search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
arm_boot: Change initrd load address to "halfway through RAM"
[qemu/pbrook.git] / hw / ide / core.c
blobd683a8cc84556f574c96fa071573a9a6579e8255
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/isa.h>
29 #include "qemu-error.h"
30 #include "qemu-timer.h"
31 #include "sysemu.h"
32 #include "dma.h"
33 #include "hw/block-common.h"
34 #include "blockdev.h"
35
36 #include <hw/ide/internal.h>
37
38 /* These values were based on a Seagate ST3500418AS but have been modified
39 to make more sense in QEMU */
40 static const int smart_attributes[][12] = {
41 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
42 /* raw read error rate*/
43 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
44 /* spin up */
45 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
46 /* start stop count */
47 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
48 /* remapped sectors */
49 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
50 /* power on hours */
51 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
52 /* power cycle count */
53 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
54 /* airflow-temperature-celsius */
55 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
56 };
57
58 static int ide_handle_rw_error(IDEState *s, int error, int op);
59 static void ide_dummy_transfer_stop(IDEState *s);
60
61 static void padstr(char *str, const char *src, int len)
62 {
63 int i, v;
64 for(i = 0; i < len; i++) {
65 if (*src)
66 v = *src++;
67 else
68 v = ' ';
69 str[i^1] = v;
70 }
71 }
72
73 static void put_le16(uint16_t *p, unsigned int v)
74 {
75 *p = cpu_to_le16(v);
76 }
77
78 static void ide_identify(IDEState *s)
79 {
80 uint16_t *p;
81 unsigned int oldsize;
82 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
83
84 if (s->identify_set) {
85 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
86 return;
87 }
88
89 memset(s->io_buffer, 0, 512);
90 p = (uint16_t *)s->io_buffer;
91 put_le16(p + 0, 0x0040);
92 put_le16(p + 1, s->cylinders);
93 put_le16(p + 3, s->heads);
94 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
95 put_le16(p + 5, 512); /* XXX: retired, remove ? */
96 put_le16(p + 6, s->sectors);
97 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
98 put_le16(p + 20, 3); /* XXX: retired, remove ? */
99 put_le16(p + 21, 512); /* cache size in sectors */
100 put_le16(p + 22, 4); /* ecc bytes */
101 padstr((char *)(p + 23), s->version, 8); /* firmware version */
102 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
103 #if MAX_MULT_SECTORS > 1
104 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
105 #endif
106 put_le16(p + 48, 1); /* dword I/O */
107 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
108 put_le16(p + 51, 0x200); /* PIO transfer cycle */
109 put_le16(p + 52, 0x200); /* DMA transfer cycle */
110 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
111 put_le16(p + 54, s->cylinders);
112 put_le16(p + 55, s->heads);
113 put_le16(p + 56, s->sectors);
114 oldsize = s->cylinders * s->heads * s->sectors;
115 put_le16(p + 57, oldsize);
116 put_le16(p + 58, oldsize >> 16);
117 if (s->mult_sectors)
118 put_le16(p + 59, 0x100 | s->mult_sectors);
119 put_le16(p + 60, s->nb_sectors);
120 put_le16(p + 61, s->nb_sectors >> 16);
121 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
122 put_le16(p + 63, 0x07); /* mdma0-2 supported */
123 put_le16(p + 64, 0x03); /* pio3-4 supported */
124 put_le16(p + 65, 120);
125 put_le16(p + 66, 120);
126 put_le16(p + 67, 120);
127 put_le16(p + 68, 120);
128 if (dev && dev->conf.discard_granularity) {
129 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */
130 }
131
132 if (s->ncq_queues) {
133 put_le16(p + 75, s->ncq_queues - 1);
134 /* NCQ supported */
135 put_le16(p + 76, (1 << 8));
136 }
137
138 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
139 put_le16(p + 81, 0x16); /* conforms to ata5 */
140 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
141 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
142 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
143 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
144 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
145 if (s->wwn) {
146 put_le16(p + 84, (1 << 14) | (1 << 8) | 0);
147 } else {
148 put_le16(p + 84, (1 << 14) | 0);
149 }
150 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
151 if (bdrv_enable_write_cache(s->bs))
152 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
153 else
154 put_le16(p + 85, (1 << 14) | 1);
155 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
156 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10));
157 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
158 if (s->wwn) {
159 put_le16(p + 87, (1 << 14) | (1 << 8) | 0);
160 } else {
161 put_le16(p + 87, (1 << 14) | 0);
162 }
163 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
164 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
165 put_le16(p + 100, s->nb_sectors);
166 put_le16(p + 101, s->nb_sectors >> 16);
167 put_le16(p + 102, s->nb_sectors >> 32);
168 put_le16(p + 103, s->nb_sectors >> 48);
169
170 if (dev && dev->conf.physical_block_size)
171 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
172 if (s->wwn) {
173 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */
174 put_le16(p + 108, s->wwn >> 48);
175 put_le16(p + 109, s->wwn >> 32);
176 put_le16(p + 110, s->wwn >> 16);
177 put_le16(p + 111, s->wwn);
178 }
179 if (dev && dev->conf.discard_granularity) {
180 put_le16(p + 169, 1); /* TRIM support */
181 }
182
183 memcpy(s->identify_data, p, sizeof(s->identify_data));
184 s->identify_set = 1;
185 }
186
187 static void ide_atapi_identify(IDEState *s)
188 {
189 uint16_t *p;
190
191 if (s->identify_set) {
192 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
193 return;
194 }
195
196 memset(s->io_buffer, 0, 512);
197 p = (uint16_t *)s->io_buffer;
198 /* Removable CDROM, 50us response, 12 byte packets */
199 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
200 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
201 put_le16(p + 20, 3); /* buffer type */
202 put_le16(p + 21, 512); /* cache size in sectors */
203 put_le16(p + 22, 4); /* ecc bytes */
204 padstr((char *)(p + 23), s->version, 8); /* firmware version */
205 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
206 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
207 #ifdef USE_DMA_CDROM
208 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
209 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
210 put_le16(p + 62, 7); /* single word dma0-2 supported */
211 put_le16(p + 63, 7); /* mdma0-2 supported */
212 #else
213 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
214 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
215 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
216 #endif
217 put_le16(p + 64, 3); /* pio3-4 supported */
218 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
219 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
220 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
221 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
222
223 put_le16(p + 71, 30); /* in ns */
224 put_le16(p + 72, 30); /* in ns */
225
226 if (s->ncq_queues) {
227 put_le16(p + 75, s->ncq_queues - 1);
228 /* NCQ supported */
229 put_le16(p + 76, (1 << 8));
230 }
231
232 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
233 #ifdef USE_DMA_CDROM
234 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
235 #endif
236 memcpy(s->identify_data, p, sizeof(s->identify_data));
237 s->identify_set = 1;
238 }
239
240 static void ide_cfata_identify(IDEState *s)
241 {
242 uint16_t *p;
243 uint32_t cur_sec;
244
245 p = (uint16_t *) s->identify_data;
246 if (s->identify_set)
247 goto fill_buffer;
248
249 memset(p, 0, sizeof(s->identify_data));
250
251 cur_sec = s->cylinders * s->heads * s->sectors;
252
253 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
254 put_le16(p + 1, s->cylinders); /* Default cylinders */
255 put_le16(p + 3, s->heads); /* Default heads */
256 put_le16(p + 6, s->sectors); /* Default sectors per track */
257 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
258 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
259 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
