1 /* 2 * QEMU IDE disk and CD/DVD-ROM Emulator 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 #include <hw/hw.h> 26 #include <hw/pc.h> 27 #include <hw/pci.h> 28 #include <hw/isa.h> 29 #include "qemu-error.h" 30 #include "qemu-timer.h" 31 #include "sysemu.h" 32 #include "dma.h" 33 #include "blockdev.h" 34 35 #include <hw/ide/internal.h> 36 37 /* These values were based on a Seagate ST3500418AS but have been modified 38 to make more sense in QEMU */ 39 static const int smart_attributes[][12] = { 40 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */ 41 /* raw read error rate*/ 42 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06}, 43 /* spin up */ 44 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 45 /* start stop count */ 46 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14}, 47 /* remapped sectors */ 48 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24}, 49 /* power on hours */ 50 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 51 /* power cycle count */ 52 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}, 53 /* airflow-temperature-celsius */ 54 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32}, 55 /* end of list */ 56 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00} 57 }; 58 59 static int ide_handle_rw_error(IDEState *s, int error, int op); 60 static void ide_dummy_transfer_stop(IDEState *s); 61 62 static void padstr(char *str, const char *src, int len) 63 { 64 int i, v; 65 for(i = 0; i < len; i++) { 66 if (*src) 67 v = *src++; 68 else 69 v = ' '; 70 str[i^1] = v; 71 } 72 } 73 74 static void put_le16(uint16_t *p, unsigned int v) 75 { 76 *p = cpu_to_le16(v); 77 } 78 79 static void ide_identify(IDEState *s) 80 { 81 uint16_t *p; 82 unsigned int oldsize; 83 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master; 84 85 if (s->identify_set) { 86 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 87 return; 88 } 89 90 memset(s->io_buffer, 0, 512); 91 p = (uint16_t *)s->io_buffer; 92 put_le16(p + 0, 0x0040); 93 put_le16(p + 1, s->cylinders); 94 put_le16(p + 3, s->heads); 95 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */ 96 put_le16(p + 5, 512); /* XXX: retired, remove ? */ 97 put_le16(p + 6, s->sectors); 98 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 99 put_le16(p + 20, 3); /* XXX: retired, remove ? */ 100 put_le16(p + 21, 512); /* cache size in sectors */ 101 put_le16(p + 22, 4); /* ecc bytes */ 102 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 103 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 104 #if MAX_MULT_SECTORS > 1 105 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 106 #endif 107 put_le16(p + 48, 1); /* dword I/O */ 108 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */ 109 put_le16(p + 51, 0x200); /* PIO transfer cycle */ 110 put_le16(p + 52, 0x200); /* DMA transfer cycle */ 111 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */ 112 put_le16(p + 54, s->cylinders); 113 put_le16(p + 55, s->heads); 114 put_le16(p + 56, s->sectors); 115 oldsize = s->cylinders * s->heads * s->sectors; 116 put_le16(p + 57, oldsize); 117 put_le16(p + 58, oldsize >> 16); 118 if (s->mult_sectors) 119 put_le16(p + 59, 0x100 | s->mult_sectors); 120 put_le16(p + 60, s->nb_sectors); 121 put_le16(p + 61, s->nb_sectors >> 16); 122 put_le16(p + 62, 0x07); /* single word dma0-2 supported */ 123 put_le16(p + 63, 0x07); /* mdma0-2 supported */ 124 put_le16(p + 64, 0x03); /* pio3-4 supported */ 125 put_le16(p + 65, 120); 126 put_le16(p + 66, 120); 127 put_le16(p + 67, 120); 128 put_le16(p + 68, 120); 129 if (dev && dev->conf.discard_granularity) { 130 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */ 131 } 132 133 if (s->ncq_queues) { 134 put_le16(p + 75, s->ncq_queues - 1); 135 /* NCQ supported */ 136 put_le16(p + 76, (1 << 8)); 137 } 138 139 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */ 140 put_le16(p + 81, 0x16); /* conforms to ata5 */ 141 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */ 142 put_le16(p + 82, (1 << 14) | (1 << 5) | 1); 143 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 144 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10)); 145 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 146 if (s->wwn) { 147 put_le16(p + 84, (1 << 14) | (1 << 8) | 0); 148 } else { 149 put_le16(p + 84, (1 << 14) | 0); 150 } 151 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */ 152 if (bdrv_enable_write_cache(s->bs)) 153 put_le16(p + 85, (1 << 14) | (1 << 5) | 1); 154 else 155 put_le16(p + 85, (1 << 14) | 1); 156 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */ 157 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10)); 158 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */ 159 if (s->wwn) { 160 put_le16(p + 87, (1 << 14) | (1 << 8) | 0); 161 } else { 162 put_le16(p + 87, (1 << 14) | 0); 163 } 164 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 165 put_le16(p + 93, 1 | (1 << 14) | 0x2000); 166 put_le16(p + 100, s->nb_sectors); 167 put_le16(p + 101, s->nb_sectors >> 16); 168 put_le16(p + 102, s->nb_sectors >> 32); 169 put_le16(p + 103, s->nb_sectors >> 48); 170 171 if (dev && dev->conf.physical_block_size) 172 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf)); 173 if (s->wwn) { 174 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */ 175 put_le16(p + 108, s->wwn >> 48); 176 put_le16(p + 109, s->wwn >> 32); 177 put_le16(p + 110, s->wwn >> 16); 178 put_le16(p + 111, s->wwn); 179 } 180 if (dev && dev->conf.discard_granularity) { 181 put_le16(p + 169, 1); /* TRIM support */ 182 } 183 184 memcpy(s->identify_data, p, sizeof(s->identify_data)); 185 s->identify_set = 1; 186 } 187 188 static void ide_atapi_identify(IDEState *s) 189 { 190 uint16_t *p; 191 192 if (s->identify_set) { 193 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data)); 194 return; 195 } 196 197 memset(s->io_buffer, 0, 512); 198 p = (uint16_t *)s->io_buffer; 199 /* Removable CDROM, 50us response, 12 byte packets */ 200 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0)); 201 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 202 put_le16(p + 20, 3); /* buffer type */ 203 put_le16(p + 21, 512); /* cache size in sectors */ 204 put_le16(p + 22, 4); /* ecc bytes */ 205 padstr((char *)(p + 23), s->version, 8); /* firmware version */ 206 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */ 207 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */ 208 #ifdef USE_DMA_CDROM 209 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */ 210 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */ 211 put_le16(p + 62, 7); /* single word dma0-2 supported */ 212 put_le16(p + 63, 7); /* mdma0-2 supported */ 213 #else 214 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */ 215 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */ 216 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */ 217 #endif 218 put_le16(p + 64, 3); /* pio3-4 supported */ 219 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */ 220 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */ 221 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */ 222 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */ 223 224 put_le16(p + 71, 30); /* in ns */ 225 put_le16(p + 72, 30); /* in ns */ 226 227 if (s->ncq_queues) { 228 put_le16(p + 75, s->ncq_queues - 1); 229 /* NCQ supported */ 230 put_le16(p + 76, (1 << 8)); 231 } 232 233 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */ 234 #ifdef USE_DMA_CDROM 235 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */ 236 #endif 237 memcpy(s->identify_data, p, sizeof(s->identify_data)); 238 s->identify_set = 1; 239 } 240 241 static void ide_cfata_identify(IDEState *s) 242 { 243 uint16_t *p; 244 uint32_t cur_sec; 245 246 p = (uint16_t *) s->identify_data; 247 if (s->identify_set) 248 goto fill_buffer; 249 250 memset(p, 0, sizeof(s->identify_data)); 251 252 cur_sec = s->cylinders * s->heads * s->sectors; 253 254 put_le16(p + 0, 0x848a); /* CF Storage Card signature */ 255 put_le16(p + 1, s->cylinders); /* Default cylinders */ 256 put_le16(p + 3, s->heads); /* Default heads */ 257 put_le16(p + 6, s->sectors); /* Default sectors per track */ 258 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */ 259 put_le16(p + 8, s->nb_sectors); /* Sectors per card */ 260 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */ 261 put_le16(p + 