1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 26 #include "qemu/osdep.h" 27 #include "hw/hw.h" 28 #include "hw/isa/isa.h" 29 #include "qemu/error-report.h" 30 #include "qemu/timer.h" 31 #include "sysemu/sysemu.h" 32 #include "sysemu/blockdev.h" 33 #include "sysemu/dma.h" 34 #include "hw/block/block.h" 35 #include "sysemu/block-backend.h" 36 #include "qapi/error.h" 37 #include "qemu/cutils.h" 38 39 #include "hw/ide/internal.h" 40 #include "trace.h" 41 42 /* These values were based on a Seagate ST3500418AS but have been modified 43 to make more sense in QEMU */ 44 static const int smart_attributes[][12] = { 45 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */ 46 /* raw read error rate*/ 47 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06}, 48 /* spin up */ 49 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 50 /* start stop count */ 51 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14}, 52 /* remapped sectors */ 53 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24}, 54 /* power on hours */ 55 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 56 /* power cycle count */ 57 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 58 /* airflow-temperature-celsius */ 59 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32}, 60 }; 61 62 const char *IDE_DMA_CMD_lookup[IDE_DMA__COUNT] = { 63 [IDE_DMA_READ] = "DMA READ", 64 [IDE_DMA_WRITE] = "DMA WRITE", 65 [IDE_DMA_TRIM] = "DMA TRIM", 66 [IDE_DMA_ATAPI] = "DMA ATAPI" 67 }; 68 69 static const char *IDE_DMA_CMD_str(enum ide_dma_cmd enval) 70 { 71 if ((unsigned)enval < IDE_DMA__COUNT) { 72 return IDE_DMA_CMD_lookup[enval]; 73 } 74 return "DMA UNKNOWN CMD"; 75 } 76 77 static void ide_dummy_transfer_stop(IDEState *s); 78 79 static void padstr(char *str, const char *src, int len) 80 { 81 int i, v; 82 for(i = 0; i < len; i++) { 83 if (*src) 84 v = *src++; 85 else 86 v = ' '; 87 str[i^1] = v; 88 } 89 } 90 91 static void put_le16(uint16_t *p, unsigned int v) 92 { 93 *p = cpu_to_le16(v); 94 } 95 96 static void ide_identify_size(IDEState *s) 97 { 98 uint16_t *p = (uint16_t *)s->identify_data; 99 put_le16(p + 60, s->nb_sectors); 100 put_le16(p + 61, s->nb_sectors >> 16); 101 put_le16(p + 100, s->nb_sectors); 102 put_le16(p + 101, s->nb_sectors >> 16); 103 put_le16(p + 102, s->nb_sectors >> 32); 104 put_le16(p + 103, s->nb_sectors >> 48); 105 } 106 107 static void ide_identify(IDEState *s) 108 { 109 uint16_t *p; 110 unsigned int oldsize; 111 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; 112 113 p = (uint16_t *)s->identify_data; 114 if (s->identify_set) { 115 goto fill_buffer; 116 } 117 memset(p, 0, sizeof(s->identify_data)); 118 119 put_le16(p + 0, 0x0040); 120 put_le16(p + 1, s->cylinders); 121 put_le16(p + 3, s->heads); 122 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 123 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 124 put_le16(p + 6, s->sectors); 125 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 126 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 127 put_le16(p + 21, 512); /* cache size in sectors */ 128 put_le16(p + 22, 4); /* ecc bytes */ 129 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 130 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 131 #if MAX_MULT_SECTORS > 1 132 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 133 #endif 134 put_le16(p + 48, 1); /* dword I/O */ 135 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 136 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 137 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 138 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 139 put_le16(p + 54, s->cylinders); 140 put_le16(p + 55, s->heads); 141 put_le16(p + 56, s->sectors); 142 oldsize = s->cylinders * s->heads * s->sectors; 143 put_le16(p + 57, oldsize); 144 put_le16(p + 58, oldsize >> 16); 145 if (s->mult_sectors) 146 put_le16(p + 59, 0x100 | s->mult_sectors); 147 /* *(p + 60) := nb_sectors -- see ide_identify_size */ 148 /* *(p + 61) := nb_sectors >> 16 -- see ide_identify_size */ 149 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 150 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 151 put_le16(p + 64, 0x03); /* pio3-4 supported */ 152 put_le16(p + 65, 120); 153 put_le16(p + 66, 120); 154 put_le16(p + 67, 120); 155 put_le16(p + 68, 120); 156 if (dev && dev->conf.discard_granularity) { 157 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ 158 } 159 160 if (s->ncq_queues) { 161 put_le16(p + 75, s->ncq_queues - 1); 162 /* NCQ supported */ 163 put_le16(p + 76, (1 << 8)); 164 } 165 166 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 167 put_le16(p + 81, 0x16); /* conforms to ata5 */ 168 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */ 169 put_le16(p + 82, (1 << 14) | (1 << 5) | 1); 170 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 171 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 172 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 173 if (s->wwn) { 174 put_le16(p + 84, (1 << 14) | (1 << 8) | 0); 175 } else { 176 put_le16(p + 84, (1 << 14) | 0); 177 } 178 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 179 if (blk_enable_write_cache(s->blk)) { 180 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 181 } else { 182 put_le16(p + 85, (1 << 14) | 1); 183 } 184 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 185 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10)); 186 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 187 if (s->wwn) { 188 put_le16(p + 87, (1 << 14) | (1 << 8) | 0); 189 } else { 190 put_le16(p + 87, (1 << 14) | 0); 191 } 192 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 193 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 194 /* *(p + 100) := nb_sectors -- see ide_identify_size */ 195 /* *(p + 101) := nb_sectors >> 16 -- see ide_identify_size */ 196 /* *(p + 102) := nb_sectors >> 32 -- see ide_identify_size */ 197 /* *(p + 103) := nb_sectors >> 48 -- see ide_identify_size */ 198 199 if (dev && dev->conf.physical_block_size) 200 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 201 if (s->wwn) { 202 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 203 put_le16(p + 108, s->wwn >> 48); 204 put_le16(p + 109, s->wwn >> 32); 205 put_le16(p + 110, s->wwn >> 16); 206 put_le16(p + 111, s->wwn); 207 } 208 if (dev && dev->conf.discard_granularity) { 209 put_le16(p + 169, 1); /* TRIM support */ 210 } 211 if (dev) { 212 put_le16(p + 217, dev->rotation_rate); /* Nominal media rotation rate */ 213 } 214 215 ide_identify_size(s); 216 s->identify_set = 1; 217 218 fill_buffer: 219 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 220 } 221 222 static void ide_atapi_identify(IDEState *s) 223 { 224 uint16_t *p; 225 226 p = (uint16_t *)s->identify_data; 227 if (s->identify_set) { 228 goto fill_buffer; 229 } 230 memset(p, 0, sizeof(s->identify_data)); 231 232 /* Removable CDROM, 50us response, 12 byte packets */ 233 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 234 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 235 put_le16(p + 20, 3); /* buffer type */ 236 put_le16(p + 21, 512); /* cache size in sectors */ 237 put_le16(p + 22, 4); /* ecc bytes */ 238 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 239 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 240 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 241 #ifdef USE_DMA_CDROM 242 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 243 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 244 put_le16(p + 62, 7); /* single word dma0-2 supported */ 245 put_le16(p + 63, 7); /* mdma0-2 supported */ 246 #else 247 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 248 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 249 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 250 #endif 251 put_le16(p + 64, 3); /* pio3-4 supported */ 252 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 253 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 254 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 255 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 256 257 put_le16(p + 71, 30); /* in ns */ 258 put_le16(p + 72, 30); /* in ns */ 259 260 if (s->ncq_queues) { 261 put_le16(p + 75, s->ncq_queues - 1); 262 /* NCQ supported */ 263 put_le16(p + 76, (1 << 8)); 264 } 265 266 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 267 if (s->wwn) { 268 put_le16(p + 84, (1 << 8)); /* supports WWN for words 108-111 */ 269 put_le16(p + 87, (1 << 8)); /* WWN enabled */ 270 } 271 272 #ifdef USE_DMA_CDROM 273 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 274 #endif 275 276 if (s->wwn) { 277 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 278 put_le16(p + 108, s->wwn >> 48); 279 put_le16(p + 109, s->wwn >> 32); 280 put_le16(p + 110, s->wwn >> 16); 281 put_le16(p + 111, s->wwn); 282 } 283 284 s->identify_set = 1; 285 286 fill_buffer: 287 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 288 } 289 290 static void ide_cfata_identify_size(IDEState *s) 291 { 292 uint16_t *p = (uint16_t *)s->identify_data; 293 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 294 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 295 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 296 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 297 } 298 299 static void ide_cfata_identify(IDEState *s) 300 { 301 uint16_t *p; 302 uint32_t cur_sec; 303 304 p = (uint16_t *)s->identify_data; 305 if (s->identify_set) { 306 goto fill_buffer; 307 } 308 memset(p, 0, sizeof(s->identify_data)); 309 310 cur_sec = s->cylinders * s->heads * s->sectors; 311 312 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 313 put_le16(p + 1, s->cylinders); /* Default cylinders */ 314 put_le16(p + 3, s->heads); /* Default heads */ 315 put_le16(p + 6, s->sectors); /* Default sectors per track */ 316 /* *(p + 7) := nb_sectors >> 16 -- see ide_cfata_identify_size */ 317 /* *(p + 8) := nb_sectors -- see ide_cfata_identify_size */ 318 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 319 put_le16(p + 22, 0x0004); /* ECC bytes */ 320 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 321 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */ 322 #if MAX_MULT_SECTORS > 1 323 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 324 #else 325 put_le16(p + 47, 0x0000); 326 #endif 327 put_le16(p + 49, 