260 put_le16(p + 22, 0x0004); /* ECC bytes */
261 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
262 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */
263 #if MAX_MULT_SECTORS > 1
264 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
265 #else
266 put_le16(p + 47, 0x0000);
267 #endif
268 put_le16(p + 49, 0x0f00); /* Capabilities */
269 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
270 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
271 put_le16(p + 53, 0x0003); /* Translation params valid */
272 put_le16(p + 54, s->cylinders); /* Current cylinders */
273 put_le16(p + 55, s->heads); /* Current heads */
274 put_le16(p + 56, s->sectors); /* Current sectors */
275 put_le16(p + 57, cur_sec); /* Current capacity */
276 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
277 if (s->mult_sectors) /* Multiple sector setting */
278 put_le16(p + 59, 0x100 | s->mult_sectors);
279 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
280 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
281 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
282 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
283 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
284 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
285 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
286 put_le16(p + 82, 0x400c); /* Command Set supported */
287 put_le16(p + 83, 0x7068); /* Command Set supported */
288 put_le16(p + 84, 0x4000); /* Features supported */
289 put_le16(p + 85, 0x000c); /* Command Set enabled */
290 put_le16(p + 86, 0x7044); /* Command Set enabled */
291 put_le16(p + 87, 0x4000); /* Features enabled */
292 put_le16(p + 91, 0x4060); /* Current APM level */
293 put_le16(p + 129, 0x0002); /* Current features option */
294 put_le16(p + 130, 0x0005); /* Reassigned sectors */
295 put_le16(p + 131, 0x0001); /* Initial power mode */
296 put_le16(p + 132, 0x0000); /* User signature */
297 put_le16(p + 160, 0x8100); /* Power requirement */
298 put_le16(p + 161, 0x8001); /* CF command set */
299
300 s->identify_set = 1;
301
302 fill_buffer:
303 memcpy(s->io_buffer, p, sizeof(s->identify_data));
304 }
305
306 static void ide_set_signature(IDEState *s)
307 {
308 s->select &= 0xf0; /* clear head */
309 /* put signature */
310 s->nsector = 1;
311 s->sector = 1;
312 if (s->drive_kind == IDE_CD) {
313 s->lcyl = 0x14;
314 s->hcyl = 0xeb;
315 } else if (s->bs) {
316 s->lcyl = 0;
317 s->hcyl = 0;
318 } else {
319 s->lcyl = 0xff;
320 s->hcyl = 0xff;
321 }
322 }
323
324 typedef struct TrimAIOCB {
325 BlockDriverAIOCB common;
326 QEMUBH *bh;
327 int ret;
328 } TrimAIOCB;
329
330 static void trim_aio_cancel(BlockDriverAIOCB *acb)
331 {
332 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common);
333
334 qemu_bh_delete(iocb->bh);
335 iocb->bh = NULL;
336 qemu_aio_release(iocb);
337 }
338
339 static AIOPool trim_aio_pool = {
340 .aiocb_size = sizeof(TrimAIOCB),
341 .cancel = trim_aio_cancel,
342 };
343
344 static void ide_trim_bh_cb(void *opaque)
345 {
346 TrimAIOCB *iocb = opaque;
347
348 iocb->common.cb(iocb->common.opaque, iocb->ret);
349
350 qemu_bh_delete(iocb->bh);
351 iocb->bh = NULL;
352
353 qemu_aio_release(iocb);
354 }
355
356 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs,
357 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
358 BlockDriverCompletionFunc *cb, void *opaque)
359 {
360 TrimAIOCB *iocb;
361 int i, j, ret;
362
363 iocb = qemu_aio_get(&trim_aio_pool, bs, cb, opaque);
364 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb);
365 iocb->ret = 0;
366
367 for (j = 0; j < qiov->niov; j++) {
368 uint64_t *buffer = qiov->iov[j].iov_base;
369
370 for (i = 0; i < qiov->iov[j].iov_len / 8; i++) {
371 /* 6-byte LBA + 2-byte range per entry */
372 uint64_t entry = le64_to_cpu(buffer[i]);
373 uint64_t sector = entry & 0x0000ffffffffffffULL;
374 uint16_t count = entry >> 48;
375
376 if (count == 0) {
377 break;
378 }
379
380 ret = bdrv_discard(bs, sector, count);
381 if (!iocb->ret) {
382 iocb->ret = ret;
383 }
384 }
385 }
386
387 qemu_bh_schedule(iocb->bh);
388
389 return &iocb->common;
390 }
391
392 static inline void ide_abort_command(IDEState *s)
393 {
394 s->status = READY_STAT | ERR_STAT;
395 s->error = ABRT_ERR;
396 }
397
398 /* prepare data transfer and tell what to do after */
399 void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
400 EndTransferFunc *end_transfer_func)
401 {
402 s->end_transfer_func = end_transfer_func;
403 s->data_ptr = buf;
404 s->data_end = buf + size;
405 if (!(s->status & ERR_STAT)) {
406 s->status |= DRQ_STAT;
407 }
408 s->bus->dma->ops->start_transfer(s->bus->dma);
409 }
410
411 void ide_transfer_stop(IDEState *s)
412 {
413 s->end_transfer_func = ide_transfer_stop;
414 s->data_ptr = s->io_buffer;
415 s->data_end = s->io_buffer;
416 s->status &= ~DRQ_STAT;
417 }
418
419 int64_t ide_get_sector(IDEState *s)
420 {
421 int64_t sector_num;
422 if (s->select & 0x40) {
423 /* lba */
424 if (!s->lba48) {
425 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
426 (s->lcyl << 8) | s->sector;
427 } else {
428 sector_num = ((int64_t)s->hob_hcyl << 40) |
429 ((int64_t) s->hob_lcyl << 32) |
430 ((int64_t) s->hob_sector << 24) |
431 ((int64_t) s->hcyl << 16) |
432 ((int64_t) s->lcyl << 8) | s->sector;
433 }
434 } else {
435 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
436 (s->select & 0x0f) * s->sectors + (s->sector - 1);
437 }
438 return sector_num;
439 }
440
441 void ide_set_sector(IDEState *s, int64_t sector_num)
442 {
443 unsigned int cyl, r;
444 if (s->select & 0x40) {
445 if (!s->lba48) {
446 s->select = (s->select & 0xf0) | (sector_num >> 24);
447 s->hcyl = (sector_num >> 16);
448 s->lcyl = (sector_num >> 8);
449 s->sector = (sector_num);
450 } else {
451 s->sector = sector_num;
452 s->lcyl = sector_num >> 8;
453 s->hcyl = sector_num >> 16;
454 s->hob_sector = sector_num >> 24;
455 s->hob_lcyl = sector_num >> 32;
456 s->hob_hcyl = sector_num >> 40;
457 }
458 } else {
459 cyl = sector_num / (s->heads * s->sectors);
460 r = sector_num % (s->heads * s->sectors);
461 s->hcyl = cyl >> 8;
462 s->lcyl = cyl;
463 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
464 s->sector = (r % s->sectors) + 1;
465 }
466 }
467
468 static void ide_rw_error(IDEState *s) {
469 ide_abort_command(s);
470 ide_set_irq(s->bus);
471 }
472
473 static void ide_sector_read_cb(void *opaque, int ret)
474 {
475 IDEState *s = opaque;
476 int n;
477
478 s->pio_aiocb = NULL;
479 s->status &= ~BUSY_STAT;
480
481 bdrv_acct_done(s->bs, &s->acct);
482 if (ret != 0) {
483 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY |
484 BM_STATUS_RETRY_READ)) {
485 return;
486 }
487 }
488
489 n = s->nsector;
490 if (n > s->req_nb_sectors) {
491 n = s->req_nb_sectors;
492 }
493
494 /* Allow the guest to read the io_buffer */
495 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read);
496
497 ide_set_irq(s->bus);
498
499 ide_set_sector(s, ide_get_sector(s) + n);
500 s->nsector -= n;
501 }
502
503 void ide_sector_read(IDEState *s)
504 {
505 int64_t sector_num;
506 int n;
507
508 s->status = READY_STAT | SEEK_STAT;
509 s->error = 0; /* not needed by IDE spec, but needed by Windows */
510 sector_num = ide_get_sector(s);
511 n = s->nsector;
512
513 if (n == 0) {
514 ide_transfer_stop(s);
515 return;
516 }
517
518 s->status |= BUSY_STAT;
519
520 if (n > s->req_nb_sectors) {
521 n = s->req_nb_sectors;
522 }
523
524 #if defined(DEBUG_IDE)
525 printf("sector=%" PRId64 "\n", sector_num);
526 #endif
527
528 s->iov.iov_base = s->io_buffer;
529 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
530 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
531
532 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
533 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n,
534 ide_sector_read_cb, s);
535 }
536
537 static void dma_buf_commit(IDEState *s)
538 {
539 qemu_sglist_destroy(&s->sg);
540 }
541
542 void ide_set_inactive(IDEState *s)
543 {
544 s->bus->dma->aiocb = NULL;
545 s->bus->dma->ops->set_inactive(s->bus->dma);
546 }
547
548 void ide_dma_error(IDEState *s)
549 {
550 ide_transfer_stop(s);
551 s->error = ABRT_ERR;
552 s->status = READY_STAT | ERR_STAT;
553 ide_set_inactive(s);
554 ide_set_irq(s->bus);
555 }
556
557 static int ide_handle_rw_error(IDEState *s, int error, int op)
558 {
559 bool is_read = (op & BM_STATUS_RETRY_READ) != 0;
