1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 #include <hw/hw.h> 26 #include <hw/pc.h> 27 #include <hw/pci.h> 28 #include <hw/scsi.h> 29 #include "qemu-error.h" 30 #include "qemu-timer.h" 31 #include "sysemu.h" 32 #include "dma.h" 33 34 #include <hw/ide/internal.h> 35 36 #define IDE_PAGE_SIZE 4096 37 38 static const int smart_attributes[][5] = { 39 /* id, flags, val, wrst, thrsh */ 40 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */ 41 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */ 42 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */ 43 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */ 44 { 0x00, 0x00, 0x00, 0x00, 0x00} 45 }; 46 47 /* XXX: DVDs that could fit on a CD will be reported as a CD */ 48 static inline int media_present(IDEState *s) 49 { 50 return (s->nb_sectors > 0); 51 } 52 53 static inline int media_is_dvd(IDEState *s) 54 { 55 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS); 56 } 57 58 static inline int media_is_cd(IDEState *s) 59 { 60 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS); 61 } 62 63 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb); 64 static void ide_dma_restart(IDEState *s, int is_read); 65 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret); 66 static int ide_handle_rw_error(IDEState *s, int error, int op); 67 68 static void padstr(char *str, const char *src, int len) 69 { 70 int i, v; 71 for(i = 0; i < len; i++) { 72 if (*src) 73 v = *src++; 74 else 75 v = ' '; 76 str[i^1] = v; 77 } 78 } 79 80 static void padstr8(uint8_t *buf, int buf_size, const char *src) 81 { 82 int i; 83 for(i = 0; i < buf_size; i++) { 84 if (*src) 85 buf[i] = *src++; 86 else 87 buf[i] = ' '; 88 } 89 } 90 91 static void put_le16(uint16_t *p, unsigned int v) 92 { 93 *p = cpu_to_le16(v); 94 } 95 96 static void ide_identify(IDEState *s) 97 { 98 uint16_t *p; 99 unsigned int oldsize; 100 IDEDevice *dev; 101 102 if (s->identify_set) { 103 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 104 return; 105 } 106 107 memset(s->io_buffer, 0, 512); 108 p = (uint16_t *)s->io_buffer; 109 put_le16(p + 0, 0x0040); 110 put_le16(p + 1, s->cylinders); 111 put_le16(p + 3, s->heads); 112 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 113 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 114 put_le16(p + 6, s->sectors); 115 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 116 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 117 put_le16(p + 21, 512); /* cache size in sectors */ 118 put_le16(p + 22, 4); /* ecc bytes */ 119 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 120 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */ 121 #if MAX_MULT_SECTORS > 1 122 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 123 #endif 124 put_le16(p + 48, 1); /* dword I/O */ 125 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 126 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 127 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 128 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 129 put_le16(p + 54, s->cylinders); 130 put_le16(p + 55, s->heads); 131 put_le16(p + 56, s->sectors); 132 oldsize = s->cylinders * s->heads * s->sectors; 133 put_le16(p + 57, oldsize); 134 put_le16(p + 58, oldsize >> 16); 135 if (s->mult_sectors) 136 put_le16(p + 59, 0x100 | s->mult_sectors); 137 put_le16(p + 60, s->nb_sectors); 138 put_le16(p + 61, s->nb_sectors >> 16); 139 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 140 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 141 put_le16(p + 65, 120); 142 put_le16(p + 66, 120); 143 put_le16(p + 67, 120); 144 put_le16(p + 68, 120); 145 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 146 put_le16(p + 81, 0x16); /* conforms to ata5 */ 147 /* 14=NOP supported, 0=SMART supported */ 148 put_le16(p + 82, (1 << 14) | 1); 149 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 150 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 151 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */ 152 put_le16(p + 84, (1 << 14) | 0); 153 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 154 if (bdrv_enable_write_cache(s->bs)) 155 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 156 else 157 put_le16(p + 85, (1 << 14) | 1); 158 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 159 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 160 /* 14=set to 1, 1=smart self test, 0=smart error logging */ 161 put_le16(p + 87, (1 << 14) | 0); 162 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 163 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 164 put_le16(p + 100, s->nb_sectors); 165 put_le16(p + 101, s->nb_sectors >> 16); 166 put_le16(p + 102, s->nb_sectors >> 32); 167 put_le16(p + 103, s->nb_sectors >> 48); 168 dev = s->unit ? s->bus->slave : s->bus->master; 169 if (dev && dev->conf.physical_block_size) 170 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 171 172 memcpy(s->identify_data, p, sizeof(s->identify_data)); 173 s->identify_set = 1; 174 } 175 176 static void ide_atapi_identify(IDEState *s) 177 { 178 uint16_t *p; 179 180 if (s->identify_set) { 181 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 182 return; 183 } 184 185 memset(s->io_buffer, 0, 512); 186 p = (uint16_t *)s->io_buffer; 187 /* Removable CDROM, 50us response, 12 byte packets */ 188 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 189 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 190 put_le16(p + 20, 3); /* buffer type */ 191 put_le16(p + 21, 512); /* cache size in sectors */ 192 put_le16(p + 22, 4); /* ecc bytes */ 193 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 194 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */ 195 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 196 #ifdef USE_DMA_CDROM 197 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 198 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 199 put_le16(p + 62, 7); /* single word dma0-2 supported */ 200 put_le16(p + 63, 7); /* mdma0-2 supported */ 201 put_le16(p + 64, 0x3f); /* PIO modes supported */ 202 #else 203 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 204 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 205 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 206 put_le16(p + 64, 1); /* PIO modes */ 207 #endif 208 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 209 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 210 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 211 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 212 213 put_le16(p + 71, 30); /* in ns */ 214 put_le16(p + 72, 30); /* in ns */ 215 216 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 217 #ifdef USE_DMA_CDROM 218 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 219 #endif 220 memcpy(s->identify_data, p, sizeof(s->identify_data)); 221 s->identify_set = 1; 222 } 223 224 static void ide_cfata_identify(IDEState *s) 225 { 226 uint16_t *p; 227 uint32_t cur_sec; 228 229 p = (uint16_t *) s->identify_data; 230 if (s->identify_set) 231 goto fill_buffer; 232 233 memset(p, 0, sizeof(s->identify_data)); 234 235 cur_sec = s->cylinders * s->heads * s->sectors; 236 237 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 238 put_le16(p + 1, s->cylinders); /* Default cylinders */ 239 put_le16(p + 3, s->heads); /* Default heads */ 240 put_le16(p + 6, s->sectors); /* Default sectors per track */ 241 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 242 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 243 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 244 put_le16(p + 22, 0x0004); /* ECC bytes */ 245 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 246 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */ 247 #if MAX_MULT_SECTORS > 1 248 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 249 #else 250 put_le16(p + 47, 0x0000); 251 #endif 252 put_le16(p + 49, 0x0f00); /* Capabilities */ 253 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 254 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 255 put_le16(p + 53, 0x0003); /* Translation params valid */ 256 put_le16(p + 54, s->cylinders); /* Current cylinders */ 257 put_le16(p + 55, s->heads); /* Current heads */ 258 put_le16(p + 56, s->sectors); /* Current sectors */ 259 put_le16(p + 57, cur_sec); /* Current capacity */ 260 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 261 if (s->mult_sectors) /* Multiple sector setting */ 262 put_le16(p + 59, 0x100 | s->mult_sectors); 263 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 264 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 265 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 266 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 267 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 268 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 269 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 270 put_le16(p + 82, 0x400c); /* Command Set supported */ 271 put_le16(p + 83, 0x7068); /* Command Set supported */ 272 put_le16(p + 84, 0x4000); /* Features supported */ 273 put_le16(p + 85, 0x000c); /* Command Set enabled */ 274 put_le16(p + 86, 0x7044); /* Command Set enabled */ 275 put_le16(p + 87, 0x4000); /* Features enabled */ 276 put_le16(p + 91, 0x4060); /* Current APM level */ 277 put_le16(p + 129, 0x0002); /* Current features option */ 278 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 279 put_le16(p + 131, 0x0001); /* Initial power mode */ 280 put_le16(p + 132, 0x0000); /* User signature */ 281 put_le16(p + 160, 0x8100); /* Power requirement */ 282 put_le16(p + 161, 0x8001); /* CF command set */ 283 284 s->identify_set = 1; 285 286 fill_buffer: 287 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 288 } 289 290 static void ide_set_signature(IDEState *s) 291 { 292 s->select &= 0xf0; /* clear head */ 293 /* put signature */ 294 s->nsector = 1; 295 s->sector = 1; 296 if (s->drive_kind == IDE_CD) { 297 s->lcyl = 0x14; 298 s->hcyl = 0xeb; 299 } else if (s->bs) { 300 s->lcyl = 0; 301 s->hcyl = 0; 302 } else { 303 s->lcyl = 0xff; 304 s->hcyl = 0xff; 305 } 306 } 307 308 static inline void ide_abort_command(IDEState *s) 309 { 310 s->status = READY_STAT | ERR_STAT; 311 s->error = ABRT_ERR; 312 } 313 314 static inline void ide_dma_submit_check(IDEState *s, 315 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm) 316 { 317 if (bm->aiocb) 318 return; 319 dma_cb(bm, -1); 320 } 321 322 /* prepare data transfer and tell what to do after */ 323 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 324 EndTransferFunc *end_transfer_func) 325 { 326 s->end_transfer_func = end_transfer_func; 327 s->data_ptr = buf; 328 s->data_end = buf + size; 329 if (!