search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
atapi: GESN: Standardise event response handling for future additions
[qemu/cris-port.git] / hw / ide / core.c
bloba38cc14aafb1c58baecfced35a2964cc309cff65
1 /*
2 * QEMU IDE disk and CD/DVD-ROM Emulator
3 *
4 * Copyright (c) 2003 Fabrice Bellard
5 * Copyright (c) 2006 Openedhand Ltd.
6 *
7 * Permission is hereby granted, free of charge, to any person obtaining a copy
8 * of this software and associated documentation files (the "Software"), to deal
9 * in the Software without restriction, including without limitation the rights
10 * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
11 * copies of the Software, and to permit persons to whom the Software is
12 * furnished to do so, subject to the following conditions:
13 *
14 * The above copyright notice and this permission notice shall be included in
15 * all copies or substantial portions of the Software.
16 *
17 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
18 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
19 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
20 * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
21 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
22 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
23 * THE SOFTWARE.
24 */
25 #include <hw/hw.h>
26 #include <hw/pc.h>
27 #include <hw/pci.h>
28 #include <hw/scsi.h>
29 #include "qemu-error.h"
30 #include "qemu-timer.h"
31 #include "sysemu.h"
32 #include "dma.h"
33 #include "blockdev.h"
34
35 #include <hw/ide/internal.h>
36
37 /* These values were based on a Seagate ST3500418AS but have been modified
38 to make more sense in QEMU */
39 static const int smart_attributes[][12] = {
40 /* id, flags, hflags, val, wrst, raw (6 bytes), threshold */
41 /* raw read error rate*/
42 { 0x01, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x06},
43 /* spin up */
44 { 0x03, 0x03, 0x00, 0x64, 0x64, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
45 /* start stop count */
46 { 0x04, 0x02, 0x00, 0x64, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x14},
47 /* remapped sectors */
48 { 0x05, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x24},
49 /* power on hours */
50 { 0x09, 0x03, 0x00, 0x64, 0x64, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
51 /* power cycle count */
52 { 0x0c, 0x03, 0x00, 0x64, 0x64, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00},
53 /* airflow-temperature-celsius */
54 { 190, 0x03, 0x00, 0x45, 0x45, 0x1f, 0x00, 0x1f, 0x1f, 0x00, 0x00, 0x32},
55 /* end of list */
56 { 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00}
57 };
58
59 /* XXX: DVDs that could fit on a CD will be reported as a CD */
60 static inline int media_present(IDEState *s)
61 {
62 return (s->nb_sectors > 0);
63 }
64
65 static inline int media_is_dvd(IDEState *s)
66 {
67 return (media_present(s) && s->nb_sectors > CD_MAX_SECTORS);
68 }
69
70 static inline int media_is_cd(IDEState *s)
71 {
72 return (media_present(s) && s->nb_sectors <= CD_MAX_SECTORS);
73 }
74
75 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret);
76 static int ide_handle_rw_error(IDEState *s, int error, int op);
77
78 static void padstr(char *str, const char *src, int len)
79 {
80 int i, v;
81 for(i = 0; i < len; i++) {
82 if (*src)
83 v = *src++;
84 else
85 v = ' ';
86 str[i^1] = v;
87 }
88 }
89
90 static void padstr8(uint8_t *buf, int buf_size, const char *src)
91 {
92 int i;
93 for(i = 0; i < buf_size; i++) {
94 if (*src)
95 buf[i] = *src++;
96 else
97 buf[i] = ' ';
98 }
99 }
100
101 static void put_le16(uint16_t *p, unsigned int v)
102 {
103 *p = cpu_to_le16(v);
104 }
105
106 static void ide_identify(IDEState *s)
107 {
108 uint16_t *p;
109 unsigned int oldsize;
110 IDEDevice *dev;
111
112 if (s->identify_set) {
113 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
114 return;
115 }
116
117 memset(s->io_buffer, 0, 512);
118 p = (uint16_t *)s->io_buffer;
119 put_le16(p + 0, 0x0040);
120 put_le16(p + 1, s->cylinders);
121 put_le16(p + 3, s->heads);
122 put_le16(p + 4, 512 * s->sectors); /* XXX: retired, remove ? */
123 put_le16(p + 5, 512); /* XXX: retired, remove ? */
124 put_le16(p + 6, s->sectors);
125 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
126 put_le16(p + 20, 3); /* XXX: retired, remove ? */
127 put_le16(p + 21, 512); /* cache size in sectors */
128 put_le16(p + 22, 4); /* ecc bytes */
129 padstr((char *)(p + 23), s->version, 8); /* firmware version */
130 padstr((char *)(p + 27), "QEMU HARDDISK", 40); /* model */
131 #if MAX_MULT_SECTORS > 1
132 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
133 #endif
134 put_le16(p + 48, 1); /* dword I/O */
135 put_le16(p + 49, (1 << 11) | (1 << 9) | (1 << 8)); /* DMA and LBA supported */
136 put_le16(p + 51, 0x200); /* PIO transfer cycle */
137 put_le16(p + 52, 0x200); /* DMA transfer cycle */
138 put_le16(p + 53, 1 | (1 << 1) | (1 << 2)); /* words 54-58,64-70,88 are valid */
139 put_le16(p + 54, s->cylinders);
140 put_le16(p + 55, s->heads);
141 put_le16(p + 56, s->sectors);
142 oldsize = s->cylinders * s->heads * s->sectors;
143 put_le16(p + 57, oldsize);
144 put_le16(p + 58, oldsize >> 16);
145 if (s->mult_sectors)
146 put_le16(p + 59, 0x100 | s->mult_sectors);
147 put_le16(p + 60, s->nb_sectors);
148 put_le16(p + 61, s->nb_sectors >> 16);
149 put_le16(p + 62, 0x07); /* single word dma0-2 supported */
150 put_le16(p + 63, 0x07); /* mdma0-2 supported */
151 put_le16(p + 64, 0x03); /* pio3-4 supported */
152 put_le16(p + 65, 120);
153 put_le16(p + 66, 120);
154 put_le16(p + 67, 120);
155 put_le16(p + 68, 120);
156
157 if (s->ncq_queues) {
158 put_le16(p + 75, s->ncq_queues - 1);
159 /* NCQ supported */
160 put_le16(p + 76, (1 << 8));
161 }
162
163 put_le16(p + 80, 0xf0); /* ata3 -> ata6 supported */
164 put_le16(p + 81, 0x16); /* conforms to ata5 */
165 /* 14=NOP supported, 5=WCACHE supported, 0=SMART supported */
166 put_le16(p + 82, (1 << 14) | (1 << 5) | 1);
167 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
168 put_le16(p + 83, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
169 /* 14=set to 1, 1=SMART self test, 0=SMART error logging */
170 put_le16(p + 84, (1 << 14) | 0);
171 /* 14 = NOP supported, 5=WCACHE enabled, 0=SMART feature set enabled */
172 if (bdrv_enable_write_cache(s->bs))
173 put_le16(p + 85, (1 << 14) | (1 << 5) | 1);
174 else
175 put_le16(p + 85, (1 << 14) | 1);
176 /* 13=flush_cache_ext,12=flush_cache,10=lba48 */
177 put_le16(p + 86, (1 << 14) | (1 << 13) | (1 <<12) | (1 << 10));
178 /* 14=set to 1, 1=smart self test, 0=smart error logging */
179 put_le16(p + 87, (1 << 14) | 0);
180 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
181 put_le16(p + 93, 1 | (1 << 14) | 0x2000);
182 put_le16(p + 100, s->nb_sectors);
183 put_le16(p + 101, s->nb_sectors >> 16);
184 put_le16(p + 102, s->nb_sectors >> 32);
185 put_le16(p + 103, s->nb_sectors >> 48);
186 dev = s->unit ? s->bus->slave : s->bus->master;
187 if (dev && dev->conf.physical_block_size)
188 put_le16(p + 106, 0x6000 | get_physical_block_exp(&dev->conf));
189
190 memcpy(s->identify_data, p, sizeof(s->identify_data));
191 s->identify_set = 1;
192 }
193
194 static void ide_atapi_identify(IDEState *s)
195 {
196 uint16_t *p;
197
198 if (s->identify_set) {
199 memcpy(s->io_buffer, s->identify_data, sizeof(s->identify_data));
200 return;
201 }
202
203 memset(s->io_buffer, 0, 512);
204 p = (uint16_t *)s->io_buffer;
205 /* Removable CDROM, 50us response, 12 byte packets */
206 put_le16(p + 0, (2 << 14) | (5 << 8) | (1 << 7) | (2 << 5) | (0 << 0));
207 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
208 put_le16(p + 20, 3); /* buffer type */
209 put_le16(p + 21, 512); /* cache size in sectors */
210 put_le16(p + 22, 4); /* ecc bytes */
211 padstr((char *)(p + 23), s->version, 8); /* firmware version */
212 padstr((char *)(p + 27), "QEMU DVD-ROM", 40); /* model */
213 put_le16(p + 48, 1); /* dword I/O (XXX: should not be set on CDROM) */
214 #ifdef USE_DMA_CDROM
215 put_le16(p + 49, 1 << 9 | 1 << 8); /* DMA and LBA supported */
216 put_le16(p + 53, 7); /* words 64-70, 54-58, 88 valid */
217 put_le16(p + 62, 7); /* single word dma0-2 supported */
218 put_le16(p + 63, 7); /* mdma0-2 supported */
219 #else
220 put_le16(p + 49, 1 << 9); /* LBA supported, no DMA */
221 put_le16(p + 53, 3); /* words 64-70, 54-58 valid */
222 put_le16(p + 63, 0x103); /* DMA modes XXX: may be incorrect */
223 #endif
224 put_le16(p + 64, 3); /* pio3-4 supported */
225 put_le16(p + 65, 0xb4); /* minimum DMA multiword tx cycle time */
226 put_le16(p + 66, 0xb4); /* recommended DMA multiword tx cycle time */
227 put_le16(p + 67, 0x12c); /* minimum PIO cycle time without flow control */
228 put_le16(p + 68, 0xb4); /* minimum PIO cycle time with IORDY flow control */
229
230 put_le16(p + 71, 30); /* in ns */
231 put_le16(p + 72, 30); /* in ns */
232
233 if (s->ncq_queues) {
234 put_le16(p + 75, s->ncq_queues - 1);
235 /* NCQ supported */
236 put_le16(p + 76, (1 << 8));
237 }
238
239 put_le16(p + 80, 0x1e); /* support up to ATA/ATAPI-4 */
240 #ifdef USE_DMA_CDROM
241 put_le16(p + 88, 0x3f | (1 << 13)); /* udma5 set and supported */
242 #endif
243 memcpy(s->identify_data, p, sizeof(s->identify_data));
244 s->identify_set = 1;
245 }
246
247 static void ide_cfata_identify(IDEState *s)
248 {
249 uint16_t *p;
250 uint32_t cur_sec;
251
252 p = (uint16_t *) s->identify_data;
253 if (s->identify_set)
254 goto fill_buffer;
255
256 memset(p, 0, sizeof(s->identify_data));
257
258 cur_sec = s->cylinders * s->heads * s->sectors;
259
260 put_le16(p + 0, 0x848a); /* CF Storage Card signature */
261 put_le16(p + 1, s->cylinders); /* Default cylinders */
262 put_le16(p + 3, s->heads); /* Default heads */
263 put_le16(p + 6, s->sectors); /* Default sectors per track */
264 put_le16(p + 7, s->nb_sectors >> 16); /* Sectors per card */
265 put_le16(p + 8, s->nb_sectors); /* Sectors per card */
266 padstr((char *)(p + 10), s->drive_serial_str, 20); /* serial number */
267 put_le16(p + 22, 0x0004); /* ECC bytes */
268 padstr((char *) (p + 23), s->version, 8); /* Firmware Revision */
269 padstr((char *) (p + 27), "QEMU MICRODRIVE", 40);/* Model number */
270 #if MAX_MULT_SECTORS > 1
271 put_le16(p + 47, 0x8000 | MAX_MULT_SECTORS);
272 #else
273 put_le16(p + 47, 0x0000);
274 #endif
275 put_le16(p + 49, 0x0f00); /* Capabilities */
276 put_le16(p + 51, 0x0002); /* PIO cycle timing mode */
277 put_le16(p + 52, 0x0001); /* DMA cycle timing mode */
278 put_le16(p + 53, 0x0003); /* Translation params valid */
279 put_le16(p + 54, s->cylinders); /* Current cylinders */
280 put_le16(p + 55, s->heads); /* Current heads */
281 put_le16(p + 56, s->sectors); /* Current sectors */
282 put_le16(p + 57, cur_sec); /* Current capacity */
283 put_le16(p + 58, cur_sec >> 16); /* Current capacity */
284 if (s->mult_sectors) /* Multiple sector setting */
285 put_le16(p + 59, 0x100 | s->mult_sectors);
