search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ide: Handle flush failure
[qemu.git] / hw / ide / core.c
blobbc3e91658ab46cbfcbf4761aec24cb2f7c8c68ce
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi.h>
29 #include "qemu-error.h"
30 #include "qemu-timer.h"
31 #include "sysemu.h"
32 #include "dma.h"
33 #include "blockdev.h"
34
35 #include <hw/ide/internal.h>
36
37 #define IDE_PAGE_SIZE 4096
38
39 static const int smart_attributes[][5] = {
40 /* id, flags, val, wrst, thrsh */
41 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
42 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
43 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
44 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
45 { 0x00, 0x00, 0x00, 0x00, 0x00}
46 };
47
48 /* XXX: DVDs that could fit on a CD will be reported as a CD */
49 static inline int media_present(IDEState *s)
50 {
51 return (s->nb_sectors > 0);
52 }
53
54 static inline int media_is_dvd(IDEState *s)
55 {
56 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
57 }
58
59 static inline int media_is_cd(IDEState *s)
60 {
61 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
62 }
63
64 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
65 static void ide_dma_restart(IDEState *s, int is_read);
66 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
67 static int ide_handle_rw_error(IDEState *s, int error, int op);
68 static void ide_flush_cache(IDEState *s);
69
70 static void padstr(char *str, const char *src, int len)
71 {
72 int i, v;
73 for(i = 0; i < len; i++) {
74 if (*src)
75 v = *src++;
76 else
77 v = ' ';
78 str[i^1] = v;
79 }
80 }
81
82 static void padstr8(uint8_t *buf, int buf_size, const char *src)
83 {
84 int i;
85 for(i = 0; i < buf_size; i++) {
86 if (*src)
87 buf[i] = *src++;
88 else
89 buf[i] = ' ';
90 }
91 }
92
93 static void put_le16(uint16_t *p, unsigned int v)
94 {
95 *p = cpu_to_le16(v);
96 }
97
98 static void ide_identify(IDEState *s)
99 {
100 uint16_t *p;
101 unsigned int oldsize;
102 IDEDevice *dev;
103
104 if (s->identify_set) {
105 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
106 return;
107 }
108
109 memset(s->io_buffer, 0, 512);
110 p = (uint16_t *)s->io_buffer;
111 put_le16(p + 0, 0x0040);
112 put_le16(p + 1, s->cylinders);
113 put_le16(p + 3, s->heads);
114 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
115 put_le16(p + 5, 512); /* XXX: retired, remove ? */
116 put_le16(p + 6, s->sectors);
117 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
118 put_le16(p + 20, 3); /* XXX: retired, remove ? */
119 put_le16(p + 21, 512); /* cache size in sectors */
120 put_le16(p + 22, 4); /* ecc bytes */
121 padstr((char *)(p + 23), s->version, 8); /* firmware version */
122 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
123 #if MAX_MULT_SECTORS > 1
124 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
125 #endif
126 put_le16(p + 48, 1); /* dword I/O */
127 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
128 put_le16(p + 51, 0x200); /* PIO transfer cycle */
129 put_le16(p + 52, 0x200); /* DMA transfer cycle */
130 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
131 put_le16(p + 54, s->cylinders);
132 put_le16(p + 55, s->heads);
133 put_le16(p + 56, s->sectors);
134 oldsize = s->cylinders * s->heads * s->sectors;
135 put_le16(p + 57, oldsize);
136 put_le16(p + 58, oldsize >> 16);
137 if (s->mult_sectors)
138 put_le16(p + 59, 0x100 | s->mult_sectors);
139 put_le16(p + 60, s->nb_sectors);
140 put_le16(p + 61, s->nb_sectors >> 16);
141 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
142 put_le16(p + 63, 0x07); /* mdma0-2 supported */
143 put_le16(p + 64, 0x03); /* pio3-4 supported */
144 put_le16(p + 65, 120);
145 put_le16(p + 66, 120);
146 put_le16(p + 67, 120);
147 put_le16(p + 68, 120);
148 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
149 put_le16(p + 81, 0x16); /* conforms to ata5 */
150 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
151 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
152 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
153 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
154 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
155 put_le16(p + 84, (1 << 14) | 0);
156 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
157 if (bdrv_enable_write_cache(s->bs))
158 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
159 else
160 put_le16(p + 85, (1 << 14) | 1);
161 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
162 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
163 /* 14=set to 1, 1=smart self test, 0=smart error logging */
164 put_le16(p + 87, (1 << 14) | 0);
165 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
166 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
167 put_le16(p + 100, s->nb_sectors);
168 put_le16(p + 101, s->nb_sectors >> 16);
169 put_le16(p + 102, s->nb_sectors >> 32);
170 put_le16(p + 103, s->nb_sectors >> 48);
171 dev = s->unit ? s->bus->slave : s->bus->master;
172 if (dev && dev->conf.physical_block_size)
173 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
174
175 memcpy(s->identify_data, p, sizeof(s->identify_data));
176 s->identify_set = 1;
177 }
178
179 static void ide_atapi_identify(IDEState *s)
180 {
181 uint16_t *p;
182
183 if (s->identify_set) {
184 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
185 return;
186 }
187
188 memset(s->io_buffer, 0, 512);
189 p = (uint16_t *)s->io_buffer;
190 /* Removable CDROM, 50us response, 12 byte packets */
191 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
192 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
193 put_le16(p + 20, 3); /* buffer type */
194 put_le16(p + 21, 512); /* cache size in sectors */
195 put_le16(p + 22, 4); /* ecc bytes */
196 padstr((char *)(p + 23), s->version, 8); /* firmware version */
197 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
198 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
199 #ifdef USE_DMA_CDROM
200 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
201 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
202 put_le16(p + 62, 7); /* single word dma0-2 supported */
203 put_le16(p + 63, 7); /* mdma0-2 supported */
204 #else
205 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
206 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
207 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
208 #endif
209 put_le16(p + 64, 3); /* pio3-4 supported */
210 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
211 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
212 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
213 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
214
215 put_le16(p + 71, 30); /* in ns */
216 put_le16(p + 72, 30); /* in ns */
217
218 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
219 #ifdef USE_DMA_CDROM
220 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
221 #endif
222 memcpy(s->identify_data, p, sizeof(s->identify_data));
223 s->identify_set = 1;
224 }
225
226 static void ide_cfata_identify(IDEState *s)
227 {
228 uint16_t *p;
229 uint32_t cur_sec;
230
231 p = (uint16_t *) s->identify_data;
232 if (s->identify_set)
233 goto fill_buffer;
234
235 memset(p, 0, sizeof(s->identify_data));
236
237 cur_sec = s->cylinders * s->heads * s->sectors;
238
239 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
240 put_le16(p + 1, s->cylinders); /* Default cylinders */
241 put_le16(p + 3, s->heads); /* Default heads */
242 put_le16(p + 6, s->sectors); /* Default sectors per track */
243 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
244 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
245 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
246 put_le16(p + 22, 0x0004); /* ECC bytes */
247 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
248 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
249 #if MAX_MULT_SECTORS > 1
250 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
251 #else
252 put_le16(p + 47, 0x0000);
253 #endif
254 put_le16(p + 49, 0x0f00); /* Capabilities */
255 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
256 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
257 put_le16(p + 53, 0x0003); /* Translation params valid */
258 put_le16(p + 54, s->cylinders); /* Current cylinders */
259 put_le16(p + 55, s->heads); /* Current heads */
260 put_le16(p + 56, s->sectors); /* Current sectors */
261 put_le16(p + 57, cur_sec); /* Current capacity */
262 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
263 if (s->mult_sectors) /* Multiple sector setting */
264 put_le16(p + 59, 0x100 | s->mult_sectors);
265 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
266 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
267 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
268 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
269 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
270 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
271 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
272 put_le16(p + 82, 0x400c); /* Command Set supported */
273 put_le16(p + 83, 0x7068); /* Command Set supported */
274 put_le16(p + 84, 0x4000); /* Features supported */
275 put_le16(p + 85, 0x000c); /* Command Set enabled */
276 put_le16(p + 86, 0x7044); /* Command Set enabled */
277 put_le16(p + 87, 0x4000); /* Features enabled */
278 put_le16(p + 91, 0x4060); /* Current APM level */
279 put_le16(p + 129, 0x0002); /* Current features option */
280 put_le16(p + 130, 0x0005); /* Reassigned sectors */
281 put_le16(p + 131, 0x0001); /* Initial power mode */
282 put_le16(p + 132, 0x0000); /* User signature */
283 put_le16(p + 160, 0x8100); /* Power requirement */
284 put_le16(p + 161, 0x8001); /* CF command set */
285
286 s->identify_set = 1;
287
288 fill_buffer:
289 memcpy(s->io_buffer, p, sizeof(s->identify_data));
290 }
291
292 static void ide_set_signature(IDEState *s)
293 {
294 s->select &= 0xf0; /* clear head */
295 /* put signature */
296 s->nsector = 1;
297 s->sector = 1;
298 if (s->drive_kind == IDE_CD) {
299 s->lcyl = 0x14;
300 s->hcyl = 0xeb;
301 } else if (s->bs) {
302 s->lcyl = 0;
303 s->hcyl = 0;
304 } else {
305 s->lcyl = 0xff;
306 s->hcyl = 0xff;
307 }
308 }
309
310 static inline void ide_abort_command(IDEState *s)
311 {
312 s->status = READY_STAT | ERR_STAT;
313 s->error = ABRT_ERR;
314 }
315
316 static inline void ide_dma_submit_check(IDEState *s,
317 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
318 {
319 if (bm->aiocb)
320 return;
321 dma_cb(bm, -1);
322 }
323
324 /* prepare data transfer and tell what to do after */
325 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
326 EndTransferFunc *end_transfer_func)
327 {
328 s->end_transfer_func = end_transfer_func;
329 s->data_ptr = buf;
330 s->data_end = buf + size;
331 if (!(s->status & ERR_STAT))
332 s->status |= DRQ_STAT;
333 }
334
335 static void ide_transfer_stop(IDEState *s)
336 {
337 s->end_transfer_func = ide_transfer_stop;
338 s->data_ptr = s->io_buffer;
339 s->data_end = s->io_buffer;
340 s->status &= ~DRQ_STAT;
341 }
342
343 int64_t ide_get_sector(IDEState *s)
344 {
345 int64_t sector_num;
346 if (s->select & 0x40) {
347 /* lba */
348 if (!s->lba48) {
349 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
350 (s->lcyl << 8) | s->sector;
351 } else {
352 sector_num = ((int64_t)s->hob_hcyl << 40) |
353 ((int64_t) s->hob_lcyl << 32) |
354 ((int64_t) s->hob_sector << 24) |