(s->status & ERR_STAT)) 330 s->status |= DRQ_STAT; 331 } 332 333 static void ide_transfer_stop(IDEState *s) 334 { 335 s->end_transfer_func = ide_transfer_stop; 336 s->data_ptr = s->io_buffer; 337 s->data_end = s->io_buffer; 338 s->status &= ~DRQ_STAT; 339 } 340 341 int64_t ide_get_sector(IDEState *s) 342 { 343 int64_t sector_num; 344 if (s->select & 0x40) { 345 /* lba */ 346 if (!s->lba48) { 347 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 348 (s->lcyl << 8) | s->sector; 349 } else { 350 sector_num = ((int64_t)s->hob_hcyl << 40) | 351 ((int64_t) s->hob_lcyl << 32) | 352 ((int64_t) s->hob_sector << 24) | 353 ((int64_t) s->hcyl << 16) | 354 ((int64_t) s->lcyl << 8) | s->sector; 355 } 356 } else { 357 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 358 (s->select & 0x0f) * s->sectors + (s->sector - 1); 359 } 360 return sector_num; 361 } 362 363 void ide_set_sector(IDEState *s, int64_t sector_num) 364 { 365 unsigned int cyl, r; 366 if (s->select & 0x40) { 367 if (!s->lba48) { 368 s->select = (s->select & 0xf0) | (sector_num >> 24); 369 s->hcyl = (sector_num >> 16); 370 s->lcyl = (sector_num >> 8); 371 s->sector = (sector_num); 372 } else { 373 s->sector = sector_num; 374 s->lcyl = sector_num >> 8; 375 s->hcyl = sector_num >> 16; 376 s->hob_sector = sector_num >> 24; 377 s->hob_lcyl = sector_num >> 32; 378 s->hob_hcyl = sector_num >> 40; 379 } 380 } else { 381 cyl = sector_num / (s->heads * s->sectors); 382 r = sector_num % (s->heads * s->sectors); 383 s->hcyl = cyl >> 8; 384 s->lcyl = cyl; 385 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 386 s->sector = (r % s->sectors) + 1; 387 } 388 } 389 390 static void ide_rw_error(IDEState *s) { 391 ide_abort_command(s); 392 ide_set_irq(s->bus); 393 } 394 395 static void ide_sector_read(IDEState *s) 396 { 397 int64_t sector_num; 398 int ret, n; 399 400 s->status = READY_STAT | SEEK_STAT; 401 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 402 sector_num = ide_get_sector(s); 403 n = s->nsector; 404 if (n == 0) { 405 /* no more sector to read from disk */ 406 ide_transfer_stop(s); 407 } else { 408 #if defined(DEBUG_IDE) 409 printf("read sector=%" PRId64 "\n", sector_num); 410 #endif 411 if (n > s->req_nb_sectors) 412 n = s->req_nb_sectors; 413 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n); 414 if (ret != 0) { 415 if (ide_handle_rw_error(s, -ret, 416 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ)) 417 { 418 return; 419 } 420 } 421 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read); 422 ide_set_irq(s->bus); 423 ide_set_sector(s, sector_num + n); 424 s->nsector -= n; 425 } 426 } 427 428 429 /* return 0 if buffer completed */ 430 static int dma_buf_prepare(BMDMAState *bm, int is_write) 431 { 432 IDEState *s = bmdma_active_if(bm); 433 struct { 434 uint32_t addr; 435 uint32_t size; 436 } prd; 437 int l, len; 438 439 qemu_sglist_init(&s->sg, s->nsector / (IDE_PAGE_SIZE / 512) + 1); 440 s->io_buffer_size = 0; 441 for(;;) { 442 if (bm->cur_prd_len == 0) { 443 /* end of table (with a fail safe of one page) */ 444 if (bm->cur_prd_last || 445 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE) 446 return s->io_buffer_size != 0; 447 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8); 448 bm->cur_addr += 8; 449 prd.addr = le32_to_cpu(prd.addr); 450 prd.size = le32_to_cpu(prd.size); 451 len = prd.size & 0xfffe; 452 if (len == 0) 453 len = 0x10000; 454 bm->cur_prd_len = len; 455 bm->cur_prd_addr = prd.addr; 456 bm->cur_prd_last = (prd.size & 0x80000000); 457 } 458 l = bm->cur_prd_len; 459 if (l > 0) { 460 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l); 461 bm->cur_prd_addr += l; 462 bm->cur_prd_len -= l; 463 s->io_buffer_size += l; 464 } 465 } 466 return 1; 467 } 468 469 static void dma_buf_commit(IDEState *s, int is_write) 470 { 471 qemu_sglist_destroy(&s->sg); 472 } 473 474 void ide_dma_error(IDEState *s) 475 { 476 ide_transfer_stop(s); 477 s->error = ABRT_ERR; 478 s->status = READY_STAT | ERR_STAT; 479 ide_set_irq(s->bus); 480 } 481 482 static int ide_handle_rw_error(IDEState *s, int error, int op) 483 { 484 int is_read = (op & BM_STATUS_RETRY_READ); 485 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read); 486 487 if (action == BLOCK_ERR_IGNORE) { 488 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read); 489 return 0; 490 } 491 492 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC) 493 || action == BLOCK_ERR_STOP_ANY) { 494 s->bus->bmdma->unit = s->unit; 495 s->bus->bmdma->status |= op; 496 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read); 497 vm_stop(0); 498 } else { 499 if (op & BM_STATUS_DMA_RETRY) { 500 dma_buf_commit(s, 0); 501 ide_dma_error(s); 502 } else { 503 ide_rw_error(s); 504 } 505 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read); 506 } 507 508 return 1; 509 } 510 511 /* return 0 if buffer completed */ 512 static int dma_buf_rw(BMDMAState *bm, int is_write) 513 { 514 IDEState *s = bmdma_active_if(bm); 515 struct { 516 uint32_t addr; 517 uint32_t size; 518 } prd; 519 int l, len; 520 521 for(;;) { 522 l = s->io_buffer_size - s->io_buffer_index; 523 if (l <= 0) 524 break; 525 if (bm->cur_prd_len == 0) { 526 /* end of table (with a fail safe of one page) */ 527 if (bm->cur_prd_last || 528 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE) 529 return 0; 530 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8); 531 bm->cur_addr += 8; 532 prd.addr = le32_to_cpu(prd.addr); 533 prd.size = le32_to_cpu(prd.size); 534 len = prd.size & 0xfffe; 535 if (len == 0) 536 len = 0x10000; 537 bm->cur_prd_len = len; 538 bm->cur_prd_addr = prd.addr; 539 bm->cur_prd_last = (prd.size & 0x80000000); 540 } 541 if (l > bm->cur_prd_len) 542 l = bm->cur_prd_len; 543 if (l > 0) { 544 if (is_write) { 545 cpu_physical_memory_write(bm->cur_prd_addr, 546 s->io_buffer + s->io_buffer_index, l); 547 } else { 548 cpu_physical_memory_read(bm->cur_prd_addr, 549 s->io_buffer + s->io_buffer_index, l); 550 } 551 bm->cur_prd_addr += l; 552 bm->cur_prd_len -= l; 553 s->io_buffer_index += l; 554 } 555 } 556 return 1; 557 } 558 559 static void ide_read_dma_cb(void *opaque, int ret) 560 { 561 BMDMAState *bm = opaque; 562 IDEState *s = bmdma_active_if(bm); 563 int n; 564 int64_t sector_num; 565 566 if (ret < 0) { 567 if (ide_handle_rw_error(s, -ret, 568 BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ)) 569 { 570 return; 571 } 572 } 573 574 n = s->io_buffer_size >> 9; 575 sector_num = ide_get_sector(s); 576 if (n > 0) { 577 dma_buf_commit(s, 1); 578 sector_num += n; 579 ide_set_sector(s, sector_num); 580 s->nsector -= n; 581 } 582 583 /* end of transfer ? */ 584 if (s->nsector == 0) { 585 s->status = READY_STAT | SEEK_STAT; 586 ide_set_irq(s->bus); 587 eot: 588 bm->status &= ~BM_STATUS_DMAING; 589 bm->status |= BM_STATUS_INT; 590 bm->dma_cb = NULL; 591 bm->unit = -1; 592 bm->aiocb = NULL; 593 return; 594 } 595 596 /* launch next transfer */ 597 n = s->nsector; 598 s->io_buffer_index = 0; 599 s->io_buffer_size = n * 512; 600 if (dma_buf_prepare(bm, 1) == 0) 601 goto eot; 602 #ifdef DEBUG_AIO 603 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n); 604 #endif 605 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm); 606 ide_dma_submit_check(s, ide_read_dma_cb, bm); 607 } 608 609 static void ide_sector_read_dma(IDEState *s) 610 { 611 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; 612 s->io_buffer_index = 0; 613 s->io_buffer_size = 0; 614 s->is_read = 1; 615 ide_dma_start(s, ide_read_dma_cb); 616 } 617 618 static void ide_sector_write_timer_cb(void *opaque) 619 { 620 IDEState *s = opaque; 621 ide_set_irq(s->bus); 622 } 623 624 static void ide_sector_write(IDEState *s) 625 { 626 int64_t sector_num; 627 int ret, n, n1; 628 629 s->status = READY_STAT | SEEK_STAT; 630 sector_num = ide_get_sector(s); 631 #if defined(DEBUG_IDE) 632 printf("write sector=%" PRId64 "\n", sector_num); 633 #endif 634 n = s->nsector; 635 if (n > s->req_nb_sectors) 636 n = s->req_nb_sectors; 637 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n); 638 639 if (ret != 0) { 640 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) 641 return; 642 } 643 644 s->nsector -= n; 645 if (s->nsector == 0) { 646 /* no more sectors to write */ 647 ide_transfer_stop(s); 648 } else { 649 n1 = s->nsector; 650 if (n1 > s->req_nb_sectors) 651 n1 = s->req_nb_sectors; 652 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write); 653 } 654 ide_set_sector(s, sector_num + n); 655 656 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 657 /* It seems there is a bug in the Windows 2000 installer HDD 658 IDE driver which fills the disk with empty logs when the 659 IDE write IRQ comes too early. This hack tries to correct 660 that at the expense of slower write performances. Use this 661 option _only_ to install Windows 2000. You must disable it 662 for normal use. */ 663 qemu_mod_timer(s->sector_write_timer, 664 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000)); 665 } else { 666 ide_set_irq(s->bus); 667 } 668 } 669 670 static void ide_dma_restart_bh(void *opaque) 671 { 672 BMDMAState *bm = opaque; 673 int is_read; 674 675 qemu_bh_delete(bm->bh); 676 bm->bh = NULL; 677 678 is_read = !!