286 put_le16(p + 60, s->nb_sectors); /* Total LBA sectors */
287 put_le16(p + 61, s->nb_sectors >> 16); /* Total LBA sectors */
288 put_le16(p + 63, 0x0203); /* Multiword DMA capability */
289 put_le16(p + 64, 0x0001); /* Flow Control PIO support */
290 put_le16(p + 65, 0x0096); /* Min. Multiword DMA cycle */
291 put_le16(p + 66, 0x0096); /* Rec. Multiword DMA cycle */
292 put_le16(p + 68, 0x00b4); /* Min. PIO cycle time */
293 put_le16(p + 82, 0x400c); /* Command Set supported */
294 put_le16(p + 83, 0x7068); /* Command Set supported */
295 put_le16(p + 84, 0x4000); /* Features supported */
296 put_le16(p + 85, 0x000c); /* Command Set enabled */
297 put_le16(p + 86, 0x7044); /* Command Set enabled */
298 put_le16(p + 87, 0x4000); /* Features enabled */
299 put_le16(p + 91, 0x4060); /* Current APM level */
300 put_le16(p + 129, 0x0002); /* Current features option */
301 put_le16(p + 130, 0x0005); /* Reassigned sectors */
302 put_le16(p + 131, 0x0001); /* Initial power mode */
303 put_le16(p + 132, 0x0000); /* User signature */
304 put_le16(p + 160, 0x8100); /* Power requirement */
305 put_le16(p + 161, 0x8001); /* CF command set */
306
307 s->identify_set = 1;
308
309 fill_buffer:
310 memcpy(s->io_buffer, p, sizeof(s->identify_data));
311 }
312
313 static void ide_set_signature(IDEState *s)
314 {
315 s->select &= 0xf0; /* clear head */
316 /* put signature */
317 s->nsector = 1;
318 s->sector = 1;
319 if (s->drive_kind == IDE_CD) {
320 s->lcyl = 0x14;
321 s->hcyl = 0xeb;
322 } else if (s->bs) {
323 s->lcyl = 0;
324 s->hcyl = 0;
325 } else {
326 s->lcyl = 0xff;
327 s->hcyl = 0xff;
328 }
329 }
330
331 static inline void ide_abort_command(IDEState *s)
332 {
333 s->status = READY_STAT | ERR_STAT;
334 s->error = ABRT_ERR;
335 }
336
337 /* prepare data transfer and tell what to do after */
338 static void ide_transfer_start(IDEState *s, uint8_t *buf, int size,
339 EndTransferFunc *end_transfer_func)
340 {
341 s->end_transfer_func = end_transfer_func;
342 s->data_ptr = buf;
343 s->data_end = buf + size;
344 if (!(s->status & ERR_STAT)) {
345 s->status |= DRQ_STAT;
346 }
347 s->bus->dma->ops->start_transfer(s->bus->dma);
348 }
349
350 static void ide_transfer_stop(IDEState *s)
351 {
352 s->end_transfer_func = ide_transfer_stop;
353 s->data_ptr = s->io_buffer;
354 s->data_end = s->io_buffer;
355 s->status &= ~DRQ_STAT;
356 }
357
358 int64_t ide_get_sector(IDEState *s)
359 {
360 int64_t sector_num;
361 if (s->select & 0x40) {
362 /* lba */
363 if (!s->lba48) {
364 sector_num = ((s->select & 0x0f) << 24) | (s->hcyl << 16) |
365 (s->lcyl << 8) | s->sector;
366 } else {
367 sector_num = ((int64_t)s->hob_hcyl << 40) |
368 ((int64_t) s->hob_lcyl << 32) |
369 ((int64_t) s->hob_sector << 24) |
370 ((int64_t) s->hcyl << 16) |
371 ((int64_t) s->lcyl << 8) | s->sector;
372 }
373 } else {
374 sector_num = ((s->hcyl << 8) | s->lcyl) * s->heads * s->sectors +
375 (s->select & 0x0f) * s->sectors + (s->sector - 1);
376 }
377 return sector_num;
378 }
379
380 void ide_set_sector(IDEState *s, int64_t sector_num)
381 {
382 unsigned int cyl, r;
383 if (s->select & 0x40) {
384 if (!s->lba48) {
385 s->select = (s->select & 0xf0) | (sector_num >> 24);
386 s->hcyl = (sector_num >> 16);
387 s->lcyl = (sector_num >> 8);
388 s->sector = (sector_num);
389 } else {
390 s->sector = sector_num;
391 s->lcyl = sector_num >> 8;
392 s->hcyl = sector_num >> 16;
393 s->hob_sector = sector_num >> 24;
394 s->hob_lcyl = sector_num >> 32;
395 s->hob_hcyl = sector_num >> 40;
396 }
397 } else {
398 cyl = sector_num / (s->heads * s->sectors);
399 r = sector_num % (s->heads * s->sectors);
400 s->hcyl = cyl >> 8;
401 s->lcyl = cyl;
402 s->select = (s->select & 0xf0) | ((r / s->sectors) & 0x0f);
403 s->sector = (r % s->sectors) + 1;
404 }
405 }
406
407 static void ide_rw_error(IDEState *s) {
408 ide_abort_command(s);
409 ide_set_irq(s->bus);
410 }
411
412 void ide_sector_read(IDEState *s)
413 {
414 int64_t sector_num;
415 int ret, n;
416
417 s->status = READY_STAT | SEEK_STAT;
418 s->error = 0; /* not needed by IDE spec, but needed by Windows */
419 sector_num = ide_get_sector(s);
420 n = s->nsector;
421 if (n == 0) {
422 /* no more sector to read from disk */
423 ide_transfer_stop(s);
424 } else {
425 #if defined(DEBUG_IDE)
426 printf("read sector=%" PRId64 "\n", sector_num);
427 #endif
428 if (n > s->req_nb_sectors)
429 n = s->req_nb_sectors;
430 ret = bdrv_read(s->bs, sector_num, s->io_buffer, n);
431 if (ret != 0) {
432 if (ide_handle_rw_error(s, -ret,
433 BM_STATUS_PIO_RETRY | BM_STATUS_RETRY_READ))
434 {
435 return;
436 }
437 }
438 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_read);
439 ide_set_irq(s->bus);
440 ide_set_sector(s, sector_num + n);
441 s->nsector -= n;
442 }
443 }
444
445 static void dma_buf_commit(IDEState *s, int is_write)
446 {
447 qemu_sglist_destroy(&s->sg);
448 }
449
450 static void ide_set_inactive(IDEState *s)
451 {
452 s->bus->dma->aiocb = NULL;
453 s->bus->dma->ops->set_inactive(s->bus->dma);
454 }
455
456 void ide_dma_error(IDEState *s)
457 {
458 ide_transfer_stop(s);
459 s->error = ABRT_ERR;
460 s->status = READY_STAT | ERR_STAT;
461 ide_set_inactive(s);
462 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_INT);
463 ide_set_irq(s->bus);
464 }
465
466 static int ide_handle_rw_error(IDEState *s, int error, int op)
467 {
468 int is_read = (op & BM_STATUS_RETRY_READ);
469 BlockErrorAction action = bdrv_get_on_error(s->bs, is_read);
470
471 if (action == BLOCK_ERR_IGNORE) {
472 bdrv_mon_event(s->bs, BDRV_ACTION_IGNORE, is_read);
473 return 0;
474 }
475
476 if ((error == ENOSPC && action == BLOCK_ERR_STOP_ENOSPC)
477 || action == BLOCK_ERR_STOP_ANY) {
478 s->bus->dma->ops->set_unit(s->bus->dma, s->unit);
479 s->bus->dma->ops->add_status(s->bus->dma, op);
480 bdrv_mon_event(s->bs, BDRV_ACTION_STOP, is_read);
481 vm_stop(VMSTOP_DISKFULL);
482 } else {
483 if (op & BM_STATUS_DMA_RETRY) {
484 dma_buf_commit(s, 0);
485 ide_dma_error(s);
486 } else {
487 ide_rw_error(s);
488 }
489 bdrv_mon_event(s->bs, BDRV_ACTION_REPORT, is_read);
490 }
491
492 return 1;
493 }
494
495 void ide_dma_cb(void *opaque, int ret)
496 {
497 IDEState *s = opaque;
498 int n;
499 int64_t sector_num;
500
501 handle_rw_error:
502 if (ret < 0) {
503 int op = BM_STATUS_DMA_RETRY;
504
505 if (s->is_read)
506 op |= BM_STATUS_RETRY_READ;
507 if (ide_handle_rw_error(s, -ret, op)) {
508 return;
509 }
510 }
511
512 n = s->io_buffer_size >> 9;
513 sector_num = ide_get_sector(s);
514 if (n > 0) {
515 dma_buf_commit(s, s->is_read);
516 sector_num += n;
517 ide_set_sector(s, sector_num);
518 s->nsector -= n;
519 }
520
521 /* end of transfer ? */
522 if (s->nsector == 0) {
523 s->status = READY_STAT | SEEK_STAT;
524 ide_set_irq(s->bus);
525 goto eot;
526 }
527
528 /* launch next transfer */
529 n = s->nsector;
530 s->io_buffer_index = 0;
531 s->io_buffer_size = n * 512;
532 if (s->bus->dma->ops->prepare_buf(s->bus->dma, s->is_read) == 0)
533 goto eot;
534
535 #ifdef DEBUG_AIO
536 printf("ide_dma_cb: sector_num=%" PRId64 " n=%d, is_read=%d\n",
537 sector_num, n, s->is_read);
538 #endif
539
540 if (s->is_read) {
541 s->bus->dma->aiocb = dma_bdrv_read(s->bs, &s->sg, sector_num,
542 ide_dma_cb, s);
543 } else {
544 s->bus->dma->aiocb = dma_bdrv_write(s->bs, &s->sg, sector_num,
545 ide_dma_cb, s);
546 }
547
548 if (!s->bus->dma->aiocb) {
549 ret = -1;
550 goto handle_rw_error;
551 }
552 return;
553
554 eot:
555 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_INT);
556 ide_set_inactive(s);
557 }
558
559 static void ide_sector_start_dma(IDEState *s, int is_read)
560 {
561 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
562 s->io_buffer_index = 0;
563 s->io_buffer_size = 0;
564 s->is_read = is_read;
565 s->bus->dma->ops->start_dma(s->bus->dma, s, ide_dma_cb);
566 }
567
568 static void ide_sector_write_timer_cb(void *opaque)
569 {
570 IDEState *s = opaque;
571 ide_set_irq(s->bus);
572 }
573
574 void ide_sector_write(IDEState *s)
575 {
576 int64_t sector_num;
577 int ret, n, n1;
578
579 s->status = READY_STAT | SEEK_STAT;
580 sector_num = ide_get_sector(s);
581 #if defined(DEBUG_IDE)
582 printf("write sector=%" PRId64 "\n", sector_num);
583 #endif
584 n = s->nsector;
585 if (n > s->req_nb_sectors)
586 n = s->req_nb_sectors;
587 ret = bdrv_write(s->bs, sector_num, s->io_buffer, n);
588
589 if (ret != 0) {
590 if (ide_handle_rw_error(s, -ret, BM_STATUS_PIO_RETRY))
591 return;
592 }
593
594 s->nsector -= n;
595 if (s->nsector == 0) {
596 /* no more sectors to write */
597 ide_transfer_stop(s);
598 } else {
599 n1 = s->nsector;
600 if (n1 > s->req_nb_sectors)
601 n1 = s->req_nb_sectors;
602 ide_transfer_start(s, s->io_buffer, 512 * n1, ide_sector_write);
603 }
604 ide_set_sector(s, sector_num + n);
605
606 if (win2k_install_hack && ((++s->irq_count % 16) == 0)) {
607 /* It seems there is a bug in the Windows 2000 installer HDD
608 IDE driver which fills the disk with empty logs when the
609 IDE write IRQ comes too early. This hack tries to correct
610 that at the expense of slower write performances. Use this
611 option _only_ to install Windows 2000. You must disable it
612 for normal use. */
613 qemu_mod_timer(s->sector_write_timer,
614 qemu_get_clock_ns(vm_clock) + (get_ticks_per_sec() / 1000));
615 } else {
616 ide_set_irq(s->bus);
617 }
618 }
619
620 void ide_atapi_cmd_ok(IDEState *s)
621 {
622 s->error = 0;
623 s->status = READY_STAT | SEEK_STAT;
624 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
625 ide_set_irq(s->bus);
626 }
627
628 void ide_atapi_cmd_error(IDEState *s, int sense_key, int asc)
629 {
630 #ifdef DEBUG_IDE_ATAPI
631 printf("atapi_cmd_error: sense=0x%x asc=0x%x\n", sense_key, asc);
632 #endif
633 s->error = sense_key << 4;
634 s->status = READY_STAT | ERR_STAT;
635 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
636 s->sense_key = sense_key;
637 s->asc = asc;
638 ide_set_irq(s->bus);
639 }
640
641 static void ide_atapi_cmd_check_status(IDEState *s)
642 {
643 #ifdef DEBUG_IDE_ATAPI
644 printf("atapi_cmd_check_status\n");
645 #endif
646 s->error = MC_ERR | (SENSE_UNIT_ATTENTION << 4);
647 s->status = ERR_STAT;
648 s->nsector = 0;
649 ide_set_irq(s->bus);
650 }
651
652 static void ide_flush_cb(void *opaque, int ret)
653 {
654 IDEState *s = opaque;
655
656 if (ret < 0) {
657 /* XXX: What sector number to set here? */
658 if (ide_handle_rw_error(s, -ret, BM_STATUS_RETRY_FLUSH)) {
659 return;
660 }
661 }
662
663 s->status = READY_STAT | SEEK_STAT;
664 ide_set_irq(s->bus);
665 }
666
667 void ide_flush_cache(IDEState *s)
668 {
669 BlockDriverAIOCB *acb;
670
671 if (s->bs == NULL) {
672 ide_flush_cb(s, 0);
673 return;
674 }
675
676 acb = bdrv_aio_flush(s->bs, ide_flush_cb, s);
677 if (acb == NULL) {
678 ide_flush_cb(s, -EIO);
679 }
680 }
681
682 static inline void cpu_to_ube16(uint8_t *buf, int val)
683 {
684 buf[0] = val >> 8;
685 buf[1] = val & 0xff;
686 }
687
