[0] = 0x01; /* smart struct version */ 1881 1882 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1883 int i; 1884 for (i = 0; i < 11; i++) { 1885 s->io_buffer[2 + i + (n * 12)] = smart_attributes[n][i]; 1886 } 1887 } 1888 1889 s->io_buffer[362] = 0x02 | (s->smart_autosave ? 0x80 : 0x00); 1890 if (s->smart_selftest_count == 0) { 1891 s->io_buffer[363] = 0; 1892 } else { 1893 s->io_buffer[363] = 1894 s->smart_selftest_data[3 + 1895 (s->smart_selftest_count - 1) * 1896 24]; 1897 } 1898 s->io_buffer[364] = 0x20; 1899 s->io_buffer[365] = 0x01; 1900 /* offline data collection capacity: execute + self-test*/ 1901 s->io_buffer[367] = (1 << 4 | 1 << 3 | 1); 1902 s->io_buffer[368] = 0x03; /* smart capability (1) */ 1903 s->io_buffer[369] = 0x00; /* smart capability (2) */ 1904 s->io_buffer[370] = 0x01; /* error logging supported */ 1905 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 1906 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 1907 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 1908 1909 for (n = 0; n < 511; n++) { 1910 s->io_buffer[511] += s->io_buffer[n]; 1911 } 1912 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1913 1914 s->status = READY_STAT | SEEK_STAT; 1915 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1916 ide_set_irq(s->bus); 1917 return false; 1918 1919 case SMART_READ_LOG: 1920 switch (s->sector) { 1921 case 0x01: /* summary smart error log */ 1922 memset(s->io_buffer, 0, 0x200); 1923 s->io_buffer[0] = 0x01; 1924 s->io_buffer[1] = 0x00; /* no error entries */ 1925 s->io_buffer[452] = s->smart_errors & 0xff; 1926 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 1927 1928 for (n = 0; n < 511; n++) { 1929 s->io_buffer[511] += s->io_buffer[n]; 1930 } 1931 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1932 break; 1933 case 0x06: /* smart self test log */ 1934 memset(s->io_buffer, 0, 0x200); 1935 s->io_buffer[0] = 0x01; 1936 if (s->smart_selftest_count == 0) { 1937 s->io_buffer[508] = 0; 1938 } else { 1939 s->io_buffer[508] = s->smart_selftest_count; 1940 for (n = 2; n < 506; n++) { 1941 s->io_buffer[n] = s->smart_selftest_data[n]; 1942 } 1943 } 1944 1945 for (n = 0; n < 511; n++) { 1946 s->io_buffer[511] += s->io_buffer[n]; 1947 } 1948 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1949 break; 1950 default: 1951 goto abort_cmd; 1952 } 1953 s->status = READY_STAT | SEEK_STAT; 1954 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1955 ide_set_irq(s->bus); 1956 return false; 1957 1958 case SMART_EXECUTE_OFFLINE: 1959 switch (s->sector) { 1960 case 0: /* off-line routine */ 1961 case 1: /* short self test */ 1962 case 2: /* extended self test */ 1963 s->smart_selftest_count++; 1964 if (s->smart_selftest_count > 21) { 1965 s->smart_selftest_count = 1; 1966 } 1967 n = 2 + (s->smart_selftest_count - 1) * 24; 1968 s->smart_selftest_data[n] = s->sector; 1969 s->smart_selftest_data[n + 1] = 0x00; /* OK and finished */ 1970 s->smart_selftest_data[n + 2] = 0x34; /* hour count lsb */ 1971 s->smart_selftest_data[n + 3] = 0x12; /* hour count msb */ 1972 break; 1973 default: 1974 goto abort_cmd; 1975 } 1976 return true; 1977 } 1978 1979 abort_cmd: 1980 ide_abort_command(s); 1981 return true; 1982 } 1983 1984 #define HD_OK (1u << IDE_HD) 1985 #define CD_OK (1u << IDE_CD) 1986 #define CFA_OK (1u << IDE_CFATA) 1987 #define HD_CFA_OK (HD_OK | CFA_OK) 1988 #define ALL_OK (HD_OK | CD_OK | CFA_OK) 1989 1990 /* Set the Disk Seek Completed status bit during completion */ 1991 #define SET_DSC (1u << 8) 1992 1993 /* See ACS-2 T13/2015-D Table B.2 Command codes */ 1994 static const struct { 1995 /* Returns true if the completion code should be run */ 1996 bool (*handler)(IDEState *s, uint8_t cmd); 1997 int flags; 1998 } ide_cmd_table[0x100] = { 1999 /* NOP not implemented, mandatory for CD */ 2000 [CFA_REQ_EXT_ERROR_CODE] = { cmd_cfa_req_ext_error_code, CFA_OK }, 2001 [WIN_DSM] = { cmd_data_set_management, HD_CFA_OK }, 2002 [WIN_DEVICE_RESET] = { cmd_device_reset, CD_OK }, 2003 [WIN_RECAL] = { cmd_nop, HD_CFA_OK | SET_DSC}, 2004 [WIN_READ] = { cmd_read_pio, ALL_OK }, 2005 [WIN_READ_ONCE] = { cmd_read_pio, HD_CFA_OK }, 2006 [WIN_READ_EXT] = { cmd_read_pio, HD_CFA_OK }, 2007 [WIN_READDMA_EXT] = { cmd_read_dma, HD_CFA_OK }, 2008 [WIN_READ_NATIVE_MAX_EXT] = { cmd_read_native_max, HD_CFA_OK | SET_DSC }, 2009 [WIN_MULTREAD_EXT] = { cmd_read_multiple, HD_CFA_OK }, 2010 [WIN_WRITE] = { cmd_write_pio, HD_CFA_OK }, 2011 [WIN_WRITE_ONCE] = { cmd_write_pio, HD_CFA_OK }, 2012 [WIN_WRITE_EXT] = { cmd_write_pio, HD_CFA_OK }, 2013 [WIN_WRITEDMA_EXT] = { cmd_write_dma, HD_CFA_OK }, 2014 [CFA_WRITE_SECT_WO_ERASE] = { cmd_write_pio, CFA_OK }, 2015 [WIN_MULTWRITE_EXT] = { cmd_write_multiple, HD_CFA_OK }, 2016 [WIN_WRITE_VERIFY] = { cmd_write_pio, HD_CFA_OK }, 2017 [WIN_VERIFY] = { cmd_verify, HD_CFA_OK | SET_DSC }, 2018 [WIN_VERIFY_ONCE] = { cmd_verify, HD_CFA_OK | SET_DSC }, 2019 [WIN_VERIFY_EXT] = { cmd_verify, HD_CFA_OK | SET_DSC }, 2020 [WIN_SEEK] = { cmd_seek, HD_CFA_OK | SET_DSC }, 2021 [CFA_TRANSLATE_SECTOR] = { cmd_cfa_translate_sector, CFA_OK }, 2022 [WIN_DIAGNOSE] = { cmd_exec_dev_diagnostic, ALL_OK }, 2023 [WIN_SPECIFY] = { cmd_nop, HD_CFA_OK | SET_DSC }, 2024 [WIN_STANDBYNOW2] = { cmd_nop, HD_CFA_OK }, 2025 [WIN_IDLEIMMEDIATE2] = { cmd_nop, HD_CFA_OK }, 2026 [WIN_STANDBY2] = { cmd_nop, HD_CFA_OK }, 2027 [WIN_SETIDLE2] = { cmd_nop, HD_CFA_OK }, 2028 [WIN_CHECKPOWERMODE2] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC }, 2029 [WIN_SLEEPNOW2] = { cmd_nop, HD_CFA_OK }, 2030 [WIN_PACKETCMD] = { cmd_packet, CD_OK }, 2031 [WIN_PIDENTIFY] = { cmd_identify_packet, CD_OK }, 2032 [WIN_SMART] = { cmd_smart, HD_CFA_OK | SET_DSC }, 2033 [CFA_ACCESS_METADATA_STORAGE] = { cmd_cfa_access_metadata_storage, CFA_OK }, 2034 [CFA_ERASE_SECTORS] = { cmd_cfa_erase_sectors, CFA_OK | SET_DSC }, 2035 [WIN_MULTREAD] = { cmd_read_multiple, HD_CFA_OK }, 2036 [WIN_MULTWRITE] = { cmd_write_multiple, HD_CFA_OK }, 2037 [WIN_SETMULT] = { cmd_set_multiple_mode, HD_CFA_OK | SET_DSC }, 2038 [WIN_READDMA] = { cmd_read_dma, HD_CFA_OK }, 2039 [WIN_READDMA_ONCE] = { cmd_read_dma, HD_CFA_OK }, 2040 [WIN_WRITEDMA] = { cmd_write_dma, HD_CFA_OK }, 2041 [WIN_WRITEDMA_ONCE] = { cmd_write_dma, HD_CFA_OK }, 2042 [CFA_WRITE_MULTI_WO_ERASE] = { cmd_write_multiple, CFA_OK }, 2043 [WIN_STANDBYNOW1] = { cmd_nop, HD_CFA_OK }, 2044 [WIN_IDLEIMMEDIATE] = { cmd_nop, HD_CFA_OK }, 2045 [WIN_STANDBY] = { cmd_nop, HD_CFA_OK }, 2046 [WIN_SETIDLE1] = { cmd_nop, HD_CFA_OK }, 2047 [WIN_CHECKPOWERMODE1] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC }, 2048 [WIN_SLEEPNOW1] = { cmd_nop, HD_CFA_OK }, 2049 [WIN_FLUSH_CACHE] = { cmd_flush_cache, ALL_OK }, 2050 [WIN_FLUSH_CACHE_EXT] = { cmd_flush_cache, HD_CFA_OK }, 2051 [WIN_IDENTIFY] = { cmd_identify, ALL_OK }, 2052 [WIN_SETFEATURES] = { cmd_set_features, ALL_OK | SET_DSC }, 2053 [IBM_SENSE_CONDITION] = { cmd_ibm_sense_condition, CFA_OK | SET_DSC }, 2054 [CFA_WEAR_LEVEL] = { cmd_cfa_erase_sectors, HD_CFA_OK | SET_DSC }, 2055 [WIN_READ_NATIVE_MAX] = { cmd_read_native_max, HD_CFA_OK | SET_DSC }, 2056 }; 2057 2058 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) 2059 { 2060 return cmd < ARRAY_SIZE(ide_cmd_table) 2061 && (ide_cmd_table[cmd].flags & (1u << s->drive_kind)); 2062 } 2063 2064 void ide_exec_cmd(IDEBus *bus, uint32_t val) 2065 { 2066 IDEState *s; 2067 bool complete; 2068 2069 s = idebus_active_if(bus); 2070 trace_ide_exec_cmd(bus, s, val); 2071 2072 /* ignore commands to non existent slave */ 2073 if (s != bus->ifs && !s->blk) { 2074 return; 2075 } 2076 2077 /* Only RESET is allowed while BSY and/or DRQ are set, 2078 * and only to ATAPI devices. */ 2079 if (s->status & (BUSY_STAT|DRQ_STAT)) { 2080 if (val != WIN_DEVICE_RESET || s->drive_kind != IDE_CD) { 2081 return; 2082 } 2083 } 2084 2085 if (!ide_cmd_permitted(s, val)) { 2086 ide_abort_command(s); 2087 ide_set_irq(s->bus); 2088 return; 2089 } 2090 2091 s->status = READY_STAT | BUSY_STAT; 2092 s->error = 0; 2093 s->io_buffer_offset = 0; 2094 2095 complete = ide_cmd_table[val].handler(s, val); 2096 if (complete) { 2097 s->status &= ~BUSY_STAT; 2098 assert(!!s->error == !!