355 ((int64_t) s->hcyl << 16) |
356 ((int64_t) s->lcyl << 8) | s->sector;
357 }
358 } else {
359 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
360 (s->select & 0x0f) * s->sectors + (s->sector - 1);
361 }
362 return sector_num;
363 }
364
365 void ide_set_sector(IDEState *s, int64_t sector_num)
366 {
367 unsigned int cyl, r;
368 if (s->select & 0x40) {
369 if (!s->lba48) {
370 s->select = (s->select & 0xf0) | (sector_num >> 24);
371 s->hcyl = (sector_num >> 16);
372 s->lcyl = (sector_num >> 8);
373 s->sector = (sector_num);
374 } else {
375 s->sector = sector_num;
376 s->lcyl = sector_num >> 8;
377 s->hcyl = sector_num >> 16;
378 s->hob_sector = sector_num >> 24;
379 s->hob_lcyl = sector_num >> 32;
380 s->hob_hcyl = sector_num >> 40;
381 }
382 } else {
383 cyl = sector_num / (s->heads * s->sectors);
384 r = sector_num % (s->heads * s->sectors);
385 s->hcyl = cyl >> 8;
386 s->lcyl = cyl;
387 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
388 s->sector = (r % s->sectors) + 1;
389 }
390 }
391
392 static void ide_rw_error(IDEState *s) {
393 ide_abort_command(s);
394 ide_set_irq(s->bus);
395 }
396
397 static void ide_sector_read(IDEState *s)
398 {
399 int64_t sector_num;
400 int ret, n;
401
402 s->status = READY_STAT | SEEK_STAT;
403 s->error = 0; /* not needed by IDE spec, but needed by Windows */
404 sector_num = ide_get_sector(s);
405 n = s->nsector;
406 if (n == 0) {
407 /* no more sector to read from disk */
408 ide_transfer_stop(s);
409 } else {
410 #if defined(DEBUG_IDE)
411 printf("read sector=%" PRId64 "\n", sector_num);
412 #endif
413 if (n > s->req_nb_sectors)
414 n = s->req_nb_sectors;
415 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
416 if (ret != 0) {
417 if (ide_handle_rw_error(s, -ret,
418 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
419 {
420 return;
421 }
422 }
423 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
424 ide_set_irq(s->bus);
425 ide_set_sector(s, sector_num + n);
426 s->nsector -= n;
427 }
428 }
429
430
431 /* return 0 if buffer completed */
432 static int dma_buf_prepare(BMDMAState *bm, int is_write)
433 {
434 IDEState *s = bmdma_active_if(bm);
435 struct {
436 uint32_t addr;
437 uint32_t size;
438 } prd;
439 int l, len;
440
441 qemu_sglist_init(&s->sg, s->nsector / (IDE_PAGE_SIZE / 512) + 1);
442 s->io_buffer_size = 0;
443 for(;;) {
444 if (bm->cur_prd_len == 0) {
445 /* end of table (with a fail safe of one page) */
446 if (bm->cur_prd_last ||
447 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
448 return s->io_buffer_size != 0;
449 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
450 bm->cur_addr += 8;
451 prd.addr = le32_to_cpu(prd.addr);
452 prd.size = le32_to_cpu(prd.size);
453 len = prd.size & 0xfffe;
454 if (len == 0)
455 len = 0x10000;
456 bm->cur_prd_len = len;
457 bm->cur_prd_addr = prd.addr;
458 bm->cur_prd_last = (prd.size & 0x80000000);
459 }
460 l = bm->cur_prd_len;
461 if (l > 0) {
462 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
463 bm->cur_prd_addr += l;
464 bm->cur_prd_len -= l;
465 s->io_buffer_size += l;
466 }
467 }
468 return 1;
469 }
470
471 static void dma_buf_commit(IDEState *s, int is_write)
472 {
473 qemu_sglist_destroy(&s->sg);
474 }
475
476 void ide_dma_error(IDEState *s)
477 {
478 ide_transfer_stop(s);
479 s->error = ABRT_ERR;
480 s->status = READY_STAT | ERR_STAT;
481 ide_set_irq(s->bus);
482 }
483
484 static int ide_handle_rw_error(IDEState *s, int error, int op)
485 {
486 int is_read = (op & BM_STATUS_RETRY_READ);
487 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
488
489 if (action == BLOCK_ERR_IGNORE) {
490 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
491 return 0;
492 }
493
494 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
495 || action == BLOCK_ERR_STOP_ANY) {
496 s->bus->bmdma->unit = s->unit;
497 s->bus->bmdma->status |= op;
498 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
499 vm_stop(0);
500 } else {
501 if (op & BM_STATUS_DMA_RETRY) {
502 dma_buf_commit(s, 0);
503 ide_dma_error(s);
504 } else {
505 ide_rw_error(s);
506 }
507 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
508 }
509
510 return 1;
511 }
512
513 /* return 0 if buffer completed */
514 static int dma_buf_rw(BMDMAState *bm, int is_write)
515 {
516 IDEState *s = bmdma_active_if(bm);
517 struct {
518 uint32_t addr;
519 uint32_t size;
520 } prd;
521 int l, len;
522
523 for(;;) {
524 l = s->io_buffer_size - s->io_buffer_index;
525 if (l <= 0)
526 break;
527 if (bm->cur_prd_len == 0) {
528 /* end of table (with a fail safe of one page) */
529 if (bm->cur_prd_last ||
530 (bm->cur_addr - bm->addr) >= IDE_PAGE_SIZE)
531 return 0;
532 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
533 bm->cur_addr += 8;
534 prd.addr = le32_to_cpu(prd.addr);
535 prd.size = le32_to_cpu(prd.size);
536 len = prd.size & 0xfffe;
537 if (len == 0)
538 len = 0x10000;
539 bm->cur_prd_len = len;
540 bm->cur_prd_addr = prd.addr;
541 bm->cur_prd_last = (prd.size & 0x80000000);
542 }
543 if (l > bm->cur_prd_len)
544 l = bm->cur_prd_len;
545 if (l > 0) {
546 if (is_write) {
547 cpu_physical_memory_write(bm->cur_prd_addr,
548 s->io_buffer + s->io_buffer_index, l);
549 } else {
550 cpu_physical_memory_read(bm->cur_prd_addr,
551 s->io_buffer + s->io_buffer_index, l);
552 }
553 bm->cur_prd_addr += l;
554 bm->cur_prd_len -= l;
555 s->io_buffer_index += l;
556 }
557 }
558 return 1;
559 }
560
561 static void ide_read_dma_cb(void *opaque, int ret)
562 {
563 BMDMAState *bm = opaque;
564 IDEState *s = bmdma_active_if(bm);
565 int n;
566 int64_t sector_num;
567
568 if (ret < 0) {
569 if (ide_handle_rw_error(s, -ret,
570 BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ))
571 {
572 return;
573 }
574 }
575
576 n = s->io_buffer_size >> 9;
577 sector_num = ide_get_sector(s);
578 if (n > 0) {
579 dma_buf_commit(s, 1);
580 sector_num += n;
581 ide_set_sector(s, sector_num);
582 s->nsector -= n;
583 }
584
585 /* end of transfer ? */
586 if (s->nsector == 0) {
587 s->status = READY_STAT | SEEK_STAT;
588 ide_set_irq(s->bus);
589 eot:
590 bm->status &= ~BM_STATUS_DMAING;
591 bm->status |= BM_STATUS_INT;
592 bm->dma_cb = NULL;
593 bm->unit = -1;
594 bm->aiocb = NULL;
595 return;
596 }
597
598 /* launch next transfer */
599 n = s->nsector;
600 s->io_buffer_index = 0;
601 s->io_buffer_size = n * 512;
602 if (dma_buf_prepare(bm, 1) == 0)
603 goto eot;
604 #ifdef DEBUG_AIO
605 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
606 #endif
607 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
608 ide_dma_submit_check(s, ide_read_dma_cb, bm);
609 }
610
611 static void ide_sector_read_dma(IDEState *s)
612 {
613 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
614 s->io_buffer_index = 0;
615 s->io_buffer_size = 0;
616 s->is_read = 1;
617 ide_dma_start(s, ide_read_dma_cb);
618 }
619
620 static void ide_sector_write_timer_cb(void *opaque)
621 {
622 IDEState *s = opaque;
623 ide_set_irq(s->bus);
624 }
625
626 static void ide_sector_write(IDEState *s)
627 {
628 int64_t sector_num;
629 int ret, n, n1;
630
631 s->status = READY_STAT | SEEK_STAT;
632 sector_num = ide_get_sector(s);
633 #if defined(DEBUG_IDE)
634 printf("write sector=%" PRId64 "\n", sector_num);
635 #endif
636 n = s->nsector;
637 if (n > s->req_nb_sectors)
638 n = s->req_nb_sectors;
639 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
640
641 if (ret != 0) {
642 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
643 return;
644 }
645
646 s->nsector -= n;
647 if (s->nsector == 0) {
648 /* no more sectors to write */
649 ide_transfer_stop(s);
650 } else {
651 n1 = s->nsector;
652 if (n1 > s->req_nb_sectors)
653 n1 = s->req_nb_sectors;
654 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
655 }
656 ide_set_sector(s, sector_num + n);
657
658 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
659 /* It seems there is a bug in the Windows 2000 installer HDD
660 IDE driver which fills the disk with empty logs when the
661 IDE write IRQ comes too early. This hack tries to correct
662 that at the expense of slower write performances. Use this
663 option _only_ to install Windows 2000. You must disable it
664 for normal use. */
665 qemu_mod_timer(s->sector_write_timer,
666 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000));
667 } else {
668 ide_set_irq(s->bus);
669 }
670 }
671
672 static void ide_dma_restart_bh(void *opaque)
673 {
674 BMDMAState *bm = opaque;
675 int is_read;
676
677 qemu_bh_delete(bm->bh);
678 bm->bh = NULL;
679
680 is_read = !!(bm->status & BM_STATUS_RETRY_READ);
681
682 if (bm->status & BM_STATUS_DMA_RETRY) {
683 bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ);
684 ide_dma_restart(bmdma_active_if(bm), is_read);
685 } else if (bm->status & BM_STATUS_PIO_RETRY) {
686 bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ);
687 if (is_read) {
688 ide_sector_read(bmdma_active_if(bm));
689 } else {
690 ide_sector_write(bmdma_active_if(bm));
691 }
692 } else if (bm->status & BM_STATUS_RETRY_FLUSH) {
693 ide_flush_cache(bmdma_active_if(bm));
694 }
695 }
696
697 void ide_dma_restart_cb(void *opaque, int running, int reason)
698 {
699 BMDMAState *bm = opaque;
700
701 if (!running)
702 return;
703
704 if (!bm->bh) {
705 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
706 qemu_bh_schedule(bm->bh);
707 }
708 }
709
710 static void ide_write_dma_cb(void *opaque, int ret)
711 {
712 BMDMAState *bm = opaque;
713 IDEState *s = bmdma_active_if(bm);
714 int n;
715 int64_t sector_num;
716
717 if (ret < 0) {
718 if (ide_handle_rw_error(s, -ret, BM_STATUS_DMA_RETRY))
719 return;
720 }
721
722 n = s->io_buffer_size >> 9;
723 sector_num = ide_get_sector(s);
724 if (n > 0) {
725 dma_buf_commit(s, 0);
726 sector_num += n;
727 ide_set_sector(s, sector_num);
728 s->nsector -= n;
729 }
730
731 /* end of transfer ? */
732 if (s->nsector == 0) {
733 s->status = READY_STAT | SEEK_STAT;
734 ide_set_irq(s->bus);
735 eot:
736 bm->status &= ~BM_STATUS_DMAING;
737 bm->status |= BM_STATUS_INT;
738 bm->dma_cb = NULL;
739 bm->unit = -1;
740 bm->aiocb = NULL;
741 return;
742 }
743
744 n = s->nsector;
745 s->io_buffer_size = n * 512;
746 /* launch next transfer */
747 if (dma_buf_prepare(bm, 0) == 0)
748 goto eot;
749 #ifdef DEBUG_AIO
750 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
751 #endif
752 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
753 ide_dma_submit_check(s, ide_write_dma_cb, bm);
754 }
755
756 static void ide_sector_write_dma(IDEState *s)
757 {
758 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
759 s->io_buffer_index = 0;
760 s->io_buffer_size = 0;
761 s->is_read = 0;
762 ide_dma_start(s, ide_write_dma_cb);
763 }
764
765 void ide_atapi_cmd_ok(IDEState *s)
766 {
767 s->error = 0;
768 s->status = READY_STAT | SEEK_STAT;
769 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
770 ide_set_irq(s->bus);
771 }
772
773 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
774 {
775 #ifdef DEBUG_IDE_ATAPI
776 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
777 #endif
778 s->error = sense_key << 4;
779 s->status = READY_STAT | ERR_STAT;
780 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
781 s->sense_key = sense_key;
782 s->asc = asc;
783 ide_set_irq(s->bus);
784 }
785
786 static void ide_atapi_cmd_check_status(IDEState *s)
787 {
788 #ifdef DEBUG_IDE_ATAPI
789 printf("atapi_cmd_check_status\n");
790 #endif
791 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