688 static inline void cpu_to_ube32(uint8_t *buf, unsigned int val)
689 {
690 buf[0] = val >> 24;
691 buf[1] = val >> 16;
692 buf[2] = val >> 8;
693 buf[3] = val & 0xff;
694 }
695
696 static inline int ube16_to_cpu(const uint8_t *buf)
697 {
698 return (buf[0] << 8) | buf[1];
699 }
700
701 static inline int ube32_to_cpu(const uint8_t *buf)
702 {
703 return (buf[0] << 24) | (buf[1] << 16) | (buf[2] << 8) | buf[3];
704 }
705
706 static void lba_to_msf(uint8_t *buf, int lba)
707 {
708 lba += 150;
709 buf[0] = (lba / 75) / 60;
710 buf[1] = (lba / 75) % 60;
711 buf[2] = lba % 75;
712 }
713
714 static void cd_data_to_raw(uint8_t *buf, int lba)
715 {
716 /* sync bytes */
717 buf[0] = 0x00;
718 memset(buf + 1, 0xff, 10);
719 buf[11] = 0x00;
720 buf += 12;
721 /* MSF */
722 lba_to_msf(buf, lba);
723 buf[3] = 0x01; /* mode 1 data */
724 buf += 4;
725 /* data */
726 buf += 2048;
727 /* XXX: ECC not computed */
728 memset(buf, 0, 288);
729 }
730
731 static int cd_read_sector(BlockDriverState *bs, int lba, uint8_t *buf,
732 int sector_size)
733 {
734 int ret;
735
736 switch(sector_size) {
737 case 2048:
738 ret = bdrv_read(bs, (int64_t)lba << 2, buf, 4);
739 break;
740 case 2352:
741 ret = bdrv_read(bs, (int64_t)lba << 2, buf + 16, 4);
742 if (ret < 0)
743 return ret;
744 cd_data_to_raw(buf, lba);
745 break;
746 default:
747 ret = -EIO;
748 break;
749 }
750 return ret;
751 }
752
753 void ide_atapi_io_error(IDEState *s, int ret)
754 {
755 /* XXX: handle more errors */
756 if (ret == -ENOMEDIUM) {
757 ide_atapi_cmd_error(s, SENSE_NOT_READY,
758 ASC_MEDIUM_NOT_PRESENT);
759 } else {
760 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
761 ASC_LOGICAL_BLOCK_OOR);
762 }
763 }
764
765 /* The whole ATAPI transfer logic is handled in this function */
766 static void ide_atapi_cmd_reply_end(IDEState *s)
767 {
768 int byte_count_limit, size, ret;
769 #ifdef DEBUG_IDE_ATAPI
770 printf("reply: tx_size=%d elem_tx_size=%d index=%d\n",
771 s->packet_transfer_size,
772 s->elementary_transfer_size,
773 s->io_buffer_index);
774 #endif
775 if (s->packet_transfer_size <= 0) {
776 /* end of transfer */
777 ide_transfer_stop(s);
778 s->status = READY_STAT | SEEK_STAT;
779 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
780 ide_set_irq(s->bus);
781 #ifdef DEBUG_IDE_ATAPI
782 printf("status=0x%x\n", s->status);
783 #endif
784 } else {
785 /* see if a new sector must be read */
786 if (s->lba != -1 && s->io_buffer_index >= s->cd_sector_size) {
787 ret = cd_read_sector(s->bs, s->lba, s->io_buffer, s->cd_sector_size);
788 if (ret < 0) {
789 ide_transfer_stop(s);
790 ide_atapi_io_error(s, ret);
791 return;
792 }
793 s->lba++;
794 s->io_buffer_index = 0;
795 }
796 if (s->elementary_transfer_size > 0) {
797 /* there are some data left to transmit in this elementary
798 transfer */
799 size = s->cd_sector_size - s->io_buffer_index;
800 if (size > s->elementary_transfer_size)
801 size = s->elementary_transfer_size;
802 s->packet_transfer_size -= size;
803 s->elementary_transfer_size -= size;
804 s->io_buffer_index += size;
805 ide_transfer_start(s, s->io_buffer + s->io_buffer_index - size,
806 size, ide_atapi_cmd_reply_end);
807 } else {
808 /* a new transfer is needed */
809 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO;
810 byte_count_limit = s->lcyl | (s->hcyl << 8);
811 #ifdef DEBUG_IDE_ATAPI
812 printf("byte_count_limit=%d\n", byte_count_limit);
813 #endif
814 if (byte_count_limit == 0xffff)
815 byte_count_limit--;
816 size = s->packet_transfer_size;
817 if (size > byte_count_limit) {
818 /* byte count limit must be even if this case */
819 if (byte_count_limit & 1)
820 byte_count_limit--;
821 size = byte_count_limit;
822 }
823 s->lcyl = size;
824 s->hcyl = size >> 8;
825 s->elementary_transfer_size = size;
826 /* we cannot transmit more than one sector at a time */
827 if (s->lba != -1) {
828 if (size > (s->cd_sector_size - s->io_buffer_index))
829 size = (s->cd_sector_size - s->io_buffer_index);
830 }
831 s->packet_transfer_size -= size;
832 s->elementary_transfer_size -= size;
833 s->io_buffer_index += size;
834 ide_transfer_start(s, s->io_buffer + s->io_buffer_index - size,
835 size, ide_atapi_cmd_reply_end);
836 ide_set_irq(s->bus);
837 #ifdef DEBUG_IDE_ATAPI
838 printf("status=0x%x\n", s->status);
839 #endif
840 }
841 }
842 }
843
844 /* send a reply of 'size' bytes in s->io_buffer to an ATAPI command */
845 static void ide_atapi_cmd_reply(IDEState *s, int size, int max_size)
846 {
847 if (size > max_size)
848 size = max_size;
849 s->lba = -1; /* no sector read */
850 s->packet_transfer_size = size;
851 s->io_buffer_size = size; /* dma: send the reply data as one chunk */
852 s->elementary_transfer_size = 0;
853 s->io_buffer_index = 0;
854
855 if (s->atapi_dma) {
856 s->status = READY_STAT | SEEK_STAT | DRQ_STAT;
857 s->bus->dma->ops->start_dma(s->bus->dma, s,
858 ide_atapi_cmd_read_dma_cb);
859 } else {
860 s->status = READY_STAT | SEEK_STAT;
861 ide_atapi_cmd_reply_end(s);
862 }
863 }
864
865 /* start a CD-CDROM read command */
866 static void ide_atapi_cmd_read_pio(IDEState *s, int lba, int nb_sectors,
867 int sector_size)
868 {
869 s->lba = lba;
870 s->packet_transfer_size = nb_sectors * sector_size;
871 s->elementary_transfer_size = 0;
872 s->io_buffer_index = sector_size;
873 s->cd_sector_size = sector_size;
874
875 s->status = READY_STAT | SEEK_STAT;
876 ide_atapi_cmd_reply_end(s);
877 }
878
879 /* ATAPI DMA support */
880
881 /* XXX: handle read errors */
882 static void ide_atapi_cmd_read_dma_cb(void *opaque, int ret)
883 {
884 IDEState *s = opaque;
885 int data_offset, n;
886
887 if (ret < 0) {
888 ide_atapi_io_error(s, ret);
889 goto eot;
890 }
891
892 if (s->io_buffer_size > 0) {
893 /*
894 * For a cdrom read sector command (s->lba != -1),
895 * adjust the lba for the next s->io_buffer_size chunk
896 * and dma the current chunk.
897 * For a command != read (s->lba == -1), just transfer
898 * the reply data.
899 */
900 if (s->lba != -1) {
901 if (s->cd_sector_size == 2352) {
902 n = 1;
903 cd_data_to_raw(s->io_buffer, s->lba);
904 } else {
905 n = s->io_buffer_size >> 11;
906 }
907 s->lba += n;
908 }
909 s->packet_transfer_size -= s->io_buffer_size;
910 if (s->bus->dma->ops->rw_buf(s->bus->dma, 1) == 0)
911 goto eot;
912 }
913
914 if (s->packet_transfer_size <= 0) {
915 s->status = READY_STAT | SEEK_STAT;
916 s->nsector = (s->nsector & ~7) | ATAPI_INT_REASON_IO | ATAPI_INT_REASON_CD;
917 ide_set_irq(s->bus);
918 eot:
919 s->bus->dma->ops->add_status(s->bus->dma, BM_STATUS_INT);
920 ide_set_inactive(s);
921 return;
922 }
923
924 s->io_buffer_index = 0;
925 if (s->cd_sector_size == 2352) {
926 n = 1;
927 s->io_buffer_size = s->cd_sector_size;
928 data_offset = 16;
929 } else {
930 n = s->packet_transfer_size >> 11;
931 if (n > (IDE_DMA_BUF_SECTORS / 4))
932 n = (IDE_DMA_BUF_SECTORS / 4);
933 s->io_buffer_size = n * 2048;
934 data_offset = 0;
935 }
936 #ifdef DEBUG_AIO
937 printf("aio_read_cd: lba=%u n=%d\n", s->lba, n);
938 #endif
939 s->bus->dma->iov.iov_base = (void *)(s->io_buffer + data_offset);
940 s->bus->dma->iov.iov_len = n * 4 * 512;
941 qemu_iovec_init_external(&s->bus->dma->qiov, &s->bus->dma->iov, 1);
942 s->bus->dma->aiocb = bdrv_aio_readv(s->bs, (int64_t)s->lba << 2,
943 &s->bus->dma->qiov, n * 4,
944 ide_atapi_cmd_read_dma_cb, s);
945 if (!s->bus->dma->aiocb) {
946 /* Note: media not present is the most likely case */
947 ide_atapi_cmd_error(s, SENSE_NOT_READY,
948 ASC_MEDIUM_NOT_PRESENT);
949 goto eot;
950 }
951 }
952
953 /* start a CD-CDROM read command with DMA */
954 /* XXX: test if DMA is available */
955 static void ide_atapi_cmd_read_dma(IDEState *s, int lba, int nb_sectors,
956 int sector_size)
957 {
958 s->lba = lba;
959 s->packet_transfer_size = nb_sectors * sector_size;
960 s->io_buffer_index = 0;
961 s->io_buffer_size = 0;
962 s->cd_sector_size = sector_size;
963
964 /* XXX: check if BUSY_STAT should be set */
965 s->status = READY_STAT | SEEK_STAT | DRQ_STAT | BUSY_STAT;
966 s->bus->dma->ops->start_dma(s->bus->dma, s,
967 ide_atapi_cmd_read_dma_cb);
968 }
969
970 static void ide_atapi_cmd_read(IDEState *s, int lba, int nb_sectors,
971 int sector_size)
972 {
973 #ifdef DEBUG_IDE_ATAPI
974 printf("read %s: LBA=%d nb_sectors=%d\n", s->atapi_dma ? "dma" : "pio",
975 lba, nb_sectors);
976 #endif
977 if (s->atapi_dma) {
978 ide_atapi_cmd_read_dma(s, lba, nb_sectors, sector_size);
979 } else {
980 ide_atapi_cmd_read_pio(s, lba, nb_sectors, sector_size);
981 }
982 }
983
984 static inline uint8_t ide_atapi_set_profile(uint8_t *buf, uint8_t *index,
985 uint16_t profile)
986 {
987 uint8_t *buf_profile = buf + 12; /* start of profiles */
988
989 buf_profile += ((*index) * 4); /* start of indexed profile */
990 cpu_to_ube16 (buf_profile, profile);
991 buf_profile[2] = ((buf_profile[0] == buf[6]) && (buf_profile[1] == buf[7]));
992
993 /* each profile adds 4 bytes to the response */
994 (*index)++;
995 buf[11] += 4; /* Additional Length */
996
997 return 4;
998 }
999
1000 static int ide_dvd_read_structure(IDEState *s, int format,
1001 const uint8_t *packet, uint8_t *buf)
1002 {
1003 switch (format) {
1004 case 0x0: /* Physical format information */
1005 {
1006 int layer = packet[6];
1007 uint64_t total_sectors;
1008
1009 if (layer != 0)
1010 return -ASC_INV_FIELD_IN_CMD_PACKET;
1011
1012 bdrv_get_geometry(s->bs, &total_sectors);
1013 total_sectors >>= 2;
1014 if (total_sectors == 0)
1015 return -ASC_MEDIUM_NOT_PRESENT;
1016
1017 buf[4] = 1; /* DVD-ROM, part version 1 */
1018 buf[5] = 0xf; /* 120mm disc, minimum rate unspecified */
1019 buf[6] = 1; /* one layer, read-only (per MMC-2 spec) */
1020 buf[7] = 0; /* default densities */
1021
1022 /* FIXME: 0x30000 per spec? */
1023 cpu_to_ube32(buf + 8, 0); /* start sector */
1024 cpu_to_ube32(buf + 12, total_sectors - 1); /* end sector */
1025 cpu_to_ube32(buf + 16, total_sectors - 1); /* l0 end sector */
1026
1027 /* Size of buffer, not including 2 byte size field */
1028 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1029
1030 /* 2k data + 4 byte header */
1031 return (2048 + 4);
1032 }
1033
1034 case 0x01: /* DVD copyright information */
1035 buf[4] = 0; /* no copyright data */
1036 buf[5] = 0; /* no region restrictions */
1037
1038 /* Size of buffer, not including 2 byte size field */
1039 cpu_to_be16wu((uint16_t *)buf, 4 + 2);
1040
1041 /* 4 byte header + 4 byte data */
1042 return (4 + 4);
1043
1044 case 0x03: /* BCA information - invalid field for no BCA info */
1045 return -ASC_INV_FIELD_IN_CMD_PACKET;
1046
1047 case 0x04: /* DVD disc manufacturing information */
1048 /* Size of buffer, not including 2 byte size field */
1049 cpu_to_be16wu((uint16_t *)buf, 2048 + 2);
1050
1051 /* 2k data + 4 byte header */
1052 return (2048 + 4);
1053
1054 case 0xff:
1055 /*
1056 * This lists all the command capabilities above. Add new ones
1057 * in order and update the length and buffer return values.