(bm->status & BM_STATUS_RETRY_READ); 679 680 if (bm->status & BM_STATUS_DMA_RETRY) { 681 bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ); 682 ide_dma_restart(bmdma_active_if(bm), is_read); 683 } else if (bm->status & BM_STATUS_PIO_RETRY) { 684 bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ); 685 if (is_read) { 686 ide_sector_read(bmdma_active_if(bm)); 687 } else { 688 ide_sector_write(bmdma_active_if(bm)); 689 } 690 } 691 } 692 693 void ide_dma_restart_cb(void *opaque, int running, int reason) 694 { 695 BMDMAState *bm = opaque; 696 697 if (!running) 698 return; 699 700 if (!bm->bh) { 701 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm); 702 qemu_bh_schedule(bm->bh); 703 } 704 } 705 706 static void ide_write_dma_cb(void *opaque, int ret) 707 { 708 BMDMAState *bm = opaque; 709 IDEState *s = bmdma_active_if(bm); 710 int n; 711 int64_t sector_num; 712 713 if (ret < 0) { 714 if (ide_handle_rw_error(s, -ret, BM_STATUS_DMA_RETRY)) 715 return; 716 } 717 718 n = s->io_buffer_size >> 9; 719 sector_num = ide_get_sector(s); 720 if (n > 0) { 721 dma_buf_commit(s, 0); 722 sector_num += n; 723 ide_set_sector(s, sector_num); 724 s->nsector -= n; 725 } 726 727 /* end of transfer ? */ 728 if (s->nsector == 0) { 729 s->status = READY_STAT | SEEK_STAT; 730 ide_set_irq(s->bus); 731 eot: 732 bm->status &= ~BM_STATUS_DMAING; 733 bm->status |= BM_STATUS_INT; 734 bm->dma_cb = NULL; 735 bm->unit = -1; 736 bm->aiocb = NULL; 737 return; 738 } 739 740 n = s->nsector; 741 s->io_buffer_size = n * 512; 742 /* launch next transfer */ 743 if (dma_buf_prepare(bm, 0) == 0) 744 goto eot; 745 #ifdef DEBUG_AIO 746 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n); 747 #endif 748 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm); 749 ide_dma_submit_check(s, ide_write_dma_cb, bm); 750 } 751 752 static void ide_sector_write_dma(IDEState *s) 753 { 754 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; 755 s->io_buffer_index = 0; 756 s->io_buffer_size = 0; 757 s->is_read = 0; 758 ide_dma_start(s, ide_write_dma_cb); 759 } 760 761 void ide_atapi_cmd_ok(IDEState *s) 762 { 763 s->error = 0; 764 s->status = READY_STAT | SEEK_STAT; 765 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD; 766 ide_set_irq(s->bus); 767 } 768 769 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc) 770 { 771 #ifdef DEBUG_IDE_ATAPI 772 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc); 773 #endif 774 s->error = sense_key << 4; 775 s->status = READY_STAT | ERR_STAT; 776 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD; 777 s->sense_key = sense_key; 778 s->asc = asc; 779 ide_set_irq(s->bus); 780 } 781 782 static void ide_atapi_cmd_check_status(IDEState *s) 783 { 784 #ifdef DEBUG_IDE_ATAPI 785 printf("atapi_cmd_check_status\n"); 786 #endif 787 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4); 788 s->status = ERR_STAT; 789 s->nsector = 0; 790 ide_set_irq(s->bus); 791 } 792 793 static void ide_flush_cb(void *opaque, int ret) 794 { 795 IDEState *s = opaque; 796 797 /* XXX: how do we signal I/O errors here? */ 798 799 s->status = READY_STAT | SEEK_STAT; 800 ide_set_irq(s->bus); 801 } 802 803 static inline void cpu_to_ube16(uint8_t *buf, int val) 804 { 805 buf[0] = val >> 8; 806 buf[1] = val & 0xff; 807 } 808 809 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val) 810 { 811 buf[0] = val >> 24; 812 buf[1] = val >> 16; 813 buf[2] = val >> 8; 814 buf[3] = val & 0xff; 815 } 816 817 static inline int ube16_to_cpu(const uint8_t *buf) 818 { 819 return (buf[0] << 8) | buf[1]; 820 } 821 822 static inline int ube32_to_cpu(const uint8_t *buf) 823 { 824 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3]; 825 } 826 827 static void lba_to_msf(uint8_t *buf, int lba) 828 { 829 lba += 150; 830 buf[0] = (lba / 75) / 60; 831 buf[1] = (lba / 75) % 60; 832 buf[2] = lba % 75; 833 } 834 835 static void cd_data_to_raw(uint8_t *buf, int lba) 836 { 837 /* sync bytes */ 838 buf[0] = 0x00; 839 memset(buf + 1, 0xff, 10); 840 buf[11] = 0x00; 841 buf += 12; 842 /* MSF */ 843 lba_to_msf(buf, lba); 844 buf[3] = 0x01; /* mode 1 data */ 845 buf += 4; 846 /* data */ 847 buf += 2048; 848 /* XXX: ECC not computed */ 849 memset(buf, 0, 288); 850 } 851 852 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf, 853 int sector_size) 854 { 855 int ret; 856 857 switch(sector_size) { 858 case 2048: 859 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4); 860 break; 861 case 2352: 862 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4); 863 if (ret < 0) 864 return ret; 865 cd_data_to_raw(buf, lba); 866 break; 867 default: 868 ret = -EIO; 869 break; 870 } 871 return ret; 872 } 873 874 void ide_atapi_io_error(IDEState *s, int ret) 875 { 876 /* XXX: handle more errors */ 877 if (ret == -ENOMEDIUM) { 878 ide_atapi_cmd_error(s, SENSE_NOT_READY, 879 ASC_MEDIUM_NOT_PRESENT); 880 } else { 881 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 882 ASC_LOGICAL_BLOCK_OOR); 883 } 884 } 885 886 /* The whole ATAPI transfer logic is handled in this function */ 887 static void ide_atapi_cmd_reply_end(IDEState *s) 888 { 889 int byte_count_limit, size, ret; 890 #ifdef DEBUG_IDE_ATAPI 891 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n", 892 s->packet_transfer_size, 893 s->elementary_transfer_size, 894 s->io_buffer_index); 895 #endif 896 if (s->packet_transfer_size <= 0) { 897 /* end of transfer */ 898 ide_transfer_stop(s); 899 s->status = READY_STAT | SEEK_STAT; 900 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD; 901 ide_set_irq(s->bus); 902 #ifdef DEBUG_IDE_ATAPI 903 printf("status=0x%x\n", s->status); 904 #endif 905 } else { 906 /* see if a new sector must be read */ 907 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) { 908 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size); 909 if (ret < 0) { 910 ide_transfer_stop(s); 911 ide_atapi_io_error(s, ret); 912 return; 913 } 914 s->lba++; 915 s->io_buffer_index = 0; 916 } 917 if (s->elementary_transfer_size > 0) { 918 /* there are some data left to transmit in this elementary 919 transfer */ 920 size = s->cd_sector_size - s->io_buffer_index; 921 if (size > s->elementary_transfer_size) 922 size = s->elementary_transfer_size; 923 ide_transfer_start(s, s->io_buffer + s->io_buffer_index, 924 size, ide_atapi_cmd_reply_end); 925 s->packet_transfer_size -= size; 926 s->elementary_transfer_size -= size; 927 s->io_buffer_index += size; 928 } else { 929 /* a new transfer is needed */ 930 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO; 931 byte_count_limit = s->lcyl | (s->hcyl << 8); 932 #ifdef DEBUG_IDE_ATAPI 933 printf("byte_count_limit=%d\n", byte_count_limit); 934 #endif 935 if (byte_count_limit == 0xffff) 936 byte_count_limit--; 937 size = s->packet_transfer_size; 938 if (size > byte_count_limit) { 939 /* byte count limit must be even if this case */ 940 if (byte_count_limit & 1) 941 byte_count_limit--; 942 size = byte_count_limit; 943 } 944 s->lcyl = size; 945 s->hcyl = size >> 8; 946 s->elementary_transfer_size = size; 947 /* we cannot transmit more than one sector at a time */ 948 if (s->lba != -1) { 949 if (size > (s->cd_sector_size - s->io_buffer_index)) 950 size = (s->cd_sector_size - s->io_buffer_index); 951 } 952 ide_transfer_start(s, s->io_buffer + s->io_buffer_index, 953 size, ide_atapi_cmd_reply_end); 954 s->packet_transfer_size -= size; 955 s->elementary_transfer_size -= size; 956 s->io_buffer_index += size; 957 ide_set_irq(s->bus); 958 #ifdef DEBUG_IDE_ATAPI 959 printf("status=0x%x\n", s->status); 960 #endif 961 } 962 } 963 } 964 965 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */ 966 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size) 967 { 968 if (size > max_size) 969 size = max_size; 970 s->lba = -1; /* no sector read */ 971 s->packet_transfer_size = size; 972 s->io_buffer_size = size; /* dma: send the reply data as one chunk */ 973 s->elementary_transfer_size = 0; 974 s->io_buffer_index = 0; 975 976 if (s->atapi_dma) { 977 s->status = READY_STAT | SEEK_STAT | DRQ_STAT; 978 ide_dma_start(s, ide_atapi_cmd_read_dma_cb); 979 } else { 980 s->status = READY_STAT | SEEK_STAT; 981 ide_atapi_cmd_reply_end(s); 982 } 983 } 984 985 /* start a CD-CDROM read command */ 986 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors, 987 int sector_size) 988 { 989 s->lba = lba; 990 s->packet_transfer_size = nb_sectors * sector_size; 991 s->elementary_transfer_size = 0; 992 s->io_buffer_index = sector_size; 993 s->cd_sector_size = sector_size; 994 995 s->status = READY_STAT | SEEK_STAT; 996 ide_atapi_cmd_reply_end(s); 997 } 998 999 /* ATAPI DMA support */ 1000 1001 /* XXX: handle read errors */ 1002 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret) 1003 { 1004 BMDMAState *bm = opaque; 1005 IDEState *s = bmdma_active_if(bm); 1006 int data_offset, n; 1007 1008 if (ret < 0) { 1009 ide_atapi_io_error(s, ret); 1010 goto eot; 1011 } 1012 1013 if (s->io_buffer_size > 0) { 1014 /* 1015 * For a cdrom read sector command (s->lba != -1), 1016 * adjust the lba for the next s->io_buffer_size chunk 1017 * and dma the current chunk. 1018 * For a command != read (s->lba == -1), just transfer 1019 * the reply data. 1020 */ 1021 if (s->lba != -1) { 1022 if (s->cd_sector_size == 2352) { 1023 n = 1; 1024 cd_data_to_raw(s->io_buffer, s->lba); 1025 } else { 1026 n = s->io_buffer_size >> 11; 1027 } 1028 s->lba += n; 1029 } 1030 s->packet_transfer_size -= s->io_buffer_size; 1031 if (dma_buf_rw(bm, 1) == 0) 1032 goto eot; 1033 } 1034 1035 if (s->packet_transfer_size <= 0) { 1036 s->status = READY_STAT | SEEK_STAT; 1037 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD; 1038 ide_set_irq(s->bus); 1039 eot: 1040 bm->status &= ~BM_STATUS_DMAING; 1041 bm->status |= BM_STATUS_INT; 1042 bm->dma_cb = NULL; 1043 bm->unit = -1; 1044 bm->aiocb = NULL; 1045 return; 1046 } 1047 1048 s->io_buffer_index = 0; 1049 if (s->cd_sector_size == 2352) { 1050 n = 1; 1051 s->io_buffer_size = s->cd_sector_size; 1052 data_offset = 16; 1053 } else { 1054 n = s->packet_transfer_size >> 11; 1055 if (n > (IDE_DMA_BUF_SECTORS / 4)) 1056 n = (IDE_DMA_BUF_SECTORS / 4); 1057 s->io_buffer_size = n * 2048; 1058 data_offset = 0; 1059 } 1060 #ifdef DEBUG_AIO 1061 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n); 1062 #endif 1063 bm->iov.iov_base = (void *)(s->io_buffer + data_offset); 1064 bm->iov.iov_len = n * 4 * 512; 1065 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1); 1066 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov, 1067 n * 4, ide_atapi_cmd_read_dma_cb, bm); 1068 if (!bm->aiocb) { 1069 /* Note: media not present is the most likely case */ 1070 ide_atapi_cmd_error(s, SENSE_NOT_READY, 1071 ASC_MEDIUM_NOT_PRESENT); 1072 goto eot; 1073 } 1074 } 1075 1076 /* start a CD-CDROM read command with DMA */ 1077 /* XXX: test if DMA is available */ 1078 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors, 1079 int sector_size) 1080 { 1081 s->lba = lba; 1082 s->packet_transfer_size = nb_sectors * sector_size; 1083 s->io_buffer_index = 0; 1084 s->io_buffer_size = 0; 1085 s->cd_sector_size = sector_size; 1086 1087 /* XXX: check if BUSY_STAT should be set */ 1088 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; 1089 ide_dma_start(s, ide_atapi_cmd_read_dma_cb); 1090 } 1091 1092 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors, 1093 int sector_size) 1094 { 1095 #ifdef DEBUG_IDE_ATAPI 1096 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio", 1097 