search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
pci: Remove pci_enable_capability_support()
[qemu-kvm/stefanha.git] / hw / ide / core.c
blob484e0ca96fe4e26635930e9566e44d5f73879769
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi.h>
29 #include "qemu-error.h"
30 #include "qemu-timer.h"
31 #include "sysemu.h"
32 #include "dma.h"
33 #include "blockdev.h"
34
35 #include <hw/ide/internal.h>
36
37 #define IDE_PAGE_SIZE 4096
38
39 static const int smart_attributes[][5] = {
40 /* id, flags, val, wrst, thrsh */
41 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
42 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
43 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
44 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
45 { 0x00, 0x00, 0x00, 0x00, 0x00}
46 };
47
48 /* XXX: DVDs that could fit on a CD will be reported as a CD */
49 static inline int media_present(IDEState *s)
50 {
51 return (s->nb_sectors > 0);
52 }
53
54 static inline int media_is_dvd(IDEState *s)
55 {
56 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
57 }
58
59 static inline int media_is_cd(IDEState *s)
60 {
61 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
62 }
63
64 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
65 static void ide_dma_restart(IDEState *s, int is_read);
66 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
67 static int ide_handle_rw_error(IDEState *s, int error, int op);
68 static void ide_flush_cache(IDEState *s);
69
70 static void padstr(char *str, const char *src, int len)
71 {
72 int i, v;
73 for(i = 0; i < len; i++) {
74 if (*src)
75 v = *src++;
76 else
77 v = ' ';
78 str[i^1] = v;
79 }
80 }
81
82 static void padstr8(uint8_t *buf, int buf_size, const char *src)
83 {
84 int i;
85 for(i = 0; i < buf_size; i++) {
86 if (*src)
87 buf[i] = *src++;
88 else
89 buf[i] = ' ';
90 }
91 }
92
93 static void put_le16(uint16_t *p, unsigned int v)
94 {
95 *p = cpu_to_le16(v);
96 }
97
98 static void ide_identify(IDEState *s)
99 {
100 uint16_t *p;
101 unsigned int oldsize;
102 IDEDevice *dev;
103
104 if (s->identify_set) {
105 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
106 return;
107 }
108
109 memset(s->io_buffer, 0, 512);
110 p = (uint16_t *)s->io_buffer;
111 put_le16(p + 0, 0x0040);
112 put_le16(p + 1, s->cylinders);
113 put_le16(p + 3, s->heads);
114 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
115 put_le16(p + 5, 512); /* XXX: retired, remove ? */
116 put_le16(p + 6, s->sectors);
117 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
118 put_le16(p + 20, 3); /* XXX: retired, remove ? */
119 put_le16(p + 21, 512); /* cache size in sectors */
120 put_le16(p + 22, 4); /* ecc bytes */
121 padstr((char *)(p + 23), s->version, 8); /* firmware version */
122 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
123 #if MAX_MULT_SECTORS > 1
124 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
125 #endif
126 put_le16(p + 48, 1); /* dword I/O */
127 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
128 put_le16(p + 51, 0x200); /* PIO transfer cycle */
129 put_le16(p + 52, 0x200); /* DMA transfer cycle */
130 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
131 put_le16(p + 54, s->cylinders);
132 put_le16(p + 55, s->heads);
133 put_le16(p + 56, s->sectors);
134 oldsize = s->cylinders * s->heads * s->sectors;
135 put_le16(p + 57, oldsize);
136 put_le16(p + 58, oldsize >> 16);
137 if (s->mult_sectors)
138 put_le16(p + 59, 0x100 | s->mult_sectors);
139 put_le16(p + 60, s->nb_sectors);
140 put_le16(p + 61, s->nb_sectors >> 16);
141 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
142 put_le16(p + 63, 0x07); /* mdma0-2 supported */
143 put_le16(p + 64, 0x03); /* pio3-4 supported */
144 put_le16(p + 65, 120);
145 put_le16(p + 66, 120);
146 put_le16(p + 67, 120);
147 put_le16(p + 68, 120);
148 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
149 put_le16(p + 81, 0x16); /* conforms to ata5 */
150 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
151 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
152 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
153 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
154 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
155 put_le16(p + 84, (1 << 14) | 0);
156 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
157 if (bdrv_enable_write_cache(s->bs))
158 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
159 else
160 put_le16(p + 85, (1 << 14) | 1);
161 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
162 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
163 /* 14=set to 1, 1=smart self test, 0=smart error logging */
164 put_le16(p + 87, (1 << 14) | 0);
165 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
166 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
167 put_le16(p + 100, s->nb_sectors);
168 put_le16(p + 101, s->nb_sectors >> 16);
169 put_le16(p + 102, s->nb_sectors >> 32);
170 put_le16(p + 103, s->nb_sectors >> 48);
171 dev = s->unit ? s->bus->slave : s->bus->master;
172 if (dev && dev->conf.physical_block_size)
173 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
174
175 memcpy(s->identify_data, p, sizeof(s->identify_data));
176 s->identify_set = 1;
177 }
178
179 static void ide_atapi_identify(IDEState *s)
180 {
181 uint16_t *p;
182
183 if (s->identify_set) {
184 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
185 return;
186 }
187
188 memset(s->io_buffer, 0, 512);
189 p = (uint16_t *)s->io_buffer;
190 /* Removable CDROM, 50us response, 12 byte packets */
191 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
192 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
193 put_le16(p + 20, 3); /* buffer type */
194 put_le16(p + 21, 512); /* cache size in sectors */
195 put_le16(p + 22, 4); /* ecc bytes */
196 padstr((char *)(p + 23), s->version, 8); /* firmware version */
197 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
198 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
199 #ifdef USE_DMA_CDROM
200 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
201 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
202 put_le16(p + 62, 7); /* single word dma0-2 supported */
203 put_le16(p + 63, 7); /* mdma0-2 supported */
204 #else
205 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
206 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
207 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
208 #endif
209 put_le16(p + 64, 3); /* pio3-4 supported */
210 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
211 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
212 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
213 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
214
215 put_le16(p + 71, 30); /* in ns */
216 put_le16(p + 72, 30); /* in ns */
217
218 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
219 #ifdef USE_DMA_CDROM
220 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
221 #endif
222 memcpy(s->identify_data, p, sizeof(s->identify_data));
223 s->identify_set = 1;
224 }
225
226 static void ide_cfata_identify(IDEState *s)
227 {
228 uint16_t *p;
229 uint32_t cur_sec;
230
231 p = (uint16_t *) s->identify_data;
232 if (s->identify_set)
233 goto fill_buffer;
234
235 memset(p, 0, sizeof(s->identify_data));
236
237 cur_sec = s->cylinders * s->heads * s->sectors;
238
239 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
240 put_le16(p + 1, s->cylinders); /* Default cylinders */
241 put_le16(p + 3, s->heads); /* Default heads */
242 put_le16(p + 6, s->sectors); /* Default sectors per track */
243 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
244 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
245 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
246 put_le16(p + 22, 0x0004); /* ECC bytes */
247 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
248 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
249 #if MAX_MULT_SECTORS > 1
250 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
251 #else
252 put_le16(p + 47, 0x0000);
253 #endif
254 put_le16(p + 49, 0x0f00); /* Capabilities */
255 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
256 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
257 put_le16(p + 53, 0x0003); /* Translation params valid */
258 put_le16(p + 54, s->cylinders); /* Current cylinders */
259 put_le16(p + 55, s->heads); /* Current heads */
260 put_le16(p + 56, s->sectors); /* Current sectors */
261 put_le16(p + 57, cur_sec); /* Current capacity */
262 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
263 if (s->mult_sectors) /* Multiple sector setting */
264 put_le16(p + 59, 0x100 | s->mult_sectors);
265 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
266 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
267 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
268 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
269 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
270 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
271 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
272 put_le16(p + 82, 0x400c); /* Command Set supported */
273 put_le16(p + 83, 0x7068); /* Command Set supported */
274 put_le16(p + 84, 0x4000); /* Features supported */
275 put_le16(p + 85, 0x000c); /* Command Set enabled */
276 put_le16(p + 86, 0x7044); /* Command Set enabled */
277 put_le16(p + 87, 0x4000); /* Features enabled */
278 put_le16(p + 91, 0x4060); /* Current APM level */
279 put_le16(p + 129, 0x0002); /* Current features option */
280 put_le16(p + 130, 0x0005); /* Reassigned sectors */
281 put_le16(p + 131, 0x0001); /* Initial power mode */
282 put_le16(p + 132, 0x0000); /* User signature */
283 put_le16(p + 160, 0x8100); /* Power requirement */
284 put_le16(p + 161, 0x8001); /* CF command set */
285
286 s->identify_set = 1;
287
288 fill_buffer:
289 memcpy(s->io_buffer, p, sizeof(s->identify_data));
290 }
291
292 static void ide_set_signature(IDEState *s)
293 {
294 s->select &= 0xf0; /* clear head */
295 /* put signature */
296 s->nsector = 1;
297 s->sector = 1;
298 if (s->drive_kind == IDE_CD) {
299 s->lcyl = 0x14;
300 s->hcyl = 0xeb;
301 } else if (s->bs) {
302 s->lcyl = 0;
303 s->hcyl = 0;
304 } else {
305 s->lcyl = 0xff;
306 s->hcyl = 0xff;
307 }
308 }
309
310 static inline void ide_abort_command(IDEState *s)
311 {
312 s->status = READY_STAT | ERR_STAT;
313 s->error = ABRT_ERR;
314 }
315
316 static inline void ide_dma_submit_check(IDEState *s,
317 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
318 {
319 if (bm->aiocb)
320 return;
321 dma_cb(bm, -1);
322 }
323
324 /* prepare data transfer and tell what to do after */
325 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
326 EndTransferFunc *end_transfer_func)
327 {
328 s->end_transfer_func = end_transfer_func;
329 s->data_ptr = buf;
330 s->data_end = buf + size;
331 if (!(s->status & ERR_STAT))
332 s->status |= DRQ_STAT;
333 }
334
335 static void ide_transfer_stop(IDEState *s)
336 {
337 s->end_transfer_func = ide_transfer_stop;
338 s->data_ptr = s->io_buffer;
339 s->data_end = s->io_buffer;
340 s->status &= ~DRQ_STAT;
341 }
342
343 int64_t ide_get_sector(IDEState *s)
344 {
345 int64_t sector_num;
346 if (s->select & 0x40) {
347 /* lba */
348 if (!s->lba48) {
349 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
350 (s->lcyl << 8) | s->sector;
351 } else {
352 sector_num = ((int64_t)s->hob_hcyl << 40) |
353 ((int64_t) s->hob_lcyl << 32) |
354 ((int64_t) s->hob_sector << 24) |