560 BlockErrorAction action = bdrv_get_error_action(s->bs, is_read, error);
561
562 if (action == BDRV_ACTION_STOP) {
563 s->bus->dma->ops->set_unit(s->bus->dma, s->unit);
564 s->bus->error_status = op;
565 } else if (action == BDRV_ACTION_REPORT) {
566 if (op & BM_STATUS_DMA_RETRY) {
567 dma_buf_commit(s);
568 ide_dma_error(s);
569 } else {
570 ide_rw_error(s);
571 }
572 }
573 bdrv_error_action(s->bs, action, is_read, error);
574 return action != BDRV_ACTION_IGNORE;
575 }
576
577 void ide_dma_cb(void *opaque, int ret)
578 {
579 IDEState *s = opaque;
580 int n;
581 int64_t sector_num;
582
583 if (ret < 0) {
584 int op = BM_STATUS_DMA_RETRY;
585
586 if (s->dma_cmd == IDE_DMA_READ)
587 op |= BM_STATUS_RETRY_READ;
588 else if (s->dma_cmd == IDE_DMA_TRIM)
589 op |= BM_STATUS_RETRY_TRIM;
590
591 if (ide_handle_rw_error(s, -ret, op)) {
592 return;
593 }
594 }
595
596 n = s->io_buffer_size >> 9;
597 sector_num = ide_get_sector(s);
598 if (n > 0) {
599 dma_buf_commit(s);
600 sector_num += n;
601 ide_set_sector(s, sector_num);
602 s->nsector -= n;
603 }
604
605 /* end of transfer ? */
606 if (s->nsector == 0) {
607 s->status = READY_STAT | SEEK_STAT;
608 ide_set_irq(s->bus);
609 goto eot;
610 }
611
612 /* launch next transfer */
613 n = s->nsector;
614 s->io_buffer_index = 0;
615 s->io_buffer_size = n * 512;
616 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) {
617 /* The PRDs were too short. Reset the Active bit, but don't raise an
618 * interrupt. */
619 goto eot;
620 }
621
622 #ifdef DEBUG_AIO
623 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n",
624 sector_num, n, s->dma_cmd);
625 #endif
626
627 switch (s->dma_cmd) {
628 case IDE_DMA_READ:
629 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
630 ide_dma_cb, s);
631 break;
632 case IDE_DMA_WRITE:
633 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
634 ide_dma_cb, s);
635 break;
636 case IDE_DMA_TRIM:
637 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num,
638 ide_issue_trim, ide_dma_cb, s,
639 DMA_DIRECTION_TO_DEVICE);
640 break;
641 }
642 return;
643
644 eot:
645 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) {
646 bdrv_acct_done(s->bs, &s->acct);
647 }
648 ide_set_inactive(s);
649 }
650
651 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
652 {
653 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
654 s->io_buffer_index = 0;
655 s->io_buffer_size = 0;
656 s->dma_cmd = dma_cmd;
657
658 switch (dma_cmd) {
659 case IDE_DMA_READ:
660 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
661 BDRV_ACCT_READ);
662 break;
663 case IDE_DMA_WRITE:
664 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
665 BDRV_ACCT_WRITE);
666 break;
667 default:
668 break;
669 }
670
671 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb);
672 }
673
674 static void ide_sector_write_timer_cb(void *opaque)
675 {
676 IDEState *s = opaque;
677 ide_set_irq(s->bus);
678 }
679
680 static void ide_sector_write_cb(void *opaque, int ret)
681 {
682 IDEState *s = opaque;
683 int n;
684
685 bdrv_acct_done(s->bs, &s->acct);
686
687 s->pio_aiocb = NULL;
688 s->status &= ~BUSY_STAT;
689
690 if (ret != 0) {
691 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) {
692 return;
693 }
694 }
695
696 n = s->nsector;
697 if (n > s->req_nb_sectors) {
698 n = s->req_nb_sectors;
699 }
700 s->nsector -= n;
701 if (s->nsector == 0) {
702 /* no more sectors to write */
703 ide_transfer_stop(s);
704 } else {
705 int n1 = s->nsector;
706 if (n1 > s->req_nb_sectors) {
707 n1 = s->req_nb_sectors;
708 }
709 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE,
710 ide_sector_write);
711 }
712 ide_set_sector(s, ide_get_sector(s) + n);
713
714 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
715 /* It seems there is a bug in the Windows 2000 installer HDD
716 IDE driver which fills the disk with empty logs when the
717 IDE write IRQ comes too early. This hack tries to correct
718 that at the expense of slower write performances. Use this
719 option _only_ to install Windows 2000. You must disable it
720 for normal use. */
721 qemu_mod_timer(s->sector_write_timer,
722 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000));
723 } else {
724 ide_set_irq(s->bus);
725 }
726 }
727
728 void ide_sector_write(IDEState *s)
729 {
730 int64_t sector_num;
731 int n;
732
733 s->status = READY_STAT | SEEK_STAT | BUSY_STAT;
734 sector_num = ide_get_sector(s);
735 #if defined(DEBUG_IDE)
736 printf("sector=%" PRId64 "\n", sector_num);
737 #endif
738 n = s->nsector;
739 if (n > s->req_nb_sectors) {
740 n = s->req_nb_sectors;
741 }
742
743 s->iov.iov_base = s->io_buffer;
744 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
745 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
746
747 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
748 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n,
749 ide_sector_write_cb, s);
750 }
751
752 static void ide_flush_cb(void *opaque, int ret)
753 {
754 IDEState *s = opaque;
755
756 if (ret < 0) {
757 /* XXX: What sector number to set here? */
758 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
759 return;
760 }
761 }
762
763 bdrv_acct_done(s->bs, &s->acct);
764 s->status = READY_STAT | SEEK_STAT;
765 ide_set_irq(s->bus);
766 }
767
768 void ide_flush_cache(IDEState *s)
769 {
770 if (s->bs == NULL) {
771 ide_flush_cb(s, 0);
772 return;
773 }
774
775 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH);
776 bdrv_aio_flush(s->bs, ide_flush_cb, s);
777 }
778
779 static void ide_cfata_metadata_inquiry(IDEState *s)
780 {
781 uint16_t *p;
782 uint32_t spd;
783
784 p = (uint16_t *) s->io_buffer;
785 memset(p, 0, 0x200);
786 spd = ((s->mdata_size - 1) >> 9) + 1;
787
788 put_le16(p + 0, 0x0001); /* Data format revision */
789 put_le16(p + 1, 0x0000); /* Media property: silicon */
790 put_le16(p + 2, s->media_changed); /* Media status */
791 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
792 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
793 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
794 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
795 }
796
797 static void ide_cfata_metadata_read(IDEState *s)
798 {
799 uint16_t *p;
800
801 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
802 s->status = ERR_STAT;
803 s->error = ABRT_ERR;
804 return;
805 }
806
807 p = (uint16_t *) s->io_buffer;
808 memset(p, 0, 0x200);
809
810 put_le16(p + 0, s->media_changed); /* Media status */
811 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
812 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
813 s->nsector << 9), 0x200 - 2));
814 }
815
816 static void ide_cfata_metadata_write(IDEState *s)
817 {
818 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
819 s->status = ERR_STAT;
820 s->error = ABRT_ERR;
821 return;
822 }
823
824 s->media_changed = 0;
825
826 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
827 s->io_buffer + 2,
828 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
829 s->nsector << 9), 0x200 - 2));
830 }
831
832 /* called when the inserted state of the media has changed */
833 static void ide_cd_change_cb(void *opaque, bool load)
834 {
835 IDEState *s = opaque;
836 uint64_t nb_sectors;
837
838 s->tray_open = !load;
839 bdrv_get_geometry(s->bs, &nb_sectors);
840 s->nb_sectors = nb_sectors;
841
842 /*
843 * First indicate to the guest that a CD has been removed. That's
844 * done on the next command the guest sends us.
845 *
846 * Then we set UNIT_ATTENTION, by which the guest will
847 * detect a new CD in the drive. See ide_atapi_cmd() for details.
848 */
849 s->cdrom_changed = 1;
850 s->events.new_media = true;
851 s->events.eject_request = false;
852 ide_set_irq(s->bus);
853 }
854
855 static void ide_cd_eject_request_cb(void *opaque, bool force)
856 {
857 IDEState *s = opaque;
858
859 s->events.eject_request = true;
860 if (force) {
861 s->tray_locked = false;
862 }
863 ide_set_irq(s->bus);
864 }
865
866 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
867 {
868 s->lba48 = lba48;
869
870 /* handle the 'magic' 0 nsector count conversion here. to avoid
871 * fiddling with the rest of the read logic, we just store the
872 * full sector count in ->nsector and ignore ->hob_nsector from now
873 */
874 if (!s->lba48) {
875 if (!s->nsector)
876 s->nsector = 256;
877 } else {
