search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Merge branch 'for-anthony' of git://repo.or.cz/qemu/kevin
[qemu.git] / hw / ide / core.c
blob631673fc0f94b7438e3b7dbdd2b0ff061caed075
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi.h>
29 #include "qemu-error.h"
30 #include "qemu-timer.h"
31 #include "sysemu.h"
32 #include "dma.h"
33
34 #include <hw/ide/internal.h>
35
36 #define IDE_PAGE_SIZE 4096
37
38 static const int smart_attributes[][5] = {
39 /* id, flags, val, wrst, thrsh */
40 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
41 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
42 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
43 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
44 { 0x00, 0x00, 0x00, 0x00, 0x00}
45 };
46
47 /* XXX: DVDs that could fit on a CD will be reported as a CD */
48 static inline int media_present(IDEState *s)
49 {
50 return (s->nb_sectors > 0);
51 }
52
53 static inline int media_is_dvd(IDEState *s)
54 {
55 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
56 }
57
58 static inline int media_is_cd(IDEState *s)
59 {
60 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
61 }
62
63 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
64 static void ide_dma_restart(IDEState *s, int is_read);
65 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
66 static int ide_handle_rw_error(IDEState *s, int error, int op);
67
68 static void padstr(char *str, const char *src, int len)
69 {
70 int i, v;
71 for(i = 0; i < len; i++) {
72 if (*src)
73 v = *src++;
74 else
75 v = ' ';
76 str[i^1] = v;
77 }
78 }
79
80 static void padstr8(uint8_t *buf, int buf_size, const char *src)
81 {
82 int i;
83 for(i = 0; i < buf_size; i++) {
84 if (*src)
85 buf[i] = *src++;
86 else
87 buf[i] = ' ';
88 }
89 }
90
91 static void put_le16(uint16_t *p, unsigned int v)
92 {
93 *p = cpu_to_le16(v);
94 }
95
96 static void ide_identify(IDEState *s)
97 {
98 uint16_t *p;
99 unsigned int oldsize;
100 IDEDevice *dev;
101
102 if (s->identify_set) {
103 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
104 return;
105 }
106
107 memset(s->io_buffer, 0, 512);
108 p = (uint16_t *)s->io_buffer;
109 put_le16(p + 0, 0x0040);
110 put_le16(p + 1, s->cylinders);
111 put_le16(p + 3, s->heads);
112 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
113 put_le16(p + 5, 512); /* XXX: retired, remove ? */
114 put_le16(p + 6, s->sectors);
115 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
116 put_le16(p + 20, 3); /* XXX: retired, remove ? */
117 put_le16(p + 21, 512); /* cache size in sectors */
118 put_le16(p + 22, 4); /* ecc bytes */
119 padstr((char *)(p + 23), s->version, 8); /* firmware version */
120 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
121 #if MAX_MULT_SECTORS > 1
122 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
123 #endif
124 put_le16(p + 48, 1); /* dword I/O */
125 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
126 put_le16(p + 51, 0x200); /* PIO transfer cycle */
127 put_le16(p + 52, 0x200); /* DMA transfer cycle */
128 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
129 put_le16(p + 54, s->cylinders);
130 put_le16(p + 55, s->heads);
131 put_le16(p + 56, s->sectors);
132 oldsize = s->cylinders * s->heads * s->sectors;
133 put_le16(p + 57, oldsize);
134 put_le16(p + 58, oldsize >> 16);
135 if (s->mult_sectors)
136 put_le16(p + 59, 0x100 | s->mult_sectors);
137 put_le16(p + 60, s->nb_sectors);
138 put_le16(p + 61, s->nb_sectors >> 16);
139 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
140 put_le16(p + 63, 0x07); /* mdma0-2 supported */
141 put_le16(p + 65, 120);
142 put_le16(p + 66, 120);
143 put_le16(p + 67, 120);
144 put_le16(p + 68, 120);
145 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
146 put_le16(p + 81, 0x16); /* conforms to ata5 */
147 /* 14=NOP supported, 0=SMART supported */
148 put_le16(p + 82, (1 << 14) | 1);
149 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
150 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
151 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
152 put_le16(p + 84, (1 << 14) | 0);
153 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
154 if (bdrv_enable_write_cache(s->bs))
155 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
156 else
157 put_le16(p + 85, (1 << 14) | 1);
158 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
159 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
160 /* 14=set to 1, 1=smart self test, 0=smart error logging */
161 put_le16(p + 87, (1 << 14) | 0);
162 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
163 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
164 put_le16(p + 100, s->nb_sectors);
165 put_le16(p + 101, s->nb_sectors >> 16);
166 put_le16(p + 102, s->nb_sectors >> 32);
167 put_le16(p + 103, s->nb_sectors >> 48);
168 dev = s->unit ? s->bus->slave : s->bus->master;
169 if (dev && dev->conf.physical_block_size)
170 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
171
172 memcpy(s->identify_data, p, sizeof(s->identify_data));
173 s->identify_set = 1;
174 }
175
176 static void ide_atapi_identify(IDEState *s)
177 {
178 uint16_t *p;
179
180 if (s->identify_set) {
181 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
182 return;
183 }
184
185 memset(s->io_buffer, 0, 512);
186 p = (uint16_t *)s->io_buffer;
187 /* Removable CDROM, 50us response, 12 byte packets */
188 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
189 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
190 put_le16(p + 20, 3); /* buffer type */
191 put_le16(p + 21, 512); /* cache size in sectors */
192 put_le16(p + 22, 4); /* ecc bytes */
193 padstr((char *)(p + 23), s->version, 8); /* firmware version */
194 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
195 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
196 #ifdef USE_DMA_CDROM
197 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
198 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
199 put_le16(p + 62, 7); /* single word dma0-2 supported */
200 put_le16(p + 63, 7); /* mdma0-2 supported */
201 put_le16(p + 64, 0x3f); /* PIO modes supported */
202 #else
203 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
204 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
205 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
206 put_le16(p + 64, 1); /* PIO modes */
207 #endif
208 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
209 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
210 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
211 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
212
213 put_le16(p + 71, 30); /* in ns */
214 put_le16(p + 72, 30); /* in ns */
215
216 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
217 #ifdef USE_DMA_CDROM
218 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
219 #endif
220 memcpy(s->identify_data, p, sizeof(s->identify_data));
221 s->identify_set = 1;
222 }
223
224 static void ide_cfata_identify(IDEState *s)
225 {
226 uint16_t *p;
227 uint32_t cur_sec;
228
229 p = (uint16_t *) s->identify_data;
230 if (s->identify_set)
231 goto fill_buffer;
232
233 memset(p, 0, sizeof(s->identify_data));
234
235 cur_sec = s->cylinders * s->heads * s->sectors;
236
237 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
238 put_le16(p + 1, s->cylinders); /* Default cylinders */
239 put_le16(p + 3, s->heads); /* Default heads */
240 put_le16(p + 6, s->sectors); /* Default sectors per track */
241 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
242 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
243 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
244 put_le16(p + 22, 0x0004); /* ECC bytes */
245 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
246 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
247 #if MAX_MULT_SECTORS > 1
248 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
249 #else
250 put_le16(p + 47, 0x0000);
251 #endif
252 put_le16(p + 49, 0x0f00); /* Capabilities */
253 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
254 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
255 put_le16(p + 53, 0x0003); /* Translation params valid */
256 put_le16(p + 54, s->cylinders); /* Current cylinders */
257 put_le16(p + 55, s->heads); /* Current heads */
258 put_le16(p + 56, s->sectors); /* Current sectors */
259 put_le16(p + 57, cur_sec); /* Current capacity */
260 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
261 if (s->mult_sectors) /* Multiple sector setting */
262 put_le16(p + 59, 0x100 | s->mult_sectors);
263 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
264 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
265 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
266 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
267 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
268 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
269 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
270 put_le16(p + 82, 0x400c); /* Command Set supported */
271 put_le16(p + 83, 0x7068); /* Command Set supported */
272 put_le16(p + 84, 0x4000); /* Features supported */
273 put_le16(p + 85, 0x000c); /* Command Set enabled */
274 put_le16(p + 86, 0x7044); /* Command Set enabled */
275 put_le16(p + 87, 0x4000); /* Features enabled */
276 put_le16(p + 91, 0x4060); /* Current APM level */
277 put_le16(p + 129, 0x0002); /* Current features option */
278 put_le16(p + 130, 0x0005); /* Reassigned sectors */
279 put_le16(p + 131, 0x0001); /* Initial power mode */
280 put_le16(p + 132, 0x0000); /* User signature */
281 put_le16(p + 160, 0x8100); /* Power requirement */
282 put_le16(p + 161, 0x8001); /* CF command set */
283
284 s->identify_set = 1;
285
286 fill_buffer:
287 memcpy(s->io_buffer, p, sizeof(s->identify_data));
288 }
289
290 static void ide_set_signature(IDEState *s)
291 {
292 s->select &= 0xf0; /* clear head */
293 /* put signature */
294 s->nsector = 1;
295 s->sector = 1;
296 if (s->drive_kind == IDE_CD) {
297 s->lcyl = 0x14;
298 s->hcyl = 0xeb;
299 } else if (s->bs) {
300 s->lcyl = 0;
301 s->hcyl = 0;
302 } else {
303 s->lcyl = 0xff;
304 s->hcyl = 0xff;
305 }
306 }
307
308 static inline void ide_abort_command(IDEState *s)
309 {
310 s->status = READY_STAT | ERR_STAT;
311 s->error = ABRT_ERR;
312 }
313
314 static inline void ide_dma_submit_check(IDEState *s,
315 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
316 {
317 if (bm->aiocb)
318 return;
319 dma_cb(bm, -1);
320 }
321
322 /* prepare data transfer and tell what to do after */
323 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
324 EndTransferFunc *end_transfer_func)
325 {
326 s->end_transfer_func = end_transfer_func;
327 s->data_ptr = buf;
328 s->data_end = buf + size;
329 if (!(s->status & ERR_STAT))
330 s->status |= DRQ_STAT;
331 }
332
333 static void ide_transfer_stop(IDEState *s)
334 {
335 s->end_transfer_func = ide_transfer_stop;
336 s->data_ptr = s->io_buffer;
337 s->data_end = s->io_buffer;
338 s->status &= ~DRQ_STAT;
339 }
340
341 int64_t ide_get_sector(IDEState *s)
342 {
343 int64_t sector_num;
344 if (s->select & 0x40) {
345 /* lba */
346 if (!s->lba48) {
347 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
348 (s->lcyl << 8) | s->sector;
349 } else {
350 sector_num = ((int64_t)s->hob_hcyl << 40) |