0x0f00); /* Capabilities */ 328 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 329 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 330 put_le16(p + 53, 0x0003); /* Translation params valid */ 331 put_le16(p + 54, s->cylinders); /* Current cylinders */ 332 put_le16(p + 55, s->heads); /* Current heads */ 333 put_le16(p + 56, s->sectors); /* Current sectors */ 334 put_le16(p + 57, cur_sec); /* Current capacity */ 335 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 336 if (s->mult_sectors) /* Multiple sector setting */ 337 put_le16(p + 59, 0x100 | s->mult_sectors); 338 /* *(p + 60) := nb_sectors -- see ide_cfata_identify_size */ 339 /* *(p + 61) := nb_sectors >> 16 -- see ide_cfata_identify_size */ 340 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 341 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 342 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 343 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 344 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 345 put_le16(p + 82, 0x400c); /* Command Set supported */ 346 put_le16(p + 83, 0x7068); /* Command Set supported */ 347 put_le16(p + 84, 0x4000); /* Features supported */ 348 put_le16(p + 85, 0x000c); /* Command Set enabled */ 349 put_le16(p + 86, 0x7044); /* Command Set enabled */ 350 put_le16(p + 87, 0x4000); /* Features enabled */ 351 put_le16(p + 91, 0x4060); /* Current APM level */ 352 put_le16(p + 129, 0x0002); /* Current features option */ 353 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 354 put_le16(p + 131, 0x0001); /* Initial power mode */ 355 put_le16(p + 132, 0x0000); /* User signature */ 356 put_le16(p + 160, 0x8100); /* Power requirement */ 357 put_le16(p + 161, 0x8001); /* CF command set */ 358 359 ide_cfata_identify_size(s); 360 s->identify_set = 1; 361 362 fill_buffer: 363 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 364 } 365 366 static void ide_set_signature(IDEState *s) 367 { 368 s->select &= 0xf0; /* clear head */ 369 /* put signature */ 370 s->nsector = 1; 371 s->sector = 1; 372 if (s->drive_kind == IDE_CD) { 373 s->lcyl = 0x14; 374 s->hcyl = 0xeb; 375 } else if (s->blk) { 376 s->lcyl = 0; 377 s->hcyl = 0; 378 } else { 379 s->lcyl = 0xff; 380 s->hcyl = 0xff; 381 } 382 } 383 384 static bool ide_sect_range_ok(IDEState *s, 385 uint64_t sector, uint64_t nb_sectors) 386 { 387 uint64_t total_sectors; 388 389 blk_get_geometry(s->blk, &total_sectors); 390 if (sector > total_sectors || nb_sectors > total_sectors - sector) { 391 return false; 392 } 393 return true; 394 } 395 396 typedef struct TrimAIOCB { 397 BlockAIOCB common; 398 IDEState *s; 399 QEMUBH *bh; 400 int ret; 401 QEMUIOVector *qiov; 402 BlockAIOCB *aiocb; 403 int i, j; 404 } TrimAIOCB; 405 406 static void trim_aio_cancel(BlockAIOCB *acb) 407 { 408 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); 409 410 /* Exit the loop so ide_issue_trim_cb will not continue */ 411 iocb->j = iocb->qiov->niov - 1; 412 iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1; 413 414 iocb->ret = -ECANCELED; 415 416 if (iocb->aiocb) { 417 blk_aio_cancel_async(iocb->aiocb); 418 iocb->aiocb = NULL; 419 } 420 } 421 422 static const AIOCBInfo trim_aiocb_info = { 423 .aiocb_size = sizeof(TrimAIOCB), 424 .cancel_async = trim_aio_cancel, 425 }; 426 427 static void ide_trim_bh_cb(void *opaque) 428 { 429 TrimAIOCB *iocb = opaque; 430 431 iocb->common.cb(iocb->common.opaque, iocb->ret); 432 433 qemu_bh_delete(iocb->bh); 434 iocb->bh = NULL; 435 qemu_aio_unref(iocb); 436 } 437 438 static void ide_issue_trim_cb(void *opaque, int ret) 439 { 440 TrimAIOCB *iocb = opaque; 441 IDEState *s = iocb->s; 442 443 if (ret >= 0) { 444 while (iocb->j < iocb->qiov->niov) { 445 int j = iocb->j; 446 while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) { 447 int i = iocb->i; 448 uint64_t *buffer = iocb->qiov->iov[j].iov_base; 449 450 /* 6-byte LBA + 2-byte range per entry */ 451 uint64_t entry = le64_to_cpu(buffer[i]); 452 uint64_t sector = entry & 0x0000ffffffffffffULL; 453 uint16_t count = entry >> 48; 454 455 if (count == 0) { 456 continue; 457 } 458 459 if (!ide_sect_range_ok(s, sector, count)) { 460 iocb->ret = -EINVAL; 461 goto done; 462 } 463 464 /* Got an entry! Submit and exit. */ 465 iocb->aiocb = blk_aio_pdiscard(s->blk, 466 sector << BDRV_SECTOR_BITS, 467 count << BDRV_SECTOR_BITS, 468 ide_issue_trim_cb, opaque); 469 return; 470 } 471 472 iocb->j++; 473 iocb->i = -1; 474 } 475 } else { 476 iocb->ret = ret; 477 } 478 479 done: 480 iocb->aiocb = NULL; 481 if (iocb->bh) { 482 qemu_bh_schedule(iocb->bh); 483 } 484 } 485 486 BlockAIOCB *ide_issue_trim( 487 int64_t offset, QEMUIOVector *qiov, 488 BlockCompletionFunc *cb, void *cb_opaque, void *opaque) 489 { 490 IDEState *s = opaque; 491 TrimAIOCB *iocb; 492 493 iocb = blk_aio_get(&trim_aiocb_info, s->blk, cb, cb_opaque); 494 iocb->s = s; 495 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); 496 iocb->ret = 0; 497 iocb->qiov = qiov; 498 iocb->i = -1; 499 iocb->j = 0; 500 ide_issue_trim_cb(iocb, 0); 501 return &iocb->common; 502 } 503 504 void ide_abort_command(IDEState *s) 505 { 506 ide_transfer_stop(s); 507 s->status = READY_STAT | ERR_STAT; 508 s->error = ABRT_ERR; 509 } 510 511 static void ide_set_retry(IDEState *s) 512 { 513 s->bus->retry_unit = s->unit; 514 s->bus->retry_sector_num = ide_get_sector(s); 515 s->bus->retry_nsector = s->nsector; 516 } 517 518 static void ide_clear_retry(IDEState *s) 519 { 520 s->bus->retry_unit = -1; 521 s->bus->retry_sector_num = 0; 522 s->bus->retry_nsector = 0; 523 } 524 525 /* prepare data transfer and tell what to do after */ 526 void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 527 EndTransferFunc *end_transfer_func) 528 { 529 s->end_transfer_func = end_transfer_func; 530 s->data_ptr = buf; 531 s->data_end = buf + size; 532 ide_set_retry(s); 533 if (!(s->status & ERR_STAT)) { 534 s->status |= DRQ_STAT; 535 } 536 if (s->bus->dma->ops->start_transfer) { 537 s->bus->dma->ops->start_transfer(s->bus->dma); 538 } 539 } 540 541 static void ide_cmd_done(IDEState *s) 542 { 543 if (s->bus->dma->ops->cmd_done) { 544 s->bus->dma->ops->cmd_done(s->bus->dma); 545 } 546 } 547 548 static void ide_transfer_halt(IDEState *s, 549 void(*end_transfer_func)(IDEState *), 550 bool notify) 551 { 552 s->end_transfer_func = end_transfer_func; 553 s->data_ptr = s->io_buffer; 554 s->data_end = s->io_buffer; 555 s->status &= ~DRQ_STAT; 556 if (notify) { 557 ide_cmd_done(s); 558 } 559 } 560 561 void ide_transfer_stop(IDEState *s) 562 { 563 ide_transfer_halt(s, ide_transfer_stop, true); 564 } 565 566 static void ide_transfer_cancel(IDEState *s) 567 { 568 ide_transfer_halt(s, ide_transfer_cancel, false); 569 } 570 571 int64_t ide_get_sector(IDEState *s) 572 { 573 int64_t sector_num; 574 if (s->select & 0x40) { 575 /* lba */ 576 if (!s->lba48) { 577 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 578 (s->lcyl << 8) | s->sector; 579 } else { 580 sector_num = ((int64_t)s->hob_hcyl << 40) | 581 ((int64_t) s->hob_lcyl << 32) | 582 ((int64_t) s->hob_sector << 24) | 583 ((int64_t) s->hcyl << 16) | 584 ((int64_t) s->lcyl << 8) | s->sector; 585 } 586 } else { 587 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 588 (s->select & 0x0f) * s->sectors + (s->sector - 1); 589 } 590 return sector_num; 591 } 592 593 void ide_set_sector(IDEState *s, int64_t sector_num) 594 { 595 unsigned int cyl, r; 596 if (s->select & 0x40) { 597 if (!s->lba48) { 598 s->select = (s->select & 0xf0) | (sector_num >> 24); 599 s->hcyl = (sector_num >> 16); 600 s->lcyl = (sector_num >> 8); 601 s->sector = (sector_num); 602 } else { 603 s->sector = sector_num; 604 s->lcyl = sector_num >> 8; 605 s->hcyl = sector_num >> 16; 606 s->hob_sector = sector_num >> 24; 607 s->hob_lcyl = sector_num >> 32; 608 s->hob_hcyl = sector_num >> 40; 609 } 610 } else { 611 cyl = sector_num / (s->heads * s->sectors); 612 r = sector_num % (s->heads * s->sectors); 613 s->hcyl = cyl >> 8; 614 s->lcyl = cyl; 615 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 616 s->sector = (r % s->sectors) + 1; 617 } 618 } 619 620 static void ide_rw_error(IDEState *s) { 621 ide_abort_command(s); 622 ide_set_irq(s->bus); 623 } 624 625 static void ide_buffered_readv_cb(void *opaque, int ret) 626 { 627 IDEBufferedRequest *req = opaque; 628 if (!req->orphaned) { 629 if (!ret) { 630 qemu_iovec_from_buf(req->original_qiov, 0, req->iov.iov_base, 631 req->original_qiov->size); 632 } 633 req->original_cb(req->original_opaque, ret); 634 } 635 QLIST_REMOVE(req, list); 636 qemu_vfree(req->iov.iov_base); 637 g_free(req); 638 } 639 640 #define MAX_BUFFERED_REQS 16 641 642 BlockAIOCB *ide_buffered_readv(IDEState *s, int64_t sector_num, 643 QEMUIOVector *iov, int nb_sectors, 644 BlockCompletionFunc *cb, void *opaque) 645 { 646 BlockAIOCB *aioreq; 647 IDEBufferedRequest *req; 648 int c = 0; 649 650 QLIST_FOREACH(req, &s->buffered_requests, list) { 651 c++; 652 } 653 if (c > MAX_BUFFERED_REQS) { 654 return blk_abort_aio_request(s->blk, cb, opaque, -EIO); 655 } 656 657 req = g_new0(IDEBufferedRequest, 1); 658 req->original_qiov = iov; 659 req->original_cb = cb; 660 req->original_opaque = opaque; 661 req->iov.iov_base = qemu_blockalign(blk_bs(s->blk), iov->size); 662 req->iov.iov_len = iov->size; 663 qemu_iovec_init_external(&req->qiov, &req->iov, 1); 664 665 aioreq = blk_aio_preadv(s->blk, sector_num << BDRV_SECTOR_BITS, 666 &req->qiov, 0, ide_buffered_readv_cb, req); 667 668 QLIST_INSERT_HEAD(&s->buffered_requests, req, list); 669 return aioreq; 670 } 671 672 /** 673 * Cancel all pending DMA requests. 674 * Any buffered DMA requests are instantly canceled, 675 * but any pending unbuffered DMA requests must be waited on. 676 */ 677 void ide_cancel_dma_sync(IDEState *s) 678 { 679 IDEBufferedRequest *req; 680 681 /* First invoke the callbacks of all buffered requests 682 * and flag those requests as orphaned. Ideally there 683 * are no unbuffered (Scatter Gather DMA Requests or 684 * write requests) pending and we can avoid to drain. */ 685 QLIST_FOREACH(req, &s->buffered_requests, list) { 686 if (!req->orphaned) { 687 trace_ide_cancel_dma_sync_buffered(req->original_cb, req); 688 req->original_cb(req->original_opaque, -ECANCELED); 689 } 690 req->orphaned = true; 691 } 692 693 /* 694 * We can't cancel Scatter Gather DMA in the middle of the 695 * operation or a partial (not full) DMA transfer would reach 696 * the storage so we wait for completion instead (we beahve 697 * like if the DMA was completed by the time the guest trying 698 * to cancel dma with bmdma_cmd_writeb with BM_CMD_START not 699 * set). 