search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ide: stash aiocb for flushes
[qemu.git] / hw / ide / core.c
blob79985f9f49f6d04905910f4ee7edb10b43aff51c
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/i386/pc.h>
27 #include <hw/pci/pci.h>
28 #include <hw/isa/isa.h>
29 #include "qemu/error-report.h"
30 #include "qemu/timer.h"
31 #include "sysemu/sysemu.h"
32 #include "sysemu/dma.h"
33 #include "hw/block/block.h"
34 #include "sysemu/blockdev.h"
35
36 #include <hw/ide/internal.h>
37
38 /* These values were based on a Seagate ST3500418AS but have been modified
39 to make more sense in QEMU */
40 static const int smart_attributes[][12] = {
41 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
42 /* raw read error rate*/
43 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
44 /* spin up */
45 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
46 /* start stop count */
47 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
48 /* remapped sectors */
49 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
50 /* power on hours */
51 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
52 /* power cycle count */
53 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
54 /* airflow-temperature-celsius */
55 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
56 };
57
58 static int ide_handle_rw_error(IDEState *s, int error, int op);
59 static void ide_dummy_transfer_stop(IDEState *s);
60
61 static void padstr(char *str, const char *src, int len)
62 {
63 int i, v;
64 for(i = 0; i < len; i++) {
65 if (*src)
66 v = *src++;
67 else
68 v = ' ';
69 str[i^1] = v;
70 }
71 }
72
73 static void put_le16(uint16_t *p, unsigned int v)
74 {
75 *p = cpu_to_le16(v);
76 }
77
78 static void ide_identify(IDEState *s)
79 {
80 uint16_t *p;
81 unsigned int oldsize;
82 IDEDevice *dev = s->unit ? s->bus->slave : s->bus->master;
83
84 if (s->identify_set) {
85 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
86 return;
87 }
88
89 memset(s->io_buffer, 0, 512);
90 p = (uint16_t *)s->io_buffer;
91 put_le16(p + 0, 0x0040);
92 put_le16(p + 1, s->cylinders);
93 put_le16(p + 3, s->heads);
94 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
95 put_le16(p + 5, 512); /* XXX: retired, remove ? */
96 put_le16(p + 6, s->sectors);
97 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
98 put_le16(p + 20, 3); /* XXX: retired, remove ? */
99 put_le16(p + 21, 512); /* cache size in sectors */
100 put_le16(p + 22, 4); /* ecc bytes */
101 padstr((char *)(p + 23), s->version, 8); /* firmware version */
102 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
103 #if MAX_MULT_SECTORS > 1
104 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
105 #endif
106 put_le16(p + 48, 1); /* dword I/O */
107 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
108 put_le16(p + 51, 0x200); /* PIO transfer cycle */
109 put_le16(p + 52, 0x200); /* DMA transfer cycle */
110 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
111 put_le16(p + 54, s->cylinders);
112 put_le16(p + 55, s->heads);
113 put_le16(p + 56, s->sectors);
114 oldsize = s->cylinders * s->heads * s->sectors;
115 put_le16(p + 57, oldsize);
116 put_le16(p + 58, oldsize >> 16);
117 if (s->mult_sectors)
118 put_le16(p + 59, 0x100 | s->mult_sectors);
119 put_le16(p + 60, s->nb_sectors);
120 put_le16(p + 61, s->nb_sectors >> 16);
121 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
122 put_le16(p + 63, 0x07); /* mdma0-2 supported */
123 put_le16(p + 64, 0x03); /* pio3-4 supported */
124 put_le16(p + 65, 120);
125 put_le16(p + 66, 120);
126 put_le16(p + 67, 120);
127 put_le16(p + 68, 120);
128 if (dev && dev->conf.discard_granularity) {
129 put_le16(p + 69, (1 << 14)); /* determinate TRIM behavior */
130 }
131
132 if (s->ncq_queues) {
133 put_le16(p + 75, s->ncq_queues - 1);
134 /* NCQ supported */
135 put_le16(p + 76, (1 << 8));
136 }
137
138 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
139 put_le16(p + 81, 0x16); /* conforms to ata5 */
140 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
141 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
142 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
143 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
144 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
145 if (s->wwn) {
146 put_le16(p + 84, (1 << 14) | (1 << 8) | 0);
147 } else {
148 put_le16(p + 84, (1 << 14) | 0);
149 }
150 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
151 if (bdrv_enable_write_cache(s->bs))
152 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
153 else
154 put_le16(p + 85, (1 << 14) | 1);
155 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
156 put_le16(p + 86, (1 << 13) | (1 <<12) | (1 << 10));
157 /* 14=set to 1, 8=has WWN, 1=SMART self test, 0=SMART error logging */
158 if (s->wwn) {
159 put_le16(p + 87, (1 << 14) | (1 << 8) | 0);
160 } else {
161 put_le16(p + 87, (1 << 14) | 0);
162 }
163 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
164 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
165 put_le16(p + 100, s->nb_sectors);
166 put_le16(p + 101, s->nb_sectors >> 16);
167 put_le16(p + 102, s->nb_sectors >> 32);
168 put_le16(p + 103, s->nb_sectors >> 48);
169
170 if (dev && dev->conf.physical_block_size)
171 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
172 if (s->wwn) {
173 /* LE 16-bit words 111-108 contain 64-bit World Wide Name */
174 put_le16(p + 108, s->wwn >> 48);
175 put_le16(p + 109, s->wwn >> 32);
176 put_le16(p + 110, s->wwn >> 16);
177 put_le16(p + 111, s->wwn);
178 }
179 if (dev && dev->conf.discard_granularity) {
180 put_le16(p + 169, 1); /* TRIM support */
181 }
182
183 memcpy(s->identify_data, p, sizeof(s->identify_data));
184 s->identify_set = 1;
185 }
186
187 static void ide_atapi_identify(IDEState *s)
188 {
189 uint16_t *p;
190
191 if (s->identify_set) {
192 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
193 return;
194 }
195
196 memset(s->io_buffer, 0, 512);
197 p = (uint16_t *)s->io_buffer;
198 /* Removable CDROM, 50us response, 12 byte packets */
199 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
200 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
201 put_le16(p + 20, 3); /* buffer type */
202 put_le16(p + 21, 512); /* cache size in sectors */
203 put_le16(p + 22, 4); /* ecc bytes */
204 padstr((char *)(p + 23), s->version, 8); /* firmware version */
205 padstr((char *)(p + 27), s->drive_model_str, 40); /* model */
206 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
207 #ifdef USE_DMA_CDROM
208 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
209 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
210 put_le16(p + 62, 7); /* single word dma0-2 supported */
211 put_le16(p + 63, 7); /* mdma0-2 supported */
212 #else
213 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
214 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
215 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
216 #endif
217 put_le16(p + 64, 3); /* pio3-4 supported */
218 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
219 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
220 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
221 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
222
223 put_le16(p + 71, 30); /* in ns */
224 put_le16(p + 72, 30); /* in ns */
225
226 if (s->ncq_queues) {
227 put_le16(p + 75, s->ncq_queues - 1);
228 /* NCQ supported */
229 put_le16(p + 76, (1 << 8));
230 }
231
232 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
233 #ifdef USE_DMA_CDROM
234 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
235 #endif
236 memcpy(s->identify_data, p, sizeof(s->identify_data));
237 s->identify_set = 1;
238 }
239
240 static void ide_cfata_identify(IDEState *s)
241 {
242 uint16_t *p;
243 uint32_t cur_sec;
244
245 p = (uint16_t *) s->identify_data;
246 if (s->identify_set)
247 goto fill_buffer;
248
249 memset(p, 0, sizeof(s->identify_data));
250
251 cur_sec = s->cylinders * s->heads * s->sectors;
252
253 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
254 put_le16(p + 1, s->cylinders); /* Default cylinders */
255 put_le16(p + 3, s->heads); /* Default heads */
256 put_le16(p + 6, s->sectors); /* Default sectors per track */
257 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
258 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
259 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
260 put_le16(p + 22, 0x0004); /* ECC bytes */
261 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
262 padstr((char *) (p + 27), s->drive_model_str, 40);/* Model number */
263 #if MAX_MULT_SECTORS > 1
264 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
265 #else
266 put_le16(p + 47, 0x0000);
267 #endif
268 put_le16(p + 49, 0x0f00); /* Capabilities */
269 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
270 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