22, 0x0004); /* ECC bytes */ 262 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */ 263 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */ 264 #if MAX_MULT_SECTORS > 1 265 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS); 266 #else 267 put_le16(p + 47, 0x0000); 268 #endif 269 put_le16(p + 49, 0x0f00); /* Capabilities */ 270 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */ 271 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */ 272 put_le16(p + 53, 0x0003); /* Translation params valid */ 273 put_le16(p + 54, s->cylinders); /* Current cylinders */ 274 put_le16(p + 55, s->heads); /* Current heads */ 275 put_le16(p + 56, s->sectors); /* Current sectors */ 276 put_le16(p + 57, cur_sec); /* Current capacity */ 277 put_le16(p + 58, cur_sec >> 16); /* Current capacity */ 278 if (s->mult_sectors) /* Multiple sector setting */ 279 put_le16(p + 59, 0x100 | s->mult_sectors); 280 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */ 281 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */ 282 put_le16(p + 63, 0x0203); /* Multiword DMA capability */ 283 put_le16(p + 64, 0x0001); /* Flow Control PIO support */ 284 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */ 285 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */ 286 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */ 287 put_le16(p + 82, 0x400c); /* Command Set supported */ 288 put_le16(p + 83, 0x7068); /* Command Set supported */ 289 put_le16(p + 84, 0x4000); /* Features supported */ 290 put_le16(p + 85, 0x000c); /* Command Set enabled */ 291 put_le16(p + 86, 0x7044); /* Command Set enabled */ 292 put_le16(p + 87, 0x4000); /* Features enabled */ 293 put_le16(p + 91, 0x4060); /* Current APM level */ 294 put_le16(p + 129, 0x0002); /* Current features option */ 295 put_le16(p + 130, 0x0005); /* Reassigned sectors */ 296 put_le16(p + 131, 0x0001); /* Initial power mode */ 297 put_le16(p + 132, 0x0000); /* User signature */ 298 put_le16(p + 160, 0x8100); /* Power requirement */ 299 put_le16(p + 161, 0x8001); /* CF command set */ 300 301 s->identify_set = 1; 302 303 fill_buffer: 304 memcpy(s->io_buffer, p, sizeof(s->identify_data)); 305 } 306 307 static void ide_set_signature(IDEState *s) 308 { 309 s->select &= 0xf0; /* clear head */ 310 /* put signature */ 311 s->nsector = 1; 312 s->sector = 1; 313 if (s->drive_kind == IDE_CD) { 314 s->lcyl = 0x14; 315 s->hcyl = 0xeb; 316 } else if (s->bs) { 317 s->lcyl = 0; 318 s->hcyl = 0; 319 } else { 320 s->lcyl = 0xff; 321 s->hcyl = 0xff; 322 } 323 } 324 325 typedef struct TrimAIOCB { 326 BlockDriverAIOCB common; 327 QEMUBH *bh; 328 int ret; 329 } TrimAIOCB; 330 331 static void trim_aio_cancel(BlockDriverAIOCB *acb) 332 { 333 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common); 334 335 qemu_bh_delete(iocb->bh); 336 iocb->bh = NULL; 337 qemu_aio_release(iocb); 338 } 339 340 static AIOPool trim_aio_pool = { 341 .aiocb_size = sizeof(TrimAIOCB), 342 .cancel = trim_aio_cancel, 343 }; 344 345 static void ide_trim_bh_cb(void *opaque) 346 { 347 TrimAIOCB *iocb = opaque; 348 349 iocb->common.cb(iocb->common.opaque, iocb->ret); 350 351 qemu_bh_delete(iocb->bh); 352 iocb->bh = NULL; 353 354 qemu_aio_release(iocb); 355 } 356 357 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs, 358 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors, 359 BlockDriverCompletionFunc *cb, void *opaque) 360 { 361 TrimAIOCB *iocb; 362 int i, j, ret; 363 364 iocb = qemu_aio_get(&trim_aio_pool, bs, cb, opaque); 365 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb); 366 iocb->ret = 0; 367 368 for (j = 0; j < qiov->niov; j++) { 369 uint64_t *buffer = qiov->iov[j].iov_base; 370 371 for (i = 0; i < qiov->iov[j].iov_len / 8; i++) { 372 /* 6-byte LBA + 2-byte range per entry */ 373 uint64_t entry = le64_to_cpu(buffer[i]); 374 uint64_t sector = entry & 0x0000ffffffffffffULL; 375 uint16_t count = entry >> 48; 376 377 if (count == 0) { 378 break; 379 } 380 381 ret = bdrv_discard(bs, sector, count); 382 if (!iocb->ret) { 383 iocb->ret = ret; 384 } 385 } 386 } 387 388 qemu_bh_schedule(iocb->bh); 389 390 return &iocb->common; 391 } 392 393 static inline void ide_abort_command(IDEState *s) 394 { 395 s->status = READY_STAT | ERR_STAT; 396 s->error = ABRT_ERR; 397 } 398 399 /* prepare data transfer and tell what to do after */ 400 void ide_transfer_start(IDEState *s, uint8_t *buf, int size, 401 EndTransferFunc *end_transfer_func) 402 { 403 s->end_transfer_func = end_transfer_func; 404 s->data_ptr = buf; 405 s->data_end = buf + size; 406 if (!(s->status & ERR_STAT)) { 407 s->status |= DRQ_STAT; 408 } 409 s->bus->dma->ops->start_transfer(s->bus->dma); 410 } 411 412 void ide_transfer_stop(IDEState *s) 413 { 414 s->end_transfer_func = ide_transfer_stop; 415 s->data_ptr = s->io_buffer; 416 s->data_end = s->io_buffer; 417 s->status &= ~DRQ_STAT; 418 } 419 420 int64_t ide_get_sector(IDEState *s) 421 { 422 int64_t sector_num; 423 if (s->select & 0x40) { 424 /* lba */ 425 if (!s->lba48) { 426 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) | 427 (s->lcyl << 8) | s->sector; 428 } else { 429 sector_num = ((int64_t)s->hob_hcyl << 40) | 430 ((int64_t) s->hob_lcyl << 32) | 431 ((int64_t) s->hob_sector << 24) | 432 ((int64_t) s->hcyl << 16) | 433 ((int64_t) s->lcyl << 8) | s->sector; 434 } 435 } else { 436 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors + 437 (s->select & 0x0f) * s->sectors + (s->sector - 1); 438 } 439 return sector_num; 440 } 441 442 void ide_set_sector(IDEState *s, int64_t sector_num) 443 { 444 unsigned int cyl, r; 445 if (s->select & 0x40) { 446 if (!s->lba48) { 447 s->select = (s->select & 0xf0) | (sector_num >> 24); 448 s->hcyl = (sector_num >> 16); 449 s->lcyl = (sector_num >> 8); 450 s->sector = (sector_num); 451 } else { 452 s->sector = sector_num; 453 s->lcyl = sector_num >> 8; 454 s->hcyl = sector_num >> 16; 455 s->hob_sector = sector_num >> 24; 456 s->hob_lcyl = sector_num >> 32; 457 s->hob_hcyl = sector_num >> 40; 458 } 459 } else { 460 cyl = sector_num / (s->heads * s->sectors); 461 r = sector_num % (s->heads * s->sectors); 462 s->hcyl = cyl >> 8; 463 s->lcyl = cyl; 464 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f); 465 s->sector = (r % s->sectors) + 1; 466 } 467 } 468 469 static void ide_rw_error(IDEState *s) { 470 ide_abort_command(s); 471 ide_set_irq(s->bus); 472 } 473 474 static void ide_sector_read_cb(void *opaque, int ret) 475 { 476 IDEState *s = opaque; 477 int n; 478 479 s->pio_aiocb = NULL; 480 s->status &= ~BUSY_STAT; 481 482 bdrv_acct_done(s->bs, &s->acct); 483 if (ret != 0) { 484 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY | 485 BM_STATUS_RETRY_READ)) { 486 return; 487 } 488 } 489 490 n = s->nsector; 491 if (n > s->req_nb_sectors) { 492 n = s->req_nb_sectors; 493 } 494 495 /* Allow the guest to read the io_buffer */ 496 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read); 497 498 ide_set_irq(s->bus); 499 500 ide_set_sector(s, ide_get_sector(s) + n); 501 s->nsector -= n; 502 } 503 504 void ide_sector_read(IDEState *s) 505 { 506 int64_t sector_num; 507 int n; 508 509 s->status = READY_STAT | SEEK_STAT; 510 s->error = 0; /* not needed by IDE spec, but needed by Windows */ 511 sector_num = ide_get_sector(s); 512 n = s->nsector; 513 514 if (n == 0) { 515 ide_transfer_stop(s); 516 return; 517 } 518 519 s->status |= BUSY_STAT; 520 521 if (n > s->req_nb_sectors) { 522 n = s->req_nb_sectors; 523 } 524 525 #if defined(DEBUG_IDE) 526 printf("sector=%" PRId64 "\n", sector_num); 527 #endif 528 529 s->iov.iov_base = s->io_buffer; 530 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 531 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 532 533 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 534 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n, 535 ide_sector_read_cb, s); 536 } 537 538 static void dma_buf_commit(IDEState *s) 539 { 540 qemu_sglist_destroy(&s->sg); 541 } 542 543 void ide_set_inactive(IDEState *s) 544 { 545 s->bus->dma->aiocb = NULL; 546 s->bus->dma->ops->set_inactive(s->bus->dma); 547 } 548 549 void ide_dma_error(IDEState *s) 550 { 551 ide_transfer_stop(s); 552 s->error = ABRT_ERR; 553 s->status = READY_STAT | ERR_STAT; 554 ide_set_inactive(s); 555 ide_set_irq(s->bus); 556 } 557 558 static int ide_handle_rw_error(IDEState *s, int error, int op) 559 { 560 int is_read = (op & BM_STATUS_RETRY_READ); 561 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read); 562 563 if (action == BLOCK_ERR_IGNORE) { 564 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_IGNORE, is_read); 565 return 0; 566 } 567 568 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC) 569 || action == BLOCK_ERR_STOP_ANY) { 570 s->bus->dma->ops->set_unit(s->bus->dma, s->unit); 571 s->bus->error_status = op; 572 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_STOP, is_read); 573 vm_stop(RUN_STATE_IO_ERROR); 574 bdrv_iostatus_set_err(s->bs, error); 575 } else { 576 if (op & BM_STATUS_DMA_RETRY) { 577 dma_buf_commit(s); 578 ide_dma_error(s); 579 } else { 580 ide_rw_error(s); 581 } 582 bdrv_emit_qmp_error_event(s->bs, BDRV_ACTION_REPORT, is_read); 583 } 584 585 return 1; 586 } 587 588 void ide_dma_cb(void *opaque, int ret) 589 { 590 IDEState *s = opaque; 591 int n; 592 int64_t sector_num; 593 594 if (ret < 0) { 595 int op = BM_STATUS_DMA_RETRY; 596 597 if (s->dma_cmd == IDE_DMA_READ) 598 op |= BM_STATUS_RETRY_READ; 599 else if (s->dma_cmd == IDE_DMA_TRIM) 600 op |= BM_STATUS_RETRY_TRIM; 601 602 if (ide_handle_rw_error(s, -ret, op)) { 603 return; 604 } 605 } 606 607 n = s->io_buffer_size >> 9; 608 sector_num = ide_get_sector(s); 609 if (n > 0) { 610 dma_buf_commit(s); 611 sector_num += n; 612 ide_set_sector(s, sector_num); 613 s->nsector -= n; 614 } 615 616 /* end of transfer ? */ 617 if (s->nsector == 0) { 618 s->status = READY_STAT | SEEK_STAT; 619 ide_set_irq(s->bus); 620 goto eot; 621 } 622 623 /* launch next transfer */ 624 n = s->nsector; 625 s->io_buffer_index = 0; 626 s->io_buffer_size = n * 512; 627 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) { 628 /* The PRDs were too short. Reset the Active bit, but don't raise an 629 * interrupt. */ 630 goto eot; 631 } 632 633 #ifdef DEBUG_AIO 634 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n", 635 sector_num, n, s->dma_cmd); 636 #endif 637 638 switch (s->dma_cmd) { 639 case IDE_DMA_READ: 640 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, 641 ide_dma_cb, s); 642 break; 643 case IDE_DMA_WRITE: 644 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, 645 ide_dma_cb, s); 646 break; 647 case IDE_DMA_TRIM: 648 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num, 649 ide_issue_trim, ide_dma_cb, s, 650 DMA_DIRECTION_TO_DEVICE); 651 break; 652 } 653 return; 654 655 eot: 656 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) { 657 bdrv_acct_done(s->bs, &s->acct); 658 } 659 ide_set_inactive(s); 660 } 661 662 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd) 663 { 664 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT; 665 s->io_buffer_index = 0; 666 s->io_buffer_size = 0; 667 s->dma_cmd = dma_cmd; 668 669 switch (dma_cmd) { 670 case IDE_DMA_READ: 671 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 672 BDRV_ACCT_READ); 673 break; 674 case IDE_DMA_WRITE: 675 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE, 676 BDRV_ACCT_WRITE); 677 break; 678 default: 679 break; 680 } 681 682 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb); 683 } 684 685 static void ide_sector_write_timer_cb(void *opaque) 686 { 687 IDEState *s = opaque; 688 ide_set_irq(s->bus); 689 } 690 691 static void ide_sector_write_cb(void *opaque, int ret) 692 { 693 IDEState *s = opaque; 694 int n; 695 696 bdrv_acct_done(s->bs, &s->acct); 697 698 s->pio_aiocb = NULL; 699 s->status &= ~BUSY_STAT; 700 701 if (ret != 0) { 702 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) { 703 return; 704 } 705 } 706 707 n = s->nsector; 708 if (n > s->req_nb_sectors) { 709 n = s->req_nb_sectors; 710 } 711 s->nsector -= n; 712 if (s->nsector == 0) { 713 /* no more sectors to write */ 714 ide_transfer_stop(s); 715 } else { 716 int n1 = s->nsector; 717 if (n1 > s->req_nb_sectors) { 718 n1 = s->req_nb_sectors; 719 } 720 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE, 721 ide_sector_write); 722 } 723 ide_set_sector(s, ide_get_sector(s) + n); 724 725 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) { 726 /* It seems there is a bug in the Windows 2000 installer HDD 727 IDE driver which fills the disk with empty logs when the 728 IDE write IRQ comes too early. This hack tries to correct 729 that at the expense of slower write performances. Use this 730 option _only_ to install Windows 2000. You must disable it 731 for normal use. */ 732 qemu_mod_timer(s->sector_write_timer, 733 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000)); 734 } else { 735 ide_set_irq(s->bus); 736 } 737 } 738 739 void ide_sector_write(IDEState *s) 740 { 741 int64_t sector_num; 742 int n; 743 744 s->status = READY_STAT | SEEK_STAT | BUSY_STAT; 745 sector_num = ide_get_sector(s); 746 #if defined(DEBUG_IDE) 747 printf("sector=%" PRId64 "\n", sector_num); 748 #endif 749 n = s->nsector; 750 if (n > s->req_nb_sectors) { 751 n = s->req_nb_sectors; 752 } 753 754 s->iov.iov_base = s->io_buffer; 755 s->iov.iov_len = n * BDRV_SECTOR_SIZE; 756 qemu_iovec_init_external(&s->qiov, &s->iov, 1); 757 758 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ); 759 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n, 760 ide_sector_write_cb, s); 761 } 762 763 static void ide_flush_cb(void *opaque, int ret) 764 { 765 IDEState *s = opaque; 766 767 if (ret < 0) { 768 /* XXX: What sector number to set here? */ 769 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) { 770 return; 771 } 772 } 773 774 bdrv_acct_done(s->bs, &s->acct); 775 s->status = READY_STAT | SEEK_STAT; 776 ide_set_irq(s->bus); 777 } 778 779 void ide_flush_cache(IDEState *s) 780 { 781 if (s->bs == NULL) { 782 ide_flush_cb(s, 0); 783 return; 784 } 785 786 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH); 787 bdrv_aio_flush(s->bs, ide_flush_cb, s); 788 } 789 790 static void ide_cfata_metadata_inquiry(IDEState *s) 791 { 792 uint16_t *p; 793 uint32_t spd; 794 795 p = (uint16_t *) s->io_buffer; 796 memset(p, 0, 0x200); 797 spd = ((s->mdata_size - 1) >> 9) + 1; 798 799 put_le16(p + 0, 0x0001); /* Data format revision */ 800 put_le16(p + 1, 0x0000); /* Media property: silicon */ 801 put_le16(p + 2, s->media_changed); /* Media status */ 802 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */ 803 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */ 804 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */ 805 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */ 806 } 807 808 static void ide_cfata_metadata_read(IDEState *s) 809 { 810 uint16_t *p; 811 812 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 813 s->status = ERR_STAT; 814 s->error = ABRT_ERR; 815 return; 816 } 817 818 p = (uint16_t *) s->io_buffer; 819 memset(p, 0, 0x200); 820 821 put_le16(p + 0, s->media_changed); /* Media status */ 822 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 823 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 824 s->nsector << 9), 0x200 - 2)); 825 } 826 827 static void ide_cfata_metadata_write(IDEState *s) 828 { 829 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) { 830 s->status = ERR_STAT; 831 s->error = ABRT_ERR; 832 return; 833 } 834 835 s->media_changed = 0; 836 837 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9), 838 s->io_buffer + 2, 839 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9), 840 s->nsector << 9), 0x200 - 2)); 841 } 842 843 /* called when the inserted state of the media has changed */ 844 static void ide_cd_change_cb(void *opaque, bool load) 845 { 846 IDEState *s = opaque; 847 uint64_t nb_sectors; 848 849 s->tray_open = !load; 850 bdrv_get_geometry(s->bs, &nb_sectors); 851 s->nb_sectors = nb_sectors; 852 853 /* 854 * First indicate to the guest that a CD has been removed. That's 855 * done on the next command the guest sends us. 856 * 857 * Then we set UNIT_ATTENTION, by which the guest will 858 * detect a new CD in the drive. See ide_atapi_cmd() for details. 