2 * QEMU IDE disk and CD/DVD-ROM Emulator
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
31 #include "block_int.h"
32 #include "qemu-timer.h"
36 #include <hw/ide/internal.h>
38 static int smart_attributes
[][5] = {
39 /* id, flags, val, wrst, thrsh */
40 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
41 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
42 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
43 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
44 { 0x00, 0x00, 0x00, 0x00, 0x00}
47 /* XXX: DVDs that could fit on a CD will be reported as a CD */
48 static inline int media_present(IDEState
*s
)
50 return (s
->nb_sectors
> 0);
53 static inline int media_is_dvd(IDEState
*s
)
55 return (media_present(s
) && s
->nb_sectors
> CD_MAX_SECTORS
);
58 static inline int media_is_cd(IDEState
*s
)
60 return (media_present(s
) && s
->nb_sectors
<= CD_MAX_SECTORS
);
63 static void ide_dma_start(IDEState
*s
, BlockDriverCompletionFunc
*dma_cb
);
64 static void ide_dma_restart(IDEState
*s
, int is_read
);
65 static void ide_atapi_cmd_read_dma_cb(void *opaque
, int ret
);
66 static int ide_handle_rw_error(IDEState
*s
, int error
, int op
);
68 static void padstr(char *str
, const char *src
, int len
)
71 for(i
= 0; i
< len
; i
++) {
80 static void padstr8(uint8_t *buf
, int buf_size
, const char *src
)
83 for(i
= 0; i
< buf_size
; i
++) {
91 static void put_le16(uint16_t *p
, unsigned int v
)
96 static void ide_identify(IDEState
*s
)
101 if (s
->identify_set
) {
102 memcpy(s
->io_buffer
, s
->identify_data
, sizeof(s
->identify_data
));
106 memset(s
->io_buffer
, 0, 512);
107 p
= (uint16_t *)s
->io_buffer
;
108 put_le16(p
+ 0, 0x0040);
109 put_le16(p
+ 1, s
->cylinders
);
110 put_le16(p
+ 3, s
->heads
);
111 put_le16(p
+ 4, 512 * s
->sectors
); /* XXX: retired, remove ? */
112 put_le16(p
+ 5, 512); /* XXX: retired, remove ? */
113 put_le16(p
+ 6, s
->sectors
);
114 padstr((char *)(p
+ 10), s
->drive_serial_str
, 20); /* serial number */
115 put_le16(p
+ 20, 3); /* XXX: retired, remove ? */
116 put_le16(p
+ 21, 512); /* cache size in sectors */
117 put_le16(p
+ 22, 4); /* ecc bytes */
118 padstr((char *)(p
+ 23), QEMU_VERSION
, 8); /* firmware version */
119 padstr((char *)(p
+ 27), "QEMU HARDDISK", 40); /* model */
120 #if MAX_MULT_SECTORS > 1
121 put_le16(p
+ 47, 0x8000 | MAX_MULT_SECTORS
);
123 put_le16(p
+ 48, 1); /* dword I/O */
124 put_le16(p
+ 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
125 put_le16(p
+ 51, 0x200); /* PIO transfer cycle */
126 put_le16(p
+ 52, 0x200); /* DMA transfer cycle */
127 put_le16(p
+ 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
128 put_le16(p
+ 54, s
->cylinders
);
129 put_le16(p
+ 55, s
->heads
);
130 put_le16(p
+ 56, s
->sectors
);
131 oldsize
= s
->cylinders
* s
->heads
* s
->sectors
;
132 put_le16(p
+ 57, oldsize
);
133 put_le16(p
+ 58, oldsize
>> 16);
135 put_le16(p
+ 59, 0x100 | s
->mult_sectors
);
136 put_le16(p
+ 60, s
->nb_sectors
);
137 put_le16(p
+ 61, s
->nb_sectors
>> 16);
138 put_le16(p
+ 62, 0x07); /* single word dma0-2 supported */
139 put_le16(p
+ 63, 0x07); /* mdma0-2 supported */
140 put_le16(p
+ 65, 120);
141 put_le16(p
+ 66, 120);
142 put_le16(p
+ 67, 120);
143 put_le16(p
+ 68, 120);
144 put_le16(p
+ 80, 0xf0); /* ata3 -> ata6 supported */
145 put_le16(p
+ 81, 0x16); /* conforms to ata5 */
146 /* 14=NOP supported, 0=SMART supported */
147 put_le16(p
+ 82, (1 << 14) | 1);
148 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
149 put_le16(p
+ 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
150 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
151 put_le16(p
+ 84, (1 << 14) | 0);
152 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
153 if (bdrv_enable_write_cache(s
->bs
))
154 put_le16(p
+ 85, (1 << 14) | (1 << 5) | 1);
156 put_le16(p
+ 85, (1 << 14) | 1);
157 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
158 put_le16(p
+ 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
159 /* 14=set to 1, 1=smart self test, 0=smart error logging */
160 put_le16(p
+ 87, (1 << 14) | 0);
161 put_le16(p
+ 88, 0x3f | (1 << 13)); /* udma5 set and supported */
162 put_le16(p
+ 93, 1 | (1 << 14) | 0x2000);
163 put_le16(p
+ 100, s
->nb_sectors
);
164 put_le16(p
+ 101, s
->nb_sectors
>> 16);
165 put_le16(p
+ 102, s
->nb_sectors
>> 32);
166 put_le16(p
+ 103, s
->nb_sectors
>> 48);
168 memcpy(s
->identify_data
, p
, sizeof(s
->identify_data
));
172 static void ide_atapi_identify(IDEState
*s
)
176 if (s
->identify_set
) {
177 memcpy(s
->io_buffer
, s
->identify_data
, sizeof(s
->identify_data
));
181 memset(s
->io_buffer
, 0, 512);
182 p
= (uint16_t *)s
->io_buffer
;
183 /* Removable CDROM, 50us response, 12 byte packets */
184 put_le16(p
+ 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
185 padstr((char *)(p
+ 10), s
->drive_serial_str
, 20); /* serial number */
186 put_le16(p
+ 20, 3); /* buffer type */
187 put_le16(p
+ 21, 512); /* cache size in sectors */
188 put_le16(p
+ 22, 4); /* ecc bytes */
189 padstr((char *)(p
+ 23), QEMU_VERSION
, 8); /* firmware version */
190 padstr((char *)(p
+ 27), "QEMU DVD-ROM", 40); /* model */
191 put_le16(p
+ 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
193 put_le16(p
+ 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
194 put_le16(p
+ 53, 7); /* words 64-70, 54-58, 88 valid */
195 put_le16(p
+ 62, 7); /* single word dma0-2 supported */
196 put_le16(p
+ 63, 7); /* mdma0-2 supported */
197 put_le16(p
+ 64, 0x3f); /* PIO modes supported */
199 put_le16(p
+ 49, 1 << 9); /* LBA supported, no DMA */
200 put_le16(p
+ 53, 3); /* words 64-70, 54-58 valid */
201 put_le16(p
+ 63, 0x103); /* DMA modes XXX: may be incorrect */
202 put_le16(p
+ 64, 1); /* PIO modes */
204 put_le16(p
+ 65, 0xb4); /* minimum DMA multiword tx cycle time */
205 put_le16(p
+ 66, 0xb4); /* recommended DMA multiword tx cycle time */
206 put_le16(p
+ 67, 0x12c); /* minimum PIO cycle time without flow control */
207 put_le16(p
+ 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
209 put_le16(p
+ 71, 30); /* in ns */
210 put_le16(p
+ 72, 30); /* in ns */
212 put_le16(p
+ 80, 0x1e); /* support up to ATA/ATAPI-4 */
214 put_le16(p
+ 88, 0x3f | (1 << 13)); /* udma5 set and supported */
216 memcpy(s
->identify_data
, p
, sizeof(s
->identify_data
));
220 static void ide_cfata_identify(IDEState
*s
)
225 p
= (uint16_t *) s
->identify_data
;
229 memset(p
, 0, sizeof(s
->identify_data
));
231 cur_sec
= s
->cylinders
* s
->heads
* s
->sectors
;
233 put_le16(p
+ 0, 0x848a); /* CF Storage Card signature */
234 put_le16(p
+ 1, s
->cylinders
); /* Default cylinders */
235 put_le16(p
+ 3, s
->heads
); /* Default heads */
236 put_le16(p
+ 6, s
->sectors
); /* Default sectors per track */
237 put_le16(p
+ 7, s
->nb_sectors
>> 16); /* Sectors per card */
238 put_le16(p
+ 8, s
->nb_sectors
); /* Sectors per card */
239 padstr((char *)(p
+ 10), s
->drive_serial_str
, 20); /* serial number */
240 put_le16(p
+ 22, 0x0004); /* ECC bytes */
241 padstr((char *) (p
+ 23), QEMU_VERSION
, 8); /* Firmware Revision */
242 padstr((char *) (p
+ 27), "QEMU MICRODRIVE", 40);/* Model number */
243 #if MAX_MULT_SECTORS > 1
244 put_le16(p
+ 47, 0x8000 | MAX_MULT_SECTORS
);
246 put_le16(p
+ 47, 0x0000);
248 put_le16(p
+ 49, 0x0f00); /* Capabilities */
249 put_le16(p
+ 51, 0x0002); /* PIO cycle timing mode */
250 put_le16(p
+ 52, 0x0001); /* DMA cycle timing mode */
251 put_le16(p
+ 53, 0x0003); /* Translation params valid */
252 put_le16(p
+ 54, s
->cylinders
); /* Current cylinders */
253 put_le16(p
+ 55, s
->heads
); /* Current heads */
254 put_le16(p
+ 56, s
->sectors
); /* Current sectors */
255 put_le16(p
+ 57, cur_sec
); /* Current capacity */
256 put_le16(p
+ 58, cur_sec
>> 16); /* Current capacity */
257 if (s
->mult_sectors
) /* Multiple sector setting */
258 put_le16(p
+ 59, 0x100 | s
->mult_sectors
);
259 put_le16(p
+ 60, s
->nb_sectors
); /* Total LBA sectors */
260 put_le16(p
+ 61, s
->nb_sectors
>> 16); /* Total LBA sectors */
261 put_le16(p
