1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 #include <hw/hw.h> 26 #include <hw/pc.h> 27 #include <hw/pci.h> 28 #include <hw/isa.h> 29 #include "qemu-error.h" 30 #include "qemu-timer.h" 31 #include "sysemu.h" 32 #include "dma.h" 33 #include "blockdev.h" 34 35 #include <hw/ide/internal.h> 36 37 /* These values were based on a Seagate ST3500418AS but have been modified 38 to make more sense in QEMU */ 39 static const int smart_attributes[][12] = { 40 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */ 41 /* raw read error rate*/ 42 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06}, 43 /* spin up */ 44 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 45 /* start stop count */ 46 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14}, 47 /* remapped sectors */ 48 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24}, 49 /* power on hours */ 50 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 51 /* power cycle count */ 52 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 53 /* airflow-temperature-celsius */ 54 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32}, 55 /* end of list */ 56 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} 57 }; 58 59 static int ide_handle_rw_error(IDEState *s, int error, int op); 60 static void ide_dummy_transfer_stop(IDEState *s); 61 62 static void padstr(char *str, const char *src, int len) 63 { 64 int i, v; 65 for(i = 0; i < len; i++) { 66 if (*src) 67 v = *src++; 68 else 69 v = ' '; 70 str[i^1] = v; 71 } 72 } 73 74 static void put_le16(uint16_t *p, unsigned int v) 75 { 76 *p = cpu_to_le16(v); 77 } 78 79 static void ide_identify(IDEState *s) 80 { 81 uint16_t *p; 82 unsigned int oldsize; 83 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; 84 85 if (s->identify_set) { 86 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 87 return; 88 } 89 90 memset(s->io_buffer, 0, 512); 91 p = (uint16_t *)s->io_buffer; 92 put_le16(p + 0, 0x0040); 93 put_le16(p + 1, s->cylinders); 94 put_le16(p + 3, s->heads); 95 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 96 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 97 put_le16(p + 6, s->sectors); 98 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 99 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 100 put_le16(p + 21, 512); /* cache size in sectors */ 101 put_le16(p + 22, 4); /* ecc bytes */ 102 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 103 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 104 #if MAX_MULT_SECTORS > 1 105 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 106 #endif 107 put_le16(p + 48, 1); /* dword I/O */ 108 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 109 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 110 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 111 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 112 put_le16(p + 54, s->cylinders); 113 put_le16(p + 55, s->heads); 114 put_le16(p + 56, s->sectors); 115 oldsize = s->cylinders * s->heads * s->sectors; 116 put_le16(p + 57, oldsize); 117 put_le16(p + 58, oldsize >> 16); 118 if (s->mult_sectors) 119 put_le16(p + 59, 0x100 | s->mult_sectors); 120 put_le16(p + 60, s->nb_sectors); 121 put_le16(p + 61, s->nb_sectors >> 16); 122 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 123 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 124 put_le16(p + 64, 0x03); /* pio3-4 supported */ 125 put_le16(p + 65, 120); 126 put_le16(p + 66, 120); 127 put_le16(p + 67, 120); 128 put_le16(p + 68, 120); 129 if (dev && dev->conf.discard_granularity) { 130 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ 131 } 132 133 if (s->ncq_queues) { 134 put_le16(p + 75, s->ncq_queues - 1); 135 /* NCQ supported */ 136 put_le16(p + 76, (1 << 8)); 137 } 138 139 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 140 put_le16(p + 81, 0x16); /* conforms to ata5 */ 141 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */ 142 put_le16(p + 82, (1 << 14) | (1 << 5) | 1); 143 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 144 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 145 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 146 if (s->wwn) { 147 put_le16(p + 84, (1 << 14) | (1 << 8) | 0); 148 } else { 149 put_le16(p + 84, (1 << 14) | 0); 150 } 151 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 152 if (bdrv_enable_write_cache(s->bs)) 153 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 154 else 155 put_le16(p + 85, (1 << 14) | 1); 156 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 157 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10)); 158 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 159 if (s->wwn) { 160 put_le16(p + 87, (1 << 14) | (1 << 8) | 0); 161 } else { 162 put_le16(p + 87, (1 << 14) | 0); 163 } 164 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 165 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 166 put_le16(p + 100, s->nb_sectors); 167 put_le16(p + 101, s->nb_sectors >> 16); 168 put_le16(p + 102, s->nb_sectors >> 32); 169 put_le16(p + 103, s->nb_sectors >> 48); 170 171 if (dev && dev->conf.physical_block_size) 172 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 173 if (s->wwn) { 174 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 175 put_le16(p + 108, s->wwn >> 48); 176 put_le16(p + 109, s->wwn >> 32); 177 put_le16(p + 110, s->wwn >> 16); 178 put_le16(p + 111, s->wwn); 179 } 180 if (dev && dev->conf.discard_granularity) { 181 put_le16(p + 169, 1); /* TRIM support */ 182 } 183 184 memcpy(s->identify_data, p, sizeof(s->identify_data)); 185 s->identify_set = 1; 186 } 187 188 static void ide_atapi_identify(IDEState *s) 189 { 190 uint16_t *p; 191 192 if (s->identify_set) { 193 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 194 return; 195 } 196 197 memset(s->io_buffer, 0, 512); 198 p = (uint16_t *)s->io_buffer; 199 /* Removable CDROM, 50us response, 12 byte packets */ 200 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 201 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 202 put_le16(p + 20, 3); /* buffer type */ 203 put_le16(p + 21, 512); /* cache size in sectors */ 204 put_le16(p + 22, 4); /* ecc bytes */ 205 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 206 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 207 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 208 #ifdef USE_DMA_CDROM 209 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 210 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 211 put_le16(p + 62, 7); /* single word dma0-2 supported */ 212 put_le16(p + 63, 7); /* mdma0-2 supported */ 213 #else 214 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 215 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 216 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 217 #endif 218 put_le16(p + 64, 3); /* pio3-4 supported */ 219 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 220 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 221 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 222 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 223 224 put_le16(p + 71, 30); /* in ns */ 225 put_le16(p + 72, 30); /* in ns */ 226 227 if (s->ncq_queues) { 228 put_le16(p + 75, s->ncq_queues - 1); 229 /* NCQ supported */ 230 put_le16(p + 76, (1 << 8)); 231 } 232 233 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 234 #ifdef USE_DMA_CDROM 235 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 236 #endif 237 memcpy(s->identify_data, p, sizeof(s->identify_data)); 238 s->identify_set = 1; 239 } 240 241 static void ide_cfata_identify(IDEState *s) 242 { 243 uint16_t *p; 244 uint32_t cur_sec; 245 246 p = (uint16_t *) s->identify_data; 247 if (s->identify_set) 248 goto fill_buffer; 249 250 memset(p, 0, sizeof(s->identify_data)); 251 252 cur_sec = s->cylinders * s->heads * s->sectors; 253 254 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 255 put_le16(p + 1, s->cylinders); /* Default cylinders */ 256 put_le16(p + 3, s->heads); /* Default heads */ 257 put_le16(p + 6, s->sectors); /* Default sectors per track */ 258 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 259 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 260 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 