859 */ 860 s->cdrom_changed = 1; 861 s->events.new_media = true; 862 s->events.eject_request = false; 863 ide_set_irq(s->bus); 864 } 865 866 static void ide_cd_eject_request_cb(void *opaque, bool force) 867 { 868 IDEState *s = opaque; 869 870 s->events.eject_request = true; 871 if (force) { 872 s->tray_locked = false; 873 } 874 ide_set_irq(s->bus); 875 } 876 877 static void ide_cmd_lba48_transform(IDEState *s, int lba48) 878 { 879 s->lba48 = lba48; 880 881 /* handle the 'magic' 0 nsector count conversion here. to avoid 882 * fiddling with the rest of the read logic, we just store the 883 * full sector count in ->nsector and ignore ->hob_nsector from now 884 */ 885 if (!s->lba48) { 886 if (!s->nsector) 887 s->nsector = 256; 888 } else { 889 if (!s->nsector && !s->hob_nsector) 890 s->nsector = 65536; 891 else { 892 int lo = s->nsector; 893 int hi = s->hob_nsector; 894 895 s->nsector = (hi << 8) | lo; 896 } 897 } 898 } 899 900 static void ide_clear_hob(IDEBus *bus) 901 { 902 /* any write clears HOB high bit of device control register */ 903 bus->ifs[0].select &= ~(1 << 7); 904 bus->ifs[1].select &= ~(1 << 7); 905 } 906 907 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val) 908 { 909 IDEBus *bus = opaque; 910 911 #ifdef DEBUG_IDE 912 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val); 913 #endif 914 915 addr &= 7; 916 917 /* ignore writes to command block while busy with previous command */ 918 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT))) 919 return; 920 921 switch(addr) { 922 case 0: 923 break; 924 case 1: 925 ide_clear_hob(bus); 926 /* NOTE: data is written to the two drives */ 927 bus->ifs[0].hob_feature = bus->ifs[0].feature; 928 bus->ifs[1].hob_feature = bus->ifs[1].feature; 929 bus->ifs[0].feature = val; 930 bus->ifs[1].feature = val; 931 break; 932 case 2: 933 ide_clear_hob(bus); 934 bus->ifs[0].hob_nsector = bus->ifs[0].nsector; 935 bus->ifs[1].hob_nsector = bus->ifs[1].nsector; 936 bus->ifs[0].nsector = val; 937 bus->ifs[1].nsector = val; 938 break; 939 case 3: 940 ide_clear_hob(bus); 941 bus->ifs[0].hob_sector = bus->ifs[0].sector; 942 bus->ifs[1].hob_sector = bus->ifs[1].sector; 943 bus->ifs[0].sector = val; 944 bus->ifs[1].sector = val; 945 break; 946 case 4: 947 ide_clear_hob(bus); 948 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl; 949 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl; 950 bus->ifs[0].lcyl = val; 951 bus->ifs[1].lcyl = val; 952 break; 953 case 5: 954 ide_clear_hob(bus); 955 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl; 956 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl; 957 bus->ifs[0].hcyl = val; 958 bus->ifs[1].hcyl = val; 959 break; 960 case 6: 961 /* FIXME: HOB readback uses bit 7 */ 962 bus->ifs[0].select = (val & ~0x10) | 0xa0; 963 bus->ifs[1].select = (val | 0x10) | 0xa0; 964 /* select drive */ 965 bus->unit = (val >> 4) & 1; 966 break; 967 default: 968 case 7: 969 /* command */ 970 ide_exec_cmd(bus, val); 971 break; 972 } 973 } 974 975 #define HD_OK (1u << IDE_HD) 976 #define CD_OK (1u << IDE_CD) 977 #define CFA_OK (1u << IDE_CFATA) 978 #define HD_CFA_OK (HD_OK | CFA_OK) 979 #define ALL_OK (HD_OK | CD_OK | CFA_OK) 980 981 /* See ACS-2 T13/2015-D Table B.2 Command codes */ 982 static const uint8_t ide_cmd_table[0x100] = { 983 /* NOP not implemented, mandatory for CD */ 984 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK, 985 [WIN_DSM] = ALL_OK, 986 [WIN_DEVICE_RESET] = CD_OK, 987 [WIN_RECAL] = HD_CFA_OK, 988 [WIN_READ] = ALL_OK, 989 [WIN_READ_ONCE] = ALL_OK, 990 [WIN_READ_EXT] = HD_CFA_OK, 991 [WIN_READDMA_EXT] = HD_CFA_OK, 992 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK, 993 [WIN_MULTREAD_EXT] = HD_CFA_OK, 994 [WIN_WRITE] = HD_CFA_OK, 995 [WIN_WRITE_ONCE] = HD_CFA_OK, 996 [WIN_WRITE_EXT] = HD_CFA_OK, 997 [WIN_WRITEDMA_EXT] = HD_CFA_OK, 998 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK, 999 [WIN_MULTWRITE_EXT] = HD_CFA_OK, 1000 [WIN_WRITE_VERIFY] = HD_CFA_OK, 1001 [WIN_VERIFY] = HD_CFA_OK, 1002 [WIN_VERIFY_ONCE] = HD_CFA_OK, 1003 [WIN_VERIFY_EXT] = HD_CFA_OK, 1004 [WIN_SEEK] = HD_CFA_OK, 1005 [CFA_TRANSLATE_SECTOR] = CFA_OK, 1006 [WIN_DIAGNOSE] = ALL_OK, 1007 [WIN_SPECIFY] = HD_CFA_OK, 1008 [WIN_STANDBYNOW2] = ALL_OK, 1009 [WIN_IDLEIMMEDIATE2] = ALL_OK, 1010 [WIN_STANDBY2] = ALL_OK, 1011 [WIN_SETIDLE2] = ALL_OK, 1012 [WIN_CHECKPOWERMODE2] = ALL_OK, 1013 [WIN_SLEEPNOW2] = ALL_OK, 1014 [WIN_PACKETCMD] = CD_OK, 1015 [WIN_PIDENTIFY] = CD_OK, 1016 [WIN_SMART] = HD_CFA_OK, 1017 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK, 1018 [CFA_ERASE_SECTORS] = CFA_OK, 1019 [WIN_MULTREAD] = HD_CFA_OK, 1020 [WIN_MULTWRITE] = HD_CFA_OK, 1021 [WIN_SETMULT] = HD_CFA_OK, 1022 [WIN_READDMA] = HD_CFA_OK, 1023 [WIN_READDMA_ONCE] = HD_CFA_OK, 1024 [WIN_WRITEDMA] = HD_CFA_OK, 1025 [WIN_WRITEDMA_ONCE] = HD_CFA_OK, 1026 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK, 1027 [WIN_STANDBYNOW1] = ALL_OK, 1028 [WIN_IDLEIMMEDIATE] = ALL_OK, 1029 [WIN_STANDBY] = ALL_OK, 1030 [WIN_SETIDLE1] = ALL_OK, 1031 [WIN_CHECKPOWERMODE1] = ALL_OK, 1032 [WIN_SLEEPNOW1] = ALL_OK, 1033 [WIN_FLUSH_CACHE] = ALL_OK, 1034 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK, 1035 [WIN_IDENTIFY] = ALL_OK, 1036 [WIN_SETFEATURES] = ALL_OK, 1037 [IBM_SENSE_CONDITION] = CFA_OK, 1038 [CFA_WEAR_LEVEL] = HD_CFA_OK, 1039 [WIN_READ_NATIVE_MAX] = ALL_OK, 1040 }; 1041 1042 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd) 1043 { 1044 return cmd < ARRAY_SIZE(ide_cmd_table) 1045 && (ide_cmd_table[cmd] & (1u << s->drive_kind)); 1046 } 1047 1048 void ide_exec_cmd(IDEBus *bus, uint32_t val) 1049 { 1050 uint16_t *identify_data; 1051 IDEState *s; 1052 int n; 1053 int lba48 = 0; 1054 1055 #if defined(DEBUG_IDE) 1056 printf("ide: CMD=%02x\n", val); 1057 #endif 1058 s = idebus_active_if(bus); 1059 /* ignore commands to non existent slave */ 1060 if (s != bus->ifs && !s->bs) 1061 return; 1062 1063 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */ 1064 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET) 1065 return; 1066 1067 if (!ide_cmd_permitted(s, val)) { 1068 goto abort_cmd; 1069 } 1070 1071 switch(val) { 1072 case WIN_DSM: 1073 switch (s->feature) { 1074 case DSM_TRIM: 1075 if (!s->bs) { 1076 goto abort_cmd; 1077 } 1078 ide_sector_start_dma(s, IDE_DMA_TRIM); 1079 break; 1080 default: 1081 goto abort_cmd; 1082 } 1083 break; 1084 case WIN_IDENTIFY: 1085 if (s->bs && s->drive_kind != IDE_CD) { 1086 if (s->drive_kind != IDE_CFATA) 1087 ide_identify(s); 1088 else 1089 ide_cfata_identify(s); 1090 s->status = READY_STAT | SEEK_STAT; 1091 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1092 } else { 1093 if (s->drive_kind == IDE_CD) { 1094 ide_set_signature(s); 1095 } 1096 ide_abort_command(s); 1097 } 1098 ide_set_irq(s->bus); 1099 break; 1100 case WIN_SPECIFY: 1101 case WIN_RECAL: 1102 s->error = 0; 1103 s->status = READY_STAT | SEEK_STAT; 1104 ide_set_irq(s->bus); 1105 break; 1106 case WIN_SETMULT: 1107 if (s->drive_kind == IDE_CFATA && s->nsector == 0) { 1108 /* Disable Read and Write Multiple */ 1109 s->mult_sectors = 0; 1110 s->status = READY_STAT | SEEK_STAT; 1111 } else if ((s->nsector & 0xff) != 0 && 1112 ((s->nsector & 0xff) > MAX_MULT_SECTORS || 1113 (s->nsector & (s->nsector - 1)) != 0)) { 1114 ide_abort_command(s); 1115 } else { 1116 s->mult_sectors = s->nsector & 0xff; 1117 s->status = READY_STAT | SEEK_STAT; 1118 } 1119 ide_set_irq(s->bus); 1120 break; 1121 case WIN_VERIFY_EXT: 1122 lba48 = 1; 1123 case WIN_VERIFY: 1124 case WIN_VERIFY_ONCE: 1125 /* do sector number check ? */ 1126 ide_cmd_lba48_transform(s, lba48); 1127 s->status = READY_STAT | SEEK_STAT; 1128 ide_set_irq(s->bus); 1129 break; 1130 case WIN_READ_EXT: 1131 lba48 = 1; 1132 case WIN_READ: 1133 case WIN_READ_ONCE: 1134 if (s->drive_kind == IDE_CD) { 1135 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */ 1136 goto abort_cmd; 1137 } 1138 if (!s->bs) { 1139 goto abort_cmd; 1140 } 1141 ide_cmd_lba48_transform(s, lba48); 1142 s->req_nb_sectors = 1; 1143 ide_sector_read(s); 1144 break; 1145 case WIN_WRITE_EXT: 1146 lba48 = 1; 1147 case WIN_WRITE: 1148 case WIN_WRITE_ONCE: 1149 case CFA_WRITE_SECT_WO_ERASE: 1150 case WIN_WRITE_VERIFY: 1151 if (!s->bs) { 1152 goto abort_cmd; 1153 } 1154 ide_cmd_lba48_transform(s, lba48); 1155 s->error = 0; 1156 s->status = SEEK_STAT | READY_STAT; 1157 s->req_nb_sectors = 1; 1158 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write); 1159 s->media_changed = 1; 1160 break; 1161 case WIN_MULTREAD_EXT: 1162 lba48 = 1; 1163 case WIN_MULTREAD: 1164 if (!s->bs) { 1165 goto abort_cmd; 1166 } 1167 if (!s->mult_sectors) { 1168 goto abort_cmd; 1169 } 1170 ide_cmd_lba48_transform(s, lba48); 1171 s->req_nb_sectors = s->mult_sectors; 1172 ide_sector_read(s); 1173 break; 1174 case WIN_MULTWRITE_EXT: 1175 lba48 = 1; 1176 case WIN_MULTWRITE: 1177 case CFA_WRITE_MULTI_WO_ERASE: 