1058 */
1059
1060 buf[4] = 0x00; /* Physical format */
1061 buf[5] = 0x40; /* Not writable, is readable */
1062 cpu_to_be16wu((uint16_t *)(buf + 6), 2048 + 4);
1063
1064 buf[8] = 0x01; /* Copyright info */
1065 buf[9] = 0x40; /* Not writable, is readable */
1066 cpu_to_be16wu((uint16_t *)(buf + 10), 4 + 4);
1067
1068 buf[12] = 0x03; /* BCA info */
1069 buf[13] = 0x40; /* Not writable, is readable */
1070 cpu_to_be16wu((uint16_t *)(buf + 14), 188 + 4);
1071
1072 buf[16] = 0x04; /* Manufacturing info */
1073 buf[17] = 0x40; /* Not writable, is readable */
1074 cpu_to_be16wu((uint16_t *)(buf + 18), 2048 + 4);
1075
1076 /* Size of buffer, not including 2 byte size field */
1077 cpu_to_be16wu((uint16_t *)buf, 16 + 2);
1078
1079 /* data written + 4 byte header */
1080 return (16 + 4);
1081
1082 default: /* TODO: formats beyond DVD-ROM requires */
1083 return -ASC_INV_FIELD_IN_CMD_PACKET;
1084 }
1085 }
1086
1087 static void handle_get_event_status_notification(IDEState *s,
1088 uint8_t *buf,
1089 const uint8_t *packet)
1090 {
1091 struct {
1092 uint8_t opcode;
1093 uint8_t polled; /* lsb bit is polled; others are reserved */
1094 uint8_t reserved2[2];
1095 uint8_t class;
1096 uint8_t reserved3[2];
1097 uint16_t len;
1098 uint8_t control;
1099 } __attribute__((packed)) *gesn_cdb;
1100
1101 struct {
1102 uint16_t len;
1103 uint8_t notification_class;
1104 uint8_t supported_events;
1105 } __attribute((packed)) *gesn_event_header;
1106
1107 unsigned int max_len, used_len;
1108
1109 gesn_cdb = (void *)packet;
1110 gesn_event_header = (void *)buf;
1111
1112 max_len = be16_to_cpu(gesn_cdb->len);
1113
1114 /* It is fine by the MMC spec to not support async mode operations */
1115 if (!(gesn_cdb->polled & 0x01)) { /* asynchronous mode */
1116 /* Only polling is supported, asynchronous mode is not. */
1117 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1118 ASC_INV_FIELD_IN_CMD_PACKET);
1119 return;
1120 }
1121
1122 /* polling mode operation */
1123
1124 /* We don't support any event class (yet). */
1125 gesn_event_header->supported_events = 0;
1126
1127 gesn_event_header->notification_class = 0x80; /* No event available */
1128 used_len = sizeof(*gesn_event_header);
1129
1130 gesn_event_header->len = cpu_to_be16(used_len
1131 - sizeof(*gesn_event_header));
1132 ide_atapi_cmd_reply(s, used_len, max_len);
1133 }
1134
1135 static void ide_atapi_cmd(IDEState *s)
1136 {
1137 const uint8_t *packet;
1138 uint8_t *buf;
1139 int max_len;
1140
1141 packet = s->io_buffer;
1142 buf = s->io_buffer;
1143 #ifdef DEBUG_IDE_ATAPI
1144 {
1145 int i;
1146 printf("ATAPI limit=0x%x packet:", s->lcyl | (s->hcyl << 8));
1147 for(i = 0; i < ATAPI_PACKET_SIZE; i++) {
1148 printf(" %02x", packet[i]);
1149 }
1150 printf("\n");
1151 }
1152 #endif
1153 /*
1154 * If there's a UNIT_ATTENTION condition pending, only
1155 * REQUEST_SENSE, INQUIRY, GET_CONFIGURATION and
1156 * GET_EVENT_STATUS_NOTIFICATION commands are allowed to complete.
1157 * MMC-5, section 4.1.6.1 lists only these commands being allowed
1158 * to complete, with other commands getting a CHECK condition
1159 * response unless a higher priority status, defined by the drive
1160 * here, is pending.
1161 */
1162 if (s->sense_key == SENSE_UNIT_ATTENTION &&
1163 s->io_buffer[0] != GPCMD_REQUEST_SENSE &&
1164 s->io_buffer[0] != GPCMD_INQUIRY &&
1165 s->io_buffer[0] != GPCMD_GET_EVENT_STATUS_NOTIFICATION) {
1166 ide_atapi_cmd_check_status(s);
1167 return;
1168 }
1169 switch(s->io_buffer[0]) {
1170 case GPCMD_TEST_UNIT_READY:
1171 if (bdrv_is_inserted(s->bs) && !s->cdrom_changed) {
1172 ide_atapi_cmd_ok(s);
1173 } else {
1174 s->cdrom_changed = 0;
1175 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1176 ASC_MEDIUM_NOT_PRESENT);
1177 }
1178 break;
1179 case GPCMD_MODE_SENSE_6:
1180 case GPCMD_MODE_SENSE_10:
1181 {
1182 int action, code;
1183 if (packet[0] == GPCMD_MODE_SENSE_10)
1184 max_len = ube16_to_cpu(packet + 7);
1185 else
1186 max_len = packet[4];
1187 action = packet[2] >> 6;
1188 code = packet[2] & 0x3f;
1189 switch(action) {
1190 case 0: /* current values */
1191 switch(code) {
1192 case GPMODE_R_W_ERROR_PAGE: /* error recovery */
1193 cpu_to_ube16(&buf[0], 16 + 6);
1194 buf[2] = 0x70;
1195 buf[3] = 0;
1196 buf[4] = 0;
1197 buf[5] = 0;
1198 buf[6] = 0;
1199 buf[7] = 0;
1200
1201 buf[8] = 0x01;
1202 buf[9] = 0x06;
1203 buf[10] = 0x00;
1204 buf[11] = 0x05;
1205 buf[12] = 0x00;
1206 buf[13] = 0x00;
1207 buf[14] = 0x00;
1208 buf[15] = 0x00;
1209 ide_atapi_cmd_reply(s, 16, max_len);
1210 break;
1211 case GPMODE_AUDIO_CTL_PAGE:
1212 cpu_to_ube16(&buf[0], 24 + 6);
1213 buf[2] = 0x70;
1214 buf[3] = 0;
1215 buf[4] = 0;
1216 buf[5] = 0;
1217 buf[6] = 0;
1218 buf[7] = 0;
1219
1220 /* Fill with CDROM audio volume */
1221 buf[17] = 0;
1222 buf[19] = 0;
1223 buf[21] = 0;
1224 buf[23] = 0;
1225
1226 ide_atapi_cmd_reply(s, 24, max_len);
1227 break;
1228 case GPMODE_CAPABILITIES_PAGE:
1229 cpu_to_ube16(&buf[0], 28 + 6);
1230 buf[2] = 0x70;
1231 buf[3] = 0;
1232 buf[4] = 0;
1233 buf[5] = 0;
1234 buf[6] = 0;
1235 buf[7] = 0;
1236
1237 buf[8] = 0x2a;
1238 buf[9] = 0x12;
1239 buf[10] = 0x00;
1240 buf[11] = 0x00;
1241
1242 /* Claim PLAY_AUDIO capability (0x01) since some Linux
1243 code checks for this to automount media. */
1244 buf[12] = 0x71;
1245 buf[13] = 3 << 5;
1246 buf[14] = (1 << 0) | (1 << 3) | (1 << 5);
1247 if (bdrv_is_locked(s->bs))
1248 buf[6] |= 1 << 1;
1249 buf[15] = 0x00;
1250 cpu_to_ube16(&buf[16], 706);
1251 buf[18] = 0;
1252 buf[19] = 2;
1253 cpu_to_ube16(&buf[20], 512);
1254 cpu_to_ube16(&buf[22], 706);
1255 buf[24] = 0;
1256 buf[25] = 0;
1257 buf[26] = 0;
1258 buf[27] = 0;
1259 ide_atapi_cmd_reply(s, 28, max_len);
1260 break;
1261 default:
1262 goto error_cmd;
1263 }
1264 break;
1265 case 1: /* changeable values */
1266 goto error_cmd;
1267 case 2: /* default values */
1268 goto error_cmd;
1269 default:
1270 case 3: /* saved values */
1271 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1272 ASC_SAVING_PARAMETERS_NOT_SUPPORTED);
1273 break;
1274 }
1275 }
1276 break;
1277 case GPCMD_REQUEST_SENSE:
1278 max_len = packet[4];
1279 memset(buf, 0, 18);
1280 buf[0] = 0x70 | (1 << 7);
1281 buf[2] = s->sense_key;
1282 buf[7] = 10;
1283 buf[12] = s->asc;
1284 if (s->sense_key == SENSE_UNIT_ATTENTION)
1285 s->sense_key = SENSE_NONE;
1286 ide_atapi_cmd_reply(s, 18, max_len);
1287 break;
1288 case GPCMD_PREVENT_ALLOW_MEDIUM_REMOVAL:
1289 bdrv_set_locked(s->bs, packet[4] & 1);
1290 ide_atapi_cmd_ok(s);
1291 break;
1292 case GPCMD_READ_10:
1293 case GPCMD_READ_12:
1294 {
1295 int nb_sectors, lba;
1296
1297 if (packet[0] == GPCMD_READ_10)
1298 nb_sectors = ube16_to_cpu(packet + 7);
1299 else
1300 nb_sectors = ube32_to_cpu(packet + 6);
1301 lba = ube32_to_cpu(packet + 2);
1302 if (nb_sectors == 0) {
1303 ide_atapi_cmd_ok(s);
1304 break;
1305 }
1306 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1307 }
1308 break;
1309 case GPCMD_READ_CD:
1310 {
1311 int nb_sectors, lba, transfer_request;
1312
1313 nb_sectors = (packet[6] << 16) | (packet[7] << 8) | packet[8];
1314 lba = ube32_to_cpu(packet + 2);
1315 if (nb_sectors == 0) {
1316 ide_atapi_cmd_ok(s);
1317 break;
1318 }
1319 transfer_request = packet[9];
1320 switch(transfer_request & 0xf8) {
1321 case 0x00:
1322 /* nothing */
1323 ide_atapi_cmd_ok(s);
1324 break;
1325 case 0x10:
1326 /* normal read */
1327 ide_atapi_cmd_read(s, lba, nb_sectors, 2048);
1328 break;
1329 case 0xf8:
1330 /* read all data */
1331 ide_atapi_cmd_read(s, lba, nb_sectors, 2352);
1332 break;
1333 default:
1334 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1335 ASC_INV_FIELD_IN_CMD_PACKET);
1336 break;
1337 }
1338 }
1339 break;
1340 case GPCMD_SEEK:
1341 {
1342 unsigned int lba;
1343 uint64_t total_sectors;
1344
1345 bdrv_get_geometry(s->bs, &total_sectors);
1346 total_sectors >>= 2;
1347 if (total_sectors == 0) {
1348 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1349 ASC_MEDIUM_NOT_PRESENT);
1350 break;
1351 }
1352 lba = ube32_to_cpu(packet + 2);
1353 if (lba >= total_sectors) {
1354 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1355 ASC_LOGICAL_BLOCK_OOR);
1356 break;
1357 }
1358 ide_atapi_cmd_ok(s);
1359 }
1360 break;
1361 case GPCMD_START_STOP_UNIT:
1362 {
1363 int start, eject, sense, err = 0;
1364 start = packet[4] & 1;
1365 eject = (packet[4] >> 1) & 1;
1366
1367 if (eject) {
1368 err = bdrv_eject(s->bs, !start);
1369 }
1370
1371 switch (err) {
1372 case 0:
1373 ide_atapi_cmd_ok(s);
1374 break;
1375 case -EBUSY:
1376 sense = SENSE_NOT_READY;
1377 if (bdrv_is_inserted(s->bs)) {
1378 sense = SENSE_ILLEGAL_REQUEST;
1379 }
1380 ide_atapi_cmd_error(s, sense,
1381 ASC_MEDIA_REMOVAL_PREVENTED);
1382 break;
1383 default:
1384 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1385 ASC_MEDIUM_NOT_PRESENT);
1386 break;
1387 }
1388 }
1389 break;
1390 case GPCMD_MECHANISM_STATUS:
1391 {
1392 max_len = ube16_to_cpu(packet + 8);
1393 cpu_to_ube16(buf, 0);
1394 /* no current LBA */
1395 buf[2] = 0;
1396 buf[3] = 0;
1397 buf[4] = 0;
1398 buf[5] = 1;
1399 cpu_to_ube16(buf + 6, 0);
1400 ide_atapi_cmd_reply(s, 8, max_len);
1401 }
1402 break;
1403 case GPCMD_READ_TOC_PMA_ATIP:
1404 {
1405 int format, msf, start_track, len;
1406 uint64_t total_sectors;
1407
1408 bdrv_get_geometry(s->bs, &total_sectors);
1409 total_sectors >>= 2;
1410 if (total_sectors == 0) {
1411 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1412 ASC_MEDIUM_NOT_PRESENT);
1413 break;
1414 }
1415 max_len = ube16_to_cpu(packet + 7);
1416 format = packet[9] >> 6;
1417 msf = (packet[1] >> 1) & 1;
1418 start_track = packet[6];
1419 switch(format) {
1420 case 0:
1421 len = cdrom_read_toc(total_sectors, buf, msf, start_track);
1422 if (len < 0)
1423 goto error_cmd;
1424 ide_atapi_cmd_reply(s, len, max_len);
1425 break;
1426 case 1:
1427 /* multi session : only a single session defined */
1428 memset(buf, 0, 12);
1429 buf[1] = 0x0a;
1430 buf[2] = 0x01;
1431 buf[3] = 0x01;
1432 ide_atapi_cmd_reply(s, 12, max_len);
1433 break;
1434 case 2:
1435 len = cdrom_read_toc_raw(total_sectors, buf, msf, start_track);
1436 if (len < 0)
1437 goto error_cmd;
1438 ide_atapi_cmd_reply(s, len, max_len);
1439 break;
1440 default:
1441 error_cmd:
1442 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1443 ASC_INV_FIELD_IN_CMD_PACKET);
1444 break;
1445 }
1446 }
1447 break;
1448 case GPCMD_READ_CDVD_CAPACITY:
1449 {
1450 uint64_t total_sectors;
1451
1452 bdrv_get_geometry(s->bs, &total_sectors);
1453 total_sectors >>= 2;
1454 if (total_sectors == 0) {
1455 ide_atapi_cmd_error(s, SENSE_NOT_READY,
1456 ASC_MEDIUM_NOT_PRESENT);
1457 break;
1458 }
1459 /* NOTE: it is really the number of sectors minus 1 */
1460 cpu_to_ube32(buf, total_sectors - 1);
1461 cpu_to_ube32(buf + 4, 2048);
1462 ide_atapi_cmd_reply(s, 8, 8);
1463 }
1464 break;
1465 case GPCMD_READ_DVD_STRUCTURE:
1466 {
1467 int media = packet[1];
1468 int format = packet[7];
1469 int ret;
1470
1471 max_len = ube16_to_cpu(packet + 8);
1472
1473 if (format < 0xff) {
1474 if (media_is_cd(s)) {
1475 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1476 ASC_INCOMPATIBLE_FORMAT);
1477 break;
1478 } else if (!media_present(s)) {
1479 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1480 ASC_INV_FIELD_IN_CMD_PACKET);
1481 break;
1482 }
1483 }
1484
1485 memset(buf, 0, max_len > IDE_DMA_BUF_SECTORS * 512 + 4 ?