792 s->status = ERR_STAT;
793 s->nsector = 0;
794 ide_set_irq(s->bus);
795 }
796
797 static void ide_flush_cb(void *opaque, int ret)
798 {
799 IDEState *s = opaque;
800
801 if (ret < 0) {
802 /* XXX: What sector number to set here? */
803 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
804 return;
805 }
806 }
807
808 s->status = READY_STAT | SEEK_STAT;
809 ide_set_irq(s->bus);
810 }
811
812 static void ide_flush_cache(IDEState *s)
813 {
814 if (s->bs) {
815 bdrv_aio_flush(s->bs, ide_flush_cb, s);
816 } else {
817 ide_flush_cb(s, 0);
818 }
819 }
820
821 static inline void cpu_to_ube16(uint8_t *buf, int val)
822 {
823 buf[0] = val >> 8;
824 buf[1] = val & 0xff;
825 }
826
827 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
828 {
829 buf[0] = val >> 24;
830 buf[1] = val >> 16;
831 buf[2] = val >> 8;
832 buf[3] = val & 0xff;
833 }
834
835 static inline int ube16_to_cpu(const uint8_t *buf)
836 {
837 return (buf[0] << 8) | buf[1];
838 }
839
840 static inline int ube32_to_cpu(const uint8_t *buf)
841 {
842 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
843 }
844
845 static void lba_to_msf(uint8_t *buf, int lba)
846 {
847 lba += 150;
848 buf[0] = (lba / 75) / 60;
849 buf[1] = (lba / 75) % 60;
850 buf[2] = lba % 75;
851 }
852
853 static void cd_data_to_raw(uint8_t *buf, int lba)
854 {
855 /* sync bytes */
856 buf[0] = 0x00;
857 memset(buf + 1, 0xff, 10);
858 buf[11] = 0x00;
859 buf += 12;
860 /* MSF */
861 lba_to_msf(buf, lba);
862 buf[3] = 0x01; /* mode 1 data */
863 buf += 4;
864 /* data */
865 buf += 2048;
866 /* XXX: ECC not computed */
867 memset(buf, 0, 288);
868 }
869
870 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
871 int sector_size)
872 {
873 int ret;
874
875 switch(sector_size) {
876 case 2048:
877 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
878 break;
879 case 2352:
880 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
881 if (ret < 0)
882 return ret;
883 cd_data_to_raw(buf, lba);
884 break;
885 default:
886 ret = -EIO;
887 break;
888 }
889 return ret;
890 }
891
892 void ide_atapi_io_error(IDEState *s, int ret)
893 {
894 /* XXX: handle more errors */
895 if (ret == -ENOMEDIUM) {
896 ide_atapi_cmd_error(s, SENSE_NOT_READY,
897 ASC_MEDIUM_NOT_PRESENT);
898 } else {
899 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
900 ASC_LOGICAL_BLOCK_OOR);
901 }
902 }
903
904 /* The whole ATAPI transfer logic is handled in this function */
905 static void ide_atapi_cmd_reply_end(IDEState *s)
906 {
907 int byte_count_limit, size, ret;
908 #ifdef DEBUG_IDE_ATAPI
909 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
910 s->packet_transfer_size,
911 s->elementary_transfer_size,
912 s->io_buffer_index);
913 #endif
914 if (s->packet_transfer_size <= 0) {
915 /* end of transfer */
916 ide_transfer_stop(s);
917 s->status = READY_STAT | SEEK_STAT;
918 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
919 ide_set_irq(s->bus);
920 #ifdef DEBUG_IDE_ATAPI
921 printf("status=0x%x\n", s->status);
922 #endif
923 } else {
924 /* see if a new sector must be read */
925 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
926 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
927 if (ret < 0) {
928 ide_transfer_stop(s);
929 ide_atapi_io_error(s, ret);
930 return;
931 }
932 s->lba++;
933 s->io_buffer_index = 0;
934 }
935 if (s->elementary_transfer_size > 0) {
936 /* there are some data left to transmit in this elementary
937 transfer */
938 size = s->cd_sector_size - s->io_buffer_index;
939 if (size > s->elementary_transfer_size)
940 size = s->elementary_transfer_size;
941 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
942 size, ide_atapi_cmd_reply_end);
943 s->packet_transfer_size -= size;
944 s->elementary_transfer_size -= size;
945 s->io_buffer_index += size;
946 } else {
947 /* a new transfer is needed */
948 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
949 byte_count_limit = s->lcyl | (s->hcyl << 8);
950 #ifdef DEBUG_IDE_ATAPI
951 printf("byte_count_limit=%d\n", byte_count_limit);
952 #endif
953 if (byte_count_limit == 0xffff)
954 byte_count_limit--;
955 size = s->packet_transfer_size;
956 if (size > byte_count_limit) {
957 /* byte count limit must be even if this case */
958 if (byte_count_limit & 1)
959 byte_count_limit--;
960 size = byte_count_limit;
961 }
962 s->lcyl = size;
963 s->hcyl = size >> 8;
964 s->elementary_transfer_size = size;
965 /* we cannot transmit more than one sector at a time */
966 if (s->lba != -1) {
967 if (size > (s->cd_sector_size - s->io_buffer_index))
968 size = (s->cd_sector_size - s->io_buffer_index);
969 }
970 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
971 size, ide_atapi_cmd_reply_end);
972 s->packet_transfer_size -= size;
973 s->elementary_transfer_size -= size;
974 s->io_buffer_index += size;
975 ide_set_irq(s->bus);
976 #ifdef DEBUG_IDE_ATAPI
977 printf("status=0x%x\n", s->status);
978 #endif
979 }
980 }
981 }
982
983 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
984 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
985 {
986 if (size > max_size)
987 size = max_size;
988 s->lba = -1; /* no sector read */
989 s->packet_transfer_size = size;
990 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
991 s->elementary_transfer_size = 0;
992 s->io_buffer_index = 0;
993
994 if (s->atapi_dma) {
995 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
996 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
997 } else {
998 s->status = READY_STAT | SEEK_STAT;
999 ide_atapi_cmd_reply_end(s);
1000 }
1001 }
1002
1003 /* start a CD-CDROM read command */
1004 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
1005 int sector_size)
1006 {
1007 s->lba = lba;
1008 s->packet_transfer_size = nb_sectors * sector_size;
1009 s->elementary_transfer_size = 0;
1010 s->io_buffer_index = sector_size;
1011 s->cd_sector_size = sector_size;
1012
1013 s->status = READY_STAT | SEEK_STAT;
1014 ide_atapi_cmd_reply_end(s);
1015 }
1016
1017 /* ATAPI DMA support */
1018
1019 /* XXX: handle read errors */
1020 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1021 {
1022 BMDMAState *bm = opaque;
1023 IDEState *s = bmdma_active_if(bm);
1024 int data_offset, n;
1025
1026 if (ret < 0) {
1027 ide_atapi_io_error(s, ret);
1028 goto eot;
1029 }
1030
1031 if (s->io_buffer_size > 0) {
1032 /*
1033 * For a cdrom read sector command (s->lba != -1),
1034 * adjust the lba for the next s->io_buffer_size chunk
1035 * and dma the current chunk.
1036 * For a command != read (s->lba == -1), just transfer
1037 * the reply data.
1038 */
1039 if (s->lba != -1) {
1040 if (s->cd_sector_size == 2352) {
1041 n = 1;
1042 cd_data_to_raw(s->io_buffer, s->lba);
1043 } else {
1044 n = s->io_buffer_size >> 11;
1045 }
1046 s->lba += n;
1047 }
1048 s->packet_transfer_size -= s->io_buffer_size;
1049 if (dma_buf_rw(bm, 1) == 0)
1050 goto eot;
1051 }
1052
1053 if (s->packet_transfer_size <= 0) {
1054 s->status = READY_STAT | SEEK_STAT;
1055 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1056 ide_set_irq(s->bus);
1057 eot:
1058 bm->status &= ~BM_STATUS_DMAING;
1059 bm->status |= BM_STATUS_INT;
1060 bm->dma_cb = NULL;
1061 bm->unit = -1;
1062 bm->aiocb = NULL;
1063 return;
1064 }
1065
1066 s->io_buffer_index = 0;
1067 if (s->cd_sector_size == 2352) {
1068 n = 1;
1069 s->io_buffer_size = s->cd_sector_size;
1070 data_offset = 16;
1071 } else {
1072 n = s->packet_transfer_size >> 11;
1073 if (n > (IDE_DMA_BUF_SECTORS / 4))
1074 n = (IDE_DMA_BUF_SECTORS / 4);
1075 s->io_buffer_size = n * 2048;
1076 data_offset = 0;
1077 }
1078 #ifdef DEBUG_AIO
1079 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1080 #endif
1081 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1082 bm->iov.iov_len = n * 4 * 512;
1083 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1084 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1085 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1086 if (!bm->aiocb) {
1087 /* Note: media not present is the most likely case */
1088 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1089 ASC_MEDIUM_NOT_PRESENT);
1090 goto eot;
1091 }
1092 }
1093
1094 /* start a CD-CDROM read command with DMA */
1095 /* XXX: test if DMA is available */
1096 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1097 int sector_size)
1098 {
1099 s->lba = lba;
1100 s->packet_transfer_size = nb_sectors * sector_size;
1101 s->io_buffer_index = 0;
1102 s->io_buffer_size = 0;
1103 s->cd_sector_size = sector_size;
1104
1105 /* XXX: check if BUSY_STAT should be set */
1106 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1107 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1108 }
1109
1110 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1111 int sector_size)
1112 {
1113 #ifdef DEBUG_IDE_ATAPI
1114 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1115 lba, nb_sectors);
1116 #endif
1117 if (s->atapi_dma) {
1118 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1119 } else {
1120 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1121 }
1122 }
1123
1124 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1125 uint16_t profile)
1126 {
1127 uint8_t *buf_profile = buf + 12; /* start of profiles */
1128
1129 buf_profile += ((*index) * 4); /* start of indexed profile */
1130 cpu_to_ube16 (buf_profile, profile);
1131 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1132
1133 /* each profile adds 4 bytes to the response */
1134 (*index)++;
1135 buf[11] += 4; /* Additional Length */
1136
1137 return 4;
1138 }
1139
1140 static int ide_dvd_read_structure(IDEState *s, int format,
1141 const uint8_t *packet, uint8_t *buf)
1142 {
1143 switch (format) {
1144 case 0x0: /* Physical format information */
1145 {
1146 int layer = packet[6];
1147 uint64_t total_sectors;
1148
1149 if (layer != 0)
1150 return -ASC_INV_FIELD_IN_CMD_PACKET;
1151
1152 bdrv_get_geometry(s->bs, &total_sectors);
1153 total_sectors >>= 2;
1154 if (total_sectors == 0)
1155 return -ASC_MEDIUM_NOT_PRESENT;
1156
1157 buf[4] = 1; /* DVD-ROM, part version 1 */
1158 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1159 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1160 buf[7] = 0; /* default densities */
1161
1162 /* FIXME: 0x30000 per spec? */
1163 cpu_to_ube32(buf + 8, 0); /* start sector */
1164 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1165 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1166
1167 /* Size of buffer, not including 2 byte size field */
1168 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1169
1170 /* 2k data + 4 byte header */
1171 return (2048 + 4);
1172 }
1173
1174 case 0x01: /* DVD copyright information */
1175 buf[4] = 0; /* no copyright data */
1176 buf[5] = 0; /* no region restrictions */
1177
1178 /* Size of buffer, not including 2 byte size field */
1179 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1180
1181 /* 4 byte header + 4 byte data */
1182 return (4 + 4);
1183
1184 case 0x03: /* BCA information - invalid field for no BCA info */
1185 return -ASC_INV_FIELD_IN_CMD_PACKET;
1186
1187 case 0x04: /* DVD disc manufacturing information */
1188 /* Size of buffer, not including 2 byte size field */
1189 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1190
1191 /* 2k data + 4 byte header */
1192 return (2048 + 4);
1193
1194 case 0xff:
1195 /*
1196 * This lists all the command capabilities above. Add new ones
1197 * in order and update the length and buffer return values.