351 ((int64_t) s->hob_lcyl << 32) |
352 ((int64_t) s->hob_sector << 24) |
353 ((int64_t) s->hcyl << 16) |
354 ((int64_t) s->lcyl << 8) | s->sector;
355 }
356 } else {
357 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
358 (s->select & 0x0f) * s->sectors + (s->sector - 1);
359 }
360 return sector_num;
361 }
362
363 void ide_set_sector(IDEState *s, int64_t sector_num)
364 {
365 unsigned int cyl, r;
366 if (s->select & 0x40) {
367 if (!s->lba48) {
368 s->select = (s->select & 0xf0) | (sector_num >> 24);
369 s->hcyl = (sector_num >> 16);
370 s->lcyl = (sector_num >> 8);
371 s->sector = (sector_num);
372 } else {
373 s->sector = sector_num;
374 s->lcyl = sector_num >> 8;
375 s->hcyl = sector_num >> 16;
376 s->hob_sector = sector_num >> 24;
377 s->hob_lcyl = sector_num >> 32;
378 s->hob_hcyl = sector_num >> 40;
379 }
380 } else {
381 cyl = sector_num / (s->heads * s->sectors);
382 r = sector_num % (s->heads * s->sectors);
383 s->hcyl = cyl >> 8;
384 s->lcyl = cyl;
385 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
386 s->sector = (r % s->sectors) + 1;
387 }
388 }
389
390 static void ide_rw_error(IDEState *s) {
391 ide_abort_command(s);
392 ide_set_irq(s->bus);
393 }
394
395 static void ide_sector_read(IDEState *s)
396 {
397 int64_t sector_num;
398 int ret, n;
399
400 s->status = READY_STAT | SEEK_STAT;
401 s->error = 0; /* not needed by IDE spec, but needed by Windows */
402 sector_num = ide_get_sector(s);
403 n = s->nsector;
404 if (n == 0) {
405 /* no more sector to read from disk */
406 ide_transfer_stop(s);
407 } else {
408 #if defined(DEBUG_IDE)
409 printf("read sector=%" PRId64 "\n", sector_num);
410 #endif
411 if (n > s->req_nb_sectors)
412 n = s->req_nb_sectors;
413 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
414 if (ret != 0) {
415 if (ide_handle_rw_error(s, -ret,
416 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
417 {
418 return;
419 }
420 }
421 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
422 ide_set_irq(s->bus);
423 ide_set_sector(s, sector_num + n);
424 s->nsector -= n;
425 }
426 }
427
428
429 /* return 0 if buffer completed */
430 static int dma_buf_prepare(BMDMAState *bm, int is_write)
431 {
432 IDEState *s = bmdma_active_if(bm);
433 struct {
434 uint32_t addr;
435 uint32_t size;
436 } prd;
437 int l, len;
438
439 qemu_sglist_init(&s->sg, s->nsector / (IDE_PAGE_SIZE / 512) + 1);
440 s->io_buffer_size = 0;
441 for(;;) {
442 if (bm->cur_prd_len == 0) {
443 /* end of table (with a fail safe of one page) */
444 if (bm->cur_prd_last ||
445 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
446 return s->io_buffer_size != 0;
447 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
448 bm->cur_addr += 8;
449 prd.addr = le32_to_cpu(prd.addr);
450 prd.size = le32_to_cpu(prd.size);
451 len = prd.size & 0xfffe;
452 if (len == 0)
453 len = 0x10000;
454 bm->cur_prd_len = len;
455 bm->cur_prd_addr = prd.addr;
456 bm->cur_prd_last = (prd.size & 0x80000000);
457 }
458 l = bm->cur_prd_len;
459 if (l > 0) {
460 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
461 bm->cur_prd_addr += l;
462 bm->cur_prd_len -= l;
463 s->io_buffer_size += l;
464 }
465 }
466 return 1;
467 }
468
469 static void dma_buf_commit(IDEState *s, int is_write)
470 {
471 qemu_sglist_destroy(&s->sg);
472 }
473
474 void ide_dma_error(IDEState *s)
475 {
476 ide_transfer_stop(s);
477 s->error = ABRT_ERR;
478 s->status = READY_STAT | ERR_STAT;
479 ide_set_irq(s->bus);
480 }
481
482 static int ide_handle_rw_error(IDEState *s, int error, int op)
483 {
484 int is_read = (op & BM_STATUS_RETRY_READ);
485 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
486
487 if (action == BLOCK_ERR_IGNORE) {
488 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
489 return 0;
490 }
491
492 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
493 || action == BLOCK_ERR_STOP_ANY) {
494 s->bus->bmdma->unit = s->unit;
495 s->bus->bmdma->status |= op;
496 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
497 vm_stop(0);
498 } else {
499 if (op & BM_STATUS_DMA_RETRY) {
500 dma_buf_commit(s, 0);
501 ide_dma_error(s);
502 } else {
503 ide_rw_error(s);
504 }
505 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
506 }
507
508 return 1;
509 }
510
511 /* return 0 if buffer completed */
512 static int dma_buf_rw(BMDMAState *bm, int is_write)
513 {
514 IDEState *s = bmdma_active_if(bm);
515 struct {
516 uint32_t addr;
517 uint32_t size;
518 } prd;
519 int l, len;
520
521 for(;;) {
522 l = s->io_buffer_size - s->io_buffer_index;
523 if (l <= 0)
524 break;
525 if (bm->cur_prd_len == 0) {
526 /* end of table (with a fail safe of one page) */
527 if (bm->cur_prd_last ||
528 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
529 return 0;
530 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
531 bm->cur_addr += 8;
532 prd.addr = le32_to_cpu(prd.addr);
533 prd.size = le32_to_cpu(prd.size);
534 len = prd.size & 0xfffe;
535 if (len == 0)
536 len = 0x10000;
537 bm->cur_prd_len = len;
538 bm->cur_prd_addr = prd.addr;
539 bm->cur_prd_last = (prd.size & 0x80000000);
540 }
541 if (l > bm->cur_prd_len)
542 l = bm->cur_prd_len;
543 if (l > 0) {
544 if (is_write) {
545 cpu_physical_memory_write(bm->cur_prd_addr,
546 s->io_buffer + s->io_buffer_index, l);
547 } else {
548 cpu_physical_memory_read(bm->cur_prd_addr,
549 s->io_buffer + s->io_buffer_index, l);
550 }
551 bm->cur_prd_addr += l;
552 bm->cur_prd_len -= l;
553 s->io_buffer_index += l;
554 }
555 }
556 return 1;
557 }
558
559 static void ide_read_dma_cb(void *opaque, int ret)
560 {
561 BMDMAState *bm = opaque;
562 IDEState *s = bmdma_active_if(bm);
563 int n;
564 int64_t sector_num;
565
566 if (ret < 0) {
567 if (ide_handle_rw_error(s, -ret,
568 BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ))
569 {
570 return;
571 }
572 }
573
574 n = s->io_buffer_size >> 9;
575 sector_num = ide_get_sector(s);
576 if (n > 0) {
577 dma_buf_commit(s, 1);
578 sector_num += n;
579 ide_set_sector(s, sector_num);
580 s->nsector -= n;
581 }
582
583 /* end of transfer ? */
584 if (s->nsector == 0) {
585 s->status = READY_STAT | SEEK_STAT;
586 ide_set_irq(s->bus);
587 eot:
588 bm->status &= ~BM_STATUS_DMAING;
589 bm->status |= BM_STATUS_INT;
590 bm->dma_cb = NULL;
591 bm->unit = -1;
592 bm->aiocb = NULL;
593 return;
594 }
595
596 /* launch next transfer */
597 n = s->nsector;
598 s->io_buffer_index = 0;
599 s->io_buffer_size = n * 512;
600 if (dma_buf_prepare(bm, 1) == 0)
601 goto eot;
602 #ifdef DEBUG_AIO
603 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
604 #endif
605 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
606 ide_dma_submit_check(s, ide_read_dma_cb, bm);
607 }
608
609 static void ide_sector_read_dma(IDEState *s)
610 {
611 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
612 s->io_buffer_index = 0;
613 s->io_buffer_size = 0;
614 s->is_read = 1;
615 ide_dma_start(s, ide_read_dma_cb);
616 }
617
618 static void ide_sector_write_timer_cb(void *opaque)
619 {
620 IDEState *s = opaque;
621 ide_set_irq(s->bus);
622 }
623
624 static void ide_sector_write(IDEState *s)
625 {
626 int64_t sector_num;
627 int ret, n, n1;
628
629 s->status = READY_STAT | SEEK_STAT;
630 sector_num = ide_get_sector(s);
631 #if defined(DEBUG_IDE)
632 printf("write sector=%" PRId64 "\n", sector_num);
633 #endif
634 n = s->nsector;
635 if (n > s->req_nb_sectors)
636 n = s->req_nb_sectors;
637 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
638
639 if (ret != 0) {
640 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
641 return;
642 }
643
644 s->nsector -= n;
645 if (s->nsector == 0) {
646 /* no more sectors to write */
647 ide_transfer_stop(s);
648 } else {
649 n1 = s->nsector;
650 if (n1 > s->req_nb_sectors)
651 n1 = s->req_nb_sectors;
652 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
653 }
654 ide_set_sector(s, sector_num + n);
655
656 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
657 /* It seems there is a bug in the Windows 2000 installer HDD
658 IDE driver which fills the disk with empty logs when the
659 IDE write IRQ comes too early. This hack tries to correct
660 that at the expense of slower write performances. Use this
661 option _only_ to install Windows 2000. You must disable it
662 for normal use. */
663 qemu_mod_timer(s->sector_write_timer,
664 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000));
665 } else {
666 ide_set_irq(s->bus);
667 }
668 }
669
670 static void ide_dma_restart_bh(void *opaque)
671 {
672 BMDMAState *bm = opaque;
673 int is_read;
674
675 qemu_bh_delete(bm->bh);
676 bm->bh = NULL;
677
678 is_read = !!(bm->status & BM_STATUS_RETRY_READ);
679
680 if (bm->status & BM_STATUS_DMA_RETRY) {
681 bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ);
682 ide_dma_restart(bmdma_active_if(bm), is_read);
683 } else if (bm->status & BM_STATUS_PIO_RETRY) {
684 bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ);
685 if (is_read) {
686 ide_sector_read(bmdma_active_if(bm));
687 } else {
688 ide_sector_write(bmdma_active_if(bm));
689 }
690 }
691 }
692
693 void ide_dma_restart_cb(void *opaque, int running, int reason)
694 {
695 BMDMAState *bm = opaque;
696
697 if (!running)
698 return;
699
700 if (!bm->bh) {
701 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
702 qemu_bh_schedule(bm->bh);
703 }
704 }
705
706 static void ide_write_dma_cb(void *opaque, int ret)
707 {
708 BMDMAState *bm = opaque;
709 IDEState *s = bmdma_active_if(bm);
710 int n;
711 int64_t sector_num;
712
713 if (ret < 0) {
714 if (ide_handle_rw_error(s, -ret, BM_STATUS_DMA_RETRY))
715 return;
716 }
717
718 n = s->io_buffer_size >> 9;
719 sector_num = ide_get_sector(s);
720 if (n > 0) {
721 dma_buf_commit(s, 0);
722 sector_num += n;
723 ide_set_sector(s, sector_num);
724 s->nsector -= n;
725 }
726
727 /* end of transfer ? */
728 if (s->nsector == 0) {
729 s->status = READY_STAT | SEEK_STAT;
730 ide_set_irq(s->bus);
731 eot:
732 bm->status &= ~BM_STATUS_DMAING;
733 bm->status |= BM_STATUS_INT;
734 bm->dma_cb = NULL;
735 bm->unit = -1;
736 bm->aiocb = NULL;
737 return;
738 }
739
740 n = s->nsector;
741 s->io_buffer_size = n * 512;
742 /* launch next transfer */
743 if (dma_buf_prepare(bm, 0) == 0)
744 goto eot;
745 #ifdef DEBUG_AIO
746 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
747 #endif
748 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
749 ide_dma_submit_check(s, ide_write_dma_cb, bm);
750 }
751
752 static void ide_sector_write_dma(IDEState *s)
753 {
754 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
755 s->io_buffer_index = 0;
756 s->io_buffer_size = 0;
757 s->is_read = 0;
758 ide_dma_start(s, ide_write_dma_cb);
759 }
760
761 void ide_atapi_cmd_ok(IDEState *s)
762 {
763 s->error = 0;
764 s->status = READY_STAT | SEEK_STAT;
765 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
766 ide_set_irq(s->bus);
767 }
768
769 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
770 {
771 #ifdef DEBUG_IDE_ATAPI
772 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
773 #endif
774 s->error = sense_key << 4;
775 s->status = READY_STAT | ERR_STAT;
776 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
777 s->sense_key = sense_key;
778 s->asc = asc;
779 ide_set_irq(s->bus);
780 }
781
782 static void ide_atapi_cmd_check_status(IDEState *s)
783 {