1178 if (!s->bs) { 1179 goto abort_cmd; 1180 } 1181 if (!s->mult_sectors) { 1182 goto abort_cmd; 1183 } 1184 ide_cmd_lba48_transform(s, lba48); 1185 s->error = 0; 1186 s->status = SEEK_STAT | READY_STAT; 1187 s->req_nb_sectors = s->mult_sectors; 1188 n = s->nsector; 1189 if (n > s->req_nb_sectors) 1190 n = s->req_nb_sectors; 1191 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write); 1192 s->media_changed = 1; 1193 break; 1194 case WIN_READDMA_EXT: 1195 lba48 = 1; 1196 case WIN_READDMA: 1197 case WIN_READDMA_ONCE: 1198 if (!s->bs) { 1199 goto abort_cmd; 1200 } 1201 ide_cmd_lba48_transform(s, lba48); 1202 ide_sector_start_dma(s, IDE_DMA_READ); 1203 break; 1204 case WIN_WRITEDMA_EXT: 1205 lba48 = 1; 1206 case WIN_WRITEDMA: 1207 case WIN_WRITEDMA_ONCE: 1208 if (!s->bs) { 1209 goto abort_cmd; 1210 } 1211 ide_cmd_lba48_transform(s, lba48); 1212 ide_sector_start_dma(s, IDE_DMA_WRITE); 1213 s->media_changed = 1; 1214 break; 1215 case WIN_READ_NATIVE_MAX_EXT: 1216 lba48 = 1; 1217 case WIN_READ_NATIVE_MAX: 1218 ide_cmd_lba48_transform(s, lba48); 1219 ide_set_sector(s, s->nb_sectors - 1); 1220 s->status = READY_STAT | SEEK_STAT; 1221 ide_set_irq(s->bus); 1222 break; 1223 case WIN_CHECKPOWERMODE1: 1224 case WIN_CHECKPOWERMODE2: 1225 s->error = 0; 1226 s->nsector = 0xff; /* device active or idle */ 1227 s->status = READY_STAT | SEEK_STAT; 1228 ide_set_irq(s->bus); 1229 break; 1230 case WIN_SETFEATURES: 1231 if (!s->bs) 1232 goto abort_cmd; 1233 /* XXX: valid for CDROM ? */ 1234 switch(s->feature) { 1235 case 0x02: /* write cache enable */ 1236 bdrv_set_enable_write_cache(s->bs, true); 1237 identify_data = (uint16_t *)s->identify_data; 1238 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1); 1239 s->status = READY_STAT | SEEK_STAT; 1240 ide_set_irq(s->bus); 1241 break; 1242 case 0x82: /* write cache disable */ 1243 bdrv_set_enable_write_cache(s->bs, false); 1244 identify_data = (uint16_t *)s->identify_data; 1245 put_le16(identify_data + 85, (1 << 14) | 1); 1246 ide_flush_cache(s); 1247 break; 1248 case 0xcc: /* reverting to power-on defaults enable */ 1249 case 0x66: /* reverting to power-on defaults disable */ 1250 case 0xaa: /* read look-ahead enable */ 1251 case 0x55: /* read look-ahead disable */ 1252 case 0x05: /* set advanced power management mode */ 1253 case 0x85: /* disable advanced power management mode */ 1254 case 0x69: /* NOP */ 1255 case 0x67: /* NOP */ 1256 case 0x96: /* NOP */ 1257 case 0x9a: /* NOP */ 1258 case 0x42: /* enable Automatic Acoustic Mode */ 1259 case 0xc2: /* disable Automatic Acoustic Mode */ 1260 s->status = READY_STAT | SEEK_STAT; 1261 ide_set_irq(s->bus); 1262 break; 1263 case 0x03: { /* set transfer mode */ 1264 uint8_t val = s->nsector & 0x07; 1265 identify_data = (uint16_t *)s->identify_data; 1266 1267 switch (s->nsector >> 3) { 1268 case 0x00: /* pio default */ 1269 case 0x01: /* pio mode */ 1270 put_le16(identify_data + 62,0x07); 1271 put_le16(identify_data + 63,0x07); 1272 put_le16(identify_data + 88,0x3f); 1273 break; 1274 case 0x02: /* sigle word dma mode*/ 1275 put_le16(identify_data + 62,0x07 | (1 << (val + 8))); 1276 put_le16(identify_data + 63,0x07); 1277 put_le16(identify_data + 88,0x3f); 1278 break; 1279 case 0x04: /* mdma mode */ 1280 put_le16(identify_data + 62,0x07); 1281 put_le16(identify_data + 63,0x07 | (1 << (val + 8))); 1282 put_le16(identify_data + 88,0x3f); 1283 break; 1284 case 0x08: /* udma mode */ 1285 put_le16(identify_data + 62,0x07); 1286 put_le16(identify_data + 63,0x07); 1287 put_le16(identify_data + 88,0x3f | (1 << (val + 8))); 1288 break; 1289 default: 1290 goto abort_cmd; 1291 } 1292 s->status = READY_STAT | SEEK_STAT; 1293 ide_set_irq(s->bus); 1294 break; 1295 } 1296 default: 1297 goto abort_cmd; 1298 } 1299 break; 1300 case WIN_FLUSH_CACHE: 1301 case WIN_FLUSH_CACHE_EXT: 1302 ide_flush_cache(s); 1303 break; 1304 case WIN_STANDBY: 1305 case WIN_STANDBY2: 1306 case WIN_STANDBYNOW1: 1307 case WIN_STANDBYNOW2: 1308 case WIN_IDLEIMMEDIATE: 1309 case WIN_IDLEIMMEDIATE2: 1310 case WIN_SETIDLE1: 1311 case WIN_SETIDLE2: 1312 case WIN_SLEEPNOW1: 1313 case WIN_SLEEPNOW2: 1314 s->status = READY_STAT; 1315 ide_set_irq(s->bus); 1316 break; 1317 case WIN_SEEK: 1318 /* XXX: Check that seek is within bounds */ 1319 s->status = READY_STAT | SEEK_STAT; 1320 ide_set_irq(s->bus); 1321 break; 1322 /* ATAPI commands */ 1323 case WIN_PIDENTIFY: 1324 ide_atapi_identify(s); 1325 s->status = READY_STAT | SEEK_STAT; 1326 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop); 1327 ide_set_irq(s->bus); 1328 break; 1329 case WIN_DIAGNOSE: 1330 ide_set_signature(s); 1331 if (s->drive_kind == IDE_CD) 1332 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet 1333 * devices to return a clear status register 1334 * with READY_STAT *not* set. */ 1335 else 1336 s->status = READY_STAT | SEEK_STAT; 1337 s->error = 0x01; /* Device 0 passed, Device 1 passed or not 1338 * present. 1339 */ 1340 ide_set_irq(s->bus); 1341 break; 1342 case WIN_DEVICE_RESET: 1343 ide_set_signature(s); 1344 s->status = 0x00; /* NOTE: READY is _not_ set */ 1345 s->error = 0x01; 1346 break; 1347 case WIN_PACKETCMD: 1348 /* overlapping commands not supported */ 1349 if (s->feature & 0x02) 1350 goto abort_cmd; 1351 s->status = READY_STAT | SEEK_STAT; 1352 s->atapi_dma = s->feature & 1; 1353 s->nsector = 1; 1354 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE, 1355 ide_atapi_cmd); 1356 break; 1357 /* CF-ATA commands */ 1358 case CFA_REQ_EXT_ERROR_CODE: 1359 s->error = 0x09; /* miscellaneous error */ 1360 s->status = READY_STAT | SEEK_STAT; 1361 ide_set_irq(s->bus); 1362 break; 1363 case CFA_ERASE_SECTORS: 1364 case CFA_WEAR_LEVEL: 1365 #if 0 1366 /* This one has the same ID as CFA_WEAR_LEVEL and is required for 1367 Windows 8 to work with AHCI */ 1368 case WIN_SECURITY_FREEZE_LOCK: 1369 #endif 1370 if (val == CFA_WEAR_LEVEL) 1371 s->nsector = 0; 1372 if (val == CFA_ERASE_SECTORS) 1373 s->media_changed = 1; 1374 s->error = 0x00; 1375 s->status = READY_STAT | SEEK_STAT; 1376 ide_set_irq(s->bus); 1377 break; 1378 case CFA_TRANSLATE_SECTOR: 1379 s->error = 0x00; 1380 s->status = READY_STAT | SEEK_STAT; 1381 memset(s->io_buffer, 0, 0x200); 1382 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */ 1383 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */ 1384 s->io_buffer[0x02] = s->select; /* Head */ 1385 s->io_buffer[0x03] = s->sector; /* Sector */ 1386 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */ 1387 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */ 1388 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */ 1389 s->io_buffer[0x13] = 0x00; /* Erase flag */ 1390 s->io_buffer[0x18] = 0x00; /* Hot count */ 1391 s->io_buffer[0x19] = 0x00; /* Hot count */ 1392 s->io_buffer[0x1a] = 0x01; /* Hot count */ 1393 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1394 ide_set_irq(s->bus); 1395 break; 1396 case CFA_ACCESS_METADATA_STORAGE: 1397 switch (s->feature) { 1398 case 0x02: /* Inquiry Metadata Storage */ 1399 ide_cfata_metadata_inquiry(s); 1400 break; 1401 case 0x03: /* Read Metadata Storage */ 1402 ide_cfata_metadata_read(s); 1403 break; 1404 case 0x04: /* Write Metadata Storage */ 1405 ide_cfata_metadata_write(s); 1406 break; 1407 default: 1408 goto abort_cmd; 1409 } 1410 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1411 s->status = 0x00; /* NOTE: READY is _not_ set */ 1412 ide_set_irq(s->bus); 1413 break; 1414 case IBM_SENSE_CONDITION: 1415 switch (s->feature) { 1416 case 0x01: /* sense temperature in device */ 1417 s->nsector = 0x50; /* +20 C */ 1418 break; 1419 default: 1420 goto abort_cmd; 1421 } 1422 s->status = READY_STAT | SEEK_STAT; 1423 ide_set_irq(s->bus); 1424 break; 1425 1426 case WIN_SMART: 1427 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) 1428 goto abort_cmd; 1429 if (!s->smart_enabled && s->feature != SMART_ENABLE) 1430 goto abort_cmd; 1431 switch (s->feature) { 1432 case SMART_DISABLE: 1433 s->smart_enabled = 0; 1434 s->status = READY_STAT | SEEK_STAT; 1435 ide_set_irq(s->bus); 1436 break; 1437 case SMART_ENABLE: 1438 s->smart_enabled = 1; 1439 s->status = READY_STAT | SEEK_STAT; 1440 ide_set_irq(s->bus); 1441 break; 1442 case SMART_ATTR_AUTOSAVE: 1443 switch (s->sector) { 1444 case 0x00: 1445 s->smart_autosave = 0; 1446 break; 1447 case 0xf1: 1448 s->smart_autosave = 1; 1449 break; 1450 