search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
ide: Generate BLOCK_IO_ERROR QMP event
[qemu/ar7.git] / hw / ide / core.c
blob603e53776ec77efb2ff3ea0462d4c4707fc065dd
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi.h>
29 #include <hw/sh.h>
30 #include "block.h"
31 #include "block_int.h"
32 #include "qemu-timer.h"
33 #include "sysemu.h"
34 #include "dma.h"
35
36 #include <hw/ide/internal.h>
37
38 static int smart_attributes[][5] = {
39 /* id, flags, val, wrst, thrsh */
40 { 0x01, 0x03, 0x64, 0x64, 0x06}, /* raw read */
41 { 0x03, 0x03, 0x64, 0x64, 0x46}, /* spin up */
42 { 0x04, 0x02, 0x64, 0x64, 0x14}, /* start stop count */
43 { 0x05, 0x03, 0x64, 0x64, 0x36}, /* remapped sectors */
44 { 0x00, 0x00, 0x00, 0x00, 0x00}
45 };
46
47 /* XXX: DVDs that could fit on a CD will be reported as a CD */
48 static inline int media_present(IDEState *s)
49 {
50 return (s->nb_sectors > 0);
51 }
52
53 static inline int media_is_dvd(IDEState *s)
54 {
55 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
56 }
57
58 static inline int media_is_cd(IDEState *s)
59 {
60 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
61 }
62
63 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb);
64 static void ide_dma_restart(IDEState *s, int is_read);
65 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
66 static int ide_handle_rw_error(IDEState *s, int error, int op);
67
68 static void padstr(char *str, const char *src, int len)
69 {
70 int i, v;
71 for(i = 0; i < len; i++) {
72 if (*src)
73 v = *src++;
74 else
75 v = ' ';
76 str[i^1] = v;
77 }
78 }
79
80 static void padstr8(uint8_t *buf, int buf_size, const char *src)
81 {
82 int i;
83 for(i = 0; i < buf_size; i++) {
84 if (*src)
85 buf[i] = *src++;
86 else
87 buf[i] = ' ';
88 }
89 }
90
91 static void put_le16(uint16_t *p, unsigned int v)
92 {
93 *p = cpu_to_le16(v);
94 }
95
96 static void ide_identify(IDEState *s)
97 {
98 uint16_t *p;
99 unsigned int oldsize;
100
101 if (s->identify_set) {
102 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
103 return;
104 }
105
106 memset(s->io_buffer, 0, 512);
107 p = (uint16_t *)s->io_buffer;
108 put_le16(p + 0, 0x0040);
109 put_le16(p + 1, s->cylinders);
110 put_le16(p + 3, s->heads);
111 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
112 put_le16(p + 5, 512); /* XXX: retired, remove ? */
113 put_le16(p + 6, s->sectors);
114 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
115 put_le16(p + 20, 3); /* XXX: retired, remove ? */
116 put_le16(p + 21, 512); /* cache size in sectors */
117 put_le16(p + 22, 4); /* ecc bytes */
118 padstr((char *)(p + 23), s->version, 8); /* firmware version */
119 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
120 #if MAX_MULT_SECTORS > 1
121 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
122 #endif
123 put_le16(p + 48, 1); /* dword I/O */
124 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
125 put_le16(p + 51, 0x200); /* PIO transfer cycle */
126 put_le16(p + 52, 0x200); /* DMA transfer cycle */
127 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
128 put_le16(p + 54, s->cylinders);
129 put_le16(p + 55, s->heads);
130 put_le16(p + 56, s->sectors);
131 oldsize = s->cylinders * s->heads * s->sectors;
132 put_le16(p + 57, oldsize);
133 put_le16(p + 58, oldsize >> 16);
134 if (s->mult_sectors)
135 put_le16(p + 59, 0x100 | s->mult_sectors);
136 put_le16(p + 60, s->nb_sectors);
137 put_le16(p + 61, s->nb_sectors >> 16);
138 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
139 put_le16(p + 63, 0x07); /* mdma0-2 supported */
140 put_le16(p + 65, 120);
141 put_le16(p + 66, 120);
142 put_le16(p + 67, 120);
143 put_le16(p + 68, 120);
144 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
145 put_le16(p + 81, 0x16); /* conforms to ata5 */
146 /* 14=NOP supported, 0=SMART supported */
147 put_le16(p + 82, (1 << 14) | 1);
148 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
149 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
150 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
151 put_le16(p + 84, (1 << 14) | 0);
152 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
153 if (bdrv_enable_write_cache(s->bs))
154 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
155 else
156 put_le16(p + 85, (1 << 14) | 1);
157 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
158 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
159 /* 14=set to 1, 1=smart self test, 0=smart error logging */
160 put_le16(p + 87, (1 << 14) | 0);
161 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
162 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
163 put_le16(p + 100, s->nb_sectors);
164 put_le16(p + 101, s->nb_sectors >> 16);
165 put_le16(p + 102, s->nb_sectors >> 32);
166 put_le16(p + 103, s->nb_sectors >> 48);
167
168 memcpy(s->identify_data, p, sizeof(s->identify_data));
169 s->identify_set = 1;
170 }
171
172 static void ide_atapi_identify(IDEState *s)
173 {
174 uint16_t *p;
175
176 if (s->identify_set) {
177 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
178 return;
179 }
180
181 memset(s->io_buffer, 0, 512);
182 p = (uint16_t *)s->io_buffer;
183 /* Removable CDROM, 50us response, 12 byte packets */
184 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
185 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
186 put_le16(p + 20, 3); /* buffer type */
187 put_le16(p + 21, 512); /* cache size in sectors */
188 put_le16(p + 22, 4); /* ecc bytes */
189 padstr((char *)(p + 23), s->version, 8); /* firmware version */
190 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
191 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
192 #ifdef USE_DMA_CDROM
193 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
194 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
195 put_le16(p + 62, 7); /* single word dma0-2 supported */
196 put_le16(p + 63, 7); /* mdma0-2 supported */
197 put_le16(p + 64, 0x3f); /* PIO modes supported */
198 #else
199 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
200 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
201 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
202 put_le16(p + 64, 1); /* PIO modes */
203 #endif
204 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
205 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
206 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
207 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
208
209 put_le16(p + 71, 30); /* in ns */
210 put_le16(p + 72, 30); /* in ns */
211
212 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
213 #ifdef USE_DMA_CDROM
214 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
215 #endif
216 memcpy(s->identify_data, p, sizeof(s->identify_data));
217 s->identify_set = 1;
218 }
219
220 static void ide_cfata_identify(IDEState *s)
221 {
222 uint16_t *p;
223 uint32_t cur_sec;
224
225 p = (uint16_t *) s->identify_data;
226 if (s->identify_set)
227 goto fill_buffer;
228
229 memset(p, 0, sizeof(s->identify_data));
230
231 cur_sec = s->cylinders * s->heads * s->sectors;
232
233 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
234 put_le16(p + 1, s->cylinders); /* Default cylinders */
235 put_le16(p + 3, s->heads); /* Default heads */
236 put_le16(p + 6, s->sectors); /* Default sectors per track */
237 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
238 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
239 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
240 put_le16(p + 22, 0x0004); /* ECC bytes */
241 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
242 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
243 #if MAX_MULT_SECTORS > 1
244 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
245 #else
246 put_le16(p + 47, 0x0000);
247 #endif
248 put_le16(p + 49, 0x0f00); /* Capabilities */
249 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
250 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
251 put_le16(p + 53, 0x0003); /* Translation params valid */
252 put_le16(p + 54, s->cylinders); /* Current cylinders */
253 put_le16(p + 55, s->heads); /* Current heads */
254 put_le16(p + 56, s->sectors); /* Current sectors */
255 put_le16(p + 57, cur_sec); /* Current capacity */
256 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
257 if (s->mult_sectors) /* Multiple sector setting */
258 put_le16(p + 59, 0x100 | s->mult_sectors);
259 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
260 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
261 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
262 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
263 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
264 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
265 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
266 put_le16(p + 82, 0x400c); /* Command Set supported */
267 put_le16(p + 83, 0x7068); /* Command Set supported */
268 put_le16(p + 84, 0x4000); /* Features supported */
269 put_le16(p + 85, 0x000c); /* Command Set enabled */
270 put_le16(p + 86, 0x7044); /* Command Set enabled */
271 put_le16(p + 87, 0x4000); /* Features enabled */
272 put_le16(p + 91, 0x4060); /* Current APM level */
273 put_le16(p + 129, 0x0002); /* Current features option */
274 put_le16(p + 130, 0x0005); /* Reassigned sectors */
275 put_le16(p + 131, 0x0001); /* Initial power mode */
276 put_le16(p + 132, 0x0000); /* User signature */
277 put_le16(p + 160, 0x8100); /* Power requirement */
278 put_le16(p + 161, 0x8001); /* CF command set */
279
280 s->identify_set = 1;
281
282 fill_buffer:
283 memcpy(s->io_buffer, p, sizeof(s->identify_data));
284 }
285