700 * 701 * In the future we'll be able to safely cancel the I/O if the 702 * whole DMA operation will be submitted to disk with a single 703 * aio operation with preadv/pwritev. 704 */ 705 if (s->bus->dma->aiocb) { 706 trace_ide_cancel_dma_sync_remaining(); 707 blk_drain(s->blk); 708 assert(s->bus->dma->aiocb == NULL); 709 } 710 } 711 712 static void ide_sector_read(IDEState *s); 713 714 static void ide_sector_read_cb(void *opaque, int ret) 715 { 716 IDEState *s = opaque; 717 int n; 718 719 s->pio_aiocb = NULL; 720 s->status &= ~BUSY_STAT; 721 722 if (ret == -ECANCELED) { 723 return; 724 } 725 if (ret != 0) { 726 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO | 727 IDE_RETRY_READ)) { 728 return; 729 } 730 } 731 732 block_acct_done(blk_get_stats(s->blk), &s->acct); 733 734 n = s->nsector; 735 if (n > s->req_nb_sectors) { 736 n = s->req_nb_sectors; 737 } 738 739 ide_set_sector(s, ide_get_sector(s) + n); 740 s->nsector -= n; 741 /* Allow the guest to read the io_buffer */ 742 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read); 743 ide_set_irq(s->bus); 744 } 745 746 static void ide_sector_read(IDEState *s) 747 { 748 int64_t sector_num; 749 int n; 750 751 s->status = READY_STAT | SEEK_STAT; 752 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 753 sector_num = ide_get_sector(s); 754 n = s->nsector; 755 756 if (n == 0) { 757 ide_transfer_stop(s); 758 return; 759 } 760 761 s->status |= BUSY_STAT; 762 763 if (n > s->req_nb_sectors) { 764 n = s->req_nb_sectors; 765 } 766 767 trace_ide_sector_read(sector_num, n); 768 769 if (!ide_sect_range_ok(s, sector_num, n)) { 770 ide_rw_error(s); 771 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_READ); 772 return; 773 } 774 775 s->iov.iov_base = s->io_buffer; 776 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 777 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 778 779 block_acct_start(blk_get_stats(s->blk), &s->acct, 780 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ); 781 s->pio_aiocb = ide_buffered_readv(s, sector_num, &s->qiov, n, 782 ide_sector_read_cb, s); 783 } 784 785 void dma_buf_commit(IDEState *s, uint32_t tx_bytes) 786 { 787 if (s->bus->dma->ops->commit_buf) { 788 s->bus->dma->ops->commit_buf(s->bus->dma, tx_bytes); 789 } 790 s->io_buffer_offset += tx_bytes; 791 qemu_sglist_destroy(&s->sg); 792 } 793 794 void ide_set_inactive(IDEState *s, bool more) 795 { 796 s->bus->dma->aiocb = NULL; 797 ide_clear_retry(s); 798 if (s->bus->dma->ops->set_inactive) { 799 s->bus->dma->ops->set_inactive(s->bus->dma, more); 800 } 801 ide_cmd_done(s); 802 } 803 804 void ide_dma_error(IDEState *s) 805 { 806 dma_buf_commit(s, 0); 807 ide_abort_command(s); 808 ide_set_inactive(s, false); 809 ide_set_irq(s->bus); 810 } 811 812 int ide_handle_rw_error(IDEState *s, int error, int op) 813 { 814 bool is_read = (op & IDE_RETRY_READ) != 0; 815 BlockErrorAction action = blk_get_error_action(s->blk, is_read, error); 816 817 if (action == BLOCK_ERROR_ACTION_STOP) { 818 assert(s->bus->retry_unit == s->unit); 819 s->bus->error_status = op; 820 } else if (action == BLOCK_ERROR_ACTION_REPORT) { 821 block_acct_failed(blk_get_stats(s->blk), &s->acct); 822 if (IS_IDE_RETRY_DMA(op)) { 823 ide_dma_error(s); 824 } else if (IS_IDE_RETRY_ATAPI(op)) { 825 ide_atapi_io_error(s, -error); 826 } else { 827 ide_rw_error(s); 828 } 829 } 830 blk_error_action(s->blk, action, is_read, error); 831 return action != BLOCK_ERROR_ACTION_IGNORE; 832 } 833 834 static void ide_dma_cb(void *opaque, int ret) 835 { 836 IDEState *s = opaque; 837 int n; 838 int64_t sector_num; 839 uint64_t offset; 840 bool stay_active = false; 841 842 if (ret == -ECANCELED) { 843 return; 844 } 845 846 if (ret == -EINVAL) { 847 ide_dma_error(s); 848 return; 849 } 850 851 if (ret < 0) { 852 if (ide_handle_rw_error(s, -ret, ide_dma_cmd_to_retry(s->dma_cmd))) { 853 s->bus->dma->aiocb = NULL; 854 dma_buf_commit(s, 0); 855 return; 856 } 857 } 858 859 n = s->io_buffer_size >> 9; 860 if (n > s->nsector) { 861 /* The PRDs were longer than needed for this request. Shorten them so 862 * we don't get a negative remainder. The Active bit must remain set 863 * after the request completes. */ 864 n = s->nsector; 865 stay_active = true; 866 } 867 868 sector_num = ide_get_sector(s); 869 if (n > 0) { 870 assert(n * 512 == s->sg.size); 871 dma_buf_commit(s, s->sg.size); 872 sector_num += n; 873 ide_set_sector(s, sector_num); 874 s->nsector -= n; 875 } 876 877 /* end of transfer ? */ 878 if (s->nsector == 0) { 879 s->status = READY_STAT | SEEK_STAT; 880 ide_set_irq(s->bus); 881 goto eot; 882 } 883 884 /* launch next transfer */ 885 n = s->nsector; 886 s->io_buffer_index = 0; 887 s->io_buffer_size = n * 512; 888 if (s->bus->dma->ops->prepare_buf(s->bus->dma, s->io_buffer_size) < 512) { 889 /* The PRDs were too short. Reset the Active bit, but don't raise an 890 * interrupt. */ 891 s->status = READY_STAT | SEEK_STAT; 892 dma_buf_commit(s, 0); 893 goto eot; 894 } 895 896 trace_ide_dma_cb(s, sector_num, n, IDE_DMA_CMD_str(s->dma_cmd)); 897 898 if ((s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) && 899 !ide_sect_range_ok(s, sector_num, n)) { 900 ide_dma_error(s); 901 block_acct_invalid(blk_get_stats(s->blk), s->acct.type); 902 return; 903 } 904 905 offset = sector_num << BDRV_SECTOR_BITS; 906 switch (s->dma_cmd) { 907 case IDE_DMA_READ: 908 s->bus->dma->aiocb = dma_blk_read(s->blk, &s->sg, offset, 909 BDRV_SECTOR_SIZE, ide_dma_cb, s); 910 break; 911 case IDE_DMA_WRITE: 912 s->bus->dma->aiocb = dma_blk_write(s->blk, &s->sg, offset, 913 BDRV_SECTOR_SIZE, ide_dma_cb, s); 914 break; 915 case IDE_DMA_TRIM: 916 s->bus->dma->aiocb = dma_blk_io(blk_get_aio_context(s->blk), 917 &s->sg, offset, BDRV_SECTOR_SIZE, 918 ide_issue_trim, s, ide_dma_cb, s, 919 DMA_DIRECTION_TO_DEVICE); 920 break; 921 default: 922 abort(); 923 } 924 return; 925 926 eot: 927 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) { 928 block_acct_done(blk_get_stats(s->blk), &s->acct); 929 } 930 ide_set_inactive(s, stay_active); 931 } 932 933 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 934 { 935 s->status = READY_STAT | SEEK_STAT | DRQ_STAT; 936 s->io_buffer_size = 0; 937 s->dma_cmd = dma_cmd; 938 939 switch (dma_cmd) { 940 case IDE_DMA_READ: 941 block_acct_start(blk_get_stats(s->blk), &s->acct, 942 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_READ); 943 break; 944 case IDE_DMA_WRITE: 945 block_acct_start(blk_get_stats(s->blk), &s->acct, 946 s->nsector * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE); 947 break; 948 default: 949 break; 950 } 951 952 ide_start_dma(s, ide_dma_cb); 953 } 954 955 void ide_start_dma(IDEState *s, BlockCompletionFunc *cb) 956 { 957 s->io_buffer_index = 0; 958 ide_set_retry(s); 959 if (s->bus->dma->ops->start_dma) { 960 s->bus->dma->ops->start_dma(s->bus->dma, s, cb); 961 } 962 } 963 964 static void ide_sector_write(IDEState *s); 965 966 static void ide_sector_write_timer_cb(void *opaque) 967 { 968 IDEState *s = opaque; 969 ide_set_irq(s->bus); 970 } 971 972 static void ide_sector_write_cb(void *opaque, int ret) 973 { 974 IDEState *s = opaque; 975 int n; 976 977 if (ret == -ECANCELED) { 978 return; 979 } 980 981 s->pio_aiocb = NULL; 982 s->status &= ~BUSY_STAT; 983 984 if (ret != 0) { 985 if (ide_handle_rw_error(s, -ret, IDE_RETRY_PIO)) { 986 return; 987 } 988 } 989 990 block_acct_done(blk_get_stats(s->blk), &s->acct); 991 992 n = s->nsector; 993 if (n > s->req_nb_sectors) { 994 n = s->req_nb_sectors; 995 } 996 s->nsector -= n; 997 998 ide_set_sector(s, ide_get_sector(s) + n); 999 if (s->nsector == 0) { 1000 /* no more sectors to write */ 1001 ide_transfer_stop(s); 1002 } else { 1003 int n1 = s->nsector; 1004 if (n1 > s->req_nb_sectors) { 1005 n1 = s->req_nb_sectors; 1006 } 1007 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE, 1008 ide_sector_write); 1009 } 1010 1011 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 1012 /* It seems there is a bug in the Windows 2000 installer HDD 1013 IDE driver which fills the disk with empty logs when the 1014 IDE write IRQ comes too early. This hack tries to correct 1015 that at the expense of slower write performances. Use this 1016 option _only_ to install Windows 2000. You must disable it 1017 for normal use. */ 1018 timer_mod(s->sector_write_timer, qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + 1019 (NANOSECONDS_PER_SECOND / 1000)); 1020 } else { 1021 ide_set_irq(s->bus); 1022 } 1023 } 1024 1025 static void ide_sector_write(IDEState *s) 1026 { 1027 int64_t sector_num; 1028 int n; 1029 1030 s->status = READY_STAT | SEEK_STAT | BUSY_STAT; 1031 sector_num = ide_get_sector(s); 1032 1033 n = s->nsector; 1034 if (n > s->req_nb_sectors) { 1035 n = s->req_nb_sectors; 1036 } 1037 1038 trace_ide_sector_write(sector_num, n); 1039 1040 if (!ide_sect_range_ok(s, sector_num, n)) { 1041 ide_rw_error(s); 1042 block_acct_invalid(blk_get_stats(s->blk), BLOCK_ACCT_WRITE); 1043 return; 1044 } 1045 1046 s->iov.iov_base = s->io_buffer; 1047 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 1048 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 1049 1050 block_acct_start(blk_get_stats(s->blk), &s->acct, 1051 n * BDRV_SECTOR_SIZE, BLOCK_ACCT_WRITE); 1052 s->pio_aiocb = blk_aio_pwritev(s->blk, sector_num << BDRV_SECTOR_BITS, 1053 &s->qiov, 0, ide_sector_write_cb, s); 1054 } 1055 1056 static void ide_flush_cb(void *opaque, int ret) 1057 { 1058 IDEState *s = opaque; 1059 1060 s->pio_aiocb = NULL; 1061 1062 if (ret == -ECANCELED) { 1063 return; 1064 } 1065 if (ret < 0) { 1066 /* XXX: What sector number to set here? */ 1067 if (ide_handle_rw_error(s, -ret, IDE_RETRY_FLUSH)) { 1068 return; 1069 } 1070 } 1071 1072 if (s->blk) { 1073 block_acct_done(blk_get_stats(s->blk), &s->acct); 1074 } 1075 s->status = READY_STAT | SEEK_STAT; 1076 ide_cmd_done(s); 1077 ide_set_irq(s->bus); 1078 } 1079 1080 static void ide_flush_cache(IDEState *s) 1081 { 1082 if (s->blk == NULL) { 1083 ide_flush_cb(s, 0); 1084 return; 1085 } 1086 1087 s->status |= BUSY_STAT; 1088 ide_set_retry(s); 1089 block_acct_start(blk_get_stats(s->blk), &s->acct, 0, BLOCK_ACCT_FLUSH); 