784 #ifdef DEBUG_IDE_ATAPI
785 printf("atapi_cmd_check_status\n");
786 #endif
787 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
788 s->status = ERR_STAT;
789 s->nsector = 0;
790 ide_set_irq(s->bus);
791 }
792
793 static void ide_flush_cb(void *opaque, int ret)
794 {
795 IDEState *s = opaque;
796
797 /* XXX: how do we signal I/O errors here? */
798
799 s->status = READY_STAT | SEEK_STAT;
800 ide_set_irq(s->bus);
801 }
802
803 static inline void cpu_to_ube16(uint8_t *buf, int val)
804 {
805 buf[0] = val >> 8;
806 buf[1] = val & 0xff;
807 }
808
809 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
810 {
811 buf[0] = val >> 24;
812 buf[1] = val >> 16;
813 buf[2] = val >> 8;
814 buf[3] = val & 0xff;
815 }
816
817 static inline int ube16_to_cpu(const uint8_t *buf)
818 {
819 return (buf[0] << 8) | buf[1];
820 }
821
822 static inline int ube32_to_cpu(const uint8_t *buf)
823 {
824 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
825 }
826
827 static void lba_to_msf(uint8_t *buf, int lba)
828 {
829 lba += 150;
830 buf[0] = (lba / 75) / 60;
831 buf[1] = (lba / 75) % 60;
832 buf[2] = lba % 75;
833 }
834
835 static void cd_data_to_raw(uint8_t *buf, int lba)
836 {
837 /* sync bytes */
838 buf[0] = 0x00;
839 memset(buf + 1, 0xff, 10);
840 buf[11] = 0x00;
841 buf += 12;
842 /* MSF */
843 lba_to_msf(buf, lba);
844 buf[3] = 0x01; /* mode 1 data */
845 buf += 4;
846 /* data */
847 buf += 2048;
848 /* XXX: ECC not computed */
849 memset(buf, 0, 288);
850 }
851
852 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
853 int sector_size)
854 {
855 int ret;
856
857 switch(sector_size) {
858 case 2048:
859 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
860 break;
861 case 2352:
862 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
863 if (ret < 0)
864 return ret;
865 cd_data_to_raw(buf, lba);
866 break;
867 default:
868 ret = -EIO;
869 break;
870 }
871 return ret;
872 }
873
874 void ide_atapi_io_error(IDEState *s, int ret)
875 {
876 /* XXX: handle more errors */
877 if (ret == -ENOMEDIUM) {
878 ide_atapi_cmd_error(s, SENSE_NOT_READY,
879 ASC_MEDIUM_NOT_PRESENT);
880 } else {
881 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
882 ASC_LOGICAL_BLOCK_OOR);
883 }
884 }
885
886 /* The whole ATAPI transfer logic is handled in this function */
887 static void ide_atapi_cmd_reply_end(IDEState *s)
888 {
889 int byte_count_limit, size, ret;
890 #ifdef DEBUG_IDE_ATAPI
891 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
892 s->packet_transfer_size,
893 s->elementary_transfer_size,
894 s->io_buffer_index);
895 #endif
896 if (s->packet_transfer_size <= 0) {
897 /* end of transfer */
898 ide_transfer_stop(s);
899 s->status = READY_STAT | SEEK_STAT;
900 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
901 ide_set_irq(s->bus);
902 #ifdef DEBUG_IDE_ATAPI
903 printf("status=0x%x\n", s->status);
904 #endif
905 } else {
906 /* see if a new sector must be read */
907 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
908 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
909 if (ret < 0) {
910 ide_transfer_stop(s);
911 ide_atapi_io_error(s, ret);
912 return;
913 }
914 s->lba++;
915 s->io_buffer_index = 0;
916 }
917 if (s->elementary_transfer_size > 0) {
918 /* there are some data left to transmit in this elementary
919 transfer */
920 size = s->cd_sector_size - s->io_buffer_index;
921 if (size > s->elementary_transfer_size)
922 size = s->elementary_transfer_size;
923 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
924 size, ide_atapi_cmd_reply_end);
925 s->packet_transfer_size -= size;
926 s->elementary_transfer_size -= size;
927 s->io_buffer_index += size;
928 } else {
929 /* a new transfer is needed */
930 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
931 byte_count_limit = s->lcyl | (s->hcyl << 8);
932 #ifdef DEBUG_IDE_ATAPI
933 printf("byte_count_limit=%d\n", byte_count_limit);
934 #endif
935 if (byte_count_limit == 0xffff)
936 byte_count_limit--;
937 size = s->packet_transfer_size;
938 if (size > byte_count_limit) {
939 /* byte count limit must be even if this case */
940 if (byte_count_limit & 1)
941 byte_count_limit--;
942 size = byte_count_limit;
943 }
944 s->lcyl = size;
945 s->hcyl = size >> 8;
946 s->elementary_transfer_size = size;
947 /* we cannot transmit more than one sector at a time */
948 if (s->lba != -1) {
949 if (size > (s->cd_sector_size - s->io_buffer_index))
950 size = (s->cd_sector_size - s->io_buffer_index);
951 }
952 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
953 size, ide_atapi_cmd_reply_end);
954 s->packet_transfer_size -= size;
955 s->elementary_transfer_size -= size;
956 s->io_buffer_index += size;
957 ide_set_irq(s->bus);
958 #ifdef DEBUG_IDE_ATAPI
959 printf("status=0x%x\n", s->status);
960 #endif
961 }
962 }
963 }
964
965 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
966 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
967 {
968 if (size > max_size)
969 size = max_size;
970 s->lba = -1; /* no sector read */
971 s->packet_transfer_size = size;
972 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
973 s->elementary_transfer_size = 0;
974 s->io_buffer_index = 0;
975
976 if (s->atapi_dma) {
977 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
978 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
979 } else {
980 s->status = READY_STAT | SEEK_STAT;
981 ide_atapi_cmd_reply_end(s);
982 }
983 }
984
985 /* start a CD-CDROM read command */
986 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
987 int sector_size)
988 {
989 s->lba = lba;
990 s->packet_transfer_size = nb_sectors * sector_size;
991 s->elementary_transfer_size = 0;
992 s->io_buffer_index = sector_size;
993 s->cd_sector_size = sector_size;
994
995 s->status = READY_STAT | SEEK_STAT;
996 ide_atapi_cmd_reply_end(s);
997 }
998
999 /* ATAPI DMA support */
1000
1001 /* XXX: handle read errors */
1002 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1003 {
1004 BMDMAState *bm = opaque;
1005 IDEState *s = bmdma_active_if(bm);
1006 int data_offset, n;
1007
1008 if (ret < 0) {
1009 ide_atapi_io_error(s, ret);
1010 goto eot;
1011 }
1012
1013 if (s->io_buffer_size > 0) {
1014 /*
1015 * For a cdrom read sector command (s->lba != -1),
1016 * adjust the lba for the next s->io_buffer_size chunk
1017 * and dma the current chunk.
1018 * For a command != read (s->lba == -1), just transfer
1019 * the reply data.
1020 */
1021 if (s->lba != -1) {
1022 if (s->cd_sector_size == 2352) {
1023 n = 1;
1024 cd_data_to_raw(s->io_buffer, s->lba);
1025 } else {
1026 n = s->io_buffer_size >> 11;
1027 }
1028 s->lba += n;
1029 }
1030 s->packet_transfer_size -= s->io_buffer_size;
1031 if (dma_buf_rw(bm, 1) == 0)
1032 goto eot;
1033 }
1034
1035 if (s->packet_transfer_size <= 0) {
1036 s->status = READY_STAT | SEEK_STAT;
1037 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1038 ide_set_irq(s->bus);
1039 eot:
1040 bm->status &= ~BM_STATUS_DMAING;
1041 bm->status |= BM_STATUS_INT;
1042 bm->dma_cb = NULL;
1043 bm->unit = -1;
1044 bm->aiocb = NULL;
1045 return;
1046 }
1047
1048 s->io_buffer_index = 0;
1049 if (s->cd_sector_size == 2352) {
1050 n = 1;
1051 s->io_buffer_size = s->cd_sector_size;
1052 data_offset = 16;
1053 } else {
1054 n = s->packet_transfer_size >> 11;
1055 if (n > (IDE_DMA_BUF_SECTORS / 4))
1056 n = (IDE_DMA_BUF_SECTORS / 4);
1057 s->io_buffer_size = n * 2048;
1058 data_offset = 0;
1059 }
1060 #ifdef DEBUG_AIO
1061 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1062 #endif
1063 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1064 bm->iov.iov_len = n * 4 * 512;
1065 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1066 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1067 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1068 if (!bm->aiocb) {
1069 /* Note: media not present is the most likely case */
1070 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1071 ASC_MEDIUM_NOT_PRESENT);
1072 goto eot;
1073 }
1074 }
1075
1076 /* start a CD-CDROM read command with DMA */
1077 /* XXX: test if DMA is available */
1078 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1079 int sector_size)
1080 {
1081 s->lba = lba;
1082 s->packet_transfer_size = nb_sectors * sector_size;
1083 s->io_buffer_index = 0;
1084 s->io_buffer_size = 0;
1085 s->cd_sector_size = sector_size;
1086
1087 /* XXX: check if BUSY_STAT should be set */
1088 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1089 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1090 }
1091
1092 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1093 int sector_size)
1094 {
1095 #ifdef DEBUG_IDE_ATAPI
1096 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1097 lba, nb_sectors);
1098 #endif
1099 if (s->atapi_dma) {
1100 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1101 } else {
1102 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1103 }
1104 }
1105
1106 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1107 uint16_t profile)
1108 {
1109 uint8_t *buf_profile = buf + 12; /* start of profiles */
1110
1111 buf_profile += ((*index) * 4); /* start of indexed profile */
1112 cpu_to_ube16 (buf_profile, profile);
1113 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1114
1115 /* each profile adds 4 bytes to the response */
1116 (*index)++;
1117 buf[11] += 4; /* Additional Length */
1118
1119 return 4;
1120 }
1121
1122 static int ide_dvd_read_structure(IDEState *s, int format,
1123 const uint8_t *packet, uint8_t *buf)
1124 {
1125 switch (format) {
1126 case 0x0: /* Physical format information */
1127 {
1128 int layer = packet[6];
1129 uint64_t total_sectors;
1130
1131 if (layer != 0)
1132 return -ASC_INV_FIELD_IN_CMD_PACKET;
1133
1134 bdrv_get_geometry(s->bs, &total_sectors);
1135 total_sectors >>= 2;
1136 if (total_sectors == 0)
1137 return -ASC_MEDIUM_NOT_PRESENT;
1138
1139 buf[4] = 1; /* DVD-ROM, part version 1 */
1140 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1141 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1142 buf[7] = 0; /* default densities */
1143
1144 /* FIXME: 0x30000 per spec? */
1145 cpu_to_ube32(buf + 8, 0); /* start sector */
1146 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1147 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1148
1149 /* Size of buffer, not including 2 byte size field */
1150 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1151
1152 /* 2k data + 4 byte header */
1153 return (2048 + 4);
1154 }
1155
1156 case 0x01: /* DVD copyright information */
1157 buf[4] = 0; /* no copyright data */
1158 buf[5] = 0; /* no region restrictions */
1159
1160 /* Size of buffer, not including 2 byte size field */
1161 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1162
1163 /* 4 byte header + 4 byte data */
1164 return (4 + 4);
1165
1166 case 0x03: /* BCA information - invalid field for no BCA info */
1167 return -ASC_INV_FIELD_IN_CMD_PACKET;
1168
1169 case 0x04: /* DVD disc manufacturing information */
1170 /* Size of buffer, not including 2 byte size field */
1171 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1172
1173 /* 2k data + 4 byte header */
1174 return (2048 + 4);
1175
1176 case 0xff:
1177 /*
1178 * This lists all the command capabilities above. Add new ones
1179 * in order and update the length and buffer return values.