1486 IDE_DMA_BUF_SECTORS * 512 + 4 : max_len);
1487
1488 switch (format) {
1489 case 0x00 ... 0x7f:
1490 case 0xff:
1491 if (media == 0) {
1492 ret = ide_dvd_read_structure(s, format, packet, buf);
1493
1494 if (ret < 0)
1495 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST, -ret);
1496 else
1497 ide_atapi_cmd_reply(s, ret, max_len);
1498
1499 break;
1500 }
1501 /* TODO: BD support, fall through for now */
1502
1503 /* Generic disk structures */
1504 case 0x80: /* TODO: AACS volume identifier */
1505 case 0x81: /* TODO: AACS media serial number */
1506 case 0x82: /* TODO: AACS media identifier */
1507 case 0x83: /* TODO: AACS media key block */
1508 case 0x90: /* TODO: List of recognized format layers */
1509 case 0xc0: /* TODO: Write protection status */
1510 default:
1511 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1512 ASC_INV_FIELD_IN_CMD_PACKET);
1513 break;
1514 }
1515 }
1516 break;
1517 case GPCMD_SET_SPEED:
1518 ide_atapi_cmd_ok(s);
1519 break;
1520 case GPCMD_INQUIRY:
1521 max_len = packet[4];
1522 buf[0] = 0x05; /* CD-ROM */
1523 buf[1] = 0x80; /* removable */
1524 buf[2] = 0x00; /* ISO */
1525 buf[3] = 0x21; /* ATAPI-2 (XXX: put ATAPI-4 ?) */
1526 buf[4] = 31; /* additional length */
1527 buf[5] = 0; /* reserved */
1528 buf[6] = 0; /* reserved */
1529 buf[7] = 0; /* reserved */
1530 padstr8(buf + 8, 8, "QEMU");
1531 padstr8(buf + 16, 16, "QEMU DVD-ROM");
1532 padstr8(buf + 32, 4, s->version);
1533 ide_atapi_cmd_reply(s, 36, max_len);
1534 break;
1535 case GPCMD_GET_CONFIGURATION:
1536 {
1537 uint32_t len;
1538 uint8_t index = 0;
1539
1540 /* only feature 0 is supported */
1541 if (packet[2] != 0 || packet[3] != 0) {
1542 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1543 ASC_INV_FIELD_IN_CMD_PACKET);
1544 break;
1545 }
1546
1547 /* XXX: could result in alignment problems in some architectures */
1548 max_len = ube16_to_cpu(packet + 7);
1549
1550 /*
1551 * XXX: avoid overflow for io_buffer if max_len is bigger than
1552 * the size of that buffer (dimensioned to max number of
1553 * sectors to transfer at once)
1554 *
1555 * Only a problem if the feature/profiles grow.
1556 */
1557 if (max_len > 512) /* XXX: assume 1 sector */
1558 max_len = 512;
1559
1560 memset(buf, 0, max_len);
1561 /*
1562 * the number of sectors from the media tells us which profile
1563 * to use as current. 0 means there is no media
1564 */
1565 if (media_is_dvd(s))
1566 cpu_to_ube16(buf + 6, MMC_PROFILE_DVD_ROM);
1567 else if (media_is_cd(s))
1568 cpu_to_ube16(buf + 6, MMC_PROFILE_CD_ROM);
1569
1570 buf[10] = 0x02 | 0x01; /* persistent and current */
1571 len = 12; /* headers: 8 + 4 */
1572 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_DVD_ROM);
1573 len += ide_atapi_set_profile(buf, &index, MMC_PROFILE_CD_ROM);
1574 cpu_to_ube32(buf, len - 4); /* data length */
1575
1576 ide_atapi_cmd_reply(s, len, max_len);
1577 break;
1578 }
1579 case GPCMD_GET_EVENT_STATUS_NOTIFICATION:
1580 handle_get_event_status_notification(s, buf, packet);
1581 break;
1582 default:
1583 ide_atapi_cmd_error(s, SENSE_ILLEGAL_REQUEST,
1584 ASC_ILLEGAL_OPCODE);
1585 break;
1586 }
1587 }
1588
1589 static void ide_cfata_metadata_inquiry(IDEState *s)
1590 {
1591 uint16_t *p;
1592 uint32_t spd;
1593
1594 p = (uint16_t *) s->io_buffer;
1595 memset(p, 0, 0x200);
1596 spd = ((s->mdata_size - 1) >> 9) + 1;
1597
1598 put_le16(p + 0, 0x0001); /* Data format revision */
1599 put_le16(p + 1, 0x0000); /* Media property: silicon */
1600 put_le16(p + 2, s->media_changed); /* Media status */
1601 put_le16(p + 3, s->mdata_size & 0xffff); /* Capacity in bytes (low) */
1602 put_le16(p + 4, s->mdata_size >> 16); /* Capacity in bytes (high) */
1603 put_le16(p + 5, spd & 0xffff); /* Sectors per device (low) */
1604 put_le16(p + 6, spd >> 16); /* Sectors per device (high) */
1605 }
1606
1607 static void ide_cfata_metadata_read(IDEState *s)
1608 {
1609 uint16_t *p;
1610
1611 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1612 s->status = ERR_STAT;
1613 s->error = ABRT_ERR;
1614 return;
1615 }
1616
1617 p = (uint16_t *) s->io_buffer;
1618 memset(p, 0, 0x200);
1619
1620 put_le16(p + 0, s->media_changed); /* Media status */
1621 memcpy(p + 1, s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1622 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1623 s->nsector << 9), 0x200 - 2));
1624 }
1625
1626 static void ide_cfata_metadata_write(IDEState *s)
1627 {
1628 if (((s->hcyl << 16) | s->lcyl) << 9 > s->mdata_size + 2) {
1629 s->status = ERR_STAT;
1630 s->error = ABRT_ERR;
1631 return;
1632 }
1633
1634 s->media_changed = 0;
1635
1636 memcpy(s->mdata_storage + (((s->hcyl << 16) | s->lcyl) << 9),
1637 s->io_buffer + 2,
1638 MIN(MIN(s->mdata_size - (((s->hcyl << 16) | s->lcyl) << 9),
1639 s->nsector << 9), 0x200 - 2));
1640 }
1641
1642 /* called when the inserted state of the media has changed */
1643 static void cdrom_change_cb(void *opaque, int reason)
1644 {
1645 IDEState *s = opaque;
1646 uint64_t nb_sectors;
1647
1648 if (!(reason & CHANGE_MEDIA)) {
1649 return;
1650 }
1651
1652 bdrv_get_geometry(s->bs, &nb_sectors);
1653 s->nb_sectors = nb_sectors;
1654
1655 s->sense_key = SENSE_UNIT_ATTENTION;
1656 s->asc = ASC_MEDIUM_MAY_HAVE_CHANGED;
1657 s->cdrom_changed = 1;
1658 ide_set_irq(s->bus);
1659 }
1660
1661 static void ide_cmd_lba48_transform(IDEState *s, int lba48)
1662 {
1663 s->lba48 = lba48;
1664
1665 /* handle the 'magic' 0 nsector count conversion here. to avoid
1666 * fiddling with the rest of the read logic, we just store the
1667 * full sector count in ->nsector and ignore ->hob_nsector from now
1668 */
1669 if (!s->lba48) {
1670 if (!s->nsector)
1671 s->nsector = 256;
1672 } else {
1673 if (!s->nsector && !s->hob_nsector)
1674 s->nsector = 65536;
1675 else {
1676 int lo = s->nsector;
1677 int hi = s->hob_nsector;
1678
1679 s->nsector = (hi << 8) | lo;
1680 }
1681 }
1682 }
1683
1684 static void ide_clear_hob(IDEBus *bus)
1685 {
1686 /* any write clears HOB high bit of device control register */
1687 bus->ifs[0].select &= ~(1 << 7);
1688 bus->ifs[1].select &= ~(1 << 7);
1689 }
1690
1691 void ide_ioport_write(void *opaque, uint32_t addr, uint32_t val)
1692 {
1693 IDEBus *bus = opaque;
1694
1695 #ifdef DEBUG_IDE
1696 printf("IDE: write addr=0x%x val=0x%02x\n", addr, val);
1697 #endif
1698
1699 addr &= 7;
1700
1701 /* ignore writes to command block while busy with previous command */
1702 if (addr != 7 && (idebus_active_if(bus)->status & (BUSY_STAT|DRQ_STAT)))
1703 return;
1704
1705 switch(addr) {
1706 case 0:
1707 break;
1708 case 1:
1709 ide_clear_hob(bus);
1710 /* NOTE: data is written to the two drives */
1711 bus->ifs[0].hob_feature = bus->ifs[0].feature;
1712 bus->ifs[1].hob_feature = bus->ifs[1].feature;
1713 bus->ifs[0].feature = val;
1714 bus->ifs[1].feature = val;
1715 break;
1716 case 2:
1717 ide_clear_hob(bus);
1718 bus->ifs[0].hob_nsector = bus->ifs[0].nsector;
1719 bus->ifs[1].hob_nsector = bus->ifs[1].nsector;
1720 bus->ifs[0].nsector = val;
1721 bus->ifs[1].nsector = val;
1722 break;
1723 case 3:
1724 ide_clear_hob(bus);
1725 bus->ifs[0].hob_sector = bus->ifs[0].sector;
1726 bus->ifs[1].hob_sector = bus->ifs[1].sector;
1727 bus->ifs[0].sector = val;
1728 bus->ifs[1].sector = val;
1729 break;
1730 case 4:
1731 ide_clear_hob(bus);
1732 bus->ifs[0].hob_lcyl = bus->ifs[0].lcyl;
1733 bus->ifs[1].hob_lcyl = bus->ifs[1].lcyl;
1734 bus->ifs[0].lcyl = val;
1735 bus->ifs[1].lcyl = val;
1736 break;
1737 case 5:
1738 ide_clear_hob(bus);
1739 bus->ifs[0].hob_hcyl = bus->ifs[0].hcyl;
1740 bus->ifs[1].hob_hcyl = bus->ifs[1].hcyl;
1741 bus->ifs[0].hcyl = val;
1742 bus->ifs[1].hcyl = val;
1743 break;
1744 case 6:
1745 /* FIXME: HOB readback uses bit 7 */
1746 bus->ifs[0].select = (val & ~0x10) | 0xa0;
1747 bus->ifs[1].select = (val | 0x10) | 0xa0;
1748 /* select drive */
1749 bus->unit = (val >> 4) & 1;
1750 break;
1751 default:
1752 case 7:
1753 /* command */
1754 ide_exec_cmd(bus, val);
1755 break;
1756 }
1757 }
1758
1759
1760 void ide_exec_cmd(IDEBus *bus, uint32_t val)
1761 {
1762 IDEState *s;
1763 int n;
1764 int lba48 = 0;
1765
1766 #if defined(DEBUG_IDE)
1767 printf("ide: CMD=%02x\n", val);
1768 #endif
1769 s = idebus_active_if(bus);
1770 /* ignore commands to non existant slave */
1771 if (s != bus->ifs && !s->bs)
1772 return;
1773
1774 /* Only DEVICE RESET is allowed while BSY or/and DRQ are set */
1775 if ((s->status & (BUSY_STAT|DRQ_STAT)) && val != WIN_DEVICE_RESET)
1776 return;
1777
1778 switch(val) {
1779 case WIN_IDENTIFY:
1780 if (s->bs && s->drive_kind != IDE_CD) {
1781 if (s->drive_kind != IDE_CFATA)
1782 ide_identify(s);
1783 else
1784 ide_cfata_identify(s);
1785 s->status = READY_STAT | SEEK_STAT;
1786 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1787 } else {
1788 if (s->drive_kind == IDE_CD) {
1789 ide_set_signature(s);
1790 }
1791 ide_abort_command(s);
1792 }
1793 ide_set_irq(s->bus);
1794 break;
1795 case WIN_SPECIFY:
1796 case WIN_RECAL:
1797 s->error = 0;
1798 s->status = READY_STAT | SEEK_STAT;
1799 ide_set_irq(s->bus);
1800 break;
1801 case WIN_SETMULT:
1802 if (s->drive_kind == IDE_CFATA && s->nsector == 0) {
1803 /* Disable Read and Write Multiple */
1804 s->mult_sectors = 0;
1805 s->status = READY_STAT | SEEK_STAT;
1806 } else if ((s->nsector & 0xff) != 0 &&
1807 ((s->nsector & 0xff) > MAX_MULT_SECTORS ||
1808 (s->nsector & (s->nsector - 1)) != 0)) {
1809 ide_abort_command(s);
1810 } else {
1811 s->mult_sectors = s->nsector & 0xff;
1812 s->status = READY_STAT | SEEK_STAT;
1813 }
1814 ide_set_irq(s->bus);
1815 break;
1816 case WIN_VERIFY_EXT:
1817 lba48 = 1;
1818 case WIN_VERIFY:
1819 case WIN_VERIFY_ONCE:
1820 /* do sector number check ? */
1821 ide_cmd_lba48_transform(s, lba48);
1822 s->status = READY_STAT | SEEK_STAT;
1823 ide_set_irq(s->bus);
1824 break;
1825 case WIN_READ_EXT:
1826 lba48 = 1;
1827 case WIN_READ:
1828 case WIN_READ_ONCE:
1829 if (!s->bs)
1830 goto abort_cmd;
1831 ide_cmd_lba48_transform(s, lba48);
1832 s->req_nb_sectors = 1;
1833 ide_sector_read(s);
1834 break;
1835 case WIN_WRITE_EXT:
1836 lba48 = 1;
1837 case WIN_WRITE:
1838 case WIN_WRITE_ONCE:
1839 case CFA_WRITE_SECT_WO_ERASE:
1840 case WIN_WRITE_VERIFY:
1841 ide_cmd_lba48_transform(s, lba48);
1842 s->error = 0;
1843 s->status = SEEK_STAT | READY_STAT;
1844 s->req_nb_sectors = 1;
1845 ide_transfer_start(s, s->io_buffer, 512, ide_sector_write);
1846 s->media_changed = 1;
1847 break;
1848 case WIN_MULTREAD_EXT:
1849 lba48 = 1;
1850 case WIN_MULTREAD:
1851 if (!s->mult_sectors)
1852 goto abort_cmd;
1853 ide_cmd_lba48_transform(s, lba48);
1854 s->req_nb_sectors = s->mult_sectors;
1855 ide_sector_read(s);
1856 break;
1857 case WIN_MULTWRITE_EXT:
1858 lba48 = 1;
1859 case WIN_MULTWRITE:
1860 case CFA_WRITE_MULTI_WO_ERASE:
1861 if (!s->mult_sectors)
1862 goto abort_cmd;
1863 ide_cmd_lba48_transform(s, lba48);
1864 s->error = 0;
1865 s->status = SEEK_STAT | READY_STAT;
1866 s->req_nb_sectors = s->mult_sectors;
1867 n = s->nsector;
1868 if (n > s->req_nb_sectors)
1869 n = s->req_nb_sectors;
1870 ide_transfer_start(s, s->io_buffer, 512 * n, ide_sector_write);
1871 s->media_changed = 1;
1872 break;
1873 case WIN_READDMA_EXT:
1874 lba48 = 1;
1875 case WIN_READDMA:
1876 case WIN_READDMA_ONCE:
1877 if (!s->bs)
1878 goto abort_cmd;
1879 ide_cmd_lba48_transform(s, lba48);
1880 ide_sector_start_dma(s, 1);
1881 break;
1882 case WIN_WRITEDMA_EXT:
1883 lba48 = 1;
1884 case WIN_WRITEDMA:
1885 case WIN_WRITEDMA_ONCE:
1886 if (!s->bs)
1887 goto abort_cmd;
1888 ide_cmd_lba48_transform(s, lba48);
1889 ide_sector_start_dma(s, 0);
1890 s->media_changed = 1;
1891 break;
1892 case WIN_READ_NATIVE_MAX_EXT:
1893 lba48 = 1;
1894 case WIN_READ_NATIVE_MAX:
1895 ide_cmd_lba48_transform(s, lba48);
1896 ide_set_sector(s, s->nb_sectors - 1);
1897 s->status = READY_STAT | SEEK_STAT;
1898 ide_set_irq(s->bus);
1899 break;
1900 case WIN_CHECKPOWERMODE1:
1901 case WIN_CHECKPOWERMODE2:
1902 s->error = 0;
1903 s->nsector = 0xff; /* device active or idle */
1904 s->status = READY_STAT | SEEK_STAT;
1905 ide_set_irq(s->bus);
1906 break;
1907 case WIN_SETFEATURES:
1908 if (!s->bs)
1909 goto abort_cmd;
1910 /* XXX: valid for CDROM ? */
1911 switch(s->feature) {
1912 case 0xcc: /* reverting to power-on defaults enable */
1913 case 0x66: /* reverting to power-on defaults disable */
1914 case 0x02: /* write cache enable */
1915 case 0x82: /* write cache disable */
1916 case 0xaa: /* read look-ahead enable */
1917 case 0x55: /* read look-ahead disable */
1918 case 0x05: /* set advanced power management mode */
1919 case 0x85: /* disable advanced power management mode */
1920 case 0x69: /* NOP */
1921 case 0x67: /* NOP */
1922 case 0x96: /* NOP */
1923 case 0x9a: /* NOP */
1924 case 0x42: /* enable Automatic Acoustic Mode */
1925 case 0xc2: /* disable Automatic Acoustic Mode */
1926 s->status = READY_STAT | SEEK_STAT;
1927 ide_set_irq(s->bus);
1928 break;
1929 case 0x03: { /* set transfer mode */
1930 uint8_t val = s->nsector & 0x07;
1931 uint16_t *identify_data = (uint16_t *)s->identify_data;
1932
1933 switch (s->nsector >> 3) {
1934 case 0x00: /* pio default */
1935 case 0x01: /* pio mode */
1936 put_le16(identify_data + 62,0x07);
1937 put_le16(identify_data + 63,0x07);
1938 put_le16(identify_data + 88,0x3f);
1939 break;
1940 case 0x02: /* sigle word dma mode*/
1941 put_le16(identify_data + 62,0x07 | (1 << (val + 8)));
1942 put_le16(identify_data + 63,0x07);
1943 put_le16(identify_data + 88,0x3f);
1944 break;
1945 case 0x04: /* mdma mode */
1946 put_le16(identify_data + 62,0x07);
1947 put_le16(identify_data + 63,0x07 | (1 << (val + 8)));
1948 put_le16(identify_data + 88,0x3f);
1949 break;
1950 case 0x08: /* udma mode */
1951 put_le16(identify_data + 62,0x07);
1952 put_le16(identify_data + 63,0x07);
1953 put_le16(identify_data + 88,0x3f | (1 << (val + 8)));
1954 break;
1955 default:
1956 goto abort_cmd;
1957 }
1958 s->status = READY_STAT | SEEK_STAT;
1959 ide_set_irq(s->bus);
1960 break;
1961 }
1962 default:
1963 goto abort_cmd;
1964 }
1965 break;
1966 case WIN_FLUSH_CACHE:
1967 case WIN_FLUSH_CACHE_EXT:
1968 ide_flush_cache(s);
1969 break;
1970 case WIN_STANDBY:
1971 case WIN_STANDBY2:
1972 case WIN_STANDBYNOW1:
1973 case WIN_STANDBYNOW2:
1974 case WIN_IDLEIMMEDIATE:
1975 case CFA_IDLEIMMEDIATE:
1976 case WIN_SETIDLE1:
1977 case WIN_SETIDLE2:
1978 case WIN_SLEEPNOW1:
1979 case WIN_SLEEPNOW2:
1980 s->status = READY_STAT;
1981 ide_set_irq(s->bus);
1982 break;
1983 case WIN_SEEK:
1984 if(s->drive_kind == IDE_CD)
1985 goto abort_cmd;
1986 /* XXX: Check that seek is within bounds */
1987 s->status = READY_STAT | SEEK_STAT;
1988 ide_set_irq(s->bus);
1989 break;
1990 /* ATAPI commands */
1991 case WIN_PIDENTIFY:
1992 if (s->drive_kind == IDE_CD) {
1993 ide_atapi_identify(s);
1994 s->status = READY_STAT | SEEK_STAT;
1995 ide_transfer_start(s, s->io_buffer, 512, ide_transfer_stop);
1996 } else {
1997 ide_abort_command(s);
1998 }
1999 ide_set_irq(s->bus);
2000 break;
2001 case WIN_DIAGNOSE:
2002 ide_set_signature(s);
2003 if (s->drive_kind == IDE_CD)
2004 s->status = 0; /* ATAPI spec (v6) section 9.10 defines packet
2005 * devices to return a clear status register
2006 * with READY_STAT *not* set. */
2007 else
2008 s->status = READY_STAT | SEEK_STAT;
2009 s->error = 0x01; /* Device 0 passed, Device 1 passed or not
2010 * present.
2011 */
2012 ide_set_irq(s->bus);
2013 break;
2014 case WIN_SRST:
2015 if (s->drive_kind != IDE_CD)
2016 goto abort_cmd;
2017 ide_set_signature(s);
2018 s->status = 0x00; /* NOTE: READY is _not_ set */
2019 s->error = 0x01;
2020 break;
2021 case WIN_PACKETCMD:
2022 if (s->drive_kind != IDE_CD)
2023 goto abort_cmd;
2024 /* overlapping commands not supported */
2025 if (s->feature & 0x02)
2026 goto abort_cmd;
2027 s->status = READY_STAT | SEEK_STAT;
2028 s->atapi_dma = s->feature & 1;
2029 s->nsector = 1;
2030 ide_transfer_start(s, s->io_buffer, ATAPI_PACKET_SIZE,
2031 ide_atapi_cmd);
2032 break;
2033 /* CF-ATA commands */
2034 case CFA_REQ_EXT_ERROR_CODE:
2035 if (s->drive_kind != IDE_CFATA)
2036 goto abort_cmd;
2037 s->error = 0x09; /* miscellaneous error */
2038 s->status = READY_STAT | SEEK_STAT;
2039 ide_set_irq(s->bus);
2040 break;
2041 case CFA_ERASE_SECTORS:
2042 case CFA_WEAR_LEVEL:
2043 if (s->drive_kind != IDE_CFATA)
2044 goto abort_cmd;
2045 if (val == CFA_WEAR_LEVEL)
2046 s->nsector = 0;
2047 if (val == CFA_ERASE_SECTORS)
2048 s->media_changed = 1;
2049 s->error = 0x00;
2050 s->status = READY_STAT | SEEK_STAT;
2051 ide_set_irq(s->bus);
2052 break;
2053 case CFA_TRANSLATE_SECTOR:
2054 if (s->drive_kind != IDE_CFATA)
2055 goto abort_cmd;
2056 s->error = 0x00;
2057 s->status = READY_STAT | SEEK_STAT;
2058 memset(s->io_buffer, 0, 0x200);
2059 s->io_buffer[0x00] = s->hcyl; /* Cyl MSB */
2060 s->io_buffer[0x01] = s->lcyl; /* Cyl LSB */
2061 s->io_buffer[0x02] = s->select; /* Head */
2062 s->io_buffer[0x03] = s->sector; /* Sector */
2063 s->io_buffer[0x04] = ide_get_sector(s) >> 16; /* LBA MSB */
2064 s->io_buffer[0x05] = ide_get_sector(s) >> 8; /* LBA */
2065 s->io_buffer[0x06] = ide_get_sector(s) >> 0; /* LBA LSB */
2066 s->io_buffer[0x13] = 0x00; /* Erase flag */
2067 s->io_buffer[0x18] = 0x00; /* Hot count */
2068 s->io_buffer[0x19] = 0x00; /* Hot count */
2069 s->io_buffer[0x1a] = 0x01; /* Hot count */
2070 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2071 ide_set_irq(s->bus);
2072 break;
2073 case CFA_ACCESS_METADATA_STORAGE:
2074 if (s->drive_kind != IDE_CFATA)
2075 goto abort_cmd;
2076 switch (s->feature) {
2077 case 0x02: /* Inquiry Metadata Storage */
2078 ide_cfata_metadata_inquiry(s);
2079 break;
2080 case 0x03: /* Read Metadata Storage */
2081 ide_cfata_metadata_read(s);
2082 break;
2083 case 0x04: /* Write Metadata Storage */
2084 ide_cfata_metadata_write(s);
2085 break;
2086 default:
2087 goto abort_cmd;
2088 }
2089 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2090 s->status = 0x00; /* NOTE: READY is _not_ set */
2091 ide_set_irq(s->bus);
2092 break;
2093 case IBM_SENSE_CONDITION:
2094 if (s->drive_kind != IDE_CFATA)
2095 goto abort_cmd;
2096 switch (s->feature) {
2097 case 0x01: /* sense temperature in device */
2098 s->nsector = 0x50; /* +20 C */
2099 break;
2100 default:
2101 goto abort_cmd;
2102 }
2103 s->status = READY_STAT | SEEK_STAT;
2104 ide_set_irq(s->bus);
2105 break;
2106
2107 case WIN_SMART:
2108 if (s->drive_kind == IDE_CD)
2109 goto abort_cmd;
2110 if (s->hcyl != 0xc2 || s->lcyl != 0x4f)
2111 goto abort_cmd;
2112 if (!s->smart_enabled && s->feature != SMART_ENABLE)
2113 goto abort_cmd;
2114 switch (s->feature) {
2115 case SMART_DISABLE:
2116 s->smart_enabled = 0;
2117 s->status = READY_STAT | SEEK_STAT;
2118 ide_set_irq(s->bus);
2119 break;
2120 case SMART_ENABLE:
2121 s->smart_enabled = 1;
2122 s->status = READY_STAT | SEEK_STAT;
2123 ide_set_irq(s->bus);
2124 break;
2125 case SMART_ATTR_AUTOSAVE:
2126 switch (s->sector) {
2127 case 0x00:
2128 s->smart_autosave = 0;
2129 break;
2130 case 0xf1:
2131 s->smart_autosave = 1;
2132 break;
2133 default:
2134 goto abort_cmd;
2135 }
2136 s->status = READY_STAT | SEEK_STAT;
2137 ide_set_irq(s->bus);
2138 break;
2139 case SMART_STATUS:
2140 if (!s->smart_errors) {
2141 s->hcyl = 0xc2;
2142 s->lcyl = 0x4f;
2143 } else {
2144 s->hcyl = 0x2c;
2145 s->lcyl = 0xf4;
2146 }
2147 s->status = READY_STAT | SEEK_STAT;
2148 ide_set_irq(s->bus);
2149 break;
2150 case SMART_READ_THRESH:
2151 memset(s->io_buffer, 0, 0x200);
2152 s->io_buffer[0] = 0x01; /* smart struct version */
2153 for (n=0; n<30; n++) {
2154 if (smart_attributes[n][0] == 0)
2155 break;
2156 s->io_buffer[2+0+(n*12)] = smart_attributes[n][0];
2157 s->io_buffer[2+1+(n*12)] = smart_attributes[n][11];
2158 }
2159 for (n=0; n<511; n++) /* checksum */
2160 s->io_buffer[511] += s->io_buffer[n];