(s->status & ERR_STAT)); 2099 2100 if ((ide_cmd_table[val].flags & SET_DSC) && !s->error) { 2101 s->status |= SEEK_STAT; 2102 } 2103 2104 ide_cmd_done(s); 2105 ide_set_irq(s->bus); 2106 } 2107 } 2108 2109 /* IOport [R]ead [R]egisters */ 2110 enum ATA_IOPORT_RR { 2111 ATA_IOPORT_RR_DATA = 0, 2112 ATA_IOPORT_RR_ERROR = 1, 2113 ATA_IOPORT_RR_SECTOR_COUNT = 2, 2114 ATA_IOPORT_RR_SECTOR_NUMBER = 3, 2115 ATA_IOPORT_RR_CYLINDER_LOW = 4, 2116 ATA_IOPORT_RR_CYLINDER_HIGH = 5, 2117 ATA_IOPORT_RR_DEVICE_HEAD = 6, 2118 ATA_IOPORT_RR_STATUS = 7, 2119 ATA_IOPORT_RR_NUM_REGISTERS, 2120 }; 2121 2122 const char *ATA_IOPORT_RR_lookup[ATA_IOPORT_RR_NUM_REGISTERS] = { 2123 [ATA_IOPORT_RR_DATA] = "Data", 2124 [ATA_IOPORT_RR_ERROR] = "Error", 2125 [ATA_IOPORT_RR_SECTOR_COUNT] = "Sector Count", 2126 [ATA_IOPORT_RR_SECTOR_NUMBER] = "Sector Number", 2127 [ATA_IOPORT_RR_CYLINDER_LOW] = "Cylinder Low", 2128 [ATA_IOPORT_RR_CYLINDER_HIGH] = "Cylinder High", 2129 [ATA_IOPORT_RR_DEVICE_HEAD] = "Device/Head", 2130 [ATA_IOPORT_RR_STATUS] = "Status" 2131 }; 2132 2133 uint32_t ide_ioport_read(void *opaque, uint32_t addr) 2134 { 2135 IDEBus *bus = opaque; 2136 IDEState *s = idebus_active_if(bus); 2137 uint32_t reg_num; 2138 int ret, hob; 2139 2140 reg_num = addr & 7; 2141 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 2142 //hob = s->select & (1 << 7); 2143 hob = 0; 2144 switch (reg_num) { 2145 case ATA_IOPORT_RR_DATA: 2146 ret = 0xff; 2147 break; 2148 case ATA_IOPORT_RR_ERROR: 2149 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2150 (s != bus->ifs && !s->blk)) { 2151 ret = 0; 2152 } else if (!hob) { 2153 ret = s->error; 2154 } else { 2155 ret = s->hob_feature; 2156 } 2157 break; 2158 case ATA_IOPORT_RR_SECTOR_COUNT: 2159 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2160 ret = 0; 2161 } else if (!hob) { 2162 ret = s->nsector & 0xff; 2163 } else { 2164 ret = s->hob_nsector; 2165 } 2166 break; 2167 case ATA_IOPORT_RR_SECTOR_NUMBER: 2168 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2169 ret = 0; 2170 } else if (!hob) { 2171 ret = s->sector; 2172 } else { 2173 ret = s->hob_sector; 2174 } 2175 break; 2176 case ATA_IOPORT_RR_CYLINDER_LOW: 2177 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2178 ret = 0; 2179 } else if (!hob) { 2180 ret = s->lcyl; 2181 } else { 2182 ret = s->hob_lcyl; 2183 } 2184 break; 2185 case ATA_IOPORT_RR_CYLINDER_HIGH: 2186 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2187 ret = 0; 2188 } else if (!hob) { 2189 ret = s->hcyl; 2190 } else { 2191 ret = s->hob_hcyl; 2192 } 2193 break; 2194 case ATA_IOPORT_RR_DEVICE_HEAD: 2195 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2196 ret = 0; 2197 } else { 2198 ret = s->select; 2199 } 2200 break; 2201 default: 2202 case ATA_IOPORT_RR_STATUS: 2203 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2204 (s != bus->ifs && !s->blk)) { 2205 ret = 0; 2206 } else { 2207 ret = s->status; 2208 } 2209 qemu_irq_lower(bus->irq); 2210 break; 2211 } 2212 2213 trace_ide_ioport_read(addr, ATA_IOPORT_RR_lookup[reg_num], ret, bus, s); 2214 return ret; 2215 } 2216 2217 uint32_t ide_status_read(void *opaque, uint32_t addr) 2218 { 2219 IDEBus *bus = opaque; 2220 IDEState *s = idebus_active_if(bus); 2221 int ret; 2222 2223 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2224 (s != bus->ifs && !s->blk)) { 2225 ret = 0; 2226 } else { 2227 ret = s->status; 2228 } 2229 2230 trace_ide_status_read(addr, ret, bus, s); 2231 return ret; 2232 } 2233 2234 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 2235 { 2236 IDEBus *bus = opaque; 2237 IDEState *s; 2238 int i; 2239 2240 trace_ide_cmd_write(addr, val, bus); 2241 2242 /* common for both drives */ 2243 if (!