1180 */
1181
1182 buf[4] = 0x00; /* Physical format */
1183 buf[5] = 0x40; /* Not writable, is readable */
1184 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1185
1186 buf[8] = 0x01; /* Copyright info */
1187 buf[9] = 0x40; /* Not writable, is readable */
1188 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1189
1190 buf[12] = 0x03; /* BCA info */
1191 buf[13] = 0x40; /* Not writable, is readable */
1192 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1193
1194 buf[16] = 0x04; /* Manufacturing info */
1195 buf[17] = 0x40; /* Not writable, is readable */
1196 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1197
1198 /* Size of buffer, not including 2 byte size field */
1199 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1200
1201 /* data written + 4 byte header */
1202 return (16 + 4);
1203
1204 default: /* TODO: formats beyond DVD-ROM requires */
1205 return -ASC_INV_FIELD_IN_CMD_PACKET;
1206 }
1207 }
1208
1209 static void ide_atapi_cmd(IDEState *s)
1210 {
1211 const uint8_t *packet;
1212 uint8_t *buf;
1213 int max_len;
1214
1215 packet = s->io_buffer;
1216 buf = s->io_buffer;
1217 #ifdef DEBUG_IDE_ATAPI
1218 {
1219 int i;
1220 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1221 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1222 printf(" %02x", packet[i]);
1223 }
1224 printf("\n");
1225 }
1226 #endif
1227 /* If there's a UNIT_ATTENTION condition pending, only
1228 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1229 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1230 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1231 s->io_buffer[0] != GPCMD_INQUIRY) {
1232 ide_atapi_cmd_check_status(s);
1233 return;
1234 }
1235 switch(s->io_buffer[0]) {
1236 case GPCMD_TEST_UNIT_READY:
1237 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1238 ide_atapi_cmd_ok(s);
1239 } else {
1240 s->cdrom_changed = 0;
1241 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1242 ASC_MEDIUM_NOT_PRESENT);
1243 }
1244 break;
1245 case GPCMD_MODE_SENSE_6:
1246 case GPCMD_MODE_SENSE_10:
1247 {
1248 int action, code;
1249 if (packet[0] == GPCMD_MODE_SENSE_10)
1250 max_len = ube16_to_cpu(packet + 7);
1251 else
1252 max_len = packet[4];
1253 action = packet[2] >> 6;
1254 code = packet[2] & 0x3f;
1255 switch(action) {
1256 case 0: /* current values */
1257 switch(code) {
1258 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1259 cpu_to_ube16(&buf[0], 16 + 6);
1260 buf[2] = 0x70;
1261 buf[3] = 0;
1262 buf[4] = 0;
1263 buf[5] = 0;
1264 buf[6] = 0;
1265 buf[7] = 0;
1266
1267 buf[8] = 0x01;
1268 buf[9] = 0x06;
1269 buf[10] = 0x00;
1270 buf[11] = 0x05;
1271 buf[12] = 0x00;
1272 buf[13] = 0x00;
1273 buf[14] = 0x00;
1274 buf[15] = 0x00;
1275 ide_atapi_cmd_reply(s, 16, max_len);
1276 break;
1277 case GPMODE_AUDIO_CTL_PAGE:
1278 cpu_to_ube16(&buf[0], 24 + 6);
1279 buf[2] = 0x70;
1280 buf[3] = 0;
1281 buf[4] = 0;
1282 buf[5] = 0;
1283 buf[6] = 0;
1284 buf[7] = 0;
1285
1286 /* Fill with CDROM audio volume */
1287 buf[17] = 0;
1288 buf[19] = 0;
1289 buf[21] = 0;
1290 buf[23] = 0;
1291
1292 ide_atapi_cmd_reply(s, 24, max_len);
1293 break;
1294 case GPMODE_CAPABILITIES_PAGE:
1295 cpu_to_ube16(&buf[0], 28 + 6);
1296 buf[2] = 0x70;
1297 buf[3] = 0;
1298 buf[4] = 0;
1299 buf[5] = 0;
1300 buf[6] = 0;
1301 buf[7] = 0;
1302
1303 buf[8] = 0x2a;
1304 buf[9] = 0x12;
1305 buf[10] = 0x00;
1306 buf[11] = 0x00;
1307
1308 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1309 code checks for this to automount media. */
1310 buf[12] = 0x71;
1311 buf[13] = 3 << 5;
1312 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1313 if (bdrv_is_locked(s->bs))
1314 buf[6] |= 1 << 1;
1315 buf[15] = 0x00;
1316 cpu_to_ube16(&buf[16], 706);
1317 buf[18] = 0;
1318 buf[19] = 2;
1319 cpu_to_ube16(&buf[20], 512);
1320 cpu_to_ube16(&buf[22], 706);
1321 buf[24] = 0;
1322 buf[25] = 0;
1323 buf[26] = 0;
1324 buf[27] = 0;
1325 ide_atapi_cmd_reply(s, 28, max_len);
1326 break;
1327 default:
1328 goto error_cmd;
1329 }
1330 break;
1331 case 1: /* changeable values */
1332 goto error_cmd;
1333 case 2: /* default values */
1334 goto error_cmd;
1335 default:
1336 case 3: /* saved values */
1337 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1338 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1339 break;
1340 }
1341 }
1342 break;
1343 case GPCMD_REQUEST_SENSE:
1344 max_len = packet[4];
1345 memset(buf, 0, 18);
1346 buf[0] = 0x70 | (1 << 7);
1347 buf[2] = s->sense_key;
1348 buf[7] = 10;
1349 buf[12] = s->asc;
1350 if (s->sense_key == SENSE_UNIT_ATTENTION)
1351 s->sense_key = SENSE_NONE;
1352 ide_atapi_cmd_reply(s, 18, max_len);
1353 break;
1354 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1355 if (bdrv_is_inserted(s->bs)) {
1356 bdrv_set_locked(s->bs, packet[4] & 1);
1357 ide_atapi_cmd_ok(s);
1358 } else {
1359 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1360 ASC_MEDIUM_NOT_PRESENT);
1361 }
1362 break;
1363 case GPCMD_READ_10:
1364 case GPCMD_READ_12:
1365 {
1366 int nb_sectors, lba;
1367
1368 if (packet[0] == GPCMD_READ_10)
1369 nb_sectors = ube16_to_cpu(packet + 7);
1370 else
1371 nb_sectors = ube32_to_cpu(packet + 6);
1372 lba = ube32_to_cpu(packet + 2);
1373 if (nb_sectors == 0) {
1374 ide_atapi_cmd_ok(s);
1375 break;
1376 }
1377 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1378 }
1379 break;
1380 case GPCMD_READ_CD:
1381 {
1382 int nb_sectors, lba, transfer_request;
1383
1384 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1385 lba = ube32_to_cpu(packet + 2);
1386 if (nb_sectors == 0) {
1387 ide_atapi_cmd_ok(s);
1388 break;
1389 }
1390 transfer_request = packet[9];
1391 switch(transfer_request & 0xf8) {
1392 case 0x00:
1393 /* nothing */
1394 ide_atapi_cmd_ok(s);
1395 break;
1396 case 0x10:
1397 /* normal read */
1398 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1399 break;
1400 case 0xf8:
1401 /* read all data */
1402 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1403 break;
1404 default:
1405 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1406 ASC_INV_FIELD_IN_CMD_PACKET);
1407 break;
1408 }
1409 }
1410 break;
1411 case GPCMD_SEEK:
1412 {
1413 unsigned int lba;
1414 uint64_t total_sectors;
1415
1416 bdrv_get_geometry(s->bs, &total_sectors);
1417 total_sectors >>= 2;
1418 if (total_sectors == 0) {
1419 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1420 ASC_MEDIUM_NOT_PRESENT);
1421 break;
1422 }
1423 lba = ube32_to_cpu(packet + 2);
1424 if (lba >= total_sectors) {
1425 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1426 ASC_LOGICAL_BLOCK_OOR);
1427 break;
1428 }
1429 ide_atapi_cmd_ok(s);
1430 }
1431 break;
1432 case GPCMD_START_STOP_UNIT:
1433 {
1434 int start, eject, err = 0;
1435 start = packet[4] & 1;
1436 eject = (packet[4] >> 1) & 1;
1437
1438 if (eject) {
1439 err = bdrv_eject(s->bs, !start);
1440 }
1441
1442 switch (err) {
1443 case 0:
1444 ide_atapi_cmd_ok(s);
1445 break;
1446 case -EBUSY:
1447 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1448 ASC_MEDIA_REMOVAL_PREVENTED);
1449 break;
1450 default:
1451 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1452 ASC_MEDIUM_NOT_PRESENT);
1453 break;
1454 }
1455 }
1456 break;
1457 case GPCMD_MECHANISM_STATUS:
1458 {
1459 max_len = ube16_to_cpu(packet + 8);
1460 cpu_to_ube16(buf, 0);
1461 /* no current LBA */
1462 buf[2] = 0;
1463 buf[3] = 0;
1464 buf[4] = 0;
1465 buf[5] = 1;
1466 cpu_to_ube16(buf + 6, 0);
1467 ide_atapi_cmd_reply(s, 8, max_len);
1468 }
1469 break;
1470 case GPCMD_READ_TOC_PMA_ATIP:
1471 {
1472 int format, msf, start_track, len;
1473 uint64_t total_sectors;
1474
1475 bdrv_get_geometry(s->bs, &total_sectors);
1476 total_sectors >>= 2;
1477 if (total_sectors == 0) {
1478 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1479 ASC_MEDIUM_NOT_PRESENT);
1480 break;
1481 }
1482 max_len = ube16_to_cpu(packet + 7);
1483 format = packet[9] >> 6;
1484 msf = (packet[1] >> 1) & 1;
1485 start_track = packet[6];
1486 switch(format) {
1487 case 0:
1488 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1489 if (len < 0)
1490 goto error_cmd;
1491 ide_atapi_cmd_reply(s, len, max_len);
1492 break;
1493 case 1:
1494 /* multi session : only a single session defined */
1495 memset(buf, 0, 12);
1496 buf[1] = 0x0a;
1497 buf[2] = 0x01;
1498 buf[3] = 0x01;
1499 ide_atapi_cmd_reply(s, 12, max_len);
1500 break;
1501 case 2:
1502 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1503 if (len < 0)
1504 goto error_cmd;
1505 ide_atapi_cmd_reply(s, len, max_len);
1506 break;
1507 default:
1508 error_cmd:
1509 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1510 ASC_INV_FIELD_IN_CMD_PACKET);
1511 break;
1512 }
1513 }
1514 break;
1515 case GPCMD_READ_CDVD_CAPACITY:
1516 {
1517 uint64_t total_sectors;
1518
1519 bdrv_get_geometry(s->bs, &total_sectors);
1520 total_sectors >>= 2;
1521 if (total_sectors == 0) {
1522 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1523 ASC_MEDIUM_NOT_PRESENT);
1524 break;
1525 }
1526 /* NOTE: it is really the number of sectors minus 1 */
1527 cpu_to_ube32(buf, total_sectors - 1);
1528 cpu_to_ube32(buf + 4, 2048);
1529 ide_atapi_cmd_reply(s, 8, 8);
1530 }
1531 break;
1532 case GPCMD_READ_DVD_STRUCTURE:
1533 {
1534 int media = packet[1];
1535 int format = packet[7];
1536 int ret;
1537
1538 max_len = ube16_to_cpu(packet + 8);
1539
1540 if (format < 0xff) {
1541 if (media_is_cd(s)) {
1542 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1543 ASC_INCOMPATIBLE_FORMAT);
1544 break;
1545 } else if (!media_present(s)) {
1546 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1547 ASC_INV_FIELD_IN_CMD_PACKET);
1548 break;
1549 }
1550 }
1551
1552 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1553 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1554
1555 switch (format) {
1556 case 0x00 ... 0x7f:
1557 case 0xff:
1558 if (media == 0) {
1559 ret = ide_dvd_read_structure(s, format, packet, buf);
1560
1561 if (ret < 0)
1562 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1563 else
1564 ide_atapi_cmd_reply(s, ret, max_len);
1565
1566 break;
1567 }
1568 /* TODO: BD support, fall through for now */
1569
1570 /* Generic disk structures */
1571 case 0x80: /* TODO: AACS volume identifier */
1572 case 0x81: /* TODO: AACS media serial number */
1573 case 0x82: /* TODO: AACS media identifier */
1574 case 0x83: /* TODO: AACS media key block */
1575 case 0x90: /* TODO: List of recognized format layers */
1576 case 0xc0: /* TODO: Write protection status */
1577 default:
1578 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1579 ASC_INV_FIELD_IN_CMD_PACKET);
1580 break;
1581 }
1582 }
1583 break;
1584 case GPCMD_SET_SPEED:
1585 ide_atapi_cmd_ok(s);
1586 break;
1587 case GPCMD_INQUIRY:
1588 max_len = packet[4];
1589 buf[0] = 0x05; /* CD-ROM */
1590 buf[1] = 0x80; /* removable */
1591 buf[2] = 0x00; /* ISO */
1592 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1593 buf[4] = 31; /* additional length */
1594 buf[5] = 0; /* reserved */
1595 buf[6] = 0; /* reserved */
1596 buf[7] = 0; /* reserved */
1597 padstr8(buf + 8, 8, "QEMU");
1598 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1599 padstr8(buf + 32, 4, s->version);
1600 ide_atapi_cmd_reply(s, 36, max_len);
1601 break;
1602 case GPCMD_GET_CONFIGURATION:
1603 {
1604 uint32_t len;
1605 uint8_t index = 0;
1606
1607 /* only feature 0 is supported */
1608 if (packet[2] != 0 || packet[3] != 0) {
1609 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1610 ASC_INV_FIELD_IN_CMD_PACKET);
1611 break;
1612 }
1613
1614 /* XXX: could result in alignment problems in some architectures */
1615 max_len = ube16_to_cpu(packet + 7);
1616
1617 /*
1618 * XXX: avoid overflow for io_buffer if max_len is bigger than
1619 * the size of that buffer (dimensioned to max number of
1620 * sectors to transfer at once)
1621 *
1622 * Only a problem if the feature/profiles grow.