286 static void ide_set_signature(IDEState *s)
287 {
288 s->select &= 0xf0; /* clear head */
289 /* put signature */
290 s->nsector = 1;
291 s->sector = 1;
292 if (s->is_cdrom) {
293 s->lcyl = 0x14;
294 s->hcyl = 0xeb;
295 } else if (s->bs) {
296 s->lcyl = 0;
297 s->hcyl = 0;
298 } else {
299 s->lcyl = 0xff;
300 s->hcyl = 0xff;
301 }
302 }
303
304 static inline void ide_abort_command(IDEState *s)
305 {
306 s->status = READY_STAT | ERR_STAT;
307 s->error = ABRT_ERR;
308 }
309
310 static inline void ide_dma_submit_check(IDEState *s,
311 BlockDriverCompletionFunc *dma_cb, BMDMAState *bm)
312 {
313 if (bm->aiocb)
314 return;
315 dma_cb(bm, -1);
316 }
317
318 /* prepare data transfer and tell what to do after */
319 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
320 EndTransferFunc *end_transfer_func)
321 {
322 s->end_transfer_func = end_transfer_func;
323 s->data_ptr = buf;
324 s->data_end = buf + size;
325 if (!(s->status & ERR_STAT))
326 s->status |= DRQ_STAT;
327 }
328
329 static void ide_transfer_stop(IDEState *s)
330 {
331 s->end_transfer_func = ide_transfer_stop;
332 s->data_ptr = s->io_buffer;
333 s->data_end = s->io_buffer;
334 s->status &= ~DRQ_STAT;
335 }
336
337 int64_t ide_get_sector(IDEState *s)
338 {
339 int64_t sector_num;
340 if (s->select & 0x40) {
341 /* lba */
342 if (!s->lba48) {
343 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
344 (s->lcyl << 8) | s->sector;
345 } else {
346 sector_num = ((int64_t)s->hob_hcyl << 40) |
347 ((int64_t) s->hob_lcyl << 32) |
348 ((int64_t) s->hob_sector << 24) |
349 ((int64_t) s->hcyl << 16) |
350 ((int64_t) s->lcyl << 8) | s->sector;
351 }
352 } else {
353 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
354 (s->select & 0x0f) * s->sectors + (s->sector - 1);
355 }
356 return sector_num;
357 }
358
359 void ide_set_sector(IDEState *s, int64_t sector_num)
360 {
361 unsigned int cyl, r;
362 if (s->select & 0x40) {
363 if (!s->lba48) {
364 s->select = (s->select & 0xf0) | (sector_num >> 24);
365 s->hcyl = (sector_num >> 16);
366 s->lcyl = (sector_num >> 8);
367 s->sector = (sector_num);
368 } else {
369 s->sector = sector_num;
370 s->lcyl = sector_num >> 8;
371 s->hcyl = sector_num >> 16;
372 s->hob_sector = sector_num >> 24;
373 s->hob_lcyl = sector_num >> 32;
374 s->hob_hcyl = sector_num >> 40;
375 }
376 } else {
377 cyl = sector_num / (s->heads * s->sectors);
378 r = sector_num % (s->heads * s->sectors);
379 s->hcyl = cyl >> 8;
380 s->lcyl = cyl;
381 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
382 s->sector = (r % s->sectors) + 1;
383 }
384 }
385
386 static void ide_rw_error(IDEState *s) {
387 ide_abort_command(s);
388 ide_set_irq(s->bus);
389 }
390
391 static void ide_sector_read(IDEState *s)
392 {
393 int64_t sector_num;
394 int ret, n;
395
396 s->status = READY_STAT | SEEK_STAT;
397 s->error = 0; /* not needed by IDE spec, but needed by Windows */
398 sector_num = ide_get_sector(s);
399 n = s->nsector;
400 if (n == 0) {
401 /* no more sector to read from disk */
402 ide_transfer_stop(s);
403 } else {
404 #if defined(DEBUG_IDE)
405 printf("read sector=%" PRId64 "\n", sector_num);
406 #endif
407 if (n > s->req_nb_sectors)
408 n = s->req_nb_sectors;
409 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
410 if (ret != 0) {
411 if (ide_handle_rw_error(s, -ret,
412 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
413 {
414 return;
415 }
416 }
417 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
418 ide_set_irq(s->bus);
419 ide_set_sector(s, sector_num + n);
420 s->nsector -= n;
421 }
422 }
423
424
425 /* return 0 if buffer completed */
426 static int dma_buf_prepare(BMDMAState *bm, int is_write)
427 {
428 IDEState *s = bmdma_active_if(bm);
429 struct {
430 uint32_t addr;
431 uint32_t size;
432 } prd;
433 int l, len;
434
435 qemu_sglist_init(&s->sg, s->nsector / (TARGET_PAGE_SIZE/512) + 1);
436 s->io_buffer_size = 0;
437 for(;;) {
438 if (bm->cur_prd_len == 0) {
439 /* end of table (with a fail safe of one page) */
440 if (bm->cur_prd_last ||
441 (bm->cur_addr - bm->addr) >= 4096)
442 return s->io_buffer_size != 0;
443 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
444 bm->cur_addr += 8;
445 prd.addr = le32_to_cpu(prd.addr);
446 prd.size = le32_to_cpu(prd.size);
447 len = prd.size & 0xfffe;
448 if (len == 0)
449 len = 0x10000;
450 bm->cur_prd_len = len;
451 bm->cur_prd_addr = prd.addr;
452 bm->cur_prd_last = (prd.size & 0x80000000);
453 }
454 l = bm->cur_prd_len;
455 if (l > 0) {
456 qemu_sglist_add(&s->sg, bm->cur_prd_addr, l);
457 bm->cur_prd_addr += l;
458 bm->cur_prd_len -= l;
459 s->io_buffer_size += l;
460 }
461 }
462 return 1;
463 }
464
465 static void dma_buf_commit(IDEState *s, int is_write)
466 {
467 qemu_sglist_destroy(&s->sg);
468 }
469
470 void ide_dma_error(IDEState *s)
471 {
472 ide_transfer_stop(s);
473 s->error = ABRT_ERR;
474 s->status = READY_STAT | ERR_STAT;
475 ide_set_irq(s->bus);
476 }
477
478 static int ide_handle_rw_error(IDEState *s, int error, int op)
479 {
480 int is_read = (op & BM_STATUS_RETRY_READ);
481 BlockInterfaceErrorAction action = drive_get_on_error(s->bs, is_read);
482
483 if (action == BLOCK_ERR_IGNORE) {
484 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
485 return 0;
486 }
487
488 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
489 || action == BLOCK_ERR_STOP_ANY) {
490 s->bus->bmdma->unit = s->unit;
491 s->bus->bmdma->status |= op;
492 vm_stop(0);
493 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
494 } else {
495 if (op & BM_STATUS_DMA_RETRY) {
496 dma_buf_commit(s, 0);
497 ide_dma_error(s);
498 } else {
499 ide_rw_error(s);
500 }
501 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
502 }
503
504 return 1;
505 }
506
507 /* return 0 if buffer completed */
508 static int dma_buf_rw(BMDMAState *bm, int is_write)
509 {
510 IDEState *s = bmdma_active_if(bm);
511 struct {
512 uint32_t addr;
513 uint32_t size;
514 } prd;
515 int l, len;
516
517 for(;;) {
518 l = s->io_buffer_size - s->io_buffer_index;
519 if (l <= 0)
520 break;
521 if (bm->cur_prd_len == 0) {
522 /* end of table (with a fail safe of one page) */
523 if (bm->cur_prd_last ||
524 (bm->cur_addr - bm->addr) >= 4096)
525 return 0;
526 cpu_physical_memory_read(bm->cur_addr, (uint8_t *)&prd, 8);
527 bm->cur_addr += 8;
528 prd.addr = le32_to_cpu(prd.addr);
529 prd.size = le32_to_cpu(prd.size);
530 len = prd.size & 0xfffe;
531 if (len == 0)
532 len = 0x10000;
533 bm->cur_prd_len = len;
534 bm->cur_prd_addr = prd.addr;
535 bm->cur_prd_last = (prd.size & 0x80000000);
536 }
537 if (l > bm->cur_prd_len)
538 l = bm->cur_prd_len;
539 if (l > 0) {
540 if (is_write) {
541 cpu_physical_memory_write(bm->cur_prd_addr,
542 s->io_buffer + s->io_buffer_index, l);
543 } else {
544 cpu_physical_memory_read(bm->cur_prd_addr,
545 s->io_buffer + s->io_buffer_index, l);
546 }
547 bm->cur_prd_addr += l;
548 bm->cur_prd_len -= l;
549 s->io_buffer_index += l;
550 }
551 }
552 return 1;
553 }
554
555 static void ide_read_dma_cb(void *opaque, int ret)
556 {
557 BMDMAState *bm = opaque;
558 IDEState *s = bmdma_active_if(bm);
559 int n;
560 int64_t sector_num;
561
562 if (ret < 0) {
563 if (ide_handle_rw_error(s, -ret,
564 BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ))
565 {
566 return;
567 }
568 }
569
570 n = s->io_buffer_size >> 9;
571 sector_num = ide_get_sector(s);
572 if (n > 0) {
573 dma_buf_commit(s, 1);
574 sector_num += n;
575 ide_set_sector(s, sector_num);
576 s->nsector -= n;
577 }
578
579 /* end of transfer ? */
580 if (s->nsector == 0) {
581 s->status = READY_STAT | SEEK_STAT;
582 ide_set_irq(s->bus);
583 eot:
584 bm->status &= ~BM_STATUS_DMAING;
585 bm->status |= BM_STATUS_INT;
586 bm->dma_cb = NULL;
587 bm->unit = -1;
588 bm->aiocb = NULL;
589 return;
590 }
591
592 /* launch next transfer */
593 n = s->nsector;
594 s->io_buffer_index = 0;
595 s->io_buffer_size = n * 512;
596 if (dma_buf_prepare(bm, 1) == 0)
597 goto eot;
598 #ifdef DEBUG_AIO
599 printf("aio_read: sector_num=%" PRId64 " n=%d\n", sector_num, n);
600 #endif
601 bm->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num, ide_read_dma_cb, bm);
602 ide_dma_submit_check(s, ide_read_dma_cb, bm);
603 }
604
605 static void ide_sector_read_dma(IDEState *s)
606 {
607 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
608 s->io_buffer_index = 0;
609 s->io_buffer_size = 0;
610 s->is_read = 1;
611 ide_dma_start(s, ide_read_dma_cb);
612 }
613
614 static void ide_sector_write_timer_cb(void *opaque)
615 {
616 IDEState *s = opaque;
617 ide_set_irq(s->bus);
618 }
619
620 static void ide_sector_write(IDEState *s)
621 {
622 int64_t sector_num;
623 int ret, n, n1;
624
625 s->status = READY_STAT | SEEK_STAT;
626 sector_num = ide_get_sector(s);
627 #if defined(DEBUG_IDE)
628 printf("write sector=%" PRId64 "\n", sector_num);
629 #endif
630 n = s->nsector;
631 if (n > s->req_nb_sectors)
632 n = s->req_nb_sectors;
633 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
634
635 if (ret != 0) {
636 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
637 return;
638 }
639
640 s->nsector -= n;
641 if (s->nsector == 0) {
642 /* no more sectors to write */
643 ide_transfer_stop(s);
644 } else {
645 n1 = s->nsector;
646 if (n1 > s->req_nb_sectors)
647 n1 = s->req_nb_sectors;
648 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
649 }
650 ide_set_sector(s, sector_num + n);
651
652 #ifdef TARGET_I386
653 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
654 /* It seems there is a bug in the Windows 2000 installer HDD
655 IDE driver which fills the disk with empty logs when the
656 IDE write IRQ comes too early. This hack tries to correct