(bus->cmd & IDE_CMD_RESET) && 2244 (val & IDE_CMD_RESET)) { 2245 /* reset low to high */ 2246 for(i = 0;i < 2; i++) { 2247 s = &bus->ifs[i]; 2248 s->status = BUSY_STAT | SEEK_STAT; 2249 s->error = 0x01; 2250 } 2251 } else if ((bus->cmd & IDE_CMD_RESET) && 2252 !(val & IDE_CMD_RESET)) { 2253 /* high to low */ 2254 for(i = 0;i < 2; i++) { 2255 s = &bus->ifs[i]; 2256 if (s->drive_kind == IDE_CD) 2257 s->status = 0x00; /* NOTE: READY is _not_ set */ 2258 else 2259 s->status = READY_STAT | SEEK_STAT; 2260 ide_set_signature(s); 2261 } 2262 } 2263 2264 bus->cmd = val; 2265 } 2266 2267 /* 2268 * Returns true if the running PIO transfer is a PIO out (i.e. data is 2269 * transferred from the device to the guest), false if it's a PIO in 2270 */ 2271 static bool ide_is_pio_out(IDEState *s) 2272 { 2273 if (s->end_transfer_func == ide_sector_write || 2274 s->end_transfer_func == ide_atapi_cmd) { 2275 return false; 2276 } else if (s->end_transfer_func == ide_sector_read || 2277 s->end_transfer_func == ide_transfer_stop || 2278 s->end_transfer_func == ide_atapi_cmd_reply_end || 2279 s->end_transfer_func == ide_dummy_transfer_stop) { 2280 return true; 2281 } 2282 2283 abort(); 2284 } 2285 2286 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 2287 { 2288 IDEBus *bus = opaque; 2289 IDEState *s = idebus_active_if(bus); 2290 uint8_t *p; 2291 2292 trace_ide_data_writew(addr, val, bus, s); 2293 2294 /* PIO data access allowed only when DRQ bit is set. The result of a write 2295 * during PIO out is indeterminate, just ignore it. */ 2296 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 2297 return; 2298 } 2299 2300 p = s->data_ptr; 2301 if (p + 2 > s->data_end) { 2302 return; 2303 } 2304 2305 *(uint16_t *)p = le16_to_cpu(val); 2306 p += 2; 2307 s->data_ptr = p; 2308 if (p >= s->data_end) { 2309 s->status &= ~DRQ_STAT; 2310 s->end_transfer_func(s); 2311 } 2312 } 2313 2314 uint32_t ide_data_readw(void *opaque, uint32_t addr) 2315 { 2316 IDEBus *bus = opaque; 2317 IDEState *s = idebus_active_if(bus); 2318 uint8_t *p; 2319 int ret; 2320 2321 /* PIO data access allowed only when DRQ bit is set. The result of a read 2322 * during PIO in is indeterminate, return 0 and don't move forward. */ 2323 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 2324 return 0; 2325 } 2326 2327 p = s->data_ptr; 2328 if (p + 2 > s->data_end) { 2329 return 0; 2330 } 2331 2332 ret = cpu_to_le16(*(uint16_t *)p); 2333 p += 2; 2334 s->data_ptr = p; 2335 if (p >= s->data_end) { 2336 s->status &= ~DRQ_STAT; 2337 s->end_transfer_func(s); 2338 } 2339 2340 trace_ide_data_readw(addr, ret, bus, s); 2341 return ret; 2342 } 2343 2344 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 2345 { 2346 IDEBus *bus = opaque; 2347 IDEState *s = idebus_active_if(bus); 2348 uint8_t *p; 2349 2350 trace_ide_data_writel(addr, val, bus, s); 2351 2352 /* PIO data access allowed only when DRQ bit is set. The result of a write 2353 * during PIO out is indeterminate, just ignore it. */ 2354 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 2355 return; 2356 } 2357 2358 p = s->data_ptr; 2359 if (p + 4 > s->data_end) { 2360 return; 2361 } 2362 2363 *(uint32_t *)p = le32_to_cpu(val); 2364 p += 4; 2365 s->data_ptr = p; 2366 if (p >= s->data_end) { 2367 s->status &= ~DRQ_STAT; 2368 s->end_transfer_func(s); 2369 } 2370 } 2371 2372 uint32_t ide_data_readl(void *opaque, uint32_t addr) 2373 { 2374 IDEBus *bus = opaque; 2375 IDEState *s = idebus_active_if(bus); 2376 uint8_t *p; 2377 int ret; 2378 2379 /* PIO data access allowed only when DRQ bit is set. The result of a read 2380 * during