+ 63, 0x0203); /* Multiword DMA capability */
262 put_le16(p
+ 64, 0x0001); /* Flow Control PIO support */
263 put_le16(p
+ 65, 0x0096); /* Min. Multiword DMA cycle */
264 put_le16(p
+ 66, 0x0096); /* Rec. Multiword DMA cycle */
265 put_le16(p
+ 68, 0x00b4); /* Min. PIO cycle time */
266 put_le16(p
+ 82, 0x400c); /* Command Set supported */
267 put_le16(p
+ 83, 0x7068); /* Command Set supported */
268 put_le16(p
+ 84, 0x4000); /* Features supported */
269 put_le16(p
+ 85, 0x000c); /* Command Set enabled */
270 put_le16(p
+ 86, 0x7044); /* Command Set enabled */
271 put_le16(p
+ 87, 0x4000); /* Features enabled */
272 put_le16(p
+ 91, 0x4060); /* Current APM level */
273 put_le16(p
+ 129, 0x0002); /* Current features option */
274 put_le16(p
+ 130, 0x0005); /* Reassigned sectors */
275 put_le16(p
+ 131, 0x0001); /* Initial power mode */
276 put_le16(p
+ 132, 0x0000); /* User signature */
277 put_le16(p
+ 160, 0x8100); /* Power requirement */
278 put_le16(p
+ 161, 0x8001); /* CF command set */
283 memcpy(s
->io_buffer
, p
, sizeof(s
->identify_data
));
286 static void ide_set_signature(IDEState
*s
)
288 s
->select
&= 0xf0; /* clear head */
304 static inline void ide_abort_command(IDEState
*s
)
306 s
->status
= READY_STAT
| ERR_STAT
;
310 static inline void ide_dma_submit_check(IDEState
*s
,
311 BlockDriverCompletionFunc
*dma_cb
, BMDMAState
*bm
)
318 /* prepare data transfer and tell what to do after */
319 static void ide_transfer_start(IDEState
*s
, uint8_t *buf
, int size
,
320 EndTransferFunc
*end_transfer_func
)
322 s
->end_transfer_func
= end_transfer_func
;
324 s
->data_end
= buf
+ size
;
325 if (!(s
->status
& ERR_STAT
))
326 s
->status
|= DRQ_STAT
;
329 static void ide_transfer_stop(IDEState
*s
)
331 s
->end_transfer_func
= ide_transfer_stop
;
332 s
->data_ptr
= s
->io_buffer
;
333 s
->data_end
= s
->io_buffer
;
334 s
->status
&= ~DRQ_STAT
;
337 int64_t ide_get_sector(IDEState
*s
)
340 if (s
->select
& 0x40) {
343 sector_num
= ((s
->select
& 0x0f) << 24) | (s
->hcyl
<< 16) |
344 (s
->lcyl
<< 8) | s
->sector
;
346 sector_num
= ((int64_t)s
->hob_hcyl
<< 40) |
347 ((int64_t) s
->hob_lcyl
<< 32) |
348 ((int64_t) s
->hob_sector
<< 24) |
349 ((int64_t) s
->hcyl
<< 16) |
350 ((int64_t) s
->lcyl
<< 8) | s
->sector
;
353 sector_num
= ((s
->hcyl
<< 8) | s
->lcyl
) * s
->heads
* s
->sectors
+
354 (s
->select
& 0x0f) * s
->sectors
+ (s
->sector
- 1);
359 void ide_set_sector(IDEState
*s
, int64_t sector_num
)
362 if (s
->select
& 0x40) {
364 s
->select
= (s
->select
& 0xf0) | (sector_num
>> 24);
365 s
->hcyl
= (sector_num
>> 16);
366 s
->lcyl
= (sector_num
>> 8);
367 s
->sector
= (sector_num
);
369 s
->sector
= sector_num
;
370 s
->lcyl
= sector_num
>> 8;
371 s
->hcyl
= sector_num
>> 16;
372 s
->hob_sector
= sector_num
>> 24;
373 s
->hob_lcyl
= sector_num
>> 32;
374 s
->hob_hcyl
= sector_num
>> 40;
377 cyl
= sector_num
/ (s
->heads
* s
->sectors
);
378 r
= sector_num
% (s
->heads
* s
->sectors
);
381 s
->select
= (s
->select
& 0xf0) | ((r
/ s
->sectors
) & 0x0f);
382 s
->sector
= (r
% s
->sectors
) + 1;
386 static void ide_rw_error(IDEState
*s
) {
387 ide_abort_command(s
);
391 static void ide_sector_read(IDEState
*s
)
396 s
->status
= READY_STAT
| SEEK_STAT
;
397 s
->error
= 0; /* not needed by IDE spec, but needed by Windows */
398 sector_num
= ide_get_sector(s
);
401 /* no more sector to read from disk */
402 ide_transfer_stop(s
);
404 #if defined(DEBUG_IDE)
405 printf("read sector=%" PRId64
"\n", sector_num
);
407 if (n
> s
->req_nb_sectors
)
408 n
= s
->req_nb_sectors
;
409 ret
= bdrv_read(s
->bs
, sector_num
, s
->io_buffer
, n
);
411 if (ide_handle_rw_error(s
, -ret
,
412 BM_STATUS_PIO_RETRY
| BM_STATUS_RETRY_READ
))
417 ide_transfer_start(s
, s
->io_buffer
, 512 * n
, ide_sector_read
);
419 ide_set_sector(s
, sector_num
+ n
);
425 /* return 0 if buffer completed */
426 static int dma_buf_prepare(BMDMAState
*bm
, int is_write
)
428 IDEState
*s
= bmdma_active_if(bm
);
435 qemu_sglist_init(&s
->sg
, s
->nsector
/ (TARGET_PAGE_SIZE
/512) + 1);
436 s
->io_buffer_size
= 0;
438 if (bm
->cur_prd_len
== 0) {
439 /* end of table (with a fail safe of one page) */
440 if (bm
->cur_prd_last
||
441 (bm
->cur_addr
- bm
->addr
) >= 4096)
442 return s
->io_buffer_size
!= 0;
443 cpu_physical_memory_read(bm
->cur_addr
, (uint8_t *)&prd
, 8);
445 prd
.addr
= le32_to_cpu(prd
.addr
);
446 prd
.size
= le32_to_cpu(prd
.size
);
447 len
= prd
.size
& 0xfffe;
450 bm
->cur_prd_len
= len
;
451 bm
->cur_prd_addr
= prd
.addr
;
452 bm
->cur_prd_last
= (prd
.size
& 0x80000000);
456 qemu_sglist_add(&s
->sg
, bm
->cur_prd_addr
, l
);
457 bm
->cur_prd_addr
+= l
;
458 bm
->cur_prd_len
-= l
;
459 s
->io_buffer_size
+= l
;
465 static void dma_buf_commit(IDEState
*s
, int is_write
)
467 qemu_sglist_destroy(&s
->sg
);
470 void ide_dma_error(IDEState
*s
)
472 ide_transfer_stop(s
);
474 s
->status
= READY_STAT
| ERR_STAT
;
478 static int ide_handle_rw_error(IDEState
*s
, int error
, int op
)
480 int is_read
= (op
& BM_STATUS_RETRY_READ
);
481 BlockInterfaceErrorAction action
= drive_get_on_error(s
->bs
, is_read
);
483 if (action
== BLOCK_ERR_IGNORE
)
486 if ((error
== ENOSPC
&& action
== BLOCK_ERR_STOP_ENOSPC
)
487 || action
== BLOCK_ERR_STOP_ANY
) {
488 s
->bus
->bmdma
->unit
= s
->unit
;
489 s
->bus
->bmdma
->status
|= op
;
492 if (op
& BM_STATUS_DMA_RETRY
) {
493 dma_buf_commit(s
, 0);
503 /* return 0 if buffer completed */
504 static int dma_buf_rw(BMDMAState
*bm
, int is_write
)
506 IDEState
*s
= bmdma_active_if(bm
);
514 l
= s
->io_buffer_size
- s
->io_buffer_index
;
517 if (bm
->cur_prd_len
== 0) {
518 /* end of table (with a fail safe of one page) */
519 if (bm
->cur_prd_last
||
520 (bm
->cur_addr
- bm
->addr
) >= 4096)
522 cpu_physical_memory_read(bm
->cur_addr
, (uint8_t *)&prd
, 8);
524 prd
.addr
= le32_to_cpu(prd
.addr
);
525 prd
.size
= le32_to_cpu(prd
.size
);
526 len
= prd
.size
& 0xfffe;
529 bm
->cur_prd_len
= len
;
530 bm
->cur_prd_addr
= prd
.addr
;
531 bm
->cur_prd_last
= (prd
.size
& 0x80000000);
533 if (l
> bm
->cur_prd_len
)
537 cpu_physical_memory_write(bm
->cur_prd_addr
,
538 s
->io_buffer
+ s
->io_buffer_index
, l
);
540 cpu_physical_memory_read(bm
->cur_prd_addr
,
541 s
->io_buffer
+ s
->io_buffer_index
, l
);
543 bm
->cur_prd_addr
+= l
;
544 bm
->cur_prd_len
-= l
;
545 s
->io_buffer_index
+= l
;
551 static void ide_read_dma_cb(void *opaque
, int ret
)
553 BMDMAState
*bm
= opaque
;
554 IDEState
*s
= bmdma_active_if(bm
);
559 if (ide_handle_rw_error(s
, -ret
,
560 BM_STATUS_DMA_RETRY
| BM_STATUS_RETRY_READ
))
566 n
= s
->io_buffer_size
>> 9;
567 sector_num
= ide_get_sector(s
);
569 dma_buf_commit(s
, 1);
571 ide_set_sector(s
, sector_num
);
575 /* end of transfer ? */
576 if (s
->nsector
== 0) {
577 s
->status
= READY_STAT
| SEEK_STAT
;
580 bm
->status
&= ~BM_STATUS_DMAING
;
581 bm
->status
|= BM_STATUS_INT
;
588 /* launch next transfer */
590 s
->io_buffer_index
= 0;
591 s
->io_buffer_size
= n
* 512;
592 if (dma_buf_prepare(bm
, 1) == 0)
595 printf("aio_read: sector_num=%" PRId64
" n=%d\n", sector_num
, n
);
597 bm
->aiocb
= dma_bdrv_read(s
->bs
, &s
->sg
, sector_num
, ide_read_dma_cb
, bm
);
598 ide_dma_submit_check(s
, ide_read_dma_cb
, bm
);
601 static void ide_sector_read_dma(IDEState
*s
)
603 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
604 s
->io_buffer_index
= 0;
605 s
->io_buffer_size
= 0;
607 ide_dma_start(s
, ide_read_dma_cb
);
610 static void ide_sector_write_timer_cb(void *opaque
)
612 IDEState
*s
= opaque
;
616 static void ide_sector_write(IDEState
*s
)
621 s
->status
= READY_STAT
| SEEK_STAT
;
622 sector_num
= ide_get_sector(s
);
623 #if defined(DEBUG_IDE)
624 printf("write sector=%" PRId64
"\n", sector_num
);
627 if (n
> s
->req_nb_sectors
)
628 n
= s
->req_nb_sectors
;
629 ret
= bdrv_write(s
->bs
, sector_num
, s
->io_buffer
, n
);
632 if (ide_handle_rw_error(s
, -ret
, BM_STATUS_PIO_RETRY
))
637 if (s
->nsector
== 0) {
638 /* no more sectors to write */
639 ide_transfer_stop(s
);
642 if (n1
> s
->req_nb_sectors
)
643 n1
= s
->req_nb_sectors
;