355 ((int64_t) s->hcyl << 16) |
356 ((int64_t) s->lcyl << 8) | s->sector;
357 }
358 } else {
359 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
360 (s->select & 0x0f) * s->sectors + (s->sector - 1);
361 }
362 return sector_num;
363 }
364
365 void ide_set_sector(IDEState *s, int64_t sector_num)
366 {
367 unsigned int cyl, r;
368 if (s->select & 0x40) {
369 if (!s->lba48) {
370 s->select = (s->select & 0xf0) | (sector_num >> 24);
371 s->hcyl = (sector_num >> 16);
372 s->lcyl = (sector_num >> 8);
373 s->sector = (sector_num);
374 } else {
375 s->sector = sector_num;
376 s->lcyl = sector_num >> 8;
377 s->hcyl = sector_num >> 16;
378 s->hob_sector = sector_num >> 24;
379 s->hob_lcyl = sector_num >> 32;
380 s->hob_hcyl = sector_num >> 40;
381 }
382 } else {
383 cyl = sector_num / (s->heads * s->sectors);
384 r = sector_num % (s->heads * s->sectors);
385 s->hcyl = cyl >> 8;
386 s->lcyl = cyl;
387 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
388 s->sector = (r % s->sectors) + 1;
389 }
390 }
391
392 static void ide_rw_error(IDEState *s) {
393 ide_abort_command(s);
394 ide_set_irq(s->bus);
395 }
396
397 static void ide_sector_read(IDEState *s)
398 {
399 int64_t sector_num;
400 int ret, n;
401
402 s->status = READY_STAT | SEEK_STAT;
403 s->error = 0; /* not needed by IDE spec, but needed by Windows */
404 sector_num = ide_get_sector(s);
405 n = s->nsector;
406 if (n == 0) {
407 /* no more sector to read from disk */
408 ide_transfer_stop(s);
409 } else {
410 #if defined(DEBUG_IDE)
411 printf("read sector=%" PRId64 "\n", sector_num);
412 #endif
413 if (n > s->req_nb_sectors)
414 n = s->req_nb_sectors;
415 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
416 if (ret != 0) {
417 if (ide_handle_rw_error(s, -ret,
418 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
419 {
420 return;
421 }
422 }
423 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
424 ide_set_irq(s->bus);
425 ide_set_sector(s, sector_num + n);
426 s->nsector -= n;
427 }
428 }
429
430
431 /* return 0 if buffer completed */
432 static int dma_buf_prepare(BMDMAState *bm, int is_write)
433 {
434 IDEState *s = bmdma_active_if(bm);
435 struct {
436 uint32_t addr;
437 uint32_t size;
438 } prd;
439 int l, len;
440
441 qemu_sglist_init(&s->sg, s->nsector / (IDE_PAGE_SIZE / 512) + 1);
442 s->io_buffer_size = 0;
443 for(;;) {
444 if (bm->cur_prd_len == 0) {
445 /* end of table (with a fail safe of one page) */
446 if (bm->cur_prd_last ||
447 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
448 return s->io_buffer_size != 0;
449 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
450 bm->cur_addr += 8;
451 prd.addr = le32_to_cpu(prd.addr);
452 prd.size = le32_to_cpu(prd.size);
453 len = prd.size & 0xfffe;
454 if (len == 0)
455 len = 0x10000;
456 bm->cur_prd_len = len;
457 bm->cur_prd_addr = prd.addr;
458 bm->cur_prd_last = (prd.size & 0x80000000);
459 }
460 l = bm->cur_prd_len;
461 if (l > 0) {
462 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
463 bm->cur_prd_addr += l;
464 bm->cur_prd_len -= l;
465 s->io_buffer_size += l;
466 }
467 }
468 return 1;
469 }
470
471 static void dma_buf_commit(IDEState *s, int is_write)
472 {
473 qemu_sglist_destroy(&s->sg);
474 }
475
476 void ide_dma_error(IDEState *s)
477 {
478 ide_transfer_stop(s);
479 s->error = ABRT_ERR;
480 s->status = READY_STAT | ERR_STAT;
481 ide_set_irq(s->bus);
482 }
483
484 static int ide_handle_rw_error(IDEState *s, int error, int op)
485 {
486 int is_read = (op & BM_STATUS_RETRY_READ);
487 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
488
489 if (action == BLOCK_ERR_IGNORE) {
490 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
491 return 0;
492 }
493
494 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
495 || action == BLOCK_ERR_STOP_ANY) {
496 s->bus->bmdma->unit = s->unit;
497 s->bus->bmdma->status |= op;
498 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
499 vm_stop(0);
500 } else {
501 if (op & BM_STATUS_DMA_RETRY) {
502 dma_buf_commit(s, 0);
503 ide_dma_error(s);
504 } else {
505 ide_rw_error(s);
506 }
507 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
508 }
509
510 return 1;
511 }
512
513 /* return 0 if buffer completed */
514 static int dma_buf_rw(BMDMAState *bm, int is_write)
515 {
516 IDEState *s = bmdma_active_if(bm);
517 struct {
518 uint32_t addr;
519 uint32_t size;
520 } prd;
521 int l, len;
522
523 for(;;) {
524 l = s->io_buffer_size - s->io_buffer_index;
525 if (l <= 0)
526 break;
527 if (bm->cur_prd_len == 0) {
528 /* end of table (with a fail safe of one page) */
529 if (bm->cur_prd_last ||
530 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
531 return 0;
532 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
533 bm->cur_addr += 8;
534 prd.addr = le32_to_cpu(prd.addr);
535 prd.size = le32_to_cpu(prd.size);
536 len = prd.size & 0xfffe;
537 if (len == 0)
538 len = 0x10000;
539 bm->cur_prd_len = len;
540 bm->cur_prd_addr = prd.addr;
541 bm->cur_prd_last = (prd.size & 0x80000000);
542 }
543 if (l > bm->cur_prd_len)
544 l = bm->cur_prd_len;
545 if (l > 0) {
546 if (is_write) {
547 cpu_physical_memory_write(bm->cur_prd_addr,
548 s->io_buffer + s->io_buffer_index, l);
549 } else {
550 cpu_physical_memory_read(bm->cur_prd_addr,
551 s->io_buffer + s->io_buffer_index, l);
552 }
553 bm->cur_prd_addr += l;
554 bm->cur_prd_len -= l;
555 s->io_buffer_index += l;
556 }
557 }
558 return 1;
559 }
560
561 static void ide_read_dma_cb(void *opaque, int ret)
562 {
563 BMDMAState *bm = opaque;
564 IDEState *s = bmdma_active_if(bm);
565 int n;
566 int64_t sector_num;
567
568 if (ret < 0) {
569 if (ide_handle_rw_error(s, -ret,
570 BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ))
571 {
572 return;
573 }
574 }
575
576 n = s->io_buffer_size >> 9;
577 sector_num = ide_get_sector(s);
578 if (n > 0) {
579 dma_buf_commit(s, 1);
580 sector_num += n;
581 ide_set_sector(s, sector_num);
582 s->nsector -= n;
583 }
584
585 /* end of transfer ? */
586 if (s->nsector == 0) {
587 s->status = READY_STAT | SEEK_STAT;
588 ide_set_irq(s->bus);
589 eot:
590 bm->status &= ~BM_STATUS_DMAING;
591 bm->status |= BM_STATUS_INT;
592 bm->dma_cb = NULL;
593 bm->unit = -1;
594 bm->aiocb = NULL;
595 return;
596 }
597
598 /* launch next transfer */
599 n = s->nsector;
600 s->io_buffer_index = 0;
601 s->io_buffer_size = n * 512;
602 if (dma_buf_prepare(bm, 1) == 0)
603 goto eot;
604 #ifdef DEBUG_AIO
605 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
606 #endif
607 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
608 ide_dma_submit_check(s, ide_read_dma_cb, bm);
609 }
610
611 static void ide_sector_read_dma(IDEState *s)
612 {
613 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
614 s->io_buffer_index = 0;
615 s->io_buffer_size = 0;
616 s->is_read = 1;
617 ide_dma_start(s, ide_read_dma_cb);
618 }
619
620 static void ide_sector_write_timer_cb(void *opaque)
621 {
622 IDEState *s = opaque;
623 ide_set_irq(s->bus);
624 }
625
626 static void ide_sector_write(IDEState *s)
627 {
628 int64_t sector_num;
629 int ret, n, n1;
630
631 s->status = READY_STAT | SEEK_STAT;
632 sector_num = ide_get_sector(s);
633 #if defined(DEBUG_IDE)
634 printf("write sector=%" PRId64 "\n", sector_num);
635 #endif
636 n = s->nsector;
637 if (n > s->req_nb_sectors)
638 n = s->req_nb_sectors;
639 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
640
641 if (ret != 0) {
642 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
643 return;
644 }
645
646 s->nsector -= n;
647 if (s->nsector == 0) {
648 /* no more sectors to write */
649 ide_transfer_stop(s);
650 } else {
651 n1 = s->nsector;
652 if (n1 > s->req_nb_sectors)
653 n1 = s->req_nb_sectors;
654 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
655 }
656 ide_set_sector(s, sector_num + n);
657
658 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
659 /* It seems there is a bug in the Windows 2000 installer HDD
660 IDE driver which fills the disk with empty logs when the
661 IDE write IRQ comes too early. This hack tries to correct
662 that at the expense of slower write performances. Use this
663 option _only_ to install Windows 2000. You must disable it
664 for normal use. */
665 qemu_mod_timer(s->sector_write_timer,
666 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000));
667 } else {
668 ide_set_irq(s->bus);
669 }
670 }
671
672 static void ide_dma_restart_bh(void *opaque)
673 {
674 BMDMAState *bm = opaque;
675 int is_read;
676
677 qemu_bh_delete(bm->bh);
678 bm->bh = NULL;
679
680 is_read = !!(bm->status & BM_STATUS_RETRY_READ);
681
682 if (bm->status & BM_STATUS_DMA_RETRY) {
683 bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ);
684 ide_dma_restart(bmdma_active_if(bm), is_read);
685 } else if (bm->status & BM_STATUS_PIO_RETRY) {
686 bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ);
687 if (is_read) {
688 ide_sector_read(bmdma_active_if(bm));
689 } else {
690 ide_sector_write(bmdma_active_if(bm));
691 }
692 } else if (bm->status & BM_STATUS_RETRY_FLUSH) {
693 ide_flush_cache(bmdma_active_if(bm));
694 }
695 }
696
697 void ide_dma_restart_cb(void *opaque, int running, int reason)
698 {
699 BMDMAState *bm = opaque;
700
701 if (!running)
702 return;
703
704 if (!bm->bh) {
705 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
706 qemu_bh_schedule(bm->bh);
707 }
708 }
709
710 static void ide_write_dma_cb(void *opaque, int ret)
711 {
712 BMDMAState *bm = opaque;
713 IDEState *s = bmdma_active_if(bm);
714 int n;
715 int64_t sector_num;
716
717 if (ret < 0) {
718 if (ide_handle_rw_error(s, -ret, BM_STATUS_DMA_RETRY))
719 return;
720 }
721
722 n = s->io_buffer_size >> 9;
723 sector_num = ide_get_sector(s);
724 if (n > 0) {
725 dma_buf_commit(s, 0);
726 sector_num += n;
727 ide_set_sector(s, sector_num);
728 s->nsector -= n;
729 }
730
731 /* end of transfer ? */
732 if (s->nsector == 0) {
733 s->status = READY_STAT | SEEK_STAT;
734 ide_set_irq(s->bus);
735 eot:
736 bm->status &= ~BM_STATUS_DMAING;
737 bm->status |= BM_STATUS_INT;
738 bm->dma_cb = NULL;
739 bm->unit = -1;
740 bm->aiocb = NULL;
741 return;
742 }
743
744 n = s->nsector;
745 s->io_buffer_size = n * 512;
746 /* launch next transfer */
747 if (dma_buf_prepare(bm, 0) == 0)
748 goto eot;
749 #ifdef DEBUG_AIO
750 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
751 #endif
752 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
753 ide_dma_submit_check(s, ide_write_dma_cb, bm);
754 }
755
756 static void ide_sector_write_dma(IDEState *s)
757 {
758 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
759 s->io_buffer_index = 0;
760 s->io_buffer_size = 0;
761 s->is_read = 0;
762 ide_dma_start(s, ide_write_dma_cb);
763 }
764
765 void ide_atapi_cmd_ok(IDEState *s)
766 {
767 s->error = 0;
768 s->status = READY_STAT | SEEK_STAT;
769 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
770 ide_set_irq(s->bus);
771 }
772
773 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
774 {
775 #ifdef DEBUG_IDE_ATAPI
776 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
777 #endif
778 s->error = sense_key << 4;
779 s->status = READY_STAT | ERR_STAT;
780 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
781 s->sense_key = sense_key;
782 s->asc = asc;
783 ide_set_irq(s->bus);
784 }
785
786 static void ide_atapi_cmd_check_status(IDEState *s)
787 {
788 #ifdef DEBUG_IDE_ATAPI
789 printf("atapi_cmd_check_status\n");
790 #endif
791 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
792 s->status = ERR_STAT;
793 s->nsector = 0;