2161 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2162 s->status = READY_STAT | SEEK_STAT;
2163 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2164 ide_set_irq(s->bus);
2165 break;
2166 case SMART_READ_DATA:
2167 memset(s->io_buffer, 0, 0x200);
2168 s->io_buffer[0] = 0x01; /* smart struct version */
2169 for (n=0; n<30; n++) {
2170 if (smart_attributes[n][0] == 0) {
2171 break;
2172 }
2173 int i;
2174 for(i = 0; i < 11; i++) {
2175 s->io_buffer[2+i+(n*12)] = smart_attributes[n][i];
2176 }
2177 }
2178 s->io_buffer[362] = 0x02 | (s->smart_autosave?0x80:0x00);
2179 if (s->smart_selftest_count == 0) {
2180 s->io_buffer[363] = 0;
2181 } else {
2182 s->io_buffer[363] =
2183 s->smart_selftest_data[3 +
2184 (s->smart_selftest_count - 1) *
2185 24];
2186 }
2187 s->io_buffer[364] = 0x20;
2188 s->io_buffer[365] = 0x01;
2189 /* offline data collection capacity: execute + self-test*/
2190 s->io_buffer[367] = (1<<4 | 1<<3 | 1);
2191 s->io_buffer[368] = 0x03; /* smart capability (1) */
2192 s->io_buffer[369] = 0x00; /* smart capability (2) */
2193 s->io_buffer[370] = 0x01; /* error logging supported */
2194 s->io_buffer[372] = 0x02; /* minutes for poll short test */
2195 s->io_buffer[373] = 0x36; /* minutes for poll ext test */
2196 s->io_buffer[374] = 0x01; /* minutes for poll conveyance */
2197
2198 for (n=0; n<511; n++)
2199 s->io_buffer[511] += s->io_buffer[n];
2200 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2201 s->status = READY_STAT | SEEK_STAT;
2202 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2203 ide_set_irq(s->bus);
2204 break;
2205 case SMART_READ_LOG:
2206 switch (s->sector) {
2207 case 0x01: /* summary smart error log */
2208 memset(s->io_buffer, 0, 0x200);
2209 s->io_buffer[0] = 0x01;
2210 s->io_buffer[1] = 0x00; /* no error entries */
2211 s->io_buffer[452] = s->smart_errors & 0xff;
2212 s->io_buffer[453] = (s->smart_errors & 0xff00) >> 8;
2213
2214 for (n=0; n<511; n++)
2215 s->io_buffer[511] += s->io_buffer[n];
2216 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2217 break;
2218 case 0x06: /* smart self test log */
2219 memset(s->io_buffer, 0, 0x200);
2220 s->io_buffer[0] = 0x01;
2221 if (s->smart_selftest_count == 0) {
2222 s->io_buffer[508] = 0;
2223 } else {
2224 s->io_buffer[508] = s->smart_selftest_count;
2225 for (n=2; n<506; n++)
2226 s->io_buffer[n] = s->smart_selftest_data[n];
2227 }
2228 for (n=0; n<511; n++)
2229 s->io_buffer[511] += s->io_buffer[n];
2230 s->io_buffer[511] = 0x100 - s->io_buffer[511];
2231 break;
2232 default:
2233 goto abort_cmd;
2234 }
2235 s->status = READY_STAT | SEEK_STAT;
2236 ide_transfer_start(s, s->io_buffer, 0x200, ide_transfer_stop);
2237 ide_set_irq(s->bus);
2238 break;
2239 case SMART_EXECUTE_OFFLINE:
2240 switch (s->sector) {
2241 case 0: /* off-line routine */
2242 case 1: /* short self test */
2243 case 2: /* extended self test */
2244 s->smart_selftest_count++;
2245 if(s->smart_selftest_count > 21)
2246 s->smart_selftest_count = 0;
2247 n = 2 + (s->smart_selftest_count - 1) * 24;
2248 s->smart_selftest_data[n] = s->sector;
2249 s->smart_selftest_data[n+1] = 0x00; /* OK and finished */
2250 s->smart_selftest_data[n+2] = 0x34; /* hour count lsb */
2251 s->smart_selftest_data[n+3] = 0x12; /* hour count msb */
2252 s->status = READY_STAT | SEEK_STAT;
2253 ide_set_irq(s->bus);
2254 break;
2255 default:
2256 goto abort_cmd;
2257 }
2258 break;
2259 default:
2260 goto abort_cmd;
2261 }
2262 break;
2263 default:
2264 abort_cmd:
2265 ide_abort_command(s);
2266 ide_set_irq(s->bus);
2267 break;
2268 }
2269 }
2270
2271 uint32_t ide_ioport_read(void *opaque, uint32_t addr1)
2272 {
2273 IDEBus *bus = opaque;
2274 IDEState *s = idebus_active_if(bus);
2275 uint32_t addr;
2276 int ret, hob;
2277
2278 addr = addr1 & 7;
2279 /* FIXME: HOB readback uses bit 7, but it's always set right now */
2280 //hob = s->select & (1 << 7);
2281 hob = 0;
2282 switch(addr) {
2283 case 0:
2284 ret = 0xff;
2285 break;
2286 case 1:
2287 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2288 (s != bus->ifs && !s->bs))
2289 ret = 0;
2290 else if (!hob)
2291 ret = s->error;
2292 else
2293 ret = s->hob_feature;
2294 break;
2295 case 2:
2296 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2297 ret = 0;
2298 else if (!hob)
2299 ret = s->nsector & 0xff;
2300 else
2301 ret = s->hob_nsector;
2302 break;
2303 case 3:
2304 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2305 ret = 0;
2306 else if (!hob)
2307 ret = s->sector;
2308 else
2309 ret = s->hob_sector;
2310 break;
2311 case 4:
2312 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2313 ret = 0;
2314 else if (!hob)
2315 ret = s->lcyl;
2316 else
2317 ret = s->hob_lcyl;
2318 break;
2319 case 5:
2320 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2321 ret = 0;
2322 else if (!hob)
2323 ret = s->hcyl;
2324 else
2325 ret = s->hob_hcyl;
2326 break;
2327 case 6:
2328 if (!bus->ifs[0].bs && !bus->ifs[1].bs)
2329 ret = 0;
2330 else
2331 ret = s->select;
2332 break;
2333 default:
2334 case 7:
2335 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2336 (s != bus->ifs && !s->bs))
2337 ret = 0;
2338 else
2339 ret = s->status;
2340 qemu_irq_lower(bus->irq);
2341 break;
2342 }
2343 #ifdef DEBUG_IDE
2344 printf("ide: read addr=0x%x val=%02x\n", addr1, ret);
2345 #endif
2346 return ret;
2347 }
2348
2349 uint32_t ide_status_read(void *opaque, uint32_t addr)
2350 {
2351 IDEBus *bus = opaque;
2352 IDEState *s = idebus_active_if(bus);
2353 int ret;
2354
2355 if ((!bus->ifs[0].bs && !bus->ifs[1].bs) ||
2356 (s != bus->ifs && !s->bs))
2357 ret = 0;
2358 else
2359 ret = s->status;
2360 #ifdef DEBUG_IDE
2361 printf("ide: read status addr=0x%x val=%02x\n", addr, ret);
2362 #endif
2363 return ret;
2364 }
2365
2366 void ide_cmd_write(void *opaque, uint32_t addr, uint32_t val)
2367 {
2368 IDEBus *bus = opaque;
2369 IDEState *s;
2370 int i;
2371
2372 #ifdef DEBUG_IDE
2373 printf("ide: write control addr=0x%x val=%02x\n", addr, val);
2374 #endif
2375 /* common for both drives */
2376 if (!(bus->cmd & IDE_CMD_RESET) &&
2377 (val & IDE_CMD_RESET)) {
2378 /* reset low to high */
2379 for(i = 0;i < 2; i++) {
2380 s = &bus->ifs[i];
2381 s->status = BUSY_STAT | SEEK_STAT;
2382 s->error = 0x01;
2383 }
2384 } else if ((bus->cmd & IDE_CMD_RESET) &&
2385 !(val & IDE_CMD_RESET)) {
2386 /* high to low */
2387 for(i = 0;i < 2; i++) {
2388 s = &bus->ifs[i];
2389 if (s->drive_kind == IDE_CD)
2390 s->status = 0x00; /* NOTE: READY is _not_ set */
2391 else
2392 s->status = READY_STAT | SEEK_STAT;
2393 ide_set_signature(s);
2394 }
2395 }
2396
2397 bus->cmd = val;
2398 }
2399
2400 void ide_data_writew(void *opaque, uint32_t addr, uint32_t val)
2401 {
2402 IDEBus *bus = opaque;
2403 IDEState *s = idebus_active_if(bus);
2404 uint8_t *p;
2405
2406 /* PIO data access allowed only when DRQ bit is set */
2407 if (!(s->status & DRQ_STAT))
2408 return;
2409
2410 p = s->data_ptr;
2411 *(uint16_t *)p = le16_to_cpu(val);
2412 p += 2;
2413 s->data_ptr = p;
2414 if (p >= s->data_end)
2415 s->end_transfer_func(s);
2416 }
2417
2418 uint32_t ide_data_readw(void *opaque, uint32_t addr)
2419 {
2420 IDEBus *bus = opaque;
2421 IDEState *s = idebus_active_if(bus);
2422 uint8_t *p;
2423 int ret;
2424
2425 /* PIO data access allowed only when DRQ bit is set */
2426 if (!(s->status & DRQ_STAT))
2427 return 0;
2428
2429 p = s->data_ptr;
2430 ret = cpu_to_le16(*(uint16_t *)p);
2431 p += 2;
2432 s->data_ptr = p;
2433 if (p >= s->data_end)
2434 s->end_transfer_func(s);
2435 return ret;
2436 }
2437
2438 void ide_data_writel(void *opaque, uint32_t addr, uint32_t val)
2439 {
2440 IDEBus *bus = opaque;
2441 IDEState *s = idebus_active_if(bus);
2442 uint8_t *p;
2443
2444 /* PIO data access allowed only when DRQ bit is set */
2445 if (!(s->status & DRQ_STAT))
2446 return;
2447
2448 p = s->data_ptr;
2449 *(uint32_t *)p = le32_to_cpu(val);
2450 p += 4;
2451 s->data_ptr = p;
2452 if (p >= s->data_end)
2453 s->end_transfer_func(s);
2454 }
2455
2456 uint32_t ide_data_readl(void *opaque, uint32_t addr)
2457 {
2458 IDEBus *bus = opaque;
2459 IDEState *s = idebus_active_if(bus);
2460 uint8_t *p;
2461 int ret;
2462
2463 /* PIO data access allowed only when DRQ bit is set */
2464 if (!(s->status & DRQ_STAT))
2465 return 0;
2466
2467 p = s->data_ptr;
2468 ret = cpu_to_le32(*(uint32_t *)p);
2469 p += 4;
2470 s->data_ptr = p;
2471 if (p >= s->data_end)
2472 s->end_transfer_func(s);
2473 return ret;
2474 }
2475
2476 static void ide_dummy_transfer_stop(IDEState *s)
2477 {
2478 s->data_ptr = s->io_buffer;
2479 s->data_end = s->io_buffer;
2480 s->io_buffer[0] = 0xff;
2481 s->io_buffer[1] = 0xff;
2482 s->io_buffer[2] = 0xff;
2483 s->io_buffer[3] = 0xff;
2484 }
2485
2486 static void ide_reset(IDEState *s)
2487 {
2488 #ifdef DEBUG_IDE
2489 printf("ide: reset\n");
2490 #endif
2491 if (s->drive_kind == IDE_CFATA)
2492 s->mult_sectors = 0;
2493 else
2494 s->mult_sectors = MAX_MULT_SECTORS;
2495 /* ide regs */
2496 s->feature = 0;
2497 s->error = 0;
2498 s->nsector = 0;
2499 s->sector = 0;
2500 s->lcyl = 0;
2501 s->hcyl = 0;
2502
2503 /* lba48 */
2504 s->hob_feature = 0;
2505 s->hob_sector = 0;
2506 s->hob_nsector = 0;
2507 s->hob_lcyl = 0;
2508 s->hob_hcyl = 0;
2509
2510 s->select = 0xa0;
2511 s->status = READY_STAT | SEEK_STAT;
2512
2513 s->lba48 = 0;
2514
2515 /* ATAPI specific */
2516 s->sense_key = 0;
2517 s->asc = 0;
2518 s->cdrom_changed = 0;
2519 s->packet_transfer_size = 0;
2520 s->elementary_transfer_size = 0;
2521 s->io_buffer_index = 0;
2522 s->cd_sector_size = 0;
2523 s->atapi_dma = 0;
2524 /* ATA DMA state */
2525 s->io_buffer_size = 0;
2526 s->req_nb_sectors = 0;
2527
2528 ide_set_signature(s);
2529 /* init the transfer handler so that 0xffff is returned on data
2530 accesses */
2531 s->end_transfer_func = ide_dummy_transfer_stop;
2532 ide_dummy_transfer_stop(s);
2533 s->media_changed = 0;
2534 }
2535