1090 s->pio_aiocb = blk_aio_flush(s->blk, ide_flush_cb, s); 1091 } 1092 1093 static void ide_cfata_metadata_inquiry(IDEState *s) 1094 { 1095 uint16_t *p; 1096 uint32_t spd; 1097 1098 p = (uint16_t *) s->io_buffer; 1099 memset(p, 0, 0x200); 1100 spd = ((s->mdata_size - 1) >> 9) + 1; 1101 1102 put_le16(p + 0, 0x0001); /* Data format revision */ 1103 put_le16(p + 1, 0x0000); /* Media property: silicon */ 1104 put_le16(p + 2, s->media_changed); /* Media status */ 1105 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 1106 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 1107 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 1108 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 1109 } 1110 1111 static void ide_cfata_metadata_read(IDEState *s) 1112 { 1113 uint16_t *p; 1114 1115 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 1116 s->status = ERR_STAT; 1117 s->error = ABRT_ERR; 1118 return; 1119 } 1120 1121 p = (uint16_t *) s->io_buffer; 1122 memset(p, 0, 0x200); 1123 1124 put_le16(p + 0, s->media_changed); /* Media status */ 1125 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 1126 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 1127 s->nsector << 9), 0x200 - 2)); 1128 } 1129 1130 static void ide_cfata_metadata_write(IDEState *s) 1131 { 1132 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 1133 s->status = ERR_STAT; 1134 s->error = ABRT_ERR; 1135 return; 1136 } 1137 1138 s->media_changed = 0; 1139 1140 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 1141 s->io_buffer + 2, 1142 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 1143 s->nsector << 9), 0x200 - 2)); 1144 } 1145 1146 /* called when the inserted state of the media has changed */ 1147 static void ide_cd_change_cb(void *opaque, bool load, Error **errp) 1148 { 1149 IDEState *s = opaque; 1150 uint64_t nb_sectors; 1151 1152 s->tray_open = !load; 1153 blk_get_geometry(s->blk, &nb_sectors); 1154 s->nb_sectors = nb_sectors; 1155 1156 /* 1157 * First indicate to the guest that a CD has been removed. That's 1158 * done on the next command the guest sends us. 1159 * 1160 * Then we set UNIT_ATTENTION, by which the guest will 1161 * detect a new CD in the drive. See ide_atapi_cmd() for details. 1162 */ 1163 s->cdrom_changed = 1; 1164 s->events.new_media = true; 1165 s->events.eject_request = false; 1166 ide_set_irq(s->bus); 1167 } 1168 1169 static void ide_cd_eject_request_cb(void *opaque, bool force) 1170 { 1171 IDEState *s = opaque; 1172 1173 s->events.eject_request = true; 1174 if (force) { 1175 s->tray_locked = false; 1176 } 1177 ide_set_irq(s->bus); 1178 } 1179 1180 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 1181 { 1182 s->lba48 = lba48; 1183 1184 /* handle the 'magic' 0 nsector count conversion here. to avoid 1185 * fiddling with the rest of the read logic, we just store the 1186 * full sector count in ->nsector and ignore ->hob_nsector from now 1187 */ 1188 if (!s->lba48) { 1189 if (!s->nsector) 1190 s->nsector = 256; 1191 } else { 1192 if (!s->nsector && !s->hob_nsector) 1193 s->nsector = 65536; 1194 else { 1195 int lo = s->nsector; 1196 int hi = s->hob_nsector; 1197 1198 s->nsector = (hi << 8) | lo; 1199 } 1200 } 1201 } 1202 1203 static void ide_clear_hob(IDEBus *bus) 1204 { 1205 /* any write clears HOB high bit of device control register */ 1206 bus->ifs[0].select &= ~(1 << 7); 1207 bus->ifs[1].select &= ~(1 << 7); 1208 } 1209 1210 /* IOport [W]rite [R]egisters */ 1211 enum ATA_IOPORT_WR { 1212 ATA_IOPORT_WR_DATA = 0, 1213 ATA_IOPORT_WR_FEATURES = 1, 1214 ATA_IOPORT_WR_SECTOR_COUNT = 2, 1215 ATA_IOPORT_WR_SECTOR_NUMBER = 3, 1216 ATA_IOPORT_WR_CYLINDER_LOW = 4, 1217 ATA_IOPORT_WR_CYLINDER_HIGH = 5, 1218 ATA_IOPORT_WR_DEVICE_HEAD = 6, 1219 ATA_IOPORT_WR_COMMAND = 7, 1220 ATA_IOPORT_WR_NUM_REGISTERS, 1221 }; 1222 1223 const char *ATA_IOPORT_WR_lookup[ATA_IOPORT_WR_NUM_REGISTERS] = { 1224 [ATA_IOPORT_WR_DATA] = "Data", 1225 [ATA_IOPORT_WR_FEATURES] = "Features", 1226 [ATA_IOPORT_WR_SECTOR_COUNT] = "Sector Count", 1227 [ATA_IOPORT_WR_SECTOR_NUMBER] = "Sector Number", 1228 [ATA_IOPORT_WR_CYLINDER_LOW] = "Cylinder Low", 1229 [ATA_IOPORT_WR_CYLINDER_HIGH] = "Cylinder High", 1230 [ATA_IOPORT_WR_DEVICE_HEAD] = "Device/Head", 1231 [ATA_IOPORT_WR_COMMAND] = "Command" 1232 }; 1233 1234 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 1235 { 1236 IDEBus *bus = opaque; 1237 IDEState *s = idebus_active_if(bus); 1238 int reg_num = addr & 7; 1239 1240 trace_ide_ioport_write(addr, ATA_IOPORT_WR_lookup[reg_num], val, bus, s); 1241 1242 /* ignore writes to command block while busy with previous command */ 1243 if (reg_num != 7 && (s->status & (BUSY_STAT|DRQ_STAT))) { 1244 return; 1245 } 1246 1247 switch (reg_num) { 1248 case 0: 1249 break; 1250 case ATA_IOPORT_WR_FEATURES: 1251 ide_clear_hob(bus); 1252 /* NOTE: data is written to the two drives */ 1253 bus->ifs[0].hob_feature = bus->ifs[0].feature; 1254 bus->ifs[1].hob_feature = bus->ifs[1].feature; 1255 bus->ifs[0].feature = val; 1256 bus->ifs[1].feature = val; 1257 break; 1258 case ATA_IOPORT_WR_SECTOR_COUNT: 1259 ide_clear_hob(bus); 1260 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 1261 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 1262 bus->ifs[0].nsector = val; 1263 bus->ifs[1].nsector = val; 1264 break; 1265 case ATA_IOPORT_WR_SECTOR_NUMBER: 1266 ide_clear_hob(bus); 1267 bus->ifs[0].hob_sector = bus->ifs[0].sector; 1268 bus->ifs[1].hob_sector = bus->ifs[1].sector; 1269 bus->ifs[0].sector = val; 1270 bus->ifs[1].sector = val; 1271 break; 1272 case ATA_IOPORT_WR_CYLINDER_LOW: 1273 ide_clear_hob(bus); 1274 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 1275 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 1276 bus->ifs[0].lcyl = val; 1277 bus->ifs[1].lcyl = val; 1278 break; 1279 case ATA_IOPORT_WR_CYLINDER_HIGH: 1280 ide_clear_hob(bus); 1281 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 1282 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 1283 bus->ifs[0].hcyl = val; 1284 bus->ifs[1].hcyl = val; 1285 break; 1286 case ATA_IOPORT_WR_DEVICE_HEAD: 1287 /* FIXME: HOB readback uses bit 7 */ 1288 bus->ifs[0].select = (val & ~0x10) | 0xa0; 1289 bus->ifs[1].select = (val | 0x10) | 0xa0; 1290 /* select drive */ 1291 bus->unit = (val >> 4) & 1; 1292 break; 1293 default: 1294 case ATA_IOPORT_WR_COMMAND: 1295 /* command */ 1296 ide_exec_cmd(bus, val); 1297 break; 1298 } 1299 } 1300 1301 static void ide_reset(IDEState *s) 1302 { 1303 trace_ide_reset(s); 1304 1305 if (s->pio_aiocb) { 1306 blk_aio_cancel(s->pio_aiocb); 1307 s->pio_aiocb = NULL; 1308 } 1309 1310 if (s->drive_kind == IDE_CFATA) 1311 s->mult_sectors = 0; 1312 else 1313 s->mult_sectors = MAX_MULT_SECTORS; 1314 /* ide regs */ 1315 s->feature = 0; 1316 s->error = 0; 1317 s->nsector = 0; 1318 s->sector = 0; 1319 s->lcyl = 0; 1320 s->hcyl = 0; 1321 1322 /* lba48 */ 1323 s->hob_feature = 0; 1324 s->hob_sector = 0; 1325 s->hob_nsector = 0; 1326 s->hob_lcyl = 0; 1327 s->hob_hcyl = 0; 1328 1329 s->select = 0xa0; 1330 s->status = READY_STAT | SEEK_STAT; 1331 1332 s->lba48 = 0; 1333 1334 /* ATAPI specific */ 1335 s->sense_key = 0; 1336 s->asc = 0; 1337 s->cdrom_changed = 0; 1338 s->packet_transfer_size = 0; 1339 s->elementary_transfer_size = 0; 1340 s->io_buffer_index = 0; 1341 s->cd_sector_size = 0; 1342 s->atapi_dma = 0; 1343 s->tray_locked = 0; 1344 s->tray_open = 0; 1345 /* ATA DMA state */ 1346 s->io_buffer_size = 0; 1347 s->req_nb_sectors = 0; 1348 1349 ide_set_signature(s); 1350 /* init the transfer handler so that 0xffff is returned on data 1351 accesses */ 1352 s->end_transfer_func = ide_dummy_transfer_stop; 1353 ide_dummy_transfer_stop(s); 1354 s->media_changed = 0; 1355 } 1356 1357 static bool cmd_nop(IDEState *s, uint8_t cmd) 1358 { 1359 return true; 1360 } 1361 1362 static bool cmd_device_reset(IDEState *s, uint8_t cmd) 1363 { 1364 /* Halt PIO (in the DRQ phase), then DMA */ 1365 ide_transfer_cancel(s); 1366 ide_cancel_dma_sync(s); 1367 1368 /* Reset any PIO commands, reset signature, etc */ 1369 ide_reset(s); 1370 1371 /* RESET: ATA8-ACS3 7.10.4 "Normal Outputs"; 1372 * ATA8-ACS3 Table 184 "Device Signatures for Normal Output" */ 1373 s->status = 0x00; 1374 1375 /* Do not overwrite status register */ 1376 return false; 1377 } 1378 1379 static bool cmd_data_set_management(IDEState *s, uint8_t cmd) 1380 { 1381 switch (s->feature) { 1382 case DSM_TRIM: 1383 if (s->blk) { 1384 ide_sector_start_dma(s, IDE_DMA_TRIM); 1385 return false; 1386 } 1387 break; 1388 } 1389 1390 ide_abort_command(s); 1391 return true; 1392 } 1393 1394 static bool cmd_identify(IDEState *s, uint8_t cmd) 1395 { 1396 if (s->blk && s->drive_kind != IDE_CD) { 1397 if (s->drive_kind != IDE_CFATA) { 1398 ide_identify(s); 1399 } else { 1400 ide_cfata_identify(s); 1401 } 1402 s->status = READY_STAT | SEEK_STAT; 1403 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1404 ide_set_irq(s->bus); 1405 return false; 1406 } else { 1407 if (s->drive_kind == IDE_CD) { 1408 ide_set_signature(s); 1409 } 1410 ide_abort_command(s); 1411 } 1412 1413 return true; 1414 } 1415 1416 static bool cmd_verify(IDEState *s, uint8_t cmd) 1417 { 1418 bool lba48 = (cmd == WIN_VERIFY_EXT); 1419 1420 /* do sector number check ? */ 1421 ide_cmd_lba48_transform(s, lba48); 1422 1423 return true; 1424 } 1425 1426 static bool cmd_set_multiple_mode(IDEState *s, uint8_t cmd) 1427 { 1428 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1429 /* Disable Read and Write Multiple */ 1430 s->mult_sectors = 0; 1431 } else if ((s->nsector & 0xff) != 0 && 1432 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1433 (s->nsector & (s->nsector - 1)) != 0)) { 1434 ide_abort_command(s); 1435 } else { 1436 s->mult_sectors = s->nsector & 0xff; 1437 } 1438 1439 return true; 1440 } 1441 1442 static bool cmd_read_multiple(IDEState *s, uint8_t cmd) 1443 { 1444 bool lba48 = (cmd == WIN_MULTREAD_EXT); 1445 1446 if (!s->blk || !s->mult_sectors) { 1447 ide_abort_command(s); 1448 return true; 1449 } 1450 1451 ide_cmd_lba48_transform(s, lba48); 1452 s->req_nb_sectors = s->mult_sectors; 1453 ide_sector_read(s); 1454 return false; 1455 } 1456 1457 static bool cmd_write_multiple(IDEState *s, uint8_t cmd) 1458 { 1459 bool lba48 = (cmd == WIN_MULTWRITE_EXT); 1460 int n; 1461 1462 if (!s->blk || !s->mult_sectors) { 1463 ide_abort_command(s); 1464 return true; 1465 } 1466 1467 ide_cmd_lba48_transform(s, lba48); 1468 1469 s->req_nb_sectors = s->mult_sectors; 1470 n = MIN(s->nsector, s->req_nb_sectors); 1471 1472 s->status = SEEK_STAT | READY_STAT; 1473 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1474 1475 s->media_changed = 1; 1476 1477 return false; 1478 } 1479 1480 static bool cmd_read_pio(IDEState *s, uint8_t cmd) 1481 { 1482 bool lba48 = (cmd == WIN_READ_EXT); 1483 1484 if (s->drive_kind == IDE_CD) { 1485 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */ 1486 ide_abort_command(s); 1487 return true; 1488 } 1489 1490 if (!s->blk) { 1491 ide_abort_command(s); 1492 return true; 1493 } 1494 1495 ide_cmd_lba48_transform(s, lba48); 1496 s->req_nb_sectors = 1; 1497 ide_sector_read(s); 1498 1499 return false; 1500 } 1501 1502 static bool cmd_write_pio(IDEState *s, uint8_t cmd) 1503 { 1504 bool lba48 = (cmd == WIN_WRITE_EXT); 1505 1506 if (!s->blk) { 1507 ide_abort_command(s); 1508 return true; 1509 } 1510 1511 ide_cmd_lba48_transform(s, lba48); 1512 1513 s->req_nb_sectors = 1; 1514 s->status = SEEK_STAT | READY_STAT; 1515 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1516 1517 s->media_changed = 1; 1518 1519 return false; 1520 } 1521 1522 static bool cmd_read_dma(IDEState *s, uint8_t cmd) 1523 { 1524 bool lba48 = (cmd == WIN_READDMA_EXT); 1525 1526 if (!s->blk) { 1527 ide_abort_command(s); 1528 return true; 1529 } 1530 1531 ide_cmd_lba48_transform(s, lba48); 1532 ide_sector_start_dma(s, IDE_DMA_READ); 1533 1534 return false; 1535 } 1536 1537 static bool cmd_write_dma(IDEState *s, uint8_t cmd) 1538 { 1539 bool lba48 = (cmd == WIN_WRITEDMA_EXT); 1540 1541 if (!s->blk) { 1542 ide_abort_command(s); 1543 return true; 1544 } 1545 1546 ide_cmd_lba48_transform(s, lba48); 1547 ide_sector_start_dma(s, IDE_DMA_WRITE); 1548 1549 s->media_changed = 1; 1550 1551 return false; 1552 } 1553 1554 static bool cmd_flush_cache(IDEState *s, uint8_t cmd) 1555 { 1556 ide_flush_cache(s); 1557 return false; 1558 } 1559 1560 static bool cmd_seek(IDEState *s, uint8_t cmd) 1561 { 1562 /* XXX: Check that seek is within bounds */ 1563 return true; 1564 } 1565 1566 static bool cmd_read_native_max(IDEState *s, uint8_t cmd) 1567 { 1568 bool lba48 = (cmd == WIN_READ_NATIVE_MAX_EXT); 1569 1570 /* Refuse if no sectors are addressable (e.g. medium not inserted) */ 1571 if (s->nb_sectors == 0) { 1572 ide_abort_command(s); 1573 return true; 1574 } 1575 1576 ide_cmd_lba48_transform(s, lba48); 1577 ide_set_sector(s, s->nb_sectors - 1); 1578 1579 return true; 1580 } 1581 1582 static bool cmd_check_power_mode(IDEState *s, uint8_t cmd) 1583 { 1584 s->nsector = 0xff; /* device active or idle */ 1585 return true; 1586 } 1587 1588 static bool cmd_set_features(IDEState *s, uint8_t cmd) 1589 { 1590 uint16_t *identify_data; 1591 1592 if (!s->blk) { 1593 ide_abort_command(s); 1594 return true; 1595 } 1596 1597 /* XXX: valid for CDROM ? */ 1598 switch (s->feature) { 1599 case 0x02: /* write cache enable */ 1600 blk_set_enable_write_cache(s->blk, true); 1601 identify_data = (uint16_t *)s->identify_data; 1602 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1); 1603 return true; 1604 case 0x82: /* write cache disable */ 1605 blk_set_enable_write_cache(s->blk, false); 1606 identify_data = (uint16_t *)s->identify_data; 1607 put_le16(identify_data + 85, (1 << 14) | 1); 1608 ide_flush_cache(s); 1609 return false; 1610 case 0xcc: /* reverting to power-on defaults enable */ 1611 case 0x66: /* reverting to power-on defaults disable */ 1612 case 0xaa: /* read look-ahead enable */ 1613 case 0x55: /* read look-ahead disable */ 1614 case 0x05: /* set advanced power management mode */ 1615 case 0x85: /* disable advanced power management mode */ 1616 case 0x69: /* NOP */ 1617 case 0x67: /* NOP */ 1618 case 0x96: /* NOP */ 1619 case 0x9a: /* NOP */ 1620 case 0x42: /* enable Automatic Acoustic Mode */ 1621 case 0xc2: /* disable Automatic Acoustic Mode */ 1622 return true; 1623 case 0x03: /* set transfer mode */ 1624 { 1625 uint8_t val = s->nsector & 0x07; 1626 identify_data = (uint16_t *)s->identify_data; 1627 1628 switch (s->nsector >> 3) { 1629 case 0x00: /* pio default */ 1630 case 0x01: /* pio mode */ 1631 put_le16(identify_data + 62, 0x07); 1632 put_le16(identify_data + 63, 0x07); 1633 put_le16(identify_data + 88, 0x3f); 1634 break; 1635 case 0x02: /* sigle word dma mode*/ 1636 put_le16(identify_data + 62, 0x07 | (1 << (val + 8))); 1637 put_le16(identify_data + 63, 0x07); 1638 put_le16(identify_data + 88, 0x3f); 1639 break; 1640 case 0x04: /* mdma mode */ 1641 put_le16(identify_data + 62, 0x07); 1642 put_le16(identify_data + 63, 0x07 | (1 << (val + 8))); 1643 put_le16(identify_data + 88, 0x3f); 1644 break; 1645 case 0x08: /* udma mode */ 1646 put_le16(identify_data + 62, 0x07); 1647 put_le16(identify_data + 63, 0x07); 1648 put_le16(identify_data + 88, 0x3f | (1 << (val + 8))); 1649 break; 1650 default: 1651 goto abort_cmd; 1652 } 1653 return true; 1654 } 1655 } 1656 1657 abort_cmd: 1658 ide_abort_command(s); 1659 return true; 1660 } 1661 1662 1663 /*** ATAPI commands ***/ 1664 1665 static bool cmd_identify_packet(IDEState *s, uint8_t cmd) 1666 { 1667 ide_atapi_identify(s); 1668 s->status = READY_STAT | SEEK_STAT; 1669 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1670 ide_set_irq(s->bus); 1671 return false; 1672 } 1673 1674 static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t cmd) 1675 { 1676 ide_set_signature(s); 1677 1678 if (s->drive_kind == IDE_CD) { 1679 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 1680 * devices to return a clear status register 1681 * with READY_STAT *not* set. */ 1682 s->error = 0x01; 1683 } else { 1684 s->status = READY_STAT | SEEK_STAT; 1685 /* The bits of the error register are not as usual for this command! 1686 * They are part of the regular output (this is why ERR_STAT isn't set) 1687 * Device 0 passed, Device 1 passed or not present. */ 1688 s->error = 0x01; 1689 ide_set_irq(s->bus); 1690 } 1691 1692 return false; 1693 } 1694 1695 static bool cmd_packet(IDEState *s, uint8_t cmd) 1696 { 1697 /* overlapping commands not supported */ 1698 if (s->feature & 0x02) { 1699 ide_abort_command(s); 1700 return true; 1701 } 1702 1703 s->status = READY_STAT | SEEK_STAT; 1704 s->atapi_dma = s->feature & 1; 1705 if (s->atapi_dma) { 1706 s->dma_cmd = IDE_DMA_ATAPI; 1707 } 1708 s->nsector = 1; 1709 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 1710 ide_atapi_cmd); 1711 return false; 1712 } 1713 1714 1715 /*** CF-ATA commands ***/ 1716 1717 static bool cmd_cfa_req_ext_error_code(IDEState *s, uint8_t cmd) 1718 { 1719 s->error = 0x09; /* miscellaneous error */ 1720 s->status = READY_STAT | SEEK_STAT; 1721 ide_set_irq(s->bus); 1722 1723 return false; 1724 } 1725 1726 static bool cmd_cfa_erase_sectors(IDEState *s, uint8_t cmd) 1727 { 1728 /* WIN_SECURITY_FREEZE_LOCK has the same ID as CFA_WEAR_LEVEL and is 1729 * required for Windows 8 to work with AHCI */ 1730 1731 if (cmd == CFA_WEAR_LEVEL) { 1732 s->nsector = 0; 1733 } 1734 1735 if (cmd == CFA_ERASE_SECTORS) { 1736 s->media_changed = 1; 1737 } 1738 1739 return true; 1740 } 1741 1742 static bool cmd_cfa_translate_sector(IDEState *s, uint8_t cmd) 1743 { 1744 s->status = READY_STAT | SEEK_STAT; 1745 1746 memset(s->io_buffer, 0, 0x200); 1747 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 1748 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 1749 s->io_buffer[0x02] = s->select; /* Head */ 1750 s->io_buffer[0x03] = s->sector; /* Sector */ 1751 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 1752 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 1753 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 1754 s->io_buffer[0x13] = 0x00; /* Erase flag */ 1755 s->io_buffer[0x18] = 0x00; /* Hot count */ 1756 s->io_buffer[0x19] = 0x00; /* Hot count */ 1757 s->io_buffer[0x1a] = 0x01; /* Hot count */ 1758 1759 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1760 ide_set_irq(s->bus); 1761 1762 return false; 1763 } 1764 1765 static bool cmd_cfa_access_metadata_storage(IDEState *s, uint8_t cmd) 1766 { 1767 switch (s->feature) { 1768 case 0x02: /* Inquiry Metadata Storage */ 1769 ide_cfata_metadata_inquiry(s); 1770 break; 1771 case 0x03: /* Read Metadata Storage */ 1772 ide_cfata_metadata_read(s); 1773 break; 1774 case 0x04: /* Write Metadata Storage */ 1775 ide_cfata_metadata_write(s); 1776 break; 1777 default: 1778 ide_abort_command(s); 1779 return true; 1780 } 1781 1782 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1783 s->status = 0x00; /* NOTE: READY is _not_ set */ 1784 ide_set_irq(s->bus); 1785 1786 return false; 1787 } 1788 1789 static bool cmd_ibm_sense_condition(IDEState *s, uint8_t cmd) 1790 { 1791 switch (s->feature) { 1792 case 0x01: /* sense temperature in device */ 1793 s->nsector = 0x50; /* +20 C */ 1794 break; 1795 default: 1796 ide_abort_command(s); 1797 return true; 1798 } 1799 1800 return true; 1801 } 1802 1803 1804 /*** SMART commands ***/ 1805 1806 static bool cmd_smart(IDEState *s, uint8_t cmd) 1807 { 1808 int n; 1809 1810 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) { 1811 goto abort_cmd; 1812 } 1813 1814 if (!s->smart_enabled && s->feature != SMART_ENABLE) { 1815 goto abort_cmd; 1816 } 1817 1818 switch (s->feature) { 1819 case SMART_DISABLE: 1820 s->smart_enabled = 0; 1821 return true; 1822 1823 case SMART_ENABLE: 1824 s->smart_enabled = 1; 1825 return true; 1826 1827 case SMART_ATTR_AUTOSAVE: 1828 switch (s->sector) { 1829 case 0x00: 1830 s->smart_autosave = 0; 1831 break; 1832 case 0xf1: 1833 s->smart_autosave = 1; 1834 break; 1835 default: 1836 goto abort_cmd; 1837 } 1838 return true; 1839 1840 case SMART_STATUS: 1841 if (!s->smart_errors) { 1842 s->hcyl = 0xc2; 1843 s->lcyl = 0x4f; 1844 } else { 1845 s->hcyl = 0x2c; 1846 s->lcyl = 0xf4; 1847 } 1848 return true; 1849 1850 case SMART_READ_THRESH: 1851 memset(s->io_buffer, 0, 0x200); 1852 s->io_buffer[0] = 0x01; /* smart struct version */ 1853 1854 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1855 s->io_buffer[2 + 0 + (n * 12)] = smart_attributes[n][0]; 1856 s->io_buffer[2 + 1 + (n * 12)] = smart_attributes[n][11]; 1857 } 1858 1859 /* checksum */ 1860 for (n = 0; n < 511; n++) { 1861 s->io_buffer[511] += s->io_buffer[n]; 1862 } 1863 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1864 1865 s->status = READY_STAT | SEEK_STAT; 1866 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1867 ide_set_irq(s->bus); 1868 return false; 1869 1870 case SMART_READ_DATA: 1871 memset(s->io_buffer, 0, 0x200); 1872 s->io_buffer[0] = 0x01; /* smart struct version */ 1873 1874 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) { 1875 int i; 1876 for (i = 0; i < 11; i++) { 1877 s->io_buffer[2 + i + (n * 12)] = smart_attributes[n][i]; 1878 } 1879 } 1880 1881 s->io_buffer[362] = 0x02 | (s->smart_autosave ? 