644 ide_transfer_start(s
, s
->io_buffer
, 512 * n1
, ide_sector_write
);
646 ide_set_sector(s
, sector_num
+ n
);
649 if (win2k_install_hack
&& ((++s
->irq_count
% 16) == 0)) {
650 /* It seems there is a bug in the Windows 2000 installer HDD
651 IDE driver which fills the disk with empty logs when the
652 IDE write IRQ comes too early. This hack tries to correct
653 that at the expense of slower write performances. Use this
654 option _only_ to install Windows 2000. You must disable it
656 qemu_mod_timer(s
->sector_write_timer
,
657 qemu_get_clock(vm_clock
) + (get_ticks_per_sec() / 1000));
665 static void ide_dma_restart_bh(void *opaque
)
667 BMDMAState
*bm
= opaque
;
670 qemu_bh_delete(bm
->bh
);
673 is_read
= !!(bm
->status
& BM_STATUS_RETRY_READ
);
675 if (bm
->status
& BM_STATUS_DMA_RETRY
) {
676 bm
->status
&= ~(BM_STATUS_DMA_RETRY
| BM_STATUS_RETRY_READ
);
677 ide_dma_restart(bmdma_active_if(bm
), is_read
);
678 } else if (bm
->status
& BM_STATUS_PIO_RETRY
) {
679 bm
->status
&= ~(BM_STATUS_PIO_RETRY
| BM_STATUS_RETRY_READ
);
681 ide_sector_read(bmdma_active_if(bm
));
683 ide_sector_write(bmdma_active_if(bm
));
688 void ide_dma_restart_cb(void *opaque
, int running
, int reason
)
690 BMDMAState
*bm
= opaque
;
696 bm
->bh
= qemu_bh_new(ide_dma_restart_bh
, bm
);
697 qemu_bh_schedule(bm
->bh
);
701 static void ide_write_dma_cb(void *opaque
, int ret
)
703 BMDMAState
*bm
= opaque
;
704 IDEState
*s
= bmdma_active_if(bm
);
709 if (ide_handle_rw_error(s
, -ret
, BM_STATUS_DMA_RETRY
))
713 n
= s
->io_buffer_size
>> 9;
714 sector_num
= ide_get_sector(s
);
716 dma_buf_commit(s
, 0);
718 ide_set_sector(s
, sector_num
);
722 /* end of transfer ? */
723 if (s
->nsector
== 0) {
724 s
->status
= READY_STAT
| SEEK_STAT
;
727 bm
->status
&= ~BM_STATUS_DMAING
;
728 bm
->status
|= BM_STATUS_INT
;
736 s
->io_buffer_size
= n
* 512;
737 /* launch next transfer */
738 if (dma_buf_prepare(bm
, 0) == 0)
741 printf("aio_write: sector_num=%" PRId64
" n=%d\n", sector_num
, n
);
743 bm
->aiocb
= dma_bdrv_write(s
->bs
, &s
->sg
, sector_num
, ide_write_dma_cb
, bm
);
744 ide_dma_submit_check(s
, ide_write_dma_cb
, bm
);
747 static void ide_sector_write_dma(IDEState
*s
)
749 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
750 s
->io_buffer_index
= 0;
751 s
->io_buffer_size
= 0;
753 ide_dma_start(s
, ide_write_dma_cb
);
756 void ide_atapi_cmd_ok(IDEState
*s
)
759 s
->status
= READY_STAT
| SEEK_STAT
;
760 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
764 void ide_atapi_cmd_error(IDEState
*s
, int sense_key
, int asc
)
766 #ifdef DEBUG_IDE_ATAPI
767 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key
, asc
);
769 s
->error
= sense_key
<< 4;
770 s
->status
= READY_STAT
| ERR_STAT
;
771 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
772 s
->sense_key
= sense_key
;
777 static void ide_atapi_cmd_check_status(IDEState
*s
)
779 #ifdef DEBUG_IDE_ATAPI
780 printf("atapi_cmd_check_status\n");
782 s
->error
= MC_ERR
| (SENSE_UNIT_ATTENTION
<< 4);
783 s
->status
= ERR_STAT
;
788 static void ide_flush_cb(void *opaque
, int ret
)
790 IDEState
*s
= opaque
;
792 /* XXX: how do we signal I/O errors here? */
794 s
->status
= READY_STAT
| SEEK_STAT
;
798 static inline void cpu_to_ube16(uint8_t *buf
, int val
)
804 static inline void cpu_to_ube32(uint8_t *buf
, unsigned int val
)
812 static inline int ube16_to_cpu(const uint8_t *buf
)
814 return (buf
[0] << 8) | buf
[1];
817 static inline int ube32_to_cpu(const uint8_t *buf
)
819 return (buf
[0] << 24) | (buf
[1] << 16) | (buf
[2] << 8) | buf
[3];
822 static void lba_to_msf(uint8_t *buf
, int lba
)
825 buf
[0] = (lba
/ 75) / 60;
826 buf
[1] = (lba
/ 75) % 60;
830 static void cd_data_to_raw(uint8_t *buf
, int lba
)
834 memset(buf
+ 1, 0xff, 10);
838 lba_to_msf(buf
, lba
);
839 buf
[3] = 0x01; /* mode 1 data */
843 /* XXX: ECC not computed */
847 static int cd_read_sector(BlockDriverState
*bs
, int lba
, uint8_t *buf
,
852 switch(sector_size
) {
854 ret
= bdrv_read(bs
, (int64_t)lba
<< 2, buf
, 4);
857 ret
= bdrv_read(bs
, (int64_t)lba
<< 2, buf
+ 16, 4);
860 cd_data_to_raw(buf
, lba
);
869 void ide_atapi_io_error(IDEState
*s
, int ret
)
871 /* XXX: handle more errors */
872 if (ret
== -ENOMEDIUM
) {
873 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
874 ASC_MEDIUM_NOT_PRESENT
);
876 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
877 ASC_LOGICAL_BLOCK_OOR
);
881 /* The whole ATAPI transfer logic is handled in this function */
882 static void ide_atapi_cmd_reply_end(IDEState
*s
)
884 int byte_count_limit
, size
, ret
;
885 #ifdef DEBUG_IDE_ATAPI
886 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
887 s
->packet_transfer_size
,
888 s
->elementary_transfer_size
,
891 if (s
->packet_transfer_size
<= 0) {
892 /* end of transfer */
893 ide_transfer_stop(s
);
894 s
->status
= READY_STAT
| SEEK_STAT
;
895 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
897 #ifdef DEBUG_IDE_ATAPI
898 printf("status=0x%x\n", s
->status
);
901 /* see if a new sector must be read */
902 if (s
->lba
!= -1 && s
->io_buffer_index
>= s
->cd_sector_size
) {
903 ret
= cd_read_sector(s
->bs
, s
->lba
, s
->io_buffer
, s
->cd_sector_size
);
905 ide_transfer_stop(s
);
906 ide_atapi_io_error(s
, ret
);
910 s
->io_buffer_index
= 0;
912 if (s
->elementary_transfer_size
> 0) {
913 /* there are some data left to transmit in this elementary
915 size
= s
->cd_sector_size
- s
->io_buffer_index
;
916 if (size
> s
->elementary_transfer_size
)
917 size
= s
->elementary_transfer_size
;
918 ide_transfer_start(s
, s
->io_buffer
+ s
->io_buffer_index
,
919 size
, ide_atapi_cmd_reply_end
);
920 s
->packet_transfer_size
-= size
;
921 s
->elementary_transfer_size
-= size
;
922 s
->io_buffer_index
+= size
;
924 /* a new transfer is needed */
925 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
;
926 byte_count_limit
= s
->lcyl
| (s
->hcyl
<< 8);
927 #ifdef DEBUG_IDE_ATAPI
928 printf("byte_count_limit=%d\n", byte_count_limit
);
930 if (byte_count_limit
== 0xffff)
932 size
= s
->packet_transfer_size
;
933 if (size
> byte_count_limit
) {
934 /* byte count limit must be even if this case */
935 if (byte_count_limit
& 1)
937 size
= byte_count_limit
;
941 s
->elementary_transfer_size
= size
;
942 /* we cannot transmit more than one sector at a time */
944 if (size
> (s
->cd_sector_size
- s
->io_buffer_index
))
945 size
= (s
->cd_sector_size
- s
->io_buffer_index
);
947 ide_transfer_start(s
, s
->io_buffer
+ s
->io_buffer_index
,
948 size
, ide_atapi_cmd_reply_end
);
949 s
->packet_transfer_size
-= size
;
950 s
->elementary_transfer_size
-= size
;
951 s
->io_buffer_index
+= size
;
953 #ifdef DEBUG_IDE_ATAPI
954 printf("status=0x%x\n", s
->status
);
960 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
961 static void ide_atapi_cmd_reply(IDEState
*s
, int size
, int max_size
)
965 s
->lba
= -1; /* no sector read */
966 s
->packet_transfer_size
= size
;
967 s
->io_buffer_size
= size
; /* dma: send the reply data as one chunk */
968 s
->elementary_transfer_size
= 0;
969 s
->io_buffer_index
= 0;
972 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
;
973 ide_dma_start(s
, ide_atapi_cmd_read_dma_cb
);
975 s
->status
= READY_STAT
| SEEK_STAT
;
976 ide_atapi_cmd_reply_end(s
);
980 /* start a CD-CDROM read command */
981 static void ide_atapi_cmd_read_pio(IDEState
*s
, int lba
, int nb_sectors
,
985 s
->packet_transfer_size
= nb_sectors
* sector_size
;
986 s
->elementary_transfer_size
= 0;
987 s
->io_buffer_index
= sector_size
;
988 s
->cd_sector_size
= sector_size
;
990 s
->status
= READY_STAT
| SEEK_STAT
;
991 ide_atapi_cmd_reply_end(s
);
994 /* ATAPI DMA support */
996 /* XXX: handle read errors */
997 static void ide_atapi_cmd_read_dma_cb(void *opaque
, int ret
)
999 BMDMAState
*bm
= opaque
;
1000 IDEState
*s
= bmdma_active_if(bm
);
1004 ide_atapi_io_error(s
, ret
);
1008 if (s
->io_buffer_size
> 0) {
1010 * For a cdrom read sector command (s->lba != -1),
1011 * adjust the lba for the next s->io_buffer_size chunk
1012 * and dma the current chunk.