1198 */
1199
1200 buf[4] = 0x00; /* Physical format */
1201 buf[5] = 0x40; /* Not writable, is readable */
1202 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1203
1204 buf[8] = 0x01; /* Copyright info */
1205 buf[9] = 0x40; /* Not writable, is readable */
1206 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1207
1208 buf[12] = 0x03; /* BCA info */
1209 buf[13] = 0x40; /* Not writable, is readable */
1210 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1211
1212 buf[16] = 0x04; /* Manufacturing info */
1213 buf[17] = 0x40; /* Not writable, is readable */
1214 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1215
1216 /* Size of buffer, not including 2 byte size field */
1217 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1218
1219 /* data written + 4 byte header */
1220 return (16 + 4);
1221
1222 default: /* TODO: formats beyond DVD-ROM requires */
1223 return -ASC_INV_FIELD_IN_CMD_PACKET;
1224 }
1225 }
1226
1227 static void ide_atapi_cmd(IDEState *s)
1228 {
1229 const uint8_t *packet;
1230 uint8_t *buf;
1231 int max_len;
1232
1233 packet = s->io_buffer;
1234 buf = s->io_buffer;
1235 #ifdef DEBUG_IDE_ATAPI
1236 {
1237 int i;
1238 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1239 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1240 printf(" %02x", packet[i]);
1241 }
1242 printf("\n");
1243 }
1244 #endif
1245 /* If there's a UNIT_ATTENTION condition pending, only
1246 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1247 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1248 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1249 s->io_buffer[0] != GPCMD_INQUIRY) {
1250 ide_atapi_cmd_check_status(s);
1251 return;
1252 }
1253 switch(s->io_buffer[0]) {
1254 case GPCMD_TEST_UNIT_READY:
1255 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1256 ide_atapi_cmd_ok(s);
1257 } else {
1258 s->cdrom_changed = 0;
1259 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1260 ASC_MEDIUM_NOT_PRESENT);
1261 }
1262 break;
1263 case GPCMD_MODE_SENSE_6:
1264 case GPCMD_MODE_SENSE_10:
1265 {
1266 int action, code;
1267 if (packet[0] == GPCMD_MODE_SENSE_10)
1268 max_len = ube16_to_cpu(packet + 7);
1269 else
1270 max_len = packet[4];
1271 action = packet[2] >> 6;
1272 code = packet[2] & 0x3f;
1273 switch(action) {
1274 case 0: /* current values */
1275 switch(code) {
1276 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1277 cpu_to_ube16(&buf[0], 16 + 6);
1278 buf[2] = 0x70;
1279 buf[3] = 0;
1280 buf[4] = 0;
1281 buf[5] = 0;
1282 buf[6] = 0;
1283 buf[7] = 0;
1284
1285 buf[8] = 0x01;
1286 buf[9] = 0x06;
1287 buf[10] = 0x00;
1288 buf[11] = 0x05;
1289 buf[12] = 0x00;
1290 buf[13] = 0x00;
1291 buf[14] = 0x00;
1292 buf[15] = 0x00;
1293 ide_atapi_cmd_reply(s, 16, max_len);
1294 break;
1295 case GPMODE_AUDIO_CTL_PAGE:
1296 cpu_to_ube16(&buf[0], 24 + 6);
1297 buf[2] = 0x70;
1298 buf[3] = 0;
1299 buf[4] = 0;
1300 buf[5] = 0;
1301 buf[6] = 0;
1302 buf[7] = 0;
1303
1304 /* Fill with CDROM audio volume */
1305 buf[17] = 0;
1306 buf[19] = 0;
1307 buf[21] = 0;
1308 buf[23] = 0;
1309
1310 ide_atapi_cmd_reply(s, 24, max_len);
1311 break;
1312 case GPMODE_CAPABILITIES_PAGE:
1313 cpu_to_ube16(&buf[0], 28 + 6);
1314 buf[2] = 0x70;
1315 buf[3] = 0;
1316 buf[4] = 0;
1317 buf[5] = 0;
1318 buf[6] = 0;
1319 buf[7] = 0;
1320
1321 buf[8] = 0x2a;
1322 buf[9] = 0x12;
1323 buf[10] = 0x00;
1324 buf[11] = 0x00;
1325
1326 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1327 code checks for this to automount media. */
1328 buf[12] = 0x71;
1329 buf[13] = 3 << 5;
1330 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1331 if (bdrv_is_locked(s->bs))
1332 buf[6] |= 1 << 1;
1333 buf[15] = 0x00;
1334 cpu_to_ube16(&buf[16], 706);
1335 buf[18] = 0;
1336 buf[19] = 2;
1337 cpu_to_ube16(&buf[20], 512);
1338 cpu_to_ube16(&buf[22], 706);
1339 buf[24] = 0;
1340 buf[25] = 0;
1341 buf[26] = 0;
1342 buf[27] = 0;
1343 ide_atapi_cmd_reply(s, 28, max_len);
1344 break;
1345 default:
1346 goto error_cmd;
1347 }
1348 break;
1349 case 1: /* changeable values */
1350 goto error_cmd;
1351 case 2: /* default values */
1352 goto error_cmd;
1353 default:
1354 case 3: /* saved values */
1355 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1356 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1357 break;
1358 }
1359 }
1360 break;
1361 case GPCMD_REQUEST_SENSE:
1362 max_len = packet[4];
1363 memset(buf, 0, 18);
1364 buf[0] = 0x70 | (1 << 7);
1365 buf[2] = s->sense_key;
1366 buf[7] = 10;
1367 buf[12] = s->asc;
1368 if (s->sense_key == SENSE_UNIT_ATTENTION)
1369 s->sense_key = SENSE_NONE;
1370 ide_atapi_cmd_reply(s, 18, max_len);
1371 break;
1372 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1373 if (bdrv_is_inserted(s->bs)) {
1374 bdrv_set_locked(s->bs, packet[4] & 1);
1375 ide_atapi_cmd_ok(s);
1376 } else {
1377 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1378 ASC_MEDIUM_NOT_PRESENT);
1379 }
1380 break;
1381 case GPCMD_READ_10:
1382 case GPCMD_READ_12:
1383 {
1384 int nb_sectors, lba;
1385
1386 if (packet[0] == GPCMD_READ_10)
1387 nb_sectors = ube16_to_cpu(packet + 7);
1388 else
1389 nb_sectors = ube32_to_cpu(packet + 6);
1390 lba = ube32_to_cpu(packet + 2);
1391 if (nb_sectors == 0) {
1392 ide_atapi_cmd_ok(s);
1393 break;
1394 }
1395 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1396 }
1397 break;
1398 case GPCMD_READ_CD:
1399 {
1400 int nb_sectors, lba, transfer_request;
1401
1402 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1403 lba = ube32_to_cpu(packet + 2);
1404 if (nb_sectors == 0) {
1405 ide_atapi_cmd_ok(s);
1406 break;
1407 }
1408 transfer_request = packet[9];
1409 switch(transfer_request & 0xf8) {
1410 case 0x00:
1411 /* nothing */
1412 ide_atapi_cmd_ok(s);
1413 break;
1414 case 0x10:
1415 /* normal read */
1416 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1417 break;
1418 case 0xf8:
1419 /* read all data */
1420 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1421 break;
1422 default:
1423 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1424 ASC_INV_FIELD_IN_CMD_PACKET);
1425 break;
1426 }
1427 }
1428 break;
1429 case GPCMD_SEEK:
1430 {
1431 unsigned int lba;
1432 uint64_t total_sectors;
1433
1434 bdrv_get_geometry(s->bs, &total_sectors);
1435 total_sectors >>= 2;
1436 if (total_sectors == 0) {
1437 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1438 ASC_MEDIUM_NOT_PRESENT);
1439 break;
1440 }
1441 lba = ube32_to_cpu(packet + 2);
1442 if (lba >= total_sectors) {
1443 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1444 ASC_LOGICAL_BLOCK_OOR);
1445 break;
1446 }
1447 ide_atapi_cmd_ok(s);
1448 }
1449 break;
1450 case GPCMD_START_STOP_UNIT:
1451 {
1452 int start, eject, err = 0;
1453 start = packet[4] & 1;
1454 eject = (packet[4] >> 1) & 1;
1455
1456 if (eject) {
1457 err = bdrv_eject(s->bs, !start);
1458 }
1459
1460 switch (err) {
1461 case 0:
1462 ide_atapi_cmd_ok(s);
1463 break;
1464 case -EBUSY:
1465 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1466 ASC_MEDIA_REMOVAL_PREVENTED);
1467 break;
1468 default:
1469 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1470 ASC_MEDIUM_NOT_PRESENT);
1471 break;
1472 }
1473 }
1474 break;
1475 case GPCMD_MECHANISM_STATUS:
1476 {
1477 max_len = ube16_to_cpu(packet + 8);
1478 cpu_to_ube16(buf, 0);
1479 /* no current LBA */
1480 buf[2] = 0;
1481 buf[3] = 0;
1482 buf[4] = 0;
1483 buf[5] = 1;
1484 cpu_to_ube16(buf + 6, 0);
1485 ide_atapi_cmd_reply(s, 8, max_len);
1486 }
1487 break;
1488 case GPCMD_READ_TOC_PMA_ATIP:
1489 {
1490 int format, msf, start_track, len;
1491 uint64_t total_sectors;
1492
1493 bdrv_get_geometry(s->bs, &total_sectors);
1494 total_sectors >>= 2;
1495 if (total_sectors == 0) {
1496 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1497 ASC_MEDIUM_NOT_PRESENT);
1498 break;
1499 }
1500 max_len = ube16_to_cpu(packet + 7);
1501 format = packet[9] >> 6;
1502 msf = (packet[1] >> 1) & 1;
1503 start_track = packet[6];
1504 switch(format) {
1505 case 0:
1506 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1507 if (len < 0)
1508 goto error_cmd;
1509 ide_atapi_cmd_reply(s, len, max_len);
1510 break;
1511 case 1:
1512 /* multi session : only a single session defined */
1513 memset(buf, 0, 12);
1514 buf[1] = 0x0a;
1515 buf[2] = 0x01;
1516 buf[3] = 0x01;
1517 ide_atapi_cmd_reply(s, 12, max_len);
1518 break;
1519 case 2:
1520 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1521 if (len < 0)
1522 goto error_cmd;
1523 ide_atapi_cmd_reply(s, len, max_len);
1524 break;
1525 default:
1526 error_cmd:
1527 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1528 ASC_INV_FIELD_IN_CMD_PACKET);
1529 break;
1530 }
1531 }
1532 break;
1533 case GPCMD_READ_CDVD_CAPACITY:
1534 {
1535 uint64_t total_sectors;
1536
1537 bdrv_get_geometry(s->bs, &total_sectors);
1538 total_sectors >>= 2;
1539 if (total_sectors == 0) {
1540 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1541 ASC_MEDIUM_NOT_PRESENT);
1542 break;
1543 }
1544 /* NOTE: it is really the number of sectors minus 1 */
1545 cpu_to_ube32(buf, total_sectors - 1);
1546 cpu_to_ube32(buf + 4, 2048);
1547 ide_atapi_cmd_reply(s, 8, 8);
1548 }
1549 break;
1550 case GPCMD_READ_DVD_STRUCTURE:
1551 {
1552 int media = packet[1];
1553 int format = packet[7];
1554 int ret;
1555
1556 max_len = ube16_to_cpu(packet + 8);
1557
1558 if (format < 0xff) {
1559 if (media_is_cd(s)) {
1560 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1561 ASC_INCOMPATIBLE_FORMAT);
1562 break;
1563 } else if (!media_present(s)) {
1564 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1565 ASC_INV_FIELD_IN_CMD_PACKET);
1566 break;
1567 }
1568 }
1569
1570 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1571 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1572
1573 switch (format) {
1574 case 0x00 ... 0x7f:
1575 case 0xff:
1576 if (media == 0) {
1577 ret = ide_dvd_read_structure(s, format, packet, buf);
1578
1579 if (ret < 0)
1580 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1581 else
1582 ide_atapi_cmd_reply(s, ret, max_len);
1583
1584 break;
1585 }
1586 /* TODO: BD support, fall through for now */
1587
1588 /* Generic disk structures */
1589 case 0x80: /* TODO: AACS volume identifier */
1590 case 0x81: /* TODO: AACS media serial number */
1591 case 0x82: /* TODO: AACS media identifier */
1592 case 0x83: /* TODO: AACS media key block */
1593 case 0x90: /* TODO: List of recognized format layers */
1594 case 0xc0: /* TODO: Write protection status */
1595 default:
1596 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1597 ASC_INV_FIELD_IN_CMD_PACKET);
1598 break;
1599 }
1600 }
1601 break;
1602 case GPCMD_SET_SPEED:
1603 ide_atapi_cmd_ok(s);
1604 break;
1605 case GPCMD_INQUIRY:
1606 max_len = packet[4];
1607 buf[0] = 0x05; /* CD-ROM */
1608 buf[1] = 0x80; /* removable */
1609 buf[2] = 0x00; /* ISO */
1610 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1611 buf[4] = 31; /* additional length */
1612 buf[5] = 0; /* reserved */
1613 buf[6] = 0; /* reserved */
1614 buf[7] = 0; /* reserved */
1615 padstr8(buf + 8, 8, "QEMU");
1616 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1617 padstr8(buf + 32, 4, s->version);
1618 ide_atapi_cmd_reply(s, 36, max_len);
1619 break;
1620 case GPCMD_GET_CONFIGURATION:
1621 {
1622 uint32_t len;
1623 uint8_t index = 0;
1624
1625 /* only feature 0 is supported */
1626 if (packet[2] != 0 || packet[3] != 0) {
1627 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1628 ASC_INV_FIELD_IN_CMD_PACKET);
1629 break;
1630 }
1631
1632 /* XXX: could result in alignment problems in some architectures */
1633 max_len = ube16_to_cpu(packet + 7);
1634
1635 /*
1636 * XXX: avoid overflow for io_buffer if max_len is bigger than
1637 * the size of that buffer (dimensioned to max number of
1638 * sectors to transfer at once)
1639 *
1640 * Only a problem if the feature/profiles grow.