271 put_le16(p + 53, 0x0003); /* Translation params valid */
272 put_le16(p + 54, s->cylinders); /* Current cylinders */
273 put_le16(p + 55, s->heads); /* Current heads */
274 put_le16(p + 56, s->sectors); /* Current sectors */
275 put_le16(p + 57, cur_sec); /* Current capacity */
276 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
277 if (s->mult_sectors) /* Multiple sector setting */
278 put_le16(p + 59, 0x100 | s->mult_sectors);
279 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
280 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
281 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
282 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
283 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
284 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
285 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
286 put_le16(p + 82, 0x400c); /* Command Set supported */
287 put_le16(p + 83, 0x7068); /* Command Set supported */
288 put_le16(p + 84, 0x4000); /* Features supported */
289 put_le16(p + 85, 0x000c); /* Command Set enabled */
290 put_le16(p + 86, 0x7044); /* Command Set enabled */
291 put_le16(p + 87, 0x4000); /* Features enabled */
292 put_le16(p + 91, 0x4060); /* Current APM level */
293 put_le16(p + 129, 0x0002); /* Current features option */
294 put_le16(p + 130, 0x0005); /* Reassigned sectors */
295 put_le16(p + 131, 0x0001); /* Initial power mode */
296 put_le16(p + 132, 0x0000); /* User signature */
297 put_le16(p + 160, 0x8100); /* Power requirement */
298 put_le16(p + 161, 0x8001); /* CF command set */
299
300 s->identify_set = 1;
301
302 fill_buffer:
303 memcpy(s->io_buffer, p, sizeof(s->identify_data));
304 }
305
306 static void ide_set_signature(IDEState *s)
307 {
308 s->select &= 0xf0; /* clear head */
309 /* put signature */
310 s->nsector = 1;
311 s->sector = 1;
312 if (s->drive_kind == IDE_CD) {
313 s->lcyl = 0x14;
314 s->hcyl = 0xeb;
315 } else if (s->bs) {
316 s->lcyl = 0;
317 s->hcyl = 0;
318 } else {
319 s->lcyl = 0xff;
320 s->hcyl = 0xff;
321 }
322 }
323
324 typedef struct TrimAIOCB {
325 BlockDriverAIOCB common;
326 QEMUBH *bh;
327 int ret;
328 QEMUIOVector *qiov;
329 BlockDriverAIOCB *aiocb;
330 int i, j;
331 } TrimAIOCB;
332
333 static void trim_aio_cancel(BlockDriverAIOCB *acb)
334 {
335 TrimAIOCB *iocb = container_of(acb, TrimAIOCB, common);
336
337 /* Exit the loop in case bdrv_aio_cancel calls ide_issue_trim_cb again. */
338 iocb->j = iocb->qiov->niov - 1;
339 iocb->i = (iocb->qiov->iov[iocb->j].iov_len / 8) - 1;
340
341 /* Tell ide_issue_trim_cb not to trigger the completion, too. */
342 qemu_bh_delete(iocb->bh);
343 iocb->bh = NULL;
344
345 if (iocb->aiocb) {
346 bdrv_aio_cancel(iocb->aiocb);
347 }
348 qemu_aio_release(iocb);
349 }
350
351 static const AIOCBInfo trim_aiocb_info = {
352 .aiocb_size = sizeof(TrimAIOCB),
353 .cancel = trim_aio_cancel,
354 };
355
356 static void ide_trim_bh_cb(void *opaque)
357 {
358 TrimAIOCB *iocb = opaque;
359
360 iocb->common.cb(iocb->common.opaque, iocb->ret);
361
362 qemu_bh_delete(iocb->bh);
363 iocb->bh = NULL;
364 qemu_aio_release(iocb);
365 }
366
367 static void ide_issue_trim_cb(void *opaque, int ret)
368 {
369 TrimAIOCB *iocb = opaque;
370 if (ret >= 0) {
371 while (iocb->j < iocb->qiov->niov) {
372 int j = iocb->j;
373 while (++iocb->i < iocb->qiov->iov[j].iov_len / 8) {
374 int i = iocb->i;
375 uint64_t *buffer = iocb->qiov->iov[j].iov_base;
376
377 /* 6-byte LBA + 2-byte range per entry */
378 uint64_t entry = le64_to_cpu(buffer[i]);
379 uint64_t sector = entry & 0x0000ffffffffffffULL;
380 uint16_t count = entry >> 48;
381
382 if (count == 0) {
383 continue;
384 }
385
386 /* Got an entry! Submit and exit. */
387 iocb->aiocb = bdrv_aio_discard(iocb->common.bs, sector, count,
388 ide_issue_trim_cb, opaque);
389 return;
390 }
391
392 iocb->j++;
393 iocb->i = -1;
394 }
395 } else {
396 iocb->ret = ret;
397 }
398
399 iocb->aiocb = NULL;
400 if (iocb->bh) {
401 qemu_bh_schedule(iocb->bh);
402 }
403 }
404
405 BlockDriverAIOCB *ide_issue_trim(BlockDriverState *bs,
406 int64_t sector_num, QEMUIOVector *qiov, int nb_sectors,
407 BlockDriverCompletionFunc *cb, void *opaque)
408 {
409 TrimAIOCB *iocb;
410
411 iocb = qemu_aio_get(&trim_aiocb_info, bs, cb, opaque);
412 iocb->bh = qemu_bh_new(ide_trim_bh_cb, iocb);
413 iocb->ret = 0;
414 iocb->qiov = qiov;
415 iocb->i = -1;
416 iocb->j = 0;
417 ide_issue_trim_cb(iocb, 0);
418 return &iocb->common;
419 }
420
421 static inline void ide_abort_command(IDEState *s)
422 {
423 s->status = READY_STAT | ERR_STAT;
424 s->error = ABRT_ERR;
425 }
426
427 /* prepare data transfer and tell what to do after */
428 void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
429 EndTransferFunc *end_transfer_func)
430 {
431 s->end_transfer_func = end_transfer_func;
432 s->data_ptr = buf;
433 s->data_end = buf + size;
434 if (!(s->status & ERR_STAT)) {
435 s->status |= DRQ_STAT;
436 }
437 s->bus->dma->ops->start_transfer(s->bus->dma);
438 }
439
440 void ide_transfer_stop(IDEState *s)
441 {
442 s->end_transfer_func = ide_transfer_stop;
443 s->data_ptr = s->io_buffer;
444 s->data_end = s->io_buffer;
445 s->status &= ~DRQ_STAT;
446 }
447
448 int64_t ide_get_sector(IDEState *s)
449 {
450 int64_t sector_num;
451 if (s->select & 0x40) {
452 /* lba */
453 if (!s->lba48) {
454 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
455 (s->lcyl << 8) | s->sector;
456 } else {
457 sector_num = ((int64_t)s->hob_hcyl << 40) |
458 ((int64_t) s->hob_lcyl << 32) |
459 ((int64_t) s->hob_sector << 24) |
460 ((int64_t) s->hcyl << 16) |
461 ((int64_t) s->lcyl << 8) | s->sector;
462 }
463 } else {
464 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
465 (s->select & 0x0f) * s->sectors + (s->sector - 1);
466 }
467 return sector_num;
468 }
469
470 void ide_set_sector(IDEState *s, int64_t sector_num)
471 {
472 unsigned int cyl, r;
473 if (s->select & 0x40) {
474 if (!s->lba48) {
475 s->select = (s->select & 0xf0) | (sector_num >> 24);
476 s->hcyl = (sector_num >> 16);
477 s->lcyl = (sector_num >> 8);
478 s->sector = (sector_num);
479 } else {
480 s->sector = sector_num;
481 s->lcyl = sector_num >> 8;
482 s->hcyl = sector_num >> 16;
483 s->hob_sector = sector_num >> 24;
484 s->hob_lcyl = sector_num >> 32;
485 s->hob_hcyl = sector_num >> 40;
486 }
487 } else {
488 cyl = sector_num / (s->heads * s->sectors);
489 r = sector_num % (s->heads * s->sectors);
490 s->hcyl = cyl >> 8;
491 s->lcyl = cyl;
492 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
493 s->sector = (r % s->sectors) + 1;
494 }
495 }
496
497 static void ide_rw_error(IDEState *s) {
498 ide_abort_command(s);
499 ide_set_irq(s->bus);
500 }
501
502 static bool ide_sect_range_ok(IDEState *s,
503 uint64_t sector, uint64_t nb_sectors)
504 {
505 uint64_t total_sectors;
506
507 bdrv_get_geometry(s->bs, &total_sectors);
508 if (sector > total_sectors || nb_sectors > total_sectors - sector) {
509 return false;
510 }
511 return true;
512 }
513
514 static void ide_sector_read_cb(void *opaque, int ret)
515 {
516 IDEState *s = opaque;
517 int n;
518
519 s->pio_aiocb = NULL;
520 s->status &= ~BUSY_STAT;
521
522 bdrv_acct_done(s->bs, &s->acct);
523 if (ret != 0) {
524 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY |
525 BM_STATUS_RETRY_READ)) {
526 return;
527 }
528 }
529
530 n = s->nsector;
531 if (n > s->req_nb_sectors) {
532 n = s->req_nb_sectors;
533 }
534
535 /* Allow the guest to read the io_buffer */
536 ide_transfer_start(s, s->io_buffer, n * BDRV_SECTOR_SIZE, ide_sector_read);
537
538 ide_set_irq(s->bus);
539
540 ide_set_sector(s, ide_get_sector(s) + n);
541 s->nsector -= n;
542 }
543
544 void ide_sector_read(IDEState *s)
545 {
546 int64_t sector_num;
547 int n;
548
549 s->status = READY_STAT | SEEK_STAT;
550 s->error = 0; /* not needed by IDE spec, but needed by Windows */
551 sector_num = ide_get_sector(s);
552 n = s->nsector;
553
554 if (n == 0) {
555 ide_transfer_stop(s);
556 return;
557 }
558
559 s->status |= BUSY_STAT;
560
561 if (n > s->req_nb_sectors) {
562 n = s->req_nb_sectors;
563 }
564
565 #if defined(DEBUG_IDE)
566 printf("sector=%" PRId64 "\n", sector_num);
567 #endif
568
569 if (!ide_sect_range_ok(s, sector_num, n)) {
570 ide_rw_error(s);
571 return;
572 }
573
574 s->iov.iov_base = s->io_buffer;
575 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
576 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
577
578 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
579 s->pio_aiocb = bdrv_aio_readv(s->bs, sector_num, &s->qiov, n,
580 ide_sector_read_cb, s);
581 }
582
583 static void dma_buf_commit(IDEState *s)
584 {
585 qemu_sglist_destroy(&s->sg);
586 }
587
588 static void ide_async_cmd_done(IDEState *s)
589 {
590 if (s->bus->dma->ops->async_cmd_done) {
591 s->bus->dma->ops->async_cmd_done(s->bus->dma);
592 }
593 }
594
595 void ide_set_inactive(IDEState *s)