0x80 : 0x00); 1882 if (s->smart_selftest_count == 0) { 1883 s->io_buffer[363] = 0; 1884 } else { 1885 s->io_buffer[363] = 1886 s->smart_selftest_data[3 + 1887 (s->smart_selftest_count - 1) * 1888 24]; 1889 } 1890 s->io_buffer[364] = 0x20; 1891 s->io_buffer[365] = 0x01; 1892 /* offline data collection capacity: execute + self-test*/ 1893 s->io_buffer[367] = (1 << 4 | 1 << 3 | 1); 1894 s->io_buffer[368] = 0x03; /* smart capability (1) */ 1895 s->io_buffer[369] = 0x00; /* smart capability (2) */ 1896 s->io_buffer[370] = 0x01; /* error logging supported */ 1897 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 1898 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 1899 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 1900 1901 for (n = 0; n < 511; n++) { 1902 s->io_buffer[511] += s->io_buffer[n]; 1903 } 1904 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1905 1906 s->status = READY_STAT | SEEK_STAT; 1907 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1908 ide_set_irq(s->bus); 1909 return false; 1910 1911 case SMART_READ_LOG: 1912 switch (s->sector) { 1913 case 0x01: /* summary smart error log */ 1914 memset(s->io_buffer, 0, 0x200); 1915 s->io_buffer[0] = 0x01; 1916 s->io_buffer[1] = 0x00; /* no error entries */ 1917 s->io_buffer[452] = s->smart_errors & 0xff; 1918 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 1919 1920 for (n = 0; n < 511; n++) { 1921 s->io_buffer[511] += s->io_buffer[n]; 1922 } 1923 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1924 break; 1925 case 0x06: /* smart self test log */ 1926 memset(s->io_buffer, 0, 0x200); 1927 s->io_buffer[0] = 0x01; 1928 if (s->smart_selftest_count == 0) { 1929 s->io_buffer[508] = 0; 1930 } else { 1931 s->io_buffer[508] = s->smart_selftest_count; 1932 for (n = 2; n < 506; n++) { 1933 s->io_buffer[n] = s->smart_selftest_data[n]; 1934 } 1935 } 1936 1937 for (n = 0; n < 511; n++) { 1938 s->io_buffer[511] += s->io_buffer[n]; 1939 } 1940 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1941 break; 1942 default: 1943 goto abort_cmd; 1944 } 1945 s->status = READY_STAT | SEEK_STAT; 1946 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1947 ide_set_irq(s->bus); 1948 return false; 1949 1950 case SMART_EXECUTE_OFFLINE: 1951 switch (s->sector) { 1952 case 0: /* off-line routine */ 1953 case 1: /* short self test */ 1954 case 2: /* extended self test */ 1955 s->smart_selftest_count++; 1956 if (s->smart_selftest_count > 21) { 1957 s->smart_selftest_count = 1; 1958 } 1959 n = 2 + (s->smart_selftest_count - 1) * 24; 1960 s->smart_selftest_data[n] = s->sector; 1961 s->smart_selftest_data[n + 1] = 0x00; /* OK and finished */ 1962 s->smart_selftest_data[n + 2] = 0x34; /* hour count lsb */ 1963 s->smart_selftest_data[n + 3] = 0x12; /* hour count msb */ 1964 break; 1965 default: 1966 goto abort_cmd; 1967 } 1968 return true; 1969 } 1970 1971 abort_cmd: 1972 ide_abort_command(s); 1973 return true; 1974 } 1975 1976 #define HD_OK (1u << IDE_HD) 1977 #define CD_OK (1u << IDE_CD) 1978 #define CFA_OK (1u << IDE_CFATA) 1979 #define HD_CFA_OK (HD_OK | CFA_OK) 1980 #define ALL_OK (HD_OK | CD_OK | CFA_OK) 1981 1982 /* Set the Disk Seek Completed status bit during completion */ 1983 #define SET_DSC (1u << 8) 1984 1985 /* See ACS-2 T13/2015-D Table B.2 Command codes */ 1986 static const struct { 1987 /* Returns true if the completion code should be run */ 1988 bool (*handler)(IDEState *s, uint8_t cmd); 1989 int flags; 1990 } ide_cmd_table[0x100] = { 1991 /* NOP not implemented, mandatory for CD */ 1992 [CFA_REQ_EXT_ERROR_CODE] = { cmd_cfa_req_ext_error_code, CFA_OK }, 1993 [WIN_DSM] = { cmd_data_set_management, HD_CFA_OK }, 1994 [WIN_DEVICE_RESET] = { cmd_device_reset, CD_OK }, 1995 [WIN_RECAL] = { cmd_nop, HD_CFA_OK | SET_DSC}, 1996 [WIN_READ] = { cmd_read_pio, ALL_OK }, 1997 [WIN_READ_ONCE] = { cmd_read_pio, HD_CFA_OK }, 1998 [WIN_READ_EXT] = { cmd_read_pio, HD_CFA_OK }, 1999 [WIN_READDMA_EXT] = { cmd_read_dma, HD_CFA_OK }, 2000 [WIN_READ_NATIVE_MAX_EXT] = { cmd_read_native_max, HD_CFA_OK | SET_DSC }, 2001 [WIN_MULTREAD_EXT] = { cmd_read_multiple, HD_CFA_OK }, 2002 [WIN_WRITE] = { cmd_write_pio, HD_CFA_OK }, 2003 [WIN_WRITE_ONCE] = { cmd_write_pio, HD_CFA_OK }, 2004 [WIN_WRITE_EXT] = { cmd_write_pio, HD_CFA_OK }, 2005 [WIN_WRITEDMA_EXT] = { cmd_write_dma, HD_CFA_OK }, 2006 [CFA_WRITE_SECT_WO_ERASE] = { cmd_write_pio, CFA_OK }, 2007 [WIN_MULTWRITE_EXT] = { cmd_write_multiple, HD_CFA_OK }, 2008 [WIN_WRITE_VERIFY] = { cmd_write_pio, HD_CFA_OK }, 2009 [WIN_VERIFY] = { cmd_verify, HD_CFA_OK | SET_DSC }, 2010 [WIN_VERIFY_ONCE] = { cmd_verify, HD_CFA_OK | SET_DSC }, 2011 [WIN_VERIFY_EXT] = { cmd_verify, HD_CFA_OK | SET_DSC }, 2012 [WIN_SEEK] = { cmd_seek, HD_CFA_OK | SET_DSC }, 2013 [CFA_TRANSLATE_SECTOR] = { cmd_cfa_translate_sector, CFA_OK }, 2014 [WIN_DIAGNOSE] = { cmd_exec_dev_diagnostic, ALL_OK }, 2015 [WIN_SPECIFY] = { cmd_nop, HD_CFA_OK | SET_DSC }, 2016 [WIN_STANDBYNOW2] = { cmd_nop, HD_CFA_OK }, 2017 [WIN_IDLEIMMEDIATE2] = { cmd_nop, HD_CFA_OK }, 2018 [WIN_STANDBY2] = { cmd_nop, HD_CFA_OK }, 2019 [WIN_SETIDLE2] = { cmd_nop, HD_CFA_OK }, 2020 [WIN_CHECKPOWERMODE2] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC }, 2021 [WIN_SLEEPNOW2] = { cmd_nop, HD_CFA_OK }, 2022 [WIN_PACKETCMD] = { cmd_packet, CD_OK }, 2023 [WIN_PIDENTIFY] = { cmd_identify_packet, CD_OK }, 2024 [WIN_SMART] = { cmd_smart, HD_CFA_OK | SET_DSC }, 2025 [CFA_ACCESS_METADATA_STORAGE] = { cmd_cfa_access_metadata_storage, CFA_OK }, 2026 [CFA_ERASE_SECTORS] = { cmd_cfa_erase_sectors, CFA_OK | SET_DSC }, 2027 [WIN_MULTREAD] = { cmd_read_multiple, HD_CFA_OK }, 2028 [WIN_MULTWRITE] = { cmd_write_multiple, HD_CFA_OK }, 2029 [WIN_SETMULT] = { cmd_set_multiple_mode, HD_CFA_OK | SET_DSC }, 2030 [WIN_READDMA] = { cmd_read_dma, HD_CFA_OK }, 2031 [WIN_READDMA_ONCE] = { cmd_read_dma, HD_CFA_OK }, 2032 [WIN_WRITEDMA] = { cmd_write_dma, HD_CFA_OK }, 2033 [WIN_WRITEDMA_ONCE] = { cmd_write_dma, HD_CFA_OK }, 2034 [CFA_WRITE_MULTI_WO_ERASE] = { cmd_write_multiple, CFA_OK }, 2035 [WIN_STANDBYNOW1] = { cmd_nop, HD_CFA_OK }, 2036 [WIN_IDLEIMMEDIATE] = { cmd_nop, HD_CFA_OK }, 2037 [WIN_STANDBY] = { cmd_nop, HD_CFA_OK }, 2038 [WIN_SETIDLE1] = { cmd_nop, HD_CFA_OK }, 2039 [WIN_CHECKPOWERMODE1] = { cmd_check_power_mode, HD_CFA_OK | SET_DSC }, 2040 [WIN_SLEEPNOW1] = { cmd_nop, HD_CFA_OK }, 2041 [WIN_FLUSH_CACHE] = { cmd_flush_cache, ALL_OK }, 2042 [WIN_FLUSH_CACHE_EXT] = { cmd_flush_cache, HD_CFA_OK }, 2043 [WIN_IDENTIFY] = { cmd_identify, ALL_OK }, 2044 [WIN_SETFEATURES] = { cmd_set_features, ALL_OK | SET_DSC }, 2045 [IBM_SENSE_CONDITION] = { cmd_ibm_sense_condition, CFA_OK | SET_DSC }, 2046 [CFA_WEAR_LEVEL] = { cmd_cfa_erase_sectors, HD_CFA_OK | SET_DSC }, 2047 [WIN_READ_NATIVE_MAX] = { cmd_read_native_max, HD_CFA_OK | SET_DSC }, 2048 }; 2049 2050 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) 2051 { 2052 return cmd < ARRAY_SIZE(ide_cmd_table) 2053 && (ide_cmd_table[cmd].flags & (1u << s->drive_kind)); 2054 } 2055 2056 void ide_exec_cmd(IDEBus *bus, uint32_t val) 2057 { 2058 IDEState *s; 2059 bool complete; 2060 2061 s = idebus_active_if(bus); 2062 trace_ide_exec_cmd(bus, s, val); 2063 2064 /* ignore commands to non existent slave */ 2065 if (s != bus->ifs && !s->blk) { 2066 return; 2067 } 2068 2069 /* Only RESET is allowed while BSY and/or DRQ are set, 2070 * and only to ATAPI devices. */ 2071 if (s->status & (BUSY_STAT|DRQ_STAT)) { 2072 if (val != WIN_DEVICE_RESET || s->drive_kind != IDE_CD) { 2073 return; 2074 } 2075 } 2076 2077 if (!ide_cmd_permitted(s, val)) { 2078 ide_abort_command(s); 2079 ide_set_irq(s->bus); 2080 return; 2081 } 2082 2083 s->status = READY_STAT | BUSY_STAT; 2084 s->error = 0; 2085 s->io_buffer_offset = 0; 2086 2087 complete = ide_cmd_table[val].handler(s, val); 2088 if (complete) { 2089 s->status &= ~BUSY_STAT; 2090 assert(!!s->error == !!(s->status & ERR_STAT)); 2091 2092 if ((ide_cmd_table[val].flags & SET_DSC) && !s->error) { 2093 s->status |= SEEK_STAT; 2094 } 2095 2096 ide_cmd_done(s); 2097 ide_set_irq(s->bus); 2098 } 2099 } 2100 2101 /* IOport [R]ead [R]egisters */ 2102 enum ATA_IOPORT_RR { 2103 ATA_IOPORT_RR_DATA = 0, 2104 ATA_IOPORT_RR_ERROR = 1, 2105 ATA_IOPORT_RR_SECTOR_COUNT = 2, 2106 ATA_IOPORT_RR_SECTOR_NUMBER = 3, 2107 ATA_IOPORT_RR_CYLINDER_LOW = 4, 2108 ATA_IOPORT_RR_CYLINDER_HIGH = 5, 2109 ATA_IOPORT_RR_DEVICE_HEAD = 6, 2110 ATA_IOPORT_RR_STATUS = 7, 2111 ATA_IOPORT_RR_NUM_REGISTERS, 2112 }; 2113 2114 const char *ATA_IOPORT_RR_lookup[ATA_IOPORT_RR_NUM_REGISTERS] = { 2115 [ATA_IOPORT_RR_DATA] = "Data", 2116 [ATA_IOPORT_RR_ERROR] = "Error", 2117 [ATA_IOPORT_RR_SECTOR_COUNT] = "Sector Count", 2118 [ATA_IOPORT_RR_SECTOR_NUMBER] = "Sector Number", 2119 [ATA_IOPORT_RR_CYLINDER_LOW] = "Cylinder Low", 2120 [ATA_IOPORT_RR_CYLINDER_HIGH] = "Cylinder High", 2121 [ATA_IOPORT_RR_DEVICE_HEAD] = "Device/Head", 2122 [ATA_IOPORT_RR_STATUS] = "Status" 2123 }; 2124 2125 uint32_t ide_ioport_read(void *opaque, uint32_t addr) 2126 { 2127 IDEBus *bus = opaque; 2128 IDEState *s = idebus_active_if(bus); 2129 uint32_t reg_num; 2130 int ret, hob; 2131 2132 reg_num = addr & 7; 2133 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 2134 //hob = s->select & (1 << 7); 2135 hob = 0; 2136 switch (reg_num) { 2137 case ATA_IOPORT_RR_DATA: 2138 ret = 0xff; 2139 break; 2140 case ATA_IOPORT_RR_ERROR: 2141 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2142 (s != bus->ifs && !s->blk)) { 2143 ret = 0; 2144 } else if (!hob) { 2145 ret = s->error; 2146 } else { 2147 ret = s->hob_feature; 2148 } 2149 break; 2150 case ATA_IOPORT_RR_SECTOR_COUNT: 2151 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2152 ret = 0; 2153 } else if (!hob) { 2154 ret = s->nsector & 0xff; 2155 } else { 2156 ret = s->hob_nsector; 2157 } 2158 break; 2159 case ATA_IOPORT_RR_SECTOR_NUMBER: 2160 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2161 