1623 */
1624 if (max_len > 512) /* XXX: assume 1 sector */
1625 max_len = 512;
1626
1627 memset(buf, 0, max_len);
1628 /*
1629 * the number of sectors from the media tells us which profile
1630 * to use as current. 0 means there is no media
1631 */
1632 if (media_is_dvd(s))
1633 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1634 else if (media_is_cd(s))
1635 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1636
1637 buf[10] = 0x02 | 0x01; /* persistent and current */
1638 len = 12; /* headers: 8 + 4 */
1639 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1640 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1641 cpu_to_ube32(buf, len - 4); /* data length */
1642
1643 ide_atapi_cmd_reply(s, len, max_len);
1644 break;
1645 }
1646 case GPCMD_GET_EVENT_STATUS_NOTIFICATION:
1647 max_len = ube16_to_cpu(packet + 7);
1648
1649 if (packet[1] & 0x01) { /* polling */
1650 /* We don't support any event class (yet). */
1651 cpu_to_ube16(buf, 0x00); /* No event descriptor returned */
1652 buf[2] = 0x80; /* No Event Available (NEA) */
1653 buf[3] = 0x00; /* Empty supported event classes */
1654 ide_atapi_cmd_reply(s, 4, max_len);
1655 } else { /* asynchronous mode */
1656 /* Only polling is supported, asynchronous mode is not. */
1657 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1658 ASC_INV_FIELD_IN_CMD_PACKET);
1659 }
1660 break;
1661 default:
1662 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1663 ASC_ILLEGAL_OPCODE);
1664 break;
1665 }
1666 }
1667
1668 static void ide_cfata_metadata_inquiry(IDEState *s)
1669 {
1670 uint16_t *p;
1671 uint32_t spd;
1672
1673 p = (uint16_t *) s->io_buffer;
1674 memset(p, 0, 0x200);
1675 spd = ((s->mdata_size - 1) >> 9) + 1;
1676
1677 put_le16(p + 0, 0x0001); /* Data format revision */
1678 put_le16(p + 1, 0x0000); /* Media property: silicon */
1679 put_le16(p + 2, s->media_changed); /* Media status */
1680 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1681 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1682 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1683 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1684 }
1685
1686 static void ide_cfata_metadata_read(IDEState *s)
1687 {
1688 uint16_t *p;
1689
1690 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1691 s->status = ERR_STAT;
1692 s->error = ABRT_ERR;
1693 return;
1694 }
1695
1696 p = (uint16_t *) s->io_buffer;
1697 memset(p, 0, 0x200);
1698
1699 put_le16(p + 0, s->media_changed); /* Media status */
1700 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1701 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1702 s->nsector << 9), 0x200 - 2));
1703 }
1704
1705 static void ide_cfata_metadata_write(IDEState *s)
1706 {
1707 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1708 s->status = ERR_STAT;
1709 s->error = ABRT_ERR;
1710 return;
1711 }
1712
1713 s->media_changed = 0;
1714
1715 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1716 s->io_buffer + 2,
1717 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1718 s->nsector << 9), 0x200 - 2));
1719 }
1720
1721 /* called when the inserted state of the media has changed */
1722 static void cdrom_change_cb(void *opaque)
1723 {
1724 IDEState *s = opaque;
1725 uint64_t nb_sectors;
1726
1727 bdrv_get_geometry(s->bs, &nb_sectors);
1728 s->nb_sectors = nb_sectors;
1729
1730 s->sense_key = SENSE_UNIT_ATTENTION;
1731 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1732 s->cdrom_changed = 1;
1733 ide_set_irq(s->bus);
1734 }
1735
1736 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1737 {
1738 s->lba48 = lba48;
1739
1740 /* handle the 'magic' 0 nsector count conversion here. to avoid
1741 * fiddling with the rest of the read logic, we just store the
1742 * full sector count in ->nsector and ignore ->hob_nsector from now
1743 */
1744 if (!s->lba48) {
1745 if (!s->nsector)
1746 s->nsector = 256;
1747 } else {
1748 if (!s->nsector && !s->hob_nsector)
1749 s->nsector = 65536;
1750 else {
1751 int lo = s->nsector;
1752 int hi = s->hob_nsector;
1753
1754 s->nsector = (hi << 8) | lo;
1755 }
1756 }
1757 }
1758
1759 static void ide_clear_hob(IDEBus *bus)
1760 {
1761 /* any write clears HOB high bit of device control register */
1762 bus->ifs[0].select &= ~(1 << 7);
1763 bus->ifs[1].select &= ~(1 << 7);
1764 }
1765
1766 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1767 {
1768 IDEBus *bus = opaque;
1769 IDEState *s;
1770 int n;
1771 int lba48 = 0;
1772
1773 #ifdef DEBUG_IDE
1774 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1775 #endif
1776
1777 addr &= 7;
1778
1779 /* ignore writes to command block while busy with previous command */
1780 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1781 return;
1782
1783 switch(addr) {
1784 case 0:
1785 break;
1786 case 1:
1787 ide_clear_hob(bus);
1788 /* NOTE: data is written to the two drives */
1789 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1790 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1791 bus->ifs[0].feature = val;
1792 bus->ifs[1].feature = val;
1793 break;
1794 case 2:
1795 ide_clear_hob(bus);
1796 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1797 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1798 bus->ifs[0].nsector = val;
1799 bus->ifs[1].nsector = val;
1800 break;
1801 case 3:
1802 ide_clear_hob(bus);
1803 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1804 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1805 bus->ifs[0].sector = val;
1806 bus->ifs[1].sector = val;
1807 break;
1808 case 4:
1809 ide_clear_hob(bus);
1810 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1811 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1812 bus->ifs[0].lcyl = val;
1813 bus->ifs[1].lcyl = val;
1814 break;
1815 case 5:
1816 ide_clear_hob(bus);
1817 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1818 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1819 bus->ifs[0].hcyl = val;
1820 bus->ifs[1].hcyl = val;
1821 break;
1822 case 6:
1823 /* FIXME: HOB readback uses bit 7 */
1824 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1825 bus->ifs[1].select = (val | 0x10) | 0xa0;
1826 /* select drive */
1827 bus->unit = (val >> 4) & 1;
1828 break;
1829 default:
1830 case 7:
1831 /* command */
1832 #if defined(DEBUG_IDE)
1833 printf("ide: CMD=%02x\n", val);
1834 #endif
1835 s = idebus_active_if(bus);
1836 /* ignore commands to non existant slave */
1837 if (s != bus->ifs && !s->bs)
1838 break;
1839
1840 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1841 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1842 break;
1843
1844 switch(val) {
1845 case WIN_IDENTIFY:
1846 if (s->bs && s->drive_kind != IDE_CD) {
1847 if (s->drive_kind != IDE_CFATA)
1848 ide_identify(s);
1849 else
1850 ide_cfata_identify(s);
1851 s->status = READY_STAT | SEEK_STAT;
1852 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1853 } else {
1854 if (s->drive_kind == IDE_CD) {
1855 ide_set_signature(s);
1856 }
1857 ide_abort_command(s);
1858 }
1859 ide_set_irq(s->bus);
1860 break;
1861 case WIN_SPECIFY:
1862 case WIN_RECAL:
1863 s->error = 0;
1864 s->status = READY_STAT | SEEK_STAT;
1865 ide_set_irq(s->bus);
1866 break;
1867 case WIN_SETMULT:
1868 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1869 /* Disable Read and Write Multiple */
1870 s->mult_sectors = 0;
1871 s->status = READY_STAT | SEEK_STAT;
1872 } else if ((s->nsector & 0xff) != 0 &&
1873 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1874 (s->nsector & (s->nsector - 1)) != 0)) {
1875 ide_abort_command(s);
1876 } else {
1877 s->mult_sectors = s->nsector & 0xff;
1878 s->status = READY_STAT | SEEK_STAT;
1879 }
1880 ide_set_irq(s->bus);
1881 break;
1882 case WIN_VERIFY_EXT:
1883 lba48 = 1;
1884 case WIN_VERIFY:
1885 case WIN_VERIFY_ONCE:
1886 /* do sector number check ? */
1887 ide_cmd_lba48_transform(s, lba48);
1888 s->status = READY_STAT | SEEK_STAT;
1889 ide_set_irq(s->bus);
1890 break;
1891 case WIN_READ_EXT:
1892 lba48 = 1;
1893 case WIN_READ:
1894 case WIN_READ_ONCE:
1895 if (!s->bs)
1896 goto abort_cmd;
1897 ide_cmd_lba48_transform(s, lba48);
1898 s->req_nb_sectors = 1;
1899 ide_sector_read(s);
1900 break;
1901 case WIN_WRITE_EXT:
1902 lba48 = 1;
1903 case WIN_WRITE:
1904 case WIN_WRITE_ONCE:
1905 case CFA_WRITE_SECT_WO_ERASE:
1906 case WIN_WRITE_VERIFY:
1907 ide_cmd_lba48_transform(s, lba48);
1908 s->error = 0;
1909 s->status = SEEK_STAT | READY_STAT;
1910 s->req_nb_sectors = 1;
1911 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1912 s->media_changed = 1;
1913 break;
1914 case WIN_MULTREAD_EXT:
1915 lba48 = 1;
1916 case WIN_MULTREAD:
1917 if (!s->mult_sectors)
1918 goto abort_cmd;
1919 ide_cmd_lba48_transform(s, lba48);
1920 s->req_nb_sectors = s->mult_sectors;
1921 ide_sector_read(s);
1922 break;
1923 case WIN_MULTWRITE_EXT:
1924 lba48 = 1;
1925 case WIN_MULTWRITE:
1926 case CFA_WRITE_MULTI_WO_ERASE:
1927 if (!s->mult_sectors)
1928 goto abort_cmd;
1929 ide_cmd_lba48_transform(s, lba48);
1930 s->error = 0;
1931 s->status = SEEK_STAT | READY_STAT;
1932 s->req_nb_sectors = s->mult_sectors;
1933 n = s->nsector;
1934 if (n > s->req_nb_sectors)
1935 n = s->req_nb_sectors;
1936 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1937 s->media_changed = 1;
1938 break;
1939 case WIN_READDMA_EXT:
1940 lba48 = 1;
1941 case WIN_READDMA:
1942 case WIN_READDMA_ONCE:
1943 if (!s->bs)
1944 goto abort_cmd;
1945 ide_cmd_lba48_transform(s, lba48);