default: 1451 goto abort_cmd; 1452 } 1453 s->status = READY_STAT | SEEK_STAT; 1454 ide_set_irq(s->bus); 1455 break; 1456 case SMART_STATUS: 1457 if (!s->smart_errors) { 1458 s->hcyl = 0xc2; 1459 s->lcyl = 0x4f; 1460 } else { 1461 s->hcyl = 0x2c; 1462 s->lcyl = 0xf4; 1463 } 1464 s->status = READY_STAT | SEEK_STAT; 1465 ide_set_irq(s->bus); 1466 break; 1467 case SMART_READ_THRESH: 1468 memset(s->io_buffer, 0, 0x200); 1469 s->io_buffer[0] = 0x01; /* smart struct version */ 1470 for (n=0; n<30; n++) { 1471 if (smart_attributes[n][0] == 0) 1472 break; 1473 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0]; 1474 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11]; 1475 } 1476 for (n=0; n<511; n++) /* checksum */ 1477 s->io_buffer[511] += s->io_buffer[n]; 1478 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1479 s->status = READY_STAT | SEEK_STAT; 1480 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1481 ide_set_irq(s->bus); 1482 break; 1483 case SMART_READ_DATA: 1484 memset(s->io_buffer, 0, 0x200); 1485 s->io_buffer[0] = 0x01; /* smart struct version */ 1486 for (n=0; n<30; n++) { 1487 if (smart_attributes[n][0] == 0) { 1488 break; 1489 } 1490 int i; 1491 for(i = 0; i < 11; i++) { 1492 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i]; 1493 } 1494 } 1495 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00); 1496 if (s->smart_selftest_count == 0) { 1497 s->io_buffer[363] = 0; 1498 } else { 1499 s->io_buffer[363] = 1500 s->smart_selftest_data[3 + 1501 (s->smart_selftest_count - 1) * 1502 24]; 1503 } 1504 s->io_buffer[364] = 0x20; 1505 s->io_buffer[365] = 0x01; 1506 /* offline data collection capacity: execute + self-test*/ 1507 s->io_buffer[367] = (1<<4 | 1<<3 | 1); 1508 s->io_buffer[368] = 0x03; /* smart capability (1) */ 1509 s->io_buffer[369] = 0x00; /* smart capability (2) */ 1510 s->io_buffer[370] = 0x01; /* error logging supported */ 1511 s->io_buffer[372] = 0x02; /* minutes for poll short test */ 1512 s->io_buffer[373] = 0x36; /* minutes for poll ext test */ 1513 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */ 1514 1515 for (n=0; n<511; n++) 1516 s->io_buffer[511] += s->io_buffer[n]; 1517 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1518 s->status = READY_STAT | SEEK_STAT; 1519 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1520 ide_set_irq(s->bus); 1521 break; 1522 case SMART_READ_LOG: 1523 switch (s->sector) { 1524 case 0x01: /* summary smart error log */ 1525 memset(s->io_buffer, 0, 0x200); 1526 s->io_buffer[0] = 0x01; 1527 s->io_buffer[1] = 0x00; /* no error entries */ 1528 s->io_buffer[452] = s->smart_errors & 0xff; 1529 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8; 1530 1531 for (n=0; n<511; n++) 1532 s->io_buffer[511] += s->io_buffer[n]; 1533 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1534 break; 1535 case 0x06: /* smart self test log */ 1536 memset(s->io_buffer, 0, 0x200); 1537 s->io_buffer[0] = 0x01; 1538 if (s->smart_selftest_count == 0) { 1539 s->io_buffer[508] = 0; 1540 } else { 1541 s->io_buffer[508] = s->smart_selftest_count; 1542 for (n=2; n<506; n++) 1543 s->io_buffer[n] = s->smart_selftest_data[n]; 1544 } 1545 for (n=0; n<511; n++) 1546 s->io_buffer[511] += s->io_buffer[n]; 1547 s->io_buffer[511] = 0x100 - s->io_buffer[511]; 1548 break; 1549 default: 1550 goto abort_cmd; 1551 } 1552 s->status = READY_STAT | SEEK_STAT; 1553 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop); 1554 ide_set_irq(s->bus); 1555 break; 1556 case SMART_EXECUTE_OFFLINE: 1557 switch (s->sector) { 1558 case 0: /* off-line routine */ 1559 case 1: /* short self test */ 1560 case 2: /* extended self test */ 1561 s->smart_selftest_count++; 1562 if(s->smart_selftest_count > 21) 1563 s->smart_selftest_count = 0; 1564 n = 2 + (s->smart_selftest_count - 1) * 24; 1565 s->smart_selftest_data[n] = s->sector; 1566 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */ 1567 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */ 1568 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */ 1569 s->status = READY_STAT | SEEK_STAT; 1570 ide_set_irq(s->bus); 1571 break; 1572 default: 1573 goto abort_cmd; 1574 } 1575 break; 1576 default: 1577 goto abort_cmd; 1578 } 1579 break; 1580 default: 1581 /* should not be reachable */ 1582 abort_cmd: 1583 ide_abort_command(s); 1584 ide_set_irq(s->bus); 1585 break; 1586 } 1587 } 1588 1589 uint32_t ide_ioport_read(void *opaque, uint32_t addr1) 1590 { 1591 IDEBus *bus = opaque; 1592 IDEState *s = idebus_active_if(bus); 1593 uint32_t addr; 1594 int ret, hob; 1595 1596 addr = addr1 & 7; 1597 /* FIXME: HOB readback uses bit 7, but it's always set right now */ 1598 //hob = s->select & (1 << 7); 1599 hob = 0; 1600 switch(addr) { 1601 case 0: 1602 ret = 0xff; 1603 break; 1604 case 1: 1605 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1606 (s != bus->ifs && !s->bs)) 1607 ret = 0; 1608 else if (!hob) 1609 ret = s->error; 1610 else 1611 ret = s->hob_feature; 1612 break; 1613 case 2: 1614 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1615 ret = 0; 1616 else if (!hob) 1617 ret = s->nsector & 0xff; 1618 else 1619 ret = s->hob_nsector; 1620 break; 1621 case 3: 1622 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1623 ret = 0; 1624 else if (!hob) 1625 ret = s->sector; 1626 else 1627 ret = s->hob_sector; 1628 break; 1629 case 4: 1630 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1631 ret = 0; 1632 else if (!hob) 1633 ret = s->lcyl; 1634 else 1635 ret = s->hob_lcyl; 1636 break; 1637 case 5: 1638 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1639 ret = 0; 1640 else if (!hob) 1641 ret = s->hcyl; 1642 else 1643 ret = s->hob_hcyl; 1644 break; 1645 case 6: 1646 if (!bus->ifs[0].bs && !bus->ifs[1].bs) 1647 ret = 0; 1648 else 1649 ret = s->select; 1650 break; 1651 default: 1652 case 7: 1653 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1654 (s != bus->ifs && !s->bs)) 1655 ret = 0; 1656 else 1657 ret = s->status; 1658 qemu_irq_lower(bus->irq); 1659 break; 1660 } 1661 #ifdef DEBUG_IDE 1662 printf("ide: read addr=0x%x val=%02x\n", addr1, ret); 1663 #endif 1664 return ret; 1665 } 1666 1667 uint32_t ide_status_read(void *opaque, uint32_t addr) 1668 { 1669 IDEBus *bus = opaque; 1670 IDEState *s = idebus_active_if(bus); 1671 int ret; 1672 1673 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) || 1674 (s != bus->ifs && !s->bs)) 1675 ret = 0; 1676 else 1677 ret = s->status; 1678 #ifdef DEBUG_IDE 1679 printf("ide: read status addr=0x%x val=%02x\n", addr, ret); 1680 #endif 1681 return ret; 1682 } 1683 1684 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val) 1685 { 1686 IDEBus *bus = opaque; 1687 IDEState *s; 1688 int i; 1689 1690 #ifdef DEBUG_IDE 1691 printf("ide: write control addr=0x%x val=%02x\n", addr, val); 1692 #endif 1693 /* common for both drives */ 1694 if (!(bus->cmd & IDE_CMD_RESET) && 1695 (val & IDE_CMD_RESET)) { 1696 /* reset low to high */ 1697 for(i = 0;i < 2; i++) { 1698 s = &bus->ifs[i]; 1699 s->status = BUSY_STAT | SEEK_STAT; 1700 s->error = 0x01; 1701 } 1702 } else if ((bus->cmd & IDE_CMD_RESET) && 1703 !(val & IDE_CMD_RESET)) { 1704 /* high to low */ 1705 for(i = 0;i < 2; i++) { 1706 s = &bus->ifs[i]; 1707 if (s->drive_kind == IDE_CD) 1708 s->status = 0x00; /* NOTE: READY is _not_ set */ 1709 else 1710 s->status = READY_STAT | SEEK_STAT; 1711 ide_set_signature(s); 1712 } 1713 } 1714 1715 bus->cmd = val; 1716 } 1717 1718 /* 1719 * Returns true if the running PIO transfer is a PIO out (i.e. data is 1720 * transferred from the device to the guest), false if it's a PIO in 1721 */ 1722 static bool ide_is_pio_out(IDEState *s) 1723 { 1724 if (s->end_transfer_func == ide_sector_write || 1725 s->end_transfer_func == ide_atapi_cmd) { 1726 return false; 1727 } else if (s->end_transfer_func == ide_sector_read || 1728 s->end_transfer_func == ide_transfer_stop || 1729 s->end_transfer_func == ide_atapi_cmd_reply_end || 1730 s->end_transfer_func == ide_dummy_transfer_stop) { 1731 return true; 1732 } 1733 1734 abort(); 1735 } 1736 1737 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val) 1738 { 1739 IDEBus *bus = opaque; 1740 IDEState *s = idebus_active_if(bus); 1741 uint8_t *p; 1742 1743 /* PIO data access allowed only when DRQ bit is set. The result of a write 1744 * during PIO out is indeterminate, just ignore it. */ 1745 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1746 