PIO in is indeterminate, return 0 and don't move forward. */ 2381 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 2382 ret = 0; 2383 goto out; 2384 } 2385 2386 p = s->data_ptr; 2387 if (p + 4 > s->data_end) { 2388 return 0; 2389 } 2390 2391 ret = cpu_to_le32(*(uint32_t *)p); 2392 p += 4; 2393 s->data_ptr = p; 2394 if (p >= s->data_end) { 2395 s->status &= ~DRQ_STAT; 2396 s->end_transfer_func(s); 2397 } 2398 2399 out: 2400 trace_ide_data_readl(addr, ret, bus, s); 2401 return ret; 2402 } 2403 2404 static void ide_dummy_transfer_stop(IDEState *s) 2405 { 2406 s->data_ptr = s->io_buffer; 2407 s->data_end = s->io_buffer; 2408 s->io_buffer[0] = 0xff; 2409 s->io_buffer[1] = 0xff; 2410 s->io_buffer[2] = 0xff; 2411 s->io_buffer[3] = 0xff; 2412 } 2413 2414 void ide_bus_reset(IDEBus *bus) 2415 { 2416 bus->unit = 0; 2417 bus->cmd = 0; 2418 ide_reset(&bus->ifs[0]); 2419 ide_reset(&bus->ifs[1]); 2420 ide_clear_hob(bus); 2421 2422 /* pending async DMA */ 2423 if (bus->dma->aiocb) { 2424 trace_ide_bus_reset_aio(); 2425 blk_aio_cancel(bus->dma->aiocb); 2426 bus->dma->aiocb = NULL; 2427 } 2428 2429 /* reset dma provider too */ 2430 if (bus->dma->ops->reset) { 2431 bus->dma->ops->reset(bus->dma); 2432 } 2433 } 2434 2435 static bool ide_cd_is_tray_open(void *opaque) 2436 { 2437 return ((IDEState *)opaque)->tray_open; 2438 } 2439 2440 static bool ide_cd_is_medium_locked(void *opaque) 2441 { 2442 return ((IDEState *)opaque)->tray_locked; 2443 } 2444 2445 static void ide_resize_cb(void *opaque) 2446 { 2447 IDEState *s = opaque; 2448 uint64_t nb_sectors; 2449 2450 if (!s->identify_set) { 2451 return; 2452 } 2453 2454 blk_get_geometry(s->blk, &nb_sectors); 2455 s->nb_sectors = nb_sectors; 2456 2457 /* Update the identify data buffer. */ 2458 if (s->drive_kind == IDE_CFATA) { 2459 ide_cfata_identify_size(s); 2460 } else { 2461 /* IDE_CD uses a different set of callbacks entirely. */ 2462 assert(s->drive_kind != IDE_CD); 2463 ide_identify_size(s); 2464 } 2465 } 2466 2467 static const BlockDevOps ide_cd_block_ops = { 2468 .change_media_cb = ide_cd_change_cb, 2469 .eject_request_cb = ide_cd_eject_request_cb, 2470 .is_tray_open = ide_cd_is_tray_open, 2471 .is_medium_locked = ide_cd_is_medium_locked, 2472 }; 2473 2474 static const BlockDevOps ide_hd_block_ops = { 2475 .resize_cb = ide_resize_cb, 2476 }; 2477 2478 int ide_init_drive(IDEState *s, BlockBackend *blk, IDEDriveKind kind, 2479 const char *version, const char *serial, const char *model, 2480 uint64_t wwn, 2481 uint32_t cylinders, uint32_t heads, uint32_t secs, 2482 int chs_trans, Error **errp) 2483 { 2484 uint64_t nb_sectors; 2485 2486 s->blk = blk; 2487 s->drive_kind = kind; 2488 2489 blk_get_geometry(blk, &nb_sectors); 2490 s->cylinders = cylinders; 2491 s->heads = heads; 2492 s->sectors = secs; 2493 s->chs_trans = chs_trans; 2494 s->nb_sectors = nb_sectors; 2495 s->wwn = wwn; 2496 /* The SMART values should be preserved across power cycles 2497 but they aren't. */ 2498 s->smart_enabled = 1; 2499 s->smart_autosave = 1; 2500 s->smart_errors = 0; 2501 s->smart_selftest_count = 0; 2502 if (kind == IDE_CD) { 2503 blk_set_dev_ops(blk, &ide_cd_block_ops, s); 2504 blk_set_guest_block_size(blk, 2048); 2505 } else { 2506 if (!blk_is_inserted(s->blk)) { 2507 error_setg(errp, "Device needs media, but drive is empty"); 2508 return -1; 2509 } 2510 if (blk_is_read_only(blk)) { 2511 error_setg(errp, "Can't use a read-only drive"); 2512 return -1; 2513 } 2514 blk_set_dev_ops(blk, &ide_hd_block_ops, s); 2515 } 2516 if (serial) { 2517 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial); 2518 } else { 2519 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 2520 "QM%05d", s->drive_serial); 2521 } 2522 if (model) { 2523 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model); 2524 } else { 2525 switch (kind) { 2526 case IDE_CD: 2527 