794 ide_set_irq(s->bus);
795 }
796
797 static void ide_flush_cb(void *opaque, int ret)
798 {
799 IDEState *s = opaque;
800
801 if (ret < 0) {
802 /* XXX: What sector number to set here? */
803 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
804 return;
805 }
806 }
807
808 s->status = READY_STAT | SEEK_STAT;
809 ide_set_irq(s->bus);
810 }
811
812 static void ide_flush_cache(IDEState *s)
813 {
814 BlockDriverAIOCB *acb;
815
816 if (s->bs == NULL) {
817 ide_flush_cb(s, 0);
818 return;
819 }
820
821 acb = bdrv_aio_flush(s->bs, ide_flush_cb, s);
822 if (acb == NULL) {
823 ide_flush_cb(s, -EIO);
824 }
825 }
826
827 static inline void cpu_to_ube16(uint8_t *buf, int val)
828 {
829 buf[0] = val >> 8;
830 buf[1] = val & 0xff;
831 }
832
833 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
834 {
835 buf[0] = val >> 24;
836 buf[1] = val >> 16;
837 buf[2] = val >> 8;
838 buf[3] = val & 0xff;
839 }
840
841 static inline int ube16_to_cpu(const uint8_t *buf)
842 {
843 return (buf[0] << 8) | buf[1];
844 }
845
846 static inline int ube32_to_cpu(const uint8_t *buf)
847 {
848 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
849 }
850
851 static void lba_to_msf(uint8_t *buf, int lba)
852 {
853 lba += 150;
854 buf[0] = (lba / 75) / 60;
855 buf[1] = (lba / 75) % 60;
856 buf[2] = lba % 75;
857 }
858
859 static void cd_data_to_raw(uint8_t *buf, int lba)
860 {
861 /* sync bytes */
862 buf[0] = 0x00;
863 memset(buf + 1, 0xff, 10);
864 buf[11] = 0x00;
865 buf += 12;
866 /* MSF */
867 lba_to_msf(buf, lba);
868 buf[3] = 0x01; /* mode 1 data */
869 buf += 4;
870 /* data */
871 buf += 2048;
872 /* XXX: ECC not computed */
873 memset(buf, 0, 288);
874 }
875
876 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
877 int sector_size)
878 {
879 int ret;
880
881 switch(sector_size) {
882 case 2048:
883 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
884 break;
885 case 2352:
886 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
887 if (ret < 0)
888 return ret;
889 cd_data_to_raw(buf, lba);
890 break;
891 default:
892 ret = -EIO;
893 break;
894 }
895 return ret;
896 }
897
898 void ide_atapi_io_error(IDEState *s, int ret)
899 {
900 /* XXX: handle more errors */
901 if (ret == -ENOMEDIUM) {
902 ide_atapi_cmd_error(s, SENSE_NOT_READY,
903 ASC_MEDIUM_NOT_PRESENT);
904 } else {
905 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
906 ASC_LOGICAL_BLOCK_OOR);
907 }
908 }
909
910 /* The whole ATAPI transfer logic is handled in this function */
911 static void ide_atapi_cmd_reply_end(IDEState *s)
912 {
913 int byte_count_limit, size, ret;
914 #ifdef DEBUG_IDE_ATAPI
915 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
916 s->packet_transfer_size,
917 s->elementary_transfer_size,
918 s->io_buffer_index);
919 #endif
920 if (s->packet_transfer_size <= 0) {
921 /* end of transfer */
922 ide_transfer_stop(s);
923 s->status = READY_STAT | SEEK_STAT;
924 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
925 ide_set_irq(s->bus);
926 #ifdef DEBUG_IDE_ATAPI
927 printf("status=0x%x\n", s->status);
928 #endif
929 } else {
930 /* see if a new sector must be read */
931 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
932 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
933 if (ret < 0) {
934 ide_transfer_stop(s);
935 ide_atapi_io_error(s, ret);
936 return;
937 }
938 s->lba++;
939 s->io_buffer_index = 0;
940 }
941 if (s->elementary_transfer_size > 0) {
942 /* there are some data left to transmit in this elementary
943 transfer */
944 size = s->cd_sector_size - s->io_buffer_index;
945 if (size > s->elementary_transfer_size)
946 size = s->elementary_transfer_size;
947 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
948 size, ide_atapi_cmd_reply_end);
949 s->packet_transfer_size -= size;
950 s->elementary_transfer_size -= size;
951 s->io_buffer_index += size;
952 } else {
953 /* a new transfer is needed */
954 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
955 byte_count_limit = s->lcyl | (s->hcyl << 8);
956 #ifdef DEBUG_IDE_ATAPI
957 printf("byte_count_limit=%d\n", byte_count_limit);
958 #endif
959 if (byte_count_limit == 0xffff)
960 byte_count_limit--;
961 size = s->packet_transfer_size;
962 if (size > byte_count_limit) {
963 /* byte count limit must be even if this case */
964 if (byte_count_limit & 1)
965 byte_count_limit--;
966 size = byte_count_limit;
967 }
968 s->lcyl = size;
969 s->hcyl = size >> 8;
970 s->elementary_transfer_size = size;
971 /* we cannot transmit more than one sector at a time */
972 if (s->lba != -1) {
973 if (size > (s->cd_sector_size - s->io_buffer_index))
974 size = (s->cd_sector_size - s->io_buffer_index);
975 }
976 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
977 size, ide_atapi_cmd_reply_end);
978 s->packet_transfer_size -= size;
979 s->elementary_transfer_size -= size;
980 s->io_buffer_index += size;
981 ide_set_irq(s->bus);
982 #ifdef DEBUG_IDE_ATAPI
983 printf("status=0x%x\n", s->status);
984 #endif
985 }
986 }
987 }
988
989 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
990 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
991 {
992 if (size > max_size)
993 size = max_size;
994 s->lba = -1; /* no sector read */
995 s->packet_transfer_size = size;
996 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
997 s->elementary_transfer_size = 0;
998 s->io_buffer_index = 0;
999
1000 if (s->atapi_dma) {
1001 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
1002 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1003 } else {
1004 s->status = READY_STAT | SEEK_STAT;
1005 ide_atapi_cmd_reply_end(s);
1006 }
1007 }
1008
1009 /* start a CD-CDROM read command */
1010 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1011 int sector_size)
1012 {
1013 s->lba = lba;
1014 s->packet_transfer_size = nb_sectors * sector_size;
1015 s->elementary_transfer_size = 0;
1016 s->io_buffer_index = sector_size;
1017 s->cd_sector_size = sector_size;
1018
1019 s->status = READY_STAT | SEEK_STAT;
1020 ide_atapi_cmd_reply_end(s);
1021 }
1022
1023 /* ATAPI DMA support */
1024
1025 /* XXX: handle read errors */
1026 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1027 {
1028 BMDMAState *bm = opaque;
1029 IDEState *s = bmdma_active_if(bm);
1030 int data_offset, n;
1031
1032 if (ret < 0) {
1033 ide_atapi_io_error(s, ret);
1034 goto eot;
1035 }
1036
1037 if (s->io_buffer_size > 0) {
1038 /*
1039 * For a cdrom read sector command (s->lba != -1),
1040 * adjust the lba for the next s->io_buffer_size chunk
1041 * and dma the current chunk.
1042 * For a command != read (s->lba == -1), just transfer
1043 * the reply data.
1044 */
1045 if (s->lba != -1) {
1046 if (s->cd_sector_size == 2352) {
1047 n = 1;
1048 cd_data_to_raw(s->io_buffer, s->lba);
1049 } else {
1050 n = s->io_buffer_size >> 11;
1051 }
1052 s->lba += n;
1053 }
1054 s->packet_transfer_size -= s->io_buffer_size;
1055 if (dma_buf_rw(bm, 1) == 0)
1056 goto eot;
1057 }
1058
1059 if (s->packet_transfer_size <= 0) {
1060 s->status = READY_STAT | SEEK_STAT;
1061 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1062 ide_set_irq(s->bus);
1063 eot:
1064 bm->status &= ~BM_STATUS_DMAING;
1065 bm->status |= BM_STATUS_INT;
1066 bm->dma_cb = NULL;
1067 bm->unit = -1;
1068 bm->aiocb = NULL;
1069 return;
1070 }
1071
1072 s->io_buffer_index = 0;
1073 if (s->cd_sector_size == 2352) {
1074 n = 1;
1075 s->io_buffer_size = s->cd_sector_size;
1076 data_offset = 16;
1077 } else {
1078 n = s->packet_transfer_size >> 11;
1079 if (n > (IDE_DMA_BUF_SECTORS / 4))
1080 n = (IDE_DMA_BUF_SECTORS / 4);
1081 s->io_buffer_size = n * 2048;
1082 data_offset = 0;
1083 }
1084 #ifdef DEBUG_AIO
1085 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1086 #endif
1087 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1088 bm->iov.iov_len = n * 4 * 512;
1089 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1090 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1091 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1092 if (!bm->aiocb) {
1093 /* Note: media not present is the most likely case */
1094 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1095 ASC_MEDIUM_NOT_PRESENT);
1096 goto eot;
1097 }
1098 }
1099
1100 /* start a CD-CDROM read command with DMA */
1101 /* XXX: test if DMA is available */
1102 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1103 int sector_size)
1104 {
1105 s->lba = lba;
1106 s->packet_transfer_size = nb_sectors * sector_size;
1107 s->io_buffer_index = 0;
1108 s->io_buffer_size = 0;
1109 s->cd_sector_size = sector_size;
1110
1111 /* XXX: check if BUSY_STAT should be set */
1112 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1113 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1114 }
1115
1116 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1117 int sector_size)
1118 {
1119 #ifdef DEBUG_IDE_ATAPI
1120 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1121 lba, nb_sectors);
1122 #endif
1123 if (s->atapi_dma) {
1124 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1125 } else {
1126 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1127 }
1128 }
1129
1130 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1131 uint16_t profile)
1132 {
1133 uint8_t *buf_profile = buf + 12; /* start of profiles */
1134
1135 buf_profile += ((*index) * 4); /* start of indexed profile */
1136 cpu_to_ube16 (buf_profile, profile);
1137 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1138
1139 /* each profile adds 4 bytes to the response */
1140 (*index)++;
1141 buf[11] += 4; /* Additional Length */
1142
1143 return 4;
1144 }
1145
1146 static int ide_dvd_read_structure(IDEState *s, int format,
1147 const uint8_t *packet, uint8_t *buf)
1148 {
1149 switch (format) {
1150 case 0x0: /* Physical format information */
1151 {
1152 int layer = packet[6];
1153 uint64_t total_sectors;
1154
1155 if (layer != 0)
1156 return -ASC_INV_FIELD_IN_CMD_PACKET;
1157
1158 bdrv_get_geometry(s->bs, &total_sectors);
1159 total_sectors >>= 2;
1160 if (total_sectors == 0)
1161 return -ASC_MEDIUM_NOT_PRESENT;
1162
1163 buf[4] = 1; /* DVD-ROM, part version 1 */
1164 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1165 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1166 buf[7] = 0; /* default densities */
1167
1168 /* FIXME: 0x30000 per spec? */
1169 cpu_to_ube32(buf + 8, 0); /* start sector */
1170 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1171 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1172
1173 /* Size of buffer, not including 2 byte size field */
1174 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1175
1176 /* 2k data + 4 byte header */
1177 return (2048 + 4);
1178 }
1179
1180 case 0x01: /* DVD copyright information */
1181 buf[4] = 0; /* no copyright data */
1182 buf[5] = 0; /* no region restrictions */
1183
1184 /* Size of buffer, not including 2 byte size field */
1185 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1186
1187 /* 4 byte header + 4 byte data */
1188 return (4 + 4);
1189
1190 case 0x03: /* BCA information - invalid field for no BCA info */
1191 return -ASC_INV_FIELD_IN_CMD_PACKET;
1192
1193 case 0x04: /* DVD disc manufacturing information */
1194 /* Size of buffer, not including 2 byte size field */
1195 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1196
1197 /* 2k data + 4 byte header */
1198 return (2048 + 4);
1199
1200 case 0xff:
1201 /*
1202 * This lists all the command capabilities above. Add new ones
1203 * in order and update the length and buffer return values.
