1 /* 2 * QEMU IDE Emulation: PCI Bus support. 3 * 4 * Copyright (c) 2003 Fabrice Bellard 5 * Copyright (c) 2006 Openedhand Ltd. 6 * 7 * Permission is hereby granted, free of charge, to any person obtaining a copy 8 * of this software and associated documentation files (the "Software"), to deal 9 * in the Software without restriction, including without limitation the rights 10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 11 * copies of the Software, and to permit persons to whom the Software is 12 * furnished to do so, subject to the following conditions: 13 * 14 * The above copyright notice and this permission notice shall be included in 15 * all copies or substantial portions of the Software. 16 * 17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL 20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN 23 * THE SOFTWARE. 24 */ 25 #include <hw/hw.h> 26 #include <hw/i386/pc.h> 27 #include <hw/pci/pci.h> 28 #include <hw/isa/isa.h> 29 #include "sysemu/block-backend.h" 30 #include "sysemu/dma.h" 31 #include "qemu/error-report.h" 32 #include <hw/ide/pci.h> 33 34 #define BMDMA_PAGE_SIZE 4096 35 36 #define BM_MIGRATION_COMPAT_STATUS_BITS \ 37 (IDE_RETRY_DMA | IDE_RETRY_PIO | \ 38 IDE_RETRY_READ | IDE_RETRY_FLUSH) 39 40 static void bmdma_start_dma(IDEDMA *dma, IDEState *s, 41 BlockCompletionFunc *dma_cb) 42 { 43 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma); 44 45 bm->unit = s->unit; 46 bm->dma_cb = dma_cb; 47 bm->cur_prd_last = 0; 48 bm->cur_prd_addr = 0; 49 bm->cur_prd_len = 0; 50 bm->sector_num = ide_get_sector(s); 51 bm->nsector = s->nsector; 52 53 if (bm->status & BM_STATUS_DMAING) { 54 bm->dma_cb(bmdma_active_if(bm), 0); 55 } 56 } 57 58 /** 59 * Return the number of bytes successfully prepared. 60 * -1 on error. 61 */ 62 static int32_t bmdma_prepare_buf(IDEDMA *dma, int is_write) 63 { 64 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma); 65 IDEState *s = bmdma_active_if(bm); 66 PCIDevice *pci_dev = PCI_DEVICE(bm->pci_dev); 67 struct { 68 uint32_t addr; 69 uint32_t size; 70 } prd; 71 int l, len; 72 73 pci_dma_sglist_init(&s->sg, pci_dev, 74 s->nsector / (BMDMA_PAGE_SIZE / 512) + 1); 75 s->io_buffer_size = 0; 76 for(;;) { 77 if (bm->cur_prd_len == 0) { 78 /* end of table (with a fail safe of one page) */ 79 if (bm->cur_prd_last || 80 (bm->cur_addr - bm->addr) >= BMDMA_PAGE_SIZE) { 81 return s->io_buffer_size; 82 } 83 pci_dma_read(pci_dev, bm->cur_addr, &prd, 8); 84 bm->cur_addr += 8; 85 prd.addr = le32_to_cpu(prd.addr); 86 prd.size = le32_to_cpu(prd.size); 87 len = prd.size & 0xfffe; 88 if (len == 0) 89 len = 0x10000; 90 bm->cur_prd_len = len; 91 bm->cur_prd_addr = prd.addr; 92 bm->cur_prd_last = (prd.size & 0x80000000); 93 } 94 l = bm->cur_prd_len; 95 if (l > 0) { 96 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l); 97 98 /* Note: We limit the max transfer to be 2GiB. 99 * This should accommodate the largest ATA transaction 100 * for LBA48 (65,536 sectors) and 32K sector sizes. */ 101 if (s->sg.size > INT32_MAX) { 102 error_report("IDE: sglist describes more than 2GiB.