261 put_le16(p + 22, 0x0004); /* ECC bytes */ 262 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 263 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */ 264 #if MAX_MULT_SECTORS > 1 265 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 266 #else 267 put_le16(p + 47, 0x0000); 268 #endif 269 put_le16(p + 49, 0x0f00); /* Capabilities */ 270 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 271 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 272 put_le16(p + 53, 0x0003); /* Translation params valid */ 273 put_le16(p + 54, s->cylinders); /* Current cylinders */ 274 put_le16(p + 55, s->heads); /* Current heads */ 275 put_le16(p + 56, s->sectors); /* Current sectors */ 276 put_le16(p + 57, cur_sec); /* Current capacity */ 277 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 278 if (s->mult_sectors) /* Multiple sector setting */ 279 put_le16(p + 59, 0x100 | s->mult_sectors); 280 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 281 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 282 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 283 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 284 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 285 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 286 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 287 put_le16(p + 82, 0x400c); /* Command Set supported */ 288 put_le16(p + 83, 0x7068); /* Command Set supported */ 289 put_le16(p + 84, 0x4000); /* Features supported */ 290 put_le16(p + 85, 0x000c); /* Command Set enabled */ 291 put_le16(p + 86, 0x7044); /* Command Set enabled */ 292 put_le16(p + 87, 0x4000); /* Features enabled */ 293 put_le16(p + 91, 0x4060); /* Current APM level */ 294 put_le16(p + 129, 0x0002); /* Current features option */ 295 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 296 put_le16(p + 131, 0x0001); /* Initial power mode */ 297 put_le16(p + 132, 0x0000); /* User signature */ 298 put_le16(p + 160, 0x8100); /* Power requirement */ 299 put_le16(p + 161, 0x8001); /* CF command set */ 300 301 s->identify_set = 1; 302 303 fill_buffer: 304 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 305 } 306 307 static void ide_set_signature(IDEState *s) 308 { 309 s->select &= 0xf0; /* clear head */ 310 /* put signature */ 311 s->nsector = 1; 312 s->sector = 1; 313 if (s->drive_kind == IDE_CD) { 314 s->lcyl = 0x14; 315 s->hcyl = 0xeb; 316 } else if (s->bs) { 317 s->lcyl = 0; 318 s->hcyl = 0; 319 } else { 320 s->lcyl = 0xff; 321 s->hcyl = 0xff; 322 } 323 } 324 325 typedef struct TrimAIOCB { 326 BlockDriverAIOCB common; 327 QEMUBH *bh; 328 int ret; 329 } TrimAIOCB; 330 331 static void trim_aio_cancel(BlockDriverAIOCB *acb) 332 { 333 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); 334 335 qemu_bh_delete(iocb->bh); 336 iocb->bh = NULL; 337 qemu_aio_release(iocb); 338 } 339 340 static AIOPool trim_aio_pool = { 341 .aiocb_size = sizeof(TrimAIOCB), 342 .cancel = trim_aio_cancel, 343 }; 344 345 static void ide_trim_bh_cb(void *opaque) 346 { 347 TrimAIOCB *iocb = opaque; 348 349 iocb->common.cb(iocb->common.opaque, iocb->ret); 350 351 qemu_bh_delete(iocb->bh); 352 iocb->bh = NULL; 353 354 qemu_aio_release(iocb); 355 } 356 357 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs, 358 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors, 359 BlockDriverCompletionFunc *cb, void *opaque) 360 { 361 TrimAIOCB *iocb; 362 int i, j, ret; 363 364 iocb = qemu_aio_get(&trim_aio_pool, bs, cb, opaque); 365 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); 366 iocb->ret = 0; 367 368 for (j = 0; j < qiov->niov; j++) { 369 uint64_t *buffer = qiov->iov[j].iov_base; 370 371 for (i = 0; i < qiov->iov[j].iov_len / 8; i++) { 372 /* 6-byte LBA + 2-byte range per entry */ 373 uint64_t entry = le64_to_cpu(buffer[i]); 374 uint64_t sector = entry & 0x0000ffffffffffffULL; 375 uint16_t count = entry >> 48; 376 377 if (count == 0) { 378 break; 379 } 380 381 ret = bdrv_discard(bs, sector, count); 382 if (!iocb->ret) { 383 iocb->ret = ret; 384 } 385 } 386 } 387 388 qemu_bh_schedule(iocb->bh); 389 390 return &iocb->common; 391 } 392 393 static inline void ide_abort_command(IDEState *s) 394 { 395 s->status = READY_STAT | ERR_STAT; 396 s->error = ABRT_ERR; 397 } 398 399 /* prepare data transfer and tell what to do after */ 400 void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 401 EndTransferFunc *end_transfer_func) 402 { 403 s->end_transfer_func = end_transfer_func; 404 s->data_ptr = buf; 405 s->data_end = buf + size; 406 if (!(s->status & ERR_STAT)) { 407 s->status |= DRQ_STAT; 408 } 409 s->bus->dma->ops->start_transfer(s->bus->dma); 410 } 411 412 void ide_transfer_stop(IDEState *s) 413 { 414 s->end_transfer_func = ide_transfer_stop; 415 s->data_ptr = s->io_buffer; 416 s->data_end = s->io_buffer; 417 s->status &= ~DRQ_STAT; 418 } 419 420 int64_t ide_get_sector(IDEState *s) 421 { 422 int64_t sector_num; 423 if (s->select & 0x40) { 424 /* lba */ 425 if (!s->lba48) { 426 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 427 (s->lcyl << 8) | s->sector; 428 } else { 429 sector_num = ((int64_t)s->hob_hcyl << 40) | 430 ((int64_t) s->hob_lcyl << 32) | 431 ((int64_t) s->hob_sector << 24) | 432 ((int64_t) s->hcyl << 16) | 433 ((int64_t) s->lcyl << 8) | s->sector; 434 } 435 } else { 436 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 437 (s->select & 0x0f) * s->sectors + (s->sector - 1); 438 } 439 return sector_num; 440 } 441 442 void ide_set_sector(IDEState *s, int64_t sector_num) 443 { 444 unsigned int cyl, r; 445 if (s->select & 0x40) { 446 if (!s->lba48) { 447 s->select = (s->select & 0xf0) | (sector_num >> 24); 448 s->hcyl = (sector_num >> 16); 449 s->lcyl = (sector_num >> 8); 450 s->sector = (sector_num); 451 } else { 452 s->sector = sector_num; 453 s->lcyl = sector_num >> 8; 454 s->hcyl = sector_num >> 16; 455 s->hob_sector = sector_num >> 24; 456 s->hob_lcyl = sector_num >> 32; 457 s->hob_hcyl = sector_num >> 40; 458 } 459 } else { 460 cyl = sector_num / (s->heads * s->sectors); 461 r = sector_num % (s->heads * s->sectors); 462 s->hcyl = cyl >> 8; 463 s->lcyl = cyl; 464 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 465 s->sector = (r % s->sectors) + 1; 466 } 467 } 468 469 static void ide_rw_error(IDEState *s) { 470 ide_abort_command(s); 471 ide_set_irq(s->bus); 472 } 473 474 static void ide_sector_read_cb(void *opaque, int ret) 475 { 476 IDEState *s = opaque; 477 int n; 478 479 s->pio_aiocb = NULL; 480 s->status &= ~BUSY_STAT; 481 482 bdrv_acct_done(s->bs, &s->acct); 483 if (ret != 0) { 484 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY | 485 BM_STATUS_RETRY_READ)) { 486 return; 487 } 488 } 489 490 n = s->nsector; 491 if (n > s->req_nb_sectors) { 492 n = s->req_nb_sectors; 493 } 494 495 /* Allow the guest to read the io_buffer */ 496 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read); 497 498 ide_set_irq(s->bus); 499 500 ide_set_sector(s, ide_get_sector(s) + n); 501 s->nsector -= n; 502 } 503 504 void ide_sector_read(IDEState *s) 505 { 506 int64_t sector_num; 507 int n; 508 509 s->status = READY_STAT | SEEK_STAT; 510 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 511 sector_num = ide_get_sector(s); 512 n = s->nsector; 513 514 if (n == 0) { 515 ide_transfer_stop(s); 516 return; 517 } 518 519 s->status |= BUSY_STAT; 520 521 if (n > s->req_nb_sectors) { 522 n = s->req_nb_sectors; 523 } 524 525 #if defined(DEBUG_IDE) 526 printf("sector=%" PRId64 "\n", sector_num); 527 #endif 528 529 s->iov.iov_base = s->io_buffer; 530 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 531 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 532 533 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 534 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n, 535 ide_sector_read_cb, s); 536 } 537 538 static void dma_buf_commit(IDEState *s) 539 { 540 qemu_sglist_destroy(&s->sg); 541 } 542 543 void ide_set_inactive(IDEState *s) 544 { 545 s->bus->dma->aiocb = NULL; 546 s->bus->dma->ops->set_inactive(s->bus->dma); 547 } 548 549 void ide_dma_error(IDEState *s) 550 { 551 ide_transfer_stop(s); 552 s->error = ABRT_ERR; 553 s->status = READY_STAT | ERR_STAT; 554 ide_set_inactive(s); 555 ide_set_irq(s->bus); 556 } 557 558 static int