878 if (!s->nsector && !s->hob_nsector)
879 s->nsector = 65536;
880 else {
881 int lo = s->nsector;
882 int hi = s->hob_nsector;
883
884 s->nsector = (hi << 8) | lo;
885 }
886 }
887 }
888
889 static void ide_clear_hob(IDEBus *bus)
890 {
891 /* any write clears HOB high bit of device control register */
892 bus->ifs[0].select &= ~(1 << 7);
893 bus->ifs[1].select &= ~(1 << 7);
894 }
895
896 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
897 {
898 IDEBus *bus = opaque;
899
900 #ifdef DEBUG_IDE
901 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
902 #endif
903
904 addr &= 7;
905
906 /* ignore writes to command block while busy with previous command */
907 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
908 return;
909
910 switch(addr) {
911 case 0:
912 break;
913 case 1:
914 ide_clear_hob(bus);
915 /* NOTE: data is written to the two drives */
916 bus->ifs[0].hob_feature = bus->ifs[0].feature;
917 bus->ifs[1].hob_feature = bus->ifs[1].feature;
918 bus->ifs[0].feature = val;
919 bus->ifs[1].feature = val;
920 break;
921 case 2:
922 ide_clear_hob(bus);
923 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
924 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
925 bus->ifs[0].nsector = val;
926 bus->ifs[1].nsector = val;
927 break;
928 case 3:
929 ide_clear_hob(bus);
930 bus->ifs[0].hob_sector = bus->ifs[0].sector;
931 bus->ifs[1].hob_sector = bus->ifs[1].sector;
932 bus->ifs[0].sector = val;
933 bus->ifs[1].sector = val;
934 break;
935 case 4:
936 ide_clear_hob(bus);
937 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
938 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
939 bus->ifs[0].lcyl = val;
940 bus->ifs[1].lcyl = val;
941 break;
942 case 5:
943 ide_clear_hob(bus);
944 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
945 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
946 bus->ifs[0].hcyl = val;
947 bus->ifs[1].hcyl = val;
948 break;
949 case 6:
950 /* FIXME: HOB readback uses bit 7 */
951 bus->ifs[0].select = (val & ~0x10) | 0xa0;
952 bus->ifs[1].select = (val | 0x10) | 0xa0;
953 /* select drive */
954 bus->unit = (val >> 4) & 1;
955 break;
956 default:
957 case 7:
958 /* command */
959 ide_exec_cmd(bus, val);
960 break;
961 }
962 }
963
964 #define HD_OK (1u << IDE_HD)
965 #define CD_OK (1u << IDE_CD)
966 #define CFA_OK (1u << IDE_CFATA)
967 #define HD_CFA_OK (HD_OK | CFA_OK)
968 #define ALL_OK (HD_OK | CD_OK | CFA_OK)
969
970 /* See ACS-2 T13/2015-D Table B.2 Command codes */
971 static const uint8_t ide_cmd_table[0x100] = {
972 /* NOP not implemented, mandatory for CD */
973 [CFA_REQ_EXT_ERROR_CODE] = CFA_OK,
974 [WIN_DSM] = ALL_OK,
975 [WIN_DEVICE_RESET] = CD_OK,
976 [WIN_RECAL] = HD_CFA_OK,
977 [WIN_READ] = ALL_OK,
978 [WIN_READ_ONCE] = ALL_OK,
979 [WIN_READ_EXT] = HD_CFA_OK,
980 [WIN_READDMA_EXT] = HD_CFA_OK,
981 [WIN_READ_NATIVE_MAX_EXT] = HD_CFA_OK,
982 [WIN_MULTREAD_EXT] = HD_CFA_OK,
983 [WIN_WRITE] = HD_CFA_OK,
984 [WIN_WRITE_ONCE] = HD_CFA_OK,
985 [WIN_WRITE_EXT] = HD_CFA_OK,
986 [WIN_WRITEDMA_EXT] = HD_CFA_OK,
987 [CFA_WRITE_SECT_WO_ERASE] = CFA_OK,
988 [WIN_MULTWRITE_EXT] = HD_CFA_OK,
989 [WIN_WRITE_VERIFY] = HD_CFA_OK,
990 [WIN_VERIFY] = HD_CFA_OK,
991 [WIN_VERIFY_ONCE] = HD_CFA_OK,
992 [WIN_VERIFY_EXT] = HD_CFA_OK,
993 [WIN_SEEK] = HD_CFA_OK,
994 [CFA_TRANSLATE_SECTOR] = CFA_OK,
995 [WIN_DIAGNOSE] = ALL_OK,
996 [WIN_SPECIFY] = HD_CFA_OK,
997 [WIN_STANDBYNOW2] = ALL_OK,
998 [WIN_IDLEIMMEDIATE2] = ALL_OK,
999 [WIN_STANDBY2] = ALL_OK,
1000 [WIN_SETIDLE2] = ALL_OK,
1001 [WIN_CHECKPOWERMODE2] = ALL_OK,
1002 [WIN_SLEEPNOW2] = ALL_OK,
1003 [WIN_PACKETCMD] = CD_OK,
1004 [WIN_PIDENTIFY] = CD_OK,
1005 [WIN_SMART] = HD_CFA_OK,
1006 [CFA_ACCESS_METADATA_STORAGE] = CFA_OK,
1007 [CFA_ERASE_SECTORS] = CFA_OK,
1008 [WIN_MULTREAD] = HD_CFA_OK,
1009 [WIN_MULTWRITE] = HD_CFA_OK,
1010 [WIN_SETMULT] = HD_CFA_OK,
1011 [WIN_READDMA] = HD_CFA_OK,
1012 [WIN_READDMA_ONCE] = HD_CFA_OK,
1013 [WIN_WRITEDMA] = HD_CFA_OK,
1014 [WIN_WRITEDMA_ONCE] = HD_CFA_OK,
1015 [CFA_WRITE_MULTI_WO_ERASE] = CFA_OK,
1016 [WIN_STANDBYNOW1] = ALL_OK,
1017 [WIN_IDLEIMMEDIATE] = ALL_OK,
1018 [WIN_STANDBY] = ALL_OK,
1019 [WIN_SETIDLE1] = ALL_OK,
1020 [WIN_CHECKPOWERMODE1] = ALL_OK,
1021 [WIN_SLEEPNOW1] = ALL_OK,
1022 [WIN_FLUSH_CACHE] = ALL_OK,
1023 [WIN_FLUSH_CACHE_EXT] = HD_CFA_OK,
1024 [WIN_IDENTIFY] = ALL_OK,
1025 [WIN_SETFEATURES] = ALL_OK,
1026 [IBM_SENSE_CONDITION] = CFA_OK,
1027 [CFA_WEAR_LEVEL] = HD_CFA_OK,
1028 [WIN_READ_NATIVE_MAX] = ALL_OK,
1029 };
1030
1031 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd)
1032 {
1033 return cmd < ARRAY_SIZE(ide_cmd_table)
1034 && (ide_cmd_table[cmd] & (1u << s->drive_kind));
1035 }
1036
1037 void ide_exec_cmd(IDEBus *bus, uint32_t val)
1038 {
1039 uint16_t *identify_data;
1040 IDEState *s;
1041 int n;
1042 int lba48 = 0;
1043
1044 #if defined(DEBUG_IDE)
1045 printf("ide: CMD=%02x\n", val);
1046 #endif
1047 s = idebus_active_if(bus);
1048 /* ignore commands to non existent slave */
1049 if (s != bus->ifs && !s->bs)
1050 return;
1051
1052 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1053 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1054 return;
1055
1056 if (!ide_cmd_permitted(s, val)) {
1057 goto abort_cmd;
1058 }
1059
1060 switch(val) {
1061 case WIN_DSM:
1062 switch (s->feature) {
1063 case DSM_TRIM:
1064 if (!s->bs) {
1065 goto abort_cmd;
1066 }
1067 ide_sector_start_dma(s, IDE_DMA_TRIM);
1068 break;
1069 default:
1070 goto abort_cmd;
1071 }
1072 break;
1073 case WIN_IDENTIFY:
1074 if (s->bs && s->drive_kind != IDE_CD) {
1075 if (s->drive_kind != IDE_CFATA)
1076 ide_identify(s);
1077 else
1078 ide_cfata_identify(s);
1079 s->status = READY_STAT | SEEK_STAT;
1080 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1081 } else {
1082 if (s->drive_kind == IDE_CD) {
1083 ide_set_signature(s);
1084 }
1085 ide_abort_command(s);
1086 }
1087 ide_set_irq(s->bus);
1088 break;
1089 case WIN_SPECIFY:
1090 case WIN_RECAL:
1091 s->error = 0;
1092 s->status = READY_STAT | SEEK_STAT;
1093 ide_set_irq(s->bus);
1094 break;
1095 case WIN_SETMULT:
1096 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1097 /* Disable Read and Write Multiple */
1098 s->mult_sectors = 0;
1099 s->status = READY_STAT | SEEK_STAT;
1100 } else if ((s->nsector & 0xff) != 0 &&
1101 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1102 (s->nsector & (s->nsector - 1)) != 0)) {
1103 ide_abort_command(s);
1104 } else {
1105 s->mult_sectors = s->nsector & 0xff;
1106 s->status = READY_STAT | SEEK_STAT;
1107 }
1108 ide_set_irq(s->bus);
1109 break;
1110 case WIN_VERIFY_EXT:
1111 lba48 = 1;
1112 case WIN_VERIFY:
1113 case WIN_VERIFY_ONCE:
1114 /* do sector number check ? */
1115 ide_cmd_lba48_transform(s, lba48);
1116 s->status = READY_STAT | SEEK_STAT;
1117 ide_set_irq(s->bus);
1118 break;
1119 case WIN_READ_EXT:
1120 lba48 = 1;
1121 case WIN_READ:
1122 case WIN_READ_ONCE:
1123 if (s->drive_kind == IDE_CD) {
1124 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
1125 goto abort_cmd;
1126 }
1127 if (!s->bs) {
1128 goto abort_cmd;
1129 }
1130 ide_cmd_lba48_transform(s, lba48);
1131 s->req_nb_sectors = 1;
1132 ide_sector_read(s);
1133 break;
1134 case WIN_WRITE_EXT:
1135 lba48 = 1;
1136 case WIN_WRITE:
1137 case WIN_WRITE_ONCE:
1138 case CFA_WRITE_SECT_WO_ERASE:
1139 case WIN_WRITE_VERIFY:
1140 if (!s->bs) {
1141 goto abort_cmd;
1142 }
1143 ide_cmd_lba48_transform(s, lba48);
1144 s->error = 0;
1145 s->status = SEEK_STAT | READY_STAT;
1146 s->req_nb_sectors = 1;
1147 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1148 s->media_changed = 1;
1149 break;
1150 case WIN_MULTREAD_EXT:
1151 lba48 = 1;
1152 case WIN_MULTREAD:
1153 if (!s->bs) {
1154 goto abort_cmd;
1155 }
1156 if (!s->mult_sectors) {
1157 goto abort_cmd;
1158 }
1159 ide_cmd_lba48_transform(s, lba48);
1160 s->req_nb_sectors = s->mult_sectors;
1161 ide_sector_read(s);
1162 break;
1163 case WIN_MULTWRITE_EXT:
1164 lba48 = 1;
1165 case WIN_MULTWRITE:
1166 case CFA_WRITE_MULTI_WO_ERASE:
1167 if (!s->bs) {
1168 goto abort_cmd;
1169 }
1170 if (!s->mult_sectors) {
1171 goto abort_cmd;
1172 }
1173 ide_cmd_lba48_transform(s, lba48);
1174 s->error = 0;
1175 s->status = SEEK_STAT | READY_STAT;
1176 s->req_nb_sectors = s->mult_sectors;
1177 n = s->nsector;
1178 if (n > s->req_nb_sectors)
1179 n = s->req_nb_sectors;