strcpy(s->drive_model_str, "QEMU DVD-ROM"); 2528 break; 2529 case IDE_CFATA: 2530 strcpy(s->drive_model_str, "QEMU MICRODRIVE"); 2531 break; 2532 default: 2533 strcpy(s->drive_model_str, "QEMU HARDDISK"); 2534 break; 2535 } 2536 } 2537 2538 if (version) { 2539 pstrcpy(s->version, sizeof(s->version), version); 2540 } else { 2541 pstrcpy(s->version, sizeof(s->version), qemu_hw_version()); 2542 } 2543 2544 ide_reset(s); 2545 blk_iostatus_enable(blk); 2546 return 0; 2547 } 2548 2549 static void ide_init1(IDEBus *bus, int unit) 2550 { 2551 static int drive_serial = 1; 2552 IDEState *s = &bus->ifs[unit]; 2553 2554 s->bus = bus; 2555 s->unit = unit; 2556 s->drive_serial = drive_serial++; 2557 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */ 2558 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 2559 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len); 2560 memset(s->io_buffer, 0, s->io_buffer_total_len); 2561 2562 s->smart_selftest_data = blk_blockalign(s->blk, 512); 2563 memset(s->smart_selftest_data, 0, 512); 2564 2565 s->sector_write_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, 2566 ide_sector_write_timer_cb, s); 2567 } 2568 2569 static int ide_nop_int(IDEDMA *dma, int x) 2570 { 2571 return 0; 2572 } 2573 2574 static void ide_nop(IDEDMA *dma) 2575 { 2576 } 2577 2578 static int32_t ide_nop_int32(IDEDMA *dma, int32_t l) 2579 { 2580 return 0; 2581 } 2582 2583 static const IDEDMAOps ide_dma_nop_ops = { 2584 .prepare_buf = ide_nop_int32, 2585 .restart_dma = ide_nop, 2586 .rw_buf = ide_nop_int, 2587 }; 2588 2589 static void ide_restart_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 2590 { 2591 s->unit = s->bus->retry_unit; 2592 ide_set_sector(s, s->bus->retry_sector_num); 2593 s->nsector = s->bus->retry_nsector; 2594 s->bus->dma->ops->restart_dma(s->bus->dma); 2595 s->io_buffer_size = 0; 2596 s->dma_cmd = dma_cmd; 2597 ide_start_dma(s, ide_dma_cb); 2598 } 2599 2600 static void ide_restart_bh(void *opaque) 2601 { 2602 IDEBus *bus = opaque; 2603 IDEState *s; 2604 bool is_read; 2605 int error_status; 2606 2607 qemu_bh_delete(bus->bh); 2608 bus->bh = NULL; 2609 2610 error_status = bus->error_status; 2611 if (bus->error_status == 0) { 2612 return; 2613 } 2614 2615 s = idebus_active_if(bus); 2616 is_read = (bus->error_status & IDE_RETRY_READ) != 0; 2617 2618 /* The error status must be cleared before resubmitting the request: The 2619 * request may fail again, and this case can only be distinguished if the 2620 * called function can set a new error status. */ 2621 bus->error_status = 0; 2622 2623 /* The HBA has generically asked to be kicked on retry */ 2624 if (error_status & IDE_RETRY_HBA) { 2625 if (s->bus->dma->ops->restart) { 2626 s->bus->dma->ops->restart(s->bus->dma); 2627 } 2628 } else if (IS_IDE_RETRY_DMA(error_status)) { 2629 if (error_status & IDE_RETRY_TRIM) { 2630 ide_restart_dma(s, IDE_DMA_TRIM); 2631 } else { 2632 ide_restart_dma(s, is_read ? IDE_DMA_READ : IDE_DMA_WRITE); 2633 } 2634 } else if (IS_IDE_RETRY_PIO(error_status)) { 2635 if (is_read) { 2636 ide_sector_read(s); 2637 } else { 2638 ide_sector_write(s); 2639 } 2640 } else if (error_status & IDE_RETRY_FLUSH) { 2641 ide_flush_cache(s); 2642 } else if (IS_IDE_RETRY_ATAPI(error_status)) { 2643 assert(s->end_transfer_func == ide_atapi_cmd); 2644 ide_atapi_dma_restart(s); 2645 } else { 2646 abort(); 2647 } 2648 } 2649 2650 static void ide_restart_cb(void *opaque, int running, RunState state) 2651 { 2652 IDEBus *bus = opaque; 2653 2654 if (!running) 2655 return; 2656 2657 if (!bus->bh) { 2658 bus->bh = qemu_bh_new(ide_restart_bh, bus); 2659 qemu_bh_schedule(bus->bh); 2660 } 2661 } 2662 2663 void ide_register_restart_cb(IDEBus *bus) 2664 { 2665 if (bus->dma->ops->restart_dma) { 2666 bus->vmstate = qemu_add_vm_change_state_handler(ide_restart_cb, bus); 2667 } 2668 } 2669 2670 static IDEDMA