ide_handle_rw_error(IDEState *s, int error, int op) 559 { 560 int is_read = (op & BM_STATUS_RETRY_READ); 561 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read); 562 563 if (action == BLOCK_ERR_IGNORE) { 564 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_IGNORE, is_read); 565 return 0; 566 } 567 568 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC) 569 || action == BLOCK_ERR_STOP_ANY) { 570 s->bus->dma->ops->set_unit(s->bus->dma, s->unit); 571 s->bus->error_status = op; 572 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_STOP, is_read); 573 vm_stop(RUN_STATE_IO_ERROR); 574 bdrv_iostatus_set_err(s->bs, error); 575 } else { 576 if (op & BM_STATUS_DMA_RETRY) { 577 dma_buf_commit(s); 578 ide_dma_error(s); 579 } else { 580 ide_rw_error(s); 581 } 582 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_REPORT, is_read); 583 } 584 585 return 1; 586 } 587 588 void ide_dma_cb(void *opaque, int ret) 589 { 590 IDEState *s = opaque; 591 int n; 592 int64_t sector_num; 593 594 if (ret < 0) { 595 int op = BM_STATUS_DMA_RETRY; 596 597 if (s->dma_cmd == IDE_DMA_READ) 598 op |= BM_STATUS_RETRY_READ; 599 else if (s->dma_cmd == IDE_DMA_TRIM) 600 op |= BM_STATUS_RETRY_TRIM; 601 602 if (ide_handle_rw_error(s, -ret, op)) { 603 return; 604 } 605 } 606 607 n = s->io_buffer_size >> 9; 608 sector_num = ide_get_sector(s); 609 if (n > 0) { 610 dma_buf_commit(s); 611 sector_num += n; 612 ide_set_sector(s, sector_num); 613 s->nsector -= n; 614 } 615 616 /* end of transfer ? */ 617 if (s->nsector == 0) { 618 s->status = READY_STAT | SEEK_STAT; 619 ide_set_irq(s->bus); 620 goto eot; 621 } 622 623 /* launch next transfer */ 624 n = s->nsector; 625 s->io_buffer_index = 0; 626 s->io_buffer_size = n * 512; 627 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) { 628 /* The PRDs were too short. Reset the Active bit, but don't raise an 629 * interrupt. */ 630 goto eot; 631 } 632 633 #ifdef DEBUG_AIO 634 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n", 635 sector_num, n, s->dma_cmd); 636 #endif 637 638 switch (s->dma_cmd) { 639 case IDE_DMA_READ: 640 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, 641 ide_dma_cb, s); 642 break; 643 case IDE_DMA_WRITE: 644 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, 645 ide_dma_cb, s); 646 break; 647 case IDE_DMA_TRIM: 648 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num, 649 ide_issue_trim, ide_dma_cb, s, 650 DMA_DIRECTION_TO_DEVICE); 651 break; 652 } 653 return; 654 655 eot: 656 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) { 657 bdrv_acct_done(s->bs, &s->acct); 658 } 659 ide_set_inactive(s); 660 } 661 662 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 663 { 664 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; 665 s->io_buffer_index = 0; 666 s->io_buffer_size = 0; 667 s->dma_cmd = dma_cmd; 668 669 switch (dma_cmd) { 670 case IDE_DMA_READ: 671 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 672 BDRV_ACCT_READ); 673 break; 674 case IDE_DMA_WRITE: 675 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 676 BDRV_ACCT_WRITE); 677 break; 678 default: 679 break; 680 } 681 682 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb); 683 } 684 685 static void ide_sector_write_timer_cb(void *opaque) 686 { 687 IDEState *s = opaque; 688 ide_set_irq(s->bus); 689 } 690 691 static void ide_sector_write_cb(void *opaque, int ret) 692 { 693 IDEState *s = opaque; 694 int n; 695 696 bdrv_acct_done(s->bs, &s->acct); 697 698 s->pio_aiocb = NULL; 699 s->status &= ~BUSY_STAT; 700 701 if (ret != 0) { 702 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) { 703 return; 704 } 705 } 706 707 n = s->nsector; 708 if (n > s->req_nb_sectors) { 709 n = s->req_nb_sectors; 710 } 711 s->nsector -= n; 712 if (s->nsector == 0) { 713 /* no more sectors to write */ 714 ide_transfer_stop(s); 715 } else { 716 int n1 = s->nsector; 717 if (n1 > s->req_nb_sectors) { 718 n1 = s->req_nb_sectors; 719 } 720 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE, 721 ide_sector_write); 722 } 723 ide_set_sector(s, ide_get_sector(s) + n); 724 725 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 726 /* It seems there is a bug in the Windows 2000 installer HDD 727 IDE driver which fills the disk with empty logs when the 728 IDE write IRQ comes too early. This hack tries to correct 729 that at the expense of slower write performances. Use this 730 option _only_ to install Windows 2000. You must disable it 731 for normal use. */ 732 qemu_mod_timer(s->sector_write_timer, 733 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000)); 734 } else { 735 ide_set_irq(s->bus); 736 } 737 } 738 739 void ide_sector_write(IDEState *s) 740 { 741 int64_t sector_num; 742 int n; 743 744 s->status = READY_STAT | SEEK_STAT | BUSY_STAT; 745 sector_num = ide_get_sector(s); 746 #if defined(DEBUG_IDE) 747 printf("sector=%" PRId64 "\n", sector_num); 748 #endif 749 n = s->nsector; 750 if (n > s->req_nb_sectors) { 751 n = s->req_nb_sectors; 752 } 753 754 s->iov.iov_base = s->io_buffer; 755 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 756 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 757 758 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 759 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n, 760 ide_sector_write_cb, s); 761 } 762 763 static void ide_flush_cb(void *opaque, int ret) 764 { 765 IDEState *s = opaque; 766 767 if (ret < 0) { 768 /* XXX: What sector number to set here? */ 769 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) { 770 return; 771 } 772 } 773 774 bdrv_acct_done(s->bs, &s->acct); 775 s->status = READY_STAT | SEEK_STAT; 776 ide_set_irq(s->bus); 777 } 778 779 void ide_flush_cache(IDEState *s) 780 { 781 if (s->bs == NULL) { 782 ide_flush_cb(s, 0); 783 return; 784 } 785 786 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH); 787 bdrv_aio_flush(s->bs, ide_flush_cb, s); 788 } 789 790 static void ide_cfata_metadata_inquiry(IDEState *s) 791 { 792 uint16_t *p; 793 uint32_t spd; 794 795 p = (uint16_t *) s->io_buffer; 796 memset(p, 0, 0x200); 797 spd = ((s->mdata_size - 1) >> 9) + 1; 798 799 put_le16(p + 0, 0x0001); /* Data format revision */ 800 put_le16(p + 1, 0x0000); /* Media property: silicon */ 801 put_le16(p + 2, s->media_changed); /* Media status */ 802 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 803 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 804 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 805 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 806 } 807 808 static void ide_cfata_metadata_read(IDEState *s) 809 { 810 uint16_t *p; 811 812 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 813 s->status = ERR_STAT; 814 s->error = ABRT_ERR; 815 return; 816 } 817 818 p = (uint16_t *) s->io_buffer; 819 memset(p, 0, 0x200); 820 821 put_le16(p + 0, s->media_changed); /* Media status */ 822 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 823 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 824 s->nsector << 9), 0x200 - 2)); 825 } 826 827 static void ide_cfata_metadata_write(IDEState *s) 828 { 829 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 830 s->status = ERR_STAT; 831 s->error = ABRT_ERR; 832 return; 833 } 834 835 s->media_changed = 0; 836 837 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 838 s->io_buffer + 2, 839 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 840 s->nsector << 9), 0x200 - 2)); 841 } 842 843 /* called when the inserted state of the media has changed */ 844 static void ide_cd_change_cb(void *opaque, bool load) 845 { 846 IDEState *s = opaque; 847 uint64_t nb_sectors; 848 849 s->tray_open = !load; 850 bdrv_get_geometry(s->bs, &nb_sectors); 851 s->nb_sectors = nb_sectors; 852 853 /* 854 * First indicate to the guest that a CD has been removed. That's 855 * done on the next command the guest sends us. 856 * 857 * Then we set UNIT_ATTENTION, by which the guest will 858 * detect a new CD in the drive. See ide_atapi_cmd() for details. 