lba, nb_sectors); 1098 #endif 1099 if (s->atapi_dma) { 1100 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size); 1101 } else { 1102 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size); 1103 } 1104 } 1105 1106 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index, 1107 uint16_t profile) 1108 { 1109 uint8_t *buf_profile = buf + 12; /* start of profiles */ 1110 1111 buf_profile += ((*index) * 4); /* start of indexed profile */ 1112 cpu_to_ube16 (buf_profile, profile); 1113 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7])); 1114 1115 /* each profile adds 4 bytes to the response */ 1116 (*index)++; 1117 buf[11] += 4; /* Additional Length */ 1118 1119 return 4; 1120 } 1121 1122 static int ide_dvd_read_structure(IDEState *s, int format, 1123 const uint8_t *packet, uint8_t *buf) 1124 { 1125 switch (format) { 1126 case 0x0: /* Physical format information */ 1127 { 1128 int layer = packet[6]; 1129 uint64_t total_sectors; 1130 1131 if (layer != 0) 1132 return -ASC_INV_FIELD_IN_CMD_PACKET; 1133 1134 bdrv_get_geometry(s->bs, &total_sectors); 1135 total_sectors >>= 2; 1136 if (total_sectors == 0) 1137 return -ASC_MEDIUM_NOT_PRESENT; 1138 1139 buf[4] = 1; /* DVD-ROM, part version 1 */ 1140 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */ 1141 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */ 1142 buf[7] = 0; /* default densities */ 1143 1144 /* FIXME: 0x30000 per spec? */ 1145 cpu_to_ube32(buf + 8, 0); /* start sector */ 1146 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */ 1147 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */ 1148 1149 /* Size of buffer, not including 2 byte size field */ 1150 cpu_to_be16wu((uint16_t *)buf, 2048 + 2); 1151 1152 /* 2k data + 4 byte header */ 1153 return (2048 + 4); 1154 } 1155 1156 case 0x01: /* DVD copyright information */ 1157 buf[4] = 0; /* no copyright data */ 1158 buf[5] = 0; /* no region restrictions */ 1159 1160 /* Size of buffer, not including 2 byte size field */ 1161 cpu_to_be16wu((uint16_t *)buf, 4 + 2); 1162 1163 /* 4 byte header + 4 byte data */ 1164 return (4 + 4); 1165 1166 case 0x03: /* BCA information - invalid field for no BCA info */ 1167 return -ASC_INV_FIELD_IN_CMD_PACKET; 1168 1169 case 0x04: /* DVD disc manufacturing information */ 1170 /* Size of buffer, not including 2 byte size field */ 1171 cpu_to_be16wu((uint16_t *)buf, 2048 + 2); 1172 1173 /* 2k data + 4 byte header */ 1174 return (2048 + 4); 1175 1176 case 0xff: 1177 /* 1178 * This lists all the command capabilities above. Add new ones 1179 * in order and update the length and buffer return values. 1180 */ 1181 1182 buf[4] = 0x00; /* Physical format */ 1183 buf[5] = 0x40; /* Not writable, is readable */ 1184 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4); 1185 1186 buf[8] = 0x01; /* Copyright info */ 1187 buf[9] = 0x40; /* Not writable, is readable */ 1188 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4); 1189 1190 buf[12] = 0x03; /* BCA info */ 1191 buf[13] = 0x40; /* Not writable, is readable */ 1192 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4); 1193 1194 buf[16] = 0x04; /* Manufacturing info */ 1195 buf[17] = 0x40; /* Not writable, is readable */ 1196 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4); 1197 1198 /* Size of buffer, not including 2 byte size field */ 1199 cpu_to_be16wu((uint16_t *)buf, 16 + 2); 1200 1201 /* data written + 4 byte header */ 1202 return (16 + 4); 1203 1204 default: /* TODO: formats beyond DVD-ROM requires */ 1205 return -ASC_INV_FIELD_IN_CMD_PACKET; 1206 } 1207 } 1208 1209 static void ide_atapi_cmd(IDEState *s) 1210 { 1211 const uint8_t *packet; 1212 uint8_t *buf; 1213 int max_len; 1214 1215 packet = s->io_buffer; 1216 buf = s->io_buffer; 1217 #ifdef DEBUG_IDE_ATAPI 1218 { 1219 int i; 1220 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8)); 1221 for(i = 0; i < ATAPI_PACKET_SIZE; i++) { 1222 printf(" %02x", packet[i]); 1223 } 1224 printf("\n"); 1225 } 1226 #endif 1227 /* If there's a UNIT_ATTENTION condition pending, only 1228 REQUEST_SENSE and INQUIRY commands are allowed to complete. */ 1229 if (s->sense_key == SENSE_UNIT_ATTENTION && 1230 s->io_buffer[0] != GPCMD_REQUEST_SENSE && 1231 s->io_buffer[0] != GPCMD_INQUIRY) { 1232 ide_atapi_cmd_check_status(s); 1233 return; 1234 } 1235 switch(s->io_buffer[0]) { 1236 case GPCMD_TEST_UNIT_READY: 1237 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) { 1238 ide_atapi_cmd_ok(s); 1239 } else { 1240 s->cdrom_changed = 0; 1241 ide_atapi_cmd_error(s, SENSE_NOT_READY, 1242 ASC_MEDIUM_NOT_PRESENT); 1243 } 1244 break; 1245 case GPCMD_MODE_SENSE_6: 1246 case GPCMD_MODE_SENSE_10: 1247 { 1248 int action, code; 1249 if (packet[0] == GPCMD_MODE_SENSE_10) 1250 max_len = ube16_to_cpu(packet + 7); 1251 else 1252 max_len = packet[4]; 1253 action = packet[2] >> 6; 1254 code = packet[2] & 0x3f; 1255 switch(action) { 1256 case 0: /* current values */ 1257 switch(code) { 1258 case GPMODE_R_W_ERROR_PAGE: /* error recovery */ 1259 cpu_to_ube16(&buf[0], 16 + 6); 1260 buf[2] = 0x70; 1261 buf[3] = 0; 1262 buf[4] = 0; 1263 buf[5] = 0; 1264 buf[6] = 0; 1265 buf[7] = 0; 1266 1267 buf[8] = 0x01; 1268 buf[9] = 0x06; 1269 buf[10] = 0x00; 1270 buf[11] = 0x05; 1271 buf[12] = 0x00; 1272 buf[13] = 0x00; 1273 buf[14] = 0x00; 1274 buf[15] = 0x00; 1275 ide_atapi_cmd_reply(s, 16, max_len); 1276 break; 1277 case GPMODE_AUDIO_CTL_PAGE: 1278 cpu_to_ube16(&buf[0], 24 + 6); 1279 buf[2] = 0x70; 1280 buf[3] = 0; 1281 buf[4] = 0; 1282 buf[5] = 0; 1283 buf[6] = 0; 1284 buf[7] = 0; 1285 1286 /* Fill with CDROM audio volume */ 1287 buf[17] = 0; 1288 buf[19] = 0; 1289 buf[21] = 0; 1290 buf[23] = 0; 1291 1292 ide_atapi_cmd_reply(s, 24, max_len); 1293 break; 1294 case GPMODE_CAPABILITIES_PAGE: 1295 cpu_to_ube16(&buf[0], 28 + 6); 1296 buf[2] = 0x70; 1297 buf[3] = 0; 1298 buf[4] = 0; 1299 buf[5] = 0; 1300 buf[6] = 0; 1301 buf[7] = 0; 1302 1303 buf[8] = 0x2a; 1304 buf[9] = 0x12; 1305 buf[10] = 0x00; 1306 buf[11] = 0x00; 1307 1308 /* Claim PLAY_AUDIO capability (0x01) since some Linux 1309 code checks for this to automount media. */ 1310 buf[12] = 0x71; 1311 buf[13] = 3 << 5; 1312 buf[14] = (1 << 0) | (1 << 3) | (1 << 5); 1313 if (bdrv_is_locked(s->bs)) 1314 buf[6] |= 1 << 1; 1315 buf[15] = 0x00; 1316 cpu_to_ube16(&buf[16], 706); 1317 buf[18] = 0; 1318 buf[19] = 2; 1319 cpu_to_ube16(&buf[20], 512); 1320 cpu_to_ube16(&buf[22], 706); 1321 buf[24] = 0; 1322 buf[25] = 0; 1323 buf[26] = 0; 1324 buf[27] = 0; 1325 ide_atapi_cmd_reply(s, 28, max_len); 1326 break; 1327 default: 1328 goto error_cmd; 1329 } 1330 break; 1331 case 1: /* changeable values */ 1332 goto error_cmd; 1333 case 2: /* default values */ 1334 goto error_cmd; 1335 default: 1336 case 3: /* saved values */ 1337 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 1338 ASC_SAVING_PARAMETERS_NOT_SUPPORTED); 1339 break; 1340 } 1341 } 1342 break; 1343 case GPCMD_REQUEST_SENSE: 1344 max_len = packet[4]; 1345 memset(buf, 0, 18); 1346 buf[0] = 0x70 | (1 << 7); 1347 buf[2] = s->sense_key; 1348 buf[7] = 10; 1349 buf[12] = s->asc; 1350 if (s->sense_key == SENSE_UNIT_ATTENTION) 1351 s->sense_key = SENSE_NONE; 1352 ide_atapi_cmd_reply(s, 18, max_len); 1353 break; 1354 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL: 1355 if (bdrv_is_inserted(s->bs)) { 1356 bdrv_set_locked(s->bs, packet[4] & 1); 1357 ide_atapi_cmd_ok(s); 1358 } else { 1359 ide_atapi_cmd_error(s, SENSE_NOT_READY, 1360 ASC_MEDIUM_NOT_PRESENT); 1361 } 1362 break; 1363 case GPCMD_READ_10: 1364 case GPCMD_READ_12: 1365 { 1366 int nb_sectors, lba; 1367 1368 if (packet[0] == GPCMD_READ_10) 1369 nb_sectors = ube16_to_cpu(packet + 7); 1370 else 1371 nb_sectors = ube32_to_cpu(packet + 6); 1372 lba = ube32_to_cpu(packet + 2); 1373 if (nb_sectors == 0) { 1374 ide_atapi_cmd_ok(s); 1375 break; 1376 } 1377 ide_atapi_cmd_read(s, lba, nb_sectors, 2048); 1378 } 1379 break; 1380 case GPCMD_READ_CD: 1381 { 1382 int nb_sectors, lba, transfer_request; 1383 1384 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8]; 1385 lba = ube32_to_cpu(packet + 2); 1386 if (nb_sectors == 0) { 1387 ide_atapi_cmd_ok(s); 1388 break; 1389 } 1390 transfer_request = packet[9]; 1391 switch(transfer_request & 0xf8) { 1392 case 0x00: 1393 /* nothing */ 1394 ide_atapi_cmd_ok(s); 1395 break; 1396 case 0x10: 1397 /* normal read */ 1398 ide_atapi_cmd_read(s, lba, nb_sectors, 2048); 1399 break; 1400 case 0xf8: 1401 /* read all data */ 1402 ide_atapi_cmd_read(s, lba, nb_sectors, 2352); 1403 break; 1404 default: 1405 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 1406 ASC_INV_FIELD_IN_CMD_PACKET); 1407 break; 1408 } 1409 } 1410 break; 1411 case GPCMD_SEEK: 1412 { 1413 unsigned int lba; 1414 uint64_t total_sectors; 1415 1416 bdrv_get_geometry(s->bs, &total_sectors); 1417 total_sectors >>= 2; 1418 if (total_sectors == 0) { 1419 ide_atapi_cmd_error(s, SENSE_NOT_READY, 1420 ASC_MEDIUM_NOT_PRESENT); 1421 break; 1422 } 1423 lba = ube32_to_cpu(packet + 2); 1424 if (lba >= total_sectors) { 1425 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 1426 ASC_LOGICAL_BLOCK_OOR); 1427 break; 1428 } 1429 ide_atapi_cmd_ok(s); 1430 } 1431 break; 1432 case GPCMD_START_STOP_UNIT: 1433 { 1434 int start, eject, err = 0; 1435 start = packet[4] & 1; 1436 eject = (packet[4] >> 1) & 1; 1437 1438 if (eject) { 1439 err = bdrv_eject(s->bs, !start); 1440 } 1441 1442 switch (err) { 1443 case 0: 1444 ide_atapi_cmd_ok(s); 1445 break; 1446 case -EBUSY: 1447 ide_atapi_cmd_error(s, SENSE_NOT_READY, 1448 ASC_MEDIA_REMOVAL_PREVENTED); 1449 break; 1450 default: 1451 ide_atapi_cmd_error(s, SENSE_NOT_READY, 1452 ASC_MEDIUM_NOT_PRESENT); 1453 break; 1454 } 1455 } 1456 break; 1457 case GPCMD_MECHANISM_STATUS: 1458 { 1459 max_len = ube16_to_cpu(packet + 8); 1460 cpu_to_ube16(buf, 0); 1461 /* no current LBA */ 1462 buf[2] = 0; 1463 buf[3] = 0; 1464 buf[4] = 0; 1465 buf[5] = 1; 1466 cpu_to_ube16(buf + 6, 0); 1467 ide_atapi_cmd_reply(s, 8, max_len); 1468 } 1469 break; 1470 case GPCMD_READ_TOC_PMA_ATIP: 1471 { 1472 int format, msf, start_track, len; 1473 uint64_t total_sectors; 1474 1475 bdrv_get_geometry(s->bs, &total_sectors); 1476 total_sectors >>= 2; 1477 if (total_sectors == 0) { 1478 ide_atapi_cmd_error(s, SENSE_NOT_READY, 1479 ASC_MEDIUM_NOT_PRESENT); 1480 break; 1481 } 1482 max_len = ube16_to_cpu(packet + 7); 1483 format = packet[9] >> 6; 1484 msf = (packet[1] >> 1) & 1; 1485 start_track = packet[6]; 1486 switch(format) { 1487 case 0: 