657 that at the expense of slower write performances. Use this
658 option _only_ to install Windows 2000. You must disable it
659 for normal use. */
660 qemu_mod_timer(s->sector_write_timer,
661 qemu_get_clock(vm_clock) + (get_ticks_per_sec() / 1000));
662 } else
663 #endif
664 {
665 ide_set_irq(s->bus);
666 }
667 }
668
669 static void ide_dma_restart_bh(void *opaque)
670 {
671 BMDMAState *bm = opaque;
672 int is_read;
673
674 qemu_bh_delete(bm->bh);
675 bm->bh = NULL;
676
677 is_read = !!(bm->status & BM_STATUS_RETRY_READ);
678
679 if (bm->status & BM_STATUS_DMA_RETRY) {
680 bm->status &= ~(BM_STATUS_DMA_RETRY | BM_STATUS_RETRY_READ);
681 ide_dma_restart(bmdma_active_if(bm), is_read);
682 } else if (bm->status & BM_STATUS_PIO_RETRY) {
683 bm->status &= ~(BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ);
684 if (is_read) {
685 ide_sector_read(bmdma_active_if(bm));
686 } else {
687 ide_sector_write(bmdma_active_if(bm));
688 }
689 }
690 }
691
692 void ide_dma_restart_cb(void *opaque, int running, int reason)
693 {
694 BMDMAState *bm = opaque;
695
696 if (!running)
697 return;
698
699 if (!bm->bh) {
700 bm->bh = qemu_bh_new(ide_dma_restart_bh, bm);
701 qemu_bh_schedule(bm->bh);
702 }
703 }
704
705 static void ide_write_dma_cb(void *opaque, int ret)
706 {
707 BMDMAState *bm = opaque;
708 IDEState *s = bmdma_active_if(bm);
709 int n;
710 int64_t sector_num;
711
712 if (ret < 0) {
713 if (ide_handle_rw_error(s, -ret, BM_STATUS_DMA_RETRY))
714 return;
715 }
716
717 n = s->io_buffer_size >> 9;
718 sector_num = ide_get_sector(s);
719 if (n > 0) {
720 dma_buf_commit(s, 0);
721 sector_num += n;
722 ide_set_sector(s, sector_num);
723 s->nsector -= n;
724 }
725
726 /* end of transfer ? */
727 if (s->nsector == 0) {
728 s->status = READY_STAT | SEEK_STAT;
729 ide_set_irq(s->bus);
730 eot:
731 bm->status &= ~BM_STATUS_DMAING;
732 bm->status |= BM_STATUS_INT;
733 bm->dma_cb = NULL;
734 bm->unit = -1;
735 bm->aiocb = NULL;
736 return;
737 }
738
739 n = s->nsector;
740 s->io_buffer_size = n * 512;
741 /* launch next transfer */
742 if (dma_buf_prepare(bm, 0) == 0)
743 goto eot;
744 #ifdef DEBUG_AIO
745 printf("aio_write: sector_num=%" PRId64 " n=%d\n", sector_num, n);
746 #endif
747 bm->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num, ide_write_dma_cb, bm);
748 ide_dma_submit_check(s, ide_write_dma_cb, bm);
749 }
750
751 static void ide_sector_write_dma(IDEState *s)
752 {
753 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
754 s->io_buffer_index = 0;
755 s->io_buffer_size = 0;
756 s->is_read = 0;
757 ide_dma_start(s, ide_write_dma_cb);
758 }
759
760 void ide_atapi_cmd_ok(IDEState *s)
761 {
762 s->error = 0;
763 s->status = READY_STAT | SEEK_STAT;
764 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
765 ide_set_irq(s->bus);
766 }
767
768 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
769 {
770 #ifdef DEBUG_IDE_ATAPI
771 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
772 #endif
773 s->error = sense_key << 4;
774 s->status = READY_STAT | ERR_STAT;
775 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
776 s->sense_key = sense_key;
777 s->asc = asc;
778 ide_set_irq(s->bus);
779 }
780
781 static void ide_atapi_cmd_check_status(IDEState *s)
782 {
783 #ifdef DEBUG_IDE_ATAPI
784 printf("atapi_cmd_check_status\n");
785 #endif
786 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
787 s->status = ERR_STAT;
788 s->nsector = 0;
789 ide_set_irq(s->bus);
790 }
791
792 static void ide_flush_cb(void *opaque, int ret)
793 {
794 IDEState *s = opaque;
795
796 /* XXX: how do we signal I/O errors here? */
797
798 s->status = READY_STAT | SEEK_STAT;
799 ide_set_irq(s->bus);
800 }
801
802 static inline void cpu_to_ube16(uint8_t *buf, int val)
803 {
804 buf[0] = val >> 8;
805 buf[1] = val & 0xff;
806 }
807
808 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
809 {
810 buf[0] = val >> 24;
811 buf[1] = val >> 16;
812 buf[2] = val >> 8;
813 buf[3] = val & 0xff;
814 }
815
816 static inline int ube16_to_cpu(const uint8_t *buf)
817 {
818 return (buf[0] << 8) | buf[1];
819 }
820
821 static inline int ube32_to_cpu(const uint8_t *buf)
822 {
823 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
824 }
825
826 static void lba_to_msf(uint8_t *buf, int lba)
827 {
828 lba += 150;
829 buf[0] = (lba / 75) / 60;
830 buf[1] = (lba / 75) % 60;
831 buf[2] = lba % 75;
832 }
833
834 static void cd_data_to_raw(uint8_t *buf, int lba)
835 {
836 /* sync bytes */
837 buf[0] = 0x00;
838 memset(buf + 1, 0xff, 10);
839 buf[11] = 0x00;
840 buf += 12;
841 /* MSF */
842 lba_to_msf(buf, lba);
843 buf[3] = 0x01; /* mode 1 data */
844 buf += 4;
845 /* data */
846 buf += 2048;
847 /* XXX: ECC not computed */
848 memset(buf, 0, 288);
849 }
850
851 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
852 int sector_size)
853 {
854 int ret;
855
856 switch(sector_size) {
857 case 2048:
858 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
859 break;
860 case 2352:
861 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
862 if (ret < 0)
863 return ret;
864 cd_data_to_raw(buf, lba);
865 break;
866 default:
867 ret = -EIO;
868 break;
869 }
870 return ret;
871 }
872
873 void ide_atapi_io_error(IDEState *s, int ret)
874 {
875 /* XXX: handle more errors */
876 if (ret == -ENOMEDIUM) {
877 ide_atapi_cmd_error(s, SENSE_NOT_READY,
878 ASC_MEDIUM_NOT_PRESENT);
879 } else {
880 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
881 ASC_LOGICAL_BLOCK_OOR);
882 }
883 }
884
885 /* The whole ATAPI transfer logic is handled in this function */
886 static void ide_atapi_cmd_reply_end(IDEState *s)
887 {
888 int byte_count_limit, size, ret;
889 #ifdef DEBUG_IDE_ATAPI
890 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
891 s->packet_transfer_size,
892 s->elementary_transfer_size,
893 s->io_buffer_index);
894 #endif
895 if (s->packet_transfer_size <= 0) {
896 /* end of transfer */
897 ide_transfer_stop(s);
898 s->status = READY_STAT | SEEK_STAT;
899 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
900 ide_set_irq(s->bus);
901 #ifdef DEBUG_IDE_ATAPI
902 printf("status=0x%x\n", s->status);
903 #endif
904 } else {
905 /* see if a new sector must be read */
906 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
907 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
908 if (ret < 0) {
909 ide_transfer_stop(s);
910 ide_atapi_io_error(s, ret);
911 return;
912 }
913 s->lba++;
914 s->io_buffer_index = 0;
915 }
916 if (s->elementary_transfer_size > 0) {
917 /* there are some data left to transmit in this elementary
918 transfer */
919 size = s->cd_sector_size - s->io_buffer_index;
920 if (size > s->elementary_transfer_size)
921 size = s->elementary_transfer_size;
922 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
923 size, ide_atapi_cmd_reply_end);
924 s->packet_transfer_size -= size;
925 s->elementary_transfer_size -= size;
926 s->io_buffer_index += size;
927 } else {
928 /* a new transfer is needed */
929 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
930 byte_count_limit = s->lcyl | (s->hcyl << 8);
931 #ifdef DEBUG_IDE_ATAPI
932 printf("byte_count_limit=%d\n", byte_count_limit);
933 #endif
934 if (byte_count_limit == 0xffff)
935 byte_count_limit--;
936 size = s->packet_transfer_size;
937 if (size > byte_count_limit) {
938 /* byte count limit must be even if this case */
939 if (byte_count_limit & 1)
940 byte_count_limit--;
941 size = byte_count_limit;
942 }
943 s->lcyl = size;
944 s->hcyl = size >> 8;
945 s->elementary_transfer_size = size;
946 /* we cannot transmit more than one sector at a time */
947 if (s->lba != -1) {
948 if (size > (s->cd_sector_size - s->io_buffer_index))
949 size = (s->cd_sector_size - s->io_buffer_index);
950 }
951 ide_transfer_start(s, s->io_buffer + s->io_buffer_index,
952 size, ide_atapi_cmd_reply_end);
953 s->packet_transfer_size -= size;
954 s->elementary_transfer_size -= size;
955 s->io_buffer_index += size;
956 ide_set_irq(s->bus);
957 #ifdef DEBUG_IDE_ATAPI
958 printf("status=0x%x\n", s->status);
959 #endif
960 }
961 }
962 }
963
964 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
965 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
966 {
967 if (size > max_size)
968 size = max_size;
969 s->lba = -1; /* no sector read */
970 s->packet_transfer_size = size;
971 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
972 s->elementary_transfer_size = 0;
973 s->io_buffer_index = 0;
974
975 if (s->atapi_dma) {
976 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
977 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
978 } else {
979 s->status = READY_STAT | SEEK_STAT;
980 ide_atapi_cmd_reply_end(s);
981 }
982 }
983
984 /* start a CD-CDROM read command */
985 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
986 int sector_size)
987 {
988 s->lba = lba;
989 s->packet_transfer_size = nb_sectors * sector_size;
990 s->elementary_transfer_size = 0;
991 s->io_buffer_index = sector_size;
992 s->cd_sector_size = sector_size;
993
994 s->status = READY_STAT | SEEK_STAT;
995 ide_atapi_cmd_reply_end(s);
996 }
997
998 /* ATAPI DMA support */
999
1000 /* XXX: handle read errors */
1001 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
1002 {
1003 BMDMAState *bm = opaque;
1004 IDEState *s = bmdma_active_if(bm);
1005 int data_offset, n;
1006
1007 if (ret < 0) {
1008 ide_atapi_io_error(s, ret);
1009 goto eot;
1010 }
1011
1012 if (s->io_buffer_size > 0) {
1013 /*
1014 * For a cdrom read sector command (s->lba != -1),
1015 * adjust the lba for the next s->io_buffer_size chunk
1016 * and dma the current chunk.
1017 * For a command != read (s->lba == -1), just transfer
1018 * the reply data.