1180 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1181 s->media_changed = 1;
1182 break;
1183 case WIN_READDMA_EXT:
1184 lba48 = 1;
1185 case WIN_READDMA:
1186 case WIN_READDMA_ONCE:
1187 if (!s->bs) {
1188 goto abort_cmd;
1189 }
1190 ide_cmd_lba48_transform(s, lba48);
1191 ide_sector_start_dma(s, IDE_DMA_READ);
1192 break;
1193 case WIN_WRITEDMA_EXT:
1194 lba48 = 1;
1195 case WIN_WRITEDMA:
1196 case WIN_WRITEDMA_ONCE:
1197 if (!s->bs) {
1198 goto abort_cmd;
1199 }
1200 ide_cmd_lba48_transform(s, lba48);
1201 ide_sector_start_dma(s, IDE_DMA_WRITE);
1202 s->media_changed = 1;
1203 break;
1204 case WIN_READ_NATIVE_MAX_EXT:
1205 lba48 = 1;
1206 case WIN_READ_NATIVE_MAX:
1207 ide_cmd_lba48_transform(s, lba48);
1208 ide_set_sector(s, s->nb_sectors - 1);
1209 s->status = READY_STAT | SEEK_STAT;
1210 ide_set_irq(s->bus);
1211 break;
1212 case WIN_CHECKPOWERMODE1:
1213 case WIN_CHECKPOWERMODE2:
1214 s->error = 0;
1215 s->nsector = 0xff; /* device active or idle */
1216 s->status = READY_STAT | SEEK_STAT;
1217 ide_set_irq(s->bus);
1218 break;
1219 case WIN_SETFEATURES:
1220 if (!s->bs)
1221 goto abort_cmd;
1222 /* XXX: valid for CDROM ? */
1223 switch(s->feature) {
1224 case 0x02: /* write cache enable */
1225 bdrv_set_enable_write_cache(s->bs, true);
1226 identify_data = (uint16_t *)s->identify_data;
1227 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1);
1228 s->status = READY_STAT | SEEK_STAT;
1229 ide_set_irq(s->bus);
1230 break;
1231 case 0x82: /* write cache disable */
1232 bdrv_set_enable_write_cache(s->bs, false);
1233 identify_data = (uint16_t *)s->identify_data;
1234 put_le16(identify_data + 85, (1 << 14) | 1);
1235 ide_flush_cache(s);
1236 break;
1237 case 0xcc: /* reverting to power-on defaults enable */
1238 case 0x66: /* reverting to power-on defaults disable */
1239 case 0xaa: /* read look-ahead enable */
1240 case 0x55: /* read look-ahead disable */
1241 case 0x05: /* set advanced power management mode */
1242 case 0x85: /* disable advanced power management mode */
1243 case 0x69: /* NOP */
1244 case 0x67: /* NOP */
1245 case 0x96: /* NOP */
1246 case 0x9a: /* NOP */
1247 case 0x42: /* enable Automatic Acoustic Mode */
1248 case 0xc2: /* disable Automatic Acoustic Mode */
1249 s->status = READY_STAT | SEEK_STAT;
1250 ide_set_irq(s->bus);
1251 break;
1252 case 0x03: { /* set transfer mode */
1253 uint8_t val = s->nsector & 0x07;
1254 identify_data = (uint16_t *)s->identify_data;
1255
1256 switch (s->nsector >> 3) {
1257 case 0x00: /* pio default */
1258 case 0x01: /* pio mode */
1259 put_le16(identify_data + 62,0x07);
1260 put_le16(identify_data + 63,0x07);
1261 put_le16(identify_data + 88,0x3f);
1262 break;
1263 case 0x02: /* sigle word dma mode*/
1264 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1265 put_le16(identify_data + 63,0x07);
1266 put_le16(identify_data + 88,0x3f);
1267 break;
1268 case 0x04: /* mdma mode */
1269 put_le16(identify_data + 62,0x07);
1270 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1271 put_le16(identify_data + 88,0x3f);
1272 break;
1273 case 0x08: /* udma mode */
1274 put_le16(identify_data + 62,0x07);
1275 put_le16(identify_data + 63,0x07);
1276 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
1277 break;
1278 default:
1279 goto abort_cmd;
1280 }
1281 s->status = READY_STAT | SEEK_STAT;
1282 ide_set_irq(s->bus);
1283 break;
1284 }
1285 default:
1286 goto abort_cmd;
1287 }
1288 break;
1289 case WIN_FLUSH_CACHE:
1290 case WIN_FLUSH_CACHE_EXT:
1291 ide_flush_cache(s);
1292 break;
1293 case WIN_STANDBY:
1294 case WIN_STANDBY2:
1295 case WIN_STANDBYNOW1:
1296 case WIN_STANDBYNOW2:
1297 case WIN_IDLEIMMEDIATE:
1298 case WIN_IDLEIMMEDIATE2:
1299 case WIN_SETIDLE1:
1300 case WIN_SETIDLE2:
1301 case WIN_SLEEPNOW1:
1302 case WIN_SLEEPNOW2:
1303 s->status = READY_STAT;
1304 ide_set_irq(s->bus);
1305 break;
1306 case WIN_SEEK:
1307 /* XXX: Check that seek is within bounds */
1308 s->status = READY_STAT | SEEK_STAT;
1309 ide_set_irq(s->bus);
1310 break;
1311 /* ATAPI commands */
1312 case WIN_PIDENTIFY:
1313 ide_atapi_identify(s);
1314 s->status = READY_STAT | SEEK_STAT;
1315 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1316 ide_set_irq(s->bus);
1317 break;
1318 case WIN_DIAGNOSE:
1319 ide_set_signature(s);
1320 if (s->drive_kind == IDE_CD)
1321 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
1322 * devices to return a clear status register
1323 * with READY_STAT *not* set. */
1324 else
1325 s->status = READY_STAT | SEEK_STAT;
1326 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
1327 * present.
1328 */
1329 ide_set_irq(s->bus);
1330 break;
1331 case WIN_DEVICE_RESET:
1332 ide_set_signature(s);
1333 s->status = 0x00; /* NOTE: READY is _not_ set */
1334 s->error = 0x01;
1335 break;
1336 case WIN_PACKETCMD:
1337 /* overlapping commands not supported */
1338 if (s->feature & 0x02)
1339 goto abort_cmd;
1340 s->status = READY_STAT | SEEK_STAT;
1341 s->atapi_dma = s->feature & 1;
1342 s->nsector = 1;
1343 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1344 ide_atapi_cmd);
1345 break;
1346 /* CF-ATA commands */
1347 case CFA_REQ_EXT_ERROR_CODE:
1348 s->error = 0x09; /* miscellaneous error */
1349 s->status = READY_STAT | SEEK_STAT;
1350 ide_set_irq(s->bus);
1351 break;
1352 case CFA_ERASE_SECTORS:
1353 case CFA_WEAR_LEVEL:
1354 #if 0
1355 /* This one has the same ID as CFA_WEAR_LEVEL and is required for
1356 Windows 8 to work with AHCI */
1357 case WIN_SECURITY_FREEZE_LOCK:
1358 #endif
1359 if (val == CFA_WEAR_LEVEL)
1360 s->nsector = 0;
1361 if (val == CFA_ERASE_SECTORS)
1362 s->media_changed = 1;
1363 s->error = 0x00;
1364 s->status = READY_STAT | SEEK_STAT;
1365 ide_set_irq(s->bus);
1366 break;
1367 case CFA_TRANSLATE_SECTOR:
1368 s->error = 0x00;
1369 s->status = READY_STAT | SEEK_STAT;
1370 memset(s->io_buffer, 0, 0x200);
1371 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
1372 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
1373 s->io_buffer[0x02] = s->select; /* Head */
1374 s->io_buffer[0x03] = s->sector; /* Sector */
1375 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
1376 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
1377 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
1378 s->io_buffer[0x13] = 0x00; /* Erase flag */
1379 s->io_buffer[0x18] = 0x00; /* Hot count */
1380 s->io_buffer[0x19] = 0x00; /* Hot count */
1381 s->io_buffer[0x1a] = 0x01; /* Hot count */
1382 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1383 ide_set_irq(s->bus);
1384 break;
1385 case CFA_ACCESS_METADATA_STORAGE:
1386 switch (s->feature) {
1387 case 0x02: /* Inquiry Metadata Storage */
1388 ide_cfata_metadata_inquiry(s);
1389 break;
1390 case 0x03: /* Read Metadata Storage */
1391 ide_cfata_metadata_read(s);
1392 break;
1393 case 0x04: /* Write Metadata Storage */
1394 ide_cfata_metadata_write(s);
1395 break;
1396 default:
1397 goto abort_cmd;
1398 }
1399 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1400 s->status = 0x00; /* NOTE: READY is _not_ set */
1401 ide_set_irq(s->bus);
1402 break;
1403 case IBM_SENSE_CONDITION:
1404 switch (s->feature) {
1405 case 0x01: /* sense temperature in device */
1406 s->nsector = 0x50; /* +20 C */
1407 break;
1408 default:
1409 goto abort_cmd;
1410 }
1411 s->status = READY_STAT | SEEK_STAT;
1412 ide_set_irq(s->bus);
1413 break;
1414
1415 case WIN_SMART:
1416 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
1417 goto abort_cmd;
1418 if (!s->smart_enabled && s->feature != SMART_ENABLE)
1419 goto abort_cmd;
1420 switch (s->feature) {
1421 case SMART_DISABLE:
1422 s->smart_enabled = 0;
1423 s->status = READY_STAT | SEEK_STAT;
1424 ide_set_irq(s->bus);
1425 break;
1426 case SMART_ENABLE:
1427 s->smart_enabled = 1;
1428 s->status = READY_STAT | SEEK_STAT;
1429 ide_set_irq(s->bus);
1430 break;
1431 case SMART_ATTR_AUTOSAVE:
1432 switch (s->sector) {
1433 case 0x00:
1434 s->smart_autosave = 0;
1435 break;
1436 case 0xf1:
1437 s->smart_autosave = 1;
1438 break;
1439 default:
1440 goto abort_cmd;
1441 }
1442 s->status = READY_STAT | SEEK_STAT;
1443 ide_set_irq(s->bus);
1444 break;
1445 case SMART_STATUS:
1446 if (!s->smart_errors) {
1447 s->hcyl = 0xc2;
1448 s->lcyl = 0x4f;
1449 } else {
1450 s->hcyl = 0x2c;
1451 s->lcyl = 0xf4;
1452 }
1453 s->status = READY_STAT | SEEK_STAT;
1454 ide_set_irq(s->bus);
1455 break;
1456 case SMART_READ_THRESH:
1457 memset(s->io_buffer, 0, 0x200);
1458 s->io_buffer[0] = 0x01; /* smart struct version */
1459 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1460 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
1461 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11];
1462 }
1463 for (n=0; n<511; n++) /* checksum */
1464 s->io_buffer[511] += s->io_buffer[n];
1465 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1466 s->status = READY_STAT | SEEK_STAT;
1467 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1468 ide_set_irq(s->bus);
1469 break;
1470 case SMART_READ_DATA:
1471 memset(s->io_buffer, 0, 0x200);
1472 s->io_buffer[0] = 0x01; /* smart struct version */
1473 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1474 int i;
1475 for(i = 0; i < 11; i++) {
1476 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i];
1477 }
1478 }
1479 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
1480 if (s->smart_selftest_count == 0) {
1481 s->io_buffer[363] = 0;
1482 } else {
1483 s->io_buffer[363] =
1484 s->smart_selftest_data[3 +
1485 (s->smart_selftest_count - 1) *
1486 24];
1487 }
1488 s->io_buffer[364] = 0x20;
1489 s->io_buffer[365] = 0x01;
1490 /* offline data collection capacity: execute + self-test*/
1491 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
1492 s->io_buffer[368] = 0x03; /* smart capability (1) */
1493 s->io_buffer[369] = 0x00; /* smart capability (2) */
1494 s->io_buffer[370] = 0x01; /* error logging supported */
1495 s->io_buffer[372] = 0x02; /* minutes for poll short test */
1496 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
1497 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
1498
1499 for (n=0; n<511; n++)
1500 s->io_buffer[511] += s->io_buffer[n];
1501 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1502 s->status = READY_STAT | SEEK_STAT;
1503 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1504 ide_set_irq(s->bus);
1505 break;
1506 case SMART_READ_LOG:
1507 switch (s->sector) {
1508 case 0x01: /* summary smart error log */
1509 memset(s->io_buffer, 0, 0x200);
1510 s->io_buffer[0] = 0x01;
1511 s->io_buffer[1] = 0x00; /* no error entries */
1512 s->io_buffer[452] = s->smart_errors & 0xff;
1513 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
1514
1515 for (n=0; n<511; n++)
1516 s->io_buffer[511] += s->io_buffer[n];
1517 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1518 break;
1519 case 0x06: /* smart self test log */
1520 memset(s->io_buffer, 0, 0x200);
1521 s->io_buffer[0] = 0x01;
1522 if (s->smart_selftest_count == 0) {
1523 s->io_buffer[508] = 0;
1524 } else {
1525 s->io_buffer[508] = s->smart_selftest_count;
1526 for (n=2; n<506; n++)
1527 s->io_buffer[n] = s->smart_selftest_data[n];
1528 }
1529 for (n=0; n<511; n++)
1530 s->io_buffer[511] += s->io_buffer[n];
1531 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1532 break;
1533 default:
1534 goto abort_cmd;
1535 }
1536 s->status = READY_STAT | SEEK_STAT;
1537 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1538 ide_set_irq(s->bus);
1539 break;
1540 case SMART_EXECUTE_OFFLINE:
1541 switch (s->sector) {
1542 case 0: /* off-line routine */
1543 case 1: /* short self test */
1544 case 2: /* extended self test */
1545 s->smart_selftest_count++;
1546 if(s->smart_selftest_count > 21)
1547 s->smart_selftest_count = 0;
1548 n = 2 + (s->smart_selftest_count - 1) * 24;
1549 s->smart_selftest_data[n] = s->sector;
1550 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
1551 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
1552 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
1553 s->status = READY_STAT | SEEK_STAT;
1554 ide_set_irq(s->bus);
1555 break;
1556 default:
1557 goto abort_cmd;
1558 }
1559 break;
1560 default:
1561 goto abort_cmd;
1562 }
1563 break;
1564 default:
1565 /* should not be reachable */
1566 abort_cmd:
1567 ide_abort_command(s);
1568 ide_set_irq(s->bus);
1569 break;
1570 }
1571 }
1572
1573 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1574 {
1575 IDEBus *bus = opaque;
1576 IDEState *s = idebus_active_if(bus);
1577 uint32_t addr;
1578 int ret, hob;
1579
1580 addr = addr1 & 7;
1581 /* FIXME: HOB readback uses bit 7, but it's always set right now */
1582 //hob = s->select & (1 << 7);
1583 hob = 0;
1584 switch(addr) {
1585 case 0:
1586 ret = 0xff;
1587 break;
1588 case 1:
1589 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1590 (s != bus->ifs && !s->bs))
1591 ret = 0;
1592 else if (!hob)
1593 ret = s->error;
1594 else
1595 ret = s->hob_feature;
1596 break;
1597 case 2:
1598 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1599 ret = 0;
1600 else if (!hob)
1601 ret = s->nsector & 0xff;
1602 else
1603 ret = s->hob_nsector;
1604 break;
1605 case 3:
1606 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1607 ret = 0;
1608 else if (!hob)
1609 ret = s->sector;
1610 else
1611 ret = s->hob_sector;
1612 break;
1613 case 4:
1614 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1615 ret = 0;
1616 else if (!hob)
1617 ret = s->lcyl;
1618 else
1619 ret = s->hob_lcyl;
1620 break;
1621 case 5:
1622 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1623 ret = 0;
1624 else if (!hob)
1625 ret = s->hcyl;
1626 else
1627 ret = s->hob_hcyl;
1628 break;
1629 case 6:
1630 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1631 ret = 0;
1632 else
1633 ret = s->select;
1634 break;
1635 default:
1636 case 7:
1637 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1638 (s != bus->ifs && !s->bs))
1639 ret = 0;
1640 else
1641 ret = s->status;
1642 qemu_irq_lower(bus->irq);
1643 break;
1644 }
1645 #ifdef DEBUG_IDE
1646 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1647 #endif
1648 return ret;
1649 }
1650
1651 uint32_t ide_status_read(void *opaque, uint32_t addr)
1652 {
1653 IDEBus *bus = opaque;
1654 IDEState *s = idebus_active_if(bus);
1655 int ret;
1656
1657 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1658 (s != bus->ifs && !s->bs))
1659 ret = 0;
1660 else
1661 ret = s->status;
1662 #ifdef DEBUG_IDE
1663 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1664 #endif
1665 return ret;
1666 }
1667
1668 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1669 {
1670 IDEBus *bus = opaque;
1671 IDEState *s;
1672 int i;
1673
1674 #ifdef DEBUG_IDE
1675 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1676 #endif
1677 /* common for both drives */
1678 if (!(bus->cmd & IDE_CMD_RESET) &&
1679 (val & IDE_CMD_RESET)) {
1680 /* reset low to high */
1681 for(i = 0;i < 2; i++) {
1682 s = &bus->ifs[i];
1683 s->status = BUSY_STAT | SEEK_STAT;
1684 s->error = 0x01;
1685 }
1686 } else if ((bus->cmd & IDE_CMD_RESET) &&
1687 !(val & IDE_CMD_RESET)) {
1688 /* high to low */
1689 for(i = 0;i < 2; i++) {
1690 s = &bus->ifs[i];
1691 if (s->drive_kind == IDE_CD)
1692 s->status = 0x00; /* NOTE: READY is _not_ set */
1693 else
1694 s->status = READY_STAT | SEEK_STAT;
1695 ide_set_signature(s);
1696 }
1697 }
1698
1699 bus->cmd = val;
1700 }
1701
1702 /*
1703 * Returns true if the running PIO transfer is a PIO out (i.e. data is
1704 * transferred from the device to the guest), false if it's a PIO in
1705 */
1706 static bool ide_is_pio_out(IDEState *s)
1707 {
1708 if (s->end_transfer_func == ide_sector_write ||
1709 s->end_transfer_func == ide_atapi_cmd) {
1710 return false;
1711 } else if (s->end_transfer_func == ide_sector_read ||
1712 s->end_transfer_func == ide_transfer_stop ||
1713 s->end_transfer_func == ide_atapi_cmd_reply_end ||
1714 s->end_transfer_func == ide_dummy_transfer_stop) {
1715 return true;
1716 }
1717
1718 abort();
1719 }
1720
1721 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1722 {
1723 IDEBus *bus = opaque;
1724 IDEState *s = idebus_active_if(bus);
1725 uint8_t *p;
1726
1727 /* PIO data access allowed only when DRQ bit is set. The result of a write
1728 * during PIO out is indeterminate, just ignore it. */
1729 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
1730 return;
1731 }
1732
1733 p = s->data_ptr;
1734 *(uint16_t *)p = le16_to_cpu(val);
1735 p += 2;
1736 s->data_ptr = p;
1737 if (p >= s->data_end)
1738 s->end_transfer_func(s);
1739 }
1740
1741 uint32_t ide_data_readw(void *opaque, uint32_t addr)
1742 {
1743 IDEBus *bus = opaque;
1744 IDEState *s = idebus_active_if(bus);
1745 uint8_t *p;
1746 int ret;
1747