ret = 0; 2162 } else if (!hob) { 2163 ret = s->sector; 2164 } else { 2165 ret = s->hob_sector; 2166 } 2167 break; 2168 case ATA_IOPORT_RR_CYLINDER_LOW: 2169 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2170 ret = 0; 2171 } else if (!hob) { 2172 ret = s->lcyl; 2173 } else { 2174 ret = s->hob_lcyl; 2175 } 2176 break; 2177 case ATA_IOPORT_RR_CYLINDER_HIGH: 2178 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2179 ret = 0; 2180 } else if (!hob) { 2181 ret = s->hcyl; 2182 } else { 2183 ret = s->hob_hcyl; 2184 } 2185 break; 2186 case ATA_IOPORT_RR_DEVICE_HEAD: 2187 if (!bus->ifs[0].blk && !bus->ifs[1].blk) { 2188 ret = 0; 2189 } else { 2190 ret = s->select; 2191 } 2192 break; 2193 default: 2194 case ATA_IOPORT_RR_STATUS: 2195 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2196 (s != bus->ifs && !s->blk)) { 2197 ret = 0; 2198 } else { 2199 ret = s->status; 2200 } 2201 qemu_irq_lower(bus->irq); 2202 break; 2203 } 2204 2205 trace_ide_ioport_read(addr, ATA_IOPORT_RR_lookup[reg_num], ret, bus, s); 2206 return ret; 2207 } 2208 2209 uint32_t ide_status_read(void *opaque, uint32_t addr) 2210 { 2211 IDEBus *bus = opaque; 2212 IDEState *s = idebus_active_if(bus); 2213 int ret; 2214 2215 if ((!bus->ifs[0].blk && !bus->ifs[1].blk) || 2216 (s != bus->ifs && !s->blk)) { 2217 ret = 0; 2218 } else { 2219 ret = s->status; 2220 } 2221 2222 trace_ide_status_read(addr, ret, bus, s); 2223 return ret; 2224 } 2225 2226 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 2227 { 2228 IDEBus *bus = opaque; 2229 IDEState *s; 2230 int i; 2231 2232 trace_ide_cmd_write(addr, val, bus); 2233 2234 /* common for both drives */ 2235 if (!(bus->cmd & IDE_CMD_RESET) && 2236 (val & IDE_CMD_RESET)) { 2237 /* reset low to high */ 2238 for(i = 0;i < 2; i++) { 2239 s = &bus->ifs[i]; 2240 s->status = BUSY_STAT | SEEK_STAT; 2241 s->error = 0x01; 2242 } 2243 } else if ((bus->cmd & IDE_CMD_RESET) && 2244 !(val & IDE_CMD_RESET)) { 2245 /* high to low */ 2246 for(i = 0;i < 2; i++) { 2247 s = &bus->ifs[i]; 2248 if (s->drive_kind == IDE_CD) 2249 s->status = 0x00; /* NOTE: READY is _not_ set */ 2250 else 2251 s->status = READY_STAT | SEEK_STAT; 2252 ide_set_signature(s); 2253 } 2254 } 2255 2256 bus->cmd = val; 2257 } 2258 2259 /* 2260 * Returns true if the running PIO transfer is a PIO out (i.e. data is 2261 * transferred from the device to the guest), false if it's a PIO in 2262 */ 2263 static bool ide_is_pio_out(IDEState *s) 2264 { 2265 if (s->end_transfer_func == ide_sector_write || 2266 s->end_transfer_func == ide_atapi_cmd) { 2267 return false; 2268 } else if (s->end_transfer_func == ide_sector_read || 2269 s->end_transfer_func == ide_transfer_stop || 2270 s->end_transfer_func == ide_atapi_cmd_reply_end || 2271 s->end_transfer_func == ide_dummy_transfer_stop) { 2272 return true; 2273 } 2274 2275 abort(); 2276 } 2277 2278 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 2279 { 2280 IDEBus *bus = opaque; 2281 IDEState *s = idebus_active_if(bus); 2282 uint8_t *p; 2283 2284 trace_ide_data_writew(addr, val, bus, s); 2285 2286 /* PIO data access allowed only when DRQ bit is set. The result of a write 2287 * during PIO out is indeterminate, just ignore it. */ 2288 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 2289 return; 2290 } 2291 2292 p = s->data_ptr; 2293 if (p + 2 > s->data_end) { 2294 return; 2295 } 2296 2297 *(uint16_t *)p = le16_to_cpu(val); 2298 p += 2; 2299 s->data_ptr = p; 2300 if (p >= s->data_end) { 2301 s->status &= ~DRQ_STAT; 2302 s->end_transfer_func(s); 2303 } 2304 } 2305 2306 uint32_t ide_data_readw(void *opaque, uint32_t addr) 2307 { 2308 IDEBus *bus = opaque; 2309 IDEState *s = idebus_active_if(bus); 2310 uint8_t *p; 2311 int ret; 2312 2313 /* PIO data access allowed only when DRQ bit is set. The result of a read 2314 * during PIO in is indeterminate, return 0 and don't move forward. */ 2315 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 2316 return 0; 2317 } 2318 2319 p = s->data_ptr; 2320 if (p + 2 > s->data_end) { 2321 return 0; 2322 } 2323 2324 ret = cpu_to_le16(*(uint16_t *)p); 2325 p += 2; 2326 s->data_ptr = p; 2327 if (p >= s->data_end) { 2328 s->status &= ~DRQ_STAT; 2329 s->end_transfer_func(s); 2330 } 2331 2332 trace_ide_data_readw(addr, ret, bus, s); 2333 return ret; 2334 } 2335 2336 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 2337 { 2338 IDEBus *bus = opaque; 2339 IDEState *s = idebus_active_if(bus); 2340 uint8_t *p; 2341 2342 trace_ide_data_writel(addr, val, bus, s); 2343 2344 /* PIO data access allowed only when DRQ bit is set. The result of a write 2345 * during PIO out is indeterminate, just ignore it. */ 2346 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 2347 return; 2348 } 2349 2350 p = s->data_ptr; 2351 if (p + 4 > s->data_end) { 2352 return; 2353 } 2354 2355 *(uint32_t *)p = le32_to_cpu(val); 2356 p += 4; 2357 s->data_ptr = p; 2358 if (p >= s->data_end) { 2359 s->status &= ~DRQ_STAT; 2360 s->end_transfer_func(s); 2361 } 2362 } 2363 2364 uint32_t ide_data_readl(void *opaque, uint32_t addr) 2365 { 2366 IDEBus *bus = opaque; 2367 IDEState *s = idebus_active_if(bus); 2368 uint8_t *p; 2369 int ret; 2370 2371 /* PIO data access allowed only when DRQ bit is set. The result of a read 2372 * during PIO in is indeterminate, return 0 and don't move forward. */ 2373 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 2374 ret = 0; 2375 goto out; 2376 } 2377 2378 p = s->data_ptr; 2379 if (p + 4 > s->data_end) { 2380 return 0; 2381 } 2382 2383 ret = cpu_to_le32(*(uint32_t *)p); 2384 p += 4; 2385 s->data_ptr = p; 2386 if (p >= s->data_end) { 2387 s->status &= ~DRQ_STAT; 2388 s->end_transfer_func(s); 2389 } 2390 2391 out: 2392 trace_ide_data_readl(addr, ret, bus, s); 2393 return ret; 2394 } 2395 2396 static void ide_dummy_transfer_stop(IDEState *s) 2397 { 2398 s->data_ptr = s->io_buffer; 2399 s->data_end = s->io_buffer; 2400 s->io_buffer[0] = 0xff; 2401 s->io_buffer[1] = 0xff; 2402 s->io_buffer[2] = 0xff; 2403 s->io_buffer[3] = 0xff; 2404 } 2405 2406 void ide_bus_reset(IDEBus *bus) 2407 { 2408 bus->unit = 0; 2409 bus->cmd = 0; 2410 ide_reset(&bus->ifs[0]); 2411 ide_reset(&bus->ifs[1]); 2412 ide_clear_hob(bus); 2413 2414 /* pending async DMA */ 2415 if (bus->dma->aiocb) { 2416 trace_ide_bus_reset_aio(); 2417 blk_aio_cancel(bus->dma->aiocb); 2418 bus->dma->aiocb = NULL; 2419 } 2420 2421 /* reset dma provider too */ 2422 if (bus->dma->ops->reset) { 2423 bus->dma->ops->reset(bus->dma); 2424 } 2425 } 2426 2427 static bool ide_cd_is_tray_open(void *opaque) 2428 { 2429 return ((IDEState *)opaque)->tray_open; 2430 } 2431 2432 static bool ide_cd_is_medium_locked(void *opaque) 2433 { 2434 return ((IDEState *)opaque)->tray_locked; 2435 } 2436 2437 static void ide_resize_cb(void *opaque) 2438 { 2439 IDEState *s = opaque; 2440 uint64_t nb_sectors; 2441 2442 if (!s->identify_set) { 2443 return; 2444 } 2445 2446 blk_get_geometry(s->blk, &nb_sectors); 2447 s->nb_sectors = nb_sectors; 2448 2449 /* Update the identify data buffer. */ 2450 if (s->drive_kind == IDE_CFATA) { 2451 ide_cfata_identify_size(s); 2452 } else { 2453 /* IDE_CD uses a different set of callbacks entirely. */ 2454 assert(s->drive_kind != IDE_CD); 2455 ide_identify_size(s); 2456 } 2457 } 2458 2459 static const BlockDevOps ide_cd_block_ops = { 2460 .change_media_cb = ide_cd_change_cb, 2461 .eject_request_cb = ide_cd_eject_request_cb, 2462 .is_tray_open = ide_cd_is_tray_open, 2463 .is_medium_locked = ide_cd_is_medium_locked, 2464 }; 2465 2466 static const BlockDevOps ide_hd_block_ops = { 2467 .resize_cb = ide_resize_cb, 2468 }; 2469 2470 int ide_init_drive(IDEState *s, BlockBackend *blk, IDEDriveKind kind, 2471 const char *version, const char *serial, const char *model, 2472 uint64_t wwn, 2473 uint32_t cylinders, uint32_t heads, uint32_t secs, 2474 int chs_trans, Error **errp) 2475 { 2476 uint64_t nb_sectors; 2477 2478 s->blk = blk; 2479 s->drive_kind = kind; 2480 2481 blk_get_geometry(blk, &nb_sectors); 2482 s->cylinders = cylinders; 2483 s->heads = heads; 2484 s->sectors = secs; 2485 s->chs_trans = chs_trans; 2486 s->nb_sectors = nb_sectors; 2487 s->wwn = wwn; 2488 /* The SMART values should be preserved across power cycles 2489 but they aren't. */ 2490 s->smart_enabled = 1; 2491 s->smart_autosave = 1; 2492 s->smart_errors = 0; 2493 s->smart_selftest_count = 0; 2494 if (kind == IDE_CD) { 2495 blk_set_dev_ops(blk, &ide_cd_block_ops, s); 2496 blk_set_guest_block_size(blk, 2048); 2497 } else { 2498 if (!blk_is_inserted(s->blk)) { 2499 error_setg(errp, "Device needs media, but drive is empty"); 2500 return -1; 2501 } 2502 if (blk_is_read_only(blk)) { 2503 error_setg(errp, "Can't use a read-only drive"); 2504 return -1; 2505 } 2506 blk_set_dev_ops(blk, &ide_hd_block_ops, s); 2507 } 2508 if (serial) { 2509 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial); 2510 } else { 2511 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 2512 "QM%05d", s->drive_serial); 2513 } 2514 if (model) { 2515 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model); 2516 } else { 2517 switch (kind) { 2518 case IDE_CD: 2519 strcpy(s->drive_model_str, "QEMU DVD-ROM"); 2520 break; 2521 case IDE_CFATA: 2522 strcpy(s->drive_model_str, "QEMU MICRODRIVE"); 2523 break; 2524 default: 2525 strcpy(s->drive_model_str, "QEMU HARDDISK"); 2526 break; 2527 } 2528 } 2529 2530 if (version) { 2531 pstrcpy(s->version, sizeof(s->version), version); 2532 } else { 2533 pstrcpy(s->version, sizeof(s->version), qemu_hw_version()); 2534 } 2535 2536 ide_reset(s); 2537 blk_iostatus_enable(blk); 2538 return 0; 2539 } 2540 2541 static void ide_init1(IDEBus *bus, int unit) 2542 { 2543 static int drive_serial = 1; 2544 IDEState *s = &bus->ifs[unit]; 2545 2546 s->bus = bus; 2547 s->unit = unit; 2548 s->drive_serial = drive_serial++; 2549 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */ 2550 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 2551 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len); 2552 memset(s->io_buffer, 0, s->io_buffer_total_len); 2553 2554 s->smart_selftest_data = blk_blockalign(s->blk, 512); 2555 memset(s->smart_selftest_data, 0, 512); 2556 2557 s->sector_write_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL, 2558 ide_sector_write_timer_cb, s); 2559 } 2560 2561 static int ide_nop_int(IDEDMA *dma, int x) 2562 { 2563 