1019 */
1020 if (s->lba != -1) {
1021 if (s->cd_sector_size == 2352) {
1022 n = 1;
1023 cd_data_to_raw(s->io_buffer, s->lba);
1024 } else {
1025 n = s->io_buffer_size >> 11;
1026 }
1027 s->lba += n;
1028 }
1029 s->packet_transfer_size -= s->io_buffer_size;
1030 if (dma_buf_rw(bm, 1) == 0)
1031 goto eot;
1032 }
1033
1034 if (s->packet_transfer_size <= 0) {
1035 s->status = READY_STAT | SEEK_STAT;
1036 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
1037 ide_set_irq(s->bus);
1038 eot:
1039 bm->status &= ~BM_STATUS_DMAING;
1040 bm->status |= BM_STATUS_INT;
1041 bm->dma_cb = NULL;
1042 bm->unit = -1;
1043 bm->aiocb = NULL;
1044 return;
1045 }
1046
1047 s->io_buffer_index = 0;
1048 if (s->cd_sector_size == 2352) {
1049 n = 1;
1050 s->io_buffer_size = s->cd_sector_size;
1051 data_offset = 16;
1052 } else {
1053 n = s->packet_transfer_size >> 11;
1054 if (n > (IDE_DMA_BUF_SECTORS / 4))
1055 n = (IDE_DMA_BUF_SECTORS / 4);
1056 s->io_buffer_size = n * 2048;
1057 data_offset = 0;
1058 }
1059 #ifdef DEBUG_AIO
1060 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
1061 #endif
1062 bm->iov.iov_base = (void *)(s->io_buffer + data_offset);
1063 bm->iov.iov_len = n * 4 * 512;
1064 qemu_iovec_init_external(&bm->qiov, &bm->iov, 1);
1065 bm->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2, &bm->qiov,
1066 n * 4, ide_atapi_cmd_read_dma_cb, bm);
1067 if (!bm->aiocb) {
1068 /* Note: media not present is the most likely case */
1069 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1070 ASC_MEDIUM_NOT_PRESENT);
1071 goto eot;
1072 }
1073 }
1074
1075 /* start a CD-CDROM read command with DMA */
1076 /* XXX: test if DMA is available */
1077 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
1078 int sector_size)
1079 {
1080 s->lba = lba;
1081 s->packet_transfer_size = nb_sectors * sector_size;
1082 s->io_buffer_index = 0;
1083 s->io_buffer_size = 0;
1084 s->cd_sector_size = sector_size;
1085
1086 /* XXX: check if BUSY_STAT should be set */
1087 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
1088 ide_dma_start(s, ide_atapi_cmd_read_dma_cb);
1089 }
1090
1091 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
1092 int sector_size)
1093 {
1094 #ifdef DEBUG_IDE_ATAPI
1095 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
1096 lba, nb_sectors);
1097 #endif
1098 if (s->atapi_dma) {
1099 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
1100 } else {
1101 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
1102 }
1103 }
1104
1105 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
1106 uint16_t profile)
1107 {
1108 uint8_t *buf_profile = buf + 12; /* start of profiles */
1109
1110 buf_profile += ((*index) * 4); /* start of indexed profile */
1111 cpu_to_ube16 (buf_profile, profile);
1112 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
1113
1114 /* each profile adds 4 bytes to the response */
1115 (*index)++;
1116 buf[11] += 4; /* Additional Length */
1117
1118 return 4;
1119 }
1120
1121 static int ide_dvd_read_structure(IDEState *s, int format,
1122 const uint8_t *packet, uint8_t *buf)
1123 {
1124 switch (format) {
1125 case 0x0: /* Physical format information */
1126 {
1127 int layer = packet[6];
1128 uint64_t total_sectors;
1129
1130 if (layer != 0)
1131 return -ASC_INV_FIELD_IN_CMD_PACKET;
1132
1133 bdrv_get_geometry(s->bs, &total_sectors);
1134 total_sectors >>= 2;
1135 if (total_sectors == 0)
1136 return -ASC_MEDIUM_NOT_PRESENT;
1137
1138 buf[4] = 1; /* DVD-ROM, part version 1 */
1139 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1140 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1141 buf[7] = 0; /* default densities */
1142
1143 /* FIXME: 0x30000 per spec? */
1144 cpu_to_ube32(buf + 8, 0); /* start sector */
1145 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1146 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1147
1148 /* Size of buffer, not including 2 byte size field */
1149 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1150
1151 /* 2k data + 4 byte header */
1152 return (2048 + 4);
1153 }
1154
1155 case 0x01: /* DVD copyright information */
1156 buf[4] = 0; /* no copyright data */
1157 buf[5] = 0; /* no region restrictions */
1158
1159 /* Size of buffer, not including 2 byte size field */
1160 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1161
1162 /* 4 byte header + 4 byte data */
1163 return (4 + 4);
1164
1165 case 0x03: /* BCA information - invalid field for no BCA info */
1166 return -ASC_INV_FIELD_IN_CMD_PACKET;
1167
1168 case 0x04: /* DVD disc manufacturing information */
1169 /* Size of buffer, not including 2 byte size field */
1170 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1171
1172 /* 2k data + 4 byte header */
1173 return (2048 + 4);
1174
1175 case 0xff:
1176 /*
1177 * This lists all the command capabilities above. Add new ones
1178 * in order and update the length and buffer return values.
1179 */
1180
1181 buf[4] = 0x00; /* Physical format */
1182 buf[5] = 0x40; /* Not writable, is readable */
1183 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1184
1185 buf[8] = 0x01; /* Copyright info */
1186 buf[9] = 0x40; /* Not writable, is readable */
1187 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1188
1189 buf[12] = 0x03; /* BCA info */
1190 buf[13] = 0x40; /* Not writable, is readable */
1191 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1192
1193 buf[16] = 0x04; /* Manufacturing info */
1194 buf[17] = 0x40; /* Not writable, is readable */
1195 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1196
1197 /* Size of buffer, not including 2 byte size field */
1198 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1199
1200 /* data written + 4 byte header */
1201 return (16 + 4);
1202
1203 default: /* TODO: formats beyond DVD-ROM requires */
1204 return -ASC_INV_FIELD_IN_CMD_PACKET;
1205 }
1206 }
1207
1208 static void ide_atapi_cmd(IDEState *s)
1209 {
1210 const uint8_t *packet;
1211 uint8_t *buf;
1212 int max_len;
1213
1214 packet = s->io_buffer;
1215 buf = s->io_buffer;
1216 #ifdef DEBUG_IDE_ATAPI
1217 {
1218 int i;
1219 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1220 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1221 printf(" %02x", packet[i]);
1222 }
1223 printf("\n");
1224 }
1225 #endif
1226 /* If there's a UNIT_ATTENTION condition pending, only
1227 REQUEST_SENSE and INQUIRY commands are allowed to complete. */
1228 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1229 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1230 s->io_buffer[0] != GPCMD_INQUIRY) {
1231 ide_atapi_cmd_check_status(s);
1232 return;
1233 }
1234 switch(s->io_buffer[0]) {
1235 case GPCMD_TEST_UNIT_READY:
1236 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1237 ide_atapi_cmd_ok(s);
1238 } else {
1239 s->cdrom_changed = 0;
1240 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1241 ASC_MEDIUM_NOT_PRESENT);
1242 }
1243 break;
1244 case GPCMD_MODE_SENSE_6:
1245 case GPCMD_MODE_SENSE_10:
1246 {
1247 int action, code;
1248 if (packet[0] == GPCMD_MODE_SENSE_10)
1249 max_len = ube16_to_cpu(packet + 7);
1250 else
1251 max_len = packet[4];
1252 action = packet[2] >> 6;
1253 code = packet[2] & 0x3f;
1254 switch(action) {
1255 case 0: /* current values */
1256 switch(code) {
1257 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1258 cpu_to_ube16(&buf[0], 16 + 6);
1259 buf[2] = 0x70;
1260 buf[3] = 0;
1261 buf[4] = 0;
1262 buf[5] = 0;
1263 buf[6] = 0;
1264 buf[7] = 0;
1265
1266 buf[8] = 0x01;
1267 buf[9] = 0x06;
1268 buf[10] = 0x00;
1269 buf[11] = 0x05;
1270 buf[12] = 0x00;
1271 buf[13] = 0x00;
1272 buf[14] = 0x00;
1273 buf[15] = 0x00;
1274 ide_atapi_cmd_reply(s, 16, max_len);
1275 break;
1276 case GPMODE_AUDIO_CTL_PAGE:
1277 cpu_to_ube16(&buf[0], 24 + 6);
1278 buf[2] = 0x70;
1279 buf[3] = 0;
1280 buf[4] = 0;
1281 buf[5] = 0;
1282 buf[6] = 0;
1283 buf[7] = 0;
1284
1285 /* Fill with CDROM audio volume */
1286 buf[17] = 0;
1287 buf[19] = 0;
1288 buf[21] = 0;
1289 buf[23] = 0;
1290
1291 ide_atapi_cmd_reply(s, 24, max_len);
1292 break;
1293 case GPMODE_CAPABILITIES_PAGE:
1294 cpu_to_ube16(&buf[0], 28 + 6);
1295 buf[2] = 0x70;
1296 buf[3] = 0;
1297 buf[4] = 0;
1298 buf[5] = 0;
1299 buf[6] = 0;
1300 buf[7] = 0;
1301
1302 buf[8] = 0x2a;
1303 buf[9] = 0x12;
1304 buf[10] = 0x00;
1305 buf[11] = 0x00;
1306
1307 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1308 code checks for this to automount media. */
1309 buf[12] = 0x71;
1310 buf[13] = 3 << 5;
1311 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1312 if (bdrv_is_locked(s->bs))
1313 buf[6] |= 1 << 1;
1314 buf[15] = 0x00;
1315 cpu_to_ube16(&buf[16], 706);
1316 buf[18] = 0;
1317 buf[19] = 2;
1318 cpu_to_ube16(&buf[20], 512);
1319 cpu_to_ube16(&buf[22], 706);
1320 buf[24] = 0;
1321 buf[25] = 0;
1322 buf[26] = 0;
1323 buf[27] = 0;
1324 ide_atapi_cmd_reply(s, 28, max_len);
1325 break;
1326 default:
1327 goto error_cmd;
1328 }
1329 break;
1330 case 1: /* changeable values */
1331 goto error_cmd;
1332 case 2: /* default values */
1333 goto error_cmd;
1334 default:
1335 case 3: /* saved values */
1336 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1337 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1338 break;
1339 }
1340 }
1341 break;
1342 case GPCMD_REQUEST_SENSE:
1343 max_len = packet[4];
1344 memset(buf, 0, 18);
1345 buf[0] = 0x70 | (1 << 7);
1346 buf[2] = s->sense_key;
1347 buf[7] = 10;
1348 buf[12] = s->asc;
1349 if (s->sense_key == SENSE_UNIT_ATTENTION)
1350 s->sense_key = SENSE_NONE;
1351 ide_atapi_cmd_reply(s, 18, max_len);
1352 break;
1353 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1354 if (bdrv_is_inserted(s->bs)) {
1355 bdrv_set_locked(s->bs, packet[4] & 1);
1356 ide_atapi_cmd_ok(s);
1357 } else {
1358 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1359 ASC_MEDIUM_NOT_PRESENT);
1360 }
1361 break;