1013 * For a command != read (s->lba == -1), just transfer
1017 if (s
->cd_sector_size
== 2352) {
1019 cd_data_to_raw(s
->io_buffer
, s
->lba
);
1021 n
= s
->io_buffer_size
>> 11;
1025 s
->packet_transfer_size
-= s
->io_buffer_size
;
1026 if (dma_buf_rw(bm
, 1) == 0)
1030 if (s
->packet_transfer_size
<= 0) {
1031 s
->status
= READY_STAT
| SEEK_STAT
;
1032 s
->nsector
= (s
->nsector
& ~7) | ATAPI_INT_REASON_IO
| ATAPI_INT_REASON_CD
;
1033 ide_set_irq(s
->bus
);
1035 bm
->status
&= ~BM_STATUS_DMAING
;
1036 bm
->status
|= BM_STATUS_INT
;
1043 s
->io_buffer_index
= 0;
1044 if (s
->cd_sector_size
== 2352) {
1046 s
->io_buffer_size
= s
->cd_sector_size
;
1049 n
= s
->packet_transfer_size
>> 11;
1050 if (n
> (IDE_DMA_BUF_SECTORS
/ 4))
1051 n
= (IDE_DMA_BUF_SECTORS
/ 4);
1052 s
->io_buffer_size
= n
* 2048;
1056 printf("aio_read_cd: lba=%u n=%d\n", s
->lba
, n
);
1058 bm
->iov
.iov_base
= (void *)(s
->io_buffer
+ data_offset
);
1059 bm
->iov
.iov_len
= n
* 4 * 512;
1060 qemu_iovec_init_external(&bm
->qiov
, &bm
->iov
, 1);
1061 bm
->aiocb
= bdrv_aio_readv(s
->bs
, (int64_t)s
->lba
<< 2, &bm
->qiov
,
1062 n
* 4, ide_atapi_cmd_read_dma_cb
, bm
);
1064 /* Note: media not present is the most likely case */
1065 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1066 ASC_MEDIUM_NOT_PRESENT
);
1071 /* start a CD-CDROM read command with DMA */
1072 /* XXX: test if DMA is available */
1073 static void ide_atapi_cmd_read_dma(IDEState
*s
, int lba
, int nb_sectors
,
1077 s
->packet_transfer_size
= nb_sectors
* sector_size
;
1078 s
->io_buffer_index
= 0;
1079 s
->io_buffer_size
= 0;
1080 s
->cd_sector_size
= sector_size
;
1082 /* XXX: check if BUSY_STAT should be set */
1083 s
->status
= READY_STAT
| SEEK_STAT
| DRQ_STAT
| BUSY_STAT
;
1084 ide_dma_start(s
, ide_atapi_cmd_read_dma_cb
);
1087 static void ide_atapi_cmd_read(IDEState
*s
, int lba
, int nb_sectors
,
1090 #ifdef DEBUG_IDE_ATAPI
1091 printf("read %s: LBA=%d nb_sectors=%d\n", s
->atapi_dma
? "dma" : "pio",
1095 ide_atapi_cmd_read_dma(s
, lba
, nb_sectors
, sector_size
);
1097 ide_atapi_cmd_read_pio(s
, lba
, nb_sectors
, sector_size
);
1101 static inline uint8_t ide_atapi_set_profile(uint8_t *buf
, uint8_t *index
,
1104 uint8_t *buf_profile
= buf
+ 12; /* start of profiles */
1106 buf_profile
+= ((*index
) * 4); /* start of indexed profile */
1107 cpu_to_ube16 (buf_profile
, profile
);
1108 buf_profile
[2] = ((buf_profile
[0] == buf
[6]) && (buf_profile
[1] == buf
[7]));
1110 /* each profile adds 4 bytes to the response */
1112 buf
[11] += 4; /* Additional Length */
1117 static int ide_dvd_read_structure(IDEState
*s
, int format
,
1118 const uint8_t *packet
, uint8_t *buf
)
1121 case 0x0: /* Physical format information */
1123 int layer
= packet
[6];
1124 uint64_t total_sectors
;
1127 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1129 bdrv_get_geometry(s
->bs
, &total_sectors
);
1130 total_sectors
>>= 2;
1131 if (total_sectors
== 0)
1132 return -ASC_MEDIUM_NOT_PRESENT
;
1134 buf
[4] = 1; /* DVD-ROM, part version 1 */
1135 buf
[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1136 buf
[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1137 buf
[7] = 0; /* default densities */
1139 /* FIXME: 0x30000 per spec? */
1140 cpu_to_ube32(buf
+ 8, 0); /* start sector */
1141 cpu_to_ube32(buf
+ 12, total_sectors
- 1); /* end sector */
1142 cpu_to_ube32(buf
+ 16, total_sectors
- 1); /* l0 end sector */
1144 /* Size of buffer, not including 2 byte size field */
1145 cpu_to_be16wu((uint16_t *)buf
, 2048 + 2);
1147 /* 2k data + 4 byte header */
1151 case 0x01: /* DVD copyright information */
1152 buf
[4] = 0; /* no copyright data */
1153 buf
[5] = 0; /* no region restrictions */
1155 /* Size of buffer, not including 2 byte size field */
1156 cpu_to_be16wu((uint16_t *)buf
, 4 + 2);
1158 /* 4 byte header + 4 byte data */
1161 case 0x03: /* BCA information - invalid field for no BCA info */
1162 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1164 case 0x04: /* DVD disc manufacturing information */
1165 /* Size of buffer, not including 2 byte size field */
1166 cpu_to_be16wu((uint16_t *)buf
, 2048 + 2);
1168 /* 2k data + 4 byte header */
1173 * This lists all the command capabilities above. Add new ones
1174 * in order and update the length and buffer return values.
1177 buf
[4] = 0x00; /* Physical format */
1178 buf
[5] = 0x40; /* Not writable, is readable */
1179 cpu_to_be16wu((uint16_t *)(buf
+ 6), 2048 + 4);
1181 buf
[8] = 0x01; /* Copyright info */
1182 buf
[9] = 0x40; /* Not writable, is readable */
1183 cpu_to_be16wu((uint16_t *)(buf
+ 10), 4 + 4);
1185 buf
[12] = 0x03; /* BCA info */
1186 buf
[13] = 0x40; /* Not writable, is readable */
1187 cpu_to_be16wu((uint16_t *)(buf
+ 14), 188 + 4);
1189 buf
[16] = 0x04; /* Manufacturing info */
1190 buf
[17] = 0x40; /* Not writable, is readable */
1191 cpu_to_be16wu((uint16_t *)(buf
+ 18), 2048 + 4);
1193 /* Size of buffer, not including 2 byte size field */
1194 cpu_to_be16wu((uint16_t *)buf
, 16 + 2);
1196 /* data written + 4 byte header */
1199 default: /* TODO: formats beyond DVD-ROM requires */
1200 return -ASC_INV_FIELD_IN_CMD_PACKET
;
1204 static void ide_atapi_cmd(IDEState
*s
)
1206 const uint8_t *packet
;
1210 packet
= s
->io_buffer
;
1212 #ifdef DEBUG_IDE_ATAPI
1215 printf("ATAPI limit=0x%x packet:", s
->lcyl
| (s
->hcyl
<< 8));
1216 for(i
= 0; i
< ATAPI_PACKET_SIZE
; i
++) {
1217 printf(" %02x", packet
[i
]);
1222 /* If there's a UNIT_ATTENTION condition pending, only
1223 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1224 if (s
->sense_key
== SENSE_UNIT_ATTENTION
&&
1225 s
->io_buffer
[0] != GPCMD_REQUEST_SENSE
&&
1226 s
->io_buffer
[0] != GPCMD_INQUIRY
) {
1227 ide_atapi_cmd_check_status(s
);
1230 switch(s
->io_buffer
[0]) {
1231 case GPCMD_TEST_UNIT_READY
:
1232 if (bdrv_is_inserted(s
->bs
) && !s
->cdrom_changed
) {
1233 ide_atapi_cmd_ok(s
);
1235 s
->cdrom_changed
= 0;
1236 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1237 ASC_MEDIUM_NOT_PRESENT
);
1240 case GPCMD_MODE_SENSE_6
:
1241 case GPCMD_MODE_SENSE_10
:
1244 if (packet
[0] == GPCMD_MODE_SENSE_10
)
1245 max_len
= ube16_to_cpu(packet
+ 7);
1247 max_len
= packet
[4];
1248 action
= packet
[2] >> 6;
1249 code
= packet
[2] & 0x3f;
1251 case 0: /* current values */
1253 case GPMODE_R_W_ERROR_PAGE
: /* error recovery */
1254 cpu_to_ube16(&buf
[0], 16 + 6);
1270 ide_atapi_cmd_reply(s
, 16, max_len
);
1272 case GPMODE_AUDIO_CTL_PAGE
:
1273 cpu_to_ube16(&buf
[0], 24 + 6);
1281 /* Fill with CDROM audio volume */
1287 ide_atapi_cmd_reply(s
, 24, max_len
);
1289 case GPMODE_CAPABILITIES_PAGE
:
1290 cpu_to_ube16(&buf
[0], 28 + 6);
1303 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1304 code checks for this to automount media. */
1307 buf
[14] = (1 << 0) | (1 << 3) | (1 << 5);
1308 if (bdrv_is_locked(s
->bs
))
1311 cpu_to_ube16(&buf
[16], 706);
1314 cpu_to_ube16(&buf
[20], 512);
1315 cpu_to_ube16(&buf
[22], 706);
1320 ide_atapi_cmd_reply(s
, 28, max_len
);
1326 case 1: /* changeable values */
1328 case 2: /* default values */
1331 case 3: /* saved values */
1332 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1333 ASC_SAVING_PARAMETERS_NOT_SUPPORTED
);
1338 case GPCMD_REQUEST_SENSE
:
1339 max_len
= packet
[4];
1341 buf
[0] = 0x70 | (1 << 7);
1342 buf
[2] = s
->sense_key
;
1345 if (s
->sense_key
== SENSE_UNIT_ATTENTION
)
1346 s
->sense_key
= SENSE_NONE
;
1347 ide_atapi_cmd_reply(s
, 18, max_len
);
1349 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL
:
1350 if (bdrv_is_inserted(s
->bs
)) {
1351 bdrv_set_locked(s
->bs
, packet
[4] & 1);
1352 ide_atapi_cmd_ok(s
);
1354 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1355 ASC_MEDIUM_NOT_PRESENT
);
1361 int nb_sectors
, lba
;
1363 if (packet
[0] == GPCMD_READ_10
)
1364 nb_sectors
= ube16_to_cpu(packet
+ 7);
1366 nb_sectors
= ube32_to_cpu(packet
+ 6);
1367 lba
= ube32_to_cpu(packet
+ 2);