1204 */
1205
1206 buf[4] = 0x00; /* Physical format */
1207 buf[5] = 0x40; /* Not writable, is readable */
1208 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1209
1210 buf[8] = 0x01; /* Copyright info */
1211 buf[9] = 0x40; /* Not writable, is readable */
1212 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1213
1214 buf[12] = 0x03; /* BCA info */
1215 buf[13] = 0x40; /* Not writable, is readable */
1216 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1217
1218 buf[16] = 0x04; /* Manufacturing info */
1219 buf[17] = 0x40; /* Not writable, is readable */
1220 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1221
1222 /* Size of buffer, not including 2 byte size field */
1223 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1224
1225 /* data written + 4 byte header */
1226 return (16 + 4);
1227
1228 default: /* TODO: formats beyond DVD-ROM requires */
1229 return -ASC_INV_FIELD_IN_CMD_PACKET;
1230 }
1231 }
1232
1233 static void ide_atapi_cmd(IDEState *s)
1234 {
1235 const uint8_t *packet;
1236 uint8_t *buf;
1237 int max_len;
1238
1239 packet = s->io_buffer;
1240 buf = s->io_buffer;
1241 #ifdef DEBUG_IDE_ATAPI
1242 {
1243 int i;
1244 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1245 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1246 printf(" %02x", packet[i]);
1247 }
1248 printf("\n");
1249 }
1250 #endif
1251 /* If there's a UNIT_ATTENTION condition pending, only
1252 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1253 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1254 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1255 s->io_buffer[0] != GPCMD_INQUIRY) {
1256 ide_atapi_cmd_check_status(s);
1257 return;
1258 }
1259 switch(s->io_buffer[0]) {
1260 case GPCMD_TEST_UNIT_READY:
1261 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1262 ide_atapi_cmd_ok(s);
1263 } else {
1264 s->cdrom_changed = 0;
1265 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1266 ASC_MEDIUM_NOT_PRESENT);
1267 }
1268 break;
1269 case GPCMD_MODE_SENSE_6:
1270 case GPCMD_MODE_SENSE_10:
1271 {
1272 int action, code;
1273 if (packet[0] == GPCMD_MODE_SENSE_10)
1274 max_len = ube16_to_cpu(packet + 7);
1275 else
1276 max_len = packet[4];
1277 action = packet[2] >> 6;
1278 code = packet[2] & 0x3f;
1279 switch(action) {
1280 case 0: /* current values */
1281 switch(code) {
1282 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1283 cpu_to_ube16(&buf[0], 16 + 6);
1284 buf[2] = 0x70;
1285 buf[3] = 0;
1286 buf[4] = 0;
1287 buf[5] = 0;
1288 buf[6] = 0;
1289 buf[7] = 0;
1290
1291 buf[8] = 0x01;
1292 buf[9] = 0x06;
1293 buf[10] = 0x00;
1294 buf[11] = 0x05;
1295 buf[12] = 0x00;
1296 buf[13] = 0x00;
1297 buf[14] = 0x00;
1298 buf[15] = 0x00;
1299 ide_atapi_cmd_reply(s, 16, max_len);
1300 break;
1301 case GPMODE_AUDIO_CTL_PAGE:
1302 cpu_to_ube16(&buf[0], 24 + 6);
1303 buf[2] = 0x70;
1304 buf[3] = 0;
1305 buf[4] = 0;
1306 buf[5] = 0;
1307 buf[6] = 0;
1308 buf[7] = 0;
1309
1310 /* Fill with CDROM audio volume */
1311 buf[17] = 0;
1312 buf[19] = 0;
1313 buf[21] = 0;
1314 buf[23] = 0;
1315
1316 ide_atapi_cmd_reply(s, 24, max_len);
1317 break;
1318 case GPMODE_CAPABILITIES_PAGE:
1319 cpu_to_ube16(&buf[0], 28 + 6);
1320 buf[2] = 0x70;
1321 buf[3] = 0;
1322 buf[4] = 0;
1323 buf[5] = 0;
1324 buf[6] = 0;
1325 buf[7] = 0;
1326
1327 buf[8] = 0x2a;
1328 buf[9] = 0x12;
1329 buf[10] = 0x00;
1330 buf[11] = 0x00;
1331
1332 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1333 code checks for this to automount media. */
1334 buf[12] = 0x71;
1335 buf[13] = 3 << 5;
1336 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1337 if (bdrv_is_locked(s->bs))
1338 buf[6] |= 1 << 1;
1339 buf[15] = 0x00;
1340 cpu_to_ube16(&buf[16], 706);
1341 buf[18] = 0;
1342 buf[19] = 2;
1343 cpu_to_ube16(&buf[20], 512);
1344 cpu_to_ube16(&buf[22], 706);
1345 buf[24] = 0;
1346 buf[25] = 0;
1347 buf[26] = 0;
1348 buf[27] = 0;
1349 ide_atapi_cmd_reply(s, 28, max_len);
1350 break;
1351 default:
1352 goto error_cmd;
1353 }
1354 break;
1355 case 1: /* changeable values */
1356 goto error_cmd;
1357 case 2: /* default values */
1358 goto error_cmd;
1359 default:
1360 case 3: /* saved values */
1361 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1362 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1363 break;
1364 }
1365 }
1366 break;
1367 case GPCMD_REQUEST_SENSE:
1368 max_len = packet[4];
1369 memset(buf, 0, 18);
1370 buf[0] = 0x70 | (1 << 7);
1371 buf[2] = s->sense_key;
1372 buf[7] = 10;
1373 buf[12] = s->asc;
1374 if (s->sense_key == SENSE_UNIT_ATTENTION)
1375 s->sense_key = SENSE_NONE;
1376 ide_atapi_cmd_reply(s, 18, max_len);
1377 break;
1378 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1379 if (bdrv_is_inserted(s->bs)) {
1380 bdrv_set_locked(s->bs, packet[4] & 1);
1381 ide_atapi_cmd_ok(s);
1382 } else {
1383 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1384 ASC_MEDIUM_NOT_PRESENT);
1385 }
1386 break;
1387 case GPCMD_READ_10:
1388 case GPCMD_READ_12:
1389 {
1390 int nb_sectors, lba;
1391
1392 if (packet[0] == GPCMD_READ_10)
1393 nb_sectors = ube16_to_cpu(packet + 7);
1394 else
1395 nb_sectors = ube32_to_cpu(packet + 6);
1396 lba = ube32_to_cpu(packet + 2);
1397 if (nb_sectors == 0) {
1398 ide_atapi_cmd_ok(s);
1399 break;
1400 }
1401 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1402 }
1403 break;
1404 case GPCMD_READ_CD:
1405 {
1406 int nb_sectors, lba, transfer_request;
1407
1408 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1409 lba = ube32_to_cpu(packet + 2);
1410 if (nb_sectors == 0) {
1411 ide_atapi_cmd_ok(s);
1412 break;
1413 }
1414 transfer_request = packet[9];
1415 switch(transfer_request & 0xf8) {
1416 case 0x00:
1417 /* nothing */
1418 ide_atapi_cmd_ok(s);
1419 break;
1420 case 0x10:
1421 /* normal read */
1422 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1423 break;
1424 case 0xf8:
1425 /* read all data */
1426 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1427 break;
1428 default:
1429 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1430 ASC_INV_FIELD_IN_CMD_PACKET);
1431 break;
1432 }
1433 }
1434 break;
1435 case GPCMD_SEEK:
1436 {
1437 unsigned int lba;
1438 uint64_t total_sectors;
1439
1440 bdrv_get_geometry(s->bs, &total_sectors);
1441 total_sectors >>= 2;
1442 if (total_sectors == 0) {
1443 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1444 ASC_MEDIUM_NOT_PRESENT);
1445 break;
1446 }
1447 lba = ube32_to_cpu(packet + 2);
1448 if (lba >= total_sectors) {
1449 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1450 ASC_LOGICAL_BLOCK_OOR);
1451 break;
1452 }
1453 ide_atapi_cmd_ok(s);
1454 }
1455 break;
1456 case GPCMD_START_STOP_UNIT:
1457 {
1458 int start, eject, err = 0;
1459 start = packet[4] & 1;
1460 eject = (packet[4] >> 1) & 1;
1461
1462 if (eject) {
1463 err = bdrv_eject(s->bs, !start);
1464 }
1465
1466 switch (err) {
1467 case 0:
1468 ide_atapi_cmd_ok(s);
1469 break;
1470 case -EBUSY:
1471 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1472 ASC_MEDIA_REMOVAL_PREVENTED);
1473 break;
1474 default:
1475 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1476 ASC_MEDIUM_NOT_PRESENT);
1477 break;
1478 }
1479 }
1480 break;
1481 case GPCMD_MECHANISM_STATUS:
1482 {
1483 max_len = ube16_to_cpu(packet + 8);
1484 cpu_to_ube16(buf, 0);
1485 /* no current LBA */
1486 buf[2] = 0;
1487 buf[3] = 0;
1488 buf[4] = 0;
1489 buf[5] = 1;
1490 cpu_to_ube16(buf + 6, 0);
1491 ide_atapi_cmd_reply(s, 8, max_len);
1492 }
1493 break;
1494 case GPCMD_READ_TOC_PMA_ATIP:
1495 {
1496 int format, msf, start_track, len;
1497 uint64_t total_sectors;
1498
1499 bdrv_get_geometry(s->bs, &total_sectors);
1500 total_sectors >>= 2;
1501 if (total_sectors == 0) {
1502 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1503 ASC_MEDIUM_NOT_PRESENT);
1504 break;
1505 }
1506 max_len = ube16_to_cpu(packet + 7);
1507 format = packet[9] >> 6;
1508 msf = (packet[1] >> 1) & 1;
1509 start_track = packet[6];
1510 switch(format) {
1511 case 0:
1512 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1513 if (len < 0)
1514 goto error_cmd;
1515 ide_atapi_cmd_reply(s, len, max_len);
1516 break;
1517 case 1:
1518 /* multi session : only a single session defined */
1519 memset(buf, 0, 12);
1520 buf[1] = 0x0a;
1521 buf[2] = 0x01;
1522 buf[3] = 0x01;
1523 ide_atapi_cmd_reply(s, 12, max_len);
1524 break;
1525 case 2:
1526 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1527 if (len < 0)
1528 goto error_cmd;
1529 ide_atapi_cmd_reply(s, len, max_len);
1530 break;
1531 default:
1532 error_cmd:
1533 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1534 ASC_INV_FIELD_IN_CMD_PACKET);
1535 break;
1536 }
1537 }
1538 break;
1539 case GPCMD_READ_CDVD_CAPACITY:
1540 {
1541 uint64_t total_sectors;
1542
1543 bdrv_get_geometry(s->bs, &total_sectors);
1544 total_sectors >>= 2;
1545 if (total_sectors == 0) {
1546 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1547 ASC_MEDIUM_NOT_PRESENT);
1548 break;
1549 }
1550 /* NOTE: it is really the number of sectors minus 1 */
1551 cpu_to_ube32(buf, total_sectors - 1);
1552 cpu_to_ube32(buf + 4, 2048);
1553 ide_atapi_cmd_reply(s, 8, 8);
1554 }
1555 break;
1556 case GPCMD_READ_DVD_STRUCTURE:
1557 {
1558 int media = packet[1];
1559 int format = packet[7];
1560 int ret;
1561
1562 max_len = ube16_to_cpu(packet + 8);
1563
1564 if (format < 0xff) {
1565 if (media_is_cd(s)) {
1566 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1567 ASC_INCOMPATIBLE_FORMAT);
1568 break;
1569 } else if (!media_present(s)) {
1570 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1571 ASC_INV_FIELD_IN_CMD_PACKET);
1572 break;
1573 }
1574 }
1575
1576 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1577 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1578
1579 switch (format) {
1580 case 0x00 ... 0x7f:
1581 case 0xff:
1582 if (media == 0) {
1583 ret = ide_dvd_read_structure(s, format, packet, buf);
1584
1585 if (ret < 0)
1586 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1587 else
1588 ide_atapi_cmd_reply(s, ret, max_len);
1589
1590 break;
1591 }
1592 /* TODO: BD support, fall through for now */
1593
1594 /* Generic disk structures */
1595 case 0x80: /* TODO: AACS volume identifier */
1596 case 0x81: /* TODO: AACS media serial number */
1597 case 0x82: /* TODO: AACS media identifier */
1598 case 0x83: /* TODO: AACS media key block */
1599 case 0x90: /* TODO: List of recognized format layers */
1600 case 0xc0: /* TODO: Write protection status */
1601 default:
1602 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1603 ASC_INV_FIELD_IN_CMD_PACKET);
1604 break;
1605 }
1606 }
1607 break;
1608 case GPCMD_SET_SPEED:
1609 ide_atapi_cmd_ok(s);
1610 break;
1611 case GPCMD_INQUIRY:
1612 max_len = packet[4];
1613 buf[0] = 0x05; /* CD-ROM */
1614 buf[1] = 0x80; /* removable */
1615 buf[2] = 0x00; /* ISO */
1616 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1617 buf[4] = 31; /* additional length */
1618 buf[5] = 0; /* reserved */
1619 buf[6] = 0; /* reserved */
1620 buf[7] = 0; /* reserved */
1621 padstr8(buf + 8, 8, "QEMU");
1622 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1623 padstr8(buf + 32, 4, s->version);
1624 ide_atapi_cmd_reply(s, 36, max_len);
1625 break;
1626 case GPCMD_GET_CONFIGURATION:
1627 {
1628 uint32_t len;
1629 uint8_t index = 0;
1630
1631 /* only feature 0 is supported */
1632 if (packet[2] != 0 || packet[3] != 0) {
1633 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1634 ASC_INV_FIELD_IN_CMD_PACKET);
1635 break;
1636 }
1637
1638 /* XXX: could result in alignment problems in some architectures */
1639 max_len = ube16_to_cpu(packet + 7);
1640
1641 /*
1642 * XXX: avoid overflow for io_buffer if max_len is bigger than
1643 * the size of that buffer (dimensioned to max number of
1644 * sectors to transfer at once)
1645 *
1646 * Only a problem if the feature/profiles grow.