1362 case GPCMD_READ_10:
1363 case GPCMD_READ_12:
1364 {
1365 int nb_sectors, lba;
1366
1367 if (packet[0] == GPCMD_READ_10)
1368 nb_sectors = ube16_to_cpu(packet + 7);
1369 else
1370 nb_sectors = ube32_to_cpu(packet + 6);
1371 lba = ube32_to_cpu(packet + 2);
1372 if (nb_sectors == 0) {
1373 ide_atapi_cmd_ok(s);
1374 break;
1375 }
1376 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1377 }
1378 break;
1379 case GPCMD_READ_CD:
1380 {
1381 int nb_sectors, lba, transfer_request;
1382
1383 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1384 lba = ube32_to_cpu(packet + 2);
1385 if (nb_sectors == 0) {
1386 ide_atapi_cmd_ok(s);
1387 break;
1388 }
1389 transfer_request = packet[9];
1390 switch(transfer_request & 0xf8) {
1391 case 0x00:
1392 /* nothing */
1393 ide_atapi_cmd_ok(s);
1394 break;
1395 case 0x10:
1396 /* normal read */
1397 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1398 break;
1399 case 0xf8:
1400 /* read all data */
1401 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1402 break;
1403 default:
1404 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1405 ASC_INV_FIELD_IN_CMD_PACKET);
1406 break;
1407 }
1408 }
1409 break;
1410 case GPCMD_SEEK:
1411 {
1412 unsigned int lba;
1413 uint64_t total_sectors;
1414
1415 bdrv_get_geometry(s->bs, &total_sectors);
1416 total_sectors >>= 2;
1417 if (total_sectors == 0) {
1418 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1419 ASC_MEDIUM_NOT_PRESENT);
1420 break;
1421 }
1422 lba = ube32_to_cpu(packet + 2);
1423 if (lba >= total_sectors) {
1424 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1425 ASC_LOGICAL_BLOCK_OOR);
1426 break;
1427 }
1428 ide_atapi_cmd_ok(s);
1429 }
1430 break;
1431 case GPCMD_START_STOP_UNIT:
1432 {
1433 int start, eject, err = 0;
1434 start = packet[4] & 1;
1435 eject = (packet[4] >> 1) & 1;
1436
1437 if (eject) {
1438 err = bdrv_eject(s->bs, !start);
1439 }
1440
1441 switch (err) {
1442 case 0:
1443 ide_atapi_cmd_ok(s);
1444 break;
1445 case -EBUSY:
1446 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1447 ASC_MEDIA_REMOVAL_PREVENTED);
1448 break;
1449 default:
1450 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1451 ASC_MEDIUM_NOT_PRESENT);
1452 break;
1453 }
1454 }
1455 break;
1456 case GPCMD_MECHANISM_STATUS:
1457 {
1458 max_len = ube16_to_cpu(packet + 8);
1459 cpu_to_ube16(buf, 0);
1460 /* no current LBA */
1461 buf[2] = 0;
1462 buf[3] = 0;
1463 buf[4] = 0;
1464 buf[5] = 1;
1465 cpu_to_ube16(buf + 6, 0);
1466 ide_atapi_cmd_reply(s, 8, max_len);
1467 }
1468 break;
1469 case GPCMD_READ_TOC_PMA_ATIP:
1470 {
1471 int format, msf, start_track, len;
1472 uint64_t total_sectors;
1473
1474 bdrv_get_geometry(s->bs, &total_sectors);
1475 total_sectors >>= 2;
1476 if (total_sectors == 0) {
1477 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1478 ASC_MEDIUM_NOT_PRESENT);
1479 break;
1480 }
1481 max_len = ube16_to_cpu(packet + 7);
1482 format = packet[9] >> 6;
1483 msf = (packet[1] >> 1) & 1;
1484 start_track = packet[6];
1485 switch(format) {
1486 case 0:
1487 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1488 if (len < 0)
1489 goto error_cmd;
1490 ide_atapi_cmd_reply(s, len, max_len);
1491 break;
1492 case 1:
1493 /* multi session : only a single session defined */
1494 memset(buf, 0, 12);
1495 buf[1] = 0x0a;
1496 buf[2] = 0x01;
1497 buf[3] = 0x01;
1498 ide_atapi_cmd_reply(s, 12, max_len);
1499 break;
1500 case 2:
1501 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1502 if (len < 0)
1503 goto error_cmd;
1504 ide_atapi_cmd_reply(s, len, max_len);
1505 break;
1506 default:
1507 error_cmd:
1508 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1509 ASC_INV_FIELD_IN_CMD_PACKET);
1510 break;
1511 }
1512 }
1513 break;
1514 case GPCMD_READ_CDVD_CAPACITY:
1515 {
1516 uint64_t total_sectors;
1517
1518 bdrv_get_geometry(s->bs, &total_sectors);
1519 total_sectors >>= 2;
1520 if (total_sectors == 0) {
1521 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1522 ASC_MEDIUM_NOT_PRESENT);
1523 break;
1524 }
1525 /* NOTE: it is really the number of sectors minus 1 */
1526 cpu_to_ube32(buf, total_sectors - 1);
1527 cpu_to_ube32(buf + 4, 2048);
1528 ide_atapi_cmd_reply(s, 8, 8);
1529 }
1530 break;
1531 case GPCMD_READ_DVD_STRUCTURE:
1532 {
1533 int media = packet[1];
1534 int format = packet[7];
1535 int ret;
1536
1537 max_len = ube16_to_cpu(packet + 8);
1538
1539 if (format < 0xff) {
1540 if (media_is_cd(s)) {
1541 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1542 ASC_INCOMPATIBLE_FORMAT);
1543 break;
1544 } else if (!media_present(s)) {
1545 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1546 ASC_INV_FIELD_IN_CMD_PACKET);
1547 break;
1548 }
1549 }
1550
1551 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1552 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1553
1554 switch (format) {
1555 case 0x00 ... 0x7f:
1556 case 0xff:
1557 if (media == 0) {
1558 ret = ide_dvd_read_structure(s, format, packet, buf);
1559
1560 if (ret < 0)
1561 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1562 else
1563 ide_atapi_cmd_reply(s, ret, max_len);
1564
1565 break;
1566 }
1567 /* TODO: BD support, fall through for now */
1568
1569 /* Generic disk structures */
1570 case 0x80: /* TODO: AACS volume identifier */
1571 case 0x81: /* TODO: AACS media serial number */
1572 case 0x82: /* TODO: AACS media identifier */
1573 case 0x83: /* TODO: AACS media key block */
1574 case 0x90: /* TODO: List of recognized format layers */
1575 case 0xc0: /* TODO: Write protection status */
1576 default:
1577 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1578 ASC_INV_FIELD_IN_CMD_PACKET);
1579 break;
1580 }
1581 }
1582 break;
1583 case GPCMD_SET_SPEED:
1584 ide_atapi_cmd_ok(s);
1585 break;
1586 case GPCMD_INQUIRY:
1587 max_len = packet[4];
1588 buf[0] = 0x05; /* CD-ROM */
1589 buf[1] = 0x80; /* removable */
1590 buf[2] = 0x00; /* ISO */
1591 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1592 buf[4] = 31; /* additional length */
1593 buf[5] = 0; /* reserved */
1594 buf[6] = 0; /* reserved */
1595 buf[7] = 0; /* reserved */
1596 padstr8(buf + 8, 8, "QEMU");
1597 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1598 padstr8(buf + 32, 4, s->version);
1599 ide_atapi_cmd_reply(s, 36, max_len);
1600 break;
1601 case GPCMD_GET_CONFIGURATION:
1602 {
1603 uint32_t len;
1604 uint8_t index = 0;
1605
1606 /* only feature 0 is supported */
1607 if (packet[2] != 0 || packet[3] != 0) {
1608 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1609 ASC_INV_FIELD_IN_CMD_PACKET);
1610 break;
1611 }
1612
1613 /* XXX: could result in alignment problems in some architectures */
1614 max_len = ube16_to_cpu(packet + 7);
1615
1616 /*
1617 * XXX: avoid overflow for io_buffer if max_len is bigger than
1618 * the size of that buffer (dimensioned to max number of
1619 * sectors to transfer at once)
1620 *
1621 * Only a problem if the feature/profiles grow.
1622 */
1623 if (max_len > 512) /* XXX: assume 1 sector */
1624 max_len = 512;
1625
1626 memset(buf, 0, max_len);
1627 /*
1628 * the number of sectors from the media tells us which profile
1629 * to use as current. 0 means there is no media
1630 */
1631 if (media_is_dvd(s))
1632 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1633 else if (media_is_cd(s))
1634 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1635
1636 buf[10] = 0x02 | 0x01; /* persistent and current */
1637 len = 12; /* headers: 8 + 4 */
1638 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1639 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1640 cpu_to_ube32(buf, len - 4); /* data length */
1641
1642 ide_atapi_cmd_reply(s, len, max_len);
1643 break;
1644 }
1645 default:
1646 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1647 ASC_ILLEGAL_OPCODE);
1648 break;
1649 }
1650 }
1651
1652 static void ide_cfata_metadata_inquiry(IDEState *s)
1653 {
1654 uint16_t *p;
1655 uint32_t spd;
1656
1657 p = (uint16_t *) s->io_buffer;
1658 memset(p, 0, 0x200);
1659 spd = ((s->mdata_size - 1) >> 9) + 1;
1660
1661 put_le16(p + 0, 0x0001); /* Data format revision */
1662 put_le16(p + 1, 0x0000); /* Media property: silicon */
1663 put_le16(p + 2, s->media_changed); /* Media status */
1664 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1665 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1666 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1667 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1668 }
1669
1670 static void ide_cfata_metadata_read(IDEState *s)
1671 {
1672 uint16_t *p;
1673
1674 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1675 s->status = ERR_STAT;
1676 s->error = ABRT_ERR;
1677 return;
1678 }
1679
1680 p = (uint16_t *) s->io_buffer;
1681 memset(p, 0, 0x200);
1682
1683 put_le16(p + 0, s->media_changed); /* Media status */
1684 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1685 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1686 s->nsector << 9), 0x200 - 2));
1687 }
1688
1689 static void ide_cfata_metadata_write(IDEState *s)
1690 {
1691 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1692 s->status = ERR_STAT;
1693 s->error = ABRT_ERR;
1694 return;
1695 }
1696
1697 s->media_changed = 0;
1698
1699 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1700 s->io_buffer + 2,
1701 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1702 s->nsector << 9), 0x200 - 2));
1703 }
1704
1705 /* called when the inserted state of the media has changed */
1706 static void cdrom_change_cb(void *opaque)
1707 {
1708 IDEState *s = opaque;
1709 uint64_t nb_sectors;
1710
1711 bdrv_get_geometry(s->bs, &nb_sectors);
1712 s->nb_sectors = nb_sectors;
1713
1714 s->sense_key = SENSE_UNIT_ATTENTION;
1715 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1716 s->cdrom_changed = 1;
1717 ide_set_irq(s->bus);
1718 }
1719