1368 if (nb_sectors
== 0) {
1369 ide_atapi_cmd_ok(s
);
1372 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2048);
1377 int nb_sectors
, lba
, transfer_request
;
1379 nb_sectors
= (packet
[6] << 16) | (packet
[7] << 8) | packet
[8];
1380 lba
= ube32_to_cpu(packet
+ 2);
1381 if (nb_sectors
== 0) {
1382 ide_atapi_cmd_ok(s
);
1385 transfer_request
= packet
[9];
1386 switch(transfer_request
& 0xf8) {
1389 ide_atapi_cmd_ok(s
);
1393 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2048);
1397 ide_atapi_cmd_read(s
, lba
, nb_sectors
, 2352);
1400 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1401 ASC_INV_FIELD_IN_CMD_PACKET
);
1409 uint64_t total_sectors
;
1411 bdrv_get_geometry(s
->bs
, &total_sectors
);
1412 total_sectors
>>= 2;
1413 if (total_sectors
== 0) {
1414 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1415 ASC_MEDIUM_NOT_PRESENT
);
1418 lba
= ube32_to_cpu(packet
+ 2);
1419 if (lba
>= total_sectors
) {
1420 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1421 ASC_LOGICAL_BLOCK_OOR
);
1424 ide_atapi_cmd_ok(s
);
1427 case GPCMD_START_STOP_UNIT
:
1429 int start
, eject
, err
= 0;
1430 start
= packet
[4] & 1;
1431 eject
= (packet
[4] >> 1) & 1;
1434 err
= bdrv_eject(s
->bs
, !start
);
1439 ide_atapi_cmd_ok(s
);
1442 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1443 ASC_MEDIA_REMOVAL_PREVENTED
);
1446 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1447 ASC_MEDIUM_NOT_PRESENT
);
1452 case GPCMD_MECHANISM_STATUS
:
1454 max_len
= ube16_to_cpu(packet
+ 8);
1455 cpu_to_ube16(buf
, 0);
1456 /* no current LBA */
1461 cpu_to_ube16(buf
+ 6, 0);
1462 ide_atapi_cmd_reply(s
, 8, max_len
);
1465 case GPCMD_READ_TOC_PMA_ATIP
:
1467 int format
, msf
, start_track
, len
;
1468 uint64_t total_sectors
;
1470 bdrv_get_geometry(s
->bs
, &total_sectors
);
1471 total_sectors
>>= 2;
1472 if (total_sectors
== 0) {
1473 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1474 ASC_MEDIUM_NOT_PRESENT
);
1477 max_len
= ube16_to_cpu(packet
+ 7);
1478 format
= packet
[9] >> 6;
1479 msf
= (packet
[1] >> 1) & 1;
1480 start_track
= packet
[6];
1483 len
= cdrom_read_toc(total_sectors
, buf
, msf
, start_track
);
1486 ide_atapi_cmd_reply(s
, len
, max_len
);
1489 /* multi session : only a single session defined */
1494 ide_atapi_cmd_reply(s
, 12, max_len
);
1497 len
= cdrom_read_toc_raw(total_sectors
, buf
, msf
, start_track
);
1500 ide_atapi_cmd_reply(s
, len
, max_len
);
1504 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1505 ASC_INV_FIELD_IN_CMD_PACKET
);
1510 case GPCMD_READ_CDVD_CAPACITY
:
1512 uint64_t total_sectors
;
1514 bdrv_get_geometry(s
->bs
, &total_sectors
);
1515 total_sectors
>>= 2;
1516 if (total_sectors
== 0) {
1517 ide_atapi_cmd_error(s
, SENSE_NOT_READY
,
1518 ASC_MEDIUM_NOT_PRESENT
);
1521 /* NOTE: it is really the number of sectors minus 1 */
1522 cpu_to_ube32(buf
, total_sectors
- 1);
1523 cpu_to_ube32(buf
+ 4, 2048);
1524 ide_atapi_cmd_reply(s
, 8, 8);
1527 case GPCMD_READ_DVD_STRUCTURE
:
1529 int media
= packet
[1];
1530 int format
= packet
[7];
1533 max_len
= ube16_to_cpu(packet
+ 8);
1535 if (format
< 0xff) {
1536 if (media_is_cd(s
)) {
1537 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1538 ASC_INCOMPATIBLE_FORMAT
);
1540 } else if (!media_present(s
)) {
1541 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1542 ASC_INV_FIELD_IN_CMD_PACKET
);
1547 memset(buf
, 0, max_len
> IDE_DMA_BUF_SECTORS
* 512 + 4 ?
1548 IDE_DMA_BUF_SECTORS
* 512 + 4 : max_len
);
1554 ret
= ide_dvd_read_structure(s
, format
, packet
, buf
);
1557 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
, -ret
);
1559 ide_atapi_cmd_reply(s
, ret
, max_len
);
1563 /* TODO: BD support, fall through for now */
1565 /* Generic disk structures */
1566 case 0x80: /* TODO: AACS volume identifier */
1567 case 0x81: /* TODO: AACS media serial number */
1568 case 0x82: /* TODO: AACS media identifier */
1569 case 0x83: /* TODO: AACS media key block */
1570 case 0x90: /* TODO: List of recognized format layers */
1571 case 0xc0: /* TODO: Write protection status */
1573 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1574 ASC_INV_FIELD_IN_CMD_PACKET
);
1579 case GPCMD_SET_SPEED
:
1580 ide_atapi_cmd_ok(s
);
1583 max_len
= packet
[4];
1584 buf
[0] = 0x05; /* CD-ROM */
1585 buf
[1] = 0x80; /* removable */
1586 buf
[2] = 0x00; /* ISO */
1587 buf
[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1588 buf
[4] = 31; /* additional length */
1589 buf
[5] = 0; /* reserved */
1590 buf
[6] = 0; /* reserved */
1591 buf
[7] = 0; /* reserved */
1592 padstr8(buf
+ 8, 8, "QEMU");
1593 padstr8(buf
+ 16, 16, "QEMU DVD-ROM");
1594 padstr8(buf
+ 32, 4, QEMU_VERSION
);
1595 ide_atapi_cmd_reply(s
, 36, max_len
);
1597 case GPCMD_GET_CONFIGURATION
:
1602 /* only feature 0 is supported */
1603 if (packet
[2] != 0 || packet
[3] != 0) {
1604 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1605 ASC_INV_FIELD_IN_CMD_PACKET
);
1609 /* XXX: could result in alignment problems in some architectures */
1610 max_len
= ube16_to_cpu(packet
+ 7);
1613 * XXX: avoid overflow for io_buffer if max_len is bigger than
1614 * the size of that buffer (dimensioned to max number of
1615 * sectors to transfer at once)
1617 * Only a problem if the feature/profiles grow.
1619 if (max_len
> 512) /* XXX: assume 1 sector */
1622 memset(buf
, 0, max_len
);
1624 * the number of sectors from the media tells us which profile
1625 * to use as current. 0 means there is no media
1627 if (media_is_dvd(s
))
1628 cpu_to_ube16(buf
+ 6, MMC_PROFILE_DVD_ROM
);
1629 else if (media_is_cd(s
))
1630 cpu_to_ube16(buf
+ 6, MMC_PROFILE_CD_ROM
);
1632 buf
[10] = 0x02 | 0x01; /* persistent and current */
1633 len
= 12; /* headers: 8 + 4 */
1634 len
+= ide_atapi_set_profile(buf
, &index
, MMC_PROFILE_DVD_ROM
);
1635 len
+= ide_atapi_set_profile(buf
, &index
, MMC_PROFILE_CD_ROM
);
1636 cpu_to_ube32(buf
, len
- 4); /* data length */
1638 ide_atapi_cmd_reply(s
, len
, max_len
);
1642 ide_atapi_cmd_error(s
, SENSE_ILLEGAL_REQUEST
,
1643 ASC_ILLEGAL_OPCODE
);
1648 static void ide_cfata_metadata_inquiry(IDEState
*s
)
1653 p
= (uint16_t *) s
->io_buffer
;
1654 memset(p
, 0, 0x200);
1655 spd
= ((s
->mdata_size
- 1) >> 9) + 1;
1657 put_le16(p
+ 0, 0x0001); /* Data format revision */
1658 put_le16(p
+ 1, 0x0000); /* Media property: silicon */
1659 put_le16(p
+ 2, s
->media_changed
); /* Media status */
1660 put_le16(p
+ 3, s
->mdata_size
& 0xffff); /* Capacity in bytes (low) */
1661 put_le16(p
+ 4, s
->mdata_size
>> 16); /* Capacity in bytes (high) */
1662 put_le16(p
+ 5, spd
& 0xffff); /* Sectors per device (low) */
1663 put_le16(p
+ 6, spd
>> 16); /* Sectors per device (high) */
1666 static void ide_cfata_metadata_read(IDEState
*s
)
1670 if (((s
->hcyl
<< 16) | s
->lcyl
) << 9 > s
->mdata_size
+ 2) {
1671 s
->status
= ERR_STAT
;
1672 s
->error
= ABRT_ERR
;
1676 p
= (uint16_t *) s
->io_buffer
;
1677 memset(p
, 0, 0x200);
1679 put_le16(p
+ 0, s
->media_changed
); /* Media status */
1680 memcpy(p
+ 1, s
->mdata_storage
+ (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1681 MIN(MIN(s
->mdata_size
- (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1682 s
->nsector
<< 9), 0x200 - 2));
1685 static void ide_cfata_metadata_write(IDEState
*s
)
1687 if (((s
->hcyl
<< 16) | s
->lcyl
) << 9 > s
->mdata_size
+ 2) {
1688 s
->status
= ERR_STAT
;
1689 s
->error
= ABRT_ERR
;
1693 s
->media_changed
= 0;
1695 memcpy(s
->mdata_storage
+ (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1697 MIN(MIN(s
->mdata_size
- (((s
->hcyl
<< 16) | s
->lcyl
) << 9),
1698 s
->nsector
<< 9), 0x200 - 2));
1701 /* called when the inserted state of the media has changed */
1702 static void cdrom_change_cb(void *opaque
)
1704 IDEState
*s
= opaque
;
1705 uint64_t nb_sectors
;
1707 bdrv_get_geometry(s
->bs
, &nb_sectors
);
1708 s
->nb_sectors
= nb_sectors
;
1710 s
->sense_key
= SENSE_UNIT_ATTENTION
;
1711 s