596 {
597 s->bus->dma->aiocb = NULL;
598 s->bus->dma->ops->set_inactive(s->bus->dma);
599 ide_async_cmd_done(s);
600 }
601
602 void ide_dma_error(IDEState *s)
603 {
604 ide_transfer_stop(s);
605 s->error = ABRT_ERR;
606 s->status = READY_STAT | ERR_STAT;
607 ide_set_inactive(s);
608 ide_set_irq(s->bus);
609 }
610
611 static int ide_handle_rw_error(IDEState *s, int error, int op)
612 {
613 bool is_read = (op & BM_STATUS_RETRY_READ) != 0;
614 BlockErrorAction action = bdrv_get_error_action(s->bs, is_read, error);
615
616 if (action == BLOCK_ERROR_ACTION_STOP) {
617 s->bus->dma->ops->set_unit(s->bus->dma, s->unit);
618 s->bus->error_status = op;
619 } else if (action == BLOCK_ERROR_ACTION_REPORT) {
620 if (op & BM_STATUS_DMA_RETRY) {
621 dma_buf_commit(s);
622 ide_dma_error(s);
623 } else {
624 ide_rw_error(s);
625 }
626 }
627 bdrv_error_action(s->bs, action, is_read, error);
628 return action != BLOCK_ERROR_ACTION_IGNORE;
629 }
630
631 void ide_dma_cb(void *opaque, int ret)
632 {
633 IDEState *s = opaque;
634 int n;
635 int64_t sector_num;
636 bool stay_active = false;
637
638 if (ret < 0) {
639 int op = BM_STATUS_DMA_RETRY;
640
641 if (s->dma_cmd == IDE_DMA_READ)
642 op |= BM_STATUS_RETRY_READ;
643 else if (s->dma_cmd == IDE_DMA_TRIM)
644 op |= BM_STATUS_RETRY_TRIM;
645
646 if (ide_handle_rw_error(s, -ret, op)) {
647 return;
648 }
649 }
650
651 n = s->io_buffer_size >> 9;
652 if (n > s->nsector) {
653 /* The PRDs were longer than needed for this request. Shorten them so
654 * we don't get a negative remainder. The Active bit must remain set
655 * after the request completes. */
656 n = s->nsector;
657 stay_active = true;
658 }
659
660 sector_num = ide_get_sector(s);
661 if (n > 0) {
662 dma_buf_commit(s);
663 sector_num += n;
664 ide_set_sector(s, sector_num);
665 s->nsector -= n;
666 }
667
668 /* end of transfer ? */
669 if (s->nsector == 0) {
670 s->status = READY_STAT | SEEK_STAT;
671 ide_set_irq(s->bus);
672 goto eot;
673 }
674
675 /* launch next transfer */
676 n = s->nsector;
677 s->io_buffer_index = 0;
678 s->io_buffer_size = n * 512;
679 if (s->bus->dma->ops->prepare_buf(s->bus->dma, ide_cmd_is_read(s)) == 0) {
680 /* The PRDs were too short. Reset the Active bit, but don't raise an
681 * interrupt. */
682 s->status = READY_STAT | SEEK_STAT;
683 goto eot;
684 }
685
686 #ifdef DEBUG_AIO
687 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, cmd_cmd=%d\n",
688 sector_num, n, s->dma_cmd);
689 #endif
690
691 if (!ide_sect_range_ok(s, sector_num, n)) {
692 dma_buf_commit(s);
693 ide_dma_error(s);
694 return;
695 }
696
697 switch (s->dma_cmd) {
698 case IDE_DMA_READ:
699 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
700 ide_dma_cb, s);
701 break;
702 case IDE_DMA_WRITE:
703 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
704 ide_dma_cb, s);
705 break;
706 case IDE_DMA_TRIM:
707 s->bus->dma->aiocb = dma_bdrv_io(s->bs, &s->sg, sector_num,
708 ide_issue_trim, ide_dma_cb, s,
709 DMA_DIRECTION_TO_DEVICE);
710 break;
711 }
712 return;
713
714 eot:
715 if (s->dma_cmd == IDE_DMA_READ || s->dma_cmd == IDE_DMA_WRITE) {
716 bdrv_acct_done(s->bs, &s->acct);
717 }
718 ide_set_inactive(s);
719 if (stay_active) {
720 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_DMAING);
721 }
722 }
723
724 static void ide_sector_start_dma(IDEState *s, enum ide_dma_cmd dma_cmd)
725 {
726 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
727 s->io_buffer_index = 0;
728 s->io_buffer_size = 0;
729 s->dma_cmd = dma_cmd;
730
731 switch (dma_cmd) {
732 case IDE_DMA_READ:
733 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
734 BDRV_ACCT_READ);
735 break;
736 case IDE_DMA_WRITE:
737 bdrv_acct_start(s->bs, &s->acct, s->nsector * BDRV_SECTOR_SIZE,
738 BDRV_ACCT_WRITE);
739 break;
740 default:
741 break;
742 }
743
744 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb);
745 }
746
747 static void ide_sector_write_timer_cb(void *opaque)
748 {
749 IDEState *s = opaque;
750 ide_set_irq(s->bus);
751 }
752
753 static void ide_sector_write_cb(void *opaque, int ret)
754 {
755 IDEState *s = opaque;
756 int n;
757
758 bdrv_acct_done(s->bs, &s->acct);
759
760 s->pio_aiocb = NULL;
761 s->status &= ~BUSY_STAT;
762
763 if (ret != 0) {
764 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY)) {
765 return;
766 }
767 }
768
769 n = s->nsector;
770 if (n > s->req_nb_sectors) {
771 n = s->req_nb_sectors;
772 }
773 s->nsector -= n;
774 if (s->nsector == 0) {
775 /* no more sectors to write */
776 ide_transfer_stop(s);
777 } else {
778 int n1 = s->nsector;
779 if (n1 > s->req_nb_sectors) {
780 n1 = s->req_nb_sectors;
781 }
782 ide_transfer_start(s, s->io_buffer, n1 * BDRV_SECTOR_SIZE,
783 ide_sector_write);
784 }
785 ide_set_sector(s, ide_get_sector(s) + n);
786
787 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
788 /* It seems there is a bug in the Windows 2000 installer HDD
789 IDE driver which fills the disk with empty logs when the
790 IDE write IRQ comes too early. This hack tries to correct
791 that at the expense of slower write performances. Use this
792 option _only_ to install Windows 2000. You must disable it
793 for normal use. */
794 timer_mod(s->sector_write_timer,
795 qemu_clock_get_ns(QEMU_CLOCK_VIRTUAL) + (get_ticks_per_sec() / 1000));
796 } else {
797 ide_set_irq(s->bus);
798 }
799 }
800
801 void ide_sector_write(IDEState *s)
802 {
803 int64_t sector_num;
804 int n;
805
806 s->status = READY_STAT | SEEK_STAT | BUSY_STAT;
807 sector_num = ide_get_sector(s);
808 #if defined(DEBUG_IDE)
809 printf("sector=%" PRId64 "\n", sector_num);
810 #endif
811 n = s->nsector;
812 if (n > s->req_nb_sectors) {
813 n = s->req_nb_sectors;
814 }
815
816 if (!ide_sect_range_ok(s, sector_num, n)) {
817 ide_rw_error(s);
818 return;
819 }
820
821 s->iov.iov_base = s->io_buffer;
822 s->iov.iov_len = n * BDRV_SECTOR_SIZE;
823 qemu_iovec_init_external(&s->qiov, &s->iov, 1);
824
825 bdrv_acct_start(s->bs, &s->acct, n * BDRV_SECTOR_SIZE, BDRV_ACCT_READ);
826 s->pio_aiocb = bdrv_aio_writev(s->bs, sector_num, &s->qiov, n,
827 ide_sector_write_cb, s);
828 }
829
830 static void ide_flush_cb(void *opaque, int ret)
831 {
832 IDEState *s = opaque;
833
834 s->pio_aiocb = NULL;
835
836 if (ret < 0) {
837 /* XXX: What sector number to set here? */
838 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
839 return;
840 }
841 }
842
843 bdrv_acct_done(s->bs, &s->acct);
844 s->status = READY_STAT | SEEK_STAT;
845 ide_async_cmd_done(s);
846 ide_set_irq(s->bus);
847 }
848
849 void ide_flush_cache(IDEState *s)
850 {
851 if (s->bs == NULL) {
852 ide_flush_cb(s, 0);
853 return;
854 }
855
856 s->status |= BUSY_STAT;
857 bdrv_acct_start(s->bs, &s->acct, 0, BDRV_ACCT_FLUSH);
858 s->pio_aiocb = bdrv_aio_flush(s->bs, ide_flush_cb, s);
859 }
860
861 static void ide_cfata_metadata_inquiry(IDEState *s)
862 {
863 uint16_t *p;
864 uint32_t spd;
865
866 p = (uint16_t *) s->io_buffer;
867 memset(p, 0, 0x200);
868 spd = ((s->mdata_size - 1) >> 9) + 1;
869
870 put_le16(p + 0, 0x0001); /* Data format revision */
871 put_le16(p + 1, 0x0000); /* Media property: silicon */
872 put_le16(p + 2, s->media_changed); /* Media status */
873 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
874 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
875 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
876 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
877 }
878
879 static void ide_cfata_metadata_read(IDEState *s)
880 {
881 uint16_t *p;
882
883 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
884 s->status = ERR_STAT;
885 s->error = ABRT_ERR;
886 return;
887 }
888
889 p = (uint16_t *) s->io_buffer;
890 memset(p, 0, 0x200);
891
892 put_le16(p + 0, s->media_changed); /* Media status */
893 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
894 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
895 s->nsector << 9), 0x200 - 2));
896 }
897
898 static void ide_cfata_metadata_write(IDEState *s)
899 {
900 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
901 s->status = ERR_STAT;
902 s->error = ABRT_ERR;
903 return;
904 }
905
906 s->media_changed = 0;
907
908 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
909 s->io_buffer + 2,
910 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
911 s->nsector << 9), 0x200 - 2));
912 }
913
914 /* called when the inserted state of the media has changed */
915 static void ide_cd_change_cb(void *opaque, bool load)
916 {
917 IDEState *s = opaque;
918 uint64_t nb_sectors;
919
920 s->tray_open = !load;
921 bdrv_get_geometry(s->bs, &nb_sectors);
922 s->nb_sectors = nb_sectors;
923
924 /*
925 * First indicate to the guest that a CD has been removed. That's
926 * done on the next command the guest sends us.
927 *
928 * Then we set UNIT_ATTENTION, by which the guest will
929 * detect a new CD in the drive. See ide_atapi_cmd() for details.