1946 ide_sector_read_dma(s);
1947 break;
1948 case WIN_WRITEDMA_EXT:
1949 lba48 = 1;
1950 case WIN_WRITEDMA:
1951 case WIN_WRITEDMA_ONCE:
1952 if (!s->bs)
1953 goto abort_cmd;
1954 ide_cmd_lba48_transform(s, lba48);
1955 ide_sector_write_dma(s);
1956 s->media_changed = 1;
1957 break;
1958 case WIN_READ_NATIVE_MAX_EXT:
1959 lba48 = 1;
1960 case WIN_READ_NATIVE_MAX:
1961 ide_cmd_lba48_transform(s, lba48);
1962 ide_set_sector(s, s->nb_sectors - 1);
1963 s->status = READY_STAT | SEEK_STAT;
1964 ide_set_irq(s->bus);
1965 break;
1966 case WIN_CHECKPOWERMODE1:
1967 case WIN_CHECKPOWERMODE2:
1968 s->nsector = 0xff; /* device active or idle */
1969 s->status = READY_STAT | SEEK_STAT;
1970 ide_set_irq(s->bus);
1971 break;
1972 case WIN_SETFEATURES:
1973 if (!s->bs)
1974 goto abort_cmd;
1975 /* XXX: valid for CDROM ? */
1976 switch(s->feature) {
1977 case 0xcc: /* reverting to power-on defaults enable */
1978 case 0x66: /* reverting to power-on defaults disable */
1979 case 0x02: /* write cache enable */
1980 case 0x82: /* write cache disable */
1981 case 0xaa: /* read look-ahead enable */
1982 case 0x55: /* read look-ahead disable */
1983 case 0x05: /* set advanced power management mode */
1984 case 0x85: /* disable advanced power management mode */
1985 case 0x69: /* NOP */
1986 case 0x67: /* NOP */
1987 case 0x96: /* NOP */
1988 case 0x9a: /* NOP */
1989 case 0x42: /* enable Automatic Acoustic Mode */
1990 case 0xc2: /* disable Automatic Acoustic Mode */
1991 s->status = READY_STAT | SEEK_STAT;
1992 ide_set_irq(s->bus);
1993 break;
1994 case 0x03: { /* set transfer mode */
1995 uint8_t val = s->nsector & 0x07;
1996 uint16_t *identify_data = (uint16_t *)s->identify_data;
1997
1998 switch (s->nsector >> 3) {
1999 case 0x00: /* pio default */
2000 case 0x01: /* pio mode */
2001 put_le16(identify_data + 62,0x07);
2002 put_le16(identify_data + 63,0x07);
2003 put_le16(identify_data + 88,0x3f);
2004 break;
2005 case 0x02: /* sigle word dma mode*/
2006 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
2007 put_le16(identify_data + 63,0x07);
2008 put_le16(identify_data + 88,0x3f);
2009 break;
2010 case 0x04: /* mdma mode */
2011 put_le16(identify_data + 62,0x07);
2012 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
2013 put_le16(identify_data + 88,0x3f);
2014 break;
2015 case 0x08: /* udma mode */
2016 put_le16(identify_data + 62,0x07);
2017 put_le16(identify_data + 63,0x07);
2018 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
2019 break;
2020 default:
2021 goto abort_cmd;
2022 }
2023 s->status = READY_STAT | SEEK_STAT;
2024 ide_set_irq(s->bus);
2025 break;
2026 }
2027 default:
2028 goto abort_cmd;
2029 }
2030 break;
2031 case WIN_FLUSH_CACHE:
2032 case WIN_FLUSH_CACHE_EXT:
2033 if (s->bs)
2034 bdrv_aio_flush(s->bs, ide_flush_cb, s);
2035 else
2036 ide_flush_cb(s, 0);
2037 break;
2038 case WIN_STANDBY:
2039 case WIN_STANDBY2:
2040 case WIN_STANDBYNOW1:
2041 case WIN_STANDBYNOW2:
2042 case WIN_IDLEIMMEDIATE:
2043 case CFA_IDLEIMMEDIATE:
2044 case WIN_SETIDLE1:
2045 case WIN_SETIDLE2:
2046 case WIN_SLEEPNOW1:
2047 case WIN_SLEEPNOW2:
2048 s->status = READY_STAT;
2049 ide_set_irq(s->bus);
2050 break;
2051 case WIN_SEEK:
2052 if(s->drive_kind == IDE_CD)
2053 goto abort_cmd;
2054 /* XXX: Check that seek is within bounds */
2055 s->status = READY_STAT | SEEK_STAT;
2056 ide_set_irq(s->bus);
2057 break;
2058 /* ATAPI commands */
2059 case WIN_PIDENTIFY:
2060 if (s->drive_kind == IDE_CD) {
2061 ide_atapi_identify(s);
2062 s->status = READY_STAT | SEEK_STAT;
2063 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2064 } else {
2065 ide_abort_command(s);
2066 }
2067 ide_set_irq(s->bus);
2068 break;
2069 case WIN_DIAGNOSE:
2070 ide_set_signature(s);
2071 if (s->drive_kind == IDE_CD)
2072 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2073 * devices to return a clear status register
2074 * with READY_STAT *not* set. */
2075 else
2076 s->status = READY_STAT | SEEK_STAT;
2077 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2078 * present.
2079 */
2080 ide_set_irq(s->bus);
2081 break;
2082 case WIN_SRST:
2083 if (s->drive_kind != IDE_CD)
2084 goto abort_cmd;
2085 ide_set_signature(s);
2086 s->status = 0x00; /* NOTE: READY is _not_ set */
2087 s->error = 0x01;
2088 break;
2089 case WIN_PACKETCMD:
2090 if (s->drive_kind != IDE_CD)
2091 goto abort_cmd;
2092 /* overlapping commands not supported */
2093 if (s->feature & 0x02)
2094 goto abort_cmd;
2095 s->status = READY_STAT | SEEK_STAT;
2096 s->atapi_dma = s->feature & 1;
2097 s->nsector = 1;
2098 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2099 ide_atapi_cmd);
2100 break;
2101 /* CF-ATA commands */
2102 case CFA_REQ_EXT_ERROR_CODE:
2103 if (s->drive_kind != IDE_CFATA)
2104 goto abort_cmd;
2105 s->error = 0x09; /* miscellaneous error */
2106 s->status = READY_STAT | SEEK_STAT;
2107 ide_set_irq(s->bus);
2108 break;
2109 case CFA_ERASE_SECTORS:
2110 case CFA_WEAR_LEVEL:
2111 if (s->drive_kind != IDE_CFATA)
2112 goto abort_cmd;
2113 if (val == CFA_WEAR_LEVEL)
2114 s->nsector = 0;
2115 if (val == CFA_ERASE_SECTORS)
2116 s->media_changed = 1;
2117 s->error = 0x00;
2118 s->status = READY_STAT | SEEK_STAT;
2119 ide_set_irq(s->bus);
2120 break;
2121 case CFA_TRANSLATE_SECTOR:
2122 if (s->drive_kind != IDE_CFATA)
2123 goto abort_cmd;
2124 s->error = 0x00;
2125 s->status = READY_STAT | SEEK_STAT;
2126 memset(s->io_buffer, 0, 0x200);
2127 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2128 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2129 s->io_buffer[0x02] = s->select; /* Head */
2130 s->io_buffer[0x03] = s->sector; /* Sector */
2131 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2132 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2133 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2134 s->io_buffer[0x13] = 0x00; /* Erase flag */
2135 s->io_buffer[0x18] = 0x00; /* Hot count */
2136 s->io_buffer[0x19] = 0x00; /* Hot count */
2137 s->io_buffer[0x1a] = 0x01; /* Hot count */
2138 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2139 ide_set_irq(s->bus);
2140 break;
2141 case CFA_ACCESS_METADATA_STORAGE:
2142 if (s->drive_kind != IDE_CFATA)
2143 goto abort_cmd;
2144 switch (s->feature) {
2145 case 0x02: /* Inquiry Metadata Storage */
2146 ide_cfata_metadata_inquiry(s);
2147 break;
2148 case 0x03: /* Read Metadata Storage */
2149 ide_cfata_metadata_read(s);
2150 break;
2151 case 0x04: /* Write Metadata Storage */
2152 ide_cfata_metadata_write(s);
2153 break;
2154 default:
2155 goto abort_cmd;
2156 }
2157 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2158 s->status = 0x00; /* NOTE: READY is _not_ set */
2159 ide_set_irq(s->bus);
2160 break;
2161 case IBM_SENSE_CONDITION:
2162 if (s->drive_kind != IDE_CFATA)
2163 goto abort_cmd;
2164 switch (s->feature) {
2165 case 0x01: /* sense temperature in device */
2166 s->nsector = 0x50; /* +20 C */
2167 break;
2168 default:
2169 goto abort_cmd;
2170 }
2171 s->status = READY_STAT | SEEK_STAT;
2172 ide_set_irq(s->bus);
2173 break;
2174
2175 case WIN_SMART:
2176 if (s->drive_kind == IDE_CD)
2177 goto abort_cmd;
2178 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2179 goto abort_cmd;
2180 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2181 goto abort_cmd;
2182 switch (s->feature) {
2183 case SMART_DISABLE:
2184 s->smart_enabled = 0;
2185 s->status = READY_STAT | SEEK_STAT;
2186 ide_set_irq(s->bus);
2187 break;
2188 case SMART_ENABLE:
2189 s->smart_enabled = 1;
2190 s->status = READY_STAT | SEEK_STAT;
2191 ide_set_irq(s->bus);
2192 break;
2193 case SMART_ATTR_AUTOSAVE:
2194 switch (s->sector) {
2195 case 0x00:
2196 s->smart_autosave = 0;
2197 break;
2198 case 0xf1:
2199 s->smart_autosave = 1;
2200 break;
2201 default:
2202 goto abort_cmd;
2203 }
2204 s->status = READY_STAT | SEEK_STAT;
2205 ide_set_irq(s->bus);
2206 break;
2207 case SMART_STATUS:
2208 if (!s->smart_errors) {
2209 s->hcyl = 0xc2;
2210 s->lcyl = 0x4f;
2211 } else {
2212 s->hcyl = 0x2c;
2213 s->lcyl = 0xf4;
2214 }
2215 s->status = READY_STAT | SEEK_STAT;
2216 ide_set_irq(s->bus);
2217 break;
2218 case SMART_READ_THRESH:
2219 memset(s->io_buffer, 0, 0x200);
2220 s->io_buffer[0] = 0x01; /* smart struct version */
2221 for (n=0; n<30; n++) {
2222 if (smart_attributes[n][0] == 0)
2223 break;
2224 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2225 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2226 }
2227 for (n=0; n<511; n++) /* checksum */
2228 s->io_buffer[511] += s->io_buffer[n];
2229 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2230 s->status = READY_STAT | SEEK_STAT;
2231 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2232 ide_set_irq(s->bus);
2233 break;
2234 case SMART_READ_DATA:
2235 memset(s->io_buffer, 0, 0x200);
2236 s->io_buffer[0] = 0x01; /* smart struct version */
2237 for (n=0; n<30; n++) {
2238 if (smart_attributes[n][0] == 0)
2239 break;
2240 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2241 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2242 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2243 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2244 }
2245 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2246 if (s->smart_selftest_count == 0) {
2247 s->io_buffer[363] = 0;
2248 } else {
2249 s->io_buffer[363] =
2250 s->smart_selftest_data[3 +
2251 (s->smart_selftest_count - 1) *
2252 24];
2253 }
2254 s->io_buffer[364] = 0x20;
2255 s->io_buffer[365] = 0x01;