1748 /* PIO data access allowed only when DRQ bit is set. The result of a read
1749 * during PIO in is indeterminate, return 0 and don't move forward. */
1750 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1751 return 0;
1752 }
1753
1754 p = s->data_ptr;
1755 ret = cpu_to_le16(*(uint16_t *)p);
1756 p += 2;
1757 s->data_ptr = p;
1758 if (p >= s->data_end)
1759 s->end_transfer_func(s);
1760 return ret;
1761 }
1762
1763 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1764 {
1765 IDEBus *bus = opaque;
1766 IDEState *s = idebus_active_if(bus);
1767 uint8_t *p;
1768
1769 /* PIO data access allowed only when DRQ bit is set. The result of a write
1770 * during PIO out is indeterminate, just ignore it. */
1771 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
1772 return;
1773 }
1774
1775 p = s->data_ptr;
1776 *(uint32_t *)p = le32_to_cpu(val);
1777 p += 4;
1778 s->data_ptr = p;
1779 if (p >= s->data_end)
1780 s->end_transfer_func(s);
1781 }
1782
1783 uint32_t ide_data_readl(void *opaque, uint32_t addr)
1784 {
1785 IDEBus *bus = opaque;
1786 IDEState *s = idebus_active_if(bus);
1787 uint8_t *p;
1788 int ret;
1789
1790 /* PIO data access allowed only when DRQ bit is set. The result of a read
1791 * during PIO in is indeterminate, return 0 and don't move forward. */
1792 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1793 return 0;
1794 }
1795
1796 p = s->data_ptr;
1797 ret = cpu_to_le32(*(uint32_t *)p);
1798 p += 4;
1799 s->data_ptr = p;
1800 if (p >= s->data_end)
1801 s->end_transfer_func(s);
1802 return ret;
1803 }
1804
1805 static void ide_dummy_transfer_stop(IDEState *s)
1806 {
1807 s->data_ptr = s->io_buffer;
1808 s->data_end = s->io_buffer;
1809 s->io_buffer[0] = 0xff;
1810 s->io_buffer[1] = 0xff;
1811 s->io_buffer[2] = 0xff;
1812 s->io_buffer[3] = 0xff;
1813 }
1814
1815 static void ide_reset(IDEState *s)
1816 {
1817 #ifdef DEBUG_IDE
1818 printf("ide: reset\n");
1819 #endif
1820
1821 if (s->pio_aiocb) {
1822 bdrv_aio_cancel(s->pio_aiocb);
1823 s->pio_aiocb = NULL;
1824 }
1825
1826 if (s->drive_kind == IDE_CFATA)
1827 s->mult_sectors = 0;
1828 else
1829 s->mult_sectors = MAX_MULT_SECTORS;
1830 /* ide regs */
1831 s->feature = 0;
1832 s->error = 0;
1833 s->nsector = 0;
1834 s->sector = 0;
1835 s->lcyl = 0;
1836 s->hcyl = 0;
1837
1838 /* lba48 */
1839 s->hob_feature = 0;
1840 s->hob_sector = 0;
1841 s->hob_nsector = 0;
1842 s->hob_lcyl = 0;
1843 s->hob_hcyl = 0;
1844
1845 s->select = 0xa0;
1846 s->status = READY_STAT | SEEK_STAT;
1847
1848 s->lba48 = 0;
1849
1850 /* ATAPI specific */
1851 s->sense_key = 0;
1852 s->asc = 0;
1853 s->cdrom_changed = 0;
1854 s->packet_transfer_size = 0;
1855 s->elementary_transfer_size = 0;
1856 s->io_buffer_index = 0;
1857 s->cd_sector_size = 0;
1858 s->atapi_dma = 0;
1859 /* ATA DMA state */
1860 s->io_buffer_size = 0;
1861 s->req_nb_sectors = 0;
1862
1863 ide_set_signature(s);
1864 /* init the transfer handler so that 0xffff is returned on data
1865 accesses */
1866 s->end_transfer_func = ide_dummy_transfer_stop;
1867 ide_dummy_transfer_stop(s);
1868 s->media_changed = 0;
1869 }
1870
1871 void ide_bus_reset(IDEBus *bus)
1872 {
1873 bus->unit = 0;
1874 bus->cmd = 0;
1875 ide_reset(&bus->ifs[0]);
1876 ide_reset(&bus->ifs[1]);
1877 ide_clear_hob(bus);
1878
1879 /* pending async DMA */
1880 if (bus->dma->aiocb) {
1881 #ifdef DEBUG_AIO
1882 printf("aio_cancel\n");
1883 #endif
1884 bdrv_aio_cancel(bus->dma->aiocb);
1885 bus->dma->aiocb = NULL;
1886 }
1887
1888 /* reset dma provider too */
1889 bus->dma->ops->reset(bus->dma);
1890 }
1891
1892 static bool ide_cd_is_tray_open(void *opaque)
1893 {
1894 return ((IDEState *)opaque)->tray_open;
1895 }
1896
1897 static bool ide_cd_is_medium_locked(void *opaque)
1898 {
1899 return ((IDEState *)opaque)->tray_locked;
1900 }
1901
1902 static const BlockDevOps ide_cd_block_ops = {
1903 .change_media_cb = ide_cd_change_cb,
1904 .eject_request_cb = ide_cd_eject_request_cb,
1905 .is_tray_open = ide_cd_is_tray_open,
1906 .is_medium_locked = ide_cd_is_medium_locked,
1907 };
1908
1909 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind,
1910 const char *version, const char *serial, const char *model,
1911 uint64_t wwn,
1912 uint32_t cylinders, uint32_t heads, uint32_t secs,
1913 int chs_trans)
1914 {
1915 uint64_t nb_sectors;
1916
1917 s->bs = bs;
1918 s->drive_kind = kind;
1919
1920 bdrv_get_geometry(bs, &nb_sectors);
1921 s->cylinders = cylinders;
1922 s->heads = heads;
1923 s->sectors = secs;
1924 s->chs_trans = chs_trans;
1925 s->nb_sectors = nb_sectors;
1926 s->wwn = wwn;
1927 /* The SMART values should be preserved across power cycles
1928 but they aren't. */
1929 s->smart_enabled = 1;
1930 s->smart_autosave = 1;
1931 s->smart_errors = 0;
1932 s->smart_selftest_count = 0;
1933 if (kind == IDE_CD) {
1934 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s);
1935 bdrv_set_buffer_alignment(bs, 2048);
1936 } else {
1937 if (!bdrv_is_inserted(s->bs)) {
1938 error_report("Device needs media, but drive is empty");
1939 return -1;
1940 }
1941 if (bdrv_is_read_only(bs)) {
1942 error_report("Can't use a read-only drive");
1943 return -1;
1944 }
1945 }
1946 if (serial) {
1947 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial);
1948 } else {
1949 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
1950 "QM%05d", s->drive_serial);
1951 }
1952 if (model) {
1953 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model);
1954 } else {
1955 switch (kind) {
1956 case IDE_CD:
1957 strcpy(s->drive_model_str, "QEMU DVD-ROM");
1958 break;
1959 case IDE_CFATA:
1960 strcpy(s->drive_model_str, "QEMU MICRODRIVE");
1961 break;
1962 default:
1963 strcpy(s->drive_model_str, "QEMU HARDDISK");
1964 break;
1965 }
1966 }
1967
1968 if (version) {
1969 pstrcpy(s->version, sizeof(s->version), version);
1970 } else {
1971 pstrcpy(s->version, sizeof(s->version), qemu_get_version());
1972 }
1973
1974 ide_reset(s);
1975 bdrv_iostatus_enable(bs);
1976 return 0;
1977 }
1978
1979 static void ide_init1(IDEBus *bus, int unit)
1980 {
1981 static int drive_serial = 1;
1982 IDEState *s = &bus->ifs[unit];
1983
1984 s->bus = bus;
1985 s->unit = unit;
1986 s->drive_serial = drive_serial++;
1987 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
1988 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
1989 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len);
1990 memset(s->io_buffer, 0, s->io_buffer_total_len);
1991
1992 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
1993 memset(s->smart_selftest_data, 0, 512);
1994
1995 s->sector_write_timer = qemu_new_timer_ns(vm_clock,
1996 ide_sector_write_timer_cb, s);
1997 }
1998
1999 static void ide_nop_start(IDEDMA *dma, IDEState *s,
2000 BlockDriverCompletionFunc *cb)
2001 {
2002 }
2003
2004 static int ide_nop(IDEDMA *dma)
2005 {
2006 return 0;
2007 }
2008
2009 static int ide_nop_int(IDEDMA *dma, int x)
2010 {
2011 return 0;
2012 }
2013
2014 static void ide_nop_restart(void *opaque, int x, RunState y)
2015 {
2016 }
2017
2018 static const IDEDMAOps ide_dma_nop_ops = {
2019 .start_dma = ide_nop_start,
2020 .start_transfer = ide_nop,
2021 .prepare_buf = ide_nop_int,
2022 .rw_buf = ide_nop_int,
2023 .set_unit = ide_nop_int,
2024 .add_status = ide_nop_int,
2025 .set_inactive = ide_nop,
2026 .restart_cb = ide_nop_restart,
2027 .reset = ide_nop,
2028 };
2029
2030 static IDEDMA ide_dma_nop = {
2031 .ops = &ide_dma_nop_ops,
2032 .aiocb = NULL,
2033 };
2034
2035 void ide_init2(IDEBus *bus, qemu_irq irq)
2036 {
2037 int i;
2038
2039 for(i = 0; i < 2; i++) {
2040 ide_init1(bus, i);
2041 ide_reset(&bus->ifs[i]);
2042 }
2043 bus->irq = irq;
2044 bus->dma = &ide_dma_nop;
2045 }
2046
2047 /* TODO convert users to qdev and remove */
2048 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2049 DriveInfo *hd1, qemu_irq irq)
2050 {
2051 int i, trans;
2052 DriveInfo *dinfo;
2053 uint32_t cyls, heads, secs;
2054
2055 for(i = 0; i < 2; i++) {
2056 dinfo = i == 0 ? hd0 : hd1;
2057 ide_init1(bus, i);
2058 if (dinfo) {
2059 cyls = dinfo->cyls;
2060 heads = dinfo->heads;
2061 secs = dinfo->secs;
2062 trans = dinfo->trans;
2063 if (!cyls && !heads && !secs) {
2064 hd_geometry_guess(dinfo->bdrv, &cyls, &heads, &secs, &trans);
2065 } else if (trans == BIOS_ATA_TRANSLATION_AUTO) {
2066 trans = hd_bios_chs_auto_trans(cyls, heads, secs);
2067 }
2068 if (cyls < 1 || cyls > 65535) {