930 */
931 s->cdrom_changed = 1;
932 s->events.new_media = true;
933 s->events.eject_request = false;
934 ide_set_irq(s->bus);
935 }
936
937 static void ide_cd_eject_request_cb(void *opaque, bool force)
938 {
939 IDEState *s = opaque;
940
941 s->events.eject_request = true;
942 if (force) {
943 s->tray_locked = false;
944 }
945 ide_set_irq(s->bus);
946 }
947
948 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
949 {
950 s->lba48 = lba48;
951
952 /* handle the 'magic' 0 nsector count conversion here. to avoid
953 * fiddling with the rest of the read logic, we just store the
954 * full sector count in ->nsector and ignore ->hob_nsector from now
955 */
956 if (!s->lba48) {
957 if (!s->nsector)
958 s->nsector = 256;
959 } else {
960 if (!s->nsector && !s->hob_nsector)
961 s->nsector = 65536;
962 else {
963 int lo = s->nsector;
964 int hi = s->hob_nsector;
965
966 s->nsector = (hi << 8) | lo;
967 }
968 }
969 }
970
971 static void ide_clear_hob(IDEBus *bus)
972 {
973 /* any write clears HOB high bit of device control register */
974 bus->ifs[0].select &= ~(1 << 7);
975 bus->ifs[1].select &= ~(1 << 7);
976 }
977
978 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
979 {
980 IDEBus *bus = opaque;
981
982 #ifdef DEBUG_IDE
983 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
984 #endif
985
986 addr &= 7;
987
988 /* ignore writes to command block while busy with previous command */
989 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
990 return;
991
992 switch(addr) {
993 case 0:
994 break;
995 case 1:
996 ide_clear_hob(bus);
997 /* NOTE: data is written to the two drives */
998 bus->ifs[0].hob_feature = bus->ifs[0].feature;
999 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1000 bus->ifs[0].feature = val;
1001 bus->ifs[1].feature = val;
1002 break;
1003 case 2:
1004 ide_clear_hob(bus);
1005 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1006 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1007 bus->ifs[0].nsector = val;
1008 bus->ifs[1].nsector = val;
1009 break;
1010 case 3:
1011 ide_clear_hob(bus);
1012 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1013 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1014 bus->ifs[0].sector = val;
1015 bus->ifs[1].sector = val;
1016 break;
1017 case 4:
1018 ide_clear_hob(bus);
1019 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1020 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1021 bus->ifs[0].lcyl = val;
1022 bus->ifs[1].lcyl = val;
1023 break;
1024 case 5:
1025 ide_clear_hob(bus);
1026 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1027 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1028 bus->ifs[0].hcyl = val;
1029 bus->ifs[1].hcyl = val;
1030 break;
1031 case 6:
1032 /* FIXME: HOB readback uses bit 7 */
1033 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1034 bus->ifs[1].select = (val | 0x10) | 0xa0;
1035 /* select drive */
1036 bus->unit = (val >> 4) & 1;
1037 break;
1038 default:
1039 case 7:
1040 /* command */
1041 ide_exec_cmd(bus, val);
1042 break;
1043 }
1044 }
1045
1046 static bool cmd_nop(IDEState *s, uint8_t cmd)
1047 {
1048 return true;
1049 }
1050
1051 static bool cmd_data_set_management(IDEState *s, uint8_t cmd)
1052 {
1053 switch (s->feature) {
1054 case DSM_TRIM:
1055 if (s->bs) {
1056 ide_sector_start_dma(s, IDE_DMA_TRIM);
1057 return false;
1058 }
1059 break;
1060 }
1061
1062 ide_abort_command(s);
1063 return true;
1064 }
1065
1066 static bool cmd_identify(IDEState *s, uint8_t cmd)
1067 {
1068 if (s->bs && s->drive_kind != IDE_CD) {
1069 if (s->drive_kind != IDE_CFATA) {
1070 ide_identify(s);
1071 } else {
1072 ide_cfata_identify(s);
1073 }
1074 s->status = READY_STAT | SEEK_STAT;
1075 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1076 ide_set_irq(s->bus);
1077 return false;
1078 } else {
1079 if (s->drive_kind == IDE_CD) {
1080 ide_set_signature(s);
1081 }
1082 ide_abort_command(s);
1083 }
1084
1085 return true;
1086 }
1087
1088 static bool cmd_verify(IDEState *s, uint8_t cmd)
1089 {
1090 bool lba48 = (cmd == WIN_VERIFY_EXT);
1091
1092 /* do sector number check ? */
1093 ide_cmd_lba48_transform(s, lba48);
1094
1095 return true;
1096 }
1097
1098 static bool cmd_set_multiple_mode(IDEState *s, uint8_t cmd)
1099 {
1100 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1101 /* Disable Read and Write Multiple */
1102 s->mult_sectors = 0;
1103 } else if ((s->nsector & 0xff) != 0 &&
1104 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1105 (s->nsector & (s->nsector - 1)) != 0)) {
1106 ide_abort_command(s);
1107 } else {
1108 s->mult_sectors = s->nsector & 0xff;
1109 }
1110
1111 return true;
1112 }
1113
1114 static bool cmd_read_multiple(IDEState *s, uint8_t cmd)
1115 {
1116 bool lba48 = (cmd == WIN_MULTREAD_EXT);
1117
1118 if (!s->bs || !s->mult_sectors) {
1119 ide_abort_command(s);
1120 return true;
1121 }
1122
1123 ide_cmd_lba48_transform(s, lba48);
1124 s->req_nb_sectors = s->mult_sectors;
1125 ide_sector_read(s);
1126 return false;
1127 }
1128
1129 static bool cmd_write_multiple(IDEState *s, uint8_t cmd)
1130 {
1131 bool lba48 = (cmd == WIN_MULTWRITE_EXT);
1132 int n;
1133
1134 if (!s->bs || !s->mult_sectors) {
1135 ide_abort_command(s);
1136 return true;
1137 }
1138
1139 ide_cmd_lba48_transform(s, lba48);
1140
1141 s->req_nb_sectors = s->mult_sectors;
1142 n = MIN(s->nsector, s->req_nb_sectors);
1143
1144 s->status = SEEK_STAT | READY_STAT;
1145 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1146
1147 s->media_changed = 1;
1148
1149 return false;
1150 }
1151
1152 static bool cmd_read_pio(IDEState *s, uint8_t cmd)
1153 {
1154 bool lba48 = (cmd == WIN_READ_EXT);
1155
1156 if (s->drive_kind == IDE_CD) {
1157 ide_set_signature(s); /* odd, but ATA4 8.27.5.2 requires it */
1158 ide_abort_command(s);
1159 return true;
1160 }
1161
1162 if (!s->bs) {
1163 ide_abort_command(s);
1164 return true;
1165 }
1166
1167 ide_cmd_lba48_transform(s, lba48);
1168 s->req_nb_sectors = 1;
1169 ide_sector_read(s);
1170
1171 return false;
1172 }
1173
1174 static bool cmd_write_pio(IDEState *s, uint8_t cmd)
1175 {
1176 bool lba48 = (cmd == WIN_WRITE_EXT);
1177
1178 if (!s->bs) {
1179 ide_abort_command(s);
1180 return true;
1181 }
1182
1183 ide_cmd_lba48_transform(s, lba48);
1184
1185 s->req_nb_sectors = 1;
1186 s->status = SEEK_STAT | READY_STAT;
1187 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1188
1189 s->media_changed = 1;
1190
1191 return false;
1192 }
1193
1194 static bool cmd_read_dma(IDEState *s, uint8_t cmd)
1195 {
1196 bool lba48 = (cmd == WIN_READDMA_EXT);
1197
1198 if (!s->bs) {
1199 ide_abort_command(s);
1200 return true;
1201 }
1202
1203 ide_cmd_lba48_transform(s, lba48);
1204 ide_sector_start_dma(s, IDE_DMA_READ);
1205
1206 return false;
1207 }
1208
1209 static bool cmd_write_dma(IDEState *s, uint8_t cmd)
1210 {
1211 bool lba48 = (cmd == WIN_WRITEDMA_EXT);
1212
1213 if (!s->bs) {
1214 ide_abort_command(s);
1215 return true;
1216 }
1217
1218 ide_cmd_lba48_transform(s, lba48);
1219 ide_sector_start_dma(s, IDE_DMA_WRITE);
1220
1221 s->media_changed = 1;
1222
1223 return false;
1224 }
1225
1226 static bool cmd_flush_cache(IDEState *s, uint8_t cmd)
1227 {
1228 ide_flush_cache(s);
1229 return false;
1230 }
1231
1232 static bool cmd_seek(IDEState *s, uint8_t cmd)
1233 {
1234 /* XXX: Check that seek is within bounds */
1235 return true;
1236 }
1237
1238 static bool cmd_read_native_max(IDEState *s, uint8_t cmd)
1239 {
1240 bool lba48 = (cmd == WIN_READ_NATIVE_MAX_EXT);
1241
1242 /* Refuse if no sectors are addressable (e.g. medium not inserted) */
1243 if (s->nb_sectors == 0) {
1244 ide_abort_command(s);
1245 return true;
1246 }
1247
1248 ide_cmd_lba48_transform(s, lba48);
1249 ide_set_sector(s, s->nb_sectors - 1);
1250
1251 return true;
1252 }
1253
1254 static bool cmd_check_power_mode(IDEState *s, uint8_t cmd)
1255 {
1256 s->nsector = 0xff; /* device active or idle */
1257 return true;
1258 }
1259
1260 static bool cmd_set_features(IDEState *s, uint8_t cmd)
1261 {
1262 uint16_t *identify_data;
1263
1264 if (!s->bs) {
1265 ide_abort_command(s);
1266 return true;
1267 }
1268
1269 /* XXX: valid for CDROM ? */
1270 switch (s->feature) {
1271 case 0x02: /* write cache enable */
1272 bdrv_set_enable_write_cache(s->bs, true);
1273 identify_data = (uint16_t *)s->identify_data;
1274 put_le16(identify_data + 85, (1 << 14) | (1 << 5) | 1);
1275 return true;
1276 case 0x82: /* write cache disable */
1277 bdrv_set_enable_write_cache(s->bs, false);
1278 identify_data = (uint16_t *)s->identify_data;
1279 put_le16(identify_data + 85, (1 << 14) | 1);
1280 ide_flush_cache(s);
1281 return false;
1282 case 0xcc: /* reverting to power-on defaults enable */
1283 case 0x66: /* reverting to power-on defaults disable */
1284 case 0xaa: /* read look-ahead enable */
1285 case 0x55: /* read look-ahead disable */
1286 case 0x05: /* set advanced power management mode */
1287 case 0x85: /* disable advanced power management mode */
1288 case 0x69: /* NOP */
1289 case 0x67: /* NOP */
1290 case 0x96: /* NOP */
1291 case 0x9a: /* NOP */
1292 case 0x42: /* enable Automatic Acoustic Mode */
1293 case 0xc2: /* disable Automatic Acoustic Mode */
1294 return true;
1295 case 0x03: /* set transfer mode */
1296 {
1297 uint8_t val = s->nsector & 0x07;
1298 identify_data = (uint16_t *)s->identify_data;
1299
1300 switch (s->nsector >> 3) {
1301 case 0x00: /* pio default */
1302 case 0x01: /* pio mode */
1303 put_le16(identify_data + 62, 0x07);
1304 put_le16(identify_data + 63, 0x07);
1305 put_le16(identify_data + 88, 0x3f);
1306 break;
1307 case 0x02: /* sigle word dma mode*/
1308 put_le16(identify_data + 62, 0x07 | (1 << (val + 8)));
1309 put_le16(identify_data + 63, 0x07);
1310 put_le16(identify_data + 88, 0x3f);
1311 break;
1312 case 0x04: /* mdma mode */
1313 put_le16(identify_data + 62, 0x07);
1314 put_le16(identify_data + 63, 0x07 | (1 << (val + 8)));
1315 put_le16(identify_data + 88, 0x3f);
1316 break;
1317 case 0x08: /* udma mode */
1318 put_le16(identify_data + 62, 0x07);
1319 put_le16(identify_data + 63, 0x07);
1320 put_le16(identify_data + 88, 0x3f | (1 << (val + 8)));
1321 break;
1322 default:
1323 goto abort_cmd;
1324 }
1325 return true;
1326 }
1327 }
1328
1329 abort_cmd:
1330 ide_abort_command(s);
1331 return true;
1332 }
1333
1334
1335 /*** ATAPI commands ***/
1336
1337 static bool cmd_identify_packet(IDEState *s, uint8_t cmd)
1338 {
1339 ide_atapi_identify(s);
1340 s->status = READY_STAT | SEEK_STAT;
1341 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1342 ide_set_irq(s->bus);
1343 return false;
1344 }
1345
1346 static bool cmd_exec_dev_diagnostic(IDEState *s, uint8_t cmd)
1347 {
1348 ide_set_signature(s);
1349
1350 if (s->drive_kind == IDE_CD) {
1351 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
1352 * devices to return a clear status register
1353 * with READY_STAT *not* set. */
1354 s->error = 0x01;
1355 } else {
1356 s->status = READY_STAT | SEEK_STAT;
1357 /* The bits of the error register are not as usual for this command!