1488 len = cdrom_read_toc(total_sectors, buf, msf, start_track); 1489 if (len < 0) 1490 goto error_cmd; 1491 ide_atapi_cmd_reply(s, len, max_len); 1492 break; 1493 case 1: 1494 /* multi session : only a single session defined */ 1495 memset(buf, 0, 12); 1496 buf[1] = 0x0a; 1497 buf[2] = 0x01; 1498 buf[3] = 0x01; 1499 ide_atapi_cmd_reply(s, 12, max_len); 1500 break; 1501 case 2: 1502 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track); 1503 if (len < 0) 1504 goto error_cmd; 1505 ide_atapi_cmd_reply(s, len, max_len); 1506 break; 1507 default: 1508 error_cmd: 1509 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 1510 ASC_INV_FIELD_IN_CMD_PACKET); 1511 break; 1512 } 1513 } 1514 break; 1515 case GPCMD_READ_CDVD_CAPACITY: 1516 { 1517 uint64_t total_sectors; 1518 1519 bdrv_get_geometry(s->bs, &total_sectors); 1520 total_sectors >>= 2; 1521 if (total_sectors == 0) { 1522 ide_atapi_cmd_error(s, SENSE_NOT_READY, 1523 ASC_MEDIUM_NOT_PRESENT); 1524 break; 1525 } 1526 /* NOTE: it is really the number of sectors minus 1 */ 1527 cpu_to_ube32(buf, total_sectors - 1); 1528 cpu_to_ube32(buf + 4, 2048); 1529 ide_atapi_cmd_reply(s, 8, 8); 1530 } 1531 break; 1532 case GPCMD_READ_DVD_STRUCTURE: 1533 { 1534 int media = packet[1]; 1535 int format = packet[7]; 1536 int ret; 1537 1538 max_len = ube16_to_cpu(packet + 8); 1539 1540 if (format < 0xff) { 1541 if (media_is_cd(s)) { 1542 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 1543 ASC_INCOMPATIBLE_FORMAT); 1544 break; 1545 } else if (!media_present(s)) { 1546 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 1547 ASC_INV_FIELD_IN_CMD_PACKET); 1548 break; 1549 } 1550 } 1551 1552 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ? 1553 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len); 1554 1555 switch (format) { 1556 case 0x00 ... 0x7f: 1557 case 0xff: 1558 if (media == 0) { 1559 ret = ide_dvd_read_structure(s, format, packet, buf); 1560 1561 if (ret < 0) 1562 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret); 1563 else 1564 ide_atapi_cmd_reply(s, ret, max_len); 1565 1566 break; 1567 } 1568 /* TODO: BD support, fall through for now */ 1569 1570 /* Generic disk structures */ 1571 case 0x80: /* TODO: AACS volume identifier */ 1572 case 0x81: /* TODO: AACS media serial number */ 1573 case 0x82: /* TODO: AACS media identifier */ 1574 case 0x83: /* TODO: AACS media key block */ 1575 case 0x90: /* TODO: List of recognized format layers */ 1576 case 0xc0: /* TODO: Write protection status */ 1577 default: 1578 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 1579 ASC_INV_FIELD_IN_CMD_PACKET); 1580 break; 1581 } 1582 } 1583 break; 1584 case GPCMD_SET_SPEED: 1585 ide_atapi_cmd_ok(s); 1586 break; 1587 case GPCMD_INQUIRY: 1588 max_len = packet[4]; 1589 buf[0] = 0x05; /* CD-ROM */ 1590 buf[1] = 0x80; /* removable */ 1591 buf[2] = 0x00; /* ISO */ 1592 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */ 1593 buf[4] = 31; /* additional length */ 1594 buf[5] = 0; /* reserved */ 1595 buf[6] = 0; /* reserved */ 1596 buf[7] = 0; /* reserved */ 1597 padstr8(buf + 8, 8, "QEMU"); 1598 padstr8(buf + 16, 16, "QEMU DVD-ROM"); 1599 padstr8(buf + 32, 4, s->version); 1600 ide_atapi_cmd_reply(s, 36, max_len); 1601 break; 1602 case GPCMD_GET_CONFIGURATION: 1603 { 1604 uint32_t len; 1605 uint8_t index = 0; 1606 1607 /* only feature 0 is supported */ 1608 if (packet[2] != 0 || packet[3] != 0) { 1609 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 1610 ASC_INV_FIELD_IN_CMD_PACKET); 1611 break; 1612 } 1613 1614 /* XXX: could result in alignment problems in some architectures */ 1615 max_len = ube16_to_cpu(packet + 7); 1616 1617 /* 1618 * XXX: avoid overflow for io_buffer if max_len is bigger than 1619 * the size of that buffer (dimensioned to max number of 1620 * sectors to transfer at once) 1621 * 1622 * Only a problem if the feature/profiles grow. 1623 */ 1624 if (max_len > 512) /* XXX: assume 1 sector */ 1625 max_len = 512; 1626 1627 memset(buf, 0, max_len); 1628 /* 1629 * the number of sectors from the media tells us which profile 1630 * to use as current. 0 means there is no media 1631 */ 1632 if (media_is_dvd(s)) 1633 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM); 1634 else if (media_is_cd(s)) 1635 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM); 1636 1637 buf[10] = 0x02 | 0x01; /* persistent and current */ 1638 len = 12; /* headers: 8 + 4 */ 1639 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM); 1640 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM); 1641 cpu_to_ube32(buf, len - 4); /* data length */ 1642 1643 ide_atapi_cmd_reply(s, len, max_len); 1644 break; 1645 } 1646 case GPCMD_GET_EVENT_STATUS_NOTIFICATION: 1647 max_len = ube16_to_cpu(packet + 7); 1648 1649 if (packet[1] & 0x01) { /* polling */ 1650 /* We don't support any event class (yet). */ 1651 cpu_to_ube16(buf, 0x00); /* No event descriptor returned */ 1652 buf[2] = 0x80; /* No Event Available (NEA) */ 1653 buf[3] = 0x00; /* Empty supported event classes */ 1654 ide_atapi_cmd_reply(s, 4, max_len); 1655 } else { /* asynchronous mode */ 1656 /* Only polling is supported, asynchronous mode is not. */ 1657 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 1658 ASC_INV_FIELD_IN_CMD_PACKET); 1659 } 1660 break; 1661 default: 1662 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, 1663 ASC_ILLEGAL_OPCODE); 1664 break; 1665 } 1666 } 1667 1668 static void ide_cfata_metadata_inquiry(IDEState *s) 1669 { 1670 uint16_t *p; 1671 uint32_t spd; 1672 1673 p = (uint16_t *) s->io_buffer; 1674 memset(p, 0, 0x200); 1675 spd = ((s->mdata_size - 1) >> 9) + 1; 1676 1677 put_le16(p + 0, 0x0001); /* Data format revision */ 1678 put_le16(p + 1, 0x0000); /* Media property: silicon */ 1679 put_le16(p + 2, s->media_changed); /* Media status */ 1680 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 1681 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 1682 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 1683 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 1684 } 1685 1686 static void ide_cfata_metadata_read(IDEState *s) 1687 { 1688 uint16_t *p; 1689 1690 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 1691 s->status = ERR_STAT; 1692 s->error = ABRT_ERR; 1693 return; 1694 } 1695 1696 p = (uint16_t *) s->io_buffer; 1697 memset(p, 0, 0x200); 1698 1699 put_le16(p + 0, s->media_changed); /* Media status */ 1700 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 1701 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 1702 s->nsector << 9), 0x200 - 2)); 1703 } 1704 1705 static void ide_cfata_metadata_write(IDEState *s) 1706 { 1707 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 1708 s->status = ERR_STAT; 1709 s->error = ABRT_ERR; 1710 return; 1711 } 1712 1713 s->media_changed = 0; 1714 1715 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 1716 s->io_buffer + 2, 1717 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 1718 s->nsector << 9), 0x200 - 2)); 1719 } 1720 1721 /* called when the inserted state of the media has changed */ 1722 static void cdrom_change_cb(void *opaque) 1723 { 1724 IDEState *s = opaque; 1725 uint64_t nb_sectors; 1726 1727 bdrv_get_geometry(s->bs, &nb_sectors); 1728 s->nb_sectors = nb_sectors; 1729 1730 s->sense_key = SENSE_UNIT_ATTENTION; 1731 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED; 1732 s->cdrom_changed = 1; 1733 ide_set_irq(s->bus); 1734 } 1735 1736 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 1737 { 1738 s->lba48 = lba48; 1739 1740 /* handle the 'magic' 0 nsector count conversion here. to avoid 1741 * fiddling with the rest of the read logic, we just store the 1742 * full sector count in ->nsector and ignore ->hob_nsector from now 1743 */ 1744 if (!s->lba48) { 1745 if (!s->nsector) 1746 s->nsector = 256; 1747 } else { 1748 if (!s->nsector && !s->hob_nsector) 1749 s->nsector = 65536; 1750 else { 1751 int lo = s->nsector; 1752 int hi = s->hob_nsector; 1753 1754 s->nsector = (hi << 8) | lo; 1755 } 1756 } 1757 } 1758 1759 static void ide_clear_hob(IDEBus *bus) 1760 { 1761 /* any write clears HOB high bit of device control register */ 1762 bus->ifs[0].select &= ~(1 << 7); 1763 bus->ifs[1].select &= ~(1 << 7); 1764 } 1765 1766 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 1767 { 1768 IDEBus *bus = opaque; 1769 IDEState *s; 1770 int n; 1771 int lba48 = 0; 1772 1773 #ifdef DEBUG_IDE 1774 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val); 1775 #endif 1776 1777 addr &= 7; 1778 1779 /* ignore writes to command block while busy with previous command */ 1780 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT))) 1781 return; 1782 1783 switch(addr) { 1784 case 0: 1785 break; 1786 case 1: 1787 ide_clear_hob(bus); 1788 /* NOTE: data is written to the two drives */ 1789 bus->ifs[0].hob_feature = bus->ifs[0].feature; 1790 bus->ifs[1].hob_feature = bus->ifs[1].feature; 1791 bus->ifs[0].feature = val; 1792 bus->ifs[1].feature = val; 1793 break; 1794 case 2: 1795 ide_clear_hob(bus); 1796 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 1797 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 1798 bus->ifs[0].nsector = val; 1799 bus->ifs[1].nsector = val; 1800 break; 1801 case 3: 1802 ide_clear_hob(bus); 1803 bus->ifs[0].hob_sector = bus->ifs[0].sector; 1804 bus->ifs[1].hob_sector = bus->ifs[1].sector; 1805 bus->ifs[0].sector = val; 1806 bus->ifs[1].sector = val; 1807 break; 1808 case 4: 1809 ide_clear_hob(bus); 1810 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 1811 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 1812 bus->ifs[0].lcyl = val; 1813 bus->ifs[1].lcyl = val; 1814 break; 1815 case 5: 1816 ide_clear_hob(bus); 1817 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 1818 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 1819 bus->ifs[0].hcyl = val; 1820 bus->ifs[1].hcyl = val; 1821 break; 1822 case 6: 1823 /* FIXME: HOB readback uses bit 7 */ 1824 bus->ifs[0].select = (val & ~0x10) | 0xa0; 1825 bus->ifs[1].select = (val | 0x10) | 0xa0; 1826 /* select drive */ 1827 bus->unit = (val >> 4) & 1; 1828 break; 1829 default: 1830 case 7: 1831 /* command */ 1832 #if defined(DEBUG_IDE) 1833 printf("ide: CMD=%02x\n", val); 1834 #endif 1835 s = idebus_active_if(bus); 1836 /* ignore commands to non existant slave */ 1837 if (s != bus->ifs && !s->bs) 1838 break; 1839 1840 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */ 1841 