2069 error_report("cyls must be between 1 and 65535");
2070 exit(1);
2071 }
2072 if (heads < 1 || heads > 16) {
2073 error_report("heads must be between 1 and 16");
2074 exit(1);
2075 }
2076 if (secs < 1 || secs > 255) {
2077 error_report("secs must be between 1 and 255");
2078 exit(1);
2079 }
2080 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv,
2081 dinfo->media_cd ? IDE_CD : IDE_HD,
2082 NULL, dinfo->serial, NULL, 0,
2083 cyls, heads, secs, trans) < 0) {
2084 error_report("Can't set up IDE drive %s", dinfo->id);
2085 exit(1);
2086 }
2087 bdrv_attach_dev_nofail(dinfo->bdrv, &bus->ifs[i]);
2088 } else {
2089 ide_reset(&bus->ifs[i]);
2090 }
2091 }
2092 bus->irq = irq;
2093 bus->dma = &ide_dma_nop;
2094 }
2095
2096 static const MemoryRegionPortio ide_portio_list[] = {
2097 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write },
2098 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew },
2099 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel },
2100 PORTIO_END_OF_LIST(),
2101 };
2102
2103 static const MemoryRegionPortio ide_portio2_list[] = {
2104 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write },
2105 PORTIO_END_OF_LIST(),
2106 };
2107
2108 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2)
2109 {
2110 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA
2111 bridge has been setup properly to always register with ISA. */
2112 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide");
2113
2114 if (iobase2) {
2115 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide");
2116 }
2117 }
2118
2119 static bool is_identify_set(void *opaque, int version_id)
2120 {
2121 IDEState *s = opaque;
2122
2123 return s->identify_set != 0;
2124 }
2125
2126 static EndTransferFunc* transfer_end_table[] = {
2127 ide_sector_read,
2128 ide_sector_write,
2129 ide_transfer_stop,
2130 ide_atapi_cmd_reply_end,
2131 ide_atapi_cmd,
2132 ide_dummy_transfer_stop,
2133 };
2134
2135 static int transfer_end_table_idx(EndTransferFunc *fn)
2136 {
2137 int i;
2138
2139 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2140 if (transfer_end_table[i] == fn)
2141 return i;
2142
2143 return -1;
2144 }
2145
2146 static int ide_drive_post_load(void *opaque, int version_id)
2147 {
2148 IDEState *s = opaque;
2149
2150 if (version_id < 3) {
2151 if (s->sense_key == UNIT_ATTENTION &&
2152 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2153 s->cdrom_changed = 1;
2154 }
2155 }
2156 if (s->identify_set) {
2157 bdrv_set_enable_write_cache(s->bs, !!(s->identify_data[85] & (1 << 5)));
2158 }
2159 return 0;
2160 }
2161
2162 static int ide_drive_pio_post_load(void *opaque, int version_id)
2163 {
2164 IDEState *s = opaque;
2165
2166 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
2167 return -EINVAL;
2168 }
2169 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2170 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2171 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2172
2173 return 0;
2174 }
2175
2176 static void ide_drive_pio_pre_save(void *opaque)
2177 {
2178 IDEState *s = opaque;
2179 int idx;
2180
2181 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2182 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2183
2184 idx = transfer_end_table_idx(s->end_transfer_func);
2185 if (idx == -1) {
2186 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2187 __func__);
2188 s->end_transfer_fn_idx = 2;
2189 } else {
2190 s->end_transfer_fn_idx = idx;
2191 }
2192 }
2193
2194 static bool ide_drive_pio_state_needed(void *opaque)
2195 {
2196 IDEState *s = opaque;
2197
2198 return ((s->status & DRQ_STAT) != 0)
2199 || (s->bus->error_status & BM_STATUS_PIO_RETRY);
2200 }
2201
2202 static bool ide_tray_state_needed(void *opaque)
2203 {
2204 IDEState *s = opaque;
2205
2206 return s->tray_open || s->tray_locked;
2207 }
2208
2209 static bool ide_atapi_gesn_needed(void *opaque)
2210 {
2211 IDEState *s = opaque;
2212
2213 return s->events.new_media || s->events.eject_request;
2214 }
2215
2216 static bool ide_error_needed(void *opaque)
2217 {
2218 IDEBus *bus = opaque;
2219
2220 return (bus->error_status != 0);
2221 }
2222
2223 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */
2224 static const VMStateDescription vmstate_ide_atapi_gesn_state = {
2225 .name ="ide_drive/atapi/gesn_state",
2226 .version_id = 1,
2227 .minimum_version_id = 1,
2228 .minimum_version_id_old = 1,
2229 .fields = (VMStateField []) {
2230 VMSTATE_BOOL(events.new_media, IDEState),
2231 VMSTATE_BOOL(events.eject_request, IDEState),
2232 VMSTATE_END_OF_LIST()
2233 }
2234 };
2235
2236 static const VMStateDescription vmstate_ide_tray_state = {
2237 .name = "ide_drive/tray_state",
2238 .version_id = 1,
2239 .minimum_version_id = 1,
2240 .minimum_version_id_old = 1,
2241 .fields = (VMStateField[]) {
2242 VMSTATE_BOOL(tray_open, IDEState),
2243 VMSTATE_BOOL(tray_locked, IDEState),
2244 VMSTATE_END_OF_LIST()
2245 }
2246 };
2247
2248 static const VMStateDescription vmstate_ide_drive_pio_state = {
2249 .name = "ide_drive/pio_state",
2250 .version_id = 1,
2251 .minimum_version_id = 1,
2252 .minimum_version_id_old = 1,
2253 .pre_save = ide_drive_pio_pre_save,
2254 .post_load = ide_drive_pio_post_load,
2255 .fields = (VMStateField []) {
2256 VMSTATE_INT32(req_nb_sectors, IDEState),
2257 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2258 vmstate_info_uint8, uint8_t),
2259 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2260 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2261 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2262 VMSTATE_INT32(elementary_transfer_size, IDEState),
2263 VMSTATE_INT32(packet_transfer_size, IDEState),
2264 VMSTATE_END_OF_LIST()
2265 }
2266 };
2267
2268 const VMStateDescription vmstate_ide_drive = {
2269 .name = "ide_drive",
2270 .version_id = 3,
2271 .minimum_version_id = 0,
2272 .minimum_version_id_old = 0,
2273 .post_load = ide_drive_post_load,
2274 .fields = (VMStateField []) {
2275 VMSTATE_INT32(mult_sectors, IDEState),
2276 VMSTATE_INT32(identify_set, IDEState),
2277 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2278 VMSTATE_UINT8(feature, IDEState),
2279 VMSTATE_UINT8(error, IDEState),
2280 VMSTATE_UINT32(nsector, IDEState),
2281 VMSTATE_UINT8(sector, IDEState),
2282 VMSTATE_UINT8(lcyl, IDEState),
2283 VMSTATE_UINT8(hcyl, IDEState),
2284 VMSTATE_UINT8(hob_feature, IDEState),
2285 VMSTATE_UINT8(hob_sector, IDEState),
2286 VMSTATE_UINT8(hob_nsector, IDEState),
2287 VMSTATE_UINT8(hob_lcyl, IDEState),
2288 VMSTATE_UINT8(hob_hcyl, IDEState),
2289 VMSTATE_UINT8(select, IDEState),
2290 VMSTATE_UINT8(status, IDEState),
2291 VMSTATE_UINT8(lba48, IDEState),
2292 VMSTATE_UINT8(sense_key, IDEState),
2293 VMSTATE_UINT8(asc, IDEState),
2294 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2295 VMSTATE_END_OF_LIST()
2296 },
2297 .subsections = (VMStateSubsection []) {
2298 {
2299 .vmsd = &vmstate_ide_drive_pio_state,
2300 .needed = ide_drive_pio_state_needed,
2301 }, {
2302 .vmsd = &vmstate_ide_tray_state,
2303 .needed = ide_tray_state_needed,
2304 }, {
2305 .vmsd = &vmstate_ide_atapi_gesn_state,
2306 .needed = ide_atapi_gesn_needed,
2307 }, {
2308 /* empty */
2309 }
2310 }
2311 };
2312
2313 static const VMStateDescription vmstate_ide_error_status = {
2314 .name ="ide_bus/error",
2315 .version_id = 1,
2316 .minimum_version_id = 1,
2317 .minimum_version_id_old = 1,
2318 .fields = (VMStateField []) {
2319 VMSTATE_INT32(error_status, IDEBus),
2320 VMSTATE_END_OF_LIST()
2321 }
2322 };
2323
2324 const VMStateDescription vmstate_ide_bus = {
2325 .name = "ide_bus",
2326 .version_id = 1,
2327 .minimum_version_id = 1,
2328 .minimum_version_id_old = 1,
2329 .fields = (VMStateField []) {
2330 VMSTATE_UINT8(cmd, IDEBus),
2331 VMSTATE_UINT8(unit, IDEBus),
2332 VMSTATE_END_OF_LIST()
2333 },
2334 .subsections = (VMStateSubsection []) {
2335 {
2336 .vmsd = &vmstate_ide_error_status,
2337 .needed = ide_error_needed,
2338 }, {
2339 /* empty */
2340 }
2341 }
2342 };
2343
2344 void ide_drive_get(DriveInfo **hd, int max_bus)
2345 {
2346 int i;
2347
2348 if (drive_get_max_bus(IF_IDE) >= max_bus) {
2349 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus);
2350 exit(1);
2351 }
2352
2353 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) {
2354 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS);
2355 }
2356 }
Various patches