1641 */
1642 if (max_len > 512) /* XXX: assume 1 sector */
1643 max_len = 512;
1644
1645 memset(buf, 0, max_len);
1646 /*
1647 * the number of sectors from the media tells us which profile
1648 * to use as current. 0 means there is no media
1649 */
1650 if (media_is_dvd(s))
1651 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1652 else if (media_is_cd(s))
1653 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1654
1655 buf[10] = 0x02 | 0x01; /* persistent and current */
1656 len = 12; /* headers: 8 + 4 */
1657 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1658 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1659 cpu_to_ube32(buf, len - 4); /* data length */
1660
1661 ide_atapi_cmd_reply(s, len, max_len);
1662 break;
1663 }
1664 case GPCMD_GET_EVENT_STATUS_NOTIFICATION:
1665 max_len = ube16_to_cpu(packet + 7);
1666
1667 if (packet[1] & 0x01) { /* polling */
1668 /* We don't support any event class (yet). */
1669 cpu_to_ube16(buf, 0x00); /* No event descriptor returned */
1670 buf[2] = 0x80; /* No Event Available (NEA) */
1671 buf[3] = 0x00; /* Empty supported event classes */
1672 ide_atapi_cmd_reply(s, 4, max_len);
1673 } else { /* asynchronous mode */
1674 /* Only polling is supported, asynchronous mode is not. */
1675 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1676 ASC_INV_FIELD_IN_CMD_PACKET);
1677 }
1678 break;
1679 default:
1680 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1681 ASC_ILLEGAL_OPCODE);
1682 break;
1683 }
1684 }
1685
1686 static void ide_cfata_metadata_inquiry(IDEState *s)
1687 {
1688 uint16_t *p;
1689 uint32_t spd;
1690
1691 p = (uint16_t *) s->io_buffer;
1692 memset(p, 0, 0x200);
1693 spd = ((s->mdata_size - 1) >> 9) + 1;
1694
1695 put_le16(p + 0, 0x0001); /* Data format revision */
1696 put_le16(p + 1, 0x0000); /* Media property: silicon */
1697 put_le16(p + 2, s->media_changed); /* Media status */
1698 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1699 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1700 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1701 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1702 }
1703
1704 static void ide_cfata_metadata_read(IDEState *s)
1705 {
1706 uint16_t *p;
1707
1708 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1709 s->status = ERR_STAT;
1710 s->error = ABRT_ERR;
1711 return;
1712 }
1713
1714 p = (uint16_t *) s->io_buffer;
1715 memset(p, 0, 0x200);
1716
1717 put_le16(p + 0, s->media_changed); /* Media status */
1718 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1719 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1720 s->nsector << 9), 0x200 - 2));
1721 }
1722
1723 static void ide_cfata_metadata_write(IDEState *s)
1724 {
1725 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1726 s->status = ERR_STAT;
1727 s->error = ABRT_ERR;
1728 return;
1729 }
1730
1731 s->media_changed = 0;
1732
1733 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1734 s->io_buffer + 2,
1735 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1736 s->nsector << 9), 0x200 - 2));
1737 }
1738
1739 /* called when the inserted state of the media has changed */
1740 static void cdrom_change_cb(void *opaque)
1741 {
1742 IDEState *s = opaque;
1743 uint64_t nb_sectors;
1744
1745 bdrv_get_geometry(s->bs, &nb_sectors);
1746 s->nb_sectors = nb_sectors;
1747
1748 s->sense_key = SENSE_UNIT_ATTENTION;
1749 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1750 s->cdrom_changed = 1;
1751 ide_set_irq(s->bus);
1752 }
1753
1754 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1755 {
1756 s->lba48 = lba48;
1757
1758 /* handle the 'magic' 0 nsector count conversion here. to avoid
1759 * fiddling with the rest of the read logic, we just store the
1760 * full sector count in ->nsector and ignore ->hob_nsector from now
1761 */
1762 if (!s->lba48) {
1763 if (!s->nsector)
1764 s->nsector = 256;
1765 } else {
1766 if (!s->nsector && !s->hob_nsector)
1767 s->nsector = 65536;
1768 else {
1769 int lo = s->nsector;
1770 int hi = s->hob_nsector;
1771
1772 s->nsector = (hi << 8) | lo;
1773 }
1774 }
1775 }
1776
1777 static void ide_clear_hob(IDEBus *bus)
1778 {
1779 /* any write clears HOB high bit of device control register */
1780 bus->ifs[0].select &= ~(1 << 7);
1781 bus->ifs[1].select &= ~(1 << 7);
1782 }
1783
1784 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1785 {
1786 IDEBus *bus = opaque;
1787 IDEState *s;
1788 int n;
1789 int lba48 = 0;
1790
1791 #ifdef DEBUG_IDE
1792 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1793 #endif
1794
1795 addr &= 7;
1796
1797 /* ignore writes to command block while busy with previous command */
1798 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1799 return;
1800
1801 switch(addr) {
1802 case 0:
1803 break;
1804 case 1:
1805 ide_clear_hob(bus);
1806 /* NOTE: data is written to the two drives */
1807 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1808 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1809 bus->ifs[0].feature = val;
1810 bus->ifs[1].feature = val;
1811 break;
1812 case 2:
1813 ide_clear_hob(bus);
1814 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1815 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1816 bus->ifs[0].nsector = val;
1817 bus->ifs[1].nsector = val;
1818 break;
1819 case 3:
1820 ide_clear_hob(bus);
1821 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1822 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1823 bus->ifs[0].sector = val;
1824 bus->ifs[1].sector = val;
1825 break;
1826 case 4:
1827 ide_clear_hob(bus);
1828 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1829 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1830 bus->ifs[0].lcyl = val;
1831 bus->ifs[1].lcyl = val;
1832 break;
1833 case 5:
1834 ide_clear_hob(bus);
1835 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1836 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1837 bus->ifs[0].hcyl = val;
1838 bus->ifs[1].hcyl = val;
1839 break;
1840 case 6:
1841 /* FIXME: HOB readback uses bit 7 */
1842 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1843 bus->ifs[1].select = (val | 0x10) | 0xa0;
1844 /* select drive */
1845 bus->unit = (val >> 4) & 1;
1846 break;
1847 default:
1848 case 7:
1849 /* command */
1850 #if defined(DEBUG_IDE)
1851 printf("ide: CMD=%02x\n", val);
1852 #endif
1853 s = idebus_active_if(bus);
1854 /* ignore commands to non existant slave */
1855 if (s != bus->ifs && !s->bs)
1856 break;
1857
1858 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1859 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1860 break;
1861
1862 switch(val) {
1863 case WIN_IDENTIFY:
1864 if (s->bs && s->drive_kind != IDE_CD) {
1865 if (s->drive_kind != IDE_CFATA)
1866 ide_identify(s);
1867 else
1868 ide_cfata_identify(s);
1869 s->status = READY_STAT | SEEK_STAT;
1870 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1871 } else {
1872 if (s->drive_kind == IDE_CD) {
1873 ide_set_signature(s);
1874 }
1875 ide_abort_command(s);
1876 }
1877 ide_set_irq(s->bus);
1878 break;
1879 case WIN_SPECIFY:
1880 case WIN_RECAL:
1881 s->error = 0;
1882 s->status = READY_STAT | SEEK_STAT;
1883 ide_set_irq(s->bus);
1884 break;
1885 case WIN_SETMULT:
1886 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1887 /* Disable Read and Write Multiple */
1888 s->mult_sectors = 0;
1889 s->status = READY_STAT | SEEK_STAT;
1890 } else if ((s->nsector & 0xff) != 0 &&
1891 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1892 (s->nsector & (s->nsector - 1)) != 0)) {
1893 ide_abort_command(s);
1894 } else {
1895 s->mult_sectors = s->nsector & 0xff;
1896 s->status = READY_STAT | SEEK_STAT;
1897 }
1898 ide_set_irq(s->bus);
1899 break;
1900 case WIN_VERIFY_EXT:
1901 lba48 = 1;
1902 case WIN_VERIFY:
1903 case WIN_VERIFY_ONCE:
1904 /* do sector number check ? */
1905 ide_cmd_lba48_transform(s, lba48);
1906 s->status = READY_STAT | SEEK_STAT;
1907 ide_set_irq(s->bus);
1908 break;
1909 case WIN_READ_EXT:
1910 lba48 = 1;
1911 case WIN_READ:
1912 case WIN_READ_ONCE:
1913 if (!s->bs)
1914 goto abort_cmd;
1915 ide_cmd_lba48_transform(s, lba48);
1916 s->req_nb_sectors = 1;
1917 ide_sector_read(s);
1918 break;
1919 case WIN_WRITE_EXT:
1920 lba48 = 1;
1921 case WIN_WRITE:
1922 case WIN_WRITE_ONCE:
1923 case CFA_WRITE_SECT_WO_ERASE:
1924 case WIN_WRITE_VERIFY:
1925 ide_cmd_lba48_transform(s, lba48);
1926 s->error = 0;
1927 s->status = SEEK_STAT | READY_STAT;
1928 s->req_nb_sectors = 1;
1929 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1930 s->media_changed = 1;
1931 break;
1932 case WIN_MULTREAD_EXT:
1933 lba48 = 1;
1934 case WIN_MULTREAD:
1935 if (!s->mult_sectors)
1936 goto abort_cmd;
1937 ide_cmd_lba48_transform(s, lba48);
1938 s->req_nb_sectors = s->mult_sectors;
1939 ide_sector_read(s);
1940 break;
1941 case WIN_MULTWRITE_EXT:
1942 lba48 = 1;
1943 case WIN_MULTWRITE:
1944 case CFA_WRITE_MULTI_WO_ERASE:
1945 if (!s->mult_sectors)
1946 goto abort_cmd;
1947 ide_cmd_lba48_transform(s, lba48);
1948 s->error = 0;
1949 s->status = SEEK_STAT | READY_STAT;
1950 s->req_nb_sectors = s->mult_sectors;
1951 n = s->nsector;
1952 if (n > s->req_nb_sectors)
1953 n = s->req_nb_sectors;
1954 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1955 s->media_changed = 1;
1956 break;
1957 case WIN_READDMA_EXT:
1958 lba48 = 1;
1959 case WIN_READDMA:
1960 case WIN_READDMA_ONCE:
1961 if (!s->bs)
1962 goto abort_cmd;
1963 ide_cmd_lba48_transform(s, lba48);
1964 ide_sector_read_dma(s);