->asc
= ASC_MEDIUM_MAY_HAVE_CHANGED
;
1712 s
->cdrom_changed
= 1;
1713 ide_set_irq(s
->bus
);
1716 static void ide_cmd_lba48_transform(IDEState
*s
, int lba48
)
1720 /* handle the 'magic' 0 nsector count conversion here. to avoid
1721 * fiddling with the rest of the read logic, we just store the
1722 * full sector count in ->nsector and ignore ->hob_nsector from now
1728 if (!s
->nsector
&& !s
->hob_nsector
)
1731 int lo
= s
->nsector
;
1732 int hi
= s
->hob_nsector
;
1734 s
->nsector
= (hi
<< 8) | lo
;
1739 static void ide_clear_hob(IDEBus
*bus
)
1741 /* any write clears HOB high bit of device control register */
1742 bus
->ifs
[0].select
&= ~(1 << 7);
1743 bus
->ifs
[1].select
&= ~(1 << 7);
1746 void ide_ioport_write(void *opaque
, uint32_t addr
, uint32_t val
)
1748 IDEBus
*bus
= opaque
;
1754 printf("IDE: write addr=0x%x val=0x%02x\n", addr
, val
);
1759 /* ignore writes to command block while busy with previous command */
1760 if (addr
!= 7 && (idebus_active_if(bus
)->status
& (BUSY_STAT
|DRQ_STAT
)))
1768 /* NOTE: data is written to the two drives */
1769 bus
->ifs
[0].hob_feature
= bus
->ifs
[0].feature
;
1770 bus
->ifs
[1].hob_feature
= bus
->ifs
[1].feature
;
1771 bus
->ifs
[0].feature
= val
;
1772 bus
->ifs
[1].feature
= val
;
1776 bus
->ifs
[0].hob_nsector
= bus
->ifs
[0].nsector
;
1777 bus
->ifs
[1].hob_nsector
= bus
->ifs
[1].nsector
;
1778 bus
->ifs
[0].nsector
= val
;
1779 bus
->ifs
[1].nsector
= val
;
1783 bus
->ifs
[0].hob_sector
= bus
->ifs
[0].sector
;
1784 bus
->ifs
[1].hob_sector
= bus
->ifs
[1].sector
;
1785 bus
->ifs
[0].sector
= val
;
1786 bus
->ifs
[1].sector
= val
;
1790 bus
->ifs
[0].hob_lcyl
= bus
->ifs
[0].lcyl
;
1791 bus
->ifs
[1].hob_lcyl
= bus
->ifs
[1].lcyl
;
1792 bus
->ifs
[0].lcyl
= val
;
1793 bus
->ifs
[1].lcyl
= val
;
1797 bus
->ifs
[0].hob_hcyl
= bus
->ifs
[0].hcyl
;
1798 bus
->ifs
[1].hob_hcyl
= bus
->ifs
[1].hcyl
;
1799 bus
->ifs
[0].hcyl
= val
;
1800 bus
->ifs
[1].hcyl
= val
;
1803 /* FIXME: HOB readback uses bit 7 */
1804 bus
->ifs
[0].select
= (val
& ~0x10) | 0xa0;
1805 bus
->ifs
[1].select
= (val
| 0x10) | 0xa0;
1807 bus
->unit
= (val
>> 4) & 1;
1812 #if defined(DEBUG_IDE)
1813 printf("ide: CMD=%02x\n", val
);
1815 s
= idebus_active_if(bus
);
1816 /* ignore commands to non existant slave */
1817 if (s
!= bus
->ifs
&& !s
->bs
)
1820 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1821 if ((s
->status
& (BUSY_STAT
|DRQ_STAT
)) && val
!= WIN_DEVICE_RESET
)
1826 if (s
->bs
&& !s
->is_cdrom
) {
1830 ide_cfata_identify(s
);
1831 s
->status
= READY_STAT
| SEEK_STAT
;
1832 ide_transfer_start(s
, s
->io_buffer
, 512, ide_transfer_stop
);
1835 ide_set_signature(s
);
1837 ide_abort_command(s
);
1839 ide_set_irq(s
->bus
);
1844 s
->status
= READY_STAT
| SEEK_STAT
;
1845 ide_set_irq(s
->bus
);
1848 if (s
->is_cf
&& s
->nsector
== 0) {
1849 /* Disable Read and Write Multiple */
1850 s
->mult_sectors
= 0;
1851 s
->status
= READY_STAT
| SEEK_STAT
;
1852 } else if ((s
->nsector
& 0xff) != 0 &&
1853 ((s
->nsector
& 0xff) > MAX_MULT_SECTORS
||
1854 (s
->nsector
& (s
->nsector
- 1)) != 0)) {
1855 ide_abort_command(s
);
1857 s
->mult_sectors
= s
->nsector
& 0xff;
1858 s
->status
= READY_STAT
| SEEK_STAT
;
1860 ide_set_irq(s
->bus
);
1862 case WIN_VERIFY_EXT
:
1865 case WIN_VERIFY_ONCE
:
1866 /* do sector number check ? */
1867 ide_cmd_lba48_transform(s
, lba48
);
1868 s
->status
= READY_STAT
| SEEK_STAT
;
1869 ide_set_irq(s
->bus
);
1877 ide_cmd_lba48_transform(s
, lba48
);
1878 s
->req_nb_sectors
= 1;
1884 case WIN_WRITE_ONCE
:
1885 case CFA_WRITE_SECT_WO_ERASE
:
1886 case WIN_WRITE_VERIFY
:
1887 ide_cmd_lba48_transform(s
, lba48
);
1889 s
->status
= SEEK_STAT
| READY_STAT
;
1890 s
->req_nb_sectors
= 1;
1891 ide_transfer_start(s
, s
->io_buffer
, 512, ide_sector_write
);
1892 s
->media_changed
= 1;
1894 case WIN_MULTREAD_EXT
:
1897 if (!s
->mult_sectors
)
1899 ide_cmd_lba48_transform(s
, lba48
);
1900 s
->req_nb_sectors
= s
->mult_sectors
;
1903 case WIN_MULTWRITE_EXT
:
1906 case CFA_WRITE_MULTI_WO_ERASE
:
1907 if (!s
->mult_sectors
)
1909 ide_cmd_lba48_transform(s
, lba48
);
1911 s
->status
= SEEK_STAT
| READY_STAT
;
1912 s
->req_nb_sectors
= s
->mult_sectors
;
1914 if (n
> s
->req_nb_sectors
)
1915 n
= s
->req_nb_sectors
;
1916 ide_transfer_start(s
, s
->io_buffer
, 512 * n
, ide_sector_write
);
1917 s
->media_changed
= 1;
1919 case WIN_READDMA_EXT
:
1922 case WIN_READDMA_ONCE
:
1925 ide_cmd_lba48_transform(s
, lba48
);
1926 ide_sector_read_dma(s
);
1928 case WIN_WRITEDMA_EXT
:
1931 case WIN_WRITEDMA_ONCE
:
1934 ide_cmd_lba48_transform(s
, lba48
);
1935 ide_sector_write_dma(s
);
1936 s
->media_changed
= 1;
1938 case WIN_READ_NATIVE_MAX_EXT
:
1940 case WIN_READ_NATIVE_MAX
:
1941 ide_cmd_lba48_transform(s
, lba48
);
1942 ide_set_sector(s
, s
->nb_sectors
- 1);
1943 s
->status
= READY_STAT
| SEEK_STAT
;
1944 ide_set_irq(s
->bus
);
1946 case WIN_CHECKPOWERMODE1
:
1947 case WIN_CHECKPOWERMODE2
:
1948 s
->nsector
= 0xff; /* device active or idle */
1949 s
->status
= READY_STAT
| SEEK_STAT
;
1950 ide_set_irq(s
->bus
);
1952 case WIN_SETFEATURES
:
1955 /* XXX: valid for CDROM ? */
1956 switch(s
->feature
) {
1957 case 0xcc: /* reverting to power-on defaults enable */
1958 case 0x66: /* reverting to power-on defaults disable */
1959 case 0x02: /* write cache enable */
1960 case 0x82: /* write cache disable */
1961 case 0xaa: /* read look-ahead enable */
1962 case 0x55: /* read look-ahead disable */
1963 case 0x05: /* set advanced power management mode */
1964 case 0x85: /* disable advanced power management mode */
1965 case 0x69: /* NOP */
1966 case 0x67: /* NOP */
1967 case 0x96: /* NOP */
1968 case 0x9a: /* NOP */
1969 case 0x42: /* enable Automatic Acoustic Mode */
1970 case 0xc2: /* disable Automatic Acoustic Mode */
1971 s
->status
= READY_STAT
| SEEK_STAT
;
1972 ide_set_irq(s
->bus
);
1974 case 0x03: { /* set transfer mode */
1975 uint8_t val
= s
->nsector
& 0x07;
1976 uint16_t *identify_data
= (uint16_t *)s
->identify_data
;
1978 switch (s
->nsector
>> 3) {
1979 case 0x00: /* pio default */
1980 case 0x01: /* pio mode */
1981 put_le16(identify_data
+ 62,0x07);
1982 put_le16(identify_data
+ 63,0x07);
1983 put_le16(identify_data
+ 88,0x3f);
1985 case 0x02: /* sigle word dma mode*/
1986 put_le16(identify_data
+ 62,0x07 | (1 << (val
+ 8)));
1987 put_le16(identify_data
+ 63,0x07);
1988 put_le16(identify_data
+ 88,0x3f);
1990 case 0x04: /* mdma mode */
1991 put_le16(identify_data
+ 62,0x07);
1992 put_le16(identify_data
+ 63,0x07 | (1 << (val
+ 8)));
1993 put_le16(identify_data
+ 88,0x3f);
1995 case 0x08: /* udma mode */
1996 put_le16(identify_data
+ 62,0x07);
1997 put_le16(identify_data
+ 63,0x07);
1998 put_le16(identify_data
+ 88,0x3f | (1 << (val
+ 8)));
2003 s
->status
= READY_STAT
| SEEK_STAT
;
2004 ide_set_irq(s
->bus
);
2011 case WIN_FLUSH_CACHE
:
2012 case WIN_FLUSH_CACHE_EXT
:
2014 bdrv_aio_flush(s
->bs
, ide_flush_cb
, s
);
2020 case WIN_STANDBYNOW1
:
2021 case WIN_STANDBYNOW2
:
2022 case WIN_IDLEIMMEDIATE
:
2023 case CFA_IDLEIMMEDIATE
:
2028 s
->status
= READY_STAT
;
2029 ide_set_irq(s
->bus
);
2034 /* XXX: Check that seek is within bounds */
2035 s
->status
= READY_STAT
| SEEK_STAT
;
2036 ide_set_irq(s
->bus
);
2038 /* ATAPI commands */
2041 ide_atapi_identify(s
);
2042 s
->status
= READY_STAT
| SEEK_STAT
;
2043 ide_transfer_start(s
, s
->io_buffer
, 512, ide_transfer_stop
);
2045 ide_abort_command(s
);
2047 ide_set_irq(s
->bus
);
2050 ide_set_signature(s
);
2052 s
->status
= 0; /* ATAPI spec (v6) section 9.10 defines packet
2053 * devices to return a clear status register
2054 * with READY_STAT *not* set. */
2056 s
->status
= READY_STAT
| SEEK_STAT
;
2057 s
->error
= 0x01; /* Device 0 passed, Device 1 passed or not
2060 ide_set_irq(s
->bus
);
2065 ide_set_signature(s
);
2066 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2072 /* overlapping commands not supported */
2073 if (s