1647 */
1648 if (max_len > 512) /* XXX: assume 1 sector */
1649 max_len = 512;
1650
1651 memset(buf, 0, max_len);
1652 /*
1653 * the number of sectors from the media tells us which profile
1654 * to use as current. 0 means there is no media
1655 */
1656 if (media_is_dvd(s))
1657 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1658 else if (media_is_cd(s))
1659 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1660
1661 buf[10] = 0x02 | 0x01; /* persistent and current */
1662 len = 12; /* headers: 8 + 4 */
1663 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1664 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1665 cpu_to_ube32(buf, len - 4); /* data length */
1666
1667 ide_atapi_cmd_reply(s, len, max_len);
1668 break;
1669 }
1670 case GPCMD_GET_EVENT_STATUS_NOTIFICATION:
1671 max_len = ube16_to_cpu(packet + 7);
1672
1673 if (packet[1] & 0x01) { /* polling */
1674 /* We don't support any event class (yet). */
1675 cpu_to_ube16(buf, 0x00); /* No event descriptor returned */
1676 buf[2] = 0x80; /* No Event Available (NEA) */
1677 buf[3] = 0x00; /* Empty supported event classes */
1678 ide_atapi_cmd_reply(s, 4, max_len);
1679 } else { /* asynchronous mode */
1680 /* Only polling is supported, asynchronous mode is not. */
1681 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1682 ASC_INV_FIELD_IN_CMD_PACKET);
1683 }
1684 break;
1685 default:
1686 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1687 ASC_ILLEGAL_OPCODE);
1688 break;
1689 }
1690 }
1691
1692 static void ide_cfata_metadata_inquiry(IDEState *s)
1693 {
1694 uint16_t *p;
1695 uint32_t spd;
1696
1697 p = (uint16_t *) s->io_buffer;
1698 memset(p, 0, 0x200);
1699 spd = ((s->mdata_size - 1) >> 9) + 1;
1700
1701 put_le16(p + 0, 0x0001); /* Data format revision */
1702 put_le16(p + 1, 0x0000); /* Media property: silicon */
1703 put_le16(p + 2, s->media_changed); /* Media status */
1704 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1705 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1706 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1707 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1708 }
1709
1710 static void ide_cfata_metadata_read(IDEState *s)
1711 {
1712 uint16_t *p;
1713
1714 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1715 s->status = ERR_STAT;
1716 s->error = ABRT_ERR;
1717 return;
1718 }
1719
1720 p = (uint16_t *) s->io_buffer;
1721 memset(p, 0, 0x200);
1722
1723 put_le16(p + 0, s->media_changed); /* Media status */
1724 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1725 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1726 s->nsector << 9), 0x200 - 2));
1727 }
1728
1729 static void ide_cfata_metadata_write(IDEState *s)
1730 {
1731 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1732 s->status = ERR_STAT;
1733 s->error = ABRT_ERR;
1734 return;
1735 }
1736
1737 s->media_changed = 0;
1738
1739 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1740 s->io_buffer + 2,
1741 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1742 s->nsector << 9), 0x200 - 2));
1743 }
1744
1745 /* called when the inserted state of the media has changed */
1746 static void cdrom_change_cb(void *opaque)
1747 {
1748 IDEState *s = opaque;
1749 uint64_t nb_sectors;
1750
1751 bdrv_get_geometry(s->bs, &nb_sectors);
1752 s->nb_sectors = nb_sectors;
1753
1754 s->sense_key = SENSE_UNIT_ATTENTION;
1755 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1756 s->cdrom_changed = 1;
1757 ide_set_irq(s->bus);
1758 }
1759
1760 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1761 {
1762 s->lba48 = lba48;
1763
1764 /* handle the 'magic' 0 nsector count conversion here. to avoid
1765 * fiddling with the rest of the read logic, we just store the
1766 * full sector count in ->nsector and ignore ->hob_nsector from now
1767 */
1768 if (!s->lba48) {
1769 if (!s->nsector)
1770 s->nsector = 256;
1771 } else {
1772 if (!s->nsector && !s->hob_nsector)
1773 s->nsector = 65536;
1774 else {
1775 int lo = s->nsector;
1776 int hi = s->hob_nsector;
1777
1778 s->nsector = (hi << 8) | lo;
1779 }
1780 }
1781 }
1782
1783 static void ide_clear_hob(IDEBus *bus)
1784 {
1785 /* any write clears HOB high bit of device control register */
1786 bus->ifs[0].select &= ~(1 << 7);
1787 bus->ifs[1].select &= ~(1 << 7);
1788 }
1789
1790 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1791 {
1792 IDEBus *bus = opaque;
1793 IDEState *s;
1794 int n;
1795 int lba48 = 0;
1796
1797 #ifdef DEBUG_IDE
1798 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1799 #endif
1800
1801 addr &= 7;
1802
1803 /* ignore writes to command block while busy with previous command */
1804 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1805 return;
1806
1807 switch(addr) {
1808 case 0:
1809 break;
1810 case 1:
1811 ide_clear_hob(bus);
1812 /* NOTE: data is written to the two drives */
1813 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1814 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1815 bus->ifs[0].feature = val;
1816 bus->ifs[1].feature = val;
1817 break;
1818 case 2:
1819 ide_clear_hob(bus);
1820 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1821 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1822 bus->ifs[0].nsector = val;
1823 bus->ifs[1].nsector = val;
1824 break;
1825 case 3:
1826 ide_clear_hob(bus);
1827 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1828 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1829 bus->ifs[0].sector = val;
1830 bus->ifs[1].sector = val;
1831 break;
1832 case 4:
1833 ide_clear_hob(bus);
1834 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1835 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1836 bus->ifs[0].lcyl = val;
1837 bus->ifs[1].lcyl = val;
1838 break;
1839 case 5:
1840 ide_clear_hob(bus);
1841 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1842 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1843 bus->ifs[0].hcyl = val;
1844 bus->ifs[1].hcyl = val;
1845 break;
1846 case 6:
1847 /* FIXME: HOB readback uses bit 7 */
1848 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1849 bus->ifs[1].select = (val | 0x10) | 0xa0;
1850 /* select drive */
1851 bus->unit = (val >> 4) & 1;
1852 break;
1853 default:
1854 case 7:
1855 /* command */
1856 #if defined(DEBUG_IDE)
1857 printf("ide: CMD=%02x\n", val);
1858 #endif
1859 s = idebus_active_if(bus);
1860 /* ignore commands to non existant slave */
1861 if (s != bus->ifs && !s->bs)
1862 break;
1863
1864 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1865 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1866 break;
1867
1868 switch(val) {
1869 case WIN_IDENTIFY:
1870 if (s->bs && s->drive_kind != IDE_CD) {
1871 if (s->drive_kind != IDE_CFATA)
1872 ide_identify(s);
1873 else
1874 ide_cfata_identify(s);
1875 s->status = READY_STAT | SEEK_STAT;
1876 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1877 } else {
1878 if (s->drive_kind == IDE_CD) {
1879 ide_set_signature(s);
1880 }
1881 ide_abort_command(s);
1882 }
1883 ide_set_irq(s->bus);
1884 break;
1885 case WIN_SPECIFY:
1886 case WIN_RECAL:
1887 s->error = 0;
1888 s->status = READY_STAT | SEEK_STAT;
1889 ide_set_irq(s->bus);
1890 break;
1891 case WIN_SETMULT:
1892 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1893 /* Disable Read and Write Multiple */
1894 s->mult_sectors = 0;
1895 s->status = READY_STAT | SEEK_STAT;
1896 } else if ((s->nsector & 0xff) != 0 &&
1897 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1898 (s->nsector & (s->nsector - 1)) != 0)) {
1899 ide_abort_command(s);
1900 } else {
1901 s->mult_sectors = s->nsector & 0xff;
1902 s->status = READY_STAT | SEEK_STAT;
1903 }
1904 ide_set_irq(s->bus);
1905 break;
1906 case WIN_VERIFY_EXT:
1907 lba48 = 1;
1908 case WIN_VERIFY:
1909 case WIN_VERIFY_ONCE:
1910 /* do sector number check ? */
1911 ide_cmd_lba48_transform(s, lba48);
1912 s->status = READY_STAT | SEEK_STAT;
1913 ide_set_irq(s->bus);
1914 break;
1915 case WIN_READ_EXT:
1916 lba48 = 1;
1917 case WIN_READ:
1918 case WIN_READ_ONCE:
1919 if (!s->bs)
1920 goto abort_cmd;
1921 ide_cmd_lba48_transform(s, lba48);
1922 s->req_nb_sectors = 1;
1923 ide_sector_read(s);
1924 break;
1925 case WIN_WRITE_EXT:
1926 lba48 = 1;
1927 case WIN_WRITE:
1928 case WIN_WRITE_ONCE:
1929 case CFA_WRITE_SECT_WO_ERASE:
1930 case WIN_WRITE_VERIFY:
1931 ide_cmd_lba48_transform(s, lba48);
1932 s->error = 0;
1933 s->status = SEEK_STAT | READY_STAT;
1934 s->req_nb_sectors = 1;
1935 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1936 s->media_changed = 1;
1937 break;
1938 case WIN_MULTREAD_EXT:
1939 lba48 = 1;
1940 case WIN_MULTREAD:
1941 if (!s->mult_sectors)
1942 goto abort_cmd;
1943 ide_cmd_lba48_transform(s, lba48);
1944 s->req_nb_sectors = s->mult_sectors;
1945 ide_sector_read(s);
1946 break;
1947 case WIN_MULTWRITE_EXT:
1948 lba48 = 1;
1949 case WIN_MULTWRITE:
1950 case CFA_WRITE_MULTI_WO_ERASE:
1951 if (!s->mult_sectors)
1952 goto abort_cmd;
1953 ide_cmd_lba48_transform(s, lba48);
1954 s->error = 0;
1955 s->status = SEEK_STAT | READY_STAT;
1956 s->req_nb_sectors = s->mult_sectors;
1957 n = s->nsector;
1958 if (n > s->req_nb_sectors)
1959 n = s->req_nb_sectors;
1960 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1961 s->media_changed = 1;
1962 break;
1963 case WIN_READDMA_EXT:
1964 lba48 = 1;
1965 case WIN_READDMA:
1966 case WIN_READDMA_ONCE:
1967 if (!s->bs)
1968 goto abort_cmd;
1969 ide_cmd_lba48_transform(s, lba48);
1970 ide_sector_read_dma(s);