ide_dma_nop = { 2671 .ops = &ide_dma_nop_ops, 2672 .aiocb = NULL, 2673 }; 2674 2675 void ide_init2(IDEBus *bus, qemu_irq irq) 2676 { 2677 int i; 2678 2679 for(i = 0; i < 2; i++) { 2680 ide_init1(bus, i); 2681 ide_reset(&bus->ifs[i]); 2682 } 2683 bus->irq = irq; 2684 bus->dma = &ide_dma_nop; 2685 } 2686 2687 void ide_exit(IDEState *s) 2688 { 2689 timer_del(s->sector_write_timer); 2690 timer_free(s->sector_write_timer); 2691 qemu_vfree(s->smart_selftest_data); 2692 qemu_vfree(s->io_buffer); 2693 } 2694 2695 static const MemoryRegionPortio ide_portio_list[] = { 2696 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write }, 2697 { 0, 1, 2, .read = ide_data_readw, .write = ide_data_writew }, 2698 { 0, 1, 4, .read = ide_data_readl, .write = ide_data_writel }, 2699 PORTIO_END_OF_LIST(), 2700 }; 2701 2702 static const MemoryRegionPortio ide_portio2_list[] = { 2703 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write }, 2704 PORTIO_END_OF_LIST(), 2705 }; 2706 2707 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2) 2708 { 2709 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA 2710 bridge has been setup properly to always register with ISA. */ 2711 isa_register_portio_list(dev, &bus->portio_list, 2712 iobase, ide_portio_list, bus, "ide"); 2713 2714 if (iobase2) { 2715 isa_register_portio_list(dev, &bus->portio2_list, 2716 iobase2, ide_portio2_list, bus, "ide"); 2717 } 2718 } 2719 2720 static bool is_identify_set(void *opaque, int version_id) 2721 { 2722 IDEState *s = opaque; 2723 2724 return s->identify_set != 0; 2725 } 2726 2727 static EndTransferFunc* transfer_end_table[] = { 2728 ide_sector_read, 2729 ide_sector_write, 2730 ide_transfer_stop, 2731 ide_atapi_cmd_reply_end, 2732 ide_atapi_cmd, 2733 ide_dummy_transfer_stop, 2734 }; 2735 2736 static int transfer_end_table_idx(EndTransferFunc *fn) 2737 { 2738 int i; 2739 2740 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2741 if (transfer_end_table[i] == fn) 2742 return i; 2743 2744 return -1; 2745 } 2746 2747 static int ide_drive_post_load(void *opaque, int version_id) 2748 { 2749 IDEState *s = opaque; 2750 2751 if (s->blk && s->identify_set) { 2752 blk_set_enable_write_cache(s->blk, !!(s->identify_data[85] & (1 << 5))); 2753 } 2754 return 0; 2755 } 2756 2757 static int ide_drive_pio_post_load(void *opaque, int version_id) 2758 { 2759 IDEState *s = opaque; 2760 2761 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { 2762 return -EINVAL; 2763 } 2764 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2765 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2766 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2767 s->atapi_dma = s->feature & 1; /* as per cmd_packet */ 2768 2769 return 0; 2770 } 2771 2772 static int ide_drive_pio_pre_save(void *opaque) 2773 { 2774 IDEState *s = opaque; 2775 int idx; 2776 2777 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2778 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2779 2780 idx = transfer_end_table_idx(s->end_transfer_func); 2781 if (idx == -1) { 2782 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2783 __func__); 2784 s->end_transfer_fn_idx = 2; 2785 } else { 2786 s->end_transfer_fn_idx = idx; 2787 } 2788 2789 return 0; 2790 } 2791 2792 static bool ide_drive_pio_state_needed(void *opaque) 2793 { 2794 IDEState *s = opaque; 2795 2796 return ((s->status & DRQ_STAT) != 0) 2797 || (s->bus->error_status & IDE_RETRY_PIO); 2798 } 2799 2800 static bool ide_tray_state_needed(void *opaque) 2801 { 2802 IDEState *s = opaque; 2803 2804 return s->tray_open || s->tray_locked; 2805 } 2806 2807 static bool ide_atapi_gesn_needed(void *opaque) 2808 { 2809 IDEState *s = opaque; 2810 2811 return s->events.new_media || s->events.eject_request; 2812 } 2813 2814 static bool ide_error_needed(void *opaque) 2815 { 2816 IDEBus *bus = opaque; 2817 2818 return (bus->error_status != 0); 2819 } 2820 2821 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ 2822 static const VMStateDescription vmstate_ide_atapi_gesn_state = { 2823 .name ="ide_drive/atapi/gesn_state", 2824 .version_id = 1, 2825 .minimum_version_id = 1, 2826 .needed = ide_atapi_gesn_needed, 2827 .fields = (VMStateField[]) { 2828 VMSTATE_BOOL(events.new_media, IDEState), 2829 VMSTATE_BOOL(events.eject_request, IDEState), 2830 VMSTATE_END_OF_LIST() 2831 } 2832 }; 2833 2834 static const VMStateDescription vmstate_ide_tray_state = { 2835 .name = "ide_drive/tray_state", 2836 .version_id = 1, 2837 .minimum_version_id = 1, 2838 .needed = ide_tray_state_needed, 2839 .fields = (VMStateField[]) { 2840 VMSTATE_BOOL(tray_open, IDEState), 2841 VMSTATE_BOOL(tray_locked, IDEState), 2842 VMSTATE_END_OF_LIST() 2843 } 2844 }; 2845 2846 static const VMStateDescription vmstate_ide_drive_pio_state = { 2847 .name = "ide_drive/pio_state", 2848 .version_id = 1, 2849 .minimum_version_id = 1, 2850 .pre_save = ide_drive_pio_pre_save, 2851 .post_load = ide_drive_pio_post_load, 2852 .needed = ide_drive_pio_state_needed, 2853 .fields = (VMStateField[]) { 2854 VMSTATE_INT32(req_nb_sectors, IDEState), 2855 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2856 vmstate_info_uint8, uint8_t), 2857 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2858 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2859 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2860 VMSTATE_INT32(elementary_transfer_size, IDEState), 2861 VMSTATE_INT32(packet_transfer_size, IDEState), 2862 VMSTATE_END_OF_LIST() 2863 } 2864 }; 2865 2866 const VMStateDescription vmstate_ide_drive = { 2867 .name = "ide_drive", 2868 .version_id = 3, 2869 .minimum_version_id = 0, 2870 .post_load = ide_drive_post_load, 2871 .fields = (VMStateField[]) { 2872 VMSTATE_INT32(mult_sectors, IDEState), 2873 VMSTATE_INT32(identify_set, IDEState), 2874 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2875 VMSTATE_UINT8(feature, IDEState), 2876 VMSTATE_UINT8(error, IDEState), 2877 VMSTATE_UINT32(nsector, IDEState), 2878 VMSTATE_UINT8(sector, IDEState), 2879 VMSTATE_UINT8(lcyl, IDEState), 2880 VMSTATE_UINT8(hcyl, IDEState), 2881 VMSTATE_UINT8(hob_feature, IDEState), 2882 VMSTATE_UINT8(hob_sector, IDEState), 2883 VMSTATE_UINT8(hob_nsector, IDEState), 2884 VMSTATE_UINT8(hob_lcyl, IDEState), 2885 VMSTATE_UINT8(hob_hcyl, IDEState), 2886 VMSTATE_UINT8(select, IDEState), 2887 VMSTATE_UINT8(status, IDEState), 2888 VMSTATE_UINT8(lba48, IDEState), 2889 VMSTATE_UINT8(sense_key, IDEState), 2890 VMSTATE_UINT8(asc, IDEState), 2891 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2892 VMSTATE_END_OF_LIST() 2893 }, 2894 .subsections = (const VMStateDescription*[]) { 2895 &vmstate_ide_drive_pio_state, 2896 &vmstate_ide_tray_state, 2897 &vmstate_ide_atapi_gesn_state, 2898 NULL 2899 } 2900 }; 2901 2902 static const VMStateDescription vmstate_ide_error_status = { 2903 .name ="ide_bus/error", 2904 .version_id = 2, 2905 .minimum_version_id = 1, 2906 .needed = ide_error_needed, 2907 .fields = (VMStateField[]) { 2908 VMSTATE_INT32(error_status, IDEBus), 2909 VMSTATE_INT64_V(retry_sector_num, IDEBus, 2), 2910 VMSTATE_UINT32_V(retry_nsector, IDEBus, 2), 2911 VMSTATE_UINT8_V(retry_unit, IDEBus, 2), 2912 VMSTATE_END_OF_LIST() 2913 } 2914 }; 2915 2916 const VMStateDescription vmstate_ide_bus = { 2917 .name = "ide_bus", 2918 .version_id = 1, 2919 .minimum_version_id = 1, 2920 .fields = (VMStateField[]) { 2921 VMSTATE_UINT8(cmd, IDEBus), 2922 VMSTATE_UINT8(unit, IDEBus), 2923 VMSTATE_END_OF_LIST() 2924 }, 2925 .subsections = (const VMStateDescription*[]) { 2926 &vmstate_ide_error_status, 2927 NULL 2928 } 2929 }; 2930 2931 void ide_drive_get(DriveInfo **hd, int n) 2932 { 2933 int i; 2934 2935 for (i = 0; i < n; i++) { 2936 hd[i] = drive_get_by_index(IF_IDE, i); 2937 } 2938 } 2939