2256 /* offline data collection capacity: execute + self-test*/
2257 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2258 s->io_buffer[368] = 0x03; /* smart capability (1) */
2259 s->io_buffer[369] = 0x00; /* smart capability (2) */
2260 s->io_buffer[370] = 0x01; /* error logging supported */
2261 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2262 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2263 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2264
2265 for (n=0; n<511; n++)
2266 s->io_buffer[511] += s->io_buffer[n];
2267 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2268 s->status = READY_STAT | SEEK_STAT;
2269 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2270 ide_set_irq(s->bus);
2271 break;
2272 case SMART_READ_LOG:
2273 switch (s->sector) {
2274 case 0x01: /* summary smart error log */
2275 memset(s->io_buffer, 0, 0x200);
2276 s->io_buffer[0] = 0x01;
2277 s->io_buffer[1] = 0x00; /* no error entries */
2278 s->io_buffer[452] = s->smart_errors & 0xff;
2279 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2280
2281 for (n=0; n<511; n++)
2282 s->io_buffer[511] += s->io_buffer[n];
2283 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2284 break;
2285 case 0x06: /* smart self test log */
2286 memset(s->io_buffer, 0, 0x200);
2287 s->io_buffer[0] = 0x01;
2288 if (s->smart_selftest_count == 0) {
2289 s->io_buffer[508] = 0;
2290 } else {
2291 s->io_buffer[508] = s->smart_selftest_count;
2292 for (n=2; n<506; n++)
2293 s->io_buffer[n] = s->smart_selftest_data[n];
2294 }
2295 for (n=0; n<511; n++)
2296 s->io_buffer[511] += s->io_buffer[n];
2297 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2298 break;
2299 default:
2300 goto abort_cmd;
2301 }
2302 s->status = READY_STAT | SEEK_STAT;
2303 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2304 ide_set_irq(s->bus);
2305 break;
2306 case SMART_EXECUTE_OFFLINE:
2307 switch (s->sector) {
2308 case 0: /* off-line routine */
2309 case 1: /* short self test */
2310 case 2: /* extended self test */
2311 s->smart_selftest_count++;
2312 if(s->smart_selftest_count > 21)
2313 s->smart_selftest_count = 0;
2314 n = 2 + (s->smart_selftest_count - 1) * 24;
2315 s->smart_selftest_data[n] = s->sector;
2316 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2317 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2318 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2319 s->status = READY_STAT | SEEK_STAT;
2320 ide_set_irq(s->bus);
2321 break;
2322 default:
2323 goto abort_cmd;
2324 }
2325 break;
2326 default:
2327 goto abort_cmd;
2328 }
2329 break;
2330 default:
2331 abort_cmd:
2332 ide_abort_command(s);
2333 ide_set_irq(s->bus);
2334 break;
2335 }
2336 }
2337 }
2338
2339 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2340 {
2341 IDEBus *bus = opaque;
2342 IDEState *s = idebus_active_if(bus);
2343 uint32_t addr;
2344 int ret, hob;
2345
2346 addr = addr1 & 7;
2347 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2348 //hob = s->select & (1 << 7);
2349 hob = 0;
2350 switch(addr) {
2351 case 0:
2352 ret = 0xff;
2353 break;
2354 case 1:
2355 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2356 (s != bus->ifs && !s->bs))
2357 ret = 0;
2358 else if (!hob)
2359 ret = s->error;
2360 else
2361 ret = s->hob_feature;
2362 break;
2363 case 2:
2364 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2365 ret = 0;
2366 else if (!hob)
2367 ret = s->nsector & 0xff;
2368 else
2369 ret = s->hob_nsector;
2370 break;
2371 case 3:
2372 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2373 ret = 0;
2374 else if (!hob)
2375 ret = s->sector;
2376 else
2377 ret = s->hob_sector;
2378 break;
2379 case 4:
2380 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2381 ret = 0;
2382 else if (!hob)
2383 ret = s->lcyl;
2384 else
2385 ret = s->hob_lcyl;
2386 break;
2387 case 5:
2388 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2389 ret = 0;
2390 else if (!hob)
2391 ret = s->hcyl;
2392 else
2393 ret = s->hob_hcyl;
2394 break;
2395 case 6:
2396 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2397 ret = 0;
2398 else
2399 ret = s->select;
2400 break;
2401 default:
2402 case 7:
2403 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2404 (s != bus->ifs && !s->bs))
2405 ret = 0;
2406 else
2407 ret = s->status;
2408 qemu_irq_lower(bus->irq);
2409 break;
2410 }
2411 #ifdef DEBUG_IDE
2412 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2413 #endif
2414 return ret;
2415 }
2416
2417 uint32_t ide_status_read(void *opaque, uint32_t addr)
2418 {
2419 IDEBus *bus = opaque;
2420 IDEState *s = idebus_active_if(bus);
2421 int ret;
2422
2423 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2424 (s != bus->ifs && !s->bs))
2425 ret = 0;
2426 else
2427 ret = s->status;
2428 #ifdef DEBUG_IDE
2429 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2430 #endif
2431 return ret;
2432 }
2433
2434 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2435 {
2436 IDEBus *bus = opaque;
2437 IDEState *s;
2438 int i;
2439
2440 #ifdef DEBUG_IDE
2441 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2442 #endif
2443 /* common for both drives */
2444 if (!(bus->cmd & IDE_CMD_RESET) &&
2445 (val & IDE_CMD_RESET)) {
2446 /* reset low to high */
2447 for(i = 0;i < 2; i++) {
2448 s = &bus->ifs[i];
2449 s->status = BUSY_STAT | SEEK_STAT;
2450 s->error = 0x01;
2451 }
2452 } else if ((bus->cmd & IDE_CMD_RESET) &&
2453 !(val & IDE_CMD_RESET)) {
2454 /* high to low */
2455 for(i = 0;i < 2; i++) {
2456 s = &bus->ifs[i];
2457 if (s->drive_kind == IDE_CD)
2458 s->status = 0x00; /* NOTE: READY is _not_ set */
2459 else
2460 s->status = READY_STAT | SEEK_STAT;
2461 ide_set_signature(s);
2462 }
2463 }
2464
2465 bus->cmd = val;
2466 }
2467
2468 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2469 {
2470 IDEBus *bus = opaque;
2471 IDEState *s = idebus_active_if(bus);
2472 uint8_t *p;
2473
2474 /* PIO data access allowed only when DRQ bit is set */
2475 if (!(s->status & DRQ_STAT))
2476 return;
2477
2478 p = s->data_ptr;
2479 *(uint16_t *)p = le16_to_cpu(val);
2480 p += 2;
2481 s->data_ptr = p;
2482 if (p >= s->data_end)
2483 s->end_transfer_func(s);
2484 }
2485
2486 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2487 {
2488 IDEBus *bus = opaque;
2489 IDEState *s = idebus_active_if(bus);
2490 uint8_t *p;
2491 int ret;
2492
2493 /* PIO data access allowed only when DRQ bit is set */
2494 if (!(s->status & DRQ_STAT))
2495 return 0;
2496
2497 p = s->data_ptr;
2498 ret = cpu_to_le16(*(uint16_t *)p);
2499 p += 2;
2500 s->data_ptr = p;
2501 if (p >= s->data_end)
2502 s->end_transfer_func(s);
2503 return ret;
2504 }
2505
2506 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2507 {
2508 IDEBus *bus = opaque;
2509 IDEState *s = idebus_active_if(bus);
2510 uint8_t *p;
2511
2512 /* PIO data access allowed only when DRQ bit is set */
2513 if (!(s->status & DRQ_STAT))
2514 return;
2515
2516 p = s->data_ptr;
2517 *(uint32_t *)p = le32_to_cpu(val);
2518 p += 4;
2519 s->data_ptr = p;
2520 if (p >= s->data_end)
2521 s->end_transfer_func(s);
2522 }
2523
2524 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2525 {
2526 IDEBus *bus = opaque;
2527 IDEState *s = idebus_active_if(bus);
2528 uint8_t *p;
2529 int ret;
2530
2531 /* PIO data access allowed only when DRQ bit is set */
2532 if (!(s->status & DRQ_STAT))
2533 return 0;
2534
2535 p = s->data_ptr;
2536 ret = cpu_to_le32(*(uint32_t *)p);
2537 p += 4;
2538 s->data_ptr = p;
2539 if (p >= s->data_end)
2540 s->end_transfer_func(s);
2541 return ret;
2542 }
2543
2544 static void ide_dummy_transfer_stop(IDEState *s)
2545 {
2546 s->data_ptr = s->io_buffer;
2547 s->data_end = s->io_buffer;
2548 s->io_buffer[0] = 0xff;
2549 s->io_buffer[1] = 0xff;
2550 s->io_buffer[2] = 0xff;
2551 s->io_buffer[3] = 0xff;
2552 }
2553
2554 static void ide_reset(IDEState *s)
2555 {
2556 #ifdef DEBUG_IDE
2557 printf("ide: reset\n");
2558 #endif
2559 if (s->drive_kind == IDE_CFATA)
2560 s->mult_sectors = 0;
2561 else
2562 s->mult_sectors = MAX_MULT_SECTORS;
2563 /* ide regs */
2564 s->feature = 0;
2565 s->error = 0;
2566 s->nsector = 0;
2567 s->sector = 0;
2568 s->lcyl = 0;
2569 s->hcyl = 0;
2570
2571 /* lba48 */
2572 s->hob_feature = 0;
2573 s->hob_sector = 0;
2574 s->hob_nsector = 0;
2575 s->hob_lcyl = 0;
2576 s->hob_hcyl = 0;
2577
2578 s->select = 0xa0;
2579 s->status = READY_STAT | SEEK_STAT;
2580
2581 s->lba48 = 0;
2582
2583 /* ATAPI specific */
2584 s->sense_key = 0;
2585 s->asc = 0;
2586 s->cdrom_changed = 0;
2587 s->packet_transfer_size = 0;
2588 s->elementary_transfer_size = 0;
2589 s->io_buffer_index = 0;
2590 s->cd_sector_size = 0;
2591 s->atapi_dma = 0;
2592 /* ATA DMA state */
2593 s->io_buffer_size = 0;
2594 s->req_nb_sectors = 0;
2595
2596 ide_set_signature(s);
2597 /* init the transfer handler so that 0xffff is returned on data
2598 accesses */
2599 s->end_transfer_func = ide_dummy_transfer_stop;
2600 ide_dummy_transfer_stop(s);
2601 s->media_changed = 0;
2602 }
2603
2604 void ide_bus_reset(IDEBus *bus)
2605 {
2606 bus->unit = 0;
2607 bus->cmd = 0;
2608 ide_reset(&bus->ifs[0]);
2609 ide_reset(&bus->ifs[1]);
2610 ide_clear_hob(bus);
2611 }
2612
2613 int ide_init_drive(IDEState *s, BlockDriverState *bs,
2614 const char *version, const char *serial)
2615 {
2616 int cylinders, heads, secs;
2617 uint64_t nb_sectors;
2618
2619 s->bs = bs;
2620 bdrv_get_geometry(bs, &nb_sectors);
2621 bdrv_guess_geometry(bs, &cylinders, &heads, &secs);