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET) 1842 break; 1843 1844 switch(val) { 1845 case WIN_IDENTIFY: 1846 if (s->bs && s->drive_kind != IDE_CD) { 1847 if (s->drive_kind != IDE_CFATA) 1848 ide_identify(s); 1849 else 1850 ide_cfata_identify(s); 1851 s->status = READY_STAT | SEEK_STAT; 1852 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1853 } else { 1854 if (s->drive_kind == IDE_CD) { 1855 ide_set_signature(s); 1856 } 1857 ide_abort_command(s); 1858 } 1859 ide_set_irq(s->bus); 1860 break; 1861 case WIN_SPECIFY: 1862 case WIN_RECAL: 1863 s->error = 0; 1864 s->status = READY_STAT | SEEK_STAT; 1865 ide_set_irq(s->bus); 1866 break; 1867 case WIN_SETMULT: 1868 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1869 /* Disable Read and Write Multiple */ 1870 s->mult_sectors = 0; 1871 s->status = READY_STAT | SEEK_STAT; 1872 } else if ((s->nsector & 0xff) != 0 && 1873 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1874 (s->nsector & (s->nsector - 1)) != 0)) { 1875 ide_abort_command(s); 1876 } else { 1877 s->mult_sectors = s->nsector & 0xff; 1878 s->status = READY_STAT | SEEK_STAT; 1879 } 1880 ide_set_irq(s->bus); 1881 break; 1882 case WIN_VERIFY_EXT: 1883 lba48 = 1; 1884 case WIN_VERIFY: 1885 case WIN_VERIFY_ONCE: 1886 /* do sector number check ? */ 1887 ide_cmd_lba48_transform(s, lba48); 1888 s->status = READY_STAT | SEEK_STAT; 1889 ide_set_irq(s->bus); 1890 break; 1891 case WIN_READ_EXT: 1892 lba48 = 1; 1893 case WIN_READ: 1894 case WIN_READ_ONCE: 1895 if (!s->bs) 1896 goto abort_cmd; 1897 ide_cmd_lba48_transform(s, lba48); 1898 s->req_nb_sectors = 1; 1899 ide_sector_read(s); 1900 break; 1901 case WIN_WRITE_EXT: 1902 lba48 = 1; 1903 case WIN_WRITE: 1904 case WIN_WRITE_ONCE: 1905 case CFA_WRITE_SECT_WO_ERASE: 1906 case WIN_WRITE_VERIFY: 1907 ide_cmd_lba48_transform(s, lba48); 1908 s->error = 0; 1909 s->status = SEEK_STAT | READY_STAT; 1910 s->req_nb_sectors = 1; 1911 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1912 s->media_changed = 1; 1913 break; 1914 case WIN_MULTREAD_EXT: 1915 lba48 = 1; 1916 case WIN_MULTREAD: 1917 if (!s->mult_sectors) 1918 goto abort_cmd; 1919 ide_cmd_lba48_transform(s, lba48); 1920 s->req_nb_sectors = s->mult_sectors; 1921 ide_sector_read(s); 1922 break; 1923 case WIN_MULTWRITE_EXT: 1924 lba48 = 1; 1925 case WIN_MULTWRITE: 1926 case CFA_WRITE_MULTI_WO_ERASE: 1927 if (!s->mult_sectors) 1928 goto abort_cmd; 1929 ide_cmd_lba48_transform(s, lba48); 1930 s->error = 0; 1931 s->status = SEEK_STAT | READY_STAT; 1932 s->req_nb_sectors = s->mult_sectors; 1933 n = s->nsector; 1934 if (n > s->req_nb_sectors) 1935 n = s->req_nb_sectors; 1936 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1937 s->media_changed = 1; 1938 break; 1939 case WIN_READDMA_EXT: 1940 lba48 = 1; 1941 case WIN_READDMA: 1942 case WIN_READDMA_ONCE: 1943 if (!s->bs) 1944 goto abort_cmd; 1945 ide_cmd_lba48_transform(s, lba48); 1946 ide_sector_read_dma(s); 1947 break; 1948 case WIN_WRITEDMA_EXT: 1949 lba48 = 1; 1950 case WIN_WRITEDMA: 1951 case WIN_WRITEDMA_ONCE: 1952 if (!s->bs) 1953 goto abort_cmd; 1954 ide_cmd_lba48_transform(s, lba48); 1955 ide_sector_write_dma(s); 1956 s->media_changed = 1; 1957 break; 1958 case WIN_READ_NATIVE_MAX_EXT: 1959 lba48 = 1; 1960 case WIN_READ_NATIVE_MAX: 1961 ide_cmd_lba48_transform(s, lba48); 1962 ide_set_sector(s, s->nb_sectors - 1); 1963 s->status = READY_STAT | SEEK_STAT; 1964 ide_set_irq(s->bus); 1965 break; 1966 case WIN_CHECKPOWERMODE1: 1967 case WIN_CHECKPOWERMODE2: 1968 s->nsector = 0xff; /* device active or idle */ 1969 s->status = READY_STAT | SEEK_STAT; 1970 ide_set_irq(s->bus); 1971 break; 1972 case WIN_SETFEATURES: 1973 if (!s->bs) 1974 goto abort_cmd; 1975 /* XXX: valid for CDROM ? */ 1976 switch(s->feature) { 1977 case 0xcc: /* reverting to power-on defaults enable */ 1978 case 0x66: /* reverting to power-on defaults disable */ 1979 case 0x02: /* write cache enable */ 1980 case 0x82: /* write cache disable */ 1981 case 0xaa: /* read look-ahead enable */ 1982 case 0x55: /* read look-ahead disable */ 1983 case 0x05: /* set advanced power management mode */ 1984 case 0x85: /* disable advanced power management mode */ 1985 case 0x69: /* NOP */ 1986 case 0x67: /* NOP */ 1987 case 0x96: /* NOP */ 1988 case 0x9a: /* NOP */ 1989 case 0x42: /* enable Automatic Acoustic Mode */ 1990 case 0xc2: /* disable Automatic Acoustic Mode */ 1991 s->status = READY_STAT | SEEK_STAT; 1992 ide_set_irq(s->bus); 1993 break; 1994 case 0x03: { /* set transfer mode */ 1995 uint8_t val = s->nsector & 0x07; 1996 uint16_t *identify_data = (uint16_t *)s->identify_data; 1997 1998 switch (s->nsector >> 3) { 1999 case 0x00: /* pio default */ 2000 case 0x01: /* pio mode */ 2001 put_le16(identify_data + 62,0x07); 2002 put_le16(identify_data + 63,0x07); 2003 put_le16(identify_data + 88,0x3f); 2004 break; 2005 case 0x02: /* sigle word dma mode*/ 2006 put_le16(identify_data + 62,0x07 | (1 << (val + 8))); 2007 put_le16(identify_data + 63,0x07); 2008 put_le16(identify_data + 88,0x3f); 2009 break; 2010 case 0x04: /* mdma mode */ 2011 put_le16(identify_data + 62,0x07); 2012 put_le16(identify_data + 63,0x07 | (1 << (val + 8))); 2013 put_le16(identify_data + 88,0x3f); 2014 break; 2015 case 0x08: /* udma mode */ 2016 put_le16(identify_data + 62,0x07); 2017 put_le16(identify_data + 63,0x07); 2018 put_le16(identify_data + 88,0x3f | (1 << (val + 8))); 2019 break; 2020 default: 2021 goto abort_cmd; 2022 } 2023 s->status = READY_STAT | SEEK_STAT; 2024 ide_set_irq(s->bus); 2025 break; 2026 } 2027 default: 2028 goto abort_cmd; 2029 } 2030 break; 2031 case WIN_FLUSH_CACHE: 2032 case WIN_FLUSH_CACHE_EXT: 2033 if (s->bs) 2034 bdrv_aio_flush(s->bs, ide_flush_cb, s); 2035 else 2036 ide_flush_cb(s, 0); 2037 break; 2038 case WIN_STANDBY: 2039 case WIN_STANDBY2: 2040 case WIN_STANDBYNOW1: 2041 case WIN_STANDBYNOW2: 2042 case WIN_IDLEIMMEDIATE: 2043 case CFA_IDLEIMMEDIATE: 2044 case WIN_SETIDLE1: 2045 case WIN_SETIDLE2: 2046 case WIN_SLEEPNOW1: 2047 case WIN_SLEEPNOW2: 2048 s->status = READY_STAT; 2049 ide_set_irq(s->bus); 2050 break; 2051 case WIN_SEEK: 2052 if(s->drive_kind == IDE_CD) 2053 goto abort_cmd; 2054 /* XXX: Check that seek is within bounds */ 2055 s->status = READY_STAT | SEEK_STAT; 2056 ide_set_irq(s->bus); 2057 break; 2058 /* ATAPI commands */ 2059 case WIN_PIDENTIFY: 2060 if (s->drive_kind == IDE_CD) { 2061 ide_atapi_identify(s); 2062 s->status = READY_STAT | SEEK_STAT; 2063 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 2064 } else { 2065 ide_abort_command(s); 2066 } 2067 ide_set_irq(s->bus); 2068 break; 2069 case WIN_DIAGNOSE: 2070 ide_set_signature(s); 2071 if (s->drive_kind == IDE_CD) 2072 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 2073 * devices to return a clear status register 2074 * with READY_STAT *not* set. */ 2075 else 2076 s->status = READY_STAT | SEEK_STAT; 2077 s->error = 0x01; /* Device 0 passed, Device 1 passed or not 2078 * present. 2079 */ 2080 ide_set_irq(s->bus); 2081 break; 2082 case WIN_SRST: 2083 if (s->drive_kind != IDE_CD) 2084 goto abort_cmd; 2085 ide_set_signature(s); 2086 s->status = 0x00; /* NOTE: READY is _not_ set */ 2087 s->error = 0x01; 2088 break; 2089 case WIN_PACKETCMD: 2090 if (s->drive_kind != IDE_CD) 2091 goto abort_cmd; 2092 /* overlapping commands not supported */ 2093 if (s->feature & 0x02) 2094 goto abort_cmd; 2095 s->status = READY_STAT | SEEK_STAT; 2096 s->atapi_dma = s->feature & 1; 2097 s->nsector = 1; 2098 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 2099 ide_atapi_cmd); 2100 break; 2101 /* CF-ATA commands */ 2102 case CFA_REQ_EXT_ERROR_CODE: 2103 if (s->drive_kind != IDE_CFATA) 2104 goto abort_cmd; 2105 s->error = 0x09; /* miscellaneous error */ 2106 s->status = READY_STAT | SEEK_STAT; 2107 ide_set_irq(s->bus); 2108 break; 2109 case CFA_ERASE_SECTORS: 2110 case CFA_WEAR_LEVEL: 2111 if (s->drive_kind != IDE_CFATA) 2112 goto abort_cmd; 2113 if (val == CFA_WEAR_LEVEL) 2114 s->nsector = 0; 2115 if (val == CFA_ERASE_SECTORS) 2116 s->media_changed = 1; 2117 s->error = 0x00; 2118 s->status = READY_STAT | SEEK_STAT; 2119 ide_set_irq(s->bus); 2120 break; 2121 case CFA_TRANSLATE_SECTOR: 2122 if (s->drive_kind != IDE_CFATA) 2123 goto abort_cmd; 2124 s->error = 0x00; 2125 s->status = READY_STAT | SEEK_STAT; 2126 memset(s->io_buffer, 0, 0x200); 2127 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 2128 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 2129 s->io_buffer[0x02] = s->select; /* Head */ 2130 s->io_buffer[0x03] = s->sector; /* Sector */ 2131 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 2132 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 2133 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 2134 s->io_buffer[0x13] = 0x00; /* Erase flag */ 2135 s->io_buffer[0x18] = 0x00; /* Hot count */ 2136 s->io_buffer[0x19] = 0x00; /* Hot count */ 2137 s->io_buffer[0x1a] = 0x01; /* Hot count */ 2138 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 2139 ide_set_irq(s->bus); 2140 break; 2141 case CFA_ACCESS_METADATA_STORAGE: 2142 if (s->drive_kind != IDE_CFATA) 2143 goto abort_cmd; 2144 switch (s->feature) { 2145 case 0x02: /* Inquiry Metadata Storage */ 2146 ide_cfata_metadata_inquiry(s); 2147 break; 2148 case 0x03: /* Read Metadata Storage */ 2149 ide_cfata_metadata_read(s); 2150 break; 2151 case 0x04: /* Write Metadata Storage */ 2152 ide_cfata_metadata_write(s); 2153 break; 2154 default: 2155 goto abort_cmd; 2156 } 2157 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 2158 s->status = 0x00; /* NOTE: READY is _not_ set */ 2159 ide_set_irq(s->bus); 2160 break; 2161 case IBM_SENSE_CONDITION: 2162 if (s->drive_kind != IDE_CFATA) 2163 goto abort_cmd; 2164 switch (s->feature) { 2165 case 0x01: /* sense temperature in device */ 2166 s->nsector = 0x50; /* +20 C */ 2167 break; 2168 default: 2169 goto abort_cmd; 2170 } 2171 s->status = READY_STAT | SEEK_STAT; 2172 ide_set_irq(s->bus); 2173 break; 2174 2175 case WIN_SMART: 2176 if (s->drive_kind == IDE_CD) 2177 goto abort_cmd; 2178 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) 2179 goto abort_cmd; 2180 if (!s->smart_enabled && s->feature != SMART_ENABLE) 2181 goto abort_cmd; 2182 switch (s->feature) { 2183 case SMART_DISABLE: 2184 s->smart_enabled = 0; 2185 s->status = READY_STAT | SEEK_STAT; 2186 ide_set_irq(s->bus); 2187 break; 2188 case SMART_ENABLE: 2189 s->smart_enabled = 1; 2190 s->status = READY_STAT | SEEK_STAT; 2191 ide_set_irq(s->bus); 