1358 * They are part of the regular output (this is why ERR_STAT isn't set)
1359 * Device 0 passed, Device 1 passed or not present. */
1360 s->error = 0x01;
1361 ide_set_irq(s->bus);
1362 }
1363
1364 return false;
1365 }
1366
1367 static bool cmd_device_reset(IDEState *s, uint8_t cmd)
1368 {
1369 ide_set_signature(s);
1370 s->status = 0x00; /* NOTE: READY is _not_ set */
1371 s->error = 0x01;
1372
1373 return false;
1374 }
1375
1376 static bool cmd_packet(IDEState *s, uint8_t cmd)
1377 {
1378 /* overlapping commands not supported */
1379 if (s->feature & 0x02) {
1380 ide_abort_command(s);
1381 return true;
1382 }
1383
1384 s->status = READY_STAT | SEEK_STAT;
1385 s->atapi_dma = s->feature & 1;
1386 s->nsector = 1;
1387 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
1388 ide_atapi_cmd);
1389 return false;
1390 }
1391
1392
1393 /*** CF-ATA commands ***/
1394
1395 static bool cmd_cfa_req_ext_error_code(IDEState *s, uint8_t cmd)
1396 {
1397 s->error = 0x09; /* miscellaneous error */
1398 s->status = READY_STAT | SEEK_STAT;
1399 ide_set_irq(s->bus);
1400
1401 return false;
1402 }
1403
1404 static bool cmd_cfa_erase_sectors(IDEState *s, uint8_t cmd)
1405 {
1406 /* WIN_SECURITY_FREEZE_LOCK has the same ID as CFA_WEAR_LEVEL and is
1407 * required for Windows 8 to work with AHCI */
1408
1409 if (cmd == CFA_WEAR_LEVEL) {
1410 s->nsector = 0;
1411 }
1412
1413 if (cmd == CFA_ERASE_SECTORS) {
1414 s->media_changed = 1;
1415 }
1416
1417 return true;
1418 }
1419
1420 static bool cmd_cfa_translate_sector(IDEState *s, uint8_t cmd)
1421 {
1422 s->status = READY_STAT | SEEK_STAT;
1423
1424 memset(s->io_buffer, 0, 0x200);
1425 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
1426 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
1427 s->io_buffer[0x02] = s->select; /* Head */
1428 s->io_buffer[0x03] = s->sector; /* Sector */
1429 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
1430 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
1431 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
1432 s->io_buffer[0x13] = 0x00; /* Erase flag */
1433 s->io_buffer[0x18] = 0x00; /* Hot count */
1434 s->io_buffer[0x19] = 0x00; /* Hot count */
1435 s->io_buffer[0x1a] = 0x01; /* Hot count */
1436
1437 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1438 ide_set_irq(s->bus);
1439
1440 return false;
1441 }
1442
1443 static bool cmd_cfa_access_metadata_storage(IDEState *s, uint8_t cmd)
1444 {
1445 switch (s->feature) {
1446 case 0x02: /* Inquiry Metadata Storage */
1447 ide_cfata_metadata_inquiry(s);
1448 break;
1449 case 0x03: /* Read Metadata Storage */
1450 ide_cfata_metadata_read(s);
1451 break;
1452 case 0x04: /* Write Metadata Storage */
1453 ide_cfata_metadata_write(s);
1454 break;
1455 default:
1456 ide_abort_command(s);
1457 return true;
1458 }
1459
1460 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1461 s->status = 0x00; /* NOTE: READY is _not_ set */
1462 ide_set_irq(s->bus);
1463
1464 return false;
1465 }
1466
1467 static bool cmd_ibm_sense_condition(IDEState *s, uint8_t cmd)
1468 {
1469 switch (s->feature) {
1470 case 0x01: /* sense temperature in device */
1471 s->nsector = 0x50; /* +20 C */
1472 break;
1473 default:
1474 ide_abort_command(s);
1475 return true;
1476 }
1477
1478 return true;
1479 }
1480
1481
1482 /*** SMART commands ***/
1483
1484 static bool cmd_smart(IDEState *s, uint8_t cmd)
1485 {
1486 int n;
1487
1488 if (s->hcyl != 0xc2 || s->lcyl != 0x4f) {
1489 goto abort_cmd;
1490 }
1491
1492 if (!s->smart_enabled && s->feature != SMART_ENABLE) {
1493 goto abort_cmd;
1494 }
1495
1496 switch (s->feature) {
1497 case SMART_DISABLE:
1498 s->smart_enabled = 0;
1499 return true;
1500
1501 case SMART_ENABLE:
1502 s->smart_enabled = 1;
1503 return true;
1504
1505 case SMART_ATTR_AUTOSAVE:
1506 switch (s->sector) {
1507 case 0x00:
1508 s->smart_autosave = 0;
1509 break;
1510 case 0xf1:
1511 s->smart_autosave = 1;
1512 break;
1513 default:
1514 goto abort_cmd;
1515 }
1516 return true;
1517
1518 case SMART_STATUS:
1519 if (!s->smart_errors) {
1520 s->hcyl = 0xc2;
1521 s->lcyl = 0x4f;
1522 } else {
1523 s->hcyl = 0x2c;
1524 s->lcyl = 0xf4;
1525 }
1526 return true;
1527
1528 case SMART_READ_THRESH:
1529 memset(s->io_buffer, 0, 0x200);
1530 s->io_buffer[0] = 0x01; /* smart struct version */
1531
1532 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1533 s->io_buffer[2 + 0 + (n * 12)] = smart_attributes[n][0];
1534 s->io_buffer[2 + 1 + (n * 12)] = smart_attributes[n][11];
1535 }
1536
1537 /* checksum */
1538 for (n = 0; n < 511; n++) {
1539 s->io_buffer[511] += s->io_buffer[n];
1540 }
1541 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1542
1543 s->status = READY_STAT | SEEK_STAT;
1544 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1545 ide_set_irq(s->bus);
1546 return false;
1547
1548 case SMART_READ_DATA:
1549 memset(s->io_buffer, 0, 0x200);
1550 s->io_buffer[0] = 0x01; /* smart struct version */
1551
1552 for (n = 0; n < ARRAY_SIZE(smart_attributes); n++) {
1553 int i;
1554 for (i = 0; i < 11; i++) {
1555 s->io_buffer[2 + i + (n * 12)] = smart_attributes[n][i];
1556 }
1557 }
1558
1559 s->io_buffer[362] = 0x02 | (s->smart_autosave ? 0x80 : 0x00);
1560 if (s->smart_selftest_count == 0) {
1561 s->io_buffer[363] = 0;
1562 } else {
1563 s->io_buffer[363] =
1564 s->smart_selftest_data[3 +
1565 (s->smart_selftest_count - 1) *
1566 24];
1567 }
1568 s->io_buffer[364] = 0x20;
1569 s->io_buffer[365] = 0x01;
1570 /* offline data collection capacity: execute + self-test*/
1571 s->io_buffer[367] = (1 << 4 | 1 << 3 | 1);
1572 s->io_buffer[368] = 0x03; /* smart capability (1) */
1573 s->io_buffer[369] = 0x00; /* smart capability (2) */
1574 s->io_buffer[370] = 0x01; /* error logging supported */
1575 s->io_buffer[372] = 0x02; /* minutes for poll short test */
1576 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
1577 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
1578
1579 for (n = 0; n < 511; n++) {
1580 s->io_buffer[511] += s->io_buffer[n];
1581 }
1582 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1583
1584 s->status = READY_STAT | SEEK_STAT;
1585 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1586 ide_set_irq(s->bus);
1587 return false;
1588
1589 case SMART_READ_LOG:
1590 switch (s->sector) {
1591 case 0x01: /* summary smart error log */
1592 memset(s->io_buffer, 0, 0x200);
1593 s->io_buffer[0] = 0x01;
1594 s->io_buffer[1] = 0x00; /* no error entries */
1595 s->io_buffer[452] = s->smart_errors & 0xff;
1596 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
1597
1598 for (n = 0; n < 511; n++) {
1599 s->io_buffer[511] += s->io_buffer[n];
1600 }
1601 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1602 break;
1603 case 0x06: /* smart self test log */
1604 memset(s->io_buffer, 0, 0x200);
1605 s->io_buffer[0] = 0x01;
1606 if (s->smart_selftest_count == 0) {
1607 s->io_buffer[508] = 0;
1608 } else {
1609 s->io_buffer[508] = s->smart_selftest_count;
1610 for (n = 2; n < 506; n++) {
1611 s->io_buffer[n] = s->smart_selftest_data[n];
1612 }
1613 }
1614
1615 for (n = 0; n < 511; n++) {
1616 s->io_buffer[511] += s->io_buffer[n];
1617 }
1618 s->io_buffer[511] = 0x100 - s->io_buffer[511];
1619 break;
1620 default:
1621 goto abort_cmd;
1622 }
1623 s->status = READY_STAT | SEEK_STAT;
1624 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
1625 ide_set_irq(s->bus);
1626 return false;
1627
1628 case SMART_EXECUTE_OFFLINE:
1629 switch (s->sector) {
1630 case 0: /* off-line routine */
1631 case 1: /* short self test */
1632 case 2: /* extended self test */
1633 s->smart_selftest_count++;
1634 if (s->smart_selftest_count > 21) {
1635 s->smart_selftest_count = 1;
1636 }
1637 n = 2 + (s->smart_selftest_count - 1) * 24;
1638 s->smart_selftest_data[n] = s->sector;
1639 s->smart_selftest_data[n + 1] = 0x00; /* OK and finished */
1640 s->smart_selftest_data[n + 2] = 0x34; /* hour count lsb */
1641 s->smart_selftest_data[n + 3] = 0x12; /* hour count msb */
1642 break;
1643 default:
1644 goto abort_cmd;
1645 }
1646 return true;
1647 }
1648
1649 abort_cmd:
1650 ide_abort_command(s);
1651 return true;