\n"); 103 break; 104 } 105 bm->cur_prd_addr += l; 106 bm->cur_prd_len -= l; 107 s->io_buffer_size += l; 108 } 109 } 110 111 qemu_sglist_destroy(&s->sg); 112 s->io_buffer_size = 0; 113 return -1; 114 } 115 116 /* return 0 if buffer completed */ 117 static int bmdma_rw_buf(IDEDMA *dma, int is_write) 118 { 119 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma); 120 IDEState *s = bmdma_active_if(bm); 121 PCIDevice *pci_dev = PCI_DEVICE(bm->pci_dev); 122 struct { 123 uint32_t addr; 124 uint32_t size; 125 } prd; 126 int l, len; 127 128 for(;;) { 129 l = s->io_buffer_size - s->io_buffer_index; 130 if (l <= 0) 131 break; 132 if (bm->cur_prd_len == 0) { 133 /* end of table (with a fail safe of one page) */ 134 if (bm->cur_prd_last || 135 (bm->cur_addr - bm->addr) >= BMDMA_PAGE_SIZE) 136 return 0; 137 pci_dma_read(pci_dev, bm->cur_addr, &prd, 8); 138 bm->cur_addr += 8; 139 prd.addr = le32_to_cpu(prd.addr); 140 prd.size = le32_to_cpu(prd.size); 141 len = prd.size & 0xfffe; 142 if (len == 0) 143 len = 0x10000; 144 bm->cur_prd_len = len; 145 bm->cur_prd_addr = prd.addr; 146 bm->cur_prd_last = (prd.size & 0x80000000); 147 } 148 if (l > bm->cur_prd_len) 149 l = bm->cur_prd_len; 150 if (l > 0) { 151 if (is_write) { 152 pci_dma_write(pci_dev, bm->cur_prd_addr, 153 s->io_buffer + s->io_buffer_index, l); 154 } else { 155 pci_dma_read(pci_dev, bm->cur_prd_addr, 156 s->io_buffer + s->io_buffer_index, l); 157 } 158 bm->cur_prd_addr += l; 159 bm->cur_prd_len -= l; 160 s->io_buffer_index += l; 161 } 162 } 163 return 1; 164 } 165 166 static int bmdma_set_unit(IDEDMA *dma, int unit) 167 { 168 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma); 169 bm->unit = unit; 170 171 return 0; 172 } 173 174 static void bmdma_set_inactive(IDEDMA *dma, bool more) 175 { 176 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma); 177 178 bm->dma_cb = NULL; 179 bm->unit = -1; 180 if (more) { 181 bm->status |= BM_STATUS_DMAING; 182 } else { 183 bm->status &= ~BM_STATUS_DMAING; 184 } 185 } 186 187 static void bmdma_restart_dma(BMDMAState *bm, enum ide_dma_cmd dma_cmd) 188 { 189 IDEState *s = bmdma_active_if(bm); 190 191 ide_set_sector(s, bm->sector_num); 192 s->io_buffer_index = 0; 193 s->io_buffer_size = 0; 194 s->nsector = bm->nsector; 195 s->dma_cmd = dma_cmd; 196 bm->cur_addr = bm->addr; 197 bm->dma_cb = ide_dma_cb; 198 bmdma_start_dma(&bm->dma, s, bm->dma_cb); 199 } 200 201 /* TODO This should be common IDE code */ 202 static void bmdma_restart_bh(void *opaque) 203 { 204 BMDMAState *bm = opaque; 205 IDEBus *bus = bm->bus; 206 bool is_read; 207 int error_status; 208 209 qemu_bh_delete(bm->bh); 210 bm->bh = NULL; 211 212 if (bm->unit == (uint8_t) -1) { 213 return; 214 } 215 216 is_read = (bus->error_status & IDE_RETRY_READ) != 0; 217 218 /* The error status must be cleared before resubmitting the request: The 219 * request may fail again, and this case can only be distinguished if the 220 * called function can set a new error status. */ 221 error_status = bus->error_status; 222 bus->error_status = 0; 223 224 if (error_status & IDE_RETRY_DMA) { 225 if (error_status & IDE_RETRY_TRIM) { 226 bmdma_restart_dma(bm, IDE_DMA_TRIM); 227 } else { 228 bmdma_restart_dma(bm, is_read ? IDE_DMA_READ : IDE_DMA_WRITE); 229 } 230 } else if (error_status & IDE_RETRY_PIO) { 231 if (is_read) { 232 ide_sector_read(bmdma_active_if(bm)); 233 } else { 234 ide_sector_write(bmdma_active_if(bm)); 235 } 236 } else if (error_status & IDE_RETRY_FLUSH) { 237 ide_flush_cache(bmdma_active_if(bm)); 238 } else { 239 IDEState *s = bmdma_active_if(bm); 240 241 /* 242 * We've not got any bits to tell us about ATAPI - but 243 * we do have the end_transfer_func that tells us what 244 * we're trying to do. 245 */ 246 if (s->end_transfer_func == ide_atapi_cmd) { 247 ide_atapi_dma_restart(s); 248 } 249 } 250 } 251 252 static void bmdma_restart_cb(void *opaque, int running, RunState state) 253 { 254 IDEDMA *dma = opaque; 255 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma); 256 257 if (!running) 258 return; 259 260 if (!bm->bh) { 261 bm->bh = qemu_bh_new(bmdma_restart_bh, &bm->dma); 262 qemu_bh_schedule(bm->bh); 263 } 264 } 265 266 static void bmdma_cancel(BMDMAState *bm) 267 { 268 if (bm->status & BM_STATUS_DMAING) { 269 /* cancel DMA request */ 270 bmdma_set_inactive(&bm->dma, false); 271 } 272 } 273 274 static void bmdma_reset(IDEDMA *dma) 275 { 276 BMDMAState *bm = DO_UPCAST(BMDMAState, dma, dma); 277 278 #ifdef DEBUG_IDE 279 printf("ide: dma_reset\n"); 280 #endif 281 bmdma_cancel(bm); 282 bm->cmd = 0; 283 bm->status = 0; 284 bm->addr = 0; 285 bm->cur_addr = 0; 286 bm->cur_prd_last = 0; 287 bm->cur_prd_addr = 0; 288 bm->cur_prd_len = 0; 289 bm->sector_num = 0; 290 bm->nsector = 0; 291 } 292 293 static void bmdma_irq(void *opaque, int n, int level) 294 { 295 BMDMAState *bm = opaque; 296 297 if (!level) { 298 /* pass through lower */ 299 qemu_set_irq(bm->irq, level); 300 return; 301 } 302 303 bm->status |= BM_STATUS_INT; 304 305 /* trigger the real irq */ 306 qemu_set_irq(bm->irq, level); 307 } 308 309 void bmdma_cmd_writeb(BMDMAState *bm, uint32_t val) 310 { 311 #ifdef DEBUG_IDE 312 printf("%s: 0x%08x\n", __func__, val); 313 #endif 314 315 /* Ignore writes to SSBM if it keeps the old value */ 316 if ((val & BM_CMD_START) != (bm->cmd & BM_CMD_START)) { 317 if (!(val & BM_CMD_START)) { 318 /* 319 * We can't cancel Scatter Gather DMA in the middle of the 320 * operation or a partial (not full) DMA transfer would reach 321 * the storage so we wait for completion instead (we beahve 322 * like if the DMA was completed by the time the guest trying 323 * to cancel dma with bmdma_cmd_writeb with BM_CMD_START not 324 * set). 325 * 326 * In the future we'll be able to safely cancel the I/O if the 327 * whole DMA operation will be submitted to disk with a single 328 * aio operation with preadv/pwritev. 329 */ 330 if (bm->bus->dma->aiocb) { 331 blk_drain_all(); 332 assert(bm->bus->dma->aiocb == NULL); 333 } 334 bm->status &= ~BM_STATUS_DMAING; 335 } else { 336 bm->cur_addr = bm->addr; 337 if (!