2192 break; 2193 case SMART_ATTR_AUTOSAVE: 2194 switch (s->sector) { 2195 case 0x00: 2196 s->smart_autosave = 0; 2197 break; 2198 case 0xf1: 2199 s->smart_autosave = 1; 2200 break; 2201 default: 2202 goto abort_cmd; 2203 } 2204 s->status = READY_STAT | SEEK_STAT; 2205 ide_set_irq(s->bus); 2206 break; 2207 case SMART_STATUS: 2208 if (!s->smart_errors) { 2209 s->hcyl = 0xc2; 2210 s->lcyl = 0x4f; 2211 } else { 2212 s->hcyl = 0x2c; 2213 s->lcyl = 0xf4; 2214 } 2215 s->status = READY_STAT | SEEK_STAT; 2216 ide_set_irq(s->bus); 2217 break; 2218 case SMART_READ_THRESH: 2219 memset(s->io_buffer, 0, 0x200); 2220 s->io_buffer[0] = 0x01; /* smart struct version */ 2221 for (n=0; n<30; n++) { 2222 if (smart_attributes[n][0] == 0) 2223 break; 2224 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0]; 2225 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4]; 2226 } 2227 for (n=0; n<511; n++) /* checksum */ 2228 s->io_buffer[511] += s->io_buffer[n]; 2229 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 2230 s->status = READY_STAT | SEEK_STAT; 2231 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 2232 ide_set_irq(s->bus); 2233 break; 2234 case SMART_READ_DATA: 2235 memset(s->io_buffer, 0, 0x200); 2236 s->io_buffer[0] = 0x01; /* smart struct version */ 2237 for (n=0; n<30; n++) { 2238 if (smart_attributes[n][0] == 0) 2239 break; 2240 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0]; 2241 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1]; 2242 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2]; 2243 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3]; 2244 } 2245 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00); 2246 if (s->smart_selftest_count == 0) { 2247 s->io_buffer[363] = 0; 2248 } else { 2249 s->io_buffer[363] = 2250 s->smart_selftest_data[3 + 2251 (s->smart_selftest_count - 1) * 2252 24]; 2253 } 2254 s->io_buffer[364] = 0x20; 2255 s->io_buffer[365] = 0x01; 2256 /* offline data collection capacity: execute + self-test*/ 2257 s->io_buffer[367] = (1<<4 | 1<<3 | 1); 2258 s->io_buffer[368] = 0x03; /* smart capability (1) */ 2259 s->io_buffer[369] = 0x00; /* smart capability (2) */ 2260 s->io_buffer[370] = 0x01; /* error logging supported */ 2261 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 2262 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 2263 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 2264 2265 for (n=0; n<511; n++) 2266 s->io_buffer[511] += s->io_buffer[n]; 2267 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 2268 s->status = READY_STAT | SEEK_STAT; 2269 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 2270 ide_set_irq(s->bus); 2271 break; 2272 case SMART_READ_LOG: 2273 switch (s->sector) { 2274 case 0x01: /* summary smart error log */ 2275 memset(s->io_buffer, 0, 0x200); 2276 s->io_buffer[0] = 0x01; 2277 s->io_buffer[1] = 0x00; /* no error entries */ 2278 s->io_buffer[452] = s->smart_errors & 0xff; 2279 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 2280 2281 for (n=0; n<511; n++) 2282 s->io_buffer[511] += s->io_buffer[n]; 2283 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 2284 break; 2285 case 0x06: /* smart self test log */ 2286 memset(s->io_buffer, 0, 0x200); 2287 s->io_buffer[0] = 0x01; 2288 if (s->smart_selftest_count == 0) { 2289 s->io_buffer[508] = 0; 2290 } else { 2291 s->io_buffer[508] = s->smart_selftest_count; 2292 for (n=2; n<506; n++) 2293 s->io_buffer[n] = s->smart_selftest_data[n]; 2294 } 2295 for (n=0; n<511; n++) 2296 s->io_buffer[511] += s->io_buffer[n]; 2297 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 2298 break; 2299 default: 2300 goto abort_cmd; 2301 } 2302 s->status = READY_STAT | SEEK_STAT; 2303 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 2304 ide_set_irq(s->bus); 2305 break; 2306 case SMART_EXECUTE_OFFLINE: 2307 switch (s->sector) { 2308 case 0: /* off-line routine */ 2309 case 1: /* short self test */ 2310 case 2: /* extended self test */ 2311 s->smart_selftest_count++; 2312 if(s->smart_selftest_count > 21) 2313 s->smart_selftest_count = 0; 2314 n = 2 + (s->smart_selftest_count - 1) * 24; 2315 s->smart_selftest_data[n] = s->sector; 2316 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */ 2317 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */ 2318 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */ 2319 s->status = READY_STAT | SEEK_STAT; 2320 ide_set_irq(s->bus); 2321 break; 2322 default: 2323 goto abort_cmd; 2324 } 2325 break; 2326 default: 2327 goto abort_cmd; 2328 } 2329 break; 2330 default: 2331 abort_cmd: 2332 ide_abort_command(s); 2333 ide_set_irq(s->bus); 2334 break; 2335 } 2336 } 2337 } 2338 2339 uint32_t ide_ioport_read(void *opaque, uint32_t addr1) 2340 { 2341 IDEBus *bus = opaque; 2342 IDEState *s = idebus_active_if(bus); 2343 uint32_t addr; 2344 int ret, hob; 2345 2346 addr = addr1 & 7; 2347 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 2348 //hob = s->select & (1 << 7); 2349 hob = 0; 2350 switch(addr) { 2351 case 0: 2352 ret = 0xff; 2353 break; 2354 case 1: 2355 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 2356 (s != bus->ifs && !s->bs)) 2357 ret = 0; 2358 else if (!hob) 2359 ret = s->error; 2360 else 2361 ret = s->hob_feature; 2362 break; 2363 case 2: 2364 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 2365 ret = 0; 2366 else if (!hob) 2367 ret = s->nsector & 0xff; 2368 else 2369 ret = s->hob_nsector; 2370 break; 2371 case 3: 2372 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 2373 ret = 0; 2374 else if (!hob) 2375 ret = s->sector; 2376 else 2377 ret = s->hob_sector; 2378 break; 2379 case 4: 2380 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 2381 ret = 0; 2382 else if (!hob) 2383 ret = s->lcyl; 2384 else 2385 ret = s->hob_lcyl; 2386 break; 2387 case 5: 2388 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 2389 ret = 0; 2390 else if (!hob) 2391 ret = s->hcyl; 2392 else 2393 ret = s->hob_hcyl; 2394 break; 2395 case 6: 2396 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 2397 ret = 0; 2398 else 2399 ret = s->select; 2400 break; 2401 default: 2402 case 7: 2403 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 2404 (s != bus->ifs && !s->bs)) 2405 ret = 0; 2406 else 2407 ret = s->status; 2408 qemu_irq_lower(bus->irq); 2409 break; 2410 } 2411 #ifdef DEBUG_IDE 2412 printf("ide: read addr=0x%x val=%02x\n", addr1, ret); 2413 #endif 2414 return ret; 2415 } 2416 2417 uint32_t ide_status_read(void *opaque, uint32_t addr) 2418 { 2419 IDEBus *bus = opaque; 2420 IDEState *s = idebus_active_if(bus); 2421 int ret; 2422 2423 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 2424 (s != bus->ifs && !s->bs)) 2425 ret = 0; 2426 else 2427 ret = s->status; 2428 #ifdef DEBUG_IDE 2429 printf("ide: read status addr=0x%x val=%02x\n", addr, ret); 2430 #endif 2431 return ret; 2432 } 2433 2434 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 2435 { 2436 IDEBus *bus = opaque; 2437 IDEState *s; 2438 int i; 2439 2440 #ifdef DEBUG_IDE 2441 printf("ide: write control addr=0x%x val=%02x\n", addr, val); 2442 #endif 2443 /* common for both drives */ 2444 if (!(bus->cmd & IDE_CMD_RESET) && 2445 (val & IDE_CMD_RESET)) { 2446 /* reset low to high */ 2447 for(i = 0;i < 2; i++) { 2448 s = &bus->ifs[i]; 2449 s->status = BUSY_STAT | SEEK_STAT; 2450 s->error = 0x01; 2451 } 2452 } else if ((bus->cmd & IDE_CMD_RESET) && 2453 !(val & IDE_CMD_RESET)) { 2454 /* high to low */ 2455 for(i = 0;i < 2; i++) { 2456 s = &bus->ifs[i]; 2457 if (s->drive_kind == IDE_CD) 2458 s->status = 0x00; /* NOTE: READY is _not_ set */ 2459 else 2460 s->status = READY_STAT | SEEK_STAT; 2461 ide_set_signature(s); 2462 } 2463 } 2464 2465 bus->cmd = val; 2466 } 2467 2468 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 2469 { 2470 IDEBus *bus = opaque; 2471 IDEState *s = idebus_active_if(bus); 2472 uint8_t *p; 2473 2474 /* PIO data access allowed only when DRQ bit is set */ 2475 if (!(s->status & DRQ_STAT)) 2476 return; 2477 2478 p = s->data_ptr; 2479 *(uint16_t *)p = le16_to_cpu(val); 2480 p += 2; 2481 s->data_ptr = p; 2482 if (p >= s->data_end) 2483 s->end_transfer_func(s); 2484 } 2485 2486 uint32_t ide_data_readw(void *opaque, uint32_t addr) 2487 { 2488 IDEBus *bus = opaque; 2489 IDEState *s = idebus_active_if(bus); 2490 uint8_t *p; 2491 int ret; 2492 2493 /* PIO data access allowed only when DRQ bit is set */ 2494 if (!(s->status & DRQ_STAT)) 2495 return 0; 2496 2497 p = s->data_ptr; 2498 ret = cpu_to_le16(*(uint16_t *)p); 2499 p += 2; 2500 s->data_ptr = p; 2501 if (p >= s->data_end) 2502 s->end_transfer_func(s); 2503 return ret; 2504 } 2505 2506 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 2507 { 2508 IDEBus *bus = opaque; 2509 IDEState *s = idebus_active_if(bus); 2510 uint8_t *p; 2511 2512 /* PIO data access allowed only when DRQ bit is set */ 2513 if (!(s->status & DRQ_STAT)) 2514 return; 2515 2516 p = s->data_ptr; 2517 *(uint32_t *)p = le32_to_cpu(val); 2518 p += 4; 2519 s->data_ptr = p; 2520 if (p >= s->data_end) 2521 s->end_transfer_func(s); 2522 } 2523 2524 uint32_t ide_data_readl(void *opaque, uint32_t addr) 2525 { 2526 IDEBus *bus = opaque; 2527 IDEState *s = idebus_active_if(bus); 2528 uint8_t *p; 2529 int ret; 2530 2531 /* PIO data access allowed only when DRQ bit is set */ 2532 if (!