1720 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1721 {
1722 s->lba48 = lba48;
1723
1724 /* handle the 'magic' 0 nsector count conversion here. to avoid
1725 * fiddling with the rest of the read logic, we just store the
1726 * full sector count in ->nsector and ignore ->hob_nsector from now
1727 */
1728 if (!s->lba48) {
1729 if (!s->nsector)
1730 s->nsector = 256;
1731 } else {
1732 if (!s->nsector && !s->hob_nsector)
1733 s->nsector = 65536;
1734 else {
1735 int lo = s->nsector;
1736 int hi = s->hob_nsector;
1737
1738 s->nsector = (hi << 8) | lo;
1739 }
1740 }
1741 }
1742
1743 static void ide_clear_hob(IDEBus *bus)
1744 {
1745 /* any write clears HOB high bit of device control register */
1746 bus->ifs[0].select &= ~(1 << 7);
1747 bus->ifs[1].select &= ~(1 << 7);
1748 }
1749
1750 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1751 {
1752 IDEBus *bus = opaque;
1753 IDEState *s;
1754 int n;
1755 int lba48 = 0;
1756
1757 #ifdef DEBUG_IDE
1758 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1759 #endif
1760
1761 addr &= 7;
1762
1763 /* ignore writes to command block while busy with previous command */
1764 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1765 return;
1766
1767 switch(addr) {
1768 case 0:
1769 break;
1770 case 1:
1771 ide_clear_hob(bus);
1772 /* NOTE: data is written to the two drives */
1773 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1774 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1775 bus->ifs[0].feature = val;
1776 bus->ifs[1].feature = val;
1777 break;
1778 case 2:
1779 ide_clear_hob(bus);
1780 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1781 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1782 bus->ifs[0].nsector = val;
1783 bus->ifs[1].nsector = val;
1784 break;
1785 case 3:
1786 ide_clear_hob(bus);
1787 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1788 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1789 bus->ifs[0].sector = val;
1790 bus->ifs[1].sector = val;
1791 break;
1792 case 4:
1793 ide_clear_hob(bus);
1794 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1795 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1796 bus->ifs[0].lcyl = val;
1797 bus->ifs[1].lcyl = val;
1798 break;
1799 case 5:
1800 ide_clear_hob(bus);
1801 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1802 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1803 bus->ifs[0].hcyl = val;
1804 bus->ifs[1].hcyl = val;
1805 break;
1806 case 6:
1807 /* FIXME: HOB readback uses bit 7 */
1808 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1809 bus->ifs[1].select = (val | 0x10) | 0xa0;
1810 /* select drive */
1811 bus->unit = (val >> 4) & 1;
1812 break;
1813 default:
1814 case 7:
1815 /* command */
1816 #if defined(DEBUG_IDE)
1817 printf("ide: CMD=%02x\n", val);
1818 #endif
1819 s = idebus_active_if(bus);
1820 /* ignore commands to non existant slave */
1821 if (s != bus->ifs && !s->bs)
1822 break;
1823
1824 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1825 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1826 break;
1827
1828 switch(val) {
1829 case WIN_IDENTIFY:
1830 if (s->bs && !s->is_cdrom) {
1831 if (!s->is_cf)
1832 ide_identify(s);
1833 else
1834 ide_cfata_identify(s);
1835 s->status = READY_STAT | SEEK_STAT;
1836 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1837 } else {
1838 if (s->is_cdrom) {
1839 ide_set_signature(s);
1840 }
1841 ide_abort_command(s);
1842 }
1843 ide_set_irq(s->bus);
1844 break;
1845 case WIN_SPECIFY:
1846 case WIN_RECAL:
1847 s->error = 0;
1848 s->status = READY_STAT | SEEK_STAT;
1849 ide_set_irq(s->bus);
1850 break;
1851 case WIN_SETMULT:
1852 if (s->is_cf && s->nsector == 0) {
1853 /* Disable Read and Write Multiple */
1854 s->mult_sectors = 0;
1855 s->status = READY_STAT | SEEK_STAT;
1856 } else if ((s->nsector & 0xff) != 0 &&
1857 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1858 (s->nsector & (s->nsector - 1)) != 0)) {
1859 ide_abort_command(s);
1860 } else {
1861 s->mult_sectors = s->nsector & 0xff;
1862 s->status = READY_STAT | SEEK_STAT;
1863 }
1864 ide_set_irq(s->bus);
1865 break;
1866 case WIN_VERIFY_EXT:
1867 lba48 = 1;
1868 case WIN_VERIFY:
1869 case WIN_VERIFY_ONCE:
1870 /* do sector number check ? */
1871 ide_cmd_lba48_transform(s, lba48);
1872 s->status = READY_STAT | SEEK_STAT;
1873 ide_set_irq(s->bus);
1874 break;
1875 case WIN_READ_EXT:
1876 lba48 = 1;
1877 case WIN_READ:
1878 case WIN_READ_ONCE:
1879 if (!s->bs)
1880 goto abort_cmd;
1881 ide_cmd_lba48_transform(s, lba48);
1882 s->req_nb_sectors = 1;
1883 ide_sector_read(s);
1884 break;
1885 case WIN_WRITE_EXT:
1886 lba48 = 1;
1887 case WIN_WRITE:
1888 case WIN_WRITE_ONCE:
1889 case CFA_WRITE_SECT_WO_ERASE:
1890 case WIN_WRITE_VERIFY:
1891 ide_cmd_lba48_transform(s, lba48);
1892 s->error = 0;
1893 s->status = SEEK_STAT | READY_STAT;
1894 s->req_nb_sectors = 1;
1895 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1896 s->media_changed = 1;
1897 break;
1898 case WIN_MULTREAD_EXT:
1899 lba48 = 1;
1900 case WIN_MULTREAD:
1901 if (!s->mult_sectors)
1902 goto abort_cmd;
1903 ide_cmd_lba48_transform(s, lba48);
1904 s->req_nb_sectors = s->mult_sectors;
1905 ide_sector_read(s);
1906 break;
1907 case WIN_MULTWRITE_EXT:
1908 lba48 = 1;
1909 case WIN_MULTWRITE:
1910 case CFA_WRITE_MULTI_WO_ERASE:
1911 if (!s->mult_sectors)
1912 goto abort_cmd;
1913 ide_cmd_lba48_transform(s, lba48);
1914 s->error = 0;
1915 s->status = SEEK_STAT | READY_STAT;
1916 s->req_nb_sectors = s->mult_sectors;
1917 n = s->nsector;
1918 if (n > s->req_nb_sectors)
1919 n = s->req_nb_sectors;
1920 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1921 s->media_changed = 1;
1922 break;
1923 case WIN_READDMA_EXT:
1924 lba48 = 1;
1925 case WIN_READDMA:
1926 case WIN_READDMA_ONCE:
1927 if (!s->bs)
1928 goto abort_cmd;
1929 ide_cmd_lba48_transform(s, lba48);
1930 ide_sector_read_dma(s);
1931 break;
1932 case WIN_WRITEDMA_EXT:
1933 lba48 = 1;
1934 case WIN_WRITEDMA:
1935 case WIN_WRITEDMA_ONCE:
1936 if (!s->bs)
1937 goto abort_cmd;
1938 ide_cmd_lba48_transform(s, lba48);
1939 ide_sector_write_dma(s);
1940 s->media_changed = 1;
1941 break;
1942 case WIN_READ_NATIVE_MAX_EXT:
1943 lba48 = 1;
1944 case WIN_READ_NATIVE_MAX:
1945 ide_cmd_lba48_transform(s, lba48);
1946 ide_set_sector(s, s->nb_sectors - 1);
1947 s->status = READY_STAT | SEEK_STAT;
1948 ide_set_irq(s->bus);
1949 break;
1950 case WIN_CHECKPOWERMODE1:
1951 case WIN_CHECKPOWERMODE2:
1952 s->nsector = 0xff; /* device active or idle */
1953 s->status = READY_STAT | SEEK_STAT;
1954 ide_set_irq(s->bus);
1955 break;
1956 case WIN_SETFEATURES:
1957 if (!s->bs)
1958 goto abort_cmd;
1959 /* XXX: valid for CDROM ? */
1960 switch(s->feature) {
1961 case 0xcc: /* reverting to power-on defaults enable */
1962 case 0x66: /* reverting to power-on defaults disable */
1963 case 0x02: /* write cache enable */
1964 case 0x82: /* write cache disable */
1965 case 0xaa: /* read look-ahead enable */
1966 case 0x55: /* read look-ahead disable */
1967 case 0x05: /* set advanced power management mode */
1968 case 0x85: /* disable advanced power management mode */
1969 case 0x69: /* NOP */
1970 case 0x67: /* NOP */
1971 case 0x96: /* NOP */
1972 case 0x9a: /* NOP */
1973 case 0x42: /* enable Automatic Acoustic Mode */
1974 case 0xc2: /* disable Automatic Acoustic Mode */
1975 s->status = READY_STAT | SEEK_STAT;
1976 ide_set_irq(s->bus);
1977 break;
1978 case 0x03: { /* set transfer mode */
1979 uint8_t val = s->nsector & 0x07;
1980 uint16_t *identify_data = (uint16_t *)s->identify_data;
1981
1982 switch (s->nsector >> 3) {
1983 case 0x00: /* pio default */
1984 case 0x01: /* pio mode */
1985 put_le16(identify_data + 62,0x07);
1986 put_le16(identify_data + 63,0x07);
1987 put_le16(identify_data + 88,0x3f);
1988 break;
1989 case 0x02: /* sigle word dma mode*/
1990 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1991 put_le16(identify_data + 63,0x07);
1992 put_le16(identify_data + 88,0x3f);
1993 break;
1994 case 0x04: /* mdma mode */
1995 put_le16(identify_data + 62,0x07);
1996 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1997 put_le16(identify_data + 88,0x3f);
1998 break;
1999 case 0x08: /* udma mode */
2000 put_le16(identify_data + 62,0x07);
2001 put_le16(identify_data + 63,0x07);
2002 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
2003 break;
2004 default:
2005 goto abort_cmd;
2006 }
2007 s->status = READY_STAT | SEEK_STAT;
2008 ide_set_irq(s->bus);
2009 break;
2010 }
2011 default:
2012 goto abort_cmd;
2013 }
2014 break;
2015 case WIN_FLUSH_CACHE:
2016 case WIN_FLUSH_CACHE_EXT:
2017 if (s->bs)
2018 bdrv_aio_flush(s->bs, ide_flush_cb, s);
2019 else
2020 ide_flush_cb(s, 0);
2021 break;
2022 case WIN_STANDBY:
2023 case WIN_STANDBY2:
2024 case WIN_STANDBYNOW1:
2025 case WIN_STANDBYNOW2:
2026 case WIN_IDLEIMMEDIATE:
2027 case CFA_IDLEIMMEDIATE:
2028 case WIN_SETIDLE1:
2029 case WIN_SETIDLE2:
2030 case WIN_SLEEPNOW1:
2031 case WIN_SLEEPNOW2:
2032 s->status = READY_STAT;
2033 ide_set_irq(s->bus);
2034 break;
2035 case WIN_SEEK:
2036 if(s->is_cdrom)
2037 goto abort_cmd;
2038 /* XXX: Check that seek is within bounds */
2039 s->status = READY_STAT | SEEK_STAT;
2040 ide_set_irq(s->bus);
2041 break;
2042 /* ATAPI commands */
2043 case WIN_PIDENTIFY:
2044 if (s->is_cdrom) {
2045 ide_atapi_identify(s);
2046 s->status = READY_STAT | SEEK_STAT;
2047 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
2048 } else {
2049 ide_abort_command(s);
2050 }
2051 ide_set_irq(s->bus);
2052 break;
2053 case WIN_DIAGNOSE:
2054 ide_set_signature(s);
2055 if (s->is_cdrom)
2056 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2057 * devices to return a clear status register
2058 * with READY_STAT *not* set. */
2059 else
2060 s->status = READY_STAT | SEEK_STAT;
2061 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2062 * present.