1652 }
1653
1654 #define HD_OK (1u << IDE_HD)
1655 #define CD_OK (1u << IDE_CD)
1656 #define CFA_OK (1u << IDE_CFATA)
1657 #define HD_CFA_OK (HD_OK | CFA_OK)
1658 #define ALL_OK (HD_OK | CD_OK | CFA_OK)
1659
1660 /* Set the Disk Seek Completed status bit during completion */
1661 #define SET_DSC (1u << 8)
1662
1663 /* See ACS-2 T13/2015-D Table B.2 Command codes */
1664 static const struct {
1665 /* Returns true if the completion code should be run */
1666 bool (*handler)(IDEState *s, uint8_t cmd);
1667 int flags;
1668 } ide_cmd_table[0x100] = {
1669 /* NOP not implemented, mandatory for CD */
1670 [CFA_REQ_EXT_ERROR_CODE] = { cmd_cfa_req_ext_error_code, CFA_OK },
1671 [WIN_DSM] = { cmd_data_set_management, ALL_OK },
1672 [WIN_DEVICE_RESET] = { cmd_device_reset, CD_OK },
1673 [WIN_RECAL] = { cmd_nop, HD_CFA_OK | SET_DSC},
1674 [WIN_READ] = { cmd_read_pio, ALL_OK },
1675 [WIN_READ_ONCE] = { cmd_read_pio, ALL_OK },
1676 [WIN_READ_EXT] = { cmd_read_pio, HD_CFA_OK },
1677 [WIN_READDMA_EXT] = { cmd_read_dma, HD_CFA_OK },
1678 [WIN_READ_NATIVE_MAX_EXT] = { cmd_read_native_max, HD_CFA_OK | SET_DSC },
1679 [WIN_MULTREAD_EXT] = { cmd_read_multiple, HD_CFA_OK },
1680 [WIN_WRITE] = { cmd_write_pio, HD_CFA_OK },
1681 [WIN_WRITE_ONCE] = { cmd_write_pio, HD_CFA_OK },
1682 [WIN_WRITE_EXT] = { cmd_write_pio, HD_CFA_OK },
1683 [WIN_WRITEDMA_EXT] = { cmd_write_dma, HD_CFA_OK },
1684 [CFA_WRITE_SECT_WO_ERASE] = { cmd_write_pio, CFA_OK },
1685 [WIN_MULTWRITE_EXT] = { cmd_write_multiple, HD_CFA_OK },
1686 [WIN_WRITE_VERIFY] = { cmd_write_pio, HD_CFA_OK },
1687 [WIN_VERIFY] = { cmd_verify, HD_CFA_OK | SET_DSC },
1688 [WIN_VERIFY_ONCE] = { cmd_verify, HD_CFA_OK | SET_DSC },
1689 [WIN_VERIFY_EXT] = { cmd_verify, HD_CFA_OK | SET_DSC },
1690 [WIN_SEEK] = { cmd_seek, HD_CFA_OK | SET_DSC },
1691 [CFA_TRANSLATE_SECTOR] = { cmd_cfa_translate_sector, CFA_OK },
1692 [WIN_DIAGNOSE] = { cmd_exec_dev_diagnostic, ALL_OK },
1693 [WIN_SPECIFY] = { cmd_nop, HD_CFA_OK | SET_DSC },
1694 [WIN_STANDBYNOW2] = { cmd_nop, ALL_OK },
1695 [WIN_IDLEIMMEDIATE2] = { cmd_nop, ALL_OK },
1696 [WIN_STANDBY2] = { cmd_nop, ALL_OK },
1697 [WIN_SETIDLE2] = { cmd_nop, ALL_OK },
1698 [WIN_CHECKPOWERMODE2] = { cmd_check_power_mode, ALL_OK | SET_DSC },
1699 [WIN_SLEEPNOW2] = { cmd_nop, ALL_OK },
1700 [WIN_PACKETCMD] = { cmd_packet, CD_OK },
1701 [WIN_PIDENTIFY] = { cmd_identify_packet, CD_OK },
1702 [WIN_SMART] = { cmd_smart, HD_CFA_OK | SET_DSC },
1703 [CFA_ACCESS_METADATA_STORAGE] = { cmd_cfa_access_metadata_storage, CFA_OK },
1704 [CFA_ERASE_SECTORS] = { cmd_cfa_erase_sectors, CFA_OK | SET_DSC },
1705 [WIN_MULTREAD] = { cmd_read_multiple, HD_CFA_OK },
1706 [WIN_MULTWRITE] = { cmd_write_multiple, HD_CFA_OK },
1707 [WIN_SETMULT] = { cmd_set_multiple_mode, HD_CFA_OK | SET_DSC },
1708 [WIN_READDMA] = { cmd_read_dma, HD_CFA_OK },
1709 [WIN_READDMA_ONCE] = { cmd_read_dma, HD_CFA_OK },
1710 [WIN_WRITEDMA] = { cmd_write_dma, HD_CFA_OK },
1711 [WIN_WRITEDMA_ONCE] = { cmd_write_dma, HD_CFA_OK },
1712 [CFA_WRITE_MULTI_WO_ERASE] = { cmd_write_multiple, CFA_OK },
1713 [WIN_STANDBYNOW1] = { cmd_nop, ALL_OK },
1714 [WIN_IDLEIMMEDIATE] = { cmd_nop, ALL_OK },
1715 [WIN_STANDBY] = { cmd_nop, ALL_OK },
1716 [WIN_SETIDLE1] = { cmd_nop, ALL_OK },
1717 [WIN_CHECKPOWERMODE1] = { cmd_check_power_mode, ALL_OK | SET_DSC },
1718 [WIN_SLEEPNOW1] = { cmd_nop, ALL_OK },
1719 [WIN_FLUSH_CACHE] = { cmd_flush_cache, ALL_OK },
1720 [WIN_FLUSH_CACHE_EXT] = { cmd_flush_cache, HD_CFA_OK },
1721 [WIN_IDENTIFY] = { cmd_identify, ALL_OK },
1722 [WIN_SETFEATURES] = { cmd_set_features, ALL_OK | SET_DSC },
1723 [IBM_SENSE_CONDITION] = { cmd_ibm_sense_condition, CFA_OK | SET_DSC },
1724 [CFA_WEAR_LEVEL] = { cmd_cfa_erase_sectors, HD_CFA_OK | SET_DSC },
1725 [WIN_READ_NATIVE_MAX] = { cmd_read_native_max, ALL_OK | SET_DSC },
1726 };
1727
1728 static bool ide_cmd_permitted(IDEState *s, uint32_t cmd)
1729 {
1730 return cmd < ARRAY_SIZE(ide_cmd_table)
1731 && (ide_cmd_table[cmd].flags & (1u << s->drive_kind));
1732 }
1733
1734 void ide_exec_cmd(IDEBus *bus, uint32_t val)
1735 {
1736 IDEState *s;
1737 bool complete;
1738
1739 #if defined(DEBUG_IDE)
1740 printf("ide: CMD=%02x\n", val);
1741 #endif
1742 s = idebus_active_if(bus);
1743 /* ignore commands to non existent slave */
1744 if (s != bus->ifs && !s->bs)
1745 return;
1746
1747 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1748 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1749 return;
1750
1751 if (!ide_cmd_permitted(s, val)) {
1752 ide_abort_command(s);
1753 ide_set_irq(s->bus);
1754 return;
1755 }
1756
1757 s->status = READY_STAT | BUSY_STAT;
1758 s->error = 0;
1759
1760 complete = ide_cmd_table[val].handler(s, val);
1761 if (complete) {
1762 s->status &= ~BUSY_STAT;
1763 assert(!!s->error == !!(s->status & ERR_STAT));
1764
1765 if ((ide_cmd_table[val].flags & SET_DSC) && !s->error) {
1766 s->status |= SEEK_STAT;
1767 }
1768
1769 ide_set_irq(s->bus);
1770 }
1771 }
1772
1773 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
1774 {
1775 IDEBus *bus = opaque;
1776 IDEState *s = idebus_active_if(bus);
1777 uint32_t addr;
1778 int ret, hob;
1779
1780 addr = addr1 & 7;
1781 /* FIXME: HOB readback uses bit 7, but it's always set right now */
1782 //hob = s->select & (1 << 7);
1783 hob = 0;
1784 switch(addr) {
1785 case 0:
1786 ret = 0xff;
1787 break;
1788 case 1:
1789 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1790 (s != bus->ifs && !s->bs))
1791 ret = 0;
1792 else if (!hob)
1793 ret = s->error;
1794 else
1795 ret = s->hob_feature;
1796 break;
1797 case 2:
1798 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1799 ret = 0;
1800 else if (!hob)
1801 ret = s->nsector & 0xff;
1802 else
1803 ret = s->hob_nsector;
1804 break;
1805 case 3:
1806 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1807 ret = 0;
1808 else if (!hob)
1809 ret = s->sector;
1810 else
1811 ret = s->hob_sector;
1812 break;
1813 case 4:
1814 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1815 ret = 0;
1816 else if (!hob)
1817 ret = s->lcyl;
1818 else
1819 ret = s->hob_lcyl;
1820 break;
1821 case 5:
1822 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1823 ret = 0;
1824 else if (!hob)
1825 ret = s->hcyl;
1826 else
1827 ret = s->hob_hcyl;
1828 break;
1829 case 6:
1830 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
1831 ret = 0;
1832 else
1833 ret = s->select;
1834 break;
1835 default:
1836 case 7:
1837 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1838 (s != bus->ifs && !s->bs))
1839 ret = 0;
1840 else
1841 ret = s->status;
1842 qemu_irq_lower(bus->irq);
1843 break;
1844 }
1845 #ifdef DEBUG_IDE
1846 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
1847 #endif
1848 return ret;
1849 }
1850
1851 uint32_t ide_status_read(void *opaque, uint32_t addr)
1852 {
1853 IDEBus *bus = opaque;
1854 IDEState *s = idebus_active_if(bus);
1855 int ret;
1856
1857 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
1858 (s != bus->ifs && !s->bs))
1859 ret = 0;
1860 else
1861 ret = s->status;
1862 #ifdef DEBUG_IDE
1863 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
1864 #endif
1865 return ret;
1866 }
1867
1868 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
1869 {
1870 IDEBus *bus = opaque;
1871 IDEState *s;
1872 int i;
1873
1874 #ifdef DEBUG_IDE
1875 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
1876 #endif
1877 /* common for both drives */
1878 if (!(bus->cmd & IDE_CMD_RESET) &&
1879 (val & IDE_CMD_RESET)) {
1880 /* reset low to high */
1881 for(i = 0;i < 2; i++) {
1882 s = &bus->ifs[i];
1883 s->status = BUSY_STAT | SEEK_STAT;
1884 s->error = 0x01;
1885 }
1886 } else if ((bus->cmd & IDE_CMD_RESET) &&
1887 !(val & IDE_CMD_RESET)) {
1888 /* high to low */
1889 for(i = 0;i < 2; i++) {
1890 s = &bus->ifs[i];
1891 if (s->drive_kind == IDE_CD)
1892 s->status = 0x00; /* NOTE: READY is _not_ set */
1893 else
1894 s->status = READY_STAT | SEEK_STAT;
1895 ide_set_signature(s);
1896 }
1897 }
1898
1899 bus->cmd = val;
1900 }
1901
1902 /*
1903 * Returns true if the running PIO transfer is a PIO out (i.e. data is
1904 * transferred from the device to the guest), false if it's a PIO in