859 */ 860 s->cdrom_changed = 1; 861 s->events.new_media = true; 862 s->events.eject_request = false; 863 ide_set_irq(s->bus); 864 } 865 866 static void ide_cd_eject_request_cb(void *opaque, bool force) 867 { 868 IDEState *s = opaque; 869 870 s->events.eject_request = true; 871 if (force) { 872 s->tray_locked = false; 873 } 874 ide_set_irq(s->bus); 875 } 876 877 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 878 { 879 s->lba48 = lba48; 880 881 /* handle the 'magic' 0 nsector count conversion here. to avoid 882 * fiddling with the rest of the read logic, we just store the 883 * full sector count in ->nsector and ignore ->hob_nsector from now 884 */ 885 if (!s->lba48) { 886 if (!s->nsector) 887 s->nsector = 256; 888 } else { 889 if (!s->nsector && !s->hob_nsector) 890 s->nsector = 65536; 891 else { 892 int lo = s->nsector; 893 int hi = s->hob_nsector; 894 895 s->nsector = (hi << 8) | lo; 896 } 897 } 898 } 899 900 static void ide_clear_hob(IDEBus *bus) 901 { 902 /* any write clears HOB high bit of device control register */ 903 bus->ifs[0].select &= ~(1 << 7); 904 bus->ifs[1].select &= ~(1 << 7); 905 } 906 907 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 908 { 909 IDEBus *bus = opaque; 910 911 #ifdef DEBUG_IDE 912 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val); 913 #endif 914 915 addr &= 7; 916 917 /* ignore writes to command block while busy with previous command */ 918 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT))) 919 return; 920 921 switch(addr) { 922 case 0: 923 break; 924 case 1: 925 ide_clear_hob(bus); 926 /* NOTE: data is written to the two drives */ 927 bus->ifs[0].hob_feature = bus->ifs[0].feature; 928 bus->ifs[1].hob_feature = bus->ifs[1].feature; 929 bus->ifs[0].feature = val; 930 bus->ifs[1].feature = val; 931 break; 932 case 2: 933 ide_clear_hob(bus); 934 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 935 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 936 bus->ifs[0].nsector = val; 937 bus->ifs[1].nsector = val; 938 break; 939 case 3: 940 ide_clear_hob(bus); 941 bus->ifs[0].hob_sector = bus->ifs[0].sector; 942 bus->ifs[1].hob_sector = bus->ifs[1].sector; 943 bus->ifs[0].sector = val; 944 bus->ifs[1].sector = val; 945 break; 946 case 4: 947 ide_clear_hob(bus); 948 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 949 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 950 bus->ifs[0].lcyl = val; 951 bus->ifs[1].lcyl = val; 952 break; 953 case 5: 954 ide_clear_hob(bus); 955 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 956 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 957 bus->ifs[0].hcyl = val; 958 bus->ifs[1].hcyl = val; 959 break; 960 case 6: 961 /* FIXME: HOB readback uses bit 7 */ 962 bus->ifs[0].select = (val & ~0x10) | 0xa0; 963 bus->ifs[1].select = (val | 0x10) | 0xa0; 964 /* select drive */ 965 bus->unit = (val >> 4) & 1; 966 break; 967 default: 968 case 7: 969 /* command */ 970 ide_exec_cmd(bus, val); 971 break; 972 } 973 } 974 975 #define HD_OK (1u << IDE_HD) 976 #define CD_OK (1u << IDE_CD) 977 #define CFA_OK (1u << IDE_CFATA) 978 #define HD_CFA_OK (HD_OK | CFA_OK) 979 #define ALL_OK (HD_OK | CD_OK | CFA_OK) 980 981 /* See ACS-2 T13/2015-D Table B.2 Command codes */ 982 static const uint8_t ide_cmd_table[0x100] = { 983 /* NOP not implemented, mandatory for CD */ 984 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK, 985 [WIN_DSM] = ALL_OK, 986 [WIN_DEVICE_RESET] = CD_OK, 987 [WIN_RECAL] = HD_CFA_OK, 988 [WIN_READ] = ALL_OK, 989 [WIN_READ_ONCE] = ALL_OK, 990 [WIN_READ_EXT] = HD_CFA_OK, 991 [WIN_READDMA_EXT] = HD_CFA_OK, 992 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK, 993 [WIN_MULTREAD_EXT] = HD_CFA_OK, 994 [WIN_WRITE] = HD_CFA_OK, 995 [WIN_WRITE_ONCE] = HD_CFA_OK, 996 [WIN_WRITE_EXT] = HD_CFA_OK, 997 [WIN_WRITEDMA_EXT] = HD_CFA_OK, 998 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK, 999 [WIN_MULTWRITE_EXT] = HD_CFA_OK, 1000 [WIN_WRITE_VERIFY] = HD_CFA_OK, 1001 [WIN_VERIFY] = HD_CFA_OK, 1002 [WIN_VERIFY_ONCE] = HD_CFA_OK, 1003 [WIN_VERIFY_EXT] = HD_CFA_OK, 1004 [WIN_SEEK] = HD_CFA_OK, 1005 [CFA_TRANSLATE_SECTOR] = CFA_OK, 1006 [WIN_DIAGNOSE] = ALL_OK, 1007 [WIN_SPECIFY] = HD_CFA_OK, 1008 [WIN_STANDBYNOW2] = ALL_OK, 1009 [WIN_IDLEIMMEDIATE2] = ALL_OK, 1010 [WIN_STANDBY2] = ALL_OK, 1011 [WIN_SETIDLE2] = ALL_OK, 1012 [WIN_CHECKPOWERMODE2] = ALL_OK, 1013 [WIN_SLEEPNOW2] = ALL_OK, 1014 [WIN_PACKETCMD] = CD_OK, 1015 [WIN_PIDENTIFY] = CD_OK, 1016 [WIN_SMART] = HD_CFA_OK, 1017 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK, 1018 [CFA_ERASE_SECTORS] = CFA_OK, 1019 [WIN_MULTREAD] = HD_CFA_OK, 1020 [WIN_MULTWRITE] = HD_CFA_OK, 1021 [WIN_SETMULT] = HD_CFA_OK, 1022 [WIN_READDMA] = HD_CFA_OK, 1023 [WIN_READDMA_ONCE] = HD_CFA_OK, 1024 [WIN_WRITEDMA] = HD_CFA_OK, 1025 [WIN_WRITEDMA_ONCE] = HD_CFA_OK, 1026 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK, 1027 [WIN_STANDBYNOW1] = ALL_OK, 1028 [WIN_IDLEIMMEDIATE] = ALL_OK, 1029 [WIN_STANDBY] = ALL_OK, 1030 [WIN_SETIDLE1] = ALL_OK, 1031 [WIN_CHECKPOWERMODE1] = ALL_OK, 1032 [WIN_SLEEPNOW1] = ALL_OK, 1033 [WIN_FLUSH_CACHE] = ALL_OK, 1034 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK, 1035 [WIN_IDENTIFY] = ALL_OK, 1036 [WIN_SETFEATURES] = ALL_OK, 1037 [IBM_SENSE_CONDITION] = CFA_OK, 1038 [CFA_WEAR_LEVEL] = CFA_OK, 1039 [WIN_READ_NATIVE_MAX] = ALL_OK, 1040 }; 1041 1042 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) 1043 { 1044 return cmd < ARRAY_SIZE(ide_cmd_table) 1045 && (ide_cmd_table[cmd] & (1u << s->drive_kind)); 1046 } 1047 1048 void ide_exec_cmd(IDEBus *bus, uint32_t val) 1049 { 1050 IDEState *s; 1051 int n; 1052 int lba48 = 0; 1053 1054 #if defined(DEBUG_IDE) 1055 printf("ide: CMD=%02x\n", val); 1056 #endif 1057 s = idebus_active_if(bus); 1058 /* ignore commands to non existent slave */ 1059 if (s != bus->ifs && !s->bs) 1060 return; 1061 1062 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */ 1063 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET) 1064 return; 1065 1066 if (!ide_cmd_permitted(s, val)) { 1067 goto abort_cmd; 1068 } 1069 1070 switch(val) { 1071 case WIN_DSM: 1072 switch (s->feature) { 1073 case DSM_TRIM: 1074 if (!s->bs) { 1075 goto abort_cmd; 1076 } 1077 ide_sector_start_dma(s, IDE_DMA_TRIM); 1078 break; 1079 default: 1080 goto abort_cmd; 1081 } 1082 break; 1083 case WIN_IDENTIFY: 1084 if (s->bs && s->drive_kind != IDE_CD) { 1085 if (s->drive_kind != IDE_CFATA) 1086 ide_identify(s); 1087 else 1088 ide_cfata_identify(s); 1089 s->status = READY_STAT | SEEK_STAT; 1090 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1091 } else { 1092 if (s->drive_kind == IDE_CD) { 1093 ide_set_signature(s); 1094 } 1095 ide_abort_command(s); 1096 } 1097 ide_set_irq(s->bus); 1098 break; 1099 case WIN_SPECIFY: 1100 case WIN_RECAL: 1101 s->error = 0; 1102 s->status = READY_STAT | SEEK_STAT; 1103 ide_set_irq(s->bus); 1104 break; 1105 case WIN_SETMULT: 1106 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1107 /* Disable Read and Write Multiple */ 1108 s->mult_sectors = 0; 1109 s->status = READY_STAT | SEEK_STAT; 1110 } else if ((s->nsector & 0xff) != 0 && 1111 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1112 (s->nsector & (s->nsector - 1)) != 0)) { 1113 ide_abort_command(s); 1114 } else { 1115 s->mult_sectors = s->nsector & 0xff; 1116 s->status = READY_STAT | SEEK_STAT; 1117 } 1118 ide_set_irq(s->bus); 1119 break; 1120 case WIN_VERIFY_EXT: 1121 lba48 = 1; 1122 case WIN_VERIFY: 1123 case WIN_VERIFY_ONCE: 1124 /* do sector number check ? */ 1125 ide_cmd_lba48_transform(s, lba48); 1126 s->status = READY_STAT | SEEK_STAT; 1127 ide_set_irq(s->bus); 1128 break; 1129 case WIN_READ_EXT: 1130 lba48 = 1; 1131 case WIN_READ: 1132 case WIN_READ_ONCE: 1133 if (s->drive_kind == IDE_CD) { 1134 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */ 1135 goto abort_cmd; 1136 } 1137 if (!s->bs) { 1138 goto abort_cmd; 1139 } 1140 ide_cmd_lba48_transform(s, lba48); 1141 s->req_nb_sectors = 1; 1142 ide_sector_read(s); 1143 break; 1144 case WIN_WRITE_EXT: 1145 lba48 = 1; 1146 case WIN_WRITE: 1147 case WIN_WRITE_ONCE: 1148 case CFA_WRITE_SECT_WO_ERASE: 1149 case WIN_WRITE_VERIFY: 1150 if (!s->bs) { 1151 goto abort_cmd; 1152 } 1153 ide_cmd_lba48_transform(s, lba48); 1154 s->error = 0; 1155 s->status = SEEK_STAT | READY_STAT; 1156 s->req_nb_sectors = 1; 1157 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1158 s->media_changed = 1; 1159 break; 1160 case WIN_MULTREAD_EXT: 1161 lba48 = 1; 1162 case WIN_MULTREAD: 1163 if (!s->bs) { 1164 