2063 */
2064 ide_set_irq(s->bus);
2065 break;
2066 case WIN_SRST:
2067 if (!s->is_cdrom)
2068 goto abort_cmd;
2069 ide_set_signature(s);
2070 s->status = 0x00; /* NOTE: READY is _not_ set */
2071 s->error = 0x01;
2072 break;
2073 case WIN_PACKETCMD:
2074 if (!s->is_cdrom)
2075 goto abort_cmd;
2076 /* overlapping commands not supported */
2077 if (s->feature & 0x02)
2078 goto abort_cmd;
2079 s->status = READY_STAT | SEEK_STAT;
2080 s->atapi_dma = s->feature & 1;
2081 s->nsector = 1;
2082 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2083 ide_atapi_cmd);
2084 break;
2085 /* CF-ATA commands */
2086 case CFA_REQ_EXT_ERROR_CODE:
2087 if (!s->is_cf)
2088 goto abort_cmd;
2089 s->error = 0x09; /* miscellaneous error */
2090 s->status = READY_STAT | SEEK_STAT;
2091 ide_set_irq(s->bus);
2092 break;
2093 case CFA_ERASE_SECTORS:
2094 case CFA_WEAR_LEVEL:
2095 if (!s->is_cf)
2096 goto abort_cmd;
2097 if (val == CFA_WEAR_LEVEL)
2098 s->nsector = 0;
2099 if (val == CFA_ERASE_SECTORS)
2100 s->media_changed = 1;
2101 s->error = 0x00;
2102 s->status = READY_STAT | SEEK_STAT;
2103 ide_set_irq(s->bus);
2104 break;
2105 case CFA_TRANSLATE_SECTOR:
2106 if (!s->is_cf)
2107 goto abort_cmd;
2108 s->error = 0x00;
2109 s->status = READY_STAT | SEEK_STAT;
2110 memset(s->io_buffer, 0, 0x200);
2111 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2112 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2113 s->io_buffer[0x02] = s->select; /* Head */
2114 s->io_buffer[0x03] = s->sector; /* Sector */
2115 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2116 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2117 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2118 s->io_buffer[0x13] = 0x00; /* Erase flag */
2119 s->io_buffer[0x18] = 0x00; /* Hot count */
2120 s->io_buffer[0x19] = 0x00; /* Hot count */
2121 s->io_buffer[0x1a] = 0x01; /* Hot count */
2122 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2123 ide_set_irq(s->bus);
2124 break;
2125 case CFA_ACCESS_METADATA_STORAGE:
2126 if (!s->is_cf)
2127 goto abort_cmd;
2128 switch (s->feature) {
2129 case 0x02: /* Inquiry Metadata Storage */
2130 ide_cfata_metadata_inquiry(s);
2131 break;
2132 case 0x03: /* Read Metadata Storage */
2133 ide_cfata_metadata_read(s);
2134 break;
2135 case 0x04: /* Write Metadata Storage */
2136 ide_cfata_metadata_write(s);
2137 break;
2138 default:
2139 goto abort_cmd;
2140 }
2141 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2142 s->status = 0x00; /* NOTE: READY is _not_ set */
2143 ide_set_irq(s->bus);
2144 break;
2145 case IBM_SENSE_CONDITION:
2146 if (!s->is_cf)
2147 goto abort_cmd;
2148 switch (s->feature) {
2149 case 0x01: /* sense temperature in device */
2150 s->nsector = 0x50; /* +20 C */
2151 break;
2152 default:
2153 goto abort_cmd;
2154 }
2155 s->status = READY_STAT | SEEK_STAT;
2156 ide_set_irq(s->bus);
2157 break;
2158
2159 case WIN_SMART:
2160 if (s->is_cdrom)
2161 goto abort_cmd;
2162 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2163 goto abort_cmd;
2164 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2165 goto abort_cmd;
2166 switch (s->feature) {
2167 case SMART_DISABLE:
2168 s->smart_enabled = 0;
2169 s->status = READY_STAT | SEEK_STAT;
2170 ide_set_irq(s->bus);
2171 break;
2172 case SMART_ENABLE:
2173 s->smart_enabled = 1;
2174 s->status = READY_STAT | SEEK_STAT;
2175 ide_set_irq(s->bus);
2176 break;
2177 case SMART_ATTR_AUTOSAVE:
2178 switch (s->sector) {
2179 case 0x00:
2180 s->smart_autosave = 0;
2181 break;
2182 case 0xf1:
2183 s->smart_autosave = 1;
2184 break;
2185 default:
2186 goto abort_cmd;
2187 }
2188 s->status = READY_STAT | SEEK_STAT;
2189 ide_set_irq(s->bus);
2190 break;
2191 case SMART_STATUS:
2192 if (!s->smart_errors) {
2193 s->hcyl = 0xc2;
2194 s->lcyl = 0x4f;
2195 } else {
2196 s->hcyl = 0x2c;
2197 s->lcyl = 0xf4;
2198 }
2199 s->status = READY_STAT | SEEK_STAT;
2200 ide_set_irq(s->bus);
2201 break;
2202 case SMART_READ_THRESH:
2203 memset(s->io_buffer, 0, 0x200);
2204 s->io_buffer[0] = 0x01; /* smart struct version */
2205 for (n=0; n<30; n++) {
2206 if (smart_attributes[n][0] == 0)
2207 break;
2208 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2209 s->io_buffer[2+1+(n*12)] = smart_attributes[n][4];
2210 }
2211 for (n=0; n<511; n++) /* checksum */
2212 s->io_buffer[511] += s->io_buffer[n];
2213 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2214 s->status = READY_STAT | SEEK_STAT;
2215 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2216 ide_set_irq(s->bus);
2217 break;
2218 case SMART_READ_DATA:
2219 memset(s->io_buffer, 0, 0x200);
2220 s->io_buffer[0] = 0x01; /* smart struct version */
2221 for (n=0; n<30; n++) {
2222 if (smart_attributes[n][0] == 0)
2223 break;
2224 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2225 s->io_buffer[2+1+(n*12)] = smart_attributes[n][1];
2226 s->io_buffer[2+3+(n*12)] = smart_attributes[n][2];
2227 s->io_buffer[2+4+(n*12)] = smart_attributes[n][3];
2228 }
2229 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2230 if (s->smart_selftest_count == 0) {
2231 s->io_buffer[363] = 0;
2232 } else {
2233 s->io_buffer[363] =
2234 s->smart_selftest_data[3 +
2235 (s->smart_selftest_count - 1) *
2236 24];
2237 }
2238 s->io_buffer[364] = 0x20;
2239 s->io_buffer[365] = 0x01;
2240 /* offline data collection capacity: execute + self-test*/
2241 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2242 s->io_buffer[368] = 0x03; /* smart capability (1) */
2243 s->io_buffer[369] = 0x00; /* smart capability (2) */
2244 s->io_buffer[370] = 0x01; /* error logging supported */
2245 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2246 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2247 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2248
2249 for (n=0; n<511; n++)
2250 s->io_buffer[511] += s->io_buffer[n];
2251 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2252 s->status = READY_STAT | SEEK_STAT;
2253 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2254 ide_set_irq(s->bus);
2255 break;
2256 case SMART_READ_LOG:
2257 switch (s->sector) {
2258 case 0x01: /* summary smart error log */
2259 memset(s->io_buffer, 0, 0x200);
2260 s->io_buffer[0] = 0x01;
2261 s->io_buffer[1] = 0x00; /* no error entries */
2262 s->io_buffer[452] = s->smart_errors & 0xff;
2263 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2264
2265 for (n=0; n<511; n++)
2266 s->io_buffer[511] += s->io_buffer[n];
2267 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2268 break;
2269 case 0x06: /* smart self test log */
2270 memset(s->io_buffer, 0, 0x200);
2271 s->io_buffer[0] = 0x01;
2272 if (s->smart_selftest_count == 0) {
2273 s->io_buffer[508] = 0;
2274 } else {
2275 s->io_buffer[508] = s->smart_selftest_count;
2276 for (n=2; n<506; n++)
2277 s->io_buffer[n] = s->smart_selftest_data[n];
2278 }
2279 for (n=0; n<511; n++)
2280 s->io_buffer[511] += s->io_buffer[n];
2281 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2282 break;
2283 default:
2284 goto abort_cmd;
2285 }
2286 s->status = READY_STAT | SEEK_STAT;
2287 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2288 ide_set_irq(s->bus);
2289 break;
2290 case SMART_EXECUTE_OFFLINE:
2291 switch (s->sector) {
2292 case 0: /* off-line routine */
2293 case 1: /* short self test */
2294 case 2: /* extended self test */
2295 s->smart_selftest_count++;
2296 if(s->smart_selftest_count > 21)
2297 s->smart_selftest_count = 0;
2298 n = 2 + (s->smart_selftest_count - 1) * 24;
2299 s->smart_selftest_data[n] = s->sector;
2300 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2301 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2302 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2303 s->status = READY_STAT | SEEK_STAT;
2304 ide_set_irq(s->bus);
2305 break;
2306 default:
2307 goto abort_cmd;
2308 }
2309 break;
2310 default:
2311 goto abort_cmd;
2312 }
2313 break;
2314 default:
2315 abort_cmd:
2316 ide_abort_command(s);
2317 ide_set_irq(s->bus);
2318 break;
2319 }
2320 }
2321 }
2322
2323 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2324 {
2325 IDEBus *bus = opaque;
2326 IDEState *s = idebus_active_if(bus);
2327 uint32_t addr;
2328 int ret, hob;
2329
2330 addr = addr1 & 7;
2331 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2332 //hob = s->select & (1 << 7);
2333 hob = 0;
2334 switch(addr) {
2335 case 0:
2336 ret = 0xff;
2337 break;
2338 case 1:
2339 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2340 (s != bus->ifs && !s->bs))
2341 ret = 0;
2342 else if (!hob)
2343 ret = s->error;
2344 else
2345 ret = s->hob_feature;
2346 break;
2347 case 2:
2348 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2349 ret = 0;
2350 else if (!hob)
2351 ret = s->nsector & 0xff;
2352 else
2353 ret = s->hob_nsector;
2354 break;
2355 case 3:
2356 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2357 ret = 0;
2358 else if (!hob)
2359 ret = s->sector;
2360 else
2361 ret = s->hob_sector;
2362 break;
2363 case 4:
2364 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2365 ret = 0;
2366 else if (!hob)
2367 ret = s->lcyl;
2368 else
2369 ret = s->hob_lcyl;
2370 break;
2371 case 5:
2372 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2373 ret = 0;
2374 else if (!hob)
2375 ret = s->hcyl;
2376 else
2377 ret = s->hob_hcyl;
2378 break;
2379 case 6:
2380 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2381 ret = 0;
2382 else
2383 ret = s->select;
2384 break;
2385 default:
2386 case 7:
2387 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2388 (s != bus->ifs && !s->bs))
2389 ret = 0;
2390 else
2391 ret = s->status;
2392 qemu_irq_lower(bus->irq);
2393 break;
2394 }
2395 #ifdef DEBUG_IDE
2396 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2397 #endif
2398 return ret;
2399 }
2400
2401 uint32_t ide_status_read(void *opaque, uint32_t addr)
2402 {
2403 IDEBus *bus = opaque;
2404 IDEState *s = idebus_active_if(bus);
2405 int ret;
2406
2407 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2408 (s != bus->ifs && !s->bs))
2409 ret = 0;
2410 else
2411 ret = s->status;
2412 #ifdef DEBUG_IDE
2413 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2414 #endif
2415 return ret;
2416 }
2417
2418 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2419 {
2420 IDEBus *bus = opaque;
2421 IDEState *s;