2536 void ide_bus_reset(IDEBus *bus)
2537 {
2538 bus->unit = 0;
2539 bus->cmd = 0;
2540 ide_reset(&bus->ifs[0]);
2541 ide_reset(&bus->ifs[1]);
2542 ide_clear_hob(bus);
2543
2544 /* pending async DMA */
2545 if (bus->dma->aiocb) {
2546 #ifdef DEBUG_AIO
2547 printf("aio_cancel\n");
2548 #endif
2549 bdrv_aio_cancel(bus->dma->aiocb);
2550 bus->dma->aiocb = NULL;
2551 }
2552
2553 /* reset dma provider too */
2554 bus->dma->ops->reset(bus->dma);
2555 }
2556
2557 int ide_init_drive(IDEState *s, BlockDriverState *bs,
2558 const char *version, const char *serial)
2559 {
2560 int cylinders, heads, secs;
2561 uint64_t nb_sectors;
2562
2563 s->bs = bs;
2564 bdrv_get_geometry(bs, &nb_sectors);
2565 bdrv_guess_geometry(bs, &cylinders, &heads, &secs);
2566 if (cylinders < 1 || cylinders > 16383) {
2567 error_report("cyls must be between 1 and 16383");
2568 return -1;
2569 }
2570 if (heads < 1 || heads > 16) {
2571 error_report("heads must be between 1 and 16");
2572 return -1;
2573 }
2574 if (secs < 1 || secs > 63) {
2575 error_report("secs must be between 1 and 63");
2576 return -1;
2577 }
2578 s->cylinders = cylinders;
2579 s->heads = heads;
2580 s->sectors = secs;
2581 s->nb_sectors = nb_sectors;
2582 /* The SMART values should be preserved across power cycles
2583 but they aren't. */
2584 s->smart_enabled = 1;
2585 s->smart_autosave = 1;
2586 s->smart_errors = 0;
2587 s->smart_selftest_count = 0;
2588 if (bdrv_get_type_hint(bs) == BDRV_TYPE_CDROM) {
2589 s->drive_kind = IDE_CD;
2590 bdrv_set_change_cb(bs, cdrom_change_cb, s);
2591 bs->buffer_alignment = 2048;
2592 } else {
2593 if (!bdrv_is_inserted(s->bs)) {
2594 error_report("Device needs media, but drive is empty");
2595 return -1;
2596 }
2597 if (bdrv_is_read_only(bs)) {
2598 error_report("Can't use a read-only drive");
2599 return -1;
2600 }
2601 }
2602 if (serial) {
2603 strncpy(s->drive_serial_str, serial, sizeof(s->drive_serial_str));
2604 } else {
2605 snprintf(s->drive_serial_str, sizeof(s->drive_serial_str),
2606 "QM%05d", s->drive_serial);
2607 }
2608 if (version) {
2609 pstrcpy(s->version, sizeof(s->version), version);
2610 } else {
2611 pstrcpy(s->version, sizeof(s->version), QEMU_VERSION);
2612 }
2613
2614 ide_reset(s);
2615 bdrv_set_removable(bs, s->drive_kind == IDE_CD);
2616 return 0;
2617 }
2618
2619 static void ide_init1(IDEBus *bus, int unit)
2620 {
2621 static int drive_serial = 1;
2622 IDEState *s = &bus->ifs[unit];
2623
2624 s->bus = bus;
2625 s->unit = unit;
2626 s->drive_serial = drive_serial++;
2627 /* we need at least 2k alignment for accessing CDROMs using O_DIRECT */
2628 s->io_buffer = qemu_memalign(2048, IDE_DMA_BUF_SECTORS*512 + 4);
2629 s->io_buffer_total_len = IDE_DMA_BUF_SECTORS*512 + 4;
2630 s->smart_selftest_data = qemu_blockalign(s->bs, 512);
2631 s->sector_write_timer = qemu_new_timer_ns(vm_clock,
2632 ide_sector_write_timer_cb, s);
2633 }
2634
2635 static void ide_nop_start(IDEDMA *dma, IDEState *s,
2636 BlockDriverCompletionFunc *cb)
2637 {
2638 }
2639
2640 static int ide_nop(IDEDMA *dma)
2641 {
2642 return 0;
2643 }
2644
2645 static int ide_nop_int(IDEDMA *dma, int x)
2646 {
2647 return 0;
2648 }
2649
2650 static void ide_nop_restart(void *opaque, int x, int y)
2651 {
2652 }
2653
2654 static const IDEDMAOps ide_dma_nop_ops = {
2655 .start_dma = ide_nop_start,
2656 .start_transfer = ide_nop,
2657 .prepare_buf = ide_nop_int,
2658 .rw_buf = ide_nop_int,
2659 .set_unit = ide_nop_int,
2660 .add_status = ide_nop_int,
2661 .set_inactive = ide_nop,
2662 .restart_cb = ide_nop_restart,
2663 .reset = ide_nop,
2664 };
2665
2666 static IDEDMA ide_dma_nop = {
2667 .ops = &ide_dma_nop_ops,
2668 .aiocb = NULL,
2669 };
2670
2671 void ide_init2(IDEBus *bus, qemu_irq irq)
2672 {
2673 int i;
2674
2675 for(i = 0; i < 2; i++) {
2676 ide_init1(bus, i);
2677 ide_reset(&bus->ifs[i]);
2678 }
2679 bus->irq = irq;
2680 bus->dma = &ide_dma_nop;
2681 }
2682
2683 /* TODO convert users to qdev and remove */
2684 void ide_init2_with_non_qdev_drives(IDEBus *bus, DriveInfo *hd0,
2685 DriveInfo *hd1, qemu_irq irq)
2686 {
2687 int i;
2688 DriveInfo *dinfo;
2689
2690 for(i = 0; i < 2; i++) {
2691 dinfo = i == 0 ? hd0 : hd1;
2692 ide_init1(bus, i);
2693 if (dinfo) {
2694 if (ide_init_drive(&bus->ifs[i], dinfo->bdrv, NULL,
2695 *dinfo->serial ? dinfo->serial : NULL) < 0) {
2696 error_report("Can't set up IDE drive %s", dinfo->id);
2697 exit(1);
2698 }
2699 } else {
2700 ide_reset(&bus->ifs[i]);
2701 }
2702 }
2703 bus->irq = irq;
2704 bus->dma = &ide_dma_nop;
2705 }
2706
2707 void ide_init_ioport(IDEBus *bus, int iobase, int iobase2)
2708 {
2709 register_ioport_write(iobase, 8, 1, ide_ioport_write, bus);
2710 register_ioport_read(iobase, 8, 1, ide_ioport_read, bus);
2711 if (iobase2) {
2712 register_ioport_read(iobase2, 1, 1, ide_status_read, bus);
2713 register_ioport_write(iobase2, 1, 1, ide_cmd_write, bus);
2714 }
2715
2716 /* data ports */
2717 register_ioport_write(iobase, 2, 2, ide_data_writew, bus);
2718 register_ioport_read(iobase, 2, 2, ide_data_readw, bus);
2719 register_ioport_write(iobase, 4, 4, ide_data_writel, bus);
2720 register_ioport_read(iobase, 4, 4, ide_data_readl, bus);
2721 }
2722
2723 static bool is_identify_set(void *opaque, int version_id)
2724 {
2725 IDEState *s = opaque;
2726
2727 return s->identify_set != 0;
2728 }
2729
2730 static EndTransferFunc* transfer_end_table[] = {
2731 ide_sector_read,
2732 ide_sector_write,
2733 ide_transfer_stop,
2734 ide_atapi_cmd_reply_end,
2735 ide_atapi_cmd,
2736 ide_dummy_transfer_stop,
2737 };
2738
2739 static int transfer_end_table_idx(EndTransferFunc *fn)
2740 {
2741 int i;
2742
2743 for (i = 0; i < ARRAY_SIZE(transfer_end_table); i++)
2744 if (transfer_end_table[i] == fn)
2745 return i;
2746
2747 return -1;
2748 }
2749
2750 static int ide_drive_post_load(void *opaque, int version_id)
2751 {
2752 IDEState *s = opaque;
2753
2754 if (version_id < 3) {
2755 if (s->sense_key == SENSE_UNIT_ATTENTION &&
2756 s->asc == ASC_MEDIUM_MAY_HAVE_CHANGED) {
2757 s->cdrom_changed = 1;
2758 }
2759 }
2760 return 0;
2761 }
2762
2763 static int ide_drive_pio_post_load(void *opaque, int version_id)
2764 {
2765 IDEState *s = opaque;
2766
2767 if (s->end_transfer_fn_idx > ARRAY_SIZE(transfer_end_table)) {
2768 return -EINVAL;
2769 }
2770 s->end_transfer_func = transfer_end_table[s->end_transfer_fn_idx];
2771 s->data_ptr = s->io_buffer + s->cur_io_buffer_offset;
2772 s->data_end = s->data_ptr + s->cur_io_buffer_len;
2773
2774 return 0;
2775 }
2776
2777 static void ide_drive_pio_pre_save(void *opaque)
2778 {
2779 IDEState *s = opaque;
2780 int idx;
2781
2782 s->cur_io_buffer_offset = s->data_ptr - s->io_buffer;
2783 s->cur_io_buffer_len = s->data_end - s->data_ptr;
2784
2785 idx = transfer_end_table_idx(s->end_transfer_func);
2786 if (idx == -1) {
2787 fprintf(stderr, "%s: invalid end_transfer_func for DRQ_STAT\n",
2788 __func__);
2789 s->end_transfer_fn_idx = 2;
2790 } else {
2791 s->end_transfer_fn_idx = idx;
2792 }
2793 }
2794
2795 static bool ide_drive_pio_state_needed(void *opaque)
2796 {
2797 IDEState *s = opaque;
2798
2799 return (s->status & DRQ_STAT) != 0;
2800 }
2801
2802 const VMStateDescription vmstate_ide_drive_pio_state = {
2803 .name = "ide_drive/pio_state",
2804 .version_id = 1,
2805 .minimum_version_id = 1,
2806 .minimum_version_id_old = 1,
2807 .pre_save = ide_drive_pio_pre_save,
2808 .post_load = ide_drive_pio_post_load,
2809 .fields = (VMStateField []) {
2810 VMSTATE_INT32(req_nb_sectors, IDEState),
2811 VMSTATE_VARRAY_INT32(io_buffer, IDEState, io_buffer_total_len, 1,
2812 vmstate_info_uint8, uint8_t),
2813 VMSTATE_INT32(cur_io_buffer_offset, IDEState),
2814 VMSTATE_INT32(cur_io_buffer_len, IDEState),
2815 VMSTATE_UINT8(end_transfer_fn_idx, IDEState),
2816 VMSTATE_INT32(elementary_transfer_size, IDEState),
2817 VMSTATE_INT32(packet_transfer_size, IDEState),
2818 VMSTATE_END_OF_LIST()
2819 }
2820 };
2821
2822 const VMStateDescription vmstate_ide_drive = {
2823 .name = "ide_drive",
2824 .version_id = 3,
2825 .minimum_version_id = 0,
2826 .minimum_version_id_old = 0,
2827 .post_load = ide_drive_post_load,
2828 .fields = (VMStateField []) {
2829 VMSTATE_INT32(mult_sectors, IDEState),
2830 VMSTATE_INT32(identify_set, IDEState),
2831 VMSTATE_BUFFER_TEST(identify_data, IDEState, is_identify_set),
2832 VMSTATE_UINT8(feature, IDEState),
2833 VMSTATE_UINT8(error, IDEState),
2834 VMSTATE_UINT32(nsector, IDEState),
2835 VMSTATE_UINT8(sector, IDEState),
2836 VMSTATE_UINT8(lcyl, IDEState),
2837 VMSTATE_UINT8(hcyl, IDEState),
2838 VMSTATE_UINT8(hob_feature, IDEState),
2839 VMSTATE_UINT8(hob_sector, IDEState),
2840 VMSTATE_UINT8(hob_nsector, IDEState),
2841 VMSTATE_UINT8(hob_lcyl, IDEState),
2842 VMSTATE_UINT8(hob_hcyl, IDEState),
2843 VMSTATE_UINT8(select, IDEState),
2844 VMSTATE_UINT8(status, IDEState),
2845 VMSTATE_UINT8(lba48, IDEState),
2846 VMSTATE_UINT8(sense_key, IDEState),
2847 VMSTATE_UINT8(asc, IDEState),
2848 VMSTATE_UINT8_V(cdrom_changed, IDEState, 3),
2849 VMSTATE_END_OF_LIST()
2850 },
2851 .subsections = (VMStateSubsection []) {
2852 {
2853 .vmsd = &vmstate_ide_drive_pio_state,
2854 .needed = ide_drive_pio_state_needed,
2855 }, {
2856 /* empty */
2857 }
2858 }
2859 };
2860
2861 const VMStateDescription vmstate_ide_bus = {
2862 .name = "ide_bus",
2863 .version_id = 1,
2864 .minimum_version_id = 1,
2865 .minimum_version_id_old = 1,
2866 .fields = (VMStateField []) {
2867 VMSTATE_UINT8(cmd, IDEBus),
2868 VMSTATE_UINT8(unit, IDEBus),
2869 VMSTATE_END_OF_LIST()
2870 }
2871 };
2872
2873 void ide_drive_get(DriveInfo **hd, int max_bus)
2874 {
2875 int i;
2876
2877 if (drive_get_max_bus(IF_IDE) >= max_bus) {
2878 fprintf(stderr, "qemu: too many IDE bus: %d\n", max_bus);
2879 exit(1);
2880 }
2881
2882 for(i = 0; i < max_bus * MAX_IDE_DEVS; i++) {
2883 hd[i] = drive_get(IF_IDE, i / MAX_IDE_DEVS, i % MAX_IDE_DEVS);
2884 }
2885 }
CRIS target port of Qemu