1971 break;
1972 case WIN_WRITEDMA_EXT:
1973 lba48 = 1;
1974 case WIN_WRITEDMA:
1975 case WIN_WRITEDMA_ONCE:
1976 if (!s->bs)
1977 goto abort_cmd;
1978 ide_cmd_lba48_transform(s, lba48);
1979 ide_sector_write_dma(s);
1980 s->media_changed = 1;
1981 break;
1982 case WIN_READ_NATIVE_MAX_EXT:
1983 lba48 = 1;
1984 case WIN_READ_NATIVE_MAX:
1985 ide_cmd_lba48_transform(s, lba48);
1986 ide_set_sector(s, s->nb_sectors - 1);
1987 s->status = READY_STAT | SEEK_STAT;
1988 ide_set_irq(s->bus);
1989 break;
1990 case WIN_CHECKPOWERMODE1:
1991 case WIN_CHECKPOWERMODE2:
1992 s->nsector = 0xff; /* device active or idle */
1993 s->status = READY_STAT | SEEK_STAT;
1994 ide_set_irq(s->bus);
1995 break;
1996 case WIN_SETFEATURES:
1997 if (!s->bs)
1998 goto abort_cmd;
1999 /* XXX: valid for CDROM ? */
2000 switch(s->feature) {
2001 case 0xcc: /* reverting to power-on defaults enable */
2002 case 0x66: /* reverting to power-on defaults disable */
2003 case 0x02: /* write cache enable */
2004 case 0x82: /* write cache disable */
2005 case 0xaa: /* read look-ahead enable */
2006 case 0x55: /* read look-ahead disable */
2007 case 0x05: /* set advanced power management mode */
2008 case 0x85: /* disable advanced power management mode */
2009 case 0x69: /* NOP */
2010 case 0x67: /* NOP */
2011 case 0x96: /* NOP */
2012 case 0x9a: /* NOP */
2013 case 0x42: /* enable Automatic Acoustic Mode */
2014 case 0xc2: /* disable Automatic Acoustic Mode */
2015 s->status = READY_STAT | SEEK_STAT;
2016 ide_set_irq(s->bus);
2017 break;
2018 case 0x03: { /* set transfer mode */
2019 uint8_t val = s->nsector & 0x07;
2020 uint16_t *identify_data = (uint16_t *)s->identify_data;
2021
2022 switch (s->nsector >> 3) {
2023 case 0x00: /* pio default */
2024 case 0x01: /* pio mode */
2025 put_le16(identify_data + 62,0x07);
2026 put_le16(identify_data + 63,0x07);
2027 put_le16(identify_data + 88,0x3f);
2028 break;
2029 case 0x02: /* sigle word dma mode*/
2030 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
2031 put_le16(identify_data + 63,0x07);
2032 put_le16(identify_data + 88,0x3f);
2033 break;
2034 case 0x04: /* mdma mode */
2035 put_le16(identify_data + 62,0x07);
2036 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
2037 put_le16(identify_data + 88,0x3f);
2038 break;
2039 case 0x08: /* udma mode */
2040 put_le16(identify_data + 62,0x07);
2041 put_le16(identify_data + 63,0x07);
2042 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
2043 break;
2044 default:
2045 goto abort_cmd;
2046 }
2047 s->status = READY_STAT | SEEK_STAT;
2048 ide_set_irq(s->bus);
2049 break;
2050 }
2051 default:
2052 goto abort_cmd;
2053 }
2054 break;
2055 case WIN_FLUSH_CACHE:
2056 case WIN_FLUSH_CACHE_EXT:
2057 ide_flush_cache(s);
2058 break;
2059 case WIN_STANDBY:
2060 case WIN_STANDBY2:
2061 case WIN_STANDBYNOW1:
2062 case WIN_STANDBYNOW2:
2063 case WIN_IDLEIMMEDIATE:
2064 case CFA_IDLEIMMEDIATE:
2065 case WIN_SETIDLE1:
2066 case WIN_SETIDLE2:
2067 case WIN_SLEEPNOW1:
2068 case WIN_SLEEPNOW2:
2069 s->status = READY_STAT;
2070 ide_set_irq(s->bus);
2071 break;
2072 case WIN_SEEK:
2073 if(s->drive_kind == IDE_CD)
2074 goto abort_cmd;
2075 /* XXX: Check that seek is within bounds */
2076 s->status = READY_STAT | SEEK_STAT;
2077 ide_set_irq(s->bus);
2078 break;
2079 /* ATAPI commands */
2080 case WIN_PIDENTIFY:
2081 if (s->drive_kind == IDE_CD) {
2082 ide_atapi_identify(s);
2083 s->status = READY_STAT | SEEK_STAT;
2084 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2085 } else {
2086 ide_abort_command(s);
2087 }
2088 ide_set_irq(s->bus);
2089 break;
2090 case WIN_DIAGNOSE:
2091 ide_set_signature(s);
2092 if (s->drive_kind == IDE_CD)
2093 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2094 * devices to return a clear status register
2095 * with READY_STAT *not* set. */
2096 else
2097 s->status = READY_STAT | SEEK_STAT;
2098 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2099 * present.
2100 */
2101 ide_set_irq(s->bus);
2102 break;
2103 case WIN_SRST:
2104 if (s->drive_kind != IDE_CD)
2105 goto abort_cmd;
2106 ide_set_signature(s);
2107 s->status = 0x00; /* NOTE: READY is _not_ set */
2108 s->error = 0x01;
2109 break;
2110 case WIN_PACKETCMD:
2111 if (s->drive_kind != IDE_CD)
2112 goto abort_cmd;
2113 /* overlapping commands not supported */
2114 if (s->feature & 0x02)
2115 goto abort_cmd;
2116 s->status = READY_STAT | SEEK_STAT;
2117 s->atapi_dma = s->feature & 1;
2118 s->nsector = 1;
2119 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2120 ide_atapi_cmd);
2121 break;
2122 /* CF-ATA commands */
2123 case CFA_REQ_EXT_ERROR_CODE:
2124 if (s->drive_kind != IDE_CFATA)
2125 goto abort_cmd;
2126 s->error = 0x09; /* miscellaneous error */
2127 s->status = READY_STAT | SEEK_STAT;
2128 ide_set_irq(s->bus);
2129 break;
2130 case CFA_ERASE_SECTORS:
2131 case CFA_WEAR_LEVEL:
2132 if (s->drive_kind != IDE_CFATA)
2133 goto abort_cmd;
2134 if (val == CFA_WEAR_LEVEL)
2135 s->nsector = 0;
2136 if (val == CFA_ERASE_SECTORS)
2137 s->media_changed = 1;
2138 s->error = 0x00;
2139 s->status = READY_STAT | SEEK_STAT;
2140 ide_set_irq(s->bus);
2141 break;
2142 case CFA_TRANSLATE_SECTOR:
2143 if (s->drive_kind != IDE_CFATA)
2144 goto abort_cmd;
2145 s->error = 0x00;
2146 s->status = READY_STAT | SEEK_STAT;
2147 memset(s->io_buffer, 0, 0x200);
2148 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2149 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2150 s->io_buffer[0x02] = s->select; /* Head */
2151 s->io_buffer[0x03] = s->sector; /* Sector */
2152 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2153 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2154 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2155 s->io_buffer[0x13] = 0x00; /* Erase flag */
2156 s->io_buffer[0x18] = 0x00; /* Hot count */
2157 s->io_buffer[0x19] = 0x00; /* Hot count */
2158 s->io_buffer[0x1a] = 0x01; /* Hot count */
2159 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2160 ide_set_irq(s->bus);
2161 break;
2162 case CFA_ACCESS_METADATA_STORAGE:
2163 if (s->drive_kind != IDE_CFATA)
2164 goto abort_cmd;
2165 switch (s->feature) {
2166 case 0x02: /* Inquiry Metadata Storage */
2167 ide_cfata_metadata_inquiry(s);
2168 break;
2169 case 0x03: /* Read Metadata Storage */
2170 ide_cfata_metadata_read(s);
2171 break;
2172 case 0x04: /* Write Metadata Storage */
2173 ide_cfata_metadata_write(s);
2174 break;
2175 default:
2176 goto abort_cmd;
2177 }
2178 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2179 s->status = 0x00; /* NOTE: READY is _not_ set */
2180 ide_set_irq(s->bus);
2181 break;
2182 case IBM_SENSE_CONDITION:
2183 if (s->drive_kind != IDE_CFATA)
2184 goto abort_cmd;
2185 switch (s->feature) {
2186 case 0x01: /* sense temperature in device */
2187 s->nsector = 0x50; /* +20 C */
2188 break;
2189 default:
2190 goto abort_cmd;
2191 }
2192 s->status = READY_STAT | SEEK_STAT;
2193 ide_set_irq(s->bus);
2194 break;
2195
2196 case WIN_SMART:
2197 if (s->drive_kind == IDE_CD)
2198 goto abort_cmd;
2199 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2200 goto abort_cmd;
2201 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2202 goto abort_cmd;
2203 switch (s->feature) {
2204 case SMART_DISABLE:
2205 s->smart_enabled = 0;
2206 s->status = READY_STAT | SEEK_STAT;
2207 ide_set_irq(s->bus);
2208 break;
2209 case SMART_ENABLE:
2210 s->smart_enabled = 1;
2211 s->status = READY_STAT | SEEK_STAT;
2212 ide_set_irq(s->bus);
2213 break;
2214 case SMART_ATTR_AUTOSAVE:
2215 switch (s->sector) {
2216 case 0x00:
2217 s->smart_autosave = 0;
2218 break;
2219 case 0xf1:
2220 s->smart_autosave = 1;
2221 break;
2222 default:
2223 goto abort_cmd;
2224 }
2225 s->status = READY_STAT | SEEK_STAT;
2226 ide_set_irq(s->bus);
2227 break;
2228 case SMART_STATUS:
2229 if (!s->smart_errors) {
2230 s->hcyl = 0xc2;
2231 s->lcyl = 0x4f;
2232 } else {
2233 s->hcyl = 0x2c;
2234 s->lcyl = 0xf4;
2235 }
2236 s->status = READY_STAT | SEEK_STAT;
2237 ide_set_irq(s->bus);
2238 break;
2239 case SMART_READ_THRESH:
2240 memset(s->io_buffer, 0, 0x200);
2241 s->io_buffer[0] = 0x01; /* smart struct version */
2242 for (n=0; n<30; n++) {
2243 if (smart_attributes[n][0] == 0)
2244 break;
2245 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2246 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2247 }
2248 for (n=0; n<511; n++) /* checksum */
2249 s->io_buffer[511] += s->io_buffer[n];
2250 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2251 s->status = READY_STAT | SEEK_STAT;
2252 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2253 ide_set_irq(s->bus);
2254 break;
2255 case SMART_READ_DATA:
2256 memset(s->io_buffer, 0, 0x200);
2257 s->io_buffer[0] = 0x01; /* smart struct version */
2258 for (n=0; n<30; n++) {
2259 if (smart_attributes[n][0] == 0)
2260 break;
2261 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2262 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2263 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2264 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2265 }
2266 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2267 if (s->smart_selftest_count == 0) {
2268 s->io_buffer[363] = 0;
2269 } else {
2270 s->io_buffer[363] =
2271 s->smart_selftest_data[3 +
2272 (s->smart_selftest_count - 1) *
2273 24];
2274 }
2275 s->io_buffer[364] = 0x20;
2276 s->io_buffer[365] = 0x01;
2277 /* offline data collection capacity: execute + self-test*/