->feature
& 0x02)
2075 s
->status
= READY_STAT
| SEEK_STAT
;
2076 s
->atapi_dma
= s
->feature
& 1;
2078 ide_transfer_start(s
, s
->io_buffer
, ATAPI_PACKET_SIZE
,
2081 /* CF-ATA commands */
2082 case CFA_REQ_EXT_ERROR_CODE
:
2085 s
->error
= 0x09; /* miscellaneous error */
2086 s
->status
= READY_STAT
| SEEK_STAT
;
2087 ide_set_irq(s
->bus
);
2089 case CFA_ERASE_SECTORS
:
2090 case CFA_WEAR_LEVEL
:
2093 if (val
== CFA_WEAR_LEVEL
)
2095 if (val
== CFA_ERASE_SECTORS
)
2096 s
->media_changed
= 1;
2098 s
->status
= READY_STAT
| SEEK_STAT
;
2099 ide_set_irq(s
->bus
);
2101 case CFA_TRANSLATE_SECTOR
:
2105 s
->status
= READY_STAT
| SEEK_STAT
;
2106 memset(s
->io_buffer
, 0, 0x200);
2107 s
->io_buffer
[0x00] = s
->hcyl
; /* Cyl MSB */
2108 s
->io_buffer
[0x01] = s
->lcyl
; /* Cyl LSB */
2109 s
->io_buffer
[0x02] = s
->select
; /* Head */
2110 s
->io_buffer
[0x03] = s
->sector
; /* Sector */
2111 s
->io_buffer
[0x04] = ide_get_sector(s
) >> 16; /* LBA MSB */
2112 s
->io_buffer
[0x05] = ide_get_sector(s
) >> 8; /* LBA */
2113 s
->io_buffer
[0x06] = ide_get_sector(s
) >> 0; /* LBA LSB */
2114 s
->io_buffer
[0x13] = 0x00; /* Erase flag */
2115 s
->io_buffer
[0x18] = 0x00; /* Hot count */
2116 s
->io_buffer
[0x19] = 0x00; /* Hot count */
2117 s
->io_buffer
[0x1a] = 0x01; /* Hot count */
2118 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2119 ide_set_irq(s
->bus
);
2121 case CFA_ACCESS_METADATA_STORAGE
:
2124 switch (s
->feature
) {
2125 case 0x02: /* Inquiry Metadata Storage */
2126 ide_cfata_metadata_inquiry(s
);
2128 case 0x03: /* Read Metadata Storage */
2129 ide_cfata_metadata_read(s
);
2131 case 0x04: /* Write Metadata Storage */
2132 ide_cfata_metadata_write(s
);
2137 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2138 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2139 ide_set_irq(s
->bus
);
2141 case IBM_SENSE_CONDITION
:
2144 switch (s
->feature
) {
2145 case 0x01: /* sense temperature in device */
2146 s
->nsector
= 0x50; /* +20 C */
2151 s
->status
= READY_STAT
| SEEK_STAT
;
2152 ide_set_irq(s
->bus
);
2158 if (s
->hcyl
!= 0xc2 || s
->lcyl
!= 0x4f)
2160 if (!s
->smart_enabled
&& s
->feature
!= SMART_ENABLE
)
2162 switch (s
->feature
) {
2164 s
->smart_enabled
= 0;
2165 s
->status
= READY_STAT
| SEEK_STAT
;
2166 ide_set_irq(s
->bus
);
2169 s
->smart_enabled
= 1;
2170 s
->status
= READY_STAT
| SEEK_STAT
;
2171 ide_set_irq(s
->bus
);
2173 case SMART_ATTR_AUTOSAVE
:
2174 switch (s
->sector
) {
2176 s
->smart_autosave
= 0;
2179 s
->smart_autosave
= 1;
2184 s
->status
= READY_STAT
| SEEK_STAT
;
2185 ide_set_irq(s
->bus
);
2188 if (!s
->smart_errors
) {
2195 s
->status
= READY_STAT
| SEEK_STAT
;
2196 ide_set_irq(s
->bus
);
2198 case SMART_READ_THRESH
:
2199 memset(s
->io_buffer
, 0, 0x200);
2200 s
->io_buffer
[0] = 0x01; /* smart struct version */
2201 for (n
=0; n
<30; n
++) {
2202 if (smart_attributes
[n
][0] == 0)
2204 s
->io_buffer
[2+0+(n
*12)] = smart_attributes
[n
][0];
2205 s
->io_buffer
[2+1+(n
*12)] = smart_attributes
[n
][4];
2207 for (n
=0; n
<511; n
++) /* checksum */
2208 s
->io_buffer
[511] += s
->io_buffer
[n
];
2209 s
->io_buffer
[511] = 0x100 - s
->io_buffer
[511];
2210 s
->status
= READY_STAT
| SEEK_STAT
;
2211 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2212 ide_set_irq(s
->bus
);
2214 case SMART_READ_DATA
:
2215 memset(s
->io_buffer
, 0, 0x200);
2216 s
->io_buffer
[0] = 0x01; /* smart struct version */
2217 for (n
=0; n
<30; n
++) {
2218 if (smart_attributes
[n
][0] == 0)
2220 s
->io_buffer
[2+0+(n
*12)] = smart_attributes
[n
][0];
2221 s
->io_buffer
[2+1+(n
*12)] = smart_attributes
[n
][1];
2222 s
->io_buffer
[2+3+(n
*12)] = smart_attributes
[n
][2];
2223 s
->io_buffer
[2+4+(n
*12)] = smart_attributes
[n
][3];
2225 s
->io_buffer
[362] = 0x02 | (s
->smart_autosave
?0x80:0x00);
2226 if (s
->smart_selftest_count
== 0) {
2227 s
->io_buffer
[363] = 0;
2230 s
->smart_selftest_data
[3 +
2231 (s
->smart_selftest_count
- 1) *
2234 s
->io_buffer
[364] = 0x20;
2235 s
->io_buffer
[365] = 0x01;
2236 /* offline data collection capacity: execute + self-test*/
2237 s
->io_buffer
[367] = (1<<4 | 1<<3 | 1);
2238 s
->io_buffer
[368] = 0x03; /* smart capability (1) */
2239 s
->io_buffer
[369] = 0x00; /* smart capability (2) */
2240 s
->io_buffer
[370] = 0x01; /* error logging supported */
2241 s
->io_buffer
[372] = 0x02; /* minutes for poll short test */
2242 s
->io_buffer
[373] = 0x36; /* minutes for poll ext test */
2243 s
->io_buffer
[374] = 0x01; /* minutes for poll conveyance */
2245 for (n
=0; n
<511; n
++)
2246 s
->io_buffer
[511] += s
->io_buffer
[n
];
2247 s
->io_buffer
[511] = 0x100 - s
->io_buffer
[511];
2248 s
->status
= READY_STAT
| SEEK_STAT
;
2249 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2250 ide_set_irq(s
->bus
);
2252 case SMART_READ_LOG
:
2253 switch (s
->sector
) {
2254 case 0x01: /* summary smart error log */
2255 memset(s
->io_buffer
, 0, 0x200);
2256 s
->io_buffer
[0] = 0x01;
2257 s
->io_buffer
[1] = 0x00; /* no error entries */
2258 s
->io_buffer
[452] = s
->smart_errors
& 0xff;
2259 s
->io_buffer
[453] = (s
->smart_errors
& 0xff00) >> 8;
2261 for (n
=0; n
<511; n
++)
2262 s
->io_buffer
[511] += s
->io_buffer
[n
];
2263 s
->io_buffer
[511] = 0x100 - s
->io_buffer
[511];
2265 case 0x06: /* smart self test log */
2266 memset(s
->io_buffer
, 0, 0x200);
2267 s
->io_buffer
[0] = 0x01;
2268 if (s
->smart_selftest_count
== 0) {
2269 s
->io_buffer
[508] = 0;
2271 s
->io_buffer
[508] = s
->smart_selftest_count
;
2272 for (n
=2; n
<506; n
++)
2273 s
->io_buffer
[n
] = s
->smart_selftest_data
[n
];
2275 for (n
=0; n
<511; n
++)
2276 s
->io_buffer
[511] += s
->io_buffer
[n
];
2277 s
->io_buffer
[511] = 0x100 - s
->io_buffer
[511];
2282 s
->status
= READY_STAT
| SEEK_STAT
;
2283 ide_transfer_start(s
, s
->io_buffer
, 0x200, ide_transfer_stop
);
2284 ide_set_irq(s
->bus
);
2286 case SMART_EXECUTE_OFFLINE
:
2287 switch (s
->sector
) {
2288 case 0: /* off-line routine */
2289 case 1: /* short self test */
2290 case 2: /* extended self test */
2291 s
->smart_selftest_count
++;
2292 if(s
->smart_selftest_count
> 21)
2293 s
->smart_selftest_count
= 0;
2294 n
= 2 + (s
->smart_selftest_count
- 1) * 24;
2295 s
->smart_selftest_data
[n
] = s
->sector
;
2296 s
->smart_selftest_data
[n
+1] = 0x00; /* OK and finished */
2297 s
->smart_selftest_data
[n
+2] = 0x34; /* hour count lsb */
2298 s
->smart_selftest_data
[n
+3] = 0x12; /* hour count msb */
2299 s
->status
= READY_STAT
| SEEK_STAT
;
2300 ide_set_irq(s
->bus
);
2312 ide_abort_command(s
);
2313 ide_set_irq(s
->bus
);
2319 uint32_t ide_ioport_read(void *opaque
, uint32_t addr1
)
2321 IDEBus
*bus
= opaque
;
2322 IDEState
*s
= idebus_active_if(bus
);
2327 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2328 //hob = s->select & (1 << 7);
2335 if ((!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
) ||
2336 (s
!= bus
->ifs
&& !s
->bs
))
2341 ret
= s
->hob_feature
;
2344 if (!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
)
2347 ret
= s
->nsector
& 0xff;
2349 ret
= s
->hob_nsector
;
2352 if (!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
)
2357 ret
= s
->hob_sector
;
2360 if (!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
)
2368 if (!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
)
2376 if (!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
)
2383 if ((!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
) ||
2384 (s
!= bus
->ifs
&& !s
->bs
))
2388 qemu_irq_lower(bus
->irq
);
2392 printf("ide: read addr=0x%x val=%02x\n", addr1
, ret
);
2397 uint32_t ide_status_read(void *opaque
, uint32_t addr
)
2399 IDEBus
*bus
= opaque
;
2400 IDEState
*s
= idebus_active_if(bus
);
2403 if ((!bus
->ifs
[0].bs
&& !bus
->ifs
[1].bs
) ||
2404 (s
!= bus
->ifs
&& !s
->bs
))
2409 printf("ide: read status addr=0x%x val=%02x\n", addr
, ret
);
2414 void ide_cmd_write(void *opaque
, uint32_t addr
, uint32_t val
)