goto abort_cmd; 1165 } 1166 if (!s->mult_sectors) { 1167 goto abort_cmd; 1168 } 1169 ide_cmd_lba48_transform(s, lba48); 1170 s->req_nb_sectors = s->mult_sectors; 1171 ide_sector_read(s); 1172 break; 1173 case WIN_MULTWRITE_EXT: 1174 lba48 = 1; 1175 case WIN_MULTWRITE: 1176 case CFA_WRITE_MULTI_WO_ERASE: 1177 if (!s->bs) { 1178 goto abort_cmd; 1179 } 1180 if (!s->mult_sectors) { 1181 goto abort_cmd; 1182 } 1183 ide_cmd_lba48_transform(s, lba48); 1184 s->error = 0; 1185 s->status = SEEK_STAT | READY_STAT; 1186 s->req_nb_sectors = s->mult_sectors; 1187 n = s->nsector; 1188 if (n > s->req_nb_sectors) 1189 n = s->req_nb_sectors; 1190 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1191 s->media_changed = 1; 1192 break; 1193 case WIN_READDMA_EXT: 1194 lba48 = 1; 1195 case WIN_READDMA: 1196 case WIN_READDMA_ONCE: 1197 if (!s->bs) { 1198 goto abort_cmd; 1199 } 1200 ide_cmd_lba48_transform(s, lba48); 1201 ide_sector_start_dma(s, IDE_DMA_READ); 1202 break; 1203 case WIN_WRITEDMA_EXT: 1204 lba48 = 1; 1205 case WIN_WRITEDMA: 1206 case WIN_WRITEDMA_ONCE: 1207 if (!s->bs) { 1208 goto abort_cmd; 1209 } 1210 ide_cmd_lba48_transform(s, lba48); 1211 ide_sector_start_dma(s, IDE_DMA_WRITE); 1212 s->media_changed = 1; 1213 break; 1214 case WIN_READ_NATIVE_MAX_EXT: 1215 lba48 = 1; 1216 case WIN_READ_NATIVE_MAX: 1217 ide_cmd_lba48_transform(s, lba48); 1218 ide_set_sector(s, s->nb_sectors - 1); 1219 s->status = READY_STAT | SEEK_STAT; 1220 ide_set_irq(s->bus); 1221 break; 1222 case WIN_CHECKPOWERMODE1: 1223 case WIN_CHECKPOWERMODE2: 1224 s->error = 0; 1225 s->nsector = 0xff; /* device active or idle */ 1226 s->status = READY_STAT | SEEK_STAT; 1227 ide_set_irq(s->bus); 1228 break; 1229 case WIN_SETFEATURES: 1230 if (!s->bs) 1231 goto abort_cmd; 1232 /* XXX: valid for CDROM ? */ 1233 switch(s->feature) { 1234 case 0xcc: /* reverting to power-on defaults enable */ 1235 case 0x66: /* reverting to power-on defaults disable */ 1236 case 0x02: /* write cache enable */ 1237 case 0x82: /* write cache disable */ 1238 case 0xaa: /* read look-ahead enable */ 1239 case 0x55: /* read look-ahead disable */ 1240 case 0x05: /* set advanced power management mode */ 1241 case 0x85: /* disable advanced power management mode */ 1242 case 0x69: /* NOP */ 1243 case 0x67: /* NOP */ 1244 case 0x96: /* NOP */ 1245 case 0x9a: /* NOP */ 1246 case 0x42: /* enable Automatic Acoustic Mode */ 1247 case 0xc2: /* disable Automatic Acoustic Mode */ 1248 s->status = READY_STAT | SEEK_STAT; 1249 ide_set_irq(s->bus); 1250 break; 1251 case 0x03: { /* set transfer mode */ 1252 uint8_t val = s->nsector & 0x07; 1253 uint16_t *identify_data = (uint16_t *)s->identify_data; 1254 1255 switch (s->nsector >> 3) { 1256 case 0x00: /* pio default */ 1257 case 0x01: /* pio mode */ 1258 put_le16(identify_data + 62,0x07); 1259 put_le16(identify_data + 63,0x07); 1260 put_le16(identify_data + 88,0x3f); 1261 break; 1262 case 0x02: /* sigle word dma mode*/ 1263 put_le16(identify_data + 62,0x07 | (1 << (val + 8))); 1264 put_le16(identify_data + 63,0x07); 1265 put_le16(identify_data + 88,0x3f); 1266 break; 1267 case 0x04: /* mdma mode */ 1268 put_le16(identify_data + 62,0x07); 1269 put_le16(identify_data + 63,0x07 | (1 << (val + 8))); 1270 put_le16(identify_data + 88,0x3f); 1271 break; 1272 case 0x08: /* udma mode */ 1273 put_le16(identify_data + 62,0x07); 1274 put_le16(identify_data + 63,0x07); 1275 put_le16(identify_data + 88,0x3f | (1 << (val + 8))); 1276 break; 1277 default: 1278 goto abort_cmd; 1279 } 1280 s->status = READY_STAT | SEEK_STAT; 1281 ide_set_irq(s->bus); 1282 break; 1283 } 1284 default: 1285 goto abort_cmd; 1286 } 1287 break; 1288 case WIN_FLUSH_CACHE: 1289 case WIN_FLUSH_CACHE_EXT: 1290 ide_flush_cache(s); 1291 break; 1292 case WIN_STANDBY: 1293 case WIN_STANDBY2: 1294 case WIN_STANDBYNOW1: 1295 case WIN_STANDBYNOW2: 1296 case WIN_IDLEIMMEDIATE: 1297 case WIN_IDLEIMMEDIATE2: 1298 case WIN_SETIDLE1: 1299 case WIN_SETIDLE2: 1300 case WIN_SLEEPNOW1: 1301 case WIN_SLEEPNOW2: 1302 s->status = READY_STAT; 1303 ide_set_irq(s->bus); 1304 break; 1305 case WIN_SEEK: 1306 /* XXX: Check that seek is within bounds */ 1307 s->status = READY_STAT | SEEK_STAT; 1308 ide_set_irq(s->bus); 1309 break; 1310 /* ATAPI commands */ 1311 case WIN_PIDENTIFY: 1312 ide_atapi_identify(s); 1313 s->status = READY_STAT | SEEK_STAT; 1314 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1315 ide_set_irq(s->bus); 1316 break; 1317 case WIN_DIAGNOSE: 1318 ide_set_signature(s); 1319 if (s->drive_kind == IDE_CD) 1320 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 1321 * devices to return a clear status register 1322 * with READY_STAT *not* set. */ 1323 else 1324 s->status = READY_STAT | SEEK_STAT; 1325 s->error = 0x01; /* Device 0 passed, Device 1 passed or not 1326 * present. 1327 */ 1328 ide_set_irq(s->bus); 1329 break; 1330 case WIN_DEVICE_RESET: 1331 ide_set_signature(s); 1332 s->status = 0x00; /* NOTE: READY is _not_ set */ 1333 s->error = 0x01; 1334 break; 1335 case WIN_PACKETCMD: 1336 /* overlapping commands not supported */ 1337 if (s->feature & 0x02) 1338 goto abort_cmd; 1339 s->status = READY_STAT | SEEK_STAT; 1340 s->atapi_dma = s->feature & 1; 1341 s->nsector = 1; 1342 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 1343 ide_atapi_cmd); 1344 break; 1345 /* CF-ATA commands */ 1346 case CFA_REQ_EXT_ERROR_CODE: 1347 s->error = 0x09; /* miscellaneous error */ 1348 s->status = READY_STAT | SEEK_STAT; 1349 ide_set_irq(s->bus); 1350 break; 1351 case CFA_ERASE_SECTORS: 1352 case CFA_WEAR_LEVEL: 1353 if (val == CFA_WEAR_LEVEL) 1354 s->nsector = 0; 1355 if (val == CFA_ERASE_SECTORS) 1356 s->media_changed = 1; 1357 s->error = 0x00; 1358 s->status = READY_STAT | SEEK_STAT; 1359 ide_set_irq(s->bus); 1360 break; 1361 case CFA_TRANSLATE_SECTOR: 1362 s->error = 0x00; 1363 s->status = READY_STAT | SEEK_STAT; 1364 memset(s->io_buffer, 0, 0x200); 1365 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 1366 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 1367 s->io_buffer[0x02] = s->select; /* Head */ 1368 s->io_buffer[0x03] = s->sector; /* Sector */ 1369 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 1370 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 1371 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 1372 s->io_buffer[0x13] = 0x00; /* Erase flag */ 1373 s->io_buffer[0x18] = 0x00; /* Hot count */ 1374 s->io_buffer[0x19] = 0x00; /* Hot count */ 1375 s->io_buffer[0x1a] = 0x01; /* Hot count */ 1376 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1377 ide_set_irq(s->bus); 1378 break; 1379 case CFA_ACCESS_METADATA_STORAGE: 1380 switch (s->feature) { 1381 case 0x02: /* Inquiry Metadata Storage */ 1382 ide_cfata_metadata_inquiry(s); 1383 break; 1384 case 0x03: /* Read Metadata Storage */ 1385 ide_cfata_metadata_read(s); 1386 break; 1387 case 0x04: /* Write Metadata Storage */ 1388 ide_cfata_metadata_write(s); 1389 break; 1390 default: 1391 goto abort_cmd; 1392 } 1393 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1394 s->status = 0x00; /* NOTE: READY is _not_ set */ 1395 ide_set_irq(s->bus); 1396 break; 1397 case IBM_SENSE_CONDITION: 1398 switch (s->feature) { 1399 case 0x01: /* sense temperature in device */ 1400 s->nsector = 0x50; /* +20 C */ 1401 break; 1402 default: 1403 goto abort_cmd; 1404 } 1405 s->status = READY_STAT | SEEK_STAT; 1406 ide_set_irq(s->bus); 1407 break; 1408 1409 case WIN_SMART: 1410 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) 1411 goto abort_cmd; 1412 if (!s->smart_enabled && s->feature != SMART_ENABLE) 1413 goto abort_cmd; 1414 switch (s->feature) { 1415 case SMART_DISABLE: 1416 s->smart_enabled = 0; 1417 s->status = READY_STAT | SEEK_STAT; 1418 ide_set_irq(s->bus); 1419 break; 1420 case SMART_ENABLE: 1421 s->smart_enabled = 1; 1422 s->status = READY_STAT | SEEK_STAT; 1423 ide_set_irq(s->bus); 1424 break; 1425 case SMART_ATTR_AUTOSAVE: 1426 switch (s->sector) { 1427 case 0x00: 1428 s->smart_autosave = 0; 1429 break; 1430 case 0xf1: 1431 s->smart_autosave = 1; 1432 break; 1433 default: 1434 goto abort_cmd; 1435 } 1436 s->status = READY_STAT | SEEK_STAT; 1437 ide_set_irq(s->bus); 1438 break; 1439 case SMART_STATUS: 1440 if (!s->smart_errors) { 1441 s->hcyl = 0xc2; 