2278 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2279 s->io_buffer[368] = 0x03; /* smart capability (1) */
2280 s->io_buffer[369] = 0x00; /* smart capability (2) */
2281 s->io_buffer[370] = 0x01; /* error logging supported */
2282 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2283 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2284 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2285
2286 for (n=0; n<511; n++)
2287 s->io_buffer[511] += s->io_buffer[n];
2288 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2289 s->status = READY_STAT | SEEK_STAT;
2290 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2291 ide_set_irq(s->bus);
2292 break;
2293 case SMART_READ_LOG:
2294 switch (s->sector) {
2295 case 0x01: /* summary smart error log */
2296 memset(s->io_buffer, 0, 0x200);
2297 s->io_buffer[0] = 0x01;
2298 s->io_buffer[1] = 0x00; /* no error entries */
2299 s->io_buffer[452] = s->smart_errors & 0xff;
2300 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2301
2302 for (n=0; n<511; n++)
2303 s->io_buffer[511] += s->io_buffer[n];
2304 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2305 break;
2306 case 0x06: /* smart self test log */
2307 memset(s->io_buffer, 0, 0x200);
2308 s->io_buffer[0] = 0x01;
2309 if (s->smart_selftest_count == 0) {
2310 s->io_buffer[508] = 0;
2311 } else {
2312 s->io_buffer[508] = s->smart_selftest_count;
2313 for (n=2; n<506; n++)
2314 s->io_buffer[n] = s->smart_selftest_data[n];
2315 }
2316 for (n=0; n<511; n++)
2317 s->io_buffer[511] += s->io_buffer[n];
2318 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2319 break;
2320 default:
2321 goto abort_cmd;
2322 }
2323 s->status = READY_STAT | SEEK_STAT;
2324 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2325 ide_set_irq(s->bus);
2326 break;
2327 case SMART_EXECUTE_OFFLINE:
2328 switch (s->sector) {
2329 case 0: /* off-line routine */
2330 case 1: /* short self test */
2331 case 2: /* extended self test */
2332 s->smart_selftest_count++;
2333 if(s->smart_selftest_count > 21)
2334 s->smart_selftest_count = 0;
2335 n = 2 + (s->smart_selftest_count - 1) * 24;
2336 s->smart_selftest_data[n] = s->sector;
2337 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2338 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2339 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2340 s->status = READY_STAT | SEEK_STAT;
2341 ide_set_irq(s->bus);
2342 break;
2343 default:
2344 goto abort_cmd;
2345 }
2346 break;
2347 default:
2348 goto abort_cmd;
2349 }
2350 break;
2351 default:
2352 abort_cmd:
2353 ide_abort_command(s);
2354 ide_set_irq(s->bus);
2355 break;
2356 }
2357 }
2358 }
2359
2360 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2361 {
2362 IDEBus *bus = opaque;
2363 IDEState *s = idebus_active_if(bus);
2364 uint32_t addr;
2365 int ret, hob;
2366
2367 addr = addr1 & 7;
2368 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2369 //hob = s->select & (1 << 7);
2370 hob = 0;
2371 switch(addr) {
2372 case 0:
2373 ret = 0xff;
2374 break;
2375 case 1:
2376 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2377 (s != bus->ifs && !s->bs))
2378 ret = 0;
2379 else if (!hob)
2380 ret = s->error;
2381 else
2382 ret = s->hob_feature;
2383 break;
2384 case 2:
2385 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2386 ret = 0;
2387 else if (!hob)
2388 ret = s->nsector & 0xff;
2389 else
2390 ret = s->hob_nsector;
2391 break;
2392 case 3:
2393 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2394 ret = 0;
2395 else if (!hob)
2396 ret = s->sector;
2397 else
2398 ret = s->hob_sector;
2399 break;
2400 case 4:
2401 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2402 ret = 0;
2403 else if (!hob)
2404 ret = s->lcyl;
2405 else
2406 ret = s->hob_lcyl;
2407 break;
2408 case 5:
2409 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2410 ret = 0;
2411 else if (!hob)
2412 ret = s->hcyl;
2413 else
2414 ret = s->hob_hcyl;
2415 break;
2416 case 6:
2417 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2418 ret = 0;
2419 else
2420 ret = s->select;
2421 break;
2422 default:
2423 case 7:
2424 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2425 (s != bus->ifs && !s->bs))
2426 ret = 0;
2427 else
2428 ret = s->status;
2429 qemu_irq_lower(bus->irq);
2430 break;
2431 }
2432 #ifdef DEBUG_IDE
2433 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2434 #endif
2435 return ret;
2436 }
2437
2438 uint32_t ide_status_read(void *opaque, uint32_t addr)
2439 {
2440 IDEBus *bus = opaque;
2441 IDEState *s = idebus_active_if(bus);
2442 int ret;
2443
2444 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2445 (s != bus->ifs && !s->bs))
2446 ret = 0;
2447 else
2448 ret = s->status;
2449 #ifdef DEBUG_IDE
2450 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2451 #endif
2452 return ret;
2453 }
2454
2455 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2456 {
2457 IDEBus *bus = opaque;
2458 IDEState *s;
2459 int i;
2460
2461 #ifdef DEBUG_IDE
2462 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2463 #endif
2464 /* common for both drives */
2465 if (!(bus->cmd & IDE_CMD_RESET) &&
2466 (val & IDE_CMD_RESET)) {
2467 /* reset low to high */
2468 for(i = 0;i < 2; i++) {
2469 s = &bus->ifs[i];
2470 s->status = BUSY_STAT | SEEK_STAT;
2471 s->error = 0x01;
2472 }
2473 } else if ((bus->cmd & IDE_CMD_RESET) &&
2474 !(val & IDE_CMD_RESET)) {
2475 /* high to low */
2476 for(i = 0;i < 2; i++) {
2477 s = &bus->ifs[i];
2478 if (s->drive_kind == IDE_CD)
2479 s->status = 0x00; /* NOTE: READY is _not_ set */
2480 else
2481 s->status = READY_STAT | SEEK_STAT;
2482 ide_set_signature(s);
2483 }
2484 }
2485
2486 bus->cmd = val;
2487 }
2488
2489 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2490 {
2491 IDEBus *bus = opaque;
2492 IDEState *s = idebus_active_if(bus);
2493 uint8_t *p;
2494
2495 /* PIO data access allowed only when DRQ bit is set */
2496 if (!(s->status & DRQ_STAT))
2497 return;
2498
2499 p = s->data_ptr;
2500 *(uint16_t *)p = le16_to_cpu(val);
2501 p += 2;
2502 s->data_ptr = p;
2503 if (p >= s->data_end)
2504 s->end_transfer_func(s);
2505 }
2506
2507 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2508 {
2509 IDEBus *bus = opaque;
2510 IDEState *s = idebus_active_if(bus);
2511 uint8_t *p;
2512 int ret;
2513
2514 /* PIO data access allowed only when DRQ bit is set */
2515 if (!(s->status & DRQ_STAT))
2516 return 0;
2517
2518 p = s->data_ptr;
2519 ret = cpu_to_le16(*(uint16_t *)p);
2520 p += 2;
2521 s->data_ptr = p;
2522 if (p >= s->data_end)
2523 s->end_transfer_func(s);
2524 return ret;
2525 }
2526
2527 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2528 {
2529 IDEBus *bus = opaque;
2530 IDEState *s = idebus_active_if(bus);
2531 uint8_t *p;
2532
2533 /* PIO data access allowed only when DRQ bit is set */
2534 if (!(s->status & DRQ_STAT))
2535 return;
2536
2537 p = s->data_ptr;
2538 *(uint32_t *)p = le32_to_cpu(val);
2539 p += 4;
2540 s->data_ptr = p;
2541 if (p >= s->data_end)
2542 s->end_transfer_func(s);
2543 }
2544
2545 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2546 {
2547 IDEBus *bus = opaque;
2548 IDEState *s = idebus_active_if(bus);
2549 uint8_t *p;
2550 int ret;
2551
2552 /* PIO data access allowed only when DRQ bit is set */
2553 if (!(s->status & DRQ_STAT))
2554 return 0;
2555
2556 p = s->data_ptr;
2557 ret = cpu_to_le32(*(uint32_t *)p);
2558 p += 4;
2559 s->data_ptr = p;
2560 if (p >= s->data_end)
2561 s->end_transfer_func(s);
2562 return ret;
2563 }
2564
2565 static void ide_dummy_transfer_stop(IDEState *s)
2566 {
2567 s->data_ptr = s->io_buffer;
2568 s->data_end = s->io_buffer;
2569 s->io_buffer[0] = 0xff;
2570 s->io_buffer[1] = 0xff;
2571 s->io_buffer[2] = 0xff;
2572 s->io_buffer[3] = 0xff;
2573 }
2574
2575 static void ide_reset(IDEState *s)
2576 {
2577 #ifdef DEBUG_IDE
2578 printf("ide: reset\n");
2579 #endif
2580 if (s->drive_kind == IDE_CFATA)
2581 s->mult_sectors = 0;
2582 else
2583 s->mult_sectors = MAX_MULT_SECTORS;
2584 /* ide regs */
2585 s->feature = 0;
2586 s->error = 0;
2587 s->nsector = 0;
2588 s->sector = 0;
2589 s->lcyl = 0;
2590 s->hcyl = 0;
2591
2592 /* lba48 */
2593 s->hob_feature = 0;
2594 s->hob_sector = 0;
2595 s->hob_nsector = 0;
2596 s->hob_lcyl = 0;
2597 s->hob_hcyl = 0;
2598
2599 s->select = 0xa0;
2600 s->status = READY_STAT | SEEK_STAT;
2601
2602 s->lba48 = 0;
2603
2604 /* ATAPI specific */
2605 s->sense_key = 0;
2606 s->asc = 0;
2607 s->cdrom_changed = 0;
2608 s->packet_transfer_size = 0;
2609 s->elementary_transfer_size = 0;
2610 s->io_buffer_index = 0;
2611 s->cd_sector_size = 0;
2612 s->atapi_dma = 0;
2613 /* ATA DMA state */
2614 s->io_buffer_size = 0;
2615 s->req_nb_sectors = 0;
2616
2617 ide_set_signature(s);
2618 /* init the transfer handler so that 0xffff is returned on data
2619 accesses */
2620 s->end_transfer_func = ide_dummy_transfer_stop;
2621 ide_dummy_transfer_stop(s);
2622 s->media_changed = 0;
2623 }
2624
2625 void ide_bus_reset(IDEBus *bus)
2626 {
2627 bus->unit = 0;
2628 bus->cmd = 0;
2629 ide_reset(&bus->ifs[0]);
2630 ide_reset(&bus->ifs[1]);
2631 ide_clear_hob(bus);
2632 }
2633
2634 int ide_init_drive(IDEState *s, BlockDriverState *bs,
2635 const char *version, const char *serial)
2636 {
2637 int cylinders, heads, secs;
2638 uint64_t nb_sectors;
2639
2640 s->bs = bs;
2641 bdrv_get_geometry(bs, &nb_sectors);
2642 bdrv_guess_geometry(bs, &cylinders, &heads, &secs);
2643 if (cylinders < 1 || cylinders > 16383) {
2644 error_report("cyls must be between 1 and 16383");