2416 IDEBus
*bus
= opaque
;
2421 printf("ide: write control addr=0x%x val=%02x\n", addr
, val
);
2423 /* common for both drives */
2424 if (!(bus
->cmd
& IDE_CMD_RESET
) &&
2425 (val
& IDE_CMD_RESET
)) {
2426 /* reset low to high */
2427 for(i
= 0;i
< 2; i
++) {
2429 s
->status
= BUSY_STAT
| SEEK_STAT
;
2432 } else if ((bus
->cmd
& IDE_CMD_RESET
) &&
2433 !(val
& IDE_CMD_RESET
)) {
2435 for(i
= 0;i
< 2; i
++) {
2438 s
->status
= 0x00; /* NOTE: READY is _not_ set */
2440 s
->status
= READY_STAT
| SEEK_STAT
;
2441 ide_set_signature(s
);
2448 void ide_data_writew(void *opaque
, uint32_t addr
, uint32_t val
)
2450 IDEBus
*bus
= opaque
;
2451 IDEState
*s
= idebus_active_if(bus
);
2454 /* PIO data access allowed only when DRQ bit is set */
2455 if (!(s
->status
& DRQ_STAT
))
2459 *(uint16_t *)p
= le16_to_cpu(val
);
2462 if (p
>= s
->data_end
)
2463 s
->end_transfer_func(s
);
2466 uint32_t ide_data_readw(void *opaque
, uint32_t addr
)
2468 IDEBus
*bus
= opaque
;
2469 IDEState
*s
= idebus_active_if(bus
);
2473 /* PIO data access allowed only when DRQ bit is set */
2474 if (!(s
->status
& DRQ_STAT
))
2478 ret
= cpu_to_le16(*(uint16_t *)p
);
2481 if (p
>= s
->data_end
)
2482 s
->end_transfer_func(s
);
2486 void ide_data_writel(void *opaque
, uint32_t addr
, uint32_t val
)
2488 IDEBus
*bus
= opaque
;
2489 IDEState
*s
= idebus_active_if(bus
);
2492 /* PIO data access allowed only when DRQ bit is set */
2493 if (!(s
->status
& DRQ_STAT
))
2497 *(uint32_t *)p
= le32_to_cpu(val
);
2500 if (p
>= s
->data_end
)
2501 s
->end_transfer_func(s
);
2504 uint32_t ide_data_readl(void *opaque
, uint32_t addr
)
2506 IDEBus
*bus
= opaque
;
2507 IDEState
*s
= idebus_active_if(bus
);
2511 /* PIO data access allowed only when DRQ bit is set */
2512 if (!(s
->status
& DRQ_STAT
))
2516 ret
= cpu_to_le32(*(uint32_t *)p
);
2519 if (p
>= s
->data_end
)
2520 s
->end_transfer_func(s
);
2524 static void ide_dummy_transfer_stop(IDEState
*s
)
2526 s
->data_ptr
= s
->io_buffer
;
2527 s
->data_end
= s
->io_buffer
;
2528 s
->io_buffer
[0] = 0xff;
2529 s
->io_buffer
[1] = 0xff;
2530 s
->io_buffer
[2] = 0xff;
2531 s
->io_buffer
[3] = 0xff;
2534 static void ide_reset(IDEState
*s
)
2537 printf("ide: reset\n");
2540 s
->mult_sectors
= 0;
2542 s
->mult_sectors
= MAX_MULT_SECTORS
;
2559 s
->status
= READY_STAT
| SEEK_STAT
;
2563 /* ATAPI specific */
2566 s
->cdrom_changed
= 0;
2567 s
->packet_transfer_size
= 0;
2568 s
->elementary_transfer_size
= 0;
2569 s
->io_buffer_index
= 0;
2570 s
->cd_sector_size
= 0;
2573 s
->io_buffer_size
= 0;
2574 s
->req_nb_sectors
= 0;
2576 ide_set_signature(s
);
2577 /* init the transfer handler so that 0xffff is returned on data
2579 s
->end_transfer_func
= ide_dummy_transfer_stop
;
2580 ide_dummy_transfer_stop(s
);
2581 s
->media_changed
= 0;
2584 void ide_bus_reset(IDEBus
*bus
)
2588 ide_reset(&bus
->ifs
[0]);
2589 ide_reset(&bus
->ifs
[1]);
2593 void ide_init_drive(IDEState
*s
, DriveInfo
*dinfo
)
2595 int cylinders
, heads
, secs
;
2596 uint64_t nb_sectors
;
2598 if (dinfo
&& dinfo
->bdrv
) {
2599 s
->bs
= dinfo
->bdrv
;
2600 bdrv_get_geometry(s
->bs
, &nb_sectors
);
2601 bdrv_guess_geometry(s
->bs
, &cylinders
, &heads
, &secs
);
2602 s
->cylinders
= cylinders
;
2605 s
->nb_sectors
= nb_sectors
;
2606 /* The SMART values should be preserved across power cycles
2608 s
->smart_enabled
= 1;
2609 s
->smart_autosave
= 1;
2610 s
->smart_errors
= 0;
2611 s
->smart_selftest_count
= 0;
2612 if (bdrv_get_type_hint(s
->bs
) == BDRV_TYPE_CDROM
) {
2614 bdrv_set_change_cb(s
->bs
, cdrom_change_cb
, s
);
2616 strncpy(s
->drive_serial_str
, drive_get_serial(s
->bs
),
2617 sizeof(s
->drive_serial_str
));
2619 if (strlen(s
->drive_serial_str
) == 0)
2620 snprintf(s
->drive_serial_str
, sizeof(s
->drive_serial_str
),
2621 "QM%05d", s
->drive_serial
);
2625 void ide_init2(IDEBus
*bus
, DriveInfo
*hd0
, DriveInfo
*hd1
,
2629 static int drive_serial
= 1;
2632 for(i
= 0; i
< 2; i
++) {
2636 s
->drive_serial
= drive_serial
++;
2637 s
->io_buffer
= qemu_blockalign(s
->bs
, IDE_DMA_BUF_SECTORS
*512 + 4);
2638 s
->smart_selftest_data
= qemu_blockalign(s
->bs
, 512);
2639 s
->sector_write_timer
= qemu_new_timer(vm_clock
,
2640 ide_sector_write_timer_cb
, s
);
2642 ide_init_drive(s
, hd0
);
2644 ide_init_drive(s
, hd1
);
2649 void ide_init_ioport(IDEBus
*bus
, int iobase
, int iobase2
)
2651 register_ioport_write(iobase
, 8, 1, ide_ioport_write
, bus
);
2652 register_ioport_read(iobase
, 8, 1, ide_ioport_read
, bus
);
2654 register_ioport_read(iobase2
, 1, 1, ide_status_read
, bus
);
2655 register_ioport_write(iobase2
, 1, 1, ide_cmd_write
, bus
);
2659 register_ioport_write(iobase
, 2, 2, ide_data_writew
, bus
);
2660 register_ioport_read(iobase
, 2, 2, ide_data_readw
, bus
);
2661 register_ioport_write(iobase
, 4, 4, ide_data_writel
, bus
);
2662 register_ioport_read(iobase
, 4, 4, ide_data_readl
, bus
);
2665 static bool is_identify_set(void *opaque
, int version_id
)
2667 IDEState
*s
= opaque
;
2669 return s
->identify_set
!= 0;
2672 static int ide_drive_post_load(void *opaque
, int version_id
)
2674 IDEState
*s
= opaque
;
2676 if (version_id
< 3) {
2677 if (s
->sense_key
== SENSE_UNIT_ATTENTION
&&
2678 s
->asc
== ASC_MEDIUM_MAY_HAVE_CHANGED
) {
2679 s
->cdrom_changed
= 1;
2685 const VMStateDescription vmstate_ide_drive
= {
2686 .name
= "ide_drive",
2688 .minimum_version_id
= 0,
2689 .minimum_version_id_old
= 0,
2690 .post_load
= ide_drive_post_load
,
2691 .fields
= (VMStateField
[]) {
2692 VMSTATE_INT32(mult_sectors
, IDEState
),
2693 VMSTATE_INT32(identify_set
, IDEState
),
2694 VMSTATE_BUFFER_TEST(identify_data
, IDEState
, is_identify_set
),
2695 VMSTATE_UINT8(feature
, IDEState
),
2696 VMSTATE_UINT8(error
, IDEState
),
2697 VMSTATE_UINT32(nsector
, IDEState
),
2698 VMSTATE_UINT8(sector
, IDEState
),
2699 VMSTATE_UINT8(lcyl
, IDEState
),
2700 VMSTATE_UINT8(hcyl
, IDEState
),
2701 VMSTATE_UINT8(hob_feature
, IDEState
),
2702 VMSTATE_UINT8(hob_sector
, IDEState
),
2703 VMSTATE_UINT8(hob_nsector
, IDEState
),
2704 VMSTATE_UINT8(hob_lcyl
, IDEState
),
2705 VMSTATE_UINT8(hob_hcyl
, IDEState
),
2706 VMSTATE_UINT8(select
, IDEState
),
2707 VMSTATE_UINT8(status
, IDEState
),
2708 VMSTATE_UINT8(lba48
, IDEState
),
2709 VMSTATE_UINT8(sense_key
, IDEState
),
2710 VMSTATE_UINT8(asc
, IDEState
),
2711 VMSTATE_UINT8_V(cdrom_changed
, IDEState
, 3),
2712 /* XXX: if a transfer is pending, we do not save it yet */
2713 VMSTATE_END_OF_LIST()
2717 const VMStateDescription vmstate_ide_bus
= {
2720 .minimum_version_id
= 1,
2721 .minimum_version_id_old
= 1,
2722 .fields
= (VMStateField
[]) {
2723 VMSTATE_UINT8(cmd
, IDEBus
),
2724 VMSTATE_UINT8(unit
, IDEBus
),
2725 VMSTATE_END_OF_LIST()
2729 /***********************************************************/
2730 /* PCI IDE definitions */
2732 static void ide_dma_start(IDEState
*s
, BlockDriverCompletionFunc
*dma_cb
)
2734 BMDMAState
*bm
= s
->bus
->bmdma
;
2738 bm
->dma_cb
= dma_cb
;
2739 bm
->cur_prd_last
= 0;
2740 bm
->cur_prd_addr
= 0;
2741 bm
->cur_prd_len
= 0;
2742 bm
->sector_num
= ide_get_sector(s
);
2743 bm
->nsector
= s
->nsector
;
2744 if (bm
->status
& BM_STATUS_DMAING
) {
2749 static void ide_dma_restart(IDEState
*s
, int is_read
)
2751 BMDMAState
*bm
= s
->bus
->bmdma
;
2752 ide_set_sector(s
, bm
->sector_num
);
2753 s
->io_buffer_index
= 0;
2754 s
->io_buffer_size
= 0;
2755 s
->nsector
= bm
->nsector
;
2756 bm
->cur_addr
= bm
->addr
;
2759 bm
->dma_cb
= ide_read_dma_cb
;
2761 bm
->dma_cb
= ide_write_dma_cb
;
2764 ide_dma_start(s
, bm
->dma_cb
);
2767 void ide_dma_cancel(BMDMAState
*bm
)
2769 if (bm
->status
& BM_STATUS_DMAING
) {
2770 bm
->status
&= ~BM_STATUS_DMAING
;
2771 /* cancel DMA request */
2776 printf("aio_cancel\n");
2778 bdrv_aio_cancel(bm
->aiocb
);
2784 void ide_dma_reset(BMDMAState
*bm
)
2787 printf("ide: dma_reset\n");
2794 bm
->cur_prd_last
= 0;
2795 bm
->cur_prd_addr
= 0;
2796 bm
->cur_prd_len
= 0;