1905 */
1906 static bool ide_is_pio_out(IDEState *s)
1907 {
1908 if (s->end_transfer_func == ide_sector_write ||
1909 s->end_transfer_func == ide_atapi_cmd) {
1910 return false;
1911 } else if (s->end_transfer_func == ide_sector_read ||
1912 s->end_transfer_func == ide_transfer_stop ||
1913 s->end_transfer_func == ide_atapi_cmd_reply_end ||
1914 s->end_transfer_func == ide_dummy_transfer_stop) {
1915 return true;
1916 }
1917
1918 abort();
1919 }
1920
1921 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
1922 {
1923 IDEBus *bus = opaque;
1924 IDEState *s = idebus_active_if(bus);
1925 uint8_t *p;
1926
1927 /* PIO data access allowed only when DRQ bit is set. The result of a write
1928 * during PIO out is indeterminate, just ignore it. */
1929 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
1930 return;
1931 }
1932
1933 p = s->data_ptr;
1934 *(uint16_t *)p = le16_to_cpu(val);
1935 p += 2;
1936 s->data_ptr = p;
1937 if (p >= s->data_end)
1938 s->end_transfer_func(s);
1939 }
1940
1941 uint32_t ide_data_readw(void *opaque, uint32_t addr)
1942 {
1943 IDEBus *bus = opaque;
1944 IDEState *s = idebus_active_if(bus);
1945 uint8_t *p;
1946 int ret;
1947
1948 /* PIO data access allowed only when DRQ bit is set. The result of a read
1949 * during PIO in is indeterminate, return 0 and don't move forward. */
1950 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1951 return 0;
1952 }
1953
1954 p = s->data_ptr;
1955 ret = cpu_to_le16(*(uint16_t *)p);
1956 p += 2;
1957 s->data_ptr = p;
1958 if (p >= s->data_end)
1959 s->end_transfer_func(s);
1960 return ret;
1961 }
1962
1963 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
1964 {
1965 IDEBus *bus = opaque;
1966 IDEState *s = idebus_active_if(bus);
1967 uint8_t *p;
1968
1969 /* PIO data access allowed only when DRQ bit is set. The result of a write
1970 * during PIO out is indeterminate, just ignore it. */
1971 if (!(s->status & DRQ_STAT) || ide_is_pio_out(s)) {
1972 return;
1973 }
1974
1975 p = s->data_ptr;
1976 *(uint32_t *)p = le32_to_cpu(val);
1977 p += 4;
1978 s->data_ptr = p;
1979 if (p >= s->data_end)
1980 s->end_transfer_func(s);
1981 }
1982
1983 uint32_t ide_data_readl(void *opaque, uint32_t addr)
1984 {
1985 IDEBus *bus = opaque;
1986 IDEState *s = idebus_active_if(bus);
1987 uint8_t *p;
1988 int ret;
1989
1990 /* PIO data access allowed only when DRQ bit is set. The result of a read
1991 * during PIO in is indeterminate, return 0 and don't move forward. */
1992 if (!(s->status & DRQ_STAT) || !ide_is_pio_out(s)) {
1993 return 0;
1994 }
1995
1996 p = s->data_ptr;
1997 ret = cpu_to_le32(*(uint32_t *)p);
1998 p += 4;
1999 s->data_ptr = p;
2000 if (p >= s->data_end)
2001 s->end_transfer_func(s);
2002 return ret;
2003 }
2004
2005 static void ide_dummy_transfer_stop(IDEState *s)
2006 {
2007 s->data_ptr = s->io_buffer;
2008 s->data_end = s->io_buffer;
2009 s->io_buffer[0] = 0xff;
2010 s->io_buffer[1] = 0xff;
2011 s->io_buffer[2] = 0xff;
2012 s->io_buffer[3] = 0xff;
2013 }
2014
2015 static void ide_reset(IDEState *s)
2016 {
2017 #ifdef DEBUG_IDE
2018 printf("ide: reset\n");
2019 #endif
2020
2021 if (s->pio_aiocb) {
2022 bdrv_aio_cancel(s->pio_aiocb);
2023 s->pio_aiocb = NULL;
2024 }
2025
2026 if (s->drive_kind == IDE_CFATA)
2027 s->mult_sectors = 0;
2028 else
2029 s->mult_sectors = MAX_MULT_SECTORS;
2030 /* ide regs */
2031 s->feature = 0;
2032 s->error = 0;
2033 s->nsector = 0;
2034 s->sector = 0;
2035 s->lcyl = 0;
2036 s->hcyl = 0;
2037
2038 /* lba48 */
2039 s->hob_feature = 0;
2040 s->hob_sector = 0;
2041 s->hob_nsector = 0;
2042 s->hob_lcyl = 0;
2043 s->hob_hcyl = 0;
2044
2045 s->select = 0xa0;
2046 s->status = READY_STAT | SEEK_STAT;
2047
2048 s->lba48 = 0;
2049
2050 /* ATAPI specific */
2051 s->sense_key = 0;
2052 s->asc = 0;
2053 s->cdrom_changed = 0;
2054 s->packet_transfer_size = 0;
2055 s->elementary_transfer_size = 0;
2056 s->io_buffer_index = 0;
2057 s->cd_sector_size = 0;
2058 s->atapi_dma = 0;
2059 s->tray_locked = 0;
2060 s->tray_open = 0;
2061 /* ATA DMA state */
2062 s->io_buffer_size = 0;
2063 s->req_nb_sectors = 0;
2064
2065 ide_set_signature(s);
2066 /* init the transfer handler so that 0xffff is returned on data
2067 accesses */
2068 s->end_transfer_func = ide_dummy_transfer_stop;
2069 ide_dummy_transfer_stop(s);
2070 s->media_changed = 0;
2071 }
2072
2073 void ide_bus_reset(IDEBus *bus)
2074 {
2075 bus->unit = 0;
2076 bus->cmd = 0;
2077 ide_reset(&bus->ifs[0]);
2078 ide_reset(&bus->ifs[1]);
2079 ide_clear_hob(bus);
2080
2081 /* pending async DMA */
2082 if (bus->dma->aiocb) {
2083 #ifdef DEBUG_AIO
2084 printf("aio_cancel\n");
2085 #endif
2086 bdrv_aio_cancel(bus->dma->aiocb);
2087 bus->dma->aiocb = NULL;
2088 }
2089
2090 /* reset dma provider too */
2091 bus->dma->ops->reset(bus->dma);
2092 }
2093
2094 static bool ide_cd_is_tray_open(void *opaque)
2095 {
2096 return ((IDEState *)opaque)->tray_open;
2097 }
2098
2099 static bool ide_cd_is_medium_locked(void *opaque)
2100 {
2101 return ((IDEState *)opaque)->tray_locked;
2102 }
2103
2104 static const BlockDevOps ide_cd_block_ops = {
2105 .change_media_cb = ide_cd_change_cb,
2106 .eject_request_cb = ide_cd_eject_request_cb,
2107 .is_tray_open = ide_cd_is_tray_open,
2108 .is_medium_locked = ide_cd_is_medium_locked,
2109 };
2110
2111 int ide_init_drive(IDEState *s, BlockDriverState *bs, IDEDriveKind kind,
2112 const char *version, const char *serial, const char *model,
2113 uint64_t wwn,
2114 uint32_t cylinders, uint32_t heads, uint32_t secs,
2115 int chs_trans)
2116 {
2117 uint64_t nb_sectors;
2118
2119 s->bs = bs;
2120 s->drive_kind = kind;
2121
2122 bdrv_get_geometry(bs, &nb_sectors);
2123 s->cylinders = cylinders;
2124 s->heads = heads;
2125 s->sectors = secs;
2126 s->chs_trans = chs_trans;
2127 s->nb_sectors = nb_sectors;
2128 s->wwn = wwn;
2129 /* The SMART values should be preserved across power cycles
2130 but they aren't. */
2131 s->smart_enabled = 1;
2132 s->smart_autosave = 1;
2133 s->smart_errors = 0;
2134 s->smart_selftest_count = 0;
2135 if (kind == IDE_CD) {
2136 bdrv_set_dev_ops(bs, &ide_cd_block_ops, s);
2137 bdrv_set_guest_block_size(bs, 2048);
2138 } else {
2139 if (!bdrv_is_inserted(s->bs)) {
2140 error_report("Device needs media, but drive is empty");
2141 return -1;
2142 }
2143 if (bdrv_is_read_only(bs)) {
2144 error_report("Can't use a read-only drive");
2145 return -1;
2146 }
2147 }
2148 if (serial) {
2149 pstrcpy(s->drive_serial_str, sizeof(s->drive_serial_str), serial);
2150 } else {
2151 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2152 "QM%05d", s->drive_serial);
2153 }
2154 if (model) {
2155 pstrcpy(s->drive_model_str, sizeof(s->drive_model_str), model);
2156 } else {
2157 switch (kind) {
2158 case IDE_CD:
2159 strcpy(s->drive_model_str, "QEMU DVD-ROM");
2160 break;
2161 case IDE_CFATA:
2162 strcpy(s->drive_model_str, "QEMU MICRODRIVE");
2163 break;
2164 default:
2165 strcpy(s->drive_model_str, "QEMU HARDDISK");
2166 break;
2167 }
2168 }
2169
2170 if (version) {
2171 pstrcpy(s->version, sizeof(s->version), version);
2172 } else {
2173 pstrcpy(s->version, sizeof(s->version), qemu_get_version());
2174 }
2175
2176 ide_reset(s);
2177 bdrv_iostatus_enable(bs);
2178 return 0;
2179 }
2180
2181 static void ide_init1(IDEBus *bus, int unit)
2182 {
2183 static int drive_serial = 1;
2184 IDEState *s = &bus->ifs[unit];
2185
2186 s->bus = bus;
2187 s->unit = unit;
2188 s->drive_serial = drive_serial++;
2189 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
2190 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2191 s->io_buffer = qemu_memalign(2048, s->io_buffer_total_len);
2192 memset(s->io_buffer, 0, s->io_buffer_total_len);
2193
2194 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2195 memset(s->smart_selftest_data, 0, 512);
2196
2197 s->sector_write_timer = timer_new_ns(QEMU_CLOCK_VIRTUAL,
2198 ide_sector_write_timer_cb, s);
2199 }
2200
2201 static void ide_nop_start(IDEDMA *dma, IDEState *s,
2202 BlockDriverCompletionFunc *cb)
2203 {
2204 }
2205
2206 static int ide_nop(IDEDMA *dma)
2207 {
2208 return 0;
2209 }
2210