2645 return -1;
2646 }
2647 if (heads < 1 || heads > 16) {
2648 error_report("heads must be between 1 and 16");
2649 return -1;
2650 }
2651 if (secs < 1 || secs > 63) {
2652 error_report("secs must be between 1 and 63");
2653 return -1;
2654 }
2655 s->cylinders = cylinders;
2656 s->heads = heads;
2657 s->sectors = secs;
2658 s->nb_sectors = nb_sectors;
2659 /* The SMART values should be preserved across power cycles
2660 but they aren't. */
2661 s->smart_enabled = 1;
2662 s->smart_autosave = 1;
2663 s->smart_errors = 0;
2664 s->smart_selftest_count = 0;
2665 if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) {
2666 s->drive_kind = IDE_CD;
2667 bdrv_set_change_cb(bs, cdrom_change_cb, s);
2668 bs->buffer_alignment = 2048;
2669 } else {
2670 if (!bdrv_is_inserted(s->bs)) {
2671 error_report("Device needs media, but drive is empty");
2672 return -1;
2673 }
2674 if (bdrv_is_read_only(bs)) {
2675 error_report("Can't use a read-only drive");
2676 return -1;
2677 }
2678 }
2679 if (serial) {
2680 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
2681 } else {
2682 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2683 "QM%05d", s->drive_serial);
2684 }
2685 if (version) {
2686 pstrcpy(s->version, sizeof(s->version), version);
2687 } else {
2688 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2689 }
2690 ide_reset(s);
2691 bdrv_set_removable(bs, s->drive_kind == IDE_CD);
2692 return 0;
2693 }
2694
2695 static void ide_init1(IDEBus *bus, int unit)
2696 {
2697 static int drive_serial = 1;
2698 IDEState *s = &bus->ifs[unit];
2699
2700 s->bus = bus;
2701 s->unit = unit;
2702 s->drive_serial = drive_serial++;
2703 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
2704 s->io_buffer = qemu_memalign(2048, IDE_DMA_BUF_SECTORS*512 + 4);
2705 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2706 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2707 s->sector_write_timer = qemu_new_timer(vm_clock,
2708 ide_sector_write_timer_cb, s);
2709 }
2710
2711 void ide_init2(IDEBus *bus, qemu_irq irq)
2712 {
2713 int i;
2714
2715 for(i = 0; i < 2; i++) {
2716 ide_init1(bus, i);
2717 ide_reset(&bus->ifs[i]);
2718 }
2719 bus->irq = irq;
2720 }
2721
2722 /* TODO convert users to qdev and remove */
2723 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2724 DriveInfo *hd1, qemu_irq irq)
2725 {
2726 int i;
2727 DriveInfo *dinfo;
2728
2729 for(i = 0; i < 2; i++) {
2730 dinfo = i == 0 ? hd0 : hd1;
2731 ide_init1(bus, i);
2732 if (dinfo) {
2733 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL,
2734 *dinfo->serial ? dinfo->serial : NULL) < 0) {
2735 error_report("Can't set up IDE drive %s", dinfo->id);
2736 exit(1);
2737 }
2738 } else {
2739 ide_reset(&bus->ifs[i]);
2740 }
2741 }
2742 bus->irq = irq;
2743 }
2744
2745 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2746 {
2747 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2748 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2749 if (iobase2) {
2750 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2751 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2752 }
2753
2754 /* data ports */
2755 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2756 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2757 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2758 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2759 }
2760
2761 static bool is_identify_set(void *opaque, int version_id)
2762 {
2763 IDEState *s = opaque;
2764
2765 return s->identify_set != 0;
2766 }
2767
2768 static EndTransferFunc* transfer_end_table[] = {
2769 ide_sector_read,
2770 ide_sector_write,
2771 ide_transfer_stop,
2772 ide_atapi_cmd_reply_end,
2773 ide_atapi_cmd,
2774 ide_dummy_transfer_stop,
2775 };
2776
2777 static int transfer_end_table_idx(EndTransferFunc *fn)
2778 {
2779 int i;
2780
2781 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2782 if (transfer_end_table[i] == fn)
2783 return i;
2784
2785 return -1;
2786 }
2787
2788 static int ide_drive_post_load(void *opaque, int version_id)
2789 {
2790 IDEState *s = opaque;
2791
2792 if (version_id < 3) {
2793 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2794 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2795 s->cdrom_changed = 1;
2796 }
2797 }
2798 return 0;
2799 }
2800
2801 static int ide_drive_pio_post_load(void *opaque, int version_id)
2802 {
2803 IDEState *s = opaque;
2804
2805 if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) {
2806 return -EINVAL;
2807 }
2808 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2809 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2810 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2811
2812 return 0;
2813 }
2814
2815 static void ide_drive_pio_pre_save(void *opaque)
2816 {
2817 IDEState *s = opaque;
2818 int idx;
2819
2820 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2821 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2822
2823 idx = transfer_end_table_idx(s->end_transfer_func);
2824 if (idx == -1) {
2825 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2826 __func__);
2827 s->end_transfer_fn_idx = 2;
2828 } else {
2829 s->end_transfer_fn_idx = idx;
2830 }
2831 }
2832
2833 static bool ide_drive_pio_state_needed(void *opaque)
2834 {
2835 IDEState *s = opaque;
2836
2837 return (s->status & DRQ_STAT) != 0;
2838 }
2839
2840 const VMStateDescription vmstate_ide_drive_pio_state = {
2841 .name = "ide_drive/pio_state",
2842 .version_id = 1,
2843 .minimum_version_id = 1,
2844 .minimum_version_id_old = 1,
2845 .pre_save = ide_drive_pio_pre_save,
2846 .post_load = ide_drive_pio_post_load,
2847 .fields = (VMStateField []) {
2848 VMSTATE_INT32(req_nb_sectors, IDEState),
2849 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2850 vmstate_info_uint8, uint8_t),
2851 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2852 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2853 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2854 VMSTATE_INT32(elementary_transfer_size, IDEState),
2855 VMSTATE_INT32(packet_transfer_size, IDEState),
2856 VMSTATE_END_OF_LIST()
2857 }
2858 };
2859
2860 const VMStateDescription vmstate_ide_drive = {
2861 .name = "ide_drive",
2862 .version_id = 3,
2863 .minimum_version_id = 0,
2864 .minimum_version_id_old = 0,
2865 .post_load = ide_drive_post_load,
2866 .fields = (VMStateField []) {
2867 VMSTATE_INT32(mult_sectors, IDEState),
2868 VMSTATE_INT32(identify_set, IDEState),
2869 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2870 VMSTATE_UINT8(feature, IDEState),
2871 VMSTATE_UINT8(error, IDEState),
2872 VMSTATE_UINT32(nsector, IDEState),
2873 VMSTATE_UINT8(sector, IDEState),
2874 VMSTATE_UINT8(lcyl, IDEState),
2875 VMSTATE_UINT8(hcyl, IDEState),
2876 VMSTATE_UINT8(hob_feature, IDEState),
2877 VMSTATE_UINT8(hob_sector, IDEState),
2878 VMSTATE_UINT8(hob_nsector, IDEState),
2879 VMSTATE_UINT8(hob_lcyl, IDEState),
2880 VMSTATE_UINT8(hob_hcyl, IDEState),
2881 VMSTATE_UINT8(select, IDEState),
2882 VMSTATE_UINT8(status, IDEState),
2883 VMSTATE_UINT8(lba48, IDEState),
2884 VMSTATE_UINT8(sense_key, IDEState),
2885 VMSTATE_UINT8(asc, IDEState),
2886 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2887 VMSTATE_END_OF_LIST()
2888 },
2889 .subsections = (VMStateSubsection []) {
2890 {
2891 .vmsd = &vmstate_ide_drive_pio_state,
2892 .needed = ide_drive_pio_state_needed,
2893 }, {
2894 /* empty */
2895 }
2896 }
2897 };
2898
2899 const VMStateDescription vmstate_ide_bus = {
2900 .name = "ide_bus",
2901 .version_id = 1,
2902 .minimum_version_id = 1,
2903 .minimum_version_id_old = 1,
2904 .fields = (VMStateField []) {
2905 VMSTATE_UINT8(cmd, IDEBus),
2906 VMSTATE_UINT8(unit, IDEBus),
2907 VMSTATE_END_OF_LIST()
2908 }
2909 };
2910
2911 /***********************************************************/
2912 /* PCI IDE definitions */
2913
2914 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2915 {
2916 BMDMAState *bm = s->bus->bmdma;
2917 if(!bm)
2918 return;
2919 bm->unit = s->unit;
2920 bm->dma_cb = dma_cb;
2921 bm->cur_prd_last = 0;
2922 bm->cur_prd_addr = 0;
2923 bm->cur_prd_len = 0;
2924 bm->sector_num = ide_get_sector(s);
2925 bm->nsector = s->nsector;
2926 if (bm->status & BM_STATUS_DMAING) {
2927 bm->dma_cb(bm, 0);
2928 }
2929 }
2930
2931 static void ide_dma_restart(IDEState *s, int is_read)
2932 {
2933 BMDMAState *bm = s->bus->bmdma;
2934 ide_set_sector(s, bm->sector_num);
2935 s->io_buffer_index = 0;
2936 s->io_buffer_size = 0;
2937 s->nsector = bm->nsector;
2938 bm->cur_addr = bm->addr;
2939
2940 if (is_read) {
2941 bm->dma_cb = ide_read_dma_cb;
2942 } else {
2943 bm->dma_cb = ide_write_dma_cb;
2944 }
2945
2946 ide_dma_start(s, bm->dma_cb);
2947 }
2948
2949 void ide_dma_cancel(BMDMAState *bm)
2950 {
2951 if (bm->status & BM_STATUS_DMAING) {
2952 if (bm->aiocb) {
2953 #ifdef DEBUG_AIO
2954 printf("aio_cancel\n");
2955 #endif
2956 bdrv_aio_cancel(bm->aiocb);
2957 bm->aiocb = NULL;
2958 }
2959 bm->status &= ~BM_STATUS_DMAING;
2960 /* cancel DMA request */
2961 bm->unit = -1;
2962 bm->dma_cb = NULL;
2963 }
2964 }
2965
2966 void ide_dma_reset(BMDMAState *bm)
2967 {
2968 #ifdef DEBUG_IDE
2969 printf("ide: dma_reset\n");
2970 #endif
2971 ide_dma_cancel(bm);
2972 bm->cmd = 0;
2973 bm->status = 0;
2974 bm->addr = 0;
2975 bm->cur_addr = 0;
2976 bm->cur_prd_last = 0;
2977 bm->cur_prd_addr = 0;
2978 bm->cur_prd_len = 0;
2979 bm->sector_num = 0;
2980 bm->nsector = 0;
2981 }
Stefan Hajnoczi's qemu-kvm.git repo