return; 1747 } 1748 1749 p = s->data_ptr; 1750 *(uint16_t *)p = le16_to_cpu(val); 1751 p += 2; 1752 s->data_ptr = p; 1753 if (p >= s->data_end) 1754 s->end_transfer_func(s); 1755 } 1756 1757 uint32_t ide_data_readw(void *opaque, uint32_t addr) 1758 { 1759 IDEBus *bus = opaque; 1760 IDEState *s = idebus_active_if(bus); 1761 uint8_t *p; 1762 int ret; 1763 1764 /* PIO data access allowed only when DRQ bit is set. The result of a read 1765 * during PIO in is indeterminate, return 0 and don't move forward. */ 1766 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1767 return 0; 1768 } 1769 1770 p = s->data_ptr; 1771 ret = cpu_to_le16(*(uint16_t *)p); 1772 p += 2; 1773 s->data_ptr = p; 1774 if (p >= s->data_end) 1775 s->end_transfer_func(s); 1776 return ret; 1777 } 1778 1779 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val) 1780 { 1781 IDEBus *bus = opaque; 1782 IDEState *s = idebus_active_if(bus); 1783 uint8_t *p; 1784 1785 /* PIO data access allowed only when DRQ bit is set. The result of a write 1786 * during PIO out is indeterminate, just ignore it. */ 1787 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) { 1788 return; 1789 } 1790 1791 p = s->data_ptr; 1792 *(uint32_t *)p = le32_to_cpu(val); 1793 p += 4; 1794 s->data_ptr = p; 1795 if (p >= s->data_end) 1796 s->end_transfer_func(s); 1797 } 1798 1799 uint32_t ide_data_readl(void *opaque, uint32_t addr) 1800 { 1801 IDEBus *bus = opaque; 1802 IDEState *s = idebus_active_if(bus); 1803 uint8_t *p; 1804 int ret; 1805 1806 /* PIO data access allowed only when DRQ bit is set. The result of a read 1807 * during PIO in is indeterminate, return 0 and don't move forward. */ 1808 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) { 1809 return 0; 1810 } 1811 1812 p = s->data_ptr; 1813 ret = cpu_to_le32(*(uint32_t *)p); 1814 p += 4; 1815 s->data_ptr = p; 1816 if (p >= s->data_end) 1817 s->end_transfer_func(s); 1818 return ret; 1819 } 1820 1821 static void ide_dummy_transfer_stop(IDEState *s) 1822 { 1823 s->data_ptr = s->io_buffer; 1824 s->data_end = s->io_buffer; 1825 s->io_buffer[0] = 0xff; 1826 s->io_buffer[1] = 0xff; 1827 s->io_buffer[2] = 0xff; 1828 s->io_buffer[3] = 0xff; 1829 } 1830 1831 static void ide_reset(IDEState *s) 1832 { 1833 #ifdef DEBUG_IDE 1834 printf("ide: reset\n"); 1835 #endif 1836 1837 if (s->pio_aiocb) { 1838 bdrv_aio_cancel(s->pio_aiocb); 1839 s->pio_aiocb = NULL; 1840 } 1841 1842 if (s->drive_kind == IDE_CFATA) 1843 s->mult_sectors = 0; 1844 else 1845 s->mult_sectors = MAX_MULT_SECTORS; 1846 /* ide regs */ 1847 s->feature = 0; 1848 s->error = 0; 1849 s->nsector = 0; 1850 s->sector = 0; 1851 s->lcyl = 0; 1852 s->hcyl = 0; 1853 1854 /* lba48 */ 1855 s->hob_feature = 0; 1856 s->hob_sector = 0; 1857 s->hob_nsector = 0; 1858 s->hob_lcyl = 0; 1859 s->hob_hcyl = 0; 1860 1861 s->select = 0xa0; 1862 s->status = READY_STAT | SEEK_STAT; 1863 1864 s->lba48 = 0; 1865 1866 /* ATAPI specific */ 1867 s->sense_key = 0; 1868 s->asc = 0; 1869 s->cdrom_changed = 0; 1870 s->packet_transfer_size = 0; 1871 s->elementary_transfer_size = 0; 1872 s->io_buffer_index = 0; 1873 s->cd_sector_size = 0; 1874 s->atapi_dma = 0; 1875 /* ATA DMA state */ 1876 s->io_buffer_size = 0; 1877 s->req_nb_sectors = 0; 1878 1879 ide_set_signature(s); 1880 /* init the transfer handler so that 0xffff is returned on data 1881 accesses */ 1882 s->end_transfer_func = ide_dummy_transfer_stop; 1883 ide_dummy_transfer_stop(s); 1884 s->media_changed = 0; 1885 } 1886 1887 void ide_bus_reset(IDEBus *bus) 1888 { 1889 bus->unit = 0; 1890 bus->cmd = 0; 1891 ide_reset(&bus->ifs[0]); 1892 ide_reset(&bus->ifs[1]); 1893 ide_clear_hob(bus); 1894 1895 /* pending async DMA */ 1896 if (bus->dma->aiocb) { 1897 #ifdef DEBUG_AIO 1898 printf("aio_cancel\n"); 1899 #endif 1900 bdrv_aio_cancel(bus->dma->aiocb); 1901 bus->dma->aiocb = NULL; 1902 } 1903 1904 /* reset dma provider too */ 1905 bus->dma->ops->reset(bus->dma); 1906 } 1907 1908 static bool ide_cd_is_tray_open(void *opaque) 1909 { 1910 return ((IDEState *)opaque)->tray_open; 1911 } 1912 1913 static bool ide_cd_is_medium_locked(void *opaque) 1914 { 1915 return ((IDEState *)opaque)->tray_locked; 1916 } 1917 1918 static const BlockDevOps ide_cd_block_ops = { 1919 .change_media_cb = ide_cd_change_cb, 1920 .eject_request_cb = ide_cd_eject_request_cb, 1921 .is_tray_open = ide_cd_is_tray_open, 1922 .is_medium_locked = ide_cd_is_medium_locked, 1923 }; 1924 1925 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind, 1926 const char *version, const char *serial, const char *model, 1927 uint64_t wwn) 1928 { 1929 int cylinders, heads, secs; 1930 uint64_t nb_sectors; 1931 1932 s->bs = bs; 1933 s->drive_kind = kind; 1934 1935 bdrv_get_geometry(bs, &nb_sectors); 1936 bdrv_guess_geometry(bs, &cylinders, &heads, &secs); 1937 if (cylinders < 1 || cylinders > 16383) { 1938 error_report("cyls must be between 1 and 16383"); 1939 return -1; 1940 } 1941 if (heads < 1 || heads > 16) { 1942 error_report("heads must be between 1 and 16"); 1943 return -1; 1944 } 1945 if (secs < 1 || secs > 63) { 1946 error_report("secs must be between 1 and 63"); 1947 return -1; 1948 } 1949 s->cylinders = cylinders; 1950 s->heads = heads; 1951 s->sectors = secs; 1952 s->nb_sectors = nb_sectors; 1953 s->wwn = wwn; 1954 /* The SMART values should be preserved across power cycles 1955 but they aren't. */ 1956 s->smart_enabled = 1; 1957 s->smart_autosave = 1; 1958 s->smart_errors = 0; 1959 s->smart_selftest_count = 0; 1960 if (kind == IDE_CD) { 1961 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s); 1962 bdrv_set_buffer_alignment(bs, 2048); 1963 } else { 1964 if (!bdrv_is_inserted(s->bs)) { 1965 error_report("Device needs media, but drive is empty"); 1966 return -1; 1967 } 1968 if (bdrv_is_read_only(bs)) { 1969 error_report("Can't use a read-only drive"); 1970 return -1; 1971 } 1972 } 1973 if (serial) { 1974 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial); 1975 } else { 1976 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str), 1977 "QM%05d", s->drive_serial); 1978 } 1979 if (model) { 1980 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model); 1981 } else { 1982 switch (kind) { 1983 case IDE_CD: 1984 strcpy(s->drive_model_str, "QEMU DVD-ROM"); 1985 break; 1986 case IDE_CFATA: 1987 strcpy(s->drive_model_str, "QEMU MICRODRIVE"); 1988 break; 1989 default: 1990 strcpy(s->drive_model_str, "QEMU HARDDISK"); 1991 break; 1992 } 1993 } 1994 1995 if (version) { 1996 pstrcpy(s->version, sizeof(s->version), version); 1997 } else { 1998 pstrcpy(s->version, sizeof(s->version), qemu_get_version()); 1999 } 2000 2001 ide_reset(s); 2002 bdrv_iostatus_enable(bs); 2003 return 0; 2004 } 2005 2006 static void ide_init1(IDEBus *bus, int unit) 2007 { 2008 static int drive_serial = 1; 2009 IDEState *s = &bus->ifs[unit]; 2010 2011 s->bus = bus; 2012 s->unit = unit; 2013 s->drive_serial = drive_serial++; 2014 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */ 2015 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4; 2016 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len); 2017 memset(s->io_buffer, 0, s->io_buffer_total_len); 2018 2019 s->smart_selftest_data = qemu_blockalign(s->bs, 512); 2020 memset(s->smart_selftest_data, 0, 512); 2021 2022 s->sector_write_timer = qemu_new_timer_ns(vm_clock, 2023 ide_sector_write_timer_cb, s); 2024 } 2025 2026 static void ide_nop_start(IDEDMA *dma, IDEState *s, 2027 BlockDriverCompletionFunc *cb) 2028 { 2029 } 2030 2031 static int ide_nop(IDEDMA *dma) 2032 { 2033 return 0; 2034 } 2035 2036 static int ide_nop_int(IDEDMA *dma, int x) 2037 { 2038 return 0; 2039 } 2040 2041 static void ide_nop_restart(void *opaque, int x, RunState y) 2042 { 2043 } 2044 2045 static const IDEDMAOps ide_dma_nop_ops = { 2046 .start_dma = ide_nop_start, 2047 .start_transfer = ide_nop, 2048 .prepare_buf = ide_nop_int, 2049 .rw_buf = ide_nop_int, 2050 .set_unit = ide_nop_int, 2051 .add_status = ide_nop_int, 2052 .set_inactive = ide_nop, 2053 .restart_cb = ide_nop_restart, 2054 .reset = ide_nop, 2055 }; 2056 2057 static IDEDMA ide_dma_nop = { 2058 .ops = &ide_dma_nop_ops, 2059 .aiocb = NULL, 2060 }; 2061 2062 void ide_init2(IDEBus *bus, qemu_irq irq) 2063 { 2064 int i; 2065 2066 for(i = 0; i < 2; i++) { 2067 ide_init1(bus, i); 2068 ide_reset(&bus->ifs[i]); 2069 } 2070 bus->irq = irq; 2071 bus->dma = &ide_dma_nop; 2072 } 2073 2074 /* TODO convert users to qdev and remove */ 2075 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0, 2076 DriveInfo *hd1, qemu_irq irq) 2077 { 2078 int i; 2079 DriveInfo *dinfo; 2080 2081 for(i = 0; i < 2; i++) { 2082 dinfo = i == 0 ? hd0 : hd1; 2083 ide_init1(bus, i); 2084 if (dinfo) { 2085 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, 2086 dinfo->media_cd ? IDE_CD : IDE_HD, NULL, 2087 *dinfo->serial ? dinfo->serial : NULL, 2088 NULL, 0) < 0) { 2089 error_report("Can't set up IDE drive %s", dinfo->id); 2090 exit(1); 2091 } 2092 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]); 2093 } else { 2094 ide_reset(&bus->ifs[i]); 2095 } 2096 } 2097 bus->irq = irq; 2098 bus->dma = &ide_dma_nop; 2099 } 2100 2101 static const MemoryRegionPortio ide_portio_list[] = { 2102 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write }, 2103 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew }, 2104 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel }, 2105 PORTIO_END_OF_LIST(), 2106 }; 2107 2108 static const MemoryRegionPortio ide_portio2_list[] = { 2109 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write }, 2110 PORTIO_END_OF_LIST(), 2111 }; 2112 2113 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2) 2114 { 2115 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA 2116 bridge has been setup properly to always register with ISA. */ 2117 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide"); 2118 2119 if (iobase2) { 2120 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide"); 2121 } 2122 } 2123 2124 static bool is_identify_set(void *opaque, int version_id) 2125 { 2126 IDEState *s = opaque; 2127 2128 return s->identify_set != 0; 2129 } 2130 2131 static EndTransferFunc* transfer_end_table[] = { 2132 ide_sector_read, 2133 ide_sector_write, 2134 ide_transfer_stop, 2135 ide_atapi_cmd_reply_end, 2136 ide_atapi_cmd, 2137 ide_dummy_transfer_stop, 2138 }; 2139 2140 static int transfer_end_table_idx(EndTransferFunc *fn) 2141 { 2142 int i; 2143 2144 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++) 2145 if (transfer_end_table[i] == fn) 2146 return i; 2147 2148 return -1; 2149 } 2150 2151 static int ide_drive_post_load(void *opaque, int version_id) 2152 { 2153 IDEState *s = opaque; 2154 2155 if (version_id < 3) { 2156 if (s->sense_key == UNIT_ATTENTION && 2157 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) { 2158 s->cdrom_changed = 1; 2159 } 2160 } 2161 if (s->identify_set) { 2162 bdrv_set_enable_write_cache(s->bs, !!(s->identify_data[85] & (1 << 5))); 2163 } 2164 return 0; 2165 } 2166 2167 static int ide_drive_pio_post_load(void *opaque, int version_id) 2168 { 2169 IDEState *s = opaque; 2170 2171 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) { 2172 return -EINVAL; 2173 } 2174 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx]; 2175 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset; 2176 s->data_end = s->data_ptr + s->cur_io_buffer_len; 2177 2178 return 0; 2179 } 2180 2181 static void ide_drive_pio_pre_save(void *opaque) 2182 { 2183 IDEState *s = opaque; 2184 int idx; 2185 2186 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer; 2187 s->cur_io_buffer_len = s->data_end - s->data_ptr; 2188 2189 idx = transfer_end_table_idx(s->end_transfer_func); 2190 if (idx == -1) { 2191 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n", 2192 __func__); 2193 s->end_transfer_fn_idx = 2; 2194 } else { 2195 s->end_transfer_fn_idx = idx; 2196 } 2197 } 2198 2199 static bool ide_drive_pio_state_needed(void *opaque) 2200 { 2201 IDEState *s = opaque; 2202 2203 return ((s->status & DRQ_STAT) != 0) 2204 || (s->bus->error_status & BM_STATUS_PIO_RETRY); 2205 } 2206 2207 static bool ide_tray_state_needed(void *opaque) 2208 { 2209 IDEState *s = opaque; 2210 2211 return s->tray_open || s->tray_locked; 2212 } 2213 2214 static bool ide_atapi_gesn_needed(void *opaque) 2215 { 2216 IDEState *s = opaque; 2217 2218 return s->events.new_media || s->events.eject_request; 2219 } 2220 2221 static bool ide_error_needed(void *opaque) 2222 { 2223 IDEBus *bus = opaque; 2224 2225 return (bus->error_status != 0); 2226 } 2227 2228 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */ 2229 static const VMStateDescription vmstate_ide_atapi_gesn_state = { 2230 .name ="ide_drive/atapi/gesn_state", 2231 .version_id = 1, 2232 .minimum_version_id = 1, 2233 .minimum_version_id_old = 1, 2234 .fields = (VMStateField []) { 2235 VMSTATE_BOOL(events.new_media, IDEState), 2236 VMSTATE_BOOL(events.eject_request, IDEState), 2237 VMSTATE_END_OF_LIST() 2238 } 2239 }; 2240 2241 static const VMStateDescription vmstate_ide_tray_state = { 2242 .name = "ide_drive/tray_state", 2243 .version_id = 1, 2244 .minimum_version_id = 1, 2245 .minimum_version_id_old = 1, 2246 .fields = (VMStateField[]) { 2247 VMSTATE_BOOL(tray_open, IDEState), 2248 VMSTATE_BOOL(tray_locked, IDEState), 2249 VMSTATE_END_OF_LIST() 2250 } 2251 }; 2252 2253 static const VMStateDescription vmstate_ide_drive_pio_state = { 2254 .name = "ide_drive/pio_state", 2255 .version_id = 1, 2256 .minimum_version_id = 1, 2257 .minimum_version_id_old = 1, 2258 .pre_save = ide_drive_pio_pre_save, 2259 .post_load = ide_drive_pio_post_load, 2260 .fields = (VMStateField []) { 2261 VMSTATE_INT32(req_nb_sectors, IDEState), 2262 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1, 2263 vmstate_info_uint8, uint8_t), 2264 VMSTATE_INT32(cur_io_buffer_offset, IDEState), 2265 VMSTATE_INT32(cur_io_buffer_len, IDEState), 2266 VMSTATE_UINT8(end_transfer_fn_idx, IDEState), 2267 VMSTATE_INT32(elementary_transfer_size, IDEState), 2268 VMSTATE_INT32(packet_transfer_size, IDEState), 2269 VMSTATE_END_OF_LIST() 2270 } 2271 }; 2272 2273 const VMStateDescription vmstate_ide_drive = { 2274 .name = "ide_drive", 2275 .version_id = 3, 2276 .minimum_version_id = 0, 2277 .minimum_version_id_old = 0, 2278 .post_load = ide_drive_post_load, 2279 .fields = (VMStateField []) { 2280 VMSTATE_INT32(mult_sectors, IDEState), 2281 VMSTATE_INT32(identify_set, IDEState), 2282 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set), 2283 VMSTATE_UINT8(feature, IDEState), 2284 VMSTATE_UINT8(error, IDEState), 2285 VMSTATE_UINT32(nsector, IDEState), 2286 VMSTATE_UINT8(sector, IDEState), 2287 VMSTATE_UINT8(lcyl, IDEState), 2288 VMSTATE_UINT8(hcyl, IDEState), 2289 VMSTATE_UINT8(hob_feature, IDEState), 2290 VMSTATE_UINT8(hob_sector, IDEState), 2291 VMSTATE_UINT8(hob_nsector, IDEState), 2292 VMSTATE_UINT8(hob_lcyl, IDEState), 2293 VMSTATE_UINT8(hob_hcyl, IDEState), 2294 VMSTATE_UINT8(select, IDEState), 2295 VMSTATE_UINT8(status, IDEState), 2296 VMSTATE_UINT8(lba48, IDEState), 2297 VMSTATE_UINT8(sense_key, IDEState), 2298 VMSTATE_UINT8(asc, IDEState), 2299 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3), 2300 VMSTATE_END_OF_LIST() 2301 }, 2302 .subsections = (VMStateSubsection []) { 2303 { 2304 .vmsd = &vmstate_ide_drive_pio_state, 2305 .needed = ide_drive_pio_state_needed, 2306 }, { 2307 .vmsd = &vmstate_ide_tray_state, 2308 .needed = ide_tray_state_needed, 2309 }, { 2310 .vmsd = &vmstate_ide_atapi_gesn_state, 2311 .needed = ide_atapi_gesn_needed, 2312 }, { 2313 /* empty */ 2314 } 2315 } 2316 }; 2317 2318 static const VMStateDescription vmstate_ide_error_status = { 2319 .name ="ide_bus/error", 2320 .version_id = 1, 2321 .minimum_version_id = 1, 2322 .minimum_version_id_old = 1, 2323 .fields = (VMStateField []) { 2324 VMSTATE_INT32(error_status, IDEBus), 2325 VMSTATE_END_OF_LIST() 2326 } 2327 }; 2328 2329 const VMStateDescription vmstate_ide_bus = { 2330 .name = "ide_bus", 2331 .version_id = 1, 2332 .minimum_version_id = 1, 2333 .minimum_version_id_old = 1, 2334 .fields = (VMStateField []) { 2335 VMSTATE_UINT8(cmd, IDEBus), 2336 VMSTATE_UINT8(unit, IDEBus), 2337 VMSTATE_END_OF_LIST() 2338 }, 2339 .subsections = (VMStateSubsection []) { 2340 { 2341 .vmsd = &vmstate_ide_error_status, 2342 .needed = ide_error_needed, 2343 }, { 2344 /* empty */ 2345 } 2346 } 2347 }; 2348 2349 void ide_drive_get(DriveInfo **hd, int max_bus) 2350 { 2351 int i; 2352 2353 if (drive_get_max_bus(IF_IDE) >= max_bus) { 2354 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus); 2355 exit(1); 2356 } 2357 2358 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) { 2359 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS); 2360 } 2361 } 2362