return 0; 2564 } 2565 2566 static void ide_nop(IDEDMA *dma) 2567 { 2568 } 2569 2570 static int32_t ide_nop_int32(IDEDMA *dma, int32_t l) 2571 { 2572 return 0; 2573 } 2574 2575 static const IDEDMAOps ide_dma_nop_ops = { 2576 .prepare_buf = ide_nop_int32, 2577 .restart_dma = ide_nop, 2578 .rw_buf = ide_nop_int, 2579 }; 2580 2581 static void ide_restart_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 2582 { 2583 s->unit = s->bus->retry_unit; 2584 ide_set_sector(s, s->bus->retry_sector_num); 2585 s->nsector = s->bus->retry_nsector; 2586 s->bus->dma->ops->restart_dma(s->bus->dma); 2587 s->io_buffer_size = 0; 2588 s->dma_cmd = dma_cmd; 2589 ide_start_dma(s, ide_dma_cb); 2590 } 2591 2592 static void ide_restart_bh(void *opaque) 2593 { 2594 IDEBus *bus = opaque; 2595 IDEState *s; 2596 bool is_read; 2597 int error_status; 2598 2599 qemu_bh_delete(bus->bh); 2600 bus->bh = NULL; 2601 2602 error_status = bus->error_status; 2603 if (bus->error_status == 0) { 2604 return; 2605 } 2606 2607 s = idebus_active_if(bus); 2608 is_read = (bus->error_status & IDE_RETRY_READ) != 0; 2609 2610 /* The error status must be cleared before resubmitting the request: The 2611 * request may fail again, and this case can only be distinguished if the 2612 * called function can set a new error status. */ 2613 bus->error_status = 0; 2614 2615 /* The HBA has generically asked to be kicked on retry */ 2616 if (error_status & IDE_RETRY_HBA) { 2617 if (s->bus->dma->ops->restart) { 2618 s->bus->dma->ops->restart(s->bus->dma); 2619 } 2620 } else if (IS_IDE_RETRY_DMA(error_status)) { 2621 if (error_status & IDE_RETRY_TRIM) { 2622 ide_restart_dma(s, IDE_DMA_TRIM); 2623 } else { 2624 ide_restart_dma(s, is_read ? IDE_DMA_READ : IDE_DMA_WRITE); 2625 } 2626 } else if (IS_IDE_RETRY_PIO(error_status)) { 2627 if (is_read) { 2628 ide_sector_read(s); 2629 } else { 2630 ide_sector_write(s); 2631 } 2632 } else if (error_status & IDE_RETRY_FLUSH) { 2633 ide_flush_cache(s); 2634 } else if (IS_IDE_RETRY_ATAPI(error_status)) { 2635 assert(s->end_transfer_func == ide_atapi_cmd); 2636 ide_atapi_dma_restart(s); 2637 } else { 2638 abort(); 2639 } 2640 } 2641 2642 static void ide_restart_cb(void *opaque, int running, RunState state) 2643 { 2644 IDEBus *bus = opaque; 2645 2646 if (!running) 2647 return; 2648 2649 if (!bus->bh) { 2650 bus->bh = qemu_bh_new(ide_restart_bh, bus); 2651 qemu_bh_schedule(bus->bh); 2652 } 2653 } 2654 2655 void ide_register_restart_cb(IDEBus *bus) 2656 { 2657 if (bus->dma->ops->restart_dma) { 2658 bus->vmstate = qemu_add_vm_change_state_handler(ide_restart_cb, bus); 2659 } 2660 } 2661 2662 static IDEDMA ide_dma_nop = { 2663 .ops = &ide_dma_nop_ops, 2664 .aiocb = NULL, 2665 }; 2666 2667 void ide_init2(IDEBus *bus, qemu_irq irq) 2668 { 2669 int i; 2670 2671 for(i = 0; i < 2; i++) { 2672 ide_init1(bus, i); 2673 ide_reset(&bus->ifs[i]); 2674 } 2675 bus->irq = irq; 2676 bus->dma = &ide_dma_nop; 2677 } 2678 2679 void ide_exit(IDEState *s) 2680 { 2681 timer_del(s->sector_write_timer); 2682 timer_free(s->sector_write_timer); 2683 qemu_vfree(s->smart_selftest_data); 2684 qemu_vfree(s->io_buffer); 2685 } 2686 2687 static const MemoryRegionPortio ide_portio_list[] = { 2688 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write }, 2689 { 0, 1, 2, .read = ide_data_readw, .write = ide_data_writew }, 2690 { 0, 1, 4, .read = ide_data_readl, .write = ide_data_writel }, 2691 PORTIO_END_OF_LIST(), 2692 }; 2693 2694 static const MemoryRegionPortio ide_portio2_list[] = { 2695 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write }, 2696 PORTIO_END_OF_LIST(), 2697 }; 2698 2699 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2) 2700 { 2701 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA 2702 bridge has been setup properly to always register with ISA. */ 2703 isa_register_portio_list(dev, &bus->portio_list, 2704 iobase, ide_portio_list, bus, "ide"); 2705 2706 if (iobase2) { 2707 isa_register_portio_list(dev, &bus->portio2_list, 2708 iobase2, ide_portio2_list, bus, "ide"); 2709 } 2710 } 2711 2712 static bool is_identify_set(void *opaque, int version_id) 2713 { 2714 IDEState *s = opaque; 2715 2716 return s->identify_set != 0; 2717 } 2718 2719 static EndTransferFunc* transfer_end_table[] = { 2720 ide_sector_read, 2721 ide_sector_write, 2722 ide_transfer_stop, 2723 ide_atapi_cmd_reply_end, 2724 ide_atapi_cmd, 2725 ide_dummy_transfer_stop, 2726 }; 2727 2728 static int transfer_end_table_idx(EndTransferFunc *fn) 2729 { 2730 int i; 2731 2732 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2733 if (transfer_end_table[i] == fn) 2734 return i; 2735 2736 return -1; 2737 } 2738 2739 static int ide_drive_post_load(void *opaque, int version_id) 2740 { 2741 IDEState *s = opaque; 2742 2743 if (s->blk && s->identify_set) { 2744 blk_set_enable_write_cache(s->blk, !!(s->identify_data[85] & (1 << 5))); 2745 } 2746 return 0; 2747 } 2748 2749 static int ide_drive_pio_post_load(void *opaque, int version_id) 2750 { 2751 IDEState *s = opaque; 2752 2753 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { 2754 return -EINVAL; 2755 } 2756 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2757 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2758 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2759 s->atapi_dma = s->feature & 1; /* as per cmd_packet */ 2760 2761 return 0; 2762 } 2763 2764 static int ide_drive_pio_pre_save(void *opaque) 2765 { 2766 IDEState *s = opaque; 2767 int idx; 2768 2769 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2770 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2771 2772 idx = transfer_end_table_idx(s->end_transfer_func); 2773 if (idx == -1) { 2774 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2775 __func__); 2776 s->end_transfer_fn_idx = 2; 2777 } else { 2778 s->end_transfer_fn_idx = idx; 2779 } 2780 2781 return 0; 2782 } 2783 2784 static bool ide_drive_pio_state_needed(void *opaque) 2785 { 2786 IDEState *s = opaque; 2787 2788 return ((s->status & DRQ_STAT) != 0) 2789 || (s->bus->error_status & IDE_RETRY_PIO); 2790 } 2791 2792 static bool ide_tray_state_needed(void *opaque) 2793 { 2794 IDEState *s = opaque; 2795 2796 return s->tray_open || s->tray_locked; 2797 } 2798 2799 static bool ide_atapi_gesn_needed(void *opaque) 2800 { 2801 IDEState *s = opaque; 2802 2803 return s->events.new_media || s->events.eject_request; 2804 } 2805 2806 static bool ide_error_needed(void *opaque) 2807 { 2808 IDEBus *bus = opaque; 2809 2810 return (bus->error_status != 0); 2811 } 2812 2813 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ 2814 static const VMStateDescription vmstate_ide_atapi_gesn_state = { 2815 .name ="ide_drive/atapi/gesn_state", 2816 .version_id = 1, 2817 .minimum_version_id = 1, 2818 .needed = ide_atapi_gesn_needed, 2819 .fields = (VMStateField[]) { 2820 VMSTATE_BOOL(events.new_media, IDEState), 2821 VMSTATE_BOOL(events.eject_request, IDEState), 2822 VMSTATE_END_OF_LIST() 2823 } 2824 }; 2825 2826 static const VMStateDescription vmstate_ide_tray_state = { 2827 .name = "ide_drive/tray_state", 2828 .version_id = 1, 2829 .minimum_version_id = 1, 2830 .needed = ide_tray_state_needed, 2831 .fields = (VMStateField[]) { 2832 VMSTATE_BOOL(tray_open, IDEState), 2833 VMSTATE_BOOL(tray_locked, IDEState), 2834 VMSTATE_END_OF_LIST() 2835 } 2836 }; 2837 2838 static const VMStateDescription vmstate_ide_drive_pio_state = { 2839 .name = "ide_drive/pio_state", 2840 .version_id = 1, 2841 .minimum_version_id = 1, 2842 .pre_save = ide_drive_pio_pre_save, 2843 .post_load = ide_drive_pio_post_load, 2844 .needed = ide_drive_pio_state_needed, 2845 .fields = (VMStateField[]) { 2846 VMSTATE_INT32(req_nb_sectors, IDEState), 2847 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2848 vmstate_info_uint8, uint8_t), 2849 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2850 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2851 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2852 VMSTATE_INT32(elementary_transfer_size, IDEState), 2853 VMSTATE_INT32(packet_transfer_size, IDEState), 2854 VMSTATE_END_OF_LIST() 2855 } 2856 }; 2857 2858 const VMStateDescription vmstate_ide_drive = { 2859 .name = "ide_drive", 2860 .version_id = 3, 2861 .minimum_version_id = 0, 2862 .post_load = ide_drive_post_load, 2863 .fields = (VMStateField[]) { 2864 VMSTATE_INT32(mult_sectors, IDEState), 2865 VMSTATE_INT32(identify_set, IDEState), 2866 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2867 VMSTATE_UINT8(feature, IDEState), 2868 VMSTATE_UINT8(error, IDEState), 2869 VMSTATE_UINT32(nsector, IDEState), 2870 VMSTATE_UINT8(sector, IDEState), 2871 VMSTATE_UINT8(lcyl, IDEState), 2872 VMSTATE_UINT8(hcyl, IDEState), 2873 VMSTATE_UINT8(hob_feature, IDEState), 2874 VMSTATE_UINT8(hob_sector, IDEState), 2875 VMSTATE_UINT8(hob_nsector, IDEState), 2876 VMSTATE_UINT8(hob_lcyl, IDEState), 2877 VMSTATE_UINT8(hob_hcyl, IDEState), 2878 VMSTATE_UINT8(select, IDEState), 2879 VMSTATE_UINT8(status, IDEState), 2880 VMSTATE_UINT8(lba48, IDEState), 2881 VMSTATE_UINT8(sense_key, IDEState), 2882 VMSTATE_UINT8(asc, IDEState), 2883 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2884 VMSTATE_END_OF_LIST() 2885 }, 2886 .subsections = (const VMStateDescription*[]) { 2887 &vmstate_ide_drive_pio_state, 2888 &vmstate_ide_tray_state, 2889 &vmstate_ide_atapi_gesn_state, 2890 NULL 2891 } 2892 }; 2893 2894 static const VMStateDescription vmstate_ide_error_status = { 2895 .name ="ide_bus/error", 2896 .version_id = 2, 2897 .minimum_version_id = 1, 2898 .needed = ide_error_needed, 2899 .fields = (VMStateField[]) { 2900 VMSTATE_INT32(error_status, IDEBus), 2901 VMSTATE_INT64_V(retry_sector_num, IDEBus, 2), 2902 VMSTATE_UINT32_V(retry_nsector, IDEBus, 2), 2903 VMSTATE_UINT8_V(retry_unit, IDEBus, 2), 2904 VMSTATE_END_OF_LIST() 2905 } 2906 }; 2907 2908 const VMStateDescription vmstate_ide_bus = { 2909 .name = "ide_bus", 2910 .version_id = 1, 2911 .minimum_version_id = 1, 2912 .fields = (VMStateField[]) { 2913 VMSTATE_UINT8(cmd, IDEBus), 2914 VMSTATE_UINT8(unit, IDEBus), 2915 VMSTATE_END_OF_LIST() 2916 }, 2917 .subsections = (const VMStateDescription*[]) { 2918 &vmstate_ide_error_status, 2919 NULL 2920 } 2921 }; 2922 2923 void ide_drive_get(DriveInfo **hd, int n) 2924 { 2925 int i; 2926 2927 for (i = 0; i < n; i++) { 2928 hd[i] = drive_get_by_index(IF_IDE, i); 2929 } 2930 } 2931