1965 break;
1966 case WIN_WRITEDMA_EXT:
1967 lba48 = 1;
1968 case WIN_WRITEDMA:
1969 case WIN_WRITEDMA_ONCE:
1970 if (!s->bs)
1971 goto abort_cmd;
1972 ide_cmd_lba48_transform(s, lba48);
1973 ide_sector_write_dma(s);
1974 s->media_changed = 1;
1975 break;
1976 case WIN_READ_NATIVE_MAX_EXT:
1977 lba48 = 1;
1978 case WIN_READ_NATIVE_MAX:
1979 ide_cmd_lba48_transform(s, lba48);
1980 ide_set_sector(s, s->nb_sectors - 1);
1981 s->status = READY_STAT | SEEK_STAT;
1982 ide_set_irq(s->bus);
1983 break;
1984 case WIN_CHECKPOWERMODE1:
1985 case WIN_CHECKPOWERMODE2:
1986 s->nsector = 0xff; /* device active or idle */
1987 s->status = READY_STAT | SEEK_STAT;
1988 ide_set_irq(s->bus);
1989 break;
1990 case WIN_SETFEATURES:
1991 if (!s->bs)
1992 goto abort_cmd;
1993 /* XXX: valid for CDROM ? */
1994 switch(s->feature) {
1995 case 0xcc: /* reverting to power-on defaults enable */
1996 case 0x66: /* reverting to power-on defaults disable */
1997 case 0x02: /* write cache enable */
1998 case 0x82: /* write cache disable */
1999 case 0xaa: /* read look-ahead enable */
2000 case 0x55: /* read look-ahead disable */
2001 case 0x05: /* set advanced power management mode */
2002 case 0x85: /* disable advanced power management mode */
2003 case 0x69: /* NOP */
2004 case 0x67: /* NOP */
2005 case 0x96: /* NOP */
2006 case 0x9a: /* NOP */
2007 case 0x42: /* enable Automatic Acoustic Mode */
2008 case 0xc2: /* disable Automatic Acoustic Mode */
2009 s->status = READY_STAT | SEEK_STAT;
2010 ide_set_irq(s->bus);
2011 break;
2012 case 0x03: { /* set transfer mode */
2013 uint8_t val = s->nsector & 0x07;
2014 uint16_t *identify_data = (uint16_t *)s->identify_data;
2015
2016 switch (s->nsector >> 3) {
2017 case 0x00: /* pio default */
2018 case 0x01: /* pio mode */
2019 put_le16(identify_data + 62,0x07);
2020 put_le16(identify_data + 63,0x07);
2021 put_le16(identify_data + 88,0x3f);
2022 break;
2023 case 0x02: /* sigle word dma mode*/
2024 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
2025 put_le16(identify_data + 63,0x07);
2026 put_le16(identify_data + 88,0x3f);
2027 break;
2028 case 0x04: /* mdma mode */
2029 put_le16(identify_data + 62,0x07);
2030 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
2031 put_le16(identify_data + 88,0x3f);
2032 break;
2033 case 0x08: /* udma mode */
2034 put_le16(identify_data + 62,0x07);
2035 put_le16(identify_data + 63,0x07);
2036 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
2037 break;
2038 default:
2039 goto abort_cmd;
2040 }
2041 s->status = READY_STAT | SEEK_STAT;
2042 ide_set_irq(s->bus);
2043 break;
2044 }
2045 default:
2046 goto abort_cmd;
2047 }
2048 break;
2049 case WIN_FLUSH_CACHE:
2050 case WIN_FLUSH_CACHE_EXT:
2051 ide_flush_cache(s);
2052 break;
2053 case WIN_STANDBY:
2054 case WIN_STANDBY2:
2055 case WIN_STANDBYNOW1:
2056 case WIN_STANDBYNOW2:
2057 case WIN_IDLEIMMEDIATE:
2058 case CFA_IDLEIMMEDIATE:
2059 case WIN_SETIDLE1:
2060 case WIN_SETIDLE2:
2061 case WIN_SLEEPNOW1:
2062 case WIN_SLEEPNOW2:
2063 s->status = READY_STAT;
2064 ide_set_irq(s->bus);
2065 break;
2066 case WIN_SEEK:
2067 if(s->drive_kind == IDE_CD)
2068 goto abort_cmd;
2069 /* XXX: Check that seek is within bounds */
2070 s->status = READY_STAT | SEEK_STAT;
2071 ide_set_irq(s->bus);
2072 break;
2073 /* ATAPI commands */
2074 case WIN_PIDENTIFY:
2075 if (s->drive_kind == IDE_CD) {
2076 ide_atapi_identify(s);
2077 s->status = READY_STAT | SEEK_STAT;
2078 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2079 } else {
2080 ide_abort_command(s);
2081 }
2082 ide_set_irq(s->bus);
2083 break;
2084 case WIN_DIAGNOSE:
2085 ide_set_signature(s);
2086 if (s->drive_kind == IDE_CD)
2087 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2088 * devices to return a clear status register
2089 * with READY_STAT *not* set. */
2090 else
2091 s->status = READY_STAT | SEEK_STAT;
2092 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2093 * present.
2094 */
2095 ide_set_irq(s->bus);
2096 break;
2097 case WIN_SRST:
2098 if (s->drive_kind != IDE_CD)
2099 goto abort_cmd;
2100 ide_set_signature(s);
2101 s->status = 0x00; /* NOTE: READY is _not_ set */
2102 s->error = 0x01;
2103 break;
2104 case WIN_PACKETCMD:
2105 if (s->drive_kind != IDE_CD)
2106 goto abort_cmd;
2107 /* overlapping commands not supported */
2108 if (s->feature & 0x02)
2109 goto abort_cmd;
2110 s->status = READY_STAT | SEEK_STAT;
2111 s->atapi_dma = s->feature & 1;
2112 s->nsector = 1;
2113 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2114 ide_atapi_cmd);
2115 break;
2116 /* CF-ATA commands */
2117 case CFA_REQ_EXT_ERROR_CODE:
2118 if (s->drive_kind != IDE_CFATA)
2119 goto abort_cmd;
2120 s->error = 0x09; /* miscellaneous error */
2121 s->status = READY_STAT | SEEK_STAT;
2122 ide_set_irq(s->bus);
2123 break;
2124 case CFA_ERASE_SECTORS:
2125 case CFA_WEAR_LEVEL:
2126 if (s->drive_kind != IDE_CFATA)
2127 goto abort_cmd;
2128 if (val == CFA_WEAR_LEVEL)
2129 s->nsector = 0;
2130 if (val == CFA_ERASE_SECTORS)
2131 s->media_changed = 1;
2132 s->error = 0x00;
2133 s->status = READY_STAT | SEEK_STAT;
2134 ide_set_irq(s->bus);
2135 break;
2136 case CFA_TRANSLATE_SECTOR:
2137 if (s->drive_kind != IDE_CFATA)
2138 goto abort_cmd;
2139 s->error = 0x00;
2140 s->status = READY_STAT | SEEK_STAT;
2141 memset(s->io_buffer, 0, 0x200);
2142 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2143 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2144 s->io_buffer[0x02] = s->select; /* Head */
2145 s->io_buffer[0x03] = s->sector; /* Sector */
2146 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2147 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2148 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2149 s->io_buffer[0x13] = 0x00; /* Erase flag */
2150 s->io_buffer[0x18] = 0x00; /* Hot count */
2151 s->io_buffer[0x19] = 0x00; /* Hot count */
2152 s->io_buffer[0x1a] = 0x01; /* Hot count */
2153 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2154 ide_set_irq(s->bus);
2155 break;
2156 case CFA_ACCESS_METADATA_STORAGE:
2157 if (s->drive_kind != IDE_CFATA)
2158 goto abort_cmd;
2159 switch (s->feature) {
2160 case 0x02: /* Inquiry Metadata Storage */
2161 ide_cfata_metadata_inquiry(s);
2162 break;
2163 case 0x03: /* Read Metadata Storage */
2164 ide_cfata_metadata_read(s);
2165 break;
2166 case 0x04: /* Write Metadata Storage */
2167 ide_cfata_metadata_write(s);
2168 break;
2169 default:
2170 goto abort_cmd;
2171 }
2172 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2173 s->status = 0x00; /* NOTE: READY is _not_ set */
2174 ide_set_irq(s->bus);
2175 break;
2176 case IBM_SENSE_CONDITION:
2177 if (s->drive_kind != IDE_CFATA)
2178 goto abort_cmd;
2179 switch (s->feature) {
2180 case 0x01: /* sense temperature in device */
2181 s->nsector = 0x50; /* +20 C */
2182 break;
2183 default:
2184 goto abort_cmd;
2185 }
2186 s->status = READY_STAT | SEEK_STAT;
2187 ide_set_irq(s->bus);
2188 break;
2189
2190 case WIN_SMART:
2191 if (s->drive_kind == IDE_CD)
2192 goto abort_cmd;
2193 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2194 goto abort_cmd;
2195 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2196 goto abort_cmd;
2197 switch (s->feature) {
2198 case SMART_DISABLE:
2199 s->smart_enabled = 0;
2200 s->status = READY_STAT | SEEK_STAT;
2201 ide_set_irq(s->bus);
2202 break;
2203 case SMART_ENABLE:
2204 s->smart_enabled = 1;
2205 s->status = READY_STAT | SEEK_STAT;
2206 ide_set_irq(s->bus);
2207 break;
2208 case SMART_ATTR_AUTOSAVE:
2209 switch (s->sector) {
2210 case 0x00:
2211 s->smart_autosave = 0;
2212 break;
2213 case 0xf1:
2214 s->smart_autosave = 1;
2215 break;
2216 default:
2217 goto abort_cmd;
2218 }
2219 s->status = READY_STAT | SEEK_STAT;
2220 ide_set_irq(s->bus);
2221 break;
2222 case SMART_STATUS:
2223 if (!s->smart_errors) {
2224 s->hcyl = 0xc2;
2225 s->lcyl = 0x4f;
2226 } else {
2227 s->hcyl = 0x2c;
2228 s->lcyl = 0xf4;
2229 }
2230 s->status = READY_STAT | SEEK_STAT;
2231 ide_set_irq(s->bus);
2232 break;
2233 case SMART_READ_THRESH:
2234 memset(s->io_buffer, 0, 0x200);
2235 s->io_buffer[0] = 0x01; /* smart struct version */
2236 for (n=0; n<30; n++) {
2237 if (smart_attributes[n][0] == 0)
2238 break;
2239 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2240 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2241 }
2242 for (n=0; n<511; n++) /* checksum */
2243 s->io_buffer[511] += s->io_buffer[n];
2244 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2245 s->status = READY_STAT | SEEK_STAT;
2246 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2247 ide_set_irq(s->bus);
2248 break;
2249 case SMART_READ_DATA:
2250 memset(s->io_buffer, 0, 0x200);
2251 s->io_buffer[0] = 0x01; /* smart struct version */
2252 for (n=0; n<30; n++) {
2253 if (smart_attributes[n][0] == 0)
2254 break;
2255 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2256 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2257 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2258 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2259 }
2260 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2261 if (s->smart_selftest_count == 0) {
2262 s->io_buffer[363] = 0;
2263 } else {
2264 s->io_buffer[363] =
2265 s->smart_selftest_data[3 +
2266 (s->smart_selftest_count - 1) *
2267 24];
2268 }
2269 s->io_buffer[364] = 0x20;
2270 s->io_buffer[365] = 0x01;
2271 /* offline data collection capacity: execute + self-test*/