(bm->status & BM_STATUS_DMAING)) { 338 bm->status |= BM_STATUS_DMAING; 339 /* start dma transfer if possible */ 340 if (bm->dma_cb) 341 bm->dma_cb(bmdma_active_if(bm), 0); 342 } 343 } 344 } 345 346 bm->cmd = val & 0x09; 347 } 348 349 static uint64_t bmdma_addr_read(void *opaque, hwaddr addr, 350 unsigned width) 351 { 352 BMDMAState *bm = opaque; 353 uint32_t mask = (1ULL << (width * 8)) - 1; 354 uint64_t data; 355 356 data = (bm->addr >> (addr * 8)) & mask; 357 #ifdef DEBUG_IDE 358 printf("%s: 0x%08x\n", __func__, (unsigned)data); 359 #endif 360 return data; 361 } 362 363 static void bmdma_addr_write(void *opaque, hwaddr addr, 364 uint64_t data, unsigned width) 365 { 366 BMDMAState *bm = opaque; 367 int shift = addr * 8; 368 uint32_t mask = (1ULL << (width * 8)) - 1; 369 370 #ifdef DEBUG_IDE 371 printf("%s: 0x%08x\n", __func__, (unsigned)data); 372 #endif 373 bm->addr &= ~(mask << shift); 374 bm->addr |= ((data & mask) << shift) & ~3; 375 } 376 377 MemoryRegionOps bmdma_addr_ioport_ops = { 378 .read = bmdma_addr_read, 379 .write = bmdma_addr_write, 380 .endianness = DEVICE_LITTLE_ENDIAN, 381 }; 382 383 static bool ide_bmdma_current_needed(void *opaque) 384 { 385 BMDMAState *bm = opaque; 386 387 return (bm->cur_prd_len != 0); 388 } 389 390 static bool ide_bmdma_status_needed(void *opaque) 391 { 392 BMDMAState *bm = opaque; 393 394 /* Older versions abused some bits in the status register for internal 395 * error state. If any of these bits are set, we must add a subsection to 396 * transfer the real status register */ 397 uint8_t abused_bits = BM_MIGRATION_COMPAT_STATUS_BITS; 398 399 return ((bm->status & abused_bits) != 0); 400 } 401 402 static void ide_bmdma_pre_save(void *opaque) 403 { 404 BMDMAState *bm = opaque; 405 uint8_t abused_bits = BM_MIGRATION_COMPAT_STATUS_BITS; 406 407 bm->migration_compat_status = 408 (bm->status & ~abused_bits) | (bm->bus->error_status & abused_bits); 409 } 410 411 /* This function accesses bm->bus->error_status which is loaded only after 412 * BMDMA itself. This is why the function is called from ide_pci_post_load 413 * instead of being registered with VMState where it would run too early. */ 414 static int ide_bmdma_post_load(void *opaque, int version_id) 415 { 416 BMDMAState *bm = opaque; 417 uint8_t abused_bits = BM_MIGRATION_COMPAT_STATUS_BITS; 418 419 if (bm->status == 0) { 420 bm->status = bm->migration_compat_status & ~abused_bits; 421 bm->bus->error_status |= bm->migration_compat_status & abused_bits; 422 } 423 424 return 0; 425 } 426 427 static const VMStateDescription vmstate_bmdma_current = { 428 .name = "ide bmdma_current", 429 .version_id = 1, 430 .minimum_version_id = 1, 431 .fields = (VMStateField[]) { 432 VMSTATE_UINT32(cur_addr, BMDMAState), 433 VMSTATE_UINT32(cur_prd_last, BMDMAState), 434 VMSTATE_UINT32(cur_prd_addr, BMDMAState), 435 VMSTATE_UINT32(cur_prd_len, BMDMAState), 436 VMSTATE_END_OF_LIST() 437 } 438 }; 439 440 static const VMStateDescription vmstate_bmdma_status = { 441 .name ="ide bmdma/status", 442 .version_id = 1, 443 .minimum_version_id = 1, 444 .fields = (VMStateField[]) { 445 VMSTATE_UINT8(status, BMDMAState), 446 VMSTATE_END_OF_LIST() 447 } 448 }; 449 450 static const VMStateDescription vmstate_bmdma = { 451 .name = "ide bmdma", 452 .version_id = 3, 453 .minimum_version_id = 0, 454 .pre_save = ide_bmdma_pre_save, 455 .fields = (VMStateField[]) { 456 VMSTATE_UINT8(cmd, BMDMAState), 457 VMSTATE_UINT8(migration_compat_status, BMDMAState), 458 VMSTATE_UINT32(addr, BMDMAState), 459 VMSTATE_INT64(sector_num, BMDMAState), 460 VMSTATE_UINT32(nsector, BMDMAState), 461 VMSTATE_UINT8(unit, BMDMAState), 462 VMSTATE_END_OF_LIST() 463 }, 464 .subsections = (VMStateSubsection []) { 465 { 466 .vmsd = &vmstate_bmdma_current, 467 .needed = ide_bmdma_current_needed, 468 }, { 469 .vmsd = &vmstate_bmdma_status, 470 .needed = ide_bmdma_status_needed, 471 }, { 472 /* empty */ 473 } 474 } 475 }; 476 477 static int ide_pci_post_load(void *opaque, int version_id) 478 { 479 PCIIDEState *d = opaque; 480 int i; 481 482 for(i = 0; i < 2; i++) { 483 /* current versions always store 0/1, but older version 484 stored bigger values. We only need last bit */ 485 d->bmdma[i].unit &= 1; 486 ide_bmdma_post_load(&d->bmdma[i], -1); 487 } 488 489 return 0; 490 } 491 492 const VMStateDescription vmstate_ide_pci = { 493 .name = "ide", 494 .version_id = 3, 495 .minimum_version_id = 0, 496 .post_load = ide_pci_post_load, 497 .fields = (VMStateField[]) { 498 VMSTATE_PCI_DEVICE(parent_obj, PCIIDEState), 499 VMSTATE_STRUCT_ARRAY(bmdma, PCIIDEState, 2, 0, 500 vmstate_bmdma, BMDMAState), 501 VMSTATE_IDE_BUS_ARRAY(bus, PCIIDEState, 2), 502 VMSTATE_IDE_DRIVES(bus[0].ifs, PCIIDEState), 503 VMSTATE_IDE_DRIVES(bus[1].ifs, PCIIDEState), 504 VMSTATE_END_OF_LIST() 505 } 506 }; 507 508 void pci_ide_create_devs(PCIDevice *dev, DriveInfo **hd_table) 509 { 510 PCIIDEState *d = PCI_IDE(dev); 511 static const int bus[4] = { 0, 0, 1, 1 }; 512 static const int unit[4] = { 0, 1, 0, 1 }; 513 int i; 514 515 for (i = 0; i < 4; i++) { 516 if (hd_table[i] == NULL) 517 continue; 518 ide_create_drive(d->bus+bus[i], unit[i], hd_table[i]); 519 } 520 } 521 522 static const struct IDEDMAOps bmdma_ops = { 523 .start_dma = bmdma_start_dma, 524 .prepare_buf = bmdma_prepare_buf, 525 .rw_buf = bmdma_rw_buf, 526 .set_unit = bmdma_set_unit, 527 .set_inactive = bmdma_set_inactive, 528 .restart_cb = bmdma_restart_cb, 529 .reset = bmdma_reset, 530 }; 531 532 void bmdma_init(IDEBus *bus, BMDMAState *bm, PCIIDEState *d) 533 { 534 qemu_irq *irq; 535 536 if (bus->dma == &bm->dma) { 537 return; 538 } 539 540 bm->dma.ops = &bmdma_ops; 541 bus->dma = &bm->dma; 542 bm->irq = bus->irq; 543 irq = qemu_allocate_irqs(bmdma_irq, bm, 1); 544 bus->irq = *irq; 545 bm->pci_dev = d; 546 } 547 548 static const TypeInfo pci_ide_type_info = { 549 .name = TYPE_PCI_IDE, 550 .parent = TYPE_PCI_DEVICE, 551 .instance_size = sizeof(PCIIDEState), 552 .abstract = true, 553 }; 554 555 static void pci_ide_register_types(void) 556 { 557 type_register_static(&pci_ide_type_info); 558 } 559 560 type_init(pci_ide_register_types) 561