1442 s->lcyl = 0x4f; 1443 } else { 1444 s->hcyl = 0x2c; 1445 s->lcyl = 0xf4; 1446 } 1447 s->status = READY_STAT | SEEK_STAT; 1448 ide_set_irq(s->bus); 1449 break; 1450 case SMART_READ_THRESH: 1451 memset(s->io_buffer, 0, 0x200); 1452 s->io_buffer[0] = 0x01; /* smart struct version */ 1453 for (n=0; n<30; n++) { 1454 if (smart_attributes[n][0] == 0) 1455 break; 1456 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0]; 1457 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11]; 1458 } 1459 for (n=0; n<511; n++) /* checksum */ 1460 s->io_buffer[511] += s->io_buffer[n]; 1461 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1462 s->status = READY_STAT | SEEK_STAT; 1463 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1464 ide_set_irq(s->bus); 1465 break; 1466 case SMART_READ_DATA: 1467 memset(s->io_buffer, 0, 0x200); 1468 s->io_buffer[0] = 0x01; /* smart struct version */ 1469 for (n=0; n<30; n++) { 1470 if (smart_attributes[n][0] == 0) { 1471 break; 1472 } 1473 int i; 1474 for(i = 0; i < 11; i++) { 1475 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i]; 1476 } 1477 } 1478 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00); 1479 if (s->smart_selftest_count == 0) { 1480 s->io_buffer[363] = 0; 1481 } else { 1482 s->io_buffer[363] = 1483 s->smart_selftest_data[3 + 1484 (s->smart_selftest_count - 1) * 1485 24]; 1486 } 1487 s->io_buffer[364] = 0x20; 1488 s->io_buffer[365] = 0x01; 1489 /* offline data collection capacity: execute + self-test*/ 1490 s->io_buffer[367] = (1<<4 | 1<<3 | 1); 1491 s->io_buffer[368] = 0x03; /* smart capability (1) */ 1492 s->io_buffer[369] = 0x00; /* smart capability (2) */ 1493 s->io_buffer[370] = 0x01; /* error logging supported */ 1494 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 1495 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 1496 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 1497 1498 for (n=0; n<511; n++) 1499 s->io_buffer[511] += s->io_buffer[n]; 1500 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1501 s->status = READY_STAT | SEEK_STAT; 1502 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1503 ide_set_irq(s->bus); 1504 break; 1505 case SMART_READ_LOG: 1506 switch (s->sector) { 1507 case 0x01: /* summary smart error log */ 1508 memset(s->io_buffer, 0, 0x200); 1509 s->io_buffer[0] = 0x01; 1510 s->io_buffer[1] = 0x00; /* no error entries */ 1511 s->io_buffer[452] = s->smart_errors & 0xff; 1512 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 1513 1514 for (n=0; n<511; n++) 1515 s->io_buffer[511] += s->io_buffer[n]; 1516 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1517 break; 1518 case 0x06: /* smart self test log */ 1519 memset(s->io_buffer, 0, 0x200); 1520 s->io_buffer[0] = 0x01; 1521 if (s->smart_selftest_count == 0) { 1522 s->io_buffer[508] = 0; 1523 } else { 1524 s->io_buffer[508] = s->smart_selftest_count; 1525 for (n=2; n<506; n++) 1526 s->io_buffer[n] = s->smart_selftest_data[n]; 1527 } 1528 for (n=0; n<511; n++) 1529 s->io_buffer[511] += s->io_buffer[n]; 1530 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1531 break; 1532 default: 1533 goto abort_cmd; 1534 } 1535 s->status = READY_STAT | SEEK_STAT; 1536 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1537 ide_set_irq(s->bus); 1538 break; 1539 case SMART_EXECUTE_OFFLINE: 1540 switch (s->sector) { 1541 case 0: /* off-line routine */ 1542 case 1: /* short self test */ 1543 case 2: /* extended self test */ 1544 s->smart_selftest_count++; 1545 if(s->smart_selftest_count > 21) 1546 s->smart_selftest_count = 0; 1547 n = 2 + (s->smart_selftest_count - 1) * 24; 1548 s->smart_selftest_data[n] = s->sector; 1549 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */ 1550 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */ 1551 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */ 1552 s->status = READY_STAT | SEEK_STAT; 1553 ide_set_irq(s->bus); 1554 break; 1555 default: 1556 goto abort_cmd; 1557 } 1558 break; 1559 default: 1560 goto abort_cmd; 1561 } 1562 break; 1563 default: 1564 /* should not be reachable */ 1565 abort_cmd: 1566 ide_abort_command(s); 1567 ide_set_irq(s->bus); 1568 break; 1569 } 1570 } 1571 1572 uint32_t ide_ioport_read(void *opaque, uint32_t addr1) 1573 { 1574 IDEBus *bus = opaque; 1575 IDEState *s = idebus_active_if(bus); 1576 uint32_t addr; 1577 int ret, hob; 1578 1579 addr = addr1 & 7; 1580 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 1581 //hob = s->select & (1 << 7); 1582 hob = 0; 1583 switch(addr) { 1584 case 0: 1585 ret = 0xff; 1586 break; 1587 case 1: 1588 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1589 (s != bus->ifs && !s->bs)) 1590 ret = 0; 1591 else if (!hob) 1592 ret = s->error; 1593 else 1594 ret = s->hob_feature; 1595 break; 1596 case 2: 1597 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1598 ret = 0; 1599 else if (!hob) 1600 ret = s->nsector & 0xff; 1601 else 1602 ret = s->hob_nsector; 1603 break; 1604 case 3: 1605 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1606 ret = 0; 1607 else if (!hob) 1608 ret = s->sector; 1609 else 1610 ret = s->hob_sector; 1611 break; 1612 case 4: 1613 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1614 ret = 0; 1615 else if (!hob) 1616 ret = s->lcyl; 1617 else 1618 ret = s->hob_lcyl; 1619 break; 1620 case 5: 1621 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1622 ret = 0; 1623 else if (!hob) 1624 ret = s->hcyl; 1625 else 1626 ret = s->hob_hcyl; 1627 break; 1628 case 6: 1629 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1630 ret = 0; 1631 else 1632 ret = s->select; 1633 break; 1634 default: 1635 case 7: 1636 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1637 (s != bus->ifs && !s->bs)) 1638 ret = 0; 1639 else 1640 ret = s->status; 1641 qemu_irq_lower(bus->irq); 1642 break; 1643 } 1644 #ifdef DEBUG_IDE 1645 printf("ide: read addr=0x%x val=%02x\n", addr1, ret); 1646 #endif 1647 return ret; 1648 } 1649 1650 uint32_t ide_status_read(void *opaque, uint32_t addr) 1651 { 1652 IDEBus *bus = opaque; 1653 IDEState *s = idebus_active_if(bus); 1654 int ret; 1655 1656 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1657 (s != bus->ifs && !s->bs)) 1658 ret = 0; 1659 else 1660 ret = s->status; 1661 #ifdef DEBUG_IDE 1662 printf("ide: read status addr=0x%x val=%02x\n", addr, ret); 1663 #endif 1664 return ret; 1665 } 1666 1667 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 1668 { 1669 IDEBus *bus = opaque; 1670 IDEState *s; 1671 int i; 1672 1673 #ifdef DEBUG_IDE 1674 printf("ide: write control addr=0x%x val=%02x\n", addr, val); 1675 #endif 1676 /* common for both drives */ 1677 if (!(bus->cmd & IDE_CMD_RESET) && 1678 (val & IDE_CMD_RESET)) { 1679 /* reset low to high */ 1680 for(i = 0;i < 2; i++) { 1681 s = &bus->ifs[i]; 1682 s->status = BUSY_STAT | SEEK_STAT; 1683 s->error = 0x01; 1684 } 1685 } else if ((bus->cmd & IDE_CMD_RESET) && 1686 !(val & IDE_CMD_RESET)) { 1687 /* high to low */ 1688 for(i = 0;i < 2; i++) { 1689 s = &bus->ifs[i]; 1690 if (s->drive_kind == IDE_CD) 1691 s->status = 0x00; /* NOTE: READY is _not_ set */ 1692 else 1693 s->status = READY_STAT | SEEK_STAT; 1694 ide_set_signature(s); 1695 } 1696 } 1697 1698 bus->cmd = val; 1699 } 1700 1701 /* 1702 * Returns true if the running PIO transfer is a PIO out (i.e. data is 1703 * transferred from the device to the guest), false if it's a PIO in 1704 */ 1705 static bool ide_is_pio_out(IDEState *s) 1706 { 1707 if (s->end_transfer_func == ide_sector_write || 1708 s->end_transfer_func == ide_atapi_cmd) { 1709 return false; 1710 } else if (s->end_transfer_func == ide_sector_read || 1711 s->end_transfer_func == ide_transfer_stop || 1712 s->end_transfer_func == ide_atapi_cmd_reply_end || 1713 s->end_transfer_func == ide_dummy_transfer_stop) { 1714 return true; 1715 } 1716 1717 abort(); 1718 } 1719 1720 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 1721 { 1722 IDEBus *bus = opaque; 1723 IDEState *s = idebus_active_if(bus); 1724 uint8_t *p; 1725 1726 /* PIO data access allowed only when DRQ bit is set. The result of a write 1727 * during PIO out is indeterminate, just ignore it. */ 1728 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1729 return; 1730 } 1731 1732 p = s->data_ptr; 1733 *(uint16_t *)p = le16_to_cpu(val); 1734 p += 2; 1735 s->data_ptr = p; 1736 if (p >= s->data_end) 1737 s->end_transfer_func(s); 1738 } 1739 1740 uint32_t ide_data_readw(void *opaque, uint32_t addr) 1741 { 1742 IDEBus *bus = opaque; 1743 IDEState *s = idebus_active_if(bus); 1744 uint8_t *p; 1745 int ret; 1746 1747 /* PIO data access allowed only when DRQ bit is set. The result of a read 1748 * during PIO in is indeterminate, return 0 and don't move forward. */ 1749 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1750 return 0; 1751 } 1752 1753 p = s->data_ptr; 1754 ret = cpu_to_le16(*(uint16_t *)p); 1755 p += 2; 1756 s->data_ptr = p; 1757 if (p >= s->data_end) 1758 s->end_transfer_func(s); 1759 return ret; 1760 } 1761 1762 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 1763 { 1764 IDEBus *bus = opaque; 1765 IDEState *s = idebus_active_if(bus); 1766 uint8_t *p; 1767 1768 /* PIO data access allowed only when DRQ bit is set. The result of a write 1769 * during PIO out is indeterminate, just ignore it. */ 1770 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1771 return; 1772 } 1773 1774 p = s->data_ptr; 1775 *(uint32_t *)p = le32_to_cpu(val); 1776 p += 4; 1777 s->data_ptr = p; 1778 if (p >= s->data_end) 1779 s->end_transfer_func(s); 1780 } 1781 1782 uint32_t ide_data_readl(void *opaque, uint32_t addr) 1783 { 1784 IDEBus *bus = opaque; 1785 IDEState *s = idebus_active_if(bus); 1786 uint8_t *p; 1787 int ret; 1788 1789 /* PIO data access allowed only when DRQ bit is set. The result of a read 1790 * during PIO in is indeterminate, return 0 and don't move forward. */ 1791 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1792 return 0; 1793 } 1794 1795 p = s->data_ptr; 1796 ret = cpu_to_le32(*(uint32_t *)p); 1797 p += 4; 1798 s->data_ptr = p; 1799 if (p >= s->data_end) 1800 s->end_transfer_func(s); 1801 return ret; 1802 } 1803 1804 static void ide_dummy_transfer_stop(IDEState *s) 1805 { 1806 s->data_ptr = s->io_buffer; 1807 s->data_end = s->io_buffer; 1808 s->io_buffer[0] = 0xff; 1809 s->io_buffer[1] = 0xff; 1810 s->io_buffer[2] = 0xff; 1811 s->io_buffer[3] = 0xff; 1812 } 1813 1814 static void ide_reset(IDEState *s) 1815 { 1816 #ifdef DEBUG_IDE 1817 printf("ide: reset\n"); 1818 #endif 1819 1820 if (s->pio_aiocb) { 1821 bdrv_aio_cancel(s->pio_aiocb); 1822 s->pio_aiocb = NULL; 1823 } 1824 1825 if (s->drive_kind == IDE_CFATA) 1826 s->mult_sectors = 0; 1827 else 1828 s->mult_sectors = MAX_MULT_SECTORS; 1829 /* ide regs */ 1830 s->feature = 0; 1831 s->error = 0; 1832 s->nsector = 0; 1833 s->sector = 0; 1834 s->lcyl = 0; 1835 s->hcyl = 0; 1836 1837 /* lba48 */ 1838 s->hob_feature = 0; 1839 s->hob_sector = 0; 1840 s->hob_nsector = 0; 1841 s->hob_lcyl = 0; 1842 s->hob_hcyl = 0; 1843 1844 s->select = 0xa0; 1845 s->status = READY_STAT | SEEK_STAT; 1846 1847 s->lba48 = 0; 1848 1849 /* ATAPI specific */ 1850 s->sense_key = 0; 1851 s->asc = 0; 1852 s->cdrom_changed = 0; 1853 s->packet_transfer_size = 0; 1854 s->elementary_transfer_size = 0; 1855 s->io_buffer_index = 0; 1856 s->cd_sector_size = 0; 1857 s->atapi_dma = 0; 1858 /* ATA DMA state */ 1859 s->io_buffer_size = 0; 1860 s->req_nb_sectors = 0; 1861 1862 ide_set_signature(s); 1863 /* init the transfer handler so that 0xffff is returned on data 1864 accesses */ 1865 s->end_transfer_func = ide_dummy_transfer_stop; 1866 ide_dummy_transfer_stop(s); 1867 s->media_changed = 0; 1868 } 1869 1870 void ide_bus_reset(IDEBus *bus) 1871 { 1872 bus->unit = 0; 1873 bus->cmd = 0; 1874 ide_reset(&bus->ifs[0]); 1875 ide_reset(&bus->ifs[1]); 1876 ide_clear_hob(bus); 1877 1878 /* pending async DMA */ 1879 if (bus->dma->aiocb) { 1880 #ifdef DEBUG_AIO 1881 printf("aio_cancel\n"); 1882 #endif 1883 bdrv_aio_cancel(bus->dma->aiocb); 1884 bus->dma->aiocb = NULL; 1885 } 1886 1887 /* reset dma provider too */ 1888 bus->dma->ops->reset(bus->dma); 1889 } 1890 1891 static bool ide_cd_is_tray_open(void *opaque) 1892 { 1893 return ((IDEState *)opaque)->tray_open; 1894 } 1895 1896 static bool ide_cd_is_medium_locked(void *opaque) 1897 { 1898 return ((IDEState *)opaque)->tray_locked; 1899 } 1900 1901 static const BlockDevOps ide_cd_block_ops = { 1902 .change_media_cb = ide_cd_change_cb, 1903 .eject_request_cb = ide_cd_eject_request_cb, 1904 .is_tray_open = ide_cd_is_tray_open, 1905 .is_medium_locked = ide_cd_is_medium_locked, 1906 }; 1907 1908 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind, 1909 const char *version, const char *serial, const char *model, 1910 uint64_t wwn) 1911 { 1912 int cylinders, heads, secs; 1913 uint64_t nb_sectors; 1914 1915 s->bs = bs; 1916 s->drive_kind = kind; 1917 1918 bdrv_get_geometry(bs, &nb_sectors); 1919 bdrv_guess_geometry(bs, &cylinders, &heads, &secs); 1920 if (cylinders < 1 || cylinders > 16383) { 1921 error_report("cyls must be between 1 and 16383"); 1922 return -1; 1923 } 1924 if (heads < 1 || heads > 16) { 1925 error_report("heads must be between 1 and 16"); 1926 return -1; 1927 } 1928 if (secs < 1 || secs > 63) { 1929 error_report("secs must be between 1 and 63"); 1930 return -1; 1931 } 1932 s->cylinders = cylinders; 1933 s->heads = heads; 1934 s->sectors = secs; 1935 s->nb_sectors = nb_sectors; 1936 s->wwn = wwn; 1937 /* The SMART values should be preserved across power cycles 1938 but they aren't. */ 1939 s->smart_enabled = 1; 1940 s->smart_autosave = 1; 1941 s->smart_errors = 0; 1942 s->smart_selftest_count = 0; 1943 if (kind == IDE_CD) { 1944 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s); 1945 bdrv_set_buffer_alignment(bs, 2048); 1946 } else { 1947 if (!bdrv_is_inserted(s->bs)) { 1948 error_report("Device needs media, but drive is empty"); 1949 return -1; 1950 } 1951 if (bdrv_is_read_only(bs)) { 1952 error_report("Can't use a read-only drive"); 1953 return -1; 1954 } 1955 } 1956 if (serial) { 1957 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial); 1958 } else { 1959 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 1960 "QM%05d", s->drive_serial); 1961 } 1962 if (model) { 1963 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model); 1964 } else { 1965 switch (kind) { 1966 case IDE_CD: 1967 strcpy(s->drive_model_str, "QEMU DVD-ROM"); 1968 break; 1969 case IDE_CFATA: 1970 strcpy(s->drive_model_str, "QEMU MICRODRIVE"); 1971 break; 1972 default: 1973 strcpy(s->drive_model_str, "QEMU HARDDISK"); 1974 break; 1975 } 1976 } 1977 1978 if (version) { 1979 pstrcpy(s->version, sizeof(s->version), version); 1980 } else { 1981 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION); 1982 } 1983 1984 ide_reset(s); 1985 bdrv_iostatus_enable(bs); 1986 return 0; 1987 } 1988 1989 static void ide_init1(IDEBus *bus, int unit) 1990 { 1991 static int drive_serial = 1; 1992 IDEState *s = &bus->ifs[unit]; 1993 1994 s->bus = bus; 1995 s->unit = unit; 1996 s->drive_serial = drive_serial++; 1997 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */ 1998 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 1999 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len); 2000 memset(s->io_buffer, 0, s->io_buffer_total_len); 2001 2002 s->smart_selftest_data = qemu_blockalign(s->bs, 512); 2003 memset(s->smart_selftest_data, 0, 512); 2004 2005 s->sector_write_timer = qemu_new_timer_ns(vm_clock, 2006 ide_sector_write_timer_cb, s); 2007 } 2008 2009 static void ide_nop_start(IDEDMA *dma, IDEState *s, 2010 BlockDriverCompletionFunc *cb) 2011 { 2012 } 2013 2014 static int ide_nop(IDEDMA *dma) 2015 { 2016 return 0; 2017 } 2018 2019 static int ide_nop_int(IDEDMA *dma, int x) 2020 { 2021 return 0; 2022 } 2023 2024 static void ide_nop_restart(void *opaque, int x, RunState y) 2025 { 2026 } 2027 2028 static const IDEDMAOps ide_dma_nop_ops = { 2029 .start_dma = ide_nop_start, 2030 .start_transfer = ide_nop, 2031 .prepare_buf = ide_nop_int, 2032 .rw_buf = ide_nop_int, 2033 .set_unit = ide_nop_int, 2034 .add_status = ide_nop_int, 2035 .set_inactive = ide_nop, 2036 .restart_cb = ide_nop_restart, 2037 .reset = ide_nop, 2038 }; 2039 2040 static IDEDMA ide_dma_nop = { 2041 .ops = &ide_dma_nop_ops, 2042 .aiocb = NULL, 2043 }; 2044 2045 void ide_init2(IDEBus *bus, qemu_irq irq) 2046 { 2047 int i; 2048 2049 for(i = 0; i < 2; i++) { 2050 ide_init1(bus, i); 2051 ide_reset(&bus->ifs[i]); 2052 } 2053 bus->irq = irq; 2054 bus->dma = &ide_dma_nop; 2055 } 2056 2057 /* TODO convert users to qdev and remove */ 2058 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0, 2059 DriveInfo *hd1, qemu_irq irq) 2060 { 2061 int i; 2062 DriveInfo *dinfo; 2063 2064 for(i = 0; i < 2; i++) { 2065 dinfo = i == 0 ? hd0 : hd1; 2066 ide_init1(bus, i); 2067 if (dinfo) { 2068 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, 2069 dinfo->media_cd ? IDE_CD : IDE_HD, NULL, 2070 *dinfo->serial ? dinfo->serial : NULL, 2071 NULL, 0) < 0) { 2072 error_report("Can't set up IDE drive %s", dinfo->id); 2073 exit(1); 2074 } 2075 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]); 2076 } else { 2077 ide_reset(&bus->ifs[i]); 2078 } 2079 } 2080 bus->irq = irq; 2081 bus->dma = &ide_dma_nop; 2082 } 2083 2084 static const MemoryRegionPortio ide_portio_list[] = { 2085 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write }, 2086 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew }, 2087 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel }, 2088 PORTIO_END_OF_LIST(), 2089 }; 2090 2091 static const MemoryRegionPortio ide_portio2_list[] = { 2092 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write }, 2093 PORTIO_END_OF_LIST(), 2094 }; 2095 2096 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2) 2097 { 2098 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA 2099 bridge has been setup properly to always register with ISA. */ 2100 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide"); 2101 2102 if (iobase2) { 2103 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide"); 2104 } 2105 } 2106 2107 static bool is_identify_set(void *opaque, int version_id) 2108 { 2109 IDEState *s = opaque; 2110 2111 return s->identify_set != 0; 2112 } 2113 2114 static EndTransferFunc* transfer_end_table[] = { 2115 ide_sector_read, 2116 ide_sector_write, 2117 ide_transfer_stop, 2118 ide_atapi_cmd_reply_end, 2119 ide_atapi_cmd, 2120 ide_dummy_transfer_stop, 2121 }; 2122 2123 static int transfer_end_table_idx(EndTransferFunc *fn) 2124 { 2125 int i; 2126 2127 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2128 if (transfer_end_table[i] == fn) 2129 return i; 2130 2131 return -1; 2132 } 2133 2134 static int ide_drive_post_load(void *opaque, int version_id) 2135 { 2136 IDEState *s = opaque; 2137 2138 if (version_id < 3) { 2139 if (s->sense_key == UNIT_ATTENTION && 2140 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) { 2141 s->cdrom_changed = 1; 2142 } 2143 } 2144 return 0; 2145 } 2146 2147 static int ide_drive_pio_post_load(void *opaque, int version_id) 2148 { 2149 IDEState *s = opaque; 2150 2151 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { 2152 return -EINVAL; 2153 } 2154 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2155 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2156 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2157 2158 return 0; 2159 } 2160 2161 static void ide_drive_pio_pre_save(void *opaque) 2162 { 2163 IDEState *s = opaque; 2164 int idx; 2165 2166 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2167 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2168 2169 idx = transfer_end_table_idx(s->end_transfer_func); 2170 if (idx == -1) { 2171 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2172 __func__); 2173 s->end_transfer_fn_idx = 2; 2174 } else { 2175 s->end_transfer_fn_idx = idx; 2176 } 2177 } 2178 2179 static bool ide_drive_pio_state_needed(void *opaque) 2180 { 2181 IDEState *s = opaque; 2182 2183 return ((s->status & DRQ_STAT) != 0) 2184 || (s->bus->error_status & BM_STATUS_PIO_RETRY); 2185 } 2186 2187 static bool ide_tray_state_needed(void *opaque) 2188 { 2189 IDEState *s = opaque; 2190 2191 return s->tray_open || s->tray_locked; 2192 } 2193 2194 static bool ide_atapi_gesn_needed(void *opaque) 2195 { 2196 IDEState *s = opaque; 2197 2198 return s->events.new_media || s->events.eject_request; 2199 } 2200 2201 static bool ide_error_needed(void *opaque) 2202 { 2203 IDEBus *bus = opaque; 2204 2205 return (bus->error_status != 0); 2206 } 2207 2208 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ 2209 static const VMStateDescription vmstate_ide_atapi_gesn_state = { 2210 .name ="ide_drive/atapi/gesn_state", 2211 .version_id = 1, 2212 .minimum_version_id = 1, 2213 .minimum_version_id_old = 1, 2214 .fields = (VMStateField []) { 2215 VMSTATE_BOOL(events.new_media, IDEState), 2216 VMSTATE_BOOL(events.eject_request, IDEState), 2217 VMSTATE_END_OF_LIST() 2218 } 2219 }; 2220 2221 static const VMStateDescription vmstate_ide_tray_state = { 2222 .name = "ide_drive/tray_state", 2223 .version_id = 1, 2224 .minimum_version_id = 1, 2225 .minimum_version_id_old = 1, 2226 .fields = (VMStateField[]) { 2227 VMSTATE_BOOL(tray_open, IDEState), 2228 VMSTATE_BOOL(tray_locked, IDEState), 2229 VMSTATE_END_OF_LIST() 2230 } 2231 }; 2232 2233 static const VMStateDescription vmstate_ide_drive_pio_state = { 2234 .name = "ide_drive/pio_state", 2235 .version_id = 1, 2236 .minimum_version_id = 1, 2237 .minimum_version_id_old = 1, 2238 .pre_save = ide_drive_pio_pre_save, 2239 .post_load = ide_drive_pio_post_load, 2240 .fields = (VMStateField []) { 2241 VMSTATE_INT32(req_nb_sectors, IDEState), 2242 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2243 vmstate_info_uint8, uint8_t), 2244 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2245 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2246 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2247 VMSTATE_INT32(elementary_transfer_size, IDEState), 2248 VMSTATE_INT32(packet_transfer_size, IDEState), 2249 VMSTATE_END_OF_LIST() 2250 } 2251 }; 2252 2253 const VMStateDescription vmstate_ide_drive = { 2254 .name = "ide_drive", 2255 .version_id = 3, 2256 .minimum_version_id = 0, 2257 .minimum_version_id_old = 0, 2258 .post_load = ide_drive_post_load, 2259 .fields = (VMStateField []) { 2260 VMSTATE_INT32(mult_sectors, IDEState), 2261 VMSTATE_INT32(identify_set, IDEState), 2262 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2263 VMSTATE_UINT8(feature, IDEState), 2264 VMSTATE_UINT8(error, IDEState), 2265 VMSTATE_UINT32(nsector, IDEState), 2266 VMSTATE_UINT8(sector, IDEState), 2267 VMSTATE_UINT8(lcyl, IDEState), 2268 VMSTATE_UINT8(hcyl, IDEState), 2269 VMSTATE_UINT8(hob_feature, IDEState), 2270 VMSTATE_UINT8(hob_sector, IDEState), 2271 VMSTATE_UINT8(hob_nsector, IDEState), 2272 VMSTATE_UINT8(hob_lcyl, IDEState), 2273 VMSTATE_UINT8(hob_hcyl, IDEState), 2274 VMSTATE_UINT8(select, IDEState), 2275 VMSTATE_UINT8(status, IDEState), 2276 VMSTATE_UINT8(lba48, IDEState), 2277 VMSTATE_UINT8(sense_key, IDEState), 2278 VMSTATE_UINT8(asc, IDEState), 2279 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2280 VMSTATE_END_OF_LIST() 2281 }, 2282 .subsections = (VMStateSubsection []) { 2283 { 2284 .vmsd = &vmstate_ide_drive_pio_state, 2285 .needed = ide_drive_pio_state_needed, 2286 }, { 2287 .vmsd = &vmstate_ide_tray_state, 2288 .needed = ide_tray_state_needed, 2289 }, { 2290 .vmsd = &vmstate_ide_atapi_gesn_state, 2291 .needed = ide_atapi_gesn_needed, 2292 }, { 2293 /* empty */ 2294 } 2295 } 2296 }; 2297 2298 static const VMStateDescription vmstate_ide_error_status = { 2299 .name ="ide_bus/error", 2300 .version_id = 1, 2301 .minimum_version_id = 1, 2302 .minimum_version_id_old = 1, 2303 .fields = (VMStateField []) { 2304 VMSTATE_INT32(error_status, IDEBus), 2305 VMSTATE_END_OF_LIST() 2306 } 2307 }; 2308 2309 const VMStateDescription vmstate_ide_bus = { 2310 .name = "ide_bus", 2311 .version_id = 1, 2312 .minimum_version_id = 1, 2313 .minimum_version_id_old = 1, 2314 .fields = (VMStateField []) { 2315 VMSTATE_UINT8(cmd, IDEBus), 2316 VMSTATE_UINT8(unit, IDEBus), 2317 VMSTATE_END_OF_LIST() 2318 }, 2319 .subsections = (VMStateSubsection []) { 2320 { 2321 .vmsd = &vmstate_ide_error_status, 2322 .needed = ide_error_needed, 2323 }, { 2324 /* empty */ 2325 } 2326 } 2327 }; 2328 2329 void ide_drive_get(DriveInfo **hd, int max_bus) 2330 { 2331 int i; 2332 2333 if (drive_get_max_bus(IF_IDE) >= max_bus) { 2334 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus); 2335 exit(1); 2336 } 2337 2338 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) { 2339 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS); 2340 } 2341 } 2342