2272 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2273 s->io_buffer[368] = 0x03; /* smart capability (1) */
2274 s->io_buffer[369] = 0x00; /* smart capability (2) */
2275 s->io_buffer[370] = 0x01; /* error logging supported */
2276 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2277 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2278 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2279
2280 for (n=0; n<511; n++)
2281 s->io_buffer[511] += s->io_buffer[n];
2282 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2283 s->status = READY_STAT | SEEK_STAT;
2284 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2285 ide_set_irq(s->bus);
2286 break;
2287 case SMART_READ_LOG:
2288 switch (s->sector) {
2289 case 0x01: /* summary smart error log */
2290 memset(s->io_buffer, 0, 0x200);
2291 s->io_buffer[0] = 0x01;
2292 s->io_buffer[1] = 0x00; /* no error entries */
2293 s->io_buffer[452] = s->smart_errors & 0xff;
2294 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2295
2296 for (n=0; n<511; n++)
2297 s->io_buffer[511] += s->io_buffer[n];
2298 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2299 break;
2300 case 0x06: /* smart self test log */
2301 memset(s->io_buffer, 0, 0x200);
2302 s->io_buffer[0] = 0x01;
2303 if (s->smart_selftest_count == 0) {
2304 s->io_buffer[508] = 0;
2305 } else {
2306 s->io_buffer[508] = s->smart_selftest_count;
2307 for (n=2; n<506; n++)
2308 s->io_buffer[n] = s->smart_selftest_data[n];
2309 }
2310 for (n=0; n<511; n++)
2311 s->io_buffer[511] += s->io_buffer[n];
2312 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2313 break;
2314 default:
2315 goto abort_cmd;
2316 }
2317 s->status = READY_STAT | SEEK_STAT;
2318 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2319 ide_set_irq(s->bus);
2320 break;
2321 case SMART_EXECUTE_OFFLINE:
2322 switch (s->sector) {
2323 case 0: /* off-line routine */
2324 case 1: /* short self test */
2325 case 2: /* extended self test */
2326 s->smart_selftest_count++;
2327 if(s->smart_selftest_count > 21)
2328 s->smart_selftest_count = 0;
2329 n = 2 + (s->smart_selftest_count - 1) * 24;
2330 s->smart_selftest_data[n] = s->sector;
2331 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2332 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2333 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2334 s->status = READY_STAT | SEEK_STAT;
2335 ide_set_irq(s->bus);
2336 break;
2337 default:
2338 goto abort_cmd;
2339 }
2340 break;
2341 default:
2342 goto abort_cmd;
2343 }
2344 break;
2345 default:
2346 abort_cmd:
2347 ide_abort_command(s);
2348 ide_set_irq(s->bus);
2349 break;
2350 }
2351 }
2352 }
2353
2354 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2355 {
2356 IDEBus *bus = opaque;
2357 IDEState *s = idebus_active_if(bus);
2358 uint32_t addr;
2359 int ret, hob;
2360
2361 addr = addr1 & 7;
2362 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2363 //hob = s->select & (1 << 7);
2364 hob = 0;
2365 switch(addr) {
2366 case 0:
2367 ret = 0xff;
2368 break;
2369 case 1:
2370 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2371 (s != bus->ifs && !s->bs))
2372 ret = 0;
2373 else if (!hob)
2374 ret = s->error;
2375 else
2376 ret = s->hob_feature;
2377 break;
2378 case 2:
2379 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2380 ret = 0;
2381 else if (!hob)
2382 ret = s->nsector & 0xff;
2383 else
2384 ret = s->hob_nsector;
2385 break;
2386 case 3:
2387 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2388 ret = 0;
2389 else if (!hob)
2390 ret = s->sector;
2391 else
2392 ret = s->hob_sector;
2393 break;
2394 case 4:
2395 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2396 ret = 0;
2397 else if (!hob)
2398 ret = s->lcyl;
2399 else
2400 ret = s->hob_lcyl;
2401 break;
2402 case 5:
2403 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2404 ret = 0;
2405 else if (!hob)
2406 ret = s->hcyl;
2407 else
2408 ret = s->hob_hcyl;
2409 break;
2410 case 6:
2411 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2412 ret = 0;
2413 else
2414 ret = s->select;
2415 break;
2416 default:
2417 case 7:
2418 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2419 (s != bus->ifs && !s->bs))
2420 ret = 0;
2421 else
2422 ret = s->status;
2423 qemu_irq_lower(bus->irq);
2424 break;
2425 }
2426 #ifdef DEBUG_IDE
2427 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2428 #endif
2429 return ret;
2430 }
2431
2432 uint32_t ide_status_read(void *opaque, uint32_t addr)
2433 {
2434 IDEBus *bus = opaque;
2435 IDEState *s = idebus_active_if(bus);
2436 int ret;
2437
2438 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2439 (s != bus->ifs && !s->bs))
2440 ret = 0;
2441 else
2442 ret = s->status;
2443 #ifdef DEBUG_IDE
2444 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2445 #endif
2446 return ret;
2447 }
2448
2449 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2450 {
2451 IDEBus *bus = opaque;
2452 IDEState *s;
2453 int i;
2454
2455 #ifdef DEBUG_IDE
2456 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2457 #endif
2458 /* common for both drives */
2459 if (!(bus->cmd & IDE_CMD_RESET) &&
2460 (val & IDE_CMD_RESET)) {
2461 /* reset low to high */
2462 for(i = 0;i < 2; i++) {
2463 s = &bus->ifs[i];
2464 s->status = BUSY_STAT | SEEK_STAT;
2465 s->error = 0x01;
2466 }
2467 } else if ((bus->cmd & IDE_CMD_RESET) &&
2468 !(val & IDE_CMD_RESET)) {
2469 /* high to low */
2470 for(i = 0;i < 2; i++) {
2471 s = &bus->ifs[i];
2472 if (s->drive_kind == IDE_CD)
2473 s->status = 0x00; /* NOTE: READY is _not_ set */
2474 else
2475 s->status = READY_STAT | SEEK_STAT;
2476 ide_set_signature(s);
2477 }
2478 }
2479
2480 bus->cmd = val;
2481 }
2482
2483 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2484 {
2485 IDEBus *bus = opaque;
2486 IDEState *s = idebus_active_if(bus);
2487 uint8_t *p;
2488
2489 /* PIO data access allowed only when DRQ bit is set */
2490 if (!(s->status & DRQ_STAT))
2491 return;
2492
2493 p = s->data_ptr;
2494 *(uint16_t *)p = le16_to_cpu(val);
2495 p += 2;
2496 s->data_ptr = p;
2497 if (p >= s->data_end)
2498 s->end_transfer_func(s);
2499 }
2500
2501 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2502 {
2503 IDEBus *bus = opaque;
2504 IDEState *s = idebus_active_if(bus);
2505 uint8_t *p;
2506 int ret;
2507
2508 /* PIO data access allowed only when DRQ bit is set */
2509 if (!(s->status & DRQ_STAT))
2510 return 0;
2511
2512 p = s->data_ptr;
2513 ret = cpu_to_le16(*(uint16_t *)p);
2514 p += 2;
2515 s->data_ptr = p;
2516 if (p >= s->data_end)
2517 s->end_transfer_func(s);
2518 return ret;
2519 }
2520
2521 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2522 {
2523 IDEBus *bus = opaque;
2524 IDEState *s = idebus_active_if(bus);
2525 uint8_t *p;
2526
2527 /* PIO data access allowed only when DRQ bit is set */
2528 if (!(s->status & DRQ_STAT))
2529 return;
2530
2531 p = s->data_ptr;
2532 *(uint32_t *)p = le32_to_cpu(val);
2533 p += 4;
2534 s->data_ptr = p;
2535 if (p >= s->data_end)
2536 s->end_transfer_func(s);
2537 }
2538
2539 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2540 {
2541 IDEBus *bus = opaque;
2542 IDEState *s = idebus_active_if(bus);
2543 uint8_t *p;
2544 int ret;
2545
2546 /* PIO data access allowed only when DRQ bit is set */
2547 if (!(s->status & DRQ_STAT))
2548 return 0;
2549
2550 p = s->data_ptr;
2551 ret = cpu_to_le32(*(uint32_t *)p);
2552 p += 4;
2553 s->data_ptr = p;
2554 if (p >= s->data_end)
2555 s->end_transfer_func(s);
2556 return ret;
2557 }
2558
2559 static void ide_dummy_transfer_stop(IDEState *s)
2560 {
2561 s->data_ptr = s->io_buffer;
2562 s->data_end = s->io_buffer;
2563 s->io_buffer[0] = 0xff;
2564 s->io_buffer[1] = 0xff;
2565 s->io_buffer[2] = 0xff;
2566 s->io_buffer[3] = 0xff;
2567 }
2568
2569 static void ide_reset(IDEState *s)
2570 {
2571 #ifdef DEBUG_IDE
2572 printf("ide: reset\n");
2573 #endif
2574 if (s->drive_kind == IDE_CFATA)
2575 s->mult_sectors = 0;
2576 else
2577 s->mult_sectors = MAX_MULT_SECTORS;
2578 /* ide regs */
2579 s->feature = 0;
2580 s->error = 0;
2581 s->nsector = 0;
2582 s->sector = 0;
2583 s->lcyl = 0;
2584 s->hcyl = 0;
2585
2586 /* lba48 */
2587 s->hob_feature = 0;
2588 s->hob_sector = 0;
2589 s->hob_nsector = 0;
2590 s->hob_lcyl = 0;
2591 s->hob_hcyl = 0;
2592
2593 s->select = 0xa0;
2594 s->status = READY_STAT | SEEK_STAT;
2595
2596 s->lba48 = 0;
2597
2598 /* ATAPI specific */
2599 s->sense_key = 0;
2600 s->asc = 0;
2601 s->cdrom_changed = 0;
2602 s->packet_transfer_size = 0;
2603 s->elementary_transfer_size = 0;
2604 s->io_buffer_index = 0;
2605 s->cd_sector_size = 0;
2606 s->atapi_dma = 0;
2607 /* ATA DMA state */
2608 s->io_buffer_size = 0;
2609 s->req_nb_sectors = 0;
2610
2611 ide_set_signature(s);
2612 /* init the transfer handler so that 0xffff is returned on data
2613 accesses */
2614 s->end_transfer_func = ide_dummy_transfer_stop;
2615 ide_dummy_transfer_stop(s);
2616 s->media_changed = 0;
2617 }
2618
2619 void ide_bus_reset(IDEBus *bus)
2620 {
2621 bus->unit = 0;
2622 bus->cmd = 0;
2623 ide_reset(&bus->ifs[0]);
2624 ide_reset(&bus->ifs[1]);
2625 ide_clear_hob(bus);
2626 }
2627
2628 int ide_init_drive(IDEState *s, BlockDriverState *bs,
2629 const char *version, const char *serial)
2630 {
2631 int cylinders, heads, secs;
2632 uint64_t nb_sectors;
2633
2634 s->bs = bs;
2635 bdrv_get_geometry(bs, &nb_sectors);
2636 bdrv_guess_geometry(bs, &cylinders, &heads, &secs);
2637 if (cylinders < 1 || cylinders > 16383) {