2422 int i;
2423
2424 #ifdef DEBUG_IDE
2425 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2426 #endif
2427 /* common for both drives */
2428 if (!(bus->cmd & IDE_CMD_RESET) &&
2429 (val & IDE_CMD_RESET)) {
2430 /* reset low to high */
2431 for(i = 0;i < 2; i++) {
2432 s = &bus->ifs[i];
2433 s->status = BUSY_STAT | SEEK_STAT;
2434 s->error = 0x01;
2435 }
2436 } else if ((bus->cmd & IDE_CMD_RESET) &&
2437 !(val & IDE_CMD_RESET)) {
2438 /* high to low */
2439 for(i = 0;i < 2; i++) {
2440 s = &bus->ifs[i];
2441 if (s->is_cdrom)
2442 s->status = 0x00; /* NOTE: READY is _not_ set */
2443 else
2444 s->status = READY_STAT | SEEK_STAT;
2445 ide_set_signature(s);
2446 }
2447 }
2448
2449 bus->cmd = val;
2450 }
2451
2452 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2453 {
2454 IDEBus *bus = opaque;
2455 IDEState *s = idebus_active_if(bus);
2456 uint8_t *p;
2457
2458 /* PIO data access allowed only when DRQ bit is set */
2459 if (!(s->status & DRQ_STAT))
2460 return;
2461
2462 p = s->data_ptr;
2463 *(uint16_t *)p = le16_to_cpu(val);
2464 p += 2;
2465 s->data_ptr = p;
2466 if (p >= s->data_end)
2467 s->end_transfer_func(s);
2468 }
2469
2470 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2471 {
2472 IDEBus *bus = opaque;
2473 IDEState *s = idebus_active_if(bus);
2474 uint8_t *p;
2475 int ret;
2476
2477 /* PIO data access allowed only when DRQ bit is set */
2478 if (!(s->status & DRQ_STAT))
2479 return 0;
2480
2481 p = s->data_ptr;
2482 ret = cpu_to_le16(*(uint16_t *)p);
2483 p += 2;
2484 s->data_ptr = p;
2485 if (p >= s->data_end)
2486 s->end_transfer_func(s);
2487 return ret;
2488 }
2489
2490 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2491 {
2492 IDEBus *bus = opaque;
2493 IDEState *s = idebus_active_if(bus);
2494 uint8_t *p;
2495
2496 /* PIO data access allowed only when DRQ bit is set */
2497 if (!(s->status & DRQ_STAT))
2498 return;
2499
2500 p = s->data_ptr;
2501 *(uint32_t *)p = le32_to_cpu(val);
2502 p += 4;
2503 s->data_ptr = p;
2504 if (p >= s->data_end)
2505 s->end_transfer_func(s);
2506 }
2507
2508 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2509 {
2510 IDEBus *bus = opaque;
2511 IDEState *s = idebus_active_if(bus);
2512 uint8_t *p;
2513 int ret;
2514
2515 /* PIO data access allowed only when DRQ bit is set */
2516 if (!(s->status & DRQ_STAT))
2517 return 0;
2518
2519 p = s->data_ptr;
2520 ret = cpu_to_le32(*(uint32_t *)p);
2521 p += 4;
2522 s->data_ptr = p;
2523 if (p >= s->data_end)
2524 s->end_transfer_func(s);
2525 return ret;
2526 }
2527
2528 static void ide_dummy_transfer_stop(IDEState *s)
2529 {
2530 s->data_ptr = s->io_buffer;
2531 s->data_end = s->io_buffer;
2532 s->io_buffer[0] = 0xff;
2533 s->io_buffer[1] = 0xff;
2534 s->io_buffer[2] = 0xff;
2535 s->io_buffer[3] = 0xff;
2536 }
2537
2538 static void ide_reset(IDEState *s)
2539 {
2540 #ifdef DEBUG_IDE
2541 printf("ide: reset\n");
2542 #endif
2543 if (s->is_cf)
2544 s->mult_sectors = 0;
2545 else
2546 s->mult_sectors = MAX_MULT_SECTORS;
2547 /* ide regs */
2548 s->feature = 0;
2549 s->error = 0;
2550 s->nsector = 0;
2551 s->sector = 0;
2552 s->lcyl = 0;
2553 s->hcyl = 0;
2554
2555 /* lba48 */
2556 s->hob_feature = 0;
2557 s->hob_sector = 0;
2558 s->hob_nsector = 0;
2559 s->hob_lcyl = 0;
2560 s->hob_hcyl = 0;
2561
2562 s->select = 0xa0;
2563 s->status = READY_STAT | SEEK_STAT;
2564
2565 s->lba48 = 0;
2566
2567 /* ATAPI specific */
2568 s->sense_key = 0;
2569 s->asc = 0;
2570 s->cdrom_changed = 0;
2571 s->packet_transfer_size = 0;
2572 s->elementary_transfer_size = 0;
2573 s->io_buffer_index = 0;
2574 s->cd_sector_size = 0;
2575 s->atapi_dma = 0;
2576 /* ATA DMA state */
2577 s->io_buffer_size = 0;
2578 s->req_nb_sectors = 0;
2579
2580 ide_set_signature(s);
2581 /* init the transfer handler so that 0xffff is returned on data
2582 accesses */
2583 s->end_transfer_func = ide_dummy_transfer_stop;
2584 ide_dummy_transfer_stop(s);
2585 s->media_changed = 0;
2586 }
2587
2588 void ide_bus_reset(IDEBus *bus)
2589 {
2590 bus->unit = 0;
2591 bus->cmd = 0;
2592 ide_reset(&bus->ifs[0]);
2593 ide_reset(&bus->ifs[1]);
2594 ide_clear_hob(bus);
2595 }
2596
2597 void ide_init_drive(IDEState *s, DriveInfo *dinfo, const char *version)
2598 {
2599 int cylinders, heads, secs;
2600 uint64_t nb_sectors;
2601
2602 if (dinfo && dinfo->bdrv) {
2603 s->bs = dinfo->bdrv;
2604 bdrv_get_geometry(s->bs, &nb_sectors);
2605 bdrv_guess_geometry(s->bs, &cylinders, &heads, &secs);
2606 s->cylinders = cylinders;
2607 s->heads = heads;
2608 s->sectors = secs;
2609 s->nb_sectors = nb_sectors;
2610 /* The SMART values should be preserved across power cycles
2611 but they aren't. */
2612 s->smart_enabled = 1;
2613 s->smart_autosave = 1;
2614 s->smart_errors = 0;
2615 s->smart_selftest_count = 0;
2616 if (bdrv_get_type_hint(s->bs) == BDRV_TYPE_CDROM) {
2617 s->is_cdrom = 1;
2618 bdrv_set_change_cb(s->bs, cdrom_change_cb, s);
2619 }
2620 strncpy(s->drive_serial_str, drive_get_serial(s->bs),
2621 sizeof(s->drive_serial_str));
2622 }
2623 if (strlen(s->drive_serial_str) == 0)
2624 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2625 "QM%05d", s->drive_serial);
2626 if (version) {
2627 pstrcpy(s->version, sizeof(s->version), version);
2628 } else {
2629 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2630 }
2631 ide_reset(s);
2632 }
2633
2634 void ide_init2(IDEBus *bus, DriveInfo *hd0, DriveInfo *hd1,
2635 qemu_irq irq)
2636 {
2637 IDEState *s;
2638 static int drive_serial = 1;
2639 int i;
2640
2641 for(i = 0; i < 2; i++) {
2642 s = bus->ifs + i;
2643 s->bus = bus;
2644 s->unit = i;
2645 s->drive_serial = drive_serial++;
2646 s->io_buffer = qemu_blockalign(s->bs, IDE_DMA_BUF_SECTORS*512 + 4);
2647 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2648 s->sector_write_timer = qemu_new_timer(vm_clock,
2649 ide_sector_write_timer_cb, s);
2650 if (i == 0)
2651 ide_init_drive(s, hd0, NULL);
2652 if (i == 1)
2653 ide_init_drive(s, hd1, NULL);
2654 }
2655 bus->irq = irq;
2656 }
2657
2658 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2659 {
2660 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2661 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2662 if (iobase2) {
2663 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2664 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2665 }
2666
2667 /* data ports */
2668 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2669 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2670 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2671 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2672 }
2673
2674 static bool is_identify_set(void *opaque, int version_id)
2675 {
2676 IDEState *s = opaque;
2677
2678 return s->identify_set != 0;
2679 }
2680
2681 static int ide_drive_post_load(void *opaque, int version_id)
2682 {
2683 IDEState *s = opaque;
2684
2685 if (version_id < 3) {
2686 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2687 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2688 s->cdrom_changed = 1;
2689 }
2690 }
2691 return 0;
2692 }
2693
2694 const VMStateDescription vmstate_ide_drive = {
2695 .name = "ide_drive",
2696 .version_id = 3,
2697 .minimum_version_id = 0,
2698 .minimum_version_id_old = 0,
2699 .post_load = ide_drive_post_load,
2700 .fields = (VMStateField []) {
2701 VMSTATE_INT32(mult_sectors, IDEState),
2702 VMSTATE_INT32(identify_set, IDEState),
2703 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2704 VMSTATE_UINT8(feature, IDEState),
2705 VMSTATE_UINT8(error, IDEState),
2706 VMSTATE_UINT32(nsector, IDEState),
2707 VMSTATE_UINT8(sector, IDEState),
2708 VMSTATE_UINT8(lcyl, IDEState),
2709 VMSTATE_UINT8(hcyl, IDEState),
2710 VMSTATE_UINT8(hob_feature, IDEState),
2711 VMSTATE_UINT8(hob_sector, IDEState),
2712 VMSTATE_UINT8(hob_nsector, IDEState),
2713 VMSTATE_UINT8(hob_lcyl, IDEState),
2714 VMSTATE_UINT8(hob_hcyl, IDEState),
2715 VMSTATE_UINT8(select, IDEState),
2716 VMSTATE_UINT8(status, IDEState),
2717 VMSTATE_UINT8(lba48, IDEState),
2718 VMSTATE_UINT8(sense_key, IDEState),
2719 VMSTATE_UINT8(asc, IDEState),
2720 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2721 /* XXX: if a transfer is pending, we do not save it yet */
2722 VMSTATE_END_OF_LIST()
2723 }
2724 };
2725
2726 const VMStateDescription vmstate_ide_bus = {
2727 .name = "ide_bus",
2728 .version_id = 1,
2729 .minimum_version_id = 1,
2730 .minimum_version_id_old = 1,
2731 .fields = (VMStateField []) {
2732 VMSTATE_UINT8(cmd, IDEBus),
2733 VMSTATE_UINT8(unit, IDEBus),
2734 VMSTATE_END_OF_LIST()
2735 }
2736 };
2737
2738 /***********************************************************/
2739 /* PCI IDE definitions */
2740
2741 static void ide_dma_start(IDEState *s, BlockDriverCompletionFunc *dma_cb)
2742 {
2743 BMDMAState *bm = s->bus->bmdma;
2744 if(!bm)
2745 return;
2746 bm->unit = s->unit;
2747 bm->dma_cb = dma_cb;
2748 bm->cur_prd_last = 0;
2749 bm->cur_prd_addr = 0;
2750 bm->cur_prd_len = 0;
2751 bm->sector_num = ide_get_sector(s);
2752 bm->nsector = s->nsector;
2753 if (bm->status & BM_STATUS_DMAING) {
2754 bm->dma_cb(bm, 0);
2755 }
2756 }
2757
2758 static void ide_dma_restart(IDEState *s, int is_read)
2759 {
2760 BMDMAState *bm = s->bus->bmdma;
2761 ide_set_sector(s, bm->sector_num);
2762 s->io_buffer_index = 0;
2763 s->io_buffer_size = 0;
2764 s->nsector = bm->nsector;
2765 bm->cur_addr = bm->addr;
2766
2767 if (is_read) {
2768 bm->dma_cb = ide_read_dma_cb;
2769 } else {
2770 bm->dma_cb = ide_write_dma_cb;
2771 }
2772
2773 ide_dma_start(s, bm->dma_cb);
2774 }
2775
2776 void ide_dma_cancel(BMDMAState *bm)
2777 {
2778 if (bm->status & BM_STATUS_DMAING) {
2779 bm->status &= ~BM_STATUS_DMAING;
2780 /* cancel DMA request */
2781 bm->unit = -1;
2782 bm->dma_cb = NULL;
2783 if (bm->aiocb) {
2784 #ifdef DEBUG_AIO
2785 printf("aio_cancel\n");
2786 #endif
2787 bdrv_aio_cancel(bm->aiocb);
2788 bm->aiocb = NULL;
2789 }
2790 }
2791 }
2792
2793 void ide_dma_reset(BMDMAState *bm)
2794 {
2795 #ifdef DEBUG_IDE
2796 printf("ide: dma_reset\n");
2797 #endif
2798 ide_dma_cancel(bm);
2799 bm->cmd = 0;
2800 bm->status = 0;
2801 bm->addr = 0;
2802 bm->cur_addr = 0;
2803 bm->cur_prd_last = 0;
2804 bm->cur_prd_addr = 0;
2805 bm->cur_prd_len = 0;
2806 bm->sector_num = 0;
2807 bm->nsector = 0;
2808 }
AR7 emulation for QEMU