2622 if (cylinders < 1 || cylinders > 16383) {
2623 error_report("cyls must be between 1 and 16383");
2624 return -1;
2625 }
2626 if (heads < 1 || heads > 16) {
2627 error_report("heads must be between 1 and 16");
2628 return -1;
2629 }
2630 if (secs < 1 || secs > 63) {
2631 error_report("secs must be between 1 and 63");
2632 return -1;
2633 }
2634 s->cylinders = cylinders;
2635 s->heads = heads;
2636 s->sectors = secs;
2637 s->nb_sectors = nb_sectors;
2638 /* The SMART values should be preserved across power cycles
2639 but they aren't. */
2640 s->smart_enabled = 1;
2641 s->smart_autosave = 1;
2642 s->smart_errors = 0;
2643 s->smart_selftest_count = 0;
2644 if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) {
2645 s->drive_kind = IDE_CD;
2646 bdrv_set_change_cb(bs, cdrom_change_cb, s);
2647 } else {
2648 if (!bdrv_is_inserted(s->bs)) {
2649 error_report("Device needs media, but drive is empty");
2650 return -1;
2651 }
2652 if (bdrv_is_read_only(bs)) {
2653 error_report("Can't use a read-only drive");
2654 return -1;
2655 }
2656 }
2657 if (serial) {
2658 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
2659 } else {
2660 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2661 "QM%05d", s->drive_serial);
2662 }
2663 if (version) {
2664 pstrcpy(s->version, sizeof(s->version), version);
2665 } else {
2666 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2667 }
2668 ide_reset(s);
2669 bdrv_set_removable(bs, s->drive_kind == IDE_CD);
2670 return 0;
2671 }
2672
2673 static void ide_init1(IDEBus *bus, int unit)
2674 {
2675 static int drive_serial = 1;
2676 IDEState *s = &bus->ifs[unit];
2677
2678 s->bus = bus;
2679 s->unit = unit;
2680 s->drive_serial = drive_serial++;
2681 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
2682 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2683 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2684 s->sector_write_timer = qemu_new_timer(vm_clock,
2685 ide_sector_write_timer_cb, s);
2686 }
2687
2688 void ide_init2(IDEBus *bus, qemu_irq irq)
2689 {
2690 int i;
2691
2692 for(i = 0; i < 2; i++) {
2693 ide_init1(bus, i);
2694 ide_reset(&bus->ifs[i]);
2695 }
2696 bus->irq = irq;
2697 }
2698
2699 /* TODO convert users to qdev and remove */
2700 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2701 DriveInfo *hd1, qemu_irq irq)
2702 {
2703 int i;
2704 DriveInfo *dinfo;
2705
2706 for(i = 0; i < 2; i++) {
2707 dinfo = i == 0 ? hd0 : hd1;
2708 ide_init1(bus, i);
2709 if (dinfo) {
2710 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL,
2711 *dinfo->serial ? dinfo->serial : NULL) < 0) {
2712 error_report("Can't set up IDE drive %s", dinfo->id);
2713 exit(1);
2714 }
2715 } else {
2716 ide_reset(&bus->ifs[i]);
2717 }
2718 }
2719 bus->irq = irq;
2720 }
2721
2722 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2723 {
2724 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2725 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2726 if (iobase2) {
2727 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2728 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2729 }
2730
2731 /* data ports */
2732 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2733 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2734 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2735 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2736 }
2737
2738 static bool is_identify_set(void *opaque, int version_id)
2739 {
2740 IDEState *s = opaque;
2741
2742 return s->identify_set != 0;
2743 }
2744
2745 static EndTransferFunc* transfer_end_table[] = {
2746 ide_sector_read,
2747 ide_sector_write,
2748 ide_transfer_stop,
2749 ide_atapi_cmd_reply_end,
2750 ide_atapi_cmd,
2751 ide_dummy_transfer_stop,
2752 };
2753
2754 static int transfer_end_table_idx(EndTransferFunc *fn)
2755 {
2756 int i;
2757
2758 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2759 if (transfer_end_table[i] == fn)
2760 return i;
2761
2762 return -1;
2763 }
2764
2765 static int ide_drive_post_load(void *opaque, int version_id)
2766 {
2767 IDEState *s = opaque;
2768
2769 if (version_id < 3) {
2770 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2771 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2772 s->cdrom_changed = 1;
2773 }
2774 }
2775 return 0;
2776 }
2777
2778 static int ide_drive_pio_post_load(void *opaque, int version_id)
2779 {
2780 IDEState *s = opaque;
2781
2782 if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) {
2783 return -EINVAL;
2784 }
2785 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2786 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2787 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2788
2789 return 0;
2790 }
2791
2792 static void ide_drive_pio_pre_save(void *opaque)
2793 {
2794 IDEState *s = opaque;
2795 int idx;
2796
2797 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2798 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2799
2800 idx = transfer_end_table_idx(s->end_transfer_func);
2801 if (idx == -1) {
2802 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2803 __func__);
2804 s->end_transfer_fn_idx = 2;
2805 } else {
2806 s->end_transfer_fn_idx = idx;
2807 }
2808 }
2809
2810 static bool ide_drive_pio_state_needed(void *opaque)
2811 {
2812 IDEState *s = opaque;
2813
2814 return (s->status & DRQ_STAT) != 0;
2815 }
2816
2817 const VMStateDescription vmstate_ide_drive_pio_state = {
2818 .name = "ide_drive/pio_state",
2819 .version_id = 1,
2820 .minimum_version_id = 1,
2821 .minimum_version_id_old = 1,
2822 .pre_save = ide_drive_pio_pre_save,
2823 .post_load = ide_drive_pio_post_load,
2824 .fields = (VMStateField []) {
2825 VMSTATE_INT32(req_nb_sectors, IDEState),
2826 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2827 vmstate_info_uint8, uint8_t),
2828 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2829 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2830 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2831 VMSTATE_INT32(elementary_transfer_size, IDEState),
2832 VMSTATE_INT32(packet_transfer_size, IDEState),
2833 VMSTATE_END_OF_LIST()
2834 }
2835 };
2836
2837 const VMStateDescription vmstate_ide_drive = {
2838 .name = "ide_drive",
2839 .version_id = 3,
2840 .minimum_version_id = 0,
2841 .minimum_version_id_old = 0,
2842 .post_load = ide_drive_post_load,
2843 .fields = (VMStateField []) {
2844 VMSTATE_INT32(mult_sectors, IDEState),
2845 VMSTATE_INT32(identify_set, IDEState),
2846 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2847 VMSTATE_UINT8(feature, IDEState),
2848 VMSTATE_UINT8(error, IDEState),
2849 VMSTATE_UINT32(nsector, IDEState),
2850 VMSTATE_UINT8(sector, IDEState),
2851 VMSTATE_UINT8(lcyl, IDEState),
2852 VMSTATE_UINT8(hcyl, IDEState),
2853 VMSTATE_UINT8(hob_feature, IDEState),
2854 VMSTATE_UINT8(hob_sector, IDEState),
2855 VMSTATE_UINT8(hob_nsector, IDEState),
2856 VMSTATE_UINT8(hob_lcyl, IDEState),
2857 VMSTATE_UINT8(hob_hcyl, IDEState),
2858 VMSTATE_UINT8(select, IDEState),
2859 VMSTATE_UINT8(status, IDEState),
2860 VMSTATE_UINT8(lba48, IDEState),
2861 VMSTATE_UINT8(sense_key, IDEState),
2862 VMSTATE_UINT8(asc, IDEState),
2863 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2864 VMSTATE_END_OF_LIST()
2865 },
2866 .subsections = (VMStateSubsection []) {
2867 {
2868 .vmsd = &vmstate_ide_drive_pio_state,
2869 .needed = ide_drive_pio_state_needed,
2870 }, {
2871 /* empty */
2872 }
2873 }
2874 };
2875
2876 const VMStateDescription vmstate_ide_bus = {
2877 .name = "ide_bus",
2878 .version_id = 1,
2879 .minimum_version_id = 1,
2880 .minimum_version_id_old = 1,
2881 .fields = (VMStateField []) {
2882 VMSTATE_UINT8(cmd, IDEBus),
2883 VMSTATE_UINT8(unit, IDEBus),
2884 VMSTATE_END_OF_LIST()
2885 }
2886 };
2887
2888 /***********************************************************/
2889 /* PCI IDE definitions */
2890
2891 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2892 {
2893 BMDMAState *bm = s->bus->bmdma;
2894 if(!bm)
2895 return;
2896 bm->unit = s->unit;
2897 bm->dma_cb = dma_cb;
2898 bm->cur_prd_last = 0;
2899 bm->cur_prd_addr = 0;
2900 bm->cur_prd_len = 0;
2901 bm->sector_num = ide_get_sector(s);
2902 bm->nsector = s->nsector;
2903 if (bm->status & BM_STATUS_DMAING) {
2904 bm->dma_cb(bm, 0);
2905 }
2906 }
2907
2908 static void ide_dma_restart(IDEState *s, int is_read)
2909 {
2910 BMDMAState *bm = s->bus->bmdma;
2911 ide_set_sector(s, bm->sector_num);
2912 s->io_buffer_index = 0;
2913 s->io_buffer_size = 0;
2914 s->nsector = bm->nsector;
2915 bm->cur_addr = bm->addr;
2916
2917 if (is_read) {
2918 bm->dma_cb = ide_read_dma_cb;
2919 } else {
2920 bm->dma_cb = ide_write_dma_cb;
2921 }
2922
2923 ide_dma_start(s, bm->dma_cb);
2924 }
2925
2926 void ide_dma_cancel(BMDMAState *bm)
2927 {
2928 if (bm->status & BM_STATUS_DMAING) {
2929 if (bm->aiocb) {
2930 #ifdef DEBUG_AIO
2931 printf("aio_cancel\n");
2932 #endif
2933 bdrv_aio_cancel(bm->aiocb);
2934 bm->aiocb = NULL;
2935 }
2936 bm->status &= ~BM_STATUS_DMAING;
2937 /* cancel DMA request */
2938 bm->unit = -1;
2939 bm->dma_cb = NULL;
2940 }
2941 }
2942
2943 void ide_dma_reset(BMDMAState *bm)
2944 {
2945 #ifdef DEBUG_IDE
2946 printf("ide: dma_reset\n");
2947 #endif
2948 ide_dma_cancel(bm);
2949 bm->cmd = 0;
2950 bm->status = 0;
2951 bm->addr = 0;
2952 bm->cur_addr = 0;
2953 bm->cur_prd_last = 0;
2954 bm->cur_prd_addr = 0;
2955 bm->cur_prd_len = 0;
2956 bm->sector_num = 0;
2957 bm->nsector = 0;
2958 }
QEmu