2211 static int ide_nop_int(IDEDMA *dma, int x)
2212 {
2213 return 0;
2214 }
2215
2216 static void ide_nop_restart(void *opaque, int x, RunState y)
2217 {
2218 }
2219
2220 static const IDEDMAOps ide_dma_nop_ops = {
2221 .start_dma = ide_nop_start,
2222 .start_transfer = ide_nop,
2223 .prepare_buf = ide_nop_int,
2224 .rw_buf = ide_nop_int,
2225 .set_unit = ide_nop_int,
2226 .add_status = ide_nop_int,
2227 .set_inactive = ide_nop,
2228 .restart_cb = ide_nop_restart,
2229 .reset = ide_nop,
2230 };
2231
2232 static IDEDMA ide_dma_nop = {
2233 .ops = &ide_dma_nop_ops,
2234 .aiocb = NULL,
2235 };
2236
2237 void ide_init2(IDEBus *bus, qemu_irq irq)
2238 {
2239 int i;
2240
2241 for(i = 0; i < 2; i++) {
2242 ide_init1(bus, i);
2243 ide_reset(&bus->ifs[i]);
2244 }
2245 bus->irq = irq;
2246 bus->dma = &ide_dma_nop;
2247 }
2248
2249 static const MemoryRegionPortio ide_portio_list[] = {
2250 { 0, 8, 1, .read = ide_ioport_read, .write = ide_ioport_write },
2251 { 0, 2, 2, .read = ide_data_readw, .write = ide_data_writew },
2252 { 0, 4, 4, .read = ide_data_readl, .write = ide_data_writel },
2253 PORTIO_END_OF_LIST(),
2254 };
2255
2256 static const MemoryRegionPortio ide_portio2_list[] = {
2257 { 0, 1, 1, .read = ide_status_read, .write = ide_cmd_write },
2258 PORTIO_END_OF_LIST(),
2259 };
2260
2261 void ide_init_ioport(IDEBus *bus, ISADevice *dev, int iobase, int iobase2)
2262 {
2263 /* ??? Assume only ISA and PCI configurations, and that the PCI-ISA
2264 bridge has been setup properly to always register with ISA. */
2265 isa_register_portio_list(dev, iobase, ide_portio_list, bus, "ide");
2266
2267 if (iobase2) {
2268 isa_register_portio_list(dev, iobase2, ide_portio2_list, bus, "ide");
2269 }
2270 }
2271
2272 static bool is_identify_set(void *opaque, int version_id)
2273 {
2274 IDEState *s = opaque;
2275
2276 return s->identify_set != 0;
2277 }
2278
2279 static EndTransferFunc* transfer_end_table[] = {
2280 ide_sector_read,
2281 ide_sector_write,
2282 ide_transfer_stop,
2283 ide_atapi_cmd_reply_end,
2284 ide_atapi_cmd,
2285 ide_dummy_transfer_stop,
2286 };
2287
2288 static int transfer_end_table_idx(EndTransferFunc *fn)
2289 {
2290 int i;
2291
2292 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2293 if (transfer_end_table[i] == fn)
2294 return i;
2295
2296 return -1;
2297 }
2298
2299 static int ide_drive_post_load(void *opaque, int version_id)
2300 {
2301 IDEState *s = opaque;
2302
2303 if (s->identify_set) {
2304 bdrv_set_enable_write_cache(s->bs, !!(s->identify_data[85] & (1 << 5)));
2305 }
2306 return 0;
2307 }
2308
2309 static int ide_drive_pio_post_load(void *opaque, int version_id)
2310 {
2311 IDEState *s = opaque;
2312
2313 if (s->end_transfer_fn_idx >= ARRAY_SIZE(transfer_end_table)) {
2314 return -EINVAL;
2315 }
2316 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2317 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2318 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2319
2320 return 0;
2321 }
2322
2323 static void ide_drive_pio_pre_save(void *opaque)
2324 {
2325 IDEState *s = opaque;
2326 int idx;
2327
2328 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2329 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2330
2331 idx = transfer_end_table_idx(s->end_transfer_func);
2332 if (idx == -1) {
2333 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2334 __func__);
2335 s->end_transfer_fn_idx = 2;
2336 } else {
2337 s->end_transfer_fn_idx = idx;
2338 }
2339 }
2340
2341 static bool ide_drive_pio_state_needed(void *opaque)
2342 {
2343 IDEState *s = opaque;
2344
2345 return ((s->status & DRQ_STAT) != 0)
2346 || (s->bus->error_status & BM_STATUS_PIO_RETRY);
2347 }
2348
2349 static bool ide_tray_state_needed(void *opaque)
2350 {
2351 IDEState *s = opaque;
2352
2353 return s->tray_open || s->tray_locked;
2354 }
2355
2356 static bool ide_atapi_gesn_needed(void *opaque)
2357 {
2358 IDEState *s = opaque;
2359
2360 return s->events.new_media || s->events.eject_request;
2361 }
2362
2363 static bool ide_error_needed(void *opaque)
2364 {
2365 IDEBus *bus = opaque;
2366
2367 return (bus->error_status != 0);
2368 }
2369
2370 /* Fields for GET_EVENT_STATUS_NOTIFICATION ATAPI command */
2371 static const VMStateDescription vmstate_ide_atapi_gesn_state = {
2372 .name ="ide_drive/atapi/gesn_state",
2373 .version_id = 1,
2374 .minimum_version_id = 1,
2375 .fields = (VMStateField[]) {
2376 VMSTATE_BOOL(events.new_media, IDEState),
2377 VMSTATE_BOOL(events.eject_request, IDEState),
2378 VMSTATE_END_OF_LIST()
2379 }
2380 };
2381
2382 static const VMStateDescription vmstate_ide_tray_state = {
2383 .name = "ide_drive/tray_state",
2384 .version_id = 1,
2385 .minimum_version_id = 1,
2386 .fields = (VMStateField[]) {
2387 VMSTATE_BOOL(tray_open, IDEState),
2388 VMSTATE_BOOL(tray_locked, IDEState),
2389 VMSTATE_END_OF_LIST()
2390 }
2391 };
2392
2393 static const VMStateDescription vmstate_ide_drive_pio_state = {
2394 .name = "ide_drive/pio_state",
2395 .version_id = 1,
2396 .minimum_version_id = 1,
2397 .pre_save = ide_drive_pio_pre_save,
2398 .post_load = ide_drive_pio_post_load,
2399 .fields = (VMStateField[]) {
2400 VMSTATE_INT32(req_nb_sectors, IDEState),
2401 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2402 vmstate_info_uint8, uint8_t),
2403 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2404 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2405 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2406 VMSTATE_INT32(elementary_transfer_size, IDEState),
2407 VMSTATE_INT32(packet_transfer_size, IDEState),
2408 VMSTATE_END_OF_LIST()
2409 }
2410 };
2411
2412 const VMStateDescription vmstate_ide_drive = {
2413 .name = "ide_drive",
2414 .version_id = 3,
2415 .minimum_version_id = 0,
2416 .post_load = ide_drive_post_load,
2417 .fields = (VMStateField[]) {
2418 VMSTATE_INT32(mult_sectors, IDEState),
2419 VMSTATE_INT32(identify_set, IDEState),
2420 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2421 VMSTATE_UINT8(feature, IDEState),
2422 VMSTATE_UINT8(error, IDEState),
2423 VMSTATE_UINT32(nsector, IDEState),
2424 VMSTATE_UINT8(sector, IDEState),
2425 VMSTATE_UINT8(lcyl, IDEState),
2426 VMSTATE_UINT8(hcyl, IDEState),
2427 VMSTATE_UINT8(hob_feature, IDEState),
2428 VMSTATE_UINT8(hob_sector, IDEState),
2429 VMSTATE_UINT8(hob_nsector, IDEState),
2430 VMSTATE_UINT8(hob_lcyl, IDEState),
2431 VMSTATE_UINT8(hob_hcyl, IDEState),
2432 VMSTATE_UINT8(select, IDEState),
2433 VMSTATE_UINT8(status, IDEState),
2434 VMSTATE_UINT8(lba48, IDEState),
2435 VMSTATE_UINT8(sense_key, IDEState),
2436 VMSTATE_UINT8(asc, IDEState),
2437 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2438 VMSTATE_END_OF_LIST()
2439 },
2440 .subsections = (VMStateSubsection []) {
2441 {
2442 .vmsd = &vmstate_ide_drive_pio_state,
2443 .needed = ide_drive_pio_state_needed,
2444 }, {
2445 .vmsd = &vmstate_ide_tray_state,
2446 .needed = ide_tray_state_needed,
2447 }, {
2448 .vmsd = &vmstate_ide_atapi_gesn_state,
2449 .needed = ide_atapi_gesn_needed,
2450 }, {
2451 /* empty */
2452 }
2453 }
2454 };
2455
2456 static const VMStateDescription vmstate_ide_error_status = {
2457 .name ="ide_bus/error",
2458 .version_id = 1,
2459 .minimum_version_id = 1,
2460 .fields = (VMStateField[]) {
2461 VMSTATE_INT32(error_status, IDEBus),
2462 VMSTATE_END_OF_LIST()
2463 }
2464 };
2465
2466 const VMStateDescription vmstate_ide_bus = {
2467 .name = "ide_bus",
2468 .version_id = 1,
2469 .minimum_version_id = 1,
2470 .fields = (VMStateField[]) {
2471 VMSTATE_UINT8(cmd, IDEBus),
2472 VMSTATE_UINT8(unit, IDEBus),
2473 VMSTATE_END_OF_LIST()
2474 },
2475 .subsections = (VMStateSubsection []) {
2476 {
2477 .vmsd = &vmstate_ide_error_status,
2478 .needed = ide_error_needed,
2479 }, {
2480 /* empty */
2481 }
2482 }
2483 };
2484
2485 void ide_drive_get(DriveInfo **hd, int max_bus)
2486 {
2487 int i;
2488
2489 if (drive_get_max_bus(IF_IDE) >= max_bus) {
2490 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus);
2491 exit(1);
2492 }
2493
2494 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) {
2495 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS);
2496 }
2497 }
QEmu