2638 error_report("cyls must be between 1 and 16383");
2639 return -1;
2640 }
2641 if (heads < 1 || heads > 16) {
2642 error_report("heads must be between 1 and 16");
2643 return -1;
2644 }
2645 if (secs < 1 || secs > 63) {
2646 error_report("secs must be between 1 and 63");
2647 return -1;
2648 }
2649 s->cylinders = cylinders;
2650 s->heads = heads;
2651 s->sectors = secs;
2652 s->nb_sectors = nb_sectors;
2653 /* The SMART values should be preserved across power cycles
2654 but they aren't. */
2655 s->smart_enabled = 1;
2656 s->smart_autosave = 1;
2657 s->smart_errors = 0;
2658 s->smart_selftest_count = 0;
2659 if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) {
2660 s->drive_kind = IDE_CD;
2661 bdrv_set_change_cb(bs, cdrom_change_cb, s);
2662 bs->buffer_alignment = 2048;
2663 } else {
2664 if (!bdrv_is_inserted(s->bs)) {
2665 error_report("Device needs media, but drive is empty");
2666 return -1;
2667 }
2668 if (bdrv_is_read_only(bs)) {
2669 error_report("Can't use a read-only drive");
2670 return -1;
2671 }
2672 }
2673 if (serial) {
2674 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
2675 } else {
2676 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2677 "QM%05d", s->drive_serial);
2678 }
2679 if (version) {
2680 pstrcpy(s->version, sizeof(s->version), version);
2681 } else {
2682 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2683 }
2684 ide_reset(s);
2685 bdrv_set_removable(bs, s->drive_kind == IDE_CD);
2686 return 0;
2687 }
2688
2689 static void ide_init1(IDEBus *bus, int unit)
2690 {
2691 static int drive_serial = 1;
2692 IDEState *s = &bus->ifs[unit];
2693
2694 s->bus = bus;
2695 s->unit = unit;
2696 s->drive_serial = drive_serial++;
2697 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
2698 s->io_buffer = qemu_memalign(2048, IDE_DMA_BUF_SECTORS*512 + 4);
2699 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2700 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2701 s->sector_write_timer = qemu_new_timer(vm_clock,
2702 ide_sector_write_timer_cb, s);
2703 }
2704
2705 void ide_init2(IDEBus *bus, qemu_irq irq)
2706 {
2707 int i;
2708
2709 for(i = 0; i < 2; i++) {
2710 ide_init1(bus, i);
2711 ide_reset(&bus->ifs[i]);
2712 }
2713 bus->irq = irq;
2714 }
2715
2716 /* TODO convert users to qdev and remove */
2717 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2718 DriveInfo *hd1, qemu_irq irq)
2719 {
2720 int i;
2721 DriveInfo *dinfo;
2722
2723 for(i = 0; i < 2; i++) {
2724 dinfo = i == 0 ? hd0 : hd1;
2725 ide_init1(bus, i);
2726 if (dinfo) {
2727 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL,
2728 *dinfo->serial ? dinfo->serial : NULL) < 0) {
2729 error_report("Can't set up IDE drive %s", dinfo->id);
2730 exit(1);
2731 }
2732 } else {
2733 ide_reset(&bus->ifs[i]);
2734 }
2735 }
2736 bus->irq = irq;
2737 }
2738
2739 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2740 {
2741 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2742 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2743 if (iobase2) {
2744 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2745 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2746 }
2747
2748 /* data ports */
2749 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2750 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2751 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2752 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2753 }
2754
2755 static bool is_identify_set(void *opaque, int version_id)
2756 {
2757 IDEState *s = opaque;
2758
2759 return s->identify_set != 0;
2760 }
2761
2762 static EndTransferFunc* transfer_end_table[] = {
2763 ide_sector_read,
2764 ide_sector_write,
2765 ide_transfer_stop,
2766 ide_atapi_cmd_reply_end,
2767 ide_atapi_cmd,
2768 ide_dummy_transfer_stop,
2769 };
2770
2771 static int transfer_end_table_idx(EndTransferFunc *fn)
2772 {
2773 int i;
2774
2775 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2776 if (transfer_end_table[i] == fn)
2777 return i;
2778
2779 return -1;
2780 }
2781
2782 static int ide_drive_post_load(void *opaque, int version_id)
2783 {
2784 IDEState *s = opaque;
2785
2786 if (version_id < 3) {
2787 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2788 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2789 s->cdrom_changed = 1;
2790 }
2791 }
2792 return 0;
2793 }
2794
2795 static int ide_drive_pio_post_load(void *opaque, int version_id)
2796 {
2797 IDEState *s = opaque;
2798
2799 if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) {
2800 return -EINVAL;
2801 }
2802 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2803 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2804 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2805
2806 return 0;
2807 }
2808
2809 static void ide_drive_pio_pre_save(void *opaque)
2810 {
2811 IDEState *s = opaque;
2812 int idx;
2813
2814 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2815 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2816
2817 idx = transfer_end_table_idx(s->end_transfer_func);
2818 if (idx == -1) {
2819 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2820 __func__);
2821 s->end_transfer_fn_idx = 2;
2822 } else {
2823 s->end_transfer_fn_idx = idx;
2824 }
2825 }
2826
2827 static bool ide_drive_pio_state_needed(void *opaque)
2828 {
2829 IDEState *s = opaque;
2830
2831 return (s->status & DRQ_STAT) != 0;
2832 }
2833
2834 const VMStateDescription vmstate_ide_drive_pio_state = {
2835 .name = "ide_drive/pio_state",
2836 .version_id = 1,
2837 .minimum_version_id = 1,
2838 .minimum_version_id_old = 1,
2839 .pre_save = ide_drive_pio_pre_save,
2840 .post_load = ide_drive_pio_post_load,
2841 .fields = (VMStateField []) {
2842 VMSTATE_INT32(req_nb_sectors, IDEState),
2843 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2844 vmstate_info_uint8, uint8_t),
2845 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2846 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2847 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2848 VMSTATE_INT32(elementary_transfer_size, IDEState),
2849 VMSTATE_INT32(packet_transfer_size, IDEState),
2850 VMSTATE_END_OF_LIST()
2851 }
2852 };
2853
2854 const VMStateDescription vmstate_ide_drive = {
2855 .name = "ide_drive",
2856 .version_id = 3,
2857 .minimum_version_id = 0,
2858 .minimum_version_id_old = 0,
2859 .post_load = ide_drive_post_load,
2860 .fields = (VMStateField []) {
2861 VMSTATE_INT32(mult_sectors, IDEState),
2862 VMSTATE_INT32(identify_set, IDEState),
2863 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2864 VMSTATE_UINT8(feature, IDEState),
2865 VMSTATE_UINT8(error, IDEState),
2866 VMSTATE_UINT32(nsector, IDEState),
2867 VMSTATE_UINT8(sector, IDEState),
2868 VMSTATE_UINT8(lcyl, IDEState),
2869 VMSTATE_UINT8(hcyl, IDEState),
2870 VMSTATE_UINT8(hob_feature, IDEState),
2871 VMSTATE_UINT8(hob_sector, IDEState),
2872 VMSTATE_UINT8(hob_nsector, IDEState),
2873 VMSTATE_UINT8(hob_lcyl, IDEState),
2874 VMSTATE_UINT8(hob_hcyl, IDEState),
2875 VMSTATE_UINT8(select, IDEState),
2876 VMSTATE_UINT8(status, IDEState),
2877 VMSTATE_UINT8(lba48, IDEState),
2878 VMSTATE_UINT8(sense_key, IDEState),
2879 VMSTATE_UINT8(asc, IDEState),
2880 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2881 VMSTATE_END_OF_LIST()
2882 },
2883 .subsections = (VMStateSubsection []) {
2884 {
2885 .vmsd = &vmstate_ide_drive_pio_state,
2886 .needed = ide_drive_pio_state_needed,
2887 }, {
2888 /* empty */
2889 }
2890 }
2891 };
2892
2893 const VMStateDescription vmstate_ide_bus = {
2894 .name = "ide_bus",
2895 .version_id = 1,
2896 .minimum_version_id = 1,
2897 .minimum_version_id_old = 1,
2898 .fields = (VMStateField []) {
2899 VMSTATE_UINT8(cmd, IDEBus),
2900 VMSTATE_UINT8(unit, IDEBus),
2901 VMSTATE_END_OF_LIST()
2902 }
2903 };
2904
2905 /***********************************************************/
2906 /* PCI IDE definitions */
2907
2908 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2909 {
2910 BMDMAState *bm = s->bus->bmdma;
2911 if(!bm)
2912 return;
2913 bm->unit = s->unit;
2914 bm->dma_cb = dma_cb;
2915 bm->cur_prd_last = 0;
2916 bm->cur_prd_addr = 0;
2917 bm->cur_prd_len = 0;
2918 bm->sector_num = ide_get_sector(s);
2919 bm->nsector = s->nsector;
2920 if (bm->status & BM_STATUS_DMAING) {
2921 bm->dma_cb(bm, 0);
2922 }
2923 }
2924
2925 static void ide_dma_restart(IDEState *s, int is_read)
2926 {
2927 BMDMAState *bm = s->bus->bmdma;
2928 ide_set_sector(s, bm->sector_num);
2929 s->io_buffer_index = 0;
2930 s->io_buffer_size = 0;
2931 s->nsector = bm->nsector;
2932 bm->cur_addr = bm->addr;
2933
2934 if (is_read) {
2935 bm->dma_cb = ide_read_dma_cb;
2936 } else {
2937 bm->dma_cb = ide_write_dma_cb;
2938 }
2939
2940 ide_dma_start(s, bm->dma_cb);
2941 }
2942
2943 void ide_dma_cancel(BMDMAState *bm)
2944 {
2945 if (bm->status & BM_STATUS_DMAING) {
2946 if (bm->aiocb) {
2947 #ifdef DEBUG_AIO
2948 printf("aio_cancel\n");
2949 #endif
2950 bdrv_aio_cancel(bm->aiocb);
2951 bm->aiocb = NULL;
2952 }
2953 bm->status &= ~BM_STATUS_DMAING;
2954 /* cancel DMA request */
2955 bm->unit = -1;
2956 bm->dma_cb = NULL;
2957 }
2958 }
2959
2960 void ide_dma_reset(BMDMAState *bm)
2961 {
2962 #ifdef DEBUG_IDE
2963 printf("ide: dma_reset\n");
2964 #endif
2965 ide_dma_cancel(bm);
2966 bm->cmd = 0;
2967 bm->status = 0;
2968 bm->addr = 0;
2969 bm->cur_addr = 0;
2970 bm->cur_prd_last = 0;
2971 bm->cur_prd_addr = 0;
2972 bm->cur_prd_len = 0;
2973 bm->sector_num = 0;
2974 bm->nsector = 0;
2975 }
QEmu