(s->status & DRQ_STAT)) 2533 return 0; 2534 2535 p = s->data_ptr; 2536 ret = cpu_to_le32(*(uint32_t *)p); 2537 p += 4; 2538 s->data_ptr = p; 2539 if (p >= s->data_end) 2540 s->end_transfer_func(s); 2541 return ret; 2542 } 2543 2544 static void ide_dummy_transfer_stop(IDEState *s) 2545 { 2546 s->data_ptr = s->io_buffer; 2547 s->data_end = s->io_buffer; 2548 s->io_buffer[0] = 0xff; 2549 s->io_buffer[1] = 0xff; 2550 s->io_buffer[2] = 0xff; 2551 s->io_buffer[3] = 0xff; 2552 } 2553 2554 static void ide_reset(IDEState *s) 2555 { 2556 #ifdef DEBUG_IDE 2557 printf("ide: reset\n"); 2558 #endif 2559 if (s->drive_kind == IDE_CFATA) 2560 s->mult_sectors = 0; 2561 else 2562 s->mult_sectors = MAX_MULT_SECTORS; 2563 /* ide regs */ 2564 s->feature = 0; 2565 s->error = 0; 2566 s->nsector = 0; 2567 s->sector = 0; 2568 s->lcyl = 0; 2569 s->hcyl = 0; 2570 2571 /* lba48 */ 2572 s->hob_feature = 0; 2573 s->hob_sector = 0; 2574 s->hob_nsector = 0; 2575 s->hob_lcyl = 0; 2576 s->hob_hcyl = 0; 2577 2578 s->select = 0xa0; 2579 s->status = READY_STAT | SEEK_STAT; 2580 2581 s->lba48 = 0; 2582 2583 /* ATAPI specific */ 2584 s->sense_key = 0; 2585 s->asc = 0; 2586 s->cdrom_changed = 0; 2587 s->packet_transfer_size = 0; 2588 s->elementary_transfer_size = 0; 2589 s->io_buffer_index = 0; 2590 s->cd_sector_size = 0; 2591 s->atapi_dma = 0; 2592 /* ATA DMA state */ 2593 s->io_buffer_size = 0; 2594 s->req_nb_sectors = 0; 2595 2596 ide_set_signature(s); 2597 /* init the transfer handler so that 0xffff is returned on data 2598 accesses */ 2599 s->end_transfer_func = ide_dummy_transfer_stop; 2600 ide_dummy_transfer_stop(s); 2601 s->media_changed = 0; 2602 } 2603 2604 void ide_bus_reset(IDEBus *bus) 2605 { 2606 bus->unit = 0; 2607 bus->cmd = 0; 2608 ide_reset(&bus->ifs[0]); 2609 ide_reset(&bus->ifs[1]); 2610 ide_clear_hob(bus); 2611 } 2612 2613 int ide_init_drive(IDEState *s, BlockDriverState *bs, 2614 const char *version, const char *serial) 2615 { 2616 int cylinders, heads, secs; 2617 uint64_t nb_sectors; 2618 2619 s->bs = bs; 2620 bdrv_get_geometry(bs, &nb_sectors); 2621 bdrv_guess_geometry(bs, &cylinders, &heads, &secs); 2622 if (cylinders < 1 || cylinders > 16383) { 2623 error_report("cyls must be between 1 and 16383"); 2624 return -1; 2625 } 2626 if (heads < 1 || heads > 16) { 2627 error_report("heads must be between 1 and 16"); 2628 return -1; 2629 } 2630 if (secs < 1 || secs > 63) { 2631 error_report("secs must be between 1 and 63"); 2632 return -1; 2633 } 2634 s->cylinders = cylinders; 2635 s->heads = heads; 2636 s->sectors = secs; 2637 s->nb_sectors = nb_sectors; 2638 /* The SMART values should be preserved across power cycles 2639 but they aren't. */ 2640 s->smart_enabled = 1; 2641 s->smart_autosave = 1; 2642 s->smart_errors = 0; 2643 s->smart_selftest_count = 0; 2644 if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) { 2645 s->drive_kind = IDE_CD; 2646 bdrv_set_change_cb(bs, cdrom_change_cb, s); 2647 } else { 2648 if (!bdrv_is_inserted(s->bs)) { 2649 error_report("Device needs media, but drive is empty"); 2650 return -1; 2651 } 2652 if (bdrv_is_read_only(bs)) { 2653 error_report("Can't use a read-only drive"); 2654 return -1; 2655 } 2656 } 2657 if (serial) { 2658 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str)); 2659 } else { 2660 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 2661 "QM%05d", s->drive_serial); 2662 } 2663 if (version) { 2664 pstrcpy(s->version, sizeof(s->version), version); 2665 } else { 2666 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION); 2667 } 2668 ide_reset(s); 2669 bdrv_set_removable(bs, s->drive_kind == IDE_CD); 2670 return 0; 2671 } 2672 2673 static void ide_init1(IDEBus *bus, int unit) 2674 { 2675 static int drive_serial = 1; 2676 IDEState *s = &bus->ifs[unit]; 2677 2678 s->bus = bus; 2679 s->unit = unit; 2680 s->drive_serial = drive_serial++; 2681 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4); 2682 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 2683 s->smart_selftest_data = qemu_blockalign(s->bs, 512); 2684 s->sector_write_timer = qemu_new_timer(vm_clock, 2685 ide_sector_write_timer_cb, s); 2686 } 2687 2688 void ide_init2(IDEBus *bus, qemu_irq irq) 2689 { 2690 int i; 2691 2692 for(i = 0; i < 2; i++) { 2693 ide_init1(bus, i); 2694 ide_reset(&bus->ifs[i]); 2695 } 2696 bus->irq = irq; 2697 } 2698 2699 /* TODO convert users to qdev and remove */ 2700 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0, 2701 DriveInfo *hd1, qemu_irq irq) 2702 { 2703 int i; 2704 DriveInfo *dinfo; 2705 2706 for(i = 0; i < 2; i++) { 2707 dinfo = i == 0 ? hd0 : hd1; 2708 ide_init1(bus, i); 2709 if (dinfo) { 2710 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL, 2711 *dinfo->serial ? dinfo->serial : NULL) < 0) { 2712 error_report("Can't set up IDE drive %s", dinfo->id); 2713 exit(1); 2714 } 2715 } else { 2716 ide_reset(&bus->ifs[i]); 2717 } 2718 } 2719 bus->irq = irq; 2720 } 2721 2722 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2) 2723 { 2724 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus); 2725 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus); 2726 if (iobase2) { 2727 register_ioport_read(iobase2, 1, 1, ide_status_read, bus); 2728 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus); 2729 } 2730 2731 /* data ports */ 2732 register_ioport_write(iobase, 2, 2, ide_data_writew, bus); 2733 register_ioport_read(iobase, 2, 2, ide_data_readw, bus); 2734 register_ioport_write(iobase, 4, 4, ide_data_writel, bus); 2735 register_ioport_read(iobase, 4, 4, ide_data_readl, bus); 2736 } 2737 2738 static bool is_identify_set(void *opaque, int version_id) 2739 { 2740 IDEState *s = opaque; 2741 2742 return s->identify_set != 0; 2743 } 2744 2745 static EndTransferFunc* transfer_end_table[] = { 2746 ide_sector_read, 2747 ide_sector_write, 2748 ide_transfer_stop, 2749 ide_atapi_cmd_reply_end, 2750 ide_atapi_cmd, 2751 ide_dummy_transfer_stop, 2752 }; 2753 2754 static int transfer_end_table_idx(EndTransferFunc *fn) 2755 { 2756 int i; 2757 2758 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2759 if (transfer_end_table[i] == fn) 2760 return i; 2761 2762 return -1; 2763 } 2764 2765 static int ide_drive_post_load(void *opaque, int version_id) 2766 { 2767 IDEState *s = opaque; 2768 2769 if (version_id < 3) { 2770 if (s->sense_key == SENSE_UNIT_ATTENTION && 2771 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) { 2772 s->cdrom_changed = 1; 2773 } 2774 } 2775 return 0; 2776 } 2777 2778 static int ide_drive_pio_post_load(void *opaque, int version_id) 2779 { 2780 IDEState *s = opaque; 2781 2782 if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) { 2783 return -EINVAL; 2784 } 2785 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2786 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2787 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2788 2789 return 0; 2790 } 2791 2792 static void ide_drive_pio_pre_save(void *opaque) 2793 { 2794 IDEState *s = opaque; 2795 int idx; 2796 2797 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2798 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2799 2800 idx = transfer_end_table_idx(s->end_transfer_func); 2801 if (idx == -1) { 2802 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2803 __func__); 2804 s->end_transfer_fn_idx = 2; 2805 } else { 2806 s->end_transfer_fn_idx = idx; 2807 } 2808 } 2809 2810 static bool ide_drive_pio_state_needed(void *opaque) 2811 { 2812 IDEState *s = opaque; 2813 2814 return (s->status & DRQ_STAT) != 0; 2815 } 2816 2817 const VMStateDescription vmstate_ide_drive_pio_state = { 2818 .name = "ide_drive/pio_state", 2819 .version_id = 1, 2820 .minimum_version_id = 1, 2821 .minimum_version_id_old = 1, 2822 .pre_save = ide_drive_pio_pre_save, 2823 .post_load = ide_drive_pio_post_load, 2824 .fields = (VMStateField []) { 2825 VMSTATE_INT32(req_nb_sectors, IDEState), 2826 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2827 vmstate_info_uint8, uint8_t), 2828 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2829 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2830 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2831 VMSTATE_INT32(elementary_transfer_size, IDEState), 2832 VMSTATE_INT32(packet_transfer_size, IDEState), 2833 VMSTATE_END_OF_LIST() 2834 } 2835 }; 2836 2837 const VMStateDescription vmstate_ide_drive = { 2838 .name = "ide_drive", 2839 .version_id = 3, 2840 .minimum_version_id = 0, 2841 .minimum_version_id_old = 0, 2842 .post_load = ide_drive_post_load, 2843 .fields = (VMStateField []) { 2844 VMSTATE_INT32(mult_sectors, IDEState), 2845 VMSTATE_INT32(identify_set, IDEState), 2846 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2847 VMSTATE_UINT8(feature, IDEState), 2848 VMSTATE_UINT8(error, IDEState), 2849 VMSTATE_UINT32(nsector, IDEState), 2850 VMSTATE_UINT8(sector, IDEState), 2851 VMSTATE_UINT8(lcyl, IDEState), 2852 VMSTATE_UINT8(hcyl, IDEState), 2853 VMSTATE_UINT8(hob_feature, IDEState), 2854 VMSTATE_UINT8(hob_sector, IDEState), 2855 VMSTATE_UINT8(hob_nsector, IDEState), 2856 VMSTATE_UINT8(hob_lcyl, IDEState), 2857 VMSTATE_UINT8(hob_hcyl, IDEState), 2858 VMSTATE_UINT8(select, IDEState), 2859 VMSTATE_UINT8(status, IDEState), 2860 VMSTATE_UINT8(lba48, IDEState), 2861 VMSTATE_UINT8(sense_key, IDEState), 2862 VMSTATE_UINT8(asc, IDEState), 2863 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2864 VMSTATE_END_OF_LIST() 2865 }, 2866 .subsections = (VMStateSubsection []) { 2867 { 2868 .vmsd = &vmstate_ide_drive_pio_state, 2869 .needed = ide_drive_pio_state_needed, 2870 }, { 2871 /* empty */ 2872 } 2873 } 2874 }; 2875 2876 const VMStateDescription vmstate_ide_bus = { 2877 .name = "ide_bus", 2878 .version_id = 1, 2879 .minimum_version_id = 1, 2880 .minimum_version_id_old = 1, 2881 .fields = (VMStateField []) { 2882 VMSTATE_UINT8(cmd, IDEBus), 2883 VMSTATE_UINT8(unit, IDEBus), 2884 VMSTATE_END_OF_LIST() 2885 } 2886 }; 2887 2888 /***********************************************************/ 2889 /* PCI IDE definitions */ 2890 2891 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb) 2892 { 2893 BMDMAState *bm = s->bus->bmdma; 2894 if(!bm) 2895 return; 2896 bm->unit = s->unit; 2897 bm->dma_cb = dma_cb; 2898 bm->cur_prd_last = 0; 2899 bm->cur_prd_addr = 0; 2900 bm->cur_prd_len = 0; 2901 bm->sector_num = ide_get_sector(s); 2902 bm->nsector = s->nsector; 2903 if (bm->status & BM_STATUS_DMAING) { 2904 bm->dma_cb(bm, 0); 2905 } 2906 } 2907 2908 static void ide_dma_restart(IDEState *s, int is_read) 2909 { 2910 BMDMAState *bm = s->bus->bmdma; 2911 ide_set_sector(s, bm->sector_num); 2912 s->io_buffer_index = 0; 2913 s->io_buffer_size = 0; 2914 s->nsector = bm->nsector; 2915 bm->cur_addr = bm->addr; 2916 2917 if (is_read) { 2918 bm->dma_cb = ide_read_dma_cb; 2919 } else { 2920 bm->dma_cb = ide_write_dma_cb; 2921 } 2922 2923 ide_dma_start(s, bm->dma_cb); 2924 } 2925 2926 void ide_dma_cancel(BMDMAState *bm) 2927 { 2928 if (bm->status & BM_STATUS_DMAING) { 2929 if (bm->aiocb) { 2930 #ifdef DEBUG_AIO 2931 printf("aio_cancel\n"); 2932 #endif 2933 bdrv_aio_cancel(bm->aiocb); 2934 bm->aiocb = NULL; 2935 } 2936 bm->status &= ~BM_STATUS_DMAING; 2937 /* cancel DMA request */ 2938 bm->unit = -1; 2939 bm->dma_cb = NULL; 2940 } 2941 } 2942 2943 void ide_dma_reset(BMDMAState *bm) 2944 { 2945 #ifdef DEBUG_IDE 2946 printf("ide: dma_reset\n"); 2947 #endif 2948 ide_dma_cancel(bm); 2949 bm->cmd = 0; 2950 bm->status = 0; 2951 bm->addr = 0; 2952 bm->cur_addr = 0; 2953 bm->cur_prd_last = 0; 2954 bm->cur_prd_addr = 0; 2955 bm->cur_prd_len = 0; 2956 bm->sector_num = 0; 2957 bm->nsector = 0; 2958 } 2959